1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
30 #include "byte_array.h"
35 // headers required for mbed TLS
36 #include "mbedtls/platform.h"
37 #include "mbedtls/ssl.h"
38 #include "mbedtls/entropy.h"
39 #include "mbedtls/ctr_drbg.h"
40 #include "mbedtls/pkcs12.h"
41 #include "mbedtls/ssl_internal.h"
43 #include "mbedtls/timing.h"
44 #include "mbedtls/ssl_cookie.h"
47 #if !defined(NDEBUG) || defined(TB_LOG)
48 #include "mbedtls/debug.h"
49 #include "mbedtls/version.h"
53 #include <sys/types.h>
61 * @def MBED_TLS_VERSION_LEN
62 * @brief mbedTLS version string length
64 #define MBED_TLS_VERSION_LEN (16)
67 * @brief Seed for initialization RNG
69 #define SEED "IOTIVITY_RND"
72 * @brief uuid prefix in certificate subject field
74 #define UUID_PREFIX "uuid:"
77 * @brief userid prefix in certificate alternative subject name field
79 #define USERID_PREFIX "userid:"
83 * @brief Logging tag for module name
85 #define NET_SSL_TAG "OIC_CA_NET_SSL"
88 * @brief Logging tag for mbedTLS library
90 #define MBED_TLS_TAG "MBED_TLS"
92 * @def MMBED_TLS_DEBUG_LEVEL
93 * @brief Logging level for mbedTLS library
95 #define MBED_TLS_DEBUG_LEVEL (4)
98 * @def TLS_MSG_BUF_LEN
99 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
102 #define TLS_MSG_BUF_LEN (16384)
105 * @brief PSK keys max length
107 #define PSK_LENGTH (256/8)
109 * @def UUID_LENGTHPSK_LENGTH
110 * @brief Identity max length
112 #define UUID_LENGTH (128/8)
114 * @def MASTER_SECRET_LEN
115 * @brief TLS master secret length
117 #define MASTER_SECRET_LEN (48)
120 * @brief TLS client and server random bytes length
122 #define RANDOM_LEN (32)
125 * @brief PSK generated keyblock length
127 #define KEY_BLOCK_LEN (96)
129 /**@def SSL_CLOSE_NOTIFY(peer, ret)
131 * Notifies of existing \a peer about closing TLS connection.
133 * @param[in] peer remote peer
134 * @param[in] ret used internaly
138 * @var RETRANSMISSION_TIME
139 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
141 #define RETRANSMISSION_TIME 1
143 #define SSL_CLOSE_NOTIFY(peer, ret) \
146 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
147 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
149 /**@def SSL_RES(peer, status)
151 * Sets SSL result for callback.
153 * @param[in] peer remote peer
155 #define SSL_RES(peer, status) \
158 CAErrorInfo_t errorInfo; \
159 errorInfo.result = (status); \
160 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
162 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
164 * Checks handshake result and send alert if needed.
166 * @param[in] peer remote peer
167 * @param[in] ret error code
168 * @param[in] str debug string
169 * @param[in] mutex ca mutex
170 * @param[in] if code does not equal to -1 returns error code
171 * @param[in] msg allert message
173 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
174 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
175 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
176 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
177 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
179 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
180 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
181 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
183 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
185 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
186 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
187 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
188 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
189 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
191 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
193 RemovePeerFromList(&(peer)->sep.endpoint); \
196 ca_mutex_unlock(g_sslContextMutex); \
198 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
204 /** @def CHECK_MBEDTLS_RET(f, ...)
205 * A macro that checks \a f function return code
207 * If function returns error code it goes to error processing.
209 * @param[in] f Function to call
211 #define CHECK_MBEDTLS_RET(f, ...) do { \
212 int ret = (f)(__VA_ARGS__); \
214 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
220 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
221 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
222 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
223 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
229 ADAPTER_CURVE_SECP256R1,
233 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
235 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
236 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
237 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
238 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0}
241 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
243 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
245 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
248 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
255 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
256 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
257 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
258 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
259 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
260 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
261 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
262 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
263 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
264 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
265 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
266 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
267 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
268 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
269 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
270 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
271 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
272 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
273 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
274 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
275 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
279 static int GetAlertCode(uint32_t flags)
281 const CrtVerifyAlert_t *cur;
283 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
285 if (flags & cur->code)
293 #if !defined(NDEBUG) || defined(TB_LOG)
295 * Pass a message to the OIC logger.
