1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
29 #include "byte_array.h"
32 // headers required for mbed TLS
33 #include "mbedtls/platform.h"
34 #include "mbedtls/ssl.h"
35 #include "mbedtls/entropy.h"
36 #include "mbedtls/ctr_drbg.h"
37 #include "mbedtls/pkcs12.h"
38 #include "mbedtls/ssl_internal.h"
40 #include "mbedtls/timing.h"
41 #include "mbedtls/ssl_cookie.h"
45 #include "mbedtls/debug.h"
46 #include "mbedtls/version.h"
50 #include <sys/types.h>
58 * @def MBED_TLS_VERSION_LEN
59 * @brief mbedTLS version string length
61 #define MBED_TLS_VERSION_LEN (16)
64 * @brief Seed for initialization RNG
66 #define SEED "IOTIVITY_RND"
69 * @brief uuid prefix in certificate subject field
71 #define UUID_PREFIX "uuid:"
74 * @brief userid prefix in certificate alternative subject name field
76 #define USERID_PREFIX "userid:"
80 * @brief Logging tag for module name
82 #define NET_SSL_TAG "OIC_CA_NET_SSL"
85 * @brief Logging tag for mbedTLS library
87 #define MBED_TLS_TAG "MBED_TLS"
89 * @def MMBED_TLS_DEBUG_LEVEL
90 * @brief Logging level for mbedTLS library
92 #define MBED_TLS_DEBUG_LEVEL (4)
95 * @def TLS_MSG_BUF_LEN
96 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
99 #define TLS_MSG_BUF_LEN (16384)
102 * @brief PSK keys max length
104 #define PSK_LENGTH (256/8)
106 * @def UUID_LENGTHPSK_LENGTH
107 * @brief Identity max length
109 #define UUID_LENGTH (128/8)
111 * @def MASTER_SECRET_LEN
112 * @brief TLS master secret length
114 #define MASTER_SECRET_LEN (48)
117 * @brief TLS client and server random bytes length
119 #define RANDOM_LEN (32)
122 * @brief PSK generated keyblock length
124 #define KEY_BLOCK_LEN (96)
126 /**@def SSL_CLOSE_NOTIFY(peer, ret)
128 * Notifies of existing \a peer about closing TLS connection.
130 * @param[in] peer remote peer
131 * @param[in] ret used internaly
133 #define SSL_CLOSE_NOTIFY(peer, ret) \
136 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
137 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
139 /**@def SSL_RES(peer, status)
141 * Sets SSL result for callback.
143 * @param[in] peer remote peer
145 #define SSL_RES(peer, status) \
148 CAErrorInfo_t errorInfo; \
149 errorInfo.result = (status); \
150 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
152 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
154 * Checks handshake result and send alert if needed.
156 * @param[in] peer remote peer
157 * @param[in] ret error code
158 * @param[in] str debug string
159 * @param[in] mutex ca mutex
160 * @param[in] return error code
161 * @param[in] msg allert message
163 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
164 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
165 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
166 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
167 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
169 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
170 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
171 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
173 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
175 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
176 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
177 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
178 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
179 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
181 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
183 RemovePeerFromList(&(peer)->sep.endpoint); \
186 ca_mutex_unlock(g_sslContextMutex); \
188 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
191 /** @def CHECK_MBEDTLS_RET(f, ...)
192 * A macro that checks \a f function return code
194 * If function returns error code it goes to error processing.
196 * @param[in] f Function to call
198 #define CHECK_MBEDTLS_RET(f, ...) do { \
199 int ret = (f)(__VA_ARGS__); \
201 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
207 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
208 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
209 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
210 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
216 ADAPTER_CURVE_SECP256R1,
220 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
222 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
223 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
224 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
225 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
228 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
230 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
232 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
235 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
242 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
243 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
244 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
245 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
246 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
247 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
248 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
249 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
250 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
251 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
252 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
253 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
254 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
255 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
256 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
257 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
258 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
259 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
260 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
261 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
262 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
266 static int GetAlertCode(uint32_t flags)
268 const CrtVerifyAlert_t *cur;
270 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
272 if (flags & cur->code)
282 * Pass a message to the OIC logger.
