abazlaev
/
GigaDevice_test
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Modified xApplicationGetRandomNumber & ulApplicationGetNextSequenceNumber

This commit is contained in:
Alexey Bazlaev 2023-01-25 18:23:20 +07:00
parent 639ccb7b3f
commit 90e1f84f8e
5 changed files with 372 additions and 220 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

163
FreeRTOS/source/FreeRTOS_IP.c
View File

@ -2169,166 +2169,3 @@ BaseType_t FreeRTOS_IsNetworkUp( void )
#ifdef FREERTOS_TCP_ENABLE_VERIFICATION
#include "aws_freertos_ip_verification_access_ip_define.h"
#endif
#ifdef DEBUG
#warning Define ulApplicationGetNextSequenceNumber & xApplicationGetRandomNumber
#endif
BaseType_t xApplicationGetRandomNumber( uint32_t * pulNumber )
{
// CK_RV xResult = 0;
// SemaphoreHandle_t xSessionLock = NULL;
// CK_SESSION_HANDLE xPkcs11Session = 0;
// CK_FUNCTION_LIST_PTR pxPkcs11FunctionList = NULL;
// uint32_t ulRandomValue = 0;
// BaseType_t xReturn; /* Return pdTRUE if successful */
// xResult = prvSocketsGetCryptoSession( &xSessionLock,
// &xPkcs11Session,
// &pxPkcs11FunctionList );
// if( 0 == xResult )
// {
// /* Request a sequence of cryptographically random byte values using
// * PKCS#11. */
// xResult = pxPkcs11FunctionList->C_GenerateRandom( xPkcs11Session,
// ( CK_BYTE_PTR ) &ulRandomValue,
// sizeof( ulRandomValue ) );
// }
// /* Check if any of the API calls failed. */
// if( 0 == xResult )
// {
// xReturn = pdTRUE;
// *( pulNumber ) = ulRandomValue;
// }
// else
// {
// xReturn = pdFALSE;
// *( pulNumber ) = 0uL;
// }
*( pulNumber ) = 0x12345678;
BaseType_t xReturn = pdTRUE;
return xReturn;
}
/**
* @brief Generate a TCP Initial Sequence Number that is reasonably difficult
* to predict, per https://tools.ietf.org/html/rfc6528.
*/
uint32_t ulApplicationGetNextSequenceNumber( uint32_t ulSourceAddress,
uint16_t usSourcePort,
uint32_t ulDestinationAddress,
uint16_t usDestinationPort )
{
// CK_RV xResult = CKR_OK;
// SemaphoreHandle_t xSessionLock = NULL;
// CK_SESSION_HANDLE xPkcs11Session = 0;
// CK_FUNCTION_LIST_PTR pxPkcs11FunctionList = NULL;
// CK_MECHANISM xMechSha256 = { 0 };
// uint8_t ucSha256Result[ cryptoSHA256_DIGEST_BYTES ];
// CK_ULONG ulLength = sizeof( ucSha256Result );
// uint32_t ulNextSequenceNumber = 0;
// static uint64_t ullKey;
// static CK_BBOOL xKeyIsInitialized = CK_FALSE;
// /* Acquire a crypto session handle. */
// xResult = prvSocketsGetCryptoSession( &xSessionLock,
// &xPkcs11Session,
// &pxPkcs11FunctionList );
// if( CKR_OK == xResult )
// {
// xSemaphoreTake( xSessionLock, portMAX_DELAY );
// if( CK_FALSE == xKeyIsInitialized )
// {
// /* One-time initialization, per boot, of the random seed. */
// xResult = pxPkcs11FunctionList->C_GenerateRandom( xPkcs11Session,
// ( CK_BYTE_PTR ) &ullKey,
// sizeof( ullKey ) );
// if( xResult == CKR_OK )
// {
// xKeyIsInitialized = CK_TRUE;
// }
// }
// xSemaphoreGive( xSessionLock );
// }
// /* Lock the shared crypto session. */
// xSemaphoreTake( xSessionLock, portMAX_DELAY );
// /* Start a hash. */
// if( CKR_OK == xResult )
// {
// xMechSha256.mechanism = CKM_SHA256;
// xResult = pxPkcs11FunctionList->C_DigestInit( xPkcs11Session, &xMechSha256 );
// }
// /* Hash the seed. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
// ( CK_BYTE_PTR ) &ullKey,
// sizeof( ullKey ) );
// }
// /* Hash the source address. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
// ( CK_BYTE_PTR ) &ulSourceAddress,
// sizeof( ulSourceAddress ) );
// }
// /* Hash the source port. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
// ( CK_BYTE_PTR ) &usSourcePort,
// sizeof( usSourcePort ) );
// }
// /* Hash the destination address. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
// ( CK_BYTE_PTR ) &ulDestinationAddress,
// sizeof( ulDestinationAddress ) );
// }
// /* Hash the destination port. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
// ( CK_BYTE_PTR ) &usDestinationPort,
// sizeof( usDestinationPort ) );
// }
// /* Get the hash. */
// if( CKR_OK == xResult )
// {
// xResult = pxPkcs11FunctionList->C_DigestFinal( xPkcs11Session,
// ucSha256Result,
// &ulLength );
// }
// xSemaphoreGive( xSessionLock );
// /* Use the first four bytes of the hash result as the starting point for
// * all initial sequence numbers for connections based on the input 4-tuple. */
// if( CKR_OK == xResult )
// {
// memcpy( &ulNextSequenceNumber,
// ucSha256Result,
// sizeof( ulNextSequenceNumber ) );
// /* Add the tick count of four-tick intervals. In theory, per the RFC
// * (see above), this approach still allows server equipment to optimize
// * handling of connections from the same device that haven't fully timed out. */
// ulNextSequenceNumber += xTaskGetTickCount() / 4;
// }
uint32_t ulNextSequenceNumber = 0x87654321;
return ulNextSequenceNumber;
}

