dtls_8h_source.html

 /* dtls -- a very basic DTLS implementation

  *

  * Copyright (C) 2011--2013 Olaf Bergmann <bergmann@tzi.org>

  * Copyright (C) 2013 Hauke Mehrtens <hauke@hauke-m.de>

  *

  * Permission is hereby granted, free of charge, to any person

  * obtaining a copy of this software and associated documentation

  * files (the "Software"), to deal in the Software without

  * restriction, including without limitation the rights to use, copy,

  * modify, merge, publish, distribute, sublicense, and/or sell copies

  * of the Software, and to permit persons to whom the Software is

  * furnished to do so, subject to the following conditions:

  *

  * The above copyright notice and this permission notice shall be

  * included in all copies or substantial portions of the Software.

  *

  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF

  * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS

  * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN

  * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN

  * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE

  * SOFTWARE.

  */


 #ifndef _DTLS_DTLS_H_

 #define _DTLS_DTLS_H_


 #include <stdint.h>


 #include "t_list.h"

 #include "state.h"

 #include "peer.h"


 #ifndef WITH_CONTIKI

 #include "uthash.h"

 #include "t_list.h"

 #endif /* WITH_CONTIKI */


 #include "alert.h"

 #include "crypto.h"

 #include "hmac.h"


 #include "global.h"

 #include "dtls_time.h"


 #ifndef DTLSv12

 #define DTLS_VERSION 0xfeff /* DTLS v1.1 */

 #else

 #define DTLS_VERSION 0xfefd /* DTLS v1.2 */

 #endif


 typedef enum dtls_credentials_type_t {

   DTLS_PSK_HINT, DTLS_PSK_IDENTITY, DTLS_PSK_KEY

 } dtls_credentials_type_t;


 typedef struct dtls_ecdsa_key_t {

   dtls_ecdh_curve curve;

   const unsigned char *priv_key;

   const unsigned char *pub_key_x;

   const unsigned char *pub_key_y;

 } dtls_ecdsa_key_t;


 #define DTLS_COOKIE_SECRET_LENGTH 12


 struct dtls_context_t;


 typedef struct {

   int (*write)(struct dtls_context_t *ctx,

            session_t *session, uint8 *buf, size_t len);


   int (*read)(struct dtls_context_t *ctx,

            session_t *session, uint8 *buf, size_t len);


   int (*event)(struct dtls_context_t *ctx, session_t *session,

         dtls_alert_level_t level, unsigned short code);


 #ifdef DTLS_PSK


   int (*get_psk_info)(struct dtls_context_t *ctx,

               const session_t *session,

               dtls_credentials_type_t type,

               const unsigned char *desc, size_t desc_len,

               unsigned char *result, size_t result_length);


 #endif /* DTLS_PSK */


 #ifdef DTLS_ECC


   int (*get_ecdsa_key)(struct dtls_context_t *ctx,

                const session_t *session,

                const dtls_ecdsa_key_t **result);


   int (*verify_ecdsa_key)(struct dtls_context_t *ctx,

               const session_t *session,

               const unsigned char *other_pub_x,

               const unsigned char *other_pub_y,

               size_t key_size);

 #endif /* DTLS_ECC */

 } dtls_handler_t;


 typedef struct dtls_context_t {

   unsigned char cookie_secret[DTLS_COOKIE_SECRET_LENGTH];

   clock_time_t cookie_secret_age;

 #ifndef WITH_CONTIKI

   dtls_peer_t *peers;

 #else /* WITH_CONTIKI */

   LIST_STRUCT(peers);


   struct etimer retransmit_timer;

 #endif /* WITH_CONTIKI */


   LIST_STRUCT(sendqueue);

   void *app;

   dtls_handler_t *h;

   unsigned char readbuf[DTLS_MAX_BUF];

 } dtls_context_t;


 void dtls_init();


 dtls_context_t *dtls_new_context(void *app_data);


 void dtls_free_context(dtls_context_t *ctx);


 #define dtls_set_app_data(CTX,DATA) ((CTX)->app = (DATA))

