1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
29 #include "byte_array.h"
32 // headers required for mbed TLS
33 #include "mbedtls/platform.h"
34 #include "mbedtls/ssl.h"
35 #include "mbedtls/entropy.h"
36 #include "mbedtls/ctr_drbg.h"
37 #include "mbedtls/pkcs12.h"
38 #include "mbedtls/ssl_internal.h"
40 #include "mbedtls/timing.h"
41 #include "mbedtls/ssl_cookie.h"
45 #include "mbedtls/debug.h"
46 #include "mbedtls/version.h"
50 #include <sys/types.h>
58 * @def MBED_TLS_VERSION_LEN
59 * @brief mbedTLS version string length
61 #define MBED_TLS_VERSION_LEN (16)
64 * @brief Seed for initialization RNG
66 #define SEED "IOTIVITY_RND"
69 * @brief uuid prefix in certificate subject field
71 #define UUID_PREFIX "uuid:"
74 * @brief userid prefix in certificate alternative subject name field
76 #define USERID_PREFIX "userid:"
80 * @brief Logging tag for module name
82 #define NET_SSL_TAG "OIC_CA_NET_SSL"
85 * @brief Logging tag for mbedTLS library
87 #define MBED_TLS_TAG "MBED_TLS"
89 * @def MMBED_TLS_DEBUG_LEVEL
90 * @brief Logging level for mbedTLS library
92 #define MBED_TLS_DEBUG_LEVEL (4)
95 * @def TLS_MSG_BUF_LEN
96 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
99 #define TLS_MSG_BUF_LEN (16384)
102 * @brief PSK keys max length
104 #define PSK_LENGTH (256/8)
106 * @def UUID_LENGTHPSK_LENGTH
107 * @brief Identity max length
109 #define UUID_LENGTH (128/8)
111 * @def MASTER_SECRET_LEN
112 * @brief TLS master secret length
114 #define MASTER_SECRET_LEN (48)
117 * @brief TLS client and server random bytes length
119 #define RANDOM_LEN (32)
122 * @brief PSK generated keyblock length
124 #define KEY_BLOCK_LEN (96)
126 /**@def SSL_CLOSE_NOTIFY(peer, ret)
128 * Notifies of existing \a peer about closing TLS connection.
130 * @param[in] peer remote peer
131 * @param[in] ret used internaly
133 #define SSL_CLOSE_NOTIFY(peer, ret) \
136 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
137 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
139 /**@def SSL_RES(peer, status)
141 * Sets SSL result for callback.
143 * @param[in] peer remote peer
145 #define SSL_RES(peer, status) \
148 CAErrorInfo_t errorInfo; \
149 errorInfo.result = (status); \
150 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
152 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
154 * Checks handshake result and send alert if needed.
156 * @param[in] peer remote peer
157 * @param[in] ret error code
158 * @param[in] str debug string
159 * @param[in] mutex ca mutex
160 * @param[in] return error code
161 * @param[in] msg allert message
163 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
164 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
165 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
166 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
167 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
169 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
170 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
171 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
173 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
175 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
176 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
177 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
178 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
179 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
181 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
183 RemovePeerFromList(&(peer)->sep.endpoint); \
186 ca_mutex_unlock(g_sslContextMutex); \
188 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
191 /** @def CHECK_MBEDTLS_RET(f, ...)
192 * A macro that checks \a f function return code
194 * If function returns error code it goes to error processing.
196 * @param[in] f Function to call
198 #define CHECK_MBEDTLS_RET(f, ...) do { \
199 int ret = (f)(__VA_ARGS__); \
201 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
207 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
208 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
209 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
210 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
216 ADAPTER_CURVE_SECP256R1,
220 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
222 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
223 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
224 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
225 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
228 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
230 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
232 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
235 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
242 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
243 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
244 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
245 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
246 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
247 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
248 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
249 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
250 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
251 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
252 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
253 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
254 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
255 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
256 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
257 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
258 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
259 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
260 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
261 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
262 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
266 static int GetAlertCode(uint32_t flags)
268 const CrtVerifyAlert_t *cur;
270 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
272 if (flags & cur->code)
282 * Pass a message to the OIC logger.
