1# OpenThread CLI - CoAPS Example 2 3The OpenThread CoAPS APIs may be invoked via the OpenThread CLI. 4 5## Quick Start 6 7### Form Network 8 9Form a network with at least two devices. 10 11### Configure DTLS ciphersuite. 12 13CoAPS uses DTLS to establish a secure, end-to-end connection. 14 15This example supports two ciphersuites: 16 17- TLS_PSK_WITH_AES_128_CCM_8 18 19 ```bash 20 > coaps psk <your-psk> <your-psk-id> 21 Done 22 ``` 23 24- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 25 ```bash 26 > coaps x509 27 Done 28 ``` 29 The X.509 certificate stored in `core/cli/x509_cert_key.hpp`. 30 31### Node 1 32 33On node 1, setup CoAPS server with resource `test-resource`. 34 35```bash 36> coaps start 37Done 38> coaps resource test-resource 39Done 40``` 41 42### Node 2 43 44```bash 45> coaps start 46Done 47> coaps connect <peer-ip6-address> 48Done 49coaps connected 50> coaps get test-resource 51Done 52coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 with payload: 68656c6c6f576f726c6400 53> coaps put test-resource con payload 54Done 55coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 56``` 57 58### Result 59 60On node 1, you should see output similar to below: 61 62```bash 63coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 GET 64coaps response sent 65coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 PUT with payload: 7061796c6f6164 66coaps response sent 67``` 68 69## Generate Elliptic Curve Private Key and X.509 Certificate 70 71### EC Private Key 72 73```bash 74> openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem 75``` 76 77### X.509 Certificate 78 79```bash 80> openssl req -x509 -new -key ec_private.pem -out x509_cert.pem -days 30 81``` 82 83## Command List 84 85- [help](#help) 86- [connect](#connect-address) 87- [delete](#delete-uri-path-type-payload) 88- [disconnect](#disconnect) 89- [get](#get-uri-path-type) 90- [post](#post-uri-path-type-payload) 91- [psk](#psk-psk-pskid) 92- [put](#put-uri-path-type-payload) 93- [resource](#resource-uri-path) 94- [set](#set-new-content) 95- [start](#start) 96- [stop](#stop) 97- [x509](#x509) 98 99## Command Details 100 101### help 102 103```bash 104> coaps help 105help 106connect 107delete 108disconnect 109get 110post 111psk 112put 113resource 114set 115start 116stop 117x509 118Done 119``` 120 121List the CoAPS CLI commands. 122 123### connect \<address\> 124 125Establish DTLS session. 126 127- address: IPv6 address of the peer. 128 129```bash 130> coaps connect fdde:ad00:beef:0:9903:14b:27e0:5744 131Done 132coaps connected 133``` 134 135### delete \<uri-path\> \[type\] \[payload\] 136 137- uri-path: URI path of the resource. 138- type: "con" for Confirmable or "non-con" for Non-confirmable (default). 139- payload: CoAPS request payload. 140 141```bash 142> coaps delete test-resource con payload 143Done 144``` 145 146### disconnect 147 148```bash 149> coaps disconnect 150coaps disconnected 151Done 152``` 153 154### get \<uri-path\> \[type\] 155 156- uri-path: URI path of the resource. 157- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" if the response should be transferred block-wise. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 158 159```bash 160> coaps get test-resource 161Done 162``` 163 164```bash 165> coaps get test-resource block-1024 166Done 167``` 168 169### post \<uri-path\> \[type\] \[payload\] 170 171- uri-path: URI path of the resource. 172- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 173- payload: CoAP request payload. If \[type\] is "block-<block-size>", the amount of blocks to be sent can be set here. 174 175```bash 176> coaps post test-resource con payload 177Done 178``` 179 180```bash 181> coaps post test-resource block-1024 10 182Done 183``` 184 185### psk \<psk\> \<pskid\> 186 187Set DTLS ciphersuite to `TLS_PSK_WITH_AES_128_CCM_8`. 188 189- psk: pre-shared key 190- pskid: pre-shared key identifier 191 192```bash 193> coaps psk 123 pskid 194Done 195``` 196 197### put \<uri-path\> \[type\] \[payload\] 198 199- uri-path: URI path of the resource. 200- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 201- payload: CoAP request payload. If \[type\] is "block-<block-size>", the amount of blocks to be sent can be set here. 202 203```bash 204> coaps put test-resource con payload 205Done 206``` 207 208```bash 209> coaps put test-resource block-1024 10 210Done 211``` 212 213### resource \[uri-path\] 214 215Sets the URI path for the test resource. 216 217```bash 218> coaps resource test-resource 219Done 220> coaps resource 221test-resource 222Done 223``` 224 225### set \[new-content\] 226 227Sets the content sent by the test resource. 228 229```bash 230> coaps set Testing123 231Done 232``` 233 234### start 235 236Starts the application coaps service. 237 238- checkPeerCert: Peer Certificate Check can be disabled by typing false. 239 240```bash 241> coaps start 242Done 243``` 244 245### stop 246 247Stops the application coaps service. 248 249```bash 250> coaps stop 251Done 252``` 253 254### x509 255 256Set DTLS ciphersuite to `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8`. 257 258The X.509 certificate stored in [`src/cli/x509_cert_key.hpp`](x509_cert_key.hpp). 259 260```bash 261> coaps x509 262Done 263``` 264