Kenji Arai / mbed-os_TYBLE16

Dependents:   TYBLE16_simple_data_logger TYBLE16_MP3_Air

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers tls_lib.c Source File

tls_lib.c

00001 /*
00002  * Copyright (c) 2013-2019, Arm Limited and affiliates.
00003  * SPDX-License-Identifier: Apache-2.0
00004  *
00005  * Licensed under the Apache License, Version 2.0 (the "License");
00006  * you may not use this file except in compliance with the License.
00007  * You may obtain a copy of the License at
00008  *
00009  *     http://www.apache.org/licenses/LICENSE-2.0
00010  *
00011  * Unless required by applicable law or agreed to in writing, software
00012  * distributed under the License is distributed on an "AS IS" BASIS,
00013  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00014  * See the License for the specific language governing permissions and
00015  * limitations under the License.
00016  */
00017 #include "nsconfig.h"
00018 #include "ns_types.h"
00019 #ifdef PANA
00020 #include "string.h"
00021 #include "Core/include/ns_address_internal.h"
00022 #include "Core/include/ns_buffer.h"
00023 #ifdef ECC
00024 #include "libX509_V3.h"
00025 #include "ecc.h"
00026 #endif
00027 #include "randLIB.h"
00028 #include "Core/include/ns_socket.h"
00029 //#include "6LoWPAN/Bootstraps/network_lib.h"
00030 #include "shalib.h"
00031 #include "Security/TLS/tls_lib.h"
00032 #include "Security/TLS/tls_ccm_crypt.h"
00033 #include "Security/Common/sec_lib.h"
00034 #include "nsdynmemLIB.h"
00035 #include "net_nvm_api.h"
00036 #include "Security/PANA/pana.h"
00037 #include "Security/PANA/pana_internal_api.h"
00038 #include "ns_trace.h"
00039 #include "common_functions.h"
00040 #include "net_interface.h"
00041 
00042 #define TRACE_GROUP "TLSl"
00043 
00044 typedef struct tls_psk_key_ {
00045     uint16_t key_id;
00046     uint8_t psk_key[16];
00047     ns_list_link_t link;
00048 } tls_psk_key_t;
00049 
00050 static NS_LIST_DEFINE(tls_psk_list, tls_psk_key_t, link);
00051 
00052 NS_LARGE tls_header_t tls_header;
00053 NS_LARGE tls_msg_t tls_msg;
00054 
00055 #ifdef ECC
00056 
00057 tls_ecc_heap_t *ecc_allocate_ram(void);
00058 static uint8_t tls_parse_certificate(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite);
00059 static uint8_t tls_parse_certificate_verify(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite);
00060 static uint8_t ecc_verify_calculate_hash(sec_suite_t *tls_suite);
00061 void tls_ecc_reverse_hash(uint8_t *ptr);
00062 uint8_t tls_write_signature_parameters(uint8_t *ptr, uint8_t *signature_parameter, uint8_t leadin_zeros);
00063 uint8_t tls_parse_certificate_request(uint8_t *ptr, uint16_t len);
00064 static uint8_t tls_parse_client_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite);
00065 static uint8_t tls_parse_server_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite);
00066 
00067 #endif
00068 
00069 static uint8_t *tls_set_client_key_excange(uint8_t *ptr, sec_suite_t *tls_suite);
00070 static uint8_t tls_parse_server_hello(uint8_t *ptr, sec_suite_t *tls_suite);
00071 static uint8_t tls_parse_client_hello(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite);
00072 static tls_psk_key_t *tls_get_key(uint16_t key_id);
00073 
00074 tls_session_t *amr_tls_session_allocate(void)
00075 {
00076     tls_session_t *t_session = 0;
00077     t_session = ns_dyn_mem_alloc(sizeof(tls_session_t));
00078     if (t_session) {
00079         memset(t_session, 0, sizeof(tls_session_t));
00080     }
00081     return t_session;
00082 }
00083 
00084 void arm_tls_session_clear(tls_session_t *t_session)
00085 {
00086     if (t_session->tls_heap) {
00087         tls_heap_free(t_session->tls_heap);
00088         t_session->tls_heap = NULL;
00089     }
00090 }
00091 
00092 static tls_heap_t *tls_heap_structure_allocate(void)
00093 {
00094     tls_heap_t *heap_ptr = (tls_heap_t *) ns_dyn_mem_temporary_alloc(sizeof(tls_heap_t));
00095     if (heap_ptr) {
00096         memset(heap_ptr, 0, sizeof(tls_heap_t));
00097     }
00098     return heap_ptr;
00099 }
00100 
00101 int8_t arm_tls_add_psk_key(const uint8_t *key_ptr, uint16_t key_id)
00102 {
00103     tls_psk_key_t *key_entry = tls_get_key(key_id);
00104 
00105     if (key_ptr == NULL) {
00106         return -1;
00107     }
00108 
00109     /* If key with given ID already exists, remove old */
00110     if (key_entry) {
00111         arm_tls_remove_psk_key(key_id);
00112         key_entry = NULL;
00113     }
00114 
00115     /* Make new entry */
00116     key_entry = ns_dyn_mem_alloc(sizeof(tls_psk_key_t));
00117     if (key_entry == NULL) {
00118         return -1;
00119     }
00120 
00121     memcpy(key_entry->psk_key, key_ptr, 16);
00122     key_entry->key_id = key_id;
00123 
00124     ns_list_add_to_end(&tls_psk_list, key_entry);
00125 
00126     return 0;
00127 }
00128 
00129 int8_t arm_tls_check_key(uint16_t key_id)
00130 {
00131     if (tls_get_key(key_id) == NULL) {
00132         return -1;
00133     }
00134     return 0;
00135 }
00136 
00137 int8_t arm_tls_remove_psk_key(uint16_t key_id)
00138 {
00139     tls_psk_key_t *key_to_remove = tls_get_key(key_id);
00140 
00141     if (key_to_remove == NULL) {
00142         return -1;
00143     }
00144 
00145     ns_list_remove(&tls_psk_list, key_to_remove);
00146 
00147     ns_dyn_mem_free(key_to_remove);
00148 
00149     return 0;
00150 }
00151 
00152 /* returns key entry, null if not found */
00153 static tls_psk_key_t *tls_get_key(uint16_t key_id)
00154 {
00155     ns_list_foreach(tls_psk_key_t, entry, &tls_psk_list) {
00156         if (entry->key_id == key_id) {
00157             return entry;
00158         }
00159     }
00160     return NULL;
00161 }
00162 
00163 
00164 
00165 void tls_finnish_copy(uint8_t *ptr, tls_heap_t *heap_ptr)
00166 {
00167     tls_msg_t *tmp_msg = tls_msg_ptr_get();
00168     tmp_msg->len = 12;
00169     tmp_msg->msg_ptr = ptr;
00170     tls_handshake_copy(tmp_msg, heap_ptr);
00171 
00172 }
00173 
00174 uint8_t tls_parse_client_hello(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite)
00175 {
00176     uint8_t ret_val = 0, i = 0;
00177     uint16_t tls_version;
00178     tls_version = common_read_16_bit(ptr);
00179     ptr += 2;
00180     if (tls_version == TLS_1_2_VERSION) {
00181         uint8_t id_len;
00182         tls_heap_t *thep = tls_suite->tls_session->tls_heap;
00183         memcpy((thep->tls_hello_random + CLIENT_HELLO_PTR), ptr, 32);
00184         ptr += 32;
00185         //skip sesion id
00186         id_len = *ptr++;
00187         len -= 35;
00188         if (id_len < 33 && (len > id_len + 3)) {
00189             if (id_len == 0) {
00190                 tr_debug("Fisrt Time generate ID!!");
00191                 len -= 2;
00192                 tls_session_id_genrate(tls_suite->tls_session->tls_session_id, 4);
00193                 tls_suite->tls_session->id_length = 4;
00194             } else {
00195                 if (tls_suite->tls_session->id_length == id_len) {
00196                     if (memcmp(tls_suite->tls_session->tls_session_id, ptr, id_len) == 0) {
00197                         tr_debug("Generate new Session");
00198                         tls_session_id_genrate(tls_suite->tls_session->tls_session_id, 4);
00199                         tls_suite->tls_session->id_length = 4;
00200 
00201                     }
00202                 }
00203 
00204                 if (ret_val != 0) {
00205                     tr_debug("TLS SESSION ID FAIL");
00206                     return 0;
00207                 }
00208                 ptr += id_len;
00209                 len -= id_len;
00210                 len -= 1;
00211             }
00212             ptr++;
00213 
00214             id_len = *ptr++;
00215             ret_val = 0;
00216 
00217             while (id_len) {
00218                 if (len < 2) {
00219                     tr_debug("Cor Client hello pack");
00220                     return 0;
00221                 }
00222                 uint16_t tls_ciphersuite = common_read_16_bit(ptr);
00223                 switch (tls_ciphersuite) {
00224                     case TLS_PSK_WITH_AES_128_CCM_8:
00225                         tr_debug("Client Sup PSK");
00226                         ret_val |= SEC_CIPHERSUITE_PSK;
00227                         break;
00228 #ifdef ECC
00229                     case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
00230                         thep->client_knows_standard_ecc_ciphersuite = true;
00231                     /* no break */
00232                     case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT:
00233                         tr_debug("Client Sup ECC");
00234                         ret_val |= SEC_CIPHERSUITE_ECC;
00235                         break;
00236 #endif
00237                     default:
00238                         tr_debug("Un Sup Suite: %04" PRIx16, tls_ciphersuite);
00239                         break;
00240                 }
00241                 ptr += 2;
00242                 id_len -= 2;
00243                 len -= 2;
00244 
00245             }
00246             ret_val &= tls_suite->supported_chipher_suites;
00247             if (ret_val) {
00248                 tr_debug("Client pack TRUE");
00249 
00250                 if (ret_val & SEC_CIPHERSUITE_ECC) {
00251                     thep->tls_chipher_mode = CHIPHER_ECC;
00252                 } else {
00253                     thep->tls_chipher_mode = CHIPHER_PSK;
00254                 }
00255             } else {
00256                 tr_debug("CipherSuite Err");
00257                 i = 2;
00258             }
00259         } else {
00260             tr_debug("Session ID length Fail: %02x", *ptr);
00261             i = 4;
00262         }
00263     } else {
00264         i = 3;
00265     }
00266     if (i) {
00267         tr_debug("%02x", i);
00268     }
00269     return ret_val;
00270 }
00271 
00272 
00273 uint8_t tls_parse_server_hello(uint8_t *ptr, sec_suite_t *tls_suite)
00274 {
00275     uint8_t ret_val = 0, i = 0;
00276     uint16_t tls_version;
00277     tls_version = common_read_16_bit(ptr);
00278     ptr += 2;
00279     if (tls_version == TLS_1_2_VERSION) {
00280         uint8_t id_len;
00281         tls_heap_t *thep = tls_suite->tls_session->tls_heap;
00282         if (thep == 0) {
00283             return 0;
00284         }
00285         memcpy((thep->tls_hello_random + SERVER_HELLO_PTR), ptr, 32);
00286         ptr += 32;
00287         //skip sesion id
00288         id_len = *ptr++;
00289         if (id_len < 33) {
00290             tls_suite->tls_session->id_length = id_len;
00291             memcpy(tls_suite->tls_session->tls_session_id, ptr, id_len);
00292             ptr += id_len;
00293             uint16_t tls_cipher_suite = common_read_16_bit(ptr);
00294             switch (tls_cipher_suite) {
00295                 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
00296                 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT:
00297                     tr_debug("ECC CipherSuite");
00298                     ret_val = 2;
00299                     thep->tls_chipher_mode = CHIPHER_ECC;
00300                     break;
00301                 case TLS_PSK_WITH_AES_128_CCM_8:
00302                     tr_debug("PSK CipherSuite");
00303                     ret_val = 1;
00304                     thep->tls_chipher_mode = CHIPHER_PSK;
00305                     tls_ecc_heap_free(thep);
00306                     break;
00307                 default:
00308                     tr_debug("CipherSuite Err: %04x", tls_cipher_suite);
00309                     ptr += 2;
00310                     i = 2;
00311                     break;
00312             }
00313         } else {
00314             tr_debug("Session ID length Fail: %02x", *ptr);
00315             i = 4;
00316         }
00317     } else {
00318         i = 3;
00319     }
00320     if (i) {
00321         tr_debug("%02x", i);
00322     }
00323     return ret_val;
00324 }
00325 
00326 
00327 void tls_alert_build(buffer_t *buf, uint8_t alert)
00328 {
00329     tr_debug("TTLs TX:Alert");
00330     //Build Client Hello
00331     buffer_data_clear(buf);
00332     buffer_push_uint8(buf, TLS_ALERT_TYPE);
00333     buffer_push_uint16(buf, TLS_1_2_VERSION);
00334     buffer_push_uint16(buf, 0x0002); //Length
00335 
00336     if (alert == ALERT_CLOSE) {
