BOOL Piezo_Driver::Tone( UINT32 Frequency_Hertz, UINT32 Duration_Milliseconds ) { // Not sure why this is neccessary. Calling the Piezo::Tone function from with-in an ISR // should be a valid scenario. Lorenzo and I (Zach) can not determine // why this assert is needed; therefore, it is being commented out (for now). //ASSERT(!SystemState_Query( SYSTEM_STATE_ISR )); GLOBAL_LOCK(irq); // special to clear queue if(Frequency_Hertz == TONE_CLEAR_BUFFER) { // let active note to finish on it's own EmptyQueue(); } else { // 0 length tone isn't wrong persay, but if a NULL op, so drop it gracefully, as a success if(Duration_Milliseconds > 0) { PIEZO_TONE* Tone = g_Piezo_Driver.m_ToneToRelease.ExtractFirstNode(); if(Tone == NULL) { // // Re-enable interrupts when allocating memory. // irq.Release(); Tone = (PIEZO_TONE*)private_malloc( sizeof(PIEZO_TONE) ); Tone->Initialize(); irq.Acquire(); } if(Tone == NULL) { // No memory, just drop this tone and fail the call ASSERT(0); return FALSE; } Tone->Frequency_Hertz = Frequency_Hertz; Tone->Duration_Milliseconds = Duration_Milliseconds; DEBUG_TRACE3(0, "Tone(%4d,%4d)=%d\r\n", Frequency_Hertz, Duration_Milliseconds, g_Piezo_Driver.m_ToneToPlay.NumOfNodes() ); g_Piezo_Driver.m_ToneToPlay.LinkAtBack( Tone ); if(g_Piezo_Driver.m_TonePlaying == NULL) { StartNext(); } } } return TRUE; }
int tls12_PRF( const EVP_MD *md, const u_char* secret, uint32_t secret_len, const char* label, u_char* random1, uint32_t random1_len, u_char* random2, uint32_t random2_len, u_char *out, uint32_t out_len ) { uint32_t len; uint32_t i; const u_char *S1,*S2; u_char* out_tmp; u_char* seed; uint32_t seed_len; u_char* p; if( !label || !out || out_len == 0 ) { _ASSERT( FALSE); return NM_ERROR( DSSL_E_INVALID_PARAMETER ); } /* 'sha256' is the default for TLS 1.2. * also, do not allow anything less secure... */ if ( !md ) md = EVP_sha256(); else if ( EVP_MD_size( md ) < EVP_MD_size( EVP_sha256() ) ) md = EVP_sha256(); /* allocate a temporary buffer for second output stream */ out_tmp = (u_char*) malloc( out_len ); if( !out_tmp ) return NM_ERROR( DSSL_E_OUT_OF_MEMORY ); /* allocate and initialize the seed */ seed_len = (uint32_t)strlen( label ) + random1_len + random2_len; seed = (u_char*) malloc( seed_len ); if( !seed ) { free( out_tmp ); return NM_ERROR( DSSL_E_OUT_OF_MEMORY ); } p = seed; memcpy( p, label, strlen( label ) ); p+= strlen( label ); memcpy( p, random1, random1_len ); p+= random1_len; memcpy( p, random2, random2_len ); DEBUG_TRACE_BUF("secret", secret, secret_len); DEBUG_TRACE_BUF("seed", seed, seed_len); tls1_P_hash( md, secret, secret_len, seed, seed_len, out_tmp, out_len ); DEBUG_TRACE_BUF("result", out_tmp, out_len); DEBUG_TRACE3( "\nsecret(%d) + seed(%u)=out(%u)\n", secret_len, seed_len, out_len); for( i=0; i < out_len; i++ ) out[i] = out_tmp[i]; free( seed ); free( out_tmp ); return DSSL_RC_OK; }
