1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
25 #include "ca_adapter_net_ssl.h"
27 #include "caipinterface.h"
28 #include "oic_malloc.h"
30 #include "byte_array.h"
35 // headers required for mbed TLS
36 #include "mbedtls/platform.h"
37 #include "mbedtls/ssl.h"
38 #include "mbedtls/entropy.h"
39 #include "mbedtls/ctr_drbg.h"
40 #include "mbedtls/pkcs12.h"
41 #include "mbedtls/ssl_internal.h"
43 #include "mbedtls/timing.h"
44 #include "mbedtls/ssl_cookie.h"
47 #if !defined(NDEBUG) || defined(TB_LOG)
48 #include "mbedtls/debug.h"
49 #include "mbedtls/version.h"
53 #include <sys/types.h>
61 * @def MBED_TLS_VERSION_LEN
62 * @brief mbedTLS version string length
64 #define MBED_TLS_VERSION_LEN (16)
67 * @brief Seed for initialization RNG
69 #define SEED "IOTIVITY_RND"
72 * @brief uuid prefix in certificate subject field
74 #define UUID_PREFIX "uuid:"
77 * @brief userid prefix in certificate alternative subject name field
79 #define USERID_PREFIX "userid:"
83 * @brief Logging tag for module name
85 #define NET_SSL_TAG "OIC_CA_NET_SSL"
88 * @brief Logging tag for mbedTLS library
90 #define MBED_TLS_TAG "MBED_TLS"
92 * @def MMBED_TLS_DEBUG_LEVEL
93 * @brief Logging level for mbedTLS library
95 #define MBED_TLS_DEBUG_LEVEL (4)
98 * @def TLS_MSG_BUF_LEN
99 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
102 #define TLS_MSG_BUF_LEN (16384)
105 * @brief PSK keys max length
107 #define PSK_LENGTH (256/8)
109 * @def UUID_LENGTHPSK_LENGTH
110 * @brief Identity max length
112 #define UUID_LENGTH (128/8)
114 * @def MASTER_SECRET_LEN
115 * @brief TLS master secret length
117 #define MASTER_SECRET_LEN (48)
120 * @brief TLS client and server random bytes length
122 #define RANDOM_LEN (32)
125 * @brief PSK generated keyblock length
127 #define KEY_BLOCK_LEN (96)
129 /**@def SSL_CLOSE_NOTIFY(peer, ret)
131 * Notifies of existing \a peer about closing TLS connection.
133 * @param[in] peer remote peer
134 * @param[in] ret used internaly
138 * @var RETRANSMISSION_TIME
139 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
141 #define RETRANSMISSION_TIME 1
143 #define SSL_CLOSE_NOTIFY(peer, ret) \
146 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
147 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
149 /**@def SSL_RES(peer, status)
151 * Sets SSL result for callback.
153 * @param[in] peer remote peer
155 #define SSL_RES(peer, status) \
158 CAErrorInfo_t errorInfo; \
159 errorInfo.result = (status); \
160 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
162 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
164 * Checks handshake result and send alert if needed.
166 * @param[in] peer remote peer
167 * @param[in] ret error code
168 * @param[in] str debug string
169 * @param[in] mutex ca mutex
170 * @param[in] if code does not equal to -1 returns error code
171 * @param[in] msg allert message
173 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
174 if (0 != (ret) && MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
175 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
176 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
177 MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret)) \
179 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
180 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
181 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
183 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
185 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == (int) (ret) && \
186 ((int) MBEDTLS_SSL_ALERT_MSG_DECRYPTION_FAILED == (peer)->ssl.in_msg[1] || \
187 (int) MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR == (peer)->ssl.in_msg[1] || \
188 (int) MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE == (peer)->ssl.in_msg[1] || \
189 (int) MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC == (peer)->ssl.in_msg[1])) \
191 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
193 RemovePeerFromList(&(peer)->sep.endpoint); \
196 ca_mutex_unlock(g_sslContextMutex); \
198 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
204 /** @def CHECK_MBEDTLS_RET(f, ...)
205 * A macro that checks \a f function return code
207 * If function returns error code it goes to error processing.
209 * @param[in] f Function to call
211 #define CHECK_MBEDTLS_RET(f, ...) do { \
212 int ret = (f)(__VA_ARGS__); \
214 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
220 ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA,
221 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
222 ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256,
223 ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
224 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM,
225 ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
231 ADAPTER_CURVE_SECP256R1,
235 int tlsCipher[ADAPTER_CIPHER_MAX][2] =
237 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA, 0},
238 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
239 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0},
240 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0},
241 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 0},
242 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0}
245 static int g_cipherSuitesList[ADAPTER_CIPHER_MAX];
247 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
249 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
252 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
259 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
260 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
261 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
262 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
263 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
264 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
265 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
266 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
267 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
268 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
269 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
270 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
271 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
272 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
273 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
274 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
275 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
276 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
277 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
278 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
279 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
283 static int GetAlertCode(uint32_t flags)
285 const CrtVerifyAlert_t *cur;
287 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
289 if (flags & cur->code)
297 #if !defined(NDEBUG) || defined(TB_LOG)
299 * Pass a message to the OIC logger.
