mirror of
https://github.com/RIOT-OS/RIOT.git
synced 2024-12-29 04:50:03 +01:00
pkg/tinydtls: Move configurations to 'CONFIG_' namespace
Macros that changed: DTLS_PSK -> CONFIG_DTLS_PSK DTLS_ECC -> CONFIG_DTLS_ECC (except in release-notes.txt) DTLS_CONTEXT_MAX -> CONFIG_DTLS_CONTEXT_MAX DTLS_PEER_MAX -> CONFIG_DTLS_PEER_MAX DTLS_HANDSHAKE_MAX -> CONFIG_DTLS_HANDSHAKE_MAX DTLS_SECURITY_MAX -> CONFIG_DTLS_SECURITY_MAX DTLS_HASH_MAX -> CONFIG_DTLS_HASH_MAX
This commit is contained in:
parent
7a44d8ecf7
commit
d5b2aa8a2f
@ -25,14 +25,15 @@ USEPKG += tinydtls
|
|||||||
DTLS_PORT ?= 20220
|
DTLS_PORT ?= 20220
|
||||||
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
|
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
|
||||||
|
|
||||||
# NOTE: If not cipher suite is selected, DTLS_PSK is used by default.
|
# NOTE: If no cipher suite is selected, CONFIG_DTLS_PSK is used by default.
|
||||||
|
# This section should be commented out if using Kconfig
|
||||||
# This adds support for TLS_PSK_WITH_AES_128_CCM_8
|
# This adds support for TLS_PSK_WITH_AES_128_CCM_8
|
||||||
# CFLAGS += -DDTLS_PSK
|
# CFLAGS += -DCONFIG_DTLS_PSK
|
||||||
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||||
# CFLAGS += -DDTLS_ECC
|
# CFLAGS += -DCONFIG_DTLS_ECC
|
||||||
|
|
||||||
# Enable this line for setting tinyDTLS in debug mode.
|
# Enable this line for setting tinyDTLS in debug mode.
|
||||||
# CFLAGS += -DDTLS_DEBUG
|
# CFLAGS += -DCONFIG_DTLS_DEBUG
|
||||||
|
|
||||||
# FIXME: This is a temporary patch
|
# FIXME: This is a temporary patch
|
||||||
# TinyDTLS <= 0.8.6 requires around 426 bytes in RAM.
|
# TinyDTLS <= 0.8.6 requires around 426 bytes in RAM.
|
||||||
|
@ -45,13 +45,13 @@ compile time. Their default values are considered for having two DTLS
|
|||||||
contexts (for purpose of DTLS renegotiation).
|
contexts (for purpose of DTLS renegotiation).
|
||||||
|
|
||||||
The resources handled by memarray are:
|
The resources handled by memarray are:
|
||||||
* `DTLS_CONTEXT_MAX` (default 2) The maximum number of DTLS context at the
|
* `CONFIG_DTLS_CONTEXT_MAX` (default 2) The maximum number of DTLS context at the
|
||||||
same time.
|
same time.
|
||||||
* `DTLS_PEER_MAX` (default 1) The maximum number DTLS peers (i.e. sessions).
|
* `CONFIG_DTLS_PEER_MAX` (default 1) The maximum number DTLS peers (i.e. sessions).
|
||||||
* `DTLS_HANDSHAKE_MAX` (default 1) The maximum number of concurrent DTLS handshakes.
|
* `CONFIG_DTLS_HANDSHAKE_MAX` (default 1) The maximum number of concurrent DTLS handshakes.
|
||||||
* `DTLS_SECURITY_MAX` (the sum of the previous two) The maximum number of
|
* `DTLS_SECURITY_MAX` (the sum of the previous two) The maximum number of
|
||||||
concurrently used cipher keys.
|
concurrently used cipher keys.
|
||||||
* `DTLS_HASH_MAX` (Default: `3 * DTLS_PEER_MAX`) The maximum number of hash
|
* `DTLS_HASH_MAX` (Default: `3 * CONFIG_DTLS_PEER_MAX`) The maximum number of hash
|
||||||
functions that can be used in parallel.
|
functions that can be used in parallel.
