1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
21 #define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
30 #include "ca_adapter_net_ssl.h"
32 #include "caadapterutils.h"
33 #include "cainterface.h"
34 #include "caipinterface.h"
35 #include "oic_malloc.h"
37 #include "byte_array.h"
43 // headers required for mbed TLS
44 #include "mbedtls/platform.h"
45 #include "mbedtls/ssl.h"
46 #include "mbedtls/entropy.h"
47 #include "mbedtls/ctr_drbg.h"
48 #include "mbedtls/pkcs12.h"
49 #include "mbedtls/ssl_internal.h"
50 #include "mbedtls/net.h"
52 #include "mbedtls/timing.h"
53 #include "mbedtls/ssl_cookie.h"
55 #include "pkix_interface.h"
57 #if !defined(NDEBUG) || defined(TB_LOG)
58 #include "mbedtls/debug.h"
59 #include "mbedtls/version.h"
63 #include <sys/types.h>
71 * @def MBED_TLS_VERSION_LEN
72 * @brief mbedTLS version string length
74 #define MBED_TLS_VERSION_LEN (16)
77 * @brief Seed for initialization RNG
79 #define SEED "IOTIVITY_RND"
82 * @brief uuid prefix in certificate subject field
84 #define UUID_PREFIX "uuid:"
87 * @brief userid prefix in certificate alternative subject name field
89 #define USERID_PREFIX "userid:"
93 * @brief Logging tag for module name
95 #define NET_SSL_TAG "OIC_CA_NET_SSL"
98 * @brief Logging tag for mbedTLS library
100 #define MBED_TLS_TAG "MBED_TLS"
102 * @def MMBED_TLS_DEBUG_LEVEL
103 * @brief Logging level for mbedTLS library
105 #define MBED_TLS_DEBUG_LEVEL (4)
108 * @def TLS_MSG_BUF_LEN
109 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
111 #if defined (__TIZENRT__)
112 #define TLS_MSG_BUF_LEN (2048)
114 #define TLS_MSG_BUF_LEN (16384)
119 * @brief PSK keys max length
121 #define PSK_LENGTH (256/8)
123 * @def UUID_LENGTHPSK_LENGTH
124 * @brief Identity max length
126 #define UUID_LENGTH (128/8)
128 * @def MASTER_SECRET_LEN
129 * @brief TLS master secret length
131 #define MASTER_SECRET_LEN (48)
134 * @brief TLS client and server random bytes length
136 #define RANDOM_LEN (32)
138 * @def SHA384_MAC_KEY_LENGTH
139 * @brief MAC key length for SHA384 cipher suites
141 #define SHA384_MAC_KEY_LENGTH (48)
143 * @def SHA256_MAC_KEY_LENGTH
144 * @brief MAC key length for SHA256 cipher suites
146 #define SHA256_MAC_KEY_LENGTH (32)
148 * @def CCM_MAC_KEY_LENGTH
149 * @brief MAC key length for CCM cipher suites
151 #define CCM_MAC_KEY_LENGTH (0)
153 * @def AES256_KEY_LENGTH
154 * @brief key material length for AES256 cipher suites
156 #define AES256_KEY_LENGTH (32)
158 * @def AES128_KEY_LENGTH
159 * @brief key material length for AES128 cipher suites
161 #define AES128_KEY_LENGTH (16)
164 * @brief length of nonce for GCM cipher suites
166 #define GCM_IV_LENGTH (12)
169 * @brief length of nonce for CCM cipher suites
171 #define CCM_IV_LENGTH (4)
174 * @brief length of nonce for CBC cipher suites
176 #define CBC_IV_LENGTH (0)
179 * @var RETRANSMISSION_TIME
180 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
182 #define RETRANSMISSION_TIME 1
184 /**@def SSL_CLOSE_NOTIFY(peer, ret)
186 * Notifies of existing \a peer about closing TLS connection.
188 * @param[in] peer remote peer
189 * @param[in] ret used internaly
191 #define SSL_CLOSE_NOTIFY(peer, ret) \
194 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
195 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
197 /**@def SSL_RES(peer, status)
199 * Sets SSL result for callback.
201 * @param[in] peer remote peer
203 #define SSL_RES(peer, status) \
206 CAErrorInfo_t errorInfo; \
207 errorInfo.result = (status); \
208 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
210 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
212 * Checks handshake result and send alert if needed.
214 * @param[in] peer remote peer
215 * @param[in] ret error code
216 * @param[in] str debug string
217 * @param[in] mutex ca mutex
218 * @param[in] error if code does not equal to -1 returns error code
219 * @param[in] msg allert message
221 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
222 if (0 != (ret) && MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret) && \
223 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
224 MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
225 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
226 MBEDTLS_ERR_SSL_NON_FATAL != (int) (ret) && \
227 MBEDTLS_SSL_ALERT_MSG_USER_CANCELED != (int) (ret) && \
228 MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION != (int) (ret) && \
229 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT != (int) (ret) && \
230 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY != (int) (ret) && \
231 MBEDTLS_SSL_ALERT_MSG_NO_CERT != (int) (ret) && \
232 MBEDTLS_SSL_ALERT_MSG_BAD_CERT != (int) (ret) && \
233 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT != (int) (ret) && \
234 MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED != (int) (ret) && \
235 MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED != (int) (ret) && \
236 MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN != (int) (ret) && \
237 MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK != (int) (ret) && \
238 MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME != (int) (ret) && \
239 MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY != (int) (ret) && \
240 MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL != (int) (ret)) \
242 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
243 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
244 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
246 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
248 RemovePeerFromList(&(peer)->sep.endpoint); \
251 oc_mutex_unlock(g_sslContextMutex); \
253 if ((int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int)(ret)) \
255 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
257 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
258 if (-1 != (intptr_t)error) \
264 /**@def CONF_SSL(clientConf, serverConf, fn, ...)
266 * Calls \a fn for \a clientConf and \a serverConf.
269 #define CONF_SSL(clientConf, serverConf, fn, ...) do { \
270 fn((clientConf), __VA_ARGS__); \
271 fn((serverConf), __VA_ARGS__); \
274 /** @def CHECK_MBEDTLS_RET(f, ...)
275 * A macro that checks \a f function return code
277 * If function returns error code it goes to error processing.
279 * @param[in] f Function to call
281 #define CHECK_MBEDTLS_RET(f, ...) do { \
282 int ret = (f)(__VA_ARGS__); \
284 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
290 SSL_RSA_WITH_AES_256_CBC_SHA256,
291 SSL_RSA_WITH_AES_128_GCM_SHA256,
292 SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
293 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
294 SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
295 SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8,
296 SSL_ECDHE_ECDSA_WITH_AES_128_CCM,
297 SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
298 SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
299 SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
300 SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
301 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
302 SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256,
308 ADAPTER_CURVE_SECP256R1,
312 static const int tlsCipher[SSL_CIPHER_MAX][2] =
314 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 0},
315 {MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 0},
316 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0},
317 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 0},
318 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0},
319 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
320 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 0},
321 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0},
322 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 0},
323 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0},
324 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0},
325 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0},
326 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0}
329 static int g_cipherSuitesList[SSL_CIPHER_MAX];
331 static int g_ssl_ordered_default_hashes[] = {
332 #if defined(MBEDTLS_SHA256_C)
336 #if defined(MBEDTLS_SHA1_C)
342 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
344 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
347 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
354 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
355 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
356 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
357 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
358 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
359 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
360 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
361 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
362 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
363 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
364 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
365 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
366 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
367 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
368 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
369 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
370 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
371 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
372 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
373 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
374 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
378 static int GetAlertCode(uint32_t flags)
380 const CrtVerifyAlert_t *cur;
382 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
384 if (flags & cur->code)
392 #if !defined(NDEBUG) || defined(TB_LOG)
394 * Pass a message to the OIC logger.
