RIOT-OS/RIOT
RIOT-OS/RIOT
1
0
Fork 0
mirror of https://github.com/RIOT-OS/RIOT.git synced 2024-12-29 04:50:03 +01:00
Code Releases Activity

pkg/tinydtls: Move configurations to 'CONFIG_' namespace

Browse Source 
Macros that changed:
DTLS_PSK -> CONFIG_DTLS_PSK
DTLS_ECC -> CONFIG_DTLS_ECC (except in release-notes.txt)
DTLS_CONTEXT_MAX -> CONFIG_DTLS_CONTEXT_MAX
DTLS_PEER_MAX -> CONFIG_DTLS_PEER_MAX
DTLS_HANDSHAKE_MAX -> CONFIG_DTLS_HANDSHAKE_MAX
DTLS_SECURITY_MAX -> CONFIG_DTLS_SECURITY_MAX
DTLS_HASH_MAX -> CONFIG_DTLS_HASH_MAX
This commit is contained in:
Aiman Ismail 2019-12-18 18:15:30 +01:00
parent 7a44d8ecf7
commit d5b2aa8a2f
13 changed files with 130 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
examples/dtls-echo/Makefile
View File

@ -25,14 +25,15 @@ USEPKG += tinydtls
DTLS_PORT ?= 20220 DTLS_PORT ?= 20220
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT) CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
# NOTE: If not cipher suite is selected, DTLS_PSK is used by default. # NOTE: If no cipher suite is selected, CONFIG_DTLS_PSK is used by default.
# This section should be commented out if using Kconfig
# This adds support for TLS_PSK_WITH_AES_128_CCM_8 # This adds support for TLS_PSK_WITH_AES_128_CCM_8
# CFLAGS += -DDTLS_PSK # CFLAGS += -DCONFIG_DTLS_PSK
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 # This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
# CFLAGS += -DDTLS_ECC # CFLAGS += -DCONFIG_DTLS_ECC
# Enable this line for setting tinyDTLS in debug mode. # Enable this line for setting tinyDTLS in debug mode.
# CFLAGS += -DDTLS_DEBUG # CFLAGS += -DCONFIG_DTLS_DEBUG
# FIXME: This is a temporary patch # FIXME: This is a temporary patch
# TinyDTLS <= 0.8.6 requires around 426 bytes in RAM. # TinyDTLS <= 0.8.6 requires around 426 bytes in RAM.

8
examples/dtls-echo/README.md
View File

@ -45,13 +45,13 @@ compile time. Their default values are considered for having two DTLS
contexts (for purpose of DTLS renegotiation). contexts (for purpose of DTLS renegotiation).
The resources handled by memarray are: The resources handled by memarray are:
* `DTLS_CONTEXT_MAX` (default 2) The maximum number of DTLS context at the * `CONFIG_DTLS_CONTEXT_MAX` (default 2) The maximum number of DTLS context at the
same time. same time.
* `DTLS_PEER_MAX` (default 1) The maximum number DTLS peers (i.e. sessions). * `CONFIG_DTLS_PEER_MAX` (default 1) The maximum number DTLS peers (i.e. sessions).
* `DTLS_HANDSHAKE_MAX` (default 1) The maximum number of concurrent DTLS handshakes. * `CONFIG_DTLS_HANDSHAKE_MAX` (default 1) The maximum number of concurrent DTLS handshakes.
* `DTLS_SECURITY_MAX` (the sum of the previous two) The maximum number of * `DTLS_SECURITY_MAX` (the sum of the previous two) The maximum number of
concurrently used cipher keys. concurrently used cipher keys.
* `DTLS_HASH_MAX` (Default: `3 * DTLS_PEER_MAX`) The maximum number of hash * `DTLS_HASH_MAX` (Default: `3 * CONFIG_DTLS_PEER_MAX`) The maximum number of hash
functions that can be used in parallel. functions that can be used in parallel.
## Handling retransmissions ## Handling retransmissions