284 * @param[in] ctx opaque context for the callback
285 * @param[in] level debug level
286 * @param[in] file file name
287 * @param[in] line line number
288 * @param[in] str message
290 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
297 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
303 * Finds the first occurrence of the byte string s in byte string l.
306 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
310 const char *cl = (const char *)l;
311 const char *cs = (const char *)s;
313 if (lLen == 0 || sLen == 0)
323 return (void *)memchr(l, (int)*cs, lLen);
326 last = (char *)cl + lLen - sLen;
328 for (cur = (char *)cl; cur <= last; cur++)
330 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
339 * structure to holds the information of cache message and address info.
341 typedef ByteArray_t SslCacheMessage_t;
345 * Data structure for holding the send and recv callbacks.
347 typedef struct TlsCallBacks
349 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
350 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
354 * Data structure for holding the mbedTLS interface related info.
356 typedef struct SslContext
358 u_arraylist_t *peerList; /**< peer list which holds the mapping between
359 peer id, it's n/w address and mbedTLS context. */
360 mbedtls_entropy_context entropy;
361 mbedtls_ctr_drbg_context rnd;
363 mbedtls_x509_crt crt;
364 mbedtls_pk_context pkey;
366 mbedtls_ssl_config clientTlsConf;
367 mbedtls_ssl_config serverTlsConf;
368 mbedtls_ssl_config clientDtlsConf;
369 mbedtls_ssl_config serverDtlsConf;
371 mbedtls_ssl_cookie_ctx cookie_ctx;
372 mbedtls_timing_delay_context timer;
373 #endif // __WITH_DTLS__
374 AdapterCipher_t cipher;
375 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
376 mbedtls_x509_crl crl;
383 * @var g_caSslContext
384 * @brief global context which holds tls context and cache list information.
386 static SslContext_t * g_caSslContext = NULL;
389 * @var g_getCredentialsCallback
390 * @brief callback to get TLS credentials (same as for DTLS)
392 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
394 * @var g_getCerdentilTypesCallback
395 * @brief callback to get different credential types from SRM
397 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
399 * @var g_getPkixInfoCallback
401 * @brief callback to get X.509-based Public Key Infrastructure
403 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
406 * @var g_dtlsContextMutex
407 * @brief Mutex to synchronize access to g_caSslContext.
409 static ca_mutex g_sslContextMutex = NULL;
413 * @brief callback to deliver the TLS handshake result
415 static CAErrorCallback g_sslCallback = NULL;
418 * Data structure for holding the data to be received.
420 typedef struct SslRecBuf
427 * Data structure for holding the data related to endpoint
430 typedef struct SslEndPoint
432 mbedtls_ssl_context ssl;
433 CASecureEndpoint_t sep;
434 u_arraylist_t * cacheList;
436 uint8_t master[MASTER_SECRET_LEN];
437 uint8_t random[2*RANDOM_LEN];
439 mbedtls_ssl_cookie_ctx cookieCtx;
444 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
446 // TODO Does this method needs protection of tlsContextMutex?
447 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
448 g_getCredentialsCallback = credCallback;
449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
452 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
454 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
455 g_getPkixInfoCallback = infoCallback;
456 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
458 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
460 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
461 g_getCredentialTypesCallback = credTypesCallback;
462 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
465 static int GetAdapterIndex(CATransportAdapter_t adapter)
474 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
481 * @param[in] tep TLS endpoint
482 * @param[in] data message
483 * @param[in] dataLen message length
485 * @return message length
487 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
489 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
490 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", 0);
491 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
492 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
493 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
494 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
495 if (0 == adapterIndex || 1 == adapterIndex)
497 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
498 sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, (uint32_t) dataLen);
502 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
506 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
512 * @param[in] tep TLS endpoint
513 * @param[in] data message
514 * @param[in] dataLen message length
516 * @return read length
518 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
520 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
521 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
522 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
524 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
525 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
526 retLen = (retLen < dataLen ? retLen : dataLen);
528 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
529 recBuf->loaded += retLen;
531 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
536 * Parse chain of X.509 certificates.
