dtls_session_t *_DTLSSession_init() { dtls_session_t *p_dtls_session = NULL; p_dtls_session = coap_malloc(sizeof(dtls_session_t)); mbedtls_debug_set_threshold(0); mbedtls_platform_set_calloc_free(_DTLSCalloc_wrapper, _DTLSFree_wrapper); if (NULL != p_dtls_session) { mbedtls_net_init(&p_dtls_session->fd); mbedtls_ssl_init(&p_dtls_session->context); mbedtls_ssl_config_init(&p_dtls_session->conf); mbedtls_net_init(&p_dtls_session->fd); mbedtls_ssl_cookie_init(&p_dtls_session->cookie_ctx); #ifdef MBEDTLS_X509_CRT_PARSE_C mbedtls_x509_crt_init(&p_dtls_session->cacert); #endif mbedtls_ctr_drbg_init(&p_dtls_session->ctr_drbg); mbedtls_entropy_init(&p_dtls_session->entropy); DTLS_INFO("HAL_DTLSSession_init success\r\n"); } return p_dtls_session; }
static void conn_link_mbedtls_cleanup(void) { DEBUGASSERT(g_https_data.mbedtls); DEBUGASSERT(g_https_data.initialized); #ifdef CONFIG_MBEDTLS_ENABLE_CTR_DRBG mbedtls_ctr_drbg_free(&g_https_data.mbedtls->drbg); #else mbedtls_hmac_drbg_free(&g_https_data.mbedtls->drbg); #endif mbedtls_ssl_session_free(&g_https_data.mbedtls->saved_session); mbedtls_ssl_config_free(&g_https_data.mbedtls->conf); free(g_https_data.mbedtls); g_https_data.mbedtls = NULL; mbedtls_platform_set_calloc_free(calloc, free); g_https_data.initialized = false; DEBUGASSERT(!g_https_data.ssl_inbuf_in_use); }
static int conn_link_mbedtls_initialize(void) { if (g_https_data.initialized) return 0; g_https_data.mbedtls = calloc(1, sizeof(*g_https_data.mbedtls)); if (!g_https_data.mbedtls) return -1; mbedtls_platform_set_calloc_free(conn_link_mbedtls_calloc, conn_link_mbedtls_free); mbedtls_ssl_config_init(&g_https_data.mbedtls->conf); mbedtls_ssl_session_init(&g_https_data.mbedtls->saved_session); mbedtls_entropy_init(&g_https_data.mbedtls->entropy); #ifdef CONFIG_MBEDTLS_ENABLE_CTR_DRBG mbedtls_ctr_drbg_init(&g_https_data.mbedtls->drbg); if (mbedtls_ctr_drbg_seed(&g_https_data.mbedtls->drbg, mbedtls_entropy_func, &g_https_data.mbedtls->entropy, (const void *)"sfx", 3) != 0) { goto err_free; } #else const mbedtls_md_info_t *md_info = NULL; #ifdef MBEDTLS_SHA1_C md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1); #elif defined(MBEDTLS_SHA256_C) md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA256); #elif defined(MBEDTLS_SHA512_C) md_info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA512); #endif DEBUGASSERT(md_info != NULL); mbedtls_hmac_drbg_init(&g_https_data.mbedtls->drbg); if (mbedtls_hmac_drbg_seed(&g_https_data.mbedtls->drbg, md_info, mbedtls_entropy_func, &g_https_data.mbedtls->entropy, (const void *)"sfx", 3) != 0) { goto err_free; } #endif if (mbedtls_ssl_config_defaults(&g_https_data.mbedtls->conf, MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT) != 0) { goto err_free; } #ifdef CONFIG_MBEDTLS_ENABLE_CTR_DRBG mbedtls_ssl_conf_rng(&g_https_data.mbedtls->conf, mbedtls_ctr_drbg_random, &g_https_data.mbedtls->drbg); #else mbedtls_ssl_conf_rng(&g_https_data.mbedtls->conf, mbedtls_hmac_drbg_random, &g_https_data.mbedtls->drbg); #endif mbedtls_ssl_conf_authmode(&g_https_data.mbedtls->conf, MBEDTLS_SSL_VERIFY_NONE); #ifdef CONFIG_MBEDTLS_MAX_FRAGMENT mbedtls_ssl_conf_max_frag_len(&g_https_data.mbedtls->conf, MBEDTLS_SSL_MAX_FRAG_LEN_512); #endif #ifdef CONFIG_MBEDTLS_TRUNCATED_HMAC mbedtls_ssl_conf_truncated_hmac(&g_https_data.mbedtls->conf, MBEDTLS_SSL_TRUNC_HMAC_ENABLED); #endif #ifdef CONFIG_MBEDTLS_SESSION_TICKET /* Use SSL out-fragment buffer of at least 384 bytes with session tickets, * preferably at least 512 bytes. */ mbedtls_ssl_conf_session_tickets(&g_https_data.mbedtls->conf, MBEDTLS_SSL_SESSION_TICKETS_ENABLED); #endif g_https_data.initialized = true; return 0; err_free: #ifdef CONFIG_MBEDTLS_ENABLE_CTR_DRBG mbedtls_ctr_drbg_free(&g_https_data.mbedtls->drbg); #else mbedtls_hmac_drbg_free(&g_https_data.mbedtls->drbg); #endif mbedtls_ssl_session_free(&g_https_data.mbedtls->saved_session); mbedtls_ssl_config_free(&g_https_data.mbedtls->conf); free(g_https_data.mbedtls); g_https_data.mbedtls = NULL; mbedtls_platform_set_calloc_free(calloc, free); g_https_data.initialized = false; return -1; }