1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
21 #define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
30 #include "ca_adapter_net_ssl.h"
32 #include "caadapterutils.h"
33 #include "cainterface.h"
34 #include "caipinterface.h"
35 #include "oic_malloc.h"
37 #include "byte_array.h"
43 // headers required for mbed TLS
44 #include "mbedtls/platform.h"
45 #include "mbedtls/ssl.h"
46 #include "mbedtls/entropy.h"
47 #include "mbedtls/ctr_drbg.h"
48 #include "mbedtls/pkcs12.h"
49 #include "mbedtls/ssl_internal.h"
50 #include "mbedtls/net.h"
52 #include "mbedtls/timing.h"
53 #include "mbedtls/ssl_cookie.h"
55 #include "pkix_interface.h"
57 #if !defined(NDEBUG) || defined(TB_LOG)
58 #include "mbedtls/debug.h"
59 #include "mbedtls/version.h"
63 #include <sys/types.h>
71 * @def MBED_TLS_VERSION_LEN
72 * @brief mbedTLS version string length
74 #define MBED_TLS_VERSION_LEN (16)
77 * @brief Seed for initialization RNG
79 #define SEED "IOTIVITY_RND"
82 * @brief uuid prefix in certificate subject field
84 #define UUID_PREFIX "uuid:"
87 * @brief userid prefix in certificate alternative subject name field
89 #define USERID_PREFIX "userid:"
93 * @brief Logging tag for module name
95 #define NET_SSL_TAG "OIC_CA_NET_SSL"
98 * @brief Logging tag for mbedTLS library
100 #define MBED_TLS_TAG "MBED_TLS"
102 * @def MMBED_TLS_DEBUG_LEVEL
103 * @brief Logging level for mbedTLS library
105 #define MBED_TLS_DEBUG_LEVEL (4)
108 * @def TLS_MSG_BUF_LEN
109 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
111 #if defined (__TIZENRT__)
112 #define TLS_MSG_BUF_LEN (2048)
114 #define TLS_MSG_BUF_LEN (16384)
119 * @brief PSK keys max length
121 #define PSK_LENGTH (256/8)
123 * @def UUID_LENGTHPSK_LENGTH
124 * @brief Identity max length
126 #define UUID_LENGTH (128/8)
128 * @def MASTER_SECRET_LEN
129 * @brief TLS master secret length
131 #define MASTER_SECRET_LEN (48)
134 * @brief TLS client and server random bytes length
136 #define RANDOM_LEN (32)
138 * @def SHA384_MAC_KEY_LENGTH
139 * @brief MAC key length for SHA384 cipher suites
141 #define SHA384_MAC_KEY_LENGTH (48)
143 * @def SHA256_MAC_KEY_LENGTH
144 * @brief MAC key length for SHA256 cipher suites
146 #define SHA256_MAC_KEY_LENGTH (32)
148 * @def CCM_MAC_KEY_LENGTH
149 * @brief MAC key length for CCM cipher suites
151 #define CCM_MAC_KEY_LENGTH (0)
153 * @def AES256_KEY_LENGTH
154 * @brief key material length for AES256 cipher suites
156 #define AES256_KEY_LENGTH (32)
158 * @def AES128_KEY_LENGTH
159 * @brief key material length for AES128 cipher suites
161 #define AES128_KEY_LENGTH (16)
164 * @brief length of nonce for GCM cipher suites
166 #define GCM_IV_LENGTH (12)
169 * @brief length of nonce for CCM cipher suites
171 #define CCM_IV_LENGTH (4)
174 * @brief length of nonce for CBC cipher suites
176 #define CBC_IV_LENGTH (0)
179 * @var RETRANSMISSION_TIME
180 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
182 #define RETRANSMISSION_TIME 1
184 /**@def SSL_CLOSE_NOTIFY(peer, ret)
186 * Notifies of existing \a peer about closing TLS connection.
188 * @param[in] peer remote peer
189 * @param[in] ret used internaly
191 #define SSL_CLOSE_NOTIFY(peer, ret) \
194 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
195 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
197 /**@def SSL_RES(peer, status)
199 * Sets SSL result for callback.
201 * @param[in] peer remote peer
203 #define SSL_RES(peer, status) \
206 CAErrorInfo_t errorInfo; \
207 errorInfo.result = (status); \
208 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
210 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
212 * Checks handshake result and send alert if needed.
214 * @param[in] peer remote peer
215 * @param[in] ret error code
216 * @param[in] str debug string
217 * @param[in] mutex ca mutex
218 * @param[in] error if code does not equal to -1 returns error code
219 * @param[in] msg allert message
221 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
222 if (0 != (ret) && MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret) && \
223 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
224 MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
225 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
226 MBEDTLS_ERR_SSL_NON_FATAL != (int) (ret) && \
227 MBEDTLS_SSL_ALERT_MSG_USER_CANCELED != (int) (ret) && \
228 MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION != (int) (ret) && \
229 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT != (int) (ret) && \
230 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY != (int) (ret) && \
231 MBEDTLS_SSL_ALERT_MSG_NO_CERT != (int) (ret) && \
232 MBEDTLS_SSL_ALERT_MSG_BAD_CERT != (int) (ret) && \
233 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT != (int) (ret) && \
234 MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED != (int) (ret) && \
235 MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED != (int) (ret) && \
236 MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN != (int) (ret) && \
237 MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK != (int) (ret) && \
238 MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME != (int) (ret) && \
239 MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY != (int) (ret) && \
240 MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL != (int) (ret)) \
242 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
243 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
244 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
246 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
248 RemovePeerFromList(&(peer)->sep.endpoint); \
251 oc_mutex_unlock(g_sslContextMutex); \
253 if ((int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int)(ret)) \
255 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
257 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
258 if (-1 != (intptr_t)error) \
264 /**@def CONF_SSL(clientConf, serverConf, fn, ...)
266 * Calls \a fn for \a clientConf and \a serverConf.
269 #define CONF_SSL(clientConf, serverConf, fn, ...) do { \
270 fn((clientConf), __VA_ARGS__); \
271 fn((serverConf), __VA_ARGS__); \
274 /** @def CHECK_MBEDTLS_RET(f, ...)
275 * A macro that checks \a f function return code
277 * If function returns error code it goes to error processing.
279 * @param[in] f Function to call
281 #define CHECK_MBEDTLS_RET(f, ...) do { \
282 int ret = (f)(__VA_ARGS__); \
284 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
290 SSL_RSA_WITH_AES_256_CBC_SHA256,
291 SSL_RSA_WITH_AES_128_GCM_SHA256,
292 SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
293 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
294 SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
295 SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8,
296 SSL_ECDHE_ECDSA_WITH_AES_128_CCM,
297 SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
298 SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
299 SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
300 SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
301 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
302 SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256,
308 ADAPTER_CURVE_SECP256R1,
312 static const int tlsCipher[SSL_CIPHER_MAX][2] =
314 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 0},
315 {MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 0},
316 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0},
317 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 0},
318 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0},
319 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
320 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 0},
321 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0},
322 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 0},
323 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0},
324 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0},
325 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0},
326 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0}
329 static int g_cipherSuitesList[SSL_CIPHER_MAX];
331 static int g_ssl_ordered_default_hashes[] = {
332 #if defined(MBEDTLS_SHA256_C)
336 #if defined(MBEDTLS_SHA1_C)
342 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
344 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
347 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
354 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
355 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
356 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
357 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
358 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
359 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
360 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
361 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
362 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
363 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
364 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
365 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
366 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
367 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
368 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
369 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
370 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
371 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
372 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
373 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
374 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
378 static int GetAlertCode(uint32_t flags)
380 const CrtVerifyAlert_t *cur;
382 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
384 if (flags & cur->code)
392 #if !defined(NDEBUG) || defined(TB_LOG)
394 * Pass a message to the OIC logger.
