mirror of
https://github.com/drasko/open-ameba.git
synced 2024-11-24 23:14:17 +00:00
fix ssl/tsl
This commit is contained in:
parent
e423a86f64
commit
5cd20e5b8d
7 changed files with 37 additions and 10 deletions
|
@ -2153,7 +2153,7 @@
|
||||||
//#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
|
//#define SSL_CACHE_DEFAULT_MAX_ENTRIES 50 /**< Maximum entries in cache */
|
||||||
|
|
||||||
/* SSL options */
|
/* SSL options */
|
||||||
#define SSL_MAX_CONTENT_LEN 4096 /**< Size of the input / output buffer */
|
//pvvx/#define SSL_MAX_CONTENT_LEN 4096 /**< Size of the input / output buffer */
|
||||||
//#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
|
//#define SSL_DEFAULT_TICKET_LIFETIME 86400 /**< Lifetime of session tickets (if enabled) */
|
||||||
//#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
|
//#define POLARSSL_PSK_MAX_LEN 32 /**< Max size of TLS pre-shared keys, in bytes (default 256 bits) */
|
||||||
|
|
||||||
|
|
|
@ -258,8 +258,13 @@
|
||||||
* peers are using it too!
|
* peers are using it too!
|
||||||
*/
|
*/
|
||||||
#if !defined(SSL_MAX_CONTENT_LEN)
|
#if !defined(SSL_MAX_CONTENT_LEN)
|
||||||
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
|
extern unsigned int mfl_code_to_length[]; // pvvx
|
||||||
|
#define SSL_MAX_CONTENT_LEN mfl_code_to_length[0] // default = 16384 (!)
|
||||||
|
#else
|
||||||
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
|
#define SSL_MAX_CONTENT_LEN 16384 /**< Size of the input / output buffer */
|
||||||
#endif
|
#endif
|
||||||
|
#endif
|
||||||
|
|
||||||
/* \} name SECTION: Module settings */
|
/* \} name SECTION: Module settings */
|
||||||
|
|
||||||
|
@ -295,13 +300,15 @@
|
||||||
#define SSL_PADDING_ADD 0
|
#define SSL_PADDING_ADD 0
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#define SSL_BUFFER_LEN ( SSL_MAX_CONTENT_LEN \
|
#define SSL_BUFFER_LEN (rom_ssl_ram_map.ssl_buffer_len) // pvvx -> int set_ssl_max_frag_len(int len)
|
||||||
|
/*
|
||||||
|
( SSL_MAX_CONTENT_LEN \
|
||||||
+ SSL_COMPRESSION_ADD \
|
+ SSL_COMPRESSION_ADD \
|
||||||
+ 29 /* counter + header + IV */ \
|
+ 29 // counter + header + IV \
|
||||||
+ SSL_MAC_ADD \
|
+ SSL_MAC_ADD \
|
||||||
+ SSL_PADDING_ADD \
|
+ SSL_PADDING_ADD \
|
||||||
)
|
)
|
||||||
|
*/
|
||||||
/*
|
/*
|
||||||
* Signaling ciphersuite values (SCSV)
|
* Signaling ciphersuite values (SCSV)
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -77,9 +77,10 @@ static void polarssl_zeroize( void *v, size_t n ) {
|
||||||
* } MaxFragmentLength;
|
* } MaxFragmentLength;
|
||||||
* and we add 0 -> extension unused
|
* and we add 0 -> extension unused
|
||||||
*/
|
*/
|
||||||
static unsigned int mfl_code_to_length[SSL_MAX_FRAG_LEN_INVALID] =
|
//static
|
||||||
|
unsigned int mfl_code_to_length[SSL_MAX_FRAG_LEN_INVALID] =
|
||||||
{
|
{
|
||||||
SSL_MAX_CONTENT_LEN, /* SSL_MAX_FRAG_LEN_NONE */
|
16384, /* = SSL_MAX_CONTENT_LEN */ /* SSL_MAX_FRAG_LEN_NONE */
|
||||||
512, /* SSL_MAX_FRAG_LEN_512 */
|