297 * @param[in] ctx opaque context for the callback
298 * @param[in] level debug level
299 * @param[in] file file name
300 * @param[in] line line number
301 * @param[in] str message
303 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
310 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
316 * Finds the first occurrence of the byte string s in byte string l.
319 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
323 const char *cl = (const char *)l;
324 const char *cs = (const char *)s;
326 if (lLen == 0 || sLen == 0)
336 return (void *)memchr(l, (int)*cs, lLen);
339 last = (char *)cl + lLen - sLen;
341 for (cur = (char *)cl; cur <= last; cur++)
343 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
352 * structure to holds the information of cache message and address info.
354 typedef ByteArray_t SslCacheMessage_t;
358 * Data structure for holding the send and recv callbacks.
360 typedef struct TlsCallBacks
362 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
363 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
367 * Data structure for holding the mbedTLS interface related info.
369 typedef struct SslContext
371 u_arraylist_t *peerList; /**< peer list which holds the mapping between
372 peer id, it's n/w address and mbedTLS context. */
373 mbedtls_entropy_context entropy;
374 mbedtls_ctr_drbg_context rnd;
376 mbedtls_x509_crt crt;
377 mbedtls_pk_context pkey;
379 mbedtls_ssl_config clientTlsConf;
380 mbedtls_ssl_config serverTlsConf;
381 mbedtls_ssl_config clientDtlsConf;
382 mbedtls_ssl_config serverDtlsConf;
384 AdapterCipher_t cipher;
385 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
386 mbedtls_x509_crl crl;
397 * @var g_caSslContext
398 * @brief global context which holds tls context and cache list information.
400 static SslContext_t * g_caSslContext = NULL;
403 * @var g_getCredentialsCallback
404 * @brief callback to get TLS credentials (same as for DTLS)
406 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
408 * @var g_getCerdentilTypesCallback
409 * @brief callback to get different credential types from SRM
411 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
413 * @var g_getPkixInfoCallback
415 * @brief callback to get X.509-based Public Key Infrastructure
417 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
420 * @var g_dtlsContextMutex
421 * @brief Mutex to synchronize access to g_caSslContext.
423 static ca_mutex g_sslContextMutex = NULL;
427 * @brief callback to deliver the TLS handshake result
429 static CAErrorCallback g_sslCallback = NULL;
432 * Data structure for holding the data to be received.
434 typedef struct SslRecBuf
441 * Data structure for holding the data related to endpoint
444 typedef struct SslEndPoint
446 mbedtls_ssl_context ssl;
447 CASecureEndpoint_t sep;
448 u_arraylist_t * cacheList;
450 uint8_t master[MASTER_SECRET_LEN];
451 uint8_t random[2*RANDOM_LEN];
453 mbedtls_ssl_cookie_ctx cookieCtx;
454 mbedtls_timing_delay_context timer;
455 #endif // __WITH_DTLS__
458 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
460 // TODO Does this method needs protection of tlsContextMutex?
461 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
462 g_getCredentialsCallback = credCallback;
463 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
466 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
468 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
469 g_getPkixInfoCallback = infoCallback;
470 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
472 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
474 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
475 g_getCredentialTypesCallback = credTypesCallback;
476 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
479 static int GetAdapterIndex(CATransportAdapter_t adapter)
488 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
495 * @param[in] tep TLS endpoint
496 * @param[in] data message
497 * @param[in] dataLen message length
499 * @return message length or -1 on error.
501 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
503 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
504 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
505 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
506 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
507 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
509 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
510 if (0 == adapterIndex || 1 == adapterIndex)
512 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
513 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
514 if (sentLen != dataLen)
516 OIC_LOG_V(DEBUG, NET_SSL_TAG,
517 "Packet was partially sent - total/sent/remained bytes : %d/%d/%d",
518 sentLen, dataLen, (dataLen - sentLen));
523 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
526 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
532 * @param[in] tep TLS endpoint
533 * @param[in] data message
534 * @param[in] dataLen message length
536 * @return read length
538 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
540 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
541 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
542 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
544 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
545 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
546 retLen = (retLen < dataLen ? retLen : dataLen);
548 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
549 recBuf->loaded += retLen;
551 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
556 * Parse chain of X.509 certificates.