4
RTE/RTOS/FreeRTOSConfig.h
View File

@ -50,7 +50,7 @@ extern uint32_t SystemCoreClock;
/* Constants that describe the hardware and memory usage. */
#define configCPU_CLOCK_HZ (SystemCoreClock)
#define configTICK_RATE_HZ ((TickType_t)1000)
#define configTOTAL_HEAP_SIZE ((size_t)8192)
#define configTOTAL_HEAP_SIZE ((size_t)2*8192)
#define configMINIMAL_STACK_SIZE ((uint16_t)256)
#define configSUPPORT_DYNAMIC_ALLOCATION 1
#define configSUPPORT_STATIC_ALLOCATION 0
@ -172,8 +172,6 @@ extern uint32_t SystemCoreClock;
void vAssertCalled(const char* pcFile,
uint32_t ulLine);
#define configASSERT( x ) if( ( x ) == 0 ) TEST_ABORT()
/* The function that implements FreeRTOS printf style output, and the macro
* that maps the configPRINTF() macros to that function. */
#define configPRINTF( X ) printf(X);

208
Test_project_for_GD32107C-EVAL.uvguix.right
View File

File diff suppressed because one or more lines are too long

23
Test_project_for_GD32107C-EVAL.uvoptx
View File

@ -153,7 +153,24 @@
<Name>UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0GD32F10x_CL -FS08000000 -FL040000 -FP0($$Device:GD32F107VC$Flash\GD32F10x_CL.FLM))</Name>
</SetRegEntry>
</TargetDriverDllRegistry>
<Breakpoint/>
<Breakpoint>
<Bp>
<Number>0</Number>
<Type>0</Type>
<LineNumber>157</LineNumber>
<EnabledFlag>1</EnabledFlag>
<Address>0</Address>
<ByteObject>0</ByteObject>
<HtxType>0</HtxType>
<ManyObjects>0</ManyObjects>
<SizeOfObject>0</SizeOfObject>
<BreakByAccess>0</BreakByAccess>
<BreakIfRCount>0</BreakIfRCount>
<Filename>.\main.c</Filename>
<ExecCommand></ExecCommand>
<Expression></Expression>
</Bp>
</Breakpoint>
<WatchWindow1>
<Ww>
<count>0</count>
@ -241,7 +258,7 @@
<Group>
<GroupName>FreeRTOS</GroupName>
<tvExp>0</tvExp>
<tvExp>1</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<cbSel>0</cbSel>
<RteFlg>0</RteFlg>
@ -577,7 +594,7 @@
<Group>
<GroupName>::RTOS</GroupName>
<tvExp>0</tvExp>
<tvExp>1</tvExp>
<tvExpOptDlg>0</tvExpOptDlg>
<cbSel>0</cbSel>
<RteFlg>1</RteFlg>

