arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-21 10:26:06 +03:00
Code

adjusted version checking mechanism

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@46 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich 2006-12-01 03:57:08 +00:00
parent df2886ed07
commit 3d2f9ac3fd
10 changed files with 151 additions and 173 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ssl/aes.c
View File

@ -17,8 +17,6 @@
*/ */
/** /**
* @file aes.c
*
* AES implementation - this is a small code version. There are much faster * AES implementation - this is a small code version. There are much faster
* versions around but they are much larger in size (i.e. they use large * versions around but they are much larger in size (i.e. they use large
* submix tables). * submix tables).
@ -34,12 +32,13 @@
#define rot2(x) (((x) << 16) | ((x) >> 16)) #define rot2(x) (((x) << 16) | ((x) >> 16))
#define rot3(x) (((x) << 8) | ((x) >> 24)) #define rot3(x) (((x) << 8) | ((x) >> 24))
/* This cute trick does 4 'mul by two' at once. Stolen from /*
* This cute trick does 4 'mul by two' at once. Stolen from
* Dr B. R. Gladman <brg@gladman.uk.net> but I'm sure the u-(u>>7) is * Dr B. R. Gladman <brg@gladman.uk.net> but I'm sure the u-(u>>7) is
* a standard graphics trick * a standard graphics trick
* The key to this is that we need to xor with 0x1b if the top bit is set. * The key to this is that we need to xor with 0x1b if the top bit is set.
* a 1xxx xxxx 0xxx 0xxx First we mask the 7bit, * a 1xxx xxxx 0xxx 0xxx First we mask the 7bit,
* b 1000 0000 0000 0000 then we shift right by 7 puting the 7bit in 0bit, * b 1000 0000 0000 0000 then we shift right by 7 putting the 7bit in 0bit,
* c 0000 0001 0000 0000 we then subtract (c) from (b) * c 0000 0001 0000 0000 we then subtract (c) from (b)
* d 0111 1111 0000 0000 and now we and with our mask * d 0111 1111 0000 0000 and now we and with our mask
* e 0001 1011 0000 0000 * e 0001 1011 0000 0000
@ -212,6 +211,7 @@ void AES_set_key(AES_CTX *ctx, const uint8_t *key,
for (i = words; i<ii; i++) for (i = words; i<ii; i++)
{ {
tmp = W[i-1]; tmp = W[i-1];
if ((i % words) == 0) if ((i % words) == 0)
{ {
tmp2 =(uint32_t)aes_sbox[(tmp )&0xff]<< 8; tmp2 =(uint32_t)aes_sbox[(tmp )&0xff]<< 8;
@ -221,6 +221,7 @@ void AES_set_key(AES_CTX *ctx, const uint8_t *key,
tmp=tmp2^(((unsigned int)*ip)<<24); tmp=tmp2^(((unsigned int)*ip)<<24);
ip++; ip++;
} }
if ((words == 8) && ((i % words) == 4)) if ((words == 8) && ((i % words) == 4))
{ {
tmp2 =(uint32_t)aes_sbox[(tmp )&0xff] ; tmp2 =(uint32_t)aes_sbox[(tmp )&0xff] ;
@ -247,6 +248,7 @@ void AES_convert_key(AES_CTX *ctx)
k = ctx->ks; k = ctx->ks;
k += 4; k += 4;
for (i=ctx->rounds*4; i>4; i--) for (i=ctx->rounds*4; i>4; i--)
{ {
w= *k; w= *k;
@ -474,4 +476,3 @@ static void AES_decrypt(const AES_CTX *ctx, uint32_t *data)
} }
#endif #endif

1
ssl/bigint_impl.h
View File

@ -81,7 +81,6 @@ typedef struct /**< A big integer "session" context. */
bigint *bi_normalised_mod[BIGINT_NUM_MODS]; /**< Normalised mod storage. */ bigint *bi_normalised_mod[BIGINT_NUM_MODS]; /**< Normalised mod storage. */
bigint **g; /**< Used by sliding-window. */ bigint **g; /**< Used by sliding-window. */
int window; /**< The size of the sliding window */ int window; /**< The size of the sliding window */
int active_count; /**< Number of active bigints. */ int active_count; /**< Number of active bigints. */
int free_count; /**< Number of free bigints. */ int free_count; /**< Number of free bigints. */

