A simple library to support serving https.
Dependents: oldheating gps motorhome heating
Diff: tls/tls-request.c
- Revision:
- 6:819c17738dc2
- Parent:
- 5:ee5489ee1117
- Child:
- 7:94ef5824c3c0
--- a/tls/tls-request.c Wed Aug 28 07:10:59 2019 +0000 +++ b/tls/tls-request.c Sun Sep 01 18:15:12 2019 +0000 @@ -4,9 +4,9 @@ #include "tls-session.h" #include "tls-log.h" #include "mstimer.h" -#include "random.h" #include "log.h" #include "pri-key.h" +#include "aes128.h" static int handleClientHello(int length, uint8_t* pBuffer, struct TlsConnection* pConnection) //returns 0 on success; -1 on error { @@ -19,15 +19,14 @@ } //Start and add the handshake hash - //Sha256Start(&pConnection->handshakeHash); - //Sha256Add (&pConnection->handshakeHash, pBuffer, length); + Sha256Start(&pConnection->handshakeHash); + Sha256Add (&pConnection->handshakeHash, pBuffer, length); //Read in the parameters uint8_t versionH = *p++; uint8_t versionL = *p++; - uint8_t* pRandom = p; - p += 32; + for (int i = 0; i < 32; i++) pConnection->clientRandom[i] = *p++; int sessionIdLength = *p++; uint8_t* pSessionId = p; @@ -44,14 +43,12 @@ pConnection->session = TlsSessionGetIndex(pSession); pSession->lastUsed = MsTimerCount; - for (int i = 0; i < 32; i++) pSession->clientRandom[i] = *pRandom++; - for (int i = 0; i < 32; i++) pSession->serverRandom[i] = RandomGetByte(); //Log the parameters if (TlsTrace) { LogF("- client version HH:LL: %02x:%02x\r\n", versionH, versionL); - Log ("- client random:\r\n"); LogBytesAsHex(pRandom, 32); Log("\r\n"); + Log ("- client random:\r\n"); LogBytesAsHex(pConnection->clientRandom, 32); Log("\r\n"); Log ("- client session id:\r\n"); LogBytesAsHex(pSessionId, sessionIdLength); Log("\r\n"); LogF("- session index: %d\r\n", pConnection->session); } @@ -66,7 +63,7 @@ return -1; } - //Sha256Add (&pConnection->handshakeHash, pBuffer, length); + Sha256Add (&pConnection->handshakeHash, pBuffer, length); if (length != 130) { @@ -91,6 +88,15 @@ return 0; } +static void changeCipher(int length, uint8_t* pBuffer, struct TlsConnection* pConnection) +{ + uint8_t message = pBuffer[0]; + if (TlsTrace) + { + LogF("- message: %d\r\n", message); + } + pConnection->clientEncrypted = true; +} static void handleAlert(int length, uint8_t* pBuffer) { uint8_t level = pBuffer[0]; @@ -167,7 +173,28 @@ switch (contentType) { case TLS_CONTENT_TYPE_Handshake: - handleHandshake(length, pBuffer, pConnection); + if (pConnection->clientEncrypted) + { + Log("- encrypted bytes\r\n"); + LogBytesAsHex(pBuffer, length); + Log("\r\n"); + if (length != 64) + { + LogF("- verify length is %d not 64\r\n", length); + } + else + { + for (int i = 0; i < 64; i++) pConnection->clientVerify[i] = *pBuffer++; + } + } + else + { + handleHandshake(length, pBuffer, pConnection); + } + break; + + case TLS_CONTENT_TYPE_CHANGE_CIPHER: + changeCipher(length, pBuffer, pConnection); break; case TLS_CONTENT_TYPE_ALERT: @@ -189,9 +216,9 @@ return overallLen; } void TlsRequest(int connectionId, int size, uint8_t* pRequestStream, uint32_t positionInRequestStream) -{ +{ //Log what we are doing - if (TlsTrace) LogF("TLS <<< %d (%u)\r\n", size, positionInRequestStream); + if (TlsTrace) LogF("TLS %d <<< %d (%u)\r\n", connectionId, size, positionInRequestStream); //Get new or existing connection information struct TlsConnection* pConnection;