00337         buffer_push_uint8(buf, 1); //Mean 2=Fatal, 1=warming
00338     } else {
00339         buffer_push_uint8(buf, 2); //Mean 2=Fatal, 1=warming
00340     }
00341     buffer_push_uint8(buf, alert);
00342 }
00343 
00344 #ifdef PANA_SERVER_API
00345 void tls_server_hello_build(buffer_t *buf,  sec_suite_t *tls_suite)
00346 {
00347     uint16_t tls_len = 0;
00348     uint8_t *ptr;
00349     tls_msg_t *tmp_msg = tls_msg_ptr_get();
00350     tr_debug("TTLs TX:Server Hello");
00351     //Build Client Hello
00352     buffer_data_clear(buf);
00353     ptr = buffer_data_pointer(buf);
00354     *ptr++ = TLS_HANDSHAKE;
00355     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
00356     ptr = common_write_16_bit(tls_len, ptr);
00357 
00358     //for Hash calculation
00359     tmp_msg->msg_ptr = ptr + 4;
00360     ptr = tls_build_server_hello_msg(ptr, tls_suite->tls_session);
00361     buffer_data_end_set(buf, ptr);
00362 
00363     tls_len = buffer_data_length(buf);
00364     tls_len -= 9;
00365     tmp_msg->len = tls_len;
00366     tls_handshake_copy(tmp_msg, tls_suite->tls_session->tls_heap);
00367 
00368     tls_len += 4;
00369     ptr = buffer_data_pointer(buf);
00370     ptr += 3;
00371     ptr = common_write_16_bit(tls_len, ptr);
00372 }
00373 #endif
00374 
00375 void tls_prepare_change_chipher_spec(sec_suite_t *tls_suite)
00376 {
00377     tls_heap_t *theap = tls_suite->tls_session->tls_heap;
00378     bool server;
00379     tls_build_client_verify_payload(theap);
00380     if ((tls_suite->setups & TLS_SERVER_MODE) == 0) {
00381         server = false;
00382         if ((tls_suite->setups & TLS_HANSHAKE_HASH) == 0) {
00383             tls_finnish_copy(theap->hash_buf + 4, theap);
00384             tls_suite->setups |= TLS_HANSHAKE_HASH;
00385         }
00386 
00387     } else {
00388         server = true;
00389     }
00390 
00391     tls_ccm_data_encrypt(theap->hash_buf, 16, tls_suite->tls_session->key_expansion, tls_suite->tls_session->tls_nonce_explit, TLS_HANDSHAKE, server);
00392 }
00393 
00394 
00395 static buffer_t *tls_down(buffer_t *buf)
00396 {
00397     uint16_t tls_len;
00398     if ((buf = buffer_headroom(buf, 5)) != 0) {
00399         uint8_t *ptr;
00400         buffer_data_reserve_header(buf, 5);
00401         ptr = buffer_data_pointer(buf);
00402         tls_len = buffer_data_length(buf);
00403         tls_len -= 5; //Cut Flags byte off
00404 
00405         *ptr++ = TLS_HANDSHAKE;
00406         ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
00407         ptr = common_write_16_bit(tls_len, ptr);
00408     }
00409     return (buf);
00410 }
00411 
00412 #ifdef ECC
00413 
00414 void tls_parse_subject_get_pub_key_from_chain(tls_heap_t *theap, uint8_t rd_ptr)
00415 {
00416     uint8_t *ptr = 0;
00417     certificate_info_t *cer_info = &(theap->rx_ceri_chain.certi_chain[rd_ptr]);
00418     uint8_t i;
00419     ptr = cer_info->pub_key_ptr;
00420     theap->ecc_heap->cert_pub_key.finite = 1;
00421     theap->ecc_heap->cert_pub_key.invalid = 0;
00422 
00423     memset(theap->ecc_heap->cert_pub_key.x.data, 0, sizeof(MPint));
00424     memset(theap->ecc_heap->cert_pub_key.y.data, 0, sizeof(MPint));
00425     tr_debug("Certificates PUB Key: %s", tr_array(ptr, 64));
00426     for (i = 0; i < 32; i++) {
00427 
00428         *((uint8_t *)theap->ecc_heap->cert_pub_key.x.data + i) = *(ptr + 31 - i) ;
00429         *((uint8_t *)theap->ecc_heap->cert_pub_key.y.data + i) = *(ptr + 63 - i) ;
00430 
00431     }
00432 }
00433 
00434 
00435 
00436 uint8_t tls_parse_certificate(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite)
00437 {
00438 
00439     uint16_t sub_len = 0;
00440     uint8_t ret_val = 0;
00441     tls_heap_t *theap = tls_suite->tls_session->tls_heap;
00442     //Check Lengths
00443     if (*ptr++) {
00444         tr_debug("Too Long len");
00445     } else {
00446         sub_len = common_read_16_bit(ptr);
00447         ptr += 2;
00448         len -= 3;
00449         tr_debug("Certi(Chain) Len: %04x", sub_len);
00450         if (sub_len == 0 || sub_len > len) {
00451             tr_debug("Cert Base len mis match");
00452         } else {
00453             if (x509_v3_certi_chain_analyze(ptr, sub_len, &(theap->rx_ceri_chain)) == 0) {
00454                 tr_debug("Certificate Chain not valid");
00455             } else {
00456                 tls_parse_subject_get_pub_key_from_chain(theap, 0);
00457                 ret_val = 1;
00458             }
00459         }
00460     }
00461     return ret_val;
00462 
00463 }
00464 
00465 
00466 uint8_t tls_parse_server_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite)
00467 {
00468     (void)len;
00469     uint16_t curve_type;
00470     if (*ptr++ == 3) {
00471         curve_type = common_read_16_bit(ptr);
00472         if (curve_type == TLS_NAMED_CURVE_SECP256R1) {
00473             uint8_t c_len = 0, mode;
00474             uint16_t sig_algh, signature_len;
00475             tls_heap_t *theap = tls_suite->tls_session->tls_heap;
00476             ptr += 2;
00477             //len -= 5;
00478             c_len = *ptr++;
00479             mode = *ptr++;
00480 
00481             if (mode == 4) {
00482                 c_len--;
00483                 memcpy(theap->ecc_heap->server_public_key, ptr, 64);
00484                 ptr += 64;
00485                 sig_algh = common_read_16_bit(ptr);
00486                 if (sig_algh != TLS_SIG_HASH_ALG_SHA256_ECDSA) {
00487                     tr_debug("tls ser key ex. er");
00488                     return 0;
00489                 }
00490                 ptr += 2;
00491                 signature_len = common_read_16_bit(ptr);
00492                 if (signature_len < 11) {
00493                     return 0;
00494                 }
00495                 ptr += 2;
00496                 if (*ptr++ != 0x30) {
00497                     return 0;
00498                 }
00499                 if (*ptr++ < 9) {
00500                     return 0;
00501                 }
00502                 if (*ptr++ != 2) {
00503                     return 0;
00504                 } else {
00505                     uint8_t rslen;
00506                     //uint8_t i;
00507                     theap->key_signature_ptr = ptr;
00508                     rslen = *ptr++;
00509 
00510                     if (rslen > 33) {
00511                         return 0;
00512                     } else if (rslen == 0) {
00513                         return 0;
00514                     } else if (rslen == 33) {
00515 
00516                         ptr++;
00517                         rslen = 32;
00518 
00519                     }
00520                     if (theap->ecc_heap->sgnt == 0) {
00521                         theap->ecc_heap->sgnt = ECDSA_get_signature();
00522                     }
00523                     if (!theap->ecc_heap->sgnt) {
00524                         return 0;
00525                     }
00526 
00527                     ptr += rslen;
00528                     if (*ptr++ != 2) {
00529                         return 0;
00530                     }
00531 
00532                     rslen = *ptr++;
00533 
00534                     if (rslen > 33) {
00535                         return 0;
00536                     } else if (rslen == 0) {
00537                         return 0;
00538                     }
00539                     return 1;
00540                 }
00541 
00542             } else {
00543                 tr_debug("Mode!: %02x", mode);
00544             }
00545         }
00546     }
00547     return 0;
00548 }
00549 
00550 static uint8_t tls_parse_client_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite)
00551 {
00552     (void)len;
00553     uint8_t d_len = 0;
00554     uint8_t mode = 0;
00555     d_len = *ptr++;
00556     mode = *ptr++;
00557     if (d_len == 65 && mode == 4) {
00558         tls_heap_t *theap = tls_suite->tls_session->tls_heap;
00559         tr_debug("Valid Client ECC curve:");
00560         memcpy(theap->ecc_heap->client_public_key, ptr, 64);
00561         tr_debug("%s", tr_array(ptr, 64));
00562         return 1;
00563     } else {
00564         tr_debug("Len: %02x, mode fail: %02x", d_len, mode);
00565     }
00566 
00567     return 0;
00568 }
00569 
00570 
00571 void tls_read_certi_signature(tls_heap_t *theap, uint8_t certificate)
00572 {
00573     uint8_t rslen = 0;
00574     uint8_t *ptr = 0;
00575     if (certificate) {
00576         //
00577         certificate_info_t *cer_info = &(theap->rx_ceri_chain.certi_chain[theap->rx_ceri_chain.rd_ptr]);
00578         ptr = cer_info->signature_ptr;
00579     } else {
00580         ptr = theap->key_signature_ptr;
00581     }
00582     memset(theap->ecc_heap->sgnt->m_R.data, 0, sizeof(MPint));
00583     memset(theap->ecc_heap->sgnt->m_s.data, 0, sizeof(MPint));
00584     rslen  = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_R.data));
00585     ptr += rslen;
00586     ptr++;
00587     x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_s.data));
00588 
00589 }
00590 
00591 
00592 uint8_t tls_parse_certificate_verify(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite)
00593 {
00594     (void)len;
00595     uint16_t sig_algh, sig_len;
00596     tls_heap_t *theap = tls_suite->tls_session->tls_heap;
00597 
00598     sig_algh = common_read_16_bit(ptr);
00599     if (sig_algh != TLS_SIG_HASH_ALG_SHA256_ECDSA) {
00600         tr_debug("tls ser key ex. er2");
00601         return 0;
00602     }
00603     ptr += 2;
00604     sig_len = common_read_16_bit(ptr);
00605     if (sig_len < 11) {
00606         return 0;
00607     }
00608     ptr += 2;
00609     if (*ptr++ != 0x30) {
00610         return 0;
00611     }
00612     if (*ptr++ < 9) {
00613         return 0;
00614     }
00615     if (theap->ecc_heap) {
00616         if (theap->ecc_heap->sgnt == 0) {
00617             tr_debug("Allocate SIG");
00618             theap->ecc_heap->sgnt = ECDSA_get_signature();
00619 
00620             if (!theap->ecc_heap->sgnt) {
00621                 tr_debug("Signature Allocate Fail");
00622                 return 0;
00623             }
00624         }
00625     } else {
00626         return 0;
00627     }
00628     memset(theap->ecc_heap->sgnt->m_R.data, 0, sizeof(MPint));
00629     memset(theap->ecc_heap->sgnt->m_s.data, 0, sizeof(MPint));
00630 
00631 
00632     if (*ptr++ != 2) {
00633         return 0;
00634     } else {
00635         uint8_t rslen = 0;
00636         theap->key_signature_ptr = ptr;
00637         rslen  = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_R.data));
00638         if (rslen == 0) {
00639             return 0;
00640         }
00641         ptr += rslen;
00642     }
00643     if (*ptr++ != 2) {
00644         return 0;
00645     } else {
00646         uint8_t rslen = 0;
00647         rslen  = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_s.data));
00648         if (rslen == 0) {
00649             return 0;
00650         }
00651         //ptr += rslen;
00652     }
00653     return 1;
00654 }
00655 
00656 
00657 tls_ecc_heap_t *ecc_allocate_ram(void)
00658 {
00659     tls_ecc_heap_t *heap_ptr = (tls_ecc_heap_t *) ns_dyn_mem_temporary_alloc(sizeof(tls_ecc_heap_t));
00660 
00661     if (heap_ptr == 0) {
00662         tr_debug("ECC variable malloc fail");
00663     } else {
00664         //heap_scan();
00665         heap_ptr->sgnt = ecc_get_ecdsa_signature();
00666         if (!heap_ptr->sgnt) {
00667             tr_debug("Signature Fail");
00668             ns_dyn_mem_free(heap_ptr);
00669             heap_ptr = 0;
00670         }
00671     }
00672     return heap_ptr;
00673 
00674 }
00675 
00676 
00677 uint8_t *tls_client_key_exchange_msg_set(uint8_t *ptr, tls_heap_t *heap_ptr)
00678 {
00679     /* Client Key Exchange */
00680     *ptr++ = TLS_CLIENT_KEY_EXCHANGE;
00681     ptr = common_write_24_bit(66, ptr);
00682     ptr = common_write_16_bit(0x4104, ptr);
00683     //There shuold be calculated case now only test purpose
00684     memcpy(ptr, heap_ptr->ecc_heap->client_public_key, 64);
00685     ptr += 64;
00686     return ptr;
00687 }
00688 #endif
00689 
00690 
00691 uint8_t *tls_set_client_key_excange(uint8_t *ptr, sec_suite_t *tls_suite)
00692 {
00693     uint8_t key_id_len = (tls_suite->psk_key_id > 0xFF) ? 2 : 1;
00694 
00695     /* TLS plaintext header = [type][version][length] */
