/*
* SSLv3/TLSv1 shared functions
*
* Copyright (C) 2006-2015, ARM Limited, All Rights Reserved
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
* This file is part of mbed TLS (https://tls.mbed.org)
*/
/*
* The SSL 3.0 specification was drafted by Netscape in 1996,
* and became an IETF standard in 1999.
*
* http://wp.netscape.com/eng/ssl3/
* http://www.ietf.org/rfc/rfc2246.txt
* http://www.ietf.org/rfc/rfc4346.txt
*/
#if !defined(MBEDTLS_CONFIG_FILE)
#include "mbedtls/config.h"
#else
#include MBEDTLS_CONFIG_FILE
#endif
#if defined(MBEDTLS_SSL_TLS_C)
#include "mbedtls/debug.h"
#include "mbedtls/ssl.h"
#include "mbedtls/ssl_internal.h"
#include <string.h>
#if defined(MBEDTLS_X509_CRT_PARSE_C) && \
defined(MBEDTLS_X509_CHECK_EXTENDED_KEY_USAGE)
#include "mbedtls/oid.h"
#endif
#if defined(MBEDTLS_PLATFORM_C)
#include "mbedtls/platform.h"
#else
#include <stdlib.h>
#define mbedtls_calloc calloc
#define mbedtls_free free
#endif
/* Implementation that should never be optimized out by the compiler */
static void mbedtls_zeroize( void *v, size_t n ) {
volatile unsigned char *p = v; while( n-- ) *p++ = 0;
}
/* Length of the "epoch" field in the record header */
static inline size_t ssl_ep_len( const mbedtls_ssl_context *ssl )
{
#if defined(MBEDTLS_SSL_PROTO_DTLS)
if( ssl->conf->transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM )
return( 2 );
#else
((void) ssl);
#endif
return( 0 );
}
/*
* Start a timer.
* Passing millisecs = 0 cancels a running timer.
*/
static void ssl_set_timer( mbedtls_ssl_context *ssl, uint32_t millisecs )
{
if( ssl->f_set_timer == NULL )
return;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "set_timer to %d ms", (int) millisecs ) );
ssl->f_set_timer( ssl->p_timer, millisecs / 4, millisecs );
}
/*
* Return -1 is timer is expired, 0 if it isn't.
*/
static int ssl_check_timer( mbedtls_ssl_context *ssl )
{
if( ssl->f_get_timer == NULL )
return( 0 );
if( ssl->f_get_timer( ssl->p_timer ) == 2 )
{
MBEDTLS_SSL_DEBUG_MSG( 3, ( "timer expired" ) );
return( -1 );
}
return( 0 );
}
#if defined(MBEDTLS_SSL_PROTO_DTLS)
/*
* Double the retransmit timeout value, within the allowed range,
* returning -1 if the maximum value has already been reached.
*/
static int ssl_double_retransmit_timeout( mbedtls_ssl_context *ssl )
{
uint32_t new_timeout;
if( ssl->handshake->retransmit_timeout >= ssl->conf->hs_timeout_max )
return( -1 );
new_timeout = 2 * ssl->handshake->retransmit_timeout;
/* Avoid arithmetic overflow and range overflow */
if( new_timeout < ssl->handshake->retransmit_timeout ||
new_timeout > ssl->conf->hs_timeout_max )
{
new_timeout = ssl->conf->hs_timeout_max;
}
ssl->handshake->retransmit_timeout = new_timeout;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
ssl->handshake->retransmit_timeout ) );
return( 0 );
}
static void ssl_reset_retransmit_timeout( mbedtls_ssl_context *ssl )
{
ssl->handshake->retransmit_timeout = ssl->conf->hs_timeout_min;
MBEDTLS_SSL_DEBUG_MSG( 3, ( "update timeout value to %d millisecs",
ssl->handshake->retransmit_timeout ) );
}
#endif /* MBEDTLS_SSL_PROTO_DTLS */
#if defined(MBEDTLS_SSL_MAX_FRAGMENT_LENGTH)
/*
* Convert max_fragment_length codes to length.