284 * @param[in] ctx opaque context for the callback
285 * @param[in] level debug level
286 * @param[in] file file name
287 * @param[in] line line number
288 * @param[in] str message
290 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
297 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
303 * Finds the first occurrence of the byte string s in byte string l.
306 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
310 const char *cl = (const char *)l;
311 const char *cs = (const char *)s;
313 if (lLen == 0 || sLen == 0)
323 return (void *)memchr(l, (int)*cs, lLen);
326 last = (char *)cl + lLen - sLen;
328 for (cur = (char *)cl; cur <= last; cur++)
330 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
339 * structure to holds the information of cache message and address info.
341 typedef ByteArray_t SslCacheMessage_t;
345 * Data structure for holding the send and recv callbacks.
347 typedef struct TlsCallBacks
349 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
350 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
354 * Data structure for holding the mbedTLS interface related info.
356 typedef struct SslContext
358 u_arraylist_t *peerList; /**< peer list which holds the mapping between
359 peer id, it's n/w address and mbedTLS context. */
360 mbedtls_entropy_context entropy;
361 mbedtls_ctr_drbg_context rnd;
363 mbedtls_x509_crt crt;
364 mbedtls_pk_context pkey;
366 mbedtls_ssl_config clientTlsConf;
367 mbedtls_ssl_config serverTlsConf;
368 mbedtls_ssl_config clientDtlsConf;
369 mbedtls_ssl_config serverDtlsConf;
371 mbedtls_ssl_cookie_ctx cookie_ctx;
372 mbedtls_timing_delay_context timer;
373 #endif // __WITH_DTLS__
374 AdapterCipher_t cipher;
375 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
376 mbedtls_x509_crl crl;
383 * @var g_caSslContext
384 * @brief global context which holds tls context and cache list information.
386 static SslContext_t * g_caSslContext = NULL;
389 * @var g_getCredentialsCallback
390 * @brief callback to get TLS credentials (same as for DTLS)
392 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
394 * @var g_getCerdentilTypesCallback
395 * @brief callback to get different credential types from SRM
397 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
399 * @var g_getPkixInfoCallback
401 * @brief callback to get X.509-based Public Key Infrastructure
403 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
406 * @var g_dtlsContextMutex
407 * @brief Mutex to synchronize access to g_caSslContext.
409 static ca_mutex g_sslContextMutex = NULL;
413 * @brief callback to deliver the TLS handshake result
415 static CAErrorCallback g_sslCallback = NULL;
418 * Data structure for holding the data to be received.
420 typedef struct SslRecBuf
427 * Data structure for holding the data related to endpoint
430 typedef struct SslEndPoint
432 mbedtls_ssl_context ssl;
433 CASecureEndpoint_t sep;
434 u_arraylist_t * cacheList;
436 uint8_t master[MASTER_SECRET_LEN];
437 uint8_t random[2*RANDOM_LEN];
439 mbedtls_ssl_cookie_ctx cookieCtx;
444 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
446 // TODO Does this method needs protection of tlsContextMutex?
447 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
448 g_getCredentialsCallback = credCallback;
449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
452 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
454 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
455 g_getPkixInfoCallback = infoCallback;
456 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
458 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
460 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
461 g_getCredentialTypesCallback = credTypesCallback;
462 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
465 static int GetAdapterIndex(CATransportAdapter_t adapter)
474 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
481 * @param[in] tep TLS endpoint
482 * @param[in] data message
483 * @param[in] dataLen message length
485 * @return message length
487 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
489 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
490 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", 0);
491 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
492 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
493 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
494 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
495 if (0 == adapterIndex || 1 == adapterIndex)
497 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
498 sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, (uint32_t) dataLen);
502 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
506 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
512 * @param[in] tep TLS endpoint
513 * @param[in] data message
514 * @param[in] dataLen message length
516 * @return read length
518 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
520 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
521 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
522 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
524 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
525 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
526 retLen = (retLen < dataLen ? retLen : dataLen);
528 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
529 recBuf->loaded += retLen;
531 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
536 * Parse chain of X.509 certificates.
