From 16c54b34e5c6df711f10f6402155397ba132d6b0 Mon Sep 17 00:00:00 2001
From: SJ <seojeong.moon@cgi.com>
Date: Tue, 12 Nov 2019 17:01:19 +0100
Subject: [PATCH 1/5] Dtls credentials, code added

reference to gcoap: add DTLS integration
#12104
---
 credentials.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++
 saul_coap.c   | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 115 insertions(+)
 create mode 100644 credentials.c

diff --git a/credentials.c b/credentials.c
new file mode 100644
index 0000000..90c731b
--- /dev/null
+++ b/credentials.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (C) 2018 Inria
+ *
+ * This file is subject to the terms and conditions of the GNU Lesser
+ * General Public License v2.1. See the file LICENSE in the top level
+ * directory for more details.
+ */
+
+/**
+ * @ingroup     tests
+ * @{
+ *
+ * @file
+ * @brief       tlsman test application (PSK and ECC keys)
+ *
+ * Small test for TLSMAN. Many definitions defined here are also available at
+ * sock_secure (and are intended to be used in standard applications)
+ *
+ * @author      Raul Fuentes <raul.fuentes-samaniego@inria.fr>
+ *
+ * @}
+ */
+
+#ifdef MODULE_SOCK_DTLS
+#ifdef DTLS_PSK
+const char psk_key[] = "secretPSK";
+const char psk_id[] = "Client_identity";
+const unsigned psk_key_len = sizeof(psk_key) - 1;
+const unsigned psk_id_len = sizeof(psk_id) - 1;
+#endif /* DTLS_PSK */
+
+#ifdef DTLS_ECC
+const unsigned char ecdsa_priv_key[] = {
+    0x41, 0xC1, 0xCB, 0x6B, 0x51, 0x24, 0x7A, 0x14,
+    0x43, 0x21, 0x43, 0x5B, 0x7A, 0x80, 0xE7, 0x14,
+    0x89, 0x6A, 0x33, 0xBB, 0xAD, 0x72, 0x94, 0xCA,
+    0x40, 0x14, 0x55, 0xA1, 0x94, 0xA9, 0x49, 0xFA
+};
+
+const unsigned char ecdsa_pub_key_x[] = {
+    0x36, 0xDF, 0xE2, 0xC6, 0xF9, 0xF2, 0xED, 0x29,
+    0xDA, 0x0A, 0x9A, 0x8F, 0x62, 0x68, 0x4E, 0x91,
+    0x63, 0x75, 0xBA, 0x10, 0x30, 0x0C, 0x28, 0xC5,
+    0xE4, 0x7C, 0xFB, 0xF2, 0x5F, 0xA5, 0x8F, 0x52
+};
+
+const unsigned char ecdsa_pub_key_y[] = {
+    0x71, 0xA0, 0xD4, 0xFC, 0xDE, 0x1A, 0xB8, 0x78,
+    0x5A, 0x3C, 0x78, 0x69, 0x35, 0xA7, 0xCF, 0xAB,
+    0xE9, 0x3F, 0x98, 0x72, 0x09, 0xDA, 0xED, 0x0B,
+    0x4F, 0xAB, 0xC3, 0x6F, 0xC7, 0x72, 0xF8, 0x29
+};
+#endif /* DTLS_ECC */
+#endif /* MODULE_SOCK_DTLS */
+
+typedef int unused_workaround;
\ No newline at end of file
diff --git a/saul_coap.c b/saul_coap.c
index 9da41b1..cfcb96a 100644
--- a/saul_coap.c
+++ b/saul_coap.c
@@ -37,6 +37,23 @@ uint8_t class_press = SAUL_SENSE_PRESS;
 uint8_t class_temp = SAUL_SENSE_TEMP;
 uint8_t class_voltage = SAUL_SENSE_VOLTAGE;
 
+#ifdef MODULE_SOCK_DTLS
+#include "net/credman.h"
+
+#define SOCK_DTLS_GCOAP_TAG (10)
+
+#ifdef DTLS_PSK
+extern const char psk_key[];
+extern const char psk_id[];
+extern const unsigned psk_key_len;
+extern const unsigned psk_id_len;
+#else /* DTLS_PSK */
+extern const unsigned char ecdsa_priv_key[];
+extern const unsigned char ecdsa_pub_key_x[];
+extern const unsigned char ecdsa_pub_key_y[];
+#endif /* DTLS_ECC */
+#endif /* MODULE_SOCK_DTLS */
+
 /* CoAP resources. Must be sorted by path (ASCII order). */
 static const coap_resource_t _resources[] = {
     { "/hum", COAP_GET, _saul_type_handler, &class_hum },
@@ -210,5 +227,47 @@ static ssize_t _saul_type_handler(coap_pkt_t* pdu, uint8_t *buf, size_t len, voi
 