BOOL HAL_CONFIG_BLOCK::IsGoodBlock() const { if(Signature != c_Version_V2) { return FALSE; } DEBUG_TRACE2( TRACE_CONFIG, "read header CRC=0x%08x at %08x\r\n", HeaderCRC, (size_t)this ); // what is the header's CRC UINT32 CRC = SUPPORT_ComputeCRC( ((UINT8*)&DataCRC), sizeof(*this) - offsetof(HAL_CONFIG_BLOCK,DataCRC), c_Seed ); DEBUG_TRACE1(TRACE_CONFIG, "calc header CRC=0x%08x\r\n", CRC); if(CRC != HeaderCRC) { DEBUG_TRACE3( TRACE_ALWAYS, "FAILED HEADER CRC at %08x: 0x%08x != 0x%08x\r\n", (size_t)this, CRC, HeaderCRC ); return FALSE; } return TRUE; }
static int ssl_decrypt_record( dssl_decoder_stack* stack, u_char* data, uint32_t len, u_char** out, uint32_t* out_len, int *buffer_aquired ) { u_char* buf = NULL; uint32_t buf_len = len; int rc = DSSL_RC_OK; int block_size; const EVP_CIPHER* c = NULL; _ASSERT( stack ); _ASSERT( stack->sess ); _ASSERT( stack->cipher ); rc = ssls_get_decrypt_buffer( stack->sess, &buf, buf_len ); if( rc != DSSL_RC_OK ) return rc; *buffer_aquired = 1; c = EVP_CIPHER_CTX_cipher( stack->cipher ); block_size = EVP_CIPHER_block_size( c ); DEBUG_TRACE3( "using cipher %s (mode=%u, block=%u)\n", EVP_CIPHER_name(c), stack->sess->cipher_mode, block_size ); if( block_size != 1 ) { if( len == 0 || (len % block_size) != 0 ) { return NM_ERROR( DSSL_E_SSL_DECRYPTION_ERROR ); } } DEBUG_TRACE_BUF("encrypted", data, len); if ( EVP_CIPH_GCM_MODE == stack->sess->cipher_mode || EVP_CIPH_CCM_MODE == stack->sess->cipher_mode ) { if ( len < EVP_GCM_TLS_EXPLICIT_IV_LEN ) { return NM_ERROR( DSSL_E_SSL_DECRYPTION_ERROR ); } if ( EVP_CIPH_GCM_MODE == stack->sess->cipher_mode ) { /* set 'explicit_nonce' part from message bytes */ rc = EVP_CIPHER_CTX_ctrl(stack->cipher, EVP_CTRL_GCM_SET_IV_INV, EVP_GCM_TLS_EXPLICIT_IV_LEN, data); } else { /* 4 bytes write_iv, 8 bytes explicit_nonce, 4 bytes counter */ u_char ccm_nonce[EVP_GCM_TLS_TAG_LEN] = { 0 }; rc = EVP_CIPHER_CTX_ctrl(stack->cipher, EVP_CTRL_CCM_GET_TAG, sizeof(ccm_nonce), ccm_nonce); if( rc != DSSL_RC_OK ) return rc; /* overwrite exlicit_nonce part with packet data */ memcpy(ccm_nonce + 1 + EVP_GCM_TLS_FIXED_IV_LEN, data, EVP_GCM_TLS_EXPLICIT_IV_LEN); rc = EVP_CIPHER_CTX_ctrl(stack->cipher, EVP_CTRL_CCM_SET_TAG, sizeof(ccm_nonce), ccm_nonce); if( rc != DSSL_RC_OK ) return rc; } data += EVP_GCM_TLS_EXPLICIT_IV_LEN; len -= EVP_GCM_TLS_EXPLICIT_IV_LEN; } rc = EVP_Cipher(stack->cipher, buf, data, len ); buf_len = len; /* strip the padding */ if( block_size != 1 ) { if( buf[len-1] >= buf_len - 1 ) return NM_ERROR( DSSL_E_SSL_DECRYPTION_ERROR ); buf_len -= buf[len-1] + 1; } DEBUG_TRACE_BUF("decrypted", buf, buf_len); /* ignore auth tag, which is 16 (for CCM/GCM) or 8 (for CCM-8) bytes */ if ( EVP_CIPH_GCM_MODE == stack->sess->cipher_mode || EVP_CIPH_CCM_MODE == stack->sess->cipher_mode ) { if (NULL == stack->sess->dssl_cipher_suite->extra_info) buf_len -= EVP_GCM_TLS_TAG_LEN; else buf_len -= (size_t)stack->sess->dssl_cipher_suite->extra_info; } *out = buf; *out_len = buf_len; return DSSL_RC_OK; }