538 * @param[out] crt container for X.509 certificates
539 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
540 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
541 * @param[in] bufLen buffer length
543 * @return 0 on success, -1 on error
545 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
547 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
548 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
549 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
554 unsigned char * tmp = NULL;
556 char pemCertHeader[] = {
557 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
558 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
560 char pemCertFooter[] = {
561 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
562 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
564 size_t pemCertHeaderLen = sizeof(pemCertHeader);
565 size_t pemCertFooterLen = sizeof(pemCertFooter);
569 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
571 tmp = (unsigned char *)buf + pos + 1;
572 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
573 if (pos + len < bufLen)
575 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
579 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
581 void * endPos = NULL;
582 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
585 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
586 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
589 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
590 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
591 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
593 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
595 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
596 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
598 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
602 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
603 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
606 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
611 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
612 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
613 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
617 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
624 //Loads PKIX related information from SRM
625 static int InitPKIX(CATransportAdapter_t adapter)
627 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
628 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
629 g_getPkixInfoCallback(&g_pkiInfo);
631 mbedtls_x509_crt_free(&g_caSslContext->ca);
632 mbedtls_x509_crt_free(&g_caSslContext->crt);
633 mbedtls_pk_free(&g_caSslContext->pkey);
634 mbedtls_x509_crl_free(&g_caSslContext->crl);
636 mbedtls_x509_crt_init(&g_caSslContext->ca);
637 mbedtls_x509_crt_init(&g_caSslContext->crt);
638 mbedtls_pk_init(&g_caSslContext->pkey);
639 mbedtls_x509_crl_init(&g_caSslContext->crl);
641 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
642 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
643 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
644 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
646 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
649 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
652 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
656 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
660 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
663 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
666 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
669 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
674 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
677 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
678 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
682 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
685 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
686 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
687 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
691 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
692 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
695 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
702 * @param[in] notUsed opaque context
703 * @param[in] ssl mbedTLS context
704 * @param[in] desc identity
705 * @param[in] descLen identity length
707 * @return 0 on success any other return value will result in a denied PSK identity
709 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
710 const unsigned char * desc, size_t descLen)
712 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
713 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
714 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
715 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
716 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
718 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
722 uint8_t keyBuf[PSK_LENGTH] = {0};
724 // Retrieve the credentials blob from security module
725 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
728 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
729 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
730 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
731 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
733 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
734 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
736 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
740 * Gets session corresponding for endpoint.
742 * @param[in] peer remote address
744 * @return TLS session or NULL
746 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
748 uint32_t listIndex = 0;
749 uint32_t listLength = 0;
750 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
751 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
753 SslEndPoint_t *tep = NULL;
754 listLength = u_arraylist_length(g_caSslContext->peerList);
755 for (listIndex = 0; listIndex < listLength; listIndex++)
757 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
762 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
763 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
764 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
765 && (peer->port == tep->sep.endpoint.port))
767 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
771 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
772 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
776 #ifdef _ENABLE_MULTIPLE_OWNER_
778 * Gets CA secure endpoint info corresponding for endpoint.
780 * @param[in] peer remote address
782 * @return CASecureEndpoint or NULL
784 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
786 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
788 // TODO: Added as workaround, need to debug
789 ca_mutex_unlock(g_sslContextMutex);
791 ca_mutex_lock(g_sslContextMutex);
792 if (NULL == g_caSslContext)
794 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
795 ca_mutex_unlock(g_sslContextMutex);
799 SslEndPoint_t* sslPeer = GetSslPeer(peer);
802 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
803 ca_mutex_unlock(g_sslContextMutex);
804 return &sslPeer->sep;
807 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
808 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
809 ca_mutex_unlock(g_sslContextMutex);
815 * Deletes cached message.
817 * @param[in] msg message
819 static void DeleteCacheMessage(SslCacheMessage_t * msg)
821 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
822 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
827 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
830 * Deletes cached message list.
832 * @param[in] cacheList list of cached messages
834 static void DeleteCacheList(u_arraylist_t * cacheList)
836 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
837 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
838 uint32_t listIndex = 0;
839 uint32_t listLength = 0;
841 listLength = u_arraylist_length(cacheList);
842 for (listIndex = 0; listIndex < listLength; listIndex++)
844 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
847 DeleteCacheMessage(msg);
850 u_arraylist_free(&cacheList);
852 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
855 * Deletes endpoint with session.