* RFC 6066 says:
* enum{
* 2^9(1), 2^10(2), 2^11(3), 2^12(4), (255)
* } MaxFragmentLength;
* and we add 0 -> extension unused
*/
static unsigned int mfl_code_to_length[MBEDTLS_SSL_MAX_FRAG_LEN_INVALID] =
{
MBEDTLS_SSL_MAX_CONTENT_LEN, /* MBEDTLS_SSL_MAX_FRAG_LEN_NONE */
512, /* MBEDTLS_SSL_MAX_FRAG_LEN_512 */
1024, /* MBEDTLS_SSL_MAX_FRAG_LEN_1024 */
2048, /* MBEDTLS_SSL_MAX_FRAG_LEN_2048 */
4096, /* MBEDTLS_SSL_MAX_FRAG_LEN_4096 */
};
#endif /* MBEDTLS_SSL_MAX_FRAGMENT_LENGTH */
#if defined(MBEDTLS_SSL_CLI_C)
static int ssl_session_copy( mbedtls_ssl_session *dst, const mbedtls_ssl_session *src )
{
mbedtls_ssl_session_free( dst );
memcpy( dst, src, sizeof( mbedtls_ssl_session ) );
#if defined(MBEDTLS_X509_CRT_PARSE_C)
if( src->peer_cert != NULL )
{
int ret;
dst->peer_cert = mbedtls_calloc( 1, sizeof(mbedtls_x509_crt) );
if( dst->peer_cert == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
mbedtls_x509_crt_init( dst->peer_cert );
if( ( ret = mbedtls_x509_crt_parse_der( dst->peer_cert, src->peer_cert->raw.p,
src->peer_cert->raw.len ) ) != 0 )
{
mbedtls_free( dst->peer_cert );
dst->peer_cert = NULL;
return( ret );
}
}
#endif /* MBEDTLS_X509_CRT_PARSE_C */
#if defined(MBEDTLS_SSL_SESSION_TICKETS) && defined(MBEDTLS_SSL_CLI_C)
if( src->ticket != NULL )
{
dst->ticket = mbedtls_calloc( 1, src->ticket_len );
if( dst->ticket == NULL )
return( MBEDTLS_ERR_SSL_ALLOC_FAILED );
memcpy( dst->ticket, src->ticket, src->ticket_len );
}
#endif /* MBEDTLS_SSL_SESSION_TICKETS && MBEDTLS_SSL_CLI_C */
return( 0 );
}
#endif /* MBEDTLS_SSL_CLI_C */
#if defined(MBEDTLS_SSL_HW_RECORD_ACCEL)
int (*mbedtls_ssl_hw_record_init)( mbedtls_ssl_context *ssl,
const unsigned char *key_enc, const unsigned char *key_dec,
size_t keylen,
const unsigned char *iv_enc, const unsigned char *iv_dec,
size_t ivlen,
const unsigned char *mac_enc, const unsigned char *mac_dec,
size_t maclen ) = NULL;
int (*mbedtls_ssl_hw_record_activate)( mbedtls_ssl_context *ssl, int direction) = NULL;
int (*mbedtls_ssl_hw_record_reset)( mbedtls_ssl_context *ssl ) = NULL;
int (*mbedtls_ssl_hw_record_write)( mbedtls_ssl_context *ssl ) = NULL;
int (*mbedtls_ssl_hw_record_read)( mbedtls_ssl_context *ssl ) = NULL;
int (*mbedtls_ssl_hw_record_finish)( mbedtls_ssl_context *ssl ) = NULL;
#endif /* MBEDTLS_SSL_HW_RECORD_ACCEL */
/*
* Key material generation
*/
#if defined(MBEDTLS_SSL_PROTO_SSL3)
static int ssl3_prf( const unsigned char *secret, size_t slen,
const char *label,
const unsigned char *random, size_t rlen,
unsigned char *dstbuf, size_t dlen )
{
size_t i;
mbedtls_md5_context md5;
mbedtls_sha1_context sha1;
unsigned char padding[16];
unsigned char sha1sum[20];
((void)label);
mbedtls_md5_init( &md5 );
mbedtls_sha1_init( &sha1 );
/*
* SSLv3:
* block =
* MD5( secret + SHA1( 'A' + secret + random ) ) +
* MD5( secret + SHA1( 'BB' + secret + random ) ) +
* MD5( secret + SHA1( 'CCC' + secret + random ) ) +
* ...
