1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
29 #include "byte_array.h"
34 // headers required for mbed TLS
35 #include "mbedtls/platform.h"
36 #include "mbedtls/ssl.h"
37 #include "mbedtls/entropy.h"
38 #include "mbedtls/ctr_drbg.h"
39 #include "mbedtls/pkcs12.h"
40 #include "mbedtls/ssl_internal.h"
42 #include "mbedtls/timing.h"
43 #include "mbedtls/ssl_cookie.h"
46 #if !defined(NDEBUG) || defined(TB_LOG)
47 #include "mbedtls/debug.h"
48 #include "mbedtls/version.h"
52 #include <sys/types.h>
60 * @def MBED_TLS_VERSION_LEN
61 * @brief mbedTLS version string length
63 #define MBED_TLS_VERSION_LEN (16)
66 * @brief Seed for initialization RNG
68 #define SEED "IOTIVITY_RND"
71 * @brief uuid prefix in certificate subject field
73 #define UUID_PREFIX "uuid:"
76 * @brief userid prefix in certificate alternative subject name field
78 #define USERID_PREFIX "userid:"
82 * @brief Logging tag for module name
84 #define NET_SSL_TAG "OIC_CA_NET_SSL"
87 * @brief Logging tag for mbedTLS library
89 #define MBED_TLS_TAG "MBED_TLS"
91 * @def MMBED_TLS_DEBUG_LEVEL
92 * @brief Logging level for mbedTLS library
94 #define MBED_TLS_DEBUG_LEVEL (4)
97 * @def TLS_MSG_BUF_LEN
98 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
101 #define TLS_MSG_BUF_LEN (16384)
104 * @brief PSK keys max length
106 #define PSK_LENGTH (256/8)
108 * @def UUID_LENGTHPSK_LENGTH
109 * @brief Identity max length
111 #define UUID_LENGTH (128/8)
113 * @def MASTER_SECRET_LEN
114 * @brief TLS master secret length
116 #define MASTER_SECRET_LEN (48)
119 * @brief TLS client and server random bytes length
121 #define RANDOM_LEN (32)
124 * @brief PSK generated keyblock length
126 #define KEY_BLOCK_LEN (96)
128 /**@def SSL_CLOSE_NOTIFY(peer, ret)
130 * Notifies of existing \a peer about closing TLS connection.
132 * @param[in] peer remote peer
133 * @param[in] ret used internaly
137 * @var RETRANSMISSION_TIME
138 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
140 #define RETRANSMISSION_TIME 1
142 #define SSL_CLOSE_NOTIFY(peer, ret) \
145 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
146 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
148 /**@def SSL_RES(peer, status)
150 * Sets SSL result for callback.
152 * @param[in] peer remote peer
154 #define SSL_RES(peer, status) \
157 CAErrorInfo_t errorInfo; \
158 errorInfo.result = (status); \
159 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
161 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
163 * Checks handshake result and send alert if needed.
165 * @param[in] peer remote peer
166 * @param[in] ret error code
167 * @param[in] str debug string
168 * @param[in] mutex ca mutex
169 * @param[in] return error code
170 * @param[in] msg allert message
172 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
173 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
174 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
175 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
176 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
178 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
179 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
180 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
182 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
184 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
185 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
186 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
187 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
188 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
190 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
192 RemovePeerFromList(&(peer)->sep.endpoint); \
195 ca_mutex_unlock(g_sslContextMutex); \
197 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
200 /** @def CHECK_MBEDTLS_RET(f, ...)
201 * A macro that checks \a f function return code
203 * If function returns error code it goes to error processing.
205 * @param[in] f Function to call
207 #define CHECK_MBEDTLS_RET(f, ...) do { \
208 int ret = (f)(__VA_ARGS__); \
210 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
216 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
217 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
218 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
219 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
225 ADAPTER_CURVE_SECP256R1,
229 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
231 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
232 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
233 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
234 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
237 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
239 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
241 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
244 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
251 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
252 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
253 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
254 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
255 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
256 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
257 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
258 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
259 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
260 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
261 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
262 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
263 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
264 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
265 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
266 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
267 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
268 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
269 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
270 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
271 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
275 static int GetAlertCode(uint32_t flags)
277 const CrtVerifyAlert_t *cur;
279 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
281 if (flags & cur->code)
289 #if !defined(NDEBUG) || defined(TB_LOG)
291 * Pass a message to the OIC logger.
