199 lws_jwe_encrypt_ecdh(struct lws_jwe *jwe, char *temp, int *temp_len,  in lws_jwe_encrypt_ecdh()  argument
206 	    enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type),  in lws_jwe_encrypt_ecdh()
209 	struct lws_jwk *ephem = &jwe->jose.recipient[jwe->recip].jwk_ephemeral;  in lws_jwe_encrypt_ecdh()
211 	if (jwe->jws.jwk->kty != LWS_GENCRYPTO_KTY_EC) {  in lws_jwe_encrypt_ecdh()
212 		lwsl_err("%s: unexpected kty %d\n", __func__, jwe->jws.jwk->kty);  in lws_jwe_encrypt_ecdh()
222 	if (lws_genecdh_create(&ecctx, jwe->jws.context, NULL))  in lws_jwe_encrypt_ecdh()
227 				jwe->jws.jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,  in lws_jwe_encrypt_ecdh()
232 	if (lws_genecdh_set_key(&ecctx, jwe->jws.jwk->e, LDHS_THEIRS)) {  in lws_jwe_encrypt_ecdh()
266 	if (lws_jwa_concat_kdf(jwe,  in lws_jwe_encrypt_ecdh()
267 			jwe->jose.alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE,  in lws_jwe_encrypt_ecdh()
290 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {  in lws_jwe_encrypt_ecdh()
296 		if (lws_get_random(jwe->jws.context, cek, (unsigned int)enc_hlen) !=  in lws_jwe_encrypt_ecdh()
317 				     (void *)jwe->jws.map.buf[LJWE_EKEY],  in lws_jwe_encrypt_ecdh()
329 		jwe->jws.map.len[LJWE_EKEY] = (unsigned int)enc_hlen + 8;  in lws_jwe_encrypt_ecdh()
338 	jwe->jws.map.buf[LJWE_JOSE] = temp;  in lws_jwe_encrypt_ecdh()
342 			     jwe->jose.alg->alg, jwe->jose.enc_alg->alg);  in lws_jwe_encrypt_ecdh()
355 	jwe->jws.map.len[LJWE_JOSE] = (unsigned int)m;  in lws_jwe_encrypt_ecdh()
359 	if (lws_jws_encode_b64_element(&jwe->jws.map_b64, LJWE_JOSE,  in lws_jwe_encrypt_ecdh()
361 				       jwe->jws.map.buf[LJWE_JOSE],  in lws_jwe_encrypt_ecdh()
362 				       jwe->jws.map.len[LJWE_JOSE]))  in lws_jwe_encrypt_ecdh()
378 lws_jwe_encrypt_ecdh_cbc_hs(struct lws_jwe *jwe, char *temp, int *temp_len)  in lws_jwe_encrypt_ecdh_cbc_hs()  argument
381 	    enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type);  in lws_jwe_encrypt_ecdh_cbc_hs()
383 	int ekbytes = jwe->jose.alg->keybits_fixed / 8;  in lws_jwe_encrypt_ecdh_cbc_hs()
388 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {  in lws_jwe_encrypt_ecdh_cbc_hs()
389 		if (lws_jws_alloc_element(&jwe->jws.map, LJWE_EKEY,  in lws_jwe_encrypt_ecdh_cbc_hs()
397 	ss_len = lws_jwe_encrypt_ecdh(jwe, temp + (ot - *temp_len), temp_len, cek);  in lws_jwe_encrypt_ecdh_cbc_hs()
407 	if (lws_jws_alloc_element(&jwe->jws.map, LJWE_ATAG,  in lws_jwe_encrypt_ecdh_cbc_hs()
412 	if (lws_jws_alloc_element(&jwe->jws.map, LJWE_IV,  in lws_jwe_encrypt_ecdh_cbc_hs()
420 	n = lws_jwe_encrypt_cbc_hs(jwe, cek,  in lws_jwe_encrypt_ecdh_cbc_hs()
421 				   (uint8_t *)jwe->jws.map_b64.buf[LJWE_JOSE],  in lws_jwe_encrypt_ecdh_cbc_hs()