857 * @param[in] tep endpoint with session info
859 static void DeleteSslEndPoint(SslEndPoint_t * tep)
861 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
862 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
864 mbedtls_ssl_free(&tep->ssl);
866 mbedtls_ssl_cookie_free(&tep->cookieCtx);
868 DeleteCacheList(tep->cacheList);
870 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
873 * Removes endpoint session from list.
875 * @param[in] endpoint remote address
877 static void RemovePeerFromList(CAEndpoint_t * endpoint)
879 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
880 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
881 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
883 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
888 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
889 && (endpoint->port == tep->sep.endpoint.port))
891 u_arraylist_remove(g_caSslContext->peerList, listIndex);
892 DeleteSslEndPoint(tep);
898 * Deletes session list.
900 static void DeletePeerList()
902 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
903 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
905 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
910 DeleteSslEndPoint(tep);
912 u_arraylist_free(&g_caSslContext->peerList);
915 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
917 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
918 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
920 ca_mutex_lock(g_sslContextMutex);
921 if (NULL == g_caSslContext)
923 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
924 ca_mutex_unlock(g_sslContextMutex);
925 return CA_STATUS_FAILED;
927 SslEndPoint_t * tep = GetSslPeer(endpoint);
930 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
931 ca_mutex_unlock(g_sslContextMutex);
932 return CA_STATUS_FAILED;
934 /* No error checking, the connection might be closed already */
938 ret = mbedtls_ssl_close_notify(&tep->ssl);
940 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
942 RemovePeerFromList(&tep->sep.endpoint);
943 ca_mutex_unlock(g_sslContextMutex);
945 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
949 * Creates session for endpoint.
951 * @param[in] endpoint remote address
952 * @param[in] config mbedTLS configuration info
954 * @return TLS endpoint or NULL
956 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
958 SslEndPoint_t * tep = NULL;
959 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
960 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
961 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
963 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
966 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
970 tep->sep.endpoint = *endpoint;
971 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
973 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
975 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
977 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
981 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
982 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
984 mbedtls_ssl_set_timer_cb(&tep->ssl, &g_caSslContext->timer,
985 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
986 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
988 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
989 &g_caSslContext->rnd))
991 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
993 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
996 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
998 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
999 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1001 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1003 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1008 tep->cacheList = u_arraylist_create();
1009 if (NULL == tep->cacheList)
1011 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1012 mbedtls_ssl_free(&tep->ssl);
1014 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1017 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1021 * Initializes PSK identity.
1023 * @param[out] config client/server config to be updated
1025 * @return 0 on success or -1 on error
1027 static int InitPskIdentity(mbedtls_ssl_config * config)
1029 uint8_t idBuf[UUID_LENGTH] = {0};
1030 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1031 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1033 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1035 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1036 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1039 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1041 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1042 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1045 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1048 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1051 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1052 if (NULL == g_getCredentialTypesCallback)
1054 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1058 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1059 // Retrieve the PSK credential from SRM
1060 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1061 if (0 != InitPskIdentity(config))
1063 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1066 // Retrieve the ECC credential from SRM
1067 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1069 int ret = InitPKIX(adapter);
1072 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1076 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1077 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1079 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1082 if (true == g_caSslContext->cipherFlag[1])
1084 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1087 if (true == g_caSslContext->cipherFlag[0])
1089 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1092 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1094 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1097 * Initiate TLS handshake with endpoint.
