Onek8/LNXCORE
1
0
Fork 0
Code Pull Requests Activity

Update Files

Browse Source
This commit is contained in:
Onek8
2025-01-22 17:22:38 +01:00
parent 89b9349629
commit 4c5e729485
5132 changed files with 1195369 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

585
Kinc/Sources/kinc/libs/core/tls/CMakeLists.txt Normal file
View File

@ -0,0 +1,585 @@
#
# libwebsockets - small server side websockets and web server implementation
#
# Copyright (C) 2010 - 2020 Andy Green <andy@warmcat.com>
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
#
#
# This converts everything about the tls support into
#
# - entries on SOURCES (modifications set back in PARENT_SCOPE)
# - entries on LIB_LIST (modifications set back in PARENT_SCOPE)
# - include_directories()
# - Api build-time discovery results set in PARENT_SCOPE
#
# Everything else is handled privately here.
include_directories(.)
# Allow the user to use the old CyaSSL options/library in stead of wolfSSL
if (LWS_WITH_CYASSL AND LWS_WITH_WOLFSSL)
message(FATAL_ERROR "LWS_WITH_CYASSL and LWS_WITH_WOLFSSL are mutually exclusive!")
endif()
if (LWS_WITH_CYASSL)
# Copy CyaSSL options to the wolfSSL options
set(LWS_WITH_WOLFSSL ${LWS_WITH_CYASSL} CACHE BOOL "Use wolfSSL/CyaSSL instead of OpenSSL" FORCE PARENT_SCOPE)
set(LWS_WOLFSSL_LIBRARIES ${LWS_CYASSL_LIBRARIES} CACHE PATH "Path to wolfSSL/CyaSSL libraries" FORCE PARENT_SCOPE)
set(LWS_WOLFSSL_INCLUDE_DIRS ${LWS_CYASSL_INCLUDE_DIRS} CACHE PATH "Path to wolfSSL/CyaSSL header files" FORCE PARENT_SCOPE)
endif()
set(LWS_OPENSSL_LIBRARIES CACHE PATH "Path to the OpenSSL library" )
set(LWS_OPENSSL_INCLUDE_DIRS CACHE PATH "Path to the OpenSSL include directory" )
set(LWS_WOLFSSL_LIBRARIES CACHE PATH "Path to the wolfSSL library" )
set(LWS_WOLFSSL_INCLUDE_DIRS CACHE PATH "Path to the wolfSSL include directory" )
if (LWS_WITH_BORINGSSL)
# boringssl deprecated EVP_PKEY
set (LWS_WITH_GENHASH OFF PARENT_SCOPE)
endif()
if (LWS_WITH_SSL AND NOT LWS_WITH_WOLFSSL AND NOT LWS_WITH_MBEDTLS)
if ("${LWS_OPENSSL_LIBRARIES}" STREQUAL "" OR "${LWS_OPENSSL_INCLUDE_DIRS}" STREQUAL "")
else()
if (NOT LWS_PLAT_FREERTOS)
set(OPENSSL_LIBRARIES ${LWS_OPENSSL_LIBRARIES})
endif()
set(OPENSSL_INCLUDE_DIRS ${LWS_OPENSSL_INCLUDE_DIRS})
set(OPENSSL_FOUND 1)
endif()
endif()
if (LWS_WITH_SSL AND LWS_WITH_WOLFSSL)
if ("${LWS_WOLFSSL_LIBRARIES}" STREQUAL "" OR "${LWS_WOLFSSL_INCLUDE_DIRS}" STREQUAL "")
include (FindPkgConfig)
PKG_SEARCH_MODULE(LWS_WOLFSSL wolfssl)
if (NOT LWS_WOLFSSL_FOUND)
if (LWS_WITH_CYASSL)
message(FATAL_ERROR "You must set LWS_CYASSL_LIBRARIES and LWS_CYASSL_INCLUDE_DIRS when LWS_WITH_CYASSL is turned on.")
else()
message(FATAL_ERROR "You must set LWS_WOLFSSL_LIBRARIES and LWS_WOLFSSL_INCLUDE_DIRS when LWS_WITH_WOLFSSL is turned on.")
endif()
else()
set(WOLFSSL_LIBRARIES ${LWS_WOLFSSL_LIBRARIES})
set(WOLFSSL_INCLUDE_DIRS ${LWS_WOLFSSL_INCLUDE_DIRS})
set(WOLFSSL_FOUND 1)
endif()
else()
set(WOLFSSL_LIBRARIES ${LWS_WOLFSSL_LIBRARIES})
set(WOLFSSL_INCLUDE_DIRS ${LWS_WOLFSSL_INCLUDE_DIRS})
set(WOLFSSL_FOUND 1)
endif()
set(USE_WOLFSSL 1)
set(USE_WOLFSSL 1 PARENT_SCOPE)
set(LWS_WITH_TLS 1 PARENT_SCOPE)
if (LWS_WITH_CYASSL)
set(USE_OLD_CYASSL 1)
endif()
endif()
if (LWS_SSL_CLIENT_USE_OS_CA_CERTS)
set(LWS_SSL_CLIENT_USE_OS_CA_CERTS 1 PARENT_SCOPE)
endif()
if (LWS_WITH_MBEDTLS)
add_subdirectory(mbedtls)
include_directories(${_CMAKE_INC_LIST})
endif()
# The base dir where the test-apps look for the SSL certs.
set(LWS_OPENSSL_CLIENT_CERTS ../share CACHE PATH "Server SSL certificate directory")
if (WIN32)
set(LWS_OPENSSL_CLIENT_CERTS . CACHE PATH "Client SSL certificate directory" PARENT_SCOPE)
else()
set(LWS_OPENSSL_CLIENT_CERTS /etc/pki/tls/certs/ CACHE PATH "Client SSL certificate directory")
endif()
if (LWS_WITH_SSL)
list(APPEND SOURCES
tls/tls.c)
if (LWS_WITH_NETWORK)
list(APPEND SOURCES
tls/tls-network.c)
endif()
if (LWS_WITH_TLS_SESSIONS)
list(APPEND SOURCES
tls/tls-sessions.c)
endif()
if (LWS_WITH_TLS_JIT_TRUST)
list(APPEND SOURCES
tls/tls-jit-trust.c)
endif()
if (LWS_WITH_MBEDTLS)
list(APPEND SOURCES
tls/mbedtls/mbedtls-tls.c
tls/mbedtls/mbedtls-extensions.c
tls/mbedtls/mbedtls-x509.c)
if (LWS_WITH_NETWORK)
list(APPEND SOURCES
tls/mbedtls/mbedtls-ssl.c)
endif()
if (LWS_WITH_TLS_JIT_TRUST)
list(APPEND SOURCES
tls/mbedtls/mbedtls-extensions.c)
endif()
if (LWS_WITH_TLS_SESSIONS)
list(APPEND SOURCES
tls/mbedtls/mbedtls-session.c)
endif()
if (LWS_WITH_GENCRYPTO)
list(APPEND SOURCES
tls/mbedtls/lws-genhash.c
tls/mbedtls/lws-genrsa.c
tls/mbedtls/lws-genaes.c
tls/lws-genec-common.c
tls/mbedtls/lws-genec.c
tls/mbedtls/lws-gencrypto.c)
endif()
else()
list(APPEND SOURCES
tls/openssl/openssl-tls.c
tls/openssl/openssl-x509.c)
if (LWS_WITH_NETWORK)
list(APPEND SOURCES
tls/openssl/openssl-ssl.c)
endif()
if (LWS_WITH_TLS_SESSIONS)
list(APPEND SOURCES
tls/openssl/openssl-session.c)
endif()
if (LWS_WITH_GENCRYPTO)
list(APPEND SOURCES
tls/openssl/lws-genhash.c
tls/openssl/lws-genrsa.c
tls/openssl/lws-genaes.c
tls/lws-genec-common.c
tls/openssl/lws-genec.c
tls/openssl/lws-gencrypto.c)
endif()
endif()
if (NOT LWS_WITHOUT_SERVER)
list(APPEND SOURCES
tls/tls-server.c)
if (LWS_WITH_MBEDTLS)
list(APPEND SOURCES
tls/mbedtls/mbedtls-server.c)
else()
list(APPEND SOURCES
tls/openssl/openssl-server.c)
endif()
endif()
if (NOT LWS_WITHOUT_CLIENT)
list(APPEND SOURCES
tls/tls-client.c)
if (LWS_WITH_MBEDTLS)
list(APPEND SOURCES
tls/mbedtls/mbedtls-client.c)
else()
list(APPEND SOURCES
tls/openssl/openssl-client.c)
endif()
endif()
endif()
set(SOURCES ${SOURCES} PARENT_SCOPE)
#
# OpenSSL
#
if (LWS_WITH_SSL)
message("Compiling with SSL support")
set(chose_ssl 0)
if (LWS_WITH_WOLFSSL)
# Use wolfSSL as OpenSSL replacement.
# TODO: Add a find_package command for this also.
message("wolfSSL include dir: ${WOLFSSL_INCLUDE_DIRS}")
message("wolfSSL libraries: ${WOLFSSL_LIBRARIES}")
# Additional to the root directory we need to include
# the wolfssl/ subdirectory which contains the OpenSSL
# compatibility layer headers.
if (LWS_WITH_CYASSL)
foreach(inc ${WOLFSSL_INCLUDE_DIRS})
set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIRS} ${inc} ${inc}/cyassl)
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} "${inc}" "${inc}/cyassl")
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} PARENT_SCOPE)
endforeach()
else()
foreach(inc ${WOLFSSL_INCLUDE_DIRS})
set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIRS} ${inc} ${inc}/wolfssl)
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} "${inc}" "${inc}/wolfssl")
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} PARENT_SCOPE)
endforeach()
endif()
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${OPENSSL_INCLUDE_DIRS})
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} PARENT_SCOPE)
set(OPENSSL_INCLUDE_DIRS ${OPENSSL_INCLUDE_DIRS} PARENT_SCOPE)
set(VARIA wolfSSL_)
list(INSERT LIB_LIST 0 "${WOLFSSL_LIBRARIES}")
message("LIB_LIST ${LIB_LIST}")
set(chose_ssl 1)
endif()
if (LWS_WITH_MBEDTLS AND DEFINED MBEDTLS_INCLUDE_DIRS AND DEFINED MBEDTLS_LIBRARIES)
message("MBEDTLS include dir: ${MBEDTLS_INCLUDE_DIRS}")
message("MBEDTLS libraries: ${MBEDTLS_LIBRARIES}")
foreach(inc ${MBEDTLS_INCLUDE_DIRS})
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} "${inc}" "${inc}/mbedtls")
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} PARENT_SCOPE)
endforeach()
list(INSERT LIB_LIST 0 "${MBEDTLS_LIBRARIES}")
endif()
if (LWS_WITH_MBEDTLS)
set(chose_ssl 1)
endif()
if (NOT chose_ssl)
if (OPENSSL_FOUND AND "${OPENSSL_INCLUDE_DIRS}" STREQUAL "")
set(OPENSSL_INCLUDE_DIRS "${OPENSSL_INCLUDE_DIR}")
endif()
if (NOT OPENSSL_FOUND AND NOT LWS_WITH_BORINGSSL)
# TODO: Add support for STATIC also.
if (NOT LWS_PLAT_FREERTOS)
find_package(PkgConfig QUIET)
pkg_check_modules(PC_OPENSSL openssl QUIET)
find_package(OpenSSL REQUIRED)
if (NOT OPENSSL_FOUND AND PC_OPENSSL_FOUND)
list(APPEND OPENSSL_LIBRARIES ${PC_OPENSSL_LINK_LIBRARIES})
endif()
set(OPENSSL_LIBRARIES ${OPENSSL_LIBRARIES} PARENT_SCOPE)
endif()
set(OPENSSL_INCLUDE_DIRS "${OPENSSL_INCLUDE_DIR}")
endif()
message("OpenSSL include dir: ${OPENSSL_INCLUDE_DIRS}")
if (NOT LWS_PLAT_FREERTOS)
message("OpenSSL libraries: ${OPENSSL_LIBRARIES}")
endif()
if (OPENSSL_INCLUDE_DIRS)
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} "${OPENSSL_INCLUDE_DIRS}")
set(LWS_PUBLIC_INCLUDES ${LWS_PUBLIC_INCLUDES} PARENT_SCOPE)
endif()
if (NOT LWS_PLAT_FREERTOS)
list(INSERT LIB_LIST 0 ${OPENSSL_LIBRARIES})
endif()
if (NOT LWS_WITH_MBEDTLS)
# older (0.98) Openssl lacks this
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${OPENSSL_INCLUDE_DIRS} PARENT_SCOPE)
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${OPENSSL_INCLUDE_DIRS})
check_include_file(openssl/ecdh.h LWS_HAVE_OPENSSL_ECDH_H)
if (LWS_SSL_SERVER_WITH_ECDH_CERT AND NOT LWS_HAVE_OPENSSL_ECDH_H)
message(FATAL_ERROR "Missing openssl/ecdh.h, so cannot use LWS_SSL_SERVER_WITH_ECDH_CERT")
endif()
else()
unset(LWS_HAVE_OPENSSL_ECDH_H PARENT_SCOPE)
endif(NOT LWS_WITH_MBEDTLS)
endif()
endif(LWS_WITH_SSL)
if (DEFINED OPENSSL_INCLUDE_DIRS)
set(CMAKE_REQUIRED_INCLUDES ${OPENSSL_INCLUDE_DIRS})
endif()
if (DEFINED LIB_LIST)
set(CMAKE_REQUIRED_LIBRARIES ${LIB_LIST})
endif()
if (UNIX AND NOT (${CMAKE_SYSTEM_NAME} MATCHES "QNX"))
set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} ${CMAKE_DL_LIBS})
endif()
if ((CMAKE_COMPILER_IS_GNUCC OR CMAKE_COMPILER_IS_GNUCXX) AND NOT ((${CMAKE_SYSTEM_NAME} MATCHES "QNX") OR PC_OPENSSL_FOUND))
set(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} pthread)
endif()
if (NOT VARIA)
set(VARIA "")
endif()
CHECK_FUNCTION_EXISTS(${VARIA}SSL_CTX_set1_param LWS_HAVE_SSL_CTX_set1_param PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_set_info_callback LWS_HAVE_SSL_SET_INFO_CALLBACK PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}X509_VERIFY_PARAM_set1_host LWS_HAVE_X509_VERIFY_PARAM_set1_host PARENT_SCOPE)
CHECK_SYMBOL_EXISTS(${VARIA}X509_VERIFY_PARAM_set1_host LWS_HAVE_X509_VERIFY_PARAM_set1_host_sym PARENT_SCOPE)
if (LWS_HAVE_X509_VERIFY_PARAM_set1_host_sym)
set(LWS_HAVE_X509_VERIFY_PARAM_set1_host 1 PARENT_SCOPE)
endif()
CHECK_FUNCTION_EXISTS(${VARIA}RSA_set0_key LWS_HAVE_RSA_SET0_KEY PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}X509_get_key_usage LWS_HAVE_X509_get_key_usage PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_CTX_EVP_PKEY_new_raw_private_key LWS_HAVE_SSL_CTX_EVP_PKEY_new_raw_private_key PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_CTX_get0_certificate LWS_HAVE_SSL_CTX_get0_certificate PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_get0_alpn_selected LWS_HAVE_SSL_get0_alpn_selected PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_set_alpn_protos LWS_HAVE_SSL_set_alpn_protos PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_cfb8 LWS_HAVE_EVP_aes_128_cfb8 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_cfb128 LWS_HAVE_EVP_aes_128_cfb128 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_192_cfb8 LWS_HAVE_EVP_aes_192_cfb8 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_192_cfb128 LWS_HAVE_EVP_aes_192_cfb128 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_256_cfb8 LWS_HAVE_EVP_aes_256_cfb8 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_256_cfb128 LWS_HAVE_EVP_aes_256_cfb128 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_xts LWS_HAVE_EVP_aes_128_xts PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_ofb LWS_HAVE_EVP_aes_128_ofb PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_ecb LWS_HAVE_EVP_aes_128_ecb PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_ctr LWS_HAVE_EVP_aes_128_ctr PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_xts LWS_HAVE_EVP_aes_128_xts PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}RSA_verify_pss_mgf1 LWS_HAVE_RSA_verify_pss_mgf1 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}HMAC_CTX_new LWS_HAVE_HMAC_CTX_new PARENT_SCOPE)