3
ssl/crypto_misc.c
View File

@ -17,8 +17,6 @@
*/ */
/** /**
* @file misc.c
*
* Some misc. routines to help things out * Some misc. routines to help things out
*/ */
@ -310,4 +308,3 @@ void print_blob(const char *format,
void print_blob(const char *format, const unsigned char *data, void print_blob(const char *format, const unsigned char *data,
int size, ...) {} int size, ...) {}
#endif #endif

2
ssl/hmac.c
View File

@ -17,8 +17,6 @@
*/ */
/** /**
* @file hmac.c
*
* HMAC implementation - This code was originally taken from RFC2104 * HMAC implementation - This code was originally taken from RFC2104
*/ */

191
ssl/md5.c
View File

@ -17,8 +17,6 @@
*/ */
/** /**
* @file md5.c
*
* This file implements the MD5 algorithm as defined in RFC1321 * This file implements the MD5 algorithm as defined in RFC1321
*/ */
@ -49,26 +47,24 @@ static void MD5Transform(uint32_t state[4], const uint8_t block[64]);
static void Encode(uint8_t *output, uint32_t *input, uint32_t len); static void Encode(uint8_t *output, uint32_t *input, uint32_t len);
static void Decode(uint32_t *output, const uint8_t *input, uint32_t len); static void Decode(uint32_t *output, const uint8_t *input, uint32_t len);
static uint8_t PADDING[64] = { static uint8_t PADDING[64] =
{
0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
}; };
/* F, G, H and I are basic MD5 functions. /* F, G, H and I are basic MD5 functions. */
*/
#define F(x, y, z) (((x) & (y)) | ((~x) & (z))) #define F(x, y, z) (((x) & (y)) | ((~x) & (z)))
#define G(x, y, z) (((x) & (z)) | ((y) & (~z))) #define G(x, y, z) (((x) & (z)) | ((y) & (~z)))
#define H(x, y, z) ((x) ^ (y) ^ (z)) #define H(x, y, z) ((x) ^ (y) ^ (z))
#define I(x, y, z) ((y) ^ ((x) | (~z))) #define I(x, y, z) ((y) ^ ((x) | (~z)))
/* ROTATE_LEFT rotates x left n bits. /* ROTATE_LEFT rotates x left n bits. */
*/
#define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n)))) #define ROTATE_LEFT(x, n) (((x) << (n)) | ((x) >> (32-(n))))
/* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4. /* FF, GG, HH, and II transformations for rounds 1, 2, 3, and 4.
Rotation is separate from addition to prevent recomputation. Rotation is separate from addition to prevent recomputation. */
*/
#define FF(a, b, c, d, x, s, ac) { \ #define FF(a, b, c, d, x, s, ac) { \
(a) += F ((b), (c), (d)) + (x) + (uint32_t)(ac); \ (a) += F ((b), (c), (d)) + (x) + (uint32_t)(ac); \
(a) = ROTATE_LEFT ((a), (s)); \ (a) = ROTATE_LEFT ((a), (s)); \
@ -117,11 +113,10 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len)
x = (uint32_t)((ctx->count[0] >> 3) & 0x3F); x = (uint32_t)((ctx->count[0] >> 3) & 0x3F);
/* Update number of bits */ /* Update number of bits */
if ((ctx->count[0] += ((uint32_t)len << 3)) if ((ctx->count[0] += ((uint32_t)len << 3)) < ((uint32_t)len << 3))
< ((uint32_t)len << 3))
ctx->count[1]++; ctx->count[1]++;