1099 * @param[in] endpoint remote address
1101 * @return TLS endpoint or NULL
1103 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1106 SslEndPoint_t * tep = NULL;
1108 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1109 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1112 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1113 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1114 tep = NewSslEndPoint(endpoint, config);
1117 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1121 //Load allowed SVR suites from SVR DB
1122 SetupCipher(config, endpoint->adapter);
1124 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1125 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1128 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1129 DeleteSslEndPoint(tep);
1133 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1135 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1136 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1140 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1142 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1146 void CAdeinitSslAdapter()
1148 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1150 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1151 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1153 //Lock tlsContext mutex
1154 ca_mutex_lock(g_sslContextMutex);
1159 // De-initialize mbedTLS
1160 mbedtls_x509_crt_free(&g_caSslContext->crt);
1161 mbedtls_pk_free(&g_caSslContext->pkey);
1163 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1164 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1165 #endif // __WITH_TLS__
1166 #ifdef __WITH_DTLS__
1167 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1168 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1169 #endif // __WITH_DTLS__
1170 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1171 mbedtls_entropy_free(&g_caSslContext->entropy);
1173 // De-initialize tls Context
1174 OICFree(g_caSslContext);
1175 g_caSslContext = NULL;
1177 // Unlock tlsContext mutex and de-initialize it
1178 ca_mutex_unlock(g_sslContextMutex);
1179 ca_mutex_free(g_sslContextMutex);
1180 g_sslContextMutex = NULL;
1182 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1185 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1187 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1188 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1189 mbedtls_ssl_config_init(conf);
1190 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1192 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1196 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1197 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1198 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1199 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1200 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1201 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1204 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1205 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1207 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1211 CAResult_t CAinitSslAdapter()
1213 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1214 // Initialize mutex for tlsContext
1215 if (NULL == g_sslContextMutex)
1217 g_sslContextMutex = ca_mutex_new();
1218 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1222 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1223 return CA_STATUS_OK;
1226 // Lock tlsContext mutex and create tlsContext
1227 ca_mutex_lock(g_sslContextMutex);
1228 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1230 if (NULL == g_caSslContext)
1232 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1233 ca_mutex_unlock(g_sslContextMutex);
1234 ca_mutex_free(g_sslContextMutex);
1235 g_sslContextMutex = NULL;
1236 return CA_MEMORY_ALLOC_FAILED;
1240 g_caSslContext->peerList = u_arraylist_create();
1242 if(NULL == g_caSslContext->peerList)
1244 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1245 OICFree(g_caSslContext);
1246 g_caSslContext = NULL;
1247 ca_mutex_unlock(g_sslContextMutex);
1248 ca_mutex_free(g_sslContextMutex);
1249 g_sslContextMutex = NULL;
1250 return CA_STATUS_FAILED;
1253 /* Initialize TLS library
1256 char version[MBED_TLS_VERSION_LEN];
1257 mbedtls_version_get_string(version);
1258 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1263 mbedtls_entropy_init(&g_caSslContext->entropy);
1264 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1267 unsigned char seed[sizeof(SEED)] = {0};
1269 urandomFd = open("/dev/urandom", O_RDONLY);
1272 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1273 ca_mutex_unlock(g_sslContextMutex);
1274 CAdeinitSslAdapter();
1275 return CA_STATUS_FAILED;
1277 if(0 > read(urandomFd, seed, sizeof(seed)))
1279 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1281 ca_mutex_unlock(g_sslContextMutex);
1282 CAdeinitSslAdapter();
1283 return CA_STATUS_FAILED;
1288 unsigned char * seed = (unsigned char*) SEED;
1290 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1291 &g_caSslContext->entropy, seed, sizeof(SEED)))
1293 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1294 ca_mutex_unlock(g_sslContextMutex);
1295 CAdeinitSslAdapter();
1296 return CA_STATUS_FAILED;
1298 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1301 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1302 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1304 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1305 ca_mutex_unlock(g_sslContextMutex);
1306 CAdeinitSslAdapter();
1307 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1308 return CA_STATUS_FAILED;
1311 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1312 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1314 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1315 ca_mutex_unlock(g_sslContextMutex);
1316 CAdeinitSslAdapter();
1317 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1318 return CA_STATUS_FAILED;
1320 #endif // __WITH_TLS__
1321 #ifdef __WITH_DTLS__
1322 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1323 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1325 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1326 ca_mutex_unlock(g_sslContextMutex);
1327 CAdeinitSslAdapter();
1328 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1329 return CA_STATUS_FAILED;
1332 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1333 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1335 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1336 ca_mutex_unlock(g_sslContextMutex);
1337 CAdeinitSslAdapter();
1338 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1339 return CA_STATUS_FAILED;
1341 #endif // __WITH_DTLS__
1343 // set default cipher
1344 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1347 mbedtls_x509_crt_init(&g_caSslContext->ca);
1348 mbedtls_x509_crt_init(&g_caSslContext->crt);
1349 mbedtls_pk_init(&g_caSslContext->pkey);
1350 mbedtls_x509_crl_init(&g_caSslContext->crl);
1352 ca_mutex_unlock(g_sslContextMutex);
1354 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1355 return CA_STATUS_OK;
1358 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1360 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1361 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1364 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1365 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1368 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1369 if (NULL == message)
1371 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1372 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1376 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1377 if (NULL == message->data)
1379 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1381 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1384 memcpy(message->data, data, dataLen);
1385 message->len = dataLen;
1386 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1390 /* Send data via TLS connection.