558 * @param[out] crt container for X.509 certificates
559 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
560 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
561 * @param[in] bufLen buffer length
563 * @return 0 on success, -1 on error
565 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
567 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
568 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
569 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
574 unsigned char * tmp = NULL;
576 char pemCertHeader[] = {
577 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
578 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
580 char pemCertFooter[] = {
581 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
582 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
584 size_t pemCertHeaderLen = sizeof(pemCertHeader);
585 size_t pemCertFooterLen = sizeof(pemCertFooter);
589 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
591 tmp = (unsigned char *)buf + pos + 1;
592 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
593 if (pos + len < bufLen)
595 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
599 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
601 void * endPos = NULL;
602 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
605 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
606 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
609 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
610 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
611 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
613 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
615 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
616 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
618 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
622 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
623 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
626 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
631 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
632 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
633 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
637 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
644 //Loads PKIX related information from SRM
645 static int InitPKIX(CATransportAdapter_t adapter)
647 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
648 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
649 g_getPkixInfoCallback(&g_pkiInfo);
651 mbedtls_x509_crt_free(&g_caSslContext->ca);
652 mbedtls_x509_crt_free(&g_caSslContext->crt);
653 mbedtls_pk_free(&g_caSslContext->pkey);
654 mbedtls_x509_crl_free(&g_caSslContext->crl);
656 mbedtls_x509_crt_init(&g_caSslContext->ca);
657 mbedtls_x509_crt_init(&g_caSslContext->crt);
658 mbedtls_pk_init(&g_caSslContext->pkey);
659 mbedtls_x509_crl_init(&g_caSslContext->crl);
661 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
662 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
663 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
664 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
666 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
669 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
672 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
676 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
680 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
683 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
686 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
689 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
694 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
697 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
698 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
702 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
705 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
706 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
707 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
711 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
712 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
715 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
722 * @param[in] notUsed opaque context
723 * @param[in] ssl mbedTLS context
724 * @param[in] desc identity
725 * @param[in] descLen identity length
727 * @return 0 on success any other return value will result in a denied PSK identity
729 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
730 const unsigned char * desc, size_t descLen)
732 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
733 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
734 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
735 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
736 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
738 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
742 uint8_t keyBuf[PSK_LENGTH] = {0};
744 // Retrieve the credentials blob from security module
745 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
748 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
749 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
750 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
751 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
753 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
754 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
756 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
760 * Gets session corresponding for endpoint.
762 * @param[in] peer remote address
764 * @return TLS session or NULL
766 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
768 uint32_t listIndex = 0;
769 uint32_t listLength = 0;
770 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
771 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
773 SslEndPoint_t *tep = NULL;
774 listLength = u_arraylist_length(g_caSslContext->peerList);
775 for (listIndex = 0; listIndex < listLength; listIndex++)
777 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
782 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
783 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
784 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
785 && (peer->port == tep->sep.endpoint.port))
787 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
791 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
792 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
796 #ifdef _ENABLE_MULTIPLE_OWNER_
798 * Gets CA secure endpoint info corresponding for endpoint.
800 * @param[in] peer remote address
802 * @return CASecureEndpoint or NULL
804 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
806 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
808 // TODO: Added as workaround, need to debug
809 ca_mutex_unlock(g_sslContextMutex);
811 ca_mutex_lock(g_sslContextMutex);
812 if (NULL == g_caSslContext)
814 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
815 ca_mutex_unlock(g_sslContextMutex);
819 SslEndPoint_t* sslPeer = GetSslPeer(peer);
822 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
823 ca_mutex_unlock(g_sslContextMutex);
824 return &sslPeer->sep;
827 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
828 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
829 ca_mutex_unlock(g_sslContextMutex);
835 * Deletes cached message.
837 * @param[in] msg message
839 static void DeleteCacheMessage(SslCacheMessage_t * msg)
841 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
842 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
847 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
850 * Deletes cached message list.
852 * @param[in] cacheList list of cached messages
854 static void DeleteCacheList(u_arraylist_t * cacheList)
856 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
857 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
858 uint32_t listIndex = 0;
859 uint32_t listLength = 0;
861 listLength = u_arraylist_length(cacheList);
862 for (listIndex = 0; listIndex < listLength; listIndex++)
864 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
867 DeleteCacheMessage(msg);
870 u_arraylist_free(&cacheList);
872 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
875 * Deletes endpoint with session.