538 * @param[out] crt container for X.509 certificates
539 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
540 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
541 * @param[in] bufLen buffer length
543 * @return 0 on success, -1 on error
545 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
547 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
548 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
549 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
554 unsigned char * tmp = NULL;
556 char pemCertHeader[] = {
557 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
558 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
560 char pemCertFooter[] = {
561 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
562 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
564 size_t pemCertHeaderLen = sizeof(pemCertHeader);
565 size_t pemCertFooterLen = sizeof(pemCertFooter);
569 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
571 tmp = (unsigned char *)buf + pos + 1;
572 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
573 if (pos + len < bufLen)
575 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
579 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
581 void * endPos = NULL;
582 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
585 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
586 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
589 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
590 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
591 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
593 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
595 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
596 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
598 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
602 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
603 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
606 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
611 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
612 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
613 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
617 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
624 //Loads PKIX related information from SRM
625 static int InitPKIX(CATransportAdapter_t adapter)
627 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
628 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
629 g_getPkixInfoCallback(&g_pkiInfo);
631 mbedtls_x509_crt_free(&g_caSslContext->ca);
632 mbedtls_x509_crt_free(&g_caSslContext->crt);
633 mbedtls_pk_free(&g_caSslContext->pkey);
634 mbedtls_x509_crl_free(&g_caSslContext->crl);
636 mbedtls_x509_crt_init(&g_caSslContext->ca);
637 mbedtls_x509_crt_init(&g_caSslContext->crt);
638 mbedtls_pk_init(&g_caSslContext->pkey);
639 mbedtls_x509_crl_init(&g_caSslContext->crl);
641 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
642 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
643 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
644 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
646 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
649 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
652 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
656 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
660 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
663 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
666 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
669 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
674 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
677 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
678 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
682 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
685 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
686 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
687 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
691 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
692 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
695 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
702 * @param[in] notUsed opaque context
703 * @param[in] ssl mbedTLS context
704 * @param[in] desc identity
705 * @param[in] descLen identity length
707 * @return 0 on success any other return value will result in a denied PSK identity
709 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
710 const unsigned char * desc, size_t descLen)
712 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
713 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
714 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
715 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
716 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
718 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
722 uint8_t keyBuf[PSK_LENGTH] = {0};
724 // Retrieve the credentials blob from security module
725 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
728 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
729 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
730 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
731 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
733 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
734 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
736 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
740 * Gets session corresponding for endpoint.
742 * @param[in] peer remote address
744 * @return TLS session or NULL
746 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
748 uint32_t listIndex = 0;
749 uint32_t listLength = 0;
750 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
751 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
753 SslEndPoint_t *tep = NULL;
754 listLength = u_arraylist_length(g_caSslContext->peerList);
755 for (listIndex = 0; listIndex < listLength; listIndex++)
757 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
762 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
763 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
764 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
765 && (peer->port == tep->sep.endpoint.port))
767 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
771 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
772 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
776 #ifdef _ENABLE_MULTIPLE_OWNER_
778 * Gets CA secure endpoint info corresponding for endpoint.
780 * @param[in] peer remote address
782 * @return CASecureEndpoint or NULL
784 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
786 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
788 // TODO: Added as workaround, need to debug
789 ca_mutex_unlock(g_sslContextMutex);
791 ca_mutex_lock(g_sslContextMutex);
792 if (NULL == g_caSslContext)
794 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
795 ca_mutex_unlock(g_sslContextMutex);
799 SslEndPoint_t* sslPeer = GetSslPeer(peer);
802 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
803 ca_mutex_unlock(g_sslContextMutex);
804 return &sslPeer->sep;
807 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
808 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
809 ca_mutex_unlock(g_sslContextMutex);
815 * Deletes cached message.
817 * @param[in] msg message
819 static void DeleteCacheMessage(SslCacheMessage_t * msg)
821 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
822 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
827 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
830 * Deletes cached message list.
832 * @param[in] cacheList list of cached messages
834 static void DeleteCacheList(u_arraylist_t * cacheList)
836 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
837 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
838 uint32_t listIndex = 0;
839 uint32_t listLength = 0;
841 listLength = u_arraylist_length(cacheList);
842 for (listIndex = 0; listIndex < listLength; listIndex++)
844 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
847 DeleteCacheMessage(msg);
850 u_arraylist_free(&cacheList);
852 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
855 * Deletes endpoint with session.
857 * @param[in] tep endpoint with session info
859 static void DeleteSslEndPoint(SslEndPoint_t * tep)
861 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
862 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
864 mbedtls_ssl_free(&tep->ssl);
866 mbedtls_ssl_cookie_free(&tep->cookieCtx);
868 DeleteCacheList(tep->cacheList);
870 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
873 * Removes endpoint session from list.