00696     *ptr++ = TLS_HANDSHAKE;
00697     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
00698     ptr = common_write_16_bit(6 + key_id_len, ptr);
00699 
00700     /* Handshake message [msg_type][length] */
00701     *ptr++ = TLS_CLIENT_KEY_EXCHANGE;
00702     ptr = common_write_24_bit(2 + key_id_len, ptr);
00703 
00704     /* ClientKeyExchange [length][psk_id] */
00705     ptr = common_write_16_bit(key_id_len, ptr); //len
00706     if (tls_suite->psk_key_id > 0xFF) {
00707         *ptr++ = tls_suite->psk_key_id >> 8;
00708     }
00709     *ptr++ = tls_suite->psk_key_id;
00710 
00711     return ptr;
00712 }
00713 
00714 uint8_t *tls_build_change_chipher_suite_finnish_msg(uint8_t *ptr, tls_session_t *tls_session)
00715 {
00716     *ptr++ = TLS_CHANGE_CIPHER_SPEC;
00717     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
00718     ptr = common_write_16_bit(1, ptr); //len
00719     *ptr++ = 1;
00720     *ptr++ = TLS_HANDSHAKE;
00721     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
00722     ptr = common_write_16_bit(32, ptr); //len
00723     //Calculate Verify and MAC (MIC)
00724     //CCMNONCEEXPLICT //SHuold be 0x0000000000000000 at client side
00725 
00726     memcpy(ptr, tls_session->tls_nonce_explit, 8); // Dynamic
00727     ptr += 8;
00728     //MSG Finished
00729     memcpy(ptr, tls_session->tls_heap->hash_buf, 24);
00730     ptr += 24;
00731     return ptr;
00732 }
00733 
00734 void tls_build_client_change_chipher_suite_finnish(buffer_t *buf, sec_suite_t *tls_suite)
00735 {
00736     uint8_t *ptr;
00737     buffer_data_clear(buf);
00738     ptr = buffer_data_pointer(buf);
00739     if ((tls_suite->setups & TLS_SERVER_MODE) == 0) {
00740         ptr = tls_set_client_key_excange(ptr, tls_suite);
00741     }
00742     ptr = tls_build_change_chipher_suite_finnish_msg(ptr, tls_suite->tls_session);
00743     buffer_data_end_set(buf, ptr);
00744     tr_debug("TLS TX: KEY Exchange");
00745 }
00746 #ifdef ECC
00747 void tls_ecc_verfify_start(sec_suite_t *tls_suite)
00748 {
00749     if (ecc_state_idle_check() == ECC_STATUS_OK) {
00750         tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
00751         uint8_t hash_response = ecc_verify_calculate_hash(tls_suite);
00752         if (hash_response) {
00753             tr_debug("HASH calc Fail: %02x", hash_response);
00754             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
00755         } else {
00756             int8_t ecc_response = ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &(tls_heap->ecc_heap->cert_pub_key), &ecc_operation_done_callback);
00757             if (ecc_response == ECC_STATUS_OK) {
00758                 tls_heap->ecc_heap->sgnt = 0;
00759                 sec_lib_state_machine_lock(tls_suite, TLS_ECC_MESSAGE_VERIFY);
00760                 sec_ecc_state_save(tls_suite);
00761             } else {
00762                 tr_debug("calcVerify Fail: %d", ecc_response);
00763             }
00764         }
00765     } else {
00766         sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START2);
00767     }
00768 }
00769 
00770 
00771 void tls_certificate_signature_verify(sec_suite_t *tls_suite)
00772 {
00773     tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
00774     if (ecc_state_idle_check() == ECC_STATUS_OK) {
00775         uint8_t alert_tx = 0;
00776         uint8_t chain_analyze_ok = 0;
00777         if (tls_heap->rx_ceri_chain.rd_ptr + 1 <= tls_heap->rx_ceri_chain.wr_ptr) {
00778             uint8_t certi_verify = 0;
00779             certificate_info_t *cer_info = &(tls_heap->rx_ceri_chain.certi_chain[tls_heap->rx_ceri_chain.rd_ptr]);
00780 
00781             //Verify Cur Certi Signature bye Next Certi PK
00782             tr_debug("index,Check Signature: rd: %02x, wr: %02x", tls_heap->rx_ceri_chain.rd_ptr, tls_heap->rx_ceri_chain.wr_ptr);
00783 
00784             if ((tls_heap->rx_ceri_chain.rd_ptr + 1) == tls_heap->rx_ceri_chain.wr_ptr) {
00785                 uint8_t self_signed = 0;
00786                 if (cer_info->issue_len == cer_info->subj_len) {
00787                     if (memcmp(cer_info->issue_ptr, cer_info->subj_ptr, cer_info->issue_len) == 0) {
00788                         self_signed =  1;
00789                     }
00790                 }
00791 
00792                 if (self_signed) {
00793                     certificate_chain_internal_t   *temp;
00794 
00795                     temp = sec_cetificate_chain_get(SEC_NWK_AUTHENTICATION_CERTI_CHAIN);
00796 
00797                     tr_debug("SELF Signed. Compare Root");
00798                     if (temp) {
00799                         uint16_t root_len = 0;
00800                         uint8_t root_type = 0;
00801                         const uint8_t *ptr = temp->certi_chain[0];
00802                         uint8_t *root_ptr = cer_info->certi_ptr;
00803                         root_ptr -= 4;
00804                         asn1_parse(root_ptr, &root_len, &root_type);
00805                         alert_tx = 1;
00806                         if ((root_len + 4) == temp->certi_len[0]) {
00807                             if (memcmp(root_ptr, ptr, temp->certi_len[0]) == 0) {
00808                                 tr_debug("Trusted Root certificate");
00809                                 alert_tx = 0;
00810                                 chain_analyze_ok = 1;
00811                             } else {
00812                                 tr_debug("Not Trusted Root");
00813                             }
00814                         } else {
00815                             alert_tx = 1;
00816                         }
00817                     } else {
00818                         alert_tx = 1;
00819                     }
00820                 } else {
00821 
00822                     //Compare all ways to Root Certi
00823                     certificate_chain_internal_t   *temp;
00824 
00825                     temp = sec_cetificate_chain_get(SEC_NWK_AUTHENTICATION_CERTI_CHAIN);
00826                     if (temp) {
00827                         if (temp->sub_len[0] == cer_info->issue_len) {
00828                             if (memcmp(cer_info->issue_ptr, temp->sub_chain[0], cer_info->issue_len) == 0) {
00829                                 tr_debug("Get Root PK");
00830                                 tls_heap->rx_ceri_chain.wr_ptr--;
00831                                 if (x509_v3_certi_pk_get((uint8_t *)temp->certi_chain[0], &(tls_heap->rx_ceri_chain)) == 0) {
00832                                     tr_debug("..fail");
00833                                 } else {
00834                                     tr_debug("..OK");
00835                                     tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.rd_ptr));
00836                                     certi_verify = 2;
00837                                 }
00838                             }
00839                         }
00840                         if (certi_verify == 0) {
00841                             alert_tx = 1;
00842                             tr_debug("Unknow CA");
00843                         }
00844                     } else {
00845                         alert_tx = 1;
00846                     }
00847                 }
00848             } else {
00849 
00850                 certificate_info_t *cer_sig = &(tls_heap->rx_ceri_chain.certi_chain[tls_heap->rx_ceri_chain.rd_ptr + 1]);
00851 
00852                 if (cer_info->issue_len == cer_sig->subj_len) {
00853                     if (memcmp(cer_info->issue_ptr, cer_sig->subj_ptr, cer_info->issue_len) == 0) {
00854                         certi_verify =  1;
00855                     } else {
00856                         alert_tx = 1;
00857                         tr_debug("Not Valid chain signature subject entry");
00858                     }
00859                 } else {
00860                     alert_tx = 1;
00861                     tr_debug("Not Valid chain signature subject len");
00862                 }
00863 
00864 
00865             }
00866             if (certi_verify) {
00867                 //Calc HASH
00868                 memset((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data, 0, sizeof(MPint));
00869                 ns_sha256(cer_info->certi_ptr, cer_info->certi_len, tls_heap->ecc_heap->sgnt->m_m.data);
00870                 tls_ecc_reverse_hash((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data);
00871 
00872                 //GET Signature From Cur Certi
00873                 tls_read_certi_signature(tls_heap, 1);
00874 
00875                 //GET PUB KEY from next HOP
00876                 if (certi_verify == 1) {
00877                     tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.rd_ptr + 1));
00878 
00879                 }
00880 
00881                 if (ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &tls_heap->ecc_heap->cert_pub_key, &ecc_operation_done_callback) == ECC_STATUS_OK) {
00882                     tls_heap->ecc_heap->sgnt = 0;
00883                     sec_lib_state_machine_lock(tls_suite, TLS_ECC_CERTIFICATE_SIGNATURE_CHECK);
00884                     sec_ecc_state_save(tls_suite);
00885                     tls_heap->rx_ceri_chain.rd_ptr++;
00886                 } else {
00887                     if (tls_heap->ecc_heap->sgnt) {
00888                         ns_dyn_mem_free(tls_heap->ecc_heap->sgnt);
00889                         tls_heap->ecc_heap->sgnt = 0;
00890                     }
00891                     alert_tx = 1;
00892 
00893                 }
00894             }
00895         } else {
00896             chain_analyze_ok = 1;
00897         }
00898 
00899         if (chain_analyze_ok) {
00900             if (tls_heap->signature_temp_buf) {
00901                 //Take Signature
00902                 tls_read_certi_signature(tls_heap, 0);
00903                 if (tls_heap->signature_temp_buf == tls_heap->cert_temp_buf) {
00904                     tls_heap->signature_temp_buf = 0;
00905                 } else {
00906                     if (tls_heap->pointer_types & 2) {
00907                         buffer_free(tls_heap->signature_temp_buf);
00908                     } else {
00909                         ns_dyn_mem_free(tls_heap->signature_temp_buf);
00910                     }
00911                     tls_heap->signature_temp_buf = 0;
00912                 }
00913             }
00914 
00915             tr_debug("Certi signature check OK");
00916             tls_parse_subject_get_pub_key_from_chain(tls_heap, 0);
00917 
00918             if (tls_heap->rx_ceri_chain.wr_ptr == 0) {
00919                 certificate_info_t *c_ptr = &(tls_heap->rx_ceri_chain.certi_chain[0]);
00920                 if (x509_v3_certi_pk_get((uint8_t *)c_ptr->certi_ptr, &tls_heap->rx_ceri_chain) == 0) {
00921                     tr_debug("Fail read certificate PUB Key");
00922                 } else {
00923                     tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.wr_ptr));
00924                 }
00925             }
00926 
00927             if (tls_heap->pointer_types & 1) {
00928                 buffer_free(tls_heap->cert_temp_buf);
00929             } else {
00930                 ns_dyn_mem_free(tls_heap->cert_temp_buf);
00931             }
00932             tls_heap->cert_temp_buf = 0;
00933 
00934             if (tls_suite->setups & TLS_SERVER_MODE) {
00935                 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START);
00936             } else {
00937                 tr_debug("Start Do Certi Verify calc");
00938                 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START2);
00939             }
00940         }
00941         if (alert_tx) {
00942             tr_debug("PSK cal fail");
00943             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
00944         }
00945     } else {
00946         tls_suite->timer = 1;
00947     }
00948 }
00949 
00950 void tls_server_finnish_handle_start(sec_suite_t *tls_suite)
00951 {
00952     if (ecc_state_idle_check() == ECC_STATUS_OK) {
00953         tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
00954         uint8_t alert_tx = 0;
00955         if (tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY) {
00956             memcpy(tls_heap->ecc_heap->sgnt->m_m.data, tls_heap->hash_buf, 32);
