Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
tls_lib.c
00001 /* 00002 * Copyright (c) 2013-2019, Arm Limited and affiliates. 00003 * SPDX-License-Identifier: Apache-2.0 00004 * 00005 * Licensed under the Apache License, Version 2.0 (the "License"); 00006 * you may not use this file except in compliance with the License. 00007 * You may obtain a copy of the License at 00008 * 00009 * http://www.apache.org/licenses/LICENSE-2.0 00010 * 00011 * Unless required by applicable law or agreed to in writing, software 00012 * distributed under the License is distributed on an "AS IS" BASIS, 00013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00014 * See the License for the specific language governing permissions and 00015 * limitations under the License. 00016 */ 00017 #include "nsconfig.h" 00018 #include "ns_types.h" 00019 #ifdef PANA 00020 #include "string.h" 00021 #include "Core/include/ns_address_internal.h" 00022 #include "Core/include/ns_buffer.h" 00023 #ifdef ECC 00024 #include "libX509_V3.h" 00025 #include "ecc.h" 00026 #endif 00027 #include "randLIB.h" 00028 #include "Core/include/ns_socket.h" 00029 //#include "6LoWPAN/Bootstraps/network_lib.h" 00030 #include "shalib.h" 00031 #include "Security/TLS/tls_lib.h" 00032 #include "Security/TLS/tls_ccm_crypt.h" 00033 #include "Security/Common/sec_lib.h" 00034 #include "nsdynmemLIB.h" 00035 #include "net_nvm_api.h" 00036 #include "Security/PANA/pana.h" 00037 #include "Security/PANA/pana_internal_api.h" 00038 #include "ns_trace.h" 00039 #include "common_functions.h" 00040 #include "net_interface.h" 00041 00042 #define TRACE_GROUP "TLSl" 00043 00044 typedef struct tls_psk_key_ { 00045 uint16_t key_id; 00046 uint8_t psk_key[16]; 00047 ns_list_link_t link; 00048 } tls_psk_key_t; 00049 00050 static NS_LIST_DEFINE(tls_psk_list, tls_psk_key_t, link); 00051 00052 NS_LARGE tls_header_t tls_header; 00053 NS_LARGE tls_msg_t tls_msg; 00054 00055 #ifdef ECC 00056 00057 tls_ecc_heap_t *ecc_allocate_ram(void); 00058 static uint8_t tls_parse_certificate(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite); 00059 static uint8_t tls_parse_certificate_verify(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite); 00060 static uint8_t ecc_verify_calculate_hash(sec_suite_t *tls_suite); 00061 void tls_ecc_reverse_hash(uint8_t *ptr); 00062 uint8_t tls_write_signature_parameters(uint8_t *ptr, uint8_t *signature_parameter, uint8_t leadin_zeros); 00063 uint8_t tls_parse_certificate_request(uint8_t *ptr, uint16_t len); 00064 static uint8_t tls_parse_client_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite); 00065 static uint8_t tls_parse_server_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite); 00066 00067 #endif 00068 00069 static uint8_t *tls_set_client_key_excange(uint8_t *ptr, sec_suite_t *tls_suite); 00070 static uint8_t tls_parse_server_hello(uint8_t *ptr, sec_suite_t *tls_suite); 00071 static uint8_t tls_parse_client_hello(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite); 00072 static tls_psk_key_t *tls_get_key(uint16_t key_id); 00073 00074 tls_session_t *amr_tls_session_allocate(void) 00075 { 00076 tls_session_t *t_session = 0; 00077 t_session = ns_dyn_mem_alloc(sizeof(tls_session_t)); 00078 if (t_session) { 00079 memset(t_session, 0, sizeof(tls_session_t)); 00080 } 00081 return t_session; 00082 } 00083 00084 void arm_tls_session_clear(tls_session_t *t_session) 00085 { 00086 if (t_session->tls_heap) { 00087 tls_heap_free(t_session->tls_heap); 00088 t_session->tls_heap = NULL; 00089 } 00090 } 00091 00092 static tls_heap_t *tls_heap_structure_allocate(void) 00093 { 00094 tls_heap_t *heap_ptr = (tls_heap_t *) ns_dyn_mem_temporary_alloc(sizeof(tls_heap_t)); 00095 if (heap_ptr) { 00096 memset(heap_ptr, 0, sizeof(tls_heap_t)); 00097 } 00098 return heap_ptr; 00099 } 00100 00101 int8_t arm_tls_add_psk_key(const uint8_t *key_ptr, uint16_t key_id) 00102 { 00103 tls_psk_key_t *key_entry = tls_get_key(key_id); 00104 00105 if (key_ptr == NULL) { 00106 return -1; 00107 } 00108 00109 /* If key with given ID already exists, remove old */ 00110 if (key_entry) { 00111 arm_tls_remove_psk_key(key_id); 00112 key_entry = NULL; 00113 } 00114 00115 /* Make new entry */ 00116 key_entry = ns_dyn_mem_alloc(sizeof(tls_psk_key_t)); 00117 if (key_entry == NULL) { 00118 return -1; 00119 } 00120 00121 memcpy(key_entry->psk_key, key_ptr, 16); 00122 key_entry->key_id = key_id; 00123 00124 ns_list_add_to_end(&tls_psk_list, key_entry); 00125 00126 return 0; 00127 } 00128 00129 int8_t arm_tls_check_key(uint16_t key_id) 00130 { 00131 if (tls_get_key(key_id) == NULL) { 00132 return -1; 00133 } 00134 return 0; 00135 } 00136 00137 int8_t arm_tls_remove_psk_key(uint16_t key_id) 00138 { 00139 tls_psk_key_t *key_to_remove = tls_get_key(key_id); 00140 00141 if (key_to_remove == NULL) { 00142 return -1; 00143 } 00144 00145 ns_list_remove(&tls_psk_list, key_to_remove); 00146 00147 ns_dyn_mem_free(key_to_remove); 00148 00149 return 0; 00150 } 00151 00152 /* returns key entry, null if not found */ 00153 static tls_psk_key_t *tls_get_key(uint16_t key_id) 00154 { 00155 ns_list_foreach(tls_psk_key_t, entry, &tls_psk_list) { 00156 if (entry->key_id == key_id) { 00157 return entry; 00158 } 00159 } 00160 return NULL; 00161 } 00162 00163 00164 00165 void tls_finnish_copy(uint8_t *ptr, tls_heap_t *heap_ptr) 00166 { 00167 tls_msg_t *tmp_msg = tls_msg_ptr_get(); 00168 tmp_msg->len = 12; 00169 tmp_msg->msg_ptr = ptr; 00170 tls_handshake_copy(tmp_msg, heap_ptr); 00171 00172 } 00173 00174 uint8_t tls_parse_client_hello(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite) 00175 { 00176 uint8_t ret_val = 0, i = 0; 00177 uint16_t tls_version; 00178 tls_version = common_read_16_bit(ptr); 00179 ptr += 2; 00180 if (tls_version == TLS_1_2_VERSION) { 00181 uint8_t id_len; 00182 tls_heap_t *thep = tls_suite->tls_session->tls_heap; 00183 memcpy((thep->tls_hello_random + CLIENT_HELLO_PTR), ptr, 32); 00184 ptr += 32; 00185 //skip sesion id 00186 id_len = *ptr++; 00187 len -= 35; 00188 if (id_len < 33 && (len > id_len + 3)) { 00189 if (id_len == 0) { 00190 tr_debug("Fisrt Time generate ID!!"); 00191 len -= 2; 00192 tls_session_id_genrate(tls_suite->tls_session->tls_session_id, 4); 00193 tls_suite->tls_session->id_length = 4; 00194 } else { 00195 if (tls_suite->tls_session->id_length == id_len) { 00196 if (memcmp(tls_suite->tls_session->tls_session_id, ptr, id_len) == 0) { 00197 tr_debug("Generate new Session"); 00198 tls_session_id_genrate(tls_suite->tls_session->tls_session_id, 4); 00199 tls_suite->tls_session->id_length = 4; 00200 00201 } 00202 } 00203 00204 if (ret_val != 0) { 00205 tr_debug("TLS SESSION ID FAIL"); 00206 return 0; 00207 } 00208 ptr += id_len; 00209 len -= id_len; 00210 len -= 1; 00211 } 00212 ptr++; 00213 00214 id_len = *ptr++; 00215 ret_val = 0; 00216 00217 while (id_len) { 00218 if (len < 2) { 00219 tr_debug("Cor Client hello pack"); 00220 return 0; 00221 } 00222 uint16_t tls_ciphersuite = common_read_16_bit(ptr); 00223 switch (tls_ciphersuite) { 00224 case TLS_PSK_WITH_AES_128_CCM_8: 00225 tr_debug("Client Sup PSK"); 00226 ret_val |= SEC_CIPHERSUITE_PSK; 00227 break; 00228 #ifdef ECC 00229 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: 00230 thep->client_knows_standard_ecc_ciphersuite = true; 00231 /* no break */ 00232 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT: 00233 tr_debug("Client Sup ECC"); 00234 ret_val |= SEC_CIPHERSUITE_ECC; 00235 break; 00236 #endif 00237 default: 00238 tr_debug("Un Sup Suite: %04" PRIx16, tls_ciphersuite); 00239 break; 00240 } 00241 ptr += 2; 00242 id_len -= 2; 00243 len -= 2; 00244 00245 } 00246 ret_val &= tls_suite->supported_chipher_suites; 00247 if (ret_val) { 00248 tr_debug("Client pack TRUE"); 00249 00250 if (ret_val & SEC_CIPHERSUITE_ECC) { 00251 thep->tls_chipher_mode = CHIPHER_ECC; 00252 } else { 00253 thep->tls_chipher_mode = CHIPHER_PSK; 00254 } 00255 } else { 00256 tr_debug("CipherSuite Err"); 00257 i = 2; 00258 } 00259 } else { 00260 tr_debug("Session ID length Fail: %02x", *ptr); 00261 i = 4; 00262 } 00263 } else { 00264 i = 3; 00265 } 00266 if (i) { 00267 tr_debug("%02x", i); 00268 } 00269 return ret_val; 00270 } 00271 00272 00273 uint8_t tls_parse_server_hello(uint8_t *ptr, sec_suite_t *tls_suite) 00274 { 00275 uint8_t ret_val = 0, i = 0; 00276 uint16_t tls_version; 00277 tls_version = common_read_16_bit(ptr); 00278 ptr += 2; 00279 if (tls_version == TLS_1_2_VERSION) { 00280 uint8_t id_len; 00281 tls_heap_t *thep = tls_suite->tls_session->tls_heap; 00282 if (thep == 0) { 00283 return 0; 00284 } 00285 memcpy((thep->tls_hello_random + SERVER_HELLO_PTR), ptr, 32); 00286 ptr += 32; 00287 //skip sesion id 00288 id_len = *ptr++; 00289 if (id_len < 33) { 00290 tls_suite->tls_session->id_length = id_len; 00291 memcpy(tls_suite->tls_session->tls_session_id, ptr, id_len); 00292 ptr += id_len; 00293 uint16_t tls_cipher_suite = common_read_16_bit(ptr); 00294 switch (tls_cipher_suite) { 00295 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: 00296 case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT: 