877 * @param[in] tep endpoint with session info
879 static void DeleteSslEndPoint(SslEndPoint_t * tep)
881 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
882 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
884 mbedtls_ssl_free(&tep->ssl);
886 mbedtls_ssl_cookie_free(&tep->cookieCtx);
888 DeleteCacheList(tep->cacheList);
890 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
893 * Removes endpoint session from list.
895 * @param[in] endpoint remote address
897 static void RemovePeerFromList(CAEndpoint_t * endpoint)
899 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
900 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
901 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
903 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
908 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
909 && (endpoint->port == tep->sep.endpoint.port))
911 u_arraylist_remove(g_caSslContext->peerList, listIndex);
912 DeleteSslEndPoint(tep);
918 * Deletes session list.
920 static void DeletePeerList()
922 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
923 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
925 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
930 DeleteSslEndPoint(tep);
932 u_arraylist_free(&g_caSslContext->peerList);
935 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
937 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
938 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
940 ca_mutex_lock(g_sslContextMutex);
941 if (NULL == g_caSslContext)
943 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
944 ca_mutex_unlock(g_sslContextMutex);
945 return CA_STATUS_FAILED;
947 SslEndPoint_t * tep = GetSslPeer(endpoint);
950 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
951 ca_mutex_unlock(g_sslContextMutex);
952 return CA_STATUS_FAILED;
954 /* No error checking, the connection might be closed already */
958 ret = mbedtls_ssl_close_notify(&tep->ssl);
960 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
962 RemovePeerFromList(&tep->sep.endpoint);
963 ca_mutex_unlock(g_sslContextMutex);
965 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
969 void CAcloseSslConnectionAll()
971 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
972 ca_mutex_lock(g_sslContextMutex);
973 if (NULL == g_caSslContext)
975 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
976 ca_mutex_unlock(g_sslContextMutex);
980 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
981 for (uint32_t i = listLength; i > 0; i--)
983 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_remove(g_caSslContext->peerList, i - 1);
988 OIC_LOG_V(DEBUG, NET_SSL_TAG, "SSL Connection [%s:%d]",
989 tep->sep.endpoint.addr, tep->sep.endpoint.port);
991 // TODO: need to check below code after socket close is ensured.
995 ret = mbedtls_ssl_close_notify(&tep->ssl);
997 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
999 DeleteSslEndPoint(tep);
1001 ca_mutex_unlock(g_sslContextMutex);
1003 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1007 * Creates session for endpoint.
1009 * @param[in] endpoint remote address
1010 * @param[in] config mbedTLS configuration info
1012 * @return TLS endpoint or NULL
1014 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1016 SslEndPoint_t * tep = NULL;
1017 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1018 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1019 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1021 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1024 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1028 tep->sep.endpoint = *endpoint;
1029 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1031 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1033 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1035 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1039 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1040 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1042 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1043 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1044 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1046 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
1047 &g_caSslContext->rnd))
1049 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
1051 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1054 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1056 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1057 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1059 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1061 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1066 tep->cacheList = u_arraylist_create();
1067 if (NULL == tep->cacheList)
1069 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1070 mbedtls_ssl_free(&tep->ssl);
1072 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1075 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1079 * Initializes PSK identity.
1081 * @param[out] config client/server config to be updated
1083 * @return 0 on success or -1 on error
1085 static int InitPskIdentity(mbedtls_ssl_config * config)
1087 uint8_t idBuf[UUID_LENGTH] = {0};
1088 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1089 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1091 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1093 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1094 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1097 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1099 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1100 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1103 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1106 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1109 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1110 if (NULL == g_getCredentialTypesCallback)
1112 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1116 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1117 // Retrieve the PSK credential from SRM
1118 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1119 if (0 != InitPskIdentity(config))
1121 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1124 // Retrieve the ECC credential from SRM
1125 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1127 int ret = InitPKIX(adapter);
1130 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1134 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1135 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1137 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1140 if (true == g_caSslContext->cipherFlag[1])
1142 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1145 if (true == g_caSslContext->cipherFlag[0])
1147 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1150 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1152 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1155 * Initiate TLS handshake with endpoint.