22
examples/dtls-echo/dtls-client.c
View File

@ -42,7 +42,7 @@
#define MAX_TIMES_TRY_TO_SEND 10 /* Expected to be 1 - 255 */ #define MAX_TIMES_TRY_TO_SEND 10 /* Expected to be 1 - 255 */
/* Delay to give time to the remote peer to do the compute (client only). */ /* Delay to give time to the remote peer to do the compute (client only). */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
#define DEFAULT_US_DELAY 10000000 #define DEFAULT_US_DELAY 10000000
#else #else
#define DEFAULT_US_DELAY 100 #define DEFAULT_US_DELAY 100
@ -138,7 +138,7 @@ static int dtls_handle_read(dtls_context_t *ctx)
return dtls_handle_message(ctx, &session, packet_rcvd, res); return dtls_handle_message(ctx, &session, packet_rcvd, res);
} }
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY; static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1; static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY; static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
@ -189,9 +189,9 @@ static int _peer_get_psk_info_handler(struct dtls_context_t *ctx,
return dtls_alert_fatal_create(DTLS_ALERT_INTERNAL_ERROR); return dtls_alert_fatal_create(DTLS_ALERT_INTERNAL_ERROR);
} }
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx, static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
const session_t *session, const session_t *session,
const dtls_ecdsa_key_t **result) const dtls_ecdsa_key_t **result)
@ -228,7 +228,7 @@ static int _peer_verify_ecdsa_key_handler(struct dtls_context_t *ctx,
return 0; return 0;
} }
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
/* Reception of a DTLS Application data record. */ /* Reception of a DTLS Application data record. */
static int _read_from_peer_handler(struct dtls_context_t *ctx, static int _read_from_peer_handler(struct dtls_context_t *ctx,
@ -301,19 +301,19 @@ dtls_context_t *_init_dtls(sock_udp_t *sock, sock_udp_ep_t *local,
.write = _send_to_peer_handler, .write = _send_to_peer_handler,
.read = _read_from_peer_handler, .read = _read_from_peer_handler,
.event = _events_handler, .event = _events_handler,
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
.get_psk_info = _peer_get_psk_info_handler, .get_psk_info = _peer_get_psk_info_handler,
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
.get_ecdsa_key = _peer_get_ecdsa_key_handler, .get_ecdsa_key = _peer_get_ecdsa_key_handler,
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler .verify_ecdsa_key = _peer_verify_ecdsa_key_handler
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
}; };
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
DEBUG("Client support PSK\n"); DEBUG("Client support PSK\n");
#endif #endif
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
DEBUG("Client support ECC\n"); DEBUG("Client support ECC\n");
#endif #endif

