TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / OP-TEE / optee_os / 16fbd46d245d634778b9df729e3909d6bfd9a79b / . / lib / libmbedtls / mbedtls / library / ssl_cache.c
blob: 048c21d4f0ea7e111ee38f133824192faaf9cce0 [file] [log] [blame]
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]1/*
2 * SSL session cache implementation
3 *
Jerome Forissier79013242021-07-28 10:24:04 +0200[diff] [blame]4 * Copyright The Mbed TLS Contributors
5 * SPDX-License-Identifier: Apache-2.0
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]6 *
7 * Licensed under the Apache License, Version 2.0 (the "License"); you may
8 * not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
15 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]18 */
19/*
20 * These session callbacks use a simple chained list
21 * to store and retrieve the session information.
22 */
23
Jerome Forissier79013242021-07-28 10:24:04 +0200[diff] [blame]24#include "common.h"
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]25
26#if defined(MBEDTLS_SSL_CACHE_C)
27
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]28#include "mbedtls/platform.h"
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]29
30#include "mbedtls/ssl_cache.h"
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]31#include "ssl_misc.h"
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]32
33#include <string.h>
34
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]35void mbedtls_ssl_cache_init(mbedtls_ssl_cache_context *cache)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]36{
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]37 memset(cache, 0, sizeof(mbedtls_ssl_cache_context));
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]38
39 cache->timeout = MBEDTLS_SSL_CACHE_DEFAULT_TIMEOUT;
40 cache->max_entries = MBEDTLS_SSL_CACHE_DEFAULT_MAX_ENTRIES;
41
42#if defined(MBEDTLS_THREADING_C)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]43 mbedtls_mutex_init(&cache->mutex);
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]44#endif
45}
46
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]47MBEDTLS_CHECK_RETURN_CRITICAL
48static int ssl_cache_find_entry(mbedtls_ssl_cache_context *cache,
49 unsigned char const *session_id,
50 size_t session_id_len,
51 mbedtls_ssl_cache_entry **dst)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]52{
53 int ret = 1;
54#if defined(MBEDTLS_HAVE_TIME)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]55 mbedtls_time_t t = mbedtls_time(NULL);
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]56#endif
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]57 mbedtls_ssl_cache_entry *cur;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]58
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]59 for (cur = cache->chain; cur != NULL; cur = cur->next) {
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]60#if defined(MBEDTLS_HAVE_TIME)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]61 if (cache->timeout != 0 &&
62 (int) (t - cur->timestamp) > cache->timeout) {
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]63 continue;
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]64 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]65#endif
66
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]67 if (session_id_len != cur->session_id_len ||
68 memcmp(session_id, cur->session_id,
69 cur->session_id_len) != 0) {
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]70 continue;
Jerome Forissier79013242021-07-28 10:24:04 +0200[diff] [blame]71 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]72
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]73 break;
74 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]75
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]76 if (cur != NULL) {
77 *dst = cur;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]78 ret = 0;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]79 }
80
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]81 return ret;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]82}
83
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]84
85int mbedtls_ssl_cache_get(void *data,
86 unsigned char const *session_id,
87 size_t session_id_len,
88 mbedtls_ssl_session *session)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]89{
90 int ret = 1;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]91 mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]92 mbedtls_ssl_cache_entry *entry;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]93
94#if defined(MBEDTLS_THREADING_C)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]95 if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) {
96 return ret;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]97 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]98#endif
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]99
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]100 ret = ssl_cache_find_entry(cache, session_id, session_id_len, &entry);
101 if (ret != 0) {
Jerome Forissier11fa71b2020-04-20 17:17:56 +0200[diff] [blame]102 goto exit;
103 }
104
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]105 ret = mbedtls_ssl_session_load(session,
106 entry->session,
107 entry->session_len);
108 if (ret != 0) {
109 goto exit;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]110 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]111
112 ret = 0;
113
114exit:
115#if defined(MBEDTLS_THREADING_C)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]116 if (mbedtls_mutex_unlock(&cache->mutex) != 0) {
117 ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
118 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]119#endif
120
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]121 return ret;
122}
123
124/* zeroize a cache entry */
125static void ssl_cache_entry_zeroize(mbedtls_ssl_cache_entry *entry)
126{
127 if (entry == NULL) {
128 return;
129 }
130
131 /* zeroize and free session structure */
132 if (entry->session != NULL) {
133 mbedtls_platform_zeroize(entry->session, entry->session_len);
134 mbedtls_free(entry->session);
135 }
136
137 /* zeroize the whole entry structure */
138 mbedtls_platform_zeroize(entry, sizeof(mbedtls_ssl_cache_entry));
139}
140
141MBEDTLS_CHECK_RETURN_CRITICAL
142static int ssl_cache_pick_writing_slot(mbedtls_ssl_cache_context *cache,
143 unsigned char const *session_id,
144 size_t session_id_len,
145 mbedtls_ssl_cache_entry **dst)
146{
147#if defined(MBEDTLS_HAVE_TIME)
148 mbedtls_time_t t = mbedtls_time(NULL), oldest = 0;
149#endif /* MBEDTLS_HAVE_TIME */
150
151 mbedtls_ssl_cache_entry *old = NULL;
152 int count = 0;
153 mbedtls_ssl_cache_entry *cur, *last;
154
155 /* Check 1: Is there already an entry with the given session ID?