1157 * @param[in] endpoint remote address
1159 * @return TLS endpoint or NULL
1161 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1164 SslEndPoint_t * tep = NULL;
1166 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1167 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1170 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1171 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1172 tep = NewSslEndPoint(endpoint, config);
1175 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1179 //Load allowed SVR suites from SVR DB
1180 SetupCipher(config, endpoint->adapter);
1182 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1183 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1186 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1187 DeleteSslEndPoint(tep);
1191 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1193 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1194 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1198 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1200 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1203 #ifdef __WITH_DTLS__
1205 * Stops DTLS retransmission.
1207 static void StopRetransmit()
1211 unregisterTimer(g_caSslContext->timerId);
1215 void CAdeinitSslAdapter()
1217 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1219 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1220 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1222 //Lock tlsContext mutex
1223 ca_mutex_lock(g_sslContextMutex);
1228 // De-initialize mbedTLS
1229 mbedtls_x509_crt_free(&g_caSslContext->crt);
1230 mbedtls_pk_free(&g_caSslContext->pkey);
1232 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1233 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1234 #endif // __WITH_TLS__
1235 #ifdef __WITH_DTLS__
1236 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1237 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1238 #endif // __WITH_DTLS__
1239 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1240 mbedtls_entropy_free(&g_caSslContext->entropy);
1241 #ifdef __WITH_DTLS__
1244 // De-initialize tls Context
1245 OICFree(g_caSslContext);
1246 g_caSslContext = NULL;
1248 // Unlock tlsContext mutex and de-initialize it
1249 ca_mutex_unlock(g_sslContextMutex);
1250 ca_mutex_free(g_sslContextMutex);
1251 g_sslContextMutex = NULL;
1253 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1256 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1258 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1259 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1260 mbedtls_ssl_config_init(conf);
1261 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1263 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1267 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1268 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1269 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1270 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1271 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1272 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1274 #if !defined(NDEBUG) || defined(TB_LOG)
1275 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1276 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1278 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1281 #ifdef __WITH_DTLS__
1283 * Starts DTLS retransmission.
1285 static int StartRetransmit()
1287 uint32_t listIndex = 0;
1288 uint32_t listLength = 0;
1289 SslEndPoint_t *tep = NULL;
1290 if (NULL == g_caSslContext)
1292 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1295 ca_mutex_lock(g_sslContextMutex);
1296 if (g_caSslContext->timerId != -1)
1298 //clear previous timer
1299 unregisterTimer(g_caSslContext->timerId);
1301 listLength = u_arraylist_length(g_caSslContext->peerList);
1302 for (listIndex = 0; listIndex < listLength; listIndex++)
1304 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1306 || MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
1307 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1311 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1313 if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
1315 SSL_CHECK_FAIL(tep, ret, "Retransmission", NULL, -1,
1316 MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1321 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1322 ca_mutex_unlock(g_sslContextMutex);
1327 CAResult_t CAinitSslAdapter()
1329 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1330 // Initialize mutex for tlsContext
1331 if (NULL == g_sslContextMutex)
1333 g_sslContextMutex = ca_mutex_new();
1334 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1338 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1339 return CA_STATUS_OK;
1342 // Lock tlsContext mutex and create tlsContext
1343 ca_mutex_lock(g_sslContextMutex);
1344 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1346 if (NULL == g_caSslContext)
1348 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1349 ca_mutex_unlock(g_sslContextMutex);
1350 ca_mutex_free(g_sslContextMutex);
1351 g_sslContextMutex = NULL;
1352 return CA_MEMORY_ALLOC_FAILED;
1356 g_caSslContext->peerList = u_arraylist_create();
1358 if(NULL == g_caSslContext->peerList)
1360 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1361 OICFree(g_caSslContext);
1362 g_caSslContext = NULL;
1363 ca_mutex_unlock(g_sslContextMutex);
1364 ca_mutex_free(g_sslContextMutex);
1365 g_sslContextMutex = NULL;
1366 return CA_STATUS_FAILED;
1369 /* Initialize TLS library
1371 #if !defined(NDEBUG) || defined(TB_LOG)
1372 char version[MBED_TLS_VERSION_LEN];
1373 mbedtls_version_get_string(version);
1374 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1379 mbedtls_entropy_init(&g_caSslContext->entropy);
1380 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1383 unsigned char seed[sizeof(SEED)] = {0};
1385 urandomFd = open("/dev/urandom", O_RDONLY);