875 * @param[in] endpoint remote address
877 static void RemovePeerFromList(CAEndpoint_t * endpoint)
879 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
880 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
881 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
883 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
888 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
889 && (endpoint->port == tep->sep.endpoint.port))
891 u_arraylist_remove(g_caSslContext->peerList, listIndex);
892 DeleteSslEndPoint(tep);
898 * Deletes session list.
900 static void DeletePeerList()
902 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
903 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
905 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
910 DeleteSslEndPoint(tep);
912 u_arraylist_free(&g_caSslContext->peerList);
915 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
917 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
918 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
920 ca_mutex_lock(g_sslContextMutex);
921 if (NULL == g_caSslContext)
923 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
924 ca_mutex_unlock(g_sslContextMutex);
925 return CA_STATUS_FAILED;
927 SslEndPoint_t * tep = GetSslPeer(endpoint);
930 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
931 ca_mutex_unlock(g_sslContextMutex);
932 return CA_STATUS_FAILED;
934 /* No error checking, the connection might be closed already */
938 ret = mbedtls_ssl_close_notify(&tep->ssl);
940 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
942 RemovePeerFromList(&tep->sep.endpoint);
943 ca_mutex_unlock(g_sslContextMutex);
945 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
949 void CAcloseSslConnectionAll()
951 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
952 ca_mutex_lock(g_sslContextMutex);
953 if (NULL == g_caSslContext)
955 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
956 ca_mutex_unlock(g_sslContextMutex);
960 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
961 for (uint32_t i = listLength; i > 0; i--)
963 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_remove(g_caSslContext->peerList, i - 1);
968 OIC_LOG_V(DEBUG, NET_SSL_TAG, "SSL Connection [%s:%d]",
969 tep->sep.endpoint.addr, tep->sep.endpoint.port);
971 // TODO: need to check below code after socket close is ensured.
975 ret = mbedtls_ssl_close_notify(&tep->ssl);
977 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
979 DeleteSslEndPoint(tep);
981 ca_mutex_unlock(g_sslContextMutex);
983 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
987 * Creates session for endpoint.
989 * @param[in] endpoint remote address
990 * @param[in] config mbedTLS configuration info
992 * @return TLS endpoint or NULL
994 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
996 SslEndPoint_t * tep = NULL;
997 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
998 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
999 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1001 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1004 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1008 tep->sep.endpoint = *endpoint;
1009 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1011 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1013 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1015 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1019 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1020 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1022 mbedtls_ssl_set_timer_cb(&tep->ssl, &g_caSslContext->timer,
1023 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1024 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1026 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
1027 &g_caSslContext->rnd))
1029 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
1031 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1034 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1036 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1037 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1039 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1041 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1046 tep->cacheList = u_arraylist_create();
1047 if (NULL == tep->cacheList)
1049 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1050 mbedtls_ssl_free(&tep->ssl);
1052 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1055 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1059 * Initializes PSK identity.
1061 * @param[out] config client/server config to be updated
1063 * @return 0 on success or -1 on error
1065 static int InitPskIdentity(mbedtls_ssl_config * config)
1067 uint8_t idBuf[UUID_LENGTH] = {0};
1068 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1069 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1071 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1073 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1074 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1077 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1079 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1080 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1083 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1086 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1089 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1090 if (NULL == g_getCredentialTypesCallback)
1092 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1096 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1097 // Retrieve the PSK credential from SRM
1098 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1099 if (0 != InitPskIdentity(config))
1101 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1104 // Retrieve the ECC credential from SRM
1105 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1107 int ret = InitPKIX(adapter);
1110 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1114 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1115 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1117 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1120 if (true == g_caSslContext->cipherFlag[1])
1122 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1125 if (true == g_caSslContext->cipherFlag[0])
1127 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1130 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1132 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1135 * Initiate TLS handshake with endpoint.
