1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
29 #include "byte_array.h"
34 // headers required for mbed TLS
35 #include "mbedtls/platform.h"
36 #include "mbedtls/ssl.h"
37 #include "mbedtls/entropy.h"
38 #include "mbedtls/ctr_drbg.h"
39 #include "mbedtls/pkcs12.h"
40 #include "mbedtls/ssl_internal.h"
42 #include "mbedtls/timing.h"
43 #include "mbedtls/ssl_cookie.h"
46 #if !defined(NDEBUG) || defined(TB_LOG)
47 #include "mbedtls/debug.h"
48 #include "mbedtls/version.h"
52 #include <sys/types.h>
60 * @def MBED_TLS_VERSION_LEN
61 * @brief mbedTLS version string length
63 #define MBED_TLS_VERSION_LEN (16)
66 * @brief Seed for initialization RNG
68 #define SEED "IOTIVITY_RND"
71 * @brief uuid prefix in certificate subject field
73 #define UUID_PREFIX "uuid:"
76 * @brief userid prefix in certificate alternative subject name field
78 #define USERID_PREFIX "userid:"
82 * @brief Logging tag for module name
84 #define NET_SSL_TAG "OIC_CA_NET_SSL"
87 * @brief Logging tag for mbedTLS library
89 #define MBED_TLS_TAG "MBED_TLS"
91 * @def MMBED_TLS_DEBUG_LEVEL
92 * @brief Logging level for mbedTLS library
94 #define MBED_TLS_DEBUG_LEVEL (4)
97 * @def TLS_MSG_BUF_LEN
98 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
101 #define TLS_MSG_BUF_LEN (16384)
104 * @brief PSK keys max length
106 #define PSK_LENGTH (256/8)
108 * @def UUID_LENGTHPSK_LENGTH
109 * @brief Identity max length
111 #define UUID_LENGTH (128/8)
113 * @def MASTER_SECRET_LEN
114 * @brief TLS master secret length
116 #define MASTER_SECRET_LEN (48)
119 * @brief TLS client and server random bytes length
121 #define RANDOM_LEN (32)
124 * @brief PSK generated keyblock length
126 #define KEY_BLOCK_LEN (96)
128 /**@def SSL_CLOSE_NOTIFY(peer, ret)
130 * Notifies of existing \a peer about closing TLS connection.
132 * @param[in] peer remote peer
133 * @param[in] ret used internaly
137 * @var RETRANSMISSION_TIME
138 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
140 #define RETRANSMISSION_TIME 1
142 #define SSL_CLOSE_NOTIFY(peer, ret) \
145 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
146 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
148 /**@def SSL_RES(peer, status)
150 * Sets SSL result for callback.
152 * @param[in] peer remote peer
154 #define SSL_RES(peer, status) \
157 CAErrorInfo_t errorInfo; \
158 errorInfo.result = (status); \
159 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
161 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
163 * Checks handshake result and send alert if needed.
165 * @param[in] peer remote peer
166 * @param[in] ret error code
167 * @param[in] str debug string
168 * @param[in] mutex ca mutex
169 * @param[in] return error code
170 * @param[in] msg allert message
172 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
173 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
174 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
175 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
176 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
178 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
179 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
180 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
182 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
184 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
185 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
186 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
187 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
188 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
190 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
192 RemovePeerFromList(&(peer)->sep.endpoint); \
195 ca_mutex_unlock(g_sslContextMutex); \
197 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
200 /** @def CHECK_MBEDTLS_RET(f, ...)
201 * A macro that checks \a f function return code
203 * If function returns error code it goes to error processing.
205 * @param[in] f Function to call
207 #define CHECK_MBEDTLS_RET(f, ...) do { \
208 int ret = (f)(__VA_ARGS__); \
210 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
216 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
217 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
218 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
219 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
225 ADAPTER_CURVE_SECP256R1,
229 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
231 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
232 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
233 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
234 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
237 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
239 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
241 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
244 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
251 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
252 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
253 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
254 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
255 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
256 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
257 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
258 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
259 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
260 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
261 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
262 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
263 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
264 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
265 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
266 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
267 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
268 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
269 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
270 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
271 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
275 static int GetAlertCode(uint32_t flags)
277 const CrtVerifyAlert_t *cur;
279 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
281 if (flags & cur->code)
289 #if !defined(NDEBUG) || defined(TB_LOG)
291 * Pass a message to the OIC logger.