396 * @param[in] ctx opaque context for the callback
397 * @param[in] level debug level
398 * @param[in] file file name
399 * @param[in] line line number
400 * @param[in] str message
402 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
409 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
413 #if defined(_WIN32) || defined (__TIZENRT__)
415 * Finds the first occurrence of the byte string s in byte string l.
418 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
422 const char *cl = (const char *)l;
423 const char *cs = (const char *)s;
425 if (lLen == 0 || sLen == 0)
435 return (void *)memchr(l, (int)*cs, lLen);
438 last = (char *)cl + lLen - sLen;
440 for (cur = (char *)cl; cur <= last; cur++)
442 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
451 * structure to holds the information of cache message and address info.
453 typedef ByteArray_t SslCacheMessage_t;
457 * Data structure for holding the send and recv callbacks.
459 typedef struct TlsCallBacks
461 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
462 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
466 * Data structure for holding the mbedTLS interface related info.
468 typedef struct SslContext
470 u_arraylist_t *peerList; /**< peer list which holds the mapping between
471 peer id, it's n/w address and mbedTLS context. */
472 mbedtls_entropy_context entropy;
473 mbedtls_ctr_drbg_context rnd;
475 mbedtls_x509_crt crt;
476 mbedtls_pk_context pkey;
478 mbedtls_ssl_config clientTlsConf;
479 mbedtls_ssl_config serverTlsConf;
480 mbedtls_ssl_config clientDtlsConf;
481 mbedtls_ssl_config serverDtlsConf;
484 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
485 mbedtls_x509_crl crl;
490 mbedtls_ssl_cookie_ctx cookieCtx;
496 * @var g_caSslContext
497 * @brief global context which holds tls context and cache list information.
499 static SslContext_t * g_caSslContext = NULL;
501 static SslExportKeysCallback_t gTlsExportKeysCallback = NULL;
503 static SslExportKeysCallback_t gDtlsExportKeysCallback = NULL;
506 * @var g_getCredentialsCallback
507 * @brief callback to get TLS credentials (same as for DTLS)
509 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
511 * @var g_getCerdentilTypesCallback
512 * @brief callback to get different credential types from SRM
514 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
516 * @var g_getPkixInfoCallback
518 * @brief callback to get X.509-based Public Key Infrastructure
520 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
523 * Callback to inform in case of client's certificate absence
525 static CertificateVerificationCallback_t g_CertificateVerificationCallback = NULL;
528 * @var g_setupPkContextCallback
530 * @brief callback to setup PK context handler for H/W based Public Key Infrastructure
532 static CAsetupPkContextHandler g_setupPkContextCallback = NULL;
535 * @var g_dtlsContextMutex
536 * @brief Mutex to synchronize access to g_caSslContext.
538 static oc_mutex g_sslContextMutex = NULL;
542 * @brief callback to deliver the TLS handshake result
544 static CAErrorCallback g_sslCallback = NULL;
547 * Data structure for PeerCertCallback.
553 } PeerCertCallback_t;
556 * @var g_peerCertCallback
558 * @brief callback to utilize peer certificate information
560 static PeerCertCallback_t g_peerCertCallback = {NULL, NULL};
563 * @var g_decryptBuffer
564 * @brief decrypt buffer which will be used for decryption
566 static uint8_t *g_decryptBuffer = NULL;
569 * Data structure for holding the data to be received.
571 typedef struct SslRecBuf
578 * Data structure for holding the data related to endpoint
581 typedef struct SslEndPoint
583 mbedtls_ssl_context ssl;
584 CASecureEndpoint_t sep;
585 u_arraylist_t * cacheList;
587 uint8_t master[MASTER_SECRET_LEN];
588 uint8_t random[2*RANDOM_LEN];
590 mbedtls_timing_delay_context timer;
591 #endif // __WITH_DTLS__
594 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
596 // TODO Does this method needs protection of tlsContextMutex?
597 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
598 g_getCredentialsCallback = credCallback;
599 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
602 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
604 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
605 g_getPkixInfoCallback = infoCallback;
606 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
609 void CAsetSetupPkContextCallback(CAsetupPkContextHandler setupPkCtxCallback)
611 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
612 g_setupPkContextCallback = setupPkCtxCallback;
613 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
616 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
618 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
619 g_getCredentialTypesCallback = credTypesCallback;
620 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
623 void CAsetCertificateVerificationCallback(CertificateVerificationCallback_t certVerifyStatusCallback)
625 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
626 g_CertificateVerificationCallback = certVerifyStatusCallback;
627 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
630 void CAunsetCertificateVerificationCallback()
632 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
633 g_CertificateVerificationCallback = NULL;
634 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
637 static int GetAdapterIndex(CATransportAdapter_t adapter)
645 case CA_ADAPTER_GATT_BTLE:
648 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
655 * @param[in] tep TLS endpoint
656 * @param[in] data message
657 * @param[in] dataLen message length
659 * @return message length or -1 on error.
661 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
663 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
664 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
665 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
666 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
667 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
668 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
670 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
671 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
673 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
674 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
677 OIC_LOG_V(ERROR, NET_SSL_TAG, "sendCallback() is Failed(%zd)", sentLen);
680 else if ((size_t)sentLen != dataLen)
682 OIC_LOG_V(DEBUG, NET_SSL_TAG,
683 "Packet was partially sent - total/sent/remained bytes : %zd/%zu/%zu",
684 sentLen, dataLen, (dataLen - sentLen));
689 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
693 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
699 * @param[in] tep TLS endpoint
700 * @param[in] data message
701 * @param[in] dataLen message length
703 * @return read length
705 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
707 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
708 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
709 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
711 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
712 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
713 retLen = (retLen < dataLen ? retLen : dataLen);
715 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
716 recBuf->loaded += retLen;
718 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
722 static int CASslExportKeysHandler(void *p_expkey,
723 const unsigned char *ms,
724 const unsigned char *kb,
729 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
731 if (NULL == g_caSslContext)
733 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
734 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
736 if (NULL == p_expkey)
738 OIC_LOG(ERROR, NET_SSL_TAG, "Can not find the protocol information from 'p_expkey'.");
739 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
742 CASslEkcbProtocol_t* protocol = (CASslEkcbProtocol_t*)p_expkey;
744 if (gTlsExportKeysCallback && CA_SSL_EKCB_TLS == (*protocol))
746 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking TLS export key callback.");
747 gTlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
749 else if (gDtlsExportKeysCallback && CA_SSL_EKCB_DTLS == (*protocol))
751 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking DTLS export key callback.");
752 gDtlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
756 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to Invoke (D)TLS export key callback.");
757 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
760 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
764 CAResult_t CASetSslExportKeysCallback(SslExportKeysCallback_t exportKeysCb,
765 CASslEkcbProtocol_t protocol, CASslEkcbRole_t role)
767 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
768 mbedtls_ssl_config* sslConf = NULL;
769 static CASslEkcbProtocol_t protocolCtx = CA_SSL_EKCB_TLS;
771 if (CA_SSL_EKCB_TLS != protocol && CA_SSL_EKCB_DTLS != protocol)
773 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild protocol.");
774 return CA_STATUS_INVALID_PARAM;
776 if (CA_SSL_EKCB_CLIENT != role && CA_SSL_EKCB_SERVER != role)
778 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild role.");
779 return CA_STATUS_INVALID_PARAM;
782 OIC_LOG_V(DEBUG, NET_SSL_TAG, "TLS Export Key Callback Type : [%s] [%s]",
783 (CA_SSL_EKCB_TLS == protocol ? "TLS" : "DTLS"),
784 (CA_SSL_EKCB_CLIENT == role ? "Client" : "Server"));
786 oc_mutex_lock(g_sslContextMutex);
787 if (NULL == g_caSslContext)
789 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
790 oc_mutex_unlock(g_sslContextMutex);
791 return CA_STATUS_NOT_INITIALIZED;
794 if (CA_SSL_EKCB_TLS == protocol)
796 gTlsExportKeysCallback = exportKeysCb;
797 if (CA_SSL_EKCB_CLIENT == role)
799 sslConf = &g_caSslContext->clientTlsConf;
803 sslConf = &g_caSslContext->serverTlsConf;
808 gDtlsExportKeysCallback = exportKeysCb;
809 if (CA_SSL_EKCB_CLIENT == role)
811 sslConf = &g_caSslContext->clientDtlsConf;
815 sslConf = &g_caSslContext->serverDtlsConf;
818 protocolCtx = protocol;
820 if (NULL == exportKeysCb)
822 mbedtls_ssl_conf_export_keys_cb(sslConf, NULL, NULL);
823 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback unregistered.");
827 mbedtls_ssl_conf_export_keys_cb(sslConf, CASslExportKeysHandler, (void*)(&protocolCtx));
828 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback registered.");
830 oc_mutex_unlock(g_sslContextMutex);
832 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
838 * Parse chain of X.509 certificates.