1137 * @param[in] endpoint remote address
1139 * @return TLS endpoint or NULL
1141 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1144 SslEndPoint_t * tep = NULL;
1146 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1147 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1150 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1151 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1152 tep = NewSslEndPoint(endpoint, config);
1155 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1159 //Load allowed SVR suites from SVR DB
1160 SetupCipher(config, endpoint->adapter);
1162 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1163 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1166 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1167 DeleteSslEndPoint(tep);
1171 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1173 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1174 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1178 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1180 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1184 void CAdeinitSslAdapter()
1186 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1188 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1189 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1191 //Lock tlsContext mutex
1192 ca_mutex_lock(g_sslContextMutex);
1197 // De-initialize mbedTLS
1198 mbedtls_x509_crt_free(&g_caSslContext->crt);
1199 mbedtls_pk_free(&g_caSslContext->pkey);
1201 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1202 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1203 #endif // __WITH_TLS__
1204 #ifdef __WITH_DTLS__
1205 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1206 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1207 #endif // __WITH_DTLS__
1208 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1209 mbedtls_entropy_free(&g_caSslContext->entropy);
1211 // De-initialize tls Context
1212 OICFree(g_caSslContext);
1213 g_caSslContext = NULL;
1215 // Unlock tlsContext mutex and de-initialize it
1216 ca_mutex_unlock(g_sslContextMutex);
1217 ca_mutex_free(g_sslContextMutex);
1218 g_sslContextMutex = NULL;
1220 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1223 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1225 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1226 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1227 mbedtls_ssl_config_init(conf);
1228 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1230 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1234 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1235 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1236 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1237 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1238 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1239 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1242 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1243 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1245 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1249 CAResult_t CAinitSslAdapter()
1251 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1252 // Initialize mutex for tlsContext
1253 if (NULL == g_sslContextMutex)
1255 g_sslContextMutex = ca_mutex_new();
1256 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1260 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1261 return CA_STATUS_OK;
1264 // Lock tlsContext mutex and create tlsContext
1265 ca_mutex_lock(g_sslContextMutex);
1266 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1268 if (NULL == g_caSslContext)
1270 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1271 ca_mutex_unlock(g_sslContextMutex);
1272 ca_mutex_free(g_sslContextMutex);
1273 g_sslContextMutex = NULL;
1274 return CA_MEMORY_ALLOC_FAILED;
1278 g_caSslContext->peerList = u_arraylist_create();
1280 if(NULL == g_caSslContext->peerList)
1282 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1283 OICFree(g_caSslContext);
1284 g_caSslContext = NULL;
1285 ca_mutex_unlock(g_sslContextMutex);
1286 ca_mutex_free(g_sslContextMutex);
1287 g_sslContextMutex = NULL;
1288 return CA_STATUS_FAILED;
1291 /* Initialize TLS library
1294 char version[MBED_TLS_VERSION_LEN];
1295 mbedtls_version_get_string(version);
1296 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1301 mbedtls_entropy_init(&g_caSslContext->entropy);
1302 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1305 unsigned char seed[sizeof(SEED)] = {0};
1307 urandomFd = open("/dev/urandom", O_RDONLY);
1310 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1311 ca_mutex_unlock(g_sslContextMutex);
1312 CAdeinitSslAdapter();
1313 return CA_STATUS_FAILED;
1315 if(0 > read(urandomFd, seed, sizeof(seed)))
1317 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1319 ca_mutex_unlock(g_sslContextMutex);
1320 CAdeinitSslAdapter();
1321 return CA_STATUS_FAILED;
1326 unsigned char * seed = (unsigned char*) SEED;
1328 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1329 &g_caSslContext->entropy, seed, sizeof(SEED)))
1331 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1332 ca_mutex_unlock(g_sslContextMutex);
1333 CAdeinitSslAdapter();
1334 return CA_STATUS_FAILED;
1336 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1339 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1340 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1342 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1343 ca_mutex_unlock(g_sslContextMutex);
1344 CAdeinitSslAdapter();
1345 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1346 return CA_STATUS_FAILED;
1349 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1350 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1352 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1353 ca_mutex_unlock(g_sslContextMutex);
1354 CAdeinitSslAdapter();
1355 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1356 return CA_STATUS_FAILED;
1358 #endif // __WITH_TLS__
1359 #ifdef __WITH_DTLS__
1360 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1361 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1363 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1364 ca_mutex_unlock(g_sslContextMutex);
1365 CAdeinitSslAdapter();
1366 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1367 return CA_STATUS_FAILED;
1370 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1371 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1373 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1374 ca_mutex_unlock(g_sslContextMutex);
1375 CAdeinitSslAdapter();
1376 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1377 return CA_STATUS_FAILED;
1379 #endif // __WITH_DTLS__
1381 // set default cipher
1382 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1385 mbedtls_x509_crt_init(&g_caSslContext->ca);
1386 mbedtls_x509_crt_init(&g_caSslContext->crt);
1387 mbedtls_pk_init(&g_caSslContext->pkey);
1388 mbedtls_x509_crl_init(&g_caSslContext->crl);
1390 ca_mutex_unlock(g_sslContextMutex);
1392 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1393 return CA_STATUS_OK;
1396 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1398 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1399 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1402 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1403 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1406 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1407 if (NULL == message)
1409 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1410 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1414 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1415 if (NULL == message->data)
1417 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1419 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1422 memcpy(message->data, data, dataLen);
1423 message->len = dataLen;
1424 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1428 /* Send data via TLS connection.
