diff --git a/pkg/tinydtls/Makefile b/pkg/tinydtls/Makefile index c689583498cb..1f4673019a08 100644 --- a/pkg/tinydtls/Makefile +++ b/pkg/tinydtls/Makefile @@ -1,6 +1,6 @@ PKG_NAME=tinydtls PKG_URL=https://github.com/eclipse/tinydtls.git -PKG_VERSION=8660e46cec5897862a820f0d45fed26abaf2e332 +PKG_VERSION=bda40789a7c280f248eeca6d09ddd624cdaf5dc8 PKG_LICENSE=EPL-1.0,EDL-1.0 include $(RIOTBASE)/pkg/pkg.mk diff --git a/pkg/tinydtls/patches/0001-dtls_time-migrate-to-ztimer64_msec.patch b/pkg/tinydtls/patches/0001-dtls_time-migrate-to-ztimer64_msec.patch deleted file mode 100644 index 04f2caee2784..000000000000 --- a/pkg/tinydtls/patches/0001-dtls_time-migrate-to-ztimer64_msec.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 4408e8bd0c67efe6e08606568f8642f33e2fffdf Mon Sep 17 00:00:00 2001 -From: Francisco Molina -Date: Mon, 24 Jan 2022 17:54:46 +0100 -Subject: [PATCH] dtls_time: migrate to ztimer64_usec - ---- - dtls_time.c | 4 ++-- - dtls_time.h | 5 +++-- - 2 files changed, 5 insertions(+), 4 deletions(-) - -diff --git a/dtls_time.c b/dtls_time.c -index 5d353b4..4ae4414 100644 ---- a/dtls_time.c -+++ b/dtls_time.c -@@ -43,12 +43,12 @@ dtls_tick_t dtls_clock_offset; - - void - dtls_clock_init(void) { -- dtls_clock_offset = xtimer_now64().ticks64; -+ dtls_clock_offset = ztimer64_now(ZTIMER64_MSEC); - } - - void - dtls_ticks(dtls_tick_t *t) { -- *t = xtimer_now64().ticks64 -dtls_clock_offset; -+ *t = ztimer64_now(ZTIMER64_MSEC) - dtls_clock_offset; - } - - #endif /* RIOT_VERSION */ -diff --git a/dtls_time.h b/dtls_time.h -index f16b2d0..4cae153 100644 ---- a/dtls_time.h -+++ b/dtls_time.h -@@ -39,12 +39,13 @@ - - #elif defined(RIOT_VERSION) - --#include -+#include "ztimer64.h" -+#include "timex.h" - - /* this macro is already present on FreeBSD - which causes a redefine error otherwise */ - #ifndef CLOCK_SECOND --#define CLOCK_SECOND (xtimer_ticks_from_usec64(1000000UL).ticks64) -+#define CLOCK_SECOND (MS_PER_SEC) - #endif - - typedef uint64_t clock_time_t; --- -2.30.2 - diff --git a/pkg/tinydtls/patches/0002-session.h-Modify-session_t-for-RIOT.patch b/pkg/tinydtls/patches/0002-session.h-Modify-session_t-for-RIOT.patch deleted file mode 100644 index f620044be766..000000000000 --- a/pkg/tinydtls/patches/0002-session.h-Modify-session_t-for-RIOT.patch +++ /dev/null @@ -1,47 +0,0 @@ -From 6fbe634900e15b006edf3d6c9a6b79f19d286840 Mon Sep 17 00:00:00 2001 -From: Leandro Lanzieri -Date: Thu, 24 Mar 2022 12:00:27 +0100 -Subject: [PATCH] session.h: Modify session_t for RIOT - -Now the addr member of session_t includes both the IPv6 address and the -port. ---- - session.c | 4 ++-- - session.h | 6 ++++-- - 2 files changed, 6 insertions(+), 4 deletions(-) - -diff --git a/session.c b/session.c -index 300224e..020ab5b 100644 ---- a/session.c -+++ b/session.c -@@ -34,8 +34,8 @@ - #elif defined(WITH_RIOT_GNRC) - #define _dtls_address_equals_impl(A,B) \ - ((A)->size == (B)->size \ -- && (A)->port == (B)->port \ -- && ipv6_addr_equal(&((A)->addr),&((B)->addr)) \ -+ && (A)->addr.port == (B)->addr.port \ -+ && ipv6_addr_equal(&((A)->addr.addr),&((B)->addr.addr)) \ - && (A)->ifindex == (B)->ifindex) - #else /* WITH_CONTIKI */ - -diff --git a/session.h b/session.h -index a8ac8f3..2ab600a 100644 ---- a/session.h -+++ b/session.h -@@ -35,8 +35,10 @@ typedef struct { - #include "net/ipv6/addr.h" - typedef struct { - unsigned char size; -- ipv6_addr_t addr; -- unsigned short port; -+ struct { -+ ipv6_addr_t addr; -+ unsigned short port; -+ } addr; - int ifindex; - } session_t; - #else /* ! WITH_CONTIKI && ! WITH_RIOT_GNRC */ --- -2.35.1 - diff --git a/pkg/tinydtls/patches/0003-session-Rename-condition-WITH_RIOT_GNRC-to-WITH_RIOT.patch b/pkg/tinydtls/patches/0003-session-Rename-condition-WITH_RIOT_GNRC-to-WITH_RIOT.patch deleted file mode 100644 index 2da05be392af..000000000000 --- a/pkg/tinydtls/patches/0003-session-Rename-condition-WITH_RIOT_GNRC-to-WITH_RIOT.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 86dea8ab253df87aa09bc477b26ed1331ce149c6 Mon Sep 17 00:00:00 2001 -From: HendrikVE -Date: Fri, 25 Mar 2022 13:45:39 +0100 -Subject: [PATCH 3/4] session: Rename condition WITH_RIOT_GNRC to - WITH_RIOT_SOCK - -Using tinydtls on RIOT OS is not limited to GNRC as network stack. -It is also working with e.g. lwIP, see: https://github.com/RIOT-OS/RIOT/pull/17552 -Therefore the name WITH_RIOT_GNRC is misleading. ---- - session.c | 2 +- - session.h | 6 +++--- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/session.c b/session.c -index 020ab5b..7615188 100644 ---- a/session.c -+++ b/session.c -@@ -31,7 +31,7 @@ - && (A)->port == (B)->port \ - && uip_ipaddr_cmp(&((A)->addr),&((B)->addr)) \ - && (A)->ifindex == (B)->ifindex) --#elif defined(WITH_RIOT_GNRC) -+#elif defined(WITH_RIOT_SOCK) - #define _dtls_address_equals_impl(A,B) \ - ((A)->size == (B)->size \ - && (A)->addr.port == (B)->addr.port \ -diff --git a/session.h b/session.h -index 2ab600a..9d7041a 100644 ---- a/session.h -+++ b/session.h -@@ -31,7 +31,7 @@ typedef struct { - int ifindex; - } session_t; - /* TODO: Add support for RIOT over sockets */ --#elif defined(WITH_RIOT_GNRC) -+#elif defined(WITH_RIOT_SOCK) - #include "net/ipv6/addr.h" - typedef struct { - unsigned char size; -@@ -41,7 +41,7 @@ typedef struct { - } addr; - int ifindex; - } session_t; --#else /* ! WITH_CONTIKI && ! WITH_RIOT_GNRC */ -+#else /* ! WITH_CONTIKI && ! WITH_RIOT_SOCK */ - - #include - #include -@@ -57,7 +57,7 @@ typedef struct { - } addr; - int ifindex; - } session_t; --#endif /* ! WITH_CONTIKI && ! WITH_RIOT_GNRC */ -+#endif /* ! WITH_CONTIKI && ! WITH_RIOT_SOCK */ - - /** - * Resets the given session_t object @p sess to its default --- -2.25.1 - diff --git a/pkg/tinydtls/patches/0004-session-Add-support-for-IPv4-on-RIOT-OS.patch b/pkg/tinydtls/patches/0004-session-Add-support-for-IPv4-on-RIOT-OS.patch deleted file mode 100644 index 64cc1be837a2..000000000000 --- a/pkg/tinydtls/patches/0004-session-Add-support-for-IPv4-on-RIOT-OS.