840 * @param[out] crt container for X.509 certificates
841 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
842 or DER format in a jumble, delimiting symbols does not matter.
843 * @param[in] bufLen buffer length
844 * @param[in] errNum number certificates that failed to parse
846 * @return number of successfully parsed certificates or -1 on error
848 static int ParseChain(mbedtls_x509_crt * crt, unsigned char * buf, size_t bufLen, int * errNum)
850 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
851 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
852 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
854 char pemCertHeader[] = {
855 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
856 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
858 char pemCertFooter[] = {
859 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
860 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
862 size_t pemCertHeaderLen = sizeof(pemCertHeader);
863 size_t pemCertFooterLen = sizeof(pemCertFooter);
866 unsigned char * tmp = NULL;
874 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
876 tmp = (unsigned char *)buf + pos + 1;
877 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
878 if (pos + len < bufLen)
880 ret = mbedtls_x509_crt_parse_der(crt, buf + pos, len + 4);
888 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse_der returned -0x%04x\n", -(ret));
893 else if ((buf + pos + pemCertHeaderLen < buf + bufLen) &&
894 (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen)))
896 void * endPos = NULL;
897 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
900 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
901 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
904 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen;
905 if (pos + len + 1 <= bufLen)
907 char con = buf[pos + len];
908 buf[pos + len] = 0x00;
909 ret = mbedtls_x509_crt_parse(crt, buf + pos, len + 1);
917 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
919 buf[pos + len] = con;
923 unsigned char * lastCert = (unsigned char *)OICMalloc((len + 1) * sizeof(unsigned char));
924 memcpy(lastCert, buf + pos, len);
925 lastCert[len] = 0x00;
926 ret = mbedtls_x509_crt_parse(crt, lastCert, len + 1);
934 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
945 OIC_LOG_V(INFO, NET_SSL_TAG, "%s successfully parsed %d certificates", __func__, count);
946 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
953 static int VerifyCertificateCallback(void *p_vrfy, mbedtls_x509_crt *crt, int depth,
957 char buf[1024] = {0};
959 if (0 != *flags) // Invalid Cerificate
962 ret = mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
965 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s(%d)", buf, *flags);
970 if (NULL == g_peerCertCallback.cb)
972 OIC_LOG(DEBUG, NET_SSL_TAG, "NOT SET g_peerCertCallback");
978 * depth = 0 : Own Cert.
979 * depth = 1 : Sub CA Cert.
980 * depth = 2 : Root CA Cert.
982 OIC_LOG_V(INFO, NET_SSL_TAG, "Depth : %d", depth);
984 mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
985 OIC_LOG_V(DEBUG, NET_SSL_TAG, "crt : %s", buf);
987 return g_peerCertCallback.cb(g_peerCertCallback.ctx, crt, depth);
990 CAResult_t CAsetPeerCertCallback(void *ctx, PeerCertCallback peerCertCallback)
992 #ifndef __WITH_DTLS__
994 UNUSED(peerCertCallback);
995 OIC_LOG(ERROR, NET_SSL_TAG, "Not Supported");
996 return CA_NOT_SUPPORTED;
999 if (peerCertCallback)
1001 OIC_LOG(DEBUG, NET_SSL_TAG, "SET peerCertCallback");
1002 g_peerCertCallback.cb = peerCertCallback;
1003 g_peerCertCallback.ctx = ctx;
1007 OIC_LOG(DEBUG, NET_SSL_TAG, "UNSET peerCertCallback");
1008 g_peerCertCallback.cb = NULL;
1009 g_peerCertCallback.ctx = NULL;
1011 return CA_STATUS_OK;
1014 //Loads PKIX related information from SRM
1015 static int InitPKIX(CATransportAdapter_t adapter)
1017 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1018 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
1019 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1021 mbedtls_x509_crt_free(&g_caSslContext->ca);
1022 mbedtls_x509_crt_free(&g_caSslContext->crt);
1023 mbedtls_pk_free(&g_caSslContext->pkey);
1024 mbedtls_x509_crl_free(&g_caSslContext->crl);
1026 mbedtls_x509_crt_init(&g_caSslContext->ca);
1027 mbedtls_x509_crt_init(&g_caSslContext->crt);
1028 mbedtls_pk_init(&g_caSslContext->pkey);
1029 mbedtls_x509_crl_init(&g_caSslContext->crl);
1031 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ||
1032 adapter == CA_ADAPTER_GATT_BTLE ?
1033 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1034 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ||
1035 adapter == CA_ADAPTER_GATT_BTLE ?
1036 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1038 #ifdef __WITH_DTLS__
1040 * Conf. is initialized in CAinitSslAdapter()
1042 mbedtls_ssl_conf_verify(&g_caSslContext->clientDtlsConf, VerifyCertificateCallback, NULL);
1045 // load pk key, cert, trust chain and crl
1046 if (g_getPkixInfoCallback)
1048 OIC_LOG(INFO, NET_SSL_TAG, "g_getPkixInfoCallback will be invoked");
1049 g_getPkixInfoCallback(&g_pkiInfo);
1052 // parse own certficate (optional)
1055 int count = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len, &errNum);
1058 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
1063 OIC_LOG_V(WARNING, NET_SSL_TAG, "Own certificate chain parsing error: %d certs failed to parse", errNum);
1067 // parse private key if hw is not supported (optional)
1068 if(NULL == g_setupPkContextCallback)
1070 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback is NULL");
1071 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
1076 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback will be invoked");
1077 // setup hw pk context (optional)
1078 ret = g_setupPkContextCallback(&g_caSslContext->pkey);
1081 // setup public parameter
1082 mbedtls_pk_type_t ktype = mbedtls_pk_get_type(&g_caSslContext->pkey);
1083 if (MBEDTLS_PK_ECKEY == ktype || MBEDTLS_PK_ECKEY_DH == ktype
1084 || MBEDTLS_PK_ECDSA == ktype)
1086 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Copy ecp public param from cert, keytype [%d]", ktype);
1087 mbedtls_ecp_keypair *eckey = (mbedtls_ecp_keypair*)g_caSslContext->crt.pk.pk_ctx;
1088 mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context*)g_caSslContext->pkey.pk_ctx;
1091 ret = mbedtls_ecdsa_from_keypair(ecdsa, eckey);
1094 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to copy public param [0x%x]", ret);
1099 OIC_LOG_V(WARNING, NET_SSL_TAG, "key-ctx(%p), cert-ctx(%p)", ecdsa, eckey);
1105 OIC_LOG_V(INFO, NET_SSL_TAG, "loaded key is not one of eckey type [%d]", ktype);
1110 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to call g_setupPkContextCallback [%d]", ret);
1115 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
1119 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1122 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
1125 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1128 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
1133 count = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len, &errNum);
1136 OIC_LOG(WARNING, NET_SSL_TAG, "CA chain in svr db was not parsed");
1137 OIC_LOG(WARNING, NET_SSL_TAG, " but if working as server, chain not required");
1138 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1143 OIC_LOG_V(WARNING, NET_SSL_TAG, "CA chain parsing warning: %d certs failed to parse", errNum);
1146 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
1149 OIC_LOG(WARNING, NET_SSL_TAG, "CRL in svr db was not parsed");
1150 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain, &g_caSslContext->ca, NULL);
1154 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain,
1155 &g_caSslContext->ca, &g_caSslContext->crl);
1158 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1165 * @param[in] notUsed opaque context
1166 * @param[in] ssl mbedTLS context
1167 * @param[in] desc identity
1168 * @param[in] descLen identity length
1170 * @return 0 on success any other return value will result in a denied PSK identity
1172 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
1173 const unsigned char * desc, size_t descLen)
1175 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1176 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
1177 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
1178 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
1179 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
1181 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
1185 uint8_t keyBuf[PSK_LENGTH] = {0};
1187 // Retrieve the credentials blob from security module
1188 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
1191 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
1192 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
1193 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
1194 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
1196 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1197 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
1199 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
1204 * Gets session corresponding for endpoint.
