Sergio Scaglia
/
Nanostack_lib
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: mbedEndpointNetwork mbedEndpointNetworkMJK
Fork of
Nanostack_lib
by 
Sensinode
inc/socket/socket_security.h@8:6b2992f0eb06, 2014-06-25 (annotated)
- Committer:
- jusu_81
- Date:
- Wed Jun 25 14:27:45 2014 +0000
- Revision:
- 8:6b2992f0eb06
- Parent:
- 4:c449bead5cf3
- Child:
- 11:1b7aaf37a131
Created Nanostack Port for timer & Random
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| Mika Karjalainen |
4:c449bead5cf3 | 1 | /* |
| Mika Karjalainen |
4:c449bead5cf3 | 2 | * socket_security.h |
| Mika Karjalainen |
4:c449bead5cf3 | 3 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 4 | * Created on: 23.1.2012 |
| Mika Karjalainen |
4:c449bead5cf3 | 5 | * Author: user |
| Mika Karjalainen |
4:c449bead5cf3 | 6 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 7 | |
| Mika Karjalainen |
4:c449bead5cf3 | 8 | #ifndef SOCKET_SECURITY_H_ |
| Mika Karjalainen |
4:c449bead5cf3 | 9 | #define SOCKET_SECURITY_H_ |
| Mika Karjalainen |
4:c449bead5cf3 | 10 | /** |
| Mika Karjalainen |
4:c449bead5cf3 | 11 | * \file socket_security.h |
| Mika Karjalainen |
4:c449bead5cf3 | 12 | * \brief Library Socket Security API. |
| Mika Karjalainen |
4:c449bead5cf3 | 13 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 14 | * Nanostack Support TLS 1.2 for TCP security and PANA/EAP/TLS1.2 over UDP. |
| Mika Karjalainen |
4:c449bead5cf3 | 15 | * Both of Sockets support next TLS1.2 Authentication ciphers: |
| Mika Karjalainen |
4:c449bead5cf3 | 16 | * - SEC_SOCKET_CIPHERSUITE_PSK, TLS-PSK Cipher Suite is TLS_PSK_WITH_AES_128_CCM_8 as defined in [RFC 6655]. |
| Mika Karjalainen |
4:c449bead5cf3 | 17 | * - SEC_SOCKET_CIPHERSUITE_ECC, TLS-ECC Cipher Suite is TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 |
| Mika Karjalainen |
4:c449bead5cf3 | 18 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 19 | * Socket Security Chiper select API: |
| Mika Karjalainen |
4:c449bead5cf3 | 20 | * - sec_socket_set_chipher_suite_list(), SET socket TLS chipher Suite support |
| Mika Karjalainen |
4:c449bead5cf3 | 21 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 22 | * Certification Chain Load to TLS: |
| Mika Karjalainen |
4:c449bead5cf3 | 23 | * - sec_certificate_list_update(), SET Certificate chain for specific Application |
| Mika Karjalainen |
4:c449bead5cf3 | 24 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 25 | * @code |
| Mika Karjalainen |
4:c449bead5cf3 | 26 | certificate_chain_entry_t certificate_chain_entry; |
| Mika Karjalainen |
4:c449bead5cf3 | 27 | //Chain Root 1 |
| Mika Karjalainen |
4:c449bead5cf3 | 28 | //Chain Root-MCA 2 |
| Mika Karjalainen |
4:c449bead5cf3 | 29 | //Chain Root-MCA-MICA 3 |
| Mika Karjalainen |
4:c449bead5cf3 | 30 | //Chain Root-MCA-MiCA-DEV 4 |
| Mika Karjalainen |
4:c449bead5cf3 | 31 | //Generate CertiChain for length 4 |
| Mika Karjalainen |
4:c449bead5cf3 | 32 | certificate_chain_entry.certificate_owner = SEC_CERTIFICATE_ZIP; |
| Mika Karjalainen |
4:c449bead5cf3 | 33 | certificate_chain_entry.chain_length = 4; |
| Mika Karjalainen |
4:c449bead5cf3 | 34 | // Set Root |
| Mika Karjalainen |
4:c449bead5cf3 | 35 | certificate_chain_entry.certi_chain[0] = root_certificate; |
| Mika Karjalainen |
4:c449bead5cf3 | 36 | certificate_chain_entry.certi_len[0] = sizeof(root_certificate); |
