1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
29 #include "byte_array.h"
32 // headers required for mbed TLS
33 #include "mbedtls/platform.h"
34 #include "mbedtls/ssl.h"
35 #include "mbedtls/entropy.h"
36 #include "mbedtls/ctr_drbg.h"
37 #include "mbedtls/pkcs12.h"
38 #include "mbedtls/ssl_internal.h"
40 #include "mbedtls/timing.h"
41 #include "mbedtls/ssl_cookie.h"
45 #include "mbedtls/debug.h"
46 #include "mbedtls/version.h"
50 #include <sys/types.h>
58 * @def MBED_TLS_VERSION_LEN
59 * @brief mbedTLS version string length
61 #define MBED_TLS_VERSION_LEN (16)
64 * @brief Seed for initialization RNG
66 #define SEED "IOTIVITY_RND"
69 * @brief uuid prefix in certificate subject field
71 #define UUID_PREFIX "uuid:"
74 * @brief userid prefix in certificate alternative subject name field
76 #define USERID_PREFIX "userid:"
80 * @brief Logging tag for module name
82 #define NET_SSL_TAG "OIC_CA_NET_SSL"
85 * @brief Logging tag for mbedTLS library
87 #define MBED_TLS_TAG "MBED_TLS"
89 * @def MMBED_TLS_DEBUG_LEVEL
90 * @brief Logging level for mbedTLS library
92 #define MBED_TLS_DEBUG_LEVEL (4)
95 * @def TLS_MSG_BUF_LEN
96 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
99 #define TLS_MSG_BUF_LEN (16384)
102 * @brief PSK keys max length
104 #define PSK_LENGTH (256/8)
106 * @def UUID_LENGTHPSK_LENGTH
107 * @brief Identity max length
109 #define UUID_LENGTH (128/8)
111 * @def MASTER_SECRET_LEN
112 * @brief TLS master secret length
114 #define MASTER_SECRET_LEN (48)
117 * @brief TLS client and server random bytes length
119 #define RANDOM_LEN (32)
122 * @brief PSK generated keyblock length
124 #define KEY_BLOCK_LEN (96)
126 /**@def SSL_CLOSE_NOTIFY(peer, ret)
128 * Notifies of existing \a peer about closing TLS connection.
130 * @param[in] peer remote peer
131 * @param[in] ret used internaly
133 #define SSL_CLOSE_NOTIFY(peer, ret) \
136 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
137 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
139 /**@def SSL_RES(peer, status)
141 * Sets SSL result for callback.
143 * @param[in] peer remote peer
145 #define SSL_RES(peer, status) \
148 CAErrorInfo_t errorInfo; \
149 errorInfo.result = (status); \
150 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
152 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
154 * Checks handshake result and send alert if needed.
156 * @param[in] peer remote peer
157 * @param[in] ret error code
158 * @param[in] str debug string
159 * @param[in] mutex ca mutex
160 * @param[in] return error code
161 * @param[in] msg allert message
163 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
164 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
165 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
166 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
167 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
169 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
170 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
171 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
173 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
175 SSL_RES((peer), CA_STATUS_FAILED); \
176 RemovePeerFromList(&(peer)->sep.endpoint); \
179 ca_mutex_unlock(g_sslContextMutex); \
181 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
184 /** @def CHECK_MBEDTLS_RET(f, ...)
185 * A macro that checks \a f function return code
187 * If function returns error code it goes to error processing.
189 * @param[in] f Function to call
191 #define CHECK_MBEDTLS_RET(f, ...) do { \
192 int ret = (f)(__VA_ARGS__); \
194 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
200 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
201 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
202 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
203 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
209 ADAPTER_CURVE_SECP256R1,
213 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
215 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
216 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
217 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
218 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
221 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
223 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
225 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
228 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
235 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
236 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
237 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
238 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
239 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
240 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
241 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
242 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
243 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
244 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
245 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
246 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
247 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
248 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
249 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
250 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
251 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
252 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
253 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
254 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
255 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
259 static int GetAlertCode(uint32_t flags)
261 const CrtVerifyAlert_t *cur;
263 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
265 if (flags & cur->code)
275 * Pass a message to the OIC logger.
