A simple library to support serving https.
Dependents: oldheating gps motorhome heating
tls/tls-connection.h@19:f22327e8be7b, 2019-10-15 (annotated)
- Committer:
- andrewboyson
- Date:
- Tue Oct 15 07:26:15 2019 +0000
- Revision:
- 19:f22327e8be7b
- Parent:
- 17:93feb2a51d58
Pulled AES128_CBC_SHA1 into its own routines to keep it apart from future work.
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
andrewboyson | 6:819c17738dc2 | 1 | #include <stdbool.h> |
andrewboyson | 6:819c17738dc2 | 2 | #include <stdint.h> |
andrewboyson | 6:819c17738dc2 | 3 | |
andrewboyson | 17:93feb2a51d58 | 4 | #include "tls-defs.h" |
andrewboyson | 19:f22327e8be7b | 5 | #include "sha1.h" |
andrewboyson | 5:ee5489ee1117 | 6 | #include "sha256.h" |
andrewboyson | 19:f22327e8be7b | 7 | #include "aes128cbc.h" |
andrewboyson | 5:ee5489ee1117 | 8 | |
andrewboyson | 5:ee5489ee1117 | 9 | #define DO_WAIT_CLIENT_HELLO 0 |
andrewboyson | 14:03a0b8fd6ddc | 10 | #define DO_SEND_SERVER_HELLO_NEW 1 |
andrewboyson | 14:03a0b8fd6ddc | 11 | #define DO_SEND_SERVER_HELLO_RESUME 2 |
andrewboyson | 14:03a0b8fd6ddc | 12 | #define DO_WAIT_CLIENT_CHANGE 3 |
andrewboyson | 14:03a0b8fd6ddc | 13 | #define DO_WAIT_DECRYPT_MASTER_SECRET 4 |
andrewboyson | 14:03a0b8fd6ddc | 14 | #define DO_SEND_SERVER_CHANGE 5 |
andrewboyson | 14:03a0b8fd6ddc | 15 | #define DO_APPLICATION 6 |
andrewboyson | 14:03a0b8fd6ddc | 16 | #define DO_SEND_ALERT_ILLEGAL_PARAMETER 7 |
andrewboyson | 14:03a0b8fd6ddc | 17 | #define DO_SEND_ALERT_INTERNAL_ERROR 8 |
andrewboyson | 5:ee5489ee1117 | 18 | |
andrewboyson | 8:5e66a6b4b38c | 19 | #define TLS_DEFERRED_CONTENT_SIZE 100 |
andrewboyson | 6:819c17738dc2 | 20 | |
andrewboyson | 5:ee5489ee1117 | 21 | struct TlsConnection |
andrewboyson | 5:ee5489ee1117 | 22 | { |
andrewboyson | 5:ee5489ee1117 | 23 | int id; //An id of zero means the record is empty |
andrewboyson | 5:ee5489ee1117 | 24 | uint32_t lastUsed; |
andrewboyson | 5:ee5489ee1117 | 25 | int toDo; |
andrewboyson | 10:e269fd7b9500 | 26 | uint32_t sessionId; |
andrewboyson | 14:03a0b8fd6ddc | 27 | bool resume; |
andrewboyson | 8:5e66a6b4b38c | 28 | struct Sha256State handshakeSha; |
andrewboyson | 6:819c17738dc2 | 29 | bool clientEncrypted; |
andrewboyson | 6:819c17738dc2 | 30 | bool serverEncrypted; |
andrewboyson | 17:93feb2a51d58 | 31 | uint8_t clientRandom[TLS_LENGTH_RANDOM]; |
andrewboyson | 17:93feb2a51d58 | 32 | uint8_t serverRandom[TLS_LENGTH_RANDOM]; |
andrewboyson | 8:5e66a6b4b38c | 33 | uint8_t clientHandshakeHash[SHA256_HASH_SIZE]; |
andrewboyson | 8:5e66a6b4b38c | 34 | uint8_t deferredContent[TLS_DEFERRED_CONTENT_SIZE]; |
andrewboyson | 8:5e66a6b4b38c | 35 | uint64_t clientSequence; |
andrewboyson | 8:5e66a6b4b38c | 36 | uint64_t serverSequence; |
andrewboyson | 10:e269fd7b9500 | 37 | uint32_t clientPositionInStreamOffset; |
andrewboyson | 10:e269fd7b9500 | 38 | uint32_t serverPositionInStreamOffset; |
andrewboyson | 6:819c17738dc2 | 39 | |
andrewboyson | 14:03a0b8fd6ddc | 40 | int slotPriKeyDecryption; |
andrewboyson | 19:f22327e8be7b | 41 | uint8_t clientMacKey [SHA1_HASH_SIZE]; |
andrewboyson | 19:f22327e8be7b | 42 | uint8_t serverMacKey [SHA1_HASH_SIZE]; |
andrewboyson | 19:f22327e8be7b | 43 | uint8_t clientWriteKey[AES128CBC_BLOCK_SIZE]; |
andrewboyson | 19:f22327e8be7b | 44 | uint8_t serverWriteKey[AES128CBC_BLOCK_SIZE]; |
andrewboyson | 5:ee5489ee1117 | 45 | }; |
andrewboyson | 5:ee5489ee1117 | 46 | |
andrewboyson | 8:5e66a6b4b38c | 47 | extern struct TlsConnection* TlsConnectionGetNext(void); |
andrewboyson | 8:5e66a6b4b38c | 48 | |
andrewboyson | 10:e269fd7b9500 | 49 | extern struct TlsConnection* TlsConnectionNew (int id); //Never fails so never returns NULL |
andrewboyson | 10:e269fd7b9500 | 50 | extern struct TlsConnection* TlsConnectionOrNull(int id); |
andrewboyson | 10:e269fd7b9500 | 51 | extern void TlsConnectionReset (int id); |