mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2024-12-29 04:50:03 +01:00
net/sock/dtls: allow to register multiple credentials into a sock
This commit is contained in:
Leandro Lanzieri
parent
d7440ce1e3
commit
62fb9ad69f
@ -293,8 +293,12 @@ int sock_dtls_create(sock_dtls_t *sock, sock_udp_t *udp_sock,
|
||||
sock->buf_ctx = NULL;
|
||||
memset(&sock->async_cb_session, 0, sizeof(sock->async_cb_session));
|
||||
#endif /* SOCK_HAS_ASYNC */
|
||||
|
||||
memset(sock->tags, CREDMAN_TAG_EMPTY, CONFIG_DTLS_CREDENTIALS_MAX * sizeof(credman_tag_t));
|
||||
sock->tags_len = 1;
|
||||
sock->tags[0] = tag;
|
||||
|
||||
sock->role = role;
|
||||
sock->tag = tag;
|
||||
sock->dtls_ctx = dtls_new_context(sock);
|
||||
if (!sock->dtls_ctx) {
|
||||
DEBUG("sock_dtls: error getting DTLS context\n");
|
||||
@ -316,6 +320,53 @@ int sock_dtls_set_server_psk_id_hint(sock_dtls_t *sock, const char *hint)
|
||||
return 0;
|
||||
}
|
||||
|
||||
int sock_dtls_add_credential(sock_dtls_t *sock, credman_tag_t tag)
|
||||
{
|
||||
assert(sock);
|
||||
if (sock->tags_len < CONFIG_DTLS_CREDENTIALS_MAX) {
|
||||
DEBUG("sock_dtls: credential added in position %d\n", sock->tags_len);
|
||||
sock->tags[sock->tags_len] = tag;
|
||||
sock->tags_len++;
|
||||
return 0;
|
||||
}
|
||||
DEBUG("sock_dtls: could not add new credential\n");
|
||||
return -1;
|
||||
}
|
||||
|
||||
int sock_dtls_remove_credential(sock_dtls_t *sock, credman_tag_t tag)
|
||||
{
|
||||
assert(sock);
|
||||
int pos = -1;
|
||||
for (unsigned i = 0; i < sock->tags_len; i++) {
|
||||
if (sock->tags[i] == tag) {
|
||||
pos = i;
|
||||
DEBUG("sock_dtls: found credential to remove in position %i\n", pos);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (pos >= 0) {
|
||||
sock->tags_len--;
|
||||
for (; (unsigned)pos < sock->tags_len; pos++) {
|
||||
sock->tags[pos] = sock->tags[pos + 1];
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
else {
|
||||
DEBUG("sock_dtls: could not find credential to remove\n");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
|
||||
size_t sock_dtls_get_credentials(sock_dtls_t *sock, const credman_tag_t **out)
|
||||
{
|
||||
assert(sock);
|
||||
assert(out);
|
||||
|
||||
*out = sock->tags;
|
||||
return sock->tags_len;
|
||||
}
|
||||
|
||||
sock_udp_t *sock_dtls_get_udp_sock(sock_dtls_t *sock)
|
||||
{
|
||||
assert(sock);
|
||||
|
||||
@ -75,9 +75,9 @@ struct sock_dtls {
|
||||
size_t datalen; /**< data length */
|
||||
session_t *session; /**< Session information */
|
||||
} buffer;
|
||||
credman_tag_t tag; /**< Credential tag of a registered
|
||||
(D)TLS credential */
|
||||
char psk_hint[CONFIG_DTLS_PSK_ID_HINT_MAX_SIZE]; /**< PSK Identity hint */
|
||||
credman_tag_t tags[CONFIG_DTLS_CREDENTIALS_MAX]; /**< Tags of the available credentials */
|
||||
unsigned tags_len; /**< Number of tags in the list 'tags' */
|
||||
dtls_peer_type role; /**< DTLS role of the socket */
|
||||
};
|
||||
|
||||
|
||||
@ -37,6 +37,13 @@ extern "C" {
|
||||
#ifndef CONFIG_DTLS_PSK_ID_HINT_MAX_SIZE
|
||||
#define CONFIG_DTLS_PSK_ID_HINT_MAX_SIZE 32
|
||||
#endif
|
||||
|
||||
/**
|
||||
* @brief Default buffer size for TLS credential tags
|
||||
*/
|
||||
#ifndef CONFIG_DTLS_CREDENTIALS_MAX
|
||||
#define CONFIG_DTLS_CREDENTIALS_MAX 4
|
||||
#endif
|
||||
/** @} */
|
||||
|
||||
/**
|
||||
@ -52,6 +59,42 @@ extern "C" {
|
||||
*/
|
||||
int sock_dtls_set_server_psk_id_hint(sock_dtls_t *sock, const char *hint);
|
||||
|
||||
/**
|
||||
* @brief Adds a credential tag to list of available credentials for @p sock.
|
||||
*
|
||||
* @pre sock != NULL
|
||||
*
|
||||
* @param[in] sock DTLS sock object
|
||||
* @param[in] tag Tag of the credential to add
|
||||
*
|
||||
* @retval 0 on success
|
||||
* @retval -1 otherwise
|
||||
*/
|
||||
int sock_dtls_add_credential(sock_dtls_t *sock, credman_tag_t tag);
|
||||
|
||||
/**
|
||||
* @brief Removes a credential tag of the list of available credentials for @p sock.
|
||||
*
|
||||
* @pre sock != NULL
|
||||
*
|
||||
* @param[in] sock DTLS sock object
|
||||
* @param[in] tag Tag of the credential to remove
|
||||
*
|
||||
* @retval 0 on success
|
||||
* @retval -1 otherwise
|
||||
*/
|
||||
int sock_dtls_remove_credential(sock_dtls_t *sock, credman_tag_t tag);
|
||||
|
||||
/**
|
||||
* @brief Returns an array of tags of the registered credentials in @p sock.
|
||||
*
|
||||
* @param[in] sock DTLS sock object
|
||||
* @param[out] out Pointer to place the reference to a read-only array of @ref credman_tag_t
|
||||
*
|
||||
* @return Number of registered credentials
|
||||
*/
|
||||
size_t sock_dtls_get_credentials(sock_dtls_t *sock, const credman_tag_t **out);
|
||||
|
||||
#ifdef __cplusplus
|
||||
}
|
||||
#endif
|
||||
|
||||
@ -44,6 +44,10 @@ config DTLS_HANDSHAKE_BUFSIZE_EXP
|
||||
represents the exponent of 2^n, which will be used as the size of the
|
||||
buffer. The buffer is used to hold credentials during DTLS handshakes.
|
||||
|
||||
config DTLS_CREDENTIALS_MAX
|
||||
int "Buffer size for TLS credential tags"
|
||||
default 4
|
||||
|
||||
config DTLS_PSK_ID_HINT_MAX_SIZE
|
||||
int "Maximum size for a PSK Identity hint string"
|
||||
default 32
|
||||
|
||||
Loading…
Reference in New Issue
Block a user