| Mika Karjalainen |
4:c449bead5cf3 | 37 | certificate_chain_entry.key_chain[0] = rootpk; |
| Mika Karjalainen |
4:c449bead5cf3 | 38 | |
| Mika Karjalainen |
4:c449bead5cf3 | 39 | // Set MICA |
| Mika Karjalainen |
4:c449bead5cf3 | 40 | certificate_chain_entry.certi_chain[1] = mca_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 41 | certificate_chain_entry.certi_len[1] = sizeof(mca_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 42 | certificate_chain_entry.key_chain[1] = mca_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 43 | // Set MCA |
| Mika Karjalainen |
4:c449bead5cf3 | 44 | certificate_chain_entry.certi_chain[2] = mica_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 45 | certificate_chain_entry.certi_len[2] = sizeof(mica_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 46 | certificate_chain_entry.key_chain[2] = mica_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 47 | // SET DEV |
| Mika Karjalainen |
4:c449bead5cf3 | 48 | certificate_chain_entry.certi_chain[3] = dev_certi; |
| Mika Karjalainen |
4:c449bead5cf3 | 49 | certificate_chain_entry.certi_len[3] = sizeof(dev_certi); |
| Mika Karjalainen |
4:c449bead5cf3 | 50 | certificate_chain_entry.key_chain[3] = dev_pv; |
| Mika Karjalainen |
4:c449bead5cf3 | 51 | sec_certificate_list_update(&certificate_chain_entry); |
| Mika Karjalainen |
4:c449bead5cf3 | 52 | * @endcode |
| Mika Karjalainen |
4:c449bead5cf3 | 53 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 54 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 55 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 56 | |
| Mika Karjalainen |
4:c449bead5cf3 | 57 | |
| jusu_81 | 8:6b2992f0eb06 | 58 | //#include "ns_platform.h" |
| Mika Karjalainen |
4:c449bead5cf3 | 59 | /** TLS-PSK Cipher Suite */ |
| Mika Karjalainen |
4:c449bead5cf3 | 60 | #define SEC_SOCKET_CIPHERSUITE_PSK 1 |
| Mika Karjalainen |
4:c449bead5cf3 | 61 | /** TLS-ECC Cipher Suite */ |
| Mika Karjalainen |
4:c449bead5cf3 | 62 | #define SEC_SOCKET_CIPHERSUITE_ECC 2 |
| Mika Karjalainen |
4:c449bead5cf3 | 63 | |
| Mika Karjalainen |
4:c449bead5cf3 | 64 | |
| Mika Karjalainen |
4:c449bead5cf3 | 65 | /** |
| Mika Karjalainen |
4:c449bead5cf3 | 66 | * \brief SET socket TLS chipher Suite support |
| Mika Karjalainen |
4:c449bead5cf3 | 67 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 68 | * This function set socket TLS chiphersuite list. Library support PSK & ECC. Default is PSK |
| Mika Karjalainen |
4:c449bead5cf3 | 69 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 70 | * \param socket socket id |
| Mika Karjalainen |
4:c449bead5cf3 | 71 | * \param security_suites Chipher suite list (SEC_SOCKET_CIPHERSUITE_PSK , SEC_SOCKET_CIPHERSUITE_ECC) |
| Mika Karjalainen |
4:c449bead5cf3 | 72 | * |
| Mika Karjalainen |
4:c449bead5cf3 | 73 | * \return 0 done |
| Mika Karjalainen |
4:c449bead5cf3 | 74 | * \return -1 invalid socket id |
| Mika Karjalainen |
4:c449bead5cf3 | 75 | * \return -2 Invalid Security Suite |
| Mika Karjalainen |
4:c449bead5cf3 | 76 | */ |
| Mika Karjalainen |
4:c449bead5cf3 | 77 | extern int8_t sec_socket_set_chipher_suite_list(uint8_t socket_id, uint8_t security_suites); |
| Mika Karjalainen |
4:c449bead5cf3 | 78 | |
| Mika Karjalainen |
4:c449bead5cf3 | 79 | #endif /* SOCKET_SECURITY_H_ */ |