1388 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1389 ca_mutex_unlock(g_sslContextMutex);
1390 CAdeinitSslAdapter();
1391 return CA_STATUS_FAILED;
1393 if(0 > read(urandomFd, seed, sizeof(seed)))
1395 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1397 ca_mutex_unlock(g_sslContextMutex);
1398 CAdeinitSslAdapter();
1399 return CA_STATUS_FAILED;
1404 unsigned char * seed = (unsigned char*) SEED;
1406 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1407 &g_caSslContext->entropy, seed, sizeof(SEED)))
1409 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1410 ca_mutex_unlock(g_sslContextMutex);
1411 CAdeinitSslAdapter();
1412 return CA_STATUS_FAILED;
1414 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1417 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1418 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1420 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1421 ca_mutex_unlock(g_sslContextMutex);
1422 CAdeinitSslAdapter();
1423 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1424 return CA_STATUS_FAILED;
1427 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1428 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1430 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1431 ca_mutex_unlock(g_sslContextMutex);
1432 CAdeinitSslAdapter();
1433 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1434 return CA_STATUS_FAILED;
1436 #endif // __WITH_TLS__
1437 #ifdef __WITH_DTLS__
1438 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1439 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1441 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1442 ca_mutex_unlock(g_sslContextMutex);
1443 CAdeinitSslAdapter();
1444 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1445 return CA_STATUS_FAILED;
1448 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1449 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1451 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1452 ca_mutex_unlock(g_sslContextMutex);
1453 CAdeinitSslAdapter();
1454 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1455 return CA_STATUS_FAILED;
1457 #endif // __WITH_DTLS__
1459 // set default cipher
1460 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1463 mbedtls_x509_crt_init(&g_caSslContext->ca);
1464 mbedtls_x509_crt_init(&g_caSslContext->crt);
1465 mbedtls_pk_init(&g_caSslContext->pkey);
1466 mbedtls_x509_crl_init(&g_caSslContext->crl);
1468 #ifdef __WITH_DTLS__
1469 g_caSslContext->timerId = -1;
1472 ca_mutex_unlock(g_sslContextMutex);
1473 #ifdef __WITH_DTLS__
1477 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1478 return CA_STATUS_OK;
1481 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1483 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1484 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1487 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1488 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1491 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1492 if (NULL == message)
1494 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1495 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1499 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1500 if (NULL == message->data)
1502 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1504 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1507 memcpy(message->data, data, dataLen);
1508 message->len = dataLen;
1509 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1513 /* Send data via TLS connection.
1515 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1516 void *data, uint32_t dataLen)
1520 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1522 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1523 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1524 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1528 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1529 return CA_STATUS_FAILED;
1532 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1534 ca_mutex_lock(g_sslContextMutex);
1535 if(NULL == g_caSslContext)
1537 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1538 ca_mutex_unlock(g_sslContextMutex);
1539 return CA_STATUS_FAILED;
1542 SslEndPoint_t * tep = GetSslPeer(endpoint);
1545 tep = InitiateTlsHandshake(endpoint);
1549 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1550 ca_mutex_unlock(g_sslContextMutex);
1551 return CA_STATUS_FAILED;
1554 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1556 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1560 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1561 RemovePeerFromList(&tep->sep.endpoint);
1562 ca_mutex_unlock(g_sslContextMutex);
1563 return CA_STATUS_FAILED;
1568 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1569 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1571 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1572 ca_mutex_unlock(g_sslContextMutex);
1573 return CA_STATUS_FAILED;
1577 ca_mutex_unlock(g_sslContextMutex);
1579 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1580 return CA_STATUS_OK;
1583 * Sends cached messages via TLS connection.
1585 * @param[in] tep remote address with session info
1587 static void SendCacheMessages(SslEndPoint_t * tep)
1589 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1590 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1592 uint32_t listIndex = 0;
1593 uint32_t listLength = 0;
1594 listLength = u_arraylist_length(tep->cacheList);
1595 for (listIndex = 0; listIndex < listLength;)
1598 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1599 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1603 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1605 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1609 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1611 if (u_arraylist_remove(tep->cacheList, listIndex))
1613 DeleteCacheMessage(msg);
1614 // Reduce list length by 1 as we removed one element.