1392 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1393 void *data, uint32_t dataLen)
1397 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1399 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1400 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1401 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1405 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1406 return CA_STATUS_FAILED;
1409 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1411 ca_mutex_lock(g_sslContextMutex);
1412 if(NULL == g_caSslContext)
1414 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1415 ca_mutex_unlock(g_sslContextMutex);
1416 return CA_STATUS_FAILED;
1419 SslEndPoint_t * tep = GetSslPeer(endpoint);
1422 tep = InitiateTlsHandshake(endpoint);
1426 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1427 ca_mutex_unlock(g_sslContextMutex);
1428 return CA_STATUS_FAILED;
1431 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1433 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1437 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1438 RemovePeerFromList(&tep->sep.endpoint);
1439 ca_mutex_unlock(g_sslContextMutex);
1440 return CA_STATUS_FAILED;
1445 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1446 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1448 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1449 ca_mutex_unlock(g_sslContextMutex);
1450 return CA_STATUS_FAILED;
1454 ca_mutex_unlock(g_sslContextMutex);
1456 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1457 return CA_STATUS_OK;
1460 * Sends cached messages via TLS connection.
1462 * @param[in] tep remote address with session info
1464 static void SendCacheMessages(SslEndPoint_t * tep)
1466 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1467 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1469 uint32_t listIndex = 0;
1470 uint32_t listLength = 0;
1471 listLength = u_arraylist_length(tep->cacheList);
1472 for (listIndex = 0; listIndex < listLength;)
1475 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1476 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1480 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1482 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1486 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1488 if (u_arraylist_remove(tep->cacheList, listIndex))
1490 DeleteCacheMessage(msg);
1491 // Reduce list length by 1 as we removed one element.
1496 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1502 // Move to the next element
1506 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1509 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1511 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1512 g_sslCallback = tlsHandshakeCallback;
1513 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1515 // TODO move ConvertStrToUuid function to common module
1517 * Converts string UUID to CARemoteId_t
1519 * @param strUuid Device UUID in string format
1520 * @param uuid converted UUID in CARemoteId_t format
1522 * @return 0 for success.
1524 static int ConvertStrToUuid(const char* strUuid, CARemoteId_t* uuid)
1526 if(NULL == strUuid || NULL == uuid)
1528 OIC_LOG(ERROR, NET_SSL_TAG, "ConvertStrToUuid : Invalid param");
1534 size_t strUuidLen = 0;
1535 char convertedUuid[UUID_LENGTH * 2] = {0};
1537 strUuidLen = strlen(strUuid);
1540 OIC_LOG(INFO, NET_SSL_TAG, "The empty string detected, The UUID will be converted to "\
1541 "\"00000000-0000-0000-0000-000000000000\"");
1543 else if(UUID_LENGTH * 2 + 4 == strUuidLen)
1545 for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2)
1547 if(*(strUuid + urnIdx) == '-')
1551 sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]);
1556 OIC_LOG(ERROR, NET_SSL_TAG, "Invalid string uuid format");
1560 memcpy(uuid->id, convertedUuid, UUID_LENGTH);
1561 uuid->id_length = UUID_LENGTH;
1565 /* Read data from TLS connection
1567 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1570 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1571 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1572 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1574 ca_mutex_lock(g_sslContextMutex);
1575 if (NULL == g_caSslContext)
1577 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1578 ca_mutex_unlock(g_sslContextMutex);
1579 return CA_STATUS_FAILED;
1583 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1586 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1587 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1588 peer = NewSslEndPoint(&sep->endpoint, config);
1591 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1592 ca_mutex_unlock(g_sslContextMutex);
1593 return CA_STATUS_FAILED;
1595 //Load allowed TLS suites from SVR DB
1596 SetupCipher(config, sep->endpoint.adapter);
1598 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1601 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1603 ca_mutex_unlock(g_sslContextMutex);
1604 return CA_STATUS_FAILED;
1608 peer->recBuf.buff = data;
1609 peer->recBuf.len = dataLen;
1610 peer->recBuf.loaded = 0;
1612 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1614 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1615 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1620 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1622 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1623 mbedtls_ssl_session_reset(&peer->ssl);
1624 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1625 (const unsigned char *) sep->endpoint.addr,
1626 sizeof(sep->endpoint.addr));
1627 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1629 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1632 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1633 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1634 CA_STATUS_FAILED, GetAlertCode(flags));
1636 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1637 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1639 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1640 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1642 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1644 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1647 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1649 SSL_RES(peer, CA_STATUS_OK);
1650 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1652 SendCacheMessages(peer);
1655 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1656 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1658 char uuid[UUID_LENGTH * 2 + 5] = {0};
1659 void * uuidPos = NULL;
1660 void * userIdPos = NULL;
1661 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1662 ret = (NULL == peerCert ? -1 : 0);
1663 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1664 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1665 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1666 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1668 if (NULL != uuidPos)
1670 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1671 ret = ConvertStrToUuid(uuid, &peer->sep.identity);