293 * @param[in] ctx opaque context for the callback
294 * @param[in] level debug level
295 * @param[in] file file name
296 * @param[in] line line number
297 * @param[in] str message
299 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
306 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
312 * Finds the first occurrence of the byte string s in byte string l.
315 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
319 const char *cl = (const char *)l;
320 const char *cs = (const char *)s;
322 if (lLen == 0 || sLen == 0)
332 return (void *)memchr(l, (int)*cs, lLen);
335 last = (char *)cl + lLen - sLen;
337 for (cur = (char *)cl; cur <= last; cur++)
339 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
348 * structure to holds the information of cache message and address info.
350 typedef ByteArray_t SslCacheMessage_t;
354 * Data structure for holding the send and recv callbacks.
356 typedef struct TlsCallBacks
358 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
359 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
363 * Data structure for holding the mbedTLS interface related info.
365 typedef struct SslContext
367 u_arraylist_t *peerList; /**< peer list which holds the mapping between
368 peer id, it's n/w address and mbedTLS context. */
369 mbedtls_entropy_context entropy;
370 mbedtls_ctr_drbg_context rnd;
372 mbedtls_x509_crt crt;
373 mbedtls_pk_context pkey;
375 mbedtls_ssl_config clientTlsConf;
376 mbedtls_ssl_config serverTlsConf;
377 mbedtls_ssl_config clientDtlsConf;
378 mbedtls_ssl_config serverDtlsConf;
380 AdapterCipher_t cipher;
381 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
382 mbedtls_x509_crl crl;
389 * @var g_caSslContext
390 * @brief global context which holds tls context and cache list information.
392 static SslContext_t * g_caSslContext = NULL;
395 * @var g_getCredentialsCallback
396 * @brief callback to get TLS credentials (same as for DTLS)
398 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
400 * @var g_getCerdentilTypesCallback
401 * @brief callback to get different credential types from SRM
403 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
405 * @var g_getPkixInfoCallback
407 * @brief callback to get X.509-based Public Key Infrastructure
409 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
412 * @var g_dtlsContextMutex
413 * @brief Mutex to synchronize access to g_caSslContext.
415 static ca_mutex g_sslContextMutex = NULL;
419 * @brief callback to deliver the TLS handshake result
421 static CAErrorCallback g_sslCallback = NULL;
424 * Data structure for holding the data to be received.
426 typedef struct SslRecBuf
433 * Data structure for holding the data related to endpoint
436 typedef struct SslEndPoint
438 mbedtls_ssl_context ssl;
439 CASecureEndpoint_t sep;
440 u_arraylist_t * cacheList;
442 uint8_t master[MASTER_SECRET_LEN];
443 uint8_t random[2*RANDOM_LEN];
445 mbedtls_ssl_cookie_ctx cookieCtx;
446 mbedtls_timing_delay_context timer;
447 #endif // __WITH_DTLS__
450 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
452 // TODO Does this method needs protection of tlsContextMutex?
453 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
454 g_getCredentialsCallback = credCallback;
455 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
458 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
460 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
461 g_getPkixInfoCallback = infoCallback;
462 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
464 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
466 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
467 g_getCredentialTypesCallback = credTypesCallback;
468 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
471 static int GetAdapterIndex(CATransportAdapter_t adapter)
480 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
487 * @param[in] tep TLS endpoint
488 * @param[in] data message
489 * @param[in] dataLen message length
491 * @return message length or -1 on error.
493 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
495 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
496 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
497 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
498 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
499 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
501 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
502 if (0 == adapterIndex || 1 == adapterIndex)
504 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
505 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
506 if (sentLen != dataLen)
508 OIC_LOG_V(DEBUG, NET_SSL_TAG,
509 "Packet was partially sent - total/sent/remained bytes : %d/%d/%d",
510 sentLen, dataLen, (dataLen - sentLen));
515 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
518 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
524 * @param[in] tep TLS endpoint
525 * @param[in] data message
526 * @param[in] dataLen message length
528 * @return read length
530 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
532 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
533 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
534 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
536 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
537 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
538 retLen = (retLen < dataLen ? retLen : dataLen);
540 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
541 recBuf->loaded += retLen;
543 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
548 * Parse chain of X.509 certificates.