301 * @param[in] ctx opaque context for the callback
302 * @param[in] level debug level
303 * @param[in] file file name
304 * @param[in] line line number
305 * @param[in] str message
307 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
314 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
320 * Finds the first occurrence of the byte string s in byte string l.
323 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
327 const char *cl = (const char *)l;
328 const char *cs = (const char *)s;
330 if (lLen == 0 || sLen == 0)
340 return (void *)memchr(l, (int)*cs, lLen);
343 last = (char *)cl + lLen - sLen;
345 for (cur = (char *)cl; cur <= last; cur++)
347 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
356 * structure to holds the information of cache message and address info.
358 typedef ByteArray_t SslCacheMessage_t;
362 * Data structure for holding the send and recv callbacks.
364 typedef struct TlsCallBacks
366 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
367 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
371 * Data structure for holding the mbedTLS interface related info.
373 typedef struct SslContext
375 u_arraylist_t *peerList; /**< peer list which holds the mapping between
376 peer id, it's n/w address and mbedTLS context. */
377 mbedtls_entropy_context entropy;
378 mbedtls_ctr_drbg_context rnd;
380 mbedtls_x509_crt crt;
381 mbedtls_pk_context pkey;
383 mbedtls_ssl_config clientTlsConf;
384 mbedtls_ssl_config serverTlsConf;
385 mbedtls_ssl_config clientDtlsConf;
386 mbedtls_ssl_config serverDtlsConf;
388 AdapterCipher_t cipher;
389 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
390 mbedtls_x509_crl crl;
401 * @var g_caSslContext
402 * @brief global context which holds tls context and cache list information.
404 static SslContext_t * g_caSslContext = NULL;
407 * @var g_getCredentialsCallback
408 * @brief callback to get TLS credentials (same as for DTLS)
410 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
412 * @var g_getCerdentilTypesCallback
413 * @brief callback to get different credential types from SRM
415 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
417 * @var g_getPkixInfoCallback
419 * @brief callback to get X.509-based Public Key Infrastructure
421 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
424 * @var g_dtlsContextMutex
425 * @brief Mutex to synchronize access to g_caSslContext.
427 static ca_mutex g_sslContextMutex = NULL;
431 * @brief callback to deliver the TLS handshake result
433 static CAErrorCallback g_sslCallback = NULL;
436 * Data structure for holding the data to be received.
438 typedef struct SslRecBuf
445 * Data structure for holding the data related to endpoint
448 typedef struct SslEndPoint
450 mbedtls_ssl_context ssl;
451 CASecureEndpoint_t sep;
452 u_arraylist_t * cacheList;
454 uint8_t master[MASTER_SECRET_LEN];
455 uint8_t random[2*RANDOM_LEN];
457 mbedtls_ssl_cookie_ctx cookieCtx;
458 mbedtls_timing_delay_context timer;
459 #endif // __WITH_DTLS__
462 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
464 // TODO Does this method needs protection of tlsContextMutex?
465 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
466 g_getCredentialsCallback = credCallback;
467 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
470 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
472 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
473 g_getPkixInfoCallback = infoCallback;
474 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
476 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
478 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
479 g_getCredentialTypesCallback = credTypesCallback;
480 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
483 static int GetAdapterIndex(CATransportAdapter_t adapter)
492 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
499 * @param[in] tep TLS endpoint
500 * @param[in] data message
501 * @param[in] dataLen message length
503 * @return message length or -1 on error.
505 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
507 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
508 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
509 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
510 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
511 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
513 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
514 if (0 == adapterIndex || 1 == adapterIndex)
516 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
517 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
518 if (sentLen != dataLen)
520 OIC_LOG_V(DEBUG, NET_SSL_TAG,
521 "Packet was partially sent - total/sent/remained bytes : %d/%d/%d",
522 sentLen, dataLen, (dataLen - sentLen));
527 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
530 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
536 * @param[in] tep TLS endpoint
537 * @param[in] data message
538 * @param[in] dataLen message length
540 * @return read length
542 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
544 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
545 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
546 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
548 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
549 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
550 retLen = (retLen < dataLen ? retLen : dataLen);
552 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
553 recBuf->loaded += retLen;
555 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
560 * Parse chain of X.509 certificates.
562 * @param[out] crt container for X.509 certificates
563 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
564 or DER format in a jumble. Each PEM certificate must be NULL-terminated.