 #define dtls_get_app_data(CTX) ((CTX)->app)


 static inline void dtls_set_handler(dtls_context_t *ctx, dtls_handler_t *h) {

   ctx->h = h;

 }


 int dtls_connect(dtls_context_t *ctx, const session_t *dst);


 int dtls_connect_peer(dtls_context_t *ctx, dtls_peer_t *peer);


 int dtls_close(dtls_context_t *ctx, const session_t *remote);


 int dtls_renegotiate(dtls_context_t *ctx, const session_t *dst);


 int dtls_write(struct dtls_context_t *ctx, session_t *session,

            uint8 *buf, size_t len);


 void dtls_check_retransmit(dtls_context_t *context, clock_time_t *next);


 #define DTLS_COOKIE_LENGTH 16


 #define DTLS_CT_CHANGE_CIPHER_SPEC 20

 #define DTLS_CT_ALERT              21

 #define DTLS_CT_HANDSHAKE          22

 #define DTLS_CT_APPLICATION_DATA   23


 typedef struct __attribute__((__packed__)) {

   uint8 content_type;

   uint16 version;

   uint16 epoch;

   uint48 sequence_number;

   uint16 length;

   /* fragment */

 } dtls_record_header_t;


 /* Handshake types */


 #define DTLS_HT_HELLO_REQUEST        0

 #define DTLS_HT_CLIENT_HELLO         1

 #define DTLS_HT_SERVER_HELLO         2

 #define DTLS_HT_HELLO_VERIFY_REQUEST 3

 #define DTLS_HT_CERTIFICATE         11

 #define DTLS_HT_SERVER_KEY_EXCHANGE 12

 #define DTLS_HT_CERTIFICATE_REQUEST 13

 #define DTLS_HT_SERVER_HELLO_DONE   14

 #define DTLS_HT_CERTIFICATE_VERIFY  15

 #define DTLS_HT_CLIENT_KEY_EXCHANGE 16

 #define DTLS_HT_FINISHED            20


 typedef struct __attribute__((__packed__)) {

   uint8 msg_type;

   uint24 length;

   uint16 message_seq;

   uint24 fragment_offset;

   uint24 fragment_length;

   /* body */

 } dtls_handshake_header_t;


 typedef struct __attribute__((__packed__)) {

   uint16 version;

   uint32 gmt_random;

   unsigned char random[28];

   /* session id (up to 32 bytes) */

   /* cookie (up to 32 bytes) */

   /* cipher suite (2 to 2^16 -1 bytes) */

   /* compression method */

 } dtls_client_hello_t;


 typedef struct __attribute__((__packed__)) {

   uint16 version;

   uint8 cookie_length;

   uint8 cookie[];

 } dtls_hello_verify_t;


 #if 0


 int dtls_record_read(dtls_state_t *state, uint8 *msg, int msglen);

 #endif


 int dtls_handle_message(dtls_context_t *ctx, session_t *session,

             uint8 *msg, int msglen);


 dtls_peer_t *dtls_get_peer(const dtls_context_t *context,

                const session_t *session);


 #endif /* _DTLS_DTLS_H_ */


dtls_ecdsa_key_t::curve
dtls_ecdh_curve curve
Definition: dtls.h:64

dtls_context_t::cookie_secret
unsigned char cookie_secret[DTLS_COOKIE_SECRET_LENGTH]
Definition: dtls.h:224

dtls_free_context
void dtls_free_context(dtls_context_t *ctx)
Definition: dtls.c:3802

dtls_ecdsa_key_t::priv_key
const unsigned char * priv_key
Definition: dtls.h:65

t_list.h
Wrappers for list structures and functions.