277 * @param[in] ctx opaque context for the callback
278 * @param[in] level debug level
279 * @param[in] file file name
280 * @param[in] line line number
281 * @param[in] str message
283 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
290 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
296 * Finds the first occurrence of the byte string s in byte string l.
299 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
303 const char *cl = (const char *)l;
304 const char *cs = (const char *)s;
306 if (lLen == 0 || sLen == 0)
316 return (void *)memchr(l, (int)*cs, lLen);
319 last = (char *)cl + lLen - sLen;
321 for (cur = (char *)cl; cur <= last; cur++)
323 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
332 * structure to holds the information of cache message and address info.
334 typedef ByteArray_t SslCacheMessage_t;
338 * Data structure for holding the send and recv callbacks.
340 typedef struct TlsCallBacks
342 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
343 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
347 * Data structure for holding the mbedTLS interface related info.
349 typedef struct SslContext
351 u_arraylist_t *peerList; /**< peer list which holds the mapping between
352 peer id, it's n/w address and mbedTLS context. */
353 mbedtls_entropy_context entropy;
354 mbedtls_ctr_drbg_context rnd;
356 mbedtls_x509_crt crt;
357 mbedtls_pk_context pkey;
359 mbedtls_ssl_config clientTlsConf;
360 mbedtls_ssl_config serverTlsConf;
361 mbedtls_ssl_config clientDtlsConf;
362 mbedtls_ssl_config serverDtlsConf;
364 mbedtls_ssl_cookie_ctx cookie_ctx;
365 mbedtls_timing_delay_context timer;
366 #endif // __WITH_DTLS__
367 AdapterCipher_t cipher;
368 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
369 mbedtls_x509_crl crl;
376 * @var g_caSslContext
377 * @brief global context which holds tls context and cache list information.
379 static SslContext_t * g_caSslContext = NULL;
382 * @var g_getCredentialsCallback
383 * @brief callback to get TLS credentials (same as for DTLS)
385 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
387 * @var g_getCerdentilTypesCallback
388 * @brief callback to get different credential types from SRM
390 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
392 * @var g_getPkixInfoCallback
394 * @brief callback to get X.509-based Public Key Infrastructure
396 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
399 * @var g_dtlsContextMutex
400 * @brief Mutex to synchronize access to g_caSslContext.
402 static ca_mutex g_sslContextMutex = NULL;
406 * @brief callback to deliver the TLS handshake result
408 static CAErrorCallback g_sslCallback = NULL;
411 * Data structure for holding the data to be received.
413 typedef struct SslRecBuf
420 * Data structure for holding the data related to endpoint
423 typedef struct SslEndPoint
425 mbedtls_ssl_context ssl;
426 CASecureEndpoint_t sep;
427 u_arraylist_t * cacheList;
429 uint8_t master[MASTER_SECRET_LEN];
430 uint8_t random[2*RANDOM_LEN];
432 mbedtls_ssl_cookie_ctx cookieCtx;
437 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
439 // TODO Does this method needs protection of tlsContextMutex?
440 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
441 g_getCredentialsCallback = credCallback;
442 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
445 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
447 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
448 g_getPkixInfoCallback = infoCallback;
449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
451 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
453 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
454 g_getCredentialTypesCallback = credTypesCallback;
455 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
458 static int GetAdapterIndex(CATransportAdapter_t adapter)
467 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
474 * @param[in] tep TLS endpoint
475 * @param[in] data message
476 * @param[in] dataLen message length
478 * @return message length
480 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
482 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
483 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", 0);
484 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
485 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
486 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
487 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
488 if (0 == adapterIndex || 1 == adapterIndex)
490 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
491 sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, (uint32_t) dataLen);
495 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
499 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
505 * @param[in] tep TLS endpoint
506 * @param[in] data message
507 * @param[in] dataLen message length
509 * @return read length
511 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
513 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
514 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
515 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
517 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
518 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
519 retLen = (retLen < dataLen ? retLen : dataLen);
521 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
522 recBuf->loaded += retLen;
524 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
529 * Parse chain of X.509 certificates.
