Diff: tls/tls-request.c

Revision:

6:819c17738dc2

Parent:

5:ee5489ee1117

Child:

7:94ef5824c3c0

--- a/tls/tls-request.c	Wed Aug 28 07:10:59 2019 +0000
+++ b/tls/tls-request.c	Sun Sep 01 18:15:12 2019 +0000
@@ -4,9 +4,9 @@
 #include "tls-session.h"
 #include "tls-log.h"
 #include "mstimer.h"
-#include "random.h"
 #include "log.h"
 #include "pri-key.h"
+#include "aes128.h"
 
 static int handleClientHello(int length, uint8_t* pBuffer, struct TlsConnection* pConnection) //returns 0 on success; -1 on error
 {   
@@ -19,15 +19,14 @@
     }
             
     //Start and add the handshake hash
-    //Sha256Start(&pConnection->handshakeHash);
-    //Sha256Add  (&pConnection->handshakeHash, pBuffer, length);
+    Sha256Start(&pConnection->handshakeHash);
+    Sha256Add  (&pConnection->handshakeHash, pBuffer, length);
     
     //Read in the parameters
     uint8_t versionH         = *p++;
     uint8_t versionL         = *p++;
     
-    uint8_t* pRandom = p;
-    p += 32;
+    for (int i = 0; i < 32; i++) pConnection->clientRandom[i] = *p++;
     
     int sessionIdLength = *p++;
     uint8_t* pSessionId = p;
@@ -44,14 +43,12 @@
     pConnection->session = TlsSessionGetIndex(pSession);
 
     pSession->lastUsed = MsTimerCount;
-    for (int i = 0; i < 32; i++) pSession->clientRandom[i] = *pRandom++;
-    for (int i = 0; i < 32; i++) pSession->serverRandom[i] = RandomGetByte();
     
     //Log the parameters
     if (TlsTrace)
     {
         LogF("- client version HH:LL: %02x:%02x\r\n", versionH, versionL);
-        Log ("- client random:\r\n");     LogBytesAsHex(pRandom,                 32); Log("\r\n");
+        Log ("- client random:\r\n");     LogBytesAsHex(pConnection->clientRandom, 32); Log("\r\n");
         Log ("- client session id:\r\n"); LogBytesAsHex(pSessionId, sessionIdLength); Log("\r\n");
         LogF("- session index: %d\r\n",  pConnection->session);
     }
@@ -66,7 +63,7 @@
         return -1;
     }
     
-    //Sha256Add  (&pConnection->handshakeHash, pBuffer, length);
+    Sha256Add  (&pConnection->handshakeHash, pBuffer, length);
     
     if (length != 130)
     {
@@ -91,6 +88,15 @@
     
     return 0;
 }
+static void changeCipher(int length, uint8_t* pBuffer, struct TlsConnection* pConnection)
+{
+    uint8_t message = pBuffer[0];
+    if (TlsTrace)
+    {
+        LogF("- message: %d\r\n", message);
+    }
+    pConnection->clientEncrypted = true;
+}
 static void handleAlert(int length, uint8_t* pBuffer)
 {
     uint8_t level       = pBuffer[0];
@@ -167,7 +173,28 @@
     switch (contentType)
     {
         case TLS_CONTENT_TYPE_Handshake:
-            handleHandshake(length, pBuffer, pConnection);
+            if (pConnection->clientEncrypted)
+            {
+                Log("- encrypted bytes\r\n");
+                LogBytesAsHex(pBuffer, length);
+                Log("\r\n");
+                if (length != 64)
+                {
+                    LogF("- verify length is %d not 64\r\n", length);
+                }
+                else
+                {
+                    for (int i = 0; i < 64; i++) pConnection->clientVerify[i] = *pBuffer++;
+                }
+            }
+            else
+            {
+                handleHandshake(length, pBuffer, pConnection);
+            }
+            break;
+
+        case TLS_CONTENT_TYPE_CHANGE_CIPHER:
+            changeCipher(length, pBuffer, pConnection);
             break;
 
         case TLS_CONTENT_TYPE_ALERT:
@@ -189,9 +216,9 @@
     return overallLen;
 }
 void TlsRequest(int connectionId, int size, uint8_t* pRequestStream, uint32_t positionInRequestStream)
-{
+{   
     //Log what we are doing
-    if (TlsTrace) LogF("TLS <<< %d (%u)\r\n", size, positionInRequestStream);
+    if (TlsTrace) LogF("TLS %d <<< %d (%u)\r\n", connectionId, size, positionInRequestStream);
     
     //Get new or existing connection information
     struct TlsConnection* pConnection;