1672 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1673 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1677 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1680 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1681 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1682 if (NULL != userIdPos)
1684 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1685 ret = ConvertStrToUuid(uuid, &peer->sep.userId);
1686 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1687 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1691 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1695 ca_mutex_unlock(g_sslContextMutex);
1696 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1697 return CA_STATUS_OK;
1701 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1703 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1706 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1707 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1709 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1710 // TinyDTLS sends fatal close_notify alert
1711 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1712 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1713 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1715 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1716 SSL_CLOSE_NOTIFY(peer, ret);
1717 RemovePeerFromList(&peer->sep.endpoint);
1718 ca_mutex_unlock(g_sslContextMutex);
1719 return CA_STATUS_OK;
1724 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1725 //SSL_RES(peer, CA_STATUS_FAILED);
1726 RemovePeerFromList(&peer->sep.endpoint);
1727 ca_mutex_unlock(g_sslContextMutex);
1728 return CA_STATUS_FAILED;
1730 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1731 if (0 == adapterIndex || adapterIndex == 1)
1733 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1737 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1738 RemovePeerFromList(&peer->sep.endpoint);
1739 ca_mutex_unlock(g_sslContextMutex);
1740 return CA_STATUS_FAILED;
1744 ca_mutex_unlock(g_sslContextMutex);
1745 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1746 return CA_STATUS_OK;
1749 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1750 CAPacketSendCallback sendCallback,
1751 CATransportAdapter_t type)
1753 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1754 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1755 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1756 ca_mutex_lock(g_sslContextMutex);
1757 if (NULL == g_caSslContext)
1759 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1760 ca_mutex_unlock(g_sslContextMutex);
1764 // if (MAX_SUPPORTED_ADAPTERS > type)
1769 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1770 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1772 case CA_ADAPTER_TCP:
1773 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1774 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1777 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1781 ca_mutex_unlock(g_sslContextMutex);
1782 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1785 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1787 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1788 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1789 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1792 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1795 //todo check that Cred with RSA cert exists
1796 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1797 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1798 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1799 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1801 #ifdef __WITH_DTLS__
1802 //todo check that Cred with RSA cert exists
1803 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1804 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1805 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1806 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1808 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1811 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1813 if (false == g_caSslContext->cipherFlag[1])
1815 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1816 return CA_STATUS_FAILED;
1819 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1820 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1821 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1822 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1824 #ifdef __WITH_DTLS__
1825 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1826 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1827 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1828 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1830 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1833 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1836 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1837 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1838 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1839 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1841 #ifdef __WITH_DTLS__
1842 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1843 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1844 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1845 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1847 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1850 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1853 if (false == g_caSslContext->cipherFlag[0])
1855 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1856 return CA_STATUS_FAILED;
1860 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1861 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1862 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1863 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1865 #ifdef __WITH_DTLS__
1866 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1867 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1868 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1869 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1871 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1876 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1877 return CA_STATUS_FAILED;
1880 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1881 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1882 return CA_STATUS_OK;
1885 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1887 CAResult_t res = CA_STATUS_OK;
1888 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1889 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1890 ca_mutex_lock(g_sslContextMutex);
1891 if (NULL == InitiateTlsHandshake(endpoint))
1893 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1894 res = CA_STATUS_FAILED;
1896 ca_mutex_unlock(g_sslContextMutex);
1897 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1901 * Expands the secret into blocks of data according
1902 * to the algorithm specified in section 5 of RFC 4346
1904 * This function writes upto @p bufLen bytes into the given output buffer @p buf
1906 * @param key secret key.
