1d4afb5ceSopenharmony_ci/* 2d4afb5ceSopenharmony_ci * libwebsockets - small server side websockets and web server implementation 3d4afb5ceSopenharmony_ci * 4d4afb5ceSopenharmony_ci * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com> 5d4afb5ceSopenharmony_ci * 6d4afb5ceSopenharmony_ci * Permission is hereby granted, free of charge, to any person obtaining a copy 7d4afb5ceSopenharmony_ci * of this software and associated documentation files (the "Software"), to 8d4afb5ceSopenharmony_ci * deal in the Software without restriction, including without limitation the 9d4afb5ceSopenharmony_ci * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 10d4afb5ceSopenharmony_ci * sell copies of the Software, and to permit persons to whom the Software is 11d4afb5ceSopenharmony_ci * furnished to do so, subject to the following conditions: 12d4afb5ceSopenharmony_ci * 13d4afb5ceSopenharmony_ci * The above copyright notice and this permission notice shall be included in 14d4afb5ceSopenharmony_ci * all copies or substantial portions of the Software. 15d4afb5ceSopenharmony_ci * 16d4afb5ceSopenharmony_ci * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17d4afb5ceSopenharmony_ci * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18d4afb5ceSopenharmony_ci * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19d4afb5ceSopenharmony_ci * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20d4afb5ceSopenharmony_ci * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21d4afb5ceSopenharmony_ci * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 22d4afb5ceSopenharmony_ci * IN THE SOFTWARE. 23d4afb5ceSopenharmony_ci */ 24d4afb5ceSopenharmony_ci 25d4afb5ceSopenharmony_cienum lws_jws_jose_hdr_indexes { 26d4afb5ceSopenharmony_ci LJJHI_ALG, /* REQUIRED */ 27d4afb5ceSopenharmony_ci LJJHI_JKU, /* Optional: string */ 28d4afb5ceSopenharmony_ci LJJHI_JWK, /* Optional: jwk JSON object: public key: */ 29d4afb5ceSopenharmony_ci LJJHI_KID, /* Optional: string */ 30d4afb5ceSopenharmony_ci LJJHI_X5U, /* Optional: string: url of public key cert / chain */ 31d4afb5ceSopenharmony_ci LJJHI_X5C, /* Optional: base64 (NOT -url): actual cert */ 32d4afb5ceSopenharmony_ci LJJHI_X5T, /* Optional: base64url: SHA-1 of actual cert */ 33d4afb5ceSopenharmony_ci LJJHI_X5T_S256, /* Optional: base64url: SHA-256 of actual cert */ 34d4afb5ceSopenharmony_ci LJJHI_TYP, /* Optional: string: media type */ 35d4afb5ceSopenharmony_ci LJJHI_CTY, /* Optional: string: content media type */ 36d4afb5ceSopenharmony_ci LJJHI_CRIT, /* Optional for send, REQUIRED: array of strings: 37d4afb5ceSopenharmony_ci * mustn't contain standardized strings or null set */ 38d4afb5ceSopenharmony_ci 39d4afb5ceSopenharmony_ci LJJHI_RECIPS_HDR, 40d4afb5ceSopenharmony_ci LJJHI_RECIPS_HDR_ALG, 41d4afb5ceSopenharmony_ci LJJHI_RECIPS_HDR_KID, 42d4afb5ceSopenharmony_ci LJJHI_RECIPS_EKEY, 43d4afb5ceSopenharmony_ci 44d4afb5ceSopenharmony_ci LJJHI_ENC, /* JWE only: Optional: string */ 45d4afb5ceSopenharmony_ci LJJHI_ZIP, /* JWE only: Optional: string ("DEF" = deflate) */ 46d4afb5ceSopenharmony_ci 47d4afb5ceSopenharmony_ci LJJHI_EPK, /* Additional arg for JWE ECDH: ephemeral public key */ 