CHECK_SYMBOL_EXISTS(${VARIA}SSL_CTX_set_ciphersuites LWS_HAVE_SSL_CTX_set_ciphersuites PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_PKEY_new_raw_private_key LWS_HAVE_EVP_PKEY_new_raw_private_key PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_SESSION_set_time LWS_HAVE_SSL_SESSION_set_time PARENT_SCOPE)
CHECK_SYMBOL_EXISTS(${VARIA}SSL_SESSION_up_ref LWS_HAVE_SSL_SESSION_up_ref PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}SSL_CTX_set_keylog_callback LWS_HAVE_SSL_CTX_set_keylog_callback PARENT_SCOPE)
# deprecated in openssl v3
CHECK_FUNCTION_EXISTS(${VARIA}EC_KEY_new_by_curve_name LWS_HAVE_EC_KEY_new_by_curve_name PARENT_SCOPE)
if (LWS_WITH_SSL AND NOT LWS_WITH_MBEDTLS)
# we don't want to confuse what's in or out of the wrapper with
# what's in an openssl also installed on the build host
CHECK_C_SOURCE_COMPILES("#include <openssl/ssl.h>\nint main(void) { STACK_OF(X509) *c = NULL; SSL_CTX *ctx = NULL; return (int)SSL_CTX_get_extra_chain_certs_only(ctx, &c); }\n" LWS_HAVE_SSL_EXTRA_CHAIN_CERTS)
CHECK_C_SOURCE_COMPILES("#include <openssl/ssl.h>\nint main(void) { EVP_MD_CTX *md_ctx = NULL; EVP_MD_CTX_free(md_ctx); return 0; }\n" LWS_HAVE_EVP_MD_CTX_free)
CHECK_C_SOURCE_COMPILES("#include <openssl/ssl.h>\nint main(void) { OPENSSL_STACK *x = NULL; return !x; } \n" LWS_HAVE_OPENSSL_STACK)
set(LWS_HAVE_SSL_EXTRA_CHAIN_CERTS ${LWS_HAVE_SSL_EXTRA_CHAIN_CERTS} PARENT_SCOPE)
set(LWS_HAVE_EVP_MD_CTX_free ${LWS_HAVE_EVP_MD_CTX_free} PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}ECDSA_SIG_set0 LWS_HAVE_ECDSA_SIG_set0 PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}BN_bn2binpad LWS_HAVE_BN_bn2binpad PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EVP_aes_128_wrap LWS_HAVE_EVP_aes_128_wrap PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}EC_POINT_get_affine_coordinates LWS_HAVE_EC_POINT_get_affine_coordinates PARENT_SCOPE)
CHECK_SYMBOL_EXISTS(${VARIA}SSL_CTX_load_verify_file LWS_HAVE_SSL_CTX_load_verify_file PARENT_SCOPE)
CHECK_SYMBOL_EXISTS(${VARIA}SSL_CTX_load_verify_dir LWS_HAVE_SSL_CTX_load_verify_dir PARENT_SCOPE)
endif()
if (LWS_WITH_MBEDTLS)
set(LWS_HAVE_TLS_CLIENT_METHOD 1 PARENT_SCOPE)
if (NOT LWS_PLAT_FREERTOS)
# not supported in esp-idf openssl wrapper yet, but is in our version
set(LWS_HAVE_X509_VERIFY_PARAM_set1_host 1 PARENT_SCOPE)
endif()
set(CMAKE_REQUIRED_LIBRARIES ${MBEDTLS_LIBRARY} ${MBEDX509_LIBRARY} ${MBEDCRYPTO_LIBRARY})
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${MBEDTLS_INCLUDE_DIRS})
if (ESP_PLATFORM)
# we know we should have things
set(LWS_HAVE_MBEDTLS_AUTH_KEY_ID 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_conf_alpn_protocols 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_get_alpn_protocol 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_conf_sni 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_set_hs_ca_chain 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_set_hs_own_cert 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_ssl_set_hs_authmode 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_net_init 1 CACHE BOOL x)
set(LWS_HAVE_mbedtls_x509_crt_parse_file 1 CACHE BOOL x) # some embedded may lack filesystem
set(LWS_HAVE_mbedtls_md_setup 1 CACHE BOOL x) # not on xenial 2.2
set(LWS_HAVE_mbedtls_rsa_complete 1 CACHE BOOL x) # not on xenial 2.2
set(LWS_HAVE_mbedtls_internal_aes_encrypt 1 CACHE BOOL x) # not on xenial 2.2
else()
CHECK_C_SOURCE_COMPILES("#include <mbedtls/x509_crt.h>\nint main(void) { struct mbedtls_x509_crt c; c.authority_key_id.keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING; return c.authority_key_id.keyIdentifier.tag; }\n" LWS_HAVE_MBEDTLS_AUTH_KEY_ID)
CHECK_C_SOURCE_COMPILES("#include <mbedtls/ssl.h>\nint main(void) { void *v = (void *)mbedtls_ssl_set_verify; return !!v; }\n" LWS_HAVE_mbedtls_ssl_set_verify)
CHECK_C_SOURCE_COMPILES("#include <mbedtls/ssl.h>\nint main(void) { void *v = (void *)mbedtls_ssl_conf_alpn_protocols; return !!v; }\n" LWS_HAVE_mbedtls_ssl_conf_alpn_protocols)
CHECK_FUNCTION_EXISTS(mbedtls_ssl_get_alpn_protocol LWS_HAVE_mbedtls_ssl_get_alpn_protocol PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_ssl_conf_sni LWS_HAVE_mbedtls_ssl_conf_sni PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_ca_chain LWS_HAVE_mbedtls_ssl_set_hs_ca_chain PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_own_cert LWS_HAVE_mbedtls_ssl_set_hs_own_cert PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_ssl_set_hs_authmode LWS_HAVE_mbedtls_ssl_set_hs_authmode PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_net_init LWS_HAVE_mbedtls_net_init PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(mbedtls_x509_crt_parse_file LWS_HAVE_mbedtls_x509_crt_parse_file PARENT_SCOPE) # some embedded may lack filesystem
CHECK_FUNCTION_EXISTS(mbedtls_md_setup LWS_HAVE_mbedtls_md_setup PARENT_SCOPE) # not on xenial 2.2
CHECK_FUNCTION_EXISTS(mbedtls_rsa_complete LWS_HAVE_mbedtls_rsa_complete PARENT_SCOPE) # not on xenial 2.2
CHECK_FUNCTION_EXISTS(mbedtls_internal_aes_encrypt LWS_HAVE_mbedtls_internal_aes_encrypt PARENT_SCOPE) # not on xenial 2.2
endif()
else()
CHECK_FUNCTION_EXISTS(${VARIA}TLS_client_method LWS_HAVE_TLS_CLIENT_METHOD PARENT_SCOPE)
CHECK_FUNCTION_EXISTS(${VARIA}TLSv1_2_client_method LWS_HAVE_TLSV1_2_CLIENT_METHOD PARENT_SCOPE)
endif()
# Generate self-signed SSL certs for the test-server.
if (LWS_WITH_SSL) # AND NOT LWS_WITH_WOLFSSL)
message("Searching for OpenSSL executable and dlls")
find_package(OpenSSLbins)
if (DEFINED OPENSSL_EXECUTABLE)
message("OpenSSL executable: ${OPENSSL_EXECUTABLE}")
if (OPENSSL_EXECUTABLE MATCHES "^$")
set(OPENSSL_EXECUTABLE openssl)
endif()
endif()
if (NOT DEFINED OPENSSL_EXECUTABLE)
set(OPENSSL_EXECUTABLE openssl)
endif()
endif()
set(GENCERTS 0)
if (LWS_WITH_SSL AND OPENSSL_EXECUTABLE AND NOT LWS_WITHOUT_TEST_SERVER AND NOT LWS_WITHOUT_SERVER AND NOT LWS_WITHOUT_TESTAPPS)
set(GENCERTS 1)
endif()
if (LWS_PLAT_FREERTOS AND LWS_WITH_SSL)
set(GENCERTS 1)
endif()
message(" GENCERTS = ${GENCERTS}")
if (GENCERTS)
message("Generating SSL Certificates for the test-server...")
set(TEST_SERVER_SSL_KEY "${PROJECT_BINARY_DIR}/libwebsockets-test-server.key.pem")
set(TEST_SERVER_SSL_CERT "${PROJECT_BINARY_DIR}/libwebsockets-test-server.pem")
if (WIN32)
if (MINGW)
message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:2048 -days 10000 -nodes -x509 -subj \"/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost\" -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
execute_process(
COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:2048 -days 10000 -nodes -x509 -subj "/C=GB/ST=Erewhon/L=All around/O=libwebsockets-test/CN=localhost" -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
RESULT_VARIABLE OPENSSL_RETURN_CODE)
else()
file(WRITE "${PROJECT_BINARY_DIR}/openssl_input.txt"
"GB\n"
"Erewhon\n"
"All around\n"
"libwebsockets-test\n"
"localhost\n"
"none@invalid.org\n\n"
)
# The "type" command is a bit picky with paths.
file(TO_NATIVE_PATH "${PROJECT_BINARY_DIR}/openssl_input.txt" OPENSSL_INPUT_WIN_PATH)
message("OPENSSL_INPUT_WIN_PATH = ${OPENSSL_INPUT_WIN_PATH}")
message("cmd = \"${OPENSSL_EXECUTABLE}\" req -new -newkey rsa:2048 -days 10000 -nodes -x509 -keyout \"${TEST_SERVER_SSL_KEY}\" -out \"${TEST_SERVER_SSL_CERT}\"")
if(OPENSSL_CONFIG_FILE)
execute_process(
COMMAND cmd /c type "${OPENSSL_INPUT_WIN_PATH}"
COMMAND "${OPENSSL_EXECUTABLE}" req -config ${OPENSSL_CONFIG_FILE} -new -newkey rsa:2048 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
RESULT_VARIABLE OPENSSL_RETURN_CODE
OUTPUT_QUIET ERROR_QUIET)
else()
execute_process(
COMMAND cmd /c type "${OPENSSL_INPUT_WIN_PATH}"
COMMAND "${OPENSSL_EXECUTABLE}" req -new -newkey rsa:2048 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
RESULT_VARIABLE OPENSSL_RETURN_CODE
OUTPUT_QUIET ERROR_QUIET)
endif()
message("\n")
endif()
if (OPENSSL_RETURN_CODE)
message(WARNING "!!! Failed to generate SSL certificate for Test Server using cmd.exe !!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
else()
message("SUCCSESFULLY generated SSL certificate")
endif()
else()
if (CMAKE_HOST_SYSTEM_NAME MATCHES "NetBSD")
execute_process(
COMMAND "${OPENSSL_EXECUTABLE}"
req -new -newkey rsa:2048 -days 10000 -nodes -x509 -subj "/O=lws/CN=localhost" -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
RESULT_VARIABLE OPENSSL_RETURN_CODE
# OUTPUT_QUIET ERROR_QUIET
)
else()
# Unix.
execute_process(
COMMAND printf "GB\\nErewhon\\nAll around\\nlibwebsockets-test\\n\\nlocalhost\\nnone@invalid.org\\n"
COMMAND "${OPENSSL_EXECUTABLE}"
req -new -newkey rsa:2048 -days 10000 -nodes -x509 -keyout "${TEST_SERVER_SSL_KEY}" -out "${TEST_SERVER_SSL_CERT}"
RESULT_VARIABLE OPENSSL_RETURN_CODE
# OUTPUT_QUIET ERROR_QUIET
)
endif()
if (OPENSSL_RETURN_CODE)
message(WARNING "!!! Failed to generate SSL certificate for Test Server!!!:\nOpenSSL return code = ${OPENSSL_RETURN_CODE}")
else()
message("SUCCESSFULLY generated SSL certificate")
endif()
endif()
list(APPEND TEST_SERVER_DATA
"${TEST_SERVER_SSL_KEY}"
"${TEST_SERVER_SSL_CERT}")
endif()
#
# Copy OpenSSL dlls to the output directory on Windows.
# (Otherwise we'll get an error when trying to run)
#
if (MSVC AND LWS_WITH_SSL AND NOT LWS_WITH_WOLFSSL)
if(OPENSSL_BIN_FOUND)
message("OpenSSL dlls found:")
message(" Libeay: ${LIBEAY_BIN}")
message(" SSLeay: ${SSLEAY_BIN}")
foreach(TARGET_BIN ${TEST_APP_LIST})
add_custom_command(TARGET ${TARGET_BIN}
POST_BUILD
COMMAND "${CMAKE_COMMAND}" -E copy "${LIBEAY_BIN}" "$<TARGET_FILE_DIR:${TARGET_BIN}>" VERBATIM)
add_custom_command(TARGET ${TARGET_BIN}
POST_BUILD
COMMAND "${CMAKE_COMMAND}" -E copy "${SSLEAY_BIN}" "$<TARGET_FILE_DIR:${TARGET_BIN}>" VERBATIM)
#
# Win32: if we are using libuv, also need to copy it in the output dir
#
if (MSVC AND LWS_WITH_LIBUV)
STRING(REPLACE ".lib" ".dll" LIBUV_BIN ${LIBUV_LIBRARIES})
add_custom_command(TARGET ${TARGET_BIN}
POST_BUILD
COMMAND "${CMAKE_COMMAND}" -E copy "${LIBUV_BIN}" "$<TARGET_FILE_DIR:${TARGET_BIN}>" VERBATIM)
endif()
endforeach()
endif()
endif()
if (LWS_WITH_TLS AND (LWS_WITH_JOSE OR LWS_WITH_GENCRYPTO))
list(APPEND SOURCES
tls/lws-gencrypto-common.c)
endif()
#
# Keep explicit parent scope exports at end
#
exports_to_parent_scope()
set(LWS_HAVE_MBEDTLS_NET_SOCKETS ${LWS_HAVE_MBEDTLS_NET_SOCKETS} PARENT_SCOPE)
set(LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET ${LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET} PARENT_SCOPE)
set(LWS_HAVE_mbedtls_ssl_conf_alpn_protocols ${LWS_HAVE_mbedtls_ssl_conf_alpn_protocols} PARENT_SCOPE)
set(TEST_SERVER_SSL_KEY "${TEST_SERVER_SSL_KEY}" PARENT_SCOPE)
set(TEST_SERVER_SSL_CERT "${TEST_SERVER_SSL_CERT}" PARENT_SCOPE)
set(TEST_SERVER_DATA ${TEST_SERVER_DATA} PARENT_SCOPE)