396 * @param[in] ctx opaque context for the callback
397 * @param[in] level debug level
398 * @param[in] file file name
399 * @param[in] line line number
400 * @param[in] str message
402 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
409 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
413 #if defined(_WIN32) || defined (__TIZENRT__)
415 * Finds the first occurrence of the byte string s in byte string l.
418 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
422 const char *cl = (const char *)l;
423 const char *cs = (const char *)s;
425 if (lLen == 0 || sLen == 0)
435 return (void *)memchr(l, (int)*cs, lLen);
438 last = (char *)cl + lLen - sLen;
440 for (cur = (char *)cl; cur <= last; cur++)
442 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
451 * structure to holds the information of cache message and address info.
453 typedef ByteArray_t SslCacheMessage_t;
457 * Data structure for holding the send and recv callbacks.
459 typedef struct TlsCallBacks
461 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
462 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
466 * Data structure for holding the mbedTLS interface related info.
468 typedef struct SslContext
470 u_arraylist_t *peerList; /**< peer list which holds the mapping between
471 peer id, it's n/w address and mbedTLS context. */
472 mbedtls_entropy_context entropy;
473 mbedtls_ctr_drbg_context rnd;
475 mbedtls_x509_crt crt;
476 mbedtls_pk_context pkey;
478 mbedtls_ssl_config clientTlsConf;
479 mbedtls_ssl_config serverTlsConf;
480 mbedtls_ssl_config clientDtlsConf;
481 mbedtls_ssl_config serverDtlsConf;
484 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
485 mbedtls_x509_crl crl;
490 mbedtls_ssl_cookie_ctx cookieCtx;
496 * @var g_caSslContext
497 * @brief global context which holds tls context and cache list information.
499 static SslContext_t * g_caSslContext = NULL;
501 static SslExportKeysCallback_t gTlsExportKeysCallback = NULL;
503 static SslExportKeysCallback_t gDtlsExportKeysCallback = NULL;
506 * @var g_getCredentialsCallback
507 * @brief callback to get TLS credentials (same as for DTLS)
509 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
511 * @var g_getCerdentilTypesCallback
512 * @brief callback to get different credential types from SRM
514 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
516 * @var g_getPkixInfoCallback
518 * @brief callback to get X.509-based Public Key Infrastructure
520 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
523 * Function pointer to get user confirmation in case of client's certificate absence
525 static UserConfirmNoCertCallback g_noCertConfirmCallback = NULL;
528 * Function pointer to get user confirmation in case of client's certificate absence
530 static int g_noCertConfirmState = OC_STACK_METHOD_NOT_ALLOWED;
533 * @var g_setupPkContextCallback
535 * @brief callback to setup PK context handler for H/W based Public Key Infrastructure
537 static CAsetupPkContextHandler g_setupPkContextCallback = NULL;
540 * @var g_dtlsContextMutex
541 * @brief Mutex to synchronize access to g_caSslContext.
543 static oc_mutex g_sslContextMutex = NULL;
547 * @brief callback to deliver the TLS handshake result
549 static CAErrorCallback g_sslCallback = NULL;
552 * Data structure for PeerCertCallback.
558 } PeerCertCallback_t;
561 * @var g_peerCertCallback
563 * @brief callback to utilize peer certificate information
565 static PeerCertCallback_t g_peerCertCallback = {NULL, NULL};
568 * @var g_decryptBuffer
569 * @brief decrypt buffer which will be used for decryption
571 static uint8_t *g_decryptBuffer = NULL;
574 * Data structure for holding the data to be received.
576 typedef struct SslRecBuf
583 * Data structure for holding the data related to endpoint
586 typedef struct SslEndPoint
588 mbedtls_ssl_context ssl;
589 CASecureEndpoint_t sep;
590 u_arraylist_t * cacheList;
592 uint8_t master[MASTER_SECRET_LEN];
593 uint8_t random[2*RANDOM_LEN];
595 mbedtls_timing_delay_context timer;
596 #endif // __WITH_DTLS__
599 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
601 // TODO Does this method needs protection of tlsContextMutex?
602 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
603 g_getCredentialsCallback = credCallback;
604 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
607 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
609 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
610 g_getPkixInfoCallback = infoCallback;
611 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
614 void CAsetSetupPkContextCallback(CAsetupPkContextHandler setupPkCtxCallback)
616 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
617 g_setupPkContextCallback = setupPkCtxCallback;
618 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
621 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
623 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
624 g_getCredentialTypesCallback = credTypesCallback;
625 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
628 void CAsetNoCertConfirmCallback(UserConfirmNoCertCallback noCertCallback)
630 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
631 g_noCertConfirmCallback = noCertCallback;
632 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
635 static int GetAdapterIndex(CATransportAdapter_t adapter)
643 case CA_ADAPTER_GATT_BTLE:
646 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
653 * @param[in] tep TLS endpoint
654 * @param[in] data message
655 * @param[in] dataLen message length
657 * @return message length or -1 on error.
659 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
661 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
662 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
663 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
664 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
665 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
666 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
668 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
669 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
671 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
672 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
675 OIC_LOG_V(ERROR, NET_SSL_TAG, "sendCallback() is Failed(%zd)", sentLen);
678 else if ((size_t)sentLen != dataLen)
680 OIC_LOG_V(DEBUG, NET_SSL_TAG,
681 "Packet was partially sent - total/sent/remained bytes : %zd/%zu/%zu",
682 sentLen, dataLen, (dataLen - sentLen));
687 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
691 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
697 * @param[in] tep TLS endpoint
698 * @param[in] data message
699 * @param[in] dataLen message length
701 * @return read length
703 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
705 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
706 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
707 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
709 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
710 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
711 retLen = (retLen < dataLen ? retLen : dataLen);
713 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
714 recBuf->loaded += retLen;
716 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
720 static int CASslExportKeysHandler(void *p_expkey,
721 const unsigned char *ms,
722 const unsigned char *kb,
727 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
729 if (NULL == g_caSslContext)
731 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
732 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
734 if (NULL == p_expkey)
736 OIC_LOG(ERROR, NET_SSL_TAG, "Can not find the protocol information from 'p_expkey'.");
737 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
740 CASslEkcbProtocol_t* protocol = (CASslEkcbProtocol_t*)p_expkey;
742 if (gTlsExportKeysCallback && CA_SSL_EKCB_TLS == (*protocol))
744 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking TLS export key callback.");
745 gTlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
747 else if (gDtlsExportKeysCallback && CA_SSL_EKCB_DTLS == (*protocol))
749 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking DTLS export key callback.");
750 gDtlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
754 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to Invoke (D)TLS export key callback.");
755 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
758 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
762 CAResult_t CASetSslExportKeysCallback(SslExportKeysCallback_t exportKeysCb,
763 CASslEkcbProtocol_t protocol, CASslEkcbRole_t role)
765 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
766 mbedtls_ssl_config* sslConf = NULL;
767 static CASslEkcbProtocol_t protocolCtx = CA_SSL_EKCB_TLS;
769 if (CA_SSL_EKCB_TLS != protocol && CA_SSL_EKCB_DTLS != protocol)
771 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild protocol.");
772 return CA_STATUS_INVALID_PARAM;
774 if (CA_SSL_EKCB_CLIENT != role && CA_SSL_EKCB_SERVER != role)
776 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild role.");
777 return CA_STATUS_INVALID_PARAM;
780 OIC_LOG_V(DEBUG, NET_SSL_TAG, "TLS Export Key Callback Type : [%s] [%s]",
781 (CA_SSL_EKCB_TLS == protocol ? "TLS" : "DTLS"),
782 (CA_SSL_EKCB_CLIENT == role ? "Client" : "Server"));
784 oc_mutex_lock(g_sslContextMutex);
785 if (NULL == g_caSslContext)
787 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
788 oc_mutex_unlock(g_sslContextMutex);
789 return CA_STATUS_NOT_INITIALIZED;
792 if (CA_SSL_EKCB_TLS == protocol)
794 gTlsExportKeysCallback = exportKeysCb;
795 if (CA_SSL_EKCB_CLIENT == role)
797 sslConf = &g_caSslContext->clientTlsConf;
801 sslConf = &g_caSslContext->serverTlsConf;
806 gDtlsExportKeysCallback = exportKeysCb;
807 if (CA_SSL_EKCB_CLIENT == role)
809 sslConf = &g_caSslContext->clientDtlsConf;
813 sslConf = &g_caSslContext->serverDtlsConf;
816 protocolCtx = protocol;
818 if (NULL == exportKeysCb)
820 mbedtls_ssl_conf_export_keys_cb(sslConf, NULL, NULL);
821 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback unregistered.");
825 mbedtls_ssl_conf_export_keys_cb(sslConf, CASslExportKeysHandler, (void*)(&protocolCtx));
826 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback registered.");
828 oc_mutex_unlock(g_sslContextMutex);
830 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
836 * Parse chain of X.509 certificates.
