1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Datagram Transport Layer Security (DTLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25 #include "nx_secure_dtls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_dtls_session_send PORTABLE C */
32 /* 6.1.12 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function sends data using an active DTLS session, handling */
40 /* all encryption and hashing before sending data over the UDP socket. */
41 /* */
42 /* INPUT */
43 /* */
44 /* dtls_session DTLS control block */
45 /* packet_ptr Pointer to packet data */
46 /* ip_address Remote IP address */
47 /* port Remote port */
48 /* */
49 /* OUTPUT */
50 /* */
51 /* status Completion status */
52 /* */
53 /* CALLS */
54 /* */
55 /* _nx_secure_dtls_send_record Send DTLS encrypted record */
56 /* tx_mutex_get Get protection mutex */
57 /* tx_mutex_put Put protection mutex */
58 /* */
59 /* CALLED BY */
60 /* */
61 /* Application Code */
62 /* nx_secure_dtls_server_session_send Server session send packet */
63 /* */
64 /* RELEASE HISTORY */
65 /* */
66 /* DATE NAME DESCRIPTION */
67 /* */
68 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
69 /* 09-30-2020 Timothy Stapko Modified comment(s), */
70 /* verified memcpy use cases, */
71 /* resulting in version 6.1 */
72 /* 07-29-2022 Yuxin Zhou Modified comment(s), */
73 /* fixed compiler errors when */
74 /* IPv4 is disabled, */
75 /* resulting in version 6.1.12 */
76 /* */
77 /**************************************************************************/
_nx_secure_dtls_session_send(NX_SECURE_DTLS_SESSION * dtls_session,NX_PACKET * packet_ptr,NXD_ADDRESS * ip_address,UINT port)78 UINT _nx_secure_dtls_session_send(NX_SECURE_DTLS_SESSION *dtls_session, NX_PACKET *packet_ptr,
79 NXD_ADDRESS *ip_address, UINT port)
80 {
81 #ifdef NX_SECURE_ENABLE_DTLS
82 UINT status;
83
84 /* Get the protection. */
85 tx_mutex_get(&_nx_secure_tls_protection, TX_WAIT_FOREVER);
86
87 /* Check that the passed-in DTLS session matches the ip_address and port passed in by the caller. */
88 if (dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_version == 0)
89 {
90
91 /* If the IP Address and port are uninitialized, set them now (possibly an error?). */
92 NX_SECURE_MEMCPY(&dtls_session -> nx_secure_dtls_remote_ip_address, ip_address, sizeof(NXD_ADDRESS)); /* Use case of memcpy is verified. */
93 dtls_session -> nx_secure_dtls_local_port = port;
94 }
95 else if ((dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_version != ip_address -> nxd_ip_version) ||
96 (dtls_session -> nx_secure_dtls_remote_port != port))
97 {
98
99 /* Release the protection. */
100 tx_mutex_put(&_nx_secure_tls_protection);
101
102 /* IP address and port don't match - probably caller error. */
103 return(NX_SECURE_TLS_SEND_ADDRESS_MISMATCH);
104 }
105 else
106 {
107 #ifndef NX_DISABLE_IPV4
108 if (ip_address -> nxd_ip_version == NX_IP_VERSION_V4)
109 {
110 if (dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_address.v4 != ip_address -> nxd_ip_address.v4)
111 {
112
113 /* Release the protection. */
114 tx_mutex_put(&_nx_secure_tls_protection);
115
116 /* IP address and port don't match - probably caller error. */
117 return(NX_SECURE_TLS_SEND_ADDRESS_MISMATCH);
118 }
119 }
120 #endif /* !NX_DISABLE_IPV4 */
121
122 #ifdef FEATURE_NX_IPV6
123 if (ip_address -> nxd_ip_version == NX_IP_VERSION_V6)
124 {
125 if ((dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_address.v6[0] != ip_address -> nxd_ip_address.v6[0]) ||
126 (dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_address.v6[1] != ip_address -> nxd_ip_address.v6[1]) ||
127 (dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_address.v6[2] != ip_address -> nxd_ip_address.v6[2]) ||
128 (dtls_session -> nx_secure_dtls_remote_ip_address.nxd_ip_address.v6[3] != ip_address -> nxd_ip_address.v6[3]))
129 {
130
131 /* Release the protection. */
132 tx_mutex_put(&_nx_secure_tls_protection);
133
134 /* IP address and port don't match - probably caller error. */
135 return(NX_SECURE_TLS_SEND_ADDRESS_MISMATCH);
136 }
137 }
138 #endif /* FEATURE_NX_IPV6 */
139 }
140
141 status = _nx_secure_dtls_send_record(dtls_session, packet_ptr, NX_SECURE_TLS_APPLICATION_DATA, NX_WAIT_FOREVER);
142
143 /* Release the protection. */
144 tx_mutex_put(&_nx_secure_tls_protection);
145
146 return(status);
147 #else
148 NX_PARAMETER_NOT_USED(dtls_session);
149 NX_PARAMETER_NOT_USED(packet_ptr);
150 NX_PARAMETER_NOT_USED(ip_address);
151 NX_PARAMETER_NOT_USED(port);
152
153 return(NX_NOT_SUPPORTED);
154 #endif /* NX_SECURE_ENABLE_DTLS */
155 }
156
157
