Skip to content

Commit

Permalink
TLS verification
Browse files Browse the repository at this point in the history
  • Loading branch information
@cpq
cpq committed Feb 6, 2025
1 parent ef8e741 commit cddb80a
Show file tree
Hide file tree
Showing 9 changed files with 4,507 additions and 312 deletions.
2,356 changes: 2,216 additions & 140 deletions mongoose.c
View file

Large diffs are not rendered by default.

83 changes: 52 additions & 31 deletions mongoose.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1132,6 +1132,12 @@ bool mg_path_is_sane(const struct mg_str path);
MG_U8P(p)[0] = ((n) >> 8U) & 255; \
MG_U8P(p)[1] = (n) &255; \
} while (0)
#define MG_STORE_BE24(p, n) \
do { \
MG_U8P(p)[0] = ((n) >> 16U) & 255; \
MG_U8P(p)[1] = ((n) >> 8U) & 255; \
MG_U8P(p)[2] = (n) &255; \
} while (0)

#define MG_REG(x) ((volatile uint32_t *) (x))[0]
#define MG_BIT(x) (((uint32_t) 1U) << (x))
Expand Down Expand Up @@ -1260,11 +1266,25 @@ typedef struct {
unsigned char buffer[64];
} mg_sha256_ctx;


void mg_sha256_init(mg_sha256_ctx *);
void mg_sha256_update(mg_sha256_ctx *, const unsigned char *data, size_t len);
void mg_sha256_final(unsigned char digest[32], mg_sha256_ctx *);
void mg_sha256(uint8_t dst[32], uint8_t *data, size_t datasz);
void mg_hmac_sha256(uint8_t dst[32], uint8_t *key, size_t keysz, uint8_t *data,
size_t datasz);

typedef struct {
uint64_t state[8];
uint8_t buffer[128];
uint64_t bitlen[2];
uint32_t datalen;
} mg_sha384_ctx;
void mg_sha384_init(mg_sha384_ctx *ctx);
void mg_sha384_update(mg_sha384_ctx *ctx, const uint8_t *data, size_t len);
void mg_sha384_final(uint8_t digest[48], mg_sha384_ctx *ctx);
void mg_sha384(uint8_t dst[48], uint8_t *data, size_t datasz);

#ifndef TLS_X15519_H
#define TLS_X15519_H

Expand Down Expand Up @@ -2108,6 +2128,12 @@ PORTABLE_8439_DECL size_t mg_chacha20_poly1305_decrypt(
}
#endif
#endif
#ifndef TLS_RSA_H
#define TLS_RSA_H

int mg_rsa_mod_pow(const uint8_t *mod, size_t modsz, const uint8_t *exp, size_t expsz, const uint8_t *msg, size_t msgsz, uint8_t *out, size_t outsz);

#endif /* TLS_RSA_H */


struct mg_connection;
Expand Down Expand Up @@ -3193,14 +3219,22 @@ struct mg_tcpip_driver_tms570_data {



#if MG_ENABLE_TCPIP && defined(MG_ENABLE_DRIVER_W5500) && MG_ENABLE_DRIVER_W5500

#endif


#if MG_ENABLE_TCPIP && defined(MG_ENABLE_DRIVER_XMC7) && MG_ENABLE_DRIVER_XMC7
#if MG_ENABLE_TCPIP && defined(MG_ENABLE_DRIVER_XMC) && MG_ENABLE_DRIVER_XMC

struct mg_tcpip_driver_xmc7_data {
struct mg_tcpip_driver_xmc_data {
// 13.2.8.1 Station Management Functions
// MDC clock divider (). MDC clock is derived from ETH MAC clock
// It must not exceed 2.5MHz
// ETH Clock range DIVIDER mdc_cr VALUE
// --------------------------------------------
// -1 <-- tell driver to guess the value
// 60-100 MHz ETH Clock/42 0
// 100-150 MHz ETH Clock/62 1
// 20-35 MHz ETH Clock/16 2
// 35-60 MHz ETH Clock/26 3
// 150-250 MHz ETH Clock/102 4
// 250-300 MHz ETH Clock/124 5
// 110, 111 Reserved
int mdc_cr; // Valid values: -1, 0, 1, 2, 3, 4, 5
uint8_t phy_addr;
};
Expand All @@ -3210,45 +3244,31 @@ struct mg_tcpip_driver_xmc7_data {
#endif