565 * @param[in] bufLen buffer length
567 * @return 0 on success, -1 on error
569 static int ParseChain(mbedtls_x509_crt * crt, const unsigned char * buf, int bufLen)
571 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
572 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
573 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
578 unsigned char * tmp = NULL;
580 char pemCertHeader[] = {
581 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
582 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
584 char pemCertFooter[] = {
585 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
586 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
588 size_t pemCertHeaderLen = sizeof(pemCertHeader);
589 size_t pemCertFooterLen = sizeof(pemCertFooter);
593 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
595 tmp = (unsigned char *)buf + pos + 1;
596 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
597 if (pos + len < bufLen)
599 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse_der, crt, buf + pos, len + 4);
603 else if (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen))
605 void * endPos = NULL;
606 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
609 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
610 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
613 if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0d) &&
614 (*((char*)endPos + pemCertFooterLen + 1) == 0x0a) &&
615 (*((char*)endPos + pemCertFooterLen + 2) == 0x00))
617 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 3;
619 else if ((*((char*)endPos + pemCertFooterLen + 0) == 0x0a) &&
620 (*((char*)endPos + pemCertFooterLen + 1) == 0x00))
622 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen + 2;
626 OIC_LOG_V(ERROR, NET_SSL_TAG, "Incorrect PEM certificate ending");
627 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
630 CHECK_MBEDTLS_RET(mbedtls_x509_crt_parse, crt, buf + pos, len);
635 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, buf, bufLen);
636 OIC_LOG_V(ERROR, NET_SSL_TAG, "parseChain returned -0x%x", -ret);
637 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
641 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
648 //Loads PKIX related information from SRM
649 static int InitPKIX(CATransportAdapter_t adapter)
651 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
652 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
653 g_getPkixInfoCallback(&g_pkiInfo);
655 mbedtls_x509_crt_free(&g_caSslContext->ca);
656 mbedtls_x509_crt_free(&g_caSslContext->crt);
657 mbedtls_pk_free(&g_caSslContext->pkey);
658 mbedtls_x509_crl_free(&g_caSslContext->crl);
660 mbedtls_x509_crt_init(&g_caSslContext->ca);
661 mbedtls_x509_crt_init(&g_caSslContext->crt);
662 mbedtls_pk_init(&g_caSslContext->pkey);
663 mbedtls_x509_crl_init(&g_caSslContext->crl);
665 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ?
666 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
667 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ?
668 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
670 int ret = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len);
673 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
676 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
680 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
684 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
687 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
690 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
693 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
698 ret = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len);
701 OIC_LOG(ERROR, NET_SSL_TAG, "CA chain parsing error");
702 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
706 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
709 OIC_LOG(WARNING, NET_SSL_TAG, "CRL parsing error");
710 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, NULL);
711 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, NULL);
715 mbedtls_ssl_conf_ca_chain(clientConf, &g_caSslContext->ca, &g_caSslContext->crl);
716 mbedtls_ssl_conf_ca_chain(serverConf, &g_caSslContext->ca, &g_caSslContext->crl);
719 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
726 * @param[in] notUsed opaque context
727 * @param[in] ssl mbedTLS context
728 * @param[in] desc identity
729 * @param[in] descLen identity length
731 * @return 0 on success any other return value will result in a denied PSK identity
733 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
734 const unsigned char * desc, size_t descLen)
736 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
737 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
738 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
739 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
740 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
742 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
746 uint8_t keyBuf[PSK_LENGTH] = {0};
748 // Retrieve the credentials blob from security module
749 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
752 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
753 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
754 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
755 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
757 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
758 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
760 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
764 * Gets session corresponding for endpoint.
766 * @param[in] peer remote address
768 * @return TLS session or NULL
770 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
772 uint32_t listIndex = 0;
773 uint32_t listLength = 0;
774 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
775 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
777 SslEndPoint_t *tep = NULL;
778 listLength = u_arraylist_length(g_caSslContext->peerList);
779 for (listIndex = 0; listIndex < listLength; listIndex++)
781 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
786 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d]",
787 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port);
788 if((0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
789 && (peer->port == tep->sep.endpoint.port))
791 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
795 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
796 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
800 #ifdef _ENABLE_MULTIPLE_OWNER_
802 * Gets CA secure endpoint info corresponding for endpoint.
804 * @param[in] peer remote address
806 * @return CASecureEndpoint or NULL
808 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
810 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
812 // TODO: Added as workaround, need to debug
813 ca_mutex_unlock(g_sslContextMutex);
815 ca_mutex_lock(g_sslContextMutex);
816 if (NULL == g_caSslContext)
818 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
819 ca_mutex_unlock(g_sslContextMutex);
823 SslEndPoint_t* sslPeer = GetSslPeer(peer);
826 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
827 ca_mutex_unlock(g_sslContextMutex);
828 return &sslPeer->sep;
831 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
832 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
833 ca_mutex_unlock(g_sslContextMutex);
839 * Deletes cached message.
841 * @param[in] msg message
843 static void DeleteCacheMessage(SslCacheMessage_t * msg)
845 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
846 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
851 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
854 * Deletes cached message list.
856 * @param[in] cacheList list of cached messages
858 static void DeleteCacheList(u_arraylist_t * cacheList)
860 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
861 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
862 uint32_t listIndex = 0;
863 uint32_t listLength = 0;
865 listLength = u_arraylist_length(cacheList);
866 for (listIndex = 0; listIndex < listLength; listIndex++)
868 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
871 DeleteCacheMessage(msg);
874 u_arraylist_free(&cacheList);
876 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
879 * Deletes endpoint with session.
