Real Time Logic LLC / SharkSSL-Lite

This package includes the SharkSSL lite library and header files.

Dependents:   WebSocket-Client-Example SharkMQ-LED-Demo

SharkSSL-Lite

Description: SharkSSL is an SSL v3.0 TLS v1.0/1.1/1.2 implementation of the TLS and SSL protocol standard. With its array of compile-time options and Raycrypto proprietary cryptographic algorithms, SharkSSL can be fine-tuned to a footprint that occupies less than 20 kB, while maintaining full x.509 authentication. The SharkSSL-Lite download includes a subset of SharkSSL and header files made for use in non-commercial and for evaluation purposes.

Features

Examples

Limitations

SharkSSL-Lite includes a limited set of ciphers. To use SharkSSL-Lite, the peer side must support Elliptic Curve Cryptography (ECC) and you must use ECC certificates. The peer side must also support the new ChaCha20/Poly1305 cipher combination.

ChaCha20 and Poly1305 for TLS is published RFC 7905. The development of this new cipher was a response to many attacks discovered against other widely used TLS cipher suites. ChaCha20 is the cipher and Poly1305 is an authenticated encryption mode.

SharkSSL-Lite occupies less than 20kB, while maintaining full x.509 authentication. The ChaCha20/Poly1305 cipher software implementation is equally as fast as many hardware accelerated AES engines.

Creating ECC Certificates for SharkSSL-Lite

The following video shows how to create an Elliptic Curve Cryptography (ECC) certificate for a server, how to install the certificate in the server, and how to make the mbed clients connecting to the server trust this certificate. The server in this video is installed on a private/personal computer on a private network for test purposes. The video was produced for the embedded.com article How to run your own secure IoT cloud server.

inc/TargConfig.h@1:d5e0e1dcf0d6, 2016-05-23 (annotated)

