Andrew Boyson
/
net
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: oldheating gps motorhome heating
Revision 149:39d1ba392f4b, committed 2019-06-19
- Comitter:
- andrewboyson
- Date:
- Wed Jun 19 15:36:18 2019 +0000
- Parent:
- 148:5489d36986e5
- Child:
- 150:3366e4a0c60e
- Commit message:
- Made changes to the tls module
Changed in this revision
--- a/net.c Mon May 27 10:12:33 2019 +0000
+++ b/net.c Wed Jun 19 15:36:18 2019 +0000
@@ -3,7 +3,7 @@
#include "link.h"
#include "net.h"
-#include "tcb.h"
+#include "tcp.h"
#include "dhcp.h"
#include "ar4.h"
#include "ar6.h"
@@ -161,7 +161,7 @@
NetName4 = name4;
NetName6 = name6;
LinkInit();
- TcbInit();
+ TcpInit();
Ar4Init();
Ar6Init();
Nr4Init();
--- a/tcp/tcp.c Mon May 27 10:12:33 2019 +0000
+++ b/tcp/tcp.c Wed Jun 19 15:36:18 2019 +0000
@@ -1,6 +1,15 @@
#include <stdbool.h>
#include <stdint.h>
+#include "tcb.h"
+#include "tls.h"
+
bool TcpTrace = false;
+void TcpInit()
+{
+ TcbInit();
+ TlsInit();
+}
+
--- a/tcp/tcp.h Mon May 27 10:12:33 2019 +0000 +++ b/tcp/tcp.h Wed Jun 19 15:36:18 2019 +0000 @@ -1,4 +1,6 @@ #include <stdbool.h> #include <stdint.h> -extern bool TcpTrace; \ No newline at end of file +extern bool TcpTrace; + +extern void TcpInit(void); \ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/tcp/tls/pri-cert.c Wed Jun 19 15:36:18 2019 +0000
@@ -0,0 +1,22 @@
+#include "semihost.h"
+#include "log.h"
+
+char certificate[1024];
+
+void PriCertInit()
+{
+ FILEHANDLE fh = SemihostOpen("CH6.CER", OPEN_MODE_R + OPEN_MODE_B);
+ if (fh <= 0)
+ {
+ LogTimeF("PriCertInit - open file for read error\r\n");
+ return;
+ }
+
+ int length = SemihostRead(fh, certificate, sizeof(certificate));
+ LogTimeF("PriCertInit - read %d bytes from file\r\n", length);
+
+ SemihostClose(fh);
+
+ if (!length) return;
+
+}
\ No newline at end of file
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/tcp/tls/pri-cert.h Wed Jun 19 15:36:18 2019 +0000 @@ -0,0 +1,1 @@ +extern void PriCertInit(void); \ No newline at end of file
--- a/tcp/tls/tls.c Mon May 27 10:12:33 2019 +0000
+++ b/tcp/tls/tls.c Wed Jun 19 15:36:18 2019 +0000
@@ -8,6 +8,8 @@
#include "led.h"
#include "restart.h"
#include "mstimer.h"
+#include "random.h"
+#include "pri-cert.h"
#define TLS_CONTENT_TYPE_ChangeCipher 20
#define TLS_CONTENT_TYPE_Alert 21
@@ -36,6 +38,16 @@
bool TlsTrace = true;
+static const char certificate[] = {
+#include "certificate.inc"
+};
+
+void TlsInit()
+{
+ PriCertInit();
+}
+
+
struct state
{
int toDo;
@@ -80,13 +92,14 @@
if (size == 0) return;
if (positionInRequestStream != 0) return;
char contentType = pRequestStream[0];
- uint16_t version = pRequestStream[1] << 8 | pRequestStream[2];
- uint16_t length = pRequestStream[3] << 8 | pRequestStream[4];
+ char versionH = pRequestStream[1];
+ char versionL = pRequestStream[2];
+ int length = pRequestStream[3] << 8 | pRequestStream[4]; //Length (2 bytes)
if (TlsTrace)
{
- Log (" content type: "); logContentType(contentType); Log("\r\n");
- LogF(" version: %04x\r\n", version);
- LogF(" length: %d\r\n" , length );
+ Log (" content type: "); logContentType(contentType); Log("\r\n");
+ LogF(" legacy HH:LL: %02x:%02x\r\n", versionH, versionL);
+ LogF(" length : %d\r\n" , length);
}
switch (contentType)
{
