mirror of
https://github.com/cesanta/mongoose.git
synced 2024-11-27 12:49:01 +08:00
Make mg_random() fallible. Abort TLS on weak RNG
This commit is contained in:
parent
44b3d60692
commit
683f65f8ac
@ -8,11 +8,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
s_ticks++;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
|
@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -24,11 +24,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void fn(struct mg_connection *c, int ev, void *ev_data) {
|
||||
|
@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
}
|
||||
|
||||
#if 0
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
s_ticks++;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
|
@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
}
|
||||
|
||||
#if 0
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -9,11 +9,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
s_ticks++;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
static void timer_fn(void *arg) {
|
||||
gpio_toggle(LED); // Blink LED
|
||||
|
@ -7,11 +7,12 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,12 +16,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
gpio_toggle(LED); // Blink LED
|
||||
struct mg_tcpip_if *ifp = arg; // And show
|
||||
|
@ -15,11 +15,12 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -33,8 +33,9 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
TRNG_GetRandomData(TRNG, buf, len); // Init by BOARD_InitBootPeripherals()
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -47,11 +47,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
}
|
||||
|
||||
#if 0
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -26,11 +26,12 @@ static uint8_t spi_txn(void *spi, uint8_t byte) {
|
||||
return result;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) {
|
||||
bool mg_random(void *buf, size_t len) {
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = get_rand_32();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -76,13 +76,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -90,13 +90,14 @@ void server(void *argument);
|
||||
|
||||
/* Private user code ---------------------------------------------------------*/
|
||||
/* USER CODE BEGIN 0 */
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -70,13 +70,14 @@ void blinker(void const * argument);
|
||||
|
||||
/* Private user code ---------------------------------------------------------*/
|
||||
/* USER CODE BEGIN 0 */
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/* USER CODE END 0 */
|
||||
|
@ -11,13 +11,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return (uint64_t) HAL_GetTick(); // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -17,13 +17,14 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
bool tud_network_recv_cb(const uint8_t *buf, uint16_t len) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -7,11 +7,12 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -90,13 +90,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -104,13 +104,14 @@ void server(void *argument);
|
||||
|
||||
/* Private user code ---------------------------------------------------------*/
|
||||
/* USER CODE BEGIN 0 */
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -71,13 +71,14 @@ void blinker(void const * argument);
|
||||
|
||||
/* Private user code ---------------------------------------------------------*/
|
||||
/* USER CODE BEGIN 0 */
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
/* USER CODE END 0 */
|
||||
|
@ -12,13 +12,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return (uint64_t) HAL_GetTick(); // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -21,13 +21,14 @@ void SysTick_Handler (void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(void *args) {
|
||||
|
@ -18,12 +18,13 @@ void SysTick_Handler (void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(void *args) {
|
||||
|
@ -17,13 +17,14 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -14,13 +14,14 @@
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(void *args) {
|
||||
@ -97,4 +98,3 @@ int main(void) {
|
||||
osKernelStart(); // This blocks
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -9,13 +9,14 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -10,13 +10,14 @@
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(const void *args) {
|
||||
|
@ -9,13 +9,14 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -14,13 +14,14 @@
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(void *args) {
|
||||
@ -98,4 +99,3 @@ int main(void) {
|
||||
osKernelStart(); // This blocks
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -10,13 +10,14 @@
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void server(void *args) {
|
||||
@ -83,4 +84,3 @@ int main(void) {
|
||||
osKernelStart(); // This blocks
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -9,13 +9,14 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -22,11 +22,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
bool tud_network_recv_cb(const uint8_t *buf, uint16_t len) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -7,11 +7,12 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -23,11 +23,12 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void ethernet_init(void) {
|
||||
|
@ -23,11 +23,12 @@ void SysTick_Handler(void) { // SyStick IRQ handler, triggered every 1ms
|
||||
s_ticks++;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -7,11 +7,12 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
#ifdef MQTT_DASHBOARD
|
||||
|
@ -15,11 +15,12 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -90,13 +90,14 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return (uint64_t)HAL_GetTick(); // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -104,13 +104,14 @@ void server(void *argument);
|
||||
|
||||
/* Private user code ---------------------------------------------------------*/
|
||||
/* USER CODE BEGIN 0 */
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
extern RNG_HandleTypeDef hrng;
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r;
|
||||
HAL_RNG_GenerateRandomNumber(&hrng, &r);
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -14,11 +14,12 @@ void SysTick_Handler(void) {
|
||||
xPortSysTickHandler();
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -7,11 +7,12 @@
|
||||
|
||||
#define BLINK_PERIOD_MS 1000 // LED blinking period in millis
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -16,11 +16,12 @@ uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
return s_ticks; // Return number of milliseconds since boot
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
static void timer_fn(void *arg) {
|
||||
|
@ -26,11 +26,12 @@ __attribute__((interrupt())) void SysTick_Handler(void) {
|
||||
SysTick->SR = 0;
|
||||
}
|
||||
|
||||
void mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
bool mg_random(void *buf, size_t len) { // Use on-board RNG
|
||||
for (size_t n = 0; n < len; n += sizeof(uint32_t)) {
|
||||
uint32_t r = rng_read();
|
||||
memcpy((char *) buf + n, &r, n + sizeof(r) > len ? len - n : sizeof(r));
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
uint64_t mg_millis(void) { // Let Mongoose use our uptime function
|
||||
|
47
mongoose.c
47
mongoose.c
@ -10066,7 +10066,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) {
|
||||
// calculate keyshare
|
||||
uint8_t x25519_pub[X25519_BYTES];
|
||||
uint8_t x25519_prv[X25519_BYTES];
|
||||
mg_random(x25519_prv, sizeof(x25519_prv));
|
||||
if (!mg_random(x25519_prv, sizeof(x25519_prv))) mg_error(c, "RNG");
|
||||
mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1);
|
||||
mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1);
|
||||
mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec));
|
||||
@ -10292,12 +10292,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) {
|
||||
}
|
||||
|
||||
// calculate keyshare
|
||||
mg_random(tls->x25519_cli, sizeof(tls->x25519_cli));
|
||||
if (!mg_random(tls->x25519_cli, sizeof(tls->x25519_cli))) mg_error(c, "RNG");
|
||||
mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1);
|
||||
|
||||
// fill in the gaps: random + session ID + keyshare
|
||||
mg_random(tls->session_id, sizeof(tls->session_id));
|
||||
mg_random(tls->random, sizeof(tls->random));
|
||||
if (!mg_random(tls->session_id, sizeof(tls->session_id))) mg_error(c, "RNG");
|
||||
if (!mg_random(tls->random, sizeof(tls->random))) mg_error(c, "RNG");
|
||||
memmove(msg_client_hello + 11, tls->random, sizeof(tls->random));
|
||||
memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id));
|
||||
memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub));
|
||||
@ -16337,6 +16337,7 @@ struct mg_str mg_url_pass(const char *url) {
|
||||
#endif
|
||||
|
||||
|
||||
|
||||
// Not using memset for zeroing memory, cause it can be dropped by compiler
|
||||
// See https://github.com/cesanta/mongoose/pull/1265
|
||||
void mg_bzero(volatile unsigned char *buf, size_t len) {
|
||||
@ -16347,22 +16348,50 @@ void mg_bzero(volatile unsigned char *buf, size_t len) {
|
||||
|
||||
#if MG_ENABLE_CUSTOM_RANDOM
|
||||
#else
|
||||
void mg_random(void *buf, size_t len) {
|
||||
bool done = false;
|
||||
bool mg_random(void *buf, size_t len) {
|
||||
bool success = false;
|
||||
unsigned char *p = (unsigned char *) buf;
|
||||
#if MG_ARCH == MG_ARCH_ESP32
|
||||
while (len--) *p++ = (unsigned char) (esp_random() & 255);
|
||||
done = true;
|
||||
success = true;
|
||||
#elif MG_ARCH == MG_ARCH_WIN32
|
||||
static bool initialised = false;
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1700
|
||||
static HCRYPTPROV hProv;
|
||||
// CryptGenRandom() implementation earlier than 2008 is weak, see
|
||||
// https://en.wikipedia.org/wiki/CryptGenRandom
|
||||
if (initialised == false) {
|
||||
initialised = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
|
||||
CRYPT_VERIFYCONTEXT);
|
||||
}
|
||||
if (initialised == true) {
|
||||
success = CryptGenRandom(hProv, len, p);
|
||||
}
|
||||
#else
|
||||
// BCrypt is a "new generation" strong crypto API, so try it first
|
||||
static BCRYPT_ALG_HANDLE hProv;
|
||||
if (initialised == false &&
|
||||
BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) {
|
||||
initialised = true;
|
||||
}
|
||||
if (initialised == true) {
|
||||
success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif MG_ARCH == MG_ARCH_UNIX
|
||||
FILE *fp = fopen("/dev/urandom", "rb");
|
||||
if (fp != NULL) {
|
||||
if (fread(buf, 1, len, fp) == len) done = true;
|
||||
if (fread(buf, 1, len, fp) == len) success = true;
|
||||
fclose(fp);
|
||||
}
|
||||
#endif
|
||||
// If everything above did not work, fallback to a pseudo random generator
|
||||
while (!done && len--) *p++ = (unsigned char) (rand() & 255);
|
||||
if (success == false) {
|
||||
MG_ERROR(("Weak RNG: using rand()"));
|
||||
while (len--) *p++ = (unsigned char) (rand() & 255);
|
||||
}
|
||||
return success;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
16
mongoose.h
16
mongoose.h
@ -443,6 +443,20 @@ typedef enum { false = 0, true = 1 } bool;
|
||||
#include <winerror.h>
|
||||
#include <winsock2.h>
|
||||
|
||||
// For mg_random()
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1700
|
||||
#ifndef _WIN32_WINNT
|
||||
#define _WIN32_WINNT 0x400 // Let vc98 pick up wincrypt.h
|
||||
#endif
|
||||
#include <wincrypt.h>
|
||||
#pragma comment(lib, "advapi32.lib")
|
||||
#else
|
||||
#include <bcrypt.h>
|
||||
#if defined(_MSC_VER)
|
||||
#pragma comment(lib, "bcrypt.lib")
|
||||
#endif
|
||||
#endif
|
||||
|
||||
// Protect from calls like std::snprintf in app code
|
||||
// See https://github.com/cesanta/mongoose/issues/1047
|
||||
#ifndef __cplusplus
|
||||
@ -1056,7 +1070,7 @@ struct mg_str mg_unpacked(const char *path); // Packed file as mg_str
|
||||
#endif
|
||||
|
||||
void mg_bzero(volatile unsigned char *buf, size_t len);
|
||||
void mg_random(void *buf, size_t len);
|
||||
bool mg_random(void *buf, size_t len);
|
||||
char *mg_random_str(char *buf, size_t len);
|
||||
uint16_t mg_ntohs(uint16_t net);
|
||||
uint32_t mg_ntohl(uint32_t net);
|
||||
|
@ -50,6 +50,20 @@ typedef enum { false = 0, true = 1 } bool;
|
||||
#include <winerror.h>
|
||||
#include <winsock2.h>
|
||||
|
||||
// For mg_random()
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1700
|
||||
#ifndef _WIN32_WINNT
|
||||
#define _WIN32_WINNT 0x400 // Let vc98 pick up wincrypt.h
|
||||
#endif
|
||||
#include <wincrypt.h>
|
||||
#pragma comment(lib, "advapi32.lib")
|
||||
#else
|
||||
#include <bcrypt.h>
|
||||
#if defined(_MSC_VER)
|
||||
#pragma comment(lib, "bcrypt.lib")
|
||||
#endif
|
||||
#endif
|
||||
|
||||
// Protect from calls like std::snprintf in app code
|
||||