00297 tr_debug("ECC CipherSuite"); 00298 ret_val = 2; 00299 thep->tls_chipher_mode = CHIPHER_ECC; 00300 break; 00301 case TLS_PSK_WITH_AES_128_CCM_8: 00302 tr_debug("PSK CipherSuite"); 00303 ret_val = 1; 00304 thep->tls_chipher_mode = CHIPHER_PSK; 00305 tls_ecc_heap_free(thep); 00306 break; 00307 default: 00308 tr_debug("CipherSuite Err: %04x", tls_cipher_suite); 00309 ptr += 2; 00310 i = 2; 00311 break; 00312 } 00313 } else { 00314 tr_debug("Session ID length Fail: %02x", *ptr); 00315 i = 4; 00316 } 00317 } else { 00318 i = 3; 00319 } 00320 if (i) { 00321 tr_debug("%02x", i); 00322 } 00323 return ret_val; 00324 } 00325 00326 00327 void tls_alert_build(buffer_t *buf, uint8_t alert) 00328 { 00329 tr_debug("TTLs TX:Alert"); 00330 //Build Client Hello 00331 buffer_data_clear(buf); 00332 buffer_push_uint8(buf, TLS_ALERT_TYPE); 00333 buffer_push_uint16(buf, TLS_1_2_VERSION); 00334 buffer_push_uint16(buf, 0x0002); //Length 00335 00336 if (alert == ALERT_CLOSE) { 00337 buffer_push_uint8(buf, 1); //Mean 2=Fatal, 1=warming 00338 } else { 00339 buffer_push_uint8(buf, 2); //Mean 2=Fatal, 1=warming 00340 } 00341 buffer_push_uint8(buf, alert); 00342 } 00343 00344 #ifdef PANA_SERVER_API 00345 void tls_server_hello_build(buffer_t *buf, sec_suite_t *tls_suite) 00346 { 00347 uint16_t tls_len = 0; 00348 uint8_t *ptr; 00349 tls_msg_t *tmp_msg = tls_msg_ptr_get(); 00350 tr_debug("TTLs TX:Server Hello"); 00351 //Build Client Hello 00352 buffer_data_clear(buf); 00353 ptr = buffer_data_pointer(buf); 00354 *ptr++ = TLS_HANDSHAKE; 00355 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 00356 ptr = common_write_16_bit(tls_len, ptr); 00357 00358 //for Hash calculation 00359 tmp_msg->msg_ptr = ptr + 4; 00360 ptr = tls_build_server_hello_msg(ptr, tls_suite->tls_session); 00361 buffer_data_end_set(buf, ptr); 00362 00363 tls_len = buffer_data_length(buf); 00364 tls_len -= 9; 00365 tmp_msg->len = tls_len; 00366 tls_handshake_copy(tmp_msg, tls_suite->tls_session->tls_heap); 00367 00368 tls_len += 4; 00369 ptr = buffer_data_pointer(buf); 00370 ptr += 3; 00371 ptr = common_write_16_bit(tls_len, ptr); 00372 } 00373 #endif 00374 00375 void tls_prepare_change_chipher_spec(sec_suite_t *tls_suite) 00376 { 00377 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 00378 bool server; 00379 tls_build_client_verify_payload(theap); 00380 if ((tls_suite->setups & TLS_SERVER_MODE) == 0) { 00381 server = false; 00382 if ((tls_suite->setups & TLS_HANSHAKE_HASH) == 0) { 00383 tls_finnish_copy(theap->hash_buf + 4, theap); 00384 tls_suite->setups |= TLS_HANSHAKE_HASH; 00385 } 00386 00387 } else { 00388 server = true; 00389 } 00390 00391 tls_ccm_data_encrypt(theap->hash_buf, 16, tls_suite->tls_session->key_expansion, tls_suite->tls_session->tls_nonce_explit, TLS_HANDSHAKE, server); 00392 } 00393 00394 00395 static buffer_t *tls_down(buffer_t *buf) 00396 { 00397 uint16_t tls_len; 00398 if ((buf = buffer_headroom(buf, 5)) != 0) { 00399 uint8_t *ptr; 00400 buffer_data_reserve_header(buf, 5); 00401 ptr = buffer_data_pointer(buf); 00402 tls_len = buffer_data_length(buf); 00403 tls_len -= 5; //Cut Flags byte off 00404 00405 *ptr++ = TLS_HANDSHAKE; 00406 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 00407 ptr = common_write_16_bit(tls_len, ptr); 00408 } 00409 return (buf); 00410 } 00411 00412 #ifdef ECC 00413 00414 void tls_parse_subject_get_pub_key_from_chain(tls_heap_t *theap, uint8_t rd_ptr) 00415 { 00416 uint8_t *ptr = 0; 00417 certificate_info_t *cer_info = &(theap->rx_ceri_chain.certi_chain[rd_ptr]); 00418 uint8_t i; 00419 ptr = cer_info->pub_key_ptr; 00420 theap->ecc_heap->cert_pub_key.finite = 1; 00421 theap->ecc_heap->cert_pub_key.invalid = 0; 00422 00423 memset(theap->ecc_heap->cert_pub_key.x.data, 0, sizeof(MPint)); 00424 memset(theap->ecc_heap->cert_pub_key.y.data, 0, sizeof(MPint)); 00425 tr_debug("Certificates PUB Key: %s", tr_array(ptr, 64)); 00426 for (i = 0; i < 32; i++) { 00427 00428 *((uint8_t *)theap->ecc_heap->cert_pub_key.x.data + i) = *(ptr + 31 - i) ; 00429 *((uint8_t *)theap->ecc_heap->cert_pub_key.y.data + i) = *(ptr + 63 - i) ; 00430 00431 } 00432 } 00433 00434 00435 00436 uint8_t tls_parse_certificate(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite) 00437 { 00438 00439 uint16_t sub_len = 0; 00440 uint8_t ret_val = 0; 00441 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 00442 //Check Lengths 00443 if (*ptr++) { 00444 tr_debug("Too Long len"); 00445 } else { 00446 sub_len = common_read_16_bit(ptr); 00447 ptr += 2; 00448 len -= 3; 00449 tr_debug("Certi(Chain) Len: %04x", sub_len); 00450 if (sub_len == 0 || sub_len > len) { 00451 tr_debug("Cert Base len mis match"); 00452 } else { 00453 if (x509_v3_certi_chain_analyze(ptr, sub_len, &(theap->rx_ceri_chain)) == 0) { 00454 tr_debug("Certificate Chain not valid"); 00455 } else { 00456 tls_parse_subject_get_pub_key_from_chain(theap, 0); 00457 ret_val = 1; 00458 } 00459 } 00460 } 00461 return ret_val; 00462 00463 } 00464 00465 00466 uint8_t tls_parse_server_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite) 00467 { 00468 (void)len; 00469 uint16_t curve_type; 00470 if (*ptr++ == 3) { 00471 curve_type = common_read_16_bit(ptr); 00472 if (curve_type == TLS_NAMED_CURVE_SECP256R1) { 00473 uint8_t c_len = 0, mode; 00474 uint16_t sig_algh, signature_len; 00475 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 00476 ptr += 2; 00477 //len -= 5; 00478 c_len = *ptr++; 00479 mode = *ptr++; 00480 00481 if (mode == 4) { 00482 c_len--; 00483 memcpy(theap->ecc_heap->server_public_key, ptr, 64); 00484 ptr += 64; 00485 sig_algh = common_read_16_bit(ptr); 00486 if (sig_algh != TLS_SIG_HASH_ALG_SHA256_ECDSA) { 00487 tr_debug("tls ser key ex. er"); 00488 return 0; 00489 } 00490 ptr += 2; 00491 signature_len = common_read_16_bit(ptr); 00492 if (signature_len < 11) { 00493 return 0; 00494 } 00495 ptr += 2; 00496 if (*ptr++ != 0x30) { 00497 return 0; 00498 } 00499 if (*ptr++ < 9) { 00500 return 0; 00501 } 00502 if (*ptr++ != 2) { 00503 return 0; 00504 } else { 00505 uint8_t rslen; 00506 //uint8_t i; 00507 theap->key_signature_ptr = ptr; 00508 rslen = *ptr++; 00509 00510 if (rslen > 33) { 00511 return 0; 00512 } else if (rslen == 0) { 00513 return 0; 00514 } else if (rslen == 33) { 00515 00516 ptr++; 00517 rslen = 32; 00518 00519 } 00520 if (theap->ecc_heap->sgnt == 0) { 00521 theap->ecc_heap->sgnt = ECDSA_get_signature(); 00522 } 00523 if (!theap->ecc_heap->sgnt) { 00524 return 0; 00525 } 00526 00527 ptr += rslen; 00528 if (*ptr++ != 2) { 00529 return 0; 00530 } 00531 00532 rslen = *ptr++; 00533 00534 if (rslen > 33) { 00535 return 0; 00536 } else if (rslen == 0) { 00537 return 0; 00538 } 00539 return 1; 00540 } 00541 00542 } else { 00543 tr_debug("Mode!: %02x", mode); 00544 } 00545 } 00546 } 00547 return 0; 00548 } 00549 00550 static uint8_t tls_parse_client_key_exchange(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite) 00551 { 00552 (void)len; 00553 uint8_t d_len = 0; 00554 uint8_t mode = 0; 00555 d_len = *ptr++; 00556 mode = *ptr++; 00557 if (d_len == 65 && mode == 4) { 00558 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 00559 tr_debug("Valid Client ECC curve:"); 00560 memcpy(theap->ecc_heap->client_public_key, ptr, 64); 00561 tr_debug("%s", tr_array(ptr, 64)); 00562 return 1; 00563 } else { 00564 tr_debug("Len: %02x, mode fail: %02x", d_len, mode); 00565 } 00566 00567 return 0; 00568 } 00569 00570 00571 void tls_read_certi_signature(tls_heap_t *theap, uint8_t certificate) 00572 { 00573 uint8_t rslen = 0; 00574 uint8_t *ptr = 0; 00575 if (certificate) { 00576 // 00577 certificate_info_t *cer_info = &(theap->rx_ceri_chain.certi_chain[theap->rx_ceri_chain.rd_ptr]); 00578 ptr = cer_info->signature_ptr; 00579 } else { 00580 ptr = theap->key_signature_ptr; 00581 } 00582 memset(theap->ecc_heap->sgnt->m_R.data, 0, sizeof(MPint)); 00583 memset(theap->ecc_heap->sgnt->m_s.data, 0, sizeof(MPint)); 00584 rslen = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_R.data)); 00585 ptr += rslen; 00586 ptr++; 00587 x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_s.data)); 00588 00589 } 00590 00591 00592 uint8_t tls_parse_certificate_verify(uint8_t *ptr, uint16_t len, sec_suite_t *tls_suite) 00593 { 00594 (void)len; 00595 uint16_t sig_algh, sig_len; 00596 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 00597 00598 sig_algh = common_read_16_bit(ptr); 00599 if (sig_algh != TLS_SIG_HASH_ALG_SHA256_ECDSA) { 00600 tr_debug("tls ser key ex. er2"); 00601 return 0; 00602 } 00603 ptr += 2; 00604 sig_len = common_read_16_bit(ptr); 00605 if (sig_len < 11) { 00606 return 0; 00607 } 00608 ptr += 2; 00609 if (*ptr++ != 0x30) { 00610 return 0; 00611 } 00612 if (*ptr++ < 9) { 00613 return 0; 00614 } 00615 if (theap->ecc_heap) { 00616 if (theap->ecc_heap->sgnt == 0) { 00617 tr_debug("Allocate SIG"); 00618 theap->ecc_heap->sgnt = ECDSA_get_signature(); 00619 00620 if (!theap->ecc_heap->sgnt) { 00621 tr_debug("Signature Allocate Fail"); 00622 return 0; 00623 } 00624 } 00625 } else { 00626 return 0; 00627 } 00628 