#ifndef MG_DRIVER_MDC_CR
#define MG_DRIVER_MDC_CR 3
#define MG_DRIVER_MDC_CR 4
#endif

#define MG_TCPIP_DRIVER_INIT(mgr) \
do { \
static struct mg_tcpip_driver_xmc7_data driver_data_; \
static struct mg_tcpip_driver_xmc_data driver_data_; \
static struct mg_tcpip_if mif_; \
driver_data_.mdc_cr = MG_DRIVER_MDC_CR; \
driver_data_.phy_addr = MG_TCPIP_PHY_ADDR; \
mif_.ip = MG_TCPIP_IP; \
mif_.mask = MG_TCPIP_MASK; \
mif_.gw = MG_TCPIP_GW; \
mif_.driver = &mg_tcpip_driver_xmc7; \
mif_.driver = &mg_tcpip_driver_xmc; \
mif_.driver_data = &driver_data_; \
MG_SET_MAC_ADDRESS(mif_.mac); \
mg_tcpip_init(mgr, &mif_); \
MG_INFO(("Driver: xmc7, MAC: %M", mg_print_mac, mif_.mac)); \
MG_INFO(("Driver: xmc, MAC: %M", mg_print_mac, mif_.mac)); \
} while (0)

#endif


#if MG_ENABLE_TCPIP && defined(MG_ENABLE_DRIVER_XMC7) && MG_ENABLE_DRIVER_XMC7

#if MG_ENABLE_TCPIP && defined(MG_ENABLE_DRIVER_XMC) && MG_ENABLE_DRIVER_XMC

struct mg_tcpip_driver_xmc_data {
// 13.2.8.1 Station Management Functions
// MDC clock divider (). MDC clock is derived from ETH MAC clock
// It must not exceed 2.5MHz
// ETH Clock range DIVIDER mdc_cr VALUE
// --------------------------------------------
// -1 <-- tell driver to guess the value
// 60-100 MHz ETH Clock/42 0
// 100-150 MHz ETH Clock/62 1
// 20-35 MHz ETH Clock/16 2
// 35-60 MHz ETH Clock/26 3
// 150-250 MHz ETH Clock/102 4
// 250-300 MHz ETH Clock/124 5
// 110, 111 Reserved
struct mg_tcpip_driver_xmc7_data {
int mdc_cr; // Valid values: -1, 0, 1, 2, 3, 4, 5
uint8_t phy_addr;
};
Expand All @@ -3258,27 +3278,28 @@ struct mg_tcpip_driver_xmc_data {
#endif

#ifndef MG_DRIVER_MDC_CR
#define MG_DRIVER_MDC_CR 4
#define MG_DRIVER_MDC_CR 3
#endif

#define MG_TCPIP_DRIVER_INIT(mgr) \
do { \
static struct mg_tcpip_driver_xmc_data driver_data_; \
static struct mg_tcpip_driver_xmc7_data driver_data_; \
static struct mg_tcpip_if mif_; \
driver_data_.mdc_cr = MG_DRIVER_MDC_CR; \
driver_data_.phy_addr = MG_TCPIP_PHY_ADDR; \
mif_.ip = MG_TCPIP_IP; \
mif_.mask = MG_TCPIP_MASK; \
mif_.gw = MG_TCPIP_GW; \
mif_.driver = &mg_tcpip_driver_xmc; \
mif_.driver = &mg_tcpip_driver_xmc7; \
mif_.driver_data = &driver_data_; \
MG_SET_MAC_ADDRESS(mif_.mac); \
mg_tcpip_init(mgr, &mif_); \
MG_INFO(("Driver: xmc, MAC: %M", mg_print_mac, mif_.mac)); \
MG_INFO(("Driver: xmc7, MAC: %M", mg_print_mac, mif_.mac)); \
} while (0)

