How to compile tinydtls as an external package on RIOT?

LizzieDE110 · 12 February 2024 13:34

Hello,

For my project, I need to secure communication between a client and a server. To achieve this, I want to use tinyDTLS. Additionally, I need to determine if it is beneficial to include an ATECC608A on my board. My “problem” lies in the fact that tinyDTLS does not support ATECC608A. However, I still wish to explore the possibility of patching the crypto management of tinyDTLS to integrate the secure element. To do so, I intend to include tinyDTLS as an external package, but I am uncertain about the procedure.

I have added EXTERNAL_PKG_DIRS = path-to-tinydtls in my application makefile, but I am encountering linking issues (undefined references). I sense that I need to modify something in the tinyDTLS makefile to specify that I am compiling for a RIOT application. However, the makefile is generated by CMake, which I am not familiar with.

Thank you in advance for your assistance.

benpicco · 12 February 2024 19:44

You can also add your patches in the pkg/tinydtls/patches folder. AFAIR the PSA crypto API might also have a (transparent?) wrapper for the ATECC608A, but I’m not sure what’s the state there.

What do you want to use it for?

LizzieDE110 · 13 February 2024 07:56

It could be done once I am certain that the patch is functioning properly.

I have successfully utilized the ATECC608A with the cryptoauthlib (provided by Microchip and supported by RIOT).

I am currently working on a SAMR30, which is not particularly fast in performing a DTLS handshake with ECDSA using the provided ECC library of tinyDTLS. I want to substitute the current crypto layer of tinyDTLS to leverage a hardware accelerator (such as the ATECC608A) for all ECC operations. However, to ensure its functionality, I need to test my programs and thus, utilize my locally modified tinyDTLS library.

I understand that I need to add EXTERNAL_PKG_DIRS in the makefile (instead of USEPKG += tinydtls), but I seem to be missing something as it is not functioning as expected.

Since tinyDTLS primarily utilizes CMake, I assume there’s something I need to modify in the ‘CMakeLists.txt’ to call ‘Makefile.riot’ instead of the current generated makefile?

kfessel · 1 March 2024 15:16

EXTERNAL_PKG_DIRS adds path(s) to be used for PKGs like a search path

so you create a riot PKG for your altered tinydtls e.g.: tinydtls_ng , put that in you EXTERNAL_PKG_DIRS and then use it

USEPKG += tinydtls_ng