Skip to content

Commit

Permalink
Add client dtls connection ID.
Browse files Browse the repository at this point in the history
Simple client side implementation indicates support and uses the cid of
the server, when negotiated by that.

Signed-off-by: Achim Kraus <[email protected]>
  • Loading branch information
boaks committed May 13, 2024
1 parent 4a6a782 commit e002b31
Show file tree
Hide file tree
Showing 4 changed files with 198 additions and 52 deletions.
27 changes: 26 additions & 1 deletion crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -110,6 +110,17 @@ typedef struct {
uint64_t bitfield;
} seqnum_t;

/* Maximum CID length. */
#ifndef DTLS_MAX_CID_LENGTH
#define DTLS_MAX_CID_LENGTH 16
#endif

#if (DTLS_MAX_CID_LENGTH > 0)
#ifndef DTLS_USE_CID_DEFAULT
#define DTLS_USE_CID_DEFAULT 1
#endif /* DTLS_USE_CID_DEFAULT */
#endif /* DTLS_MAX_CID_LENGTH > 0 */

typedef struct {
dtls_compression_t compression; /**< compression method */

Expand All @@ -124,7 +135,12 @@ typedef struct {
* access the components of the key block.
*/
uint8 key_block[MAX_KEYBLOCK_LENGTH];


#if (DTLS_MAX_CID_LENGTH > 0)
uint8_t write_cid[DTLS_MAX_CID_LENGTH];
uint8_t write_cid_length;
#endif /* DTLS_MAX_CID_LENGTH > 0 */

seqnum_t cseq; /**<sequence number of last record received*/
} dtls_security_parameters_t;

Expand All @@ -141,6 +157,9 @@ typedef struct dtls_user_parameters_t {
dtls_cipher_t cipher_suites[DTLS_MAX_CIPHER_SUITES + 1];
unsigned int force_extended_master_secret:1; /** force extended master secret extension (RFC7627) */
unsigned int force_renegotiation_info:1; /** force renegotiation info extension (RFC5746) */
#if (DTLS_MAX_CID_LENGTH > 0)
unsigned int support_cid:1; /** indicate CID support (RFC9146) */
#endif
} dtls_user_parameters_t;

typedef struct {
Expand All @@ -158,6 +177,12 @@ typedef struct {
dtls_compression_t compression; /**< compression method */
dtls_user_parameters_t user_parameters; /**< user parameters */
dtls_cipher_index_t cipher_index; /**< internal index for cipher_suite_params, DTLS_CIPHER_INDEX_NULL for TLS_NULL_WITH_NULL_NULL */

#if (DTLS_MAX_CID_LENGTH > 0)
uint8_t write_cid[DTLS_MAX_CID_LENGTH];
uint8_t write_cid_length;
#endif /* DTLS_MAX_CID_LENGTH > 0 */

unsigned int do_client_auth:1;
unsigned int extended_master_secret:1;
unsigned int renegotiation_info:1;
Expand Down
Loading

0 comments on commit e002b31

Please sign in to comment.