1430 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1431 void *data, uint32_t dataLen)
1435 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1437 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1438 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1439 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1443 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1444 return CA_STATUS_FAILED;
1447 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1449 ca_mutex_lock(g_sslContextMutex);
1450 if(NULL == g_caSslContext)
1452 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1453 ca_mutex_unlock(g_sslContextMutex);
1454 return CA_STATUS_FAILED;
1457 SslEndPoint_t * tep = GetSslPeer(endpoint);
1460 tep = InitiateTlsHandshake(endpoint);
1464 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1465 ca_mutex_unlock(g_sslContextMutex);
1466 return CA_STATUS_FAILED;
1469 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1471 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1475 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1476 RemovePeerFromList(&tep->sep.endpoint);
1477 ca_mutex_unlock(g_sslContextMutex);
1478 return CA_STATUS_FAILED;
1483 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1484 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1486 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1487 ca_mutex_unlock(g_sslContextMutex);
1488 return CA_STATUS_FAILED;
1492 ca_mutex_unlock(g_sslContextMutex);
1494 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1495 return CA_STATUS_OK;
1498 * Sends cached messages via TLS connection.
1500 * @param[in] tep remote address with session info
1502 static void SendCacheMessages(SslEndPoint_t * tep)
1504 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1505 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1507 uint32_t listIndex = 0;
1508 uint32_t listLength = 0;
1509 listLength = u_arraylist_length(tep->cacheList);
1510 for (listIndex = 0; listIndex < listLength;)
1513 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1514 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1518 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1520 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1524 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1526 if (u_arraylist_remove(tep->cacheList, listIndex))
1528 DeleteCacheMessage(msg);
1529 // Reduce list length by 1 as we removed one element.
1534 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1540 // Move to the next element
1544 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1547 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1549 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1550 g_sslCallback = tlsHandshakeCallback;
1551 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1553 // TODO move ConvertStrToUuid function to common module
1555 * Converts string UUID to CARemoteId_t
1557 * @param strUuid Device UUID in string format
1558 * @param uuid converted UUID in CARemoteId_t format
1560 * @return 0 for success.
