1 /******************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
21 #define MBEDTLS_SSL_SRV_RESPECT_CLIENT_PREFERENCE
30 #include "ca_adapter_net_ssl.h"
32 #include "caadapterutils.h"
33 #include "cainterface.h"
34 #include "caipinterface.h"
35 #include "oic_malloc.h"
37 #include "byte_array.h"
43 // headers required for mbed TLS
44 #include "mbedtls/platform.h"
45 #include "mbedtls/ssl.h"
46 #include "mbedtls/entropy.h"
47 #include "mbedtls/ctr_drbg.h"
48 #include "mbedtls/pkcs12.h"
49 #include "mbedtls/ssl_internal.h"
50 #include "mbedtls/net.h"
52 #include "mbedtls/timing.h"
53 #include "mbedtls/ssl_cookie.h"
55 #include "pkix_interface.h"
57 #if !defined(NDEBUG) || defined(TB_LOG)
58 #include "mbedtls/debug.h"
59 #include "mbedtls/version.h"
63 #include <sys/types.h>
71 * @def MBED_TLS_VERSION_LEN
72 * @brief mbedTLS version string length
74 #define MBED_TLS_VERSION_LEN (16)
77 * @brief Seed for initialization RNG
79 #define SEED "IOTIVITY_RND"
82 * @brief uuid prefix in certificate subject field
84 #define UUID_PREFIX "uuid:"
87 * @brief userid prefix in certificate alternative subject name field
89 #define USERID_PREFIX "userid:"
93 * @brief Logging tag for module name
95 #define NET_SSL_TAG "OIC_CA_NET_SSL"
98 * @brief Logging tag for mbedTLS library
100 #define MBED_TLS_TAG "MBED_TLS"
102 * @def MMBED_TLS_DEBUG_LEVEL
103 * @brief Logging level for mbedTLS library
105 #define MBED_TLS_DEBUG_LEVEL (4)
108 * @def TLS_MSG_BUF_LEN
109 * @brief Buffer size for TLS record. A single TLS record may be up to 16384 octets in length
111 #if defined (__TIZENRT__)
112 #define TLS_MSG_BUF_LEN (2048)
114 #define TLS_MSG_BUF_LEN (16384)
119 * @brief PSK keys max length
121 #define PSK_LENGTH (256/8)
123 * @def UUID_LENGTHPSK_LENGTH
124 * @brief Identity max length
126 #define UUID_LENGTH (128/8)
128 * @def MASTER_SECRET_LEN
129 * @brief TLS master secret length
131 #define MASTER_SECRET_LEN (48)
134 * @brief TLS client and server random bytes length
136 #define RANDOM_LEN (32)
138 * @def SHA384_MAC_KEY_LENGTH
139 * @brief MAC key length for SHA384 cipher suites
141 #define SHA384_MAC_KEY_LENGTH (48)
143 * @def SHA256_MAC_KEY_LENGTH
144 * @brief MAC key length for SHA256 cipher suites
146 #define SHA256_MAC_KEY_LENGTH (32)
148 * @def CCM_MAC_KEY_LENGTH
149 * @brief MAC key length for CCM cipher suites
151 #define CCM_MAC_KEY_LENGTH (0)
153 * @def AES256_KEY_LENGTH
154 * @brief key material length for AES256 cipher suites
156 #define AES256_KEY_LENGTH (32)
158 * @def AES128_KEY_LENGTH
159 * @brief key material length for AES128 cipher suites
161 #define AES128_KEY_LENGTH (16)
164 * @brief length of nonce for GCM cipher suites
166 #define GCM_IV_LENGTH (12)
169 * @brief length of nonce for CCM cipher suites
171 #define CCM_IV_LENGTH (4)
174 * @brief length of nonce for CBC cipher suites
176 #define CBC_IV_LENGTH (0)
179 * @var RETRANSMISSION_TIME
180 * @brief Maximum timeout value (in seconds) to start DTLS retransmission.
182 #define RETRANSMISSION_TIME 1
184 /**@def SSL_CLOSE_NOTIFY(peer, ret)
186 * Notifies of existing \a peer about closing TLS connection.
188 * @param[in] peer remote peer
189 * @param[in] ret used internaly
191 #define SSL_CLOSE_NOTIFY(peer, ret) \
194 (ret) = mbedtls_ssl_close_notify(&(peer)->ssl); \
195 } while (MBEDTLS_ERR_SSL_WANT_WRITE == (ret))
197 /**@def SSL_RES(peer, status)
199 * Sets SSL result for callback.
201 * @param[in] peer remote peer
203 #define SSL_RES(peer, status) \
206 CAErrorInfo_t errorInfo; \
207 errorInfo.result = (status); \
208 g_sslCallback(&(peer)->sep.endpoint, &errorInfo); \
210 /**@def SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg)
212 * Checks handshake result and send alert if needed.
214 * @param[in] peer remote peer
215 * @param[in] ret error code
216 * @param[in] str debug string
217 * @param[in] mutex ca mutex
218 * @param[in] error if code does not equal to -1 returns error code
219 * @param[in] msg allert message
221 #define SSL_CHECK_FAIL(peer, ret, str, mutex, error, msg) \
222 if (0 != (ret) && MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY != (int) (ret) && \
223 MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED != (int) (ret) && \
224 MBEDTLS_ERR_SSL_WANT_READ != (int) (ret) && \
225 MBEDTLS_ERR_SSL_WANT_WRITE != (int) (ret) && \
226 MBEDTLS_ERR_SSL_NON_FATAL != (int) (ret) && \
227 MBEDTLS_SSL_ALERT_MSG_USER_CANCELED != (int) (ret) && \
228 MBEDTLS_SSL_ALERT_MSG_NO_RENEGOTIATION != (int) (ret) && \
229 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_EXT != (int) (ret) && \
230 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY != (int) (ret) && \
231 MBEDTLS_SSL_ALERT_MSG_NO_CERT != (int) (ret) && \
232 MBEDTLS_SSL_ALERT_MSG_BAD_CERT != (int) (ret) && \
233 MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT != (int) (ret) && \
234 MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED != (int) (ret) && \
235 MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED != (int) (ret) && \
236 MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN != (int) (ret) && \
237 MBEDTLS_SSL_ALERT_MSG_INAPROPRIATE_FALLBACK != (int) (ret) && \
238 MBEDTLS_SSL_ALERT_MSG_UNRECOGNIZED_NAME != (int) (ret) && \
239 MBEDTLS_SSL_ALERT_MSG_UNKNOWN_PSK_IDENTITY != (int) (ret) && \
240 MBEDTLS_SSL_ALERT_MSG_NO_APPLICATION_PROTOCOL != (int) (ret)) \
242 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s: -0x%x", (str), -(ret)); \
243 if ((int) MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE != (int) (ret) && \
244 (int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int) (ret)) \
246 mbedtls_ssl_send_alert_message(&(peer)->ssl, MBEDTLS_SSL_ALERT_LEVEL_FATAL, (msg)); \
248 RemovePeerFromList(&(peer)->sep.endpoint); \
251 oc_mutex_unlock(g_sslContextMutex); \
253 if ((int) MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO != (int)(ret)) \
255 SSL_RES((peer), CA_DTLS_AUTHENTICATION_FAILURE); \
257 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__); \
258 if (-1 != (intptr_t)error) \
264 /**@def CONF_SSL(clientConf, serverConf, fn, ...)
266 * Calls \a fn for \a clientConf and \a serverConf.
269 #define CONF_SSL(clientConf, serverConf, fn, ...) do { \
270 fn((clientConf), __VA_ARGS__); \
271 fn((serverConf), __VA_ARGS__); \
274 /** @def CHECK_MBEDTLS_RET(f, ...)
275 * A macro that checks \a f function return code
277 * If function returns error code it goes to error processing.
279 * @param[in] f Function to call
281 #define CHECK_MBEDTLS_RET(f, ...) do { \
282 int ret = (f)(__VA_ARGS__); \
284 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s returned -0x%04x\n", __func__, -(ret)); \
290 SSL_RSA_WITH_AES_256_CBC_SHA256,
291 SSL_RSA_WITH_AES_128_GCM_SHA256,
292 SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
293 SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
294 SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
295 SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8,
296 SSL_ECDHE_ECDSA_WITH_AES_128_CCM,
297 SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
298 SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384,
299 SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
300 SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
301 SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
302 SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256,
308 ADAPTER_CURVE_SECP256R1,
312 static const int tlsCipher[SSL_CIPHER_MAX][2] =
314 {MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256, 0},
315 {MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256, 0},
316 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, 0},
317 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 0},
318 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, 0},
319 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, 0},
320 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM, 0},
321 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, 0},
322 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, 0},
323 {MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, 0},
324 {MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, 0},
325 {MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, 0},
326 {MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256, 0}
329 static int g_cipherSuitesList[SSL_CIPHER_MAX];
331 static int g_ssl_ordered_default_hashes[] = {
332 #if defined(MBEDTLS_SHA256_C)
336 #if defined(MBEDTLS_SHA1_C)
342 mbedtls_ecp_group_id curve[ADAPTER_CURVE_MAX][2] =
344 {MBEDTLS_ECP_DP_SECP256R1, MBEDTLS_ECP_DP_NONE}
347 static PkiInfo_t g_pkiInfo = {{NULL, 0}, {NULL, 0}, {NULL, 0}, {NULL, 0}};
354 static const CrtVerifyAlert_t crtVerifyAlerts[] = {
355 {MBEDTLS_X509_BADCERT_EXPIRED, MBEDTLS_SSL_ALERT_MSG_CERT_EXPIRED},
356 {MBEDTLS_X509_BADCERT_REVOKED, MBEDTLS_SSL_ALERT_MSG_CERT_REVOKED},
357 {MBEDTLS_X509_BADCERT_CN_MISMATCH, MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN},
358 {MBEDTLS_X509_BADCERT_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
359 {MBEDTLS_X509_BADCRL_NOT_TRUSTED, MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA},
360 {MBEDTLS_X509_BADCRL_EXPIRED, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
361 {MBEDTLS_X509_BADCERT_MISSING, MBEDTLS_SSL_ALERT_MSG_NO_CERT},
362 {MBEDTLS_X509_BADCERT_SKIP_VERIFY, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
363 {MBEDTLS_X509_BADCERT_OTHER, MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR},
364 {MBEDTLS_X509_BADCERT_FUTURE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
365 {MBEDTLS_X509_BADCRL_FUTURE, MBEDTLS_SSL_ALERT_MSG_INSUFFICIENT_SECURITY},
366 {MBEDTLS_X509_BADCERT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
367 {MBEDTLS_X509_BADCERT_EXT_KEY_USAGE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
368 {MBEDTLS_X509_BADCERT_NS_CERT_TYPE, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
369 {MBEDTLS_X509_BADCERT_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
370 {MBEDTLS_X509_BADCERT_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
371 {MBEDTLS_X509_BADCERT_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
372 {MBEDTLS_X509_BADCRL_BAD_MD, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
373 {MBEDTLS_X509_BADCRL_BAD_PK, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
374 {MBEDTLS_X509_BADCRL_BAD_KEY, MBEDTLS_SSL_ALERT_MSG_BAD_CERT},
378 static int GetAlertCode(uint32_t flags)
380 const CrtVerifyAlert_t *cur;
382 for (cur = crtVerifyAlerts; cur->alert != 0 ; cur++)
384 if (flags & cur->code)
392 #if !defined(NDEBUG) || defined(TB_LOG)
394 * Pass a message to the OIC logger.
