Class: TinyDTLS::SecurityConfig

Inherits:

Object

• Object
• TinyDTLS::SecurityConfig

Defined in:

lib/tinydtls/security_conf.rb

Overview

This class is used to map user identity for pre-shared keys to their actual keys. It provides an implementation of the get_psk_info function pointer used in the dtls_handler_t struct which is used by tinydtls to retrieve keys and identities.

XXX: Currently this function doesn’t map IP address to keys/identities.

Constant Summary

GetPSKInfo =

Implementation of the get_psk_info function pointer as used by the dtls_handler_t struct.

If tinydtls requests a key for a given identity the key is returned if the identity exists. If no identity was specified the #default_key is returned.

If tinydtls requests an id the #default_id is always returned.

TODO: It would be nice to return an id depending on the session_t passad to this callback.

Proc.new do |ctx, sess, type, desc, dlen, result, rlen|
  secconf = TinyDTLS::Context.from_ptr(ctx).secconf
  if desc.null?
    key = secconf.default_key
  end

  if type == :DTLS_PSK_KEY
    key ||= secconf.get_key(desc.read_string(dlen))
    if key.nil?
      Wrapper::dtls_alert_fatal_create(
        Wrapper::Alert[:DTLS_ALERT_DECRYPT_ERROR])
    elsif key.bytesize > rlen
      Wrapper::dtls_alert_fatal_create(
        Wrapper::Alert[:DTLS_ALERT_INTERNAL_ERROR])
    else
      result.put_bytes(0, key)
      key.bytesize
    end
  elsif type == :DTLS_PSK_IDENTITY
    identity = secconf.default_id
    result.put_bytes(0, identity)
    identity.bytesize
  else
    0
  end
end

Instance Method Summary

• #add_client(id, key) ⇒ Object

  Adds a security configuration for the given identity.

• #default_id ⇒ Object
• #default_key ⇒ Object
• #get_key(id) ⇒ Object

  Retrieves the key associated with the given identity.

• #initialize(default_id = nil, default_key = nil) ⇒ SecurityConfig constructor

  Create a new instance of this class.

Constructor Details

#initialize(default_id = nil, default_key = nil) ⇒ SecurityConfig

Create a new instance of this class. A #default_key and a #default_id can be optionally specified. If they are not specified the first key/identity added is used as the default value.

# File 'lib/tinydtls/security_conf.rb', line 50

def initialize(default_id = nil, default_key = nil)
  @default_id  = default_id
  @default_key = default_key

  @identity_map = Hash.new
end

Instance Method Details

#add_client(id, key) ⇒ Object

Adds a security configuration for the given identity.

# File 'lib/tinydtls/security_conf.rb', line 58

def add_client(id, key)
  @identity_map[id] = key
end

#default_id ⇒ Object

# File 'lib/tinydtls/security_conf.rb', line 67

def default_id
  if @default_id.nil?
    @identity_map.to_a.first.first
  else
    @default_id
  end
end

#default_key ⇒ Object

# File 'lib/tinydtls/security_conf.rb', line 75

def default_key
  if @default_key.nil?
    @identity_map.to_a.first.last
  else
    @default_key
  end
end

#get_key(id) ⇒ Object

Retrieves the key associated with the given identity.

# File 'lib/tinydtls/security_conf.rb', line 63

def get_key(id)
  @identity_map[id]
end