550 * @param[out] crt container for X.509 certificates
551 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
552 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
553 * @param[in] bufLen buffer length
555 * @return 0 on success, -1 on error
557 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
559 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
560 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
561 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
566 unsigned char * tmp = NULL;
568 char pemCertHeader[] = {
569 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
570 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
572 char pemCertFooter[] = {
573 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
574 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
576 size_t pemCertHeaderLen = sizeof(pemCertHeader);
577 size_t pemCertFooterLen = sizeof(pemCertFooter);
581 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
583 tmp = (unsigned char *)buf + pos + 1;
584 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
585 if (pos + len < bufLen)
587 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
591 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
593 void * endPos = NULL;
594 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
597 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
598 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
601 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
602 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
603 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
605 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
607 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
608 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
610 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
614 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
615 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
618 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
623 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
624 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
625 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
629 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
636 //Loads PKIX related information from SRM
637 static int InitPKIX(CATransportAdapter_t adapter)
639 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
640 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
641 g_getPkixInfoCallback(&g_pkiInfo);
643 mbedtls_x509_crt_free(&g_caSslContext->ca);
644 mbedtls_x509_crt_free(&g_caSslContext->crt);
645 mbedtls_pk_free(&g_caSslContext->pkey);
646 mbedtls_x509_crl_free(&g_caSslContext->crl);
648 mbedtls_x509_crt_init(&g_caSslContext->ca);
649 mbedtls_x509_crt_init(&g_caSslContext->crt);
650 mbedtls_pk_init(&g_caSslContext->pkey);
651 mbedtls_x509_crl_init(&g_caSslContext->crl);
653 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
654 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
655 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
656 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
658 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
661 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
664 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
668 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
672 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
675 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
678 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
681 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
686 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
689 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
690 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
694 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
697 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
698 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
699 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
703 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
704 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
707 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
714 * @param[in] notUsed opaque context
715 * @param[in] ssl mbedTLS context
716 * @param[in] desc identity
717 * @param[in] descLen identity length
719 * @return 0 on success any other return value will result in a denied PSK identity
721 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
722 const unsigned char * desc, size_t descLen)
724 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
725 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
726 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
727 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
728 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
730 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
734 uint8_t keyBuf[PSK_LENGTH] = {0};
736 // Retrieve the credentials blob from security module
737 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
740 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
741 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
742 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
743 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
745 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
746 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
748 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
752 * Gets session corresponding for endpoint.
754 * @param[in] peer remote address
756 * @return TLS session or NULL
758 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
760 uint32_t listIndex = 0;
761 uint32_t listLength = 0;
762 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
763 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
765 SslEndPoint_t *tep = NULL;
766 listLength = u_arraylist_length(g_caSslContext->peerList);
767 for (listIndex = 0; listIndex < listLength; listIndex++)
769 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
774 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
775 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
776 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
777 && (peer->port == tep->sep.endpoint.port))
779 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
783 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
784 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
788 #ifdef _ENABLE_MULTIPLE_OWNER_
790 * Gets CA secure endpoint info corresponding for endpoint.
792 * @param[in] peer remote address
794 * @return CASecureEndpoint or NULL
796 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
798 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
800 // TODO: Added as workaround, need to debug
801 ca_mutex_unlock(g_sslContextMutex);
803 ca_mutex_lock(g_sslContextMutex);
804 if (NULL == g_caSslContext)
806 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
807 ca_mutex_unlock(g_sslContextMutex);
811 SslEndPoint_t* sslPeer = GetSslPeer(peer);
814 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
815 ca_mutex_unlock(g_sslContextMutex);
816 return &sslPeer->sep;
819 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
820 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
821 ca_mutex_unlock(g_sslContextMutex);
827 * Deletes cached message.
829 * @param[in] msg message
831 static void DeleteCacheMessage(SslCacheMessage_t * msg)
833 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
834 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
839 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
842 * Deletes cached message list.
844 * @param[in] cacheList list of cached messages
846 static void DeleteCacheList(u_arraylist_t * cacheList)
848 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
849 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
850 uint32_t listIndex = 0;
851 uint32_t listLength = 0;
853 listLength = u_arraylist_length(cacheList);
854 for (listIndex = 0; listIndex < listLength; listIndex++)
856 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
859 DeleteCacheMessage(msg);
862 u_arraylist_free(&cacheList);
864 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
867 * Deletes endpoint with session.
869 * @param[in] tep endpoint with session info
871 static void DeleteSslEndPoint(SslEndPoint_t * tep)
873 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
874 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
876 mbedtls_ssl_free(&tep->ssl);
878 mbedtls_ssl_cookie_free(&tep->cookieCtx);
880 DeleteCacheList(tep->cacheList);
882 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
885 * Removes endpoint session from list.