396 * @param[in] ctx opaque context for the callback
397 * @param[in] level debug level
398 * @param[in] file file name
399 * @param[in] line line number
400 * @param[in] str message
402 static void DebugSsl(void *ctx, int level, const char *file, int line, const char *str)
409 OIC_LOG_V(DEBUG, MBED_TLS_TAG, "%s", str);
413 #if defined(_WIN32) || defined (__TIZENRT__)
415 * Finds the first occurrence of the byte string s in byte string l.
418 static void * memmem(const void *l, size_t lLen, const void *s, size_t sLen)
422 const char *cl = (const char *)l;
423 const char *cs = (const char *)s;
425 if (lLen == 0 || sLen == 0)
435 return (void *)memchr(l, (int)*cs, lLen);
438 last = (char *)cl + lLen - sLen;
440 for (cur = (char *)cl; cur <= last; cur++)
442 if (cur[0] == cs[0] && memcmp(cur, cs, sLen) == 0)
451 * structure to holds the information of cache message and address info.
453 typedef ByteArray_t SslCacheMessage_t;
457 * Data structure for holding the send and recv callbacks.
459 typedef struct TlsCallBacks
461 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
462 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
466 * Data structure for holding the mbedTLS interface related info.
468 typedef struct SslContext
470 u_arraylist_t *peerList; /**< peer list which holds the mapping between
471 peer id, it's n/w address and mbedTLS context. */
472 mbedtls_entropy_context entropy;
473 mbedtls_ctr_drbg_context rnd;
475 mbedtls_x509_crt crt;
476 mbedtls_pk_context pkey;
478 mbedtls_ssl_config clientTlsConf;
479 mbedtls_ssl_config serverTlsConf;
480 mbedtls_ssl_config clientDtlsConf;
481 mbedtls_ssl_config serverDtlsConf;
484 SslCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
485 mbedtls_x509_crl crl;
490 mbedtls_ssl_cookie_ctx cookieCtx;
496 * @var g_caSslContext
497 * @brief global context which holds tls context and cache list information.
499 static SslContext_t * g_caSslContext = NULL;
501 static SslExportKeysCallback_t gTlsExportKeysCallback = NULL;
503 static SslExportKeysCallback_t gDtlsExportKeysCallback = NULL;
506 * @var g_getCredentialsCallback
507 * @brief callback to get TLS credentials (same as for DTLS)
509 static CAgetPskCredentialsHandler g_getCredentialsCallback = NULL;
511 * @var g_getCerdentilTypesCallback
512 * @brief callback to get different credential types from SRM
514 static CAgetCredentialTypesHandler g_getCredentialTypesCallback = NULL;
516 * @var g_getPkixInfoCallback
518 * @brief callback to get X.509-based Public Key Infrastructure
520 static CAgetPkixInfoHandler g_getPkixInfoCallback = NULL;
523 * Callback to inform in case of client's certificate absence
525 static CertificateVerificationCallback_t g_CertificateVerificationCallback = NULL;
528 * @var g_setupPkContextCallback
530 * @brief callback to setup PK context handler for H/W based Public Key Infrastructure
532 static CAsetupPkContextHandler g_setupPkContextCallback = NULL;
535 * @var g_dtlsContextMutex
536 * @brief Mutex to synchronize access to g_caSslContext.
538 static oc_mutex g_sslContextMutex = NULL;
542 * @brief callback to deliver the TLS handshake result
544 static CAErrorCallback g_sslCallback = NULL;
547 * Data structure for PeerCertCallback.
553 } PeerCertCallback_t;
556 * @var g_peerCertCallback
558 * @brief callback to utilize peer certificate information
560 static PeerCertCallback_t g_peerCertCallback = {NULL, NULL};
563 * @var g_decryptBuffer
564 * @brief decrypt buffer which will be used for decryption
566 static uint8_t *g_decryptBuffer = NULL;
569 * Data structure for holding the data to be received.
571 typedef struct SslRecBuf
578 * Data structure for holding the data related to endpoint
581 typedef struct SslEndPoint
583 mbedtls_ssl_context ssl;
584 CASecureEndpoint_t sep;
585 u_arraylist_t * cacheList;
587 uint8_t master[MASTER_SECRET_LEN];
588 uint8_t random[2*RANDOM_LEN];
590 mbedtls_timing_delay_context timer;
591 #endif // __WITH_DTLS__
594 void CAsetPskCredentialsCallback(CAgetPskCredentialsHandler credCallback)
596 // TODO Does this method needs protection of tlsContextMutex?
597 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
598 g_getCredentialsCallback = credCallback;
599 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
602 void CAsetPkixInfoCallback(CAgetPkixInfoHandler infoCallback)
604 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
605 g_getPkixInfoCallback = infoCallback;
606 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
609 void CAsetSetupPkContextCallback(CAsetupPkContextHandler setupPkCtxCallback)
611 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
612 g_setupPkContextCallback = setupPkCtxCallback;
613 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
616 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback)
618 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
619 g_getCredentialTypesCallback = credTypesCallback;
620 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
623 void CAsetCertificateVerificationCallback(CertificateVerificationCallback_t certVerifyStatusCallback)
625 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
626 g_CertificateVerificationCallback = certVerifyStatusCallback;
627 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
630 void CAunsetCertificateVerificationCallback()
632 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
633 g_CertificateVerificationCallback = NULL;
634 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
637 static int GetAdapterIndex(CATransportAdapter_t adapter)
645 case CA_ADAPTER_GATT_BTLE:
648 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
655 * @param[in] tep TLS endpoint
656 * @param[in] data message
657 * @param[in] dataLen message length
659 * @return message length or -1 on error.
661 static int SendCallBack(void * tep, const unsigned char * data, size_t dataLen)
663 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
664 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "secure endpoint is NULL", -1);
665 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", -1);
666 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
667 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data len: %zu", dataLen);
668 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Adapter: %u", ((SslEndPoint_t * )tep)->sep.endpoint.adapter);
670 int adapterIndex = GetAdapterIndex(((SslEndPoint_t * )tep)->sep.endpoint.adapter);
671 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
673 CAPacketSendCallback sendCallback = g_caSslContext->adapterCallbacks[adapterIndex].sendCallback;
674 sentLen = sendCallback(&(((SslEndPoint_t * )tep)->sep.endpoint), (const void *) data, dataLen);
677 OIC_LOG_V(ERROR, NET_SSL_TAG, "sendCallback() is Failed(%zd)", sentLen);
680 else if ((size_t)sentLen != dataLen)
682 OIC_LOG_V(DEBUG, NET_SSL_TAG,
683 "Packet was partially sent - total/sent/remained bytes : %zd/%zu/%zu",
684 sentLen, dataLen, (dataLen - sentLen));
689 OIC_LOG(ERROR, NET_SSL_TAG, "Unsupported adapter");
693 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
699 * @param[in] tep TLS endpoint
700 * @param[in] data message
701 * @param[in] dataLen message length
703 * @return read length
705 static int RecvCallBack(void * tep, unsigned char * data, size_t dataLen)
707 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
708 VERIFY_NON_NULL_RET(tep, NET_SSL_TAG, "endpoint is NULL", 0);
709 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "data is NULL", 0);
711 SslRecBuf_t *recBuf = &((SslEndPoint_t *)tep)->recBuf;
712 size_t retLen = (recBuf->len > recBuf->loaded ? recBuf->len - recBuf->loaded : 0);
713 retLen = (retLen < dataLen ? retLen : dataLen);
715 memcpy(data, recBuf->buff + recBuf->loaded, retLen);
716 recBuf->loaded += retLen;
718 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
722 static int CASslExportKeysHandler(void *p_expkey,
723 const unsigned char *ms,
724 const unsigned char *kb,
729 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
731 if (NULL == g_caSslContext)
733 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
734 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
736 if (NULL == p_expkey)
738 OIC_LOG(ERROR, NET_SSL_TAG, "Can not find the protocol information from 'p_expkey'.");
739 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
742 CASslEkcbProtocol_t* protocol = (CASslEkcbProtocol_t*)p_expkey;
744 if (gTlsExportKeysCallback && CA_SSL_EKCB_TLS == (*protocol))
746 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking TLS export key callback.");
747 gTlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
749 else if (gDtlsExportKeysCallback && CA_SSL_EKCB_DTLS == (*protocol))
751 OIC_LOG(DEBUG, NET_SSL_TAG, "Invoking DTLS export key callback.");
752 gDtlsExportKeysCallback(ms, kb, maclen, keylen, ivlen);
756 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to Invoke (D)TLS export key callback.");
757 return MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE;
760 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
764 CAResult_t CASetSslExportKeysCallback(SslExportKeysCallback_t exportKeysCb,
765 CASslEkcbProtocol_t protocol, CASslEkcbRole_t role)
767 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
768 mbedtls_ssl_config* sslConf = NULL;
769 static CASslEkcbProtocol_t protocolCtx = CA_SSL_EKCB_TLS;
771 if (CA_SSL_EKCB_TLS != protocol && CA_SSL_EKCB_DTLS != protocol)
773 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild protocol.");
774 return CA_STATUS_INVALID_PARAM;
776 if (CA_SSL_EKCB_CLIENT != role && CA_SSL_EKCB_SERVER != role)
778 OIC_LOG(ERROR, NET_SSL_TAG, "Invaild role.");
779 return CA_STATUS_INVALID_PARAM;
782 OIC_LOG_V(DEBUG, NET_SSL_TAG, "TLS Export Key Callback Type : [%s] [%s]",
783 (CA_SSL_EKCB_TLS == protocol ? "TLS" : "DTLS"),
784 (CA_SSL_EKCB_CLIENT == role ? "Client" : "Server"));
786 oc_mutex_lock(g_sslContextMutex);
787 if (NULL == g_caSslContext)
789 OIC_LOG(ERROR, NET_SSL_TAG, "SSL Context is not initialized.");
790 oc_mutex_unlock(g_sslContextMutex);
791 return CA_STATUS_NOT_INITIALIZED;
794 if (CA_SSL_EKCB_TLS == protocol)
796 gTlsExportKeysCallback = exportKeysCb;
797 if (CA_SSL_EKCB_CLIENT == role)
799 sslConf = &g_caSslContext->clientTlsConf;
803 sslConf = &g_caSslContext->serverTlsConf;
808 gDtlsExportKeysCallback = exportKeysCb;
809 if (CA_SSL_EKCB_CLIENT == role)
811 sslConf = &g_caSslContext->clientDtlsConf;
815 sslConf = &g_caSslContext->serverDtlsConf;
818 protocolCtx = protocol;
820 if (NULL == exportKeysCb)
822 mbedtls_ssl_conf_export_keys_cb(sslConf, NULL, NULL);
823 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback unregistered.");
827 mbedtls_ssl_conf_export_keys_cb(sslConf, CASslExportKeysHandler, (void*)(&protocolCtx));
828 OIC_LOG(DEBUG, NET_SSL_TAG, "Export key callback registered.");
830 oc_mutex_unlock(g_sslContextMutex);
832 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
838 * Parse chain of X.509 certificates.
840 * @param[out] crt container for X.509 certificates
841 * @param[in] data buffer with X.509 certificates. Certificates may be in either in PEM
842 or DER format in a jumble, delimiting symbols does not matter.