ctx->count[1] += ((uint32_t)len >> 29);
ctx->count[1] += ((uint32_t)len >> 29);
partLen = 64 - x; partLen = 64 - x;
/* Transform as many times as possible. */ /* Transform as many times as possible. */
@ -131,7 +126,9 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len)
MD5Transform(ctx->state, ctx->buffer); MD5Transform(ctx->state, ctx->buffer);
for (i = partLen; i + 63 < len; i += 64) for (i = partLen; i + 63 < len; i += 64)
{
MD5Transform(ctx->state, &msg[i]); MD5Transform(ctx->state, &msg[i]);
}
x = 0; x = 0;
} }
@ -148,113 +145,109 @@ void MD5Update(MD5_CTX *ctx, const uint8_t * msg, int len)
void MD5Final(MD5_CTX *ctx, uint8_t *digest) void MD5Final(MD5_CTX *ctx, uint8_t *digest)
{ {
uint8_t bits[8]; uint8_t bits[8];
uint32_t x, padLen; uint32_t x, padlen;
/* Save number of bits */ /* save number of bits */
Encode(bits, ctx->count, 8); encode(bits, ctx->count, 8);
/* Pad out to 56 mod 64. /* pad out to 56 mod 64. */
*/
x = (uint32_t)((ctx->count[0] >> 3) & 0x3f); x = (uint32_t)((ctx->count[0] >> 3) & 0x3f);
padLen = (x < 56) ? (56 - x) : (120 - x); padlen = (x < 56) ? (56 - x) : (120 - x);
MD5Update(ctx, PADDING, padLen); md5update(ctx, padding, padlen);
/* Append length (before padding) */ /* append length (before padding) */
MD5Update(ctx, bits, 8); md5update(ctx, bits, 8);
/* Store state in digest */ /* store state in digest */
Encode(digest, ctx->state, MD5_SIZE); encode(digest, ctx->state, md5_size);
} }
/** /**
* MD5 basic transformation. Transforms state based on block. * md5 basic transformation. transforms state based on block.
*/ */
static void MD5Transform(uint32_t state[4], const uint8_t block[64]) static void md5transform(uint32_t state[4], const uint8_t block[64])
{ {
uint32_t a = state[0], b = state[1], c = state[2], d = state[3], x[MD5_SIZE]; uint32_t a = state[0], b = state[1], c = state[2],
d = state[3], x[md5_size];
Decode(x, block, 64); decode(x, block, 64);
/* Round 1 */ /* round 1 */
FF (a, b, c, d, x[ 0], S11, 0xd76aa478); /* 1 */ ff(a, b, c, d, x[ 0], s11, 0xd76aa478); /* 1 */
FF (d, a, b, c, x[ 1], S12, 0xe8c7b756); /* 2 */ ff(d, a, b, c, x[ 1], s12, 0xe8c7b756); /* 2 */
FF (c, d, a, b, x[ 2], S13, 0x242070db); /* 3 */ ff(c, d, a, b, x[ 2], s13, 0x242070db); /* 3 */
FF (b, c, d, a, x[ 3], S14, 0xc1bdceee); /* 4 */ ff(b, c, d, a, x[ 3], s14, 0xc1bdceee); /* 4 */
FF (a, b, c, d, x[ 4], S11, 0xf57c0faf); /* 5 */ ff(a, b, c, d, x[ 4], s11, 0xf57c0faf); /* 5 */
FF (d, a, b, c, x[ 5], S12, 0x4787c62a); /* 6 */ ff(d, a, b, c, x[ 5], s12, 0x4787c62a); /* 6 */
FF (c, d, a, b, x[ 6], S13, 0xa8304613); /* 7 */ ff(c, d, a, b, x[ 6], s13, 0xa8304613); /* 7 */
FF (b, c, d, a, x[ 7], S14, 0xfd469501); /* 8 */ ff(b, c, d, a, x[ 7], s14, 0xfd469501); /* 8 */
FF (a, b, c, d, x[ 8], S11, 0x698098d8); /* 9 */ ff(a, b, c, d, x[ 8], s11, 0x698098d8); /* 9 */