1206 * @param[in] peer remote address
1208 * @return TLS session or NULL
1210 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
1212 uint32_t listIndex = 0;
1213 uint32_t listLength = 0;
1214 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1215 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
1216 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1218 SslEndPoint_t *tep = NULL;
1219 listLength = u_arraylist_length(g_caSslContext->peerList);
1220 for (listIndex = 0; listIndex < listLength; listIndex++)
1222 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1228 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d] for %d adapter",
1229 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port,
1232 if((peer->adapter == tep->sep.endpoint.adapter)
1233 && (0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
1234 && (peer->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == peer->adapter))
1236 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Found Peer:[%s:%d] for %d adapter",
1237 peer->addr, peer->port, peer->adapter);
1238 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1242 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1243 peer->addr, peer->port, peer->adapter);
1244 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1248 bool CAIsExistSslPeer(const CAEndpoint_t *peer)
1250 oc_mutex_lock(g_sslContextMutex);
1251 if (NULL == g_caSslContext)
1253 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1254 oc_mutex_unlock(g_sslContextMutex);
1258 if (GetSslPeer(peer))
1260 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Exist Peer");
1261 oc_mutex_unlock(g_sslContextMutex);
1266 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Not Exist Peer");
1267 oc_mutex_unlock(g_sslContextMutex);
1273 * Gets session corresponding for endpoint.
1275 * @param[in] peer remote address
1277 * @return TLS session or NULL
1279 static SslEndPoint_t *GetSslPeerUsingUuid(const uint8_t *identity, size_t idLength)
1281 uint32_t listIndex = 0;
1282 uint32_t listLength = 0;
1283 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1284 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL", NULL);
1285 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1287 OIC_LOG(INFO, NET_SSL_TAG, "[Target UUID]");
1288 OIC_LOG_BUFFER(INFO, NET_SSL_TAG, identity, idLength);
1290 SslEndPoint_t *tep = NULL;
1291 listLength = u_arraylist_length(g_caSslContext->peerList);
1292 for (listIndex = 0; listIndex < listLength; listIndex++)
1294 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1300 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare UUID for [%s:%d]",
1301 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1303 if ((tep->sep.identity.id_length == idLength)
1304 && (0 == memcmp(identity, tep->sep.identity.id, idLength)))
1306 OIC_LOG_V(INFO, NET_SSL_TAG, "Found matched UUID in [%s:%d]",
1307 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1308 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1312 OIC_LOG(INFO, NET_SSL_TAG, "Peer not found");
1313 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1318 #ifdef MULTIPLE_OWNER
1320 * Gets CA secure endpoint info corresponding for endpoint.
1322 * @param[in] peer remote address
1324 * @return CASecureEndpoint or NULL
1326 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
1328 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1330 // TODO: Added as workaround, need to debug
1331 oc_mutex_unlock(g_sslContextMutex);
1333 oc_mutex_lock(g_sslContextMutex);
1334 if (NULL == g_caSslContext)
1336 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1337 oc_mutex_unlock(g_sslContextMutex);
1341 SslEndPoint_t* sslPeer = GetSslPeer(peer);
1344 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1345 oc_mutex_unlock(g_sslContextMutex);
1346 return &sslPeer->sep;
1349 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
1350 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1351 oc_mutex_unlock(g_sslContextMutex);
1357 * Deletes cached message.
1359 * @param[in] msg message
1361 static void DeleteCacheMessage(SslCacheMessage_t * msg)
1363 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1364 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
1369 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1372 * Deletes cached message list.
1374 * @param[in] cacheList list of cached messages
1376 static void DeleteCacheList(u_arraylist_t * cacheList)
1378 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1379 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
1380 uint32_t listIndex = 0;
1381 uint32_t listLength = 0;
1383 listLength = u_arraylist_length(cacheList);
1384 for (listIndex = 0; listIndex < listLength; listIndex++)
1386 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
1389 DeleteCacheMessage(msg);
1392 u_arraylist_free(&cacheList);
1394 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1397 * Deletes endpoint with session.
1399 * @param[in] tep endpoint with session info
1401 static void DeleteSslEndPoint(SslEndPoint_t * tep)
1403 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1404 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
1406 mbedtls_ssl_free(&tep->ssl);
1407 DeleteCacheList(tep->cacheList);
1409 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1412 * Removes endpoint session from list.
1414 * @param[in] endpoint remote address
1416 static void RemovePeerFromList(const CAEndpoint_t * endpoint)
1418 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1419 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1420 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
1421 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1422 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1424 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1429 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
1430 && (endpoint->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == endpoint->adapter))
1432 u_arraylist_remove(g_caSslContext->peerList, listIndex);
1433 OIC_LOG_V(INFO, NET_SSL_TAG, "Remove Peer:[%s:%d] for %d adapter",
1434 endpoint->addr, endpoint->port, endpoint->adapter);
1435 DeleteSslEndPoint(tep);
1436 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1440 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1441 endpoint->addr, endpoint->port, endpoint->adapter);
1442 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1445 * Deletes session list.