843 * @param[in] bufLen buffer length
844 * @param[in] errNum number certificates that failed to parse
846 * @return number of successfully parsed certificates or -1 on error
848 static int ParseChain(mbedtls_x509_crt * crt, unsigned char * buf, size_t bufLen, int * errNum)
850 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
851 VERIFY_NON_NULL_RET(crt, NET_SSL_TAG, "Param crt is NULL" , -1);
852 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "Param buf is NULL" , -1);
854 char pemCertHeader[] = {
855 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43, 0x45, 0x52,
856 0x54, 0x49, 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
858 char pemCertFooter[] = {
859 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x45, 0x4e, 0x44, 0x20, 0x43, 0x45, 0x52, 0x54, 0x49,
860 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d, 0x2d, 0x2d, 0x2d, 0x2d
862 size_t pemCertHeaderLen = sizeof(pemCertHeader);
863 size_t pemCertFooterLen = sizeof(pemCertFooter);
866 unsigned char * tmp = NULL;
874 if (buf[pos] == 0x30 && buf[pos + 1] == 0x82)
876 tmp = (unsigned char *)buf + pos + 1;
877 CHECK_MBEDTLS_RET(mbedtls_asn1_get_len, &tmp, buf + bufLen, &len);
878 if (pos + len < bufLen)
880 ret = mbedtls_x509_crt_parse_der(crt, buf + pos, len + 4);
888 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse_der returned -0x%04x\n", -(ret));
893 else if ((buf + pos + pemCertHeaderLen < buf + bufLen) &&
894 (0 == memcmp(buf + pos, pemCertHeader, pemCertHeaderLen)))
896 void * endPos = NULL;
897 endPos = memmem(&(buf[pos]), bufLen - pos, pemCertFooter, pemCertFooterLen);
900 OIC_LOG(ERROR, NET_SSL_TAG, "Error: end of PEM certificate not found.");
901 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
904 len = (char*)endPos - ((char*)buf + pos) + pemCertFooterLen;
905 if (pos + len + 1 <= bufLen)
907 char con = buf[pos + len];
908 buf[pos + len] = 0x00;
909 ret = mbedtls_x509_crt_parse(crt, buf + pos, len + 1);
917 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
919 buf[pos + len] = con;
923 unsigned char * lastCert = (unsigned char *)OICMalloc((len + 1) * sizeof(unsigned char));
924 memcpy(lastCert, buf + pos, len);
925 lastCert[len] = 0x00;
926 ret = mbedtls_x509_crt_parse(crt, lastCert, len + 1);
934 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_x509_crt_parse returned -0x%04x\n", -(ret));
945 OIC_LOG_V(INFO, NET_SSL_TAG, "%s successfully parsed %d certificates", __func__, count);
946 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
953 static int VerifyCertificateCallback(void *p_vrfy, mbedtls_x509_crt *crt, int depth,
957 char buf[1024] = {0};
959 if (0 != *flags) // Invalid Cerificate
962 ret = mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
965 OIC_LOG_V(ERROR, NET_SSL_TAG, "%s(%d)", buf, *flags);
970 if (NULL == g_peerCertCallback.cb)
972 OIC_LOG(DEBUG, NET_SSL_TAG, "NOT SET g_peerCertCallback");
978 * depth = 0 : Own Cert.
979 * depth = 1 : Sub CA Cert.
980 * depth = 2 : Root CA Cert.
982 OIC_LOG_V(INFO, NET_SSL_TAG, "Depth : %d", depth);
984 mbedtls_x509_crt_info(buf, sizeof(buf) - 1, "", crt);
985 OIC_LOG_V(DEBUG, NET_SSL_TAG, "crt : %s", buf);
987 return g_peerCertCallback.cb(g_peerCertCallback.ctx, crt, depth);
990 CAResult_t CAsetPeerCertCallback(void *ctx, PeerCertCallback peerCertCallback)
992 #ifndef __WITH_DTLS__
994 UNUSED(peerCertCallback);
995 OIC_LOG(ERROR, NET_SSL_TAG, "Not Supported");
996 return CA_NOT_SUPPORTED;
999 if (peerCertCallback)
1001 OIC_LOG(DEBUG, NET_SSL_TAG, "SET peerCertCallback");
1002 g_peerCertCallback.cb = peerCertCallback;
1003 g_peerCertCallback.ctx = ctx;
1007 OIC_LOG(DEBUG, NET_SSL_TAG, "UNSET peerCertCallback");
1008 g_peerCertCallback.cb = NULL;
1009 g_peerCertCallback.ctx = NULL;
1011 return CA_STATUS_OK;
1014 //Loads PKIX related information from SRM
1015 static int InitPKIX(CATransportAdapter_t adapter)
1017 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1018 VERIFY_NON_NULL_RET(g_getPkixInfoCallback, NET_SSL_TAG, "PKIX info callback is NULL", -1);
1019 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1021 mbedtls_x509_crt_free(&g_caSslContext->ca);
1022 mbedtls_x509_crt_free(&g_caSslContext->crt);
1023 mbedtls_pk_free(&g_caSslContext->pkey);
1024 mbedtls_x509_crl_free(&g_caSslContext->crl);
1026 mbedtls_x509_crt_init(&g_caSslContext->ca);
1027 mbedtls_x509_crt_init(&g_caSslContext->crt);
1028 mbedtls_pk_init(&g_caSslContext->pkey);
1029 mbedtls_x509_crl_init(&g_caSslContext->crl);
1031 mbedtls_ssl_config * serverConf = (adapter == CA_ADAPTER_IP ||
1032 adapter == CA_ADAPTER_GATT_BTLE ?
1033 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
1034 mbedtls_ssl_config * clientConf = (adapter == CA_ADAPTER_IP ||
1035 adapter == CA_ADAPTER_GATT_BTLE ?
1036 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1038 #ifdef __WITH_DTLS__
1040 * Conf. is initialized in CAinitSslAdapter()
1042 mbedtls_ssl_conf_verify(&g_caSslContext->clientDtlsConf, VerifyCertificateCallback, NULL);
1045 // load pk key, cert, trust chain and crl
1046 if (g_getPkixInfoCallback)
1048 OIC_LOG(INFO, NET_SSL_TAG, "g_getPkixInfoCallback will be invoked");
1049 g_getPkixInfoCallback(&g_pkiInfo);
1052 // parse own certficate (optional)
1055 int count = ParseChain(&g_caSslContext->crt, g_pkiInfo.crt.data, g_pkiInfo.crt.len, &errNum);
1058 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate chain parsing error");
1063 OIC_LOG_V(WARNING, NET_SSL_TAG, "Own certificate chain parsing error: %d certs failed to parse", errNum);
1067 // parse private key if hw is not supported (optional)
1068 if(NULL == g_setupPkContextCallback)
1070 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback is NULL");
1071 ret = mbedtls_pk_parse_key(&g_caSslContext->pkey, g_pkiInfo.key.data, g_pkiInfo.key.len,
1076 OIC_LOG(INFO, NET_SSL_TAG, "g_setupPkContextCallback will be invoked");
1077 // setup hw pk context (optional)
1078 ret = g_setupPkContextCallback(&g_caSslContext->pkey);
1081 // setup public parameter
1082 mbedtls_pk_type_t ktype = mbedtls_pk_get_type(&g_caSslContext->pkey);
1083 if (MBEDTLS_PK_ECKEY == ktype || MBEDTLS_PK_ECKEY_DH == ktype
1084 || MBEDTLS_PK_ECDSA == ktype)
1086 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Copy ecp public param from cert, keytype [%d]", ktype);
1087 mbedtls_ecp_keypair *eckey = (mbedtls_ecp_keypair*)g_caSslContext->crt.pk.pk_ctx;
1088 mbedtls_ecdsa_context *ecdsa = (mbedtls_ecdsa_context*)g_caSslContext->pkey.pk_ctx;
1091 ret = mbedtls_ecdsa_from_keypair(ecdsa, eckey);
1094 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to copy public param [0x%x]", ret);
1099 OIC_LOG_V(WARNING, NET_SSL_TAG, "key-ctx(%p), cert-ctx(%p)", ecdsa, eckey);
1105 OIC_LOG_V(INFO, NET_SSL_TAG, "loaded key is not one of eckey type [%d]", ktype);
1110 OIC_LOG_V(ERROR, NET_SSL_TAG, "Fail to call g_setupPkContextCallback [%d]", ret);
1115 OIC_LOG(WARNING, NET_SSL_TAG, "Key parsing error");
1119 ret = mbedtls_ssl_conf_own_cert(serverConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1122 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate parsing error");
1125 ret = mbedtls_ssl_conf_own_cert(clientConf, &g_caSslContext->crt, &g_caSslContext->pkey);
1128 OIC_LOG(WARNING, NET_SSL_TAG, "Own certificate configuration error");
1133 count = ParseChain(&g_caSslContext->ca, g_pkiInfo.ca.data, g_pkiInfo.ca.len, &errNum);
1136 OIC_LOG(WARNING, NET_SSL_TAG, "CA chain in svr db was not parsed");
1137 OIC_LOG(WARNING, NET_SSL_TAG, " but if working as server, chain not required");
1138 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1143 OIC_LOG_V(WARNING, NET_SSL_TAG, "CA chain parsing warning: %d certs failed to parse", errNum);
1146 ret = mbedtls_x509_crl_parse_der(&g_caSslContext->crl, g_pkiInfo.crl.data, g_pkiInfo.crl.len);
1149 OIC_LOG(WARNING, NET_SSL_TAG, "CRL in svr db was not parsed");
1150 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain, &g_caSslContext->ca, NULL);
1154 CONF_SSL(clientConf, serverConf, mbedtls_ssl_conf_ca_chain,
1155 &g_caSslContext->ca, &g_caSslContext->crl);
1158 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1165 * @param[in] notUsed opaque context
1166 * @param[in] ssl mbedTLS context
1167 * @param[in] desc identity
1168 * @param[in] descLen identity length
1170 * @return 0 on success any other return value will result in a denied PSK identity
1172 static int GetPskCredentialsCallback(void * notUsed, mbedtls_ssl_context * ssl,
1173 const unsigned char * desc, size_t descLen)
1175 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1176 VERIFY_NON_NULL_RET(g_getCredentialsCallback, NET_SSL_TAG, "Credential callback s NULL", -1);
1177 VERIFY_NON_NULL_RET(ssl, NET_SSL_TAG, "ssl pointer is NULL", -1);
1178 VERIFY_NON_NULL_RET(desc, NET_SSL_TAG, "desc pointer is NULL", -1);
1179 if (descLen > CA_MAX_ENDPOINT_IDENTITY_LEN)
1181 OIC_LOG(ERROR, NET_SSL_TAG, "desc too long!");
1185 uint8_t keyBuf[PSK_LENGTH] = {0};
1187 // Retrieve the credentials blob from security module
1188 int ret = g_getCredentialsCallback(CA_DTLS_PSK_KEY, desc, descLen, keyBuf, PSK_LENGTH);
1191 memcpy(((SslEndPoint_t *) ssl)->sep.identity.id, desc, descLen);
1192 ((SslEndPoint_t *) ssl)->sep.identity.id_length = descLen;
1193 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK:");
1194 OIC_LOG_BUFFER(DEBUG, NET_SSL_TAG, keyBuf, ret);
1196 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1197 return(mbedtls_ssl_set_hs_psk(ssl, keyBuf, ret));
1199 OIC_LOG_V(WARNING, NET_SSL_TAG, "Out %s", __func__);
1204 * Gets session corresponding for endpoint.
