mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2024-12-29 04:50:03 +01:00
example/gcoap: add DTLS support
This commit is contained in:
parent
23a8659bdf
commit
0a8eaea889
@ -30,6 +30,28 @@
|
||||
#define ENABLE_DEBUG 0
|
||||
#include "debug.h"
|
||||
|
||||
#if IS_USED(MODULE_GCOAP_DTLS)
|
||||
#include "net/credman.h"
|
||||
#include "net/dsm.h"
|
||||
#include "tinydtls_keys.h"
|
||||
|
||||
/* Example credential tag for credman. Tag together with the credential type needs to be unique. */
|
||||
#define GCOAP_DTLS_CREDENTIAL_TAG 10
|
||||
|
||||
static const uint8_t psk_id_0[] = PSK_DEFAULT_IDENTITY;
|
||||
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
|
||||
static const credman_credential_t credential = {
|
||||
.type = CREDMAN_TYPE_PSK,
|
||||
.tag = GCOAP_DTLS_CREDENTIAL_TAG,
|
||||
.params = {
|
||||
.psk = {
|
||||
.key = { .s = psk_key_0, .len = sizeof(psk_key_0) - 1, },
|
||||
.id = { .s = psk_id_0, .len = sizeof(psk_id_0) - 1, },
|
||||
}
|
||||
},
|
||||
};
|
||||
#endif
|
||||
|
||||
static bool _proxied = false;
|
||||
static sock_udp_ep_t _proxy_remote;
|
||||
static char proxy_uri[64];
|
||||
@ -316,7 +338,16 @@ int gcoap_cli_cmd(int argc, char **argv)
|
||||
if (strcmp(argv[1], "info") == 0) {
|
||||
uint8_t open_reqs = gcoap_op_state();
|
||||
|
||||
if (IS_USED(MODULE_GCOAP_DTLS)) {
|
||||
printf("CoAP server is listening on port %u\n", CONFIG_GCOAPS_PORT);
|
||||
} else {
|
||||
printf("CoAP server is listening on port %u\n", CONFIG_GCOAP_PORT);
|
||||
}
|
||||
#if IS_USED(MODULE_GCOAP_DTLS)
|
||||
printf("Connection secured with DTLS\n");
|
||||
printf("Free DTLS session slots: %d/%d\n", dsm_get_num_available_slots(),
|
||||
dsm_get_num_maximum_slots());
|
||||
#endif
|
||||
printf(" CLI requests sent: %u\n", req_count);
|
||||
printf("CoAP open requests: %u\n", open_reqs);
|
||||
printf("Configured Proxy: ");
|
||||
@ -466,5 +497,19 @@ int gcoap_cli_cmd(int argc, char **argv)
|
||||
|
||||
void gcoap_cli_init(void)
|
||||
{
|
||||
#if IS_USED(MODULE_GCOAP_DTLS)
|
||||
int res = credman_add(&credential);
|
||||
if (res < 0 && res != CREDMAN_EXIST) {
|
||||
/* ignore duplicate credentials */
|
||||
printf("gcoap: cannot add credential to system: %d\n", res);
|
||||
return;
|
||||
}
|
||||
sock_dtls_t *gcoap_sock_dtls = gcoap_get_sock_dtls();
|
||||
res = sock_dtls_add_credential(gcoap_sock_dtls, GCOAP_DTLS_CREDENTIAL_TAG);
|
||||
if (res < 0) {
|
||||
printf("gcoap: cannot add credential to DTLS sock: %d\n", res);
|
||||
}
|
||||
#endif
|
||||
|
||||
gcoap_register_listener(&_listener);
|
||||
}
|
||||
|
85
examples/gcoap_dtls/Makefile
Normal file
85
examples/gcoap_dtls/Makefile
Normal file
@ -0,0 +1,85 @@
|
||||
# Default Makefile, for host native GNRC-based networking
|
||||
|
||||
# name of your application
|
||||
APPLICATION = gcoap_example
|
||||
|
||||
# If no BOARD is found in the environment, use this default:
|
||||
BOARD ?= native
|
||||
|
||||
# This has to be the absolute path to the RIOT base directory:
|
||||
RIOTBASE ?= $(CURDIR)/../..
|
||||
|
||||
# Include packages that pull up and auto-init the link layer.
|
||||
# NOTE: 6LoWPAN will be included if IEEE802.15.4 devices are present
|
||||
USEMODULE += gnrc_netdev_default
|
||||
USEMODULE += auto_init_gnrc_netif
|
||||
# Specify the mandatory networking modules
|
||||
USEMODULE += gnrc_ipv6_default
|
||||
USEMODULE += gcoap
|
||||
# Additional networking modules that can be dropped if not needed
|
||||
USEMODULE += gnrc_icmpv6_echo
|
||||
|
||||
# Required by gcoap example
|
||||
USEMODULE += od
|
||||
USEMODULE += fmt
|
||||
# Add also the shell, some shell commands
|
||||
USEMODULE += shell
|
||||
USEMODULE += shell_commands
|
||||
USEMODULE += ps
|
||||
|
||||
# Comment this out to disable code in RIOT that does safety checking
|
||||
# which is not needed in a production environment but helps in the
|
||||
# development process:
|
||||
DEVELHELP ?= 1
|
||||
|
||||
# Change this to 0 show compiler invocation lines by default:
|
||||
QUIET ?= 1
|
||||
|
||||
# Enables DTLS-secured CoAP messaging
|
||||
GCOAP_ENABLE_DTLS ?= 1
|
||||
ifeq (1,$(GCOAP_ENABLE_DTLS))
|
||||
# Required by DTLS. Currently, only tinyDTLS is supported by sock_dtls.
|
||||
USEPKG += tinydtls
|
||||
USEMODULE += sock_dtls
|
||||
USEMODULE += tinydtls_sock_dtls
|
||||
USEMODULE += gcoap_dtls
|
||||
# tinydtls needs crypto secure PRNG
|
||||
USEMODULE += prng_sha1prng
|
||||
|
||||
# Maximum number of DTLS sessions
|
||||
CFLAGS += -DDTLS_PEER_MAX=1
|
||||
endif
|
||||
|
||||
# Instead of simulating an Ethernet connection, we can also simulate
|
||||
# an IEEE 802.15.4 radio using ZEP
|
||||
USE_ZEP ?= 0
|
||||
|
||||
# set the ZEP port for native
|
||||
ZEP_PORT_BASE ?= 17754
|
||||
ifeq (1,$(USE_ZEP))
|
||||
TERMFLAGS += -z [::1]:$(ZEP_PORT_BASE)
|
||||
USEMODULE += socket_zep
|
||||
|
||||
ifneq (,$(ZEP_MAC))
|
||||
TERMFLAGS += --eui64=$(ZEP_MAC)
|
||||
endif
|
||||
endif
|
||||
|
||||
include $(RIOTBASE)/Makefile.include
|
||||
|
||||
# For now this goes after the inclusion of Makefile.include so Kconfig symbols
|
||||
# are available. Only set configuration via CFLAGS if Kconfig is not being used
|
||||
# for this module.
|
||||
ifndef CONFIG_KCONFIG_MODULE_GCOAP
|
||||
## Uncomment to redefine port, for example use 61616 for RFC 6282 UDP compression.
|
||||
#GCOAP_PORT = 5683
|
||||
#CFLAGS += -DCONFIG_GCOAP_PORT=$(GCOAP_PORT)
|
||||
|
||||
## Uncomment to redefine request token length, max 8.
|
||||
#GCOAP_TOKENLEN = 2
|
||||
#CFLAGS += -DCONFIG_GCOAP_TOKENLEN=$(GCOAP_TOKENLEN)
|
||||
|
||||
# Increase from default for confirmable block2 follow-on requests
|
||||
GCOAP_RESEND_BUFS_MAX ?= 2
|
||||
CFLAGS += -DCONFIG_GCOAP_RESEND_BUFS_MAX=$(GCOAP_RESEND_BUFS_MAX)
|
||||
endif
|
53
examples/gcoap_dtls/Makefile.ci
Normal file
53
examples/gcoap_dtls/Makefile.ci
Normal file
@ -0,0 +1,53 @@
|
||||
BOARD_INSUFFICIENT_MEMORY := \
|
||||
airfy-beacon \
|
||||
blackpill \
|
||||
bluepill \
|
||||
hifive1 \
|
||||
hifive1b \
|
||||
im880b \
|
||||
microbit \
|
||||
nrf51dongle \
|
||||
nrf6310 \
|
||||
nucleo-f070rb \
|
||||
nucleo-f072rb \
|
||||
nucleo-f302r8 \
|
||||
saml10-xpro \
|
||||
saml11-xpro \
|
||||
stm32mp157c-dk2 \
|
||||
yunjia-nrf51822 \
|
||||
arduino-duemilanove \
|
||||
arduino-leonardo \
|
||||
arduino-mega2560 \
|
||||
arduino-nano \
|
||||
arduino-uno \
|
||||
atmega1284p \
|
||||
atmega328p \
|
||||
atmega328p-xplained-mini \
|
||||
atxmega-a1u-xpro \
|
||||
atxmega-a3bu-xplained \
|
||||
bluepill-stm32f030c8 \
|
||||
derfmega128 \
|
||||
i-nucleo-lrwan1 \
|
||||
mega-xplained \
|
||||
microduino-corerf \
|
||||
msb-430 \
|
||||
msb-430h \
|
||||
nucleo-f030r8 \
|
||||
nucleo-f031k6 \
|
||||
nucleo-f042k6 \
|
||||
nucleo-f303k8 \
|
||||
nucleo-f334r8 \
|
||||
nucleo-l011k4 \
|
||||
nucleo-l031k6 \
|
||||
nucleo-l053r8 \
|
||||
samd10-xmini \
|
||||
slstk3400a \
|
||||
stk3200 \
|
||||
stm32f030f4-demo \
|
||||
stm32f0discovery \
|
||||
stm32l0538-disco \
|
||||
telosb \
|
||||
waspmote-pro \
|
||||
z1 \
|
||||
zigduino \
|
||||
#
|
1
examples/gcoap_dtls/Makefile.slip
Symbolic link
1
examples/gcoap_dtls/Makefile.slip
Symbolic link
@ -0,0 +1 @@
|
||||
../gcoap/Makefile.slip
|
12
examples/gcoap_dtls/README.md
Normal file
12
examples/gcoap_dtls/README.md
Normal file
@ -0,0 +1,12 @@
|
||||
## About
|
||||
|
||||
This is an additional gcoap example, but with enabled DTLS. It only provides a
|
||||
custom configured makefile, while the code is a symlink to the original gcoap
|
||||
example. Therefore, the infos and usage notes of the other README also applies to this
|
||||
example.
