Description
This LwM2M Object provides the keying material and related information of a LwM2M Client appropriate to access a specified LwM2M Server using OSCORE. One Object Instance MAY address a LwM2M Bootstrap-Server. These LwM2M Object Resources MUST only be changed by a LwM2M Bootstrap-Server or Bootstrap from Smartcard and MUST NOT be accessible by any other LwM2M Server. Instances of this Object are linked from Instances of Object 0 using the OSCORE Security Mode Resource of Object 0. Instances of this Object MUST NOT be linked from more than one Instance of Object 0.
Object definition
| Name | Object ID | Object Version | LWM2M Version |
| LWM2M OSCORE | 21 | 1.0 | 1.1 |
| Object URN | Instances | Mandatory | |
| urn:oma:lwm2m:oma:21 | Multiple | Optional | |
Resource definitions
| ID | Name | Operations | Instances | Mandatory | Type | Range or Enumeration | Units | Description |
|---|---|---|---|---|---|---|---|---|
| 0 | OSCORE Master Secret | Single | Mandatory | String | This resource MUST be used to store the pre-shared key used in LwM2M Client and LwM2M Server/Bootstrap-Server, called the Master Secret. | |||
| 1 | OSCORE Sender ID | Single | Mandatory | String | This resource MUST store an OSCORE identifier for the LwM2M Client called the Sender ID. | |||
| 2 | OSCORE Recipient ID | Single | Mandatory | String | This resource MUST store an OSCORE identifier for the LwM2M Client called the Recipient ID. | |||
| 3 | OSCORE AEAD Algorithm | Single | Optional | Integer | This resource MUST be used to store the encoding of the AEAD Algorithm as defined in Table 10 of RFC 8152. The AEAD is used by OSCORE for encryption and integrity protection of CoAP message fields. | |||
| 4 | OSCORE HMAC Algorithm | Single | Optional | Integer | This resource MUST be used to store the encoding of the HMAC Algorithm used in the HKDF. The encoding of HMAC algorithms are defined in Table 7 of RFC 8152. The HKDF is used to derive the security context used by OSCORE. | |||
| 5 | OSCORE Master Salt | Single | Optional | String | This resource MUST be used to store a non-secret random value called the Master Salt. The Master Salt is used to derive the security context used by OSCORE. |