00957             // initialize the rest of MPint as the hash is covering only part of it
00958             memset(((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data) + 32, 0, sizeof(MPint) - 32);
00959             tls_ecc_reverse_hash((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data);
00960 
00961             if (ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &tls_heap->ecc_heap->cert_pub_key, &ecc_operation_done_callback) == ECC_STATUS_OK) {
00962                 tls_heap->ecc_heap->sgnt = 0;
00963                 sec_lib_state_machine_lock(tls_suite, TLS_ECC_MESSAGE_VERIFY);
00964                 sec_ecc_state_save(tls_suite);
00965             } else {
00966                 if (tls_heap->ecc_heap->sgnt) {
00967                     ecc_library_free_pointer(tls_heap->ecc_heap->sgnt);
00968                     //ns_dyn_mem_free(tls_heap->ecc_heap->sgnt);
00969                     tls_heap->ecc_heap->sgnt = 0;
00970                 }
00971                 alert_tx = 1;
00972 
00973             }
00974         } else {
00975             if (tls_ecc_start_premaster_secret(0, tls_suite) == 0) {
00976                 alert_tx = 1;
00977             }
00978         }
00979         if (alert_tx) {
00980             tr_debug("PSK cal fail");
00981             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
00982         }
00983     } else {
00984         sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START);
00985     }
00986 }
00987 #endif
00988 
00989 #ifdef PANA_SERVER_API
00990 static buffer_t *tls_verify_handler(uint8_t certi_rx, tls_header_t *tls_header_ptr, buffer_t *buf, sec_suite_t *tls_suite)
00991 {
00992     (void) certi_rx;
00993     tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
00994     tls_heap->client_verify_buf_len = tls_header_ptr->length;
00995     if (tls_heap->client_verify_buf) {
00996         tr_debug("Free Server Client 1r");
00997         ns_dyn_mem_free(tls_heap->client_verify_buf);
00998         tls_heap->client_verify_buf = 0;
00999     }
01000     tls_heap->client_verify_buf = ns_dyn_mem_alloc(tls_header_ptr->length);
01001     if (tls_heap->client_verify_buf) {
01002         memcpy(tls_heap->client_verify_buf, tls_header_ptr->ptr, tls_header_ptr->length);
01003 
01004 #ifdef ECC
01005         if (tls_heap->tls_chipher_mode == CHIPHER_ECC) {
01006 
01007             if (certi_rx) {
01008                 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START);
01009                 tr_debug("Certi RX > 0");
01010                 if (tls_suite->tls_session->tls_heap) {
01011                     uint8_t free_buf = 1;
01012                     if (certi_rx & 1) {
01013                         if (tls_heap->cert_temp_buf == 0) {
01014                             tls_heap->pointer_types |= 1;
01015                             tls_heap->cert_temp_buf = buf;
01016                             free_buf = 0;
01017                         }
01018                     }
01019                     if (certi_rx & 2) {
01020                         if (tls_heap->signature_temp_buf == 0) {
01021                             tls_heap->pointer_types |= 2;
01022                             tls_heap->signature_temp_buf = buf;
01023                             free_buf = 0;
01024                         }
01025                     }
01026 
01027                     if (free_buf == 0) {
01028                         buf = NULL;
01029                     }
01030                 }
01031 
01032             }
01033             if (buf) {
01034                 buf = buffer_free(buf);
01035             }
01036 
01037         } else
01038 #endif
01039         {
01040             tr_debug("Start Server PRF_CALC state");
01041             sec_prf_state_set(tls_suite);
01042         }
01043     } else {
01044         tr_debug("Heap_error: client verify chiphersuite!!");
01045     }
01046 
01047     return (buf);
01048 }
01049 #endif
01050 
01051 static int8_t tls_client_verify_handler(tls_header_t *tls_header_ptr, sec_suite_t *tls_suite)
01052 {
01053     if (tls_ccm_data_decrypt(tls_header_ptr->ptr, tls_header_ptr->length, tls_suite->tls_session->key_expansion, TLS_HANDSHAKE, true) == 0) {
01054         uint8_t *ptr = tls_header_ptr->ptr + 8;
01055         tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
01056 
01057         if (ptr[0] == TLS_FINISHED && common_read_24_bit(ptr + 1) == 12) {
01058             ptr += 4;
01059             //
01060             tr_debug("Finish RX: %s", tr_array(ptr, 12));
01061 
01062             memcpy(tls_heap->verify, ptr, 12);
01063             return 0;
01064         } else {
01065             //RETURN error
01066             tr_debug("No Chiphertext");
01067             return -1;
01068         }
01069     }
01070 
01071     tr_debug("Encode error");
01072     return -2;
01073 
01074 }
01075 
01076 static buffer_t *tls_certificate_buffer_store(buffer_t *buf, uint8_t certi_rx, sec_suite_t *tls_suite)
01077 {
01078     if (certi_rx) {
01079         if (tls_suite->tls_session->tls_heap) {
01080             uint8_t free_buf = 1;
01081             tls_heap_t *theap = tls_suite->tls_session->tls_heap;
01082             if (certi_rx & 1) {
01083                 if (theap->cert_temp_buf == 0) {
01084                     theap->pointer_types |= 1;
01085                     theap->cert_temp_buf = buf;
01086                     free_buf = 0;
01087 
01088                 }
01089             }
01090             if (certi_rx & 2) {
01091                 if (theap->signature_temp_buf == 0) {
01092                     theap->pointer_types |= 2;
01093                     theap->signature_temp_buf = buf;
01094                     free_buf = 0;
01095                 }
01096             }
01097             if (free_buf == 0) {
01098                 buf = NULL;
01099             }
01100         }
01101     }
01102 
01103     if (buf) {
01104         buf = buffer_free(buf);
01105     }
01106 
01107     return buf;
01108 }
01109 
01110 buffer_t *tls_client_up(buffer_t *buf, sec_suite_t *tls_suite)
01111 {
01112     uint8_t i = 0, certi_rx = 0;
01113     uint16_t data_len = 0;
01114     uint8_t alert_case = 0;
01115     uint8_t *ptr;
01116     tls_header_t *tls_header_ptr;
01117     tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
01118     uint8_t algo_ok = 0, j = 0;
01119     ptr = buffer_data_pointer(buf);
01120 
01121     i = 1;
01122     while (buf->buf_ptr  < buf->buf_end ) {
01123         data_len = buffer_data_length(buf);
01124         ptr = buffer_data_pointer(buf);
01125         tls_header_ptr = NULL;
01126 
01127         if (data_len >= 5) {
01128             uint16_t tls_version;
01129             tls_header.type = *ptr++;
01130             tls_version = common_read_16_bit(ptr);
01131             ptr += 2;
01132             if (tls_version != TLS_1_2_VERSION) {
01133                 tr_debug("Len: %04x", data_len);
01134                 tr_debug("%s", tr_array(ptr, 4));
01135                 alert_case = 4;
01136             } else {
01137                 tls_header.length = common_read_16_bit(ptr);
01138                 ptr += 2;
01139                 data_len -= 5;
01140                 if (tls_header.length > data_len) {
01141                     alert_case = 5;
01142                 } else {
01143                     tr_debug("Full TLS Record");
01144                     tls_header.ptr = ptr;
01145                     buf->buf_ptr  += tls_header.length;
01146                     buf->buf_ptr  += 5;
01147                     tls_header_ptr = &tls_header;
01148                 }
01149             }
01150         } else {
01151             alert_case = 5;
01152         }
01153 
01154         if (alert_case) {
01155             tr_debug("TLS Segmentation or datagram error: %02x", alert_case);
01156             buf->buf_ptr  = buf->buf_end ;
01157             //SET Alert Case
01158             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01159             return buffer_free(buf);
01160         }
01161 
01162         if (tls_header_ptr) {
01163             if (tls_header_ptr->type == TLS_HANDSHAKE && (tls_heap != 0)) {
01164                 tr_debug("Type:Handshake");
01165                 if (tls_suite->state == TLS_CHANGE_CHIPHER) {
01166                     if (tls_header_ptr->length < 32) {
01167                         tr_debug("Too short Chiher Text");
01168                     } else if ((algo_ok & 0x20) && (tls_suite->state == PRF_CALC)) {
01169                         tr_debug("Drop Client RE TX");
01170                         /*tls_text_cnt = */j = 1;
01171                     } else {
01172                         int8_t returnCode = tls_client_verify_handler(tls_header_ptr, tls_suite);
01173                         if (returnCode == 0) {
01174                             algo_ok |= 0x10;
01175                             sec_lib_state_machine_trig(tls_suite, TLS_FINISH);
01176                             j = 1;
01177                         } else if (returnCode == -1) {
01178                             sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01179                             return buffer_free(buf);
01180                         } else {
01181                             i = 5;
01182                             sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01183                             break;
01184                         }
01185 
01186                         //Set Back Originals
01187                         tls_header_ptr->ptr -= 8;
01188                         tls_header_ptr->length += 16;
01189                     }
01190                 } else {
01191                     uint8_t tls_msg_cnt = 0;
01192                     tls_msg_t *tls_msg_ptr = 0;
01193                     if (algo_ok != 0x18) {
01194                         tls_msg_cnt = tls_msg_analyzy(tls_header_ptr->ptr, tls_header_ptr->length);
01195                         j = 0;
01196                     }
01197                     ptr = tls_header_ptr->ptr;
01198                     while (j < tls_msg_cnt) {
01199                         tls_msg_ptr = tls_msg_get(ptr);
01200 
01201                         switch (tls_msg_ptr->type) {
01202                             case TLS_SERVER_HELLO:
01203                                 if (tls_msg_ptr->len >= 38) {
01204                                     if (tls_suite->state == TLS_INIT) {
01205                                         if (tls_parse_server_hello(tls_msg_ptr->msg_ptr, tls_suite)) {
01206 
01207                                             uint8_t switch_state = 0;
01208                                             tr_debug("TLS:S_Hello OK");
01209                                             if (tls_heap->tls_chipher_mode != CHIPHER_ECC) {
01210                                                 algo_ok |= 1;
01211                                                 switch_state = 1;
01212                                                 tls_ecc_heap_free(tls_heap);
01213                                             } else {
01214 
01215 #ifdef ECC
01216                                                 tls_suite->retry_counter = 0;
01217                                                 switch_state = 1;
01218 #else
01219                                                 tr_debug("NO ECC Sup");
01220                                                 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01221                                                 return buffer_free(buf);
01222 #endif
01223 
01224                                             }
01225                                             if (switch_state) {
01226                                                 tls_suite->setups &= ~TLS_HANSHAKE_HASH;
01227                                                 sec_set_auth_timeout(tls_suite, TLS_HELLO_RX);
01228                                                 tls_suite->retry_counter = 0;
01229                                                 tls_handshake_copy(tls_msg_ptr, tls_heap);
01230                                             }
01231                                         } else {
01232                                             tr_debug("TLS:S_Hello Fail: %02x", tls_suite->state);
01233                                         }
01234                                     } else {
