This package includes the SharkSSL lite library and header files.
Dependents: WebSocket-Client-Example SharkMQ-LED-Demo
SharkSSL-Lite
Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.
Features
- SSL|TLS v1.2
- Size: 21kB
- Encryption: Elliptic Curve Cryptography (ECC) | ChaCha20/Poly1305
- SharkSSL Online Documentation
- SMQ (Simple Message Queues) Client and SMQ Documentation
- Secure WebSocket Client
- Secure MQTT Client
Examples
- SharkMQ LED Demo: Secure control of LEDs on your mbed board using a browser.
- WebSocket Client: Connect to ELIZA the Psychotherapist
Limitations
SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.
ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.
SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.
Creating ECC Certificates for SharkSSL-Lite
The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.
inc/ledctrl.h@1:d5e0e1dcf0d6, 2016-05-23 (annotated)
- Committer:
- wini
- Date:
- Mon May 23 13:56:30 2016 +0000
- Revision:
- 1:d5e0e1dcf0d6
- Parent:
- 0:e0adec41ad6b
Type conflict fix (U8-U32) for latest mbed release.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
wini | 0:e0adec41ad6b | 1 | /* |
wini | 0:e0adec41ad6b | 2 | * ____ _________ __ _ |
wini | 0:e0adec41ad6b | 3 | * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____ |
wini | 0:e0adec41ad6b | 4 | * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/ |
wini | 0:e0adec41ad6b | 5 | * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__ |
wini | 0:e0adec41ad6b | 6 | * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/ |
wini | 0:e0adec41ad6b | 7 | * /____/ |
wini | 0:e0adec41ad6b | 8 | * |
wini | 0:e0adec41ad6b | 9 | * SharkSSL Embedded SSL/TLS Stack |
wini | 0:e0adec41ad6b | 10 | **************************************************************************** |
wini | 0:e0adec41ad6b | 11 | * PROGRAM MODULE |
wini | 0:e0adec41ad6b | 12 | * |
wini | 0:e0adec41ad6b | 13 | * $Id: selib.h 3407 2014-06-24 22:44:50Z wini $ |
wini | 0:e0adec41ad6b | 14 | * |
wini | 0:e0adec41ad6b | 15 | * COPYRIGHT: Real Time Logic LLC, 2013 - 2015 |
wini | 0:e0adec41ad6b | 16 | * |
wini | 0:e0adec41ad6b | 17 | * This software is copyrighted by and is the sole property of Real |
wini | 0:e0adec41ad6b | 18 | * Time Logic LLC. All rights, title, ownership, or other interests in |
wini | 0:e0adec41ad6b | 19 | * the software remain the property of Real Time Logic LLC. This |
wini | 0:e0adec41ad6b | 20 | * software may only be used in accordance with the terms and |
wini | 0:e0adec41ad6b | 21 | * conditions stipulated in the corresponding license agreement under |
wini | 0:e0adec41ad6b | 22 | * which the software has been supplied. Any unauthorized use, |
wini | 0:e0adec41ad6b | 23 | * duplication, transmission, distribution, or disclosure of this |
wini | 0:e0adec41ad6b | 24 | * software is expressly forbidden. |
wini | 0:e0adec41ad6b | 25 | * |
wini | 0:e0adec41ad6b | 26 | * This Copyright notice may not be removed or modified without prior |
wini | 0:e0adec41ad6b | 27 | * written consent of Real Time Logic LLC. |
wini | 0:e0adec41ad6b | 28 | * |
wini | 0:e0adec41ad6b | 29 | * Real Time Logic LLC. reserves the right to modify this software |
wini | 0:e0adec41ad6b | 30 | * without notice. |
wini | 0:e0adec41ad6b | 31 | * |
wini | 0:e0adec41ad6b | 32 | * http://realtimelogic.com |
wini | 0:e0adec41ad6b | 33 | * http://sharkssl.com |
wini | 0:e0adec41ad6b | 34 | **************************************************************************** |
wini | 0:e0adec41ad6b | 35 | * |
wini | 0:e0adec41ad6b | 36 | */ |
wini | 0:e0adec41ad6b | 37 | |
wini | 0:e0adec41ad6b | 38 | #ifndef _ledctrl_h |
wini | 0:e0adec41ad6b | 39 | #define _ledctrl_h |
wini | 0:e0adec41ad6b | 40 | |
wini | 0:e0adec41ad6b | 41 | #include "selib.h" |