881 * @param[in] tep endpoint with session info
883 static void DeleteSslEndPoint(SslEndPoint_t * tep)
885 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
886 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
888 mbedtls_ssl_free(&tep->ssl);
890 mbedtls_ssl_cookie_free(&tep->cookieCtx);
892 DeleteCacheList(tep->cacheList);
894 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
897 * Removes endpoint session from list.
899 * @param[in] endpoint remote address
901 static void RemovePeerFromList(CAEndpoint_t * endpoint)
903 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
904 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
905 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
907 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
912 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
913 && (endpoint->port == tep->sep.endpoint.port))
915 u_arraylist_remove(g_caSslContext->peerList, listIndex);
916 DeleteSslEndPoint(tep);
922 * Deletes session list.
924 static void DeletePeerList()
926 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
927 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
929 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
934 DeleteSslEndPoint(tep);
936 u_arraylist_free(&g_caSslContext->peerList);
939 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
941 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
942 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
944 ca_mutex_lock(g_sslContextMutex);
945 if (NULL == g_caSslContext)
947 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
948 ca_mutex_unlock(g_sslContextMutex);
949 return CA_STATUS_FAILED;
951 SslEndPoint_t * tep = GetSslPeer(endpoint);
954 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
955 ca_mutex_unlock(g_sslContextMutex);
956 return CA_STATUS_FAILED;
958 /* No error checking, the connection might be closed already */
962 ret = mbedtls_ssl_close_notify(&tep->ssl);
964 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
966 RemovePeerFromList(&tep->sep.endpoint);
967 ca_mutex_unlock(g_sslContextMutex);
969 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
973 void CAcloseSslConnectionAll()
975 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
976 ca_mutex_lock(g_sslContextMutex);
977 if (NULL == g_caSslContext)
979 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
980 ca_mutex_unlock(g_sslContextMutex);
984 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
985 for (uint32_t i = listLength; i > 0; i--)
987 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_remove(g_caSslContext->peerList, i - 1);
992 OIC_LOG_V(DEBUG, NET_SSL_TAG, "SSL Connection [%s:%d]",
993 tep->sep.endpoint.addr, tep->sep.endpoint.port);
995 // TODO: need to check below code after socket close is ensured.
999 ret = mbedtls_ssl_close_notify(&tep->ssl);
1001 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
1003 DeleteSslEndPoint(tep);
1005 ca_mutex_unlock(g_sslContextMutex);
1007 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1011 * Creates session for endpoint.
1013 * @param[in] endpoint remote address
1014 * @param[in] config mbedTLS configuration info
1016 * @return TLS endpoint or NULL
1018 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1020 SslEndPoint_t * tep = NULL;
1021 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1022 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1023 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1025 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1028 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1032 tep->sep.endpoint = *endpoint;
1033 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1035 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1037 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1039 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1043 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1044 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1046 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1047 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1048 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1050 if (0 != mbedtls_ssl_cookie_setup(&tep->cookieCtx, mbedtls_ctr_drbg_random,
1051 &g_caSslContext->rnd))
1053 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
1055 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1058 mbedtls_ssl_conf_dtls_cookies(config, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1060 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1061 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1063 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1065 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1070 tep->cacheList = u_arraylist_create();
1071 if (NULL == tep->cacheList)
1073 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1074 mbedtls_ssl_free(&tep->ssl);
1076 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1079 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1083 * Initializes PSK identity.
1085 * @param[out] config client/server config to be updated
1087 * @return 0 on success or -1 on error
1089 static int InitPskIdentity(mbedtls_ssl_config * config)
1091 uint8_t idBuf[UUID_LENGTH] = {0};
1092 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1093 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1095 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1097 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1098 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1101 if (0 != mbedtls_ssl_conf_psk(config, idBuf, 0, idBuf, UUID_LENGTH))
1103 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1104 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1107 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1110 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1113 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1114 if (NULL == g_getCredentialTypesCallback)
1116 OIC_LOG(ERROR, NET_SSL_TAG, "Param callback is null");
1120 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1121 // Retrieve the PSK credential from SRM
1122 // PIN OTM if (true == g_caSslContext->cipherFlag[0] && 0 != InitPskIdentity(config))
1123 if (0 != InitPskIdentity(config))
1125 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1128 // Retrieve the ECC credential from SRM
1129 if (true == g_caSslContext->cipherFlag[1] || ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->cipher)
1131 int ret = InitPKIX(adapter);
1134 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1138 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1139 if (ADAPTER_CIPHER_MAX != g_caSslContext->cipher)
1141 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1144 if (true == g_caSslContext->cipherFlag[1])
1146 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1149 if (true == g_caSslContext->cipherFlag[0])
1151 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1154 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1156 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1159 * Initiate TLS handshake with endpoint.