48d4afb5ceSopenharmony_ci LJJHI_APU, /* Additional arg for JWE ECDH: base64url */ 49d4afb5ceSopenharmony_ci LJJHI_APV, /* Additional arg for JWE ECDH: base64url */ 50d4afb5ceSopenharmony_ci LJJHI_IV, /* Additional arg for JWE AES: base64url */ 51d4afb5ceSopenharmony_ci LJJHI_TAG, /* Additional arg for JWE AES: base64url */ 52d4afb5ceSopenharmony_ci LJJHI_P2S, /* Additional arg for JWE PBES2: base64url: salt */ 53d4afb5ceSopenharmony_ci LJJHI_P2C, /* Additional arg for JWE PBES2: integer: count */ 54d4afb5ceSopenharmony_ci 55d4afb5ceSopenharmony_ci LWS_COUNT_JOSE_HDR_ELEMENTS 56d4afb5ceSopenharmony_ci}; 57d4afb5ceSopenharmony_ci 58d4afb5ceSopenharmony_cienum lws_jose_algtype { 59d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_NONE, 60d4afb5ceSopenharmony_ci 61d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_RSASSA_PKCS1_1_5, 62d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_RSASSA_PKCS1_OAEP, 63d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_RSASSA_PKCS1_PSS, 64d4afb5ceSopenharmony_ci 65d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_ECDSA, 66d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_ECDHES, 67d4afb5ceSopenharmony_ci 68d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_CBC, 69d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_CFB128, 70d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_CFB8, 71d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_CTR, 72d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_ECB, 73d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_OFB, 74d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_XTS, /* care: requires double-length key */ 75d4afb5ceSopenharmony_ci LWS_JOSE_ENCTYPE_AES_GCM, 76d4afb5ceSopenharmony_ci}; 77d4afb5ceSopenharmony_ci 78d4afb5ceSopenharmony_ci/* there's a table of these defined in lws-gencrypto-common.c */ 79d4afb5ceSopenharmony_ci 80d4afb5ceSopenharmony_cistruct lws_jose_jwe_alg { 81d4afb5ceSopenharmony_ci enum lws_genhash_types hash_type; 82d4afb5ceSopenharmony_ci enum lws_genhmac_types hmac_type; 83d4afb5ceSopenharmony_ci enum lws_jose_algtype algtype_signing; /* the signing cipher */ 84d4afb5ceSopenharmony_ci enum lws_jose_algtype algtype_crypto; /* the encryption cipher */ 85d4afb5ceSopenharmony_ci const char *alg; /* the JWA enc alg name, eg "ES512" */ 86d4afb5ceSopenharmony_ci const char *curve_name; /* NULL, or, eg, "P-256" */ 87d4afb5ceSopenharmony_ci unsigned short keybits_min, keybits_fixed; 88d4afb5ceSopenharmony_ci unsigned short ivbits; 89d4afb5ceSopenharmony_ci}; 90d4afb5ceSopenharmony_ci 91d4afb5ceSopenharmony_ci/* 92d4afb5ceSopenharmony_ci * For JWS, "JOSE header" is defined to be the union of... 93d4afb5ceSopenharmony_ci * 94d4afb5ceSopenharmony_ci * o JWS Protected Header 95d4afb5ceSopenharmony_ci * o JWS Unprotected Header 96d4afb5ceSopenharmony_ci * 97d4afb5ceSopenharmony_ci * For JWE, the "JOSE header" is the union of... 98d4afb5ceSopenharmony_ci * 99d4afb5ceSopenharmony_ci * o JWE Protected Header 100d4afb5ceSopenharmony_ci * o JWE Shared Unprotected Header 101d4afb5ceSopenharmony_ci * o JWE Per-Recipient Unprotected Header 102d4afb5ceSopenharmony_ci */ 103d4afb5ceSopenharmony_ci 