887 * @param[in] endpoint remote address
889 static void RemovePeerFromList(CAEndpoint_t * endpoint)
891 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
892 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
893 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
895 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
900 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
901 && (endpoint->port == tep->sep.endpoint.port))
903 u_arraylist_remove(g_caSslContext->peerList, listIndex);
904 DeleteSslEndPoint(tep);
910 * Deletes session list.
912 static void DeletePeerList()
914 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
915 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
917 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
922 DeleteSslEndPoint(tep);
924 u_arraylist_free(&g_caSslContext->peerList);
927 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
929 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
930 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
932 ca_mutex_lock(g_sslContextMutex);
933 if (NULL == g_caSslContext)
935 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
936 ca_mutex_unlock(g_sslContextMutex);
937 return CA_STATUS_FAILED;
939 SslEndPoint_t * tep = GetSslPeer(endpoint);
942 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
943 ca_mutex_unlock(g_sslContextMutex);
944 return CA_STATUS_FAILED;
946 /* No error checking, the connection might be closed already */
950 ret = mbedtls_ssl_close_notify(&tep->ssl);
952 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
954 RemovePeerFromList(&tep->sep.endpoint);
955 ca_mutex_unlock(g_sslContextMutex);
957 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
961 void CAcloseSslConnectionAll()
963 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
964 ca_mutex_lock(g_sslContextMutex);
965 if (NULL == g_caSslContext)
967 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
968 ca_mutex_unlock(g_sslContextMutex);
972 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
973 for (uint32_t i = listLength; i > 0; i--)
975 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_remove(g_caSslContext->peerList, i - 1);
980 OIC_LOG_V(DEBUG, NET_SSL_TAG, "SSL Connection [%s:%d]",
981 tep->sep.endpoint.addr, tep->sep.endpoint.port);
983 // TODO: need to check below code after socket close is ensured.
987 ret = mbedtls_ssl_close_notify(&tep->ssl);
989 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
991 DeleteSslEndPoint(tep);
993 ca_mutex_unlock(g_sslContextMutex);
995 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
999 * Creates session for endpoint.
1001 * @param[in] endpoint remote address
1002 * @param[in] config mbedTLS configuration info
1004 * @return TLS endpoint or NULL
1006 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1008 SslEndPoint_t * tep = NULL;
1009 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1010 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1011 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1013 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1016 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1020 tep->sep.endpoint = *endpoint;
1021 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1023 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1025 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1027 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1031 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1032 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1034 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1035 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1036 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1038 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
1039 &g_caSslContext->rnd))
1041 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
1043 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1046 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1048 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1049 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1051 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1053 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1058 tep->cacheList = u_arraylist_create();
1059 if (NULL == tep->cacheList)
1061 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1062 mbedtls_ssl_free(&tep->ssl);
1064 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1067 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1071 * Initializes PSK identity.
1073 * @param[out] config client/server config to be updated
1075 * @return 0 on success or -1 on error
1077 static int InitPskIdentity(mbedtls_ssl_config * config)
1079 uint8_t idBuf[UUID_LENGTH] = {0};
1080 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1081 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1083 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1085 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1086 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1089 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1091 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1092 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1095 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1098 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1101 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1102 if (NULL == g_getCredentialTypesCallback)
1104 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1108 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1109 // Retrieve the PSK credential from SRM
1110 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1111 if (0 != InitPskIdentity(config))
1113 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1116 // Retrieve the ECC credential from SRM
1117 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1119 int ret = InitPKIX(adapter);
1122 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1126 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1127 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1129 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1132 if (true == g_caSslContext->cipherFlag[1])
1134 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1137 if (true == g_caSslContext->cipherFlag[0])
1139 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1142 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1144 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1147 * Initiate TLS handshake with endpoint.