695
Kinc/Sources/kinc/libs/core/tls/lws-gencrypto-common.c Normal file
View File

@ -0,0 +1,695 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
/*
* These came from RFC7518 (JSON Web Algorithms) Section 3
*
* Cryptographic Algorithms for Digital Signatures and MACs
*/
static const struct lws_jose_jwe_alg lws_gencrypto_jws_alg_map[] = {
/*
* JWSs MAY also be created that do not provide integrity protection.
* Such a JWS is called an Unsecured JWS. An Unsecured JWS uses the
* "alg" value "none" and is formatted identically to other JWSs, but
* MUST use the empty octet sequence as its JWS Signature value.
* Recipients MUST verify that the JWS Signature value is the empty
* octet sequence.
*
* Implementations that support Unsecured JWSs MUST NOT accept such
* objects as valid unless the application specifies that it is
* acceptable for a specific object to not be integrity protected.
* Implementations MUST NOT accept Unsecured JWSs by default. In order
* to mitigate downgrade attacks, applications MUST NOT signal
* acceptance of Unsecured JWSs at a global level, and SHOULD signal
* acceptance on a per-object basis. See Section 8.5 for security
* considerations associated with using this algorithm.
*/
{ /* optional */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_NONE,
"none", NULL, 0, 0, 0
},
/*
* HMAC with SHA-2 Functions
*
* The HMAC SHA-256 MAC for a JWS is validated by computing an HMAC
* value per RFC 2104, using SHA-256 as the hash algorithm "H", using
* the received JWS Signing Input as the "text" value, and using the
* shared key. This computed HMAC value is then compared to the result
* of base64url decoding the received encoded JWS Signature value. The
* comparison of the computed HMAC value to the JWS Signature value MUST
* be done in a constant-time manner to thwart timing attacks.
*
* Alternatively, the computed HMAC value can be base64url encoded and
* compared to the received encoded JWS Signature value (also in a
* constant-time manner), as this comparison produces the same result as
* comparing the unencoded values. In either case, if the values match,
* the HMAC has been validated.
*/
{ /* required: HMAC using SHA-256 */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA256,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_NONE,
"HS256", NULL, 0, 0, 0
},
{ /* optional: HMAC using SHA-384 */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA384,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_NONE,
"HS384", NULL, 0, 0, 0
},
{ /* optional: HMAC using SHA-512 */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA512,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_NONE,
"HS512", NULL, 0, 0, 0
},
/*
* Digital Signature with RSASSA-PKCS1-v1_5
*
* This section defines the use of the RSASSA-PKCS1-v1_5 digital
* signature algorithm as defined in Section 8.2 of RFC 3447 [RFC3447]
* (commonly known as PKCS #1), using SHA-2 [SHS] hash functions.
*
* A key of size 2048 bits or larger MUST be used with these algorithms.
*
* The RSASSA-PKCS1-v1_5 SHA-256 digital signature is generated as
* follows: generate a digital signature of the JWS Signing Input using
* RSASSA-PKCS1-v1_5-SIGN and the SHA-256 hash function with the desired
* private key. This is the JWS Signature value.
*
* The RSASSA-PKCS1-v1_5 SHA-256 digital signature for a JWS is
* validated as follows: submit the JWS Signing Input, the JWS
* Signature, and the public key corresponding to the private key used
* by the signer to the RSASSA-PKCS1-v1_5-VERIFY algorithm using SHA-256
* as the hash function.
*/
{ /* recommended: RSASSA-PKCS1-v1_5 using SHA-256 */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_1_5,
LWS_JOSE_ENCTYPE_NONE,
"RS256", NULL, 2048, 4096, 0
},
{ /* optional: RSASSA-PKCS1-v1_5 using SHA-384 */
LWS_GENHASH_TYPE_SHA384,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_1_5,
LWS_JOSE_ENCTYPE_NONE,
"RS384", NULL, 2048, 4096, 0
},
{ /* optional: RSASSA-PKCS1-v1_5 using SHA-512 */
LWS_GENHASH_TYPE_SHA512,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_1_5,
LWS_JOSE_ENCTYPE_NONE,
"RS512", NULL, 2048, 4096, 0
},
/*
* Digital Signature with ECDSA
*
* The ECDSA P-256 SHA-256 digital signature is generated as follows:
*
* 1. Generate a digital signature of the JWS Signing Input using ECDSA
* P-256 SHA-256 with the desired private key. The output will be
* the pair (R, S), where R and S are 256-bit unsigned integers.
* 2. Turn R and S into octet sequences in big-endian order, with each
* array being be 32 octets long. The octet sequence
* representations MUST NOT be shortened to omit any leading zero
* octets contained in the values.
*
* 3. Concatenate the two octet sequences in the order R and then S.
* (Note that many ECDSA implementations will directly produce this
* concatenation as their output.)
*
* 4. The resulting 64-octet sequence is the JWS Signature value.
*
* The ECDSA P-256 SHA-256 digital signature for a JWS is validated as
* follows:
*
* 1. The JWS Signature value MUST be a 64-octet sequence. If it is
* not a 64-octet sequence, the validation has failed.
*
* 2. Split the 64-octet sequence into two 32-octet sequences. The
* first octet sequence represents R and the second S. The values R
* and S are represented as octet sequences using the Integer-to-
* OctetString Conversion defined in Section 2.3.7 of SEC1 [SEC1]
* (in big-endian octet order).
* 3. Submit the JWS Signing Input, R, S, and the public key (x, y) to
* the ECDSA P-256 SHA-256 validator.
*/
{ /* Recommended+: ECDSA using P-256 and SHA-256 */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDSA,
LWS_JOSE_ENCTYPE_NONE,
"ES256", "P-256", 256, 256, 0
},
{ /* optional: ECDSA using P-384 and SHA-384 */
LWS_GENHASH_TYPE_SHA384,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDSA,
LWS_JOSE_ENCTYPE_NONE,
"ES384", "P-384", 384, 384, 0
},
{ /* optional: ECDSA using P-521 and SHA-512 */
LWS_GENHASH_TYPE_SHA512,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDSA,
LWS_JOSE_ENCTYPE_NONE,
"ES512", "P-521", 521, 521, 0
},
#if 0
Not yet supported
/*
* Digital Signature with RSASSA-PSS
*
* A key of size 2048 bits or larger MUST be used with this algorithm.
*
* The RSASSA-PSS SHA-256 digital signature is generated as follows:
* generate a digital signature of the JWS Signing Input using RSASSA-
* PSS-SIGN, the SHA-256 hash function, and the MGF1 mask generation
* function with SHA-256 with the desired private key. This is the JWS
* Signature value.
*
* The RSASSA-PSS SHA-256 digital signature for a JWS is validated as
* follows: submit the JWS Signing Input, the JWS Signature, and the
* public key corresponding to the private key used by the signer to the
* RSASSA-PSS-VERIFY algorithm using SHA-256 as the hash function and
* using MGF1 as the mask generation function with SHA-256.
*
*/
{ /* optional: RSASSA-PSS using SHA-256 and MGF1 with SHA-256 */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_PSS,
LWS_JOSE_ENCTYPE_NONE,
"PS256", NULL, 2048, 4096, 0
},
{ /* optional: RSASSA-PSS using SHA-384 and MGF1 with SHA-384 */
LWS_GENHASH_TYPE_SHA384,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_PSS,
LWS_JOSE_ENCTYPE_NONE,
"PS384", NULL, 2048, 4096, 0
},
{ /* optional: RSASSA-PSS using SHA-512 and MGF1 with SHA-512*/
LWS_GENHASH_TYPE_SHA512,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_PSS,
LWS_JOSE_ENCTYPE_NONE,
"PS512", NULL, 2048, 4096, 0
},
#endif
/* list terminator */
{ 0, 0, 0, 0, NULL, NULL, 0, 0, 0}
};
/*
* These came from RFC7518 (JSON Web Algorithms) Section 4
*
* Cryptographic Algorithms for Key Management
*
* JWE uses cryptographic algorithms to encrypt or determine the Content
* Encryption Key (CEK).
*/
static const struct lws_jose_jwe_alg lws_gencrypto_jwe_alg_map[] = {
/*
* This section defines the specifics of encrypting a JWE CEK with
* RSAES-PKCS1-v1_5 [RFC3447]. The "alg" (algorithm) Header Parameter
* value "RSA1_5" is used for this algorithm.
*
* A key of size 2048 bits or larger MUST be used with this algorithm.
*/
{ /* recommended-: RSAES-PKCS1-v1_5 */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_1_5,
LWS_JOSE_ENCTYPE_NONE,
"RSA1_5", NULL, 2048, 4096, 0
},
{ /* recommended+: RSAES OAEP using default parameters */
LWS_GENHASH_TYPE_SHA1,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_OAEP,
LWS_JOSE_ENCTYPE_NONE,
"RSA-OAEP", NULL, 2048, 4096, 0
},
{ /* recommended+: RSAES OAEP using SHA-256 and MGF1 SHA-256 */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_RSASSA_PKCS1_OAEP,
LWS_JOSE_ENCTYPE_NONE,
"RSA-OAEP-256", NULL, 2048, 4096, 0
},
/*
* Key Wrapping with AES Key Wrap
*
* This section defines the specifics of encrypting a JWE CEK with the
* Advanced Encryption Standard (AES) Key Wrap Algorithm [RFC3394] using
* the default initial value specified in Section 2.2.3.1 of that
* document.
*
*
*/
{ /* recommended: AES Key Wrap with AES Key Wrap with defaults
using 128-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A128KW", NULL, 128, 128, 64
},
{ /* optional: AES Key Wrap with AES Key Wrap with defaults
using 192-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A192KW", NULL, 192, 192, 64
},
{ /* recommended: AES Key Wrap with AES Key Wrap with defaults
using 256-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A256KW", NULL, 256, 256, 64
},
/*
* This section defines the specifics of directly performing symmetric
* key encryption without performing a key wrapping step. In this case,
* the shared symmetric key is used directly as the Content Encryption
* Key (CEK) value for the "enc" algorithm. An empty octet sequence is
* used as the JWE Encrypted Key value. The "alg" (algorithm) Header
* Parameter value "dir" is used in this case.
*/
{ /* recommended */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_NONE,
"dir", NULL, 0, 0, 0
},
/*
* Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static
* (ECDH-ES)
*
* This section defines the specifics of key agreement with Elliptic
* Curve Diffie-Hellman Ephemeral Static [RFC6090], in combination with
* the Concat KDF, as defined in Section 5.8.1 of [NIST.800-56A]. The
* key agreement result can be used in one of two ways:
*
* 1. directly as the Content Encryption Key (CEK) for the "enc"
* algorithm, in the Direct Key Agreement mode, or
*
* 2. as a symmetric key used to wrap the CEK with the "A128KW",
* "A192KW", or "A256KW" algorithms, in the Key Agreement with Key
* Wrapping mode.
*
* A new ephemeral public key value MUST be generated for each key
* agreement operation.
*
* In Direct Key Agreement mode, the output of the Concat KDF MUST be a
* key of the same length as that used by the "enc" algorithm. In this
* case, the empty octet sequence is used as the JWE Encrypted Key
* value. The "alg" (algorithm) Header Parameter value "ECDH-ES" is
* used in the Direct Key Agreement mode.
*
* In Key Agreement with Key Wrapping mode, the output of the Concat KDF
* MUST be a key of the length needed for the specified key wrapping
* algorithm. In this case, the JWE Encrypted Key is the CEK wrapped
* with the agreed-upon key.
*/
{ /* recommended+: ECDH Ephemeral Static Key agreement Concat KDF */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDHES,
LWS_JOSE_ENCTYPE_NONE,
"ECDH-ES", NULL, 128, 128, 0
},
{ /* recommended: ECDH-ES + Concat KDF + wrapped by AES128KW */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDHES,
LWS_JOSE_ENCTYPE_AES_ECB,
"ECDH-ES+A128KW", NULL, 128, 128, 0
},
{ /* optional: ECDH-ES + Concat KDF + wrapped by AES192KW */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDHES,
LWS_JOSE_ENCTYPE_AES_ECB,
"ECDH-ES+A192KW", NULL, 192, 192, 0
},
{ /* recommended: ECDH-ES + Concat KDF + wrapped by AES256KW */
LWS_GENHASH_TYPE_SHA256,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_ECDHES,
LWS_JOSE_ENCTYPE_AES_ECB,
"ECDH-ES+A256KW", NULL, 256, 256, 0
},
/*
* Key Encryption with AES GCM
*
* This section defines the specifics of encrypting a JWE Content
* Encryption Key (CEK) with Advanced Encryption Standard (AES) in
* Galois/Counter Mode (GCM) ([AES] and [NIST.800-38D]).
*
* Use of an Initialization Vector (IV) of size 96 bits is REQUIRED with
* this algorithm. The IV is represented in base64url-encoded form as
* the "iv" (initialization vector) Header Parameter value.
*
* The Additional Authenticated Data value used is the empty octet
* string.
*
* The requested size of the Authentication Tag output MUST be 128 bits,
* regardless of the key size.
*
* The JWE Encrypted Key value is the ciphertext output.
*
* The Authentication Tag output is represented in base64url-encoded
* form as the "tag" (authentication tag) Header Parameter value.
*
*
* "iv" (Initialization Vector) Header Parameter
*
* The "iv" (initialization vector) Header Parameter value is the
* base64url-encoded representation of the 96-bit IV value used for the
* key encryption operation. This Header Parameter MUST be present and
* MUST be understood and processed by implementations when these
* algorithms are used.
*
* "tag" (Authentication Tag) Header Parameter
*
* The "tag" (authentication tag) Header Parameter value is the
* base64url-encoded representation of the 128-bit Authentication Tag
* value resulting from the key encryption operation. This Header
* Parameter MUST be present and MUST be understood and processed by
* implementations when these algorithms are used.
*/
{ /* optional: Key wrapping with AES GCM using 128-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A128GCMKW", NULL, 128, 128, 96
},
{ /* optional: Key wrapping with AES GCM using 192-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A192GCMKW", NULL, 192, 192, 96
},
{ /* optional: Key wrapping with AES GCM using 256-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_AES_ECB,
LWS_JOSE_ENCTYPE_NONE,
"A256GCMKW", NULL, 256, 256, 96
},
/* list terminator */
{ 0, 0, 0, 0, NULL, NULL, 0, 0, 0 }
};
/*
* The "enc" (encryption algorithm) Header Parameter identifies the
* content encryption algorithm used to perform authenticated encryption
* on the plaintext to produce the ciphertext and the Authentication
* Tag. This algorithm MUST be an AEAD algorithm with a specified key
* length. The encrypted content is not usable if the "enc" value does
* not represent a supported algorithm. "enc" values should either be
* registered in the IANA "JSON Web Signature and Encryption Algorithms"
* registry established by [JWA] or be a value that contains a
* Collision-Resistant Name. The "enc" value is a case-sensitive ASCII
* string containing a StringOrURI value. This Header Parameter MUST be
* present and MUST be understood and processed by implementations.
*/
static const struct lws_jose_jwe_alg lws_gencrypto_jwe_enc_map[] = {
/*
* AES_128_CBC_HMAC_SHA_256 / 512
*
* It uses the HMAC message authentication code [RFC2104] with the
* SHA-256 hash function [SHS] to provide message authentication, with
* the HMAC output truncated to 128 bits, corresponding to the
* HMAC-SHA-256-128 algorithm defined in [RFC4868]. For encryption, it
* uses AES in the CBC mode of operation as defined in Section 6.2 of
* [NIST.800-38A], with PKCS #7 padding and a 128-bit IV value.
*
* The AES_CBC_HMAC_SHA2 parameters specific to AES_128_CBC_HMAC_SHA_256
* are:
*
* The input key K is 32 octets long.
* ENC_KEY_LEN is 16 octets.
* MAC_KEY_LEN is 16 octets.
* The SHA-256 hash algorithm is used for the HMAC.
* The HMAC-SHA-256 output is truncated to T_LEN=16 octets, by
* stripping off the final 16 octets.
*/
{ /* required */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA256,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_CBC,
"A128CBC-HS256", NULL, 256, 256, 128
},
/*
* AES_192_CBC_HMAC_SHA_384 is based on AES_128_CBC_HMAC_SHA_256, but
* with the following differences:
*
* The input key K is 48 octets long instead of 32.
* ENC_KEY_LEN is 24 octets instead of 16.
* MAC_KEY_LEN is 24 octets instead of 16.
* SHA-384 is used for the HMAC instead of SHA-256.
* The HMAC SHA-384 value is truncated to T_LEN=24 octets instead of 16.
*/
{ /* required */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA384,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_CBC,
"A192CBC-HS384", NULL, 384, 384, 192
},
/*
* AES_256_CBC_HMAC_SHA_512 is based on AES_128_CBC_HMAC_SHA_256, but
* with the following differences:
*
* The input key K is 64 octets long instead of 32.
* ENC_KEY_LEN is 32 octets instead of 16.
* MAC_KEY_LEN is 32 octets instead of 16.
* SHA-512 is used for the HMAC instead of SHA-256.
* The HMAC SHA-512 value is truncated to T_LEN=32 octets instead of 16.
*/
{ /* required */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_SHA512,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_CBC,
"A256CBC-HS512", NULL, 512, 512, 256
},
/*
* The CEK is used as the encryption key.
*
* Use of an IV of size 96 bits is REQUIRED with this algorithm.
*
* The requested size of the Authentication Tag output MUST be 128 bits,
* regardless of the key size.
*/
{ /* recommended: AES GCM using 128-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_GCM,
"A128GCM", NULL, 128, 128, 96
},
{ /* optional: AES GCM using 192-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_GCM,
"A192GCM", NULL, 192, 192, 96
},
{ /* recommended: AES GCM using 256-bit key */
LWS_GENHASH_TYPE_UNKNOWN,
LWS_GENHMAC_TYPE_UNKNOWN,
LWS_JOSE_ENCTYPE_NONE,
LWS_JOSE_ENCTYPE_AES_GCM,
"A256GCM", NULL, 256, 256, 96
},
{ 0, 0, 0, 0, NULL, NULL, 0, 0, 0 } /* sentinel */
};
int
lws_gencrypto_jws_alg_to_definition(const char *alg,
const struct lws_jose_jwe_alg **jose)
{
const struct lws_jose_jwe_alg *a = lws_gencrypto_jws_alg_map;
while (a->alg) {
if (!strcmp(alg, a->alg)) {
*jose = a;
return 0;
}
a++;
}
return 1;
}
int
lws_gencrypto_jwe_alg_to_definition(const char *alg,
const struct lws_jose_jwe_alg **jose)
{
const struct lws_jose_jwe_alg *a = lws_gencrypto_jwe_alg_map;
while (a->alg) {
if (!strcmp(alg, a->alg)) {
*jose = a;
return 0;
}
a++;
}
return 1;
}
int
lws_gencrypto_jwe_enc_to_definition(const char *enc,
const struct lws_jose_jwe_alg **jose)
{
const struct lws_jose_jwe_alg *e = lws_gencrypto_jwe_enc_map;
while (e->alg) {
if (!strcmp(enc, e->alg)) {
*jose = e;
return 0;
}
e++;
}
return 1;
}
size_t
lws_genhash_size(enum lws_genhash_types type)
{
switch(type) {
case LWS_GENHASH_TYPE_UNKNOWN:
return 0;
case LWS_GENHASH_TYPE_MD5:
return 16;
case LWS_GENHASH_TYPE_SHA1:
return 20;
case LWS_GENHASH_TYPE_SHA256:
return 32;
case LWS_GENHASH_TYPE_SHA384:
return 48;
case LWS_GENHASH_TYPE_SHA512:
return 64;
}
return 0;
}
size_t
lws_genhmac_size(enum lws_genhmac_types type)
{
switch(type) {
case LWS_GENHMAC_TYPE_UNKNOWN:
return 0;
case LWS_GENHMAC_TYPE_SHA256:
return 32;
case LWS_GENHMAC_TYPE_SHA384:
return 48;
case LWS_GENHMAC_TYPE_SHA512:
return 64;
}
return 0;
}
int
lws_gencrypto_bits_to_bytes(int bits)
{
if (bits & 7)
return (bits / 8) + 1;
return bits / 8;
}
int
lws_base64_size(int bytes)
{
return ((bytes * 4) / 3) + 6;
}
void
lws_gencrypto_destroy_elements(struct lws_gencrypto_keyelem *el, int m)
{
int n;
for (n = 0; n < m; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
}
size_t lws_gencrypto_padded_length(size_t pad_block_size, size_t len)
{
return (len / pad_block_size + 1) * pad_block_size;
}

134
Kinc/Sources/kinc/libs/core/tls/lws-genec-common.c Normal file
View File

@ -0,0 +1,134 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genec provides an EC abstraction api in lws that works the
* same whether you are using openssl or mbedtls crypto functions underneath.
*/
#include "private-lib-core.h"
const struct lws_ec_curves *
lws_genec_curve(const struct lws_ec_curves *table, const char *name)
{
const struct lws_ec_curves *c = lws_ec_curves;
if (table)
c = table;
while (c->name) {
if (!strcmp(name, c->name))
return c;
c++;
}
return NULL;
}
//extern const struct lws_ec_curves *lws_ec_curves;
int
lws_genec_confirm_curve_allowed_by_tls_id(const char *allowed, int id,
struct lws_jwk *jwk)
{
struct lws_tokenize ts;
lws_tokenize_elem e;
size_t len;
int n;
lws_tokenize_init(&ts, allowed, LWS_TOKENIZE_F_COMMA_SEP_LIST |
LWS_TOKENIZE_F_MINUS_NONTERM);
ts.len = strlen(allowed);
do {
e = lws_tokenize(&ts);
switch (e) {
case LWS_TOKZE_TOKEN:
n = 0;
while (lws_ec_curves[n].name) {
if (id != lws_ec_curves[n].tls_lib_nid) {
n++;
continue;
}
lwsl_info("match curve %s\n",
lws_ec_curves[n].name);
len = strlen(lws_ec_curves[n].name);
jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)len;
jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
lws_malloc(len + 1, "cert crv");
if (!jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf) {
lwsl_err("%s: OOM\n", __func__);
return 1;
}
memcpy(jwk->e[LWS_GENCRYPTO_EC_KEYEL_CRV].buf,
lws_ec_curves[n].name, len + 1);
return 0;
}
break;
case LWS_TOKZE_DELIMITER:
break;
default: /* includes ENDED */
lwsl_err("%s: malformed or curve name in list\n",
__func__);
return -1;
}
} while (e > 0);
lwsl_err("%s: unsupported curve group nid %d\n", __func__, id);
return -1;
}
void
lws_genec_destroy_elements(struct lws_gencrypto_keyelem *el)
{
int n;
for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
}
static const char *enames[] = { "crv", "x", "d", "y" };
int
lws_genec_dump(struct lws_gencrypto_keyelem *el)
{
int n;
(void)enames;
lwsl_info(" genec %p: crv: '%s'\n", el,
!!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf ?
(char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf: "no curve name");
for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
n++) {
lwsl_info(" e: %s\n", enames[n]);
lwsl_hexdump_info(el[n].buf, el[n].len);
}
lwsl_info("\n");
return 0;
}