1206 * @param[in] peer remote address
1208 * @return TLS session or NULL
1210 static SslEndPoint_t *GetSslPeer(const CAEndpoint_t *peer)
1212 uint32_t listIndex = 0;
1213 uint32_t listLength = 0;
1214 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1215 VERIFY_NON_NULL_RET(peer, NET_SSL_TAG, "TLS peer is NULL", NULL);
1216 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1218 SslEndPoint_t *tep = NULL;
1219 listLength = u_arraylist_length(g_caSslContext->peerList);
1220 for (listIndex = 0; listIndex < listLength; listIndex++)
1222 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1228 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare [%s:%d] and [%s:%d] for %d adapter",
1229 peer->addr, peer->port, tep->sep.endpoint.addr, tep->sep.endpoint.port,
1232 if((peer->adapter == tep->sep.endpoint.adapter)
1233 && (0 == strncmp(peer->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA))
1234 && (peer->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == peer->adapter))
1236 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Found Peer:[%s:%d] for %d adapter",
1237 peer->addr, peer->port, peer->adapter);
1238 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1242 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1243 peer->addr, peer->port, peer->adapter);
1244 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1248 bool CAIsExistSslPeer(const CAEndpoint_t *peer)
1250 oc_mutex_lock(g_sslContextMutex);
1251 if (NULL == g_caSslContext)
1253 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1254 oc_mutex_unlock(g_sslContextMutex);
1258 if (GetSslPeer(peer))
1260 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Exist Peer");
1261 oc_mutex_unlock(g_sslContextMutex);
1266 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Not Exist Peer");
1267 oc_mutex_unlock(g_sslContextMutex);
1273 * Gets session corresponding for endpoint.
1275 * @param[in] peer remote address
1277 * @return TLS session or NULL
1279 static SslEndPoint_t *GetSslPeerUsingUuid(const uint8_t *identity, size_t idLength)
1281 uint32_t listIndex = 0;
1282 uint32_t listLength = 0;
1283 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1284 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL", NULL);
1285 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1287 OIC_LOG(INFO, NET_SSL_TAG, "[Target UUID]");
1288 OIC_LOG_BUFFER(INFO, NET_SSL_TAG, identity, idLength);
1290 SslEndPoint_t *tep = NULL;
1291 listLength = u_arraylist_length(g_caSslContext->peerList);
1292 for (listIndex = 0; listIndex < listLength; listIndex++)
1294 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1300 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Compare UUID for [%s:%d]",
1301 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1303 if ((tep->sep.identity.id_length == idLength)
1304 && (0 == memcmp(identity, tep->sep.identity.id, idLength)))
1306 OIC_LOG_V(INFO, NET_SSL_TAG, "Found matched UUID in [%s:%d]",
1307 tep->sep.endpoint.addr, tep->sep.endpoint.port);
1308 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1312 OIC_LOG(INFO, NET_SSL_TAG, "Peer not found");
1313 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1318 #ifdef MULTIPLE_OWNER
1320 * Gets CA secure endpoint info corresponding for endpoint.
1322 * @param[in] peer remote address
1324 * @return CASecureEndpoint or NULL
1326 const CASecureEndpoint_t *GetCASecureEndpointData(const CAEndpoint_t* peer)
1328 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1330 // TODO: Added as workaround, need to debug
1331 oc_mutex_unlock(g_sslContextMutex);
1333 oc_mutex_lock(g_sslContextMutex);
1334 if (NULL == g_caSslContext)
1336 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1337 oc_mutex_unlock(g_sslContextMutex);
1341 SslEndPoint_t* sslPeer = GetSslPeer(peer);
1344 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1345 oc_mutex_unlock(g_sslContextMutex);
1346 return &sslPeer->sep;
1349 OIC_LOG(DEBUG, NET_SSL_TAG, "Return NULL");
1350 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1351 oc_mutex_unlock(g_sslContextMutex);
1357 * Deletes cached message.
1359 * @param[in] msg message
1361 static void DeleteCacheMessage(SslCacheMessage_t * msg)
1363 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1364 VERIFY_NON_NULL_VOID(msg, NET_SSL_TAG, "msg");
1369 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1372 * Deletes cached message list.
1374 * @param[in] cacheList list of cached messages
1376 static void DeleteCacheList(u_arraylist_t * cacheList)
1378 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1379 VERIFY_NON_NULL_VOID(cacheList, NET_SSL_TAG, "cacheList");
1380 uint32_t listIndex = 0;
1381 uint32_t listLength = 0;
1383 listLength = u_arraylist_length(cacheList);
1384 for (listIndex = 0; listIndex < listLength; listIndex++)
1386 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(cacheList, listIndex);
1389 DeleteCacheMessage(msg);
1392 u_arraylist_free(&cacheList);
1394 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1397 * Deletes endpoint with session.
1399 * @param[in] tep endpoint with session info
1401 static void DeleteSslEndPoint(SslEndPoint_t * tep)
1403 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1404 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "tep");
1406 mbedtls_ssl_free(&tep->ssl);
1407 DeleteCacheList(tep->cacheList);
1409 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1412 * Removes endpoint session from list.
1414 * @param[in] endpoint remote address
1416 static void RemovePeerFromList(const CAEndpoint_t * endpoint)
1418 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1419 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1420 VERIFY_NON_NULL_VOID(endpoint, NET_SSL_TAG, "endpoint");
1421 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1422 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1424 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1429 if(0 == strncmp(endpoint->addr, tep->sep.endpoint.addr, MAX_ADDR_STR_SIZE_CA)
1430 && (endpoint->port == tep->sep.endpoint.port || CA_ADAPTER_GATT_BTLE == endpoint->adapter))
1432 u_arraylist_remove(g_caSslContext->peerList, listIndex);
1433 OIC_LOG_V(INFO, NET_SSL_TAG, "Remove Peer:[%s:%d] for %d adapter",
1434 endpoint->addr, endpoint->port, endpoint->adapter);
1435 DeleteSslEndPoint(tep);
1436 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1440 OIC_LOG_V(INFO, NET_SSL_TAG, "Peer not found:[%s:%d] for %d adapter",
1441 endpoint->addr, endpoint->port, endpoint->adapter);
1442 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1445 * Deletes session list.
1447 static void DeletePeerList()
1449 OIC_LOG_V(DEBUG, NET_SSL_TAG, "%s", __func__);
1450 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1452 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1453 for (uint32_t listIndex = 0; listIndex < listLength; listIndex++)
1455 SslEndPoint_t * tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList,listIndex);
1460 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1465 ret = mbedtls_ssl_close_notify(&tep->ssl);
1467 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1469 DeleteSslEndPoint(tep);
1471 u_arraylist_free(&g_caSslContext->peerList);
1474 CAResult_t CAcloseSslConnection(const CAEndpoint_t *endpoint)
1476 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1477 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
1479 oc_mutex_lock(g_sslContextMutex);
1480 if (NULL == g_caSslContext)
1482 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1483 oc_mutex_unlock(g_sslContextMutex);
1484 return CA_STATUS_FAILED;
1486 SslEndPoint_t * tep = GetSslPeer(endpoint);
1489 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1490 oc_mutex_unlock(g_sslContextMutex);
1491 return CA_STATUS_FAILED;
1493 /* No error checking, the connection might be closed already */
1497 ret = mbedtls_ssl_close_notify(&tep->ssl);
1499 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1501 RemovePeerFromList(&tep->sep.endpoint);
1502 oc_mutex_unlock(g_sslContextMutex);
1504 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1505 return CA_STATUS_OK;
1508 CAResult_t CAcloseSslConnectionUsingUuid(const uint8_t *identity, size_t idLength)
1510 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1511 VERIFY_NON_NULL_RET(identity, NET_SSL_TAG, "Param identity is NULL" , CA_STATUS_INVALID_PARAM);
1513 oc_mutex_lock(g_sslContextMutex);
1514 if (NULL == g_caSslContext)
1516 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1517 oc_mutex_unlock(g_sslContextMutex);
1518 return CA_STATUS_FAILED;
1521 SslEndPoint_t* tep = GetSslPeerUsingUuid(identity, idLength);
1524 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
1525 oc_mutex_unlock(g_sslContextMutex);
1526 return CA_STATUS_FAILED;
1529 /* No error checking, the connection might be closed already */
1533 ret = mbedtls_ssl_close_notify(&tep->ssl);
1535 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);
1537 RemovePeerFromList(&tep->sep.endpoint);
1538 oc_mutex_unlock(g_sslContextMutex);
1540 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1541 return CA_STATUS_OK;
1544 void CAcloseSslConnectionAll(CATransportAdapter_t transportType)
1546 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1547 oc_mutex_lock(g_sslContextMutex);
1548 if (NULL == g_caSslContext)
1550 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
1551 oc_mutex_unlock(g_sslContextMutex);
1555 uint32_t listLength = u_arraylist_length(g_caSslContext->peerList);
1556 OIC_LOG_V(INFO, NET_SSL_TAG,
1557 "Required transport [%d], peer count [%d]", transportType, listLength);
1558 for (uint32_t i = listLength; i > 0; i--)
1560 SslEndPoint_t *tep = (SslEndPoint_t *)u_arraylist_get(g_caSslContext->peerList, i - 1);
1565 OIC_LOG_V(INFO, NET_SSL_TAG, "SSL Connection [%s:%d], Transport [%d]",
1566 tep->sep.endpoint.addr, tep->sep.endpoint.port, tep->sep.endpoint.adapter);
1568 // check transport matching
1569 if (0 == (tep->sep.endpoint.adapter & transportType))
1571 OIC_LOG(DEBUG, NET_SSL_TAG, "Skip the un-matched transport session");
1575 // TODO: need to check below code after socket close is ensured.
1579 ret = mbedtls_ssl_close_notify(&tep->ssl);
1581 while (MBEDTLS_ERR_SSL_WANT_WRITE == ret);*/
1584 u_arraylist_remove(g_caSslContext->peerList, i - 1);
1585 DeleteSslEndPoint(tep);
1587 oc_mutex_unlock(g_sslContextMutex);
1589 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1593 * Creates session for endpoint.
1595 * @param[in] endpoint remote address
1596 * @param[in] config mbedTLS configuration info
1598 * @return TLS endpoint or NULL
1600 static SslEndPoint_t * NewSslEndPoint(const CAEndpoint_t * endpoint, mbedtls_ssl_config * config)
1602 SslEndPoint_t * tep = NULL;
1603 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1604 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint", NULL);
1605 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "config", NULL);
1606 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1608 tep = (SslEndPoint_t *) OICCalloc(1, sizeof (SslEndPoint_t));
1611 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1615 tep->sep.endpoint = *endpoint;
1616 tep->sep.endpoint.flags = (CATransportFlags_t)(tep->sep.endpoint.flags | CA_SECURE);
1618 if(0 != mbedtls_ssl_setup(&tep->ssl, config))
1620 OIC_LOG(ERROR, NET_SSL_TAG, "Setup failed");
1622 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1626 mbedtls_ssl_set_bio(&tep->ssl, tep, SendCallBack, RecvCallBack, NULL);
1627 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == config->transport)
1629 mbedtls_ssl_set_timer_cb(&tep->ssl, &tep->timer,
1630 mbedtls_timing_set_delay, mbedtls_timing_get_delay);
1631 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1633 if (0 != mbedtls_ssl_set_client_transport_id(&tep->ssl,
1634 (const unsigned char *) endpoint->addr, sizeof(endpoint->addr)))
1636 OIC_LOG(ERROR, NET_SSL_TAG, "Transport id setup failed!");
1637 mbedtls_ssl_free(&tep->ssl);
1639 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1644 tep->cacheList = u_arraylist_create();
1645 if (NULL == tep->cacheList)
1647 OIC_LOG(ERROR, NET_SSL_TAG, "cacheList initialization failed!");
1648 mbedtls_ssl_free(&tep->ssl);
1650 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1653 OIC_LOG_V(INFO, NET_SSL_TAG, "New [%s role] endpoint added [%s:%d]",
1654 (MBEDTLS_SSL_IS_SERVER==config->endpoint ? "server" : "client"),
1655 endpoint->addr, endpoint->port);
1656 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1660 * Initializes PSK identity.