@@ -108,28 +121,42 @@
pState->toDo = DO_WAIT_CLIENT_HELLO;
return;
}
- //ECDHE-RSA-AES128-GCM-SHA256
}
+char lengthH(int size) { return size >> 8;}
+char lengthL(int size) { return size & 0xFF; }
+void addSize(int size)
+{
+ TcpBufAddChar(size >> 8 );
+ TcpBufAddChar(size & 0xFF);
+}
+
static void sendServerHello()
{
- /*
- ProtocolVersion server_version;
- Random random; 4 byte unix time + 28 byte random
- SessionID session_id;
- CipherSuite cipher_suite;
- CompressionMethod compression_method;
- */
Log(" sending server hello\r\n");
- TcpBufAddChar(TLS_CONTENT_TYPE_Handshake);
- TcpBufAddChar(0x03); TcpBufAddChar(0x01); //TLS
- TcpBufAddChar(0x01); TcpBufAddChar(0x00); //Length
- TcpBufAddChar(TLS_HANDSHAKE_ServerHello);
- TcpBufAddChar(0x01); TcpBufAddChar(0x00); //Length 85
- TcpBufAddChar(0x03); TcpBufAddChar(0x03); //TLS 1.2
+ TcpBufAddChar(TLS_CONTENT_TYPE_Handshake); //Content is handshakes
+ TcpBufAddChar(0x03); TcpBufAddChar(0x03); //Legacy TLS version
+ addSize((45 + 4) + (sizeof(certificate) + 6 + 4) + (0 + 4)); //Handshakes Length (2 bytes)
- TcpBufAddChar(0x00); //SessionId length 0
- TcpBufAddChar(0x00); TcpBufAddChar(0x2f); //Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
- TcpBufAddChar(0x00); //Compression type null
+ TcpBufAddChar(TLS_HANDSHAKE_ServerHello); TcpBufAddChar(0x00); //Handshake type server hello
+ addSize(45); //Size of this handshake
+ TcpBufAddChar(0x03); TcpBufAddChar(0x03); //TLS version 1.2
+ for (int i = 0; i < 32; i++) TcpBufAddChar(RandomGetByte()); //32 bit random number
+ TcpBufAddChar(0x00); //SessionId length 0
+ TcpBufAddChar(0x00); TcpBufAddChar(0x2f); //Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
+ TcpBufAddChar(0x00); //Compression method none
+ TcpBufAddChar(0x00); TcpBufAddChar(0x05); //Extensions length (2 bytes) 5 bytes
+ TcpBufAddChar(0xff); TcpBufAddChar(0x01); //Extension Renegotiation Info
+ TcpBufAddChar(0x00); TcpBufAddChar(0x01); //1 bytes of "Renegotiation Info" extension data follows
+ TcpBufAddChar(0x00); //length is zero, because this is a new connection
+
+ TcpBufAddChar(TLS_HANDSHAKE_Certificate); TcpBufAddChar(0x00); //Handshake type certificate
+ addSize(sizeof(certificate) + 6); TcpBufAddChar(0x00); //Size of this handshake
+ addSize(sizeof(certificate) + 3); TcpBufAddChar(0x00); //Size of all certificates
+ addSize(sizeof(certificate) ); //Size of first certificate
+ for (int i = 0; i < sizeof(certificate); i++) TcpBufAddChar(certificate[i]); //Certificate
+
+ TcpBufAddChar(TLS_HANDSHAKE_ServerHelloDone); TcpBufAddChar(0x00); //Handshake type server hello done
+ addSize(0); //Size of this handshake
}
int TlsPoll(char* pTlsState, char* pWebState, bool clientFinished)
--- a/tcp/tls/tls.h Mon May 27 10:12:33 2019 +0000 +++ b/tcp/tls/tls.h Wed Jun 19 15:36:18 2019 +0000 @@ -4,4 +4,6 @@ extern void TlsRequest(char* pTlsStateData, char* pWebStateData, int size, char* pRequestStream, uint32_t positionInRequestStream); extern int TlsPoll (char* pTlsStateData, char* pWebStateData, bool clientFinished); extern bool TlsReply (char* pTlsStateData, char* pWebStateData); -extern void TlsAddChar(char c); \ No newline at end of file +extern void TlsAddChar(char c); + +extern void TlsInit(void); \ No newline at end of file