1447 static void DeletePeerList()
1449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "%s", __func__);
1450 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1452 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1453 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1455 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1460 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1465 ret = mbedtls_ssl_close_notify(&tep->ssl);
1467 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1469 DeleteSslEndPoint(tep);
1471 u_arraylist_free(&g_caSslContext->peerList);
1474 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
1476 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1477 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1479 oc_mutex_lock(g_sslContextMutex);
1480 if (NULL == g_caSslContext)
1482 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1483 oc_mutex_unlock(g_sslContextMutex);
1484 return CA_STATUS_FAILED;
1486 SslEndPoint_t * tep = GetSslPeer(endpoint);
1489 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1490 oc_mutex_unlock(g_sslContextMutex);
1491 return CA_STATUS_FAILED;
1493 /* No error checking, the connection might be closed already */
1497 ret = mbedtls_ssl_close_notify(&tep->ssl);
1499 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1501 RemovePeerFromList(&tep->sep.endpoint);
1502 oc_mutex_unlock(g_sslContextMutex);
1504 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1505 return CA_STATUS_OK;
1509 CAResult_t CAcloseSslConnectionFreeEndpoint(CAEndpoint_t *endpoint)
1511 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1512 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1514 CAResult_t ret = CAcloseSslConnection(endpoint);
1517 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1522 CAResult_t CAcloseSslConnectionUsingUuid(const uint8_t *identity, size_t idLength)
1524 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1525 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL" , CA_STATUS_INVALID_PARAM);
1527 oc_mutex_lock(g_sslContextMutex);
1528 if (NULL == g_caSslContext)
1530 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1531 oc_mutex_unlock(g_sslContextMutex);
1532 return CA_STATUS_FAILED;
1535 SslEndPoint_t* tep = GetSslPeerUsingUuid(identity, idLength);
1538 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1539 oc_mutex_unlock(g_sslContextMutex);
1540 return CA_STATUS_FAILED;
1543 /* No error checking, the connection might be closed already */
1547 ret = mbedtls_ssl_close_notify(&tep->ssl);
1549 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1551 RemovePeerFromList(&tep->sep.endpoint);
1552 oc_mutex_unlock(g_sslContextMutex);
1554 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1555 return CA_STATUS_OK;
1558 void CAcloseSslConnectionAll(CATransportAdapter_t transportType)
1560 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1561 oc_mutex_lock(g_sslContextMutex);
1562 if (NULL == g_caSslContext)
1564 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1565 oc_mutex_unlock(g_sslContextMutex);
1569 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1570 OIC_LOG_V(INFO, NET_SSL_TAG,
1571 "Required transport [%d], peer count [%d]", transportType, listLength);
1572 for (uint32_t i = listLength; i > 0; i--)
1574 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList, i - 1);
1579 OIC_LOG_V(INFO, NET_SSL_TAG, "SSL Connection [%s:%d], Transport [%d]",
1580 tep->sep.endpoint.addr, tep->sep.endpoint.port, tep->sep.endpoint.adapter);
1582 // check transport matching
1583 if (0 == (tep->sep.endpoint.adapter & transportType))
1585 OIC_LOG(DEBUG, NET_SSL_TAG, "Skip the un-matched transport session");
1589 // TODO: need to check below code after socket close is ensured.
1593 ret = mbedtls_ssl_close_notify(&tep->ssl);
1595 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
1598 u_arraylist_remove(g_caSslContext->peerList, i - 1);
1599 DeleteSslEndPoint(tep);
1601 oc_mutex_unlock(g_sslContextMutex);
1603 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1607 * Creates session for endpoint.
1609 * @param[in] endpoint remote address
1610 * @param[in] config mbedTLS configuration info
1612 * @return TLS endpoint or NULL
1614 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1616 SslEndPoint_t * tep = NULL;
1617 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1618 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1619 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1620 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1622 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1625 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1629 tep->sep.endpoint = *endpoint;
1630 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1632 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1634 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1636 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1640 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1641 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1643 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1644 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1645 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1647 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1648 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1650 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1651 mbedtls_ssl_free(&tep->ssl);
1653 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1658 tep->cacheList = u_arraylist_create();
1659 if (NULL == tep->cacheList)
1661 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1662 mbedtls_ssl_free(&tep->ssl);
1664 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1667 OIC_LOG_V(INFO, NET_SSL_TAG, "New [%s role] endpoint added [%s:%d]",
1668 (MBEDTLS_SSL_IS_SERVER==config->endpoint ? "server" : "client"),
1669 endpoint->addr, endpoint->port);
1670 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1674 * Initializes PSK identity.
1676 * @param[out] config client/server config to be updated
1678 * @return 0 on success or -1 on error
1680 static int InitPskIdentity(mbedtls_ssl_config * config)
1682 uint8_t keyBuf[PSK_LENGTH] = {0};
1683 uint8_t idBuf[UUID_LENGTH] = {0};
1684 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1685 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1687 //Retrieve PSK identity from SVR DB
1688 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1690 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1691 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1694 //Store PSK ideneity in mbedtls_ssl_config
1695 if (0 != mbedtls_ssl_conf_psk(config, keyBuf, PSK_LENGTH, idBuf, UUID_LENGTH))
1697 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1698 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1701 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1704 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1707 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1708 VERIFY_NON_NULL_VOID(config, NET_SSL_TAG, "Invaild param");
1709 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1710 VERIFY_NON_NULL_VOID(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null");
1712 //Resetting cipherFlag
1713 g_caSslContext->cipherFlag[0] = false;
1714 g_caSslContext->cipherFlag[1] = false;
1716 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1717 // Retrieve the PSK credential from SRM
1718 if (0 != InitPskIdentity(config))
1720 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1723 // Retrieve the Cert credential from SRM
1724 if (true == g_caSslContext->cipherFlag[1])
1726 int ret = InitPKIX(adapter);
1729 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1733 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1735 if (SSL_CIPHER_MAX < g_caSslContext->cipher)
1737 OIC_LOG(ERROR, NET_SSL_TAG, "Maximum ciphersuite index exceeded");
1740 // Add the preferred ciphersuite first
1741 if (SSL_CIPHER_MAX != g_caSslContext->cipher)
1743 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1744 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Preferred ciphersuite added");
1748 // Add PSK ciphersuite
1749 if (true == g_caSslContext->cipherFlag[0] &&
1750 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[g_caSslContext->cipher][0])
1752 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1753 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK ciphersuite added");
1757 // Add all certificate ciphersuites
1758 if (true == g_caSslContext->cipherFlag[1])
1760 for (unsigned int i = 0; i < SSL_CIPHER_MAX - 1; i++)
1762 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[i][0] &&
1763 i != g_caSslContext->cipher)
1765 g_cipherSuitesList[index] = tlsCipher[i][0];
1770 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1772 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_OPTIONAL);
1776 OIC_LOG(INFO, NET_SSL_TAG, "Supported ciphersuites:");
1777 for (int i = 0; i < index; i++)
1779 OIC_LOG_V(INFO, NET_SSL_TAG, "Ciphersuite %04x", g_cipherSuitesList[i]);
1782 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1784 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1787 * Initiate TLS handshake with endpoint.
1789 * @param[in] endpoint remote address
1791 * @return TLS endpoint or NULL
1793 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1796 SslEndPoint_t * tep = NULL;
1798 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1799 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1800 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1802 //Remove previous peer info from peer list.
1803 RemovePeerFromList(endpoint);
1805 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ||
1806 endpoint->adapter == CA_ADAPTER_GATT_BTLE ?
1807 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1808 tep = NewSslEndPoint(endpoint, config);
1811 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1815 //Load allowed SVR suites from SVR DB
1816 SetupCipher(config, endpoint->adapter);
1818 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1821 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1822 DeleteSslEndPoint(tep);
1826 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1828 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1829 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1835 OIC_LOG(ERROR, NET_SSL_TAG, "Handshake failed due to socket error");
1836 RemovePeerFromList(&tep->sep.endpoint);
1839 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1841 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1844 #ifdef __WITH_DTLS__
1846 * Stops DTLS retransmission.
1848 static void StopRetransmit()
1852 unregisterTimer(g_caSslContext->timerId);
1853 g_caSslContext->timerId= -1;
1857 void CAdeinitSslAdapter()
1859 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1861 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1862 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1864 //Lock tlsContext mutex
1865 oc_mutex_lock(g_sslContextMutex);
1870 // De-initialize mbedTLS
1871 mbedtls_x509_crt_free(&g_caSslContext->ca);
1872 mbedtls_x509_crt_free(&g_caSslContext->crt);
1873 mbedtls_pk_free(&g_caSslContext->pkey);
1874 mbedtls_x509_crl_free(&g_caSslContext->crl);
1876 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1877 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1878 #endif // __WITH_TLS__
1879 #ifdef __WITH_DTLS__
1880 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1881 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1882 mbedtls_ssl_cookie_free(&g_caSslContext->cookieCtx);
1883 #endif // __WITH_DTLS__
1884 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1885 mbedtls_entropy_free(&g_caSslContext->entropy);
1886 #ifdef __WITH_DTLS__
1889 // De-initialize tls Context
1890 OICFree(g_caSslContext);
1891 g_caSslContext = NULL;
1893 // Delete decrypt buffer
1894 if (g_decryptBuffer)
1896 OICFree(g_decryptBuffer);
1897 g_decryptBuffer = NULL;
1900 // Unlock tlsContext mutex and de-initialize it
1901 oc_mutex_unlock(g_sslContextMutex);
1902 oc_mutex_free(g_sslContextMutex);
1903 g_sslContextMutex = NULL;
1905 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1908 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1910 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1911 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1912 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1913 mbedtls_ssl_config_init(conf);
1914 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1916 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1920 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1921 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1922 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1923 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1924 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1925 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1926 mbedtls_ssl_conf_sig_hashes(conf, g_ssl_ordered_default_hashes);
1928 #ifdef __WITH_DTLS__
1929 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == transport &&
1930 MBEDTLS_SSL_IS_SERVER == mode)
1932 mbedtls_ssl_conf_dtls_cookies(conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1933 &g_caSslContext->cookieCtx);
1935 #endif // __WITH_DTLS__
1937 #if !defined(NDEBUG) || defined(TB_LOG)
1938 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1939 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1941 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1944 #ifdef __WITH_DTLS__
1946 * Starts DTLS retransmission.
