change some parameters in the library to meet the needs of the website httpbin.org
Fork of MiniTLS-GPL by
crypto/crypto_prng.c@5:95f70ebfe61f, 2015-02-06 (annotated)
- Committer:
- shiyilei
- Date:
- Fri Feb 06 06:17:33 2015 +0000
- Revision:
- 5:95f70ebfe61f
- Parent:
- 2:527a66d0a1a9
change some parameters in the library to meet the needs of httpbin.org
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
MiniTLS | 2:527a66d0a1a9 | 1 | /* |
MiniTLS | 2:527a66d0a1a9 | 2 | MiniTLS - A super trimmed down TLS/SSL Library for embedded devices |
MiniTLS | 2:527a66d0a1a9 | 3 | Author: Donatien Garnier |
MiniTLS | 2:527a66d0a1a9 | 4 | Copyright (C) 2013-2014 AppNearMe Ltd |
MiniTLS | 2:527a66d0a1a9 | 5 | |
MiniTLS | 2:527a66d0a1a9 | 6 | This program is free software; you can redistribute it and/or |
MiniTLS | 2:527a66d0a1a9 | 7 | modify it under the terms of the GNU General Public License |
MiniTLS | 2:527a66d0a1a9 | 8 | as published by the Free Software Foundation; either version 2 |
MiniTLS | 2:527a66d0a1a9 | 9 | of the License, or (at your option) any later version. |
MiniTLS | 2:527a66d0a1a9 | 10 | |
MiniTLS | 2:527a66d0a1a9 | 11 | This program is distributed in the hope that it will be useful, |
MiniTLS | 2:527a66d0a1a9 | 12 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
MiniTLS | 2:527a66d0a1a9 | 13 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
MiniTLS | 2:527a66d0a1a9 | 14 | GNU General Public License for more details. |
MiniTLS | 2:527a66d0a1a9 | 15 | |
MiniTLS | 2:527a66d0a1a9 | 16 | You should have received a copy of the GNU General Public License |
MiniTLS | 2:527a66d0a1a9 | 17 | along with this program; if not, write to the Free Software |
MiniTLS | 2:527a66d0a1a9 | 18 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
MiniTLS | 2:527a66d0a1a9 | 19 | *//** |
MiniTLS | 2:527a66d0a1a9 | 20 | * \file crypto_prng.c |
MiniTLS | 2:527a66d0a1a9 | 21 | * \copyright Copyright (c) AppNearMe Ltd 2013 |
MiniTLS | 2:527a66d0a1a9 | 22 | * \author Donatien Garnier |
MiniTLS | 2:527a66d0a1a9 | 23 | */ |
MiniTLS | 2:527a66d0a1a9 | 24 | |
MiniTLS | 2:527a66d0a1a9 | 25 | #define __DEBUG__ 0//4 |
MiniTLS | 2:527a66d0a1a9 | 26 | #ifndef __MODULE__ |
MiniTLS | 2:527a66d0a1a9 | 27 | #define __MODULE__ "crypto_prng.c" |
MiniTLS | 2:527a66d0a1a9 | 28 | #endif |
MiniTLS | 2:527a66d0a1a9 | 29 | |
MiniTLS | 2:527a66d0a1a9 | 30 | #include "core/fwk.h" |
MiniTLS | 2:527a66d0a1a9 | 31 | #include "inc/minitls_errors.h" |
MiniTLS | 2:527a66d0a1a9 | 32 | #include "crypto_prng.h" |
MiniTLS | 2:527a66d0a1a9 | 33 | |
MiniTLS | 2:527a66d0a1a9 | 34 | #include "crypto_aes_128.h" |