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 5e044288ff5f15a71aa89c8c17fab4ba0d40a86d Mon Sep 17 00:00:00 2001 -From: HendrikVE -Date: Fri, 25 Mar 2022 14:04:02 +0100 -Subject: [PATCH 4/4] session: Add support for IPv4 on RIOT OS - ---- - session.c | 38 +++++++++++++++++++++++++++++++++----- - session.h | 11 ++++++++++- - 2 files changed, 43 insertions(+), 6 deletions(-) - -diff --git a/session.c b/session.c -index 7615188..bdd845a 100644 ---- a/session.c -+++ b/session.c -@@ -32,11 +32,23 @@ - && uip_ipaddr_cmp(&((A)->addr),&((B)->addr)) \ - && (A)->ifindex == (B)->ifindex) - #elif defined(WITH_RIOT_SOCK) --#define _dtls_address_equals_impl(A,B) \ -- ((A)->size == (B)->size \ -- && (A)->addr.port == (B)->addr.port \ -- && ipv6_addr_equal(&((A)->addr.addr),&((B)->addr.addr)) \ -- && (A)->ifindex == (B)->ifindex) -+#include "net/af.h" -+#ifdef SOCK_HAS_IPV4 -+#define _dtls_ipv4_address_equals_impl(A,B) \ -+ ((A)->size == (B)->size \ -+ && (A)->addr.port == (B)->addr.port \ -+ && (A)->ifindex == (B)->ifindex) \ -+ && (A)->addr.family == (B)->addr.family \ -+ && ipv4_addr_equal(&((A)->addr.ipv4),&((B)->addr.ipv4)) -+#endif -+#ifdef SOCK_HAS_IPV6 -+#define _dtls_ipv6_address_equals_impl(A,B) \ -+ ((A)->size == (B)->size \ -+ && (A)->addr.port == (B)->addr.port \ -+ && (A)->ifindex == (B)->ifindex) \ -+ && (A)->addr.family == (B)->addr.family \ -+ && ipv6_addr_equal(&((A)->addr.ipv6),&((B)->addr.ipv6)) -+#endif - #else /* WITH_CONTIKI */ - - static inline int -@@ -120,5 +132,21 @@ dtls_session_addr(session_t *sess, socklen_t *addrlen) { - int - dtls_session_equals(const session_t *a, const session_t *b) { - assert(a); assert(b); -+#ifdef RIOT_VERSION -+ switch (a->addr.family) { -+#ifdef SOCK_HAS_IPV4 -+ case AF_INET: -+ return _dtls_ipv4_address_equals_impl(a, b); -+#endif -+#ifdef SOCK_HAS_IPV6 -+ case AF_INET6: -+ return _dtls_ipv6_address_equals_impl(a, b); -+#endif -+ default: -+ assert(0); -+ return false; -+ } -+#else - return _dtls_address_equals_impl(a, b); -+#endif /* RIOT_VERSION */ - } -diff --git a/session.h b/session.h -index 9d7041a..6ae5a82 100644 ---- a/session.h -+++ b/session.h -@@ -32,11 +32,20 @@ typedef struct { - } session_t; - /* TODO: Add support for RIOT over sockets */ - #elif defined(WITH_RIOT_SOCK) -+#include "net/ipv4/addr.h" - #include "net/ipv6/addr.h" - typedef struct { - unsigned char size; - struct { -- ipv6_addr_t addr; -+ int family; -+ union { -+#ifdef SOCK_HAS_IPV4 -+ ipv4_addr_t ipv4; -+#endif -+#ifdef SOCK_HAS_IPV6 -+ ipv6_addr_t ipv6; -+#endif -+ }; - unsigned short port; - } addr; - int ifindex; --- -2.25.1 - diff --git a/pkg/tinydtls/patches/0005-crypto-remove-unnecessary-usage-of-malloc-dtls_hmac_.patch b/pkg/tinydtls/patches/0005-crypto-remove-unnecessary-usage-of-malloc-dtls_hmac_.patch deleted file mode 100644 index d4591a59bfba..000000000000 --- a/pkg/tinydtls/patches/0005-crypto-remove-unnecessary-usage-of-malloc-dtls_hmac_.patch +++ /dev/null @@ -1,105 +0,0 @@ -From a98c493857d27f25e6ab142fe893ffcc9e6a6474 Mon Sep 17 00:00:00 2001 -From: "Martine S. Lenders" -Date: Mon, 28 Mar 2022 15:00:02 +0200 -Subject: [PATCH] crypto: remove unnecessary usage of malloc()/dtls_hmac_new() - ---- - crypto.c | 57 ++++++++++++++++++++++++++------------------------------ - 1 file changed, 26 insertions(+), 31 deletions(-) - -diff --git a/crypto.c b/crypto.c -index 43d3079198..6475eb81d0 100644 ---- a/crypto.c -+++ b/crypto.c -@@ -207,7 +207,7 @@ dtls_p_hash(dtls_hashfunc_t