Real Time Logic LLC / SharkSSL-Lite

This package includes the SharkSSL lite library and header files.

Dependents:   WebSocket-Client-Example SharkMQ-LED-Demo

SharkSSL-Lite

Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.

Features

Examples

Limitations

SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.

ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.

SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.

Creating ECC Certificates for SharkSSL-Lite

The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.

inc/ledctrl.h@1:d5e0e1dcf0d6, 2016-05-23 (annotated)

Committer:
wini
Date:
Mon May 23 13:56:30 2016 +0000
Revision:
1:d5e0e1dcf0d6
Parent:
0:e0adec41ad6b 
Type conflict fix (U8-U32) for latest mbed release.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wini 0:e0adec41ad6b 1 /*
wini 0:e0adec41ad6b 2 * ____ _________ __ _
wini 0:e0adec41ad6b 3 * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
wini 0:e0adec41ad6b 4 * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
wini 0:e0adec41ad6b 5 * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
wini 0:e0adec41ad6b 6 * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
wini 0:e0adec41ad6b 7 * /____/
wini 0:e0adec41ad6b 8 *
wini 0:e0adec41ad6b 9 * SharkSSL Embedded SSL/TLS Stack
wini 0:e0adec41ad6b 10 ****************************************************************************
wini 0:e0adec41ad6b 11 * PROGRAM MODULE
wini 0:e0adec41ad6b 12 *
wini 0:e0adec41ad6b 13 * $Id: selib.h 3407 2014-06-24 22:44:50Z wini $
wini 0:e0adec41ad6b 14 *
wini 0:e0adec41ad6b 15 * COPYRIGHT: Real Time Logic LLC, 2013 - 2015
wini 0:e0adec41ad6b 16 *
wini 0:e0adec41ad6b 17 * This software is copyrighted by and is the sole property of Real
wini 0:e0adec41ad6b 18 * Time Logic LLC. All rights, title, ownership, or other interests in
wini 0:e0adec41ad6b 19 * the software remain the property of Real Time Logic LLC. This
wini 0:e0adec41ad6b 20 * software may only be used in accordance with the terms and
wini 0:e0adec41ad6b 21 * conditions stipulated in the corresponding license agreement under
wini 0:e0adec41ad6b 22 * which the software has been supplied. Any unauthorized use,
wini 0:e0adec41ad6b 23 * duplication, transmission, distribution, or disclosure of this
wini 0:e0adec41ad6b 24 * software is expressly forbidden.
wini 0:e0adec41ad6b 25 *
wini 0:e0adec41ad6b 26 * This Copyright notice may not be removed or modified without prior
wini 0:e0adec41ad6b 27 * written consent of Real Time Logic LLC.
wini 0:e0adec41ad6b 28 *
wini 0:e0adec41ad6b 29 * Real Time Logic LLC. reserves the right to modify this software
wini 0:e0adec41ad6b 30 * without notice.
wini 0:e0adec41ad6b 31 *
wini 0:e0adec41ad6b 32 * http://realtimelogic.com
wini 0:e0adec41ad6b 33 * http://sharkssl.com
wini 0:e0adec41ad6b 34 ****************************************************************************
wini 0:e0adec41ad6b 35 *
wini 0:e0adec41ad6b 36 */
wini 0:e0adec41ad6b 37
wini 0:e0adec41ad6b 38 #ifndef _ledctrl_h
wini 0:e0adec41ad6b 39 #define _ledctrl_h
wini 0:e0adec41ad6b 40
wini 0:e0adec41ad6b 41 #include "selib.h"
wini 0:e0adec41ad6b 42
wini 0:e0adec41ad6b 43 /* Do not change the number sequence. Must match peer code. */
