summaryrefslogtreecommitdiff
path: root/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c
diff options
context:
space:
mode:
authorFabio Alessandrelli <fabio.alessandrelli@gmail.com>2019-03-06 01:07:13 +0100
committerFabio Alessandrelli <fabio.alessandrelli@gmail.com>2019-03-06 02:02:52 +0100
commit90210c48627692d281554d6185b5db17a86c852a (patch)
tree03ed5d7c6fe18975466bf933bfa9586a012f0efa /thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c
parentf43ee4aff8e5f72c24cfbd8f1ff90703714857e0 (diff)
Update libwebsockets to 3.1 (plus UWP patch)
Diffstat (limited to 'thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c')
-rw-r--r--thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c329
1 files changed, 329 insertions, 0 deletions
diff --git a/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c
new file mode 100644
index 0000000000..99b2e75653
--- /dev/null
+++ b/thirdparty/libwebsockets/lib/tls/mbedtls/lws-genrsa.c
@@ -0,0 +1,329 @@
+/*
+ * libwebsockets - generic RSA api hiding the backend
+ *
+ * Copyright (C) 2017 Andy Green <andy@warmcat.com>
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation:
+ * version 2.1 of the License.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
+ * MA 02110-1301 USA
+ *
+ * lws_genhash provides a hash / hmac abstraction api in lws that works the
+ * same whether you are using openssl or mbedtls hash functions underneath.
+ */
+#include "core/private.h"
+
+LWS_VISIBLE void
+lws_jwk_destroy_genrsa_elements(struct lws_genrsa_elements *el)
+{
+ int n;
+
+ for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++)
+ if (el->e[n].buf)
+ lws_free_set_NULL(el->e[n].buf);
+}
+
+LWS_VISIBLE int
+lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_genrsa_elements *el)
+{
+ memset(ctx, 0, sizeof(*ctx));
+ ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa");
+ if (!ctx->ctx)
+ return 1;
+
+ mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0);
+
+ {
+ int n;
+
+ mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = {
+ &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P,
+ &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ,
+ &ctx->ctx->QP,
+ };
+
+ for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++)
+ if (el->e[n].buf &&
+ mbedtls_mpi_read_binary(mpi[n], el->e[n].buf,
+ el->e[n].len)) {
+ lwsl_notice("mpi load failed\n");
+ lws_free_set_NULL(ctx->ctx);
+
+ return -1;
+ }
+ }
+
+ ctx->ctx->len = el->e[JWK_KEY_N].len;
+
+ return 0;
+}
+
+static int
+_rngf(void *context, unsigned char *buf, size_t len)
+{
+ if ((size_t)lws_get_random(context, buf, len) == len)
+ return 0;
+
+ return -1;
+}
+
+LWS_VISIBLE int
+lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx,
+ struct lws_genrsa_elements *el, int bits)
+{
+ int n;
+
+ memset(ctx, 0, sizeof(*ctx));
+ ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa");
+ if (!ctx->ctx)
+ return -1;
+
+ mbedtls_rsa_init(ctx->ctx, MBEDTLS_RSA_PKCS_V15, 0);
+
+ n = mbedtls_rsa_gen_key(ctx->ctx, _rngf, context, bits, 65537);
+ if (n) {
+ lwsl_err("mbedtls_rsa_gen_key failed 0x%x\n", -n);
+ goto cleanup_1;
+ }
+
+ {
+ mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = {
+ &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P,
+ &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ,
+ &ctx->ctx->QP,
+ };
+
+ for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++)
+ if (mbedtls_mpi_size(mpi[n])) {
+ el->e[n].buf = lws_malloc(
+ mbedtls_mpi_size(mpi[n]), "genrsakey");
+ if (!el->e[n].buf)
+ goto cleanup;
+ el->e[n].len = mbedtls_mpi_size(mpi[n]);
+ mbedtls_mpi_write_binary(mpi[n], el->e[n].buf,
+ el->e[n].len);
+ }
+ }
+
+ return 0;
+
+cleanup:
+ for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++)
+ if (el->e[n].buf)
+ lws_free_set_NULL(el->e[n].buf);
+cleanup_1:
+ lws_free(ctx->ctx);
+
+ return -1;
+}
+