MiniTLS | 2:527a66d0a1a9 | 35 | #include "crypto_sha1.h" |
MiniTLS | 2:527a66d0a1a9 | 36 | |
MiniTLS | 2:527a66d0a1a9 | 37 | #define YARROW_REGENERATE_VALUE 10 |
MiniTLS | 2:527a66d0a1a9 | 38 | |
MiniTLS | 2:527a66d0a1a9 | 39 | static void crypto_prng_update_internal(crypto_prng_t* prng); |
MiniTLS | 2:527a66d0a1a9 | 40 | |
MiniTLS | 2:527a66d0a1a9 | 41 | void crypto_prng_init(crypto_prng_t* prng, rtos_mtx_t* mtx) |
MiniTLS | 2:527a66d0a1a9 | 42 | { |
MiniTLS | 2:527a66d0a1a9 | 43 | memset(prng->pool, 0, SHA1_SIZE); |
MiniTLS | 2:527a66d0a1a9 | 44 | prng->counter = 0xFFFFFFFFUL; //Will force update |
MiniTLS | 2:527a66d0a1a9 | 45 | prng->mtx = mtx; |
MiniTLS | 2:527a66d0a1a9 | 46 | prng->buf_pos = AES_128_BLOCK_SIZE; //invalidate buffer |
MiniTLS | 2:527a66d0a1a9 | 47 | prng->fed = false; |
MiniTLS | 2:527a66d0a1a9 | 48 | } |
MiniTLS | 2:527a66d0a1a9 | 49 | |
MiniTLS | 2:527a66d0a1a9 | 50 | #define LOCK() do{ if(prng->mtx) { rtos_mtx_lock(prng->mtx); } }while(0) |
MiniTLS | 2:527a66d0a1a9 | 51 | #define UNLOCK() do{ if(prng->mtx) { rtos_mtx_unlock(prng->mtx); } }while(0) |
MiniTLS | 2:527a66d0a1a9 | 52 | |
MiniTLS | 2:527a66d0a1a9 | 53 | void crypto_prng_feed(crypto_prng_t* prng, uint8_t* data, size_t size) |
MiniTLS | 2:527a66d0a1a9 | 54 | { |
MiniTLS | 2:527a66d0a1a9 | 55 | LOCK(); |
MiniTLS | 2:527a66d0a1a9 | 56 | //Update pool |
MiniTLS | 2:527a66d0a1a9 | 57 | crypto_sha1_t hash; |
MiniTLS | 2:527a66d0a1a9 | 58 | crypto_sha1_init(&hash); |
MiniTLS | 2:527a66d0a1a9 | 59 | crypto_sha1_update(&hash, prng->pool, SHA1_SIZE); |
MiniTLS | 2:527a66d0a1a9 | 60 | crypto_sha1_update(&hash, data, size); |
MiniTLS | 2:527a66d0a1a9 | 61 | crypto_sha1_end(&hash, prng->pool); |
MiniTLS | 2:527a66d0a1a9 | 62 | prng->fed = true; |
MiniTLS | 2:527a66d0a1a9 | 63 | UNLOCK(); |
MiniTLS | 2:527a66d0a1a9 | 64 | } |
MiniTLS | 2:527a66d0a1a9 | 65 | |
MiniTLS | 2:527a66d0a1a9 | 66 | void crypto_prng_update_internal(crypto_prng_t* prng) |
MiniTLS | 2:527a66d0a1a9 | 67 | { |
MiniTLS | 2:527a66d0a1a9 | 68 | if(!prng->fed) |
MiniTLS | 2:527a66d0a1a9 | 69 | { |
MiniTLS | 2:527a66d0a1a9 | 70 | //Rehash the pool to "rotate" key |
MiniTLS | 2:527a66d0a1a9 | 71 | crypto_sha1_t hash; |
MiniTLS | 2:527a66d0a1a9 | 72 | crypto_sha1_init(&hash); |
MiniTLS | 2:527a66d0a1a9 | 73 | crypto_sha1_update(&hash, prng->pool, SHA1_SIZE); |
MiniTLS | 2:527a66d0a1a9 | 74 | crypto_sha1_end(&hash, prng->pool); |
MiniTLS | 2:527a66d0a1a9 | 75 | } |
MiniTLS | 2:527a66d0a1a9 | 76 | prng->fed = false; |
MiniTLS | 2:527a66d0a1a9 | 77 | //Generate key from pool |