1161 * @param[in] endpoint remote address
1163 * @return TLS endpoint or NULL
1165 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1168 SslEndPoint_t * tep = NULL;
1170 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1171 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1174 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ?
1175 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1176 tep = NewSslEndPoint(endpoint, config);
1179 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1183 //Load allowed SVR suites from SVR DB
1184 SetupCipher(config, endpoint->adapter);
1186 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Add %s:%d", tep->sep.endpoint.addr, tep->sep.endpoint.port);
1187 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1190 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1191 DeleteSslEndPoint(tep);
1195 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1197 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1198 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1202 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1204 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1207 #ifdef __WITH_DTLS__
1209 * Stops DTLS retransmission.
1211 static void StopRetransmit()
1215 unregisterTimer(g_caSslContext->timerId);
1219 void CAdeinitSslAdapter()
1221 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1223 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1224 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1226 //Lock tlsContext mutex
1227 ca_mutex_lock(g_sslContextMutex);
1232 // De-initialize mbedTLS
1233 mbedtls_x509_crt_free(&g_caSslContext->crt);
1234 mbedtls_pk_free(&g_caSslContext->pkey);
1236 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1237 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1238 #endif // __WITH_TLS__
1239 #ifdef __WITH_DTLS__
1240 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1241 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1242 #endif // __WITH_DTLS__
1243 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1244 mbedtls_entropy_free(&g_caSslContext->entropy);
1245 #ifdef __WITH_DTLS__
1248 // De-initialize tls Context
1249 OICFree(g_caSslContext);
1250 g_caSslContext = NULL;
1252 // Unlock tlsContext mutex and de-initialize it
1253 ca_mutex_unlock(g_sslContextMutex);
1254 ca_mutex_free(g_sslContextMutex);
1255 g_sslContextMutex = NULL;
1257 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1260 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1262 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1263 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1264 mbedtls_ssl_config_init(conf);
1265 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1267 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1271 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1272 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1273 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1274 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1275 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1276 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1278 #if !defined(NDEBUG) || defined(TB_LOG)
1279 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1280 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1282 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1285 #ifdef __WITH_DTLS__
1287 * Starts DTLS retransmission.
1289 static int StartRetransmit()
1291 uint32_t listIndex = 0;
1292 uint32_t listLength = 0;
1293 SslEndPoint_t *tep = NULL;
1294 if (NULL == g_caSslContext)
1296 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1299 ca_mutex_lock(g_sslContextMutex);
1300 if (g_caSslContext->timerId != -1)
1302 //clear previous timer
1303 unregisterTimer(g_caSslContext->timerId);
1305 listLength = u_arraylist_length(g_caSslContext->peerList);
1306 for (listIndex = 0; listIndex < listLength; listIndex++)
1308 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1310 || MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport
1311 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1315 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1317 if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
1319 SSL_CHECK_FAIL(tep, ret, "Retransmission", NULL, -1,
1320 MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1325 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1326 ca_mutex_unlock(g_sslContextMutex);
1331 CAResult_t CAinitSslAdapter()
1333 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1334 // Initialize mutex for tlsContext
1335 if (NULL == g_sslContextMutex)
1337 g_sslContextMutex = ca_mutex_new();
1338 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1342 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1343 return CA_STATUS_OK;
1346 // Lock tlsContext mutex and create tlsContext
1347 ca_mutex_lock(g_sslContextMutex);
1348 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
1350 if (NULL == g_caSslContext)
1352 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
1353 ca_mutex_unlock(g_sslContextMutex);
1354 ca_mutex_free(g_sslContextMutex);
1355 g_sslContextMutex = NULL;
1356 return CA_MEMORY_ALLOC_FAILED;
1360 g_caSslContext->peerList = u_arraylist_create();
1362 if(NULL == g_caSslContext->peerList)
1364 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
1365 OICFree(g_caSslContext);
1366 g_caSslContext = NULL;
1367 ca_mutex_unlock(g_sslContextMutex);
1368 ca_mutex_free(g_sslContextMutex);
1369 g_sslContextMutex = NULL;
1370 return CA_STATUS_FAILED;
1373 /* Initialize TLS library
1375 #if !defined(NDEBUG) || defined(TB_LOG)
1376 char version[MBED_TLS_VERSION_LEN];
1377 mbedtls_version_get_string(version);
1378 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
1383 mbedtls_entropy_init(&g_caSslContext->entropy);
1384 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
1387 unsigned char seed[sizeof(SEED)] = {0};
1389 urandomFd = open("/dev/urandom", O_RDONLY);
1392 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
1393 ca_mutex_unlock(g_sslContextMutex);
1394 CAdeinitSslAdapter();
1395 return CA_STATUS_FAILED;
1397 if(0 > read(urandomFd, seed, sizeof(seed)))
1399 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
1401 ca_mutex_unlock(g_sslContextMutex);
1402 CAdeinitSslAdapter();
1403 return CA_STATUS_FAILED;
1408 unsigned char * seed = (unsigned char*) SEED;
1410 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
1411 &g_caSslContext->entropy, seed, sizeof(SEED)))
