lib/tls/lws-genec-common.c

   1 /*
   2  * libwebsockets - generic EC api hiding the backend - common parts
   3  *
   4  * Copyright (C) 2017 - 2019 Andy Green <andy@warmcat.com>
   5  *
   6  *  This library is free software; you can redistribute it and/or
   7  *  modify it under the terms of the GNU Lesser General Public
   8  *  License as published by the Free Software Foundation:
   9  *  version 2.1 of the License.
  10  *
  11  *  This library is distributed in the hope that it will be useful,
  12  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  *  Lesser General Public License for more details.
  15  *
  16  *  You should have received a copy of the GNU Lesser General Public
  17  *  License along with this library; if not, write to the Free Software
  18  *  Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
  19  *  MA  02110-1301  USA
  20  *
  21  *  lws_genec provides an EC abstraction api in lws that works the
  22  *  same whether you are using openssl or mbedtls crypto functions underneath.
  23  */
  24 #include "private-lib-core.h"
  25
  26 const struct lws_ec_curves *
  27 lws_genec_curve(const struct lws_ec_curves *table, const char *name)
  28 {
  29         const struct lws_ec_curves *c = lws_ec_curves;
  30
  31         if (table)
  32                 c = table;
  33
  34         while (c->name) {
  35                 if (!strcmp(name, c->name))
  36                         return c;
  37                 c++;
  38         }
  39
  40         return NULL;
  41 }
  42
  43 //extern const struct lws_ec_curves *lws_ec_curves;
  44
  45 int
  46 lws_genec_confirm_curve_allowed_by_tls_id(const char *allowed, int id,
  47                                           struct lws_jwk *jwk)
  48 {
  49         struct lws_tokenize ts;
  50         lws_tokenize_elem e;
  51         int n, len;
  52
  53         lws_tokenize_init(&ts, allowed, LWS_TOKENIZE_F_COMMA_SEP_LIST |
  54                                        LWS_TOKENIZE_F_MINUS_NONTERM);
  55         ts.len = strlen(allowed);
  56         do {
  57                 e = lws_tokenize(&ts);
  58                 switch (e) {
  59                 case LWS_TOKZE_TOKEN:
  60                         n = 0;
  61                         while (lws_ec_curves[n].name) {
  62                                 if (id != lws_ec_curves[n].tls_lib_nid) {
  63                                         n++;
  64                                         continue;
  65                                 }
  66                                 lwsl_info("match curve %s\n",
  67                                           lws_ec_curves[n].name);
  68                                 len = strlen(lws_ec_curves[n].name);
  69                                 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].len = len;
  70                                 jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
  71                                                 lws_malloc(len + 1, "cert crv");
  72                                 if (!jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf) {
  73                                         lwsl_err("%s: OOM\n", __func__);
  74                                         return 1;
  75                                 }
  76                                 memcpy(jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,
  77                                        lws_ec_curves[n].name, len + 1);
  78                                 return 0;
  79                         }
  80                         break;
  81
  82                 case LWS_TOKZE_DELIMITER:
  83                         break;
  84
  85                 default: /* includes ENDED */
  86                         lwsl_err("%s: malformed or curve name in list\n",
  87                                  __func__);
  88
  89                         return -1;
  90                 }
  91         } while (e > 0);
  92
  93         lwsl_err("%s: unsupported curve group nid %d\n", __func__, n);
  94
  95         return -1;
  96 }
  97
  98 LWS_VISIBLE void
  99 lws_genec_destroy_elements(struct lws_gencrypto_keyelem *el)
 100 {
 101         int n;
 102
 103         for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++)
 104                 if (el[n].buf)
 105                         lws_free_set_NULL(el[n].buf);
 106 }
 107
 108 static const char *enames[] = { "crv", "x", "d", "y" };
 109
 110 LWS_VISIBLE int
 111 lws_genec_dump(struct lws_gencrypto_keyelem *el)
 112 {
 113         int n;
 114
 115         (void)enames;
 116
 117         lwsl_info("  genec %p: crv: '%s'\n", el,
 118                   !!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf ?
 119                   (char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf: "no curve name");
 120
 121         for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
 122              n++) {
 123                 lwsl_info("  e: %s\n", enames[n]);
 124                 lwsl_hexdump_info(el[n].buf, el[n].len);
 125         }
 126
 127         lwsl_info("\n");
 128
 129         return 0;
 130 }