MiniTLS | 2:527a66d0a1a9 | 78 | crypto_aes_128_init(&prng->cipher, prng->pool, expand_encryption_key); //OK because AES_128_BLOCK_SIZE < SHA1_SIZE |
MiniTLS | 2:527a66d0a1a9 | 79 | prng->counter = 0; |
MiniTLS | 2:527a66d0a1a9 | 80 | } |
MiniTLS | 2:527a66d0a1a9 | 81 | |
MiniTLS | 2:527a66d0a1a9 | 82 | void crypto_prng_update(crypto_prng_t* prng) |
MiniTLS | 2:527a66d0a1a9 | 83 | { |
MiniTLS | 2:527a66d0a1a9 | 84 | LOCK(); |
MiniTLS | 2:527a66d0a1a9 | 85 | crypto_prng_update_internal(prng); |
MiniTLS | 2:527a66d0a1a9 | 86 | UNLOCK(); |
MiniTLS | 2:527a66d0a1a9 | 87 | } |
MiniTLS | 2:527a66d0a1a9 | 88 | |
MiniTLS | 2:527a66d0a1a9 | 89 | void crypto_prng_get(crypto_prng_t* prng, uint8_t* data, size_t size) |
MiniTLS | 2:527a66d0a1a9 | 90 | { |
MiniTLS | 2:527a66d0a1a9 | 91 | LOCK(); |
MiniTLS | 2:527a66d0a1a9 | 92 | |
MiniTLS | 2:527a66d0a1a9 | 93 | //Regenerate data as needed |
MiniTLS | 2:527a66d0a1a9 | 94 | while(size > 0) |
MiniTLS | 2:527a66d0a1a9 | 95 | { |
MiniTLS | 2:527a66d0a1a9 | 96 | if(prng->counter > YARROW_REGENERATE_VALUE) |
MiniTLS | 2:527a66d0a1a9 | 97 | { |
MiniTLS | 2:527a66d0a1a9 | 98 | crypto_prng_update_internal(prng); |
MiniTLS | 2:527a66d0a1a9 | 99 | } |
MiniTLS | 2:527a66d0a1a9 | 100 | |
MiniTLS | 2:527a66d0a1a9 | 101 | //Copy any remaining data from buffer |
MiniTLS | 2:527a66d0a1a9 | 102 | size_t cpy_size = MIN(size, AES_128_BLOCK_SIZE - prng->buf_pos); |
MiniTLS | 2:527a66d0a1a9 | 103 | memcpy(data, prng->buf + prng->buf_pos, cpy_size); |
MiniTLS | 2:527a66d0a1a9 | 104 | data += cpy_size; |
MiniTLS | 2:527a66d0a1a9 | 105 | size -= cpy_size; |
MiniTLS | 2:527a66d0a1a9 | 106 | prng->buf_pos += cpy_size; |
MiniTLS | 2:527a66d0a1a9 | 107 | |
MiniTLS | 2:527a66d0a1a9 | 108 | if(prng->buf_pos >= AES_128_BLOCK_SIZE) |
MiniTLS | 2:527a66d0a1a9 | 109 | { |
MiniTLS | 2:527a66d0a1a9 | 110 | memset(prng->buf + sizeof(uint32_t), 0, AES_128_BLOCK_SIZE - sizeof(uint32_t)); |
MiniTLS | 2:527a66d0a1a9 | 111 | memcpy(prng->buf, &prng->counter, sizeof(uint32_t)); //We do not care about endianness as long as it's consistent (don't know of any system which would swap endianness during the execution of a program...) |
MiniTLS | 2:527a66d0a1a9 | 112 | crypto_aes_128_encrypt(&prng->cipher, prng->buf, prng->buf); |
MiniTLS | 2:527a66d0a1a9 | 113 | prng->counter++; |
MiniTLS | 2:527a66d0a1a9 | 114 | prng->buf_pos = 0; |
MiniTLS | 2:527a66d0a1a9 | 115 | } |
MiniTLS | 2:527a66d0a1a9 | 116 | } |
MiniTLS | 2:527a66d0a1a9 | 117 | |
MiniTLS | 2:527a66d0a1a9 | 118 | UNLOCK(); |
MiniTLS | 2:527a66d0a1a9 | 119 | } |
MiniTLS | 2:527a66d0a1a9 | 120 | |
MiniTLS | 2:527a66d0a1a9 | 121 |