memset(theap->ecc_heap->sgnt->m_R.data, 0, sizeof(MPint)); 00629 memset(theap->ecc_heap->sgnt->m_s.data, 0, sizeof(MPint)); 00630 00631 00632 if (*ptr++ != 2) { 00633 return 0; 00634 } else { 00635 uint8_t rslen = 0; 00636 theap->key_signature_ptr = ptr; 00637 rslen = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_R.data)); 00638 if (rslen == 0) { 00639 return 0; 00640 } 00641 ptr += rslen; 00642 } 00643 if (*ptr++ != 2) { 00644 return 0; 00645 } else { 00646 uint8_t rslen = 0; 00647 rslen = x509_v3_parse_signature_parameter(ptr, ((uint8_t *)theap->ecc_heap->sgnt->m_s.data)); 00648 if (rslen == 0) { 00649 return 0; 00650 } 00651 //ptr += rslen; 00652 } 00653 return 1; 00654 } 00655 00656 00657 tls_ecc_heap_t *ecc_allocate_ram(void) 00658 { 00659 tls_ecc_heap_t *heap_ptr = (tls_ecc_heap_t *) ns_dyn_mem_temporary_alloc(sizeof(tls_ecc_heap_t)); 00660 00661 if (heap_ptr == 0) { 00662 tr_debug("ECC variable malloc fail"); 00663 } else { 00664 //heap_scan(); 00665 heap_ptr->sgnt = ecc_get_ecdsa_signature(); 00666 if (!heap_ptr->sgnt) { 00667 tr_debug("Signature Fail"); 00668 ns_dyn_mem_free(heap_ptr); 00669 heap_ptr = 0; 00670 } 00671 } 00672 return heap_ptr; 00673 00674 } 00675 00676 00677 uint8_t *tls_client_key_exchange_msg_set(uint8_t *ptr, tls_heap_t *heap_ptr) 00678 { 00679 /* Client Key Exchange */ 00680 *ptr++ = TLS_CLIENT_KEY_EXCHANGE; 00681 ptr = common_write_24_bit(66, ptr); 00682 ptr = common_write_16_bit(0x4104, ptr); 00683 //There shuold be calculated case now only test purpose 00684 memcpy(ptr, heap_ptr->ecc_heap->client_public_key, 64); 00685 ptr += 64; 00686 return ptr; 00687 } 00688 #endif 00689 00690 00691 uint8_t *tls_set_client_key_excange(uint8_t *ptr, sec_suite_t *tls_suite) 00692 { 00693 uint8_t key_id_len = (tls_suite->psk_key_id > 0xFF) ? 2 : 1; 00694 00695 /* TLS plaintext header = [type][version][length] */ 00696 *ptr++ = TLS_HANDSHAKE; 00697 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 00698 ptr = common_write_16_bit(6 + key_id_len, ptr); 00699 00700 /* Handshake message [msg_type][length] */ 00701 *ptr++ = TLS_CLIENT_KEY_EXCHANGE; 00702 ptr = common_write_24_bit(2 + key_id_len, ptr); 00703 00704 /* ClientKeyExchange [length][psk_id] */ 00705 ptr = common_write_16_bit(key_id_len, ptr); //len 00706 if (tls_suite->psk_key_id > 0xFF) { 00707 *ptr++ = tls_suite->psk_key_id >> 8; 00708 } 00709 *ptr++ = tls_suite->psk_key_id; 00710 00711 return ptr; 00712 } 00713 00714 uint8_t *tls_build_change_chipher_suite_finnish_msg(uint8_t *ptr, tls_session_t *tls_session) 00715 { 00716 *ptr++ = TLS_CHANGE_CIPHER_SPEC; 00717 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 00718 ptr = common_write_16_bit(1, ptr); //len 00719 *ptr++ = 1; 00720 *ptr++ = TLS_HANDSHAKE; 00721 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 00722 ptr = common_write_16_bit(32, ptr); //len 00723 //Calculate Verify and MAC (MIC) 00724 //CCMNONCEEXPLICT //SHuold be 0x0000000000000000 at client side 00725 00726 memcpy(ptr, tls_session->tls_nonce_explit, 8); // Dynamic 00727 ptr += 8; 00728 //MSG Finished 00729 memcpy(ptr, tls_session->tls_heap->hash_buf, 24); 00730 ptr += 24; 00731 return ptr; 00732 } 00733 00734 void tls_build_client_change_chipher_suite_finnish(buffer_t *buf, sec_suite_t *tls_suite) 00735 { 00736 uint8_t *ptr; 00737 buffer_data_clear(buf); 00738 ptr = buffer_data_pointer(buf); 00739 if ((tls_suite->setups & TLS_SERVER_MODE) == 0) { 00740 ptr = tls_set_client_key_excange(ptr, tls_suite); 00741 } 00742 ptr = tls_build_change_chipher_suite_finnish_msg(ptr, tls_suite->tls_session); 00743 buffer_data_end_set(buf, ptr); 00744 tr_debug("TLS TX: KEY Exchange"); 00745 } 00746 #ifdef ECC 00747 void tls_ecc_verfify_start(sec_suite_t *tls_suite) 00748 { 00749 if (ecc_state_idle_check() == ECC_STATUS_OK) { 00750 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 00751 uint8_t hash_response = ecc_verify_calculate_hash(tls_suite); 00752 if (hash_response) { 00753 tr_debug("HASH calc Fail: %02x", hash_response); 00754 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 00755 } else { 00756 int8_t ecc_response = ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &(tls_heap->ecc_heap->cert_pub_key), &ecc_operation_done_callback); 00757 if (ecc_response == ECC_STATUS_OK) { 00758 tls_heap->ecc_heap->sgnt = 0; 00759 sec_lib_state_machine_lock(tls_suite, TLS_ECC_MESSAGE_VERIFY); 00760 sec_ecc_state_save(tls_suite); 00761 } else { 00762 tr_debug("calcVerify Fail: %d", ecc_response); 00763 } 00764 } 00765 } else { 00766 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START2); 00767 } 00768 } 00769 00770 00771 void tls_certificate_signature_verify(sec_suite_t *tls_suite) 00772 { 00773 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 00774 if (ecc_state_idle_check() == ECC_STATUS_OK) { 00775 uint8_t alert_tx = 0; 00776 uint8_t chain_analyze_ok = 0; 00777 if (tls_heap->rx_ceri_chain.rd_ptr + 1 <= tls_heap->rx_ceri_chain.wr_ptr) { 00778 uint8_t certi_verify = 0; 00779 certificate_info_t *cer_info = &(tls_heap->rx_ceri_chain.certi_chain[tls_heap->rx_ceri_chain.rd_ptr]); 00780 00781 //Verify Cur Certi Signature bye Next Certi PK 00782 tr_debug("index,Check Signature: rd: %02x, wr: %02x", tls_heap->rx_ceri_chain.rd_ptr, tls_heap->rx_ceri_chain.wr_ptr); 00783 00784 if ((tls_heap->rx_ceri_chain.rd_ptr + 1) == tls_heap->rx_ceri_chain.wr_ptr) { 00785 uint8_t self_signed = 0; 00786 if (cer_info->issue_len == cer_info->subj_len) { 00787 if (memcmp(cer_info->issue_ptr, cer_info->subj_ptr, cer_info->issue_len) == 0) { 00788 self_signed = 1; 00789 } 00790 } 00791 00792 if (self_signed) { 00793 certificate_chain_internal_t *temp; 00794 00795 temp = sec_cetificate_chain_get(SEC_NWK_AUTHENTICATION_CERTI_CHAIN); 00796 00797 tr_debug("SELF Signed. Compare Root"); 00798 if (temp) { 00799 uint16_t root_len = 0; 00800 uint8_t root_type = 0; 00801 const uint8_t *ptr = temp->certi_chain[0]; 00802 uint8_t *root_ptr = cer_info->certi_ptr; 00803 root_ptr -= 4; 00804 asn1_parse(root_ptr, &root_len, &root_type); 00805 alert_tx = 1; 00806 if ((root_len + 4) == temp->certi_len[0]) { 00807 if (memcmp(root_ptr, ptr, temp->certi_len[0]) == 0) { 00808 tr_debug("Trusted Root certificate"); 00809 alert_tx = 0; 00810 chain_analyze_ok = 1; 00811 } else { 00812 tr_debug("Not Trusted Root"); 00813 } 00814 } else { 00815 alert_tx = 1; 00816 } 00817 } else { 00818 alert_tx = 1; 00819 } 00820 } else { 00821 00822 //Compare all ways to Root Certi 00823 certificate_chain_internal_t *temp; 00824 00825 temp = sec_cetificate_chain_get(SEC_NWK_AUTHENTICATION_CERTI_CHAIN); 00826 if (temp) { 00827 if (temp->sub_len[0] == cer_info->issue_len) { 00828 if (memcmp(cer_info->issue_ptr, temp->sub_chain[0], cer_info->issue_len) == 0) { 00829 tr_debug("Get Root PK"); 00830 tls_heap->rx_ceri_chain.wr_ptr--; 00831 if (x509_v3_certi_pk_get((uint8_t *)temp->certi_chain[0], &(tls_heap->rx_ceri_chain)) == 0) { 00832 tr_debug("..fail"); 00833 } else { 00834 tr_debug("..OK"); 00835 tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.rd_ptr)); 00836 certi_verify = 2; 00837 } 00838 } 00839 } 00840 if (certi_verify == 0) { 00841 alert_tx = 1; 00842 tr_debug("Unknow CA"); 00843 } 00844 } else { 00845 alert_tx = 1; 00846 } 00847 } 00848 } else { 00849 00850 certificate_info_t *cer_sig = &(tls_heap->rx_ceri_chain.certi_chain[tls_heap->rx_ceri_chain.rd_ptr + 1]); 00851 00852 if (cer_info->issue_len == cer_sig->subj_len) { 00853 if (memcmp(cer_info->issue_ptr, cer_sig->subj_ptr, cer_info->issue_len) == 0) { 00854 certi_verify = 1; 00855 } else { 00856 alert_tx = 1; 00857 tr_debug("Not Valid chain signature subject entry"); 00858 } 00859 } else { 00860 alert_tx = 1; 00861 tr_debug("Not Valid chain signature subject len"); 00862 } 00863 00864 00865 } 00866 if (certi_verify) { 00867 //Calc HASH 00868 memset((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data, 0, sizeof(MPint)); 00869 ns_sha256(cer_info->certi_ptr, cer_info->certi_len, tls_heap->ecc_heap->sgnt->m_m.data); 00870 tls_ecc_reverse_hash((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data); 00871 00872 //GET Signature From Cur Certi 00873 tls_read_certi_signature(tls_heap, 1); 00874 00875 //GET PUB KEY from next HOP 00876 if (certi_verify == 1) { 00877 tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.rd_ptr + 1)); 00878 00879 } 00880 00881 if (ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &tls_heap->ecc_heap->cert_pub_key, &ecc_operation_done_callback) == ECC_STATUS_OK) { 00882 tls_heap->ecc_heap->sgnt = 0; 00883 sec_lib_state_machine_lock(tls_suite, TLS_ECC_CERTIFICATE_SIGNATURE_CHECK); 00884 sec_ecc_state_save(tls_suite); 00885 tls_heap->rx_ceri_chain.rd_ptr++; 00886 } else { 00887 if (tls_heap->ecc_heap->sgnt) { 00888 ns_dyn_mem_free(tls_heap->ecc_heap->sgnt); 00889 tls_heap->ecc_heap->sgnt = 0; 00890 } 00891 alert_tx = 1; 00892 00893 } 00894 } 00895 } else { 00896 chain_analyze_ok = 1; 00897 } 00898 00899 if (chain_analyze_ok) { 00900 if (tls_heap->signature_temp_buf) { 00901 //Take Signature 00902 tls_read_certi_signature(tls_heap, 0); 00903 if (tls_heap->signature_temp_buf == tls_heap->cert_temp_buf) { 00904 tls_heap->signature_temp_buf = 0; 00905 } else { 00906 if (tls_heap->pointer_types & 2) { 00907 buffer_free(tls_heap->signature_temp_buf); 00908 } else { 00909 ns_dyn_mem_free(tls_heap->signature_temp_buf); 00910 } 00911 tls_heap->signature_temp_buf = 0; 00912 } 00913 } 00914 00915 tr_debug("Certi signature check OK"); 00916 tls_parse_subject_get_pub_key_from_chain(tls_heap, 0); 00917 00918 if (tls_heap->rx_ceri_chain.wr_ptr == 0) { 00919 certificate_info_t *c_ptr = &(tls_heap->rx_ceri_chain.certi_chain[0]); 00920 if (x509_v3_certi_pk_get((uint8_t *)c_ptr->certi_ptr, &tls_heap->rx_ceri_chain) == 0) { 00921 tr_debug("Fail read certificate PUB Key"); 00922 } else { 00923 tls_parse_subject_get_pub_key_from_chain(tls_heap, (tls_heap->rx_ceri_chain.wr_ptr)); 00924 } 00925 } 00926 00927 if (tls_heap->pointer_types & 1) { 00928 buffer_free(tls_heap->cert_temp_buf); 00929 } else { 00930 ns_dyn_mem_free(tls_heap->cert_temp_buf); 00931 } 00932 tls_heap->cert_temp_buf = 0; 00933 00934 if (tls_suite->setups & TLS_SERVER_MODE) { 00935 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START); 00936 } else { 00937 tr_debug("Start Do Certi Verify calc"); 00938 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START2); 00939 } 00940 } 00941 if (alert_tx) { 00942 tr_debug("PSK cal fail"); 00943 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 00944 } 00945 } else { 00946 tls_suite->timer = 1; 00947 } 00948 } 00949 00950 void tls_server_finnish_handle_start(sec_suite_t *tls_suite) 00951 { 00952 if (ecc_state_idle_check() == ECC_STATUS_OK) { 00953 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 00954 uint8_t alert_tx = 0; 00955 if (tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY) { 00956 memcpy(tls_heap->ecc_heap->sgnt->m_m.data, tls_heap->hash_buf, 32); 00957 // initialize the rest of MPint as the hash is covering only part of it 00958 memset(((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data) + 32, 0, sizeof(MPint) - 32); 00959 tls_ecc_reverse_hash((uint8_t *)tls_heap->ecc_heap->sgnt->m_m.data); 00960 00961 if (ecc_calculate_verify(tls_heap->ecc_heap->sgnt, &tls_heap->ecc_heap->cert_pub_key, &ecc_operation_done_callback) == ECC_STATUS_OK) { 00962 tls_heap->ecc_heap->sgnt = 0; 00963 sec_lib_state_machine_lock(tls_suite, TLS_ECC_MESSAGE_VERIFY); 00964 sec_ecc_state_save(tls_suite); 00965 } else { 00966 if (tls_heap->ecc_heap->sgnt) { 00967 ecc_library_free_pointer(tls_heap->ecc_heap->sgnt); 00968 //ns_dyn_mem_free(tls_heap->ecc_heap->sgnt); 00969 tls_heap->ecc_heap->sgnt = 0; 00970 } 00971 alert_tx = 1; 00972 00973 } 00974 } else { 00975 if (tls_ecc_start_premaster_secret(0, tls_suite) == 0) { 00976 alert_tx = 1; 00977 } 00978 } 00979 if (alert_tx) { 00980 tr_debug("PSK cal fail"); 00981 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 00982 } 00983 } else { 00984 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START); 00985 } 00986 } 00987 #endif 00988 00989 #ifdef PANA_SERVER_API 00990 static buffer_t *tls_verify_handler(uint8_t certi_rx, tls_header_t *tls_header_ptr, buffer_t *buf, sec_suite_t *tls_suite) 00991 { 00992 (void) certi_rx; 00993 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 00994 tls_heap->client_verify_buf_len = tls_header_ptr->length; 00995 if (tls_heap->client_verify_buf) { 00996 tr_debug("Free Server Client 1r"); 00997 ns_dyn_mem_free(tls_heap->client_verify_buf); 00998 tls_heap->client_verify_buf = 0; 00999 } 01000 tls_heap->client_verify_buf = ns_dyn_mem_alloc(tls_header_ptr->length); 01001 if (tls_heap->client_verify_buf) { 01002 memcpy(tls_heap->client_verify_buf, tls_header_ptr->ptr, tls_header_ptr->length); 01003 01004 #ifdef ECC 01005 if (tls_heap->tls_chipher_mode == CHIPHER_ECC) { 01006 01007 if (certi_rx) { 01008 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_SERVER_VERIFY_START); 01009 tr_debug("Certi RX > 0"); 01010 if (tls_suite->tls_session->tls_heap) { 01011 uint8_t free_buf = 1; 01012 if (certi_rx & 1) { 01013 if (tls_heap->cert_temp_buf == 0) { 01014 tls_heap->pointer_types |= 1; 01015 tls_heap->cert_temp_buf = buf; 01016 free_buf = 0; 01017 } 01018 } 01019 if (certi_rx & 2) { 01020 if (tls_heap->signature_temp_buf == 0) { 01021 tls_heap->pointer_types |= 2; 01022 tls_heap->signature_temp_buf = buf; 01023 free_buf = 0; 01024 } 01025 } 01026 01027 if (free_buf == 0) { 01028 buf = NULL; 01029 } 01030 } 01031 01032 } 01033 if (buf) { 01034 buf = buffer_free(buf); 01035 } 01036 01037 } else 01038 #endif 01039 { 01040 tr_debug("Start Server PRF_CALC state"); 01041 sec_prf_state_set(tls_suite); 01042 } 01043 } else { 01044 tr_debug("Heap_error: client verify chiphersuite!!"); 01045 } 01046 01047 return (buf); 01048 } 01049 #endif 01050 01051 static int8_t tls_client_verify_handler(tls_header_t *tls_header_ptr, sec_suite_t *tls_suite) 01052 { 01053 if (tls_ccm_data_decrypt(tls_header_ptr->ptr, tls_header_ptr->length, tls_suite->tls_session->key_expansion, TLS_HANDSHAKE, true) == 0) { 01054 uint8_t *ptr = tls_header_ptr->ptr + 8; 01055 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 01056 01057 if (ptr[0] == TLS_FINISHED && common_read_24_bit(ptr + 1) == 12) { 01058 ptr += 4; 01059 // 01060 tr_debug("Finish RX: %s", tr_array(ptr, 12)); 01061 01062 memcpy(tls_heap->verify, ptr, 12); 01063 return 0; 01064 } else { 01065 //RETURN error 01066 tr_debug("No Chiphertext"); 01067 return -1; 01068 } 01069 } 01070 01071 tr_debug("Encode error"); 01072 return -2; 01073 01074 } 01075 01076 static buffer_t *tls_certificate_buffer_store(buffer_t *buf, uint8_t certi_rx, sec_suite_t *tls_suite) 01077 { 01078 if (certi_rx) { 01079 if (tls_suite->tls_session->tls_heap) { 01080 uint8_t free_buf = 1; 01081 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 01082 if (certi_rx & 1) { 01083 if (theap->cert_temp_buf == 0) { 01084 theap->pointer_types |= 1; 01085 theap->cert_temp_buf = buf; 01086 free_buf = 0; 01087 01088 } 01089 } 01090 if (certi_rx & 2) { 01091 if (theap->signature_temp_buf == 0) { 01092 theap->pointer_types |= 2; 01093 theap->signature_temp_buf = buf; 01094 free_buf = 0; 01095 } 01096 } 01097 if (free_buf == 0) { 01098 buf = NULL; 01099 } 01100 } 01101 } 01102 01103 if (buf) { 01104 buf = buffer_free(buf); 01105 } 01106 01107 return buf; 01108 } 01109 01110 buffer_t *tls_client_up(buffer_t *buf, sec_suite_t *tls_suite) 01111 { 01112 uint8_t i = 0, certi_rx = 0; 01113 uint16_t data_len = 0; 01114 uint8_t alert_case = 0; 01115 uint8_t *ptr; 01116 tls_header_t *tls_header_ptr; 01117 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 01118 uint8_t algo_ok = 0, j = 0; 01119 ptr = buffer_data_pointer(buf); 01120 01121 i = 1; 01122 while (buf->buf_ptr < buf->buf_end ) { 01123 data_len = buffer_data_length(buf); 01124 ptr = buffer_data_pointer(buf); 01125 tls_header_ptr = NULL; 01126 01127 if (data_len >= 5) { 01128 uint16_t tls_version; 01129 tls_header.type = *ptr++; 01130 tls_version = common_read_16_bit(ptr); 01131 ptr += 2; 01132 if (tls_version != TLS_1_2_VERSION) { 01133 tr_debug("Len: %04x", data_len); 01134 tr_debug("%s", tr_array(ptr, 4)); 01135 alert_case = 4; 01136 } else { 01137 tls_header.length = common_read_16_bit(ptr); 01138 ptr += 2; 01139 data_len -= 5; 01140 if (tls_header.length > data_len) { 01141 alert_case = 5; 01142 } else { 01143 tr_debug("Full TLS Record"); 01144 tls_header.ptr = ptr; 01145 buf->buf_ptr += tls_header.length; 01146 buf->buf_ptr += 5; 01147 tls_header_ptr = &tls_header; 01148 } 01149 } 01150 } else { 01151 alert_case = 5; 01152 } 01153 01154 if (alert_case) { 01155 tr_debug("TLS Segmentation or datagram error: %02x", alert_case); 01156 buf->buf_ptr = buf->buf_end ; 01157 //SET Alert Case 01158 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01159 return buffer_free(buf); 01160 } 01161 01162 if (tls_header_ptr) { 01163 if (tls_header_ptr->type == TLS_HANDSHAKE && (tls_heap != 0)) { 01164 tr_debug("Type:Handshake"); 01165 if (tls_suite->state == TLS_CHANGE_CHIPHER) { 01166 if (tls_header_ptr->length < 32) { 01167 tr_debug("Too short Chiher Text"); 01168 } else if ((algo_ok & 0x20) && (tls_suite->state == PRF_CALC)) { 01169 tr_debug("Drop Client RE TX"); 01170 /*tls_text_cnt = */j = 1; 01171 } else { 01172 int8_t returnCode = tls_client_verify_handler(tls_header_ptr, tls_suite); 01173 if (returnCode == 0) { 01174 algo_ok |= 0x10; 01175 sec_lib_state_machine_trig(tls_suite, TLS_FINISH); 01176 j = 1; 01177 } else if (returnCode == -1) { 01178 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01179 return buffer_free(buf); 01180 } else { 01181 i = 5; 01182 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01183 break; 01184 } 01185 01186 //Set Back Originals 01187 tls_header_ptr->ptr -= 8; 01188 tls_header_ptr->length += 16; 01189 } 01190 } else { 01191 uint8_t tls_msg_cnt = 0; 01192 tls_msg_t *tls_msg_ptr = 0; 01193 if (algo_ok != 0x18) { 01194 tls_msg_cnt = tls_msg_analyzy(tls_header_ptr->ptr, tls_header_ptr->length); 01195 j = 0; 01196 } 01197 ptr = tls_header_ptr->ptr; 01198 while (j < tls_msg_cnt) { 01199 tls_msg_ptr = tls_msg_get(ptr); 01200 01201 switch (tls_msg_ptr->type) { 01202 case TLS_SERVER_HELLO: 01203 if (tls_msg_ptr->len >= 38) { 01204 if (tls_suite->state == TLS_INIT) { 01205 if (tls_parse_server_hello(tls_msg_ptr->msg_ptr, tls_suite)) { 01206 01207 uint8_t switch_state = 0; 01208 tr_debug("TLS:S_Hello OK"); 01209 if (tls_heap->tls_chipher_mode != CHIPHER_ECC) { 01210 algo_ok |= 1; 01211 switch_state = 1; 01212 tls_ecc_heap_free(tls_heap); 01213 } else { 01214 01215 #ifdef ECC 01216 tls_suite->retry_counter = 0; 01217 switch_state = 1; 01218 #else 01219 tr_debug("NO ECC Sup"); 01220 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01221 return buffer_free(buf); 01222 #endif 01223 01224 } 01225 if (switch_state) { 01226 tls_suite->setups &= ~TLS_HANSHAKE_HASH; 01227 sec_set_auth_timeout(tls_suite, TLS_HELLO_RX); 01228 tls_suite->retry_counter = 0; 01229 tls_handshake_copy(tls_msg_ptr, tls_heap); 01230 } 01231 } else { 01232 tr_debug("TLS:S_Hello Fail: %02x", tls_suite->state); 01233 } 01234 } else { 01235 tr_debug("SERver RE Tx drop Ser Hello"); 01236 } 01237 } 01238 break; 01239 01240 case TLS_SERVER_HELLO_DONE: 01241 if (tls_msg_ptr->len == 0) { 01242 if (tls_suite->state >= TLS_CERTIFICATE_RX && tls_suite->state < PANA_ERROR) { 01243 tr_debug("TLS:S_Hello DONE"); 01244 algo_ok |= 2; 01245 tls_handshake_copy(tls_msg_ptr, tls_heap); 01246 sec_lib_state_machine_trig(tls_suite, TLS_HELLO_DONE); 01247 } else { 01248 tr_debug("Drop Ser Hello Done: %02x", tls_suite->state); 01249 } 01250 } 01251 break; 01252 01253 case TLS_CERTIFICATE: 01254 #ifdef ECC 01255 if (tls_suite->state == TLS_HELLO_RX) { 01256 tr_debug("TLS Certi RX"); 01257 01258 if (tls_parse_certificate(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01259 01260 tls_suite->setups |= TLS_ECC_CERTIFICATE_RECEIVED; 01261 algo_ok = 0; 01262 tls_handshake_copy(tls_msg_ptr, tls_heap); 01263 tls_suite->timer = pana_retry_req_max_get(); 01264 01265 tls_suite->state = TLS_CERTIFICATE_RX; 01266 certi_rx |= 1; 01267 01268 } else { 01269 tr_debug("TLS Malformed Certificate"); 01270 01271 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_BAD_CERTIFICATE); 01272 return buffer_free(buf); 01273 } 01274 01275 } else { 01276 tr_debug("Drop Cert: %02x", tls_suite->state); 01277 return buffer_free(buf); 01278 } 01279 #else 01280 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01281 #endif 01282 break; 01283 01284 case TLS_SERVER_KEY_EXCHANGE: 01285 tr_debug(" TLS Serv KEY Exchange RX"); 01286 #ifdef ECC 01287 if (!tls_parse_server_key_exchange(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01288 tr_debug("Drop Key"); 01289 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01290 } else { 01291 algo_ok = 0; 01292 tls_handshake_copy(tls_msg_ptr, tls_heap); 01293 certi_rx |= 2; 01294 sec_set_auth_timeout(tls_suite, TLS_SERVER_KEY_EXCHANGE_RX); 01295 } 01296 #else 01297 tr_debug("Drop Key"); 01298 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01299 #endif 01300 01301 break; 01302 01303 case TLS_CERTIFICATE_REQUEST: 01304 #ifdef ECC 01305 if (tls_parse_certificate_request(tls_msg_ptr->msg_ptr, tls_msg_ptr->len)) { 01306 tr_debug(" TLS Cert request- "); 01307 if ((tls_suite->setups & TLS_ECC_CERTIFICATE_REQUESTED) == 0) { 01308 tls_suite->setups |= TLS_ECC_CERTIFICATE_REQUESTED; 01309 tls_handshake_copy(tls_msg_ptr, tls_heap); 01310 01311 } 01312 } else 01313 #endif 01314 { 01315 tr_debug("Client drop Cert Request"); 01316 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT); 01317 return buffer_free(buf); 01318 } 01319 break; 01320 01321 default: 01322 break; 01323 } 01324 ptr = tls_msg_ptr->msg_ptr; 01325 ptr += tls_msg_ptr->len; 01326 j++; 01327 } 01328 } 01329 01330 } else if (tls_header_ptr->type == TLS_CHANGE_CIPHER_SPEC && (tls_heap != 0) /*&& (tls_header[i].length == 1)*/) { 01331 uint8_t tx_alert = 1; 01332 tr_debug("TLS:Change ChipherS"); 01333 tr_debug("%02x", tls_suite->state); 01334 if (tls_suite->state == TLS_KEY_CHANGE) { 01335 tx_alert = 0; 01336 } 01337 01338 if (tx_alert) { 01339 tr_debug("Wrong state TX Alert"); 01340 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_CLOSE_FATAL); 01341 return buffer_free(buf); 01342 } else { 01343 sec_set_auth_timeout(tls_suite, TLS_CHANGE_CHIPHER); 01344 algo_ok |= 8; 01345 } 01346 01347 } else if (tls_header_ptr->type == TLS_ALERT_TYPE) { 01348 tr_debug("Alert!!"); 01349 if (tls_header_ptr->length == 2) { 01350 uint8_t *dptr = tls_header_ptr->ptr; 01351 tr_debug("%s", tr_array(tls_header_ptr->ptr, 2)); 01352 //Skip Alert Type and descriptions 01353 dptr += 2; 01354 algo_ok = 0xf0; 01355 sec_lib_state_machine_trig(tls_suite, PANA_FAILURE); 01356 } 01357 i = 0xfe; 01358 } 01359 } 01360 } 01361 01362 if (algo_ok) { 01363 if (tls_suite->state == TLS_HELLO_RX) { 01364 sec_set_auth_timeout(tls_suite, TLS_HELLO_RX); 01365 tls_suite->retry_counter = 0; 01366 i = 0xff; 01367 } else if (tls_suite->state == TLS_HELLO_DONE) { 01368 //ADD already Now Client key change handshake part 01369 #ifdef ECC 01370 if (tls_heap->tls_chipher_mode == CHIPHER_ECC) { 01371 if (tls_suite->setups & TLS_ECC_CERTIFICATE_REQUESTED) { 01372 tr_debug("Message verify start"); 01373 sec_lib_state_machine_trig(tls_suite, TLS_ECC_MESSAGE_VERIFY_START); 01374 } else { 01375 tr_debug("Cert REQ diabled"); 01376 } 01377 } else 01378 #endif 01379 { 01380 01381 tls_msg_t *tmp_msg = tls_msg_ptr_get(); 01382 01383 tmp_msg->len = 3; 01384 if (tls_suite->psk_key_id > 0xff) { 01385 tmp_msg->len++; 01386 } 01387 ptr = buf->buf ; 01388 *ptr++ = TLS_CLIENT_KEY_EXCHANGE; 01389 ptr = common_write_24_bit(tmp_msg->len, ptr); 01390 tmp_msg->msg_ptr = ptr; 01391 ptr = common_write_16_bit(tmp_msg->len - 2, ptr); 01392 if (tls_suite->psk_key_id > 0xff) { 01393 *ptr++ = tls_suite->psk_key_id >> 8; 01394 } 01395 01396 *ptr = tls_suite->psk_key_id;; 01397 tls_handshake_copy(tmp_msg, tls_heap); 01398 sec_prf_state_set(tls_suite); 01399 } 01400 i = 0xff; 01401 } else if (tls_suite->state == TLS_CHANGE_CHIPHER) { 01402 tr_debug("No Chipher Set Close state"); 01403 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01404 i = 0xff; 01405 } else if (tls_suite->state == TLS_FINISH) { 01406 tr_debug("Finish RX"); 01407 sec_lib_state_machine_trig(tls_suite, TLS_FINISH); 01408 i = 0xff; 01409 } else if (algo_ok == 0x18) { 01410 01411 } else { 01412 i = 11; 01413 tr_debug("%02x", algo_ok); 01414 } 01415 } 01416 01417 if (i) { 01418 buf = tls_certificate_buffer_store(buf, certi_rx, tls_suite); 01419 } 01420 return (buf); 01421 } 01422 01423 01424 01425 buffer_t *tls_server_up(buffer_t *buf, sec_suite_t *tls_suite) 01426 { 01427 #ifdef PANA_SERVER_API 01428 uint8_t i = 0, certi_rx = 0; 01429 uint16_t data_len = 0; 01430 uint8_t alert_case = 0; 01431 uint8_t *ptr; 01432 tls_header_t *tls_header_ptr; 01433 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 01434 uint8_t algo_ok = 0, j = 0; 01435 ptr = buffer_data_pointer(buf); 01436 01437 i = 1; 01438 while (buf->buf_ptr < buf->buf_end ) { 01439 data_len = buffer_data_length(buf); 01440 ptr = buffer_data_pointer(buf); 01441 tls_header_ptr = NULL; 01442 01443 if (data_len >= 5) { 01444 uint16_t tls_version; 01445 tls_header.type = *ptr++; 01446 tls_version = common_read_16_bit(ptr); 01447 ptr += 2; 01448 if (tls_version != TLS_1_2_VERSION) { 01449 tr_debug("Len: %04x", data_len); 01450 tr_debug("%s", tr_array(ptr, 4)); 01451 alert_case = 4; 01452 } else { 01453 tls_header.length = common_read_16_bit(ptr); 01454 ptr += 2; 01455 data_len -= 5; 01456 if (tls_header.length > data_len) { 01457 alert_case = 5; 01458 } else { 01459 tr_debug("Full TLS Record"); 01460 tls_header.ptr = ptr; 01461 buf->buf_ptr += tls_header.length; 01462 buf->buf_ptr += 5; 01463 tls_header_ptr = &tls_header; 01464 } 01465 } 01466 } else { 01467 alert_case = 5; 01468 } 01469 01470 if (alert_case) { 01471 tr_debug("TLS Segmentation or datagram error: %02x", alert_case); 01472 buf->buf_ptr = buf->buf_end ; 01473 //SET Alert Case 01474 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01475 return buffer_free(buf); 01476 } 01477 01478 if (tls_header_ptr) { 01479 if (tls_header_ptr->type == TLS_HANDSHAKE && (tls_heap != 0)) { 01480 tr_debug("Type:Handshake"); 01481 if (tls_suite->state == TLS_CHANGE_CHIPHER) { 01482 if (tls_header_ptr->length < 32) { 01483 tr_debug("Too short Chiher Text"); 01484 } else if ((algo_ok & 0x20) && (tls_suite->state == PRF_CALC)) { 01485 tr_debug("Drop Client RE TX"); 01486 /*tls_text_cnt = */j = 1; 01487 } else { 01488 buf = tls_verify_handler(certi_rx, tls_header_ptr, buf, tls_suite); 01489 if (!buf) { 01490 return buf; 01491 } 01492 } 01493 } else { 01494 uint8_t tls_msg_cnt = 0; 01495 tls_msg_t *tls_msg_ptr = 0; 01496 if (algo_ok != 0x18) { 01497 tls_msg_cnt = tls_msg_analyzy(tls_header_ptr->ptr, tls_header_ptr->length); 01498 j = 0; 01499 } 01500 ptr = tls_header_ptr->ptr; 01501 while (j < tls_msg_cnt) { 01502 tls_msg_ptr = tls_msg_get(ptr); 01503 01504 switch (tls_msg_ptr->type) { 01505 case TLS_CLIENT_HELLO: 01506 //Parse 