1562 static int ConvertStrToUuid(const char* strUuid, CARemoteId_t* uuid)
1564 if(NULL == strUuid || NULL == uuid)
1566 OIC_LOG(ERROR, NET_SSL_TAG, "ConvertStrToUuid : Invalid param");
1572 size_t strUuidLen = 0;
1573 char convertedUuid[UUID_LENGTH * 2] = {0};
1575 strUuidLen = strlen(strUuid);
1578 OIC_LOG(INFO, NET_SSL_TAG, "The empty string detected, The UUID will be converted to "\
1579 "\"00000000-0000-0000-0000-000000000000\"");
1581 else if(UUID_LENGTH * 2 + 4 == strUuidLen)
1583 for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2)
1585 if(*(strUuid + urnIdx) == '-')
1589 sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]);
1594 OIC_LOG(ERROR, NET_SSL_TAG, "Invalid string uuid format");
1598 memcpy(uuid->id, convertedUuid, UUID_LENGTH);
1599 uuid->id_length = UUID_LENGTH;
1603 /* Read data from TLS connection
1605 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1608 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1609 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1610 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1612 ca_mutex_lock(g_sslContextMutex);
1613 if (NULL == g_caSslContext)
1615 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1616 ca_mutex_unlock(g_sslContextMutex);
1617 return CA_STATUS_FAILED;
1621 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1624 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1625 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1626 peer = NewSslEndPoint(&sep->endpoint, config);
1629 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1630 ca_mutex_unlock(g_sslContextMutex);
1631 return CA_STATUS_FAILED;
1633 //Load allowed TLS suites from SVR DB
1634 SetupCipher(config, sep->endpoint.adapter);
1636 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1639 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1641 ca_mutex_unlock(g_sslContextMutex);
1642 return CA_STATUS_FAILED;
1646 peer->recBuf.buff = data;
1647 peer->recBuf.len = dataLen;
1648 peer->recBuf.loaded = 0;
1650 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1652 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1653 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1658 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1660 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1661 mbedtls_ssl_session_reset(&peer->ssl);
1662 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1663 (const unsigned char *) sep->endpoint.addr,
1664 sizeof(sep->endpoint.addr));
1665 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1667 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1670 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1671 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1672 CA_STATUS_FAILED, GetAlertCode(flags));
1674 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1675 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1677 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1678 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1680 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1682 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1685 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1687 SSL_RES(peer, CA_STATUS_OK);
1688 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1690 SendCacheMessages(peer);
1693 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1694 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1696 char uuid[UUID_LENGTH * 2 + 5] = {0};
1697 void * uuidPos = NULL;
1698 void * userIdPos = NULL;
1699 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1700 ret = (NULL == peerCert ? -1 : 0);
1701 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1702 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1703 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1704 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1706 if (NULL != uuidPos)
1708 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1709 ret = ConvertStrToUuid(uuid, &peer->sep.identity);
1710 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1711 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1715 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1718 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1719 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1720 if (NULL != userIdPos)
1722 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1723 ret = ConvertStrToUuid(uuid, &peer->sep.userId);
1724 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1725 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1729 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1733 ca_mutex_unlock(g_sslContextMutex);
1734 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1735 return CA_STATUS_OK;
1739 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1741 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1744 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1745 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1747 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1748 // TinyDTLS sends fatal close_notify alert
1749 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1750 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1751 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1753 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1754 SSL_CLOSE_NOTIFY(peer, ret);
1755 RemovePeerFromList(&peer->sep.endpoint);
1756 ca_mutex_unlock(g_sslContextMutex);
1757 return CA_STATUS_OK;
1762 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1763 //SSL_RES(peer, CA_STATUS_FAILED);
1764 RemovePeerFromList(&peer->sep.endpoint);
1765 ca_mutex_unlock(g_sslContextMutex);
1766 return CA_STATUS_FAILED;
1768 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1769 if (0 == adapterIndex || adapterIndex == 1)
1771 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1775 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1776 RemovePeerFromList(&peer->sep.endpoint);
1777 ca_mutex_unlock(g_sslContextMutex);
1778 return CA_STATUS_FAILED;
1782 ca_mutex_unlock(g_sslContextMutex);
1783 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1784 return CA_STATUS_OK;
1787 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1788 CAPacketSendCallback sendCallback,
1789 CATransportAdapter_t type)
1791 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1792 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1793 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1794 ca_mutex_lock(g_sslContextMutex);
1795 if (NULL == g_caSslContext)
1797 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1798 ca_mutex_unlock(g_sslContextMutex);
1802 // if (MAX_SUPPORTED_ADAPTERS > type)
1807 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1808 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1810 case CA_ADAPTER_TCP:
1811 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1812 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1815 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1819 ca_mutex_unlock(g_sslContextMutex);
1820 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1823 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1825 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1826 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1827 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1830 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1833 //todo check that Cred with RSA cert exists
1834 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1835 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1836 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1837 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1839 #ifdef __WITH_DTLS__
1840 //todo check that Cred with RSA cert exists
1841 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1842 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1843 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1844 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1846 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1849 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1851 if (false == g_caSslContext->cipherFlag[1])
1853 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1854 return CA_STATUS_FAILED;
1857 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1858 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1859 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1860 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1862 #ifdef __WITH_DTLS__
1863 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1864 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1865 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1866 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1868 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1871 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1874 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1875 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1876 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1877 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1879 #ifdef __WITH_DTLS__
1880 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1881 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1882 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1883 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1885 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1888 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1891 if (false == g_caSslContext->cipherFlag[0])
1893 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1894 return CA_STATUS_FAILED;
1898 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1899 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1900 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1901 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1903 #ifdef __WITH_DTLS__
1904 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1905 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1906 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1907 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1909 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1914 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1915 return CA_STATUS_FAILED;
1918 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1919 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1920 return CA_STATUS_OK;
1923 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1925 CAResult_t res = CA_STATUS_OK;
1926 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1927 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1928 ca_mutex_lock(g_sslContextMutex);
1929 if (NULL == InitiateTlsHandshake(endpoint))
1931 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1932 res = CA_STATUS_FAILED;
1934 ca_mutex_unlock(g_sslContextMutex);
1935 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1939 * Expands the secret into blocks of data according
1940 * to the algorithm specified in section 5 of RFC 4346
1942 * This function writes upto @p bufLen bytes into the given output buffer @p buf
1944 * @param key secret key.