Committer:
wini
Date:
Mon May 23 13:56:30 2016 +0000
Revision:
1:d5e0e1dcf0d6
Parent:
0:e0adec41ad6b 
Type conflict fix (U8-U32) for latest mbed release.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
wini 0:e0adec41ad6b 1 /**
wini 0:e0adec41ad6b 2 * ____ _________ __ _
wini 0:e0adec41ad6b 3 * / __ \___ ____ _/ /_ __(_)___ ___ ___ / / ____ ____ _(_)____
wini 0:e0adec41ad6b 4 * / /_/ / _ \/ __ `/ / / / / / __ `__ \/ _ \/ / / __ \/ __ `/ / ___/
wini 0:e0adec41ad6b 5 * / _, _/ __/ /_/ / / / / / / / / / / / __/ /___/ /_/ / /_/ / / /__
wini 0:e0adec41ad6b 6 * /_/ |_|\___/\__,_/_/ /_/ /_/_/ /_/ /_/\___/_____/\____/\__, /_/\___/
wini 0:e0adec41ad6b 7 * /____/
wini 0:e0adec41ad6b 8 *
wini 0:e0adec41ad6b 9 * SharkSSL Embedded SSL/TLS Stack
wini 0:e0adec41ad6b 10 ****************************************************************************
wini 0:e0adec41ad6b 11 * PROGRAM MODULE
wini 0:e0adec41ad6b 12 *
wini 0:e0adec41ad6b 13 * $Id$
wini 0:e0adec41ad6b 14 *
wini 0:e0adec41ad6b 15 * COPYRIGHT: Real Time Logic LLC, 2016
wini 0:e0adec41ad6b 16 *
wini 0:e0adec41ad6b 17 * This software is copyrighted by and is the sole property of Real
wini 0:e0adec41ad6b 18 * Time Logic LLC. All rights, title, ownership, or other interests in
wini 0:e0adec41ad6b 19 * the software remain the property of Real Time Logic LLC. This
wini 0:e0adec41ad6b 20 * software may only be used in accordance with the terms and
wini 0:e0adec41ad6b 21 * conditions stipulated in the corresponding license agreement under
wini 0:e0adec41ad6b 22 * which the software has been supplied. Any unauthorized use,
wini 0:e0adec41ad6b 23 * duplication, transmission, distribution, or disclosure of this
wini 0:e0adec41ad6b 24 * software is expressly forbidden.
wini 0:e0adec41ad6b 25 *
wini 0:e0adec41ad6b 26 * This Copyright notice may not be removed or modified without prior
wini 0:e0adec41ad6b 27 * written consent of Real Time Logic LLC.
wini 0:e0adec41ad6b 28 *
wini 0:e0adec41ad6b 29 * Real Time Logic LLC. reserves the right to modify this software
wini 0:e0adec41ad6b 30 * without notice.
wini 0:e0adec41ad6b 31 *
wini 0:e0adec41ad6b 32 * http://www.realtimelogic.com
wini 0:e0adec41ad6b 33 * http://www.sharkssl.com
wini 0:e0adec41ad6b 34 ****************************************************************************
wini 0:e0adec41ad6b 35 *
wini 0:e0adec41ad6b 36 */
wini 0:e0adec41ad6b 37 #ifndef _SharkSsl_TargConfig_h
wini 0:e0adec41ad6b 38 #define _SharkSsl_TargConfig_h
wini 0:e0adec41ad6b 39
wini 0:e0adec41ad6b 40 #include <cmsis_os.h>
wini 0:e0adec41ad6b 41 #include <time.h>
wini 0:e0adec41ad6b 42
wini 0:e0adec41ad6b 43
wini 0:e0adec41ad6b 44 #ifndef NDEBUG
wini 0:e0adec41ad6b 45 #define baAssert(x) ((x) ? 0 : sharkAssert(__FILE__, __LINE__))
wini 0:e0adec41ad6b 46 #else
wini 0:e0adec41ad6b 47 #define baAssert(x)
wini 0:e0adec41ad6b 48 #endif
wini 0:e0adec41ad6b 49
wini 0:e0adec41ad6b 50 #ifdef __cplusplus
wini 0:e0adec41ad6b 51 extern "C" {
wini 0:e0adec41ad6b 52 #endif
wini 0:e0adec41ad6b 53 int sharkAssert(const char* file, int line);
wini 0:e0adec41ad6b 54 #ifdef __cplusplus
wini 0:e0adec41ad6b 55 }
wini 0:e0adec41ad6b 56 #endif
wini 0:e0adec41ad6b 57
wini 0:e0adec41ad6b 58 #ifdef _SHARKSSL_C_
wini 0:e0adec41ad6b 59 const char* assert_file;
wini 0:e0adec41ad6b 60 int assert_line;
wini 0:e0adec41ad6b 61 int sharkAssert(const char* file, int line)
wini 0:e0adec41ad6b 62 {
wini 0:e0adec41ad6b 63 assert_file = file;
wini 0:e0adec41ad6b 64 assert_line = line;
wini 0:e0adec41ad6b 65 for(;;);
wini 0:e0adec41ad6b 66 }
wini 0:e0adec41ad6b 67 #endif
wini 0:e0adec41ad6b 68
wini 0:e0adec41ad6b 69
wini 0:e0adec41ad6b 70
wini 0:e0adec41ad6b 71 /* The following is not required by SharkSSL, but is used by some of
wini 0:e0adec41ad6b 72 the examples.
wini 0:e0adec41ad6b 73 */
wini 0:e0adec41ad6b 74
wini 0:e0adec41ad6b 75 #ifndef TRUE
wini 0:e0adec41ad6b 76 #define TRUE 1
wini 0:e0adec41ad6b 77 #endif
wini 0:e0adec41ad6b 78
wini 0:e0adec41ad6b 79 #ifndef FALSE
wini 0:e0adec41ad6b 80 #define FALSE 0
wini 0:e0adec41ad6b 81 #endif
wini 0:e0adec41ad6b 82
wini 0:e0adec41ad6b 83 /**
wini 0:e0adec41ad6b 84 * baMalloc should return 32-bit aligned addresses when succesful,
wini 0:e0adec41ad6b 85 * (void*)0 when not succesful.