838 * @param[out] crt container for X.509 certificates
839 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
840 or DER format in a jumble, delimiting symbols does not matter.
841 * @param[in] bufLen buffer length
842 * @param[in] errNum number certificates that failed to parse
844 * @return number of successfully parsed certificates or -1 on error
846 static int ParseChain(mbedtls_x509_crt * crt, unsigned char * buf, size_t bufLen, int * errNum)
848 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
849 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
850 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
852 char pemCertHeader[] = {
853 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
854 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
856 char pemCertFooter[] = {
857 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
858 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
860 size_t pemCertHeaderLen = sizeof(pemCertHeader);
861 size_t pemCertFooterLen = sizeof(pemCertFooter);
864 unsigned char * tmp = NULL;
872 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
874 tmp = (unsigned char *)buf + pos + 1;
875 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
876 if (pos + len < bufLen)
878 ret = mbedtls_x509_crt_parse_der(crt, buf + pos, len + 4);
886 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse_der returned -0x%04x\n", -(ret));
891 else if ((buf + pos + pemCertHeaderLen < buf + bufLen) &&
892 (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen)))
894 void * endPos = NULL;
895 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
898 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
899 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
902 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen;
903 if (pos + len + 1 <= bufLen)
905 char con = buf[pos + len];
906 buf[pos + len] = 0x00;
907 ret = mbedtls_x509_crt_parse(crt, buf + pos, len + 1);
915 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
917 buf[pos + len] = con;
921 unsigned char * lastCert = (unsigned char *)OICMalloc((len + 1) * sizeof(unsigned char));
922 memcpy(lastCert, buf + pos, len);
923 lastCert[len] = 0x00;
924 ret = mbedtls_x509_crt_parse(crt, lastCert, len + 1);
932 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
943 OIC_LOG_V(INFO, NET_SSL_TAG, "%s successfully parsed %d certificates", __func__, count);
944 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
951 static int VerifyCertificateCallback(void *p_vrfy, mbedtls_x509_crt *crt, int depth,
955 char buf[1024] = {0};
957 if (0 != *flags) // Invalid Cerificate
960 ret = mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
963 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s(%d)", buf, *flags);
968 if (NULL == g_peerCertCallback.cb)
970 OIC_LOG(DEBUG, NET_SSL_TAG, "NOT SET g_peerCertCallback");
976 * depth = 0 : Own Cert.
977 * depth = 1 : Sub CA Cert.
978 * depth = 2 : Root CA Cert.
980 OIC_LOG_V(INFO, NET_SSL_TAG, "Depth : %d", depth);
982 mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
983 OIC_LOG_V(DEBUG, NET_SSL_TAG, "crt : %s", buf);
985 return g_peerCertCallback.cb(g_peerCertCallback.ctx, crt, depth);
988 CAResult_t CAsetPeerCertCallback(void *ctx, PeerCertCallback peerCertCallback)
990 #ifndef __WITH_DTLS__
992 UNUSED(peerCertCallback);
993 OIC_LOG(ERROR, NET_SSL_TAG, "Not Supported");
994 return CA_NOT_SUPPORTED;
997 if (peerCertCallback)
999 OIC_LOG(DEBUG, NET_SSL_TAG, "SET peerCertCallback");
1000 g_peerCertCallback.cb = peerCertCallback;
1001 g_peerCertCallback.ctx = ctx;
1005 OIC_LOG(DEBUG, NET_SSL_TAG, "UNSET peerCertCallback");
1006 g_peerCertCallback.cb = NULL;
1007 g_peerCertCallback.ctx = NULL;
1009 return CA_STATUS_OK;
1012 //Loads PKIX related information from SRM
1013 static int InitPKIX(CATransportAdapter_t adapter)
1015 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1016 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
1017 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1019 mbedtls_x509_crt_free(&g_caSslContext->ca);
1020 mbedtls_x509_crt_free(&g_caSslContext->crt);
1021 mbedtls_pk_free(&g_caSslContext->pkey);
1022 mbedtls_x509_crl_free(&g_caSslContext->crl);
1024 mbedtls_x509_crt_init(&g_caSslContext->ca);
1025 mbedtls_x509_crt_init(&g_caSslContext->crt);
1026 mbedtls_pk_init(&g_caSslContext->pkey);
1027 mbedtls_x509_crl_init(&g_caSslContext->crl);
1029 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ||
1030 adapter == CA_ADAPTER_GATT_BTLE ?
1031 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1032 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ||
1033 adapter == CA_ADAPTER_GATT_BTLE ?
1034 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1036 #ifdef __WITH_DTLS__
1038 * Conf. is initialized in CAinitSslAdapter()
1040 mbedtls_ssl_conf_verify(&g_caSslContext->clientDtlsConf, VerifyCertificateCallback, NULL);
1043 // load pk key, cert, trust chain and crl
1044 if (g_getPkixInfoCallback)
1046 OIC_LOG(INFO, NET_SSL_TAG, "g_getPkixInfoCallback will be invoked");
1047 g_getPkixInfoCallback(&g_pkiInfo);
1050 // parse own certficate (optional)
1053 int count = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len, &errNum);
1056 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
1061 OIC_LOG_V(WARNING, NET_SSL_TAG, "Own certificate chain parsing error: %d certs failed to parse", errNum);
1065 // parse private key if hw is not supported (optional)
1066 if(NULL == g_setupPkContextCallback)
1068 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback is NULL");
1069 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
1074 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback will be invoked");
1075 // setup hw pk context (optional)
1076 ret = g_setupPkContextCallback(&g_caSslContext->pkey);
1079 // setup public parameter
1080 mbedtls_pk_type_t ktype = mbedtls_pk_get_type(&g_caSslContext->pkey);
1081 if (MBEDTLS_PK_ECKEY == ktype || MBEDTLS_PK_ECKEY_DH == ktype
1082 || MBEDTLS_PK_ECDSA == ktype)
1084 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Copy ecp public param from cert, keytype [%d]", ktype);
1085 mbedtls_ecp_keypair *eckey = (mbedtls_ecp_keypair*)g_caSslContext->crt.pk.pk_ctx;
1086 mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context*)g_caSslContext->pkey.pk_ctx;
1089 ret = mbedtls_ecdsa_from_keypair(ecdsa, eckey);
1092 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to copy public param [0x%x]", ret);
1097 OIC_LOG_V(WARNING, NET_SSL_TAG, "key-ctx(%p), cert-ctx(%p)", ecdsa, eckey);
1103 OIC_LOG_V(INFO, NET_SSL_TAG, "loaded key is not one of eckey type [%d]", ktype);
1108 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to call g_setupPkContextCallback [%d]", ret);
1113 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
1117 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1120 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
1123 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1126 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
1131 count = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len, &errNum);
1134 OIC_LOG(WARNING, NET_SSL_TAG, "CA chain in svr db was not parsed");
1135 OIC_LOG(WARNING, NET_SSL_TAG, " but if working as server, chain not required");
1136 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1141 OIC_LOG_V(WARNING, NET_SSL_TAG, "CA chain parsing warning: %d certs failed to parse", errNum);
1144 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
1147 OIC_LOG(WARNING, NET_SSL_TAG, "CRL in svr db was not parsed");
1148 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain, &g_caSslContext->ca, NULL);
1152 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain,
1153 &g_caSslContext->ca, &g_caSslContext->crl);
1156 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1163 * @param[in] notUsed opaque context
1164 * @param[in] ssl mbedTLS context
1165 * @param[in] desc identity
1166 * @param[in] descLen identity length
1168 * @return 0 on success any other return value will result in a denied PSK identity
1170 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
1171 const unsigned char * desc, size_t descLen)
1173 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1174 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
1175 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
1176 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
1177 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
1179 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
1183 uint8_t keyBuf[PSK_LENGTH] = {0};
1185 // Retrieve the credentials blob from security module
1186 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
1189 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
1190 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
1191 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
1192 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
1194 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1195 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
1197 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
1202 * Gets session corresponding for endpoint.