1662 * @param[out] config client/server config to be updated
1664 * @return 0 on success or -1 on error
1666 static int InitPskIdentity(mbedtls_ssl_config * config)
1668 uint8_t keyBuf[PSK_LENGTH] = {0};
1669 uint8_t idBuf[UUID_LENGTH] = {0};
1670 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1671 VERIFY_NON_NULL_RET(config, NET_SSL_TAG, "Param config is NULL" , -1);
1673 //Retrieve PSK identity from SVR DB
1674 if (0 > g_getCredentialsCallback(CA_DTLS_PSK_IDENTITY, NULL, 0, idBuf, UUID_LENGTH))
1676 OIC_LOG(ERROR, NET_SSL_TAG, "Identity not found");
1677 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1680 //Store PSK ideneity in mbedtls_ssl_config
1681 if (0 != mbedtls_ssl_conf_psk(config, keyBuf, PSK_LENGTH, idBuf, UUID_LENGTH))
1683 OIC_LOG(ERROR, NET_SSL_TAG, "Identity initialization failed!");
1684 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1687 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1690 static void SetupCipher(mbedtls_ssl_config * config, CATransportAdapter_t adapter)
1693 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1694 VERIFY_NON_NULL_VOID(config, NET_SSL_TAG, "Invaild param");
1695 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL");
1696 VERIFY_NON_NULL_VOID(g_getCredentialTypesCallback, NET_SSL_TAG, "Param callback is null");
1698 //Resetting cipherFlag
1699 g_caSslContext->cipherFlag[0] = false;
1700 g_caSslContext->cipherFlag[1] = false;
1702 g_getCredentialTypesCallback(g_caSslContext->cipherFlag);
1703 // Retrieve the PSK credential from SRM
1704 if (0 != InitPskIdentity(config))
1706 OIC_LOG(ERROR, NET_SSL_TAG, "PSK identity initialization failed!");
1709 // Retrieve the Cert credential from SRM
1710 if (true == g_caSslContext->cipherFlag[1])
1712 int ret = InitPKIX(adapter);
1715 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to init X.509");
1719 memset(g_cipherSuitesList, 0, sizeof(g_cipherSuitesList));
1721 if (SSL_CIPHER_MAX < g_caSslContext->cipher)
1723 OIC_LOG(ERROR, NET_SSL_TAG, "Maximum ciphersuite index exceeded");
1726 // Add the preferred ciphersuite first
1727 if (SSL_CIPHER_MAX != g_caSslContext->cipher)
1729 g_cipherSuitesList[index] = tlsCipher[g_caSslContext->cipher][0];
1730 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Preferred ciphersuite added");
1734 // Add PSK ciphersuite
1735 if (true == g_caSslContext->cipherFlag[0] &&
1736 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[g_caSslContext->cipher][0])
1738 g_cipherSuitesList[index] = MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
1739 OIC_LOG(DEBUG, NET_SSL_TAG, "PSK ciphersuite added");
1743 // Add all certificate ciphersuites
1744 if (true == g_caSslContext->cipherFlag[1])
1746 for (unsigned int i = 0; i < SSL_CIPHER_MAX - 1; i++)
1748 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != tlsCipher[i][0] &&
1749 i != g_caSslContext->cipher)
1751 g_cipherSuitesList[index] = tlsCipher[i][0];
1756 if (MBEDTLS_SSL_IS_SERVER == config->endpoint)
1758 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_OPTIONAL);
1762 OIC_LOG(INFO, NET_SSL_TAG, "Supported ciphersuites:");
1763 for (int i = 0; i < index; i++)
1765 OIC_LOG_V(INFO, NET_SSL_TAG, "Ciphersuite %04x", g_cipherSuitesList[i]);
1768 mbedtls_ssl_conf_ciphersuites(config, g_cipherSuitesList);
1770 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1773 * Initiate TLS handshake with endpoint.
1775 * @param[in] endpoint remote address
1777 * @return TLS endpoint or NULL
1779 static SslEndPoint_t * InitiateTlsHandshake(const CAEndpoint_t *endpoint)
1782 SslEndPoint_t * tep = NULL;
1784 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
1785 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , NULL);
1786 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", NULL);
1788 //Remove previous peer info from peer list.
1789 RemovePeerFromList(endpoint);
1791 mbedtls_ssl_config * config = (endpoint->adapter == CA_ADAPTER_IP ||
1792 endpoint->adapter == CA_ADAPTER_GATT_BTLE ?
1793 &g_caSslContext->clientDtlsConf : &g_caSslContext->clientTlsConf);
1794 tep = NewSslEndPoint(endpoint, config);
1797 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
1801 //Load allowed SVR suites from SVR DB
1802 SetupCipher(config, endpoint->adapter);
1804 ret = u_arraylist_add(g_caSslContext->peerList, (void *) tep);
1807 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
1808 DeleteSslEndPoint(tep);
1812 while (MBEDTLS_SSL_HANDSHAKE_OVER > tep->ssl.state)
1814 ret = mbedtls_ssl_handshake_step(&tep->ssl);
1815 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
1821 OIC_LOG(ERROR, NET_SSL_TAG, "Handshake failed due to socket error");
1822 RemovePeerFromList(&tep->sep.endpoint);
1825 SSL_CHECK_FAIL(tep, ret, "Handshake error", 0, NULL, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1827 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
1830 #ifdef __WITH_DTLS__
1832 * Stops DTLS retransmission.
1834 static void StopRetransmit()
1838 unregisterTimer(g_caSslContext->timerId);
1839 g_caSslContext->timerId= -1;
1843 void CAdeinitSslAdapter()
1845 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1847 VERIFY_NON_NULL_VOID(g_caSslContext, NET_SSL_TAG, "context is NULL");
1848 VERIFY_NON_NULL_VOID(g_sslContextMutex, NET_SSL_TAG, "context mutex is NULL");
1850 //Lock tlsContext mutex
1851 oc_mutex_lock(g_sslContextMutex);
1856 // De-initialize mbedTLS
1857 mbedtls_x509_crt_free(&g_caSslContext->ca);
1858 mbedtls_x509_crt_free(&g_caSslContext->crt);
1859 mbedtls_pk_free(&g_caSslContext->pkey);
1860 mbedtls_x509_crl_free(&g_caSslContext->crl);
1862 mbedtls_ssl_config_free(&g_caSslContext->clientTlsConf);
1863 mbedtls_ssl_config_free(&g_caSslContext->serverTlsConf);
1864 #endif // __WITH_TLS__
1865 #ifdef __WITH_DTLS__
1866 mbedtls_ssl_config_free(&g_caSslContext->clientDtlsConf);
1867 mbedtls_ssl_config_free(&g_caSslContext->serverDtlsConf);
1868 mbedtls_ssl_cookie_free(&g_caSslContext->cookieCtx);
1869 #endif // __WITH_DTLS__
1870 mbedtls_ctr_drbg_free(&g_caSslContext->rnd);
1871 mbedtls_entropy_free(&g_caSslContext->entropy);
1872 #ifdef __WITH_DTLS__
1875 // De-initialize tls Context
1876 OICFree(g_caSslContext);
1877 g_caSslContext = NULL;
1879 // Delete decrypt buffer
1880 if (g_decryptBuffer)
1882 OICFree(g_decryptBuffer);
1883 g_decryptBuffer = NULL;
1886 // Unlock tlsContext mutex and de-initialize it
1887 oc_mutex_unlock(g_sslContextMutex);
1888 oc_mutex_free(g_sslContextMutex);
1889 g_sslContextMutex = NULL;
1891 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s ", __func__);
1894 static int InitConfig(mbedtls_ssl_config * conf, int transport, int mode)
1896 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1897 VERIFY_NON_NULL_RET(conf, NET_SSL_TAG, "Param conf is NULL" , -1);
1898 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL Context is NULL", -1);
1899 mbedtls_ssl_config_init(conf);
1900 if (mbedtls_ssl_config_defaults(conf, mode, transport, MBEDTLS_SSL_PRESET_DEFAULT) != 0)
1902 OIC_LOG(ERROR, NET_SSL_TAG, "Config initialization failed!");
1906 mbedtls_ssl_conf_psk_cb(conf, GetPskCredentialsCallback, NULL);
1907 mbedtls_ssl_conf_rng(conf, mbedtls_ctr_drbg_random, &g_caSslContext->rnd);
1908 mbedtls_ssl_conf_curves(conf, curve[ADAPTER_CURVE_SECP256R1]);
1909 mbedtls_ssl_conf_min_version(conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
1910 mbedtls_ssl_conf_renegotiation(conf, MBEDTLS_SSL_RENEGOTIATION_DISABLED);
1911 mbedtls_ssl_conf_authmode(conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1912 mbedtls_ssl_conf_sig_hashes(conf, g_ssl_ordered_default_hashes);
1914 #ifdef __WITH_DTLS__
1915 if (MBEDTLS_SSL_TRANSPORT_DATAGRAM == transport &&
1916 MBEDTLS_SSL_IS_SERVER == mode)
1918 mbedtls_ssl_conf_dtls_cookies(conf, mbedtls_ssl_cookie_write, mbedtls_ssl_cookie_check,
1919 &g_caSslContext->cookieCtx);
1921 #endif // __WITH_DTLS__
1923 #if !defined(NDEBUG) || defined(TB_LOG)
1924 mbedtls_ssl_conf_dbg(conf, DebugSsl, NULL);
1925 mbedtls_debug_set_threshold(MBED_TLS_DEBUG_LEVEL);
1927 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
1930 #ifdef __WITH_DTLS__
1932 * Starts DTLS retransmission.