512, /* SSL_MAX_FRAG_LEN_512 */
|
||||||
1024, /* SSL_MAX_FRAG_LEN_1024 */
|
1024, /* SSL_MAX_FRAG_LEN_1024 */
|
||||||
2048, /* SSL_MAX_FRAG_LEN_2048 */
|
2048, /* SSL_MAX_FRAG_LEN_2048 */
|
||||||
|
|
|
@ -8,3 +8,6 @@
|
||||||
/* RAM table referred by SSL ROM */
|
/* RAM table referred by SSL ROM */
|
||||||
SSL_RAM_MAP_SECTION
|
SSL_RAM_MAP_SECTION
|
||||||
struct _rom_ssl_ram_map rom_ssl_ram_map;
|
struct _rom_ssl_ram_map rom_ssl_ram_map;
|
||||||
|
|
||||||
|
SSL_RAM_MAP_SECTION
|
||||||
|
int ssl_max_frag_len;
|
|
@ -51,6 +51,7 @@ struct _rom_ssl_ram_map {
|
||||||
|
|
||||||
/* Variables */
|
/* Variables */
|
||||||
u32 use_hw_crypto_func;
|
u32 use_hw_crypto_func;
|
||||||
|
u32 ssl_buffer_len;
|
||||||
};
|
};
|
||||||
|
|
||||||
extern struct _rom_ssl_ram_map rom_ssl_ram_map;
|
extern struct _rom_ssl_ram_map rom_ssl_ram_map;
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
#include "rom_ssl_ram_map.h"
|
#include "rom_ssl_ram_map.h"
|
||||||
#include <diag.h>
|
#include <diag.h>
|
||||||
|
#include <polarssl/ssl.h>
|
||||||
|
|
||||||
extern struct _rom_ssl_ram_map rom_ssl_ram_map;
|
extern struct _rom_ssl_ram_map rom_ssl_ram_map;
|
||||||
|
|
||||||
|
@ -43,6 +44,8 @@ extern int rtl_crypto_3des_cbc_encrypt(
|
||||||
IN const u8* iv, IN const u32 ivlen,
|
IN const u8* iv, IN const u32 ivlen,
|
||||||
OUT u8* pResult);
|
OUT u8* pResult);
|
||||||
|
|
||||||
|
extern int ssl_max_frag_len;
|
||||||
|
|
||||||
int platform_set_malloc_free( void * (*malloc_func)( size_t ),
|
int platform_set_malloc_free( void * (*malloc_func)( size_t ),
|
||||||
void (*free_func)( void * ) )
|
void (*free_func)( void * ) )
|
||||||
{
|
{
|
||||||
|
@ -70,5 +73,16 @@ int platform_set_malloc_free( void * (*malloc_func)( size_t ),
|
||||||
/* Variables */
|
/* Variables */
|
||||||
rom_ssl_ram_map.use_hw_crypto_func = 1;
|
rom_ssl_ram_map.use_hw_crypto_func = 1;
|
||||||
|
|
||||||
|
int len = ssl_max_frag_len;
|
||||||
|
if(len == 0) len = 8192;
|
||||||
|
else if(len < 512) len = 512;
|
||||||
|
else if(len > 16384) len = 16384;
|
||||||
|
rom_ssl_ram_map.ssl_buffer_len = len + SSL_COMPRESSION_ADD
|
||||||
|
+ 29 /* counter + header + IV */
|
||||||
|
+ SSL_MAC_ADD
|
||||||
|
+ SSL_PADDING_ADD;
|
||||||
|
#if defined(POLARSSL_SSL_MAX_FRAGMENT_LENGTH)
|
||||||
|
mfl_code_to_length[0] = len;
|
||||||
|
#endif
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -154,12 +154,13 @@ SECTIONS
|
||||||
*(.fwu.data*)
|
*(.fwu.data*)
|
||||||
*(.bss*)
|
*(.bss*)
|
||||||
*(COMMON)
|
*(COMMON)
|
||||||
*(.bdsram.data*)
|
|
||||||
*(.bfsram.data*)
|
|
||||||
*(.sdram.bss*)
|
*(.sdram.bss*)
|
||||||
*(.p2p.bss*)
|
*(.p2p.bss*)
|
||||||
*(.wps.bss*)
|
*(.wps.bss*)
|
||||||
*(.websocket.bss*)
|
*(.websocket.bss*)
|
||||||
|
*(.ssl_ram_map*)
|
||||||
|
*(.bdsram.data*)
|
||||||
|
*(.bfsram.data*)
|
||||||
__bss_end__ = .;
|
__bss_end__ = .;
|
||||||
.ram.bss$$Limit = .;
|
.ram.bss$$Limit = .;
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue