-
Notifications
You must be signed in to change notification settings - Fork 58
/
peer.h
168 lines (140 loc) · 5.42 KB
/
peer.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
/*******************************************************************************
*
* Copyright (c) 2011, 2012, 2013, 2014, 2015 Olaf Bergmann (TZI) and others.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the Eclipse Public License v1.0
* and Eclipse Distribution License v. 1.0 which accompanies this distribution.
*
* The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
* and the Eclipse Distribution License is available at
* http://www.eclipse.org/org/documents/edl-v10.php.
*
* Contributors:
* Olaf Bergmann - initial API and implementation
* Hauke Mehrtens - memory optimization, ECC integration
*
*******************************************************************************/
/**
* @file peer.h
* @brief information about peers in a DTLS session
*/
#ifndef _DTLS_PEER_H_
#define _DTLS_PEER_H_
#include <sys/types.h>
#include "tinydtls.h"
#include "global.h"
#include "session.h"
#include "state.h"
#include "crypto.h"
#ifndef DTLS_PEERS_NOHASH
#include "uthash.h"
#endif /* DTLS_PEERS_NOHASH */
typedef enum { DTLS_CLIENT=0, DTLS_SERVER } dtls_peer_type;
/**
* Holds security parameters, local state and the transport address
* for each peer. */
typedef struct dtls_peer_t {
#ifdef DTLS_PEERS_NOHASH
struct dtls_peer_t *next;
#else /* DTLS_PEERS_NOHASH */
UT_hash_handle hh;
#endif /* DTLS_PEERS_NOHASH */
session_t session; /**< peer address and local interface */
dtls_peer_type role; /**< denotes if this host is DTLS_CLIENT or DTLS_SERVER */
dtls_state_t state; /**< DTLS engine state */
int16_t optional_handshake_message; /**< optional next handshake message, DTLS_HT_NO_OPTIONAL_MESSAGE, if no optional message is expected. */
dtls_security_parameters_t *security_params[2];
dtls_handshake_parameters_t *handshake_params;
} dtls_peer_t;
/**
* Holds ClientHello's sequence numbers for the stateless address verification. */
typedef struct dtls_ephemeral_peer_t {
session_t *session; /**< peer address and local interface */
uint64_t rseq; /**< ClientHello record sequence number */
uint16_t mseq; /**< ClientHello handshake message sequence number */
} dtls_ephemeral_peer_t;
static inline dtls_security_parameters_t *dtls_security_params_epoch(dtls_peer_t *peer, uint16_t epoch)
{
if (peer->security_params[0] && peer->security_params[0]->epoch == epoch) {
return peer->security_params[0];
} else if (peer->security_params[1] && peer->security_params[1]->epoch == epoch) {
return peer->security_params[1];
} else {
return NULL;
}
}
/**
* Get security parameter for read epoch.
*
* @param peer The remote party where the packet is received from.
* @param epoch The read epoch the packet is received in.
* @return The security parameter for the remote party and read epoch. @c NULL if not available.
*/
static inline dtls_security_parameters_t *dtls_security_params_read_epoch(dtls_peer_t *peer, uint16_t epoch)
{
if (peer->handshake_params) {
if (peer->handshake_params->hs_state.read_epoch == epoch) {
return dtls_security_params_epoch(peer, epoch);
}
} else if (peer->security_params[0] && peer->security_params[0]->epoch == epoch) {
return peer->security_params[0];
}
return NULL;
}
static inline dtls_security_parameters_t *dtls_security_params(dtls_peer_t *peer)
{
return peer->security_params[0];
}
static inline dtls_security_parameters_t *dtls_security_params_next(dtls_peer_t *peer)
{
if (peer->security_params[1])
dtls_security_free(peer->security_params[1]);
peer->security_params[1] = dtls_security_new();
if (!peer->security_params[1]) {
return NULL;
}
peer->security_params[1]->epoch = peer->security_params[0]->epoch + 1;
return peer->security_params[1];
}
static inline void dtls_security_params_free_other(dtls_peer_t *peer)
{
dtls_security_parameters_t * security0 = peer->security_params[0];
dtls_security_parameters_t * security1 = peer->security_params[1];
if (!security0 || !security1 || security0->epoch < security1->epoch)
return;
dtls_security_free(security1);
peer->security_params[1] = NULL;
}
static inline void dtls_security_params_switch(dtls_peer_t *peer)
{
dtls_security_parameters_t * security = peer->security_params[1];
peer->security_params[1] = peer->security_params[0];
peer->security_params[0] = security;
}
void peer_init(void);
/**
* Creates a new peer for given @p session. The current configuration
* is initialized with the cipher suite TLS_NULL_WITH_NULL_NULL (i.e.
* no security at all). This function returns a pointer to the new
* peer or NULL on error. The caller is responsible for releasing the
* storage allocated for this peer using dtls_free_peer().
*
* @param session The remote peer's address and local interface index.
* @return A pointer to a newly created and initialized peer object
* or NULL on error.
*/
dtls_peer_t *dtls_new_peer(const session_t *session);
/** Releases the storage allocated to @p peer. */
void dtls_free_peer(dtls_peer_t *peer);
/** Returns the current state of @p peer. */
static inline dtls_state_t dtls_peer_state(const dtls_peer_t *peer) {
return peer->state;
}
/**
* Checks if given @p peer is connected. This function returns
* @c 1 if connected, or @c 0 otherwise.
*/
static inline int dtls_peer_is_connected(const dtls_peer_t *peer) {
return peer->state == DTLS_STATE_CONNECTED;
}
#endif /* _DTLS_PEER_H_ */