20
examples/dtls-echo/dtls-server.c
View File

@ -167,7 +167,7 @@ static int _send_to_peer_handler(struct dtls_context_t *ctx,
return sock_udp_send(remote_peer->sock, buf, len, remote_peer->remote); return sock_udp_send(remote_peer->sock, buf, len, remote_peer->remote);
} }
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY; static unsigned char psk_id[PSK_ID_MAXLEN] = PSK_DEFAULT_IDENTITY;
static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1; static size_t psk_id_length = sizeof(PSK_DEFAULT_IDENTITY) - 1;
static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY; static unsigned char psk_key[PSK_MAXLEN] = PSK_DEFAULT_KEY;
@ -220,9 +220,9 @@ static int _peer_get_psk_info_handler(struct dtls_context_t *ctx, const session_
return dtls_alert_fatal_create(DTLS_ALERT_DECRYPT_ERROR); return dtls_alert_fatal_create(DTLS_ALERT_DECRYPT_ERROR);
} }
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx, static int _peer_get_ecdsa_key_handler(struct dtls_context_t *ctx,
const session_t *session, const session_t *session,
const dtls_ecdsa_key_t **result) const dtls_ecdsa_key_t **result)
@ -258,7 +258,7 @@ static int _peer_verify_ecdsa_key_handler(struct dtls_context_t *ctx,
return 0; return 0;
} }
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
/* DTLS variables and register are initialized. */ /* DTLS variables and register are initialized. */
dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer) dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer)
@ -269,19 +269,19 @@ dtls_context_t *_server_init_dtls(dtls_remote_peer_t *remote_peer)
.write = _send_to_peer_handler, .write = _send_to_peer_handler,
.read = _read_from_peer_handler, .read = _read_from_peer_handler,
.event = NULL, .event = NULL,
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
.get_psk_info = _peer_get_psk_info_handler, .get_psk_info = _peer_get_psk_info_handler,
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
.get_ecdsa_key = _peer_get_ecdsa_key_handler, .get_ecdsa_key = _peer_get_ecdsa_key_handler,
.verify_ecdsa_key = _peer_verify_ecdsa_key_handler .verify_ecdsa_key = _peer_verify_ecdsa_key_handler
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
}; };
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
DEBUG("Server support PSK\n"); DEBUG("Server support PSK\n");
#endif #endif
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
DEBUG("Server support ECC\n"); DEBUG("Server support ECC\n");
#endif #endif

8
examples/dtls-echo/tinydtls_keys.h
View File

@ -28,16 +28,16 @@ extern "C" {
/* /*
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki) * Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
*/ */
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
#define PSK_DEFAULT_IDENTITY "Client_identity" #define PSK_DEFAULT_IDENTITY "Client_identity"
#define PSK_DEFAULT_KEY "secretPSK" #define PSK_DEFAULT_KEY "secretPSK"
#define PSK_OPTIONS "i:k:" #define PSK_OPTIONS "i:k:"
#define PSK_ID_MAXLEN 32 #define PSK_ID_MAXLEN 32
#define PSK_MAXLEN 32 #define PSK_MAXLEN 32
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static const unsigned char ecdsa_priv_key[] = { static const unsigned char ecdsa_priv_key[] = {
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14, 0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14, 0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
@ -58,7 +58,7 @@ static const unsigned char ecdsa_pub_key_y[] = {
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B, 0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29 0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
}; };
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

9
examples/dtls-sock/Makefile
View File

@ -29,14 +29,15 @@ USEMODULE += shell_commands
DTLS_PORT ?= 20220 DTLS_PORT ?= 20220
CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT) CFLAGS += -DDTLS_DEFAULT_PORT=$(DTLS_PORT)
# NOTE: If no cipher suite is selected, DTLS_PSK is used by default. # NOTE: If no cipher suite is selected, CONFIG_DTLS_PSK is used by default.
# This section should be commented out if using Kconfig
# This adds support for TLS_PSK_WITH_AES_128_CCM_8 # This adds support for TLS_PSK_WITH_AES_128_CCM_8
CFLAGS += -DDTLS_PSK # CFLAGS += -DCONFIG_DTLS_PSK
# This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 # This adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
# CFLAGS += -DDTLS_ECC # CFLAGS += -DCONFIG_DTLS_ECC
# Uncomment to enable debug logs # Uncomment to enable debug logs
# CFLAGS += -DDTLS_DEBUG # CFLAGS += -DCONFIG_DTLS_DEBUG
# FIXME: This is a temporary patch # FIXME: This is a temporary patch
CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(2*THREAD_STACKSIZE_LARGE\) CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(2*THREAD_STACKSIZE_LARGE\)

2
examples/dtls-sock/README.md
View File

@ -30,7 +30,7 @@ $ PORT=tap1 make all term
## Debug logs ## Debug logs
To enable debug logs uncomment `CFLAGS += -DDTLS_DEBUG` in the Makefile. To enable debug logs uncomment `CFLAGS += -DCONFIG_DTLS_DEBUG` in the Makefile.
Tinydtls supports setting the log level. See Makefile for more info. Tinydtls supports setting the log level. See Makefile for more info.
## Configs and constraints ## Configs and constraints