293 * @param[in] ctx opaque context for the callback
294 * @param[in] level debug level
295 * @param[in] file file name
296 * @param[in] line line number
297 * @param[in] str message
299 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
306 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
312 * Finds the first occurrence of the byte string s in byte string l.
315 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
319 const char *cl = (const char *)l;
320 const char *cs = (const char *)s;
322 if (lLen == 0 || sLen == 0)
332 return (void *)memchr(l, (int)*cs, lLen);
335 last = (char *)cl + lLen - sLen;
337 for (cur = (char *)cl; cur <= last; cur++)
339 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
348 * structure to holds the information of cache message and address info.
350 typedef ByteArray_t SslCacheMessage_t;
354 * Data structure for holding the send and recv callbacks.
356 typedef struct TlsCallBacks
358 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
359 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
363 * Data structure for holding the mbedTLS interface related info.
365 typedef struct SslContext
367 u_arraylist_t *peerList; /**< peer list which holds the mapping between
368 peer id, it's n/w address and mbedTLS context. */
369 mbedtls_entropy_context entropy;
370 mbedtls_ctr_drbg_context rnd;
372 mbedtls_x509_crt crt;
373 mbedtls_pk_context pkey;
375 mbedtls_ssl_config clientTlsConf;
376 mbedtls_ssl_config serverTlsConf;
377 mbedtls_ssl_config clientDtlsConf;
378 mbedtls_ssl_config serverDtlsConf;
380 AdapterCipher_t cipher;
381 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
382 mbedtls_x509_crl crl;
389 * @var g_caSslContext
390 * @brief global context which holds tls context and cache list information.
392 static SslContext_t * g_caSslContext = NULL;
395 * @var g_getCredentialsCallback
396 * @brief callback to get TLS credentials (same as for DTLS)
398 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
400 * @var g_getCerdentilTypesCallback
401 * @brief callback to get different credential types from SRM
403 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
405 * @var g_getPkixInfoCallback
407 * @brief callback to get X.509-based Public Key Infrastructure
409 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
412 * @var g_dtlsContextMutex
413 * @brief Mutex to synchronize access to g_caSslContext.
415 static ca_mutex g_sslContextMutex = NULL;
419 * @brief callback to deliver the TLS handshake result
421 static CAErrorCallback g_sslCallback = NULL;
424 * Data structure for holding the data to be received.
426 typedef struct SslRecBuf
433 * Data structure for holding the data related to endpoint
436 typedef struct SslEndPoint
438 mbedtls_ssl_context ssl;
439 CASecureEndpoint_t sep;
440 u_arraylist_t * cacheList;
442 uint8_t master[MASTER_SECRET_LEN];
443 uint8_t random[2*RANDOM_LEN];
445 mbedtls_ssl_cookie_ctx cookieCtx;
446 mbedtls_timing_delay_context timer;
447 #endif // __WITH_DTLS__
450 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
452 // TODO Does this method needs protection of tlsContextMutex?
453 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
454 g_getCredentialsCallback = credCallback;
455 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
458 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
460 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
461 g_getPkixInfoCallback = infoCallback;
462 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
464 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
466 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
467 g_getCredentialTypesCallback = credTypesCallback;
468 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
471 static int GetAdapterIndex(CATransportAdapter_t adapter)
480 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
487 * @param[in] tep TLS endpoint
488 * @param[in] data message
489 * @param[in] dataLen message length
491 * @return message length
493 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
495 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
496 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", 0);
497 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
498 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
499 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
500 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
501 if (0 == adapterIndex || 1 == adapterIndex)
503 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
504 sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, (uint32_t) dataLen);
508 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
512 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
518 * @param[in] tep TLS endpoint
519 * @param[in] data message
520 * @param[in] dataLen message length
522 * @return read length
524 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
526 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
527 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
528 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
530 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
531 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
532 retLen = (retLen < dataLen ? retLen : dataLen);
534 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
535 recBuf->loaded += retLen;
537 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
542 * Parse chain of X.509 certificates.
