Donatien Garnier / MiniTLS-GPL

A super trimmed down TLS stack, GPL licensed

Dependents:   MiniTLS-HTTPS-Example

MiniTLS - A super trimmed down TLS/SSL Library for embedded devices Author: Donatien Garnier Copyright (C) 2013-2014 AppNearMe Ltd

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

cpp/MiniTLS.cpp@3:eb324ffffd2b, 2014-06-10 (annotated)

Committer:
MiniTLS
Date:
Tue Jun 10 14:22:36 2014 +0000
Revision:
3:eb324ffffd2b
Parent:
1:27b41ba7e847 
Fixes for mbed

Who changed what in which revision?

UserRevisionLine numberNew contents of line
MiniTLS 1:27b41ba7e847 1 /*
MiniTLS 1:27b41ba7e847 2 MiniTLS - A super trimmed down TLS/SSL Library for embedded devices
MiniTLS 1:27b41ba7e847 3 Author: Donatien Garnier
MiniTLS 1:27b41ba7e847 4 Copyright (C) 2013-2014 AppNearMe Ltd
MiniTLS 1:27b41ba7e847 5
MiniTLS 1:27b41ba7e847 6 This program is free software; you can redistribute it and/or
MiniTLS 1:27b41ba7e847 7 modify it under the terms of the GNU General Public License
MiniTLS 1:27b41ba7e847 8 as published by the Free Software Foundation; either version 2
MiniTLS 1:27b41ba7e847 9 of the License, or (at your option) any later version.
MiniTLS 1:27b41ba7e847 10
MiniTLS 1:27b41ba7e847 11 This program is distributed in the hope that it will be useful,
MiniTLS 1:27b41ba7e847 12 but WITHOUT ANY WARRANTY; without even the implied warranty of
MiniTLS 1:27b41ba7e847 13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
MiniTLS 1:27b41ba7e847 14 GNU General Public License for more details.
MiniTLS 1:27b41ba7e847 15
MiniTLS 1:27b41ba7e847 16 You should have received a copy of the GNU General Public License
MiniTLS 1:27b41ba7e847 17 along with this program; if not, write to the Free Software
MiniTLS 1:27b41ba7e847 18 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
MiniTLS 1:27b41ba7e847 19 *//**
MiniTLS 1:27b41ba7e847 20 * \file MiniTLS.cpp
MiniTLS 1:27b41ba7e847 21 * \copyright Copyright (c) AppNearMe Ltd 2013
MiniTLS 1:27b41ba7e847 22 * \author Donatien Garnier
MiniTLS 1:27b41ba7e847 23 */
MiniTLS 1:27b41ba7e847 24
MiniTLS 1:27b41ba7e847 25 #define __DEBUG__ 0//4
MiniTLS 1:27b41ba7e847 26 #ifndef __MODULE__
MiniTLS 1:27b41ba7e847 27 #define __MODULE__ "MiniTLS.cpp"
MiniTLS 1:27b41ba7e847 28 #endif
MiniTLS 1:27b41ba7e847 29
MiniTLS 1:27b41ba7e847 30 #include "MiniTLS.h"
MiniTLS 1:27b41ba7e847 31
MiniTLS 1:27b41ba7e847 32 #include "core/fwk.h"
MiniTLS 1:27b41ba7e847 33
MiniTLS 1:27b41ba7e847 34 #include "inc/minitls_config.h"
MiniTLS 1:27b41ba7e847 35 #include "tls/minitls.h"
MiniTLS 1:27b41ba7e847 36 #include "crypto/crypto_prng.h"
MiniTLS 1:27b41ba7e847 37 #include "crypto/crypto_ecc.h"
MiniTLS 1:27b41ba7e847 38 #include "crypto/crypto_rsa.h"
MiniTLS 1:27b41ba7e847 39
MiniTLS 1:27b41ba7e847 40 /** Create MiniTLS instance
MiniTLS 1:27b41ba7e847 41 *
MiniTLS 1:27b41ba7e847 42 * */
MiniTLS 1:27b41ba7e847 43 MiniTLS::MiniTLS()
MiniTLS 1:27b41ba7e847 44 {
MiniTLS 1:27b41ba7e847 45
MiniTLS 1:27b41ba7e847 46 }
MiniTLS 1:27b41ba7e847 47
MiniTLS 1:27b41ba7e847 48 MiniTLS::~MiniTLS()
MiniTLS 1:27b41ba7e847 49 {
MiniTLS 1:27b41ba7e847 50
MiniTLS 1:27b41ba7e847 51 }
MiniTLS 1:27b41ba7e847 52
MiniTLS 1:27b41ba7e847 53 /** Initialize MiniTLS library
MiniTLS 1:27b41ba7e847 54 * This function will initialize the Pseudo Random Number Generator and the MiniTLS library
MiniTLS 1:27b41ba7e847 55 */
MiniTLS 1:27b41ba7e847 56 void MiniTLS::init()