104d4afb5ceSopenharmony_ci#define LWS_JWS_MAX_RECIPIENTS 3 105d4afb5ceSopenharmony_ci 106d4afb5ceSopenharmony_cistruct lws_jws_recpient { 107d4afb5ceSopenharmony_ci /* 108d4afb5ceSopenharmony_ci * JOSE per-recipient unprotected header... for JWS this contains 109d4afb5ceSopenharmony_ci * protected / header / signature 110d4afb5ceSopenharmony_ci */ 111d4afb5ceSopenharmony_ci struct lws_gencrypto_keyelem unprot[LWS_COUNT_JOSE_HDR_ELEMENTS]; 112d4afb5ceSopenharmony_ci struct lws_jwk jwk_ephemeral; /* recipient ephemeral key if any */ 113d4afb5ceSopenharmony_ci struct lws_jwk jwk; /* recipient "jwk" key if any */ 114d4afb5ceSopenharmony_ci}; 115d4afb5ceSopenharmony_ci 116d4afb5ceSopenharmony_cistruct lws_jose { 117d4afb5ceSopenharmony_ci /* JOSE protected and unprotected header elements */ 118d4afb5ceSopenharmony_ci struct lws_gencrypto_keyelem e[LWS_COUNT_JOSE_HDR_ELEMENTS]; 119d4afb5ceSopenharmony_ci 120d4afb5ceSopenharmony_ci struct lws_jws_recpient recipient[LWS_JWS_MAX_RECIPIENTS]; 121d4afb5ceSopenharmony_ci 122d4afb5ceSopenharmony_ci char typ[32]; 123d4afb5ceSopenharmony_ci 124d4afb5ceSopenharmony_ci /* information from the protected header part */ 125d4afb5ceSopenharmony_ci const struct lws_jose_jwe_alg *alg; 126d4afb5ceSopenharmony_ci const struct lws_jose_jwe_alg *enc_alg; 127d4afb5ceSopenharmony_ci 128d4afb5ceSopenharmony_ci int recipients; /* count of used recipient[] entries */ 129d4afb5ceSopenharmony_ci}; 130d4afb5ceSopenharmony_ci 131d4afb5ceSopenharmony_ci/** 132d4afb5ceSopenharmony_ci * lws_jose_init() - prepare a struct lws_jose for use 133d4afb5ceSopenharmony_ci * 134d4afb5ceSopenharmony_ci * \param jose: the jose header struct to prepare 135d4afb5ceSopenharmony_ci */ 136d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN void 137d4afb5ceSopenharmony_cilws_jose_init(struct lws_jose *jose); 138d4afb5ceSopenharmony_ci 139d4afb5ceSopenharmony_ci/** 140d4afb5ceSopenharmony_ci * lws_jose_destroy() - retire a struct lws_jose from use 141d4afb5ceSopenharmony_ci * 142d4afb5ceSopenharmony_ci * \param jose: the jose header struct to destroy 143d4afb5ceSopenharmony_ci */ 144d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN void 145d4afb5ceSopenharmony_cilws_jose_destroy(struct lws_jose *jose); 146d4afb5ceSopenharmony_ci 147d4afb5ceSopenharmony_ci/** 148d4afb5ceSopenharmony_ci * lws_gencrypto_jws_alg_to_definition() - look up a jws alg name 149d4afb5ceSopenharmony_ci * 150d4afb5ceSopenharmony_ci * \param alg: the jws alg name 151d4afb5ceSopenharmony_ci * \param jose: pointer to the pointer to the info struct to set on success 152d4afb5ceSopenharmony_ci * 153d4afb5ceSopenharmony_ci * Returns 0 if *jose set, else nonzero for failure 154d4afb5ceSopenharmony_ci */ 155d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN int 156d4afb5ceSopenharmony_cilws_gencrypto_jws_alg_to_definition(const char *alg, 157d4afb5ceSopenharmony_ci const struct lws_jose_jwe_alg **jose); 158d4afb5ceSopenharmony_ci 159d4afb5ceSopenharmony_ci/** 160d4afb5ceSopenharmony_ci * lws_gencrypto_jwe_alg_to_definition() - look up a jwe alg name 161d4afb5ceSopenharmony_ci * 162d4afb5ceSopenharmony_ci * \param alg: the jwe alg name 163d4afb5ceSopenharmony_ci * \param jose: pointer to the pointer to the info struct to set on success 164d4afb5ceSopenharmony_ci * 165d4afb5ceSopenharmony_ci * Returns 0 if *jose set, else nonzero for failure 166d4afb5ceSopenharmony_ci */ 167d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN int 168d4afb5ceSopenharmony_cilws_gencrypto_jwe_alg_to_definition(const char *alg, 169d4afb5ceSopenharmony_ci const struct lws_jose_jwe_alg **jose); 170d4afb5ceSopenharmony_ci 171d4afb5ceSopenharmony_ci/** 172d4afb5ceSopenharmony_ci * lws_gencrypto_jwe_enc_to_definition() - look up a jwe enc name 173d4afb5ceSopenharmony_ci * 174d4afb5ceSopenharmony_ci * \param alg: the jwe enc name 175d4afb5ceSopenharmony_ci * \param jose: pointer to the pointer to the info struct to set on success 176d4afb5ceSopenharmony_ci * 177d4afb5ceSopenharmony_ci * Returns 0 if *jose set, else nonzero for failure 178d4afb5ceSopenharmony_ci */ 179d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN int 180d4afb5ceSopenharmony_cilws_gencrypto_jwe_enc_to_definition(const char *enc, 181d4afb5ceSopenharmony_ci const struct lws_jose_jwe_alg **jose); 182d4afb5ceSopenharmony_ci 183d4afb5ceSopenharmony_ci/** 184d4afb5ceSopenharmony_ci * lws_jws_parse_jose() - parse a JWS JOSE header 185d4afb5ceSopenharmony_ci * 186d4afb5ceSopenharmony_ci * \param jose: the jose struct to set to parsing results 187d4afb5ceSopenharmony_ci * \param buf: the raw JOSE header 188d4afb5ceSopenharmony_ci * \param len: the length of the raw JOSE header 189d4afb5ceSopenharmony_ci * \param temp: parent-owned buffer to "allocate" elements into 190d4afb5ceSopenharmony_ci * \param temp_len: amount of space available in temp 191d4afb5ceSopenharmony_ci * 192d4afb5ceSopenharmony_ci * returns 0 for success, or -1 for error 193d4afb5ceSopenharmony_ci * *\p temp_len is updated to reflect the amount of \p temp used if successful. 194d4afb5ceSopenharmony_ci */ 195d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN int 196d4afb5ceSopenharmony_cilws_jws_parse_jose(struct lws_jose *jose, 197d4afb5ceSopenharmony_ci const char *buf, int len, char *temp, int *temp_len); 198d4afb5ceSopenharmony_ci 199d4afb5ceSopenharmony_ci/** 200d4afb5ceSopenharmony_ci * lws_jwe_parse_jose() - parse a JWE JOSE header 201d4afb5ceSopenharmony_ci * 202d4afb5ceSopenharmony_ci * \param jose: the jose struct to set to parsing results 203d4afb5ceSopenharmony_ci * \param buf: the raw JOSE header 204d4afb5ceSopenharmony_ci * \param len: the length of the raw JOSE header 205d4afb5ceSopenharmony_ci * \param temp: parent-owned buffer to "allocate" elements into 206d4afb5ceSopenharmony_ci * \param temp_len: amount of space available in temp 207d4afb5ceSopenharmony_ci * 208d4afb5ceSopenharmony_ci * returns 0 for success, or -1 for error 209d4afb5ceSopenharmony_ci * *\p temp_len is updated to reflect the amount of \p temp used if successful. 210d4afb5ceSopenharmony_ci */ 211d4afb5ceSopenharmony_ciLWS_VISIBLE LWS_EXTERN int 212d4afb5ceSopenharmony_cilws_jwe_parse_jose(struct lws_jose *jose, 213d4afb5ceSopenharmony_ci const char *buf, int len, char *temp, int *temp_len); 214d4afb5ceSopenharmony_ci 215