1934 static int StartRetransmit()
1936 uint32_t listIndex = 0;
1937 uint32_t listLength = 0;
1938 SslEndPoint_t *tep = NULL;
1940 oc_mutex_lock(g_sslContextMutex);
1941 if (NULL == g_caSslContext)
1943 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL. Stop retransmission");
1944 oc_mutex_unlock(g_sslContextMutex);
1947 if (g_caSslContext->timerId != -1)
1949 //clear previous timer
1950 unregisterTimer(g_caSslContext->timerId);
1952 listLength = u_arraylist_length(g_caSslContext->peerList);
1954 for (listIndex = 0; listIndex < listLength; listIndex++)
1956 tep = (SslEndPoint_t *) u_arraylist_get(g_caSslContext->peerList, listIndex);
1958 || (tep->ssl.conf && MBEDTLS_SSL_TRANSPORT_STREAM == tep->ssl.conf->transport)
1959 || MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
1963 OIC_LOG_V(INFO, NET_SSL_TAG, "peer #%d", (int) listIndex);
1965 int ret = mbedtls_ssl_handshake_step(&tep->ssl);
1967 if (MBEDTLS_ERR_SSL_CONN_EOF != ret)
1970 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1972 SSL_CHECK_FAIL(tep, ret, "Retransmission", 1, CA_STATUS_FAILED,
1973 MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
1978 registerTimer(RETRANSMISSION_TIME, &g_caSslContext->timerId, (void *) StartRetransmit);
1979 oc_mutex_unlock(g_sslContextMutex);
1985 CAResult_t CAinitSslAdapter()
1987 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
1988 // Initialize mutex for tlsContext
1989 if (NULL == g_sslContextMutex)
1991 g_sslContextMutex = oc_mutex_new();
1992 VERIFY_NON_NULL_RET(g_sslContextMutex, NET_SSL_TAG, "malloc failed", CA_MEMORY_ALLOC_FAILED);
1996 OIC_LOG(INFO, NET_SSL_TAG, "Done already!");
1997 return CA_STATUS_OK;
2000 // Lock tlsContext mutex and create tlsContext
2001 oc_mutex_lock(g_sslContextMutex);
2002 g_caSslContext = (SslContext_t *)OICCalloc(1, sizeof(SslContext_t));
2004 if (NULL == g_caSslContext)
2006 OIC_LOG(ERROR, NET_SSL_TAG, "Context malloc failed");
2007 oc_mutex_unlock(g_sslContextMutex);
2008 oc_mutex_free(g_sslContextMutex);
2009 g_sslContextMutex = NULL;
2010 return CA_MEMORY_ALLOC_FAILED;
2014 g_caSslContext->peerList = u_arraylist_create();
2016 if(NULL == g_caSslContext->peerList)
2018 OIC_LOG(ERROR, NET_SSL_TAG, "peerList initialization failed!");
2019 OICFree(g_caSslContext);
2020 g_caSslContext = NULL;
2021 oc_mutex_unlock(g_sslContextMutex);
2022 oc_mutex_free(g_sslContextMutex);
2023 g_sslContextMutex = NULL;
2024 return CA_STATUS_FAILED;
2027 /* Initialize TLS library
2029 #if !defined(NDEBUG) || defined(TB_LOG)
2030 char version[MBED_TLS_VERSION_LEN];
2031 mbedtls_version_get_string(version);
2032 OIC_LOG_V(INFO, NET_SSL_TAG, "mbed TLS version: %s", version);
2037 mbedtls_entropy_init(&g_caSslContext->entropy);
2038 mbedtls_ctr_drbg_init(&g_caSslContext->rnd);
2041 unsigned char seed[sizeof(SEED)] = {0};
2043 urandomFd = open("/dev/urandom", O_RDONLY);
2046 OIC_LOG(ERROR, NET_SSL_TAG, "Fails open /dev/urandom!");
2047 oc_mutex_unlock(g_sslContextMutex);
2048 CAdeinitSslAdapter();
2049 return CA_STATUS_FAILED;
2051 if(0 > read(urandomFd, seed, sizeof(seed)))
2053 OIC_LOG(ERROR, NET_SSL_TAG, "Fails read from /dev/urandom!");
2055 oc_mutex_unlock(g_sslContextMutex);
2056 CAdeinitSslAdapter();
2057 return CA_STATUS_FAILED;
2062 unsigned char * seed = (unsigned char*) SEED;
2064 if(0 != mbedtls_ctr_drbg_seed(&g_caSslContext->rnd, mbedtls_entropy_func,
2065 &g_caSslContext->entropy, seed, sizeof(SEED)))
2067 OIC_LOG(ERROR, NET_SSL_TAG, "Seed initialization failed!");
2068 oc_mutex_unlock(g_sslContextMutex);
2069 CAdeinitSslAdapter();
2070 return CA_STATUS_FAILED;
2072 mbedtls_ctr_drbg_set_prediction_resistance(&g_caSslContext->rnd, MBEDTLS_CTR_DRBG_PR_OFF);
2075 if (0 != InitConfig(&g_caSslContext->clientTlsConf,
2076 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_CLIENT))
2078 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2079 oc_mutex_unlock(g_sslContextMutex);
2080 CAdeinitSslAdapter();
2081 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2082 return CA_STATUS_FAILED;
2085 if (0 != InitConfig(&g_caSslContext->serverTlsConf,
2086 MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_IS_SERVER))
2088 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2089 oc_mutex_unlock(g_sslContextMutex);
2090 CAdeinitSslAdapter();
2091 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2092 return CA_STATUS_FAILED;
2094 #endif // __WITH_TLS__
2095 #ifdef __WITH_DTLS__
2096 mbedtls_ssl_cookie_init(&g_caSslContext->cookieCtx);
2097 if (0 != mbedtls_ssl_cookie_setup(&g_caSslContext->cookieCtx, mbedtls_ctr_drbg_random,
2098 &g_caSslContext->rnd))
2100 OIC_LOG(ERROR, NET_SSL_TAG, "Cookie setup failed!");
2101 oc_mutex_unlock(g_sslContextMutex);
2102 CAdeinitSslAdapter();
2103 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2104 return CA_STATUS_FAILED;
2107 if (0 != InitConfig(&g_caSslContext->clientDtlsConf,
2108 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_CLIENT))
2110 OIC_LOG(ERROR, NET_SSL_TAG, "Client config initialization failed!");
2111 oc_mutex_unlock(g_sslContextMutex);
2112 CAdeinitSslAdapter();
2113 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2114 return CA_STATUS_FAILED;
2117 if (0 != InitConfig(&g_caSslContext->serverDtlsConf,
2118 MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_IS_SERVER))
2120 OIC_LOG(ERROR, NET_SSL_TAG, "Server config initialization failed!");
2121 oc_mutex_unlock(g_sslContextMutex);
2122 CAdeinitSslAdapter();
2123 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2124 return CA_STATUS_FAILED;
2126 #endif // __WITH_DTLS__
2128 // set default cipher
2129 g_caSslContext->cipher = SSL_CIPHER_MAX;
2132 mbedtls_x509_crt_init(&g_caSslContext->ca);
2133 mbedtls_x509_crt_init(&g_caSslContext->crt);
2134 mbedtls_pk_init(&g_caSslContext->pkey);
2135 mbedtls_x509_crl_init(&g_caSslContext->crl);
2137 #ifdef __WITH_DTLS__
2138 g_caSslContext->timerId = -1;
2141 // create decrypt buffer
2142 g_decryptBuffer = (uint8_t *)OICCalloc(1, TLS_MSG_BUF_LEN);
2143 if (NULL == g_decryptBuffer)
2145 OIC_LOG(ERROR, NET_SSL_TAG, "Decrypt buffer malloc failed");
2146 oc_mutex_unlock(g_sslContextMutex);
2147 CAdeinitSslAdapter();
2148 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2149 return CA_MEMORY_ALLOC_FAILED;
2152 oc_mutex_unlock(g_sslContextMutex);
2153 #ifdef __WITH_DTLS__
2157 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2158 return CA_STATUS_OK;
2161 SslCacheMessage_t * NewCacheMessage(uint8_t * data, size_t dataLen)
2163 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2164 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , NULL);
2167 OIC_LOG(ERROR, NET_SSL_TAG, "dataLen is equal to zero");
2168 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2171 SslCacheMessage_t * message = (SslCacheMessage_t *) OICCalloc(1, sizeof(SslCacheMessage_t));
2172 if (NULL == message)
2174 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2175 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2179 message->data = (uint8_t *)OICCalloc(dataLen, sizeof(uint8_t));
2180 if (NULL == message->data)
2182 OIC_LOG(ERROR, NET_SSL_TAG, "calloc failed!");
2184 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2187 memcpy(message->data, data, dataLen);
2188 message->len = dataLen;
2189 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2193 /* Send data via TLS connection.
2195 CAResult_t CAencryptSsl(const CAEndpoint_t *endpoint,
2196 void *data, uint32_t dataLen)
2200 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s ", __func__);
2202 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG,"Remote address is NULL", CA_STATUS_INVALID_PARAM);
2203 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Data is NULL", CA_STATUS_INVALID_PARAM);
2204 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Port %d", endpoint->port);
2208 OIC_LOG_V(ERROR, NET_SSL_TAG, "dataLen is zero [%d]", dataLen);
2209 return CA_STATUS_FAILED;
2212 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Data to be encrypted dataLen [%d]", dataLen);
2214 oc_mutex_lock(g_sslContextMutex);
2215 if(NULL == g_caSslContext)
2217 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2218 oc_mutex_unlock(g_sslContextMutex);
2219 return CA_STATUS_FAILED;
2222 SslEndPoint_t * tep = GetSslPeer(endpoint);
2225 tep = InitiateTlsHandshake(endpoint);
2229 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2230 oc_mutex_unlock(g_sslContextMutex);
2231 return CA_STATUS_FAILED;
2234 if (MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)
2236 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == tep->ssl.state)");
2238 unsigned char *dataBuf = (unsigned char *)data;
2243 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, dataLen - written);
2246 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2248 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned 0x%x", -ret);
2249 RemovePeerFromList(&tep->sep.endpoint);
2250 oc_mutex_unlock(g_sslContextMutex);
2251 return CA_STATUS_FAILED;
2255 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2259 } while (dataLen > written);
2264 SslCacheMessage_t * msg = NewCacheMessage((uint8_t*) data, dataLen);
2265 if (NULL == msg || !u_arraylist_add(tep->cacheList, (void *) msg))
2267 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2268 oc_mutex_unlock(g_sslContextMutex);
2269 return CA_STATUS_FAILED;
2273 oc_mutex_unlock(g_sslContextMutex);
2275 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2276 return CA_STATUS_OK;
2279 * Sends cached messages via TLS connection.
2281 * @param[in] tep remote address with session info
2283 static void SendCacheMessages(SslEndPoint_t * tep)
2285 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2286 VERIFY_NON_NULL_VOID(tep, NET_SSL_TAG, "Param tep is NULL");
2288 uint32_t listIndex = 0;
2289 uint32_t listLength = 0;
2290 listLength = u_arraylist_length(tep->cacheList);
2291 for (listIndex = 0; listIndex < listLength;)
2294 SslCacheMessage_t * msg = (SslCacheMessage_t *) u_arraylist_get(tep->cacheList, listIndex);
2295 if (NULL != msg && NULL != msg->data && 0 != msg->len)
2297 unsigned char *dataBuf = (unsigned char *)msg->data;
2302 ret = mbedtls_ssl_write(&tep->ssl, dataBuf, msg->len - written);
2305 if (MBEDTLS_ERR_SSL_WANT_WRITE != ret)
2307 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedTLS write failed! returned -0x%x", -ret);
2312 OIC_LOG_V(DEBUG, NET_SSL_TAG, "mbedTLS write returned with sent bytes[%d]", ret);
2316 } while (msg->len > written);
2318 if (u_arraylist_remove(tep->cacheList, listIndex))
2320 DeleteCacheMessage(msg);
2321 // Reduce list length by 1 as we removed one element.