|
||||||
|
|
||||||
## Handling retransmissions
|
## Handling retransmissions
|
||||||
|
@ -42,7 +42,7 @@
|
|||||||
#define MAX_TIMES_TRY_TO_SEND 10 /* Expected to be 1 - 255 */
|
#define MAX_TIMES_TRY_TO_SEND 10 /* Expected to be 1 - 255 */
|
||||||
|
|
||||||
/* Delay to give time to the remote peer to do the compute (client only). */
|
/* Delay to give time to the remote peer to do the compute (client only). */
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
#define DEFAULT_US_DELAY 10000000
|
#define DEFAULT_US_DELAY 10000000
|
||||||
#else
|
#else
|
||||||
#define DEFAULT_US_DELAY 100
|
#define DEFAULT_US_DELAY 100
|
||||||
@ -138,7 +138,7 @@ static int dtls_handle_read(dtls_context_t *ctx)
|
|||||||
return dtls_handle_message(ctx, &session, packet_rcvd, res);
|
return dtls_handle_message(ctx, &session, packet_rcvd, res);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
|
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
|
||||||
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
|
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
|
||||||
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
|
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
|
||||||
@ -189,9 +189,9 @@ static int _peer_get_psk_info_handler(struct dtls_context_t *ctx,
|
|||||||
|
|
||||||
return dtls_alert_fatal_create(DTLS_ALERT_INTERNAL_ERROR);
|
return dtls_alert_fatal_create(DTLS_ALERT_INTERNAL_ERROR);
|
||||||
}
|
}
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
|
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
|
||||||
const session_t *session,
|
const session_t *session,
|
||||||
const dtls_ecdsa_key_t **result)
|
const dtls_ecdsa_key_t **result)
|
||||||
@ -228,7 +228,7 @@ static int _peer_verify_ecdsa_key_handler(struct dtls_context_t *ctx,
|
|||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
|
|
||||||
/* Reception of a DTLS Application data record. */
|
/* Reception of a DTLS Application data record. */
|
||||||
static int _read_from_peer_handler(struct dtls_context_t *ctx,
|
static int _read_from_peer_handler(struct dtls_context_t *ctx,
|
||||||
@ -301,19 +301,19 @@ dtls_context_t *_init_dtls(sock_udp_t *sock, sock_udp_ep_t *local,
|
|||||||
.write = _send_to_peer_handler,
|
.write = _send_to_peer_handler,
|
||||||
.read = _read_from_peer_handler,
|
.read = _read_from_peer_handler,
|
||||||
.event = _events_handler,
|
.event = _events_handler,
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
.get_psk_info = _peer_get_psk_info_handler,
|
.get_psk_info = _peer_get_psk_info_handler,
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
.get_ecdsa_key = _peer_get_ecdsa_key_handler,
|
.get_ecdsa_key = _peer_get_ecdsa_key_handler,
|
||||||
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler
|
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
};
|
};
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
DEBUG("Client support PSK\n");
|
DEBUG("Client support PSK\n");
|
||||||
#endif
|
#endif
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
DEBUG("Client support ECC\n");
|
DEBUG("Client support ECC\n");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -167,7 +167,7 @@ static int _send_to_peer_handler(struct dtls_context_t *ctx,
|
|||||||
return sock_udp_send(remote_peer->sock, buf, len, remote_peer->remote);
|
return sock_udp_send(remote_peer->sock, buf, len, remote_peer->remote);
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
|
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
|
||||||
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
|
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
|
||||||
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
|
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
|
||||||
@ -220,9 +220,9 @@ static int _peer_get_psk_info_handler(struct dtls_context_t *ctx, const session_
|
|||||||
|
|
||||||
return dtls_alert_fatal_create(DTLS_ALERT_DECRYPT_ERROR);
|
return dtls_alert_fatal_create(DTLS_ALERT_DECRYPT_ERROR);
|
||||||
}
|
}
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
|
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
|
||||||
const session_t *session,
|
const session_t *session,
|
||||||
const dtls_ecdsa_key_t **result)
|
const dtls_ecdsa_key_t **result)
|
||||||
@ -258,7 +258,7 @@ static int _peer_verify_ecdsa_key_handler(struct dtls_context_t *ctx,
