-
Notifications
You must be signed in to change notification settings - Fork 0
/
TheLazySecurity.cpp
113 lines (85 loc) · 3.44 KB
/
TheLazySecurity.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
/*
This file is part of TheLazySecurity.
Copyright (C) 2020 ReimuNotMoe
This program is free software: you can redistribute it and/or modify
it under the terms of the Apache License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
#include "TheLazySecurity.hpp"
using namespace YukiWorkshop;
TheLazySecurityException::TheLazySecurityException(const std::string &__func_name, int __mbedtls_errnum) {
errnum = __mbedtls_errnum;
char buf[128];
mbedtls_strerror(errnum, buf, 127);
errstr = __func_name + ": " + buf;
}
int TheLazySecurityException::code() const noexcept {
return errnum;
}
const char *TheLazySecurityException::what() const noexcept {
return errstr.c_str();
}
void TheLazySecurity::__debug_print(void *ctx, int level, const char *file, int line, const char *str) {
fprintf((FILE *)ctx, "[%d] %s:%04d: %s", level, file, line, str);
fflush((FILE *)ctx);
}
int TheLazySecurity::__mcb_send(void *__userp, const uint8_t *__buf, size_t __len) {
auto *ctx = (TheLazySecurity *)__userp;
if (ctx->callback_send)
return ctx->callback_send(__buf, __len);
else
return MBEDTLS_ERR_NET_INVALID_CONTEXT;
}
int TheLazySecurity::__mcb_recv(void *__userp, uint8_t *__buf, size_t __len) {
auto *ctx = (TheLazySecurity *)__userp;
if (ctx->callback_recv)
return ctx->callback_recv(__buf, __len);
else
return MBEDTLS_ERR_NET_INVALID_CONTEXT;
}
int TheLazySecurity::__mcb_recv_timeout(void *__userp, uint8_t *__buf, size_t __len, uint32_t __timeout) {
auto *ctx = (TheLazySecurity *)__userp;
if (ctx->callback_recv_timeout)
return ctx->callback_recv_timeout(__buf, __len, __timeout);
else
return MBEDTLS_ERR_NET_INVALID_CONTEXT;
}
void TheLazySecurity::__init(int __role, int __transport, int __auth_mode) {
mbedtls_ssl_config_init(&cfg_ssl);
mbedtls_x509_crt_init(&cert_list);
mbedtls_ctr_drbg_init(&ctr_drbg);
mbedtls_entropy_init(&ctx_entropy);
mbedtls_ssl_cookie_init(&ctx_cookie);
mbedtls_pk_init(&private_key);
int rc;
if ((rc = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &ctx_entropy, nullptr, 0)))
throw __TLS_ERROR("mbedtls_ctr_drbg_seed", rc);
if ((rc = mbedtls_ssl_config_defaults(&cfg_ssl, __role, __transport, MBEDTLS_SSL_PRESET_DEFAULT)))
throw __TLS_ERROR("mbedtls_ssl_config_defaults", rc);
mbedtls_ssl_conf_authmode(&cfg_ssl, __auth_mode);
mbedtls_ssl_conf_rng(&cfg_ssl, mbedtls_ctr_drbg_random, &ctr_drbg);
if (role == MBEDTLS_SSL_IS_SERVER) {
if ((rc = mbedtls_ssl_cookie_setup(&ctx_cookie, mbedtls_ctr_drbg_random, &ctr_drbg)))
throw __TLS_ERROR("mbedtls_ssl_cookie_setup", rc);
if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
mbedtls_ssl_conf_dtls_cookies(&cfg_ssl, mbedtls_ssl_cookie_write,
mbedtls_ssl_cookie_check, &ctx_cookie);
}
}
mbedtls_ssl_conf_dbg(&cfg_ssl, __debug_print, stderr);
}
void TheLazySecurity::setup_tls() {
int rc;
mbedtls_ssl_init(&ctx_ssl);
if (transport == MBEDTLS_SSL_TRANSPORT_DATAGRAM) {
mbedtls_ssl_set_timer_cb(&ctx_ssl, &ctx_timer, mbedtls_timing_set_delay,
mbedtls_timing_get_delay);
}
mbedtls_ssl_set_bio(&ctx_ssl, this, &TheLazySecurity::__mcb_send,
callback_recv ? &TheLazySecurity::__mcb_recv : nullptr,
callback_recv_timeout ? &TheLazySecurity::__mcb_recv_timeout : nullptr);
if ((rc = mbedtls_ssl_setup(&ctx_ssl, &cfg_ssl)))
throw __TLS_ERROR("mbedtls_ssl_setup", rc);
}