Go to the documentation of this file.
32 #define TRACE_LEVEL TLS_TRACE_LEVEL
45 #if (TLS_SUPPORT == ENABLED && DTLS_SUPPORT == ENABLED)
96 if(context->encryptionEngine.epoch == 0)
99 context->encryptionEngine.version = context->version;
155 if(context->cookieLen > 0)
162 cookie->length = (uint8_t) context->cookieLen;
186 if(context->cookieVerifyCallback != NULL &&
187 context->cookieGenerateCallback != NULL)
190 error = context->cookieVerifyCallback(context, clientParams,
200 if(context->cookie == NULL)
206 if(context->cookie != NULL)
210 error = context->cookieGenerateCallback(context, clientParams,
211 context->cookie, &context->cookieLen, context->cookieParam);
302 if(context->cookieLen > 0)
309 message->cookieLength = (uint8_t) context->cookieLen;
358 if(context->cookie != NULL)
362 context->cookie = NULL;
363 context->cookieLen = 0;
372 if(context->cookie == NULL)
380 context->cookieLen =
message->cookieLength;
412 const uint16_t supportedVersions[] =
422 n = supportedVersionList->length /
sizeof(uint16_t);
425 for(i = 0; i <
arraysize(supportedVersions) && error; i++)
428 for(j = 0; j <
n && error; j++)
432 if(
ntohs(supportedVersionList->value[j]) == supportedVersions[i])
452 #if (DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
458 context->replayWindow[i] = 0;
475 #if (DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
477 if(context->replayDetectionEnabled)
489 right =
LOAD48BE(&context->decryptionEngine.dtlsSeqNum);
507 if(context->replayWindow[j] & (1 << k))
562 right =
LOAD48BE(&context->decryptionEngine.dtlsSeqNum);
567 #if (DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
581 context->replayWindow[j] |= 1 << k;
587 #if (DTLS_REPLAY_DETECTION_SUPPORT == ENABLED)
607 context->replayWindow[i] = context->replayWindow[i - j];
611 for(i = 0; i < j; i++)
613 context->replayWindow[i] = 0;
623 context->replayWindow[i] = (context->replayWindow[i] << k) |
624 (context->replayWindow[i - 1] >> (32 - k));
628 context->replayWindow[0] <<= k;
636 context->replayWindow[i] = 0;
641 context->replayWindow[0] |= 1;
645 context->decryptionEngine.dtlsSeqNum = *
seqNum;
#define tlsAllocMem(size)
DTLS (Datagram Transport Layer Security)
void dtlsInitReplayWindow(TlsContext *context)
Initialize sliding window.
error_t dtlsSelectVersion(TlsContext *context, uint16_t version)
Set the DTLS version to be used.
error_t dtlsFormatHelloVerifyRequest(TlsContext *context, DtlsHelloVerifyRequest *message, size_t *length)
Format HelloVerifyRequest message.
@ ERROR_VERSION_NOT_SUPPORTED
@ ERROR_UNEXPECTED_MESSAGE
@ TLS_TRANSPORT_PROTOCOL_DATAGRAM
#define DTLS_REPLAY_WINDOW_SIZE
error_t dtlsCheckReplayWindow(TlsContext *context, DtlsSequenceNumber *seqNum)
Perform replay detection.
error_t tlsSendHandshakeMessage(TlsContext *context, const void *data, size_t length, TlsMessageType type)
Send handshake message.
error_t dtlsParseClientSupportedVersionsExtension(TlsContext *context, const DtlsSupportedVersionList *supportedVersionList)
Parse SupportedVersions extension.
#define DTLS_MAX_COOKIE_SIZE
__start_packed struct @1 DtlsCookie
Cookie.
@ TLS_STATE_HELLO_VERIFY_REQUEST
#define osMemcpy(dest, src, length)
__start_packed struct @5 DtlsHelloVerifyRequest
HelloVerifyRequest message.
Handshake message processing (TLS client and server)
@ TLS_TYPE_HELLO_VERIFY_REQUEST
uint16_t dtlsTranslateVersion(uint16_t version)
Translate TLS version into DTLS version.
__start_packed struct @0 DtlsSequenceNumber
Sequence number.
void dtlsUpdateReplayWindow(TlsContext *context, DtlsSequenceNumber *seqNum)
Update sliding window.
#define TRACE_DEBUG_ARRAY(p, a, n)
__start_packed struct @2 DtlsSupportedVersionList
List of supported versions.
TLS (Transport Layer Security)
error_t dtlsSendHelloVerifyRequest(TlsContext *context)
Send HelloVerifyRequest message.
void tlsChangeState(TlsContext *context, TlsState newState)
Update TLS state.
error_t dtlsFormatCookie(TlsContext *context, uint8_t *p, size_t *written)
Format Cookie field.
error_t dtlsParseHelloVerifyRequest(TlsContext *context, const DtlsHelloVerifyRequest *message, size_t length)
Parse HelloVerifyRequest message.
error_t dtlsVerifyCookie(TlsContext *context, const DtlsCookie *cookie, const DtlsClientParameters *clientParams)
Cookie verification.
@ ERROR_INVALID_SEQUENCE_NUMBER