wiced_result_t uuid_create( uuid_t* uuid ) { uint8_t temp[ 16 ]; uint8_t a; char* iter = uuid->data; wwd_wifi_get_random( temp, 16 ); temp[ 6 ] = 0x40 | ( temp[ 6 ] & 0xf ); temp[ 8 ] = 0x80 | ( temp[ 8 ] & 0x3f ); for ( a = 0; a < 16; ++a ) { *iter++ = nibble_to_hexchar( temp[ a ] >> 4 ); *iter++ = nibble_to_hexchar( temp[ a ] & 0x0F ); switch ( a ) { case 3: case 5: case 7: case 9: *iter = '-'; ++iter; break; default: break; } } return WICED_SUCCESS; }
static wiced_result_t wiced_generate_client_websocket_key( uint8_t* websocket_key_base64_ptr) { uint32_t i; wiced_result_t result; uint32_t websocket_key_length_base64; uint8_t client_websocket_key[ WEBSOCKET_KEY_LENGTH ]; memset( client_websocket_key, 0x0, WEBSOCKET_KEY_LENGTH ); /*make room for null character*/ websocket_key_length_base64 = CLIENT_WEBSOCKET_BASE64_KEY_LENGTH - 1; result = wwd_wifi_get_random( client_websocket_key, WEBSOCKET_KEY_LENGTH ); if ( result != WICED_SUCCESS ) { return result; } /*Now we base64 encode the 16 byte key, as required by the RFC6455 specification*/ if ( base64_encode( websocket_key_base64_ptr, websocket_key_length_base64, client_websocket_key, WEBSOCKET_KEY_LENGTH ) ) { return WICED_ERROR; } websocket_key_base64_ptr[ CLIENT_WEBSOCKET_BASE64_KEY_LENGTH - 1 ] = '\0'; return WICED_SUCCESS; }
wiced_result_t wiced_generic_start_tls_with_ciphers( wiced_tls_simple_context_t* tls_context, void* referee, wiced_tls_endpoint_type_t type, wiced_tls_certificate_verification_t verification, const cipher_suite_t* cipher_list[], tls_transport_protocol_t transport_protocol ) { microrng_state rngstate; int prev_state; uint64_t start_time; tls_result_t result; /* Initialize the session data */ if ( transport_protocol != TLS_EAP_TRANSPORT ) { memset( &tls_context->session, 0, sizeof(wiced_tls_session_t) ); } memset( &tls_context->context, 0, sizeof(wiced_tls_context_t) ); /* Prepare session and entropy */ tls_context->session.age = MAX_TLS_SESSION_AGE; wwd_wifi_get_random( &rngstate.entropy, 4 ); /* Initialize session context */ /* TODO: Ideally this should be done once for a socket */ if ( ssl_init( &tls_context->context ) != 0 ) { wiced_assert("Error initialising SSL", 0!=0 ); return WICED_TLS_INIT_FAIL; } tls_context->context.transport_protocol = transport_protocol; microrng_init( &rngstate ); ssl_set_endpoint( &tls_context->context, type ); ssl_set_rng ( &tls_context->context, microrng_rand, &rngstate ); tls_context->context.receive_context = referee; tls_context->context.send_context = referee; tls_context->context.get_session = tls_get_session; tls_context->context.set_session = tls_set_session; tls_context->context.ciphers = cipher_list; ssl_set_session ( &tls_context->context, SESSION_CAN_BE_RESUMED, 1000000, &tls_context->session ); /* Assert if user has not created correct TLS context for the TLS endpoint type */ wiced_assert("TLS servers must have an advanced TLS context", !((type == WICED_TLS_AS_SERVER) && (tls_context->context_type != WICED_TLS_ADVANCED_CONTEXT))); if ( root_ca_certificates != NULL ) { ssl_set_ca_chain( &tls_context->context, root_ca_certificates, tls_context->context.peer_cn ); ssl_set_authmode( &tls_context->context, verification ); } else { ssl_set_authmode( &tls_context->context, SSL_VERIFY_NONE ); } if ( tls_context->context_type == WICED_TLS_ADVANCED_CONTEXT ) { wiced_tls_advanced_context_t* advanced_context = (wiced_tls_advanced_context_t*)tls_context; ssl_set_own_cert( &advanced_context->context, &advanced_context->certificate, &advanced_context->key ); ssl_set_dh_param( &tls_context->context, diffie_hellman_prime_P, sizeof( diffie_hellman_prime_P ), diffie_hellman_prime_G, sizeof( diffie_hellman_prime_G ) ); } prev_state = 0; start_time = tls_host_get_time_ms(); do { uint64_t curr_time; if (type == WICED_TLS_AS_SERVER) { result = ssl_handshake_server_async( &tls_context->context ); if ( result != TLS_SUCCESS ) { WPRINT_SECURITY_INFO(( "Error with TLS server handshake\n" )); goto exit_with_inited_context; } } else { result = ssl_handshake_client_async( &tls_context->context ); if ( result != TLS_SUCCESS ) { WPRINT_SECURITY_INFO(( "Error with TLS client handshake %u\n", (unsigned int)result )); goto exit_with_inited_context; } } /* break out if stuck */ curr_time = tls_host_get_time_ms(); if ( curr_time - start_time > MAX_HANDSHAKE_WAIT ) { WPRINT_SECURITY_INFO(( "Timeout in SSL handshake\n" )); result = TLS_HANDSHAKE_TIMEOUT; goto exit_with_inited_context; } /* if no state change then wait on client */ if ( prev_state == tls_context->context.state ) { host_rtos_delay_milliseconds( 10 ); } else /* otherwise process next state with no delay */ { prev_state = tls_context->context.state; } } while ( tls_context->context.state != SSL_HANDSHAKE_OVER ); return WICED_SUCCESS; exit_with_inited_context: ssl_close_notify( &tls_context->context ); ssl_free(&tls_context->context); return (wiced_result_t) result; }