01507 if (tls_parse_client_hello(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01508 tr_debug("TLS:C_Hello OK"); 01509 algo_ok = 0; 01510 tls_heap->tls_handshake_h_len = 0; 01511 tls_handshake_copy(tls_msg_ptr, tls_heap); 01512 if (tls_heap->tls_chipher_mode == CHIPHER_ECC) { 01513 #ifdef ECC 01514 sec_lib_state_machine_trig(tls_suite, TLS_SERVER_ECC_PUB_KEY_GEN); 01515 #else 01516 tr_debug("NO ECC Sup"); 01517 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01518 return buffer_free(buf); 01519 #endif 01520 01521 } else { 01522 tls_ecc_heap_free(tls_heap); 01523 sec_lib_state_machine_trig(tls_suite, TLS_SERVER_TX_SERVER_HELLO); 01524 } 01525 01526 } else { 01527 tr_debug("TLS:C_Hello Fail"); 01528 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01529 return buffer_free(buf); 01530 } 01531 break; 01532 01533 case TLS_CERTIFICATE: 01534 #ifdef ECC 01535 01536 if (tls_suite->state == TLS_TX_SERVER_KEY_EXCHANGE || tls_suite->state == TLS_SERVER_WAIT_CHANGE_CHIPHERSUITE) { 01537 tr_debug("TLS Certi RX"); 01538 01539 if (tls_parse_certificate(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01540 01541 tls_suite->setups |= TLS_ECC_CERTIFICATE_RECEIVED; 01542 algo_ok = 0; 01543 tls_handshake_copy(tls_msg_ptr, tls_heap); 01544 tls_suite->timer = pana_retry_req_max_get(); 01545 tls_suite->state = TLS_CERTIFICATE_RX; 01546 certi_rx |= 1; 01547 01548 } else { 01549 tr_debug("TLS Malformed Certificate"); 01550 01551 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_BAD_CERTIFICATE); 01552 return buffer_free(buf); 01553 } 01554 01555 } else { 01556 tr_debug("Drop Cert: %02x", tls_suite->state); 01557 return buffer_free(buf); 01558 } 01559 #else 01560 sec_lib_state_machine_trig(tls_suite, PANA_ERROR); 01561 #endif 01562 break; 01563 01564 case TLS_CLIENT_KEY_EXCHANGE: 01565 tr_debug(" TLS Client KEY Exchange RX"); 01566 if (tls_heap->tls_chipher_mode == CHIPHER_PSK) { 01567 uint8_t *d_ptr = tls_msg_ptr->msg_ptr; 01568 uint16_t key_len; 01569 uint16_t received_key_id = 0; 01570 01571 key_len = common_read_16_bit(d_ptr); 01572 d_ptr += 2; 01573 01574 if (key_len) { 01575 if (key_len == 2) { 01576 received_key_id = (*d_ptr++) << 8; 01577 } 01578 received_key_id += *d_ptr; 01579 } 01580 01581 if (tls_get_key(received_key_id) != NULL) { 01582 tls_suite->psk_key_id = received_key_id; 01583 01584 if (tls_suite->state != PRF_CALC) { 01585 tr_debug("Client KEY Exchange "); 01586 tls_handshake_copy(tls_msg_ptr, tls_heap); 01587 algo_ok = 0; 01588 } else { 01589 tr_debug("Client Re TX"); 01590 } 01591 } 01592 01593 /* Not valid Key ID */ 01594 else { 01595 tr_debug("Server drop Client Key Exchange"); 01596 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT); 01597 return buffer_free(buf); 01598 } 01599 } else { 01600 #ifdef ECC 01601 if (tls_parse_client_key_exchange(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01602 algo_ok = 0; 01603 tls_handshake_copy(tls_msg_ptr, tls_heap); 01604 sec_set_auth_timeout(tls_suite, TLS_CLIENT_KEY_EXCHANGE_RX); 01605 } else 01606 #endif 01607 { 01608 tr_debug("Server drop Client Key EX"); 01609 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT); 01610 return buffer_free(buf); 01611 } 01612 } 01613 break; 01614 01615 case TLS_CERTIFICATE_VERIFY: 01616 tr_debug(" TLS Cert Verify "); 01617 #ifdef ECC 01618 if (tls_parse_certificate_verify(tls_msg_ptr->msg_ptr, tls_msg_ptr->len, tls_suite)) { 01619 01620 if ((tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY) == 0) { 01621 tr_debug("Calc Hash for Cert Verify"); 01622 tls_suite->setups |= TLS_ECC_CERTIFICATE_VERIFY; 01623 tls_hanshake_hash_cal(tls_heap); 01624 tls_handshake_copy(tls_msg_ptr, tls_heap); 01625 certi_rx |= 2; 01626 } 01627 } else 01628 #endif 01629 { 01630 tr_debug("Client Cert Verfify fail"); 01631 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_DECRYPT); 01632 return buffer_free(buf); 01633 } 01634 break; 01635 default: 01636 break; 01637 } 01638 ptr = tls_msg_ptr->msg_ptr; 01639 ptr += tls_msg_ptr->len; 01640 j++; 01641 } 01642 } 01643 01644 } else if (tls_header_ptr->type == TLS_CHANGE_CIPHER_SPEC && (tls_heap != 0) /*&& (tls_header[i].length == 1)*/) { 01645 uint8_t tx_alert = 1; 01646 tr_debug("TLS:Change ChipherS"); 01647 tr_debug("%02x", tls_suite->state); 01648 if (tls_suite->state == TLS_CLIENT_KEY_EXCHANGE_RX || tls_suite->state == TLS_SERVER_WAIT_CHANGE_CHIPHERSUITE) { 01649 tx_alert = 0; 01650 } 01651 01652 if (tx_alert) { 01653 tr_debug("Wrong state TX Alert"); 01654 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_CLOSE_FATAL); 01655 return buffer_free(buf); 01656 } else { 01657 sec_set_auth_timeout(tls_suite, TLS_CHANGE_CHIPHER); 01658 algo_ok |= 8; 01659 } 01660 01661 } else if (tls_header_ptr->type == TLS_ALERT_TYPE) { 01662 tr_debug("Alert!!"); 01663 if (tls_header_ptr->length == 2) { 01664 uint8_t *dptr = tls_header_ptr->ptr; 01665 tr_debug("%s", tr_array(tls_header_ptr->ptr, 2)); 01666 //Skip Alert Type and descriptions 01667 dptr += 2; 01668 algo_ok = 0xf0; 01669 sec_lib_state_machine_trig(tls_suite, PANA_FAILURE); 01670 } 01671 i = 0xfe; 01672 } 01673 } 01674 } 01675 if (algo_ok) { 01676 if (tls_suite->state == TLS_CHANGE_CHIPHER) { 01677 tr_debug("No Chipher RX--TXalert"); 01678 sec_lib_state_machine_trig(tls_suite, TLS_ALERT_INTERNAL); 01679 i = 0xff; 01680 } else if (algo_ok == 0x18) { 01681 01682 } else { 01683 i = 11; 01684 tr_debug("%02x", algo_ok); 01685 } 01686 } 01687 01688 if (i) { 01689 buf = tls_certificate_buffer_store(buf, certi_rx, tls_suite); 01690 } 01691 #else 01692 if (buf) { 01693 buf = buffer_free(buf); 01694 } 01695 #endif 01696 return (buf); 01697 } 01698 01699 01700 buffer_t *tls_client_hello_build(buffer_t *buf, sec_suite_t *tls_suite) 01701 { 01702 uint8_t *ptr; 01703 tls_msg_t *tmp_msg = tls_msg_ptr_get(); 01704 tls_heap_t *tls_heap = tls_suite->tls_session->tls_heap; 01705 tr_debug("TTLs TX:Client Hello"); 01706 //Build Client Hello 01707 ptr = buffer_data_clear(buf); 01708 //for Hash calculation 01709 01710 *ptr++ = TLS_CLIENT_HELLO; 01711 ptr += 3; // skip length, fill in at the end 01712 tmp_msg->msg_ptr = ptr; 01713 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 01714 memcpy(ptr, (tls_heap->tls_hello_random + CLIENT_HELLO_PTR), 32); 01715 ptr += 32; 01716 *ptr++ = 0; //Session ID length 01717 ptr += 2; // Skip cipher suite length; fill in a moment 01718 uint8_t *ciphers_ptr = ptr; 01719 #ifdef ECC 01720 if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_ECC) { 01721 ptr = common_write_16_bit(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, ptr); 01722 ptr = common_write_16_bit(TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT, ptr); 01723 } 01724 #endif 01725 if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_PSK) { 01726 ptr = common_write_16_bit(TLS_PSK_WITH_AES_128_CCM_8, ptr); 01727 } 01728 // Go back and fill in length 01729 common_write_16_bit(ptr - ciphers_ptr, ciphers_ptr - 2); 01730 01731 *ptr++ = 1; // 1 Compression method 01732 *ptr++ = TLS_COMPRESSION_METHOD_NULL; 01733 #ifdef ECC 01734 01735 //Set ECC Extensions 01736 if (tls_suite->supported_chipher_suites & SEC_CIPHERSUITE_ECC) { 01737 ptr = common_write_16_bit(8 + 8 + 6, ptr); //Extensions length 01738 01739 ptr = common_write_16_bit(TLS_EXTENSION_SIGNATURE_ALGORITHMS, ptr); 01740 ptr = common_write_16_bit(4, ptr); //extension data len 01741 ptr = common_write_16_bit(2, ptr); //algorithm list len 01742 ptr = common_write_16_bit(TLS_SIG_HASH_ALG_SHA256_ECDSA, ptr); 01743 01744 ptr = common_write_16_bit(TLS_EXTENSION_ELLIPTIC_CURVES, ptr); 01745 ptr = common_write_16_bit(4, ptr); //extension data len 01746 ptr = common_write_16_bit(2, ptr); //curve list len 01747 ptr = common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, ptr); 01748 01749 ptr = common_write_16_bit(TLS_EXTENSION_EC_POINT_FORMATS, ptr); 01750 ptr = common_write_16_bit(2, ptr); //extension data len 01751 *ptr++ = 1; // format list len 01752 *ptr++ = 0; //Uncompressed mode 01753 } 01754 #endif 01755 buffer_data_end_set(buf, ptr); 01756 01757 // Go back and write the length 01758 uint16_t tls_len = buffer_data_length(buf) - 4; 01759 tmp_msg->len = tls_len; 01760 common_write_24_bit(tls_len, buffer_data_pointer(buf) + 1); 01761 01762 tls_heap->tls_handshake_h_len = 0; 01763 tls_handshake_copy(tmp_msg, tls_heap); 01764 tls_suite->setups |= TLS_HANSHAKE_HASH; 01765 return tls_down(buf); 01766 01767 } 01768 01769 #ifdef ECC 01770 uint8_t *tls_server_key_excahnge_msg_build(uint8_t *ptr, tls_heap_t *heap_ptr) 01771 { 01772 uint8_t r_zeros; 01773 uint8_t s_zeros; 01774 01775 r_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_R.data); 01776 s_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_s.data); 01777 *ptr++ = TLS_SERVER_KEY_EXCHANGE; 01778 ptr = common_write_24_bit((145 - r_zeros - s_zeros), ptr); 01779 *ptr++ = 3; //type 01780 ptr = common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, ptr); 01781 //There shuold be calculated case now only test purpose 01782 *ptr++ = 65; //len 01783 *ptr++ = 4; //type 01784 