135
Kinc/Sources/kinc/libs/core/tls/mbedtls/CMakeLists.txt Normal file
View File

@ -0,0 +1,135 @@
#
# libwebsockets - small server side websockets and web server implementation
#
# Copyright (C) 2010 - 2020 Andy Green <andy@warmcat.com>
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
# IN THE SOFTWARE.
#
# The strategy is to only export to PARENT_SCOPE
#
# - changes to LIB_LIST
# - changes to SOURCES
# - includes via include_directories
#
# and keep everything else private
include_directories(wrapper/include wrapper/include/internal)
set(LWS_WITH_SSL ON)
include_directories(wrapper/include)
include_directories(wrapper/include/platform)
include_directories(wrapper/include/internal)
include_directories(wrapper/include/openssl)
if (LWS_WITH_NETWORK)
list(APPEND HDR_PRIVATE
tls/mbedtls/wrapper/include/internal/ssl3.h
tls/mbedtls/wrapper/include/internal/ssl_cert.h
tls/mbedtls/wrapper/include/internal/ssl_code.h
tls/mbedtls/wrapper/include/internal/ssl_dbg.h
tls/mbedtls/wrapper/include/internal/ssl_lib.h
tls/mbedtls/wrapper/include/internal/ssl_methods.h
tls/mbedtls/wrapper/include/internal/ssl_pkey.h
tls/mbedtls/wrapper/include/internal/ssl_stack.h
tls/mbedtls/wrapper/include/internal/ssl_types.h
tls/mbedtls/wrapper/include/internal/ssl_x509.h
tls/mbedtls/wrapper/include/internal/tls1.h
tls/mbedtls/wrapper/include/internal/x509_vfy.h)
list(APPEND HDR_PRIVATE
tls/mbedtls/wrapper/include/openssl/ssl.h)
list(APPEND HDR_PRIVATE
tls/mbedtls/wrapper/include/platform/ssl_pm.h
tls/mbedtls/wrapper/include/platform/ssl_port.h)
list(APPEND SOURCES
tls/mbedtls/wrapper/library/ssl_cert.c
tls/mbedtls/wrapper/library/ssl_lib.c
tls/mbedtls/wrapper/library/ssl_methods.c
tls/mbedtls/wrapper/library/ssl_pkey.c
tls/mbedtls/wrapper/library/ssl_stack.c
tls/mbedtls/wrapper/library/ssl_x509.c)
list(APPEND SOURCES
tls/mbedtls/wrapper/platform/ssl_pm.c
tls/mbedtls/wrapper/platform/ssl_port.c)
endif()
set(_WANT_MBT 0)
if (NOT LWS_PLAT_FREERTOS)
if (NOT DEFINED LWS_MBEDTLS_LIBRARIES)
set(_WANT_MBT 1)
endif()
if (NOT DEFINED LWS_MBEDTLS_INCLUDE_DIRS)
set(_WANT_MBT 1)
endif()
endif()
if (_WANT_MBT)
find_path(LWS_MBEDTLS_INCLUDE_DIRS mbedtls/ssl.h)
find_library(MBEDTLS_LIBRARY mbedtls)
find_library(MBEDX509_LIBRARY mbedx509)
find_library(MBEDCRYPTO_LIBRARY mbedcrypto)
set(LWS_MBEDTLS_LIBRARIES "${MBEDTLS_LIBRARY}" "${MBEDX509_LIBRARY}" "${MBEDCRYPTO_LIBRARY}")
include(FindPackageHandleStandardArgs)
find_package_handle_standard_args(MBEDTLS DEFAULT_MSG
LWS_MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
mark_as_advanced(LWS_MBEDTLS_INCLUDE_DIRS MBEDTLS_LIBRARY MBEDX509_LIBRARY MBEDCRYPTO_LIBRARY)
if ("${LWS_MBEDTLS_LIBRARIES}" STREQUAL "" OR "${LWS_MBEDTLS_INCLUDE_DIRS}" STREQUAL "")
message(FATAL_ERROR "You must set LWS_MBEDTLS_LIBRARIES and LWS_MBEDTLS_INCLUDE_DIRS when LWS_WITH_MBEDTLS is turned on.")
endif()
endif()
if (LWS_MBEDTLS_LIBRARIES)
set(MBEDTLS_LIBRARIES ${LWS_MBEDTLS_LIBRARIES})
set(MBEDTLS_LIBRARIES ${LWS_MBEDTLS_LIBRARIES} PARENT_SCOPE)
endif()
if (LWS_MBEDTLS_INCLUDE_DIRS)
set(MBEDTLS_INCLUDE_DIRS ${LWS_MBEDTLS_INCLUDE_DIRS})
set(MBEDTLS_INCLUDE_DIRS ${LWS_MBEDTLS_INCLUDE_DIRS} PARENT_SCOPE)
endif()
set(USE_MBEDTLS 1 PARENT_SCOPE)
if (DEFINED MBEDTLS_INCLUDE_DIRS)
include_directories(${MBEDTLS_INCLUDE_DIRS})
set(CMAKE_REQUIRED_INCLUDES ${CMAKE_REQUIRED_INCLUDES} ${MBEDTLS_INCLUDE_DIRS})
endif()
if (DEFINED MBEDTLS_LIBRARIES)
list(APPEND LIB_LIST ${MBEDTLS_LIBRARIES})
endif()
# old mbedtls has everything in mbedtls/net.h
CHECK_C_SOURCE_COMPILES("#include <mbedtls/net_sockets.h>\nint main(void) { return 0;}\n" LWS_HAVE_MBEDTLS_NET_SOCKETS)
CHECK_C_SOURCE_COMPILES("#include <mbedtls/ssl.h>\nint main(void) { return MBEDTLS_SSL_NEW_SESSION_TICKET;}\n" LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET)
#
# Keep explicit parent scope exports at end
#
exports_to_parent_scope()
set(LWS_HAVE_MBEDTLS_NET_SOCKETS ${LWS_HAVE_MBEDTLS_NET_SOCKETS} PARENT_SCOPE)
set(LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET ${LWS_HAVE_MBEDTLS_SSL_NEW_SESSION_TICKET} PARENT_SCOPE)

447
Kinc/Sources/kinc/libs/core/tls/mbedtls/lws-genaes.c Normal file
View File

@ -0,0 +1,447 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genaes provides an abstraction api for AES in lws that works the
* same whether you are using openssl or mbedtls hash functions underneath.
*/
#include "private-lib-core.h"
#if defined(LWS_WITH_JOSE)
#include "private-lib-jose.h"
#endif
static int operation_map[] = { MBEDTLS_AES_ENCRYPT, MBEDTLS_AES_DECRYPT };
static unsigned int
_write_pkcs7_pad(uint8_t *p, int len)
{
unsigned int n = 0, padlen = LWS_AES_CBC_BLOCKLEN * ((unsigned int)len /
LWS_AES_CBC_BLOCKLEN + 1) - (unsigned int)len;
p += len;
while (n++ < padlen)
*p++ = (uint8_t)padlen;
return padlen;
}
int
lws_genaes_create(struct lws_genaes_ctx *ctx, enum enum_aes_operation op,
enum enum_aes_modes mode, struct lws_gencrypto_keyelem *el,
enum enum_aes_padding padding, void *engine)
{
int n = 0;
ctx->mode = mode;
ctx->k = el;
ctx->op = (enum enum_aes_operation)operation_map[op];
ctx->underway = 0;
ctx->padding = padding == LWS_GAESP_WITH_PADDING;
switch (ctx->mode) {
case LWS_GAESM_XTS:
#if defined(MBEDTLS_CIPHER_MODE_XTS)
mbedtls_aes_xts_init(&ctx->u.ctx_xts);
break;
#else
return -1;
#endif
case LWS_GAESM_GCM:
mbedtls_gcm_init(&ctx->u.ctx_gcm);
n = mbedtls_gcm_setkey(&ctx->u.ctx_gcm, MBEDTLS_CIPHER_ID_AES,
ctx->k->buf, ctx->k->len * 8);
if (n) {
lwsl_notice("%s: mbedtls_gcm_setkey: -0x%x\n",
__func__, -n);
return n;
}
return n;
default:
mbedtls_aes_init(&ctx->u.ctx);
break;
}
switch (op) {
case LWS_GAESO_ENC:
if (ctx->mode == LWS_GAESM_XTS)
#if defined(MBEDTLS_CIPHER_MODE_XTS)
n = mbedtls_aes_xts_setkey_enc(&ctx->u.ctx_xts,
ctx->k->buf,
ctx->k->len * 8);
#else
return -1;
#endif
else
n = mbedtls_aes_setkey_enc(&ctx->u.ctx, ctx->k->buf,
ctx->k->len * 8);
break;
case LWS_GAESO_DEC:
switch (ctx->mode) {
case LWS_GAESM_XTS:
#if defined(MBEDTLS_CIPHER_MODE_XTS)
n = mbedtls_aes_xts_setkey_dec(&ctx->u.ctx_xts,
ctx->k->buf,
ctx->k->len * 8);
break;
#else
return -1;
#endif
case LWS_GAESM_CFB128:
case LWS_GAESM_CFB8:
case LWS_GAESM_CTR:
case LWS_GAESM_OFB:
n = mbedtls_aes_setkey_enc(&ctx->u.ctx, ctx->k->buf,
ctx->k->len * 8);
break;
default:
n = mbedtls_aes_setkey_dec(&ctx->u.ctx, ctx->k->buf,
ctx->k->len * 8);
break;
}
break;
}
if (n)
lwsl_notice("%s: setting key: -0x%x\n", __func__, -n);
return n;
}
int
lws_genaes_destroy(struct lws_genaes_ctx *ctx, unsigned char *tag, size_t tlen)
{
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
size_t last_len = 0;
uint8_t last[16];
#endif
int n;
if (ctx->mode == LWS_GAESM_GCM) {
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
n = mbedtls_gcm_finish(&ctx->u.ctx_gcm, last, sizeof(last),
&last_len, tag, tlen);
#else
n = mbedtls_gcm_finish(&ctx->u.ctx_gcm, tag, tlen);
#endif
if (n)
lwsl_notice("%s: mbedtls_gcm_finish: -0x%x\n",
__func__, -n);
if (tag && ctx->op == MBEDTLS_AES_DECRYPT && !n) {
if (lws_timingsafe_bcmp(ctx->tag, tag, (unsigned int)ctx->taglen)) {
lwsl_err("%s: lws_genaes_crypt tag "
"mismatch (bad first)\n",
__func__);
lwsl_hexdump_notice(tag, tlen);
lwsl_hexdump_notice(ctx->tag, (unsigned int)ctx->taglen);
n = -1;
}
}
mbedtls_gcm_free(&ctx->u.ctx_gcm);
return n;
}
if (ctx->mode == LWS_GAESM_XTS)
#if defined(MBEDTLS_CIPHER_MODE_XTS)
mbedtls_aes_xts_free(&ctx->u.ctx_xts);
#else
return -1;
#endif
else
mbedtls_aes_free(&ctx->u.ctx);
return 0;
}
#if defined(LWS_HAVE_mbedtls_internal_aes_encrypt)
static int
lws_genaes_rfc3394_wrap(int wrap, int cek_bits, const uint8_t *kek,
int kek_bits, const uint8_t *in, uint8_t *out)
{
int n, m, ret = -1, c64 = cek_bits / 64;
mbedtls_aes_context ctx;
uint8_t a[8], b[16];
/*
* notice the KEK key used to perform the wrapping or unwrapping is
* always the size of the AES key used, eg, A128KW == 128 bits. The
* key being wrapped or unwrapped may be larger and is set by the
* 'bits' parameter.
*
* If it's larger than the KEK key size bits, we iterate over it
*/
mbedtls_aes_init(&ctx);
if (wrap) {
/*
* The inputs to the key wrapping process are the KEK and the
* plaintext to be wrapped. The plaintext consists of n 64-bit
* blocks, containing the key data being wrapped.
*
* Inputs: Plaintext, n 64-bit values {P1, P2, ..., Pn},
* and Key, K (the KEK).
* Outputs: Ciphertext, (n+1) 64-bit values
* {C0, C1, ..., Cn}.
*
* The default initial value (IV) is defined to be the
* hexadecimal constant:
*
* A[0] = IV = A6A6A6A6A6A6A6A6
*/
memset(out, 0xa6, 8);
memcpy(out + 8, in, 8 * (unsigned int)c64);
n = mbedtls_aes_setkey_enc(&ctx, kek, (unsigned int)kek_bits);
} else {
/*
* 2.2.2 Key Unwrap
*
* The inputs to the unwrap process are the KEK and (n+1)
* 64-bit blocks of ciphertext consisting of previously
* wrapped key. It returns n blocks of plaintext consisting
* of the n 64-bit blocks of the decrypted key data.
*
* Inputs: Ciphertext, (n+1) 64-bit values {C0, C1, ..., Cn},
* and Key, K (the KEK).
*
* Outputs: Plaintext, n 64-bit values {P1, P2, ..., Pn}.
*/
memcpy(a, in, 8);
memcpy(out, in + 8, 8 * (unsigned int)c64);
n = mbedtls_aes_setkey_dec(&ctx, kek, (unsigned int)kek_bits);
}
if (n < 0) {
lwsl_err("%s: setkey failed\n", __func__);
goto bail;
}
if (wrap) {
for (n = 0; n <= 5; n++) {
uint8_t *r = out + 8;
for (m = 1; m <= c64; m++) {
memcpy(b, out, 8);
memcpy(b + 8, r, 8);
if (mbedtls_internal_aes_encrypt(&ctx, b, b))
goto bail;
memcpy(out, b, 8);
out[7] ^= (uint8_t)(c64 * n + m);
memcpy(r, b + 8, 8);
r += 8;
}
}
ret = 0;
} else {
/*
*
*/
for (n = 5; n >= 0; n--) {
uint8_t *r = out + (c64 - 1) * 8;
for (m = c64; m >= 1; m--) {
memcpy(b, a, 8);
b[7] ^= (uint8_t)(c64 * n + m);
memcpy(b + 8, r, 8);
if (mbedtls_internal_aes_decrypt(&ctx, b, b))
goto bail;
memcpy(a, b, 8);
memcpy(r, b + 8, 8);
r -= 8;
}
}
ret = 0;
for (n = 0; n < 8; n++)
if (a[n] != 0xa6)
ret = -1;
}
bail:
if (ret)
lwsl_notice("%s: failed\n", __func__);
mbedtls_aes_free(&ctx);
return ret;
}
#endif
int
lws_genaes_crypt(struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len,
uint8_t *out, uint8_t *iv_or_nonce_ctr_or_data_unit_16,
uint8_t *stream_block_16, size_t *nc_or_iv_off, int taglen)
{
uint8_t iv[LWS_JWE_AES_IV_BYTES], sb[16];
int n = 0;
switch (ctx->mode) {
case LWS_GAESM_KW:
#if defined(LWS_HAVE_mbedtls_internal_aes_encrypt)
/* a key of length ctx->k->len is wrapped by a 128-bit KEK */
n = lws_genaes_rfc3394_wrap(ctx->op == MBEDTLS_AES_ENCRYPT,
(ctx->op == MBEDTLS_AES_ENCRYPT ? (int)len * 8 :
((int)len - 8) * 8), ctx->k->buf,
(int)ctx->k->len * 8,
in, out);
break;
#else
lwsl_err("%s: your mbedtls is too old\n", __func__);
return -1;
#endif
case LWS_GAESM_CBC:
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
/*
* If encrypting, we do the PKCS#7 padding.
* During decryption, the caller will need to unpad.
*/
if (ctx->padding && ctx->op == MBEDTLS_AES_ENCRYPT) {
/*
* Since we don't want to burden the caller with
* the over-allocation at the end of the input,
* we have to allocate a temp with space for it
*/
uint8_t *padin = (uint8_t *)lws_malloc(
lws_gencrypto_padded_length(LWS_AES_CBC_BLOCKLEN, len),
__func__);
if (!padin)
return -1;
memcpy(padin, in, len);
len += _write_pkcs7_pad((uint8_t *)padin, (int)len);
n = mbedtls_aes_crypt_cbc(&ctx->u.ctx, (int)ctx->op, len, iv,
padin, out);
lws_free(padin);
} else
n = mbedtls_aes_crypt_cbc(&ctx->u.ctx, (int)ctx->op, len, iv,
in, out);
break;
case LWS_GAESM_CFB128:
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
n = mbedtls_aes_crypt_cfb128(&ctx->u.ctx, (int)ctx->op, len,
nc_or_iv_off, iv, in, out);
break;
case LWS_GAESM_CFB8:
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
n = mbedtls_aes_crypt_cfb8(&ctx->u.ctx, (int)ctx->op, len, iv,
in, out);
break;
case LWS_GAESM_CTR:
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
memcpy(sb, stream_block_16, 16);
n = mbedtls_aes_crypt_ctr(&ctx->u.ctx, len, nc_or_iv_off,
iv, sb, in, out);
memcpy(iv_or_nonce_ctr_or_data_unit_16, iv, 16);
memcpy(stream_block_16, sb, 16);
break;
case LWS_GAESM_ECB:
n = mbedtls_aes_crypt_ecb(&ctx->u.ctx, (int)ctx->op, in, out);
break;
case LWS_GAESM_OFB:
#if defined(MBEDTLS_CIPHER_MODE_OFB)
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
n = mbedtls_aes_crypt_ofb(&ctx->u.ctx, len, nc_or_iv_off, iv,
in, out);
break;
#else
return -1;
#endif
case LWS_GAESM_XTS:
#if defined(MBEDTLS_CIPHER_MODE_XTS)
memcpy(iv, iv_or_nonce_ctr_or_data_unit_16, 16);
n = mbedtls_aes_crypt_xts(&ctx->u.ctx_xts, (int)ctx->op, len, iv,
in, out);
break;
#else
return -1;
#endif
case LWS_GAESM_GCM:
if (!ctx->underway) {
ctx->underway = 1;
memcpy(ctx->tag, stream_block_16, (unsigned int)taglen);
ctx->taglen = taglen;
/*
* iv: iv_or_nonce_ctr_or_data_unit_16
* iv_len: *nc_or_iv_off
* stream_block_16: pointer to tag
* additional data: in
* additional data len: len
*/
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
n = mbedtls_gcm_starts(&ctx->u.ctx_gcm, (int)ctx->op,
iv_or_nonce_ctr_or_data_unit_16,
*nc_or_iv_off);
if (!n)
n = mbedtls_gcm_update_ad(&ctx->u.ctx_gcm,
in, len);
#else
n = mbedtls_gcm_starts(&ctx->u.ctx_gcm, (int)ctx->op,
iv_or_nonce_ctr_or_data_unit_16,
*nc_or_iv_off, in, len);
#endif
if (n) {
lwsl_notice("%s: mbedtls_gcm_starts: -0x%x\n",
__func__, -n);
return -1;
}
break;
}
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
{
size_t al;
n = mbedtls_gcm_update(&ctx->u.ctx_gcm, in, len, out, len, &al);
}
#else
n = mbedtls_gcm_update(&ctx->u.ctx_gcm, len, in, out);
#endif
if (n) {
lwsl_notice("%s: mbedtls_gcm_update: -0x%x\n",
__func__, -n);
return -1;
}
break;
}
if (n) {
lwsl_notice("%s: failed: -0x%x, len %d\n", __func__, -n, (int)len);
return -1;
}
return 0;
}