FF (d, a, b, c, x[ 9], S12, 0x8b44f7af); /* 10 */ ff(d, a, b, c, x[ 9], s12, 0x8b44f7af); /* 10 */
FF (c, d, a, b, x[10], S13, 0xffff5bb1); /* 11 */ ff(c, d, a, b, x[10], s13, 0xffff5bb1); /* 11 */
FF (b, c, d, a, x[11], S14, 0x895cd7be); /* 12 */ ff(b, c, d, a, x[11], s14, 0x895cd7be); /* 12 */
FF (a, b, c, d, x[12], S11, 0x6b901122); /* 13 */ ff(a, b, c, d, x[12], s11, 0x6b901122); /* 13 */
FF (d, a, b, c, x[13], S12, 0xfd987193); /* 14 */ ff(d, a, b, c, x[13], s12, 0xfd987193); /* 14 */
FF (c, d, a, b, x[14], S13, 0xa679438e); /* 15 */ ff(c, d, a, b, x[14], s13, 0xa679438e); /* 15 */
FF (b, c, d, a, x[15], S14, 0x49b40821); /* 16 */ ff(b, c, d, a, x[15], s14, 0x49b40821); /* 16 */
/* Round 2 */ /* round 2 */
GG (a, b, c, d, x[ 1], S21, 0xf61e2562); /* 17 */ gg(a, b, c, d, x[ 1], s21, 0xf61e2562); /* 17 */
GG (d, a, b, c, x[ 6], S22, 0xc040b340); /* 18 */ gg(d, a, b, c, x[ 6], s22, 0xc040b340); /* 18 */
GG (c, d, a, b, x[11], S23, 0x265e5a51); /* 19 */ gg(c, d, a, b, x[11], s23, 0x265e5a51); /* 19 */
GG (b, c, d, a, x[ 0], S24, 0xe9b6c7aa); /* 20 */ gg(b, c, d, a, x[ 0], s24, 0xe9b6c7aa); /* 20 */
GG (a, b, c, d, x[ 5], S21, 0xd62f105d); /* 21 */ gg(a, b, c, d, x[ 5], s21, 0xd62f105d); /* 21 */
GG (d, a, b, c, x[10], S22, 0x2441453); /* 22 */ gg(d, a, b, c, x[10], s22, 0x2441453); /* 22 */
GG (c, d, a, b, x[15], S23, 0xd8a1e681); /* 23 */ gg(c, d, a, b, x[15], s23, 0xd8a1e681); /* 23 */
GG (b, c, d, a, x[ 4], S24, 0xe7d3fbc8); /* 24 */ gg(b, c, d, a, x[ 4], s24, 0xe7d3fbc8); /* 24 */
GG (a, b, c, d, x[ 9], S21, 0x21e1cde6); /* 25 */ gg(a, b, c, d, x[ 9], s21, 0x21e1cde6); /* 25 */
GG (d, a, b, c, x[14], S22, 0xc33707d6); /* 26 */ gg(d, a, b, c, x[14], s22, 0xc33707d6); /* 26 */
GG (c, d, a, b, x[ 3], S23, 0xf4d50d87); /* 27 */ gg(c, d, a, b, x[ 3], s23, 0xf4d50d87); /* 27 */
GG (b, c, d, a, x[ 8], S24, 0x455a14ed); /* 28 */ gg(b, c, d, a, x[ 8], s24, 0x455a14ed); /* 28 */
GG (a, b, c, d, x[13], S21, 0xa9e3e905); /* 29 */ gg(a, b, c, d, x[13], s21, 0xa9e3e905); /* 29 */
GG (d, a, b, c, x[ 2], S22, 0xfcefa3f8); /* 30 */ gg(d, a, b, c, x[ 2], s22, 0xfcefa3f8); /* 30 */
GG (c, d, a, b, x[ 7], S23, 0x676f02d9); /* 31 */ gg(c, d, a, b, x[ 7], s23, 0x676f02d9); /* 31 */
GG (b, c, d, a, x[12], S24, 0x8d2a4c8a); /* 32 */ gg(b, c, d, a, x[12], s24, 0x8d2a4c8a); /* 32 */
/* Round 3 */ /* round 3 */
HH (a, b, c, d, x[ 5], S31, 0xfffa3942); /* 33 */ hh(a, b, c, d, x[ 5], s31, 0xfffa3942); /* 33 */
HH (d, a, b, c, x[ 8], S32, 0x8771f681); /* 34 */ hh(d, a, b, c, x[ 8], s32, 0x8771f681); /* 34 */
HH (c, d, a, b, x[11], S33, 0x6d9d6122); /* 35 */ hh(c, d, a, b, x[11], s33, 0x6d9d6122); /* 35 */
HH (b, c, d, a, x[14], S34, 0xfde5380c); /* 36 */ hh(b, c, d, a, x[14], s34, 0xfde5380c); /* 36 */
HH (a, b, c, d, x[ 1], S31, 0xa4beea44); /* 37 */ hh(a, b, c, d, x[ 1], s31, 0xa4beea44); /* 37 */
