DTLS integration in RIOT

Content

• status
• how to use it?
  • I use UDP sock in my application
  • I use gcoap
  • I want to add DTLS support to my library (e.g. lwm2m)
• caveats

Current status

Details see tracking PR

What is working

• NON messages tested working against other libraries
• CON tested working but little improvement needed
• OBS tested working with libcoap as observer

Interoperability

Tested with following library:

• libcoap + tinydtls
• aiocoap + tinydtls
• californium + scandium

How to use DTLS sock?

I use UDP sock in my application

1. Register credentials
2. Create DTLS sock
3. Replace UDP sock send/recv with DTLS sock/recv

I use gcoap

When you are already using gcoap, it is easy to enable DTLS support for your application.

1. Add USEMODULE += tinydtls_sock_dtls to your Makefile
2. Register credentials in your application
3. Start coap server with gcoap_init()

All other is already integrated into gcoap. You might need to allocate more memories for your application when using DTLS. See Caveats

I want to add DTLS support to my library (e.g. lwm2m)

If your integrating DTLS into a library, maybe want to keep UDP support. A pattern is using a top-level wrapper for the sock send/receive function. An example of this can be found in gcoap.c.

Caveats

DTLS libraries like tinydtls might need more memory to during runtime. Some of the symptom for this would be:

• if you get a Context before hardfault error during handshake
• sock_dtls_create() failed

A fix for this would be to allocate more memory to the main thread:

CFLAGS += -DTHREAD_STACKSIZE_MAIN=\(THREAD_STACKSIZE_DEFAULT+2048\)