1149 * @param[in] endpoint remote address
1151 * @return TLS endpoint or NULL
1153 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1156 SslEndPoint_t * tep = NULL;
1158 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1159 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1162 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1163 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1164 tep = NewSslEndPoint(endpoint, config);
1167 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1171 //Load allowed SVR suites from SVR DB
1172 SetupCipher(config, endpoint->adapter);
1174 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1175 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1178 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1179 DeleteSslEndPoint(tep);
1183 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1185 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1186 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1190 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1192 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1196 void CAdeinitSslAdapter()
1198 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1200 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1201 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1203 //Lock tlsContext mutex
1204 ca_mutex_lock(g_sslContextMutex);
1209 // De-initialize mbedTLS
1210 mbedtls_x509_crt_free(&g_caSslContext->crt);
1211 mbedtls_pk_free(&g_caSslContext->pkey);
1213 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1214 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1215 #endif // __WITH_TLS__
1216 #ifdef __WITH_DTLS__
1217 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1218 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1219 #endif // __WITH_DTLS__
1220 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1221 mbedtls_entropy_free(&g_caSslContext->entropy);
1223 // De-initialize tls Context
1224 OICFree(g_caSslContext);
1225 g_caSslContext = NULL;
1227 // Unlock tlsContext mutex and de-initialize it
1228 ca_mutex_unlock(g_sslContextMutex);
1229 ca_mutex_free(g_sslContextMutex);
1230 g_sslContextMutex = NULL;
1232 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1235 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1237 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1238 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1239 mbedtls_ssl_config_init(conf);
1240 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1242 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1246 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1247 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1248 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1249 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1250 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1251 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1253 #if !defined(NDEBUG) || defined(TB_LOG)
1254 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1255 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1257 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1262 * Starts DTLS retransmission.
1264 static void StartRetransmit()
1266 static int timerId = -1;
1267 uint32_t listIndex = 0;
1268 uint32_t listLength = 0;
1269 SslEndPoint_t *tep = NULL;
1272 //clear previous timer
1273 unregisterTimer(timerId);
1275 ca_mutex_lock(g_sslContextMutex);
1277 //stop retransmission if context is invalid
1278 if(NULL == g_caSslContext)
1280 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1281 ca_mutex_unlock(g_sslContextMutex);
1285 listLength = u_arraylist_length(g_caSslContext->peerList);
1286 for (listIndex = 0; listIndex < listLength; listIndex++)
1288 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1290 || MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
1291 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1295 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1296 if (0 != ret && MBEDTLS_ERR_SSL_CONN_EOF != ret)
1298 OIC_LOG_V(ERROR, NET_SSL_TAG, "Retransmission error: -0x%x", -ret);
1301 ca_mutex_unlock(g_sslContextMutex);
1304 registerTimer(RETRANSMISSION_TIME, &timerId, (void *) StartRetransmit);
1307 CAResult_t CAinitSslAdapter()
1309 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1310 // Initialize mutex for tlsContext
1311 if (NULL == g_sslContextMutex)
1313 g_sslContextMutex = ca_mutex_new();
1314 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1318 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1319 return CA_STATUS_OK;
1322 // Lock tlsContext mutex and create tlsContext
1323 ca_mutex_lock(g_sslContextMutex);
1324 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1326 if (NULL == g_caSslContext)
1328 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1329 ca_mutex_unlock(g_sslContextMutex);
1330 ca_mutex_free(g_sslContextMutex);
1331 g_sslContextMutex = NULL;
1332 return CA_MEMORY_ALLOC_FAILED;
1336 g_caSslContext->peerList = u_arraylist_create();
1338 if(NULL == g_caSslContext->peerList)
1340 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1341 OICFree(g_caSslContext);
1342 g_caSslContext = NULL;
1343 ca_mutex_unlock(g_sslContextMutex);
1344 ca_mutex_free(g_sslContextMutex);
1345 g_sslContextMutex = NULL;
1346 return CA_STATUS_FAILED;
1349 /* Initialize TLS library
1351 #if !defined(NDEBUG) || defined(TB_LOG)
1352 char version[MBED_TLS_VERSION_LEN];
1353 mbedtls_version_get_string(version);
1354 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1359 mbedtls_entropy_init(&g_caSslContext->entropy);
1360 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1363 unsigned char seed[sizeof(SEED)] = {0};
1365 urandomFd = open("/dev/urandom", O_RDONLY);
1368 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1369 ca_mutex_unlock(g_sslContextMutex);
1370 CAdeinitSslAdapter();
1371 return CA_STATUS_FAILED;
1373 if(0 > read(urandomFd, seed, sizeof(seed)))
1375 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1377 ca_mutex_unlock(g_sslContextMutex);
1378 CAdeinitSslAdapter();
1379 return CA_STATUS_FAILED;