HH (d, a, b, c, x[ 4], S32, 0x4bdecfa9); /* 38 */ hh(d, a, b, c, x[ 4], s32, 0x4bdecfa9); /* 38 */
HH (c, d, a, b, x[ 7], S33, 0xf6bb4b60); /* 39 */ hh(c, d, a, b, x[ 7], s33, 0xf6bb4b60); /* 39 */
HH (b, c, d, a, x[10], S34, 0xbebfbc70); /* 40 */ hh(b, c, d, a, x[10], s34, 0xbebfbc70); /* 40 */
HH (a, b, c, d, x[13], S31, 0x289b7ec6); /* 41 */ hh(a, b, c, d, x[13], s31, 0x289b7ec6); /* 41 */
HH (d, a, b, c, x[ 0], S32, 0xeaa127fa); /* 42 */ hh(d, a, b, c, x[ 0], s32, 0xeaa127fa); /* 42 */
HH (c, d, a, b, x[ 3], S33, 0xd4ef3085); /* 43 */ hh(c, d, a, b, x[ 3], s33, 0xd4ef3085); /* 43 */
HH (b, c, d, a, x[ 6], S34, 0x4881d05); /* 44 */ hh(b, c, d, a, x[ 6], s34, 0x4881d05); /* 44 */
HH (a, b, c, d, x[ 9], S31, 0xd9d4d039); /* 45 */ hh(a, b, c, d, x[ 9], s31, 0xd9d4d039); /* 45 */
HH (d, a, b, c, x[12], S32, 0xe6db99e5); /* 46 */ hh(d, a, b, c, x[12], s32, 0xe6db99e5); /* 46 */
HH (c, d, a, b, x[15], S33, 0x1fa27cf8); /* 47 */ hh(c, d, a, b, x[15], s33, 0x1fa27cf8); /* 47 */
HH (b, c, d, a, x[ 2], S34, 0xc4ac5665); /* 48 */ hh(b, c, d, a, x[ 2], s34, 0xc4ac5665); /* 48 */
/* Round 4 */ /* round 4 */
II (a, b, c, d, x[ 0], S41, 0xf4292244); /* 49 */ ii(a, b, c, d, x[ 0], s41, 0xf4292244); /* 49 */
II (d, a, b, c, x[ 7], S42, 0x432aff97); /* 50 */ ii(d, a, b, c, x[ 7], s42, 0x432aff97); /* 50 */
II (c, d, a, b, x[14], S43, 0xab9423a7); /* 51 */ ii(c, d, a, b, x[14], s43, 0xab9423a7); /* 51 */
II (b, c, d, a, x[ 5], S44, 0xfc93a039); /* 52 */ ii(b, c, d, a, x[ 5], s44, 0xfc93a039); /* 52 */
II (a, b, c, d, x[12], S41, 0x655b59c3); /* 53 */ ii(a, b, c, d, x[12], s41, 0x655b59c3); /* 53 */
II (d, a, b, c, x[ 3], S42, 0x8f0ccc92); /* 54 */ ii(d, a, b, c, x[ 3], s42, 0x8f0ccc92); /* 54 */
II (c, d, a, b, x[10], S43, 0xffeff47d); /* 55 */ ii(c, d, a, b, x[10], s43, 0xffeff47d); /* 55 */
II (b, c, d, a, x[ 1], S44, 0x85845dd1); /* 56 */ ii(b, c, d, a, x[ 1], s44, 0x85845dd1); /* 56 */
II (a, b, c, d, x[ 8], S41, 0x6fa87e4f); /* 57 */ ii(a, b, c, d, x[ 8], s41, 0x6fa87e4f); /* 57 */
II (d, a, b, c, x[15], S42, 0xfe2ce6e0); /* 58 */ ii(d, a, b, c, x[15], s42, 0xfe2ce6e0); /* 58 */
II (c, d, a, b, x[ 6], S43, 0xa3014314); /* 59 */ ii(c, d, a, b, x[ 6], s43, 0xa3014314); /* 59 */
II (b, c, d, a, x[13], S44, 0x4e0811a1); /* 60 */ ii(b, c, d, a, x[13], s44, 0x4e0811a1); /* 60 */
II (a, b, c, d, x[ 4], S41, 0xf7537e82); /* 61 */ ii(a, b, c, d, x[ 4], s41, 0xf7537e82); /* 61 */
II (d, a, b, c, x[11], S42, 0xbd3af235); /* 62 */ ii(d, a, b, c, x[11], s42, 0xbd3af235); /* 62 */
II (c, d, a, b, x[ 2], S43, 0x2ad7d2bb); /* 63 */ ii(c, d, a, b, x[ 2], s43, 0x2ad7d2bb); /* 63 */
II (b, c, d, a, x[ 9], S44, 0xeb86d391); /* 64 */ ii(b, c, d, a, x[ 9], s44, 0xeb86d391); /* 64 */
state[0] += a; state[0] += a;
state[1] += b; state[1] += b;
state[2] += c; state[2] += c;
state[3] += d; state[3] += d;
/* Zeroize sensitive information.
*/
memset(x, 0, sizeof(x));
} }
/** /**