531 * @param[out] crt container for X.509 certificates
532 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
533 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
534 * @param[in] bufLen buffer length
536 * @return 0 on success, -1 on error
538 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
540 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
541 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
542 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
547 unsigned char * tmp = NULL;
549 char pemCertHeader[] = {
550 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
551 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
553 char pemCertFooter[] = {
554 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
555 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
557 size_t pemCertHeaderLen = sizeof(pemCertHeader);
558 size_t pemCertFooterLen = sizeof(pemCertFooter);
562 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
564 tmp = (unsigned char *)buf + pos + 1;
565 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
566 if (pos + len < bufLen)
568 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
572 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
574 void * endPos = NULL;
575 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
578 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
579 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
582 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
583 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
584 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
586 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
588 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
589 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
591 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
595 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
596 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
599 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
604 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
605 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
606 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
610 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
617 //Loads PKIX related information from SRM
618 static int InitPKIX(CATransportAdapter_t adapter)
620 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
621 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
622 g_getPkixInfoCallback(&g_pkiInfo);
624 mbedtls_x509_crt_free(&g_caSslContext->ca);
625 mbedtls_x509_crt_free(&g_caSslContext->crt);
626 mbedtls_pk_free(&g_caSslContext->pkey);
627 mbedtls_x509_crl_free(&g_caSslContext->crl);
629 mbedtls_x509_crt_init(&g_caSslContext->ca);
630 mbedtls_x509_crt_init(&g_caSslContext->crt);
631 mbedtls_pk_init(&g_caSslContext->pkey);
632 mbedtls_x509_crl_init(&g_caSslContext->crl);
634 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
635 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
636 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
637 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
639 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
642 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
645 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
649 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
653 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
656 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
659 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
662 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
667 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
670 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
671 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
675 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
678 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
679 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
680 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
684 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
685 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
688 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
695 * @param[in] notUsed opaque context
696 * @param[in] ssl mbedTLS context
697 * @param[in] desc identity
698 * @param[in] descLen identity length
700 * @return 0 on success any other return value will result in a denied PSK identity
702 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
703 const unsigned char * desc, size_t descLen)
705 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
706 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
707 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
708 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
709 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
711 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
715 uint8_t keyBuf[PSK_LENGTH] = {0};
717 // Retrieve the credentials blob from security module
718 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
721 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
722 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
723 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
724 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
726 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
727 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
729 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
733 * Gets session corresponding for endpoint.
735 * @param[in] peer remote address
737 * @return TLS session or NULL
739 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
741 uint32_t listIndex = 0;
742 uint32_t listLength = 0;
743 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
744 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
746 SslEndPoint_t *tep = NULL;
747 listLength = u_arraylist_length(g_caSslContext->peerList);
748 for (listIndex = 0; listIndex < listLength; listIndex++)
750 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
755 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
756 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
757 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
758 && (peer->port == tep->sep.endpoint.port))
760 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
764 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
765 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
769 #ifdef _ENABLE_MULTIPLE_OWNER_
771 * Gets CA secure endpoint info corresponding for endpoint.
773 * @param[in] peer remote address
775 * @return CASecureEndpoint or NULL
777 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
779 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
781 // TODO: Added as workaround, need to debug
782 ca_mutex_unlock(g_sslContextMutex);
784 ca_mutex_lock(g_sslContextMutex);
785 if (NULL == g_caSslContext)
787 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
788 ca_mutex_unlock(g_sslContextMutex);
792 SslEndPoint_t* sslPeer = GetSslPeer(peer);
795 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
796 ca_mutex_unlock(g_sslContextMutex);
797 return &sslPeer->sep;
800 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
801 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
802 ca_mutex_unlock(g_sslContextMutex);
808 * Deletes cached message.
810 * @param[in] msg message
812 static void DeleteCacheMessage(SslCacheMessage_t * msg)
814 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
815 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
820 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
823 * Deletes cached message list.
825 * @param[in] cacheList list of cached messages
827 static void DeleteCacheList(u_arraylist_t * cacheList)
829 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
830 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
831 uint32_t listIndex = 0;
832 uint32_t listLength = 0;
834 listLength = u_arraylist_length(cacheList);
835 for (listIndex = 0; listIndex < listLength; listIndex++)
837 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
840 DeleteCacheMessage(msg);
843 u_arraylist_free(&cacheList);
845 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
848 * Deletes endpoint with session.