544 * @param[out] crt container for X.509 certificates
545 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
546 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
547 * @param[in] bufLen buffer length
549 * @return 0 on success, -1 on error
551 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
553 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
554 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
555 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
560 unsigned char * tmp = NULL;
562 char pemCertHeader[] = {
563 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
564 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
566 char pemCertFooter[] = {
567 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
568 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
570 size_t pemCertHeaderLen = sizeof(pemCertHeader);
571 size_t pemCertFooterLen = sizeof(pemCertFooter);
575 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
577 tmp = (unsigned char *)buf + pos + 1;
578 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
579 if (pos + len < bufLen)
581 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
585 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
587 void * endPos = NULL;
588 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
591 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
592 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
595 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
596 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
597 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
599 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
601 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
602 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
604 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
608 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
609 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
612 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
617 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
618 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
619 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
623 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
630 //Loads PKIX related information from SRM
631 static int InitPKIX(CATransportAdapter_t adapter)
633 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
634 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
635 g_getPkixInfoCallback(&g_pkiInfo);
637 mbedtls_x509_crt_free(&g_caSslContext->ca);
638 mbedtls_x509_crt_free(&g_caSslContext->crt);
639 mbedtls_pk_free(&g_caSslContext->pkey);
640 mbedtls_x509_crl_free(&g_caSslContext->crl);
642 mbedtls_x509_crt_init(&g_caSslContext->ca);
643 mbedtls_x509_crt_init(&g_caSslContext->crt);
644 mbedtls_pk_init(&g_caSslContext->pkey);
645 mbedtls_x509_crl_init(&g_caSslContext->crl);
647 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
648 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
649 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
650 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
652 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
655 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
658 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
662 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
666 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
669 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
672 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
675 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
680 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
683 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
684 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
688 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
691 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
692 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
693 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
697 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
698 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
701 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
708 * @param[in] notUsed opaque context
709 * @param[in] ssl mbedTLS context
710 * @param[in] desc identity
711 * @param[in] descLen identity length
713 * @return 0 on success any other return value will result in a denied PSK identity
715 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
716 const unsigned char * desc, size_t descLen)
718 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
719 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
720 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
721 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
722 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
724 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
728 uint8_t keyBuf[PSK_LENGTH] = {0};
730 // Retrieve the credentials blob from security module
731 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
734 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
735 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
736 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
737 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
739 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
740 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
742 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
746 * Gets session corresponding for endpoint.
748 * @param[in] peer remote address
750 * @return TLS session or NULL
752 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
754 uint32_t listIndex = 0;
755 uint32_t listLength = 0;
756 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
757 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
759 SslEndPoint_t *tep = NULL;
760 listLength = u_arraylist_length(g_caSslContext->peerList);
761 for (listIndex = 0; listIndex < listLength; listIndex++)
763 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
768 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
769 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
770 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
771 && (peer->port == tep->sep.endpoint.port))
773 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
777 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
778 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
782 #ifdef _ENABLE_MULTIPLE_OWNER_
784 * Gets CA secure endpoint info corresponding for endpoint.
786 * @param[in] peer remote address
788 * @return CASecureEndpoint or NULL
790 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
792 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
794 // TODO: Added as workaround, need to debug
795 ca_mutex_unlock(g_sslContextMutex);
797 ca_mutex_lock(g_sslContextMutex);
798 if (NULL == g_caSslContext)
800 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
801 ca_mutex_unlock(g_sslContextMutex);
805 SslEndPoint_t* sslPeer = GetSslPeer(peer);
808 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
809 ca_mutex_unlock(g_sslContextMutex);
810 return &sslPeer->sep;
813 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
814 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
815 ca_mutex_unlock(g_sslContextMutex);
821 * Deletes cached message.
823 * @param[in] msg message
825 static void DeleteCacheMessage(SslCacheMessage_t * msg)
827 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
828 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
833 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
836 * Deletes cached message list.
838 * @param[in] cacheList list of cached messages
840 static void DeleteCacheList(u_arraylist_t * cacheList)
842 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
843 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
844 uint32_t listIndex = 0;
845 uint32_t listLength = 0;
847 listLength = u_arraylist_length(cacheList);
848 for (listIndex = 0; listIndex < listLength; listIndex++)
850 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
853 DeleteCacheMessage(msg);
856 u_arraylist_free(&cacheList);
858 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
861 * Deletes endpoint with session.
863 * @param[in] tep endpoint with session info
865 static void DeleteSslEndPoint(SslEndPoint_t * tep)
867 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
868 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
870 mbedtls_ssl_free(&tep->ssl);
872 mbedtls_ssl_cookie_free(&tep->cookieCtx);
874 DeleteCacheList(tep->cacheList);
876 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
879 * Removes endpoint session from list.