1945 * @param keyLen secret key length.
1946 * @param label A PRF label.
1947 * @param labelLen Actual length of @p label.
1948 * @param random1 Random seed.
1949 * @param random1Len Actual length of @p random1 (may be zero).
1950 * @param random2 Random seed.
1951 * @param random2Len Actual length of @p random2 (may be zero).
1952 * @param buf Output buffer for generated random data.
1953 * @param bufLen Maximum size of @p buf.
1955 * @return The actual number of bytes written to @p buf or @c -1 on error.
1958 static int pHash (const unsigned char *key, size_t keyLen,
1959 const unsigned char *label, size_t labelLen,
1960 const unsigned char *random1, size_t random1Len,
1961 const unsigned char *random2, size_t random2Len,
1962 unsigned char *buf, size_t bufLen)
1964 unsigned char A[RANDOM_LEN] = {0};
1965 unsigned char tmp[RANDOM_LEN] = {0};
1966 size_t dLen; /* digest length */
1967 size_t len = 0; /* result length */
1969 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
1970 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
1971 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
1972 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
1973 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
1975 mbedtls_md_context_t hmacA;
1976 mbedtls_md_context_t hmacP;
1978 mbedtls_md_init(&hmacA);
1979 mbedtls_md_init(&hmacP);
1981 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1982 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1984 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
1985 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
1986 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
1987 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
1988 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
1992 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1994 while (len + dLen < bufLen)
1996 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
1997 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1998 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
1999 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2000 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2001 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2003 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2007 memcpy(buf, tmp, dLen);
2010 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2011 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2012 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2013 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2016 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2017 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2018 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2020 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2021 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2022 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2023 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2025 memcpy(buf, tmp, bufLen - len);
2027 mbedtls_md_free(&hmacA);
2028 mbedtls_md_free(&hmacP);
2032 mbedtls_md_free(&hmacA);
2033 mbedtls_md_free(&hmacP);
2037 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2038 const uint8_t* label, const size_t labelLen,
2039 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2040 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2041 uint8_t* ownerPsk, const size_t ownerPskSize)
2043 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2044 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2045 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2046 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2047 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2048 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2050 // TODO: Added as workaround, need to debug
2051 ca_mutex_unlock(g_sslContextMutex);
2053 ca_mutex_lock(g_sslContextMutex);
2054 if (NULL == g_caSslContext)
2056 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2057 ca_mutex_unlock(g_sslContextMutex);
2058 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2059 return CA_STATUS_FAILED;
2061 SslEndPoint_t * tep = GetSslPeer(endpoint);
2064 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2065 ca_mutex_unlock(g_sslContextMutex);
2066 return CA_STATUS_FAILED;
2069 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2071 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2072 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2073 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2074 keyblock, KEY_BLOCK_LEN);
2077 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2078 ca_mutex_unlock(g_sslContextMutex);
2079 return CA_STATUS_FAILED;
2081 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2082 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2083 provServerDeviceId, provServerDeviceIdLen,
2084 ownerPsk, ownerPskSize);
2087 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2088 ca_mutex_unlock(g_sslContextMutex);
2089 return CA_STATUS_FAILED;
2092 ca_mutex_unlock(g_sslContextMutex);
2094 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2095 return CA_STATUS_OK;