|
|||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
|
|
||||||
/* DTLS variables and register are initialized. */
|
/* DTLS variables and register are initialized. */
|
||||||
dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer)
|
dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer)
|
||||||
@ -269,19 +269,19 @@ dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer)
|
|||||||
.write = _send_to_peer_handler,
|
.write = _send_to_peer_handler,
|
||||||
.read = _read_from_peer_handler,
|
.read = _read_from_peer_handler,
|
||||||
.event = NULL,
|
.event = NULL,
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
.get_psk_info = _peer_get_psk_info_handler,
|
.get_psk_info = _peer_get_psk_info_handler,
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
.get_ecdsa_key = _peer_get_ecdsa_key_handler,
|
.get_ecdsa_key = _peer_get_ecdsa_key_handler,
|
||||||
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler
|
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
};
|
};
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
DEBUG("Server support PSK\n");
|
DEBUG("Server support PSK\n");
|
||||||
#endif
|
#endif
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
DEBUG("Server support ECC\n");
|
DEBUG("Server support ECC\n");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -28,16 +28,16 @@ extern "C" {
|
|||||||
/*
|
/*
|
||||||
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
|
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
|
||||||
*/
|
*/
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
#define PSK_DEFAULT_IDENTITY "Client_identity"
|
#define PSK_DEFAULT_IDENTITY "Client_identity"
|
||||||
#define PSK_DEFAULT_KEY "secretPSK"
|
#define PSK_DEFAULT_KEY "secretPSK"
|
||||||
#define PSK_OPTIONS "i:k:"
|
#define PSK_OPTIONS "i:k:"
|
||||||
#define PSK_ID_MAXLEN 32
|
#define PSK_ID_MAXLEN 32
|
||||||
#define PSK_MAXLEN 32
|
#define PSK_MAXLEN 32
|
||||||
|
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static const unsigned char ecdsa_priv_key[] = {
|
static const unsigned char ecdsa_priv_key[] = {
|
||||||
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
|
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
|
||||||
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
|
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
|
||||||
@ -58,7 +58,7 @@ static const unsigned char ecdsa_pub_key_y[] = {
|
|||||||
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
|
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
|
||||||
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
|
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
|
||||||
};
|
};
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -29,14 +29,15 @@ USEMODULE += shell_commands
|
|||||||
DTLS_PORT ?= 20220
|
DTLS_PORT ?= 20220
|
||||||
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
|
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
|
||||||
|
|
||||||
# NOTE: If no cipher suite is selected, DTLS_PSK is used by default.
|
# NOTE: If no cipher suite is selected, CONFIG_DTLS_PSK is used by default.
|
||||||
|
# This section should be commented out if using Kconfig
|
||||||
# This adds support for TLS_PSK_WITH_AES_128_CCM_8
|
# This adds support for TLS_PSK_WITH_AES_128_CCM_8
|
||||||
CFLAGS += -DDTLS_PSK
|
# CFLAGS += -DCONFIG_DTLS_PSK
|
||||||
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
|
||||||
# CFLAGS += -DDTLS_ECC
|
# CFLAGS += -DCONFIG_DTLS_ECC
|
||||||
|
|
||||||
# Uncomment to enable debug logs
|
# Uncomment to enable debug logs
|
||||||
# CFLAGS += -DDTLS_DEBUG
|
# CFLAGS += -DCONFIG_DTLS_DEBUG
|
||||||
|
|
||||||
# FIXME: This is a temporary patch
|
# FIXME: This is a temporary patch
|
||||||
CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(2*THREAD_STACKSIZE_LARGE\)
|
CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(2*THREAD_STACKSIZE_LARGE\)
|
||||||
|
@ -30,7 +30,7 @@ $ PORT=tap1 make all term
|
|||||||
|
|
||||||
## Debug logs
|
## Debug logs
|
||||||
|
|
||||||
To enable debug logs uncomment `CFLAGS += -DDTLS_DEBUG` in the Makefile.
|
To enable debug logs uncomment `CFLAGS += -DCONFIG_DTLS_DEBUG` in the Makefile.
|
||||||
Tinydtls supports setting the log level. See Makefile for more info.
|
Tinydtls supports setting the log level. See Makefile for more info.