1413 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
1414 ca_mutex_unlock(g_sslContextMutex);
1415 CAdeinitSslAdapter();
1416 return CA_STATUS_FAILED;
1418 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
1421 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
1422 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
1424 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1425 ca_mutex_unlock(g_sslContextMutex);
1426 CAdeinitSslAdapter();
1427 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1428 return CA_STATUS_FAILED;
1431 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
1432 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
1434 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1435 ca_mutex_unlock(g_sslContextMutex);
1436 CAdeinitSslAdapter();
1437 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1438 return CA_STATUS_FAILED;
1440 #endif // __WITH_TLS__
1441 #ifdef __WITH_DTLS__
1442 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
1443 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
1445 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
1446 ca_mutex_unlock(g_sslContextMutex);
1447 CAdeinitSslAdapter();
1448 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1449 return CA_STATUS_FAILED;
1452 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
1453 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
1455 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
1456 ca_mutex_unlock(g_sslContextMutex);
1457 CAdeinitSslAdapter();
1458 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1459 return CA_STATUS_FAILED;
1461 #endif // __WITH_DTLS__
1463 // set default cipher
1464 g_caSslContext->cipher = ADAPTER_CIPHER_MAX;
1467 mbedtls_x509_crt_init(&g_caSslContext->ca);
1468 mbedtls_x509_crt_init(&g_caSslContext->crt);
1469 mbedtls_pk_init(&g_caSslContext->pkey);
1470 mbedtls_x509_crl_init(&g_caSslContext->crl);
1472 #ifdef __WITH_DTLS__
1473 g_caSslContext->timerId = -1;
1476 ca_mutex_unlock(g_sslContextMutex);
1477 #ifdef __WITH_DTLS__
1481 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1482 return CA_STATUS_OK;
1485 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
1487 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1488 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
1491 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
1492 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1495 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
1496 if (NULL == message)
1498 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1499 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1503 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
1504 if (NULL == message->data)
1506 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
1508 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1511 memcpy(message->data, data, dataLen);
1512 message->len = dataLen;
1513 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1517 /* Send data via TLS connection.
1519 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
1520 void *data, uint32_t dataLen)
1524 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s ", __func__);
1526 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
1527 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
1528 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
1532 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
1533 return CA_STATUS_FAILED;
1536 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
1538 ca_mutex_lock(g_sslContextMutex);
1539 if(NULL == g_caSslContext)
1541 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1542 ca_mutex_unlock(g_sslContextMutex);
1543 return CA_STATUS_FAILED;
1546 SslEndPoint_t * tep = GetSslPeer(endpoint);
1549 tep = InitiateTlsHandshake(endpoint);
1553 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
1554 ca_mutex_unlock(g_sslContextMutex);
1555 return CA_STATUS_FAILED;
1558 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1560 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) data, dataLen);
1564 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write returned %d", ret);
1565 RemovePeerFromList(&tep->sep.endpoint);
1566 ca_mutex_unlock(g_sslContextMutex);
1567 return CA_STATUS_FAILED;
1572 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
1573 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
1575 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1576 ca_mutex_unlock(g_sslContextMutex);
1577 return CA_STATUS_FAILED;
1581 ca_mutex_unlock(g_sslContextMutex);
1583 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1584 return CA_STATUS_OK;
1587 * Sends cached messages via TLS connection.
1589 * @param[in] tep remote address with session info
1591 static void SendCacheMessages(SslEndPoint_t * tep)
1593 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1594 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
1596 uint32_t listIndex = 0;
1597 uint32_t listLength = 0;
1598 listLength = u_arraylist_length(tep->cacheList);
1599 for (listIndex = 0; listIndex < listLength;)
1602 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
1603 if (NULL != msg && NULL != msg->data && 0 != msg->len)
1607 ret = mbedtls_ssl_write(&tep->ssl, (unsigned char *) msg->data, msg->len);
1609 while(MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1613 OIC_LOG_V(ERROR, NET_SSL_TAG,"mbedTLS write returned %d", ret );
1615 if (u_arraylist_remove(tep->cacheList, listIndex))
1617 DeleteCacheMessage(msg);
1618 // Reduce list length by 1 as we removed one element.
1623 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
1629 // Move to the next element
1633 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1636 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
1638 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1639 g_sslCallback = tlsHandshakeCallback;
1640 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1643 /* Read data from TLS connection
1645 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
1648 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1649 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1650 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
1652 ca_mutex_lock(g_sslContextMutex);
1653 if (NULL == g_caSslContext)
1655 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1656 ca_mutex_unlock(g_sslContextMutex);
1657 return CA_STATUS_FAILED;
1661 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
1664 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ?