int ssl3_record_layer_decoder( void* decoder_stack, NM_PacketDir dir, u_char* data, uint32_t len, uint32_t* processed ) { int rc = DSSL_E_UNSPECIFIED_ERROR; uint32_t recLen = 0, totalRecLen = 0; uint8_t record_type = 0; dssl_decoder_stack* stack = (dssl_decoder_stack*) decoder_stack; dssl_decoder* next_decoder = NULL; int decrypt_buffer_aquired = 0; int decompress_buffer_aquired = 0; _ASSERT( stack ); _ASSERT( processed ); _ASSERT( stack->sess ); if( stack->state > SS_Established ) { #ifdef NM_TRACE_SSL_RECORD DEBUG_TRACE1( "[!]Unexpected SSL record after %s", ( (stack->state == SS_FatalAlert) ? "fatal alert" : "close_notify alert") ); #endif return NM_ERROR( DSSL_E_SSL_UNEXPECTED_TRANSMISSION ); } /* special case for a first client hello */ if( stack->sess->version == 0 ) { _ASSERT( dir == ePacketDirFromClient ); rc = ssl_decode_first_client_hello( stack->sess, data, len, processed ); return rc; } if( len < SSL3_HEADER_LEN ) return NM_ERROR( DSSL_E_SSL_INVALID_RECORD_LENGTH ); if( data[1] != 3) return NM_ERROR( DSSL_E_SSL_PROTOCOL_ERROR ); /* Decode record type */ record_type = data[0]; totalRecLen = recLen = MAKE_UINT16( data[3], data[4] ); data += SSL3_HEADER_LEN; len -= SSL3_HEADER_LEN; #ifdef NM_TRACE_SSL_RECORD DEBUG_TRACE3( "\n==>Decoding SSL v3 Record from %s, type: %d, len: %d\n{\n", ((dir == ePacketDirFromClient)?"client":"server"), (int) record_type, (int) recLen ); #endif rc = DSSL_RC_OK; if( len < recLen ) { rc = DSSL_RC_WOULD_BLOCK; } if( rc == DSSL_RC_OK && stack->cipher ) { rc = ssl_decrypt_record( stack, data, recLen, &data, &recLen, &decrypt_buffer_aquired ); } /* check if the record length is still within bounds (failed decryption, etc) */ if( rc == DSSL_RC_OK && (recLen > RFC_2246_MAX_COMPRESSED_LENGTH || recLen > len || (stack->sess->version < TLS1_2_VERSION && stack->md && recLen < EVP_MD_size(stack->md))) ) { rc = NM_ERROR(DSSL_E_SSL_INVALID_RECORD_LENGTH); } if( rc == DSSL_RC_OK && stack->md ) { u_char mac[EVP_MAX_MD_SIZE*2]; u_char* rec_mac = NULL; int l = EVP_MD_size( stack->md ); int ivl = EVP_CIPHER_iv_length( stack->cipher->cipher ); if ( EVP_CIPH_CBC_MODE == stack->sess->cipher_mode || EVP_CIPH_STREAM_CIPHER == stack->sess->cipher_mode ) recLen -= l; rec_mac = data+recLen; memset(mac, 0, sizeof(mac) ); /* TLS 1.1 and later: remove explicit IV for non-stream ciphers */ if ( EVP_CIPH_CBC_MODE == stack->sess->cipher_mode ) { if (stack->sess->version >= TLS1_1_VERSION ) { if (ivl <= recLen) { recLen -= ivl; data += ivl; } } } /* AEAD ciphers have no mac */ if ( EVP_CIPH_CBC_MODE == stack->sess->cipher_mode || EVP_CIPH_STREAM_CIPHER == stack->sess->cipher_mode ) { rc = stack->sess->caclulate_mac_proc( stack, record_type, data, recLen, mac ); if( rc == DSSL_RC_OK ) { rc = memcmp( mac, rec_mac, l ) == 0 ? DSSL_RC_OK : NM_ERROR( DSSL_E_SSL_INVALID_MAC ); } } } if( rc == DSSL_RC_OK && stack->compression_method != 0 ) { rc = ssl_decompress_record( stack, data, recLen, &data, &recLen, &decompress_buffer_aquired ); } DEBUG_TRACE_BUF("decompressed", data, recLen); if( rc == DSSL_RC_OK ) { switch( record_type ) { case SSL3_RT_HANDSHAKE: next_decoder = &stack->dhandshake; break; case SSL3_RT_CHANGE_CIPHER_SPEC: next_decoder = &stack->dcss; break; case SSL3_RT_APPLICATION_DATA: next_decoder = &stack->dappdata; break; case SSL3_RT_ALERT: next_decoder = &stack->dalert; break; default: rc = NM_ERROR( DSSL_E_SSL_PROTOCOL_ERROR ); } } if( rc == DSSL_RC_OK ) { _ASSERT( next_decoder != NULL ); rc = dssl_decoder_process( next_decoder, dir, data, recLen ); } if( rc == DSSL_RC_OK ) { *processed = totalRecLen + SSL3_HEADER_LEN; } if( decrypt_buffer_aquired ) { ssls_release_decrypt_buffer( stack->sess ); } if( decompress_buffer_aquired ) { ssls_release_decompress_buffer( stack->sess ); } #ifdef NM_TRACE_SSL_RECORD DEBUG_TRACE1( "\n} rc: %d\n", (int) rc); #endif if( stack->state == SS_SeenCloseNotify ) { stack->sess->flags |= SSF_CLOSE_NOTIFY_RECEIVED; } else if ( stack->state == SS_FatalAlert ) { stack->sess->flags |= SSF_FATAL_ALERT_RECEIVED; } return rc; }
static int ssl_decrypt_record( dssl_decoder_stack* stack, u_char* data, uint32_t len, u_char** out, uint32_t* out_len, int *buffer_aquired,int *block_size ) { u_char* buf = NULL; uint32_t buf_len = len; int rc = DSSL_RC_OK; const EVP_CIPHER* c = NULL; int func_ret = 0; int i = 0; DEBUG_TRACE3("ssl_decrypt_record - len: %d, out_len: %d, buffer_aquired: %d\n", len, *out_len, buffer_aquired); _ASSERT( stack ); _ASSERT( stack->sess ); _ASSERT( stack->cipher ); rc = ssls_get_decrypt_buffer( stack->sess, &buf, buf_len ); DEBUG_TRACE1("ssl_decrypt_record - calling ssls_get_decrypt_buffer ended. ret: %d\n", rc); // test //memset(buf, 0x77, DSSL_MAX_COMPRESSED_LENGTH); /* for (i = 0; i < 128; i++) { printf("ssl_decrypt_record(1) - buf[%d]: 0x%02X, data: 0x%02X\n", i, buf[i], data[i]); } */ if( rc != DSSL_RC_OK ) return rc; *buffer_aquired = 1; c = EVP_CIPHER_CTX_cipher( stack->cipher ); *block_size = EVP_CIPHER_block_size( c ); DEBUG_TRACE1("ssl_decrypt_record - calling EVP_CIPHER_block_size ended. ret: %d\n", *block_size); if( *block_size != 1 ) { if( len == 0 || (len % *block_size) != 0 ) { DEBUG_TRACE0("ssl_decrypt_record - DSSL_E_SSL_DECRYPTION_ERROR(after EVP_CIPHER_block_size)\n"); return NM_ERROR( DSSL_E_SSL_DECRYPTION_ERROR ); } } func_ret = EVP_Cipher(stack->cipher, buf, data, len ); DEBUG_TRACE1("ssl_decrypt_record - calling EVP_Cipher ret: %d\n", func_ret); buf_len = len; DEBUG_TRACE1("ssl_decrypt_record - buf_len: %d\n", buf_len); /* for (i = 0; i < 128; i++) { printf("ssl_decrypt_record(2) - buf[%d]: 0x%02X, data: 0x%02X\n", i, buf[i], data[i]); } */ /* strip the padding */ if( *block_size > 1 ) { if( buf[len-1] >= buf_len - 1 ) { DEBUG_TRACE0("ssl_decrypt_record - DSSL_E_SSL_DECRYPTION_ERROR(after EVP_Cipher)\n"); return NM_ERROR( DSSL_E_SSL_DECRYPTION_ERROR ); } buf_len -= buf[len-1] + 1; } *out = buf; *out_len = buf_len; return DSSL_RC_OK; }
void ssl3_update_handshake_digests( DSSL_Session* sess, u_char* data, uint32_t len ) { DSSL_handshake_buffer *q = NULL, *next; /* sanity check in case client hello is not received */ if( sess->handshake_digest_md5.digest == NULL || sess->handshake_digest_sha.digest == NULL) { ssl3_init_handshake_digests( sess ); } EVP_DigestUpdate( &sess->handshake_digest_md5, data, len ); EVP_DigestUpdate( &sess->handshake_digest_sha, data, len ); if ( sess->version >= TLS1_2_VERSION ) { /* if digest is still unknown, then queue the packets. * we'll calculate the handshake hash once we determine which digest we should use. */ EVP_MD* digest = NULL; DSSL_CipherSuite* suite = sess->dssl_cipher_suite; if ( !suite ) suite = DSSL_GetSSL3CipherSuite( sess->cipher_suite ); digest = EVP_get_digestbyname( suite->digest ); /* 'sha256' is the default for TLS 1.2, and can be replaced with a different (but stronger) hash */ if ( !digest ) { q = (DSSL_handshake_buffer*) malloc( sizeof(DSSL_handshake_buffer) ); q->next = NULL; q->data = (u_char*) malloc( len ); memcpy(q->data, data, len); q->len = len; if (NULL == sess->handshake_queue) sess->handshake_queue = q; else sess->handshake_queue->next = q; DEBUG_TRACE3( "Queue handshake packet %p (%u @ %p)", q, q->len, q->data ); } else if ( digest != sess->handshake_digest.digest && EVP_MD_size( digest ) >= EVP_MD_size( sess->handshake_digest.digest ) ) { /* specified digest is different than the default. * re-init and re-hash all queued packets. */ EVP_MD_CTX_cleanup( &sess->handshake_digest ); EVP_DigestInit_ex( &sess->handshake_digest, digest, NULL ); for (q = sess->handshake_queue; q != NULL; q = next) { DEBUG_TRACE3( "Re-hash handshake packet %p (%u @ %p)", q, q->len, q->data ); EVP_DigestUpdate( &sess->handshake_digest, q->data, q->len ); next = q->next; free ( q->data ); free ( q ); } sess->handshake_queue = NULL; } else { /* specified digest is identical to the default. * throw away all the queued packets. */ for (q = sess->handshake_queue; q != NULL; q = next) { DEBUG_TRACE3( "discard handshake packet %p (%u @ %p)", q, q->len, q->data ); next = q->next; free ( q->data ); free ( q ); } sess->handshake_queue = NULL; } if ( sess->handshake_digest.digest ) EVP_DigestUpdate( &sess->handshake_digest, data, len ); } }
int main(void) { #if PLATFORM_ARM_OS_PORT ClrThreadId = osThreadGetId(); #endif BootstrapCode_GPIO(); HAL_Time_Initialize(); HAL_Initialize(); #if !defined(BUILD_RTM) DEBUG_TRACE4( STREAM_LCD, ".NetMF v%d.%d.%d.%d\r\n", VERSION_MAJOR, VERSION_MINOR, VERSION_BUILD, VERSION_REVISION); DEBUG_TRACE3(TRACE_ALWAYS, "%s, Build Date:\r\n\t%s %s\r\n", HalName, __DATE__, __TIME__); #if defined(__GNUC__) DEBUG_TRACE1(TRACE_ALWAYS, "GNU Compiler version %d\r\n", __GNUC__); #else DEBUG_TRACE1(TRACE_ALWAYS, "ARM Compiler version %d\r\n", __ARMCC_VERSION); #endif UINT8* BaseAddress; UINT32 SizeInBytes; HeapLocation( BaseAddress, SizeInBytes ); memset ( BaseAddress, 0, SizeInBytes ); debug_printf("\f"); debug_printf("%-15s\r\n", HalName); debug_printf("%-15s\r\n", "Build Date:"); debug_printf(" %-13s\r\n", __DATE__); debug_printf(" %-13s\r\n", __TIME__); #endif // !defined(BUILD_RTM) /***********************************************************************************/ { #if defined(FIQ_SAMPLING_PROFILER) FIQ_Profiler_Init(); #endif } // the runtime is by default using a watchdog Watchdog_GetSetTimeout ( WATCHDOG_TIMEOUT , TRUE ); Watchdog_GetSetBehavior( WATCHDOG_BEHAVIOR, TRUE ); Watchdog_GetSetEnabled ( WATCHDOG_ENABLE, TRUE ); // HAL initialization completed. Interrupts are enabled. Jump to the Application routine ApplicationEntryPoint(); debug_printf("main exited!!???. Halting CPU\r\n"); #if defined(BUILD_RTM) CPU_Reset(); #else CPU_Halt(); #endif return -1; }