|
||||||
|
|
||||||
## Configs and constraints
|
## Configs and constraints
|
||||||
|
@ -31,7 +31,7 @@
|
|||||||
|
|
||||||
#define SOCK_DTLS_CLIENT_TAG (2)
|
#define SOCK_DTLS_CLIENT_TAG (2)
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static const ecdsa_public_key_t other_pubkeys[] = {
|
static const ecdsa_public_key_t other_pubkeys[] = {
|
||||||
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
|
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
|
||||||
};
|
};
|
||||||
@ -52,7 +52,7 @@ static const credman_credential_t credential = {
|
|||||||
},
|
},
|
||||||
};
|
};
|
||||||
|
|
||||||
#else /* ifdef DTLS_PSK */
|
#else /* ifdef CONFIG_DTLS_PSK */
|
||||||
static const uint8_t psk_id_0[] = PSK_DEFAULT_IDENTITY;
|
static const uint8_t psk_id_0[] = PSK_DEFAULT_IDENTITY;
|
||||||
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
|
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
|
||||||
|
|
||||||
|
@ -39,7 +39,7 @@ char _dtls_server_stack[THREAD_STACKSIZE_MAIN +
|
|||||||
|
|
||||||
static kernel_pid_t _dtls_server_pid = KERNEL_PID_UNDEF;
|
static kernel_pid_t _dtls_server_pid = KERNEL_PID_UNDEF;
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static const ecdsa_public_key_t other_pubkeys[] = {
|
static const ecdsa_public_key_t other_pubkeys[] = {
|
||||||
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
|
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
|
||||||
};
|
};
|
||||||
@ -59,7 +59,7 @@ static const credman_credential_t credential = {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
};
|
};
|
||||||
#else /* #ifdef DTLS_PSK */
|
#else /* #ifdef CONFIG_DTLS_PSK */
|
||||||
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
|
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
|
||||||
|
|
||||||
static const credman_credential_t credential = {
|
static const credman_credential_t credential = {
|
||||||
|
@ -28,16 +28,16 @@ extern "C" {
|
|||||||
/*
|
/*
|
||||||
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
|
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
|
||||||
*/
|
*/
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
#define PSK_DEFAULT_IDENTITY "Client_identity"
|
#define PSK_DEFAULT_IDENTITY "Client_identity"
|
||||||
#define PSK_DEFAULT_KEY "secretPSK"
|
#define PSK_DEFAULT_KEY "secretPSK"
|
||||||
#define PSK_OPTIONS "i:k:"
|
#define PSK_OPTIONS "i:k:"
|
||||||
#define PSK_ID_MAXLEN 32
|
#define PSK_ID_MAXLEN 32
|
||||||
#define PSK_MAXLEN 32
|
#define PSK_MAXLEN 32
|
||||||
|
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static const unsigned char ecdsa_priv_key[] = {
|
static const unsigned char ecdsa_priv_key[] = {
|
||||||
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
|
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
|
||||||
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
|
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
|
||||||
@ -58,7 +58,7 @@ static const unsigned char ecdsa_pub_key_y[] = {
|
|||||||
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
|
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
|
||||||
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
|
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
|
||||||
};
|
};
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
@ -18,20 +18,27 @@ ifeq (,$(filter posix_sockets,$(USEMODULE)))
|
|||||||
CFLAGS += -DWITH_RIOT_GNRC
|
CFLAGS += -DWITH_RIOT_GNRC
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
# Default cipher suite when not using Kconfig
|
||||||
|
ifeq (,$(CONFIG_KCONFIG_PKG_TINYDTLS))
|
||||||
# NOTE: PSK should be enabled by default BUT if the user define any other cipher
|
# NOTE: PSK should be enabled by default BUT if the user define any other cipher
|
||||||
# suite(s) it should not be enabled.
|
# suite(s) it should not be enabled.
|
||||||
# TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future)
|
# TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future)
|
||||||
ifeq (,$(filter -DDTLS_PSK,$(CFLAGS)))
|
PSK_ENABLED := $(or $(filter -DCONFIG_DTLS_PSK,$(CFLAGS)), $(filter -DDTLS_PSK,$(CFLAGS)))
|
||||||
ifeq (,$(filter -DDTLS_ECC,$(CFLAGS)))
|
ECC_ENABLED := $(or $(filter -DCONFIG_DTLS_ECC,$(CFLAGS)), $(filter -DDTLS_ECC,$(CFLAGS)))
|
||||||
CFLAGS += -DDTLS_PSK
|
ifeq (, $(or $(PSK_ENABLED),$(ECC_ENABLED)))