881 * @param[in] endpoint remote address
883 static void RemovePeerFromList(CAEndpoint_t * endpoint)
885 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
886 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
887 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
889 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
894 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
895 && (endpoint->port == tep->sep.endpoint.port))
897 u_arraylist_remove(g_caSslContext->peerList, listIndex);
898 DeleteSslEndPoint(tep);
904 * Deletes session list.
906 static void DeletePeerList()
908 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
909 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
911 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
916 DeleteSslEndPoint(tep);
918 u_arraylist_free(&g_caSslContext->peerList);
921 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
923 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
924 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
926 ca_mutex_lock(g_sslContextMutex);
927 if (NULL == g_caSslContext)
929 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
930 ca_mutex_unlock(g_sslContextMutex);
931 return CA_STATUS_FAILED;
933 SslEndPoint_t * tep = GetSslPeer(endpoint);
936 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
937 ca_mutex_unlock(g_sslContextMutex);
938 return CA_STATUS_FAILED;
940 /* No error checking, the connection might be closed already */
944 ret = mbedtls_ssl_close_notify(&tep->ssl);
946 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
948 RemovePeerFromList(&tep->sep.endpoint);
949 ca_mutex_unlock(g_sslContextMutex);
951 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
955 void CAcloseSslConnectionAll()
957 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
958 ca_mutex_lock(g_sslContextMutex);
959 if (NULL == g_caSslContext)
961 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
962 ca_mutex_unlock(g_sslContextMutex);
966 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
967 for (uint32_t i = listLength; i > 0; i--)
969 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_remove(g_caSslContext->peerList, i - 1);
974 OIC_LOG_V(DEBUG, NET_SSL_TAG, "SSL Connection [%s:%d]",
975 tep->sep.endpoint.addr, tep->sep.endpoint.port);
977 // TODO: need to check below code after socket close is ensured.
981 ret = mbedtls_ssl_close_notify(&tep->ssl);
983 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
985 DeleteSslEndPoint(tep);
987 ca_mutex_unlock(g_sslContextMutex);
989 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
993 * Creates session for endpoint.
995 * @param[in] endpoint remote address
996 * @param[in] config mbedTLS configuration info
998 * @return TLS endpoint or NULL
1000 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1002 SslEndPoint_t * tep = NULL;
1003 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1004 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1005 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1007 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1010 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1014 tep->sep.endpoint = *endpoint;
1015 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1017 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1019 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1021 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1025 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1026 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1028 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1029 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1030 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1032 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
1033 &g_caSslContext->rnd))
1035 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
1037 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1040 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1042 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1043 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1045 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1047 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1052 tep->cacheList = u_arraylist_create();
1053 if (NULL == tep->cacheList)
1055 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1056 mbedtls_ssl_free(&tep->ssl);
1058 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1061 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1065 * Initializes PSK identity.
1067 * @param[out] config client/server config to be updated
1069 * @return 0 on success or -1 on error
1071 static int InitPskIdentity(mbedtls_ssl_config * config)
1073 uint8_t idBuf[UUID_LENGTH] = {0};
1074 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1075 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1077 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1079 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1080 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1083 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1085 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1086 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1089 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1092 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1095 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1096 if (NULL == g_getCredentialTypesCallback)
1098 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1102 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1103 // Retrieve the PSK credential from SRM
1104 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1105 if (0 != InitPskIdentity(config))
1107 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1110 // Retrieve the ECC credential from SRM
1111 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1113 int ret = InitPKIX(adapter);
1116 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1120 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1121 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1123 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1126 if (true == g_caSslContext->cipherFlag[1])
1128 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1131 if (true == g_caSslContext->cipherFlag[0])
1133 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1136 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1138 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1141 * Initiate TLS handshake with endpoint.