156 *
157 * If yes, overwrite it.
158 *
159 * If not, `count` will hold the size of the session cache
160 * at the end of this loop, and `last` will point to the last
161 * entry, both of which will be used later. */
162
163 last = NULL;
164 for (cur = cache->chain; cur != NULL; cur = cur->next) {
165 count++;
166 if (session_id_len == cur->session_id_len &&
167 memcmp(session_id, cur->session_id, cur->session_id_len) == 0) {
168 goto found;
169 }
170 last = cur;
171 }
172
173 /* Check 2: Is there an outdated entry in the cache?
174 *
175 * If so, overwrite it.
176 *
177 * If not, remember the oldest entry in `old` for later.
178 */
179
180#if defined(MBEDTLS_HAVE_TIME)
181 for (cur = cache->chain; cur != NULL; cur = cur->next) {
182 if (cache->timeout != 0 &&
183 (int) (t - cur->timestamp) > cache->timeout) {
184 goto found;
185 }
186
187 if (oldest == 0 || cur->timestamp < oldest) {
188 oldest = cur->timestamp;
189 old = cur;
190 }
191 }
192#endif /* MBEDTLS_HAVE_TIME */
193
194 /* Check 3: Is there free space in the cache? */
195
196 if (count < cache->max_entries) {
197 /* Create new entry */
198 cur = mbedtls_calloc(1, sizeof(mbedtls_ssl_cache_entry));
199 if (cur == NULL) {
200 return 1;
201 }
202
203 /* Append to the end of the linked list. */
204 if (last == NULL) {
205 cache->chain = cur;
206 } else {
207 last->next = cur;
208 }
209
210 goto found;
211 }
212
213 /* Last resort: The cache is full and doesn't contain any outdated
214 * elements. In this case, we evict the oldest one, judged by timestamp
215 * (if present) or cache-order. */
216
217#if defined(MBEDTLS_HAVE_TIME)
218 if (old == NULL) {
219 /* This should only happen on an ill-configured cache
220 * with max_entries == 0. */
221 return 1;
222 }
223#else /* MBEDTLS_HAVE_TIME */
224 /* Reuse first entry in chain, but move to last place. */
225 if (cache->chain == NULL) {
226 return 1;
227 }
228
229 old = cache->chain;
230 cache->chain = old->next;
231 old->next = NULL;
232 last->next = old;
233#endif /* MBEDTLS_HAVE_TIME */
234
235 /* Now `old` points to the oldest entry to be overwritten. */
236 cur = old;
237
238found:
239
240 /* If we're reusing an entry, free it first. */
241 if (cur->session != NULL) {
242 /* `ssl_cache_entry_zeroize` would break the chain,
243 * so we reuse `old` to record `next` temporarily. */
244 old = cur->next;
245 ssl_cache_entry_zeroize(cur);
246 cur->next = old;
247 }
248
249#if defined(MBEDTLS_HAVE_TIME)
250 cur->timestamp = t;
251#endif
252
253 *dst = cur;
254 return 0;
255}
256
257int mbedtls_ssl_cache_set(void *data,
258 unsigned char const *session_id,
259 size_t session_id_len,
260 const mbedtls_ssl_session *session)
261{
262 int ret = 1;
263 mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
264 mbedtls_ssl_cache_entry *cur;
265
266 size_t session_serialized_len;
267 unsigned char *session_serialized = NULL;
268
269#if defined(MBEDTLS_THREADING_C)
270 if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) {
271 return ret;
272 }
273#endif
274
275 ret = ssl_cache_pick_writing_slot(cache,
276 session_id, session_id_len,
277 &cur);
278 if (ret != 0) {
279 goto exit;
280 }
281
282 /* Check how much space we need to serialize the session
283 * and allocate a sufficiently large buffer. */
284 ret = mbedtls_ssl_session_save(session, NULL, 0, &session_serialized_len);
285 if (ret != MBEDTLS_ERR_SSL_BUFFER_TOO_SMALL) {
286 ret = 1;
287 goto exit;
288 }
289
290 session_serialized = mbedtls_calloc(1, session_serialized_len);
291 if (session_serialized == NULL) {
292 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
293 goto exit;
294 }
295
296 /* Now serialize the session into the allocated buffer. */
297 ret = mbedtls_ssl_session_save(session,
298 session_serialized,
299 session_serialized_len,
300 &session_serialized_len);
