xref: /third_party/libwebsockets/lib/jose/jwe/jwe-ecdh-es-aeskw.c

26 #include "private-lib-jose-jwe.h"
187  * - The jwe->jws.jwk is the PEER - the encryption consumer's - public key.
199 lws_jwe_encrypt_ecdh(struct lws_jwe *jwe, char *temp, int *temp_len,
205 	  //  kw_hlen = lws_genhash_size(jwe->jose.alg->hash_type),
206 	    enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type),
207 	    ekbytes = 32; //jwe->jose.alg->keybits_fixed / 8;
209 	struct lws_jwk *ephem = &jwe->jose.recipient[jwe->recip].jwk_ephemeral;
211 	if (jwe->jws.jwk->kty != LWS_GENCRYPTO_KTY_EC) {
212 		lwsl_err("%s: unexpected kty %d\n", __func__, jwe->jws.jwk->kty);
222 	if (lws_genecdh_create(&ecctx, jwe->jws.context, NULL))
227 				jwe->jws.jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,
232 	if (lws_genecdh_set_key(&ecctx, jwe->jws.jwk->e, LDHS_THEIRS)) {
260 	 * derived matches bitcount in jwe->jose.enc_alg->keybits_fixed
266 	if (lws_jwa_concat_kdf(jwe,
267 			jwe->jose.alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE,
290 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {
296 		if (lws_get_random(jwe->jws.context, cek, (unsigned int)enc_hlen) !=
317 				     (void *)jwe->jws.map.buf[LJWE_EKEY],
329 		jwe->jws.map.len[LJWE_EKEY] = (unsigned int)enc_hlen + 8;
338 	jwe->jws.map.buf[LJWE_JOSE] = temp;
342 			     jwe->jose.alg->alg, jwe->jose.enc_alg->alg);
355 	jwe->jws.map.len[LJWE_JOSE] = (unsigned int)m;
359 	if (lws_jws_encode_b64_element(&jwe->jws.map_b64, LJWE_JOSE,
361 				       jwe->jws.map.buf[LJWE_JOSE],
362 				       jwe->jws.map.len[LJWE_JOSE]))
378 lws_jwe_encrypt_ecdh_cbc_hs(struct lws_jwe *jwe, char *temp, int *temp_len)
380 	int ss_len, // kw_hlen = lws_genhash_size(jwe->jose.alg->hash_type),
381 	    enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type);
383 	int ekbytes = jwe->jose.alg->keybits_fixed / 8;
388 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {
389 		if (lws_jws_alloc_element(&jwe->jws.map, LJWE_EKEY,
397 	ss_len = lws_jwe_encrypt_ecdh(jwe, temp + (ot - *temp_len), temp_len, cek);
407 	if (lws_jws_alloc_element(&jwe->jws.map, LJWE_ATAG,
412 	if (lws_jws_alloc_element(&jwe->jws.map, LJWE_IV,
420 	n = lws_jwe_encrypt_cbc_hs(jwe, cek,
421 				   (uint8_t *)jwe->jws.map_b64.buf[LJWE_JOSE],
422 				   (int)jwe->jws.map_b64.len[LJWE_JOSE]);
432 	if (ret || jwe->jose.enc_alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE) {
433 		if (jwe->jws.map.len[LJWE_EKEY])
434 			lws_explicit_bzero((void *)jwe->jws.map.buf[LJWE_EKEY],
435 					   jwe->jws.map.len[LJWE_EKEY]);
436 		jwe->jws.map.len[LJWE_EKEY] = 0;
445  * jwe->jws.jwk is recipient private key
453 lws_jwe_auth_and_decrypt_ecdh(struct lws_jwe *jwe)
457 	int ekbytes = jwe->jose.enc_alg->keybits_fixed / 8,
458 		      enc_hlen = (int)lws_genhmac_size(jwe->jose.enc_alg->hmac_type);
462 	if (jwe->jws.jwk->kty != LWS_GENCRYPTO_KTY_EC) {
463 		lwsl_err("%s: unexpected kty %d\n", __func__, jwe->jws.jwk->kty);
468 	if (jwe->jose.recipient[jwe->recip].jwk_ephemeral.kty !=
485 	if (lws_genecdh_create(&ecctx, jwe->jws.context, NULL))
490 	if (lws_genecdh_set_key(&ecctx, jwe->jws.jwk->e, LDHS_OURS)) {
497 			jwe->jose.recipient[jwe->recip].jwk_ephemeral.e,
521 	 * cek[] matches bitcount in jwe->jose.enc_alg->keybits_fixed
524 	if (lws_jwa_concat_kdf(jwe,
525 			jwe->jose.alg->algtype_crypto == LWS_JOSE_ENCTYPE_NONE,
538 	if (jwe->jose.alg->algtype_crypto != LWS_JOSE_ENCTYPE_NONE) {
545 		if (jwe->jws.map.len[LJWE_EKEY] < (unsigned int)enc_hlen) {
566 				     (const uint8_t *)jwe->jws.map.buf[LJWE_EKEY],
567 				     jwe->jws.map.len[LJWE_EKEY],
584 	if (lws_jwe_auth_and_decrypt_cbc_hs(jwe, shared_secret,
585 			(uint8_t *)jwe->jws.map_b64.buf[LJWE_JOSE],
586 			(int)jwe->jws.map_b64.len[LJWE_JOSE]) < 0) {
604 lws_jwe_auth_and_decrypt_ecdh_cbc_hs(struct lws_jwe *jwe,
609 	if (lws_jws_encode_b64_element(&jwe->jws.map_b64, LJWE_JOSE,
611 				       jwe->jws.map.buf[LJWE_JOSE],
612 				       jwe->jws.map.len[LJWE_JOSE]))
615 	return lws_jwe_auth_and_decrypt_ecdh(jwe);

Indexes created Thu Nov 07 10:32:03 CST 2024