67
Kinc/Sources/kinc/libs/core/tls/mbedtls/lws-gencrypto.c Normal file
View File

@ -0,0 +1,67 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws-gencrypto openssl-specific common code
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
mbedtls_md_type_t
lws_gencrypto_mbedtls_hash_to_MD_TYPE(enum lws_genhash_types hash_type)
{
mbedtls_md_type_t h = (mbedtls_md_type_t)-1;
switch (hash_type) {
case LWS_GENHASH_TYPE_MD5:
h = MBEDTLS_MD_MD5;
break;
case LWS_GENHASH_TYPE_SHA1:
h = MBEDTLS_MD_SHA1;
break;
case LWS_GENHASH_TYPE_SHA256:
h = MBEDTLS_MD_SHA256;
break;
case LWS_GENHASH_TYPE_SHA384:
h = MBEDTLS_MD_SHA384;
break;
case LWS_GENHASH_TYPE_SHA512:
h = MBEDTLS_MD_SHA512;
break;
default:
break;
}
return h;
}
int
lws_gencrypto_mbedtls_rngf(void *context, unsigned char *buf, size_t len)
{
if ((size_t)lws_get_random(context, buf, len) == len) {
// lwsl_hexdump_err(buf, len);
return 0;
}
lwsl_err("%s: rng failed\n", __func__);
return -1;
}

535
Kinc/Sources/kinc/libs/core/tls/mbedtls/lws-genec.c Normal file
View File

@ -0,0 +1,535 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genec provides an EC abstraction api in lws that works the
* same whether you are using openssl or mbedtls crypto functions underneath.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
#define ECDHCTX(_c, _ins) _c->u.ctx_ecdh->MBEDTLS_PRIVATE(ctx).\
MBEDTLS_PRIVATE(mbed_ecdh).MBEDTLS_PRIVATE(_ins)
#define ECDSACTX(_c, _ins) _c->u.ctx_ecdsa->MBEDTLS_PRIVATE(_ins)
#else
#define ECDHCTX(_c, _ins) _c->u.ctx_ecdh->_ins
#define ECDSACTX(_c, _ins) _c->u.ctx_ecdsa->_ins
#endif
const struct lws_ec_curves lws_ec_curves[] = {
/*
* These are the curves we are willing to use by default...
*
* The 3 recommended+ (P-256) and optional curves in RFC7518 7.6
*
* Specific keys lengths from RFC8422 p20
*/
{ "P-256", MBEDTLS_ECP_DP_SECP256R1, 32 },
{ "P-384", MBEDTLS_ECP_DP_SECP384R1, 48 },
{ "P-521", MBEDTLS_ECP_DP_SECP521R1, 66 },
{ NULL, 0, 0 }
};
static int
lws_genec_keypair_import(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side,
const struct lws_gencrypto_keyelem *el)
{
const struct lws_ec_curves *curve;
mbedtls_ecp_keypair kp;
int ret = -1;
if (el[LWS_GENCRYPTO_EC_KEYEL_CRV].len < 4) {
lwsl_notice("%s: crv '%s' (%d)\n", __func__,
el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf ?
(char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf :
"null",
(int)el[LWS_GENCRYPTO_EC_KEYEL_CRV].len);
return -21;
}
curve = lws_genec_curve(ctx->curve_table,
(char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf);
if (!curve)
return -22;
/*
* d (the private part) may be missing, otherwise it and everything
* else must match the expected bignum size
*/
if ((el[LWS_GENCRYPTO_EC_KEYEL_D].len &&
el[LWS_GENCRYPTO_EC_KEYEL_D].len != curve->key_bytes) ||
el[LWS_GENCRYPTO_EC_KEYEL_X].len != curve->key_bytes ||
el[LWS_GENCRYPTO_EC_KEYEL_Y].len != curve->key_bytes)
return -23;
mbedtls_ecp_keypair_init(&kp);
if (mbedtls_ecp_group_load(&kp.MBEDTLS_PRIVATE(grp),
(mbedtls_ecp_group_id)curve->tls_lib_nid))
goto bail1;
ctx->has_private = !!el[LWS_GENCRYPTO_EC_KEYEL_D].len;
/* d (the private key) is directly an mpi */
if (ctx->has_private &&
mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(d),
el[LWS_GENCRYPTO_EC_KEYEL_D].buf,
el[LWS_GENCRYPTO_EC_KEYEL_D].len))
goto bail1;
mbedtls_ecp_set_zero(&kp.MBEDTLS_PRIVATE(Q));
if (mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X),
el[LWS_GENCRYPTO_EC_KEYEL_X].buf,
el[LWS_GENCRYPTO_EC_KEYEL_X].len))
goto bail1;
if (mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y),
el[LWS_GENCRYPTO_EC_KEYEL_Y].buf,
el[LWS_GENCRYPTO_EC_KEYEL_Y].len))
goto bail1;
mbedtls_mpi_lset(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 1);
switch (ctx->genec_alg) {
case LEGENEC_ECDH:
if (mbedtls_ecdh_get_params(ctx->u.ctx_ecdh, &kp,
(mbedtls_ecdh_side)side))
goto bail1;
/* verify the key is consistent with the claimed curve */
if (ctx->has_private &&
mbedtls_ecp_check_privkey(&ECDHCTX(ctx, grp),
&ECDHCTX(ctx, d)))
goto bail1;
if (mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp),
&ECDHCTX(ctx, Q)))
goto bail1;
break;
case LEGENEC_ECDSA:
if (mbedtls_ecdsa_from_keypair(ctx->u.ctx_ecdsa, &kp))
goto bail1;
/* verify the key is consistent with the claimed curve */
if (ctx->has_private &&
mbedtls_ecp_check_privkey(&ECDSACTX(ctx, grp),
&ECDSACTX(ctx, d)))
goto bail1;
if (mbedtls_ecp_check_pubkey(&ECDSACTX(ctx, grp),
&ECDSACTX(ctx, Q)))
goto bail1;
break;
default:
goto bail1;
}
ret = 0;
bail1:
mbedtls_ecp_keypair_free(&kp);
return ret;
}
int
lws_genecdh_create(struct lws_genec_ctx *ctx, struct lws_context *context,
const struct lws_ec_curves *curve_table)
{
memset(ctx, 0, sizeof(*ctx));
ctx->context = context;
ctx->curve_table = curve_table;
ctx->genec_alg = LEGENEC_ECDH;
ctx->u.ctx_ecdh = lws_zalloc(sizeof(*ctx->u.ctx_ecdh), "genecdh");
if (!ctx->u.ctx_ecdh)
return 1;
mbedtls_ecdh_init(ctx->u.ctx_ecdh);
return 0;
}
int
lws_genecdsa_create(struct lws_genec_ctx *ctx, struct lws_context *context,
const struct lws_ec_curves *curve_table)
{
memset(ctx, 0, sizeof(*ctx));
ctx->context = context;
ctx->curve_table = curve_table;
ctx->genec_alg = LEGENEC_ECDSA;
ctx->u.ctx_ecdsa = lws_zalloc(sizeof(*ctx->u.ctx_ecdsa), "genecdsa");
if (!ctx->u.ctx_ecdsa)
return 1;
mbedtls_ecdsa_init(ctx->u.ctx_ecdsa);
return 0;
}
int
lws_genecdh_set_key(struct lws_genec_ctx *ctx, struct lws_gencrypto_keyelem *el,
enum enum_lws_dh_side side)
{
if (ctx->genec_alg != LEGENEC_ECDH)
return -1;
return lws_genec_keypair_import(ctx, side, el);
}
int
lws_genecdsa_set_key(struct lws_genec_ctx *ctx,
const struct lws_gencrypto_keyelem *el)
{
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
return lws_genec_keypair_import(ctx, 0, el);
}
void
lws_genec_destroy(struct lws_genec_ctx *ctx)
{
switch (ctx->genec_alg) {
case LEGENEC_ECDH:
if (ctx->u.ctx_ecdh) {
mbedtls_ecdh_free(ctx->u.ctx_ecdh);
lws_free(ctx->u.ctx_ecdh);
ctx->u.ctx_ecdh = NULL;
}
break;
case LEGENEC_ECDSA:
if (ctx->u.ctx_ecdsa) {
mbedtls_ecdsa_free(ctx->u.ctx_ecdsa);
lws_free(ctx->u.ctx_ecdsa);
ctx->u.ctx_ecdsa = NULL;
}
break;
default:
break;
}
}
int
lws_genecdh_new_keypair(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side,
const char *curve_name,
struct lws_gencrypto_keyelem *el)
{
const struct lws_ec_curves *curve;
mbedtls_ecdsa_context ecdsa;
mbedtls_ecp_keypair *kp;
mbedtls_mpi *mpi[3];
int n;
if (ctx->genec_alg != LEGENEC_ECDH)
return -1;
curve = lws_genec_curve(ctx->curve_table, curve_name);
if (!curve) {
lwsl_err("%s: curve '%s' not supported\n",
__func__, curve_name);
return -22;
}
mbedtls_ecdsa_init(&ecdsa);
n = mbedtls_ecdsa_genkey(&ecdsa, (mbedtls_ecp_group_id)curve->tls_lib_nid,
lws_gencrypto_mbedtls_rngf,
ctx->context);
if (n) {
lwsl_err("mbedtls_ecdsa_genkey failed 0x%x\n", -n);
goto bail1;
}
kp = (mbedtls_ecp_keypair *)&ecdsa;
n = mbedtls_ecdh_get_params(ctx->u.ctx_ecdh, kp,
(mbedtls_ecdh_side)side);
if (n) {
lwsl_err("mbedtls_ecdh_get_params failed 0x%x\n", -n);
goto bail1;
}
/*
* we need to capture the individual element BIGNUMs into
* lws_gencrypto_keyelem, so they can be serialized, used in jwk etc
*/
mpi[0] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X);
mpi[1] = &kp->MBEDTLS_PRIVATE(d);
mpi[2] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y);
el[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)strlen(curve_name) + 1;
el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
lws_malloc(el[LWS_GENCRYPTO_EC_KEYEL_CRV].len, "ec");
if (!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf)
goto bail1;
strcpy((char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf, curve_name);
for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
n++) {
el[n].len = curve->key_bytes;
el[n].buf = lws_malloc(curve->key_bytes, "ec");
if (!el[n].buf)
goto bail2;
if (mbedtls_mpi_write_binary(mpi[n - 1], el[n].buf,
curve->key_bytes))
goto bail2;
}
mbedtls_ecdsa_free(&ecdsa);
return 0;
bail2:
for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
bail1:
mbedtls_ecdsa_free(&ecdsa);
lws_free_set_NULL(ctx->u.ctx_ecdh);
return -1;
}
int
lws_genecdsa_new_keypair(struct lws_genec_ctx *ctx, const char *curve_name,
struct lws_gencrypto_keyelem *el)
{
const struct lws_ec_curves *curve;
mbedtls_ecp_keypair *kp;
mbedtls_mpi *mpi[3];
int n;
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
curve = lws_genec_curve(ctx->curve_table, curve_name);
if (!curve) {
lwsl_err("%s: curve '%s' not supported\n",
__func__, curve_name);
return -22;
}
//mbedtls_ecdsa_init(ctx->u.ctx_ecdsa);
n = mbedtls_ecdsa_genkey(ctx->u.ctx_ecdsa, (mbedtls_ecp_group_id)curve->tls_lib_nid,
lws_gencrypto_mbedtls_rngf, ctx->context);
if (n) {
lwsl_err("mbedtls_ecdsa_genkey failed 0x%x\n", -n);
goto bail1;
}
/*
* we need to capture the individual element BIGNUMs into
* lws_gencrypto_keyelems, so they can be serialized, used in jwk etc
*/
kp = (mbedtls_ecp_keypair *)ctx->u.ctx_ecdsa;
mpi[0] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X);
mpi[1] = &kp->MBEDTLS_PRIVATE(d);
mpi[2] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y);
el[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)strlen(curve_name) + 1;
el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
lws_malloc(el[LWS_GENCRYPTO_EC_KEYEL_CRV].len, "ec");
if (!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf)
goto bail1;
strcpy((char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf, curve_name);
for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
n++) {
el[n].len = curve->key_bytes;
el[n].buf = lws_malloc(curve->key_bytes, "ec");
if (!el[n].buf)
goto bail2;
if (mbedtls_mpi_write_binary(mpi[n - 1], el[n].buf, el[n].len)) {
lwsl_err("%s: mbedtls_mpi_write_binary failed\n", __func__);
goto bail2;
}
}
return 0;
bail2:
for (n = 0; n < LWS_GENCRYPTO_EC_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
bail1:
lws_free_set_NULL(ctx->u.ctx_ecdsa);
return -1;
}
int
lws_genecdsa_hash_sign_jws(struct lws_genec_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, int keybits,
uint8_t *sig, size_t sig_len)
{
int n, keybytes = lws_gencrypto_bits_to_bytes(keybits);
size_t hlen = lws_genhash_size(hash_type);
mbedtls_mpi mpi_r, mpi_s;
size_t slen = sig_len;
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
/*
* The ECDSA P-256 SHA-256 digital signature is generated as follows:
*
* 1. Generate a digital signature of the JWS Signing Input using ECDSA
* P-256 SHA-256 with the desired private key. The output will be
* the pair (R, S), where R and S are 256-bit unsigned integers.
*
* 2. Turn R and S into octet sequences in big-endian order, with each
* array being be 32 octets long. The octet sequence
* representations MUST NOT be shortened to omit any leading zero
* octets contained in the values.
*
* 3. Concatenate the two octet sequences in the order R and then S.
* (Note that many ECDSA implementations will directly produce this
* concatenation as their output.)
*
* 4. The resulting 64-octet sequence is the JWS Signature value.
*/
mbedtls_mpi_init(&mpi_r);
mbedtls_mpi_init(&mpi_s);
n = mbedtls_ecdsa_sign(&ECDSACTX(ctx, grp), &mpi_r, &mpi_s,
&ECDSACTX(ctx, d), in, hlen,
lws_gencrypto_mbedtls_rngf, ctx->context);
if (n) {
lwsl_err("%s: mbedtls_ecdsa_sign failed: -0x%x\n",
__func__, -n);
goto bail2;
}
if (mbedtls_mpi_write_binary(&mpi_r, sig, (unsigned int)keybytes))
goto bail2;
mbedtls_mpi_free(&mpi_r);
if (mbedtls_mpi_write_binary(&mpi_s, sig + keybytes, (unsigned int)keybytes))
goto bail1;
mbedtls_mpi_free(&mpi_s);
return (int)slen;
bail2:
mbedtls_mpi_free(&mpi_r);
bail1:
mbedtls_mpi_free(&mpi_s);
return -3;
}
int
lws_genecdsa_hash_sig_verify_jws(struct lws_genec_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, int keybits,
const uint8_t *sig, size_t sig_len)
{
int n, keybytes = lws_gencrypto_bits_to_bytes(keybits);
size_t hlen = lws_genhash_size(hash_type);
mbedtls_mpi mpi_r, mpi_s;
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
if ((int)sig_len != keybytes * 2)
return -1;
/*
* 1. The JWS Signature value MUST be a 64-octet sequence. If it is
* not a 64-octet sequence, the validation has failed.
*
* 2. Split the 64-octet sequence into two 32-octet sequences. The
* first octet sequence represents R and the second S. The values R
* and S are represented as octet sequences using the Integer-to-
* OctetString Conversion defined in Section 2.3.7 of SEC1 [SEC1]
* (in big-endian octet order).
*
* 3. Submit the JWS Signing Input, R, S, and the public key (x, y) to
* the ECDSA P-256 SHA-256 validator.
*/
mbedtls_mpi_init(&mpi_r);
mbedtls_mpi_init(&mpi_s);
if (mbedtls_mpi_read_binary(&mpi_r, sig, (unsigned int)keybytes))
return -1;
if (mbedtls_mpi_read_binary(&mpi_s, sig + keybytes, (unsigned int)keybytes))
goto bail1;
n = mbedtls_ecdsa_verify(&ECDSACTX(ctx, grp), in, hlen,
&ECDSACTX(ctx, Q), &mpi_r, &mpi_s);
mbedtls_mpi_free(&mpi_s);
mbedtls_mpi_free(&mpi_r);
if (n) {
lwsl_err("%s: mbedtls_ecdsa_verify failed: -0x%x\n",
__func__, -n);
goto bail;
}
return 0;
bail1:
mbedtls_mpi_free(&mpi_r);
bail:
return -3;
}
int
lws_genecdh_compute_shared_secret(struct lws_genec_ctx *ctx, uint8_t *ss,
int *ss_len)
{
int n;
size_t st;
if (mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp), &ECDHCTX(ctx, Q)) ||
mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp), &ECDHCTX(ctx, Qp))) {
lwsl_err("%s: both sides must be set up\n", __func__);
return -1;
}
n = mbedtls_ecdh_calc_secret(ctx->u.ctx_ecdh, &st, ss, (size_t)*ss_len,
lws_gencrypto_mbedtls_rngf, ctx->context);
if (n)
return -1;
*ss_len = (int)st;
return 0;
}