10
ssl/rc4.c
View File

@ -17,11 +17,8 @@
*/ */
/** /**
* @file rc4.c * An implementation of the RC4/ARC4 algorithm.
* * Originally written by Christophe Devine.
* An implementation of the RC4/ARC4 algorithm
*
* Originally written by Christophe Devine
*/ */
#include <string.h> #include <string.h>
@ -47,7 +44,8 @@ void RC4_setup(RC4_CTX *ctx, const uint8_t *key, int length)
{ {
a = m[i]; a = m[i];
j = (uint8_t)(j + a + key[k]); j = (uint8_t)(j + a + key[k]);
m[i] = m[j]; m[j] = a; m[i] = m[j];
m[j] = a;
if (++k >= length) if (++k >= length)
{ {

4
ssl/sha1.c
View File

@ -17,8 +17,6 @@
*/ */
/** /**
* @file sha1.c
*
* SHA1 implementation - as defined in FIPS PUB 180-1 published April 17, 1995. * SHA1 implementation - as defined in FIPS PUB 180-1 published April 17, 1995.
* This code was originally taken from RFC3174 * This code was originally taken from RFC3174
*/ */
@ -179,7 +177,6 @@ static void SHA1ProcessMessageBlock(SHA1_CTX *ctx)
ctx->Intermediate_Hash[2] += C; ctx->Intermediate_Hash[2] += C;
ctx->Intermediate_Hash[3] += D; ctx->Intermediate_Hash[3] += D;
ctx->Intermediate_Hash[4] += E; ctx->Intermediate_Hash[4] += E;
ctx->Message_Block_Index = 0; ctx->Message_Block_Index = 0;
} }
@ -239,6 +236,5 @@ static void SHA1PadMessage(SHA1_CTX *ctx)
ctx->Message_Block[61] = ctx->Length_Low >> 16; ctx->Message_Block[61] = ctx->Length_Low >> 16;
ctx->Message_Block[62] = ctx->Length_Low >> 8; ctx->Message_Block[62] = ctx->Length_Low >> 8;
ctx->Message_Block[63] = ctx->Length_Low; ctx->Message_Block[63] = ctx->Length_Low;
SHA1ProcessMessageBlock(ctx); SHA1ProcessMessageBlock(ctx);
} }