wini 0:e0adec41ad6b 86 * baRealloc should return 32-bit aligned addresses when succesful,
wini 0:e0adec41ad6b 87 * (void*)0 when not succesful or NOT available.
wini 0:e0adec41ad6b 88 */
wini 0:e0adec41ad6b 89
wini 0:e0adec41ad6b 90 #ifdef UMM_MALLOC
wini 0:e0adec41ad6b 91 #include "../../../examples/malloc/umm_malloc.h"
wini 0:e0adec41ad6b 92 #define baMalloc(s) umm_malloc(s)
wini 0:e0adec41ad6b 93 #define baRealloc(m, s) umm_realloc(m, s)
wini 0:e0adec41ad6b 94 #define baFree(m) umm_free(m)
wini 0:e0adec41ad6b 95 #else
wini 0:e0adec41ad6b 96 #include <stdlib.h>
wini 0:e0adec41ad6b 97 #define baMalloc(s) malloc(s) /* should return 32-bit aligned address */
wini 0:e0adec41ad6b 98 #define baRealloc(m, s) realloc(m, s) /* as above */
wini 0:e0adec41ad6b 99 #define baFree(m) free(m)
wini 0:e0adec41ad6b 100 #endif
wini 0:e0adec41ad6b 101
wini 1:d5e0e1dcf0d6 102 /* Some mbed releases use conflicting types. Undo the two macro
wini 1:d5e0e1dcf0d6 103 definitions commented out below if you get 'undefined' compile
wini 1:d5e0e1dcf0d6 104 errors.
wini 1:d5e0e1dcf0d6 105 */
wini 1:d5e0e1dcf0d6 106 /* #ifndef __MBED__ */
wini 1:d5e0e1dcf0d6 107
wini 0:e0adec41ad6b 108 #ifndef INTEGRAL_TYPES
wini 0:e0adec41ad6b 109 #define INTEGRAL_TYPES
wini 0:e0adec41ad6b 110 #if (__STDC_VERSION__ >= 199901L) || defined( __GNUC__)
wini 0:e0adec41ad6b 111 #include <stdint.h>
wini 0:e0adec41ad6b 112 typedef uint8_t U8;
wini 0:e0adec41ad6b 113 typedef int8_t S8;
wini 0:e0adec41ad6b 114 typedef uint16_t U16;
wini 0:e0adec41ad6b 115 typedef int16_t S16;
wini 0:e0adec41ad6b 116 typedef uint32_t U32;
wini 0:e0adec41ad6b 117 typedef int32_t S32;
wini 0:e0adec41ad6b 118 typedef uint64_t U64;
wini 0:e0adec41ad6b 119 typedef int64_t S64;
wini 0:e0adec41ad6b 120 #else
wini 0:e0adec41ad6b 121 typedef unsigned char U8;
wini 0:e0adec41ad6b 122 typedef signed char S8;
wini 0:e0adec41ad6b 123 typedef unsigned short U16;
wini 0:e0adec41ad6b 124 typedef signed short S16;
wini 0:e0adec41ad6b 125 typedef unsigned int U32;
wini 0:e0adec41ad6b 126 typedef signed int S32;
wini 0:e0adec41ad6b 127 typedef unsigned long long U64;
wini 0:e0adec41ad6b 128 typedef signed long long S64;
wini 0:e0adec41ad6b 129 #endif
wini 0:e0adec41ad6b 130 #endif
wini 1:d5e0e1dcf0d6 131
wini 1:d5e0e1dcf0d6 132 /* #endif */ /* __MBED__ */
wini 1:d5e0e1dcf0d6 133
wini 0:e0adec41ad6b 134 typedef U8 BaBool;
wini 0:e0adec41ad6b 135
wini 0:e0adec41ad6b 136 #ifdef EXT_SHARK_LIB
wini 0:e0adec41ad6b 137 U32 baGetUnixTime(void);
wini 0:e0adec41ad6b 138 char *sharkStrchr(const char *s, int c);
wini 0:e0adec41ad6b 139 char *sharkStrstr(const char *haystack, const char *needle);
wini 0:e0adec41ad6b 140 #else
wini 0:e0adec41ad6b 141 #define baGetUnixTime() time(0)
wini 0:e0adec41ad6b 142 #endif
wini 0:e0adec41ad6b 143
wini 0:e0adec41ad6b 144 typedef struct ThreadMutexBase
wini 0:e0adec41ad6b 145 {
wini 0:e0adec41ad6b 146 osMutexId sharkMutex;
wini 0:e0adec41ad6b 147 } ThreadMutexBase;
wini 0:e0adec41ad6b 148
wini 0:e0adec41ad6b 149 void ThreadMutex_destructor(ThreadMutexBase* o);
wini 0:e0adec41ad6b 150 void ThreadMutex_set(ThreadMutexBase* o);
wini 0:e0adec41ad6b 151 void ThreadMutex_release(ThreadMutexBase* o);
wini 0:e0adec41ad6b 152 void ThreadMutex_constructor(ThreadMutexBase* o);
wini 0:e0adec41ad6b 153
wini 0:e0adec41ad6b 154 #ifdef _SHARKSSL_C_
wini 0:e0adec41ad6b 155 osMutexDef(sharkMutexDef);
wini 0:e0adec41ad6b 156 void ThreadMutex_destructor(ThreadMutexBase* o)
wini 0:e0adec41ad6b 157 {
wini 0:e0adec41ad6b 158 osMutexDelete(o->sharkMutex);
wini 0:e0adec41ad6b 159 }
wini 0:e0adec41ad6b 160 void ThreadMutex_set(ThreadMutexBase* o)
wini 0:e0adec41ad6b 161 {
wini 0:e0adec41ad6b 162 osMutexWait(o->sharkMutex, osWaitForever);
wini 0:e0adec41ad6b 163 }
wini 0:e0adec41ad6b 164 void ThreadMutex_release(ThreadMutexBase* o)
wini 0:e0adec41ad6b 165 {
wini 0:e0adec41ad6b 166 osMutexRelease(o->sharkMutex);
wini 0:e0adec41ad6b 167 }
wini 0:e0adec41ad6b 168 void ThreadMutex_constructor(ThreadMutexBase* o)
wini 0:e0adec41ad6b 169 {
wini 0:e0adec41ad6b 170 o->sharkMutex=osMutexCreate(osMutex(sharkMutexDef));
wini 0:e0adec41ad6b 171 }
wini 0:e0adec41ad6b 172 #endif
wini 0:e0adec41ad6b 173
wini 0:e0adec41ad6b 174
wini 0:e0adec41ad6b 175 #endif /* _SharkSsl_TargConfig_h */