1948 static int StartRetransmit()
1950 uint32_t listIndex = 0;
1951 uint32_t listLength = 0;
1952 SslEndPoint_t *tep = NULL;
1954 oc_mutex_lock(g_sslContextMutex);
1955 if (NULL == g_caSslContext)
1957 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1958 oc_mutex_unlock(g_sslContextMutex);
1961 if (g_caSslContext->timerId != -1)
1963 //clear previous timer
1964 unregisterTimer(g_caSslContext->timerId);
1966 listLength = u_arraylist_length(g_caSslContext->peerList);
1968 for (listIndex = 0; listIndex < listLength; listIndex++)
1970 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1972 || (tep->ssl.conf && MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport)
1973 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1977 OIC_LOG_V(INFO, NET_SSL_TAG, "peer #%d", (int) listIndex);
1979 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1981 if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
1984 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1986 SSL_CHECK_FAIL(tep, ret, "Retransmission", 1, CA_STATUS_FAILED,
1987 MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1992 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1993 oc_mutex_unlock(g_sslContextMutex);
1999 CAResult_t CAinitSslAdapter()
2001 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2002 // Initialize mutex for tlsContext
2003 if (NULL == g_sslContextMutex)
2005 g_sslContextMutex = oc_mutex_new();
2006 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
2010 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
2011 return CA_STATUS_OK;
2014 // Lock tlsContext mutex and create tlsContext
2015 oc_mutex_lock(g_sslContextMutex);
2016 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
2018 if (NULL == g_caSslContext)
2020 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
2021 oc_mutex_unlock(g_sslContextMutex);
2022 oc_mutex_free(g_sslContextMutex);
2023 g_sslContextMutex = NULL;
2024 return CA_MEMORY_ALLOC_FAILED;
2028 g_caSslContext->peerList = u_arraylist_create();
2030 if(NULL == g_caSslContext->peerList)
2032 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
2033 OICFree(g_caSslContext);
2034 g_caSslContext = NULL;
2035 oc_mutex_unlock(g_sslContextMutex);
2036 oc_mutex_free(g_sslContextMutex);
2037 g_sslContextMutex = NULL;
2038 return CA_STATUS_FAILED;
2041 /* Initialize TLS library
2043 #if !defined(NDEBUG) || defined(TB_LOG)
2044 char version[MBED_TLS_VERSION_LEN];
2045 mbedtls_version_get_string(version);
2046 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
2051 mbedtls_entropy_init(&g_caSslContext->entropy);
2052 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
2055 unsigned char seed[sizeof(SEED)] = {0};
2057 urandomFd = open("/dev/urandom", O_RDONLY);
2060 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
2061 oc_mutex_unlock(g_sslContextMutex);
2062 CAdeinitSslAdapter();
2063 return CA_STATUS_FAILED;
2065 if(0 > read(urandomFd, seed, sizeof(seed)))
2067 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
2069 oc_mutex_unlock(g_sslContextMutex);
2070 CAdeinitSslAdapter();
2071 return CA_STATUS_FAILED;
2076 unsigned char * seed = (unsigned char*) SEED;
2078 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
2079 &g_caSslContext->entropy, seed, sizeof(SEED)))
2081 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
2082 oc_mutex_unlock(g_sslContextMutex);
2083 CAdeinitSslAdapter();
2084 return CA_STATUS_FAILED;
2086 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
2089 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
2090 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
2092 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2093 oc_mutex_unlock(g_sslContextMutex);
2094 CAdeinitSslAdapter();
2095 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2096 return CA_STATUS_FAILED;
2099 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
2100 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
2102 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2103 oc_mutex_unlock(g_sslContextMutex);
2104 CAdeinitSslAdapter();
2105 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2106 return CA_STATUS_FAILED;
2108 #endif // __WITH_TLS__
2109 #ifdef __WITH_DTLS__
2110 mbedtls_ssl_cookie_init(&g_caSslContext->cookieCtx);
2111 if (0 != mbedtls_ssl_cookie_setup(&g_caSslContext->cookieCtx, mbedtls_ctr_drbg_random,
2112 &g_caSslContext->rnd))
2114 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
2115 oc_mutex_unlock(g_sslContextMutex);
2116 CAdeinitSslAdapter();
2117 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2118 return CA_STATUS_FAILED;
2121 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
2122 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
2124 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2125 oc_mutex_unlock(g_sslContextMutex);
2126 CAdeinitSslAdapter();
2127 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2128 return CA_STATUS_FAILED;
2131 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
2132 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
2134 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2135 oc_mutex_unlock(g_sslContextMutex);
2136 CAdeinitSslAdapter();
2137 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2138 return CA_STATUS_FAILED;
2140 #endif // __WITH_DTLS__
2142 // set default cipher
2143 g_caSslContext->cipher = SSL_CIPHER_MAX;
2146 mbedtls_x509_crt_init(&g_caSslContext->ca);
2147 mbedtls_x509_crt_init(&g_caSslContext->crt);
2148 mbedtls_pk_init(&g_caSslContext->pkey);
2149 mbedtls_x509_crl_init(&g_caSslContext->crl);
2151 #ifdef __WITH_DTLS__
2152 g_caSslContext->timerId = -1;
2155 // create decrypt buffer
2156 g_decryptBuffer = (uint8_t *)OICCalloc(1, TLS_MSG_BUF_LEN);
2157 if (NULL == g_decryptBuffer)
2159 OIC_LOG(ERROR, NET_SSL_TAG, "Decrypt buffer malloc failed");
2160 oc_mutex_unlock(g_sslContextMutex);
2161 CAdeinitSslAdapter();
2162 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2163 return CA_MEMORY_ALLOC_FAILED;
2166 oc_mutex_unlock(g_sslContextMutex);
2167 #ifdef __WITH_DTLS__
2171 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2172 return CA_STATUS_OK;
2175 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
2177 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2178 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
2181 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
2182 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2185 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
2186 if (NULL == message)
2188 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2189 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2193 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
2194 if (NULL == message->data)
2196 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2198 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2201 memcpy(message->data, data, dataLen);
2202 message->len = dataLen;
2203 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2207 /* Send data via TLS connection.