01235                                         tr_debug("SERver RE Tx  drop Ser Hello");
01236                                     }
01237                                 }
01238                                 break;
01239 
01240                             case TLS_SERVER_HELLO_DONE:
01241                                 if (tls_msg_ptr->len == 0) {
01242                                     if (tls_suite->state >= TLS_CERTIFICATE_RX && tls_suite->state < PANA_ERROR) {
01243                                         tr_debug("TLS:S_Hello DONE");
01244                                         algo_ok |= 2;
01245                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01246                                         sec_lib_state_machine_trig(tls_suite, TLS_HELLO_DONE);
01247                                     } else {
01248                                         tr_debug("Drop Ser Hello Done: %02x", tls_suite->state);
01249                                     }
01250                                 }
01251                                 break;
01252 
01253                             case TLS_CERTIFICATE:
01254 #ifdef ECC
01255                                 if (tls_suite->state == TLS_HELLO_RX) {
01256                                     tr_debug("TLS Certi RX");
01257 
01258                                     if (tls_parse_certificate(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01259 
01260                                         tls_suite->setups |= TLS_ECC_CERTIFICATE_RECEIVED;
01261                                         algo_ok = 0;
01262                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01263                                         tls_suite->timer = pana_retry_req_max_get();
01264 
01265                                         tls_suite->state = TLS_CERTIFICATE_RX;
01266                                         certi_rx |= 1;
01267 
01268                                     } else {
01269                                         tr_debug("TLS Malformed Certificate");
01270 
01271                                         sec_lib_state_machine_trig(tls_suite, TLS_ALERT_BAD_CERTIFICATE);
01272                                         return buffer_free(buf);
01273                                     }
01274 
01275                                 } else {
01276                                     tr_debug("Drop Cert: %02x", tls_suite->state);
01277                                     return buffer_free(buf);
01278                                 }
01279 #else
01280                                 sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01281 #endif
01282                                 break;
01283 
01284                             case TLS_SERVER_KEY_EXCHANGE:
01285                                 tr_debug(" TLS Serv KEY Exchange RX");
01286 #ifdef ECC
01287                                 if (!tls_parse_server_key_exchange(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01288                                     tr_debug("Drop Key");
01289                                     sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01290                                 } else {
01291                                     algo_ok = 0;
01292                                     tls_handshake_copy(tls_msg_ptr, tls_heap);
01293                                     certi_rx |= 2;
01294                                     sec_set_auth_timeout(tls_suite, TLS_SERVER_KEY_EXCHANGE_RX);
01295                                 }
01296 #else
01297                                 tr_debug("Drop Key");
01298                                 sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01299 #endif
01300 
01301                                 break;
01302 
01303                             case TLS_CERTIFICATE_REQUEST:
01304 #ifdef ECC
01305                                 if (tls_parse_certificate_request(tls_msg_ptr->msg_ptr, tls_msg_ptr->len)) {
01306                                     tr_debug(" TLS Cert request- ");
01307                                     if ((tls_suite->setups & TLS_ECC_CERTIFICATE_REQUESTED) == 0) {
01308                                         tls_suite->setups |= TLS_ECC_CERTIFICATE_REQUESTED;
01309                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01310 
01311                                     }
01312                                 } else
01313 #endif
01314                                 {
01315                                     tr_debug("Client drop Cert Request");
01316                                     sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT);
01317                                     return buffer_free(buf);
01318                                 }
01319                                 break;
01320 
01321                             default:
01322                                 break;
01323                         }
01324                         ptr = tls_msg_ptr->msg_ptr;
01325                         ptr += tls_msg_ptr->len;
01326                         j++;
01327                     }
01328                 }
01329 
01330             } else if (tls_header_ptr->type == TLS_CHANGE_CIPHER_SPEC && (tls_heap != 0) /*&& (tls_header[i].length == 1)*/) {
01331                 uint8_t tx_alert = 1;
01332                 tr_debug("TLS:Change ChipherS");
01333                 tr_debug("%02x", tls_suite->state);
01334                 if (tls_suite->state == TLS_KEY_CHANGE) {
01335                     tx_alert = 0;
01336                 }
01337 
01338                 if (tx_alert) {
01339                     tr_debug("Wrong state TX Alert");
01340                     sec_lib_state_machine_trig(tls_suite, TLS_ALERT_CLOSE_FATAL);
01341                     return buffer_free(buf);
01342                 } else {
01343                     sec_set_auth_timeout(tls_suite, TLS_CHANGE_CHIPHER);
01344                     algo_ok |= 8;
01345                 }
01346 
01347             } else if (tls_header_ptr->type == TLS_ALERT_TYPE) {
01348                 tr_debug("Alert!!");
01349                 if (tls_header_ptr->length == 2) {
01350                     uint8_t *dptr = tls_header_ptr->ptr;
01351                     tr_debug("%s", tr_array(tls_header_ptr->ptr, 2));
01352                     //Skip Alert Type and descriptions
01353                     dptr += 2;
01354                     algo_ok = 0xf0;
01355                     sec_lib_state_machine_trig(tls_suite, PANA_FAILURE);
01356                 }
01357                 i = 0xfe;
01358             }
01359         }
01360     }
01361 
01362     if (algo_ok) {
01363         if (tls_suite->state == TLS_HELLO_RX) {
01364             sec_set_auth_timeout(tls_suite, TLS_HELLO_RX);
01365             tls_suite->retry_counter = 0;
01366             i = 0xff;
01367         } else if (tls_suite->state == TLS_HELLO_DONE) {
01368             //ADD already Now Client key change handshake part
01369 #ifdef ECC
01370             if (tls_heap->tls_chipher_mode == CHIPHER_ECC) {
01371                 if (tls_suite->setups & TLS_ECC_CERTIFICATE_REQUESTED) {
01372                     tr_debug("Message verify start");
01373                     sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START);
01374                 } else {
01375                     tr_debug("Cert REQ diabled");
01376                 }
01377             } else
01378 #endif
01379             {
01380 
01381                 tls_msg_t *tmp_msg = tls_msg_ptr_get();
01382 
01383                 tmp_msg->len = 3;
01384                 if (tls_suite->psk_key_id > 0xff) {
01385                     tmp_msg->len++;
01386                 }
01387                 ptr = buf->buf ;
01388                 *ptr++ = TLS_CLIENT_KEY_EXCHANGE;
01389                 ptr = common_write_24_bit(tmp_msg->len, ptr);
01390                 tmp_msg->msg_ptr = ptr;
01391                 ptr = common_write_16_bit(tmp_msg->len - 2, ptr);
01392                 if (tls_suite->psk_key_id > 0xff) {
01393                     *ptr++ = tls_suite->psk_key_id >> 8;
01394                 }
01395 
01396                 *ptr = tls_suite->psk_key_id;;
01397                 tls_handshake_copy(tmp_msg, tls_heap);
01398                 sec_prf_state_set(tls_suite);
01399             }
01400             i = 0xff;
01401         } else if (tls_suite->state == TLS_CHANGE_CHIPHER) {
01402             tr_debug("No Chipher Set Close state");
01403             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01404             i = 0xff;
01405         } else if (tls_suite->state == TLS_FINISH) {
01406             tr_debug("Finish RX");
01407             sec_lib_state_machine_trig(tls_suite, TLS_FINISH);
01408             i = 0xff;
01409         } else if (algo_ok == 0x18) {
01410 
01411         } else {
01412             i = 11;
01413             tr_debug("%02x", algo_ok);
01414         }
01415     }
01416 
01417     if (i) {
01418         buf = tls_certificate_buffer_store(buf, certi_rx, tls_suite);
01419     }
01420     return (buf);
01421 }
01422 
01423 
01424 
01425 buffer_t *tls_server_up(buffer_t *buf, sec_suite_t *tls_suite)
01426 {
01427 #ifdef PANA_SERVER_API
01428     uint8_t i = 0, certi_rx = 0;
01429     uint16_t data_len = 0;
01430     uint8_t alert_case = 0;
01431     uint8_t *ptr;
01432     tls_header_t *tls_header_ptr;
01433     tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
01434     uint8_t algo_ok = 0, j = 0;
01435     ptr = buffer_data_pointer(buf);
01436 
01437     i = 1;
01438     while (buf->buf_ptr  < buf->buf_end ) {
01439         data_len = buffer_data_length(buf);
01440         ptr = buffer_data_pointer(buf);
01441         tls_header_ptr = NULL;
01442 
01443         if (data_len >= 5) {
01444             uint16_t tls_version;
01445             tls_header.type = *ptr++;
01446             tls_version = common_read_16_bit(ptr);
01447             ptr += 2;
01448             if (tls_version != TLS_1_2_VERSION) {
01449                 tr_debug("Len: %04x", data_len);
01450                 tr_debug("%s", tr_array(ptr, 4));
01451                 alert_case = 4;
01452             } else {
01453                 tls_header.length = common_read_16_bit(ptr);
01454                 ptr += 2;
01455                 data_len -= 5;
01456                 if (tls_header.length > data_len) {
01457                     alert_case = 5;
01458                 } else {
01459                     tr_debug("Full TLS Record");
01460                     tls_header.ptr = ptr;
01461                     buf->buf_ptr  += tls_header.length;
01462                     buf->buf_ptr  += 5;
01463                     tls_header_ptr = &tls_header;
01464                 }
01465             }
01466         } else {
01467             alert_case = 5;
01468         }
01469 
01470         if (alert_case) {
01471             tr_debug("TLS Segmentation or datagram error: %02x", alert_case);
01472             buf->buf_ptr  = buf->buf_end ;
01473             //SET Alert Case
01474             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01475             return buffer_free(buf);
01476         }
01477 
01478         if (tls_header_ptr) {
01479             if (tls_header_ptr->type == TLS_HANDSHAKE && (tls_heap != 0)) {
01480                 tr_debug("Type:Handshake");
01481                 if (tls_suite->state == TLS_CHANGE_CHIPHER) {
01482                     if (tls_header_ptr->length < 32) {
01483                         tr_debug("Too short Chiher Text");
01484                     } else if ((algo_ok & 0x20) && (tls_suite->state == PRF_CALC)) {
01485                         tr_debug("Drop Client RE TX");
01486                         /*tls_text_cnt = */j = 1;
01487                     } else {
01488                         buf = tls_verify_handler(certi_rx, tls_header_ptr, buf, tls_suite);
01489                         if (!buf) {
01490                             return buf;
01491                         }
01492                     }
01493                 } else {
01494                     uint8_t tls_msg_cnt = 0;
01495                     tls_msg_t *tls_msg_ptr = 0;
01496                     if (algo_ok != 0x18) {
01497                         tls_msg_cnt = tls_msg_analyzy(tls_header_ptr->ptr, tls_header_ptr->length);
01498                         j = 0;