wini 0:e0adec41ad6b 44 typedef enum
wini 0:e0adec41ad6b 45 {
wini 0:e0adec41ad6b 46 LedColor_red=0,
wini 0:e0adec41ad6b 47 LedColor_yellow=1,
wini 0:e0adec41ad6b 48 LedColor_green=2,
wini 0:e0adec41ad6b 49 LedColor_blue=3
wini 0:e0adec41ad6b 50 } LedColor;
wini 0:e0adec41ad6b 51
wini 0:e0adec41ad6b 52
wini 0:e0adec41ad6b 53 /* Each LED is registered with the following information */
wini 0:e0adec41ad6b 54 typedef struct {
wini 0:e0adec41ad6b 55 const char* name; /* LED name shown in the browser */
wini 0:e0adec41ad6b 56 LedColor color; /* The color of this particular LED */
wini 0:e0adec41ad6b 57 int id; /* A unique ID for the LED. ID range can be 0 to 15. */
wini 0:e0adec41ad6b 58 } LedInfo;
wini 0:e0adec41ad6b 59
wini 0:e0adec41ad6b 60
wini 0:e0adec41ad6b 61 typedef enum {
wini 0:e0adec41ad6b 62 ProgramStatus_Starting,
wini 0:e0adec41ad6b 63 ProgramStatus_Restarting,
wini 0:e0adec41ad6b 64 ProgramStatus_Connecting,
wini 0:e0adec41ad6b 65 ProgramStatus_SslHandshake,
wini 0:e0adec41ad6b 66 ProgramStatus_DeviceReady,
wini 0:e0adec41ad6b 67 ProgramStatus_CloseCommandReceived,
wini 0:e0adec41ad6b 68
wini 0:e0adec41ad6b 69 ProgramStatus_SocketError,
wini 0:e0adec41ad6b 70 ProgramStatus_DnsError,
wini 0:e0adec41ad6b 71 ProgramStatus_ConnectionError,
wini 0:e0adec41ad6b 72 ProgramStatus_CertificateNotTrustedError,
wini 0:e0adec41ad6b 73 ProgramStatus_SslHandshakeError,
wini 0:e0adec41ad6b 74 ProgramStatus_WebServiceNotAvailError,
wini 0:e0adec41ad6b 75 ProgramStatus_PongResponseError,
wini 0:e0adec41ad6b 76 ProgramStatus_InvalidCommandError,
wini 0:e0adec41ad6b 77 ProgramStatus_MemoryError
wini 0:e0adec41ad6b 78 } ProgramStatus;
wini 0:e0adec41ad6b 79
wini 0:e0adec41ad6b 80
wini 0:e0adec41ad6b 81 #ifdef __cplusplus
wini 0:e0adec41ad6b 82 extern "C" {
wini 0:e0adec41ad6b 83 #endif
wini 0:e0adec41ad6b 84
wini 0:e0adec41ad6b 85 /*
wini 0:e0adec41ad6b 86 Return an array of LedInfo (struct). Each element in the array
wini 0:e0adec41ad6b 87 provides information for one LED. The 'len' argument must be set by
wini 0:e0adec41ad6b 88 function getLedInfo. The out argument 'en' specifies the length of
wini 0:e0adec41ad6b 89 the returned array, that is, number of LEDs in the device. Each LED
wini 0:e0adec41ad6b 90 has a name, color, and ID. The ID, which provides information about
wini 0:e0adec41ad6b 91 which LED to turn on/off, is used by control messages sent between
wini 0:e0adec41ad6b 92 device code and UI clients. The IDs for a four LED device can for
wini 0:e0adec41ad6b 93 example be 1,2,3,4.
wini 0:e0adec41ad6b 94 */
wini 0:e0adec41ad6b 95 const LedInfo* getLedInfo(int* len);
wini 0:e0adec41ad6b 96
wini 0:e0adec41ad6b 97
wini 0:e0adec41ad6b 98 /* Returns the name of this device. The name is presented by UI
wini 0:e0adec41ad6b 99 clients such as browsers.
wini 0:e0adec41ad6b 100 */
wini 0:e0adec41ad6b 101 const char* getDevName(void);
wini 0:e0adec41ad6b 102
wini 0:e0adec41ad6b 103
wini 0:e0adec41ad6b 104 /* Command sent by UI client to turn LED with ID on or off. This
wini 0:e0adec41ad6b 105 function must set the LED to on if 'on' is TRUE and off if 'on' is FALSE.
wini 0:e0adec41ad6b 106 */
wini 0:e0adec41ad6b 107 int setLed(int ledId, int on);
wini 0:e0adec41ad6b 108