301 if (ret != 0) {
302 goto exit;
303 }
304
305 if (session_id_len > sizeof(cur->session_id)) {
306 ret = 1;
307 goto exit;
308 }
309 cur->session_id_len = session_id_len;
310 memcpy(cur->session_id, session_id, session_id_len);
311
312 cur->session = session_serialized;
313 cur->session_len = session_serialized_len;
314 session_serialized = NULL;
315
316 ret = 0;
317
318exit:
319#if defined(MBEDTLS_THREADING_C)
320 if (mbedtls_mutex_unlock(&cache->mutex) != 0) {
321 ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
322 }
323#endif
324
325 if (session_serialized != NULL) {
326 mbedtls_platform_zeroize(session_serialized, session_serialized_len);
327 mbedtls_free(session_serialized);
328 session_serialized = NULL;
329 }
330
331 return ret;
332}
333
334int mbedtls_ssl_cache_remove(void *data,
335 unsigned char const *session_id,
336 size_t session_id_len)
337{
338 int ret = 1;
339 mbedtls_ssl_cache_context *cache = (mbedtls_ssl_cache_context *) data;
340 mbedtls_ssl_cache_entry *entry;
341 mbedtls_ssl_cache_entry *prev;
342
343#if defined(MBEDTLS_THREADING_C)
344 if ((ret = mbedtls_mutex_lock(&cache->mutex)) != 0) {
345 return ret;
346 }
347#endif
348
349 ret = ssl_cache_find_entry(cache, session_id, session_id_len, &entry);
350 /* No valid entry found, exit with success */
351 if (ret != 0) {
352 ret = 0;
353 goto exit;
354 }
355
356 /* Now we remove the entry from the chain */
357 if (entry == cache->chain) {
358 cache->chain = entry->next;
359 goto free;
360 }
361 for (prev = cache->chain; prev->next != NULL; prev = prev->next) {
362 if (prev->next == entry) {
363 prev->next = entry->next;
364 break;
365 }
366 }
367
368free:
369 ssl_cache_entry_zeroize(entry);
370 mbedtls_free(entry);
371 ret = 0;
372
373exit:
374#if defined(MBEDTLS_THREADING_C)
375 if (mbedtls_mutex_unlock(&cache->mutex) != 0) {
376 ret = MBEDTLS_ERR_THREADING_MUTEX_ERROR;
377 }
378#endif
379
380 return ret;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]381}
382
383#if defined(MBEDTLS_HAVE_TIME)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]384void mbedtls_ssl_cache_set_timeout(mbedtls_ssl_cache_context *cache, int timeout)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]385{
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]386 if (timeout < 0) {
387 timeout = 0;
388 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]389
390 cache->timeout = timeout;
391}
392#endif /* MBEDTLS_HAVE_TIME */
393
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]394void mbedtls_ssl_cache_set_max_entries(mbedtls_ssl_cache_context *cache, int max)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]395{
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]396 if (max < 0) {
397 max = 0;
398 }
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]399
400 cache->max_entries = max;
401}
402
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]403void mbedtls_ssl_cache_free(mbedtls_ssl_cache_context *cache)
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]404{
405 mbedtls_ssl_cache_entry *cur, *prv;
406
407 cur = cache->chain;
408
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]409 while (cur != NULL) {
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]410 prv = cur;
411 cur = cur->next;
412
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]413 ssl_cache_entry_zeroize(prv);
414 mbedtls_free(prv);
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]415 }
416
417#if defined(MBEDTLS_THREADING_C)
Jens Wiklander32b31802023-10-06 16:59:46 +0200[diff] [blame]418 mbedtls_mutex_free(&cache->mutex);
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]419#endif
Jens Wiklander3d3b0592019-03-20 15:30:29 +0100[diff] [blame]420 cache->chain = NULL;
Jens Wiklander817466c2018-05-22 13:49:31 +0200[diff] [blame]421}
422
423#endif /* MBEDTLS_SSL_CACHE_C */