Sergio Scaglia
/
Nanostack_lib
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: mbedEndpointNetwork mbedEndpointNetworkMJK
Fork of
Nanostack_lib
by 
Sensinode
inc/socket/socket_security.h@11:1b7aaf37a131, 2014-06-25 (annotated)
- Committer:
- jusu_81
- Date:
- Wed Jun 25 21:05:58 2014 +0000
- Revision:
- 11:1b7aaf37a131
- Parent:
- 8:6b2992f0eb06
- Child:
- 12:acef6f596835
Added C++ & C Extern C sectors to hedaer files.
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Mika Karjalainen |
4:c449bead5cf3 | 1 | /* |
| Mika Karjalainen |
4:c449bead5cf3 | 2 | * socket_security.h |
| Mika Karjalainen |
4:c449bead5cf3 | 3 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 4 | * Created on: 23.1.2012 |
| Mika Karjalainen |
4:c449bead5cf3 | 5 | * Author: user |
| Mika Karjalainen |
4:c449bead5cf3 | 6 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 7 | |
| Mika Karjalainen |
4:c449bead5cf3 | 8 | #ifndef SOCKET_SECURITY_H_ |
| Mika Karjalainen |
4:c449bead5cf3 | 9 | #define SOCKET_SECURITY_H_ |
| jusu_81 | 11:1b7aaf37a131 | 10 | #ifdef __cplusplus |
| jusu_81 | 11:1b7aaf37a131 | 11 | extern "C" { |
| jusu_81 | 11:1b7aaf37a131 | 12 | #endif |
| Mika Karjalainen |
4:c449bead5cf3 | 13 | /** |
| Mika Karjalainen |
4:c449bead5cf3 | 14 | * \file socket_security.h |
| Mika Karjalainen |
4:c449bead5cf3 | 15 | * \brief Library Socket Security API. |
| Mika Karjalainen |
4:c449bead5cf3 | 16 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 17 | * Nanostack Support TLS 1.2 for TCP security and PANA/EAP/TLS1.2 over UDP. |
| Mika Karjalainen |
4:c449bead5cf3 | 18 | * Both of Sockets support next TLS1.2 Authentication ciphers: |
| Mika Karjalainen |
4:c449bead5cf3 | 19 | * - SEC_SOCKET_CIPHERSUITE_PSK, TLS-PSK Cipher Suite is TLS_PSK_WITH_AES_128_CCM_8 as defined in [RFC 6655]. |
| Mika Karjalainen |
4:c449bead5cf3 | 20 | * - SEC_SOCKET_CIPHERSUITE_ECC, TLS-ECC Cipher Suite is TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 |
| Mika Karjalainen |
4:c449bead5cf3 | 21 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 22 | * Socket Security Chiper select API: |
| Mika Karjalainen |
4:c449bead5cf3 | 23 | * - sec_socket_set_chipher_suite_list(), SET socket TLS chipher Suite support |
| Mika Karjalainen |
4:c449bead5cf3 | 24 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 25 | * Certification Chain Load to TLS: |
| Mika Karjalainen |
4:c449bead5cf3 | 26 | * - sec_certificate_list_update(), SET Certificate chain for specific Application |
| Mika Karjalainen |
4:c449bead5cf3 | 27 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 28 | * @code |
| Mika Karjalainen |
4:c449bead5cf3 | 29 | certificate_chain_entry_t certificate_chain_entry; |
| Mika Karjalainen |
4:c449bead5cf3 | 30 | //Chain Root 1 |
| Mika Karjalainen |
4:c449bead5cf3 | 31 | //Chain Root-MCA 2 |
| Mika Karjalainen |
4:c449bead5cf3 | 32 | //Chain Root-MCA-MICA 3 |
| Mika Karjalainen |
4:c449bead5cf3 | 33 | //Chain Root-MCA-MiCA-DEV 4 |
| Mika Karjalainen |
4:c449bead5cf3 | 34 | //Generate CertiChain for length 4 |
| Mika Karjalainen |
4:c449bead5cf3 | 35 | certificate_chain_entry.certificate_owner = SEC_CERTIFICATE_ZIP; |
| Mika Karjalainen |
4:c449bead5cf3 | 36 | certificate_chain_entry.chain_length = 4; |
| Mika Karjalainen |
4:c449bead5cf3 | 37 | // Set Root |
| Mika Karjalainen |
4:c449bead5cf3 | 38 | certificate_chain_entry.certi_chain[0] = root_certificate; |
| Mika Karjalainen |
4:c449bead5cf3 | 39 | certificate_chain_entry.certi_len[0] = sizeof(root_certificate); |