194
main.c
View File

@ -66,6 +66,8 @@ static const uint8_t ucDNSServerAddress[ 4 ] =
configDNS_SERVER_ADDR3
};
void vTaskHelloWorld( void *pvParameters);
void vTaskToggleLed( void *pvParameters);
int stdout_putchar (int ch);
@ -118,7 +120,8 @@ void vTaskHelloWorld( void *pvParameters)
ButtonState = !gpio_input_bit_get(GPIOB, BUTTON_USER);
if (ButtonState)
{
printf("Hello world\n");
printf("Hello world\n");
fflush( stdout );
vTaskDelay(TASK_HELLO_WORLD_DELAY);
}
}
@ -155,6 +158,194 @@ int main(void)
while(1);
}
UBaseType_t uxRand( void )
{
static UBaseType_t ulNextRand;
const uint32_t ulMultiplier = 0x015a4e35UL, ulIncrement = 1UL;
/* Utility function to generate a pseudo random number. */
ulNextRand = ( ulMultiplier * ulNextRand ) + ulIncrement;
return( ( int ) ( ulNextRand ) & 0x7fffUL );
}
BaseType_t xApplicationGetRandomNumber( uint32_t * pulNumber )
{
BaseType_t xReturn; /* Return pdTRUE if successful */
#ifdef RANDOM_NUMBER
CK_RV xResult = 0;
SemaphoreHandle_t xSessionLock = NULL;
CK_SESSION_HANDLE xPkcs11Session = 0;
CK_FUNCTION_LIST_PTR pxPkcs11FunctionList = NULL;
uint32_t ulRandomValue = 0;
xResult = prvSocketsGetCryptoSession( &xSessionLock,
&xPkcs11Session,
&pxPkcs11FunctionList );
if( 0 == xResult )
{
/* Request a sequence of cryptographically random byte values using
* PKCS#11. */
xResult = pxPkcs11FunctionList->C_GenerateRandom( xPkcs11Session,
( CK_BYTE_PTR ) &ulRandomValue,
sizeof( ulRandomValue ) );
}
/* Check if any of the API calls failed. */
if( 0 == xResult )
{
xReturn = pdTRUE;
*( pulNumber ) = ulRandomValue;
}
else
{
xReturn = pdFALSE;
*( pulNumber ) = 0uL;
}
return xReturn;
}
#else
*pulNumber = uxRand();
return pdTRUE;
#endif
}
/**
* @brief Generate a TCP Initial Sequence Number that is reasonably difficult
* to predict, per https://tools.ietf.org/html/rfc6528.
*/
extern uint32_t ulApplicationGetNextSequenceNumber( uint32_t ulSourceAddress,
uint16_t usSourcePort,
uint32_t ulDestinationAddress,
uint16_t usDestinationPort )
{
( void ) ulSourceAddress;
( void ) usSourcePort;
( void ) ulDestinationAddress;
( void ) usDestinationPort;
#ifdef RANDOM_NUMBER
CK_RV xResult = CKR_OK;
SemaphoreHandle_t xSessionLock = NULL;
CK_SESSION_HANDLE xPkcs11Session = 0;
CK_FUNCTION_LIST_PTR pxPkcs11FunctionList = NULL;
CK_MECHANISM xMechSha256 = { 0 };
uint8_t ucSha256Result[ cryptoSHA256_DIGEST_BYTES ];
CK_ULONG ulLength = sizeof( ucSha256Result );
uint32_t ulNextSequenceNumber = 0;
static uint64_t ullKey;
static CK_BBOOL xKeyIsInitialized = CK_FALSE;
/* Acquire a crypto session handle. */
xResult = prvSocketsGetCryptoSession( &xSessionLock,
&xPkcs11Session,
&pxPkcs11FunctionList );
if( CKR_OK == xResult )
{
xSemaphoreTake( xSessionLock, portMAX_DELAY );
if( CK_FALSE == xKeyIsInitialized )
{
/* One-time initialization, per boot, of the random seed. */
xResult = pxPkcs11FunctionList->C_GenerateRandom( xPkcs11Session,
( CK_BYTE_PTR ) &ullKey,
sizeof( ullKey ) );
if( xResult == CKR_OK )
{
xKeyIsInitialized = CK_TRUE;
}
}
xSemaphoreGive( xSessionLock );
}
/* Lock the shared crypto session. */
xSemaphoreTake( xSessionLock, portMAX_DELAY );
/* Start a hash. */
if( CKR_OK == xResult )
{
xMechSha256.mechanism = CKM_SHA256;
xResult = pxPkcs11FunctionList->C_DigestInit( xPkcs11Session, &xMechSha256 );
}
/* Hash the seed. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
( CK_BYTE_PTR ) &ullKey,
sizeof( ullKey ) );
}
/* Hash the source address. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
( CK_BYTE_PTR ) &ulSourceAddress,
sizeof( ulSourceAddress ) );
}
/* Hash the source port. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
( CK_BYTE_PTR ) &usSourcePort,
sizeof( usSourcePort ) );
}
/* Hash the destination address. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
( CK_BYTE_PTR ) &ulDestinationAddress,
sizeof( ulDestinationAddress ) );
}
/* Hash the destination port. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestUpdate( xPkcs11Session,
( CK_BYTE_PTR ) &usDestinationPort,
sizeof( usDestinationPort ) );
}
/* Get the hash. */
if( CKR_OK == xResult )
{
xResult = pxPkcs11FunctionList->C_DigestFinal( xPkcs11Session,
ucSha256Result,
&ulLength );
}
xSemaphoreGive( xSessionLock );
/* Use the first four bytes of the hash result as the starting point for
* all initial sequence numbers for connections based on the input 4-tuple. */
if( CKR_OK == xResult )
{
memcpy( &ulNextSequenceNumber,
ucSha256Result,
sizeof( ulNextSequenceNumber ) );
/* Add the tick count of four-tick intervals. In theory, per the RFC
* (see above), this approach still allows server equipment to optimize
* handling of connections from the same device that haven't fully timed out. */
ulNextSequenceNumber += xTaskGetTickCount() / 4;
}
return ulNextSequenceNumber;
#else
/* THIS IS ONLY A DUMMY IMPLEMENTATION
* THAT RETURNS A PSEUDO RANDOM NUMBER SO IS NOT INTENDED FOR USE IN PRODUCTION
* SYSTEMS. */
return uxRand();
#endif
}
/**! \func void vApplicationMallocFailedHook( void )
* \brief This hook function is called when allocation failed.
*/
@ -261,3 +452,4 @@ while (us--)
__NOP();
}
}