mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2025-01-17 04:52:59 +01:00
pkg/edhoc-c: initial commit
Co-authored-by: Timothy Claeys <timothy.claeys@inria.fr>
This commit is contained in:
parent
137dd14911
commit
4cef100781
19
pkg/edhoc-c/Makefile
Normal file
19
pkg/edhoc-c/Makefile
Normal file
@ -0,0 +1,19 @@
|
||||
PKG_NAME = EDHOC-C
|
||||
PKG_URL = https://github.com/future-proof-iot/EDHOC-C.git
|
||||
PKG_VERSION = 1847c2c558d3ea97a070f6a9546a5913432ecf96
|
||||
PKG_LICENSE = BSD-3-Clause
|
||||
|
||||
include $(RIOTBASE)/pkg/pkg.mk
|
||||
|
||||
.PHONY: edhoc-c_%
|
||||
|
||||
EDHOC_C_MODULES := $(filter edhoc-c_%,$(USEMODULE))
|
||||
|
||||
all: $(EDHOC_C_MODULES)
|
||||
"$(MAKE)" -C $(PKG_SOURCE_DIR)/src -f $(RIOTBASE)/Makefile.base MODULE=edhoc-c
|
||||
|
||||
edhoc-c_crypto_%:
|
||||
"$(MAKE)" -C $(PKG_SOURCE_DIR)/src/crypto -f $(RIOTBASE)/Makefile.base MODULE=$@ SRC=$*.c
|
||||
|
||||
edhoc-c_cbor_%:
|
||||
"$(MAKE)" -C $(PKG_SOURCE_DIR)/src/cbor -f $(RIOTBASE)/Makefile.base MODULE=$@ SRC=$*.c
|
22
pkg/edhoc-c/Makefile.dep
Normal file
22
pkg/edhoc-c/Makefile.dep
Normal file
@ -0,0 +1,22 @@
|
||||
ifneq (,$(filter edhoc-c_crypto_wolfssl,$(USEMODULE)))
|
||||
USEPKG += wolfssl
|
||||
USEMODULE += wolfcrypt
|
||||
USEMODULE += wolfcrypt_aes
|
||||
USEMODULE += wolfcrypt_ed25519
|
||||
USEMODULE += wolfcrypt_curve25519
|
||||
USEMODULE += wolfcrypt_hmac
|
||||
USEMODULE += wolfcrypt_random
|
||||
USEMODULE += wolfcrypt_sha256
|
||||
endif
|
||||
|
||||
ifneq (,$(filter edhoc-c_crypto_tinycrypt,$(USEMODULE)))
|
||||
USEPKG += tinycrypt
|
||||
# Blacklist platforms using nimble, mynewt-nimble has an in-tree copy
|
||||
# of tinycrypt that conflicts with the remote one
|
||||
FEATURES_BLACKLIST += ble_nimble
|
||||
USEPKG += c25519
|
||||
endif
|
||||
|
||||
ifneq (,$(filter edhoc-c_cbor_nanocbor,$(USEMODULE)))
|
||||
USEPKG += nanocbor
|
||||
endif
|
23
pkg/edhoc-c/Makefile.include
Normal file
23
pkg/edhoc-c/Makefile.include
Normal file
@ -0,0 +1,23 @@
|
||||
INCLUDES += -I$(PKGDIRBASE)/EDHOC-C/include \
|
||||
-I$(PKGDIRBASE)/EDHOC-C/src \
|
||||
-I$(RIOTBASE)/pkg/edhoc-c/include \
|
||||
#
|
||||
|
||||
ifneq (,$(filter edhoc-c_crypto_wolfssl,$(USEMODULE)))
|
||||
CFLAGS += -DHAVE_AESCCM
|
||||
CFLAGS += -DHAVE_HKDF
|
||||
CFLAGS += -DWOLFSSL
|
||||
endif
|
||||
|
||||
ifneq (,$(filter edhoc-c_crypto_tinycrypt,$(USEMODULE)))
|
||||
CFLAGS += -DTINYCRYPT
|
||||
endif
|
||||
|
||||
ifneq (,$(filter edhoc-c_cbor_nanocbor,$(USEMODULE)))
|
||||
CFLAGS += -DNANOCBOR
|
||||
endif
|
||||
|
||||
# EDHOC-C configuration file for RIOT
|
||||
CFLAGS += -DEDHOC_CONFIG_FILE=\"edhoc_config.h\"
|
||||
# X509 backend in EDHOC-C is mbedtls currently not supported in RIOT
|
||||
CFLAGS += -DEMPTY_X509
|
48
pkg/edhoc-c/doc.txt
Normal file
48
pkg/edhoc-c/doc.txt
Normal file
@ -0,0 +1,48 @@
|
||||
/**
|
||||
* @defgroup pkg_edhoc_c EDHOC-C
|
||||
* @ingroup pkg
|
||||
* @brief Support for Ephemeral Diffie-Hellman Over COSE (EDHOC)
|
||||
* @see https://github.com/openwsn-berkeley/EDHOC-C
|
||||
*
|
||||
* # EDHOC-C RIOT package
|
||||
*
|
||||
* ## Usage
|
||||
*
|
||||
* Just add it as a package in your application:
|
||||
*
|
||||
* ```makefile
|
||||
* USEPKG += edhoc-c
|
||||
* ```
|
||||
*
|
||||
* ### Backends
|
||||
*
|
||||
* EDHOC-C does not implement crypographic algorithms, instead it uses external
|
||||
* libraries as a backend. Libraries that provide all requirements are
|
||||
* currently @ref pkg_tinycrypt and @ref pkg_wolfssl. Pick one through the
|
||||
* following module:
|
||||
*
|
||||
* ```makefile
|
||||
* USEMODULE += edhoc-c_crypto_wolfssl
|
||||
* USEMODULE += edhoc-c_crypto_tinycrypt
|
||||
* ```
|
||||
*
|
||||
* EDHOC-C does not implement a CBOR library either, currently the only possible
|
||||
* backend is @ref pkg_nanocbor. Select it through the following module:
|
||||
*
|
||||
* ```makefile
|
||||
* USEMODULE += edhoc-c_cbor_nanocbor
|
||||
* ```
|
||||
*
|
||||
* Don't forget to include the header for the EDHOC-C public API:
|
||||
*
|
||||
* ```c
|
||||
* #include <edhoc/edhoc.h>
|
||||
* ```
|
||||
*
|
||||
* ### Current Support
|
||||
*
|
||||
* - EDHOC-C supports @ref pkg_hacl as a crypto backend but it's using a different
|
||||
* version than the one supported currently in RIOT
|
||||
* - x509 certificates require MBED-TLS, which is currently not supported in
|
||||
* RIOT so only RPK and CBOR certificates are supported.
|
||||
*/
|
121
pkg/edhoc-c/include/edhoc_config.h
Normal file
121
pkg/edhoc-c/include/edhoc_config.h
Normal file
@ -0,0 +1,121 @@
|
||||
/*
|
||||
* Copyright (C) 2021 Inria
|
||||
*
|
||||
* This file is subject to the terms and conditions of the GNU Lesser
|
||||
* General Public License v2.1. See the file LICENSE in the top level
|
||||
* directory for more details.
|
||||
*/
|
||||
|
||||
/**
|
||||
* @ingroup pkg_edhoc_c
|
||||
* @{
|
||||
*
|
||||
* @file
|
||||
* @brief EDHOC-C configuration file
|
||||
*
|
||||
* @author Timothy Claeys <timothy.claeys@inria.fr>
|
||||
*
|
||||
* @}
|
||||
*/
|
||||
|
||||
#ifndef EDHOC_CONFIG_H
|
||||
#define EDHOC_CONFIG_H
|
||||
|
||||
#ifdef __cplusplus
|
||||
extern "C" {
|
||||
#endif
|
||||
|
||||
/**
|
||||
* @brief EDHOC_CIPHER_SUITE_X_ENABLED
|
||||
*
|
||||
* Enables support for a specific EDHOC cipher suite
|
||||
*
|
||||
*/
|
||||
#define EDHOC_CIPHER_SUITE_0_ENABLED
|
||||
|
||||
/**
|
||||
* @brief EDHOC_AUTH_METHOD_X_ENABLED
|
||||
* @{
|
||||
*
|
||||
* Enables support for a specific EDHOC authentication method
|
||||
*
|
||||
*/
|
||||
#define EDHOC_AUTH_METHOD_0_ENABLED
|
||||
#define EDHOC_AUTH_METHOD_1_ENABLED
|
||||
#define EDHOC_AUTH_METHOD_2_ENABLED
|
||||
#define EDHOC_AUTH_METHOD_3_ENABLED
|
||||
/** @} */
|
||||
|
||||
/**
|
||||
* @brief EDHOC_ASYNC_API_ENABLED
|
||||
*
|
||||
* Exposes the individual EDHOC message functions for asynchronous usage.
|
||||
*
|
||||
*/
|
||||
#define EDHOC_ASYNC_API_ENABLED
|
||||
|
||||
/**
|
||||
* @brief EDHOC_DEBUG_ENABLE
|
||||
*
|
||||
* Enables some extra methods that allow for easier testing and debugging
|
||||
*
|
||||
*/
|
||||
#define EDHOC_DEBUG_ENABLED
|
||||
|
||||
/**
|
||||
* @brief EDHOC_AUTH_CERT_ENABLED
|
||||
* @{
|
||||
*
|
||||
* Enables CBOR certificates as the EDHOC local credential
|
||||
*
|
||||
*/
|
||||
#define EDHOC_AUTH_CERT_ENABLED
|
||||
#if defined(EDHOC_AUTH_CERT_ENABLED)
|
||||
#define EDHOC_AUTH_CBOR_CERT
|
||||
#endif
|
||||
/** @} */
|
||||
|
||||
/**
|
||||
* @brief EDHOC_AUTH_RPK_ENABLED
|
||||
*
|
||||
* Enables COSE raw public keys as the EDHOC local credential
|
||||
*
|
||||
*/
|
||||
#define EDHOC_AUTH_RPK_ENABLED
|
||||
|
||||
/**
|
||||
* @brief EDHOC_COSE_HEADER_SIZE
|
||||
*
|
||||
* Sets the maximum number of COSE header elements
|
||||
*/
|
||||
#define EDHOC_COSE_HEADER_SIZE (5)
|
||||
|
||||
/**
|
||||
* @brief EDHOC_CREDENTIAL_MAX_SIZE
|
||||
*
|
||||
* Sets the maximum buffer size for credentials (raw keys or certificates)
|
||||
*
|
||||
*/
|
||||
#define EDHOC_CRED_SIZE (256)
|
||||
|
||||
/**
|
||||
* @brief EDHOC_CREDENTIAL_ID_MAX_SIZE
|
||||
*
|
||||
* Sets the maximum buffer size for credential identifiers
|
||||
*
|
||||
*/
|
||||
#define EDHOC_CRED_ID_SIZE (256)
|
||||
|
||||
/**
|
||||
* @brief EDHOC_ADD_DATA_MAX_SIZE
|
||||
*
|
||||
* Maximum number of additional data bytes to piggy-back on the EDHOC exchange
|
||||
*
|
||||
*/
|
||||
#define EDHOC_ADDITIONAL_DATA_SIZE (64)
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
#endif /* EDHOC_CONFIG_H */
|
Loading…
Reference in New Issue
Block a user