#endif


#ifdef __cplusplus
}
#endif
Expand Down
170 changes: 170 additions & 0 deletions src/sha256.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,13 @@ void mg_sha256_final(unsigned char digest[32], mg_sha256_ctx *ctx) {
}
}

void mg_sha256(uint8_t dst[32], uint8_t *data, size_t datasz) {
mg_sha256_ctx ctx;
mg_sha256_init(&ctx);
mg_sha256_update(&ctx, data, datasz);
mg_sha256_final(dst, &ctx);
}

void mg_hmac_sha256(uint8_t dst[32], uint8_t *key, size_t keysz, uint8_t *data,
size_t datasz) {
mg_sha256_ctx ctx;
Expand Down Expand Up @@ -165,3 +172,166 @@ void mg_hmac_sha256(uint8_t dst[32], uint8_t *key, size_t keysz, uint8_t *data,
mg_sha256_update(&ctx, dst, 32);
mg_sha256_final(dst, &ctx);
}

//=====================================
// TODO: rename macros
#define ROTR64(x, n) (((x) >> (n)) | ((x) << (64 - (n))))
#define CH(x, y, z) (((x) & (y)) ^ (~(x) & (z)))
#define MAJ(x, y, z) (((x) & (y)) ^ ((x) & (z)) ^ ((y) & (z)))
#define EP0(x) (ROTR64(x, 28) ^ ROTR64(x, 34) ^ ROTR64(x, 39))
#define EP1(x) (ROTR64(x, 14) ^ ROTR64(x, 18) ^ ROTR64(x, 41))
#define SIG0(x) (ROTR64(x, 1) ^ ROTR64(x, 8) ^ ((x) >> 7))
#define SIG1(x) (ROTR64(x, 19) ^ ROTR64(x, 61) ^ ((x) >> 6))

static const uint64_t mg_sha256_k2[80] = {
0x428a2f98d728ae22ULL, 0x7137449123ef65cdULL, 0xb5c0fbcfec4d3b2fULL,
0xe9b5dba58189dbbcULL, 0x3956c25bf348b538ULL, 0x59f111f1b605d019ULL,
0x923f82a4af194f9bULL, 0xab1c5ed5da6d8118ULL, 0xd807aa98a3030242ULL,
0x12835b0145706fbeULL, 0x243185be4ee4b28cULL, 0x550c7dc3d5ffb4e2ULL,
0x72be5d74f27b896fULL, 0x80deb1fe3b1696b1ULL, 0x9bdc06a725c71235ULL,
0xc19bf174cf692694ULL, 0xe49b69c19ef14ad2ULL, 0xefbe4786384f25e3ULL,
0x0fc19dc68b8cd5b5ULL, 0x240ca1cc77ac9c65ULL, 0x2de92c6f592b0275ULL,
0x4a7484aa6ea6e483ULL, 0x5cb0a9dcbd41fbd4ULL, 0x76f988da831153b5ULL,
0x983e5152ee66dfabULL, 0xa831c66d2db43210ULL, 0xb00327c898fb213fULL,
0xbf597fc7beef0ee4ULL, 0xc6e00bf33da88fc2ULL, 0xd5a79147930aa725ULL,
0x06ca6351e003826fULL, 0x142929670a0e6e70ULL, 0x27b70a8546d22ffcULL,
0x2e1b21385c26c926ULL, 0x4d2c6dfc5ac42aedULL, 0x53380d139d95b3dfULL,
0x650a73548baf63deULL, 0x766a0abb3c77b2a8ULL, 0x81c2c92e47edaee6ULL,
0x92722c851482353bULL, 0xa2bfe8a14cf10364ULL, 0xa81a664bbc423001ULL,
0xc24b8b70d0f89791ULL, 0xc76c51a30654be30ULL, 0xd192e819d6ef5218ULL,
0xd69906245565a910ULL, 0xf40e35855771202aULL, 0x106aa07032bbd1b8ULL,
0x19a4c116b8d2d0c8ULL, 0x1e376c085141ab53ULL, 0x2748774cdf8eeb99ULL,
0x34b0bcb5e19b48a8ULL, 0x391c0cb3c5c95a63ULL, 0x4ed8aa4ae3418acbULL,
0x5b9cca4f7763e373ULL, 0x682e6ff3d6b2b8a3ULL, 0x748f82ee5defb2fcULL,
0x78a5636f43172f60ULL, 0x84c87814a1f0ab72ULL, 0x8cc702081a6439ecULL,
0x90befffa23631e28ULL, 0xa4506cebde82bde9ULL, 0xbef9a3f7b2c67915ULL,
0xc67178f2e372532bULL, 0xca273eceea26619cULL, 0xd186b8c721c0c207ULL,
0xeada7dd6cde0eb1eULL, 0xf57d4f7fee6ed178ULL, 0x06f067aa72176fbaULL,
0x0a637dc5a2c898a6ULL, 0x113f9804bef90daeULL, 0x1b710b35131c471bULL,
0x28db77f523047d84ULL, 0x32caab7b40c72493ULL, 0x3c9ebe0a15c9bebcULL,
0x431d67c49c100d4cULL, 0x4cc5d4becb3e42b6ULL, 0x597f299cfc657e2aULL,
0x5fcb6fab3ad6faecULL, 0x6c44198c4a475817ULL};

