xref: /third_party/libwebsockets/lib/jose/jws/jws.c

26 #include "private-lib-jose-jws.h"
57 	struct lws_jws *jws;
104 	 * the jws signature is actually over the b64 content not the plaintext,
108 	if (!args->jws->map_b64.buf[m]) {
109 		args->jws->map_b64.buf[m] = args->temp;
110 		args->jws->map_b64.len[m] = 0;
116 	args->jws->map_b64.len[m] += ctx->npos;
119 		args->jws->map.buf[m] = args->temp;
122 			(const char *)args->jws->map_b64.buf[m],
123 			(int)args->jws->map_b64.len[m],
126 			lwsl_err("%s: b64 decode failed: in len %d, m %d\n", __func__, (int)args->jws->map_b64.len[m], m);
132 		args->jws->map.len[m] = (unsigned int)n;
139 lws_jws_json_parse(struct lws_jws *jws, const uint8_t *buf, int len,
146 	args.jws = jws;
164 lws_jws_init(struct lws_jws *jws, struct lws_jwk *jwk,
167 	memset(jws, 0, sizeof(*jws));
168 	jws->context = context;
169 	jws->jwk = jwk;
185 lws_jws_destroy(struct lws_jws *jws)
187 	lws_jws_map_bzero(&jws->map);
188 	jws->jwk = NULL;
726 			 struct lws_jws *jws, struct lws_jwk *jwk,
730 	if (lws_jws_json_parse(jws, (const uint8_t *)in,
736 	return lws_jws_sig_confirm(&jws->map_b64, &jws->map, jwk, context);
741 lws_jws_sign_from_b64(struct lws_jose *jose, struct lws_jws *jws,
758 	    lws_genhash_update(&hash_ctx, jws->map_b64.buf[LJWS_JOSE],
759 					  jws->map_b64.len[LJWS_JOSE]) ||
761 	    lws_genhash_update(&hash_ctx, jws->map_b64.buf[LJWS_PYLD],
762 					  jws->map_b64.len[LJWS_PYLD]) ||
776 		if (jws->jwk->kty != LWS_GENCRYPTO_KTY_RSA)
779 		if (lws_genrsa_create(&rsactx, jws->jwk->e, jws->context,
786 		n = (int)jws->jwk->e[LWS_GENCRYPTO_RSA_KEYEL_N].len;
787 		buf = lws_malloc((unsigned int)lws_base64_size(n), "jws sign");
819 		if (jws->jwk->kty != LWS_GENCRYPTO_KTY_EC)
823 		if (!jws->jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf)
827 		if (!jws->jwk->e[LWS_GENCRYPTO_EC_KEYEL_X].buf ||
828 		    !jws->jwk->e[LWS_GENCRYPTO_EC_KEYEL_Y].buf ||
829 		    !jws->jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].buf)
834 				jws->jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,
838 		if (lws_genecdsa_create(&ecdsactx, jws->context, NULL)) {
844 		if (lws_genecdsa_set_key(&ecdsactx, jws->jwk->e)) {
850 		buf = lws_malloc((unsigned int)m, "jws sign");
892 lws_jws_write_flattened_json(struct lws_jws *jws, char *flattened, size_t len)
900 	lws_strnncpy(flattened + n, jws->map_b64.buf[LJWS_PYLD],
901 			jws->map_b64.len[LJWS_PYLD], len - n);
905 	lws_strnncpy(flattened + n, jws->map_b64.buf[LJWS_JOSE],
906 			jws->map_b64.len[LJWS_JOSE], len - n);
909 	if (jws->map_b64.buf[LJWS_UHDR]) {
911 		lws_strnncpy(flattened + n, jws->map_b64.buf[LJWS_UHDR],
912 				jws->map_b64.len[LJWS_UHDR], len - n);
917 	lws_strnncpy(flattened + n, jws->map_b64.buf[LJWS_SIG],
918 			jws->map_b64.len[LJWS_SIG], len - n);
927 lws_jws_write_compact(struct lws_jws *jws, char *compact, size_t len)
934 	lws_strnncpy(compact + n, jws->map_b64.buf[LJWS_JOSE],
935 		     jws->map_b64.len[LJWS_JOSE], len - n);
940 	lws_strnncpy(compact + n, jws->map_b64.buf[LJWS_PYLD],
941 		     jws->map_b64.len[LJWS_PYLD], len - n);
946 	lws_strnncpy(compact + n, jws->map_b64.buf[LJWS_SIG],
947 		     jws->map_b64.len[LJWS_SIG], len - n);
961 	struct lws_jws jws;
964 	memset(&jws, 0, sizeof(jws));
972 	n = (size_t)lws_jws_compact_decode(com, (int)len, &jws.map, &jws.map_b64,
986 	if (lws_jws_parse_jose(&jose, jws.map.buf[LJWS_JOSE],
987 			       (int)jws.map.len[LJWS_JOSE], temp, &tl) < 0) {
1015 	if (lws_jws_sig_confirm(&jws.map_b64, &jws.map, jwk, ctx) < 0) {
1023 	if (*out_len < jws.map.len[LJWS_PYLD] + 1) {
1029 	memcpy(out, jws.map.buf[LJWS_PYLD], jws.map.len[LJWS_PYLD]);
1030 	*out_len = jws.map.len[LJWS_PYLD];
1031 	out[jws.map.len[LJWS_PYLD]] = '\0';
1036 	lws_jws_destroy(&jws);
1047 	struct lws_jws jws;
1053 	lws_jws_init(&jws, jwk, ctx);
1070 	if (lws_jws_alloc_element(&jws.map, LJWS_JOSE, info->temp, &tlr,
1084 		jws.map.len[LJWS_JOSE] = (uint32_t)lws_snprintf(
1085 				(char *)jws.map.buf[LJWS_JOSE], (size_t)otl,
1099 		memcpy((char *)jws.map.buf[LJWS_JOSE], info->jose_hdr,
1101 		jws.map.len[LJWS_JOSE] = (uint32_t)actual_hdr_len;
1122 	jws.map.buf[LJWS_PYLD] = q;
1123 	jws.map.len[LJWS_PYLD] = (uint32_t)n;
1125 	if (lws_jws_encode_b64_element(&jws.map_b64, LJWS_PYLD, p, &tlr,
1126 				       jws.map.buf[LJWS_PYLD],
1127 				       jws.map.len[LJWS_PYLD]))
1135 	if (lws_jws_encode_b64_element(&jws.map_b64, LJWS_JOSE, p, &tlr,
1136 				       jws.map.buf[LJWS_JOSE],
1137 				       jws.map.len[LJWS_JOSE]))
1145 	if (lws_jws_alloc_element(&jws.map_b64, LJWS_SIG, p, &tlr,
1152 	n = lws_jws_sign_from_b64(&jose, &jws,
1153 				  (char *)jws.map_b64.buf[LJWS_SIG],
1154 				  jws.map_b64.len[LJWS_SIG]);
1159 	jws.map_b64.len[LJWS_SIG] = (uint32_t)n;
1162 	if (lws_jws_write_compact(&jws, info->out, *info->out_len))
1173 	jws.map.buf[LJWS_PYLD] = NULL;
1174 	jws.map.len[LJWS_PYLD] = 0;
1175 	lws_jws_destroy(&jws);

Indexes created Thu Nov 07 10:32:03 CST 2024