27
ssl/tls1.c
View File

@ -597,6 +597,7 @@ static void increment_write_sequence(SSL *ssl)
break; break;
} }
} }
/** /**
* Work out the HMAC digest in a packet. * Work out the HMAC digest in a packet.
*/ */
@ -674,7 +675,6 @@ static int verify_digest(SSL *ssl, int mode, const uint8_t *buf, int read_len)
ssl->record_buf[3] = hmac_offset >> 8; /* insert size */ ssl->record_buf[3] = hmac_offset >> 8; /* insert size */
ssl->record_buf[4] = hmac_offset & 0xff; ssl->record_buf[4] = hmac_offset & 0xff;
add_hmac_digest(ssl, mode, buf, hmac_offset, hmac_buf); add_hmac_digest(ssl, mode, buf, hmac_offset, hmac_buf);
if (memcmp(hmac_buf, &buf[hmac_offset], ssl->cipher_info->digest_size)) if (memcmp(hmac_buf, &buf[hmac_offset], ssl->cipher_info->digest_size))
@ -974,7 +974,6 @@ int send_packet(SSL *ssl, uint8_t protocol, const uint8_t *in, int length)
/* add the packet digest */ /* add the packet digest */
msg_length += ssl->cipher_info->digest_size; msg_length += ssl->cipher_info->digest_size;
ssl->bm_buf.index = msg_length; ssl->bm_buf.index = msg_length;
add_hmac_digest(ssl, mode, ssl->bm_buf.data, length, add_hmac_digest(ssl, mode, ssl->bm_buf.data, length,
&ssl->bm_buf.data[length]); &ssl->bm_buf.data[length]);
@ -1066,8 +1065,8 @@ static void set_key_block(SSL *ssl, int is_write)
memcpy(server_key, q, ciph_info->key_size); memcpy(server_key, q, ciph_info->key_size);
q += ciph_info->key_size; q += ciph_info->key_size;
#ifndef CONFIG_SSL_SKELETON_MODE /* RC4 has no IV */ #ifndef CONFIG_SSL_SKELETON_MODE
if (ciph_info->iv_size) if (ciph_info->iv_size) /* RC4 has no IV, AES does */
{ {
memcpy(client_iv, q, ciph_info->iv_size); memcpy(client_iv, q, ciph_info->iv_size);
q += ciph_info->iv_size; q += ciph_info->iv_size;
@ -1118,7 +1117,7 @@ static void set_key_block(SSL *ssl, int is_write)
*/ */
int basic_read(SSL *ssl, uint8_t **in_data) int basic_read(SSL *ssl, uint8_t **in_data)
{ {
int ret = SSL_OK, version = -1; int ret = SSL_OK;
int read_len, is_record; int read_len, is_record;
uint8_t *buf = ssl->bm_buf.data; uint8_t *buf = ssl->bm_buf.data;
int is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT); int is_client = IS_SET_SSL_FLAG(SSL_IS_CLIENT);
@ -1165,17 +1164,7 @@ int basic_read(SSL *ssl, uint8_t **in_data)
goto error; /* not an error - just get out of here */ goto error; /* not an error - just get out of here */
} }
version = (buf[1] << 4) + buf[2];
ssl->need_bytes = (buf[3] << 8) + buf[4]; ssl->need_bytes = (buf[3] << 8) + buf[4];
/* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */
if (version < 0x31)
{
ret = SSL_ERROR_INVALID_VERSION;
ssl_display_error(ret);
goto error;
}
CLR_SSL_FLAG(SSL_NEED_RECORD); CLR_SSL_FLAG(SSL_NEED_RECORD);
memcpy(ssl->record_buf, buf, 3); /* store for hmac */ memcpy(ssl->record_buf, buf, 3); /* store for hmac */
is_record = 1; is_record = 1;
@ -1286,8 +1275,7 @@ static int do_handshake(SSL *ssl, uint8_t *buf, int read_len)
ssl->bm_buf.index = hs_len; /* store the size and check later */ ssl->bm_buf.index = hs_len; /* store the size and check later */
DISPLAY_STATE(ssl, 0, handshake_type, 0); DISPLAY_STATE(ssl, 0, handshake_type, 0);
if (handshake_type != HS_CERT_VERIFY && if (handshake_type != HS_CERT_VERIFY && handshake_type != HS_HELLO_REQUEST)
handshake_type != HS_HELLO_REQUEST)
{ {
add_packet(ssl, buf, hs_len); add_packet(ssl, buf, hs_len);
} }
@ -1421,7 +1409,6 @@ int send_alert(SSL *ssl, int error_code)
buf[0] = is_warning ? 1 : 2; buf[0] = is_warning ? 1 : 2;
buf[1] = alert_num; buf[1] = alert_num;
send_packet(ssl, PT_ALERT_PROTOCOL, buf, sizeof(buf)); send_packet(ssl, PT_ALERT_PROTOCOL, buf, sizeof(buf));
DISPLAY_ALERT(ssl, alert_num); DISPLAY_ALERT(ssl, alert_num);
return is_warning ? 0 : 1; return is_warning ? 0 : 1;
@ -1505,7 +1492,6 @@ int send_certificate(SSL *ssl)
chain_length += 3; chain_length += 3;
buf[2] = chain_length >> 8; /* handshake length */ buf[2] = chain_length >> 8; /* handshake length */
buf[3] = chain_length & 0xff; buf[3] = chain_length & 0xff;
ssl->bm_buf.index = offset; ssl->bm_buf.index = offset;
return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset); return send_packet(ssl, PT_HANDSHAKE_PROTOCOL, NULL, offset);
} }
@ -1516,8 +1502,7 @@ int send_certificate(SSL *ssl)
* master secret from this session for session resumption. * master secret from this session for session resumption.
*/ */
SSL_SESS *ssl_session_update(int max_sessions, SSL_SESS *ssl_session_update(int max_sessions,
SSL_SESS *ssl_sessions[], SSL *ssl, SSL_SESS *ssl_sessions[], SSL *ssl, const uint8_t *session_id)
const uint8_t *session_id)
{ {
time_t tm = time(NULL); time_t tm = time(NULL);
time_t oldest_sess_time = tm; time_t oldest_sess_time = tm;