4
examples/dtls-sock/dtls-client.c
View File

@ -31,7 +31,7 @@
#define SOCK_DTLS_CLIENT_TAG (2) #define SOCK_DTLS_CLIENT_TAG (2)
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static const ecdsa_public_key_t other_pubkeys[] = { static const ecdsa_public_key_t other_pubkeys[] = {
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y }, { .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
}; };
@ -52,7 +52,7 @@ static const credman_credential_t credential = {
}, },
}; };
#else /* ifdef DTLS_PSK */ #else /* ifdef CONFIG_DTLS_PSK */
static const uint8_t psk_id_0[] = PSK_DEFAULT_IDENTITY; static const uint8_t psk_id_0[] = PSK_DEFAULT_IDENTITY;
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY; static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;

4
examples/dtls-sock/dtls-server.c
View File

@ -39,7 +39,7 @@ char _dtls_server_stack[THREAD_STACKSIZE_MAIN +
static kernel_pid_t _dtls_server_pid = KERNEL_PID_UNDEF; static kernel_pid_t _dtls_server_pid = KERNEL_PID_UNDEF;
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static const ecdsa_public_key_t other_pubkeys[] = { static const ecdsa_public_key_t other_pubkeys[] = {
{ .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y }, { .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
}; };
@ -59,7 +59,7 @@ static const credman_credential_t credential = {
}, },
}, },
}; };
#else /* #ifdef DTLS_PSK */ #else /* #ifdef CONFIG_DTLS_PSK */
static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY; static const uint8_t psk_key_0[] = PSK_DEFAULT_KEY;
static const credman_credential_t credential = { static const credman_credential_t credential = {

8
examples/dtls-sock/tinydtls_keys.h
View File

@ -28,16 +28,16 @@ extern "C" {
/* /*
* Default keys examples for tinyDTLS (for RIOT, Linux and Contiki) * Default keys examples for tinyDTLS (for RIOT, Linux and Contiki)
*/ */
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
#define PSK_DEFAULT_IDENTITY "Client_identity" #define PSK_DEFAULT_IDENTITY "Client_identity"
#define PSK_DEFAULT_KEY "secretPSK" #define PSK_DEFAULT_KEY "secretPSK"
#define PSK_OPTIONS "i:k:" #define PSK_OPTIONS "i:k:"
#define PSK_ID_MAXLEN 32 #define PSK_ID_MAXLEN 32
#define PSK_MAXLEN 32 #define PSK_MAXLEN 32
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static const unsigned char ecdsa_priv_key[] = { static const unsigned char ecdsa_priv_key[] = {
0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14, 0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14, 0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
@ -58,7 +58,7 @@ static const unsigned char ecdsa_pub_key_y[] = {
0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B, 0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29 0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
}; };
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif

63
pkg/tinydtls/Makefile.include
View File

@ -18,20 +18,27 @@ ifeq (,$(filter posix_sockets,$(USEMODULE)))
CFLAGS += -DWITH_RIOT_GNRC CFLAGS += -DWITH_RIOT_GNRC
endif endif
# NOTE: PSK should be enabled by default BUT if the user define any other cipher # Default cipher suite when not using Kconfig
# suite(s) it should not be enabled. ifeq (,$(CONFIG_KCONFIG_PKG_TINYDTLS))
# TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future) # NOTE: PSK should be enabled by default BUT if the user define any other cipher
ifeq (,$(filter -DDTLS_PSK,$(CFLAGS))) # suite(s) it should not be enabled.
ifeq (,$(filter -DDTLS_ECC,$(CFLAGS))) # TODO: Create the flag DTLS_CIPHERS with keywords PSK, ECC (and future)
CFLAGS += -DDTLS_PSK PSK_ENABLED := $(or $(filter -DCONFIG_DTLS_PSK,$(CFLAGS)), $(filter -DDTLS_PSK,$(CFLAGS)))
ECC_ENABLED := $(or $(filter -DCONFIG_DTLS_ECC,$(CFLAGS)), $(filter -DDTLS_ECC,$(CFLAGS)))
ifeq (, $(or $(PSK_ENABLED),$(ECC_ENABLED)))
CFLAGS += -DCONFIG_DTLS_PSK
endif endif
endif endif
# Handles the verbosity of tinyDTLS. Default: Minimum or just error messages. ifneq (,$(filter -DDTLS_DEBUG,$(CFLAGS)))
ifeq (,$(filter -DDTLS_DEBUG,$(CFLAGS))) # For backwards compability. This can be removed after release 2020.10
CFLAGS += -DTINYDTLS_LOG_LVL=0 $(warning Warning! DTLS_DEBUG is deprecated use CONFIG_DTLS_DEBUG)
else CFLAGS += -DCONFIG_DTLS_DEBUG
endif
ifneq (,$(or $(CONFIG_DTLS_DEBUG),$(filter -DCONFIG_DTLS_DEBUG,$(CFLAGS))))
CFLAGS += -DTINYDTLS_LOG_LVL=6 CFLAGS += -DTINYDTLS_LOG_LVL=6
else
CFLAGS += -DTINYDTLS_LOG_LVL=0
endif endif
ifneq (,$(filter tinydtls_aes,$(USEMODULE))) ifneq (,$(filter tinydtls_aes,$(USEMODULE)))
@ -46,3 +53,39 @@ endif
ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE))) ifneq (,$(filter tinydtls_sock_dtls,$(USEMODULE)))
DIRS += $(RIOTBASE)/pkg/tinydtls/contrib DIRS += $(RIOTBASE)/pkg/tinydtls/contrib
endif endif
# Translate 'CONFIG_' options to package specific flags. This checks if the
# option is being set via Kconfig or CFLAGS
ifneq (,$(filter -DDTLS_PSK,$(CFLAGS)))
# For backwards compability. This can be removed after release 2020.10
$(warning Warning! DTLS_PSK is deprecated use CONFIG_DTLS_PSK)
CFLAGS += -DCONFIG_DTLS_PSK
endif
ifneq (,$(or $(CONFIG_DTLS_PSK),$(filter -DCONFIG_DTLS_PSK,$(CFLAGS))))
CFLAGS += -DDTLS_PSK
endif
ifneq (,$(filter -DDTLS_ECC,$(CFLAGS)))
# For backwards compability. This can be removed after release 2020.10
$(warning Warning! DTLS_ECC is deprecated use CONFIG_DTLS_ECC)
CFLAGS += -DCONFIG_DTLS_ECC
endif
ifneq (,$(or $(CONFIG_DTLS_ECC),$(filter -DCONFIG_DTLS_ECC,$(CFLAGS))))
CFLAGS += -DDTLS_ECC
endif
CONTEXT_MAX := $(or $(CONFIG_DTLS_CONTEXT_MAX),$(patsubst -DCONFIG_DTLS_CONTEXT_MAX=%,%,$(filter -DCONFIG_DTLS_CONTEXT_MAX=%,$(CFLAGS))))
ifneq (,$(CONTEXT_MAX))
CFLAGS += -DDTLS_CONTEXT_MAX=$(CONTEXT_MAX)
endif
PEER_MAX := $(or $(CONFIG_DTLS_PEER_MAX),$(patsubst -DCONFIG_DTLS_PEER_MAX=%,%,$(filter -DCONFIG_DTLS_PEER_MAX=%,$(CFLAGS))))
ifneq (,$(PEER_MAX))
CFLAGS += -DDTLS_PEER_MAX=$(PEER_MAX)
endif
HANDSHAKE_MAX := $(or $(CONFIG_DTLS_HANDSHAKE_MAX),$(patsubst -DCONFIG_DTLS_HANDSHAKE_MAX=%,%,$(filter -DCONFIG_DTLS_HANDSHAKE_MAX=%,$(CFLAGS))))
ifneq (,$(HANDSHAKE_MAX))
CFLAGS += -DDTLS_HANDSHAKE_MAX=$(HANDSHAKE_MAX)
endif