wini 0:e0adec41ad6b 109 /*
wini 0:e0adec41ad6b 110 An optional function that enables LEDs to be set directly by the
wini 0:e0adec41ad6b 111 device. This function is typically used by devices that include one
wini 0:e0adec41ad6b 112 or more buttons. A button click may for example turn on a specific
wini 0:e0adec41ad6b 113 LED. The function is called at intervals (polled) by the LED device
wini 0:e0adec41ad6b 114 code. The function may for example detect a button click and return
wini 0:e0adec41ad6b 115 the information to the caller. Arguments 'ledId' and 'on' are out
wini 0:e0adec41ad6b 116 arguments, where 'ledId' is set to the LED ID and 'on' is set to
wini 0:e0adec41ad6b 117 TRUE for on and FALSE for off. The function must return TRUE (a non
wini 0:e0adec41ad6b 118 zero value) if the LED is to be set on/off and zero on no
wini 0:e0adec41ad6b 119 change. Create an empty function returning zero if you do not plan
wini 0:e0adec41ad6b 120 on implementing this feature.
wini 0:e0adec41ad6b 121 */
wini 0:e0adec41ad6b 122 int setLedFromDevice(int* ledId, int* on);
wini 0:e0adec41ad6b 123
wini 0:e0adec41ad6b 124 /* Returns the LED on/off state for led with ID 'ledId'.
wini 0:e0adec41ad6b 125 */
wini 0:e0adec41ad6b 126 int getLedState(int ledId);
wini 0:e0adec41ad6b 127
wini 0:e0adec41ad6b 128 /*
wini 0:e0adec41ad6b 129 The purpose with program status is to provide visible program
wini 0:e0adec41ad6b 130 connection state information during startup. The function is typically
wini 0:e0adec41ad6b 131 used to signal information via the LEDs. Simply create an empty
wini 0:e0adec41ad6b 132 function if you do not want to set program status.
wini 0:e0adec41ad6b 133 */
wini 0:e0adec41ad6b 134 void setProgramStatus(ProgramStatus s);
wini 0:e0adec41ad6b 135
wini 0:e0adec41ad6b 136 /* Required by SMQ examples.
wini 0:e0adec41ad6b 137 The unique ID is used when calling the SMQ constructor. The
wini 0:e0adec41ad6b 138 unique ID is typically set to the MAC address. See the SMQ
wini 0:e0adec41ad6b 139 documentation for details:
wini 0:e0adec41ad6b 140 https://realtimelogic.com/ba/doc/en/C/shark/structSharkMQ.html
wini 0:e0adec41ad6b 141 */
wini 0:e0adec41ad6b 142 int getUniqueId(const char** id);
wini 0:e0adec41ad6b 143
wini 0:e0adec41ad6b 144 /* Optional function that can be implemented and used by the SMQ
wini 0:e0adec41ad6b 145 examples if the device includes a temperature sensor. The returned
wini 0:e0adec41ad6b 146 value must be in Celsius times 10 i.e. the temperature 20 Celsius
wini 0:e0adec41ad6b 147 must be returned as the value 200. You must also compile the code
wini 0:e0adec41ad6b 148 with the macro ENABLE_TEMP defined to enable the temperature
wini 0:e0adec41ad6b 149 logic. The simulated (host) version includes a simulated
wini 0:e0adec41ad6b 150 temperature and the temperature can be changed by using the up and
wini 0:e0adec41ad6b 151 down keyboard arrows. The temperature is displayed in the browser UI.
wini 0:e0adec41ad6b 152 */
wini 0:e0adec41ad6b 153 int getTemp(void);
wini 0:e0adec41ad6b 154
wini 0:e0adec41ad6b 155
wini 0:e0adec41ad6b 156 #ifdef __cplusplus
wini 0:e0adec41ad6b 157 }
wini 0:e0adec41ad6b 158 #endif
wini 0:e0adec41ad6b 159
wini 0:e0adec41ad6b 160 #endif