2326 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_remove failed.");
2332 // Move to the next element
2336 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2339 void CAsetSslHandshakeCallback(CAErrorCallback tlsHandshakeCallback)
2341 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2342 g_sslCallback = tlsHandshakeCallback;
2343 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2346 /* Read data from TLS connection
2348 CAResult_t CAdecryptSsl(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen)
2351 OIC_LOG_V(INFO, NET_SSL_TAG, "In %s", __func__);
2352 VERIFY_NON_NULL_RET(sep, NET_SSL_TAG, "endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2353 VERIFY_NON_NULL_RET(data, NET_SSL_TAG, "Param data is NULL" , CA_STATUS_INVALID_PARAM);
2355 oc_mutex_lock(g_sslContextMutex);
2356 if (NULL == g_caSslContext)
2358 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2359 oc_mutex_unlock(g_sslContextMutex);
2360 return CA_STATUS_FAILED;
2363 SslEndPoint_t * peer = GetSslPeer(&sep->endpoint);
2366 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2367 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2368 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2369 peer = NewSslEndPoint(&sep->endpoint, config);
2372 OIC_LOG(ERROR, NET_SSL_TAG, "Malloc failed!");
2373 oc_mutex_unlock(g_sslContextMutex);
2374 return CA_STATUS_FAILED;
2376 //Load allowed TLS suites from SVR DB
2377 SetupCipher(config, sep->endpoint.adapter);
2379 ret = u_arraylist_add(g_caSslContext->peerList, (void *) peer);
2382 OIC_LOG(ERROR, NET_SSL_TAG, "u_arraylist_add failed!");
2384 oc_mutex_unlock(g_sslContextMutex);
2385 return CA_STATUS_FAILED;
2389 peer->recBuf.buff = data;
2390 peer->recBuf.len = dataLen;
2391 peer->recBuf.loaded = 0;
2393 while (MBEDTLS_SSL_HANDSHAKE_OVER != peer->ssl.state)
2395 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2396 if (MBEDTLS_ERR_SSL_CONN_EOF == ret)
2401 if (MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED == ret)
2403 OIC_LOG(DEBUG, NET_SSL_TAG, "Hello verification requested");
2404 mbedtls_ssl_session_reset(&peer->ssl);
2405 mbedtls_ssl_set_client_transport_id(&peer->ssl,
2406 (const unsigned char *) sep->endpoint.addr,
2407 sizeof(sep->endpoint.addr));
2408 ret = mbedtls_ssl_handshake_step(&peer->ssl);
2410 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
2412 ((MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint) ||
2413 (MBEDTLS_SSL_IS_SERVER == peer->ssl.conf->endpoint && MBEDTLS_X509_BADCERT_MISSING != flags)))
2415 OIC_LOG_BUFFER(ERROR, NET_SSL_TAG, (const uint8_t *) &flags, sizeof(flags));
2416 SSL_CHECK_FAIL(peer, flags, "Cert verification failed", 1,
2417 CA_STATUS_FAILED, GetAlertCode(flags));
2419 SSL_CHECK_FAIL(peer, ret, "Handshake error", 1, CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE);
2420 if (MBEDTLS_SSL_CLIENT_CHANGE_CIPHER_SPEC == peer->ssl.state)
2422 memcpy(peer->master, peer->ssl.session_negotiate->master, sizeof(peer->master));
2423 g_caSslContext->selectedCipher = peer->ssl.session_negotiate->ciphersuite;
2425 if (MBEDTLS_SSL_CLIENT_KEY_EXCHANGE == peer->ssl.state)
2427 memcpy(peer->random, peer->ssl.handshake->randbytes, sizeof(peer->random));
2430 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2432 SSL_RES(peer, CA_STATUS_OK);
2433 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2435 SendCacheMessages(peer);
2438 int selectedCipher = peer->ssl.session->ciphersuite;
2439 OIC_LOG_V(DEBUG, NET_SSL_TAG, "(D)TLS Session is connected via ciphersuite [0x%x]", selectedCipher);
2440 if (MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 != selectedCipher &&
2441 MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 != selectedCipher)
2443 char uuid[UUID_LENGTH * 2 + 5] = {0};
2444 void * uuidPos = NULL;
2445 void * userIdPos = NULL;
2446 const mbedtls_x509_crt * peerCert = mbedtls_ssl_get_peer_cert(&peer->ssl);
2447 ret = (NULL == peerCert ? -1 : 0);
2448 if (g_CertificateVerificationCallback)
2450 uint32_t flags = mbedtls_ssl_get_verify_result(&peer->ssl);
2453 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_SUCCESS_MUTUAL);
2455 else if (MBEDTLS_X509_BADCERT_MISSING == flags)
2457 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_NO_CERT);
2461 g_CertificateVerificationCallback(CA_CERTIFICATE_VERIFY_FAILED);
2464 //SSL_CHECK_FAIL(peer, ret, "Failed to retrieve cert", 1,
2465 // CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_NO_CERT);
2468 uuidPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2469 UUID_PREFIX, sizeof(UUID_PREFIX) - 1);
2471 if (NULL != uuidPos)
2473 memcpy(uuid, (char*) uuidPos + sizeof(UUID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2474 OIC_LOG_V(DEBUG, NET_SSL_TAG, "certificate uuid string: %s" , uuid);
2475 ret = OCConvertStringToUuid(uuid, peer->sep.identity.id);
2476 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject", 1,
2477 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2481 OIC_LOG(WARNING, NET_SSL_TAG, "uuid not found");
2484 userIdPos = memmem(peerCert->subject_raw.p, peerCert->subject_raw.len,
2485 USERID_PREFIX, sizeof(USERID_PREFIX) - 1);
2486 if (NULL != userIdPos)
2488 memcpy(uuid, (char*) userIdPos + sizeof(USERID_PREFIX) - 1, UUID_LENGTH * 2 + 4);
2489 ret = OCConvertStringToUuid(uuid, peer->sep.userId.id);
2490 SSL_CHECK_FAIL(peer, ret, "Failed to convert subject alt name", 1,
2491 CA_STATUS_FAILED, MBEDTLS_SSL_ALERT_MSG_UNSUPPORTED_CERT);
2495 OIC_LOG(WARNING, NET_SSL_TAG, "Subject alternative name not found");
2500 if (MBEDTLS_SSL_IS_CLIENT == peer->ssl.conf->endpoint)
2502 SendCacheMessages(peer);
2504 mbedtls_ssl_config * config = (sep->endpoint.adapter == CA_ADAPTER_IP ||
2505 sep->endpoint.adapter == CA_ADAPTER_GATT_BTLE ?
2506 &g_caSslContext->serverDtlsConf : &g_caSslContext->serverTlsConf);
2508 mbedtls_ssl_conf_authmode(config, MBEDTLS_SSL_VERIFY_REQUIRED);
2510 oc_mutex_unlock(g_sslContextMutex);
2511 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2512 return CA_STATUS_OK;
2516 if (MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)
2518 OIC_LOG(INFO, NET_SSL_TAG, "(MBEDTLS_SSL_HANDSHAKE_OVER == peer->ssl.state)");
2520 // flag to read again remained data
2521 bool read_more = false;
2524 if (NULL == g_decryptBuffer)
2526 OIC_LOG(ERROR, NET_SSL_TAG, "decrypt buffer is NULL");
2527 oc_mutex_unlock(g_sslContextMutex);
2528 return CA_STATUS_FAILED;
2530 memset(g_decryptBuffer, 0, TLS_MSG_BUF_LEN);
2535 ret = mbedtls_ssl_read(&peer->ssl, g_decryptBuffer, TLS_MSG_BUF_LEN);
2536 } while (MBEDTLS_ERR_SSL_WANT_READ == ret);
2538 if (MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY == ret ||
2539 // TinyDTLS sends fatal close_notify alert
2540 (MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE == ret &&
2541 MBEDTLS_SSL_ALERT_LEVEL_FATAL == peer->ssl.in_msg[0] &&
2542 MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY == peer->ssl.in_msg[1]))
2544 OIC_LOG(INFO, NET_SSL_TAG, "Connection was closed gracefully");
2545 RemovePeerFromList(&peer->sep.endpoint);
2546 oc_mutex_unlock(g_sslContextMutex);
2547 return CA_STATUS_OK;
2552 OIC_LOG_V(ERROR, NET_SSL_TAG, "mbedtls_ssl_read returned -0x%x", -ret);
2553 //SSL_RES(peer, CA_STATUS_FAILED);
2554 RemovePeerFromList(&peer->sep.endpoint);
2555 oc_mutex_unlock(g_sslContextMutex);
2556 return CA_STATUS_FAILED;
2560 int adapterIndex = GetAdapterIndex(peer->sep.endpoint.adapter);
2561 if (0 <= adapterIndex && MAX_SUPPORTED_ADAPTERS > adapterIndex)
2564 res = g_caSslContext->adapterCallbacks[adapterIndex].recvCallback(&peer->sep,
2565 g_decryptBuffer, ret);
2566 if (CA_STATUS_OK != res)
2568 OIC_LOG(ERROR, NET_SSL_TAG, "recvCallback is failed");
2569 RemovePeerFromList(&peer->sep.endpoint);
2570 oc_mutex_unlock(g_sslContextMutex);
2571 return CA_STATUS_FAILED;
2574 // check if decrypted data is remained in stream transport
2575 size_t remained = mbedtls_ssl_get_bytes_avail(&peer->ssl);
2577 MBEDTLS_SSL_TRANSPORT_STREAM == peer->ssl.conf->transport)
2579 OIC_LOG_V(DEBUG, NET_SSL_TAG, "need to read %zu bytes more", remained);
2585 OIC_LOG(ERROR, NET_SSL_TAG, "Unsuported adapter");
2586 RemovePeerFromList(&peer->sep.endpoint);
2587 oc_mutex_unlock(g_sslContextMutex);
2588 return CA_STATUS_FAILED;
2591 } while (read_more);
2594 oc_mutex_unlock(g_sslContextMutex);
2595 OIC_LOG_V(INFO, NET_SSL_TAG, "Out %s", __func__);
2596 return CA_STATUS_OK;
2599 void CAsetSslAdapterCallbacks(CAPacketReceivedCallback recvCallback,
2600 CAPacketSendCallback sendCallback,
2601 CATransportAdapter_t type)
2603 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2604 VERIFY_NON_NULL_VOID(sendCallback, NET_SSL_TAG, "sendCallback is NULL");
2605 VERIFY_NON_NULL_VOID(recvCallback, NET_SSL_TAG, "recvCallback is NULL");
2606 oc_mutex_lock(g_sslContextMutex);
2607 if (NULL == g_caSslContext)
2609 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2610 oc_mutex_unlock(g_sslContextMutex);
2617 g_caSslContext->adapterCallbacks[0].recvCallback = recvCallback;
2618 g_caSslContext->adapterCallbacks[0].sendCallback = sendCallback;
2620 case CA_ADAPTER_TCP:
2621 g_caSslContext->adapterCallbacks[1].recvCallback = recvCallback;
2622 g_caSslContext->adapterCallbacks[1].sendCallback = sendCallback;
2624 case CA_ADAPTER_GATT_BTLE:
2625 g_caSslContext->adapterCallbacks[2].recvCallback = recvCallback;
2626 g_caSslContext->adapterCallbacks[2].sendCallback = sendCallback;
2629 OIC_LOG_V(ERROR, NET_SSL_TAG, "Unsupported adapter: %d", type);
2632 oc_mutex_unlock(g_sslContextMutex);
2633 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2636 * Gets index of the TLS ciphersuite in the SslCipher_t enum.