static void mg_sha384_transform(mg_sha384_ctx *ctx, const uint8_t data[]) {
uint64_t m[80];
uint64_t a, b, c, d, e, f, g, h;
int i, j;

for (i = 0, j = 0; i < 16; ++i, j += 8)
m[i] = ((uint64_t) data[j] << 56) | ((uint64_t) data[j + 1] << 48) |
((uint64_t) data[j + 2] << 40) | ((uint64_t) data[j + 3] << 32) |
((uint64_t) data[j + 4] << 24) | ((uint64_t) data[j + 5] << 16) |
((uint64_t) data[j + 6] << 8) | ((uint64_t) data[j + 7]);
for (; i < 80; ++i)
m[i] = SIG1(m[i - 2]) + m[i - 7] + SIG0(m[i - 15]) + m[i - 16];

a = ctx->state[0];
b = ctx->state[1];
c = ctx->state[2];
d = ctx->state[3];
e = ctx->state[4];
f = ctx->state[5];
g = ctx->state[6];
h = ctx->state[7];

for (i = 0; i < 80; ++i) {
uint64_t t1 = h + EP1(e) + CH(e, f, g) + mg_sha256_k2[i] + m[i];
uint64_t t2 = EP0(a) + MAJ(a, b, c);
h = g;
g = f;
f = e;
e = d + t1;
d = c;
c = b;
b = a;
a = t1 + t2;
}

ctx->state[0] += a;
ctx->state[1] += b;
ctx->state[2] += c;
ctx->state[3] += d;
ctx->state[4] += e;
ctx->state[5] += f;
ctx->state[6] += g;
ctx->state[7] += h;
}

void mg_sha384_init(mg_sha384_ctx *ctx) {
ctx->datalen = 0;
ctx->bitlen[0] = 0;
ctx->bitlen[1] = 0;
ctx->state[0] = 0xcbbb9d5dc1059ed8ULL;
ctx->state[1] = 0x629a292a367cd507ULL;
ctx->state[2] = 0x9159015a3070dd17ULL;
ctx->state[3] = 0x152fecd8f70e5939ULL;
ctx->state[4] = 0x67332667ffc00b31ULL;
ctx->state[5] = 0x8eb44a8768581511ULL;
ctx->state[6] = 0xdb0c2e0d64f98fa7ULL;
ctx->state[7] = 0x47b5481dbefa4fa4ULL;
}

void mg_sha384_update(mg_sha384_ctx *ctx, const uint8_t *data, size_t len) {
for (size_t i = 0; i < len; ++i) {
ctx->buffer[ctx->datalen] = data[i];
ctx->datalen++;
if (ctx->datalen == 128) {
mg_sha384_transform(ctx, ctx->buffer);
ctx->bitlen[1] += 1024;
if (ctx->bitlen[1] < 1024) ctx->bitlen[0]++;
ctx->datalen = 0;
}
}
}

void mg_sha384_final(uint8_t hash[48], mg_sha384_ctx *ctx) {
size_t i = ctx->datalen;