01499                     }
01500                     ptr = tls_header_ptr->ptr;
01501                     while (j < tls_msg_cnt) {
01502                         tls_msg_ptr = tls_msg_get(ptr);
01503 
01504                         switch (tls_msg_ptr->type) {
01505                             case TLS_CLIENT_HELLO:
01506                                 //Parse
01507                                 if (tls_parse_client_hello(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01508                                     tr_debug("TLS:C_Hello OK");
01509                                     algo_ok = 0;
01510                                     tls_heap->tls_handshake_h_len = 0;
01511                                     tls_handshake_copy(tls_msg_ptr, tls_heap);
01512                                     if (tls_heap->tls_chipher_mode == CHIPHER_ECC) {
01513 #ifdef ECC
01514                                         sec_lib_state_machine_trig(tls_suite, TLS_SERVER_ECC_PUB_KEY_GEN);
01515 #else
01516                                         tr_debug("NO ECC Sup");
01517                                         sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01518                                         return buffer_free(buf);
01519 #endif
01520 
01521                                     } else {
01522                                         tls_ecc_heap_free(tls_heap);
01523                                         sec_lib_state_machine_trig(tls_suite, TLS_SERVER_TX_SERVER_HELLO);
01524                                     }
01525 
01526                                 } else {
01527                                     tr_debug("TLS:C_Hello Fail");
01528                                     sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01529                                     return buffer_free(buf);
01530                                 }
01531                                 break;
01532 
01533                             case TLS_CERTIFICATE:
01534 #ifdef ECC
01535 
01536                                 if (tls_suite->state == TLS_TX_SERVER_KEY_EXCHANGE || tls_suite->state == TLS_SERVER_WAIT_CHANGE_CHIPHERSUITE) {
01537                                     tr_debug("TLS Certi RX");
01538 
01539                                     if (tls_parse_certificate(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01540 
01541                                         tls_suite->setups |= TLS_ECC_CERTIFICATE_RECEIVED;
01542                                         algo_ok = 0;
01543                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01544                                         tls_suite->timer = pana_retry_req_max_get();
01545                                         tls_suite->state = TLS_CERTIFICATE_RX;
01546                                         certi_rx |= 1;
01547 
01548                                     } else {
01549                                         tr_debug("TLS Malformed Certificate");
01550 
01551                                         sec_lib_state_machine_trig(tls_suite, TLS_ALERT_BAD_CERTIFICATE);
01552                                         return buffer_free(buf);
01553                                     }
01554 
01555                                 } else {
01556                                     tr_debug("Drop Cert: %02x", tls_suite->state);
01557                                     return buffer_free(buf);
01558                                 }
01559 #else
01560                                 sec_lib_state_machine_trig(tls_suite, PANA_ERROR);
01561 #endif
01562                                 break;
01563 
01564                             case TLS_CLIENT_KEY_EXCHANGE:
01565                                 tr_debug(" TLS Client KEY Exchange RX");
01566                                 if (tls_heap->tls_chipher_mode == CHIPHER_PSK) {
01567                                     uint8_t *d_ptr = tls_msg_ptr->msg_ptr;
01568                                     uint16_t key_len;
01569                                     uint16_t received_key_id = 0;
01570 
01571                                     key_len = common_read_16_bit(d_ptr);
01572                                     d_ptr += 2;
01573 
01574                                     if (key_len) {
01575                                         if (key_len == 2) {
01576                                             received_key_id = (*d_ptr++) << 8;
01577                                         }
01578                                         received_key_id += *d_ptr;
01579                                     }
01580 
01581                                     if (tls_get_key(received_key_id) != NULL) {
01582                                         tls_suite->psk_key_id = received_key_id;
01583 
01584                                         if (tls_suite->state != PRF_CALC) {
01585                                             tr_debug("Client KEY Exchange ");
01586                                             tls_handshake_copy(tls_msg_ptr, tls_heap);
01587                                             algo_ok = 0;
01588                                         } else {
01589                                             tr_debug("Client Re TX");
01590                                         }
01591                                     }
01592 
01593                                     /* Not valid Key ID */
01594                                     else {
01595                                         tr_debug("Server drop Client Key Exchange");
01596                                         sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT);
01597                                         return buffer_free(buf);
01598                                     }
01599                                 } else {
01600 #ifdef ECC
01601                                     if (tls_parse_client_key_exchange(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01602                                         algo_ok = 0;
01603                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01604                                         sec_set_auth_timeout(tls_suite, TLS_CLIENT_KEY_EXCHANGE_RX);
01605                                     } else
01606 #endif
01607                                     {
01608                                         tr_debug("Server drop Client Key EX");
01609                                         sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT);
01610                                         return buffer_free(buf);
01611                                     }
01612                                 }
01613                                 break;
01614 
01615                             case TLS_CERTIFICATE_VERIFY:
01616                                 tr_debug(" TLS Cert Verify ");
01617 #ifdef ECC
01618                                 if (tls_parse_certificate_verify(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) {
01619 
01620                                     if ((tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY) == 0) {
01621                                         tr_debug("Calc Hash for Cert Verify");
01622                                         tls_suite->setups |= TLS_ECC_CERTIFICATE_VERIFY;
01623                                         tls_hanshake_hash_cal(tls_heap);
01624                                         tls_handshake_copy(tls_msg_ptr, tls_heap);
01625                                         certi_rx |= 2;
01626                                     }
01627                                 } else
01628 #endif
01629                                 {
01630                                     tr_debug("Client Cert Verfify fail");
01631                                     sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT);
01632                                     return buffer_free(buf);
01633                                 }
01634                                 break;
01635                             default:
01636                                 break;
01637                         }
01638                         ptr = tls_msg_ptr->msg_ptr;
01639                         ptr += tls_msg_ptr->len;
01640                         j++;
01641                     }
01642                 }
01643 
01644             } else if (tls_header_ptr->type == TLS_CHANGE_CIPHER_SPEC && (tls_heap != 0) /*&& (tls_header[i].length == 1)*/) {
01645                 uint8_t tx_alert = 1;
01646                 tr_debug("TLS:Change ChipherS");
01647                 tr_debug("%02x", tls_suite->state);
01648                 if (tls_suite->state == TLS_CLIENT_KEY_EXCHANGE_RX || tls_suite->state == TLS_SERVER_WAIT_CHANGE_CHIPHERSUITE) {
01649                     tx_alert = 0;
01650                 }
01651 
01652                 if (tx_alert) {
01653                     tr_debug("Wrong state TX Alert");
01654                     sec_lib_state_machine_trig(tls_suite, TLS_ALERT_CLOSE_FATAL);
01655                     return buffer_free(buf);
01656                 } else {
01657                     sec_set_auth_timeout(tls_suite, TLS_CHANGE_CHIPHER);
01658                     algo_ok |= 8;
01659                 }
01660 
01661             } else if (tls_header_ptr->type == TLS_ALERT_TYPE) {
01662                 tr_debug("Alert!!");
01663                 if (tls_header_ptr->length == 2) {
01664                     uint8_t *dptr = tls_header_ptr->ptr;
01665                     tr_debug("%s", tr_array(tls_header_ptr->ptr, 2));
01666                     //Skip Alert Type and descriptions
01667                     dptr += 2;
01668                     algo_ok = 0xf0;
01669                     sec_lib_state_machine_trig(tls_suite, PANA_FAILURE);
01670                 }
01671                 i = 0xfe;
01672             }
01673         }
01674     }
01675     if (algo_ok) {
01676         if (tls_suite->state == TLS_CHANGE_CHIPHER) {
01677             tr_debug("No Chipher RX--TXalert");
01678             sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL);
01679             i = 0xff;
01680         } else if (algo_ok == 0x18) {
01681 
01682         } else {
01683             i = 11;
01684             tr_debug("%02x", algo_ok);
01685         }
01686     }
01687 
01688     if (i) {
01689         buf = tls_certificate_buffer_store(buf, certi_rx, tls_suite);
01690     }
01691 #else
01692     if (buf) {
01693         buf = buffer_free(buf);
01694     }
01695 #endif
01696     return (buf);
01697 }
01698 
01699 
01700 buffer_t *tls_client_hello_build(buffer_t *buf, sec_suite_t *tls_suite)
01701 {
01702     uint8_t *ptr;
01703     tls_msg_t *tmp_msg = tls_msg_ptr_get();
01704     tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap;
01705     tr_debug("TTLs TX:Client Hello");
01706     //Build Client Hello
01707     ptr = buffer_data_clear(buf);
01708     //for Hash calculation
01709 
01710     *ptr++ = TLS_CLIENT_HELLO;
01711     ptr += 3; // skip length, fill in at the end
01712     tmp_msg->msg_ptr = ptr;
01713     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
01714     memcpy(ptr, (tls_heap->tls_hello_random + CLIENT_HELLO_PTR), 32);
01715     ptr += 32;
01716     *ptr++ = 0; //Session ID length
01717     ptr += 2; // Skip cipher suite length; fill in a moment
01718     uint8_t *ciphers_ptr = ptr;
01719 #ifdef ECC
01720     if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_ECC) {
01721         ptr = common_write_16_bit(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, ptr);
01722         ptr = common_write_16_bit(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT, ptr);
01723     }
01724 #endif
01725     if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_PSK) {
01726         ptr = common_write_16_bit(TLS_PSK_WITH_AES_128_CCM_8, ptr);
01727     }
01728     // Go back and fill in length
01729     common_write_16_bit(ptr - ciphers_ptr, ciphers_ptr - 2);
01730 
01731     *ptr++ = 1; // 1 Compression method
01732     *ptr++ = TLS_COMPRESSION_METHOD_NULL;
01733 #ifdef ECC
01734 
01735     //Set ECC Extensions
01736     if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_ECC) {
01737         ptr = common_write_16_bit(8 + 8 + 6, ptr); //Extensions length
01738 
01739         ptr = common_write_16_bit(TLS_EXTENSION_SIGNATURE_ALGORITHMS, ptr);
01740         ptr = common_write_16_bit(4, ptr); //extension data len