wini | 0:e0adec41ad6b | 42 | |
wini | 0:e0adec41ad6b | 43 | /* Do not change the number sequence. Must match peer code. */ |
wini | 0:e0adec41ad6b | 44 | typedef enum |
wini | 0:e0adec41ad6b | 45 | { |
wini | 0:e0adec41ad6b | 46 | LedColor_red=0, |
wini | 0:e0adec41ad6b | 47 | LedColor_yellow=1, |
wini | 0:e0adec41ad6b | 48 | LedColor_green=2, |
wini | 0:e0adec41ad6b | 49 | LedColor_blue=3 |
wini | 0:e0adec41ad6b | 50 | } LedColor; |
wini | 0:e0adec41ad6b | 51 | |
wini | 0:e0adec41ad6b | 52 | |
wini | 0:e0adec41ad6b | 53 | /* Each LED is registered with the following information */ |
wini | 0:e0adec41ad6b | 54 | typedef struct { |
wini | 0:e0adec41ad6b | 55 | const char* name; /* LED name shown in the browser */ |
wini | 0:e0adec41ad6b | 56 | LedColor color; /* The color of this particular LED */ |
wini | 0:e0adec41ad6b | 57 | int id; /* A unique ID for the LED. ID range can be 0 to 15. */ |
wini | 0:e0adec41ad6b | 58 | } LedInfo; |
wini | 0:e0adec41ad6b | 59 | |
wini | 0:e0adec41ad6b | 60 | |
wini | 0:e0adec41ad6b | 61 | typedef enum { |
wini | 0:e0adec41ad6b | 62 | ProgramStatus_Starting, |
wini | 0:e0adec41ad6b | 63 | ProgramStatus_Restarting, |
wini | 0:e0adec41ad6b | 64 | ProgramStatus_Connecting, |
wini | 0:e0adec41ad6b | 65 | ProgramStatus_SslHandshake, |
wini | 0:e0adec41ad6b | 66 | ProgramStatus_DeviceReady, |
wini | 0:e0adec41ad6b | 67 | ProgramStatus_CloseCommandReceived, |
wini | 0:e0adec41ad6b | 68 | |
wini | 0:e0adec41ad6b | 69 | ProgramStatus_SocketError, |
wini | 0:e0adec41ad6b | 70 | ProgramStatus_DnsError, |
wini | 0:e0adec41ad6b | 71 | ProgramStatus_ConnectionError, |
wini | 0:e0adec41ad6b | 72 | ProgramStatus_CertificateNotTrustedError, |
wini | 0:e0adec41ad6b | 73 | ProgramStatus_SslHandshakeError, |
wini | 0:e0adec41ad6b | 74 | ProgramStatus_WebServiceNotAvailError, |
wini | 0:e0adec41ad6b | 75 | ProgramStatus_PongResponseError, |
wini | 0:e0adec41ad6b | 76 | ProgramStatus_InvalidCommandError, |
wini | 0:e0adec41ad6b | 77 | ProgramStatus_MemoryError |
wini | 0:e0adec41ad6b | 78 | } ProgramStatus; |
wini | 0:e0adec41ad6b | 79 | |
wini | 0:e0adec41ad6b | 80 | |
wini | 0:e0adec41ad6b | 81 | #ifdef __cplusplus |
wini | 0:e0adec41ad6b | 82 | extern "C" { |
wini | 0:e0adec41ad6b | 83 | #endif |
wini | 0:e0adec41ad6b | 84 | |
wini | 0:e0adec41ad6b | 85 | /* |
wini | 0:e0adec41ad6b | 86 | Return an array of LedInfo (struct). Each element in the array |
wini | 0:e0adec41ad6b | 87 | provides information for one LED. The 'len' argument must be set by |
wini | 0:e0adec41ad6b | 88 | function getLedInfo. The out argument 'en' specifies the length of |
wini | 0:e0adec41ad6b | 89 | the returned array, that is, number of LEDs in the device. Each LED |
wini | 0:e0adec41ad6b | 90 | has a name, color, and ID. The ID, which provides information about |
wini | 0:e0adec41ad6b | 91 | which LED to turn on/off, is used by control messages sent between |
wini | 0:e0adec41ad6b | 92 | device code and UI clients. The IDs for a four LED device can for |
wini | 0:e0adec41ad6b | 93 | example be 1,2,3,4. |
wini | 0:e0adec41ad6b | 94 | */ |
wini | 0:e0adec41ad6b | 95 | const LedInfo* getLedInfo(int* len); |
wini | 0:e0adec41ad6b | 96 | |
wini | 0:e0adec41ad6b | 97 | |
wini | 0:e0adec41ad6b | 98 | /* Returns the name of this device. The name is presented by UI |
wini | 0:e0adec41ad6b | 99 | clients such as browsers. |
wini | 0:e0adec41ad6b | 100 | */ |
wini | 0:e0adec41ad6b | 101 | const char* getDevName(void); |
wini | 0:e0adec41ad6b | 102 | |
wini | 0:e0adec41ad6b | 103 | |
wini | 0:e0adec41ad6b | 104 | /* Command sent by UI client to turn LED with ID on or off. This |
wini | 0:e0adec41ad6b | 105 | function must set the LED to on if 'on' is TRUE and off if 'on' is FALSE. |