28
pkg/tinydtls/contrib/sock_dtls.c
View File

@ -29,22 +29,22 @@
#define DTLS_HANDSHAKE_BUFSIZE (256) /**< Size buffer used in handshake #define DTLS_HANDSHAKE_BUFSIZE (256) /**< Size buffer used in handshake
to hold credentials */ to hold credentials */
/* ECC handshake takes more time */ /* ECC handshake takes more time */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
#define DTLS_HANDSHAKE_TIMEOUT (30 * US_PER_SEC) #define DTLS_HANDSHAKE_TIMEOUT (30 * US_PER_SEC)
#else #else
#define DTLS_HANDSHAKE_TIMEOUT (1 * US_PER_SEC) #define DTLS_HANDSHAKE_TIMEOUT (1 * US_PER_SEC)
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
static void _timeout_callback(void *arg); static void _timeout_callback(void *arg);
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session, static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
dtls_credentials_type_t type, dtls_credentials_type_t type,
const unsigned char *id, size_t id_len, const unsigned char *id, size_t id_len,
unsigned char *result, size_t result_length); unsigned char *result, size_t result_length);
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session, static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
const dtls_ecdsa_key_t **result); const dtls_ecdsa_key_t **result);
@ -53,7 +53,7 @@ static int _verify_ecdsa_key(struct dtls_context_t *ctx,
const unsigned char *other_pub_x, const unsigned char *other_pub_x,
const unsigned char *other_pub_y, const unsigned char *other_pub_y,
size_t key_size); size_t key_size);
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
static int _write(struct dtls_context_t *ctx, session_t *session, uint8_t *buf, static int _write(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
size_t len); size_t len);
@ -70,13 +70,13 @@ static dtls_handler_t _dtls_handler = {
.event = _event, .event = _event,
.write = _write, .write = _write,
.read = _read, .read = _read,
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
.get_psk_info = _get_psk_info, .get_psk_info = _get_psk_info,
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
.get_ecdsa_key = _get_ecdsa_key, .get_ecdsa_key = _get_ecdsa_key,
.verify_ecdsa_key = _verify_ecdsa_key, .verify_ecdsa_key = _verify_ecdsa_key,
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
}; };
static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf, static int _read(struct dtls_context_t *ctx, session_t *session, uint8_t *buf,
@ -132,7 +132,7 @@ static int _event(struct dtls_context_t *ctx, session_t *session,
return 0; return 0;
} }
#ifdef DTLS_PSK #ifdef CONFIG_DTLS_PSK
static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session, static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
dtls_credentials_type_t type, dtls_credentials_type_t type,
const unsigned char *desc, size_t desc_len, const unsigned char *desc, size_t desc_len,
@ -190,9 +190,9 @@ static int _get_psk_info(struct dtls_context_t *ctx, const session_t *session,
memcpy(result, c, c_len); memcpy(result, c, c_len);
return c_len; return c_len;
} }
#endif /* DTLS_PSK */ #endif /* CONFIG_DTLS_PSK */
#ifdef DTLS_ECC #ifdef CONFIG_DTLS_ECC
static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session, static int _get_ecdsa_key(struct dtls_context_t *ctx, const session_t *session,
const dtls_ecdsa_key_t **result) const dtls_ecdsa_key_t **result)
{ {
@ -229,7 +229,7 @@ static int _verify_ecdsa_key(struct dtls_context_t *ctx,
return 0; return 0;
} }
#endif /* DTLS_ECC */ #endif /* CONFIG_DTLS_ECC */
int sock_dtls_create(sock_dtls_t *sock, sock_udp_t *udp_sock, int sock_dtls_create(sock_dtls_t *sock, sock_udp_t *udp_sock,
credman_tag_t tag, unsigned version, unsigned role) credman_tag_t tag, unsigned version, unsigned role)

30
pkg/tinydtls/doc.txt
View File

@ -23,12 +23,12 @@
* *
* For `TLS_PSK_WITH_AES_128_CCM_8` support (default): * For `TLS_PSK_WITH_AES_128_CCM_8` support (default):
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk} * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
* CFLAGS += -DDTLS_PSK * CFLAGS += -DCONFIG_DTLS_PSK
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
* *
* For `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` support: * For `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8` support:
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk} * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ {.mk}
* CFLAGS += -DDTLS_ECC * CFLAGS += -DCONFIG_DTLS_ECC
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ * ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
*/ */
@ -42,51 +42,51 @@
/** /**
* @brief Adds support for TLS_PSK_WITH_AES_128_CCM_8 when defined * @brief Adds support for TLS_PSK_WITH_AES_128_CCM_8 when defined
* @note Activated by default if @ref DTLS_ECC is not defined * @note Activated by default if @ref CONFIG_DTLS_ECC is not defined
*/ */
#ifndef DTLS_PSK #ifndef CONFIG_DTLS_PSK
#define DTLS_PSK #define CONFIG_DTLS_PSK
#endif #endif
/** /**
* @brief Adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 when defined * @brief Adds support for TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 when defined
*/ */
#ifndef DTLS_ECC #ifndef CONFIG_DTLS_ECC
#define DTLS_ECC #define CONFIG_DTLS_ECC
#endif #endif
/** /**
* @brief The maximum number of DTLS context at the same time * @brief The maximum number of DTLS context at the same time
*/ */
#ifndef DTLS_CONTEXT_MAX #ifndef CONFIG_DTLS_CONTEXT_MAX
#define DTLS_CONTEXT_MAX (2) #define CONFIG_DTLS_CONTEXT_MAX (2)
#endif #endif
/** /**
* @brief The maximum number DTLS peers (i.e. sessions) * @brief The maximum number DTLS peers (i.e. sessions)
*/ */
#ifndef DTLS_PEER_MAX #ifndef CONFIG_DTLS_PEER_MAX
#define DTLS_PEER_MAX (1) #define CONFIG_DTLS_PEER_MAX (1)
#endif #endif
/** /**
* @brief The maximum number of concurrent DTLS handshakes * @brief The maximum number of concurrent DTLS handshakes
*/ */
#ifndef DTLS_HANDSHAKE_MAX #ifndef CONFIG_DTLS_HANDSHAKE_MAX
#define DTLS_HANDSHAKE_MAX (2) #define CONFIG_DTLS_HANDSHAKE_MAX (2)
#endif #endif
/** /**
* @brief The maximum number of concurrently used cipher keys * @brief The maximum number of concurrently used cipher keys
*/ */
#ifndef DTLS_SECURITY_MAX #ifndef DTLS_SECURITY_MAX
#define DTLS_SECURITY_MAX (DTLS_HANDSHAKE_MAX + DTLS_PEER_MAX) #define DTLS_SECURITY_MAX (CONFIG_DTLS_HANDSHAKE_MAX + CONFIG_DTLS_PEER_MAX)
#endif #endif
/** /**
* @brief The maximum number of hash functions that can be used in parallel * @brief The maximum number of hash functions that can be used in parallel
*/ */
#ifndef DTLS_HASH_MAX #ifndef DTLS_HASH_MAX
#define DTLS_HASH_MAX (3 * DTLS_PEER_MAX) #define DTLS_HASH_MAX (3 * CONFIG_DTLS_PEER_MAX)
#endif #endif
/** @} */ /** @} */