// See https://github.com/cesanta/mongoose/issues/1047
|
||||
#ifndef __cplusplus
|
||||
|
@ -623,7 +623,7 @@ static void mg_tls_server_send_hello(struct mg_connection *c) {
|
||||
// calculate keyshare
|
||||
uint8_t x25519_pub[X25519_BYTES];
|
||||
uint8_t x25519_prv[X25519_BYTES];
|
||||
mg_random(x25519_prv, sizeof(x25519_prv));
|
||||
if (!mg_random(x25519_prv, sizeof(x25519_prv))) mg_error(c, "RNG");
|
||||
mg_tls_x25519(x25519_pub, x25519_prv, X25519_BASE_POINT, 1);
|
||||
mg_tls_x25519(tls->x25519_sec, x25519_prv, tls->x25519_cli, 1);
|
||||
mg_tls_hexdump("s x25519 sec", tls->x25519_sec, sizeof(tls->x25519_sec));
|
||||
@ -849,12 +849,12 @@ static void mg_tls_client_send_hello(struct mg_connection *c) {
|
||||
}
|
||||
|
||||
// calculate keyshare
|
||||
mg_random(tls->x25519_cli, sizeof(tls->x25519_cli));
|
||||
if (!mg_random(tls->x25519_cli, sizeof(tls->x25519_cli))) mg_error(c, "RNG");
|
||||
mg_tls_x25519(x25519_pub, tls->x25519_cli, X25519_BASE_POINT, 1);
|
||||
|
||||
// fill in the gaps: random + session ID + keyshare
|
||||
mg_random(tls->session_id, sizeof(tls->session_id));
|
||||
mg_random(tls->random, sizeof(tls->random));
|
||||
if (!mg_random(tls->session_id, sizeof(tls->session_id))) mg_error(c, "RNG");
|
||||
if (!mg_random(tls->random, sizeof(tls->random))) mg_error(c, "RNG");
|
||||
memmove(msg_client_hello + 11, tls->random, sizeof(tls->random));
|
||||
memmove(msg_client_hello + 44, tls->session_id, sizeof(tls->session_id));
|
||||
memmove(msg_client_hello + 94, x25519_pub, sizeof(x25519_pub));
|
||||
|
39
src/util.c
39
src/util.c
@ -1,3 +1,4 @@
|
||||
#include "log.h"
|
||||
#include "util.h"
|
||||
|
||||
// Not using memset for zeroing memory, cause it can be dropped by compiler
|
||||
@ -10,22 +11,50 @@ void mg_bzero(volatile unsigned char *buf, size_t len) {
|
||||
|
||||
#if MG_ENABLE_CUSTOM_RANDOM
|
||||
#else
|
||||
void mg_random(void *buf, size_t len) {
|
||||
bool done = false;
|
||||
bool mg_random(void *buf, size_t len) {
|
||||
bool success = false;
|
||||
unsigned char *p = (unsigned char *) buf;
|
||||
#if MG_ARCH == MG_ARCH_ESP32
|
||||
while (len--) *p++ = (unsigned char) (esp_random() & 255);
|
||||
done = true;
|
||||
success = true;
|
||||
#elif MG_ARCH == MG_ARCH_WIN32
|
||||
static bool initialised = false;
|
||||
#if defined(_MSC_VER) && _MSC_VER < 1700
|
||||
static HCRYPTPROV hProv;
|
||||
// CryptGenRandom() implementation earlier than 2008 is weak, see
|
||||
// https://en.wikipedia.org/wiki/CryptGenRandom
|
||||
if (initialised == false) {
|
||||
initialised = CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL,
|
||||
CRYPT_VERIFYCONTEXT);
|
||||
}
|
||||
if (initialised == true) {
|
||||
success = CryptGenRandom(hProv, len, p);
|
||||
}
|
||||
#else
|
||||
// BCrypt is a "new generation" strong crypto API, so try it first
|
||||
static BCRYPT_ALG_HANDLE hProv;
|
||||
if (initialised == false &&
|
||||
BCryptOpenAlgorithmProvider(&hProv, BCRYPT_RNG_ALGORITHM, NULL, 0) == 0) {
|
||||
initialised = true;
|
||||
}
|
||||
if (initialised == true) {
|
||||
success = BCryptGenRandom(hProv, p, (ULONG) len, 0) == 0;
|
||||
}
|
||||
#endif
|
||||
|
||||
#elif MG_ARCH == MG_ARCH_UNIX
|
||||
FILE *fp = fopen("/dev/urandom", "rb");
|
||||
if (fp != NULL) {
|
||||
if (fread(buf, 1, len, fp) == len) done = true;
|
||||
if (fread(buf, 1, len, fp) == len) success = true;
|
||||
fclose(fp);
|
||||
}
|
||||
#endif
|
||||
// If everything above did not work, fallback to a pseudo random generator
|
||||
while (!done && len--) *p++ = (unsigned char) (rand() & 255);
|
||||
if (success == false) {
|
||||
MG_ERROR(("Weak RNG: using rand()"));
|
||||
while (len--) *p++ = (unsigned char) (rand() & 255);
|
||||
}
|
||||
return success;
|
||||
}
|
||||
#endif
|
||||
|
||||
|
@ -12,7 +12,7 @@
|
||||
#endif
|
||||
|
||||
void mg_bzero(volatile unsigned char *buf, size_t len);
|
||||
void mg_random(void *buf, size_t len);
|
||||
bool mg_random(void *buf, size_t len);
|
||||
char *mg_random_str(char *buf, size_t len);
|
||||
uint16_t mg_ntohs(uint16_t net);
|
||||
uint32_t mg_ntohl(uint32_t net);
|
||||
|
@ -6,9 +6,10 @@ OPTS ?= -O3 -g3
|
||||
INCS ?= -Isrc -I.
|
||||
SSL ?=
|
||||
CWD ?= $(realpath $(CURDIR))
|
||||
ROOT_DIR = $(realpath $(CWD)/..)