dtls_context_t
Definition: dtls.h:223

dtls_new_context
dtls_context_t * dtls_new_context(void *app_data)
Definition: dtls.c:3740

dtls_context_t::LIST_STRUCT
LIST_STRUCT(sendqueue)

dtls_state_t
dtls_state_t
Definition: state.h:40

session_t
Definition: session.h:49

crypto.h

dtls_get_peer
dtls_peer_t * dtls_get_peer(const dtls_context_t *context, const session_t *session)
Definition: dtls.c:212

dtls_record_header_t
dtls_record_header_t
Definition: dtls.h:338

DTLS_PSK_IDENTITY
Definition: dtls.h:60

dtls_alert_level_t
dtls_alert_level_t
Definition: alert.h:34

DTLS_PSK_KEY
Definition: dtls.h:60

dtls_context_t::cookie_secret_age
clock_time_t cookie_secret_age
Definition: dtls.h:225

alert.h
DTLS alert protocol.

global.h

dtls_credentials_type_t
dtls_credentials_type_t
Definition: dtls.h:59

dtls_context_t::peers
dtls_peer_t * peers
Definition: dtls.h:228

clock_time_t
uint32_t clock_time_t
Definition: dtls_time.h:55

uint48
unsigned char uint48[6]
Definition: global.h:51

dtls_set_handler
static void dtls_set_handler(dtls_context_t *ctx, dtls_handler_t *h)
Definition: dtls.h:262

peer.h
information about peers in a DTLS session

dtls_context_t::h
dtls_handler_t * h
Definition: dtls.h:239

__attribute__
struct __attribute__((__packed__))
Definition: dtls.h:331

uint24
unsigned char uint24[3]
Definition: global.h:49

dtls_ecdsa_key_t
struct dtls_ecdsa_key_t dtls_ecdsa_key_t

dtls_time.h
Clock Handling.

hmac.h

dtls_handshake_header_t
dtls_handshake_header_t
Definition: dtls.h:362

dtls_context_t::readbuf
unsigned char readbuf[DTLS_MAX_BUF]
Definition: dtls.h:241

dtls_ecdsa_key_t::pub_key_y
const unsigned char * pub_key_y
Definition: dtls.h:67

dtls_ecdh_curve
dtls_ecdh_curve
Definition: crypto.h:65

dtls_context_t
struct dtls_context_t dtls_context_t

uint8
unsigned char uint8
Definition: global.h:47

dtls_peer_t
Definition: peer.h:52

dtls_init
void dtls_init()
Definition: dtls.c:163

dtls_ecdsa_key_t::pub_key_x
const unsigned char * pub_key_x
Definition: dtls.h:66

dtls_connect
int dtls_connect(dtls_context_t *ctx, const session_t *dst)
Definition: dtls.c:3862

dtls_handle_message
int dtls_handle_message(dtls_context_t *ctx, session_t *session, uint8 *msg, int msglen)
Definition: dtls.c:3591

dtls_ecdsa_key_t
Definition: dtls.h:63

dtls_check_retransmit
void dtls_check_retransmit(dtls_context_t *context, clock_time_t *next)
Definition: dtls.c:3957

state.h
state information for DTLS FSM

DTLS_PSK_HINT
Definition: dtls.h:60

DTLS_MAX_BUF
#define DTLS_MAX_BUF
Definition: global.h:64

uint32
unsigned char uint32[4]
Definition: global.h:50

dtls_client_hello_t
dtls_client_hello_t
Definition: dtls.h:373

dtls_handler_t
Definition: dtls.h:84

dtls_context_t::app
void * app
Definition: dtls.h:237

dtls_renegotiate
int dtls_renegotiate(dtls_context_t *ctx, const session_t *dst)
Definition: dtls.c:2956

dtls_hello_verify_t
dtls_hello_verify_t
Definition: dtls.h:380

dtls_close
int dtls_close(dtls_context_t *ctx, const session_t *remote)
Definition: dtls.c:1494

DTLS_COOKIE_SECRET_LENGTH
#define DTLS_COOKIE_SECRET_LENGTH
Definition: dtls.h:71

uint16
unsigned char uint16[2]
Definition: global.h:48

dtls_connect_peer
int dtls_connect_peer(dtls_context_t *ctx, dtls_peer_t *peer)
Definition: dtls.c:3826

uthash.h

dtls_write
int dtls_write(struct dtls_context_t *ctx, session_t *session, uint8 *buf, size_t len)
Definition: dtls.c:236