|
||||
|
||||
Please note, that with DTLS the default port is 5684 and not 5683, thus CoAP requests
|
||||
must be sent to this port.
|
||||
|
||||
Since DTLS has higher memory and and ROM requirements, more boards are blacklisted
|
||||
for this example compared to the non-DTLS gcoap example.
|
1
examples/gcoap_dtls/gcoap_cli.c
Symbolic link
1
examples/gcoap_dtls/gcoap_cli.c
Symbolic link
@ -0,0 +1 @@
|
||||
../gcoap/gcoap_cli.c
|
1
examples/gcoap_dtls/main.c
Symbolic link
1
examples/gcoap_dtls/main.c
Symbolic link
@ -0,0 +1 @@
|
||||
../gcoap/main.c
|
63
examples/gcoap_dtls/tinydtls_keys.h
Normal file
63
examples/gcoap_dtls/tinydtls_keys.h
Normal file
@ -0,0 +1,63 @@
|
||||
/*
|
||||
* Copyright (C) 2018 Inria
|
||||
*
|
||||
* This file is subject to the terms and conditions of the GNU Lesser
|
||||
* General Public License v2.1. See the file LICENSE in the top level
|
||||
* directory for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @ingroup examples
|
||||
* @{
|
||||
*
|
||||
* @file
|
||||
* @brief PSK and RPK keys for the dtls-sock example.
|
||||
*
|
||||
* @author Raul Fuentes <raul.fuentes-samaniego@inria.fr>
|
||||
*
|
||||
* @}
|
||||
*/
|
||||
|
||||
#ifndef TINYDTLS_KEYS_H
|
||||
#define TINYDTLS_KEYS_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
|
||||
*/
|
||||
#define PSK_DEFAULT_IDENTITY "Client_identity"
|
||||
#define PSK_DEFAULT_KEY "secretPSK"
|
||||
#define PSK_OPTIONS "i:k:"
|
||||
#define PSK_ID_MAXLEN 32
|
||||
#define PSK_MAXLEN 32
|
||||
|
||||
#ifdef CONFIG_DTLS_ECC
|
||||
static const unsigned char ecdsa_priv_key[] = {
|
||||
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
|
||||
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
|
||||
0x89, 0x6A, 0x33, 0xBB, 0xAD, 0x72, 0x94, 0xCA,
|
||||
0x40, 0x14, 0x55, 0xA1, 0x94, 0xA9, 0x49, 0xFA
|
||||
};
|
||||
|
||||
static const unsigned char ecdsa_pub_key_x[] = {
|
||||
0x36, 0xDF, 0xE2, 0xC6, 0xF9, 0xF2, 0xED, 0x29,
|
||||
0xDA, 0x0A, 0x9A, 0x8F, 0x62, 0x68, 0x4E, 0x91,
|
||||
0x63, 0x75, 0xBA, 0x10, 0x30, 0x0C, 0x28, 0xC5,
|
||||
0xE4, 0x7C, 0xFB, 0xF2, 0x5F, 0xA5, 0x8F, 0x52
|
||||
};
|
||||
|
||||
static const unsigned char ecdsa_pub_key_y[] = {
|
||||
0x71, 0xA0, 0xD4, 0xFC, 0xDE, 0x1A, 0xB8, 0x78,
|
||||
0x5A, 0x3C, 0x78, 0x69, 0x35, 0xA7, 0xCF, 0xAB,
|
||||
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
|
||||
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
|
||||
};
|
||||
#endif /* CONFIG_DTLS_ECC */
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* TINYDTLS_KEYS_H */
|
Loading…
Reference in New Issue
Block a user