850 * @param[in] tep endpoint with session info
852 static void DeleteSslEndPoint(SslEndPoint_t * tep)
854 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
855 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
857 mbedtls_ssl_free(&tep->ssl);
859 mbedtls_ssl_cookie_free(&tep->cookieCtx);
861 DeleteCacheList(tep->cacheList);
863 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
866 * Removes endpoint session from list.
868 * @param[in] endpoint remote address
870 static void RemovePeerFromList(CAEndpoint_t * endpoint)
872 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
873 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
874 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
876 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
881 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
882 && (endpoint->port == tep->sep.endpoint.port))
884 u_arraylist_remove(g_caSslContext->peerList, listIndex);
885 DeleteSslEndPoint(tep);
891 * Deletes session list.
893 static void DeletePeerList()
895 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
896 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
898 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
903 DeleteSslEndPoint(tep);
905 u_arraylist_free(&g_caSslContext->peerList);
908 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
910 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
911 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
913 ca_mutex_lock(g_sslContextMutex);
914 if (NULL == g_caSslContext)
916 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
917 ca_mutex_unlock(g_sslContextMutex);
918 return CA_STATUS_FAILED;
920 SslEndPoint_t * tep = GetSslPeer(endpoint);
923 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
924 ca_mutex_unlock(g_sslContextMutex);
925 return CA_STATUS_FAILED;
927 /* No error checking, the connection might be closed already */
931 ret = mbedtls_ssl_close_notify(&tep->ssl);
933 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
935 RemovePeerFromList(&tep->sep.endpoint);
936 ca_mutex_unlock(g_sslContextMutex);
938 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
942 * Creates session for endpoint.
944 * @param[in] endpoint remote address
945 * @param[in] config mbedTLS configuration info
947 * @return TLS endpoint or NULL
949 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
951 SslEndPoint_t * tep = NULL;
952 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
953 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
954 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
956 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
959 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
963 tep->sep.endpoint = *endpoint;
964 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
966 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
968 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
970 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
974 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
975 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
977 mbedtls_ssl_set_timer_cb(&tep->ssl, &g_caSslContext->timer,
978 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
979 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
981 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
982 &g_caSslContext->rnd))
984 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
986 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
989 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
991 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
992 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
994 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
996 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1001 tep->cacheList = u_arraylist_create();
1002 if (NULL == tep->cacheList)
1004 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1005 mbedtls_ssl_free(&tep->ssl);
1007 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1010 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1014 * Initializes PSK identity.
1016 * @param[out] config client/server config to be updated
1018 * @return 0 on success or -1 on error
1020 static int InitPskIdentity(mbedtls_ssl_config * config)
1022 uint8_t idBuf[UUID_LENGTH] = {0};
1023 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1024 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1026 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1028 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1029 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1032 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1034 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1035 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1038 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1041 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1044 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1045 if (NULL == g_getCredentialTypesCallback)
1047 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1051 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1052 // Retrieve the PSK credential from SRM
1053 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1054 if (0 != InitPskIdentity(config))
1056 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1059 // Retrieve the ECC credential from SRM
1060 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1062 int ret = InitPKIX(adapter);
1065 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1069 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1070 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1072 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1075 if (true == g_caSslContext->cipherFlag[1])
1077 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1080 if (true == g_caSslContext->cipherFlag[0])
1082 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1085 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1087 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1090 * Initiate TLS handshake with endpoint.
