OpenThread CLI - CoAPS Example
The OpenThread CoAPS APIs may be invoked via the OpenThread CLI.
Quick Start
Form Network
Form a network with at least two devices.
Configure DTLS ciphersuite.
CoAPS uses DTLS to establish a secure, end-to-end connection.
This example supports two ciphersuites:
-
TLS_PSK_WITH_AES_128_CCM_8
> coaps psk <your-psk> <your-psk-id> Done
-
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
> coaps x509 Done
The X.509 certificate stored in
core/cli/x509_cert_key.hpp
.
Node 1
On node 1, setup CoAPS server with resource test-resource
.
> coaps start
Done
> coaps resource test-resource
Done
Node 2
> coaps start
Done
> coaps connect <peer-ip6-address>
Done
coaps connected
> coaps get test-resource
Done
coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 with payload: 68656c6c6f576f726c6400
> coaps put test-resource con payload
Done
coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744
Result
On node 1, you should see output similar to below:
coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 GET
coaps response sent
coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 PUT with payload: 7061796c6f6164
coaps response sent
Generate Elliptic Curve Private Key and X.509 Certificate
EC Private Key
> openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem
X.509 Certificate
> openssl req -x509 -new -key ec_private.pem -out x509_cert.pem -days 30
Command List
Command Details
help
> coaps help
help
connect
delete
disconnect
get
post
psk
put
resource
set
start
stop
x509
Done
List the CoAPS CLI commands.
connect <address>
Establish DTLS session.
- address: IPv6 address of the peer.
> coaps connect fdde:ad00:beef:0:9903:14b:27e0:5744
Done
coaps connected
delete <uri-path> [type] [payload]
- uri-path: URI path of the resource.
- type: "con" for Confirmable or "non-con" for Non-confirmable (default).
- payload: CoAPS request payload.
> coaps delete test-resource con payload
Done
disconnect
> coaps disconnect
coaps disconnected
Done
get <uri-path> [type]
- uri-path: URI path of the resource.
- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-" if the response should be transferred block-wise. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024")
> coaps get test-resource
Done
> coaps get test-resource block-1024
Done
post <uri-path> [type] [payload]
- uri-path: URI path of the resource.
- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024")
- payload: CoAP request payload. If [type] is "block-", the amount of blocks to be sent can be set here.
> coaps post test-resource con payload
Done
> coaps post test-resource block-1024 10
Done
psk <psk> <pskid>
Set DTLS ciphersuite to TLS_PSK_WITH_AES_128_CCM_8
.
- psk: pre-shared key
- pskid: pre-shared key identifier
> coaps psk 123 pskid
Done
put <uri-path> [type] [payload]
- uri-path: URI path of the resource.
- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024")
- payload: CoAP request payload. If [type] is "block-", the amount of blocks to be sent can be set here.
> coaps put test-resource con payload
Done
> coaps put test-resource block-1024 10
Done
resource [uri-path]
Sets the URI path for the test resource.
> coaps resource test-resource
Done
> coaps resource
test-resource
Done
set [new-content]
Sets the content sent by the test resource.
> coaps set Testing123
Done
start
Starts the application coaps service.
- checkPeerCert: Peer Certificate Check can be disabled by typing false.
> coaps start
Done
stop
Stops the application coaps service.
> coaps stop
Done
x509
Set DTLS ciphersuite to TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
.
The X.509 certificate stored in src/cli/x509_cert_key.hpp
.
> coaps x509
Done