1665 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1666 peer = NewSslEndPoint(&sep->endpoint, config);
1669 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1670 ca_mutex_unlock(g_sslContextMutex);
1671 return CA_STATUS_FAILED;
1673 //Load allowed TLS suites from SVR DB
1674 SetupCipher(config, sep->endpoint.adapter);
1676 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
1679 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1681 ca_mutex_unlock(g_sslContextMutex);
1682 return CA_STATUS_FAILED;
1686 peer->recBuf.buff = data;
1687 peer->recBuf.len = dataLen;
1688 peer->recBuf.loaded = 0;
1690 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
1692 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1693 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1698 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
1700 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
1701 mbedtls_ssl_session_reset(&peer->ssl);
1702 mbedtls_ssl_set_client_transport_id(&peer->ssl,
1703 (const unsigned char *) sep->endpoint.addr,
1704 sizeof(sep->endpoint.addr));
1705 ret = mbedtls_ssl_handshake_step(&peer->ssl);
1707 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
1710 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
1711 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
1712 CA_STATUS_FAILED, GetAlertCode(flags));
1714 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1715 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
1717 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
1718 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
1720 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
1722 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
1725 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1727 SSL_RES(peer, CA_STATUS_OK);
1728 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
1730 SendCacheMessages(peer);
1733 if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher ||
1734 MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA == g_caSslContext->selectedCipher)
1736 char uuid[UUID_LENGTH * 2 + 5] = {0};
1737 void * uuidPos = NULL;
1738 void * userIdPos = NULL;
1739 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
1740 ret = (NULL == peerCert ? -1 : 0);
1741 SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
1742 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
1743 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1744 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
1746 if (NULL != uuidPos)
1748 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1749 ret = OCConvertStringToUuid(uuid, peer->sep.identity.id);
1750 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
1751 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1755 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
1758 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
1759 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
1760 if (NULL != userIdPos)
1762 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
1763 ret = OCConvertStringToUuid(uuid, peer->sep.userId.id);
1764 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
1765 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
1769 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
1773 ca_mutex_unlock(g_sslContextMutex);
1774 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1775 return CA_STATUS_OK;
1779 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
1781 uint8_t decryptBuffer[TLS_MSG_BUF_LEN] = {0};
1784 ret = mbedtls_ssl_read(&peer->ssl, decryptBuffer, TLS_MSG_BUF_LEN);
1785 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
1787 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
1788 // TinyDTLS sends fatal close_notify alert
1789 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
1790 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
1791 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
1793 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
1794 SSL_CLOSE_NOTIFY(peer, ret);
1795 RemovePeerFromList(&peer->sep.endpoint);
1796 ca_mutex_unlock(g_sslContextMutex);
1797 return CA_STATUS_OK;
1802 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
1803 //SSL_RES(peer, CA_STATUS_FAILED);
1804 RemovePeerFromList(&peer->sep.endpoint);
1805 ca_mutex_unlock(g_sslContextMutex);
1806 return CA_STATUS_FAILED;
1808 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
1809 if (0 == adapterIndex || adapterIndex == 1)
1811 g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep, decryptBuffer, ret);
1815 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
1816 RemovePeerFromList(&peer->sep.endpoint);
1817 ca_mutex_unlock(g_sslContextMutex);
1818 return CA_STATUS_FAILED;
1822 ca_mutex_unlock(g_sslContextMutex);
1823 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1824 return CA_STATUS_OK;
1827 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
1828 CAPacketSendCallback sendCallback,
1829 CATransportAdapter_t type)
1831 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1832 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
1833 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
1834 ca_mutex_lock(g_sslContextMutex);
1835 if (NULL == g_caSslContext)
1837 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1838 ca_mutex_unlock(g_sslContextMutex);
1842 // if (MAX_SUPPORTED_ADAPTERS > type)
1847 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
1848 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
1850 case CA_ADAPTER_TCP:
1851 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
1852 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
1855 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
1859 ca_mutex_unlock(g_sslContextMutex);
1860 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1863 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
1865 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1866 VERIFY_NON_NULL_RET(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null", CA_STATUS_FAILED);
1867 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1870 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA:
1873 //todo check that Cred with RSA cert exists
1874 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1875 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1876 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1877 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1879 #ifdef __WITH_DTLS__
1880 //todo check that Cred with RSA cert exists
1881 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1882 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1883 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1884 tlsCipher[ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA]);
1886 g_caSslContext->cipher = ADAPTER_TLS_RSA_WITH_AES_256_CBC_SHA;
1889 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
1891 if (false == g_caSslContext->cipherFlag[1])
1893 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1894 return CA_STATUS_FAILED;
1897 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1898 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1899 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1900 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1902 #ifdef __WITH_DTLS__
1903 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1904 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1905 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1906 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8]);
1908 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8;
1911 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
1914 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1915 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1916 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1917 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1919 #ifdef __WITH_DTLS__
1920 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1921 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1922 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1923 tlsCipher[ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256]);
1925 g_caSslContext->cipher = ADAPTER_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA_256;
1928 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
1931 if (false == g_caSslContext->cipherFlag[0])
