1 /*
2 * libwebsockets - small server side websockets and web server implementation
3 *
4 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
5 *
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to
8 * deal in the Software without restriction, including without limitation the
9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
10 * sell copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
12 *
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
15 *
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
22 * IN THE SOFTWARE.
23 *
24 * lws_genec provides an EC abstraction api in lws that works the
25 * same whether you are using openssl or mbedtls crypto functions underneath.
26 */
27 #include "private-lib-core.h"
28
29 const struct lws_ec_curves *
lws_genec_curve(const struct lws_ec_curves * table,const char * name)30 lws_genec_curve(const struct lws_ec_curves *table, const char *name)
31 {
32 const struct lws_ec_curves *c = lws_ec_curves;
33
34 if (table)
35 c = table;
36
37 while (c->name) {
38 if (!strcmp(name, c->name))
39 return c;
40 c++;
41 }
42
43 return NULL;
44 }
45
46 //extern const struct lws_ec_curves *lws_ec_curves;
47
48 int
lws_genec_confirm_curve_allowed_by_tls_id(const char * allowed,int id,struct lws_jwk * jwk)49 lws_genec_confirm_curve_allowed_by_tls_id(const char *allowed, int id,
50 struct lws_jwk *jwk)
51 {
52 struct lws_tokenize ts;
53 lws_tokenize_elem e;
54 int n, len;
55
56 lws_tokenize_init(&ts, allowed, LWS_TOKENIZE_F_COMMA_SEP_LIST |
57 LWS_TOKENIZE_F_MINUS_NONTERM);
58 ts.len = strlen(allowed);
59 do {
60 e = lws_tokenize(&ts);
61 switch (e) {
62 case LWS_TOKZE_TOKEN:
63 n = 0;
64 while (lws_ec_curves[n].name) {
65 if (id != lws_ec_curves[n].tls_lib_nid) {
66 n++;
67 continue;
68 }
69 lwsl_info("match curve %s\n",
70 lws_ec_curves[n].name);
71 len = (int)strlen(lws_ec_curves[n].name);
72 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].len = len;
73 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
74 lws_malloc(len + 1, "cert crv");
75 if (!jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf) {
76 lwsl_err("%s: OOM\n", __func__);
77 return 1;
78 }
79 memcpy(jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,
80 lws_ec_curves[n].name, len + 1);
81 return 0;
82 }
83 break;
84
85 case LWS_TOKZE_DELIMITER:
86 break;
87
88 default: /* includes ENDED */
89 lwsl_err("%s: malformed or curve name in list\n",
90 __func__);
91
92 return -1;
93 }
94 } while (e > 0);
95
96 lwsl_err("%s: unsupported curve group nid %d\n", __func__, n);
97
98 return -1;
99 }
100
101 void
lws_genec_destroy_elements(struct lws_gencrypto_keyelem * el)102 lws_genec_destroy_elements(struct lws_gencrypto_keyelem *el)
103 {
104 int n;
105
106 for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++)
107 if (el[n].buf)
108 lws_free_set_NULL(el[n].buf);
109 }
110
111 static const char *enames[] = { "crv", "x", "d", "y" };
112
113 int
lws_genec_dump(struct lws_gencrypto_keyelem * el)114 lws_genec_dump(struct lws_gencrypto_keyelem *el)
115 {
116 int n;
117
118 (void)enames;
119
120 lwsl_info(" genec %p: crv: '%s'\n", el,
121 !!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf ?
122 (char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf: "no curve name");
123
124 for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
125 n++) {
126 lwsl_info(" e: %s\n", enames[n]);
127 lwsl_hexdump_info(el[n].buf, el[n].len);
128 }
129
130 lwsl_info("\n");
131
132 return 0;
133 }
134