MiniTLS 1:27b41ba7e847 57 {
MiniTLS 1:27b41ba7e847 58 crypto_prng_init(&m_prng, NULL); //TODO add mutex support
MiniTLS 1:27b41ba7e847 59 minitls_init(&m_minitls, &m_prng);
MiniTLS 1:27b41ba7e847 60 }
MiniTLS 1:27b41ba7e847 61
MiniTLS 1:27b41ba7e847 62 /** Feed the Pseudo Random Number Generator with random seed data
MiniTLS 1:27b41ba7e847 63 * \param buffer data to feed
MiniTLS 1:27b41ba7e847 64 * \param length the buffer's length
MiniTLS 1:27b41ba7e847 65 */
MiniTLS 1:27b41ba7e847 66 void MiniTLS::feedPRNG(uint8_t* buffer, size_t length)
MiniTLS 1:27b41ba7e847 67 {
MiniTLS 1:27b41ba7e847 68 crypto_prng_feed(&m_prng, buffer, length);
MiniTLS 1:27b41ba7e847 69 }
MiniTLS 1:27b41ba7e847 70
MiniTLS 1:27b41ba7e847 71 /** Add a public certificate
MiniTLS 1:27b41ba7e847 72 * The certificate must be x509-formatted
MiniTLS 1:27b41ba7e847 73 * The key must be x963-formatted (ECC) or PKCS1-formatted (RSA)
MiniTLS 1:27b41ba7e847 74 * \param cert certificate
MiniTLS 1:27b41ba7e847 75 * \param certSize size of the certificate in bytes
MiniTLS 1:27b41ba7e847 76 * \param pubKey public key (can point within the certificate)
MiniTLS 1:27b41ba7e847 77 * \param pubKeySize public key's size
MiniTLS 1:27b41ba7e847 78 * \return MINITLS_OK on success, MINITLS_ERR_* error code otherwise
MiniTLS 1:27b41ba7e847 79 * \note only one certificate supported at the moment
MiniTLS 1:27b41ba7e847 80 */
MiniTLS 1:27b41ba7e847 81 minitls_err_t MiniTLS::addCertificate(const uint8_t* cert, size_t certSize, const uint8_t* pubKey, size_t pubKeySize)
MiniTLS 1:27b41ba7e847 82 {
MiniTLS 3:eb324ffffd2b 83
MiniTLS 3:eb324ffffd2b 84 minitls_err_t ret;
MiniTLS 3:eb324ffffd2b 85 #if CRYPTO_ECC
MiniTLS 1:27b41ba7e847 86 const crypto_ecc_curve_t* curve;
MiniTLS 3:eb324ffffd2b 87 ret = crypto_ecc_curve_get(&curve, secp192r1);
MiniTLS 1:27b41ba7e847 88 if(ret)
MiniTLS 1:27b41ba7e847 89 {
MiniTLS 1:27b41ba7e847 90 ERR("Unsupported elliptic curve");
MiniTLS 1:27b41ba7e847 91 return ret;
MiniTLS 1:27b41ba7e847 92 }
MiniTLS 1:27b41ba7e847 93
MiniTLS 1:27b41ba7e847 94 ret = crypto_ecc_ansi_x963_import(&m_cert.public_key.ecc, curve, pubKey, pubKeySize);
MiniTLS 1:27b41ba7e847 95 if(ret)
MiniTLS 1:27b41ba7e847 96 {
MiniTLS 1:27b41ba7e847 97 ERR("Error %d while decoding key", ret);
MiniTLS 1:27b41ba7e847 98 return ret;
MiniTLS 1:27b41ba7e847 99 }
MiniTLS 1:27b41ba7e847 100 #elif CRYPTO_RSA
MiniTLS 1:27b41ba7e847 101 ret = crypto_rsa_pkcs1_import(&m_cert.public_key.rsa, pubKey, pubKeySize);
MiniTLS 1:27b41ba7e847 102 if(ret)
MiniTLS 1:27b41ba7e847 103 {
MiniTLS 1:27b41ba7e847 104 ERR("Error %d while decoding key", ret);
MiniTLS 1:27b41ba7e847 105 return ret;
MiniTLS 1:27b41ba7e847 106 }
MiniTLS 1:27b41ba7e847 107 #else
MiniTLS 1:27b41ba7e847 108 #error
MiniTLS 1:27b41ba7e847 109 #endif
MiniTLS 1:27b41ba7e847 110
MiniTLS 1:27b41ba7e847 111 m_cert.certificate = cert;
MiniTLS 1:27b41ba7e847 112 m_cert.certificate_size = certSize;
MiniTLS 1:27b41ba7e847 113
MiniTLS 1:27b41ba7e847 114 ret = minitls_certificate_add(&m_minitls, &m_cert);
MiniTLS 1:27b41ba7e847 115 if(ret)
MiniTLS 1:27b41ba7e847 116 {
MiniTLS 1:27b41ba7e847 117 ERR("Error %d while registering certificate", ret);
MiniTLS 1:27b41ba7e847 118 return ret;
MiniTLS 1:27b41ba7e847 119 }
MiniTLS 1:27b41ba7e847 120
MiniTLS 1:27b41ba7e847 121 return MINITLS_OK;
MiniTLS 1:27b41ba7e847 122 }
MiniTLS 1:27b41ba7e847 123
MiniTLS 1:27b41ba7e847 124