1384 unsigned char * seed = (unsigned char*) SEED;
1386 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1387 &g_caSslContext->entropy, seed, sizeof(SEED)))
1389 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1390 ca_mutex_unlock(g_sslContextMutex);
1391 CAdeinitSslAdapter();
1392 return CA_STATUS_FAILED;
1394 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1397 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1398 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1400 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1401 ca_mutex_unlock(g_sslContextMutex);
1402 CAdeinitSslAdapter();
1403 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1404 return CA_STATUS_FAILED;
1407 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1408 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1410 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1411 ca_mutex_unlock(g_sslContextMutex);
1412 CAdeinitSslAdapter();
1413 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1414 return CA_STATUS_FAILED;
1416 #endif // __WITH_TLS__
1417 #ifdef __WITH_DTLS__
1418 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1419 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1421 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1422 ca_mutex_unlock(g_sslContextMutex);
1423 CAdeinitSslAdapter();
1424 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1425 return CA_STATUS_FAILED;
1428 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1429 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1431 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1432 ca_mutex_unlock(g_sslContextMutex);
1433 CAdeinitSslAdapter();
1434 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1435 return CA_STATUS_FAILED;
1437 #endif // __WITH_DTLS__
1439 // set default cipher
1440 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1443 mbedtls_x509_crt_init(&g_caSslContext->ca);
1444 mbedtls_x509_crt_init(&g_caSslContext->crt);
1445 mbedtls_pk_init(&g_caSslContext->pkey);
1446 mbedtls_x509_crl_init(&g_caSslContext->crl);
1448 #ifdef __WITH_DTLS__
1452 ca_mutex_unlock(g_sslContextMutex);
1454 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1455 return CA_STATUS_OK;
1458 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1460 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1461 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1464 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1465 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1468 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1469 if (NULL == message)
1471 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1472 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1476 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1477 if (NULL == message->data)
1479 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1481 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1484 memcpy(message->data, data, dataLen);
1485 message->len = dataLen;
1486 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1490 /* Send data via TLS connection.
1492 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1493 void *data, uint32_t dataLen)
1497 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1499 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1500 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1501 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1505 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1506 return CA_STATUS_FAILED;
1509 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1511 ca_mutex_lock(g_sslContextMutex);
1512 if(NULL == g_caSslContext)
1514 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1515 ca_mutex_unlock(g_sslContextMutex);
1516 return CA_STATUS_FAILED;
1519 SslEndPoint_t * tep = GetSslPeer(endpoint);
1522 tep = InitiateTlsHandshake(endpoint);
1526 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1527 ca_mutex_unlock(g_sslContextMutex);
1528 return CA_STATUS_FAILED;
1531 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1533 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1537 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1538 RemovePeerFromList(&tep->sep.endpoint);
1539 ca_mutex_unlock(g_sslContextMutex);
1540 return CA_STATUS_FAILED;
1545 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1546 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1548 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1549 ca_mutex_unlock(g_sslContextMutex);
1550 return CA_STATUS_FAILED;
1554 ca_mutex_unlock(g_sslContextMutex);
1556 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1557 return CA_STATUS_OK;
1560 * Sends cached messages via TLS connection.
1562 * @param[in] tep remote address with session info
1564 static void SendCacheMessages(SslEndPoint_t * tep)
1566 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1567 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1569 uint32_t listIndex = 0;
1570 uint32_t listLength = 0;
1571 listLength = u_arraylist_length(tep->cacheList);
1572 for (listIndex = 0; listIndex < listLength;)
1575 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1576 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1580 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1582 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1586 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1588 if (u_arraylist_remove(tep->cacheList, listIndex))
1590 DeleteCacheMessage(msg);
1591 // Reduce list length by 1 as we removed one element.
1596 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1602 // Move to the next element
1606 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1609 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1611 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1612 g_sslCallback = tlsHandshakeCallback;
1613 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1615 // TODO move ConvertStrToUuid function to common module
1617 * Converts string UUID to CARemoteId_t
1619 * @param strUuid Device UUID in string format
1620 * @param uuid converted UUID in CARemoteId_t format
1622 * @return 0 for success.