memcpy(ptr, heap_ptr->ecc_heap->server_public_key, 64); 01785 ptr += 64; 01786 ptr = common_write_16_bit(TLS_SIG_HASH_ALG_SHA256_ECDSA, ptr); 01787 ptr = common_write_16_bit((72 - r_zeros - s_zeros), ptr); 01788 *ptr++ = 0x30; 01789 *ptr++ = 70 - r_zeros - s_zeros; 01790 ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_R.data), r_zeros); 01791 ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_s.data), s_zeros); 01792 return ptr; 01793 } 01794 01795 01796 uint8_t *tls_certificate_verify_msg_set(uint8_t *ptr, tls_heap_t *heap_ptr) 01797 { 01798 uint8_t r_zeros; 01799 uint8_t s_zeros; 01800 r_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_R.data); 01801 s_zeros = tls_get_leading_zeros(heap_ptr->ecc_heap->sgnt->m_s.data); 01802 01803 *ptr++ = TLS_CERTIFICATE_VERIFY; 01804 ptr = common_write_24_bit((76 - r_zeros - s_zeros), ptr); 01805 *ptr++ = 4; 01806 *ptr++ = 3; 01807 *ptr++ = 0; 01808 *ptr++ = 72 - r_zeros - s_zeros; 01809 *ptr++ = 0x30; 01810 *ptr++ = 70 - r_zeros - s_zeros; 01811 ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_R.data), r_zeros); 01812 ptr += tls_write_signature_parameters(ptr, ((uint8_t *)heap_ptr->ecc_heap->sgnt->m_s.data), s_zeros); 01813 return ptr; 01814 } 01815 #define CERTI_CHAIN_3 01816 01817 uint16_t tls_certificate_len(certificate_chain_internal_t *temp) 01818 { 01819 uint8_t i; 01820 uint16_t len = 0; 01821 01822 if (temp) { 01823 len += 10; 01824 if (temp->chain_length > 1) { 01825 for (i = 0; i < (temp->chain_length - 1); i++) { 01826 if (i) { 01827 len += 3; 01828 } 01829 len += temp->certi_len[i + 1]; 01830 } 01831 } else if (temp->chain_length == 1) { 01832 len += temp->certi_len[0]; 01833 } 01834 } 01835 return len; 01836 } 01837 01838 uint8_t *tls_certificate_msg_set(uint8_t *ptr, certificate_chain_internal_t *temp) 01839 { 01840 uint8_t i; 01841 uint16_t len = 0; 01842 len = tls_certificate_len(temp); 01843 if (temp) { 01844 len -= 4; // Cut TLS haeder space off 01845 /* Set Certificate */ 01846 *ptr++ = TLS_CERTIFICATE; 01847 ptr = common_write_24_bit(len, ptr); 01848 len -= 3; 01849 ptr = common_write_24_bit(len, ptr); 01850 01851 i = temp->chain_length; 01852 if (i > 1) { 01853 while (i) { 01854 i--; 01855 if (i) { 01856 ptr = common_write_24_bit(temp->certi_len[i], ptr); 01857 memcpy(ptr, temp->certi_chain[i], temp->certi_len[i]); 01858 ptr += temp->certi_len[i]; 01859 } 01860 } 01861 } else if (i == 1) { 01862 ptr = common_write_24_bit(temp->certi_len[0], ptr); 01863 memcpy(ptr, temp->certi_chain[0], temp->certi_len[0]); 01864 ptr += temp->certi_len[0]; 01865 } 01866 } 01867 return ptr; 01868 } 01869 01870 uint8_t tls_write_signature_parameters(uint8_t *ptr, uint8_t *signature_parameter, uint8_t leadin_zeros) 01871 { 01872 uint8_t len = 2; 01873 uint8_t i; 01874 *ptr++ = 2; 01875 *ptr++ = 33 - leadin_zeros; 01876 if (leadin_zeros == 0) { 01877 *ptr++ = 0; 01878 len += 33; 01879 } else { 01880 leadin_zeros -= 1; 01881 len += (32 - leadin_zeros); 01882 } 01883 for (i = leadin_zeros; i < 32; i++) { 01884 *ptr++ = signature_parameter[31 - i]; 01885 } 01886 return len; 01887 } 01888 01889 void tls_ecc_point_reverse_order(uint8_t *dst, uint8_t *src) 01890 { 01891 uint8_t i; 01892 for (i = 0; i < 32; i++) { 01893 dst[i] = src[31 - i]; 01894 } 01895 } 01896 #endif 01897 01898 uint8_t *tls_build_server_hello_msg(uint8_t *ptr, tls_session_t *tls_session) 01899 { 01900 tls_heap_t *heap_ptr = tls_session->tls_heap; 01901 *ptr++ = TLS_SERVER_HELLO; 01902 ptr += 3; // fill length in at the end 01903 uint8_t *startptr = ptr; 01904 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 01905 01906 memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32); 01907 ptr += 32; 01908 01909 *ptr++ = tls_session->id_length; 01910 memcpy(ptr, tls_session->tls_session_id, tls_session->id_length); 01911 ptr += tls_session->id_length; 01912 01913 uint16_t ciphersuite; 01914 #ifdef ECC 01915 if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) { 01916 ciphersuite = heap_ptr->client_knows_standard_ecc_ciphersuite ? 01917 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : 01918 TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8_COMPAT; 01919 } else 01920 #endif 01921 { 01922 ciphersuite = TLS_PSK_WITH_AES_128_CCM_8; 01923 } 01924 01925 ptr = common_write_16_bit(ciphersuite, ptr); 01926 *ptr++ = TLS_COMPRESSION_METHOD_NULL; 01927 01928 if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) { 01929 ptr = common_write_16_bit(6, ptr); // 6 bytes of Extensions 01930 ptr = common_write_16_bit(TLS_EXTENSION_EC_POINT_FORMATS, ptr); 01931 ptr = common_write_16_bit(2, ptr); // 2 bytes of extension data 01932 *ptr++ = 1; // 1 byte of ec_point_format_list 01933 *ptr++ = 0; // ECPointFormat::uncompressed 01934 } 01935 01936 // Go back and fill in length 01937 common_write_24_bit(ptr - startptr, startptr - 3); 01938 01939 if (heap_ptr->tls_chipher_mode != CHIPHER_ECC) { 01940 *ptr++ = TLS_SERVER_HELLO_DONE; 01941 ptr = common_write_24_bit(0, ptr); // length 01942 } 01943 return ptr; 01944 } 01945 01946 void tls_header_set(buffer_t *buf) 01947 { 01948 uint8_t *ptr; 01949 uint16_t len; 01950 ptr = buffer_data_pointer(buf); 01951 len = buffer_data_length(buf); 01952 len -= 5; //Cut Flags byte off 01953 *ptr++ = TLS_HANDSHAKE; 01954 ptr = common_write_16_bit(TLS_1_2_VERSION, ptr); 01955 ptr = common_write_16_bit(len, ptr); 01956 } 01957 01958 void tls_session_id_genrate(uint8_t *suite, uint8_t length) 01959 { 01960 if (length > 32) { 01961 length = 32; 01962 } 01963 randLIB_get_n_bytes_random(suite, length); 01964 } 01965 01966 tls_heap_t *tls_heap_allocate(void) 01967 { 01968 tls_heap_t *heap_ptr = tls_heap_structure_allocate(); 01969 if (heap_ptr) { 01970 #ifdef ECC 01971 tls_ecc_heap_t *ecc_ptr = ecc_allocate_ram(); 01972 if (ecc_ptr == 0) { 01973 tr_debug("ECC Alloc Fail"); 01974 ns_dyn_mem_free(heap_ptr); 01975 heap_ptr = 0; 01976 return heap_ptr; 01977 } else { 01978 //uint8_t *ptr, i; 01979 heap_ptr->ecc_heap = ecc_ptr; 01980 } 01981 heap_ptr->client_knows_standard_ecc_ciphersuite = false; 01982 #endif 01983 randLIB_get_n_bytes_random(heap_ptr->tls_hello_random, 64); 01984 ns_sha256_init(&heap_ptr->sha256_ctx); 01985 heap_ptr->tls_chipher_mode = CHIPHER_NONE; 01986 heap_ptr->tls_handshake_h_len = 0; 01987 heap_ptr->client_verify_buf = 0; 01988 heap_ptr->client_verify_buf_len = 0; 01989 } 01990 return heap_ptr; 01991 } 01992 01993 void tls_heap_free(tls_heap_t *heap_ptr) 01994 { 01995 if (heap_ptr) { 01996 if (heap_ptr->cert_temp_buf) { 01997 if (heap_ptr->signature_temp_buf) { 01998 if (heap_ptr->signature_temp_buf == heap_ptr->cert_temp_buf) { 01999 heap_ptr->signature_temp_buf = 0; 02000 } 02001 02002 02003 } 02004 02005 if (heap_ptr->pointer_types & 1) { 02006 buffer_free(heap_ptr->cert_temp_buf); 02007 } else { 02008 ns_dyn_mem_free(heap_ptr->cert_temp_buf); 02009 } 02010 heap_ptr->cert_temp_buf = 0; 02011 } 02012 if (heap_ptr->signature_temp_buf) { 02013 if (heap_ptr->pointer_types & 2) { 02014 buffer_free(heap_ptr->signature_temp_buf); 02015 } else { 02016 ns_dyn_mem_free(heap_ptr->signature_temp_buf); 02017 } 02018 heap_ptr->signature_temp_buf = 0; 02019 } 02020 if (heap_ptr->client_verify_buf) { 02021 ns_dyn_mem_free(heap_ptr->client_verify_buf); 02022 heap_ptr->client_verify_buf = 0; 02023 } 02024 tls_ecc_heap_free(heap_ptr); 02025 ns_sha256_free(&heap_ptr->sha256_ctx); 02026 ns_dyn_mem_free(heap_ptr); 02027 } 02028 } 02029 #ifdef ECC 02030 void tls_ecc_heap_free(tls_heap_t *heap_ptr) 02031 { 02032 if (heap_ptr) { 02033 if (heap_ptr->ecc_heap) { 02034 if (heap_ptr->ecc_heap->sgnt) { 02035 ecc_library_free_pointer(heap_ptr->ecc_heap->sgnt); 02036 //ns_dyn_mem_free(heap_ptr->ecc_heap->sgnt); 02037 } 02038 ns_dyn_mem_free(heap_ptr->ecc_heap); 02039 heap_ptr->ecc_heap = 0; 02040 } 02041 } 02042 } 02043 #endif 02044 02045 #ifdef ECC 02046 uint8_t tls_get_leading_zeros(void *data) 02047 { 02048 02049 uint8_t *ptr = (uint8_t *)data + 31; 02050 uint8_t i = 0; 02051 02052 for (;; ptr--) { 02053 if (*ptr & 0x80) { 02054 break; 02055 } 02056 i++; 02057 if (i == 33) { 02058 break; 02059 } 02060 02061 if (*ptr) { 02062 break; 02063 } 02064 } 02065 02066 return i; 02067 02068 } 02069 #endif 02070 02071 02072 void tls_key_expansion_cal(tls_heap_t *heap_ptr, uint8_t *key_save_ptr, uint8_t *master_secret) 02073 { 02074 uint8_t *ptr; 02075 prf_sec_param_t *prf_ptr = shalib_prf_param_get(); 02076 prf_ptr->secret = master_secret; 02077 prf_ptr->sec_len = 48; 02078 prf_ptr->label = "key expansion"; 02079 prf_ptr->seed = heap_ptr->temp_buf; 02080 ptr = heap_ptr->temp_buf; 02081 memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32); 02082 ptr += 32; 02083 memcpy(ptr, (heap_ptr->tls_hello_random + CLIENT_HELLO_PTR), 32); 02084 prf_ptr->seedlen = 64; 02085 shalib_prf_calc(key_save_ptr, 10); // Why 40 bytes? 