01741         ptr = common_write_16_bit(2, ptr); //algorithm list len
01742         ptr = common_write_16_bit(TLS_SIG_HASH_ALG_SHA256_ECDSA, ptr);
01743 
01744         ptr = common_write_16_bit(TLS_EXTENSION_ELLIPTIC_CURVES, ptr);
01745         ptr = common_write_16_bit(4, ptr); //extension data len
01746         ptr = common_write_16_bit(2, ptr); //curve list len
01747         ptr = common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, ptr);
01748 
01749         ptr = common_write_16_bit(TLS_EXTENSION_EC_POINT_FORMATS, ptr);
01750         ptr = common_write_16_bit(2, ptr); //extension data len
01751         *ptr++ = 1; // format list len
01752         *ptr++ = 0; //Uncompressed mode
01753     }
01754 #endif
01755     buffer_data_end_set(buf, ptr);
01756 
01757     // Go back and write the length
01758     uint16_t tls_len = buffer_data_length(buf) - 4;
01759     tmp_msg->len = tls_len;
01760     common_write_24_bit(tls_len, buffer_data_pointer(buf) + 1);
01761 
01762     tls_heap->tls_handshake_h_len = 0;
01763     tls_handshake_copy(tmp_msg, tls_heap);
01764     tls_suite->setups |= TLS_HANSHAKE_HASH;
01765     return tls_down(buf);
01766 
01767 }
01768 
01769 #ifdef ECC
01770 uint8_t *tls_server_key_excahnge_msg_build(uint8_t *ptr, tls_heap_t *heap_ptr)
01771 {
01772     uint8_t r_zeros;
01773     uint8_t s_zeros;
01774 
01775     r_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_R.data);
01776     s_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_s.data);
01777     *ptr++ = TLS_SERVER_KEY_EXCHANGE;
01778     ptr = common_write_24_bit((145 - r_zeros - s_zeros), ptr);
01779     *ptr++ = 3; //type
01780     ptr = common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, ptr);
01781     //There shuold be calculated case now only test purpose
01782     *ptr++ = 65; //len
01783     *ptr++ = 4; //type
01784     memcpy(ptr, heap_ptr->ecc_heap->server_public_key, 64);
01785     ptr += 64;
01786     ptr = common_write_16_bit(TLS_SIG_HASH_ALG_SHA256_ECDSA, ptr);
01787     ptr = common_write_16_bit((72 - r_zeros - s_zeros), ptr);
01788     *ptr++ = 0x30;
01789     *ptr++ = 70 - r_zeros - s_zeros;
01790     ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_R.data), r_zeros);
01791     ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_s.data), s_zeros);
01792     return ptr;
01793 }
01794 
01795 
01796 uint8_t *tls_certificate_verify_msg_set(uint8_t *ptr, tls_heap_t *heap_ptr)
01797 {
01798     uint8_t r_zeros;
01799     uint8_t s_zeros;
01800     r_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_R.data);
01801     s_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_s.data);
01802 
01803     *ptr++ = TLS_CERTIFICATE_VERIFY;
01804     ptr = common_write_24_bit((76 - r_zeros - s_zeros), ptr);
01805     *ptr++ = 4;
01806     *ptr++ = 3;
01807     *ptr++ = 0;
01808     *ptr++ = 72 - r_zeros - s_zeros;
01809     *ptr++ = 0x30;
01810     *ptr++ = 70 - r_zeros - s_zeros;
01811     ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_R.data), r_zeros);
01812     ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_s.data), s_zeros);
01813     return ptr;
01814 }
01815 #define CERTI_CHAIN_3
01816 
01817 uint16_t tls_certificate_len(certificate_chain_internal_t   *temp)
01818 {
01819     uint8_t i;
01820     uint16_t len = 0;
01821 
01822     if (temp) {
01823         len += 10;
01824         if (temp->chain_length > 1) {
01825             for (i = 0; i < (temp->chain_length - 1); i++) {
01826                 if (i) {
01827                     len += 3;
01828                 }
01829                 len += temp->certi_len[i + 1];
01830             }
01831         } else if (temp->chain_length == 1) {
01832             len += temp->certi_len[0];
01833         }
01834     }
01835     return len;
01836 }
01837 
01838 uint8_t *tls_certificate_msg_set(uint8_t *ptr, certificate_chain_internal_t *temp)
01839 {
01840     uint8_t i;
01841     uint16_t len = 0;
01842     len = tls_certificate_len(temp);
01843     if (temp) {
01844         len -= 4; // Cut TLS haeder space off
01845         /* Set Certificate */
01846         *ptr++ = TLS_CERTIFICATE;
01847         ptr = common_write_24_bit(len, ptr);
01848         len -= 3;
01849         ptr = common_write_24_bit(len, ptr);
01850 
01851         i = temp->chain_length;
01852         if (i > 1) {
01853             while (i) {
01854                 i--;
01855                 if (i) {
01856                     ptr = common_write_24_bit(temp->certi_len[i], ptr);
01857                     memcpy(ptr, temp->certi_chain[i], temp->certi_len[i]);
01858                     ptr += temp->certi_len[i];
01859                 }
01860             }
01861         } else if (i == 1) {
01862             ptr = common_write_24_bit(temp->certi_len[0], ptr);
01863             memcpy(ptr, temp->certi_chain[0], temp->certi_len[0]);
01864             ptr += temp->certi_len[0];
01865         }
01866     }
01867     return ptr;
01868 }
01869 
01870 uint8_t tls_write_signature_parameters(uint8_t *ptr, uint8_t *signature_parameter, uint8_t leadin_zeros)
01871 {
01872     uint8_t len = 2;
01873     uint8_t i;
01874     *ptr++ = 2;
01875     *ptr++ = 33 - leadin_zeros;
01876     if (leadin_zeros == 0) {
01877         *ptr++ = 0;
01878         len += 33;
01879     } else {
01880         leadin_zeros -= 1;
01881         len += (32 - leadin_zeros);
01882     }
01883     for (i = leadin_zeros; i < 32; i++) {
01884         *ptr++ = signature_parameter[31 - i];
01885     }
01886     return len;
01887 }
01888 
01889 void tls_ecc_point_reverse_order(uint8_t *dst, uint8_t *src)
01890 {
01891     uint8_t i;
01892     for (i = 0; i < 32; i++) {
01893         dst[i] = src[31 - i];
01894     }
01895 }
01896 #endif
01897 
01898 uint8_t *tls_build_server_hello_msg(uint8_t *ptr, tls_session_t *tls_session)
01899 {
01900     tls_heap_t *heap_ptr = tls_session->tls_heap;
01901     *ptr++ = TLS_SERVER_HELLO;
01902     ptr += 3; // fill length in at the end
01903     uint8_t *startptr = ptr;
01904     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
01905 
01906     memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32);
01907     ptr += 32;
01908 
01909     *ptr++ = tls_session->id_length;
01910     memcpy(ptr, tls_session->tls_session_id, tls_session->id_length);
01911     ptr += tls_session->id_length;
01912 
01913     uint16_t ciphersuite;
01914 #ifdef ECC
01915     if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) {
01916         ciphersuite = heap_ptr->client_knows_standard_ecc_ciphersuite ?
01917                       TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 :
01918                       TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT;
01919     } else
01920 #endif
01921     {
01922         ciphersuite = TLS_PSK_WITH_AES_128_CCM_8;
01923     }
01924 
01925     ptr = common_write_16_bit(ciphersuite, ptr);
01926     *ptr++ = TLS_COMPRESSION_METHOD_NULL;
01927 
01928     if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) {
01929         ptr = common_write_16_bit(6, ptr); // 6 bytes of Extensions
01930         ptr = common_write_16_bit(TLS_EXTENSION_EC_POINT_FORMATS, ptr);
01931         ptr = common_write_16_bit(2, ptr); // 2 bytes of extension data
01932         *ptr++ = 1; // 1 byte of ec_point_format_list
01933         *ptr++ = 0; // ECPointFormat::uncompressed
01934     }
01935 
01936     // Go back and fill in length
01937     common_write_24_bit(ptr - startptr, startptr - 3);
01938 
01939     if (heap_ptr->tls_chipher_mode != CHIPHER_ECC) {
01940         *ptr++ = TLS_SERVER_HELLO_DONE;
01941         ptr = common_write_24_bit(0, ptr); // length
01942     }
01943     return ptr;
01944 }
01945 
01946 void tls_header_set(buffer_t *buf)
01947 {
01948     uint8_t *ptr;
01949     uint16_t len;
01950     ptr = buffer_data_pointer(buf);
01951     len = buffer_data_length(buf);
01952     len -= 5; //Cut Flags byte off
01953     *ptr++ = TLS_HANDSHAKE;
01954     ptr = common_write_16_bit(TLS_1_2_VERSION, ptr);
01955     ptr = common_write_16_bit(len, ptr);
01956 }
01957 
01958 void tls_session_id_genrate(uint8_t *suite, uint8_t length)
01959 {
01960     if (length > 32) {
01961         length = 32;
01962     }
01963     randLIB_get_n_bytes_random(suite, length);
01964 }
01965 
01966 tls_heap_t *tls_heap_allocate(void)
01967 {
01968     tls_heap_t *heap_ptr = tls_heap_structure_allocate();
01969     if (heap_ptr) {
01970 #ifdef ECC
01971         tls_ecc_heap_t *ecc_ptr = ecc_allocate_ram();
01972         if (ecc_ptr == 0) {
01973             tr_debug("ECC Alloc Fail");
01974             ns_dyn_mem_free(heap_ptr);
01975             heap_ptr = 0;
01976             return heap_ptr;
01977         } else {
01978             //uint8_t *ptr, i;
01979             heap_ptr->ecc_heap = ecc_ptr;
01980         }
01981         heap_ptr->client_knows_standard_ecc_ciphersuite = false;
01982 #endif
01983         randLIB_get_n_bytes_random(heap_ptr->tls_hello_random, 64);
01984         ns_sha256_init(&heap_ptr->sha256_ctx);
01985         heap_ptr->tls_chipher_mode = CHIPHER_NONE;
01986         heap_ptr->tls_handshake_h_len = 0;
01987         heap_ptr->client_verify_buf = 0;
01988         heap_ptr->client_verify_buf_len = 0;
01989     }
01990     return heap_ptr;
01991 }
01992 
01993 void tls_heap_free(tls_heap_t *heap_ptr)
01994 {
01995     if (heap_ptr) {
01996         if (heap_ptr->cert_temp_buf) {
01997             if (heap_ptr->signature_temp_buf) {
01998                 if (heap_ptr->signature_temp_buf == heap_ptr->cert_temp_buf) {
01999                     heap_ptr->signature_temp_buf = 0;
02000                 }
02001 
02002 
02003             }
02004 
02005             if (heap_ptr->pointer_types & 1) {
02006                 buffer_free(heap_ptr->cert_temp_buf);
02007             } else {
02008                 ns_dyn_mem_free(heap_ptr->cert_temp_buf);
02009             }
02010             heap_ptr->cert_temp_buf = 0;
02011         }
02012         if (heap_ptr->signature_temp_buf) {
02013             if (heap_ptr->pointer_types & 2) {
02014                 buffer_free(heap_ptr->signature_temp_buf);
02015             } else {
02016                 ns_dyn_mem_free(heap_ptr->signature_temp_buf);
02017             }
02018             heap_ptr->signature_temp_buf = 0;
02019         }
02020         if (heap_ptr->client_verify_buf) {
02021             ns_dyn_mem_free(heap_ptr->client_verify_buf);
02022             heap_ptr->client_verify_buf = 0;
02023         }
02024         tls_ecc_heap_free(heap_ptr);
02025         ns_sha256_free(&heap_ptr->sha256_ctx);
02026         ns_dyn_mem_free(heap_ptr);
02027     }
02028 }
02029 #ifdef ECC
02030 void tls_ecc_heap_free(tls_heap_t *heap_ptr)
02031 {
02032     if (heap_ptr) {
02033         if (heap_ptr->ecc_heap) {
02034             if (heap_ptr->ecc_heap->sgnt) {
02035                 ecc_library_free_pointer(heap_ptr->ecc_heap->sgnt);
02036                 //ns_dyn_mem_free(heap_ptr->ecc_heap->sgnt);
02037             }
02038             ns_dyn_mem_free(heap_ptr->ecc_heap);
02039             heap_ptr->ecc_heap = 0;
02040         }
02041     }
02042 }
02043 #endif
02044 
02045 #ifdef ECC
02046 uint8_t tls_get_leading_zeros(void *data)
02047 {
02048 
02049     uint8_t *ptr = (uint8_t *)data + 31;
02050     uint8_t i = 0;
02051 
02052     for (;; ptr--) {
02053         if (*ptr & 0x80) {
02054             break;
02055         }
02056         i++;
02057         if (i == 33) {
02058             break;
02059         }
02060 
02061         if (*ptr) {
02062             break;
02063         }
02064     }
02065 
02066     return i;
02067 
02068 }
02069 #endif
02070 
02071 
02072 void tls_key_expansion_cal(tls_heap_t *heap_ptr, uint8_t *key_save_ptr, uint8_t *master_secret)
02073 {
02074     uint8_t *ptr;
02075     prf_sec_param_t *prf_ptr = shalib_prf_param_get();
02076     prf_ptr->secret = master_secret;
02077     prf_ptr->sec_len = 48;
02078     prf_ptr->label = "key expansion";
02079     prf_ptr->seed = heap_ptr->temp_buf;
02080     ptr = heap_ptr->temp_buf;
02081     memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32);
02082     ptr += 32;
02083     memcpy(ptr, (heap_ptr->tls_hello_random + CLIENT_HELLO_PTR), 32);
02084     prf_ptr->seedlen = 64;
02085     shalib_prf_calc(key_save_ptr, 10); // Why 40 bytes?
