Real Time Logic LLC / SharkSSL-Lite

This package includes the SharkSSL lite library and header files.

Dependents:   WebSocket-Client-Example SharkMQ-LED-Demo

SharkSSL-Lite

Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.

Features

Examples

Limitations

SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.

ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.

SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.

Creating ECC Certificates for SharkSSL-Lite

The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.

Diff: inc/TargConfig.h

Revision:
0:e0adec41ad6b
Child:
1:d5e0e1dcf0d6
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/inc/TargConfig.h	Wed Apr 06 00:46:36 2016 +0000
@@ -0,0 +1,168 @@
+/**
+ *     ____             _________                __                _
+ *    / __ \___  ____ _/ /_  __(_)___ ___  ___  / /   ____  ____ _(_)____
+ *   / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ /   / __ \/ __ `/ / ___/
+ *  / _, _/  __/ /_/ / / / / / / / / / / /  __/ /___/ /_/ / /_/ / / /__
+ * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
+ *                                                       /____/
+ *
+ *                 SharkSSL Embedded SSL/TLS Stack
+ ****************************************************************************
+ *   PROGRAM MODULE
+ *
+ *   $Id$
+ *
+ *   COPYRIGHT:  Real Time Logic LLC, 2016
+ *
+ *   This software is copyrighted by and is the sole property of Real
+ *   Time Logic LLC.  All rights, title, ownership, or other interests in
+ *   the software remain the property of Real Time Logic LLC.  This
+ *   software may only be used in accordance with the terms and
+ *   conditions stipulated in the corresponding license agreement under
+ *   which the software has been supplied.  Any unauthorized use,
+ *   duplication, transmission, distribution, or disclosure of this
+ *   software is expressly forbidden.
+ *
+ *   This Copyright notice may not be removed or modified without prior
+ *   written consent of Real Time Logic LLC.
+ *
+ *   Real Time Logic LLC. reserves the right to modify this software
+ *   without notice.
+ *
+ *               http://www.realtimelogic.com
+ *               http://www.sharkssl.com
+ ****************************************************************************
+ *
+ */
+#ifndef _SharkSsl_TargConfig_h
+#define _SharkSsl_TargConfig_h
+
+#include <cmsis_os.h>
+#include <time.h>
+
+
+#ifndef NDEBUG
+#define baAssert(x)        ((x) ? 0 : sharkAssert(__FILE__, __LINE__))
+#else
+#define baAssert(x)
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+int sharkAssert(const char* file, int line);
+#ifdef __cplusplus
+}
+#endif
+
+#ifdef _SHARKSSL_C_
+const char* assert_file;
+int assert_line;
+int sharkAssert(const char* file, int line)
+{
+   assert_file = file;
+   assert_line = line;
+   for(;;);
+}
+#endif
+
+
+
+/* The following is not required by SharkSSL, but is used by some of
+   the examples.
+*/
+
+#ifndef TRUE
+#define TRUE  1
+#endif
+
+#ifndef FALSE
+#define FALSE 0
+#endif
+
+/**
+ *  baMalloc  should return 32-bit aligned addresses when succesful,
+ *                          (void*)0 when not succesful.
+ *  baRealloc should return 32-bit aligned addresses when succesful,
+ *                          (void*)0 when not succesful or NOT available.
+ */
+
+#ifdef UMM_MALLOC
+#include "../../../examples/malloc/umm_malloc.h"
+#define baMalloc(s)        umm_malloc(s)
+#define baRealloc(m, s)    umm_realloc(m, s)
+#define baFree(m)          umm_free(m)
+#else
+#include <stdlib.h>
+#define baMalloc(s)        malloc(s) /* should return 32-bit aligned address */
+#define baRealloc(m, s)    realloc(m, s)  /* as above */
+#define baFree(m)          free(m)
+#endif
+
+#ifndef __MBED__
+#ifndef INTEGRAL_TYPES
+#define INTEGRAL_TYPES
+#if (__STDC_VERSION__ >= 199901L) || defined( __GNUC__)
+#include <stdint.h>
+typedef uint8_t            U8;
+typedef int8_t             S8;
+typedef uint16_t           U16;
+typedef int16_t            S16;
+typedef uint32_t           U32;
+typedef int32_t            S32;
+typedef uint64_t           U64;
+typedef int64_t            S64;
+#else
+typedef unsigned char      U8;
+typedef signed   char      S8;
+typedef unsigned short     U16;
+typedef signed   short     S16;
+typedef unsigned int       U32;
+typedef signed   int       S32;
+typedef unsigned long long U64;
+typedef signed   long long S64;
+#endif
+#endif
+#endif
+typedef U8 BaBool;
+
+#ifdef EXT_SHARK_LIB
+U32 baGetUnixTime(void);
+char *sharkStrchr(const char *s, int c);
+char *sharkStrstr(const char *haystack, const char *needle);
+#else
+#define baGetUnixTime()    time(0)
+#endif
+
+typedef struct ThreadMutexBase
+{
+   osMutexId sharkMutex;
+} ThreadMutexBase;
+
+void ThreadMutex_destructor(ThreadMutexBase* o);
+void ThreadMutex_set(ThreadMutexBase* o);
+void ThreadMutex_release(ThreadMutexBase* o);
+void ThreadMutex_constructor(ThreadMutexBase* o);
+
+#ifdef _SHARKSSL_C_
+osMutexDef(sharkMutexDef);
+void ThreadMutex_destructor(ThreadMutexBase* o)
+{
+   osMutexDelete(o->sharkMutex);
+}
+void ThreadMutex_set(ThreadMutexBase* o)
+{
+   osMutexWait(o->sharkMutex, osWaitForever);
+}
+void ThreadMutex_release(ThreadMutexBase* o)
+{
+   osMutexRelease(o->sharkMutex);
+}
+void ThreadMutex_constructor(ThreadMutexBase* o)
+{
+   o->sharkMutex=osMutexCreate(osMutex(sharkMutexDef));
+}
+#endif
+
+
+#endif  /* _SharkSsl_TargConfig_h */