1143 * @param[in] endpoint remote address
1145 * @return TLS endpoint or NULL
1147 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1150 SslEndPoint_t * tep = NULL;
1152 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1153 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1156 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1157 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1158 tep = NewSslEndPoint(endpoint, config);
1161 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1165 //Load allowed SVR suites from SVR DB
1166 SetupCipher(config, endpoint->adapter);
1168 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1169 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1172 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1173 DeleteSslEndPoint(tep);
1177 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1179 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1180 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1184 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1186 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1190 void CAdeinitSslAdapter()
1192 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1194 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1195 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1197 //Lock tlsContext mutex
1198 ca_mutex_lock(g_sslContextMutex);
1203 // De-initialize mbedTLS
1204 mbedtls_x509_crt_free(&g_caSslContext->crt);
1205 mbedtls_pk_free(&g_caSslContext->pkey);
1207 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1208 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1209 #endif // __WITH_TLS__
1210 #ifdef __WITH_DTLS__
1211 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1212 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1213 #endif // __WITH_DTLS__
1214 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1215 mbedtls_entropy_free(&g_caSslContext->entropy);
1217 // De-initialize tls Context
1218 OICFree(g_caSslContext);
1219 g_caSslContext = NULL;
1221 // Unlock tlsContext mutex and de-initialize it
1222 ca_mutex_unlock(g_sslContextMutex);
1223 ca_mutex_free(g_sslContextMutex);
1224 g_sslContextMutex = NULL;
1226 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1229 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1231 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1232 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1233 mbedtls_ssl_config_init(conf);
1234 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1236 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1240 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1241 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1242 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1243 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1244 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1245 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1247 #if !defined(NDEBUG) || defined(TB_LOG)
1248 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1249 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1251 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1256 * Starts DTLS retransmission.
1258 static void StartRetransmit()
1260 static int timerId = -1;
1261 uint32_t listIndex = 0;
1262 uint32_t listLength = 0;
1263 SslEndPoint_t *tep = NULL;
1266 //clear previous timer
1267 unregisterTimer(timerId);
1269 ca_mutex_lock(g_sslContextMutex);
1271 //stop retransmission if context is invalid
1272 if(NULL == g_caSslContext)
1274 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1275 ca_mutex_unlock(g_sslContextMutex);
1279 listLength = u_arraylist_length(g_caSslContext->peerList);
1280 for (listIndex = 0; listIndex < listLength; listIndex++)
1282 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1284 || MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
1285 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1289 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1290 if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
1292 OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
1295 ca_mutex_unlock(g_sslContextMutex);
1298 registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
1301 CAResult_t CAinitSslAdapter()
1303 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1304 // Initialize mutex for tlsContext
1305 if (NULL == g_sslContextMutex)
1307 g_sslContextMutex = ca_mutex_new();
1308 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1312 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1313 return CA_STATUS_OK;
1316 // Lock tlsContext mutex and create tlsContext
1317 ca_mutex_lock(g_sslContextMutex);
1318 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1320 if (NULL == g_caSslContext)
1322 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1323 ca_mutex_unlock(g_sslContextMutex);
1324 ca_mutex_free(g_sslContextMutex);
1325 g_sslContextMutex = NULL;
1326 return CA_MEMORY_ALLOC_FAILED;
1330 g_caSslContext->peerList = u_arraylist_create();
1332 if(NULL == g_caSslContext->peerList)
1334 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1335 OICFree(g_caSslContext);
1336 g_caSslContext = NULL;
1337 ca_mutex_unlock(g_sslContextMutex);
1338 ca_mutex_free(g_sslContextMutex);
1339 g_sslContextMutex = NULL;
1340 return CA_STATUS_FAILED;
1343 /* Initialize TLS library
1345 #if !defined(NDEBUG) || defined(TB_LOG)
1346 char version[MBED_TLS_VERSION_LEN];
1347 mbedtls_version_get_string(version);
1348 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1353 mbedtls_entropy_init(&g_caSslContext->entropy);
1354 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1357 unsigned char seed[sizeof(SEED)] = {0};
1359 urandomFd = open("/dev/urandom", O_RDONLY);
1362 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1363 ca_mutex_unlock(g_sslContextMutex);
1364 CAdeinitSslAdapter();
1365 return CA_STATUS_FAILED;
1367 if(0 > read(urandomFd, seed, sizeof(seed)))
1369 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1371 ca_mutex_unlock(g_sslContextMutex);
1372 CAdeinitSslAdapter();
1373 return CA_STATUS_FAILED;
1378 unsigned char * seed = (unsigned char*) SEED;