1624 static int ConvertStrToUuid(const char* strUuid, CARemoteId_t* uuid)
1626 if(NULL == strUuid || NULL == uuid)
1628 OIC_LOG(ERROR, NET_SSL_TAG, "ConvertStrToUuid : Invalid param");
1634 size_t strUuidLen = 0;
1635 char convertedUuid[UUID_LENGTH * 2] = {0};
1637 strUuidLen = strlen(strUuid);
1640 OIC_LOG(INFO, NET_SSL_TAG, "The empty string detected, The UUID will be converted to "\
1641 "\"00000000-0000-0000-0000-000000000000\"");
1643 else if(UUID_LENGTH * 2 + 4 == strUuidLen)
1645 for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2)
1647 if(*(strUuid + urnIdx) == '-')
1651 sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]);
1656 OIC_LOG(ERROR, NET_SSL_TAG, "Invalid string uuid format");
1660 memcpy(uuid->id, convertedUuid, UUID_LENGTH);
1661 uuid->id_length = UUID_LENGTH;
1665 /* Read data from TLS connection
1667 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1670 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1671 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1672 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1674 ca_mutex_lock(g_sslContextMutex);
1675 if (NULL == g_caSslContext)
1677 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1678 ca_mutex_unlock(g_sslContextMutex);
1679 return CA_STATUS_FAILED;
1683 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1686 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1687 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1688 peer = NewSslEndPoint(&sep->endpoint, config);
1691 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1692 ca_mutex_unlock(g_sslContextMutex);
1693 return CA_STATUS_FAILED;
1695 //Load allowed TLS suites from SVR DB
1696 SetupCipher(config, sep->endpoint.adapter);
1698 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1701 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1703 ca_mutex_unlock(g_sslContextMutex);
1704 return CA_STATUS_FAILED;
1708 peer->recBuf.buff = data;
1709 peer->recBuf.len = dataLen;
1710 peer->recBuf.loaded = 0;
1712 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1714 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1715 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1720 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1722 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1723 mbedtls_ssl_session_reset(&peer->ssl);
1724 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1725 (const unsigned char *) sep->endpoint.addr,
1726 sizeof(sep->endpoint.addr));
1727 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1729 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1732 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1733 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1734 CA_STATUS_FAILED, GetAlertCode(flags));
1736 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1737 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1739 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1740 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1742 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1744 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1747 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1749 SSL_RES(peer, CA_STATUS_OK);
1750 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1752 SendCacheMessages(peer);
1755 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1756 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1758 char uuid[UUID_LENGTH * 2 + 5] = {0};
1759 void * uuidPos = NULL;
1760 void * userIdPos = NULL;
1761 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1762 ret = (NULL == peerCert ? -1 : 0);
1763 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1764 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1765 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1766 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1768 if (NULL != uuidPos)
1770 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1771 ret = ConvertStrToUuid(uuid, &peer->sep.identity);
1772 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1773 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1777 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1780 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1781 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1782 if (NULL != userIdPos)
1784 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1785 ret = ConvertStrToUuid(uuid, &peer->sep.userId);
1786 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1787 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1791 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1795 ca_mutex_unlock(g_sslContextMutex);
1796 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1797 return CA_STATUS_OK;
1801 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1803 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1806 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1807 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1809 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1810 // TinyDTLS sends fatal close_notify alert
1811 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1812 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1813 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1815 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1816 SSL_CLOSE_NOTIFY(peer, ret);
1817 RemovePeerFromList(&peer->sep.endpoint);
1818 ca_mutex_unlock(g_sslContextMutex);
1819 return CA_STATUS_OK;
1824 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1825 //SSL_RES(peer, CA_STATUS_FAILED);
1826 RemovePeerFromList(&peer->sep.endpoint);
1827 ca_mutex_unlock(g_sslContextMutex);
1828 return CA_STATUS_FAILED;
1830 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1831 if (0 == adapterIndex || adapterIndex == 1)
1833 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1837 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1838 RemovePeerFromList(&peer->sep.endpoint);
1839 ca_mutex_unlock(g_sslContextMutex);
1840 return CA_STATUS_FAILED;
1844 ca_mutex_unlock(g_sslContextMutex);
1845 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1846 return CA_STATUS_OK;
1849 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1850 CAPacketSendCallback sendCallback,
1851 CATransportAdapter_t type)
1853 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1854 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1855 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1856 ca_mutex_lock(g_sslContextMutex);
1857 if (NULL == g_caSslContext)
1859 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1860 ca_mutex_unlock(g_sslContextMutex);
1864 // if (MAX_SUPPORTED_ADAPTERS > type)
1869 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1870 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1872 case CA_ADAPTER_TCP:
1873 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1874 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1877 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1881 ca_mutex_unlock(g_sslContextMutex);
1882 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1885 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1887 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1888 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1889 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1892 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1895 //todo check that Cred with RSA cert exists
1896 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1897 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1898 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1899 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1901 #ifdef __WITH_DTLS__
1902 //todo check that Cred with RSA cert exists
1903 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1904 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1905 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1906 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1908 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1911 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1913 if (false == g_caSslContext->cipherFlag[1])
1915 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1916 return CA_STATUS_FAILED;
1919 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1920 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1921 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1922 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1924 #ifdef __WITH_DTLS__
1925 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1926 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1927 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1928 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1930 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1933 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1936 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1937 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1938 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1939 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1941 #ifdef __WITH_DTLS__
1942 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1943 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1944 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1945 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1947 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1950 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1953 if (false == g_caSslContext->cipherFlag[0])
1955 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1956 return CA_STATUS_FAILED;
1960 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1961 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1962 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1963 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1965 #ifdef __WITH_DTLS__
1966 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1967 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1968 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1969 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1971 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1976 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1977 return CA_STATUS_FAILED;
1980 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1981 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1982 return CA_STATUS_OK;
1985 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1987 CAResult_t res = CA_STATUS_OK;
1988 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1989 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1990 ca_mutex_lock(g_sslContextMutex);
1991 if (NULL == InitiateTlsHandshake(endpoint))
1993 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1994 res = CA_STATUS_FAILED;
1996 ca_mutex_unlock(g_sslContextMutex);
1997 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2001 * Expands the secret into blocks of data according
2002 * to the algorithm specified in section 5 of RFC 4346
2004 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2006 * @param key secret key.