1907 * @param keyLen secret key length.
1908 * @param label A PRF label.
1909 * @param labelLen Actual length of @p label.
1910 * @param random1 Random seed.
1911 * @param random1Len Actual length of @p random1 (may be zero).
1912 * @param random2 Random seed.
1913 * @param random2Len Actual length of @p random2 (may be zero).
1914 * @param buf Output buffer for generated random data.
1915 * @param bufLen Maximum size of @p buf.
1917 * @return The actual number of bytes written to @p buf or @c -1 on error.
1920 static int pHash (const unsigned char *key, size_t keyLen,
1921 const unsigned char *label, size_t labelLen,
1922 const unsigned char *random1, size_t random1Len,
1923 const unsigned char *random2, size_t random2Len,
1924 unsigned char *buf, size_t bufLen)
1926 unsigned char A[RANDOM_LEN] = {0};
1927 unsigned char tmp[RANDOM_LEN] = {0};
1928 size_t dLen; /* digest length */
1929 size_t len = 0; /* result length */
1931 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
1932 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
1933 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
1934 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
1935 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
1937 mbedtls_md_context_t hmacA;
1938 mbedtls_md_context_t hmacP;
1940 mbedtls_md_init(&hmacA);
1941 mbedtls_md_init(&hmacP);
1943 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1944 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1946 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
1947 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
1948 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
1949 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
1950 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
1954 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1956 while (len + dLen < bufLen)
1958 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
1959 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1960 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
1961 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
1962 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
1963 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
1965 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
1969 memcpy(buf, tmp, dLen);
1972 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
1973 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
1974 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
1975 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
1978 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
1979 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1980 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
1982 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
1983 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
1984 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
1985 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
1987 memcpy(buf, tmp, bufLen - len);
1989 mbedtls_md_free(&hmacA);
1990 mbedtls_md_free(&hmacP);
1994 mbedtls_md_free(&hmacA);
1995 mbedtls_md_free(&hmacP);
1999 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2000 const uint8_t* label, const size_t labelLen,
2001 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2002 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2003 uint8_t* ownerPsk, const size_t ownerPskSize)
2005 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2006 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2007 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2008 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2009 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2010 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2012 // TODO: Added as workaround, need to debug
2013 ca_mutex_unlock(g_sslContextMutex);
2015 ca_mutex_lock(g_sslContextMutex);
2016 if (NULL == g_caSslContext)
2018 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2019 ca_mutex_unlock(g_sslContextMutex);
2020 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2021 return CA_STATUS_FAILED;
2023 SslEndPoint_t * tep = GetSslPeer(endpoint);
2026 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2027 ca_mutex_unlock(g_sslContextMutex);
2028 return CA_STATUS_FAILED;
2031 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2033 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2034 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2035 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2036 keyblock, KEY_BLOCK_LEN);
2039 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2040 ca_mutex_unlock(g_sslContextMutex);
2041 return CA_STATUS_FAILED;
2043 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2044 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2045 provServerDeviceId, provServerDeviceIdLen,
2046 ownerPsk, ownerPskSize);
2049 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2050 ca_mutex_unlock(g_sslContextMutex);
2051 return CA_STATUS_FAILED;
2054 ca_mutex_unlock(g_sslContextMutex);
2056 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2057 return CA_STATUS_OK;