1204 * @param[in] peer remote address
1206 * @return TLS session or NULL
1208 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
1210 uint32_t listIndex = 0;
1211 uint32_t listLength = 0;
1212 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1213 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
1214 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1216 SslEndPoint_t *tep = NULL;
1217 listLength = u_arraylist_length(g_caSslContext->peerList);
1218 for (listIndex = 0; listIndex < listLength; listIndex++)
1220 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1226 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d] for %d adapter",
1227 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port,
1230 if((peer->adapter == tep->sep.endpoint.adapter)
1231 && (0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
1232 && (peer->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == peer->adapter))
1234 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Found Peer:[%s:%d] for %d adapter",
1235 peer->addr, peer->port, peer->adapter);
1236 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1240 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1241 peer->addr, peer->port, peer->adapter);
1242 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1246 bool CAIsExistSslPeer(const CAEndpoint_t *peer)
1248 oc_mutex_lock(g_sslContextMutex);
1249 if (NULL == g_caSslContext)
1251 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1252 oc_mutex_unlock(g_sslContextMutex);
1256 if (GetSslPeer(peer))
1258 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Exist Peer");
1259 oc_mutex_unlock(g_sslContextMutex);
1264 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Not Exist Peer");
1265 oc_mutex_unlock(g_sslContextMutex);
1271 * Gets session corresponding for endpoint.
1273 * @param[in] peer remote address
1275 * @return TLS session or NULL
1277 static SslEndPoint_t *GetSslPeerUsingUuid(const uint8_t *identity, size_t idLength)
1279 uint32_t listIndex = 0;
1280 uint32_t listLength = 0;
1281 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1282 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL", NULL);
1283 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1285 OIC_LOG(INFO, NET_SSL_TAG, "[Target UUID]");
1286 OIC_LOG_BUFFER(INFO, NET_SSL_TAG, identity, idLength);
1288 SslEndPoint_t *tep = NULL;
1289 listLength = u_arraylist_length(g_caSslContext->peerList);
1290 for (listIndex = 0; listIndex < listLength; listIndex++)
1292 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1298 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare UUID for [%s:%d]",
1299 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1301 if ((tep->sep.identity.id_length == idLength)
1302 && (0 == memcmp(identity, tep->sep.identity.id, idLength)))
1304 OIC_LOG_V(INFO, NET_SSL_TAG, "Found matched UUID in [%s:%d]",
1305 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1306 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1310 OIC_LOG(INFO, NET_SSL_TAG, "Peer not found");
1311 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1316 #ifdef MULTIPLE_OWNER
1318 * Gets CA secure endpoint info corresponding for endpoint.
1320 * @param[in] peer remote address
1322 * @return CASecureEndpoint or NULL
1324 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
1326 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1328 // TODO: Added as workaround, need to debug
1329 oc_mutex_unlock(g_sslContextMutex);
1331 oc_mutex_lock(g_sslContextMutex);
1332 if (NULL == g_caSslContext)
1334 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1335 oc_mutex_unlock(g_sslContextMutex);
1339 SslEndPoint_t* sslPeer = GetSslPeer(peer);
1342 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1343 oc_mutex_unlock(g_sslContextMutex);
1344 return &sslPeer->sep;
1347 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
1348 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1349 oc_mutex_unlock(g_sslContextMutex);
1355 * Deletes cached message.
1357 * @param[in] msg message
1359 static void DeleteCacheMessage(SslCacheMessage_t * msg)
1361 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1362 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
1367 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1370 * Deletes cached message list.
1372 * @param[in] cacheList list of cached messages
1374 static void DeleteCacheList(u_arraylist_t * cacheList)
1376 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1377 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
1378 uint32_t listIndex = 0;
1379 uint32_t listLength = 0;
1381 listLength = u_arraylist_length(cacheList);
1382 for (listIndex = 0; listIndex < listLength; listIndex++)
1384 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
1387 DeleteCacheMessage(msg);
1390 u_arraylist_free(&cacheList);
1392 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1395 * Deletes endpoint with session.
1397 * @param[in] tep endpoint with session info
1399 static void DeleteSslEndPoint(SslEndPoint_t * tep)
1401 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1402 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
1404 mbedtls_ssl_free(&tep->ssl);
1405 DeleteCacheList(tep->cacheList);
1407 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1410 * Removes endpoint session from list.
1412 * @param[in] endpoint remote address
1414 static void RemovePeerFromList(const CAEndpoint_t * endpoint)
1416 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1417 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1418 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
1419 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1420 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1422 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1427 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
1428 && (endpoint->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == endpoint->adapter))
1430 u_arraylist_remove(g_caSslContext->peerList, listIndex);
1431 OIC_LOG_V(INFO, NET_SSL_TAG, "Remove Peer:[%s:%d] for %d adapter",
1432 endpoint->addr, endpoint->port, endpoint->adapter);
1433 DeleteSslEndPoint(tep);
1434 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1438 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1439 endpoint->addr, endpoint->port, endpoint->adapter);
1440 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1443 * Deletes session list.
1445 static void DeletePeerList()
1447 OIC_LOG_V(DEBUG, NET_SSL_TAG, "%s", __func__);
1448 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1450 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1451 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1453 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1458 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1463 ret = mbedtls_ssl_close_notify(&tep->ssl);
1465 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1467 DeleteSslEndPoint(tep);
1469 u_arraylist_free(&g_caSslContext->peerList);
1472 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
1474 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1475 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1477 oc_mutex_lock(g_sslContextMutex);
1478 if (NULL == g_caSslContext)
1480 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1481 oc_mutex_unlock(g_sslContextMutex);
1482 return CA_STATUS_FAILED;
1484 SslEndPoint_t * tep = GetSslPeer(endpoint);
1487 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1488 oc_mutex_unlock(g_sslContextMutex);
1489 return CA_STATUS_FAILED;
1491 /* No error checking, the connection might be closed already */
1495 ret = mbedtls_ssl_close_notify(&tep->ssl);
1497 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1499 RemovePeerFromList(&tep->sep.endpoint);
1500 oc_mutex_unlock(g_sslContextMutex);
1502 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1503 return CA_STATUS_OK;
1506 CAResult_t CAcloseSslConnectionUsingUuid(const uint8_t *identity, size_t idLength)
1508 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1509 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL" , CA_STATUS_INVALID_PARAM);
1511 oc_mutex_lock(g_sslContextMutex);
1512 if (NULL == g_caSslContext)
1514 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1515 oc_mutex_unlock(g_sslContextMutex);
1516 return CA_STATUS_FAILED;
1519 SslEndPoint_t* tep = GetSslPeerUsingUuid(identity, idLength);
1522 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1523 oc_mutex_unlock(g_sslContextMutex);
1524 return CA_STATUS_FAILED;
1527 /* No error checking, the connection might be closed already */
1531 ret = mbedtls_ssl_close_notify(&tep->ssl);
1533 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1535 RemovePeerFromList(&tep->sep.endpoint);
1536 oc_mutex_unlock(g_sslContextMutex);
1538 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1539 return CA_STATUS_OK;
1542 void CAcloseSslConnectionAll(CATransportAdapter_t transportType)
1544 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1545 oc_mutex_lock(g_sslContextMutex);
1546 if (NULL == g_caSslContext)
1548 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1549 oc_mutex_unlock(g_sslContextMutex);
1553 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1554 OIC_LOG_V(INFO, NET_SSL_TAG,
1555 "Required transport [%d], peer count [%d]", transportType, listLength);
1556 for (uint32_t i = listLength; i > 0; i--)
1558 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList, i - 1);
1563 OIC_LOG_V(INFO, NET_SSL_TAG, "SSL Connection [%s:%d], Transport [%d]",
1564 tep->sep.endpoint.addr, tep->sep.endpoint.port, tep->sep.endpoint.adapter);
1566 // check transport matching
1567 if (0 == (tep->sep.endpoint.adapter & transportType))
1569 OIC_LOG(DEBUG, NET_SSL_TAG, "Skip the un-matched transport session");
1573 // TODO: need to check below code after socket close is ensured.