322
Kinc/Sources/kinc/libs/core/tls/mbedtls/lws-genhash.c Normal file
View File

@ -0,0 +1,322 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genhash provides a hash / hmac abstraction api in lws that works the
* same whether you are using openssl or mbedtls hash functions underneath.
*/
#include "libwebsockets.h"
#include <mbedtls/version.h>
#if defined(MBEDTLS_VERSION_NUMBER) && (MBEDTLS_VERSION_NUMBER >= 0x03000000)
#define mbedtls_md5_starts_ret mbedtls_md5_starts
#define mbedtls_md5_update_ret mbedtls_md5_update
#define mbedtls_md5_finish_ret mbedtls_md5_finish
#define mbedtls_sha1_finish_ret mbedtls_sha1_finish
#define mbedtls_sha1_update_ret mbedtls_sha1_update
#define mbedtls_sha1_starts_ret mbedtls_sha1_starts
#define mbedtls_sha256_starts_ret mbedtls_sha256_starts
#define mbedtls_sha256_update_ret mbedtls_sha256_update
#define mbedtls_sha256_finish_ret mbedtls_sha256_finish
#define mbedtls_sha512_starts_ret mbedtls_sha512_starts
#define mbedtls_sha512_update_ret mbedtls_sha512_update
#define mbedtls_sha512_finish_ret mbedtls_sha512_finish
#endif
#if defined(MBEDTLS_VERSION_NUMBER) && (MBEDTLS_VERSION_NUMBER >= 0x02070000)
/*
* We have the _ret variants available, check the return codes on everything
*/
int
lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type)
{
ctx->type = (uint8_t)type;
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
mbedtls_md5_init(&ctx->u.md5);
if (mbedtls_md5_starts_ret(&ctx->u.md5))
return 1;
break;
case LWS_GENHASH_TYPE_SHA1:
mbedtls_sha1_init(&ctx->u.sha1);
if (mbedtls_sha1_starts_ret(&ctx->u.sha1))
return 1;
break;
case LWS_GENHASH_TYPE_SHA256:
mbedtls_sha256_init(&ctx->u.sha256);
if (mbedtls_sha256_starts_ret(&ctx->u.sha256, 0))
return 1;
break;
case LWS_GENHASH_TYPE_SHA384:
mbedtls_sha512_init(&ctx->u.sha512);
if (mbedtls_sha512_starts_ret(&ctx->u.sha512, 1 /* is384 */))
return 1;
break;
case LWS_GENHASH_TYPE_SHA512:
mbedtls_sha512_init(&ctx->u.sha512);
if (mbedtls_sha512_starts_ret(&ctx->u.sha512, 0))
return 1;
break;
default:
return 1;
}
return 0;
}
int
lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len)
{
if (!len)
return 0;
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
if (mbedtls_md5_update_ret(&ctx->u.md5, in, len))
return 1;
break;
case LWS_GENHASH_TYPE_SHA1:
if (mbedtls_sha1_update_ret(&ctx->u.sha1, in, len))
return 1;
break;
case LWS_GENHASH_TYPE_SHA256:
if (mbedtls_sha256_update_ret(&ctx->u.sha256, in, len))
return 1;
break;
case LWS_GENHASH_TYPE_SHA384:
if (mbedtls_sha512_update_ret(&ctx->u.sha512, in, len))
return 1;
break;
case LWS_GENHASH_TYPE_SHA512:
if (mbedtls_sha512_update_ret(&ctx->u.sha512, in, len))
return 1;
break;
}
return 0;
}
int
lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result)
{
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
if (mbedtls_md5_finish_ret(&ctx->u.md5, result))
return 1;
mbedtls_md5_free(&ctx->u.md5);
break;
case LWS_GENHASH_TYPE_SHA1:
if (mbedtls_sha1_finish_ret(&ctx->u.sha1, result))
return 1;
mbedtls_sha1_free(&ctx->u.sha1);
break;
case LWS_GENHASH_TYPE_SHA256:
if (mbedtls_sha256_finish_ret(&ctx->u.sha256, result))
return 1;
mbedtls_sha256_free(&ctx->u.sha256);
break;
case LWS_GENHASH_TYPE_SHA384:
if (mbedtls_sha512_finish_ret(&ctx->u.sha512, result))
return 1;
mbedtls_sha512_free(&ctx->u.sha512);
break;
case LWS_GENHASH_TYPE_SHA512:
if (mbedtls_sha512_finish_ret(&ctx->u.sha512, result))
return 1;
mbedtls_sha512_free(&ctx->u.sha512);
break;
}
return 0;
}
#else
/*
* mbedtls is too old to have the _ret variants
*/
int
lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type)
{
ctx->type = type;
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
mbedtls_md5_init(&ctx->u.md5);
mbedtls_md5_starts(&ctx->u.md5);
break;
case LWS_GENHASH_TYPE_SHA1:
mbedtls_sha1_init(&ctx->u.sha1);
mbedtls_sha1_starts(&ctx->u.sha1);
break;
case LWS_GENHASH_TYPE_SHA256:
mbedtls_sha256_init(&ctx->u.sha256);
mbedtls_sha256_starts(&ctx->u.sha256, 0);
break;
case LWS_GENHASH_TYPE_SHA384:
mbedtls_sha512_init(&ctx->u.sha512);
mbedtls_sha512_starts(&ctx->u.sha512, 1 /* is384 */);
break;
case LWS_GENHASH_TYPE_SHA512:
mbedtls_sha512_init(&ctx->u.sha512);
mbedtls_sha512_starts(&ctx->u.sha512, 0);
break;
default:
return 1;
}
return 0;
}
int
lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len)
{
if (!len)
return 0;
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
mbedtls_md5_update(&ctx->u.md5, in, len);
break;
case LWS_GENHASH_TYPE_SHA1:
mbedtls_sha1_update(&ctx->u.sha1, in, len);
break;
case LWS_GENHASH_TYPE_SHA256:
mbedtls_sha256_update(&ctx->u.sha256, in, len);
break;
case LWS_GENHASH_TYPE_SHA384:
mbedtls_sha512_update(&ctx->u.sha512, in, len);
break;
case LWS_GENHASH_TYPE_SHA512:
mbedtls_sha512_update(&ctx->u.sha512, in, len);
break;
}
return 0;
}
int
lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result)
{
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
mbedtls_md5_finish(&ctx->u.md5, result);
mbedtls_md5_free(&ctx->u.md5);
break;
case LWS_GENHASH_TYPE_SHA1:
mbedtls_sha1_finish(&ctx->u.sha1, result);
mbedtls_sha1_free(&ctx->u.sha1);
break;
case LWS_GENHASH_TYPE_SHA256:
mbedtls_sha256_finish(&ctx->u.sha256, result);
mbedtls_sha256_free(&ctx->u.sha256);
break;
case LWS_GENHASH_TYPE_SHA384:
mbedtls_sha512_finish(&ctx->u.sha512, result);
mbedtls_sha512_free(&ctx->u.sha512);
break;
case LWS_GENHASH_TYPE_SHA512:
mbedtls_sha512_finish(&ctx->u.sha512, result);
mbedtls_sha512_free(&ctx->u.sha512);
break;
}
return 0;
}
#endif
int
lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
const uint8_t *key, size_t key_len)
{
int t;
ctx->type = (uint8_t)type;
switch (type) {
case LWS_GENHMAC_TYPE_SHA256:
t = MBEDTLS_MD_SHA256;
break;
case LWS_GENHMAC_TYPE_SHA384:
t = MBEDTLS_MD_SHA384;
break;
case LWS_GENHMAC_TYPE_SHA512:
t = MBEDTLS_MD_SHA512;
break;
default:
return -1;
}
ctx->hmac = mbedtls_md_info_from_type((mbedtls_md_type_t)t);
if (!ctx->hmac)
return -1;
#if !defined(LWS_HAVE_mbedtls_md_setup)
if (mbedtls_md_init_ctx(&ctx->ctx, ctx->hmac))
return -1;
#else
if (mbedtls_md_setup(&ctx->ctx, ctx->hmac, 1))
return -1;
#endif
if (mbedtls_md_hmac_starts(&ctx->ctx, key, key_len)) {
mbedtls_md_free(&ctx->ctx);
ctx->hmac = NULL;
return -1;
}
return 0;
}
int
lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len)
{
if (!len)
return 0;
if (mbedtls_md_hmac_update(&ctx->ctx, in, len))
return -1;
return 0;
}
int
lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result)
{
int n = 0;
if (result)
n = mbedtls_md_hmac_finish(&ctx->ctx, result);
mbedtls_md_free(&ctx->ctx);
ctx->hmac = NULL;
if (n)
return -1;
return 0;
}

564
Kinc/Sources/kinc/libs/core/tls/mbedtls/lws-genrsa.c Normal file
View File

@ -0,0 +1,564 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genrsa provides an RSA abstraction api in lws that works the
* same whether you are using openssl or mbedtls crypto functions underneath.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
#include <mbedtls/rsa.h>
void
lws_genrsa_destroy_elements(struct lws_gencrypto_keyelem *el)
{
int n;
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
}
static int mode_map[] = { MBEDTLS_RSA_PKCS_V15, MBEDTLS_RSA_PKCS_V21 };
int
lws_genrsa_create(struct lws_genrsa_ctx *ctx,
const struct lws_gencrypto_keyelem *el,
struct lws_context *context, enum enum_genrsa_mode mode,
enum lws_genhash_types oaep_hashid)
{
memset(ctx, 0, sizeof(*ctx));
ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa");
if (!ctx->ctx)
return 1;
ctx->context = context;
ctx->mode = mode;
if (mode >= LGRSAM_COUNT)
return -1;
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
mbedtls_rsa_init(ctx->ctx, mode_map[mode], 0);
#else
mbedtls_rsa_init(ctx->ctx);
mbedtls_rsa_set_padding(ctx->ctx, mode_map[mode], 0);
#endif
ctx->ctx->MBEDTLS_PRIVATE(padding) = mode_map[mode];
ctx->ctx->MBEDTLS_PRIVATE(hash_id) =
(int)lws_gencrypto_mbedtls_hash_to_MD_TYPE(oaep_hashid);
{
int n;
mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = {
&ctx->ctx->MBEDTLS_PRIVATE(E),
&ctx->ctx->MBEDTLS_PRIVATE(N),
&ctx->ctx->MBEDTLS_PRIVATE(D),
&ctx->ctx->MBEDTLS_PRIVATE(P),
&ctx->ctx->MBEDTLS_PRIVATE(Q),
&ctx->ctx->MBEDTLS_PRIVATE(DP),
&ctx->ctx->MBEDTLS_PRIVATE(DQ),
&ctx->ctx->MBEDTLS_PRIVATE(QP),
};
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++)
if (el[n].buf &&
mbedtls_mpi_read_binary(mpi[n], el[n].buf,
el[n].len)) {
lwsl_notice("mpi load failed\n");
lws_free_set_NULL(ctx->ctx);
return -1;
}
/* mbedtls... compute missing P & Q */
if ( el[LWS_GENCRYPTO_RSA_KEYEL_D].len &&
!el[LWS_GENCRYPTO_RSA_KEYEL_P].len &&
!el[LWS_GENCRYPTO_RSA_KEYEL_Q].len) {
#if defined(LWS_HAVE_mbedtls_rsa_complete)
if (mbedtls_rsa_complete(ctx->ctx)) {
lwsl_notice("mbedtls_rsa_complete failed\n");
#else
{
lwsl_notice("%s: you have to provide P and Q\n", __func__);
#endif
lws_free_set_NULL(ctx->ctx);
return -1;
}
}
}
ctx->ctx->MBEDTLS_PRIVATE(len) = el[LWS_GENCRYPTO_RSA_KEYEL_N].len;
return 0;
}
static int
_rngf(void *context, unsigned char *buf, size_t len)
{
if ((size_t)lws_get_random(context, buf, len) == len)
return 0;
return -1;
}
int
lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx,
enum enum_genrsa_mode mode, struct lws_gencrypto_keyelem *el,
int bits)
{
int n;
memset(ctx, 0, sizeof(*ctx));
ctx->ctx = lws_zalloc(sizeof(*ctx->ctx), "genrsa");
if (!ctx->ctx)
return -1;
ctx->context = context;
ctx->mode = mode;
if (mode >= LGRSAM_COUNT)
return -1;
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
mbedtls_rsa_init(ctx->ctx, mode_map[mode], 0);
#else
mbedtls_rsa_init(ctx->ctx);
mbedtls_rsa_set_padding(ctx->ctx, mode_map[mode], 0);
#endif
n = mbedtls_rsa_gen_key(ctx->ctx, _rngf, context, (unsigned int)bits, 65537);
if (n) {
lwsl_err("mbedtls_rsa_gen_key failed 0x%x\n", -n);
goto cleanup_1;
}
{
mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = {
&ctx->ctx->MBEDTLS_PRIVATE(E),
&ctx->ctx->MBEDTLS_PRIVATE(N),
&ctx->ctx->MBEDTLS_PRIVATE(D),
&ctx->ctx->MBEDTLS_PRIVATE(P),
&ctx->ctx->MBEDTLS_PRIVATE(Q),
&ctx->ctx->MBEDTLS_PRIVATE(DP),
&ctx->ctx->MBEDTLS_PRIVATE(DQ),
&ctx->ctx->MBEDTLS_PRIVATE(QP),
};
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++)
if (mpi[n] && mbedtls_mpi_size(mpi[n])) {
el[n].buf = lws_malloc(
mbedtls_mpi_size(mpi[n]), "genrsakey");
if (!el[n].buf)
goto cleanup;
el[n].len = (uint32_t)mbedtls_mpi_size(mpi[n]);
if (mbedtls_mpi_write_binary(mpi[n], el[n].buf,
el[n].len))
goto cleanup;
}
}
return 0;
cleanup:
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
cleanup_1:
lws_free(ctx->ctx);
return -1;
}
int
lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out, size_t out_max)
{
size_t olen = 0;
int n;
ctx->ctx->MBEDTLS_PRIVATE(len) = in_len;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PUBLIC,
#endif
&olen, in, out,
out_max);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsaes_oaep_decrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PUBLIC,
#endif
NULL, 0,
&olen, in, out, out_max);
break;
default:
return -1;
}
if (n) {
lwsl_notice("%s: -0x%x\n", __func__, -n);
return -1;
}
return (int)olen;
}
int
lws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out, size_t out_max)
{
size_t olen = 0;
int n;
ctx->ctx->MBEDTLS_PRIVATE(len) = in_len;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
&olen, in, out,
out_max);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsaes_oaep_decrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
NULL, 0,
&olen, in, out, out_max);
break;
default:
return -1;
}
if (n) {
lwsl_notice("%s: -0x%x\n", __func__, -n);
return -1;
}
return (int)olen;
}
int
lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out)
{
int n;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PUBLIC,
#endif
in_len, in, out);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsaes_oaep_encrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PUBLIC,
#endif
NULL, 0,
in_len, in, out);
break;
default:
return -1;
}
if (n < 0) {
lwsl_notice("%s: -0x%x: in_len: %d\n", __func__, -n,
(int)in_len);
return -1;
}
return (int)mbedtls_mpi_size(&ctx->ctx->MBEDTLS_PRIVATE(N));
}
int
lws_genrsa_private_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out)
{
int n;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
in_len, in, out);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsaes_oaep_encrypt(ctx->ctx, _rngf,
ctx->context,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
NULL, 0,
in_len, in, out);
break;
default:
return -1;
}
if (n) {
lwsl_notice("%s: -0x%x: in_len: %d\n", __func__, -n,
(int)in_len);
return -1;
}
return (int)mbedtls_mpi_size(&ctx->ctx->MBEDTLS_PRIVATE(N));
}
int
lws_genrsa_hash_sig_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, const uint8_t *sig,
size_t sig_len)
{
int n, h = (int)lws_gencrypto_mbedtls_hash_to_MD_TYPE(hash_type);
if (h < 0)
return -1;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
NULL, NULL,
MBEDTLS_RSA_PUBLIC,
#endif
(mbedtls_md_type_t)h,
(unsigned int)lws_genhash_size(hash_type),
in, sig);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsassa_pss_verify(ctx->ctx,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
NULL, NULL,
MBEDTLS_RSA_PUBLIC,
#endif
(mbedtls_md_type_t)h,
(unsigned int)lws_genhash_size(hash_type),
in, sig);
break;
default:
return -1;
}
if (n < 0) {
lwsl_notice("%s: (mode %d) -0x%x\n", __func__, ctx->mode, -n);
return -1;
}
return n;
}
int
lws_genrsa_hash_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, uint8_t *sig,
size_t sig_len)
{
int n, h = (int)lws_gencrypto_mbedtls_hash_to_MD_TYPE(hash_type);
if (h < 0)
return -1;
#if defined(LWS_HAVE_mbedtls_rsa_complete)
mbedtls_rsa_complete(ctx->ctx);
#endif
/*
* The "sig" buffer must be as large as the size of ctx->N
* (eg. 128 bytes if RSA-1024 is used).
*/
if (sig_len < ctx->ctx->MBEDTLS_PRIVATE(len))
return -1;
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx,
mbedtls_ctr_drbg_random,
&ctx->context->mcdc,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
(mbedtls_md_type_t)h,
(unsigned int)lws_genhash_size(hash_type),
in, sig);
break;
case LGRSAM_PKCS1_OAEP_PSS:
n = mbedtls_rsa_rsassa_pss_sign(ctx->ctx,
mbedtls_ctr_drbg_random,
&ctx->context->mcdc,
#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000
MBEDTLS_RSA_PRIVATE,
#endif
(mbedtls_md_type_t)h,
(unsigned int)lws_genhash_size(hash_type),
in, sig);
break;
default:
return -1;
}
if (n < 0) {
lwsl_notice("%s: -0x%x\n", __func__, -n);
return -1;
}
return (int)ctx->ctx->MBEDTLS_PRIVATE(len);
}
int
lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private,
uint8_t *pkey_asn1, size_t pkey_asn1_len)
{
uint8_t *p = pkey_asn1, *totlen, *end = pkey_asn1 + pkey_asn1_len - 1;
mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = {
&ctx->ctx->MBEDTLS_PRIVATE(N),
&ctx->ctx->MBEDTLS_PRIVATE(E),
&ctx->ctx->MBEDTLS_PRIVATE(D),
&ctx->ctx->MBEDTLS_PRIVATE(P),
&ctx->ctx->MBEDTLS_PRIVATE(Q),
&ctx->ctx->MBEDTLS_PRIVATE(DP),
&ctx->ctx->MBEDTLS_PRIVATE(DQ),
&ctx->ctx->MBEDTLS_PRIVATE(QP),
};
int n;
/* 30 82 - sequence
* 09 29 <-- length(0x0929) less 4 bytes
* 02 01 <- length (1)
* 00
* 02 82
* 02 01 <- length (513) N
* ...
*
* 02 03 <- length (3) E
* 01 00 01
*
* 02 82
* 02 00 <- length (512) D P Q EXP1 EXP2 COEFF
*
* */
*p++ = 0x30;
*p++ = 0x82;
totlen = p;
p += 2;
*p++ = 0x02;
*p++ = 0x01;
*p++ = 0x00;
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++) {
int m = (int)mbedtls_mpi_size(mpi[n]);
uint8_t *elen;
*p++ = 0x02;
elen = p;
if (m < 0x7f)
*p++ = (uint8_t)m;
else {
*p++ = 0x82;
*p++ = (uint8_t)(m >> 8);
*p++ = (uint8_t)(m & 0xff);
}
if (p + m > end)
return -1;
if (mbedtls_mpi_write_binary(mpi[n], p, (unsigned int)m))
return -1;
if (p[0] & 0x80) {
p[0] = 0x00;
if (mbedtls_mpi_write_binary(mpi[n], &p[1], (unsigned int)m))
return -1;
m++;
}
if (m < 0x7f)
*elen = (uint8_t)m;
else {
*elen++ = 0x82;
*elen++ = (uint8_t)(m >> 8);
*elen = (uint8_t)(m & 0xff);
}
p += m;
}
n = lws_ptr_diff(p, pkey_asn1);
*totlen++ = (uint8_t)((n - 4) >> 8);
*totlen = (uint8_t)((n - 4) & 0xff);
return n;
}
void
lws_genrsa_destroy(struct lws_genrsa_ctx *ctx)
{
if (!ctx->ctx)
return;
mbedtls_rsa_free(ctx->ctx);
lws_free(ctx->ctx);
ctx->ctx = NULL;
}