1380 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1381 &g_caSslContext->entropy, seed, sizeof(SEED)))
1383 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1384 ca_mutex_unlock(g_sslContextMutex);
1385 CAdeinitSslAdapter();
1386 return CA_STATUS_FAILED;
1388 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1391 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1392 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1394 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1395 ca_mutex_unlock(g_sslContextMutex);
1396 CAdeinitSslAdapter();
1397 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1398 return CA_STATUS_FAILED;
1401 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1402 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1404 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1405 ca_mutex_unlock(g_sslContextMutex);
1406 CAdeinitSslAdapter();
1407 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1408 return CA_STATUS_FAILED;
1410 #endif // __WITH_TLS__
1411 #ifdef __WITH_DTLS__
1412 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1413 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1415 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1416 ca_mutex_unlock(g_sslContextMutex);
1417 CAdeinitSslAdapter();
1418 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1419 return CA_STATUS_FAILED;
1422 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1423 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1425 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1426 ca_mutex_unlock(g_sslContextMutex);
1427 CAdeinitSslAdapter();
1428 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1429 return CA_STATUS_FAILED;
1431 #endif // __WITH_DTLS__
1433 // set default cipher
1434 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1437 mbedtls_x509_crt_init(&g_caSslContext->ca);
1438 mbedtls_x509_crt_init(&g_caSslContext->crt);
1439 mbedtls_pk_init(&g_caSslContext->pkey);
1440 mbedtls_x509_crl_init(&g_caSslContext->crl);
1442 #ifdef __WITH_DTLS__
1446 ca_mutex_unlock(g_sslContextMutex);
1448 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1449 return CA_STATUS_OK;
1452 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1454 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1455 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1458 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1459 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1462 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1463 if (NULL == message)
1465 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1466 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1470 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1471 if (NULL == message->data)
1473 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1475 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1478 memcpy(message->data, data, dataLen);
1479 message->len = dataLen;
1480 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1484 /* Send data via TLS connection.
1486 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1487 void *data, uint32_t dataLen)
1491 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1493 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1494 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1495 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1499 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1500 return CA_STATUS_FAILED;
1503 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1505 ca_mutex_lock(g_sslContextMutex);
1506 if(NULL == g_caSslContext)
1508 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1509 ca_mutex_unlock(g_sslContextMutex);
1510 return CA_STATUS_FAILED;
1513 SslEndPoint_t * tep = GetSslPeer(endpoint);
1516 tep = InitiateTlsHandshake(endpoint);
1520 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1521 ca_mutex_unlock(g_sslContextMutex);
1522 return CA_STATUS_FAILED;
1525 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1527 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1531 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1532 RemovePeerFromList(&tep->sep.endpoint);
1533 ca_mutex_unlock(g_sslContextMutex);
1534 return CA_STATUS_FAILED;
1539 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1540 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1542 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1543 ca_mutex_unlock(g_sslContextMutex);
1544 return CA_STATUS_FAILED;
1548 ca_mutex_unlock(g_sslContextMutex);
1550 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1551 return CA_STATUS_OK;
1554 * Sends cached messages via TLS connection.
1556 * @param[in] tep remote address with session info
1558 static void SendCacheMessages(SslEndPoint_t * tep)
1560 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1561 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1563 uint32_t listIndex = 0;
1564 uint32_t listLength = 0;
1565 listLength = u_arraylist_length(tep->cacheList);
1566 for (listIndex = 0; listIndex < listLength;)
1569 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1570 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1574 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1576 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1580 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1582 if (u_arraylist_remove(tep->cacheList, listIndex))
1584 DeleteCacheMessage(msg);
1585 // Reduce list length by 1 as we removed one element.
1590 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1596 // Move to the next element
1600 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1603 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1605 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1606 g_sslCallback = tlsHandshakeCallback;
1607 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1609 // TODO move ConvertStrToUuid function to common module
1611 * Converts string UUID to CARemoteId_t
1613 * @param strUuid Device UUID in string format
1614 * @param uuid converted UUID in CARemoteId_t format
1616 * @return 0 for success.