1619 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1625 // Move to the next element
1629 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1632 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1634 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1635 g_sslCallback = tlsHandshakeCallback;
1636 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1639 /* Read data from TLS connection
1641 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1644 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1645 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1646 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1648 ca_mutex_lock(g_sslContextMutex);
1649 if (NULL == g_caSslContext)
1651 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1652 ca_mutex_unlock(g_sslContextMutex);
1653 return CA_STATUS_FAILED;
1657 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1660 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1661 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1662 peer = NewSslEndPoint(&sep->endpoint, config);
1665 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1666 ca_mutex_unlock(g_sslContextMutex);
1667 return CA_STATUS_FAILED;
1669 //Load allowed TLS suites from SVR DB
1670 SetupCipher(config, sep->endpoint.adapter);
1672 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1675 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1677 ca_mutex_unlock(g_sslContextMutex);
1678 return CA_STATUS_FAILED;
1682 peer->recBuf.buff = data;
1683 peer->recBuf.len = dataLen;
1684 peer->recBuf.loaded = 0;
1686 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1688 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1689 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1694 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1696 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1697 mbedtls_ssl_session_reset(&peer->ssl);
1698 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1699 (const unsigned char *) sep->endpoint.addr,
1700 sizeof(sep->endpoint.addr));
1701 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1703 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1706 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1707 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1708 CA_STATUS_FAILED, GetAlertCode(flags));
1710 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1711 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1713 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1714 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1716 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1718 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1721 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1723 SSL_RES(peer, CA_STATUS_OK);
1724 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1726 SendCacheMessages(peer);
1729 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1730 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1732 char uuid[UUID_LENGTH * 2 + 5] = {0};
1733 void * uuidPos = NULL;
1734 void * userIdPos = NULL;
1735 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1736 ret = (NULL == peerCert ? -1 : 0);
1737 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1738 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1739 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1740 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1742 if (NULL != uuidPos)
1744 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1745 ret = OCConvertStringToUuid(uuid, peer->sep.identity.id);
1746 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1747 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1751 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1754 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1755 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1756 if (NULL != userIdPos)
1758 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1759 ret = OCConvertStringToUuid(uuid, peer->sep.userId.id);
1760 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1761 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1765 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1769 ca_mutex_unlock(g_sslContextMutex);
1770 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1771 return CA_STATUS_OK;
1775 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1777 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1780 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1781 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1783 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1784 // TinyDTLS sends fatal close_notify alert
1785 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1786 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1787 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1789 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1790 SSL_CLOSE_NOTIFY(peer, ret);
1791 RemovePeerFromList(&peer->sep.endpoint);
1792 ca_mutex_unlock(g_sslContextMutex);
1793 return CA_STATUS_OK;
1798 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1799 //SSL_RES(peer, CA_STATUS_FAILED);
1800 RemovePeerFromList(&peer->sep.endpoint);
1801 ca_mutex_unlock(g_sslContextMutex);
1802 return CA_STATUS_FAILED;
1804 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1805 if (0 == adapterIndex || adapterIndex == 1)
1807 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1811 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1812 RemovePeerFromList(&peer->sep.endpoint);
1813 ca_mutex_unlock(g_sslContextMutex);
1814 return CA_STATUS_FAILED;
1818 ca_mutex_unlock(g_sslContextMutex);
1819 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1820 return CA_STATUS_OK;
1823 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1824 CAPacketSendCallback sendCallback,
1825 CATransportAdapter_t type)
1827 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1828 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1829 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1830 ca_mutex_lock(g_sslContextMutex);
1831 if (NULL == g_caSslContext)
1833 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1834 ca_mutex_unlock(g_sslContextMutex);
1838 // if (MAX_SUPPORTED_ADAPTERS > type)
1843 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1844 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1846 case CA_ADAPTER_TCP:
1847 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1848 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1851 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1855 ca_mutex_unlock(g_sslContextMutex);
1856 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1859 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1861 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1862 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1863 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1866 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1869 //todo check that Cred with RSA cert exists
1870 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1871 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1872 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1873 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1875 #ifdef __WITH_DTLS__
1876 //todo check that Cred with RSA cert exists
1877 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1878 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1879 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1880 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1882 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1885 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1887 if (false == g_caSslContext->cipherFlag[1])
1889 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1890 return CA_STATUS_FAILED;
1893 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1894 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1895 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1896 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1898 #ifdef __WITH_DTLS__
1899 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1900 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1901 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1902 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1904 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1907 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1910 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1911 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1912 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1913 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1915 #ifdef __WITH_DTLS__
1916 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1917 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1918 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1919 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1921 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1924 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1927 if (false == g_caSslContext->cipherFlag[0])
1929 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1930 return CA_STATUS_FAILED;
1934 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1935 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1936 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1937 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1939 #ifdef __WITH_DTLS__
1940 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1941 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1942 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1943 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1945 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1950 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1951 return CA_STATUS_FAILED;
1954 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
1955 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1956 return CA_STATUS_OK;
1959 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
1961 CAResult_t res = CA_STATUS_OK;
1962 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1963 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1964 ca_mutex_lock(g_sslContextMutex);
1965 if (NULL == InitiateTlsHandshake(endpoint))
1967 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1968 res = CA_STATUS_FAILED;
1970 ca_mutex_unlock(g_sslContextMutex);
1971 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1975 * Expands the secret into blocks of data according
1976 * to the algorithm specified in section 5 of RFC 4346
1978 * This function writes upto @p bufLen bytes into the given output buffer @p buf
1980 * @param key secret key.
