148 lines
4.3 KiB
C
148 lines
4.3 KiB
C
/* dtls -- a very basic DTLS implementation
|
|
*
|
|
* Copyright (C) 2011--2014 Olaf Bergmann <bergmann@tzi.org>
|
|
*
|
|
* Permission is hereby granted, free of charge, to any person
|
|
* obtaining a copy of this software and associated documentation
|
|
* files (the "Software"), to deal in the Software without
|
|
* restriction, including without limitation the rights to use, copy,
|
|
* modify, merge, publish, distribute, sublicense, and/or sell copies
|
|
* of the Software, and to permit persons to whom the Software is
|
|
* furnished to do so, subject to the following conditions:
|
|
*
|
|
* The above copyright notice and this permission notice shall be
|
|
* included in all copies or substantial portions of the Software.
|
|
*
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
* SOFTWARE.
|
|
*/
|
|
|
|
#ifndef _DTLS_GLOBAL_H_
|
|
#define _DTLS_GLOBAL_H_
|
|
|
|
#include <stdlib.h>
|
|
#include <sys/types.h>
|
|
|
|
#include "tinydtls.h"
|
|
|
|
#ifndef DTLSv12
|
|
/* The current version of tinyDTLS supports DTLSv1.2 only. */
|
|
#define DTLSv12 1
|
|
#endif
|
|
|
|
#ifndef WITH_SHA256
|
|
/* The current version of tinyDTLS supports DTLSv1.2 with SHA256 PRF
|
|
only. */
|
|
#define WITH_SHA256 1
|
|
#endif
|
|
|
|
/* Define our own types as at least uint32_t does not work on my amd64. */
|
|
|
|
typedef unsigned char uint8;
|
|
typedef unsigned char uint16[2];
|
|
typedef unsigned char uint24[3];
|
|
typedef unsigned char uint32[4];
|
|
typedef unsigned char uint48[6];
|
|
|
|
#ifndef DTLS_MAX_BUF
|
|
/** Maximum size of DTLS message.
|
|
When Peers are sending bigger messages this causes problems. Californium
|
|
with ECDSA needs at least 220 */
|
|
#ifdef WITH_CONTIKI
|
|
#ifdef DTLS_ECC
|
|
#define DTLS_MAX_BUF 200
|
|
#else /* DTLS_ECC */
|
|
#define DTLS_MAX_BUF 100
|
|
#endif /* DTLS_ECC */
|
|
#else /* WITH_CONTIKI */
|
|
#define DTLS_MAX_BUF 1400
|
|
#endif /* WITH_CONTIKI */
|
|
#endif
|
|
|
|
#ifndef DTLS_DEFAULT_MAX_RETRANSMIT
|
|
/** Number of message retransmissions. */
|
|
#define DTLS_DEFAULT_MAX_RETRANSMIT 7
|
|
#endif
|
|
|
|
/** Known cipher suites.*/
|
|
typedef enum {
|
|
TLS_NULL_WITH_NULL_NULL = 0x0000, /**< NULL cipher */
|
|
TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8, /**< see RFC 6655 */
|
|
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE /**< see RFC 7251 */
|
|
} dtls_cipher_t;
|
|
|
|
/** Known compression suites.*/
|
|
typedef enum {
|
|
TLS_COMPRESSION_NULL = 0x0000 /* NULL compression */
|
|
} dtls_compression_t;
|
|
|
|
#define TLS_EXT_ELLIPTIC_CURVES 10 /* see RFC 4492 */
|
|
#define TLS_EXT_EC_POINT_FORMATS 11 /* see RFC 4492 */
|
|
#define TLS_EXT_SIG_HASH_ALGO 13 /* see RFC 5246 */
|
|
#define TLS_EXT_CLIENT_CERTIFICATE_TYPE 19 /* see RFC 7250 */
|
|
#define TLS_EXT_SERVER_CERTIFICATE_TYPE 20 /* see RFC 7250 */
|
|
#define TLS_EXT_ENCRYPT_THEN_MAC 22 /* see RFC 7366 */
|
|
|
|
#define TLS_CERT_TYPE_RAW_PUBLIC_KEY 2 /* see RFC 7250 */
|
|
|
|
#define TLS_EXT_ELLIPTIC_CURVES_SECP256R1 23 /* see RFC 4492 */
|
|
|
|
#define TLS_EXT_EC_POINT_FORMATS_UNCOMPRESSED 0 /* see RFC 4492 */
|
|
|
|
#define TLS_EC_CURVE_TYPE_NAMED_CURVE 3 /* see RFC 4492 */
|
|
|
|
#define TLS_CLIENT_CERTIFICATE_TYPE_ECDSA_SIGN 64 /* see RFC 4492 */
|
|
|
|
#define TLS_EXT_SIG_HASH_ALGO_SHA256 4 /* see RFC 5246 */
|
|
#define TLS_EXT_SIG_HASH_ALGO_ECDSA 3 /* see RFC 5246 */
|
|
|
|
/**
|
|
* XORs \p n bytes byte-by-byte starting at \p y to the memory area
|
|
* starting at \p x. */
|
|
static inline void
|
|
memxor(unsigned char *x, const unsigned char *y, size_t n) {
|
|
while(n--) {
|
|
*x ^= *y;
|
|
x++; y++;
|
|
}
|
|
}
|
|
|
|
/**
|
|
* Compares \p len bytes from @p a with @p b in constant time. This
|
|
* functions always traverses the entire length to prevent timing
|
|
* attacks.
|
|
*
|
|
* \param a Byte sequence to compare
|
|
* \param b Byte sequence to compare
|
|
* \param len Number of bytes to compare.
|
|
* \return \c 1 if \p a and \p b are equal, \c 0 otherwise.
|
|
*/
|
|
static inline int
|
|
equals(unsigned char *a, unsigned char *b, size_t len) {
|
|
int result = 1;
|
|
while (len--) {
|
|
result &= (*a++ == *b++);
|
|
}
|
|
return result;
|
|
}
|
|
|
|
#ifdef HAVE_FLS
|
|
#define dtls_fls(i) fls(i)
|
|
#else
|
|
static inline int
|
|
dtls_fls(unsigned int i) {
|
|
int n;
|
|
for (n = 0; i; n++)
|
|
i >>= 1;
|
|
return n;
|
|
}
|
|
#endif /* HAVE_FLS */
|
|
|
|
#endif /* _DTLS_GLOBAL_H_ */
|