1618 static int ConvertStrToUuid(const char* strUuid, CARemoteId_t* uuid)
1620 if(NULL == strUuid || NULL == uuid)
1622 OIC_LOG(ERROR, NET_SSL_TAG, "ConvertStrToUuid : Invalid param");
1628 size_t strUuidLen = 0;
1629 char convertedUuid[UUID_LENGTH * 2] = {0};
1631 strUuidLen = strlen(strUuid);
1634 OIC_LOG(INFO, NET_SSL_TAG, "The empty string detected, The UUID will be converted to "\
1635 "\"00000000-0000-0000-0000-000000000000\"");
1637 else if(UUID_LENGTH * 2 + 4 == strUuidLen)
1639 for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2)
1641 if(*(strUuid + urnIdx) == '-')
1645 sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]);
1650 OIC_LOG(ERROR, NET_SSL_TAG, "Invalid string uuid format");
1654 memcpy(uuid->id, convertedUuid, UUID_LENGTH);
1655 uuid->id_length = UUID_LENGTH;
1659 /* Read data from TLS connection
1661 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1664 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1665 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1666 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1668 ca_mutex_lock(g_sslContextMutex);
1669 if (NULL == g_caSslContext)
1671 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1672 ca_mutex_unlock(g_sslContextMutex);
1673 return CA_STATUS_FAILED;
1677 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1680 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1681 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1682 peer = NewSslEndPoint(&sep->endpoint, config);
1685 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1686 ca_mutex_unlock(g_sslContextMutex);
1687 return CA_STATUS_FAILED;
1689 //Load allowed TLS suites from SVR DB
1690 SetupCipher(config, sep->endpoint.adapter);
1692 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1695 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1697 ca_mutex_unlock(g_sslContextMutex);
1698 return CA_STATUS_FAILED;
1702 peer->recBuf.buff = data;
1703 peer->recBuf.len = dataLen;
1704 peer->recBuf.loaded = 0;
1706 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1708 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1709 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1714 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1716 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1717 mbedtls_ssl_session_reset(&peer->ssl);
1718 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1719 (const unsigned char *) sep->endpoint.addr,
1720 sizeof(sep->endpoint.addr));
1721 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1723 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1726 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1727 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1728 CA_STATUS_FAILED, GetAlertCode(flags));
1730 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1731 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1733 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1734 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1736 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1738 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1741 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1743 SSL_RES(peer, CA_STATUS_OK);
1744 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1746 SendCacheMessages(peer);
1749 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1750 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1752 char uuid[UUID_LENGTH * 2 + 5] = {0};
1753 void * uuidPos = NULL;
1754 void * userIdPos = NULL;
1755 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1756 ret = (NULL == peerCert ? -1 : 0);
1757 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1758 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1759 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1760 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1762 if (NULL != uuidPos)
1764 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1765 ret = ConvertStrToUuid(uuid, &peer->sep.identity);
1766 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1767 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1771 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1774 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1775 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1776 if (NULL != userIdPos)
1778 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1779 ret = ConvertStrToUuid(uuid, &peer->sep.userId);
1780 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1781 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1785 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1789 ca_mutex_unlock(g_sslContextMutex);
1790 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1791 return CA_STATUS_OK;
1795 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1797 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1800 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1801 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1803 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1804 // TinyDTLS sends fatal close_notify alert
1805 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1806 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1807 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1809 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1810 SSL_CLOSE_NOTIFY(peer, ret);
1811 RemovePeerFromList(&peer->sep.endpoint);
1812 ca_mutex_unlock(g_sslContextMutex);
1813 return CA_STATUS_OK;
1818 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1819 //SSL_RES(peer, CA_STATUS_FAILED);
1820 RemovePeerFromList(&peer->sep.endpoint);
1821 ca_mutex_unlock(g_sslContextMutex);
1822 return CA_STATUS_FAILED;
1824 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1825 if (0 == adapterIndex || adapterIndex == 1)
1827 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1831 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1832 RemovePeerFromList(&peer->sep.endpoint);
1833 ca_mutex_unlock(g_sslContextMutex);
1834 return CA_STATUS_FAILED;
1838 ca_mutex_unlock(g_sslContextMutex);
1839 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1840 return CA_STATUS_OK;
1843 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1844 CAPacketSendCallback sendCallback,
1845 CATransportAdapter_t type)
1847 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1848 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1849 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1850 ca_mutex_lock(g_sslContextMutex);
1851 if (NULL == g_caSslContext)
1853 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1854 ca_mutex_unlock(g_sslContextMutex);
1858 // if (MAX_SUPPORTED_ADAPTERS > type)
1863 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1864 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1866 case CA_ADAPTER_TCP:
1867 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1868 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1871 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1875 ca_mutex_unlock(g_sslContextMutex);
1876 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1879 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1881 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1882 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1883 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1886 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1889 //todo check that Cred with RSA cert exists
1890 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1891 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1892 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1893 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1895 #ifdef __WITH_DTLS__
1896 //todo check that Cred with RSA cert exists
1897 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1898 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1899 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1900 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1902 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1905 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1907 if (false == g_caSslContext->cipherFlag[1])
1909 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1910 return CA_STATUS_FAILED;
1913 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1914 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1915 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1916 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1918 #ifdef __WITH_DTLS__
1919 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1920 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1921 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1922 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1924 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1927 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1930 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1931 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1932 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1933 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1935 #ifdef __WITH_DTLS__
1936 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1937 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1938 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1939 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1941 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1944 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1947 if (false == g_caSslContext->cipherFlag[0])
1949 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1950 return CA_STATUS_FAILED;
1954 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1955 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1956 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1957 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1959 #ifdef __WITH_DTLS__
1960 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1961 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1962 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1963 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1965 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1970 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1971 return CA_STATUS_FAILED;
1974 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1975 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1976 return CA_STATUS_OK;
1979 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1981 CAResult_t res = CA_STATUS_OK;
1982 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1983 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1984 ca_mutex_lock(g_sslContextMutex);
1985 if (NULL == InitiateTlsHandshake(endpoint))
1987 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1988 res = CA_STATUS_FAILED;
1990 ca_mutex_unlock(g_sslContextMutex);
1991 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1995 * Expands the secret into blocks of data according
1996 * to the algorithm specified in section 5 of RFC 4346
1998 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2000 * @param key secret key.