wini | 0:e0adec41ad6b | 106 | */ |
wini | 0:e0adec41ad6b | 107 | int setLed(int ledId, int on); |
wini | 0:e0adec41ad6b | 108 | |
wini | 0:e0adec41ad6b | 109 | /* |
wini | 0:e0adec41ad6b | 110 | An optional function that enables LEDs to be set directly by the |
wini | 0:e0adec41ad6b | 111 | device. This function is typically used by devices that include one |
wini | 0:e0adec41ad6b | 112 | or more buttons. A button click may for example turn on a specific |
wini | 0:e0adec41ad6b | 113 | LED. The function is called at intervals (polled) by the LED device |
wini | 0:e0adec41ad6b | 114 | code. The function may for example detect a button click and return |
wini | 0:e0adec41ad6b | 115 | the information to the caller. Arguments 'ledId' and 'on' are out |
wini | 0:e0adec41ad6b | 116 | arguments, where 'ledId' is set to the LED ID and 'on' is set to |
wini | 0:e0adec41ad6b | 117 | TRUE for on and FALSE for off. The function must return TRUE (a non |
wini | 0:e0adec41ad6b | 118 | zero value) if the LED is to be set on/off and zero on no |
wini | 0:e0adec41ad6b | 119 | change. Create an empty function returning zero if you do not plan |
wini | 0:e0adec41ad6b | 120 | on implementing this feature. |
wini | 0:e0adec41ad6b | 121 | */ |
wini | 0:e0adec41ad6b | 122 | int setLedFromDevice(int* ledId, int* on); |
wini | 0:e0adec41ad6b | 123 | |
wini | 0:e0adec41ad6b | 124 | /* Returns the LED on/off state for led with ID 'ledId'. |
wini | 0:e0adec41ad6b | 125 | */ |
wini | 0:e0adec41ad6b | 126 | int getLedState(int ledId); |
wini | 0:e0adec41ad6b | 127 | |
wini | 0:e0adec41ad6b | 128 | /* |
wini | 0:e0adec41ad6b | 129 | The purpose with program status is to provide visible program |
wini | 0:e0adec41ad6b | 130 | connection state information during startup. The function is typically |
wini | 0:e0adec41ad6b | 131 | used to signal information via the LEDs. Simply create an empty |
wini | 0:e0adec41ad6b | 132 | function if you do not want to set program status. |
wini | 0:e0adec41ad6b | 133 | */ |
wini | 0:e0adec41ad6b | 134 | void setProgramStatus(ProgramStatus s); |
wini | 0:e0adec41ad6b | 135 | |
wini | 0:e0adec41ad6b | 136 | /* Required by SMQ examples. |
wini | 0:e0adec41ad6b | 137 | The unique ID is used when calling the SMQ constructor. The |
wini | 0:e0adec41ad6b | 138 | unique ID is typically set to the MAC address. See the SMQ |
wini | 0:e0adec41ad6b | 139 | documentation for details: |
wini | 0:e0adec41ad6b | 140 | https://realtimelogic.com/ba/doc/en/C/shark/structSharkMQ.html |
wini | 0:e0adec41ad6b | 141 | */ |
wini | 0:e0adec41ad6b | 142 | int getUniqueId(const char** id); |
wini | 0:e0adec41ad6b | 143 | |
wini | 0:e0adec41ad6b | 144 | /* Optional function that can be implemented and used by the SMQ |
wini | 0:e0adec41ad6b | 145 | examples if the device includes a temperature sensor. The returned |
wini | 0:e0adec41ad6b | 146 | value must be in Celsius times 10 i.e. the temperature 20 Celsius |
wini | 0:e0adec41ad6b | 147 | must be returned as the value 200. You must also compile the code |
wini | 0:e0adec41ad6b | 148 | with the macro ENABLE_TEMP defined to enable the temperature |
wini | 0:e0adec41ad6b | 149 | logic. The simulated (host) version includes a simulated |
wini | 0:e0adec41ad6b | 150 | temperature and the temperature can be changed by using the up and |
wini | 0:e0adec41ad6b | 151 | down keyboard arrows. The temperature is displayed in the browser UI. |
wini | 0:e0adec41ad6b | 152 | */ |
wini | 0:e0adec41ad6b | 153 | int getTemp(void); |
wini | 0:e0adec41ad6b | 154 | |
wini | 0:e0adec41ad6b | 155 | |
wini | 0:e0adec41ad6b | 156 | #ifdef __cplusplus |
wini | 0:e0adec41ad6b | 157 | } |
wini | 0:e0adec41ad6b | 158 | #endif |
wini | 0:e0adec41ad6b | 159 | |
wini | 0:e0adec41ad6b | 160 | #endif |