1933 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for PSK");
1934 return CA_STATUS_FAILED;
1938 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1939 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1940 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1941 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1943 #ifdef __WITH_DTLS__
1944 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1945 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1946 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1947 tlsCipher[ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256]);
1949 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1952 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
1954 if (false == g_caSslContext->cipherFlag[1])
1956 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1957 return CA_STATUS_FAILED;
1960 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1961 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM]);
1962 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1963 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM]);
1965 #ifdef __WITH_DTLS__
1966 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1967 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM]);
1968 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1969 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM]);
1971 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CCM;
1974 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
1976 if (false == g_caSslContext->cipherFlag[1])
1978 OIC_LOG(ERROR, NET_SSL_TAG, "No Credential for ECC");
1979 return CA_STATUS_FAILED;
1982 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientTlsConf,
1983 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]);
1984 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverTlsConf,
1985 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]);
1987 #ifdef __WITH_DTLS__
1988 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->clientDtlsConf,
1989 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]);
1990 mbedtls_ssl_conf_ciphersuites(&g_caSslContext->serverDtlsConf,
1991 tlsCipher[ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256]);
1993 g_caSslContext->cipher = ADAPTER_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
1998 OIC_LOG(ERROR, NET_SSL_TAG, "Unknown cipher");
1999 return CA_STATUS_FAILED;
2002 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
2003 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2004 return CA_STATUS_OK;
2007 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
2009 CAResult_t res = CA_STATUS_OK;
2010 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2011 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2012 ca_mutex_lock(g_sslContextMutex);
2013 if (NULL == InitiateTlsHandshake(endpoint))
2015 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2016 res = CA_STATUS_FAILED;
2018 ca_mutex_unlock(g_sslContextMutex);
2019 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2023 * Expands the secret into blocks of data according
2024 * to the algorithm specified in section 5 of RFC 4346
2026 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2028 * @param key secret key.
2029 * @param keyLen secret key length.
2030 * @param label A PRF label.
2031 * @param labelLen Actual length of @p label.
2032 * @param random1 Random seed.
2033 * @param random1Len Actual length of @p random1 (may be zero).
2034 * @param random2 Random seed.
2035 * @param random2Len Actual length of @p random2 (may be zero).
2036 * @param buf Output buffer for generated random data.
2037 * @param bufLen Maximum size of @p buf.
2039 * @return The actual number of bytes written to @p buf or @c -1 on error.
2042 static int pHash (const unsigned char *key, size_t keyLen,
2043 const unsigned char *label, size_t labelLen,
2044 const unsigned char *random1, size_t random1Len,
2045 const unsigned char *random2, size_t random2Len,
2046 unsigned char *buf, size_t bufLen)
2048 unsigned char A[RANDOM_LEN] = {0};
2049 unsigned char tmp[RANDOM_LEN] = {0};
2050 size_t dLen; /* digest length */
2051 size_t len = 0; /* result length */
2053 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2054 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2055 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2056 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2057 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2059 mbedtls_md_context_t hmacA;
2060 mbedtls_md_context_t hmacP;
2062 mbedtls_md_init(&hmacA);
2063 mbedtls_md_init(&hmacP);
2065 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2066 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2068 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2069 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2070 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2071 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2072 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2076 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2078 while (len + dLen < bufLen)
2080 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2081 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2082 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2083 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2084 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2085 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2087 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2091 memcpy(buf, tmp, dLen);
2094 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2095 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2096 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2097 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2100 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2101 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2102 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2104 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2105 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2106 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2107 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2109 memcpy(buf, tmp, bufLen - len);
2111 mbedtls_md_free(&hmacA);
2112 mbedtls_md_free(&hmacP);
2116 mbedtls_md_free(&hmacA);
2117 mbedtls_md_free(&hmacP);
2121 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2122 const uint8_t* label, const size_t labelLen,
2123 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2124 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2125 uint8_t* ownerPsk, const size_t ownerPskSize)
2127 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2128 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2129 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2130 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2131 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2132 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2134 // TODO: Added as workaround, need to debug
2135 ca_mutex_unlock(g_sslContextMutex);
2137 ca_mutex_lock(g_sslContextMutex);
2138 if (NULL == g_caSslContext)
2140 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2141 ca_mutex_unlock(g_sslContextMutex);
2142 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2143 return CA_STATUS_FAILED;
2145 SslEndPoint_t * tep = GetSslPeer(endpoint);
2148 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2149 ca_mutex_unlock(g_sslContextMutex);
2150 return CA_STATUS_FAILED;
2153 uint8_t keyblock[KEY_BLOCK_LEN] = {0};
2155 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2156 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2157 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2158 keyblock, KEY_BLOCK_LEN);
2161 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2162 ca_mutex_unlock(g_sslContextMutex);
2163 return CA_STATUS_FAILED;
2165 ret = pHash(keyblock, sizeof(keyblock), label, labelLen,
2166 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2167 provServerDeviceId, provServerDeviceIdLen,
2168 ownerPsk, ownerPskSize);
2171 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2172 ca_mutex_unlock(g_sslContextMutex);
2173 return CA_STATUS_FAILED;
2176 ca_mutex_unlock(g_sslContextMutex);
2178 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2179 return CA_STATUS_OK;