1577 ret = mbedtls_ssl_close_notify(&tep->ssl);
1579 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
1582 u_arraylist_remove(g_caSslContext->peerList, i - 1);
1583 DeleteSslEndPoint(tep);
1585 oc_mutex_unlock(g_sslContextMutex);
1587 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1591 * Creates session for endpoint.
1593 * @param[in] endpoint remote address
1594 * @param[in] config mbedTLS configuration info
1596 * @return TLS endpoint or NULL
1598 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1600 SslEndPoint_t * tep = NULL;
1601 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1602 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1603 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1604 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1606 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1609 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1613 tep->sep.endpoint = *endpoint;
1614 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1616 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1618 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1620 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1624 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1625 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1627 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1628 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1629 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1631 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1632 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1634 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1635 mbedtls_ssl_free(&tep->ssl);
1637 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1642 tep->cacheList = u_arraylist_create();
1643 if (NULL == tep->cacheList)
1645 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1646 mbedtls_ssl_free(&tep->ssl);
1648 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1651 OIC_LOG_V(INFO, NET_SSL_TAG, "New [%s role] endpoint added [%s:%d]",
1652 (MBEDTLS_SSL_IS_SERVER==config->endpoint ? "server" : "client"),
1653 endpoint->addr, endpoint->port);
1654 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1658 * Initializes PSK identity.
1660 * @param[out] config client/server config to be updated
1662 * @return 0 on success or -1 on error
1664 static int InitPskIdentity(mbedtls_ssl_config * config)
1666 uint8_t keyBuf[PSK_LENGTH] = {0};
1667 uint8_t idBuf[UUID_LENGTH] = {0};
1668 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1669 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1671 //Retrieve PSK identity from SVR DB
1672 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1674 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1675 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1678 //Store PSK ideneity in mbedtls_ssl_config
1679 if (0 != mbedtls_ssl_conf_psk(config, keyBuf, PSK_LENGTH, idBuf, UUID_LENGTH))
1681 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1682 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1685 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1688 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1691 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1692 VERIFY_NON_NULL_VOID(config, NET_SSL_TAG, "Invaild param");
1693 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1694 VERIFY_NON_NULL_VOID(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null");
1696 //Resetting cipherFlag
1697 g_caSslContext->cipherFlag[0] = false;
1698 g_caSslContext->cipherFlag[1] = false;
1700 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1701 // Retrieve the PSK credential from SRM
1702 if (0 != InitPskIdentity(config))
1704 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1707 // Retrieve the Cert credential from SRM
1708 if (true == g_caSslContext->cipherFlag[1])
1710 int ret = InitPKIX(adapter);
1713 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1717 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1719 if (SSL_CIPHER_MAX < g_caSslContext->cipher)
1721 OIC_LOG(ERROR, NET_SSL_TAG, "Maximum ciphersuite index exceeded");
1724 // Add the preferred ciphersuite first
1725 if (SSL_CIPHER_MAX != g_caSslContext->cipher)
1727 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1728 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Preferred ciphersuite added");
1732 // Add PSK ciphersuite
1733 if (true == g_caSslContext->cipherFlag[0] &&
1734 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[g_caSslContext->cipher][0])
1736 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1737 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK ciphersuite added");
1741 // Add all certificate ciphersuites
1742 if (true == g_caSslContext->cipherFlag[1])
1744 for (unsigned int i = 0; i < SSL_CIPHER_MAX - 1; i++)
1746 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[i][0] &&
1747 i != g_caSslContext->cipher)
1749 g_cipherSuitesList[index] = tlsCipher[i][0];
1754 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1756 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_OPTIONAL);
1760 OIC_LOG(INFO, NET_SSL_TAG, "Supported ciphersuites:");
1761 for (int i = 0; i < index; i++)
1763 OIC_LOG_V(INFO, NET_SSL_TAG, "Ciphersuite %04x", g_cipherSuitesList[i]);
1766 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1768 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1771 * Initiate TLS handshake with endpoint.
1773 * @param[in] endpoint remote address
1775 * @return TLS endpoint or NULL
1777 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1780 SslEndPoint_t * tep = NULL;
1782 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1783 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1784 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1786 //Remove previous peer info from peer list.
1787 RemovePeerFromList(endpoint);
1789 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ||
1790 endpoint->adapter == CA_ADAPTER_GATT_BTLE ?
1791 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1792 tep = NewSslEndPoint(endpoint, config);
1795 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1799 //Load allowed SVR suites from SVR DB
1800 SetupCipher(config, endpoint->adapter);
1802 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1805 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1806 DeleteSslEndPoint(tep);
1810 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1812 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1813 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1819 OIC_LOG(ERROR, NET_SSL_TAG, "Handshake failed due to socket error");
1820 RemovePeerFromList(&tep->sep.endpoint);
1823 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1825 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1828 #ifdef __WITH_DTLS__
1830 * Stops DTLS retransmission.
1832 static void StopRetransmit()
1836 unregisterTimer(g_caSslContext->timerId);
1837 g_caSslContext->timerId= -1;
1841 void CAdeinitSslAdapter()
1843 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1845 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1846 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1848 //Lock tlsContext mutex
1849 oc_mutex_lock(g_sslContextMutex);
1854 // De-initialize mbedTLS
1855 mbedtls_x509_crt_free(&g_caSslContext->ca);
1856 mbedtls_x509_crt_free(&g_caSslContext->crt);
1857 mbedtls_pk_free(&g_caSslContext->pkey);
1858 mbedtls_x509_crl_free(&g_caSslContext->crl);
1860 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1861 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1862 #endif // __WITH_TLS__
1863 #ifdef __WITH_DTLS__
1864 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1865 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1866 mbedtls_ssl_cookie_free(&g_caSslContext->cookieCtx);
1867 #endif // __WITH_DTLS__
1868 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1869 mbedtls_entropy_free(&g_caSslContext->entropy);
1870 #ifdef __WITH_DTLS__
1873 // De-initialize tls Context
1874 OICFree(g_caSslContext);
1875 g_caSslContext = NULL;
1877 // Delete decrypt buffer
1878 if (g_decryptBuffer)
1880 OICFree(g_decryptBuffer);
1881 g_decryptBuffer = NULL;
1884 // Unlock tlsContext mutex and de-initialize it
1885 oc_mutex_unlock(g_sslContextMutex);
1886 oc_mutex_free(g_sslContextMutex);
1887 g_sslContextMutex = NULL;
1889 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1892 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1894 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1895 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1896 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1897 mbedtls_ssl_config_init(conf);
1898 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1900 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1904 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1905 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1906 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1907 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1908 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1909 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1910 mbedtls_ssl_conf_sig_hashes(conf, g_ssl_ordered_default_hashes);
1912 #ifdef __WITH_DTLS__
1913 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == transport &&
1914 MBEDTLS_SSL_IS_SERVER == mode)
1916 mbedtls_ssl_conf_dtls_cookies(conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1917 &g_caSslContext->cookieCtx);
1919 #endif // __WITH_DTLS__
1921 #if !defined(NDEBUG) || defined(TB_LOG)
1922 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1923 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1925 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1928 #ifdef __WITH_DTLS__
1930 * Starts DTLS retransmission.