552
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-client.c Normal file
View File

@ -0,0 +1,552 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
#if defined(LWS_WITH_TLS_JIT_TRUST)
/*
* We get called for each peer certificate that was provided in turn.
*
* Our job is just to collect the AKID and SKIDs into ssl->kid_chain, and walk
* later at verification result time if it failed.
*
* None of these should be trusted, even if a misconfigured server sends us
* his root CA.
*/
static int
lws_mbedtls_client_verify_callback(SSL *ssl, mbedtls_x509_crt *x509)
{
union lws_tls_cert_info_results ci;
/* we reached the max we can hold? */
if (ssl->kid_chain.count == LWS_ARRAY_SIZE(ssl->kid_chain.akid))
return 0;
/* if not, stash the SKID and AKID into the next kid slot */
if (!lws_tls_mbedtls_cert_info(x509, LWS_TLS_CERT_INFO_SUBJECT_KEY_ID,
&ci, 0))
lws_tls_kid_copy(&ci,
&ssl->kid_chain.skid[ssl->kid_chain.count]);
if (!lws_tls_mbedtls_cert_info(x509, LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID,
&ci, 0))
lws_tls_kid_copy(&ci,
&ssl->kid_chain.akid[ssl->kid_chain.count]);
ssl->kid_chain.count++;
// lwsl_notice("%s: %u\n", __func__, ssl->kid_chain.count);
return 0;
}
#endif
int
lws_ssl_client_bio_create(struct lws *wsi)
{
char hostname[128], *p;
const char *alpn_comma = wsi->a.context->tls.alpn_default;
struct alpn_ctx protos;
int fl = SSL_VERIFY_PEER;
if (wsi->stash)
lws_strncpy(hostname, wsi->stash->cis[CIS_HOST], sizeof(hostname));
else
if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
_WSI_TOKEN_CLIENT_HOST) <= 0) {
lwsl_err("%s: Unable to get hostname\n", __func__);
return -1;
}
/*
* remove any :port part on the hostname... necessary for network
* connection but typical certificates do not contain it
*/
p = hostname;
while (*p) {
if (*p == ':') {
*p = '\0';
break;
}
p++;
}
wsi->tls.ssl = SSL_new(wsi->a.vhost->tls.ssl_client_ctx);
if (!wsi->tls.ssl) {
lwsl_info("%s: SSL_new() failed\n", __func__);
return -1;
}
#if defined(LWS_WITH_TLS_SESSIONS)
if (!(wsi->a.vhost->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE))
lws_tls_reuse_session(wsi);
#endif
if (wsi->a.vhost->tls.ssl_info_event_mask)
SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback);
if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
X509_VERIFY_PARAM *param = SSL_get0_param(wsi->tls.ssl);
/* Enable automatic hostname checks */
// X509_VERIFY_PARAM_set_hostflags(param,
// X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
lwsl_info("%s: setting hostname %s\n", __func__, hostname);
if (X509_VERIFY_PARAM_set1_host(param, hostname, 0) != 1)
return -1;
}
if (wsi->a.vhost->tls.alpn)
alpn_comma = wsi->a.vhost->tls.alpn;
if (wsi->stash) {
lws_strncpy(hostname, wsi->stash->cis[CIS_HOST],
sizeof(hostname));
if (wsi->stash->cis[CIS_ALPN])
alpn_comma = wsi->stash->cis[CIS_ALPN];
} else {
if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
_WSI_TOKEN_CLIENT_ALPN) > 0)
alpn_comma = hostname;
}
protos.len = (uint8_t)lws_alpn_comma_to_openssl(alpn_comma, protos.data,
sizeof(protos.data) - 1);
lwsl_info("%s: %s: client conn sending ALPN list '%s' (protos.len %d)\n",
__func__, lws_wsi_tag(wsi), alpn_comma, protos.len);
/* with mbedtls, protos is not pointed to after exit from this call */
SSL_set_alpn_select_cb(wsi->tls.ssl, &protos);
if (wsi->flags & LCCSCF_ALLOW_SELFSIGNED) {
lwsl_notice("%s: allowing selfsigned\n", __func__);
fl = SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
if (wsi->flags & LCCSCF_ALLOW_INSECURE)
fl = SSL_VERIFY_NONE;
/*
* use server name indication (SNI), if supported,
* when establishing connection
*/
#if defined(LWS_WITH_TLS_JIT_TRUST)
SSL_set_verify(wsi->tls.ssl, SSL_VERIFY_PEER,
lws_mbedtls_client_verify_callback);
(void)fl;
#else
SSL_set_verify(wsi->tls.ssl, fl, NULL);
#endif
SSL_set_fd(wsi->tls.ssl, (int)wsi->desc.sockfd);
if (wsi->sys_tls_client_cert) {
lws_system_blob_t *b = lws_system_get_blob(wsi->a.context,
LWS_SYSBLOB_TYPE_CLIENT_CERT_DER,
wsi->sys_tls_client_cert - 1);
const uint8_t *pem_data = NULL;
uint8_t *data = NULL;
lws_filepos_t flen;
size_t size;
int err = 0;
if (!b)
goto no_client_cert;
/*
* Set up the per-connection client cert
*/
size = lws_system_blob_get_size(b);
if (!size)
goto no_client_cert;
if (lws_system_blob_get_single_ptr(b, &pem_data))
goto no_client_cert;
if (lws_tls_alloc_pem_to_der_file(wsi->a.context, NULL,
(const char *)pem_data, size,
&data, &flen))
goto no_client_cert;
size = (size_t) flen;
err = SSL_use_certificate_ASN1(wsi->tls.ssl, data, (int)size);
lws_free_set_NULL(data);
if (err != 1)
goto no_client_cert;
b = lws_system_get_blob(wsi->a.context,
LWS_SYSBLOB_TYPE_CLIENT_KEY_DER,
wsi->sys_tls_client_cert - 1);
if (!b)
goto no_client_cert;
size = lws_system_blob_get_size(b);
if (!size)
goto no_client_cert;
if (lws_system_blob_get_single_ptr(b, &pem_data))
goto no_client_cert;
if (lws_tls_alloc_pem_to_der_file(wsi->a.context, NULL,
(const char *)pem_data, size,
&data, &flen))
goto no_client_cert;
size = (size_t) flen;
err = SSL_use_PrivateKey_ASN1(0, wsi->tls.ssl, data, (int)size);
lws_free_set_NULL(data);
if (err != 1)
goto no_client_cert;
/* no wrapper api for check key */
lwsl_notice("%s: set system client cert %u\n", __func__,
wsi->sys_tls_client_cert - 1);
}
return 0;
no_client_cert:
lwsl_err("%s: unable to set up system client cert %d\n", __func__,
wsi->sys_tls_client_cert - 1);
return 1;
}
int ERR_get_error(void)
{
return 0;
}
enum lws_ssl_capable_status
lws_tls_client_connect(struct lws *wsi, char *errbuf, size_t elen)
{
int m, n = SSL_connect(wsi->tls.ssl), en;
if (n == 1) {
lws_tls_server_conn_alpn(wsi);
#if defined(LWS_WITH_TLS_SESSIONS)
lws_tls_session_new_mbedtls(wsi);
#endif
lwsl_info("%s: client connect OK\n", __func__);
return LWS_SSL_CAPABLE_DONE;
}
en = (int)LWS_ERRNO;
m = SSL_get_error(wsi->tls.ssl, n);
if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl))
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl))
return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;
if (!n) /* we don't know what he wants, but he says to retry */
return LWS_SSL_CAPABLE_MORE_SERVICE;
if (m == SSL_ERROR_SYSCALL && !en && n >= 0) /* otherwise we miss explicit failures and spin
* in hs state 17 until timeout... */
return LWS_SSL_CAPABLE_MORE_SERVICE;
lws_snprintf(errbuf, elen, "mbedtls connect %d %d %d", n, m, en);
return LWS_SSL_CAPABLE_ERROR;
}
int
lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, size_t ebuf_len)
{
int n;
unsigned int avoid = 0;
X509 *peer = SSL_get_peer_certificate(wsi->tls.ssl);
struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];
const char *type = "";
char *sb = (char *)&pt->serv_buf[0];
if (!peer) {
#if defined(LWS_WITH_SYS_METRICS)
lws_metrics_hist_bump_describe_wsi(wsi, lws_metrics_priv_to_pub(
wsi->a.context->mth_conn_failures),
"tls=\"nocert\"");
#endif
lwsl_info("peer did not provide cert\n");
lws_snprintf(ebuf, ebuf_len, "no peer cert");
return -1;
}
n = (int)SSL_get_verify_result(wsi->tls.ssl);
lwsl_debug("get_verify says %d\n", n);
switch (n) {
case X509_V_OK:
return 0;
case X509_V_ERR_HOSTNAME_MISMATCH:
type = "hostname";
avoid = LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK;
break;
case X509_V_ERR_INVALID_CA:
type = "invalidca";
avoid = LCCSCF_ALLOW_SELFSIGNED;
break;
case X509_V_ERR_CERT_NOT_YET_VALID:
type = "notyetvalid";
avoid = LCCSCF_ALLOW_EXPIRED;
break;
case X509_V_ERR_CERT_HAS_EXPIRED:
type = "expired";
avoid = LCCSCF_ALLOW_EXPIRED;
break;
}
lwsl_info("%s: cert problem: %s\n", __func__, type);
#if defined(LWS_WITH_SYS_METRICS)
{
char buckname[64];
lws_snprintf(buckname, sizeof(buckname), "tls=\"%s\"", type);
lws_metrics_hist_bump_describe_wsi(wsi,
lws_metrics_priv_to_pub(wsi->a.context->mth_conn_failures),
buckname);
}
#endif
if (wsi->tls.use_ssl & avoid) {
lwsl_info("%s: allowing anyway\n", __func__);
return 0;
}
#if defined(LWS_WITH_TLS_JIT_TRUST)
if (n == X509_V_ERR_INVALID_CA)
lws_tls_jit_trust_sort_kids(wsi, &wsi->tls.ssl->kid_chain);
#endif
lws_snprintf(ebuf, ebuf_len,
"server's cert didn't look good, %s (use_ssl 0x%x) X509_V_ERR = %d: %s\n",
type, (unsigned int)wsi->tls.use_ssl, n,
ERR_error_string((unsigned long)n, sb));
lwsl_info("%s\n", ebuf);
lws_tls_err_describe_clear();
return -1;
}
int
lws_tls_client_create_vhost_context(struct lws_vhost *vh,
const struct lws_context_creation_info *info,
const char *cipher_list,
const char *ca_filepath,
const void *ca_mem,
unsigned int ca_mem_len,
const char *cert_filepath,
const void *cert_mem,
unsigned int cert_mem_len,
const char *private_key_filepath,
const void *key_mem,
unsigned int key_mem_len
)
{
X509 *d2i_X509(X509 **cert, const unsigned char **buffer, long len);
SSL_METHOD *method;
unsigned long error;
int n;
#if defined(LWS_WITH_TLS_SESSIONS)
vh->tls_session_cache_max = info->tls_session_cache_max ?
info->tls_session_cache_max : 10;
lws_tls_session_cache(vh, info->tls_session_timeout);
#endif
#if defined(MBEDTLS_SSL_PROTO_TLS1_2)
method = (SSL_METHOD *)TLSv1_2_client_method();
#elif defined(MBEDTLS_SSL_PROTO_TLS1_1)
method = (SSL_METHOD *)TLSv1_1_client_method();
#elif defined(MBEDTLS_SSL_PROTO_TLS1)
method = (SSL_METHOD *)TLSv1_client_method();
#else
method = (SSL_METHOD *)TLS_client_method();
#endif
if (!method) {
error = (unsigned long)ERR_get_error();
lwsl_err("problem creating ssl method %lu: %s\n",
error, ERR_error_string(error,
(char *)vh->context->pt[0].serv_buf));
return 1;
}
/* create context */
vh->tls.ssl_client_ctx = SSL_CTX_new(method, &vh->context->mcdc);
if (!vh->tls.ssl_client_ctx) {
error = (unsigned long)ERR_get_error();
lwsl_err("problem creating ssl context %lu: %s\n",
error, ERR_error_string(error,
(char *)vh->context->pt[0].serv_buf));
return 1;
}
if (!ca_filepath && (!ca_mem || !ca_mem_len))
return 0;
if (ca_filepath) {
#if !defined(LWS_PLAT_OPTEE)
uint8_t *buf;
lws_filepos_t len;
if (alloc_file(vh->context, ca_filepath, &buf, &len)) {
lwsl_err("Load CA cert file %s failed\n", ca_filepath);
return 1;
}
vh->tls.x509_client_CA = d2i_X509(NULL, (const uint8_t **)&buf, (long)len);
free(buf);
lwsl_info("Loading vh %s client CA for verification %s\n", vh->name, ca_filepath);
#endif
} else {
vh->tls.x509_client_CA = d2i_X509(NULL, (const uint8_t **)&ca_mem, (long)ca_mem_len);
lwsl_info("%s: using mem client CA cert %d\n",
__func__, ca_mem_len);
}
if (!vh->tls.x509_client_CA) {
lwsl_err("client CA: x509 parse failed\n");
return 1;
}
if (!vh->tls.ssl_ctx)
SSL_CTX_add_client_CA(vh->tls.ssl_client_ctx, vh->tls.x509_client_CA);
else
SSL_CTX_add_client_CA(vh->tls.ssl_ctx, vh->tls.x509_client_CA);
/* support for client-side certificate authentication */
if (cert_filepath) {
#if !defined(LWS_PLAT_OPTEE)
uint8_t *buf;
lws_filepos_t amount;
if (lws_tls_use_any_upgrade_check_extant(cert_filepath) !=
LWS_TLS_EXTANT_YES &&
(info->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT))
return 0;
lwsl_notice("%s: doing cert filepath %s\n", __func__,
cert_filepath);
if (alloc_file(vh->context, cert_filepath, &buf, &amount))
return 1;
buf[amount++] = '\0';
n = SSL_CTX_use_certificate_ASN1(vh->tls.ssl_client_ctx,
(int)amount, buf);
lws_free(buf);
if (n < 1) {
lwsl_err("problem %d getting cert '%s'\n", n,
cert_filepath);
lws_tls_err_describe_clear();
return 1;
}
lwsl_info("Loaded client cert %s\n", cert_filepath);
#endif
} else if (cert_mem && cert_mem_len) {
/* lwsl_hexdump_notice(cert_mem, cert_mem_len - 1); */
n = SSL_CTX_use_certificate_ASN1(vh->tls.ssl_client_ctx,
(int)cert_mem_len, cert_mem);
if (n < 1) {
lwsl_err("%s: (mbedtls) problem interpreting client cert\n",
__func__);
lws_tls_err_describe_clear();
return 1;
}
lwsl_info("%s: using mem client cert %d\n",
__func__, cert_mem_len);
}
if (private_key_filepath) {
#if !defined(LWS_PLAT_OPTEE)
uint8_t *buf;
lws_filepos_t amount;
lwsl_notice("%s: doing private key filepath %s\n", __func__,
private_key_filepath);
if (alloc_file(vh->context, private_key_filepath, &buf, &amount))
return 1;
buf[amount++] = '\0';
n = SSL_CTX_use_PrivateKey_ASN1(0, vh->tls.ssl_client_ctx,
buf, (long)amount);
lws_free(buf);
if (n < 1) {
lwsl_err("problem %d getting private key '%s'\n", n,
private_key_filepath);
lws_tls_err_describe_clear();
return 1;
}
lwsl_notice("Loaded private key %s\n", private_key_filepath);
#endif
} else if (key_mem && key_mem_len) {
/* lwsl_hexdump_notice(cert_mem, cert_mem_len - 1); */
n = SSL_CTX_use_PrivateKey_ASN1(0, vh->tls.ssl_client_ctx,
key_mem, (long)key_mem_len - 1);
if (n < 1) {
lwsl_err("%s: (mbedtls) problem interpreting private key\n",
__func__);
lws_tls_err_describe_clear();
return 1;
}
lwsl_info("%s: using mem private key %d\n",
__func__, key_mem_len);
}
return 0;
}
int
lws_tls_client_vhost_extra_cert_mem(struct lws_vhost *vh,
const uint8_t *der, size_t der_len)
{
if (SSL_CTX_add_client_CA_ASN1(vh->tls.ssl_client_ctx, (int)der_len, der) != 1) {
lwsl_err("%s: failed\n", __func__);
return 1;
}
return 0;
}

512
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-extensions.c Normal file
View File