1092 * @param[in] endpoint remote address
1094 * @return TLS endpoint or NULL
1096 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1099 SslEndPoint_t * tep = NULL;
1101 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1102 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1105 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1106 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1107 tep = NewSslEndPoint(endpoint, config);
1110 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1114 //Load allowed SVR suites from SVR DB
1115 SetupCipher(config, endpoint->adapter);
1117 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1118 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1121 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1122 DeleteSslEndPoint(tep);
1126 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1128 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1129 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1133 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1135 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1139 void CAdeinitSslAdapter()
1141 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1143 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1144 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1146 //Lock tlsContext mutex
1147 ca_mutex_lock(g_sslContextMutex);
1152 // De-initialize mbedTLS
1153 mbedtls_x509_crt_free(&g_caSslContext->crt);
1154 mbedtls_pk_free(&g_caSslContext->pkey);
1156 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1157 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1158 #endif // __WITH_TLS__
1159 #ifdef __WITH_DTLS__
1160 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1161 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1162 #endif // __WITH_DTLS__
1163 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1164 mbedtls_entropy_free(&g_caSslContext->entropy);
1166 // De-initialize tls Context
1167 OICFree(g_caSslContext);
1168 g_caSslContext = NULL;
1170 // Unlock tlsContext mutex and de-initialize it
1171 ca_mutex_unlock(g_sslContextMutex);
1172 ca_mutex_free(g_sslContextMutex);
1173 g_sslContextMutex = NULL;
1175 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1178 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1180 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1181 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1182 mbedtls_ssl_config_init(conf);
1183 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1185 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1189 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1190 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1191 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1192 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1193 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1194 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1197 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1198 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1200 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1204 CAResult_t CAinitSslAdapter()
1206 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1207 // Initialize mutex for tlsContext
1208 if (NULL == g_sslContextMutex)
1210 g_sslContextMutex = ca_mutex_new();
1211 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1215 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1216 return CA_STATUS_OK;
1219 // Lock tlsContext mutex and create tlsContext
1220 ca_mutex_lock(g_sslContextMutex);
1221 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1223 if (NULL == g_caSslContext)
1225 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1226 ca_mutex_unlock(g_sslContextMutex);
1227 ca_mutex_free(g_sslContextMutex);
1228 g_sslContextMutex = NULL;
1229 return CA_MEMORY_ALLOC_FAILED;
1233 g_caSslContext->peerList = u_arraylist_create();
1235 if(NULL == g_caSslContext->peerList)
1237 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1238 OICFree(g_caSslContext);
1239 g_caSslContext = NULL;
1240 ca_mutex_unlock(g_sslContextMutex);
1241 ca_mutex_free(g_sslContextMutex);
1242 g_sslContextMutex = NULL;
1243 return CA_STATUS_FAILED;
1246 /* Initialize TLS library
1249 char version[MBED_TLS_VERSION_LEN];
1250 mbedtls_version_get_string(version);
1251 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1256 mbedtls_entropy_init(&g_caSslContext->entropy);
1257 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1260 unsigned char seed[sizeof(SEED)] = {0};
1262 urandomFd = open("/dev/urandom", O_RDONLY);
1265 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1266 ca_mutex_unlock(g_sslContextMutex);
1267 CAdeinitSslAdapter();
1268 return CA_STATUS_FAILED;
1270 if(0 > read(urandomFd, seed, sizeof(seed)))
1272 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1274 ca_mutex_unlock(g_sslContextMutex);
1275 CAdeinitSslAdapter();
1276 return CA_STATUS_FAILED;
1281 unsigned char * seed = (unsigned char*) SEED;
1283 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1284 &g_caSslContext->entropy, seed, sizeof(SEED)))
1286 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1287 ca_mutex_unlock(g_sslContextMutex);
1288 CAdeinitSslAdapter();
1289 return CA_STATUS_FAILED;
1291 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1294 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1295 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1297 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1298 ca_mutex_unlock(g_sslContextMutex);
1299 CAdeinitSslAdapter();
1300 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1301 return CA_STATUS_FAILED;
1304 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1305 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1307 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1308 ca_mutex_unlock(g_sslContextMutex);
1309 CAdeinitSslAdapter();
1310 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1311 return CA_STATUS_FAILED;
1313 #endif // __WITH_TLS__
1314 #ifdef __WITH_DTLS__
1315 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1316 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1318 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1319 ca_mutex_unlock(g_sslContextMutex);
1320 CAdeinitSslAdapter();
1321 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1322 return CA_STATUS_FAILED;
1325 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1326 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1328 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1329 ca_mutex_unlock(g_sslContextMutex);
1330 CAdeinitSslAdapter();
1331 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1332 return CA_STATUS_FAILED;
1334 #endif // __WITH_DTLS__
1336 // set default cipher
1337 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1340 mbedtls_x509_crt_init(&g_caSslContext->ca);
1341 mbedtls_x509_crt_init(&g_caSslContext->crt);
1342 mbedtls_pk_init(&g_caSslContext->pkey);
1343 mbedtls_x509_crl_init(&g_caSslContext->crl);
1345 ca_mutex_unlock(g_sslContextMutex);
1347 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1348 return CA_STATUS_OK;
1351 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1353 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1354 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1357 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1358 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1361 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1362 if (NULL == message)
1364 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1365 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1369 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1370 if (NULL == message->data)
1372 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1374 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1377 memcpy(message->data, data, dataLen);
1378 message->len = dataLen;
1379 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1383 /* Send data via TLS connection.