5
ssl/tls1_clnt.c
View File

@ -211,11 +211,12 @@ static int process_server_hello(SSL *ssl)
uint8_t *buf = ssl->bm_buf.data; uint8_t *buf = ssl->bm_buf.data;
int pkt_size = ssl->bm_buf.index; int pkt_size = ssl->bm_buf.index;
int offset; int offset;
int ret = SSL_OK; int version = (buf[4] << 4) + buf[5];
int num_sessions = ssl->ssl_ctx->num_sessions; int num_sessions = ssl->ssl_ctx->num_sessions;
int ret = SSL_OK;
/* check that we are talking to a TLSv1 server */ /* check that we are talking to a TLSv1 server */
if (buf[4] != 0x03 || buf[5] != 0x01) if (version != 0x31)
{ {
return SSL_ERROR_INVALID_VERSION; return SSL_ERROR_INVALID_VERSION;
} }

14
ssl/tls1_svr.c
View File

@ -108,10 +108,20 @@ int do_svr_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len)
static int process_client_hello(SSL *ssl) static int process_client_hello(SSL *ssl)
{ {
uint8_t *buf = ssl->bm_buf.data; uint8_t *buf = ssl->bm_buf.data;
uint8_t *record_buf = ssl->record_buf;
int pkt_size = ssl->bm_buf.index; int pkt_size = ssl->bm_buf.index;
int i, j, cs_len, id_len, offset = 6 + SSL_RANDOM_SIZE; int i, j, cs_len, id_len, offset = 6 + SSL_RANDOM_SIZE;
int version = (record_buf[1] << 4) + record_buf[2];
int ret = SSL_OK; int ret = SSL_OK;
/* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */
if (version < 0x31)
{
ret = SSL_ERROR_INVALID_VERSION;
ssl_display_error(ret);
goto error;
}
memcpy(ssl->client_random, &buf[6], SSL_RANDOM_SIZE); memcpy(ssl->client_random, &buf[6], SSL_RANDOM_SIZE);
/* process the session id */ /* process the session id */
@ -174,8 +184,8 @@ int process_sslv23_client_hello(SSL *ssl)
DISPLAY_BYTES(ssl, "received %d bytes", buf, read_len, read_len); DISPLAY_BYTES(ssl, "received %d bytes", buf, read_len, read_len);
/* must be 3.1 (TLSv1) */ /* should be v3.1 (TLSv1) or better - we'll send in v3.1 mode anyway */
if (version != 0x31) if (version < 0x31)
{ {
return SSL_ERROR_INVALID_VERSION; return SSL_ERROR_INVALID_VERSION;
} }