+LWS_VISIBLE int
+lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
+ size_t in_len, uint8_t *out, size_t out_max)
+{
+ size_t olen = 0;
+ int n;
+
+ ctx->ctx->len = in_len;
+ n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, NULL, NULL,
+ MBEDTLS_RSA_PUBLIC,
+ &olen, in, out, out_max);
+ if (n) {
+ lwsl_notice("%s: -0x%x\n", __func__, -n);
+
+ return -1;
+ }
+
+ return olen;
+}
+
+LWS_VISIBLE int
+lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
+ size_t in_len, uint8_t *out)
+{
+ int n;
+
+ ctx->ctx->len = in_len;
+ n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, NULL, NULL,
+ MBEDTLS_RSA_PRIVATE,
+ in_len, in, out);
+ if (n) {
+ lwsl_notice("%s: -0x%x\n", __func__, -n);
+
+ return -1;
+ }
+
+ return 0;
+}
+
+static int
+lws_genrsa_genrsa_hash_to_mbed_hash(enum lws_genhash_types hash_type)
+{
+ int h = -1;
+
+ switch (hash_type) {
+ case LWS_GENHASH_TYPE_SHA1:
+ h = MBEDTLS_MD_SHA1;
+ break;
+ case LWS_GENHASH_TYPE_SHA256:
+ h = MBEDTLS_MD_SHA256;
+ break;
+ case LWS_GENHASH_TYPE_SHA384:
+ h = MBEDTLS_MD_SHA384;
+ break;
+ case LWS_GENHASH_TYPE_SHA512:
+ h = MBEDTLS_MD_SHA512;
+ break;
+ }
+
+ return h;
+}
+
+LWS_VISIBLE int
+lws_genrsa_public_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in,
+ enum lws_genhash_types hash_type, const uint8_t *sig,
+ size_t sig_len)
+{
+ int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type);
+
+ if (h < 0)
+ return -1;
+
+ n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx, NULL, NULL,
+ MBEDTLS_RSA_PUBLIC,
+ h, 0, in, sig);
+ if (n < 0) {
+ lwsl_notice("%s: -0x%x\n", __func__, -n);
+
+ return -1;
+ }
+
+ return n;
+}
+
+LWS_VISIBLE int
+lws_genrsa_public_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in,
+ enum lws_genhash_types hash_type, uint8_t *sig,
+ size_t sig_len)
+{
+ int n, h = lws_genrsa_genrsa_hash_to_mbed_hash(hash_type);
+
+ if (h < 0)
+ return -1;
+
+ /*
+ * The "sig" buffer must be as large as the size of ctx->N
+ * (eg. 128 bytes if RSA-1024 is used).
+ */
+ if (sig_len < ctx->ctx->len)
+ return -1;
+
+ n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx, NULL, NULL,
+ MBEDTLS_RSA_PRIVATE, h, 0, in,
+ sig);
+ if (n < 0) {
+ lwsl_notice("%s: -0x%x\n", __func__, -n);
+
+ return -1;
+ }
+
+ return ctx->ctx->len;
+}
+
+LWS_VISIBLE int
+lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private,
+ uint8_t *pkey_asn1, size_t pkey_asn1_len)
+{
+ uint8_t *p = pkey_asn1, *totlen, *end = pkey_asn1 + pkey_asn1_len - 1;
+ mbedtls_mpi *mpi[LWS_COUNT_RSA_ELEMENTS] = {
+ &ctx->ctx->N, &ctx->ctx->E, &ctx->ctx->D, &ctx->ctx->P,
+ &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ,
+ &ctx->ctx->QP,
+ };
+ int n;
+
+ /* 30 82 - sequence
+ * 09 29 <-- length(0x0929) less 4 bytes
+ * 02 01 <- length (1)
+ * 00
+ * 02 82
+ * 02 01 <- length (513) N
+ * ...
+ *
+ * 02 03 <- length (3) E
+ * 01 00 01
+ *
+ * 02 82
+ * 02 00 <- length (512) D P Q EXP1 EXP2 COEFF
+ *
+ * */
+
+ *p++ = 0x30;
+ *p++ = 0x82;
+ totlen = p;
+ p += 2;
+
+ *p++ = 0x02;
+ *p++ = 0x01;
+ *p++ = 0x00;
+
+ for (n = 0; n < LWS_COUNT_RSA_ELEMENTS; n++) {
+ int m = mbedtls_mpi_size(mpi[n]);
+ uint8_t *elen;
+
+ *p++ = 0x02;
+ elen = p;
+ if (m < 0x7f)
+ *p++ = m;
+ else {
+ *p++ = 0x82;
+ *p++ = m >> 8;
+ *p++ = m & 0xff;
+ }
+
+ if (p + m > end)
+ return -1;
+
+ mbedtls_mpi_write_binary(mpi[n], p, m);
+ if (p[0] & 0x80) {
+ p[0] = 0x00;
+ mbedtls_mpi_write_binary(mpi[n], &p[1], m);
+ m++;
+ }
+ if (m < 0x7f)
+ *elen = m;
+ else {
+ *elen++ = 0x82;
+ *elen++ = m >> 8;
+ *elen = m & 0xff;
+ }
+ p += m;
+ }
+
+ n = lws_ptr_diff(p, pkey_asn1);
+
+ *totlen++ = (n - 4) >> 8;
+ *totlen = (n - 4) & 0xff;
+
+ return n;
+}
+
+LWS_VISIBLE void
+lws_genrsa_destroy(struct lws_genrsa_ctx *ctx)
+{
+ if (!ctx->ctx)
+ return;
+ mbedtls_rsa_free(ctx->ctx);
+ lws_free(ctx->ctx);
+ ctx->ctx = NULL;
+}