1385 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1386 void *data, uint32_t dataLen)
1390 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1392 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1393 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1394 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1398 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1399 return CA_STATUS_FAILED;
1402 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1404 ca_mutex_lock(g_sslContextMutex);
1405 if(NULL == g_caSslContext)
1407 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1408 ca_mutex_unlock(g_sslContextMutex);
1409 return CA_STATUS_FAILED;
1412 SslEndPoint_t * tep = GetSslPeer(endpoint);
1415 tep = InitiateTlsHandshake(endpoint);
1419 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1420 ca_mutex_unlock(g_sslContextMutex);
1421 return CA_STATUS_FAILED;
1424 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1426 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1430 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1431 RemovePeerFromList(&tep->sep.endpoint);
1432 ca_mutex_unlock(g_sslContextMutex);
1433 return CA_STATUS_FAILED;
1438 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1439 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1441 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1442 ca_mutex_unlock(g_sslContextMutex);
1443 return CA_STATUS_FAILED;
1447 ca_mutex_unlock(g_sslContextMutex);
1449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1450 return CA_STATUS_OK;
1453 * Sends cached messages via TLS connection.
1455 * @param[in] tep remote address with session info
1457 static void SendCacheMessages(SslEndPoint_t * tep)
1459 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1460 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1462 uint32_t listIndex = 0;
1463 uint32_t listLength = 0;
1464 listLength = u_arraylist_length(tep->cacheList);
1465 for (listIndex = 0; listIndex < listLength;)
1468 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1469 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1473 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1475 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1479 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1481 if (u_arraylist_remove(tep->cacheList, listIndex))
1483 DeleteCacheMessage(msg);
1484 // Reduce list length by 1 as we removed one element.
1489 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1495 // Move to the next element
1499 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1502 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1504 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1505 g_sslCallback = tlsHandshakeCallback;
1506 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1508 // TODO move ConvertStrToUuid function to common module
1510 * Converts string UUID to CARemoteId_t
1512 * @param strUuid Device UUID in string format
1513 * @param uuid converted UUID in CARemoteId_t format
1515 * @return 0 for success.
1517 static int ConvertStrToUuid(const char* strUuid, CARemoteId_t* uuid)
1519 if(NULL == strUuid || NULL == uuid)
1521 OIC_LOG(ERROR, NET_SSL_TAG, "ConvertStrToUuid : Invalid param");
1527 size_t strUuidLen = 0;
1528 char convertedUuid[UUID_LENGTH * 2] = {0};
1530 strUuidLen = strlen(strUuid);
1533 OIC_LOG(INFO, NET_SSL_TAG, "The empty string detected, The UUID will be converted to "\
1534 "\"00000000-0000-0000-0000-000000000000\"");
1536 else if(UUID_LENGTH * 2 + 4 == strUuidLen)
1538 for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2)
1540 if(*(strUuid + urnIdx) == '-')
1544 sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]);
1549 OIC_LOG(ERROR, NET_SSL_TAG, "Invalid string uuid format");
1553 memcpy(uuid->id, convertedUuid, UUID_LENGTH);
1554 uuid->id_length = UUID_LENGTH;
1558 /* Read data from TLS connection
1560 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1563 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1564 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1565 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1567 ca_mutex_lock(g_sslContextMutex);
1568 if (NULL == g_caSslContext)
1570 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1571 ca_mutex_unlock(g_sslContextMutex);
1572 return CA_STATUS_FAILED;
1576 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1579 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1580 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1581 peer = NewSslEndPoint(&sep->endpoint, config);
1584 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1585 ca_mutex_unlock(g_sslContextMutex);
1586 return CA_STATUS_FAILED;
1588 //Load allowed TLS suites from SVR DB
1589 SetupCipher(config, sep->endpoint.adapter);
1591 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1594 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1596 ca_mutex_unlock(g_sslContextMutex);
1597 return CA_STATUS_FAILED;
1601 peer->recBuf.buff = data;
1602 peer->recBuf.len = dataLen;
1603 peer->recBuf.loaded = 0;
1605 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1607 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1608 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1613 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1615 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1616 mbedtls_ssl_session_reset(&peer->ssl);
1617 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1618 (const unsigned char *) sep->endpoint.addr,
1619 sizeof(sep->endpoint.addr));
1620 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1622 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1625 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1626 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1627 CA_STATUS_FAILED, GetAlertCode(flags));
1629 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1630 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1632 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1633 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1635 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1637 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1640 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1642 SSL_RES(peer, CA_STATUS_OK);
1643 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1645 SendCacheMessages(peer);
1648 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1649 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1651 char uuid[UUID_LENGTH * 2 + 5] = {0};
1652 void * uuidPos = NULL;
1653 void * userIdPos = NULL;
1654 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1655 ret = (NULL == peerCert ? -1 : 0);
1656 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1657 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1658 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1659 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1661 if (NULL != uuidPos)