h, - const unsigned char *random1, size_t random1len, - const unsigned char *random2, size_t random2len, - unsigned char *buf, size_t buflen) { -- dtls_hmac_context_t *hmac_a, *hmac_p; -+ dtls_hmac_context_t hmac_a, hmac_p; - - unsigned char A[DTLS_HMAC_DIGEST_SIZE]; - unsigned char tmp[DTLS_HMAC_DIGEST_SIZE]; -@@ -215,54 +215,49 @@ dtls_p_hash(dtls_hashfunc_t h, - size_t len = 0; /* result length */ - (void)h; - -- hmac_a = dtls_hmac_new(key, keylen); -- if (!hmac_a) -- return 0; -+ dtls_hmac_init(&hmac_a, key, keylen); - - /* calculate A(1) from A(0) == seed */ -- HMAC_UPDATE_SEED(hmac_a, label, labellen); -- HMAC_UPDATE_SEED(hmac_a, random1, random1len); -- HMAC_UPDATE_SEED(hmac_a, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac_a, label, labellen); -+ HMAC_UPDATE_SEED(&hmac_a, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac_a, random2, random2len); - -- dlen = dtls_hmac_finalize(hmac_a, A); -- -- hmac_p = dtls_hmac_new(key, keylen); -- if (!hmac_p) -- goto error; -+ dlen = dtls_hmac_finalize(&hmac_a, A); - - while (len + dlen < buflen) { - -- /* FIXME: rewrite loop to avoid superflous call to dtls_hmac_init() */ -- dtls_hmac_init(hmac_p, key, keylen); -- dtls_hmac_update(hmac_p, A, dlen); -+ dtls_hmac_init(&hmac_p, key, keylen); -+ dtls_hmac_update(&hmac_p, A, dlen); - -- HMAC_UPDATE_SEED(hmac_p, label, labellen); -- HMAC_UPDATE_SEED(hmac_p, random1, random1len); -- HMAC_UPDATE_SEED(hmac_p, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac_p, label, labellen); -+ HMAC_UPDATE_SEED(&hmac_p, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac_p, random2, random2len); - -- len += dtls_hmac_finalize(hmac_p, tmp); -+ len += dtls_hmac_finalize(&hmac_p, tmp); - memcpy(buf, tmp, dlen); - buf += dlen; - - /* calculate A(i+1) */ -- dtls_hmac_init(hmac_a, key, keylen); -- dtls_hmac_update(hmac_a, A, dlen); -- dtls_hmac_finalize(hmac_a, A); -+ dtls_hmac_init(&hmac_a, key, keylen); -+ dtls_hmac_update(&hmac_a, A, dlen); -+ dtls_hmac_finalize(&hmac_a, A); - } - -- dtls_hmac_init(hmac_p, key, keylen); -- dtls_hmac_update(hmac_p, A, dlen); -+ dtls_hmac_init(&hmac_p, key, keylen); -+ dtls_hmac_update(&hmac_p, A, dlen); - -- HMAC_UPDATE_SEED(hmac_p, label, labellen); -- HMAC_UPDATE_SEED(hmac_p, random1, random1len); -- HMAC_UPDATE_SEED(hmac_p, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac_p, label, labellen); -+ HMAC_UPDATE_SEED(&hmac_p, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac_p, random2, random2len); - -- dtls_hmac_finalize(hmac_p, tmp); -+ dtls_hmac_finalize(&hmac_p, tmp); - memcpy(buf, tmp, buflen - len); - -- error: -- dtls_hmac_free(hmac_a); -- dtls_hmac_free(hmac_p); -+ /* prevent exposure of sensible data */ -+ memset(&hmac_a, 0, sizeof(hmac_a)); -+ memset(&hmac_p, 0, sizeof(hmac_p)); -+ memset(tmp, 0, sizeof(tmp)); -+ memset(A, 0, sizeof(A)); - - return buflen; - } --- -2.25.1 - diff --git a/pkg/tinydtls/patches/0006-crypto-only-one-HMAC-context-is-required.patch b/pkg/tinydtls/patches/0006-crypto-only-one-HMAC-context-is-required.patch deleted file mode 100644 index f89284f1e38a..000000000000 --- a/pkg/tinydtls/patches/0006-crypto-only-one-HMAC-context-is-required.patch +++ /dev/null @@ -1,95 +0,0 @@ -From 49de0a5763e5ced05f62b2539a63e90b9a439c18 Mon Sep 17 00:00:00 2001 -From: "Martine S. Lenders" -Date: Tue, 29 Mar 2022 12:06:00 +0200 -Subject: [PATCH] crypto: only one HMAC context is required - -Signed-off-by: Martine Lenders ---- - crypto.c | 45 ++++++++++++++++++++++----------------------- - 1 file changed, 22 insertions(+), 23 deletions(-) - -diff --git a/crypto.c b/crypto.c -index 6475eb8..b3845ae 100644 ---- a/crypto.c -+++ b/crypto.c -@@ -207,7 +207,7 @@ dtls_p_hash(dtls_hashfunc_t h, - const unsigned char *random1, size_t random1len, - const unsigned char *random2, size_t random2len, - unsigned char *buf, size_t buflen) { -- dtls_hmac_context_t hmac_a, hmac_p; -+ dtls_hmac_context_t hmac; - - unsigned char A[DTLS_HMAC_DIGEST_SIZE]; - unsigned char tmp[DTLS_HMAC_DIGEST_SIZE]; -@@ -215,47 +215,46 @@ dtls_p_hash(dtls_hashfunc_t h, - size_t len = 0; /* result length */ - (void)h; - -- dtls_hmac_init(&hmac_a, key, keylen); -+ dtls_hmac_init(&hmac, key, keylen); - - /* calculate A(1) from A(0) == seed */ -- HMAC_UPDATE_SEED(&hmac_a, label, labellen); -- HMAC_UPDATE_SEED(&hmac_a, random1, random1len); -- HMAC_UPDATE_SEED(&hmac_a, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac, label, labellen); -+ HMAC_UPDATE_SEED(&hmac, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac, random2, random2len); - -- dlen = dtls_hmac_finalize(&hmac_a, A); -+ dlen = dtls_hmac_finalize(&hmac, A); - - while (len + dlen < buflen) { - -- dtls_hmac_init(&hmac_p, key, keylen); -- dtls_hmac_update(&hmac_p, A, dlen); -+ dtls_hmac_init(&hmac, key, keylen); -+ dtls_hmac_update(&hmac, A, dlen); - -- HMAC_UPDATE_SEED(&hmac_p, label, labellen); -- HMAC_UPDATE_SEED(&hmac_p, random1, random1len); -- HMAC_UPDATE_SEED(&hmac_p, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac, label, labellen); -+ HMAC_UPDATE_SEED(&hmac, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac, random2, random2len); - -- len += dtls_hmac_finalize(&hmac_p, tmp); -+ len += dtls_hmac_finalize(&hmac, tmp); - memcpy(buf, tmp, dlen); - buf += dlen; - - /* calculate A(i+1) */ -- dtls_hmac_init(&hmac_a, key, keylen); -- dtls_hmac_update(&hmac_a, A, dlen); -- dtls_hmac_finalize(&hmac_a, A); -+ dtls_hmac_init(&hmac, key, keylen); -+ dtls_hmac_update(&hmac, A, dlen); -+ dtls_hmac_finalize(&hmac, A); - } - -- dtls_hmac_init(&hmac_p, key, keylen); -- dtls_hmac_update(&hmac_p, A, dlen); -+ dtls_hmac_init(&hmac, key, keylen); -+ dtls_hmac_update(&hmac, A, dlen); - -- HMAC_UPDATE_SEED(&hmac_p, label, labellen); -- HMAC_UPDATE_SEED(&hmac_p, random1, random1len); -- HMAC_UPDATE_SEED(&hmac_p, random2, random2len); -+ HMAC_UPDATE_SEED(&hmac, label, labellen); -+ HMAC_UPDATE_SEED(&hmac, random1, random1len); -+ HMAC_UPDATE_SEED(&hmac, random2, random2len); - -- dtls_hmac_finalize(&hmac_p, tmp); -+ dtls_hmac_finalize(&hmac, tmp); - memcpy(buf, tmp, buflen - len); - - /* prevent exposure of sensible data */ -- memset(&hmac_a, 0, sizeof(hmac_a)); -- memset(&hmac_p, 0, sizeof(hmac_p)); -+ memset(&hmac, 0, sizeof(hmac)); - memset(tmp, 0, sizeof(tmp)); - memset(A, 0, sizeof(A)); - --- -2.35.1 -