1981 * @param keyLen secret key length.
1982 * @param label A PRF label.
1983 * @param labelLen Actual length of @p label.
1984 * @param random1 Random seed.
1985 * @param random1Len Actual length of @p random1 (may be zero).
1986 * @param random2 Random seed.
1987 * @param random2Len Actual length of @p random2 (may be zero).
1988 * @param buf Output buffer for generated random data.
1989 * @param bufLen Maximum size of @p buf.
1991 * @return The actual number of bytes written to @p buf or @c -1 on error.
1994 static int pHash (const unsigned char *key, size_t keyLen,
1995 const unsigned char *label, size_t labelLen,
1996 const unsigned char *random1, size_t random1Len,
1997 const unsigned char *random2, size_t random2Len,
1998 unsigned char *buf, size_t bufLen)
2000 unsigned char A[RANDOM_LEN] = {0};
2001 unsigned char tmp[RANDOM_LEN] = {0};
2002 size_t dLen; /* digest length */
2003 size_t len = 0; /* result length */
2005 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2006 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2007 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2008 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2009 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2011 mbedtls_md_context_t hmacA;
2012 mbedtls_md_context_t hmacP;
2014 mbedtls_md_init(&hmacA);
2015 mbedtls_md_init(&hmacP);
2017 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2018 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2020 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2021 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2022 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2023 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2024 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2028 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2030 while (len + dLen < bufLen)
2032 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2033 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2034 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2035 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2036 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2037 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2039 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2043 memcpy(buf, tmp, dLen);
2046 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2047 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2048 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2049 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2052 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2053 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2054 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2056 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2057 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2058 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2059 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2061 memcpy(buf, tmp, bufLen - len);
2063 mbedtls_md_free(&hmacA);
2064 mbedtls_md_free(&hmacP);
2068 mbedtls_md_free(&hmacA);
2069 mbedtls_md_free(&hmacP);
2073 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2074 const uint8_t* label, const size_t labelLen,
2075 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2076 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2077 uint8_t* ownerPsk, const size_t ownerPskSize)
2079 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2080 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2081 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2082 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2083 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2084 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2086 // TODO: Added as workaround, need to debug
2087 ca_mutex_unlock(g_sslContextMutex);
2089 ca_mutex_lock(g_sslContextMutex);
2090 if (NULL == g_caSslContext)
2092 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2093 ca_mutex_unlock(g_sslContextMutex);
2094 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2095 return CA_STATUS_FAILED;
2097 SslEndPoint_t * tep = GetSslPeer(endpoint);
2100 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2101 ca_mutex_unlock(g_sslContextMutex);
2102 return CA_STATUS_FAILED;
2105 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2107 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2108 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2109 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2110 keyblock, KEY_BLOCK_LEN);
2113 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2114 ca_mutex_unlock(g_sslContextMutex);
2115 return CA_STATUS_FAILED;
2117 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2118 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2119 provServerDeviceId, provServerDeviceIdLen,
2120 ownerPsk, ownerPskSize);
2123 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2124 ca_mutex_unlock(g_sslContextMutex);
2125 return CA_STATUS_FAILED;
2128 ca_mutex_unlock(g_sslContextMutex);
2130 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2131 return CA_STATUS_OK;