1663 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1664 ret = ConvertStrToUuid(uuid, &peer->sep.identity);
1665 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1666 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1670 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1673 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1674 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1675 if (NULL != userIdPos)
1677 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1678 ret = ConvertStrToUuid(uuid, &peer->sep.userId);
1679 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1680 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1684 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1688 ca_mutex_unlock(g_sslContextMutex);
1689 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1690 return CA_STATUS_OK;
1694 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1696 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1699 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1700 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1702 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret)
1704 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1705 SSL_CLOSE_NOTIFY(peer, ret);
1706 RemovePeerFromList(&peer->sep.endpoint);
1707 ca_mutex_unlock(g_sslContextMutex);
1708 return CA_STATUS_OK;
1713 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1714 //SSL_RES(peer, CA_STATUS_FAILED);
1715 RemovePeerFromList(&peer->sep.endpoint);
1716 ca_mutex_unlock(g_sslContextMutex);
1717 return CA_STATUS_FAILED;
1719 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1720 if (0 == adapterIndex || adapterIndex == 1)
1722 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1726 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1727 RemovePeerFromList(&peer->sep.endpoint);
1728 ca_mutex_unlock(g_sslContextMutex);
1729 return CA_STATUS_FAILED;
1733 ca_mutex_unlock(g_sslContextMutex);
1734 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1735 return CA_STATUS_OK;
1738 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1739 CAPacketSendCallback sendCallback,
1740 CATransportAdapter_t type)
1742 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1743 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1744 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1745 ca_mutex_lock(g_sslContextMutex);
1746 if (NULL == g_caSslContext)
1748 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1749 ca_mutex_unlock(g_sslContextMutex);
1753 // if (MAX_SUPPORTED_ADAPTERS > type)
1758 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1759 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1761 case CA_ADAPTER_TCP:
1762 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1763 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1766 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1770 ca_mutex_unlock(g_sslContextMutex);
1771 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1774 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1776 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1777 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1778 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1781 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1784 //todo check that Cred with RSA cert exists
1785 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1786 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1787 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1788 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1790 #ifdef __WITH_DTLS__
1791 //todo check that Cred with RSA cert exists
1792 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1793 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1794 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1795 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1797 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1800 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1802 if (false == g_caSslContext->cipherFlag[1])
1804 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1805 return CA_STATUS_FAILED;
1808 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1809 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1810 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1811 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1813 #ifdef __WITH_DTLS__
1814 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1815 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1816 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1817 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1819 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1822 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1825 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1826 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1827 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1828 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1830 #ifdef __WITH_DTLS__
1831 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1832 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1833 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1834 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1836 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1839 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1842 if (false == g_caSslContext->cipherFlag[0])
1844 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1845 return CA_STATUS_FAILED;
1849 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1850 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1851 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1852 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1854 #ifdef __WITH_DTLS__
1855 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1856 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1857 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1858 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1860 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1865 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1866 return CA_STATUS_FAILED;
1869 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1870 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1871 return CA_STATUS_OK;
1874 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1876 CAResult_t res = CA_STATUS_OK;
1877 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1878 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1879 ca_mutex_lock(g_sslContextMutex);
1880 if (NULL == InitiateTlsHandshake(endpoint))
1882 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1883 res = CA_STATUS_FAILED;
1885 ca_mutex_unlock(g_sslContextMutex);
1886 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1890 * Expands the secret into blocks of data according
1891 * to the algorithm specified in section 5 of RFC 4346
1893 * This function writes upto @p bufLen bytes into the given output buffer @p buf
1895 * @param key secret key.