|
||||||
|
CFLAGS += -DCONFIG_DTLS_PSK
|
||||||
endif
|
endif
|
||||||
endif
|
endif
|
||||||
|
|
||||||
# Handles the verbosity of tinyDTLS. Default: Minimum or just error messages.
|
ifneq (,$(filter -DDTLS_DEBUG,$(CFLAGS)))
|
||||||
ifeq (,$(filter -DDTLS_DEBUG,$(CFLAGS)))
|
# For backwards compability. This can be removed after release 2020.10
|
||||||
CFLAGS += -DTINYDTLS_LOG_LVL=0
|
$(warning Warning! DTLS_DEBUG is deprecated use CONFIG_DTLS_DEBUG)
|
||||||
else
|
CFLAGS += -DCONFIG_DTLS_DEBUG
|
||||||
|
endif
|
||||||
|
ifneq (,$(or $(CONFIG_DTLS_DEBUG),$(filter -DCONFIG_DTLS_DEBUG,$(CFLAGS))))
|
||||||
CFLAGS += -DTINYDTLS_LOG_LVL=6
|
CFLAGS += -DTINYDTLS_LOG_LVL=6
|
||||||
|
else
|
||||||
|
CFLAGS += -DTINYDTLS_LOG_LVL=0
|
||||||
endif
|
endif
|
||||||
|
|
||||||
ifneq (,$(filter tinydtls_aes,$(USEMODULE)))
|
ifneq (,$(filter tinydtls_aes,$(USEMODULE)))
|
||||||
@ -46,3 +53,39 @@ endif
|
|||||||
ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE)))
|
ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE)))
|
||||||
DIRS += $(RIOTBASE)/pkg/tinydtls/contrib
|
DIRS += $(RIOTBASE)/pkg/tinydtls/contrib
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
# Translate 'CONFIG_' options to package specific flags. This checks if the
|
||||||
|
# option is being set via Kconfig or CFLAGS
|
||||||
|
|
||||||
|
ifneq (,$(filter -DDTLS_PSK,$(CFLAGS)))
|
||||||
|
# For backwards compability. This can be removed after release 2020.10
|
||||||
|
$(warning Warning! DTLS_PSK is deprecated use CONFIG_DTLS_PSK)
|
||||||
|
CFLAGS += -DCONFIG_DTLS_PSK
|
||||||
|
endif
|
||||||
|
ifneq (,$(or $(CONFIG_DTLS_PSK),$(filter -DCONFIG_DTLS_PSK,$(CFLAGS))))
|
||||||
|
CFLAGS += -DDTLS_PSK
|
||||||
|
endif
|
||||||
|
|
||||||
|
ifneq (,$(filter -DDTLS_ECC,$(CFLAGS)))
|
||||||
|
# For backwards compability. This can be removed after release 2020.10
|
||||||
|
$(warning Warning! DTLS_ECC is deprecated use CONFIG_DTLS_ECC)
|
||||||
|
CFLAGS += -DCONFIG_DTLS_ECC
|
||||||
|
endif
|
||||||
|
ifneq (,$(or $(CONFIG_DTLS_ECC),$(filter -DCONFIG_DTLS_ECC,$(CFLAGS))))
|
||||||
|
CFLAGS += -DDTLS_ECC
|
||||||
|
endif
|
||||||
|
|
||||||
|
CONTEXT_MAX := $(or $(CONFIG_DTLS_CONTEXT_MAX),$(patsubst -DCONFIG_DTLS_CONTEXT_MAX=%,%,$(filter -DCONFIG_DTLS_CONTEXT_MAX=%,$(CFLAGS))))
|
||||||
|
ifneq (,$(CONTEXT_MAX))
|
||||||
|
CFLAGS += -DDTLS_CONTEXT_MAX=$(CONTEXT_MAX)
|
||||||
|
endif
|
||||||
|
|
||||||
|
PEER_MAX := $(or $(CONFIG_DTLS_PEER_MAX),$(patsubst -DCONFIG_DTLS_PEER_MAX=%,%,$(filter -DCONFIG_DTLS_PEER_MAX=%,$(CFLAGS))))
|
||||||
|
ifneq (,$(PEER_MAX))
|
||||||
|
CFLAGS += -DDTLS_PEER_MAX=$(PEER_MAX)
|
||||||
|
endif
|
||||||
|
|
||||||
|
HANDSHAKE_MAX := $(or $(CONFIG_DTLS_HANDSHAKE_MAX),$(patsubst -DCONFIG_DTLS_HANDSHAKE_MAX=%,%,$(filter -DCONFIG_DTLS_HANDSHAKE_MAX=%,$(CFLAGS))))
|
||||||
|
ifneq (,$(HANDSHAKE_MAX))
|
||||||
|
CFLAGS += -DDTLS_HANDSHAKE_MAX=$(HANDSHAKE_MAX)
|
||||||
|
endif
|
||||||
|
@ -29,22 +29,22 @@
|
|||||||
#define DTLS_HANDSHAKE_BUFSIZE (256) /**< Size buffer used in handshake
|
#define DTLS_HANDSHAKE_BUFSIZE (256) /**< Size buffer used in handshake
|
||||||
to hold credentials */
|
to hold credentials */
|
||||||
/* ECC handshake takes more time */
|
/* ECC handshake takes more time */
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
#define DTLS_HANDSHAKE_TIMEOUT (30 * US_PER_SEC)
|
#define DTLS_HANDSHAKE_TIMEOUT (30 * US_PER_SEC)
|
||||||
#else
|
#else
|
||||||
#define DTLS_HANDSHAKE_TIMEOUT (1 * US_PER_SEC)