2209 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
2210 void *data, uint32_t dataLen)
2214 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s ", __func__);
2216 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
2217 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
2218 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
2222 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
2223 return CA_STATUS_FAILED;
2226 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
2228 oc_mutex_lock(g_sslContextMutex);
2229 if(NULL == g_caSslContext)
2231 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2232 oc_mutex_unlock(g_sslContextMutex);
2233 return CA_STATUS_FAILED;
2236 SslEndPoint_t * tep = GetSslPeer(endpoint);
2239 tep = InitiateTlsHandshake(endpoint);
2243 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2244 oc_mutex_unlock(g_sslContextMutex);
2245 return CA_STATUS_FAILED;
2248 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
2250 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)");
2252 unsigned char *dataBuf = (unsigned char *)data;
2257 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, dataLen - written);
2260 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2262 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned 0x%x", -ret);
2263 RemovePeerFromList(&tep->sep.endpoint);
2264 oc_mutex_unlock(g_sslContextMutex);
2265 return CA_STATUS_FAILED;
2269 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2273 } while (dataLen > written);
2278 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
2279 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
2281 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2282 oc_mutex_unlock(g_sslContextMutex);
2283 return CA_STATUS_FAILED;
2287 oc_mutex_unlock(g_sslContextMutex);
2289 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2290 return CA_STATUS_OK;
2293 * Sends cached messages via TLS connection.
2295 * @param[in] tep remote address with session info
2297 static void SendCacheMessages(SslEndPoint_t * tep)
2299 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2300 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
2302 uint32_t listIndex = 0;
2303 uint32_t listLength = 0;
2304 listLength = u_arraylist_length(tep->cacheList);
2305 for (listIndex = 0; listIndex < listLength;)
2308 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
2309 if (NULL != msg && NULL != msg->data && 0 != msg->len)
2311 unsigned char *dataBuf = (unsigned char *)msg->data;
2316 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, msg->len - written);
2319 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2321 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned -0x%x", -ret);
2326 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2330 } while (msg->len > written);
2332 if (u_arraylist_remove(tep->cacheList, listIndex))
2334 DeleteCacheMessage(msg);
2335 // Reduce list length by 1 as we removed one element.
2340 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
2346 // Move to the next element
2350 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2353 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
2355 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2356 g_sslCallback = tlsHandshakeCallback;
2357 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2360 /* Read data from TLS connection
2362 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
2365 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
2366 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2367 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
2369 oc_mutex_lock(g_sslContextMutex);
2370 if (NULL == g_caSslContext)
2372 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2373 oc_mutex_unlock(g_sslContextMutex);
2374 return CA_STATUS_FAILED;
2377 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
2380 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2381 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2382 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2383 peer = NewSslEndPoint(&sep->endpoint, config);
2386 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
2387 oc_mutex_unlock(g_sslContextMutex);
2388 return CA_STATUS_FAILED;
2390 //Load allowed TLS suites from SVR DB
2391 SetupCipher(config, sep->endpoint.adapter);
2393 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
2396 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2398 oc_mutex_unlock(g_sslContextMutex);
2399 return CA_STATUS_FAILED;
2403 peer->recBuf.buff = data;
2404 peer->recBuf.len = dataLen;
2405 peer->recBuf.loaded = 0;
2407 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
2409 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2410 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
2415 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
2417 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
2418 mbedtls_ssl_session_reset(&peer->ssl);
2419 mbedtls_ssl_set_client_transport_id(&peer->ssl,
2420 (const unsigned char *) sep->endpoint.addr,
2421 sizeof(sep->endpoint.addr));
2422 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2424 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
2426 ((MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint) ||
2427 (MBEDTLS_SSL_IS_SERVER == peer->ssl.conf->endpoint && MBEDTLS_X509_BADCERT_MISSING != flags)))
2429 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
2430 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
2431 CA_STATUS_FAILED, GetAlertCode(flags));
2433 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
2434 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
2436 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
2437 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
2439 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
2441 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
2444 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2446 SSL_RES(peer, CA_STATUS_OK);
2447 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2449 SendCacheMessages(peer);
2452 int selectedCipher = peer->ssl.session->ciphersuite;
2453 OIC_LOG_V(DEBUG, NET_SSL_TAG, "(D)TLS Session is connected via ciphersuite [0x%x]", selectedCipher);
2454 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != selectedCipher &&
2455 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 != selectedCipher)
2457 char uuid[UUID_LENGTH * 2 + 5] = {0};
2458 void * uuidPos = NULL;
2459 void * userIdPos = NULL;
2460 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
2461 ret = (NULL == peerCert ? -1 : 0);
2462 if (g_CertificateVerificationCallback)
2464 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
2467 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_SUCCESS_MUTUAL);
2469 else if (MBEDTLS_X509_BADCERT_MISSING == flags)
2471 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_NO_CERT);
2475 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_FAILED);
2478 //SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
2479 // CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
2482 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2483 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
2485 if (NULL != uuidPos)
2487 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2488 OIC_LOG_V(DEBUG, NET_SSL_TAG, "certificate uuid string: %s" , uuid);
2489 ret = OCConvertStringToUuid(uuid, peer->sep.identity.id);
2490 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
2491 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2495 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
2498 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2499 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
2500 if (NULL != userIdPos)
2502 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2503 ret = OCConvertStringToUuid(uuid, peer->sep.userId.id);
2504 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
2505 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2509 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
2514 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2516 SendCacheMessages(peer);
2518 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2519 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2520 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2522 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_REQUIRED);
2524 oc_mutex_unlock(g_sslContextMutex);
2525 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2526 return CA_STATUS_OK;
2530 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2532 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)");
2534 // flag to read again remained data
2535 bool read_more = false;
2538 if (NULL == g_decryptBuffer)
2540 OIC_LOG(ERROR, NET_SSL_TAG, "decrypt buffer is NULL");
2541 oc_mutex_unlock(g_sslContextMutex);
2542 return CA_STATUS_FAILED;
2544 memset(g_decryptBuffer, 0, TLS_MSG_BUF_LEN);
2549 ret = mbedtls_ssl_read(&peer->ssl, g_decryptBuffer, TLS_MSG_BUF_LEN);
2550 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
2552 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
2553 // TinyDTLS sends fatal close_notify alert
2554 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
2555 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
2556 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
2558 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
2559 RemovePeerFromList(&peer->sep.endpoint);
2560 oc_mutex_unlock(g_sslContextMutex);
2561 return CA_STATUS_OK;
2566 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
2567 //SSL_RES(peer, CA_STATUS_FAILED);
2568 RemovePeerFromList(&peer->sep.endpoint);
2569 oc_mutex_unlock(g_sslContextMutex);
2570 return CA_STATUS_FAILED;
2574 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
2575 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
2578 res = g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep,
2579 g_decryptBuffer, ret);
2580 if (CA_STATUS_OK != res)
2582 OIC_LOG(ERROR, NET_SSL_TAG, "recvCallback is failed");
2583 RemovePeerFromList(&peer->sep.endpoint);
2584 oc_mutex_unlock(g_sslContextMutex);
2585 return CA_STATUS_FAILED;
2588 // check if decrypted data is remained in stream transport
2589 size_t remained = mbedtls_ssl_get_bytes_avail(&peer->ssl);
2591 MBEDTLS_SSL_TRANSPORT_STREAM == peer->ssl.conf->transport)
2593 OIC_LOG_V(DEBUG, NET_SSL_TAG, "need to read %zu bytes more", remained);
2599 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
2600 RemovePeerFromList(&peer->sep.endpoint);
2601 oc_mutex_unlock(g_sslContextMutex);
2602 return CA_STATUS_FAILED;
2605 } while (read_more);
2608 oc_mutex_unlock(g_sslContextMutex);
2609 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2610 return CA_STATUS_OK;
2613 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
2614 CAPacketSendCallback sendCallback,
2615 CATransportAdapter_t type)
2617 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2618 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
2619 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
2620 oc_mutex_lock(g_sslContextMutex);
2621 if (NULL == g_caSslContext)
2623 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2624 oc_mutex_unlock(g_sslContextMutex);
2631 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
2632 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
2634 case CA_ADAPTER_TCP:
2635 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
2636 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
2638 case CA_ADAPTER_GATT_BTLE:
2639 g_caSslContext->adapterCallbacks[2].recvCallback = recvCallback;
2640 g_caSslContext->adapterCallbacks[2].sendCallback = sendCallback;
2643 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
2646 oc_mutex_unlock(g_sslContextMutex);
2647 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2650 * Gets index of the TLS ciphersuite in the SslCipher_t enum.