1896 * @param keyLen secret key length.
1897 * @param label A PRF label.
1898 * @param labelLen Actual length of @p label.
1899 * @param random1 Random seed.
1900 * @param random1Len Actual length of @p random1 (may be zero).
1901 * @param random2 Random seed.
1902 * @param random2Len Actual length of @p random2 (may be zero).
1903 * @param buf Output buffer for generated random data.
1904 * @param bufLen Maximum size of @p buf.
1906 * @return The actual number of bytes written to @p buf or @c -1 on error.
1909 static int pHash (const unsigned char *key, size_t keyLen,
1910 const unsigned char *label, size_t labelLen,
1911 const unsigned char *random1, size_t random1Len,
1912 const unsigned char *random2, size_t random2Len,
1913 unsigned char *buf, size_t bufLen)
1915 unsigned char A[RANDOM_LEN] = {0};
1916 unsigned char tmp[RANDOM_LEN] = {0};
1917 size_t dLen; /* digest length */
1918 size_t len = 0; /* result length */
1920 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
1921 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
1922 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
1923 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
1924 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
1926 mbedtls_md_context_t hmacA;
1927 mbedtls_md_context_t hmacP;
1929 mbedtls_md_init(&hmacA);
1930 mbedtls_md_init(&hmacP);
1932 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1933 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
1935 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
1936 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
1937 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
1938 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
1939 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
1943 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1945 while (len + dLen < bufLen)
1947 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
1948 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1949 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
1950 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
1951 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
1952 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
1954 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
1958 memcpy(buf, tmp, dLen);
1961 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
1962 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
1963 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
1964 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
1967 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
1968 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
1969 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
1971 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
1972 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
1973 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
1974 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
1976 memcpy(buf, tmp, bufLen - len);
1978 mbedtls_md_free(&hmacA);
1979 mbedtls_md_free(&hmacP);
1983 mbedtls_md_free(&hmacA);
1984 mbedtls_md_free(&hmacP);
1988 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
1989 const uint8_t* label, const size_t labelLen,
1990 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
1991 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
1992 uint8_t* ownerPsk, const size_t ownerPskSize)
1994 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1995 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
1996 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
1997 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
1998 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
1999 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2001 // TODO: Added as workaround, need to debug
2002 ca_mutex_unlock(g_sslContextMutex);
2004 ca_mutex_lock(g_sslContextMutex);
2005 if (NULL == g_caSslContext)
2007 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2008 ca_mutex_unlock(g_sslContextMutex);
2009 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2010 return CA_STATUS_FAILED;
2012 SslEndPoint_t * tep = GetSslPeer(endpoint);
2015 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2016 ca_mutex_unlock(g_sslContextMutex);
2017 return CA_STATUS_FAILED;
2020 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2022 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2023 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2024 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2025 keyblock, KEY_BLOCK_LEN);
2028 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2029 ca_mutex_unlock(g_sslContextMutex);
2030 return CA_STATUS_FAILED;
2032 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2033 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2034 provServerDeviceId, provServerDeviceIdLen,
2035 ownerPsk, ownerPskSize);
2038 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2039 ca_mutex_unlock(g_sslContextMutex);
2040 return CA_STATUS_FAILED;
2043 ca_mutex_unlock(g_sslContextMutex);
2045 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2046 return CA_STATUS_OK;