|
||||
ENV ?= -e Tmp=. -e WINEDEBUG=-all
|
||||
DOCKER_BIN ?= docker
|
||||
DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(CWD)/..:$(CWD)/.. -w $(CWD)
|
||||
DOCKER ?= $(DOCKER_BIN) run --platform linux/amd64 --rm $(ENV) -v $(ROOT_DIR):$(ROOT_DIR) -w $(CWD)
|
||||
VCFLAGS = /nologo /W3 /O2 /MD /I. $(DEFS) $(TFLAGS)
|
||||
IPV6 ?= 1
|
||||
ASAN ?= -fsanitize=address,undefined,alignment -fno-sanitize-recover=all -fno-omit-frame-pointer -fno-common
|
||||
@ -166,23 +167,23 @@ riscv: mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/riscv riscv-none-elf-gcc -march=rv32imc -mabi=ilp32 $(SRCS) $(OPTS) $(WARN) $(INCS) $(DEFS) $(TFLAGS) -o unit_test
|
||||
|
||||
vc98: Makefile mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/vc98 wine cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc98 wine cl $(SRCS) $(VCFLAGS) /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc98 wine $@.exe
|
||||
|
||||
vc17: Makefile mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc17 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc17 wine64 $@.exe
|
||||
|
||||
vc22: Makefile mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) ws2_32.lib /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc22 wine64 cl $(SRCS) $(VCFLAGS) /Fe$@.exe
|
||||
$(DOCKER) mdashnet/vc22 wine64 $@.exe
|
||||
|
||||
mingw: Makefile mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-gcc $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -o $@.exe
|
||||
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-gcc $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -lbcrypt -o $@.exe
|
||||
$(DOCKER) mdashnet/mingw wine64 $@.exe
|
||||
|
||||
mingw++: Makefile mongoose.h $(SRCS)
|
||||
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-g++ $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -o $@.exe
|
||||
$(DOCKER) mdashnet/mingw x86_64-w64-mingw32-g++ $(SRCS) -W -Wall -Werror -I. $(DEFS) -lwsock32 -lbcrypt -o $@.exe
|
||||
|
||||
linux-libs: CFLAGS += -fPIC
|
||||
linux-libs: LDFLAGS += -Wl,-soname,libmongoose.so.$(VERSION)
|
||||
|
@ -3,7 +3,7 @@ DELETE = rm -rf # Command to remove files
|
||||
OUT ?= -o $(PROG) # Compiler argument for output file
|
||||
SOURCES = main.c mongoose.c # Source code files
|
||||
CFLAGS = -W -Wall -Wextra -g -I. # Build options
|
||||
CFLAGS += -fsanitize=address,undefined,alignment
|
||||
#CFLAGS += -fsanitize=address,undefined,alignment
|
||||
|
||||
# Mongoose build options. See https://mongoose.ws/documentation/#build-options
|
||||
CFLAGS_MONGOOSE += -DMG_HTTP_DIRLIST_TIME_FMT="%Y/%m/%d %H:%M:%S"
|
||||
@ -13,7 +13,7 @@ CFLAGS_MONGOOSE += -DMG_TLS=MG_TLS_BUILTIN
|
||||
ifeq ($(OS),Windows_NT) # Windows settings. Assume MinGW compiler. To use VC: make CC=cl CFLAGS=/MD OUT=/Feprog.exe
|
||||
PROG ?= example.exe # Use .exe suffix for the binary
|
||||
CC = gcc # Use MinGW gcc compiler
|
||||
CFLAGS += -lws2_32 # Link against Winsock library
|
||||
CFLAGS += -lws2_32 -lbcrypt # Link against Winsock library
|
||||
DELETE = cmd /C del /Q /F /S # Command prompt command to delete files
|
||||
OUT ?= -o $(PROG) # Build output
|
||||
endif
|
||||
@ -24,5 +24,8 @@ all: $(PROG) # Default target. Build and run program
|
||||
$(PROG): $(SOURCES) # Build program from sources
|
||||
$(CC) $(SOURCES) $(CFLAGS) $(CFLAGS_MONGOOSE) $(CFLAGS_EXTRA) $(OUT)
|
||||
|
||||
vc98:
|
||||
cl $(SOURCES) -DMG_ENABLE_SSI=1 -DMG_TLS=MG_TLS_BUILTIN
|
||||
|
||||
clean: # Cleanup. Delete built program and all build artifacts
|
||||
$(DELETE) $(PROG) *.o *.obj *.exe *.dSYM
|
||||
|
Loading…
Reference in New Issue
Block a user