1932 static int StartRetransmit()
1934 uint32_t listIndex = 0;
1935 uint32_t listLength = 0;
1936 SslEndPoint_t *tep = NULL;
1938 oc_mutex_lock(g_sslContextMutex);
1939 if (NULL == g_caSslContext)
1941 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1942 oc_mutex_unlock(g_sslContextMutex);
1945 if (g_caSslContext->timerId != -1)
1947 //clear previous timer
1948 unregisterTimer(g_caSslContext->timerId);
1950 listLength = u_arraylist_length(g_caSslContext->peerList);
1952 for (listIndex = 0; listIndex < listLength; listIndex++)
1954 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1956 || (tep->ssl.conf && MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport)
1957 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1961 OIC_LOG_V(INFO, NET_SSL_TAG, "peer #%d", (int) listIndex);
1963 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1965 if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
1968 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1970 SSL_CHECK_FAIL(tep, ret, "Retransmission", 1, CA_STATUS_FAILED,
1971 MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1976 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1977 oc_mutex_unlock(g_sslContextMutex);
1983 CAResult_t CAinitSslAdapter()
1985 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1986 // Initialize mutex for tlsContext
1987 if (NULL == g_sslContextMutex)
1989 g_sslContextMutex = oc_mutex_new();
1990 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1994 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1995 return CA_STATUS_OK;
1998 // Lock tlsContext mutex and create tlsContext
1999 oc_mutex_lock(g_sslContextMutex);
2000 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
2002 if (NULL == g_caSslContext)
2004 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
2005 oc_mutex_unlock(g_sslContextMutex);
2006 oc_mutex_free(g_sslContextMutex);
2007 g_sslContextMutex = NULL;
2008 return CA_MEMORY_ALLOC_FAILED;
2012 g_caSslContext->peerList = u_arraylist_create();
2014 if(NULL == g_caSslContext->peerList)
2016 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
2017 OICFree(g_caSslContext);
2018 g_caSslContext = NULL;
2019 oc_mutex_unlock(g_sslContextMutex);
2020 oc_mutex_free(g_sslContextMutex);
2021 g_sslContextMutex = NULL;
2022 return CA_STATUS_FAILED;
2025 /* Initialize TLS library
2027 #if !defined(NDEBUG) || defined(TB_LOG)
2028 char version[MBED_TLS_VERSION_LEN];
2029 mbedtls_version_get_string(version);
2030 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
2035 mbedtls_entropy_init(&g_caSslContext->entropy);
2036 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
2039 unsigned char seed[sizeof(SEED)] = {0};
2041 urandomFd = open("/dev/urandom", O_RDONLY);
2044 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
2045 oc_mutex_unlock(g_sslContextMutex);
2046 CAdeinitSslAdapter();
2047 return CA_STATUS_FAILED;
2049 if(0 > read(urandomFd, seed, sizeof(seed)))
2051 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
2053 oc_mutex_unlock(g_sslContextMutex);
2054 CAdeinitSslAdapter();
2055 return CA_STATUS_FAILED;
2060 unsigned char * seed = (unsigned char*) SEED;
2062 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
2063 &g_caSslContext->entropy, seed, sizeof(SEED)))
2065 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
2066 oc_mutex_unlock(g_sslContextMutex);
2067 CAdeinitSslAdapter();
2068 return CA_STATUS_FAILED;
2070 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
2073 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
2074 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
2076 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2077 oc_mutex_unlock(g_sslContextMutex);
2078 CAdeinitSslAdapter();
2079 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2080 return CA_STATUS_FAILED;
2083 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
2084 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
2086 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2087 oc_mutex_unlock(g_sslContextMutex);
2088 CAdeinitSslAdapter();
2089 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2090 return CA_STATUS_FAILED;
2092 #endif // __WITH_TLS__
2093 #ifdef __WITH_DTLS__
2094 mbedtls_ssl_cookie_init(&g_caSslContext->cookieCtx);
2095 if (0 != mbedtls_ssl_cookie_setup(&g_caSslContext->cookieCtx, mbedtls_ctr_drbg_random,
2096 &g_caSslContext->rnd))
2098 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
2099 oc_mutex_unlock(g_sslContextMutex);
2100 CAdeinitSslAdapter();
2101 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2102 return CA_STATUS_FAILED;
2105 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
2106 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
2108 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2109 oc_mutex_unlock(g_sslContextMutex);
2110 CAdeinitSslAdapter();
2111 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2112 return CA_STATUS_FAILED;
2115 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
2116 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
2118 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2119 oc_mutex_unlock(g_sslContextMutex);
2120 CAdeinitSslAdapter();
2121 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2122 return CA_STATUS_FAILED;
2124 #endif // __WITH_DTLS__
2126 // set default cipher
2127 g_caSslContext->cipher = SSL_CIPHER_MAX;
2130 mbedtls_x509_crt_init(&g_caSslContext->ca);
2131 mbedtls_x509_crt_init(&g_caSslContext->crt);
2132 mbedtls_pk_init(&g_caSslContext->pkey);
2133 mbedtls_x509_crl_init(&g_caSslContext->crl);
2135 #ifdef __WITH_DTLS__
2136 g_caSslContext->timerId = -1;
2139 // create decrypt buffer
2140 g_decryptBuffer = (uint8_t *)OICCalloc(1, TLS_MSG_BUF_LEN);
2141 if (NULL == g_decryptBuffer)
2143 OIC_LOG(ERROR, NET_SSL_TAG, "Decrypt buffer malloc failed");
2144 oc_mutex_unlock(g_sslContextMutex);
2145 CAdeinitSslAdapter();
2146 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2147 return CA_MEMORY_ALLOC_FAILED;
2150 oc_mutex_unlock(g_sslContextMutex);
2151 #ifdef __WITH_DTLS__
2155 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2156 return CA_STATUS_OK;
2159 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
2161 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2162 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
2165 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
2166 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2169 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
2170 if (NULL == message)
2172 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2173 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2177 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
2178 if (NULL == message->data)
2180 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2182 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2185 memcpy(message->data, data, dataLen);
2186 message->len = dataLen;
2187 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2191 /* Send data via TLS connection.
2193 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
2194 void *data, uint32_t dataLen)
2198 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s ", __func__);
2200 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
2201 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
2202 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
2206 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
2207 return CA_STATUS_FAILED;
2210 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
2212 oc_mutex_lock(g_sslContextMutex);
2213 if(NULL == g_caSslContext)
2215 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2216 oc_mutex_unlock(g_sslContextMutex);
2217 return CA_STATUS_FAILED;
2220 SslEndPoint_t * tep = GetSslPeer(endpoint);
2223 tep = InitiateTlsHandshake(endpoint);
2227 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2228 oc_mutex_unlock(g_sslContextMutex);
2229 return CA_STATUS_FAILED;
2232 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
2234 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)");
2236 unsigned char *dataBuf = (unsigned char *)data;
2241 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, dataLen - written);
2244 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2246 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned 0x%x", -ret);
2247 RemovePeerFromList(&tep->sep.endpoint);
2248 oc_mutex_unlock(g_sslContextMutex);
2249 return CA_STATUS_FAILED;
2253 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2257 } while (dataLen > written);
2262 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
2263 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
2265 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2266 oc_mutex_unlock(g_sslContextMutex);
2267 return CA_STATUS_FAILED;
2271 oc_mutex_unlock(g_sslContextMutex);
2273 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2274 return CA_STATUS_OK;
2277 * Sends cached messages via TLS connection.