2652 * @param[in] cipher TLS chiphersuite code
2654 * @return corresponding enum
2657 static SslCipher_t GetCipherIndex(const uint32_t cipher)
2661 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256:
2663 return SSL_RSA_WITH_AES_256_CBC_SHA256;
2665 case MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256:
2667 return SSL_RSA_WITH_AES_128_GCM_SHA256;
2669 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
2671 return SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
2673 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
2675 return SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
2677 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
2679 return SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
2681 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
2683 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8;
2685 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
2687 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM;
2689 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
2691 return SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
2693 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
2695 return SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
2697 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
2699 return SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
2701 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
2703 return SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
2705 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
2707 return SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
2709 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
2711 return SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256;
2715 return SSL_CIPHER_MAX;
2720 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
2722 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2723 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL context is not initialized." , CA_STATUS_NOT_INITIALIZED);
2725 SslCipher_t index = GetCipherIndex(cipher);
2726 if (SSL_CIPHER_MAX == index)
2728 OIC_LOG(WARNING, NET_SSL_TAG, "Unknown cipher");
2733 CONF_SSL(&g_caSslContext->clientTlsConf, &g_caSslContext->serverTlsConf,
2734 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2736 #ifdef __WITH_DTLS__
2737 CONF_SSL(&g_caSslContext->clientDtlsConf, &g_caSslContext->serverDtlsConf,
2738 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2740 OIC_LOG_V(INFO, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
2742 g_caSslContext->cipher = index;
2744 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2745 return CA_STATUS_OK;
2748 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
2750 CAResult_t res = CA_STATUS_OK;
2751 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2752 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2753 oc_mutex_lock(g_sslContextMutex);
2754 if (NULL == InitiateTlsHandshake(endpoint))
2756 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2757 res = CA_STATUS_FAILED;
2759 oc_mutex_unlock(g_sslContextMutex);
2760 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2764 * Expands the secret into blocks of data according
2765 * to the algorithm specified in section 5 of RFC 4346
2767 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2769 * @param key secret key.
2770 * @param keyLen secret key length.
2771 * @param label A PRF label.
2772 * @param labelLen Actual length of @p label.
2773 * @param random1 Random seed.
2774 * @param random1Len Actual length of @p random1 (may be zero).
2775 * @param random2 Random seed.
2776 * @param random2Len Actual length of @p random2 (may be zero).
2777 * @param buf Output buffer for generated random data.
2778 * @param bufLen Maximum size of @p buf.
2780 * @return The actual number of bytes written to @p buf or @c -1 on error.
2783 static int pHash (const unsigned char *key, size_t keyLen,
2784 const unsigned char *label, size_t labelLen,
2785 const unsigned char *random1, size_t random1Len,
2786 const unsigned char *random2, size_t random2Len,
2787 unsigned char *buf, size_t bufLen)
2789 unsigned char A[RANDOM_LEN] = {0};
2790 unsigned char tmp[RANDOM_LEN] = {0};
2791 size_t dLen; /* digest length */
2792 size_t len = 0; /* result length */
2794 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2795 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2796 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2797 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2798 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2800 mbedtls_md_context_t hmacA;
2801 mbedtls_md_context_t hmacP;
2803 mbedtls_md_init(&hmacA);
2804 mbedtls_md_init(&hmacP);
2806 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2807 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2809 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2810 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2811 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2812 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2813 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2817 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2819 while (len + dLen < bufLen)
2821 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2822 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2823 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2824 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2825 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2826 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2828 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2832 memcpy(buf, tmp, dLen);
2835 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2836 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2837 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2838 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2841 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2842 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2843 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2845 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2846 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2847 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2848 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2850 memcpy(buf, tmp, bufLen - len);
2852 mbedtls_md_free(&hmacA);
2853 mbedtls_md_free(&hmacP);
2857 mbedtls_md_free(&hmacA);
2858 mbedtls_md_free(&hmacP);
2862 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2863 const uint8_t* label, const size_t labelLen,
2864 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2865 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2866 uint8_t* ownerPsk, const size_t ownerPskSize)
2868 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2869 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2870 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2871 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2872 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2873 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2875 oc_mutex_lock(g_sslContextMutex);
2876 if (NULL == g_caSslContext)
2878 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2879 oc_mutex_unlock(g_sslContextMutex);
2880 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2881 return CA_STATUS_FAILED;
2883 SslEndPoint_t * tep = GetSslPeer(endpoint);
2886 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2887 oc_mutex_unlock(g_sslContextMutex);
2888 return CA_STATUS_FAILED;
2891 // keyBlockLen set up according to OIC 1.1 Security Specification Section 7.3.2
2895 int keyBlockLen = 0;
2896 if (MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2897 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2898 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2899 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher)
2901 // 2 * ( 32 + 0 + 16 ) = 96
2902 macKeyLen = SHA256_MAC_KEY_LENGTH;
2903 ivSize = CBC_IV_LENGTH;
2904 keySize = AES128_KEY_LENGTH;
2906 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM == g_caSslContext->selectedCipher ||
2907 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher)
2909 // 2 * ( 0 + 4 + 16 ) = 40
2910 macKeyLen = CCM_MAC_KEY_LENGTH;
2911 ivSize = CCM_IV_LENGTH;
2912 keySize = AES128_KEY_LENGTH;
2914 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2916 // 2 * ( 32 + 12 + 16 ) = 120
2917 macKeyLen = SHA256_MAC_KEY_LENGTH;
2918 ivSize = GCM_IV_LENGTH;
2919 keySize = AES128_KEY_LENGTH;
2921 else if (MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 == g_caSslContext->selectedCipher)
2923 // 2 * ( 32 + 0 + 32 ) = 128
2924 macKeyLen = SHA256_MAC_KEY_LENGTH;
2925 ivSize = CBC_IV_LENGTH;
2926 keySize = AES256_KEY_LENGTH;
2928 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 == g_caSslContext->selectedCipher)
2930 // 2 * ( 48 + 0 + 32 ) = 160
2931 macKeyLen = SHA384_MAC_KEY_LENGTH;
2932 ivSize = CBC_IV_LENGTH;
2933 keySize = AES256_KEY_LENGTH;
2935 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 == g_caSslContext->selectedCipher)
2937 // 2 * ( 48 + 12 + 32 ) = 184
2938 macKeyLen = SHA384_MAC_KEY_LENGTH;
2939 ivSize = GCM_IV_LENGTH;
2940 keySize = AES256_KEY_LENGTH;
2942 else if (MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2944 // 2 * ( 48 + 12 + 32 ) = 184
2945 macKeyLen = SHA256_MAC_KEY_LENGTH;
2946 ivSize = GCM_IV_LENGTH;
2947 keySize = AES128_KEY_LENGTH;
2949 keyBlockLen = 2 * (macKeyLen + keySize + ivSize);
2951 uint8_t * keyblock = (uint8_t *)OICMalloc(keyBlockLen);
2952 if (NULL == keyblock)
2954 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to OICMalloc for keyblock");
2955 oc_mutex_unlock(g_sslContextMutex);
2956 return CA_STATUS_FAILED;
2960 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2961 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2962 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2963 keyblock, keyBlockLen);
2966 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2968 oc_mutex_unlock(g_sslContextMutex);
2969 return CA_STATUS_FAILED;
2972 ret = pHash(keyblock, keyBlockLen, label, labelLen,
2973 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2974 provServerDeviceId, provServerDeviceIdLen,
2975 ownerPsk, ownerPskSize);
2978 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2980 oc_mutex_unlock(g_sslContextMutex);
2981 return CA_STATUS_FAILED;
2985 oc_mutex_unlock(g_sslContextMutex);
2987 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2988 return CA_STATUS_OK;