Use cipher_suite_param_t for cipher-suite specific mac_len and
key_exchange_algorithm. Introduce dtls_cipher_index_t for simplified
cipher-suite parameter lookup. Cleanup old functions.
Signed-off-by: Achim Kraus <achim.kraus@cloudcoap.net>
This has the following optimization potentials which are also applied.
- crypto: only one HMAC context is required
- crypto: integrate last iteration into loop
- hmac: remove dtls_hmac_new()/_free()/_storage_init() as dtls_hmac_new()
now only is used in tests
Co-Authored-By: Leandro Lanzieri <leandro.lanzieri@haw-hamburg.de>
Signed-off-by: Martine Lenders <m.lenders@fu-berlin.de>
Rename dtls_ec_key_from_uint32_asn1() to dtls_ec_key_asn1_from_uint32()
to better describe what the function does, as well as add in the ASN.1
header defining it is a ASN.1 positive integer.
Rename dtls_asn1_integer_ec_key() to dtls_asn1_integer_to_ec_key to better
describe what it is actually doing.
Update dtls_add_ecdsa_signature_elem() to handle the updated
dtls_ec_key_asn1_from_uint32() function which now becomes more readable.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
In ASN.1, these are positive signed integer values, big-endian encoded.
There is an additional 0x00 prefix if the number has the signed bit set, so
that the number remains positive - hence length can be > 32.
If the leading bits are 0, and there is more than 8 of them, then the leading
0x00 byte(s) can be dropped - hence length can be < 32.
This fix allows the dtls_check_ecdsa_signature_elem() to work correctly.
It also corrects dtls_ec_key_from_uint32_asn1() so that the ASN.1 integer is
built correctly.
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
The key and nonce argument of the (deprecated) functions dtls_encrypt()
and dtls_decrypt() should be const as noted in [1]. This change requires
nonce also to be const in dtls_ccm_params_t.
[1] https://github.com/eclipse/tinydtls/issues/25Closes#25
Change-Id: Ic6a0801d48eb88c726eee232c8971449c459be29
The new functions dtls_encrypt_params() and dtls_decrypt_params()
provide an improved interface for AEAD crypto compared to
dtls_encrypt() and dtls_decrypt(). The former take a parameter
set of type dtls_ccm_params_t as first argument, containing the
nonce as well as the M and L values.
The new functions deprecate dtls_encrypt() and dtls_decrypt().
Change-Id: I4bded5da5c433b3192e361d70f23fa563399ae91
This allows for optimizing the prng functions for specific platforms and
makes integration with IoT build environments a lot simpler.
Makefile.in
Makefile.riot
Makefile.tinydtls
crypto.c
dtls.c
dtls_prng.c (new)
dtls_prng.h
platform-specific/Makefile.in
platform-specific/dtls_prng_contiki.c (new)
platform-specific/dtls_prng_espidf.c (new)
platform-specific/dtls_prng_posix.c (new)
platform-specific/dtls_prng_riot.c (new)
Separate out all the old #ifdefs and put the code into the appropriate
places.
Add in the new files to the build process
Change-Id: I955315defd55fd3db2dc58fd88c7aa283e3b9984
Signed-off-by: Jon Shallow <supjps-libcoap@jpshallow.com>
Signed-off-by: Olaf Bergmann <bergmann@tzi.org>
Removal of the MEMARRAY code from riot-boards.h now requires
including the memarray header in every file where memarray_init()
and memarray_alloc() are used.
Change-Id: I96f881c540da098174561fac6533d05b127ca00f
The pre-processor macro MEMARRAY helps declaring and initializing the
buffer and memarray_t structure that are required by memarray_init().
Change-Id: I9f9732881469d7163c5710b3ffd0e46d86a9fb66
This change fixes the invocation of the MEMARRAY macro and
memarray_init() to conform with the proposed API in [1].
[1] https://github.com/RIOT-OS/RIOT/pull/7651/
Change-Id: Iaede8ac17dfef758e54cd4072d58212c64ca4b08
The code has been cleaned up to
1. provide proper prototypes for functions that take no arguments (void),
2. avoid signedness issues, and
3. provide missing cases for switch statements.
Change-Id: I9e84ddb9ef6594c374ad817330a43b22642ebb33
Fixes dtls_config.h not visible in headers
Include dtls_config.h in tinydtls.h and include tinydtls.h in all necessary
headers.
Remaining headers do not use 'ifdef', but they may require it too.
Change-Id: I39c86dffc8bbc8bd7551e74386994f92f49d00ec
Signed-off-by: Gaëtan Harter <gaetan.harter@inria.fr>