*/
for( i = 0; i < dlen / 16; i++ )
{
memset( padding, (unsigned char) ('A' + i), 1 + i );
mbedtls_sha1_starts( &sha1 );
mbedtls_sha1_update( &sha1, padding, 1 + i );
mbedtls_sha1_update( &sha1, secret, slen );
mbedtls_sha1_update( &sha1, random, rlen );
mbedtls_sha1_finish( &sha1, sha1sum );
mbedtls_md5_starts( &md5 );
mbedtls_md5_update( &md5, secret, slen );
mbedtls_md5_update( &md5, sha1sum, 20 );
mbedtls_md5_
没有合适的资源?快使用搜索试试~ 我知道了~
温馨提示
Esp8266 细聊HmacMD5的加密方法带来的安全性,并实践在esp8266上,最大保障传输的过程的信息的安全性。 博文对应地址:https://blog.csdn.net/xh870189248/article/details/83751704
资源推荐
资源详情
资源评论
收起资源包目录
Esp8266 细聊HmacMD5的加密方法带来的安全性,并实践在esp8266上,最大保障传输的过程的信息的安全性 (699个子文件)
libcirom.a 4.92MB
libmirom.a 2.15MB
libwolfssl.a 974KB
libmbedtls.a 596KB
libgcc.a 587KB
liblwip.a 510KB
libwps.a 264KB
libnopoll.a 250KB
libnet80211.a 241KB
libpp.a 233KB
libssl.a 216KB
libphy.a 197KB
libmain.a 197KB
libhal.a 159KB
libcoap.a 147KB
libspiffs.a 134KB
libwpa.a 129KB
libopenssl.a 106KB
libsmartconfig.a 104KB
libcrypto.a 101KB
libespconn.a 88KB
libfreertos.a 81KB
libmqtt.a 80KB
libjson.a 51KB
libespnow.a 41KB
libdriver.a 41KB
libssc.a 38KB
libdriver.a 34KB
libpwm.a 16KB
libairkiss.a 11KB
libuser.a 11KB
user1.4096.new.6.bin 274KB
blank.bin 4KB
boot_v1.7.bin 4KB
boot_v1.6.bin 4KB
esp_init_data_default.bin 128B
user1.4096.new.6.bin_rep 274KB
ssl_tls.c 240KB
nopoll_conn.c 137KB
ssl_srv.c 126KB
ssl_cli.c 108KB
mib2.c 103KB
tasks.c 99KB
nopoll-regression-client.c 89KB
sockets.c 80KB
ssl_ciphersuites.c 79KB
dhcp.c 72KB
x509_crt.c 69KB
spiffs_nucleus.c 69KB
queue.c 67KB
ssl_tls1.c 63KB
ecp.c 63KB
espconn_tcp.c 62KB
tcp_in.c 61KB
tcp.c 58KB
ppp.c 58KB
nd6.c 56KB
lcp.c 56KB
bignum.c 56KB
nopoll.c 54KB
espconn.c 53KB
etharp.c 52KB
ecp_curves.c 51KB
api_msg.c 50KB
net.c 50KB
tcp_out.c 50KB
aes.c 50KB
rsa.c 49KB
spiffs_check.c 43KB
msg_in.c 43KB
ssl_platform.c 42KB
pbuf.c 40KB
ssl_bigint.c 39KB
pkparse.c 38KB
ipcp.c 38KB
udp.c 37KB
ecjpake.c 37KB
cipher_wrap.c 36KB
error.c 36KB
ip6.c 35KB
auth.c 35KB
camellia.c 34KB
ppp_oe.c 33KB
dhcpserver.c 32KB
ip4.c 32KB
dns.c 31KB
ssl_lib.c 31KB
des.c 31KB
gcm.c 30KB
mib_structs.c 29KB
ip_frag.c 28KB
heap_5.c 28KB
x509.c 28KB
netif.c 27KB
cJSON.c 27KB
igmp.c 27KB
timers.c 26KB
spiffs_hydrogen.c 26KB
sockets_mt.c 25KB
cipher.c 25KB
共 699 条
- 1
- 2
- 3
- 4
- 5
- 6
- 7
资源评论
- zyw808qwe2020-09-22可以借鉴 就是贵
- batmanbaby2019-05-27没多大作用。
半颗心脏
- 粉丝: 1w+
- 资源: 48
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 基于yolov5识别算法实现的DNF自动脚本源码.zip
- 基于Python实现的自动化办公项目.zip
- 基于python实现的基于PyQt5和爬虫的小说阅读系统.zip
- 机械设计整经机上纱自动化sw20非常好的设计图纸100%好用.zip
- Screenshot_20240427_031602.jpg
- 网页PDF_2024年04月26日 23-46-14_QQ浏览器网页保存_QQ浏览器转格式(6).docx
- 直接插入排序,冒泡排序,直接选择排序.zip
- 在排序2的基础上,再次对快排进行优化,其次增加快排非递归,归并排序,归并排序非递归版.zip
- 实现了7种排序算法.三种复杂度排序.三种nlogn复杂度排序(堆排序,归并排序,快速排序)一种线性复杂度的排序.zip
- 冒泡排序 直接选择排序 直接插入排序 随机快速排序 归并排序 堆排序.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功