|
#define DTLS_HANDSHAKE_TIMEOUT (1 * US_PER_SEC)
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
|
|
||||||
static void _timeout_callback(void *arg);
|
static void _timeout_callback(void *arg);
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
|
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
|
||||||
dtls_credentials_type_t type,
|
dtls_credentials_type_t type,
|
||||||
const unsigned char *id, size_t id_len,
|
const unsigned char *id, size_t id_len,
|
||||||
unsigned char *result, size_t result_length);
|
unsigned char *result, size_t result_length);
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
|
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
|
||||||
const dtls_ecdsa_key_t **result);
|
const dtls_ecdsa_key_t **result);
|
||||||
|
|
||||||
@ -53,7 +53,7 @@ static int _verify_ecdsa_key(struct dtls_context_t *ctx,
|
|||||||
const unsigned char *other_pub_x,
|
const unsigned char *other_pub_x,
|
||||||
const unsigned char *other_pub_y,
|
const unsigned char *other_pub_y,
|
||||||
size_t key_size);
|
size_t key_size);
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
|
|
||||||
static int _write(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
|
static int _write(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
|
||||||
size_t len);
|
size_t len);
|
||||||
@ -70,13 +70,13 @@ static dtls_handler_t _dtls_handler = {
|
|||||||
.event = _event,
|
.event = _event,
|
||||||
.write = _write,
|
.write = _write,
|
||||||
.read = _read,
|
.read = _read,
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
.get_psk_info = _get_psk_info,
|
.get_psk_info = _get_psk_info,
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
.get_ecdsa_key = _get_ecdsa_key,
|
.get_ecdsa_key = _get_ecdsa_key,
|
||||||
.verify_ecdsa_key = _verify_ecdsa_key,
|
.verify_ecdsa_key = _verify_ecdsa_key,
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
};
|
};
|
||||||
|
|
||||||
static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
|
static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
|
||||||
@ -132,7 +132,7 @@ static int _event(struct dtls_context_t *ctx, session_t *session,
|
|||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
#ifdef DTLS_PSK
|
#ifdef CONFIG_DTLS_PSK
|
||||||
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
|
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
|
||||||
dtls_credentials_type_t type,
|
dtls_credentials_type_t type,
|
||||||
const unsigned char *desc, size_t desc_len,
|
const unsigned char *desc, size_t desc_len,
|
||||||
@ -190,9 +190,9 @@ static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
|
|||||||
memcpy(result, c, c_len);
|
memcpy(result, c, c_len);
|
||||||
return c_len;
|
return c_len;
|
||||||
}
|
}
|
||||||
#endif /* DTLS_PSK */
|
#endif /* CONFIG_DTLS_PSK */
|
||||||
|
|
||||||
#ifdef DTLS_ECC
|
#ifdef CONFIG_DTLS_ECC
|
||||||
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
|
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
|
||||||
const dtls_ecdsa_key_t **result)
|
const dtls_ecdsa_key_t **result)
|
||||||
{
|
{
|
||||||
@ -229,7 +229,7 @@ static int _verify_ecdsa_key(struct dtls_context_t *ctx,
|
|||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
#endif /* DTLS_ECC */
|
#endif /* CONFIG_DTLS_ECC */
|
||||||
|
|
||||||
int sock_dtls_create(sock_dtls_t *sock, sock_udp_t *udp_sock,
|
int sock_dtls_create(sock_dtls_t *sock, sock_udp_t *udp_sock,
|
||||||
credman_tag_t tag, unsigned version, unsigned role)