| Mika Karjalainen |
4:c449bead5cf3 | 40 | certificate_chain_entry.key_chain[0] = rootpk; |
| Mika Karjalainen |
4:c449bead5cf3 | 41 | |
| Mika Karjalainen |
4:c449bead5cf3 | 42 | // Set MICA |
| Mika Karjalainen |
4:c449bead5cf3 | 43 | certificate_chain_entry.certi_chain[1] = mca_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 44 | certificate_chain_entry.certi_len[1] = sizeof(mca_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 45 | certificate_chain_entry.key_chain[1] = mca_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 46 | // Set MCA |
| Mika Karjalainen |
4:c449bead5cf3 | 47 | certificate_chain_entry.certi_chain[2] = mica_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 48 | certificate_chain_entry.certi_len[2] = sizeof(mica_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 49 | certificate_chain_entry.key_chain[2] = mica_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 50 | // SET DEV |
| Mika Karjalainen |
4:c449bead5cf3 | 51 | certificate_chain_entry.certi_chain[3] = dev_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 52 | certificate_chain_entry.certi_len[3] = sizeof(dev_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 53 | certificate_chain_entry.key_chain[3] = dev_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 54 | sec_certificate_list_update(&certificate_chain_entry); |
| Mika Karjalainen |
4:c449bead5cf3 | 55 | * @endcode |
| Mika Karjalainen |
4:c449bead5cf3 | 56 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 57 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 58 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 59 | |
| Mika Karjalainen |
4:c449bead5cf3 | 60 | |
| jusu_81 | 8:6b2992f0eb06 | 61 | //#include "ns_platform.h" |
| Mika Karjalainen |
4:c449bead5cf3 | 62 | /** TLS-PSK Cipher Suite */ |
| Mika Karjalainen |
4:c449bead5cf3 | 63 | #define SEC_SOCKET_CIPHERSUITE_PSK 1 |
| Mika Karjalainen |
4:c449bead5cf3 | 64 | /** TLS-ECC Cipher Suite */ |
| Mika Karjalainen |
4:c449bead5cf3 | 65 | #define SEC_SOCKET_CIPHERSUITE_ECC 2 |
| Mika Karjalainen |
4:c449bead5cf3 | 66 | |
| Mika Karjalainen |
4:c449bead5cf3 | 67 | |
| Mika Karjalainen |
4:c449bead5cf3 | 68 | /** |
| Mika Karjalainen |
4:c449bead5cf3 | 69 | * \brief SET socket TLS chipher Suite support |
| Mika Karjalainen |
4:c449bead5cf3 | 70 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 71 | * This function set socket TLS chiphersuite list. Library support PSK & ECC. Default is PSK |
| Mika Karjalainen |
4:c449bead5cf3 | 72 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 73 | * \param socket socket id |
| Mika Karjalainen |
4:c449bead5cf3 | 74 | * \param security_suites Chipher suite list (SEC_SOCKET_CIPHERSUITE_PSK , SEC_SOCKET_CIPHERSUITE_ECC) |
| Mika Karjalainen |
4:c449bead5cf3 | 75 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 76 | * \return 0 done |
| Mika Karjalainen |
4:c449bead5cf3 | 77 | * \return -1 invalid socket id |
| Mika Karjalainen |
4:c449bead5cf3 | 78 | * \return -2 Invalid Security Suite |
| Mika Karjalainen |
4:c449bead5cf3 | 79 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 80 | extern int8_t sec_socket_set_chipher_suite_list(uint8_t socket_id, uint8_t security_suites); |
| jusu_81 | 11:1b7aaf37a131 | 81 | #ifdef __cplusplus |
| jusu_81 | 11:1b7aaf37a131 | 82 | } |
| jusu_81 | 11:1b7aaf37a131 | 83 | #endif |
| Mika Karjalainen |
4:c449bead5cf3 | 84 | #endif /* SOCKET_SECURITY_H_ */ |