2279 * @param[in] tep remote address with session info
2281 static void SendCacheMessages(SslEndPoint_t * tep)
2283 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2284 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
2286 uint32_t listIndex = 0;
2287 uint32_t listLength = 0;
2288 listLength = u_arraylist_length(tep->cacheList);
2289 for (listIndex = 0; listIndex < listLength;)
2292 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
2293 if (NULL != msg && NULL != msg->data && 0 != msg->len)
2295 unsigned char *dataBuf = (unsigned char *)msg->data;
2300 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, msg->len - written);
2303 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2305 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned -0x%x", -ret);
2310 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2314 } while (msg->len > written);
2316 if (u_arraylist_remove(tep->cacheList, listIndex))
2318 DeleteCacheMessage(msg);
2319 // Reduce list length by 1 as we removed one element.
2324 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
2330 // Move to the next element
2334 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2337 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
2339 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2340 g_sslCallback = tlsHandshakeCallback;
2341 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2344 /* Read data from TLS connection
2346 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
2349 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
2350 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2351 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
2353 oc_mutex_lock(g_sslContextMutex);
2354 if (NULL == g_caSslContext)
2356 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2357 oc_mutex_unlock(g_sslContextMutex);
2358 return CA_STATUS_FAILED;
2361 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
2364 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2365 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2366 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2367 peer = NewSslEndPoint(&sep->endpoint, config);
2370 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
2371 oc_mutex_unlock(g_sslContextMutex);
2372 return CA_STATUS_FAILED;
2374 //Load allowed TLS suites from SVR DB
2375 SetupCipher(config, sep->endpoint.adapter);
2377 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
2380 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2382 oc_mutex_unlock(g_sslContextMutex);
2383 return CA_STATUS_FAILED;
2387 peer->recBuf.buff = data;
2388 peer->recBuf.len = dataLen;
2389 peer->recBuf.loaded = 0;
2391 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
2393 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2394 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
2399 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
2401 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
2402 mbedtls_ssl_session_reset(&peer->ssl);
2403 mbedtls_ssl_set_client_transport_id(&peer->ssl,
2404 (const unsigned char *) sep->endpoint.addr,
2405 sizeof(sep->endpoint.addr));
2406 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2408 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
2409 if (MBEDTLS_SSL_IS_SERVER == peer->ssl.conf->endpoint &&
2410 MBEDTLS_X509_BADCERT_MISSING == flags)
2412 if (OC_STACK_METHOD_NOT_ALLOWED == g_noCertConfirmState)
2414 g_noCertConfirmState = g_noCertConfirmCallback(NULL);
2415 if (OC_STACK_OK == g_noCertConfirmState)
2417 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Absent peer's cert: user confirmation received");
2419 else if (OC_STACK_USER_DENIED_REQ == g_noCertConfirmState)
2421 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Absent peer's cert: user denial received");
2422 SSL_CHECK_FAIL(peer, MBEDTLS_SSL_ALERT_LEVEL_FATAL, "Handshake error", 1,
2423 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
2428 ((MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint) ||
2429 (MBEDTLS_SSL_IS_SERVER == peer->ssl.conf->endpoint && MBEDTLS_X509_BADCERT_MISSING != flags)))
2431 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
2432 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
2433 CA_STATUS_FAILED, GetAlertCode(flags));
2436 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
2437 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
2439 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
2440 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
2442 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
2444 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
2447 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2449 SSL_RES(peer, CA_STATUS_OK);
2450 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2452 SendCacheMessages(peer);
2455 int selectedCipher = peer->ssl.session->ciphersuite;
2456 OIC_LOG_V(DEBUG, NET_SSL_TAG, "(D)TLS Session is connected via ciphersuite [0x%x]", selectedCipher);
2457 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != selectedCipher &&
2458 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 != selectedCipher)
2460 char uuid[UUID_LENGTH * 2 + 5] = {0};
2461 void * uuidPos = NULL;
2462 void * userIdPos = NULL;
2463 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
2464 ret = (NULL == peerCert ? -1 : 0);
2465 //SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
2466 // CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
2469 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2470 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
2472 if (NULL != uuidPos)
2474 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2475 OIC_LOG_V(DEBUG, NET_SSL_TAG, "certificate uuid string: %s" , uuid);
2476 ret = OCConvertStringToUuid(uuid, peer->sep.identity.id);
2477 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
2478 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2482 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
2485 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2486 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
2487 if (NULL != userIdPos)
2489 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2490 ret = OCConvertStringToUuid(uuid, peer->sep.userId.id);
2491 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
2492 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2496 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
2501 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2503 SendCacheMessages(peer);
2505 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2506 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2507 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2509 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_REQUIRED);
2511 oc_mutex_unlock(g_sslContextMutex);
2512 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2513 return CA_STATUS_OK;
2517 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2519 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)");
2521 // flag to read again remained data
2522 bool read_more = false;
2525 if (NULL == g_decryptBuffer)
2527 OIC_LOG(ERROR, NET_SSL_TAG, "decrypt buffer is NULL");
2528 oc_mutex_unlock(g_sslContextMutex);
2529 return CA_STATUS_FAILED;
2531 memset(g_decryptBuffer, 0, TLS_MSG_BUF_LEN);
2536 ret = mbedtls_ssl_read(&peer->ssl, g_decryptBuffer, TLS_MSG_BUF_LEN);
2537 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
2539 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
2540 // TinyDTLS sends fatal close_notify alert
2541 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
2542 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
2543 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
2545 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
2546 RemovePeerFromList(&peer->sep.endpoint);
2547 oc_mutex_unlock(g_sslContextMutex);
2548 return CA_STATUS_OK;
2553 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
2554 //SSL_RES(peer, CA_STATUS_FAILED);
2555 RemovePeerFromList(&peer->sep.endpoint);
2556 oc_mutex_unlock(g_sslContextMutex);
2557 return CA_STATUS_FAILED;
2561 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
2562 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
2565 res = g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep,
2566 g_decryptBuffer, ret);
2567 if (CA_STATUS_OK != res)
2569 OIC_LOG(ERROR, NET_SSL_TAG, "recvCallback is failed");
2570 RemovePeerFromList(&peer->sep.endpoint);
2571 oc_mutex_unlock(g_sslContextMutex);
2572 return CA_STATUS_FAILED;
2575 // check if decrypted data is remained in stream transport
2576 size_t remained = mbedtls_ssl_get_bytes_avail(&peer->ssl);
2578 MBEDTLS_SSL_TRANSPORT_STREAM == peer->ssl.conf->transport)
2580 OIC_LOG_V(DEBUG, NET_SSL_TAG, "need to read %zu bytes more", remained);
2586 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
2587 RemovePeerFromList(&peer->sep.endpoint);
2588 oc_mutex_unlock(g_sslContextMutex);
2589 return CA_STATUS_FAILED;
2592 } while (read_more);
2595 oc_mutex_unlock(g_sslContextMutex);
2596 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2597 return CA_STATUS_OK;
2600 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
2601 CAPacketSendCallback sendCallback,
2602 CATransportAdapter_t type)
2604 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2605 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
2606 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
2607 oc_mutex_lock(g_sslContextMutex);
2608 if (NULL == g_caSslContext)
2610 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2611 oc_mutex_unlock(g_sslContextMutex);
2618 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
2619 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
2621 case CA_ADAPTER_TCP:
2622 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
2623 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
2625 case CA_ADAPTER_GATT_BTLE:
2626 g_caSslContext->adapterCallbacks[2].recvCallback = recvCallback;
2627 g_caSslContext->adapterCallbacks[2].sendCallback = sendCallback;
2630 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
2633 oc_mutex_unlock(g_sslContextMutex);
2634 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2637 * Gets index of the TLS ciphersuite in the SslCipher_t enum.