 void saul_coap_init(void)
 {
+#ifdef MODULE_SOCK_DTLS
+#ifdef DTLS_PSK
+    credman_credential_t credential = {
+        .type = CREDMAN_TYPE_PSK,
+        .tag = SOCK_DTLS_GCOAP_TAG,
+        .params = {
+            .psk = {
+                .key = { .s = (char *)psk_key, .len = psk_key_len },
+                .id = { .s = (char *)psk_id, .len = psk_id_len },
+            },
+        },
+    };
+#else /* DTLS_PSK */
+    ecdsa_public_key_t other_pubkeys[] = {
+        { .x = ecdsa_pub_key_x, .y = ecdsa_pub_key_y },
+    };
+
+    credman_credential_t credential = {
+        .type = CREDMAN_TYPE_ECDSA,
+        .tag = SOCK_DTLS_GCOAP_TAG,
+        .params = {
+            .ecdsa = {
+                .private_key = ecdsa_priv_key,
+                .public_key = {
+                    .x = ecdsa_pub_key_x,
+                    .y = ecdsa_pub_key_y,
+                },
+                .client_keys = other_pubkeys,
+                .client_keys_size = ARRAY_SIZE(other_pubkeys),
+            }
+        },
+    };
+#endif /* DTLS_ECC */
+    if (credman_add(&credential) < 0) {
+        puts("gcoap_cli: unable to add credential");
+        return;
+    }
+
+    /* tell gcoap with tag to use */
+    gcoap_set_credential_tag(SOCK_DTLS_GCOAP_TAG);
+#endif
+    
     gcoap_register_listener(&_listener);
 }

From fa41a06b8c104a15be175028fbbe2e676e148b35 Mon Sep 17 00:00:00 2001
From: SJ <seojeong.moon@cgi.com>
Date: Tue, 12 Nov 2019 17:34:39 +0100
Subject: [PATCH 2/5] set path to seojeongmoon/RIOT

---
 .gitmodules | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitmodules b/.gitmodules
index 3180782..a0a7a5c 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,3 +1,4 @@
 [submodule "RIOT"]
 	path = RIOT
-	url = https://github.com/RIOT-OS/RIOT.git
\ No newline at end of file
+	url = git@github.com:seojeongmoon/RIOT.git
+	branch = dtls

From d1a2e898a42b77756f8aab41e51f2b6e9c6d95ca Mon Sep 17 00:00:00 2001
From: SJ <seojeong.moon@cgi.com>
Date: Tue, 12 Nov 2019 17:44:30 +0100
Subject: [PATCH 3/5] Include dtls config

---
 Makefile | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/Makefile b/Makefile
index 90e021f..85f440c 100644
--- a/Makefile
+++ b/Makefile
@@ -41,6 +41,13 @@ USEMODULE += netstats_l2
 CFLAGS += -DGNRC_IPV6_NIB_CONF_SLAAC=1
 
 
+#choose tiny dtls stack 
+#if errors, disable
+USEMODULE += tinydtls_sock_dtls
+CFLAGS += -DDTLS_PSK
+# when using plain CoAP. Uncomment the next line to fix this.
+CFLAGS += -DGCOAP_PDU_BUF_SIZE=256
+
 # Comment this out to disable code in RIOT that does safety checking
 # which is not needed in a production environment but helps in the
 # development process:

From d088abbe1a5524b25e0a34a7035c8bd8d1dd5a7a Mon Sep 17 00:00:00 2001
From: pokgak <m.aimanismail@gmail.com>
Date: Mon, 2 Dec 2019 12:04:01 +0100
Subject: [PATCH 4/5] update RIOT submodule to include DTLS patches

---
 RIOT | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/RIOT b/RIOT
index e075d97..62a4ab8 160000
--- a/RIOT
+++ b/RIOT
@@ -1 +1 @@
-Subproject commit e075d976975ff03ab995d3b749759ef1a4cabcd6
+Subproject commit 62a4ab83cb6512406c2287dd0b5f8621bbbf829b

From aef685dfc3fba43b0ace68ee8e59084e9740c9b0 Mon Sep 17 00:00:00 2001
From: seoejeongmoon <sjconsulting13@gmail.com>
Date: Mon, 6 Jan 2020 13:05:00 +0100
Subject: [PATCH 5/5] changed submodule URL

---
 .gitmodules | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitmodules b/.gitmodules
index 5d5a7f4..0872aa8 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -1,5 +1,5 @@
 [submodule "RIOT"]
 	path = RIOT
-	url = git@github.com:seojeongmoon/RIOT.git
+	url = https://github.com/seojeongmoon/RIOT.git
 	branch = dtls