2007 * @param keyLen secret key length.
2008 * @param label A PRF label.
2009 * @param labelLen Actual length of @p label.
2010 * @param random1 Random seed.
2011 * @param random1Len Actual length of @p random1 (may be zero).
2012 * @param random2 Random seed.
2013 * @param random2Len Actual length of @p random2 (may be zero).
2014 * @param buf Output buffer for generated random data.
2015 * @param bufLen Maximum size of @p buf.
2017 * @return The actual number of bytes written to @p buf or @c -1 on error.
2020 static int pHash (const unsigned char *key, size_t keyLen,
2021 const unsigned char *label, size_t labelLen,
2022 const unsigned char *random1, size_t random1Len,
2023 const unsigned char *random2, size_t random2Len,
2024 unsigned char *buf, size_t bufLen)
2026 unsigned char A[RANDOM_LEN] = {0};
2027 unsigned char tmp[RANDOM_LEN] = {0};
2028 size_t dLen; /* digest length */
2029 size_t len = 0; /* result length */
2031 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2032 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2033 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2034 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2035 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2037 mbedtls_md_context_t hmacA;
2038 mbedtls_md_context_t hmacP;
2040 mbedtls_md_init(&hmacA);
2041 mbedtls_md_init(&hmacP);
2043 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2044 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2046 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2047 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2048 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2049 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2050 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2054 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2056 while (len + dLen < bufLen)
2058 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2059 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2060 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2061 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2062 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2063 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2065 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2069 memcpy(buf, tmp, dLen);
2072 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2073 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2074 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2075 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2078 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2079 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2080 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2082 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2083 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2084 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2085 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2087 memcpy(buf, tmp, bufLen - len);
2089 mbedtls_md_free(&hmacA);
2090 mbedtls_md_free(&hmacP);
2094 mbedtls_md_free(&hmacA);
2095 mbedtls_md_free(&hmacP);
2099 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2100 const uint8_t* label, const size_t labelLen,
2101 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2102 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2103 uint8_t* ownerPsk, const size_t ownerPskSize)
2105 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2106 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2107 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2108 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2109 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2110 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2112 // TODO: Added as workaround, need to debug
2113 ca_mutex_unlock(g_sslContextMutex);
2115 ca_mutex_lock(g_sslContextMutex);
2116 if (NULL == g_caSslContext)
2118 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2119 ca_mutex_unlock(g_sslContextMutex);
2120 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2121 return CA_STATUS_FAILED;
2123 SslEndPoint_t * tep = GetSslPeer(endpoint);
2126 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2127 ca_mutex_unlock(g_sslContextMutex);
2128 return CA_STATUS_FAILED;
2131 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2133 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2134 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2135 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2136 keyblock, KEY_BLOCK_LEN);
2139 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2140 ca_mutex_unlock(g_sslContextMutex);
2141 return CA_STATUS_FAILED;
2143 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2144 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2145 provServerDeviceId, provServerDeviceIdLen,
2146 ownerPsk, ownerPskSize);
2149 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2150 ca_mutex_unlock(g_sslContextMutex);
2151 return CA_STATUS_FAILED;
2154 ca_mutex_unlock(g_sslContextMutex);
2156 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2157 return CA_STATUS_OK;