2639 * @param[in] cipher TLS chiphersuite code
2641 * @return corresponding enum
2644 static SslCipher_t GetCipherIndex(const uint32_t cipher)
2648 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256:
2650 return SSL_RSA_WITH_AES_256_CBC_SHA256;
2652 case MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256:
2654 return SSL_RSA_WITH_AES_128_GCM_SHA256;
2656 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
2658 return SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
2660 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
2662 return SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
2664 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
2666 return SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
2668 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
2670 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8;
2672 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
2674 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM;
2676 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
2678 return SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
2680 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
2682 return SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
2684 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
2686 return SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
2688 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
2690 return SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
2692 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
2694 return SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
2696 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
2698 return SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256;
2702 return SSL_CIPHER_MAX;
2707 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
2709 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2710 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL context is not initialized." , CA_STATUS_NOT_INITIALIZED);
2712 SslCipher_t index = GetCipherIndex(cipher);
2713 if (SSL_CIPHER_MAX == index)
2715 OIC_LOG(WARNING, NET_SSL_TAG, "Unknown cipher");
2720 CONF_SSL(&g_caSslContext->clientTlsConf, &g_caSslContext->serverTlsConf,
2721 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2723 #ifdef __WITH_DTLS__
2724 CONF_SSL(&g_caSslContext->clientDtlsConf, &g_caSslContext->serverDtlsConf,
2725 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2727 OIC_LOG_V(INFO, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
2729 g_caSslContext->cipher = index;
2731 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2732 return CA_STATUS_OK;
2735 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
2737 CAResult_t res = CA_STATUS_OK;
2738 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2739 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2740 oc_mutex_lock(g_sslContextMutex);
2741 if (NULL == InitiateTlsHandshake(endpoint))
2743 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2744 res = CA_STATUS_FAILED;
2746 oc_mutex_unlock(g_sslContextMutex);
2747 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2751 * Expands the secret into blocks of data according
2752 * to the algorithm specified in section 5 of RFC 4346
2754 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2756 * @param key secret key.
2757 * @param keyLen secret key length.
2758 * @param label A PRF label.
2759 * @param labelLen Actual length of @p label.
2760 * @param random1 Random seed.
2761 * @param random1Len Actual length of @p random1 (may be zero).
2762 * @param random2 Random seed.
2763 * @param random2Len Actual length of @p random2 (may be zero).
2764 * @param buf Output buffer for generated random data.
2765 * @param bufLen Maximum size of @p buf.
2767 * @return The actual number of bytes written to @p buf or @c -1 on error.
2770 static int pHash (const unsigned char *key, size_t keyLen,
2771 const unsigned char *label, size_t labelLen,
2772 const unsigned char *random1, size_t random1Len,
2773 const unsigned char *random2, size_t random2Len,
2774 unsigned char *buf, size_t bufLen)
2776 unsigned char A[RANDOM_LEN] = {0};
2777 unsigned char tmp[RANDOM_LEN] = {0};
2778 size_t dLen; /* digest length */
2779 size_t len = 0; /* result length */
2781 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2782 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2783 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2784 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2785 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2787 mbedtls_md_context_t hmacA;
2788 mbedtls_md_context_t hmacP;
2790 mbedtls_md_init(&hmacA);
2791 mbedtls_md_init(&hmacP);
2793 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2794 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2796 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2797 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2798 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2799 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2800 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2804 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2806 while (len + dLen < bufLen)
2808 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2809 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2810 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2811 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2812 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2813 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2815 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2819 memcpy(buf, tmp, dLen);
2822 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2823 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2824 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2825 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2828 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2829 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2830 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2832 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2833 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2834 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2835 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2837 memcpy(buf, tmp, bufLen - len);
2839 mbedtls_md_free(&hmacA);
2840 mbedtls_md_free(&hmacP);
2844 mbedtls_md_free(&hmacA);
2845 mbedtls_md_free(&hmacP);
2849 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2850 const uint8_t* label, const size_t labelLen,
2851 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2852 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2853 uint8_t* ownerPsk, const size_t ownerPskSize)
2855 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2856 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2857 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2858 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2859 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2860 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2862 oc_mutex_lock(g_sslContextMutex);
2863 if (NULL == g_caSslContext)
2865 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2866 oc_mutex_unlock(g_sslContextMutex);
2867 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2868 return CA_STATUS_FAILED;
2870 SslEndPoint_t * tep = GetSslPeer(endpoint);
2873 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2874 oc_mutex_unlock(g_sslContextMutex);
2875 return CA_STATUS_FAILED;
2878 // keyBlockLen set up according to OIC 1.1 Security Specification Section 7.3.2
2882 int keyBlockLen = 0;
2883 if (MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2884 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2885 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2886 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher)
2888 // 2 * ( 32 + 0 + 16 ) = 96
2889 macKeyLen = SHA256_MAC_KEY_LENGTH;
2890 ivSize = CBC_IV_LENGTH;
2891 keySize = AES128_KEY_LENGTH;
2893 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM == g_caSslContext->selectedCipher ||
2894 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher)
2896 // 2 * ( 0 + 4 + 16 ) = 40
2897 macKeyLen = CCM_MAC_KEY_LENGTH;
2898 ivSize = CCM_IV_LENGTH;
2899 keySize = AES128_KEY_LENGTH;
2901 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2903 // 2 * ( 32 + 12 + 16 ) = 120
2904 macKeyLen = SHA256_MAC_KEY_LENGTH;
2905 ivSize = GCM_IV_LENGTH;
2906 keySize = AES128_KEY_LENGTH;
2908 else if (MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 == g_caSslContext->selectedCipher)
2910 // 2 * ( 32 + 0 + 32 ) = 128
2911 macKeyLen = SHA256_MAC_KEY_LENGTH;
2912 ivSize = CBC_IV_LENGTH;
2913 keySize = AES256_KEY_LENGTH;
2915 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 == g_caSslContext->selectedCipher)
2917 // 2 * ( 48 + 0 + 32 ) = 160
2918 macKeyLen = SHA384_MAC_KEY_LENGTH;
2919 ivSize = CBC_IV_LENGTH;
2920 keySize = AES256_KEY_LENGTH;
2922 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 == g_caSslContext->selectedCipher)
2924 // 2 * ( 48 + 12 + 32 ) = 184
2925 macKeyLen = SHA384_MAC_KEY_LENGTH;
2926 ivSize = GCM_IV_LENGTH;
2927 keySize = AES256_KEY_LENGTH;
2929 else if (MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2931 // 2 * ( 48 + 12 + 32 ) = 184
2932 macKeyLen = SHA256_MAC_KEY_LENGTH;
2933 ivSize = GCM_IV_LENGTH;
2934 keySize = AES128_KEY_LENGTH;
2936 keyBlockLen = 2 * (macKeyLen + keySize + ivSize);
2938 uint8_t * keyblock = (uint8_t *)OICMalloc(keyBlockLen);
2939 if (NULL == keyblock)
2941 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to OICMalloc for keyblock");
2942 oc_mutex_unlock(g_sslContextMutex);
2943 return CA_STATUS_FAILED;
2947 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2948 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2949 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2950 keyblock, keyBlockLen);
2953 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2955 oc_mutex_unlock(g_sslContextMutex);
2956 return CA_STATUS_FAILED;
2959 ret = pHash(keyblock, keyBlockLen, label, labelLen,
2960 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2961 provServerDeviceId, provServerDeviceIdLen,
2962 ownerPsk, ownerPskSize);
2965 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2967 oc_mutex_unlock(g_sslContextMutex);
2968 return CA_STATUS_FAILED;
2972 oc_mutex_unlock(g_sslContextMutex);
2974 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2975 return CA_STATUS_OK;