|
credman_tag_t tag, unsigned version, unsigned role)
|
||||||
|
@ -23,12 +23,12 @@
|
|||||||
*
|
*
|
||||||
* For `TLS_PSK_WITH_AES_128_CCM_8` support (default):
|
* For `TLS_PSK_WITH_AES_128_CCM_8` support (default):
|
||||||
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
|
||||||
* CFLAGS += -DDTLS_PSK
|
* CFLAGS += -DCONFIG_DTLS_PSK
|
||||||
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
*
|
*
|
||||||
* For `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` support:
|
* For `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` support:
|
||||||
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
|
||||||
* CFLAGS += -DDTLS_ECC
|
* CFLAGS += -DCONFIG_DTLS_ECC
|
||||||
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -42,51 +42,51 @@
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Adds support for TLS_PSK_WITH_AES_128_CCM_8 when defined
|
* @brief Adds support for TLS_PSK_WITH_AES_128_CCM_8 when defined
|
||||||
* @note Activated by default if @ref DTLS_ECC is not defined
|
* @note Activated by default if @ref CONFIG_DTLS_ECC is not defined
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_PSK
|
#ifndef CONFIG_DTLS_PSK
|
||||||
#define DTLS_PSK
|
#define CONFIG_DTLS_PSK
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief Adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 when defined
|
* @brief Adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 when defined
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_ECC
|
#ifndef CONFIG_DTLS_ECC
|
||||||
#define DTLS_ECC
|
#define CONFIG_DTLS_ECC
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The maximum number of DTLS context at the same time
|
* @brief The maximum number of DTLS context at the same time
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_CONTEXT_MAX
|
#ifndef CONFIG_DTLS_CONTEXT_MAX
|
||||||
#define DTLS_CONTEXT_MAX (2)
|
#define CONFIG_DTLS_CONTEXT_MAX (2)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The maximum number DTLS peers (i.e. sessions)
|
* @brief The maximum number DTLS peers (i.e. sessions)
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_PEER_MAX
|
#ifndef CONFIG_DTLS_PEER_MAX
|
||||||
#define DTLS_PEER_MAX (1)
|
#define CONFIG_DTLS_PEER_MAX (1)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The maximum number of concurrent DTLS handshakes
|
* @brief The maximum number of concurrent DTLS handshakes
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_HANDSHAKE_MAX
|
#ifndef CONFIG_DTLS_HANDSHAKE_MAX
|
||||||
#define DTLS_HANDSHAKE_MAX (2)
|
#define CONFIG_DTLS_HANDSHAKE_MAX (2)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The maximum number of concurrently used cipher keys
|
* @brief The maximum number of concurrently used cipher keys
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_SECURITY_MAX
|
#ifndef DTLS_SECURITY_MAX
|
||||||
#define DTLS_SECURITY_MAX (DTLS_HANDSHAKE_MAX + DTLS_PEER_MAX)
|
#define DTLS_SECURITY_MAX (CONFIG_DTLS_HANDSHAKE_MAX + CONFIG_DTLS_PEER_MAX)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @brief The maximum number of hash functions that can be used in parallel
|
* @brief The maximum number of hash functions that can be used in parallel
|
||||||
*/
|
*/
|
||||||
#ifndef DTLS_HASH_MAX
|
#ifndef DTLS_HASH_MAX
|
||||||
#define DTLS_HASH_MAX (3 * DTLS_PEER_MAX)
|
#define DTLS_HASH_MAX (3 * CONFIG_DTLS_PEER_MAX)
|
||||||
#endif
|
#endif
|
||||||
/** @} */
|
/** @} */
|
||||||
|
Loading…
Reference in New Issue
Block a user