2001 * @param keyLen secret key length.
2002 * @param label A PRF label.
2003 * @param labelLen Actual length of @p label.
2004 * @param random1 Random seed.
2005 * @param random1Len Actual length of @p random1 (may be zero).
2006 * @param random2 Random seed.
2007 * @param random2Len Actual length of @p random2 (may be zero).
2008 * @param buf Output buffer for generated random data.
2009 * @param bufLen Maximum size of @p buf.
2011 * @return The actual number of bytes written to @p buf or @c -1 on error.
2014 static int pHash (const unsigned char *key, size_t keyLen,
2015 const unsigned char *label, size_t labelLen,
2016 const unsigned char *random1, size_t random1Len,
2017 const unsigned char *random2, size_t random2Len,
2018 unsigned char *buf, size_t bufLen)
2020 unsigned char A[RANDOM_LEN] = {0};
2021 unsigned char tmp[RANDOM_LEN] = {0};
2022 size_t dLen; /* digest length */
2023 size_t len = 0; /* result length */
2025 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2026 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2027 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2028 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2029 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2031 mbedtls_md_context_t hmacA;
2032 mbedtls_md_context_t hmacP;
2034 mbedtls_md_init(&hmacA);
2035 mbedtls_md_init(&hmacP);
2037 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2038 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2040 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2041 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2042 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2043 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2044 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2048 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2050 while (len + dLen < bufLen)
2052 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2053 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2054 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2055 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2056 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2057 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2059 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2063 memcpy(buf, tmp, dLen);
2066 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2067 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2068 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2069 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2072 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2073 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2074 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2076 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2077 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2078 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2079 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2081 memcpy(buf, tmp, bufLen - len);
2083 mbedtls_md_free(&hmacA);
2084 mbedtls_md_free(&hmacP);
2088 mbedtls_md_free(&hmacA);
2089 mbedtls_md_free(&hmacP);
2093 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2094 const uint8_t* label, const size_t labelLen,
2095 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2096 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2097 uint8_t* ownerPsk, const size_t ownerPskSize)
2099 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2100 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2101 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2102 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2103 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2104 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2106 // TODO: Added as workaround, need to debug
2107 ca_mutex_unlock(g_sslContextMutex);
2109 ca_mutex_lock(g_sslContextMutex);
2110 if (NULL == g_caSslContext)
2112 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2113 ca_mutex_unlock(g_sslContextMutex);
2114 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2115 return CA_STATUS_FAILED;
2117 SslEndPoint_t * tep = GetSslPeer(endpoint);
2120 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2121 ca_mutex_unlock(g_sslContextMutex);
2122 return CA_STATUS_FAILED;
2125 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2127 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2128 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2129 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2130 keyblock, KEY_BLOCK_LEN);
2133 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2134 ca_mutex_unlock(g_sslContextMutex);
2135 return CA_STATUS_FAILED;
2137 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2138 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2139 provServerDeviceId, provServerDeviceIdLen,
2140 ownerPsk, ownerPskSize);
2143 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2144 ca_mutex_unlock(g_sslContextMutex);
2145 return CA_STATUS_FAILED;
2148 ca_mutex_unlock(g_sslContextMutex);
2150 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2151 return CA_STATUS_OK;