02086 } 02087 02088 void tls_master_key_cal(tls_heap_t *heap_ptr, sec_suite_t *tls_suite) 02089 { 02090 uint8_t *ptr; 02091 prf_sec_param_t *prf_ptr = shalib_prf_param_get(); 02092 uint8_t secret_buf[2 + 16 + 2 + 16]; 02093 tr_debug("CAL Master secret:"); 02094 //Her have to to be set check is 02095 #ifdef ECC 02096 if (heap_ptr->tls_chipher_mode == CHIPHER_ECC) { 02097 prf_ptr->secret = heap_ptr->ecc_heap->pre_secret_mat; 02098 prf_ptr->sec_len = 32; 02099 } else 02100 #endif 02101 { 02102 tls_psk_key_t *key_temp = tls_get_key(tls_suite->psk_key_id); 02103 if (key_temp) { 02104 /* RFC 4279 - premaster secret for N-octet PSK is 02105 * +----------+----------+----------+----------+ 02106 * | 2 octets | N octets | 2 octets | N octets | 02107 * +----------+----------+----------+----------+ 02108 * | N | 0 | N | PSK | 02109 * +----------+----------+----------+----------+ 02110 */ 02111 ptr = secret_buf; 02112 ptr = common_write_16_bit(16, ptr); 02113 memset(ptr, 0, 16), ptr += 16; 02114 ptr = common_write_16_bit(16, ptr); 02115 memcpy(ptr, key_temp->psk_key, 16); 02116 prf_ptr->secret = secret_buf; 02117 prf_ptr->sec_len = sizeof secret_buf; 02118 } 02119 } 02120 prf_ptr->label = "master secret"; 02121 prf_ptr->seed = heap_ptr->temp_buf; 02122 ptr = heap_ptr->temp_buf; 02123 memcpy(ptr, (heap_ptr->tls_hello_random + CLIENT_HELLO_PTR), 32); 02124 ptr += 32; 02125 memcpy(ptr, (heap_ptr->tls_hello_random + SERVER_HELLO_PTR), 32); 02126 prf_ptr->seedlen = 64; 02127 02128 shalib_prf_calc(tls_suite->tls_session->master_secret, 12); 02129 } 02130 02131 void tls_verify_calc(uint8_t output[12], uint8_t server, tls_heap_t *heap_ptr, uint8_t *master_secret) 02132 { 02133 prf_sec_param_t *prf_ptr = shalib_prf_param_get(); 02134 prf_ptr->secret = master_secret; 02135 prf_ptr->sec_len = 48; 02136 prf_ptr->label = server ? "server finished" : "client finished"; 02137 prf_ptr->seed = heap_ptr->hash_buf; 02138 prf_ptr->seedlen = 32; 02139 shalib_prf_calc(output, 3); 02140 } 02141 02142 02143 void tls_handshake_copy(tls_msg_t *tls_msg_ptr, tls_heap_t *heap_ptr) 02144 { 02145 uint16_t len = tls_msg_ptr->len; 02146 uint8_t *ptr = tls_msg_ptr->msg_ptr; 02147 ptr -= 4; 02148 len += 4; 02149 02150 if (heap_ptr->tls_handshake_h_len == 0) { 02151 ns_sha256_starts(&heap_ptr->sha256_ctx); 02152 } 02153 ns_sha256_update(&heap_ptr->sha256_ctx, ptr, len); 02154 heap_ptr->tls_handshake_h_len += len; 02155 } 02156 02157 02158 void tls_hanshake_hash_cal(tls_heap_t *heap_ptr) 02159 { 02160 tr_debug("HASH Calc"); 02161 ns_sha256_context ctx; 02162 ns_sha256_clone(&ctx, &heap_ptr->sha256_ctx); 02163 ns_sha256_finish(&ctx, heap_ptr->hash_buf); 02164 ns_sha256_free(&ctx); 02165 } 02166 02167 #if 0 02168 uint8_t tls_txt_analyze(buffer_t *buf) 02169 { 02170 uint8_t *dptr; 02171 uint8_t tls_text_cnt = 0; 02172 uint16_t data_len = buffer_data_length(buf); 02173 uint16_t readed = 0; 02174 dptr = buffer_data_pointer(buf); 02175 02176 while (readed < data_len) { 02177 uint16_t tls_version; 02178 tls_header.type = *dptr++; 02179 tls_version = common_read_16_bit(dptr); 02180 dptr += 2; 02181 if (tls_version == TLS_1_2_VERSION) { 02182 tls_text_cnt = 0; 02183 break; 02184 } else { 02185 uint16_t tls_temp_var_16; 02186 tls_temp_var_16 = common_read_16_bit(dptr); 02187 dptr += 2; 02188 if (tls_temp_var_16) { 02189 tls_header.length = tls_temp_var_16; 02190 tls_header.ptr = dptr; 02191 02192 readed += 5; 02193 readed += tls_temp_var_16; 02194 02195 if (readed > data_len) { 02196 tr_debug("Over Read1: %02x", tls_header.type); 02197 tr_debug("LEN: %04x", data_len); 02198 tr_debug("Read: %04x", readed); 02199 tls_text_cnt = 0; 02200 break; 02201 } else { 02202 dptr += tls_temp_var_16; 02203 tls_text_cnt++; 02204 } 02205 } else { 02206 tls_text_cnt = 0; 02207 break;; 02208 } 02209 } 02210 } 02211 02212 if (readed != data_len) { 02213 tr_debug("TSL txt Parse Fail"); 02214 tls_text_cnt = 0; 02215 } 02216 return tls_text_cnt; 02217 } 02218 #endif 02219 02220 #if 0 02221 tls_header_t *tls_message_get(uint8_t *dptr) 02222 { 02223 uint16_t tls_temp_var_16; 02224 tls_header.type = *dptr; 02225 dptr += 3; 02226 tls_temp_var_16 = common_read_16_bit(dptr); 02227 dptr += 2; 02228 tls_header.length = tls_temp_var_16; 02229 tls_header.ptr = dptr; 02230 return &tls_header; 02231 } 02232 #endif 02233 02234 uint8_t tls_msg_analyzy(uint8_t *ptr, uint16_t data_len) 02235 { 02236 uint8_t *dptr; 02237 uint8_t msg_cnt = 0; 02238 uint16_t readed = 0, m_len = 0; 02239 dptr = ptr; 02240 while (readed < data_len) { 02241 dptr += 1; //Skip Type 02242 if (*dptr++) { 02243 //Too long skip packet 02244 tr_debug("Too long: %s", tr_array(ptr, data_len)); 02245 msg_cnt = 0; 02246 break; 02247 } else { 02248 m_len = common_read_16_bit(dptr); 02249 dptr += 2; 02250 } 02251 readed += 4; 02252 readed += m_len; 02253 dptr += m_len; 02254 02255 if (readed > data_len) { 02256 tr_debug("Over Read1: %02x", tls_msg.type); 02257 tr_debug("LEN: %04x", data_len); 02258 tr_debug("Read: %04x", readed); 02259 msg_cnt = 0; 02260 break; 02261 } else { 02262 msg_cnt++; 02263 } 02264 } 02265 if (readed != data_len) { 02266 tr_debug("TLS MSG Parse Fail"); 02267 msg_cnt = 0; 02268 } 02269 return msg_cnt; 02270 } 02271 02272 tls_msg_t *tls_msg_get(uint8_t *dptr) 02273 { 02274 tls_msg.type = *dptr; 02275 dptr += 2; 02276 tls_msg.len = common_read_16_bit(dptr); 02277 dptr += 2; 02278 tls_msg.msg_ptr = dptr; 02279 return &tls_msg; 02280 } 02281 02282 tls_msg_t *tls_msg_ptr_get(void) 02283 { 02284 return &tls_msg; 02285 } 02286 02287 void tls_build_client_verify_payload(tls_heap_t *tls_heap) 02288 { 02289 uint8_t *ptr; 02290 ptr = tls_heap->hash_buf; 02291 ptr = common_write_32_bit(0x1400000c, ptr); 02292 memcpy(ptr, tls_heap->verify, 12); 02293 } 02294 02295 void tls_nonce_update(uint8_t *ptr) 02296 { 02297 uint8_t i = 8; 02298 ptr += 7; 02299 02300 while (i--) { 02301 if (*ptr == 0xff) { 02302 *ptr = 0; 02303 ptr--; 02304 } else { 02305 *ptr += 1; 02306 break; 02307 } 02308 } 02309 } 02310 #ifdef ECC 02311 uint8_t tls_parse_certificate_request(uint8_t *ptr, uint16_t len) 02312 { 02313 (void)len; 02314 uint16_t hash_alg; 02315 uint16_t count; 02316 uint8_t found = 0; 02317 count = *ptr++; 02318 02319 if (!count) { 02320 tr_debug("cert req 0 count 1"); 02321 return 0; 02322 } 02323 02324 while (count--) { 02325 02326 if (*ptr++ == TLS_CERT_TYPE_ECDSA) { 02327 02328 found = TLS_CERT_TYPE_ECDSA; 02329 02330 } 02331 02332 } 02333 02334 if (!found) { 02335 tr_debug("cert req no supported type"); 02336 return 0; 02337 } 02338 found = 0; 02339 02340 count = (uint16_t) * ptr++ << 8; 02341 count |= *ptr++; 02342 count >>= 1; 02343 02344 if (!count) { 02345 tr_debug("cert req 0 count 2"); 02346 return 0; 02347 } 02348 02349 02350 while (count--) { 02351 02352 hash_alg = common_read_16_bit(ptr); 02353 ptr += 2; 02354 if (hash_alg == TLS_SIG_HASH_ALG_SHA256_ECDSA) { 02355 found = 1; 02356 } 02357 02358 } 02359 02360 if (!found) { 02361 02362 tr_debug("cert req no supported Algo"); 02363 return 0; 02364 } 02365 02366 return 1; 02367 /* There is also names field but we do not have parser for it yet */ 02368 02369 } 02370 02371 02372 static uint8_t ecc_verify_calculate_hash(sec_suite_t *tls_suite) 02373 { 02374 tls_heap_t *theap = tls_suite->tls_session->tls_heap; 02375 if (!(tls_suite->setups & TLS_ECC_CERTIFICATE_RECEIVED)) { 02376 return 1; 02377 } else { 02378 tls_suite->setups &= ~TLS_ECC_CERTIFICATE_RECEIVED; 02379 } 02380 02381 if (tls_suite->setups & TLS_SERVER_MODE) { 02382 if (!(tls_suite->setups & TLS_ECC_CERTIFICATE_VERIFY)) { 02383 return 2; 02384 } else { 02385 tls_suite->setups &= ~TLS_ECC_CERTIFICATE_VERIFY; 02386 } 02387 } 02388 if (!theap->ecc_heap->sgnt) { 02389 return 3; 02390 } 02391 02392 tls_ecc_server_key_signature_hash(theap); 02393 return 0; 02394 02395 } 02396 02397 02398 void tls_ecc_reverse_hash(uint8_t *ptr) 02399 { 02400 uint8_t start = 0; 02401 uint8_t end = 31; 02402 uint8_t chr; 02403 while (start < end) { 02404 chr = ptr[start]; 02405 ptr[start] = ptr[end]; 02406 ptr[end] = chr; 02407 02408 start++; 02409 end--; 02410 } 02411 } 02412 02413 void tls_ecc_server_key_signature_hash(tls_heap_t *heap_ptr) 02414 { 02415 memset(heap_ptr->ecc_heap->sgnt->m_m.data, 0, MPINT_DATA_SIZE); 02416 ns_sha256_context ctx; 02417 ns_sha256_init(&ctx); 02418 ns_sha256_starts(&ctx); 02419 ns_sha256_update(&ctx, heap_ptr->tls_hello_random, 64); 02420 //ServerECDHParams(ECParameters+ECPoint) 02421 heap_ptr->hash_buf[0] = TLS_EC_CURVE_TYPE_NAMED_CURVE; 02422 common_write_16_bit(TLS_NAMED_CURVE_SECP256R1, heap_ptr->hash_buf + 1); 02423 heap_ptr->hash_buf[3] = 65; // ECPoint public - length indicator for following 512-bit public key? 02424 heap_ptr->hash_buf[4] = 4; 02425 ns_sha256_update(&ctx, heap_ptr->hash_buf, 5); 02426 ns_sha256_update(&ctx, heap_ptr->ecc_heap->server_public_key, 64); 02427 ns_sha256_finish(&ctx, heap_ptr->ecc_heap->sgnt->m_m.data); 02428 ns_sha256_free(&ctx); 02429 tls_ecc_reverse_hash((uint8_t *)heap_ptr->ecc_heap->sgnt->m_m.data); 02430 } 02431 02432 #endif 02433 02434 #else 02435 int8_t arm_tls_add_psk_key(const uint8_t *key_ptr, uint16_t key_id) 02436 { 02437 (void)key_ptr; 02438 (void)key_id; 02439 return -1; 02440 } 02441 #endif 02442 02443 02444
Generated on Tue Jul 12 2022 13:55:00 by