02086 }
02087 
02088 void tls_master_key_cal(tls_heap_t *heap_ptr, sec_suite_t *tls_suite)
02089 {
02090     uint8_t *ptr;
02091     prf_sec_param_t *prf_ptr = shalib_prf_param_get();
02092     uint8_t secret_buf[2 + 16 + 2 + 16];
02093     tr_debug("CAL Master secret:");
02094     //Her have to to be set check is
02095 #ifdef ECC
02096     if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) {
02097         prf_ptr->secret = heap_ptr->ecc_heap->pre_secret_mat;
02098         prf_ptr->sec_len = 32;
02099     } else
02100 #endif
02101     {
02102         tls_psk_key_t *key_temp = tls_get_key(tls_suite->psk_key_id);
02103         if (key_temp) {
02104             /* RFC 4279 - premaster secret for N-octet PSK is
02105              *  +----------+----------+----------+----------+
02106              *  | 2 octets | N octets | 2 octets | N octets |
02107              *  +----------+----------+----------+----------+
02108              *  |    N     |    0     |    N     |   PSK    |
02109              *  +----------+----------+----------+----------+
02110              */
02111             ptr = secret_buf;
02112             ptr = common_write_16_bit(16, ptr);
02113             memset(ptr, 0, 16), ptr += 16;
02114             ptr = common_write_16_bit(16, ptr);
02115             memcpy(ptr, key_temp->psk_key, 16);
02116             prf_ptr->secret = secret_buf;
02117             prf_ptr->sec_len = sizeof secret_buf;
02118         }
02119     }
02120     prf_ptr->label = "master secret";
02121     prf_ptr->seed = heap_ptr->temp_buf;
02122     ptr = heap_ptr->temp_buf;
02123     memcpy(ptr, (heap_ptr->tls_hello_random + CLIENT_HELLO_PTR), 32);
02124     ptr += 32;
02125     memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32);
02126     prf_ptr->seedlen = 64;
02127 
02128     shalib_prf_calc(tls_suite->tls_session->master_secret, 12);
02129 }
02130 
02131 void tls_verify_calc(uint8_t output[12], uint8_t server, tls_heap_t *heap_ptr, uint8_t *master_secret)
02132 {
02133     prf_sec_param_t *prf_ptr = shalib_prf_param_get();
02134     prf_ptr->secret = master_secret;
02135     prf_ptr->sec_len = 48;
02136     prf_ptr->label = server ? "server finished" : "client finished";
02137     prf_ptr->seed = heap_ptr->hash_buf;
02138     prf_ptr->seedlen = 32;
02139     shalib_prf_calc(output, 3);
02140 }
02141 
02142 
02143 void tls_handshake_copy(tls_msg_t *tls_msg_ptr, tls_heap_t *heap_ptr)
02144 {
02145     uint16_t len = tls_msg_ptr->len;
02146     uint8_t *ptr = tls_msg_ptr->msg_ptr;
02147     ptr -= 4;
02148     len += 4;
02149 
02150     if (heap_ptr->tls_handshake_h_len == 0) {
02151         ns_sha256_starts(&heap_ptr->sha256_ctx);
02152     }
02153     ns_sha256_update(&heap_ptr->sha256_ctx, ptr, len);
02154     heap_ptr->tls_handshake_h_len += len;
02155 }
02156 
02157 
02158 void tls_hanshake_hash_cal(tls_heap_t *heap_ptr)
02159 {
02160     tr_debug("HASH Calc");
02161     ns_sha256_context ctx;
02162     ns_sha256_clone(&ctx, &heap_ptr->sha256_ctx);
02163     ns_sha256_finish(&ctx, heap_ptr->hash_buf);
02164     ns_sha256_free(&ctx);
02165 }
02166 
02167 #if 0
02168 uint8_t tls_txt_analyze(buffer_t *buf)
02169 {
02170     uint8_t *dptr;
02171     uint8_t tls_text_cnt = 0;
02172     uint16_t data_len = buffer_data_length(buf);
02173     uint16_t readed = 0;
02174     dptr = buffer_data_pointer(buf);
02175 
02176     while (readed  < data_len) {
02177         uint16_t tls_version;
02178         tls_header.type = *dptr++;
02179         tls_version = common_read_16_bit(dptr);
02180         dptr += 2;
02181         if (tls_version == TLS_1_2_VERSION) {
02182             tls_text_cnt = 0;
02183             break;
02184         } else {
02185             uint16_t tls_temp_var_16;
02186             tls_temp_var_16 = common_read_16_bit(dptr);
02187             dptr += 2;
02188             if (tls_temp_var_16) {
02189                 tls_header.length = tls_temp_var_16;
02190                 tls_header.ptr = dptr;
02191 
02192                 readed += 5;
02193                 readed += tls_temp_var_16;
02194 
02195                 if (readed > data_len) {
02196                     tr_debug("Over Read1: %02x", tls_header.type);
02197                     tr_debug("LEN: %04x", data_len);
02198                     tr_debug("Read: %04x", readed);
02199                     tls_text_cnt = 0;
02200                     break;
02201                 } else {
02202                     dptr += tls_temp_var_16;
02203                     tls_text_cnt++;
02204                 }
02205             } else {
02206                 tls_text_cnt = 0;
02207                 break;;
02208             }
02209         }
02210     }
02211 
02212     if (readed != data_len) {
02213         tr_debug("TSL txt Parse Fail");
02214         tls_text_cnt = 0;
02215     }
02216     return tls_text_cnt;
02217 }
02218 #endif
02219 
02220 #if 0
02221 tls_header_t *tls_message_get(uint8_t *dptr)
02222 {
02223     uint16_t tls_temp_var_16;
02224     tls_header.type = *dptr;
02225     dptr += 3;
02226     tls_temp_var_16 = common_read_16_bit(dptr);
02227     dptr += 2;
02228     tls_header.length = tls_temp_var_16;
02229     tls_header.ptr = dptr;
02230     return &tls_header;
02231 }
02232 #endif
02233 
02234 uint8_t tls_msg_analyzy(uint8_t *ptr, uint16_t data_len)
02235 {
02236     uint8_t *dptr;
02237     uint8_t msg_cnt = 0;
02238     uint16_t readed = 0, m_len = 0;
02239     dptr = ptr;
02240     while (readed  < data_len) {
02241         dptr += 1; //Skip Type
02242         if (*dptr++) {
02243             //Too long skip packet
02244             tr_debug("Too long: %s", tr_array(ptr, data_len));
02245             msg_cnt = 0;
02246             break;
02247         } else {
02248             m_len = common_read_16_bit(dptr);
02249             dptr += 2;
02250         }
02251         readed += 4;
02252         readed += m_len;
02253         dptr += m_len;
02254 
02255         if (readed > data_len) {
02256             tr_debug("Over Read1: %02x", tls_msg.type);
02257             tr_debug("LEN: %04x", data_len);
02258             tr_debug("Read: %04x", readed);
02259             msg_cnt = 0;
02260             break;
02261         } else {
02262             msg_cnt++;
02263         }
02264     }
02265     if (readed != data_len) {
02266         tr_debug("TLS MSG Parse Fail");
02267         msg_cnt = 0;
02268     }
02269     return msg_cnt;
02270 }
02271 
02272 tls_msg_t *tls_msg_get(uint8_t *dptr)
02273 {
02274     tls_msg.type = *dptr;
02275     dptr += 2;
02276     tls_msg.len = common_read_16_bit(dptr);
02277     dptr += 2;
02278     tls_msg.msg_ptr = dptr;
02279     return &tls_msg;
02280 }
02281 
02282 tls_msg_t *tls_msg_ptr_get(void)
02283 {
02284     return &tls_msg;
02285 }
02286 
02287 void tls_build_client_verify_payload(tls_heap_t *tls_heap)
02288 {
02289     uint8_t *ptr;
02290     ptr = tls_heap->hash_buf;
02291     ptr = common_write_32_bit(0x1400000c, ptr);
02292     memcpy(ptr, tls_heap->verify, 12);
02293 }
02294 
02295 void tls_nonce_update(uint8_t *ptr)
02296 {
02297     uint8_t i = 8;
02298     ptr += 7;
02299 
02300     while (i--) {
02301         if (*ptr == 0xff) {
02302             *ptr = 0;
02303             ptr--;
02304         } else {
02305             *ptr += 1;
02306             break;
02307         }
02308     }
02309 }
02310 #ifdef ECC
02311 uint8_t tls_parse_certificate_request(uint8_t *ptr, uint16_t len)
02312 {
02313     (void)len;
02314     uint16_t hash_alg;
02315     uint16_t count;
02316     uint8_t found = 0;
02317     count = *ptr++;
02318 
02319     if (!count) {
02320         tr_debug("cert req 0 count 1");
02321         return 0;
02322     }
02323 
02324     while (count--) {
02325 
02326         if (*ptr++ == TLS_CERT_TYPE_ECDSA) {
02327 
02328             found = TLS_CERT_TYPE_ECDSA;
02329 
02330         }
02331 
02332     }
02333 
02334     if (!found) {
02335         tr_debug("cert req no supported type");
02336         return 0;
02337     }
02338     found = 0;
02339 
02340     count = (uint16_t) * ptr++ << 8;
02341     count |= *ptr++;
02342     count >>= 1;
02343 
02344     if (!count) {
02345         tr_debug("cert req 0 count 2");
02346         return 0;
02347     }
02348 
02349 
02350     while (count--) {
02351 
02352         hash_alg = common_read_16_bit(ptr);
02353         ptr += 2;
02354         if (hash_alg == TLS_SIG_HASH_ALG_SHA256_ECDSA) {
02355             found = 1;
02356         }
02357 
02358     }
02359 
02360     if (!found) {
02361 
02362         tr_debug("cert req no supported Algo");
02363         return 0;
02364     }
02365 
02366     return 1;
02367     /* There is also names field but we do not have parser for it yet */
02368 
02369 }
02370 
02371 
02372 static uint8_t ecc_verify_calculate_hash(sec_suite_t *tls_suite)
02373 {
02374     tls_heap_t *theap = tls_suite->tls_session->tls_heap;
02375     if (!(tls_suite->setups & TLS_ECC_CERTIFICATE_RECEIVED)) {
02376         return 1;
02377     } else {
02378         tls_suite->setups &= ~TLS_ECC_CERTIFICATE_RECEIVED;
02379     }
02380 
02381     if (tls_suite->setups & TLS_SERVER_MODE) {
02382         if (!(tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY)) {
02383             return 2;
02384         } else {
02385             tls_suite->setups &= ~TLS_ECC_CERTIFICATE_VERIFY;
02386         }
02387     }
02388     if (!theap->ecc_heap->sgnt) {
02389         return 3;
02390     }
02391 
02392     tls_ecc_server_key_signature_hash(theap);
02393     return 0;
02394 
02395 }
02396 
02397 
02398 void tls_ecc_reverse_hash(uint8_t *ptr)
02399 {
02400     uint8_t start = 0;
02401     uint8_t end = 31;
02402     uint8_t chr;
02403     while (start < end) {
02404         chr = ptr[start];
02405         ptr[start] = ptr[end];
02406         ptr[end] = chr;
02407 
02408         start++;
02409         end--;
02410     }
02411 }
02412 
02413 void tls_ecc_server_key_signature_hash(tls_heap_t *heap_ptr)
02414 {
02415     memset(heap_ptr->ecc_heap->sgnt->m_m.data, 0, MPINT_DATA_SIZE);
02416     ns_sha256_context ctx;
02417     ns_sha256_init(&ctx);
02418     ns_sha256_starts(&ctx);
02419     ns_sha256_update(&ctx, heap_ptr->tls_hello_random, 64);
02420     //ServerECDHParams(ECParameters+ECPoint)
02421     heap_ptr->hash_buf[0] = TLS_EC_CURVE_TYPE_NAMED_CURVE;
02422     common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, heap_ptr->hash_buf + 1);
02423     heap_ptr->hash_buf[3] = 65; // ECPoint public - length indicator for following 512-bit public key?
02424     heap_ptr->hash_buf[4] = 4;
02425     ns_sha256_update(&ctx, heap_ptr->hash_buf, 5);
02426     ns_sha256_update(&ctx, heap_ptr->ecc_heap->server_public_key, 64);
02427     ns_sha256_finish(&ctx, heap_ptr->ecc_heap->sgnt->m_m.data);
02428     ns_sha256_free(&ctx);
02429     tls_ecc_reverse_hash((uint8_t *)heap_ptr->ecc_heap->sgnt->m_m.data);
02430 }
02431 
02432 #endif
02433 
02434 #else
02435 int8_t arm_tls_add_psk_key(const uint8_t *key_ptr, uint16_t key_id)
02436 {
02437     (void)key_ptr;
02438     (void)key_id;
02439     return -1;
02440 }
02441 #endif
02442 
02443 
02444