if (ctx->datalen < 112) {
ctx->buffer[i++] = 0x80;
while (i < 112) ctx->buffer[i++] = 0x00;
} else {
ctx->buffer[i++] = 0x80;
while (i < 128) ctx->buffer[i++] = 0x00;
mg_sha384_transform(ctx, ctx->buffer);
memset(ctx->buffer, 0, 112);
}

ctx->bitlen[1] += ctx->datalen * 8;
if (ctx->bitlen[1] < ctx->datalen * 8) ctx->bitlen[0]++;
ctx->buffer[127] = (uint8_t) (ctx->bitlen[1]);
ctx->buffer[126] = (uint8_t) (ctx->bitlen[1] >> 8);
ctx->buffer[125] = (uint8_t) (ctx->bitlen[1] >> 16);
ctx->buffer[124] = (uint8_t) (ctx->bitlen[1] >> 24);
ctx->buffer[123] = (uint8_t) (ctx->bitlen[1] >> 32);
ctx->buffer[122] = (uint8_t) (ctx->bitlen[1] >> 40);
ctx->buffer[121] = (uint8_t) (ctx->bitlen[1] >> 48);
ctx->buffer[120] = (uint8_t) (ctx->bitlen[1] >> 56);
ctx->buffer[119] = (uint8_t) (ctx->bitlen[0]);
ctx->buffer[118] = (uint8_t) (ctx->bitlen[0] >> 8);
ctx->buffer[117] = (uint8_t) (ctx->bitlen[0] >> 16);
ctx->buffer[116] = (uint8_t) (ctx->bitlen[0] >> 24);
ctx->buffer[115] = (uint8_t) (ctx->bitlen[0] >> 32);
ctx->buffer[114] = (uint8_t) (ctx->bitlen[0] >> 40);
ctx->buffer[113] = (uint8_t) (ctx->bitlen[0] >> 48);
ctx->buffer[112] = (uint8_t) (ctx->bitlen[0] >> 56);
mg_sha384_transform(ctx, ctx->buffer);

for (i = 0; i < 6; ++i) {
hash[i * 8] = (ctx->state[i] >> 56) & 0xff;
hash[i * 8 + 1] = (ctx->state[i] >> 48) & 0xff;
hash[i * 8 + 2] = (ctx->state[i] >> 40) & 0xff;
hash[i * 8 + 3] = (ctx->state[i] >> 32) & 0xff;
hash[i * 8 + 4] = (ctx->state[i] >> 24) & 0xff;
hash[i * 8 + 5] = (ctx->state[i] >> 16) & 0xff;
hash[i * 8 + 6] = (ctx->state[i] >> 8) & 0xff;
hash[i * 8 + 7] = ctx->state[i] & 0xff;
}
}

void mg_sha384(uint8_t dst[48], uint8_t *data, size_t datasz) {
mg_sha384_ctx ctx;
mg_sha384_init(&ctx);
mg_sha384_update(&ctx, data, datasz);
mg_sha384_final(dst, &ctx);
}
14 changes: 14 additions & 0 deletions src/sha256.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,22 @@ typedef struct {
unsigned char buffer[64];
} mg_sha256_ctx;


void mg_sha256_init(mg_sha256_ctx *);
void mg_sha256_update(mg_sha256_ctx *, const unsigned char *data, size_t len);
void mg_sha256_final(unsigned char digest[32], mg_sha256_ctx *);
void mg_sha256(uint8_t dst[32], uint8_t *data, size_t datasz);
void mg_hmac_sha256(uint8_t dst[32], uint8_t *key, size_t keysz, uint8_t *data,
size_t datasz);

typedef struct {
uint64_t state[8];
uint8_t buffer[128];
uint64_t bitlen[2];
uint32_t datalen;
} mg_sha384_ctx;
void mg_sha384_init(mg_sha384_ctx *ctx);
void mg_sha384_update(mg_sha384_ctx *ctx, const uint8_t *data, size_t len);
void mg_sha384_final(uint8_t digest[48], mg_sha384_ctx *ctx);
void mg_sha384(uint8_t dst[48], uint8_t *data, size_t datasz);

Loading

0 comments on commit cddb80a

Please sign in to comment.