422 				   (int)jwe->jws.map_b64.len[LJWE_JOSE]);  in lws_jwe_encrypt_ecdh_cbc_hs()
432 	if (ret || jwe->jose.enc_alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE) {  in lws_jwe_encrypt_ecdh_cbc_hs()
433 		if (jwe->jws.map.len[LJWE_EKEY])  in lws_jwe_encrypt_ecdh_cbc_hs()
434 			lws_explicit_bzero((void *)jwe->jws.map.buf[LJWE_EKEY],  in lws_jwe_encrypt_ecdh_cbc_hs()
435 					   jwe->jws.map.len[LJWE_EKEY]);  in lws_jwe_encrypt_ecdh_cbc_hs()
436 		jwe->jws.map.len[LJWE_EKEY] = 0;  in lws_jwe_encrypt_ecdh_cbc_hs()
453 lws_jwe_auth_and_decrypt_ecdh(struct lws_jwe *jwe)  in lws_jwe_auth_and_decrypt_ecdh()  argument
457 	int ekbytes = jwe->jose.enc_alg->keybits_fixed / 8,  in lws_jwe_auth_and_decrypt_ecdh()
458 		      enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type);  in lws_jwe_auth_and_decrypt_ecdh()
462 	if (jwe->jws.jwk->kty != LWS_GENCRYPTO_KTY_EC) {  in lws_jwe_auth_and_decrypt_ecdh()
463 		lwsl_err("%s: unexpected kty %d\n", __func__, jwe->jws.jwk->kty);  in lws_jwe_auth_and_decrypt_ecdh()
468 	if (jwe->jose.recipient[jwe->recip].jwk_ephemeral.kty !=  in lws_jwe_auth_and_decrypt_ecdh()
485 	if (lws_genecdh_create(&ecctx, jwe->jws.context, NULL))  in lws_jwe_auth_and_decrypt_ecdh()
490 	if (lws_genecdh_set_key(&ecctx, jwe->jws.jwk->e, LDHS_OURS)) {  in lws_jwe_auth_and_decrypt_ecdh()
497 			jwe->jose.recipient[jwe->recip].jwk_ephemeral.e,  in lws_jwe_auth_and_decrypt_ecdh()
524 	if (lws_jwa_concat_kdf(jwe,  in lws_jwe_auth_and_decrypt_ecdh()
525 			jwe->jose.alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE,  in lws_jwe_auth_and_decrypt_ecdh()
538 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {  in lws_jwe_auth_and_decrypt_ecdh()
545 		if (jwe->jws.map.len[LJWE_EKEY] < (unsigned int)enc_hlen) {  in lws_jwe_auth_and_decrypt_ecdh()
566 				     (const uint8_t *)jwe->jws.map.buf[LJWE_EKEY],  in lws_jwe_auth_and_decrypt_ecdh()
567 				     jwe->jws.map.len[LJWE_EKEY],  in lws_jwe_auth_and_decrypt_ecdh()
584 	if (lws_jwe_auth_and_decrypt_cbc_hs(jwe, shared_secret,  in lws_jwe_auth_and_decrypt_ecdh()
585 			(uint8_t *)jwe->jws.map_b64.buf[LJWE_JOSE],  in lws_jwe_auth_and_decrypt_ecdh()
586 			(int)jwe->jws.map_b64.len[LJWE_JOSE]) < 0) {  in lws_jwe_auth_and_decrypt_ecdh()
604 lws_jwe_auth_and_decrypt_ecdh_cbc_hs(struct lws_jwe *jwe,  in lws_jwe_auth_and_decrypt_ecdh_cbc_hs()  argument
609 	if (lws_jws_encode_b64_element(&jwe->jws.map_b64, LJWE_JOSE,  in lws_jwe_auth_and_decrypt_ecdh_cbc_hs()
611 				       jwe->jws.map.buf[LJWE_JOSE],  in lws_jwe_auth_and_decrypt_ecdh_cbc_hs()
612 				       jwe->jws.map.len[LJWE_JOSE]))  in lws_jwe_auth_and_decrypt_ecdh_cbc_hs()
615 	return lws_jwe_auth_and_decrypt_ecdh(jwe);  in lws_jwe_auth_and_decrypt_ecdh_cbc_hs()