2638 * @param[in] cipher TLS chiphersuite code
2640 * @return corresponding enum
2643 static SslCipher_t GetCipherIndex(const uint32_t cipher)
2647 case MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256:
2649 return SSL_RSA_WITH_AES_256_CBC_SHA256;
2651 case MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256:
2653 return SSL_RSA_WITH_AES_128_GCM_SHA256;
2655 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
2657 return SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256;
2659 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
2661 return SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384;
2663 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
2665 return SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256;
2667 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
2669 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM_8;
2671 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
2673 return SSL_ECDHE_ECDSA_WITH_AES_128_CCM;
2675 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
2677 return SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256;
2679 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
2681 return SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384;
2683 case MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
2685 return SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384;
2687 case MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
2689 return SSL_ECDHE_PSK_WITH_AES_128_CBC_SHA256;
2691 case MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
2693 return SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256;
2695 case MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256:
2697 return SSL_ECDH_ANON_WITH_AES_128_CBC_SHA256;
2701 return SSL_CIPHER_MAX;
2706 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher)
2708 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2709 VERIFY_NON_NULL_RET(g_caSslContext, NET_SSL_TAG, "SSL context is not initialized." , CA_STATUS_NOT_INITIALIZED);
2711 SslCipher_t index = GetCipherIndex(cipher);
2712 if (SSL_CIPHER_MAX == index)
2714 OIC_LOG(WARNING, NET_SSL_TAG, "Unknown cipher");
2719 CONF_SSL(&g_caSslContext->clientTlsConf, &g_caSslContext->serverTlsConf,
2720 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2722 #ifdef __WITH_DTLS__
2723 CONF_SSL(&g_caSslContext->clientDtlsConf, &g_caSslContext->serverDtlsConf,
2724 mbedtls_ssl_conf_ciphersuites, tlsCipher[index]);
2726 OIC_LOG_V(INFO, NET_SSL_TAG, "Selected cipher: 0x%x", cipher);
2728 g_caSslContext->cipher = index;
2730 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2731 return CA_STATUS_OK;
2734 CAResult_t CAinitiateSslHandshake(const CAEndpoint_t *endpoint)
2736 CAResult_t res = CA_STATUS_OK;
2737 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2738 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "Param endpoint is NULL" , CA_STATUS_INVALID_PARAM);
2739 oc_mutex_lock(g_sslContextMutex);
2740 if (NULL == InitiateTlsHandshake(endpoint))
2742 OIC_LOG(ERROR, NET_SSL_TAG, "TLS handshake failed");
2743 res = CA_STATUS_FAILED;
2745 oc_mutex_unlock(g_sslContextMutex);
2746 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2750 * Expands the secret into blocks of data according
2751 * to the algorithm specified in section 5 of RFC 4346
2753 * This function writes upto @p bufLen bytes into the given output buffer @p buf
2755 * @param key secret key.
2756 * @param keyLen secret key length.
2757 * @param label A PRF label.
2758 * @param labelLen Actual length of @p label.
2759 * @param random1 Random seed.
2760 * @param random1Len Actual length of @p random1 (may be zero).
2761 * @param random2 Random seed.
2762 * @param random2Len Actual length of @p random2 (may be zero).
2763 * @param buf Output buffer for generated random data.
2764 * @param bufLen Maximum size of @p buf.
2766 * @return The actual number of bytes written to @p buf or @c -1 on error.
2769 static int pHash (const unsigned char *key, size_t keyLen,
2770 const unsigned char *label, size_t labelLen,
2771 const unsigned char *random1, size_t random1Len,
2772 const unsigned char *random2, size_t random2Len,
2773 unsigned char *buf, size_t bufLen)
2775 unsigned char A[RANDOM_LEN] = {0};
2776 unsigned char tmp[RANDOM_LEN] = {0};
2777 size_t dLen; /* digest length */
2778 size_t len = 0; /* result length */
2780 VERIFY_NON_NULL_RET(key, NET_SSL_TAG, "key is NULL", -1);
2781 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", -1);
2782 VERIFY_NON_NULL_RET(random1, NET_SSL_TAG, "random1 is NULL", -1);
2783 VERIFY_NON_NULL_RET(random2, NET_SSL_TAG, "random2 is NULL", -1);
2784 VERIFY_NON_NULL_RET(buf, NET_SSL_TAG, "buf is NULL", -1);
2786 mbedtls_md_context_t hmacA;
2787 mbedtls_md_context_t hmacP;
2789 mbedtls_md_init(&hmacA);
2790 mbedtls_md_init(&hmacP);
2792 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacA, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2793 CHECK_MBEDTLS_RET(mbedtls_md_setup, &hmacP, mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), 1);
2795 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen );
2796 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, label, labelLen);
2797 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random1, random1Len);
2798 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, random2, random2Len);
2799 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2803 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2805 while (len + dLen < bufLen)
2807 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2808 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2809 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2810 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2811 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2812 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2814 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2818 memcpy(buf, tmp, dLen);
2821 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacA);
2822 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacA, key, keyLen);
2823 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacA, A, dLen);
2824 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacA, A);
2827 CHECK_MBEDTLS_RET(mbedtls_md_hmac_reset, &hmacP);
2828 CHECK_MBEDTLS_RET(mbedtls_md_hmac_starts, &hmacP, key, keyLen);
2829 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, A, dLen);
2831 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, label, labelLen);
2832 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random1, random1Len);
2833 CHECK_MBEDTLS_RET(mbedtls_md_hmac_update, &hmacP, random2, random2Len);
2834 CHECK_MBEDTLS_RET(mbedtls_md_hmac_finish, &hmacP, tmp);
2836 memcpy(buf, tmp, bufLen - len);
2838 mbedtls_md_free(&hmacA);
2839 mbedtls_md_free(&hmacP);
2843 mbedtls_md_free(&hmacA);
2844 mbedtls_md_free(&hmacP);
2848 CAResult_t CAsslGenerateOwnerPsk(const CAEndpoint_t *endpoint,
2849 const uint8_t* label, const size_t labelLen,
2850 const uint8_t* rsrcServerDeviceId, const size_t rsrcServerDeviceIdLen,
2851 const uint8_t* provServerDeviceId, const size_t provServerDeviceIdLen,
2852 uint8_t* ownerPsk, const size_t ownerPskSize)
2854 OIC_LOG_V(DEBUG, NET_SSL_TAG, "In %s", __func__);
2855 VERIFY_NON_NULL_RET(endpoint, NET_SSL_TAG, "endpoint is NULL", CA_STATUS_INVALID_PARAM);
2856 VERIFY_NON_NULL_RET(label, NET_SSL_TAG, "label is NULL", CA_STATUS_INVALID_PARAM);
2857 VERIFY_NON_NULL_RET(rsrcServerDeviceId, NET_SSL_TAG, "rsrcId is NULL", CA_STATUS_INVALID_PARAM);
2858 VERIFY_NON_NULL_RET(provServerDeviceId, NET_SSL_TAG, "provId is NULL", CA_STATUS_INVALID_PARAM);
2859 VERIFY_NON_NULL_RET(ownerPsk, NET_SSL_TAG, "ownerPSK is NULL", CA_STATUS_INVALID_PARAM);
2861 oc_mutex_lock(g_sslContextMutex);
2862 if (NULL == g_caSslContext)
2864 OIC_LOG(ERROR, NET_SSL_TAG, "Context is NULL");
2865 oc_mutex_unlock(g_sslContextMutex);
2866 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2867 return CA_STATUS_FAILED;
2869 SslEndPoint_t * tep = GetSslPeer(endpoint);
2872 OIC_LOG(ERROR, NET_SSL_TAG, "Session does not exist");
2873 oc_mutex_unlock(g_sslContextMutex);
2874 return CA_STATUS_FAILED;
2877 // keyBlockLen set up according to OIC 1.1 Security Specification Section 7.3.2
2881 int keyBlockLen = 0;
2882 if (MBEDTLS_TLS_ECDH_ANON_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2883 MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2884 MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher ||
2885 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 == g_caSslContext->selectedCipher)
2887 // 2 * ( 32 + 0 + 16 ) = 96
2888 macKeyLen = SHA256_MAC_KEY_LENGTH;
2889 ivSize = CBC_IV_LENGTH;
2890 keySize = AES128_KEY_LENGTH;
2892 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM == g_caSslContext->selectedCipher ||
2893 MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 == g_caSslContext->selectedCipher)
2895 // 2 * ( 0 + 4 + 16 ) = 40
2896 macKeyLen = CCM_MAC_KEY_LENGTH;
2897 ivSize = CCM_IV_LENGTH;
2898 keySize = AES128_KEY_LENGTH;
2900 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2902 // 2 * ( 32 + 12 + 16 ) = 120
2903 macKeyLen = SHA256_MAC_KEY_LENGTH;
2904 ivSize = GCM_IV_LENGTH;
2905 keySize = AES128_KEY_LENGTH;
2907 else if (MBEDTLS_TLS_RSA_WITH_AES_256_CBC_SHA256 == g_caSslContext->selectedCipher)
2909 // 2 * ( 32 + 0 + 32 ) = 128
2910 macKeyLen = SHA256_MAC_KEY_LENGTH;
2911 ivSize = CBC_IV_LENGTH;
2912 keySize = AES256_KEY_LENGTH;
2914 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 == g_caSslContext->selectedCipher)
2916 // 2 * ( 48 + 0 + 32 ) = 160
2917 macKeyLen = SHA384_MAC_KEY_LENGTH;
2918 ivSize = CBC_IV_LENGTH;
2919 keySize = AES256_KEY_LENGTH;
2921 else if (MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 == g_caSslContext->selectedCipher)
2923 // 2 * ( 48 + 12 + 32 ) = 184
2924 macKeyLen = SHA384_MAC_KEY_LENGTH;
2925 ivSize = GCM_IV_LENGTH;
2926 keySize = AES256_KEY_LENGTH;
2928 else if (MBEDTLS_TLS_RSA_WITH_AES_128_GCM_SHA256 == g_caSslContext->selectedCipher)
2930 // 2 * ( 48 + 12 + 32 ) = 184
2931 macKeyLen = SHA256_MAC_KEY_LENGTH;
2932 ivSize = GCM_IV_LENGTH;
2933 keySize = AES128_KEY_LENGTH;
2935 keyBlockLen = 2 * (macKeyLen + keySize + ivSize);
2937 uint8_t * keyblock = (uint8_t *)OICMalloc(keyBlockLen);
2938 if (NULL == keyblock)
2940 OIC_LOG(ERROR, NET_SSL_TAG, "Failed to OICMalloc for keyblock");
2941 oc_mutex_unlock(g_sslContextMutex);
2942 return CA_STATUS_FAILED;
2946 uint8_t lab[] = {0x6b, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6e, 0x73, 0x69, 0x6f, 0x6e};
2947 int ret = pHash(tep->master, sizeof(tep->master), lab, sizeof(lab),
2948 (tep->random) + RANDOM_LEN, RANDOM_LEN, tep->random, RANDOM_LEN,
2949 keyblock, keyBlockLen);
2952 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2954 oc_mutex_unlock(g_sslContextMutex);
2955 return CA_STATUS_FAILED;
2958 ret = pHash(keyblock, keyBlockLen, label, labelLen,
2959 rsrcServerDeviceId, rsrcServerDeviceIdLen,
2960 provServerDeviceId, provServerDeviceIdLen,
2961 ownerPsk, ownerPskSize);
2964 OIC_LOG(ERROR, NET_SSL_TAG, "PSK not generated");
2966 oc_mutex_unlock(g_sslContextMutex);
2967 return CA_STATUS_FAILED;
2971 oc_mutex_unlock(g_sslContextMutex);
2973 OIC_LOG_V(DEBUG, NET_SSL_TAG, "Out %s", __func__);
2974 return CA_STATUS_OK;