1 /* 2 * libwebsockets - small server side websockets and web server implementation 3 * 4 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com> 5 * 6 * Permission is hereby granted, free of charge, to any person obtaining a copy 7 * of this software and associated documentation files (the "Software"), to 8 * deal in the Software without restriction, including without limitation the 9 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or 10 * sell copies of the Software, and to permit persons to whom the Software is 11 * furnished to do so, subject to the following conditions: 12 * 13 * The above copyright notice and this permission notice shall be included in 14 * all copies or substantial portions of the Software. 15 * 16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 19 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 21 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 22 * IN THE SOFTWARE. 23 * 24 * lws_genec provides an EC abstraction api in lws that works the 25 * same whether you are using openssl or mbedtls crypto functions underneath. 26 */ 27#include "private-lib-core.h" 28 29const struct lws_ec_curves * 30lws_genec_curve(const struct lws_ec_curves *table, const char *name) 31{ 32 const struct lws_ec_curves *c = lws_ec_curves; 33 34 if (table) 35 c = table; 36 37 while (c->name) { 38 if (!strcmp(name, c->name)) 39 return c; 40 c++; 41 } 42 43 return NULL; 44} 45 46//extern const struct lws_ec_curves *lws_ec_curves; 47 48int 49lws_genec_confirm_curve_allowed_by_tls_id(const char *allowed, int id, 50 struct lws_jwk *jwk) 51{ 52 struct lws_tokenize ts; 53 lws_tokenize_elem e; 54 size_t len; 55 int n; 56 57 lws_tokenize_init(&ts, allowed, LWS_TOKENIZE_F_COMMA_SEP_LIST | 58 LWS_TOKENIZE_F_MINUS_NONTERM); 59 ts.len = strlen(allowed); 60 do { 61 e = lws_tokenize(&ts); 62 switch (e) { 63 case LWS_TOKZE_TOKEN: 64 n = 0; 65 while (lws_ec_curves[n].name) { 66 if (id != lws_ec_curves[n].tls_lib_nid) { 67 n++; 68 continue; 69 } 70 lwsl_info("match curve %s\n", 71 lws_ec_curves[n].name); 72 len = strlen(lws_ec_curves[n].name); 73 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)len; 74 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf = 75 lws_malloc(len + 1, "cert crv"); 76 if (!jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf) { 77 lwsl_err("%s: OOM\n", __func__); 78 return 1; 79 } 80 memcpy(jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf, 81 lws_ec_curves[n].name, len + 1); 82 return 0; 83 } 84 break; 85 86 case LWS_TOKZE_DELIMITER: 87 break; 88 89 default: /* includes ENDED */ 90 lwsl_err("%s: malformed or curve name in list\n", 91 __func__); 92 93 return -1; 94 } 95 } while (e > 0); 96 97 lwsl_err("%s: unsupported curve group nid %d\n", __func__, id); 98 99 return -1; 100} 101 102void 103lws_genec_destroy_elements(struct lws_gencrypto_keyelem *el) 104{ 105 int n; 106 107 for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++) 108 if (el[n].buf) 109 lws_free_set_NULL(el[n].buf); 110} 111 112static const char *enames[] = { "crv", "x", "d", "y" }; 113 114int 115lws_genec_dump(struct lws_gencrypto_keyelem *el) 116{ 117 int n; 118 119 (void)enames; 120 121 lwsl_info(" genec %p: crv: '%s'\n", el, 122 !!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf ? 123 (char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf: "no curve name"); 124 125 for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; 126 n++) { 127 lwsl_info(" e: %s\n", enames[n]); 128 lwsl_hexdump_info(el[n].buf, el[n].len); 129 } 130 131 lwsl_info("\n"); 132 133 return 0; 134} 135