@ -0,0 +1,512 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2022 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* These are additional apis that belong in mbedtls but do not yet exist there.
* Alternaives are provided for lws to use that understand additional standard
* v3 tls extensions. Error results are simplified to lws style.
*
* This file includes code taken from mbedtls and modified, and from an as of
* 2021-06-11 unaccepted-upstream patch for mbedtls contributed by Gábor Tóth
* <toth92g@gmail.com>. Gabor has graciously allowed use of his patch with more
* liberal terms but to not complicate matters I provide it here under the same
* Apache 2.0 terms as the mbedtls pieces.
*
* Those original pieces are licensed Apache-2.0 as follows
*
* Copyright The Mbed TLS Contributors
* SPDX-License-Identifier: Apache-2.0
*
* Licensed under the Apache License, Version 2.0 (the "License"); you may
* not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
#include <mbedtls/oid.h>
#include <mbedtls/x509.h>
/*
* This section from mbedtls oid.c
*/
typedef struct {
mbedtls_oid_descriptor_t descriptor;
int ext_type;
} oid_x509_ext_t;
#define ADD_LEN(s) s, MBEDTLS_OID_SIZE(s)
#define LWS_MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x23" /**< id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 35 } */
#define LWS_MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER MBEDTLS_OID_ID_CE "\x0E" /**< id-ce-subjectKeyIdentifier OBJECT IDENTIFIER ::= { id-ce 14 } */
#define LWS_MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER (1 << 0)
#define LWS_MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER (1 << 1)
#define LWS_MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER LWS_MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER
#define LWS_MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER LWS_MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER
#define LWS_MBEDTLS_X509_SAN_OTHER_NAME 0
#define LWS_MBEDTLS_X509_SAN_RFC822_NAME 1
#define LWS_MBEDTLS_X509_SAN_DNS_NAME 2
#define LWS_MBEDTLS_ASN1_TAG_CLASS_MASK 0xC0
#define LWS_MBEDTLS_ASN1_TAG_VALUE_MASK 0x1F
static const oid_x509_ext_t oid_x509_ext[] = {
{ {ADD_LEN( LWS_MBEDTLS_OID_SUBJECT_KEY_IDENTIFIER ),
"id-ce-subjectKeyIdentifier",
"Subject Key Identifier" },
LWS_MBEDTLS_OID_X509_EXT_SUBJECT_KEY_IDENTIFIER,
},
{ {ADD_LEN( LWS_MBEDTLS_OID_AUTHORITY_KEY_IDENTIFIER ),
"id-ce-authorityKeyIdentifier",
"Authority Key Identifier" },
LWS_MBEDTLS_OID_X509_EXT_AUTHORITY_KEY_IDENTIFIER,
},
{ { NULL, 0, NULL, NULL }, 0 },
};
#define FN_OID_TYPED_FROM_ASN1( TYPE_T, NAME, LIST ) \
static const TYPE_T * oid_ ## NAME ## _from_asn1( \
const mbedtls_asn1_buf *oid ) \
{ \
const TYPE_T *p = (LIST); \
const mbedtls_oid_descriptor_t *cur = \
(const mbedtls_oid_descriptor_t *) p; \
if( p == NULL || oid == NULL ) return( NULL ); \
while( cur->MBEDTLS_PRIVATE(asn1) != NULL ) { \
if( cur->MBEDTLS_PRIVATE(asn1_len) == oid->MBEDTLS_PRIVATE_V30_ONLY(len) && \
memcmp( cur->MBEDTLS_PRIVATE(asn1), oid->MBEDTLS_PRIVATE_V30_ONLY(p), oid->MBEDTLS_PRIVATE_V30_ONLY(len) ) == 0 ) { \
return( p ); \
} \
p++; \
cur = (const mbedtls_oid_descriptor_t *) p; \
} \
return( NULL ); \
}
#define FN_OID_GET_ATTR1(FN_NAME, TYPE_T, TYPE_NAME, ATTR1_TYPE, ATTR1) \
int FN_NAME( const mbedtls_asn1_buf *oid, ATTR1_TYPE * ATTR1 ) \
{ \
const TYPE_T *data = oid_ ## TYPE_NAME ## _from_asn1( oid ); \
if (!data) return 1; \
*ATTR1 = data->ATTR1; \
return 0; \
}
FN_OID_TYPED_FROM_ASN1(oid_x509_ext_t, x509_ext, oid_x509_ext)
FN_OID_GET_ATTR1(lws_mbedtls_oid_get_x509_ext_type,
oid_x509_ext_t, x509_ext, int, ext_type)
typedef struct lws_mbedtls_x509_san_other_name
{
/**
* The type_id is an OID as deifned in RFC 5280.
* To check the value of the type id, you should use
* \p MBEDTLS_OID_CMP with a known OID mbedtls_x509_buf.
*/
mbedtls_x509_buf type_id; /**< The type id. */
union
{
/**
* From RFC 4108 section 5:
* HardwareModuleName ::= SEQUENCE {
* hwType OBJECT IDENTIFIER,
* hwSerialNum OCTET STRING }
*/
struct
{
mbedtls_x509_buf oid; /**< The object identifier. */
mbedtls_x509_buf val; /**< The named value. */
}
hardware_module_name;
}
value;
}
lws_mbedtls_x509_san_other_name;
typedef struct lws_mbedtls_x509_subject_alternative_name
{
int type; /**< The SAN type, value of LWS_MBEDTLS_X509_SAN_XXX. */
union {
lws_mbedtls_x509_san_other_name other_name; /**< The otherName supported type. */
mbedtls_x509_buf unstructured_name; /**< The buffer for the un constructed types. Only dnsName currently supported */
}
san; /**< A union of the supported SAN types */
}
lws_mbedtls_x509_subject_alternative_name;
static int
x509_get_skid(uint8_t **p, const uint8_t *end, mbedtls_x509_buf *skid)
{
int ret = 1;
size_t len = 0u;
ret = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_OCTET_STRING);
if (ret)
return ret;
skid->MBEDTLS_PRIVATE_V30_ONLY(len) = len;
skid->MBEDTLS_PRIVATE_V30_ONLY(tag) = MBEDTLS_ASN1_OCTET_STRING;
skid->MBEDTLS_PRIVATE_V30_ONLY(p) = *p;
*p += len;
return *p != end;
}
/*
* Names may have multiple allocated segments in a linked-list, when the mbedtls
* api mbedtls_x509_get_name() fails, it doesn't clean up any already-allocated
* segments, wrongly leaving it to the caller to handle. This helper takes care
* of the missing cleaning for allocation error path.
*
* name.next must be set to NULL by user code before calling ...get_name(...,
* &name), since not every error exit sets it and it will contain garbage if
* defined on stack as is usual.
*/
static void
lws_x509_clean_name(mbedtls_x509_name *name)
{
mbedtls_x509_name *n1;
if (!name)
return;
n1 = name->MBEDTLS_PRIVATE_V30_ONLY(next);
while (n1) {
name = n1->MBEDTLS_PRIVATE_V30_ONLY(next);
free(n1);
n1 = name;
}
}
static int
lws_mbedtls_x509_parse_general_name(const mbedtls_x509_buf *name_buf,
lws_mbedtls_x509_subject_alternative_name *name)
{
// mbedtls_x509_name_other_name other_name;
uint8_t *bufferPointer, **p, *end;
mbedtls_x509_name rfc822Name;
int ret;
switch (name_buf->MBEDTLS_PRIVATE_V30_ONLY(tag) &
(LWS_MBEDTLS_ASN1_TAG_CLASS_MASK |
LWS_MBEDTLS_ASN1_TAG_VALUE_MASK)) {
#if 0
case MBEDTLS_ASN1_CONTEXT_SPECIFIC | LWS_MBEDTLS_X509_SAN_OTHER_NAME:
ret = x509_get_other_name( name_buf, &other_name );
if (ret)
return ret;
memset(name, 0, sizeof(*name));
name->type = LWS_MBEDTLS_X509_SAN_OTHER_NAME;
memcpy(&name->name.other_name, &other_name, sizeof(other_name));
return 0;
#endif
case MBEDTLS_ASN1_SEQUENCE | LWS_MBEDTLS_X509_SAN_RFC822_NAME:
bufferPointer = name_buf->MBEDTLS_PRIVATE_V30_ONLY(p);
p = &bufferPointer;
end = name_buf->MBEDTLS_PRIVATE_V30_ONLY(p) +
name_buf->MBEDTLS_PRIVATE_V30_ONLY(len);
/* The leading ASN1 tag and length has been processed.
* Stepping back with 2 bytes, because mbedtls_x509_get_name
* expects the beginning of the SET tag */
*p = *p - 2;
rfc822Name.MBEDTLS_PRIVATE_V30_ONLY(next) = NULL;
ret = mbedtls_x509_get_name( p, end, &rfc822Name );
if (ret) {
lws_x509_clean_name(&rfc822Name);
return ret;
}
memset(name, 0, sizeof(*name));
name->type = LWS_MBEDTLS_X509_SAN_OTHER_NAME;
memcpy(&name->san.other_name,
&rfc822Name, sizeof(rfc822Name));
return 0;
case MBEDTLS_ASN1_CONTEXT_SPECIFIC | LWS_MBEDTLS_X509_SAN_DNS_NAME:
memset(name, 0, sizeof(*name));
name->type = LWS_MBEDTLS_X509_SAN_DNS_NAME;
memcpy(&name->san.unstructured_name,
name_buf, sizeof(*name_buf) );
return 0;
default:
return 1;
}
return 1;
}
static int
lws_x509_get_general_names(uint8_t **p, const uint8_t *end,
mbedtls_x509_sequence *name )
{
mbedtls_asn1_sequence *cur = name;
mbedtls_asn1_buf *buf;
size_t len, tag_len;
unsigned char tag;
int r;
/* Get main sequence tag */
r = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
if (r)
return r;
if (*p + len != end)
return 1;
while (*p < end) {
lws_mbedtls_x509_subject_alternative_name dnb;
memset(&dnb, 0, sizeof(dnb));
tag = **p;
(*p)++;
r = mbedtls_asn1_get_len(p, end, &tag_len);
if (r)
return r;
/* Tag shall be CONTEXT_SPECIFIC or SET */
if ((tag & LWS_MBEDTLS_ASN1_TAG_CLASS_MASK) !=
MBEDTLS_ASN1_CONTEXT_SPECIFIC &&
(tag & (MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE)) !=
(MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE))
return 1;
/*
* Check that the name is structured correctly.
*/
r = lws_mbedtls_x509_parse_general_name(
&cur->MBEDTLS_PRIVATE_V30_ONLY(buf), &dnb);
/*
* In case the extension is malformed, return an error,
* and clear the allocated sequences.
*/
if (r && r != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) {
mbedtls_x509_sequence *seq_cur = name->MBEDTLS_PRIVATE_V30_ONLY(next);
mbedtls_x509_sequence *seq_prv;
while( seq_cur != NULL ) {
seq_prv = seq_cur;
seq_cur = seq_cur->MBEDTLS_PRIVATE_V30_ONLY(next);
lws_explicit_bzero(seq_prv, sizeof(*seq_cur));
lws_free(seq_prv);
}
name->MBEDTLS_PRIVATE_V30_ONLY(next) = NULL;
return r;
}
/* Allocate and assign next pointer */
if (cur->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(p)) {
if (cur->MBEDTLS_PRIVATE_V30_ONLY(next))
return 1;
cur->MBEDTLS_PRIVATE_V30_ONLY(next) =
lws_zalloc(sizeof(*cur), __func__);
if (!cur->MBEDTLS_PRIVATE_V30_ONLY(next))
return 1;
cur = cur->MBEDTLS_PRIVATE_V30_ONLY(next);
}
buf = &(cur->MBEDTLS_PRIVATE_V30_ONLY(buf));
buf->MBEDTLS_PRIVATE_V30_ONLY(tag) = tag;
buf->MBEDTLS_PRIVATE_V30_ONLY(p) = *p;
buf->MBEDTLS_PRIVATE_V30_ONLY(len) = tag_len;
*p += buf->MBEDTLS_PRIVATE_V30_ONLY(len);
}
/* Set final sequence entry's next pointer to NULL */
cur->MBEDTLS_PRIVATE_V30_ONLY(next) = NULL;
return *p != end;
}
static int
x509_get_akid(uint8_t **p, uint8_t *end, lws_mbedtls_x509_authority *akid)
{
size_t len = 0u;
int r;
r = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
if (r)
return r;
r = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONTEXT_SPECIFIC);
if (!r) {
akid->keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(len) = len;
akid->keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(p) = *p;
akid->keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(tag) = MBEDTLS_ASN1_OCTET_STRING;
*p += len;
}
if (*p < end) {
/* Getting authorityCertIssuer using the required specific
* class tag [1] */
r = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONTEXT_SPECIFIC |
MBEDTLS_ASN1_CONSTRUCTED | 1 );
if (!r) {
/* Getting directoryName using the required specific
* class tag [4] */
r = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONTEXT_SPECIFIC |
MBEDTLS_ASN1_CONSTRUCTED | 4);
if (r)
return(r);
/* "end" also includes the CertSerialNumber field
* so "len" shall be used */
r = lws_x509_get_general_names(p, (*p + len),
&akid->authorityCertIssuer);
}
}
if (*p < end) {
r = mbedtls_asn1_get_tag(p, end, &len,
MBEDTLS_ASN1_CONTEXT_SPECIFIC |
MBEDTLS_ASN1_INTEGER );
if (r)
return r;
akid->authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(len) = len;
akid->authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(p) = *p;
akid->authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(tag) = MBEDTLS_ASN1_OCTET_STRING;
*p += len;
}
return *p != end;
}
/*
* Work around lack of this in mbedtls... we don't need to do sanity checks
* sanity checks because they will be done at x509 validation time
*/
int
lws_x509_get_crt_ext(mbedtls_x509_crt *crt, mbedtls_x509_buf *skid,
lws_mbedtls_x509_authority *akid)
{
uint8_t *p = crt->MBEDTLS_PRIVATE_V30_ONLY(v3_ext).MBEDTLS_PRIVATE_V30_ONLY(p),
*end_ext_data, *end_ext_octet;
const uint8_t *end = p + crt->MBEDTLS_PRIVATE_V30_ONLY(v3_ext).MBEDTLS_PRIVATE_V30_ONLY(len);
size_t len;
int r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
if (r)
return r;
while (p < end) {
mbedtls_x509_buf extn_oid = { 0, 0, NULL };
int is_critical = 0; /* DEFAULT FALSE */
int ext_type = 0;
r = mbedtls_asn1_get_tag(&p, end, &len,
MBEDTLS_ASN1_CONSTRUCTED |
MBEDTLS_ASN1_SEQUENCE);
if (r)
return r;
end_ext_data = p + len;
/* Get extension ID */
r = mbedtls_asn1_get_tag(&p, end_ext_data, &extn_oid.MBEDTLS_PRIVATE_V30_ONLY(len),
MBEDTLS_ASN1_OID);
if (r)
return r;
extn_oid.MBEDTLS_PRIVATE_V30_ONLY(tag) = MBEDTLS_ASN1_OID;
extn_oid.MBEDTLS_PRIVATE_V30_ONLY(p) = p;
p += extn_oid.MBEDTLS_PRIVATE_V30_ONLY(len);
/* Get optional critical */
r = mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical);
if (r && r != MBEDTLS_ERR_ASN1_UNEXPECTED_TAG)
return r;
/* Data should be octet string type */
r = mbedtls_asn1_get_tag(&p, end_ext_data, &len,
MBEDTLS_ASN1_OCTET_STRING);
if (r)
return r;
end_ext_octet = p + len;
if (end_ext_octet != end_ext_data)
return 1;
r = lws_mbedtls_oid_get_x509_ext_type(&extn_oid, &ext_type);
if (r) {
p = end_ext_octet;
continue;
}
switch (ext_type) {
case LWS_MBEDTLS_X509_EXT_SUBJECT_KEY_IDENTIFIER:
/* Parse subject key identifier */
r = x509_get_skid(&p, end_ext_data, skid);
if (r)
return r;
break;
case LWS_MBEDTLS_X509_EXT_AUTHORITY_KEY_IDENTIFIER:
/* Parse authority key identifier */
r = x509_get_akid(&p, end_ext_octet, akid);
if (r)
return r;
break;
default:
p = end_ext_octet;
}
}
return 0;
}

703
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-server.c Normal file
View File

@ -0,0 +1,703 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include <mbedtls/x509_csr.h>
#include <errno.h>
int
lws_tls_server_client_cert_verify_config(struct lws_vhost *vh)
{
int verify_options = SSL_VERIFY_PEER;
/* as a server, are we requiring clients to identify themselves? */
if (!lws_check_opt(vh->options,
LWS_SERVER_OPTION_REQUIRE_VALID_OPENSSL_CLIENT_CERT)) {
lwsl_notice("no client cert required\n");
return 0;
}
if (!lws_check_opt(vh->options, LWS_SERVER_OPTION_PEER_CERT_NOT_REQUIRED))
verify_options |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
lwsl_notice("%s: vh %s requires client cert %d\n", __func__, vh->name,
verify_options);
SSL_CTX_set_verify(vh->tls.ssl_ctx, verify_options, NULL);
return 0;
}
static int
lws_mbedtls_sni_cb(void *arg, mbedtls_ssl_context *mbedtls_ctx,
const unsigned char *servername, size_t len)
{
SSL *ssl = SSL_SSL_from_mbedtls_ssl_context(mbedtls_ctx);
struct lws_context *context = (struct lws_context *)arg;
struct lws_vhost *vhost, *vh;
lwsl_notice("%s: %s\n", __func__, servername);
/*
* We can only get ssl accepted connections by using a vhost's ssl_ctx
* find out which listening one took us and only match vhosts on the
* same port.
*/
vh = context->vhost_list;
while (vh) {
if (!vh->being_destroyed &&
vh->tls.ssl_ctx == SSL_get_SSL_CTX(ssl))
break;
vh = vh->vhost_next;
}
if (!vh) {
assert(vh); /* can't match the incoming vh? */
return 0;
}
vhost = lws_select_vhost(context, vh->listen_port,
(const char *)servername);
if (!vhost) {
lwsl_info("SNI: none: %s:%d\n", servername, vh->listen_port);
return 0;
}
lwsl_info("SNI: Found: %s:%d at vhost '%s'\n", servername,
vh->listen_port, vhost->name);
if (!vhost->tls.ssl_ctx) {
lwsl_err("%s: vhost %s matches SNI but no valid cert\n",
__func__, vh->name);
return 1;
}
/* select the ssl ctx from the selected vhost for this conn */
SSL_set_SSL_CTX(ssl, vhost->tls.ssl_ctx);
return 0;
}
int
lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
const char *cert, const char *private_key,
const char *mem_cert, size_t mem_cert_len,
const char *mem_privkey, size_t mem_privkey_len)
{
lws_filepos_t flen;
uint8_t *p = NULL;
long err;
int n;
if ((!cert || !private_key) && (!mem_cert || !mem_privkey)) {
lwsl_notice("%s: no usable input\n", __func__);
return 0;
}
n = (int)lws_tls_generic_cert_checks(vhost, cert, private_key);
if (n == LWS_TLS_EXTANT_NO && (!mem_cert || !mem_privkey))
return 0;
/*
* we can't read the root-privs files. But if mem_cert is provided,
* we should use that.
*/
if (n == LWS_TLS_EXTANT_NO)
n = LWS_TLS_EXTANT_ALTERNATIVE;
if (n == LWS_TLS_EXTANT_ALTERNATIVE && (!mem_cert || !mem_privkey))
return 1; /* no alternative */
if (n == LWS_TLS_EXTANT_ALTERNATIVE) {
/*
* Although we have prepared update certs, we no longer have
* the rights to read our own cert + key we saved.
*
* If we were passed copies in memory buffers, use those
* instead.
*
* The passed memory-buffer cert image is in DER, and the
* memory-buffer private key image is PEM.
*/
cert = NULL;
private_key = NULL;
}
if (lws_tls_alloc_pem_to_der_file(vhost->context, cert, mem_cert,
mem_cert_len, &p, &flen)) {
lwsl_err("couldn't load cert file %s\n", cert);
return 1;
}
err = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx, (int)flen, p);
lws_free_set_NULL(p);
if (!err) {
lwsl_err("Problem loading cert\n");
return 1;
}
if (lws_tls_alloc_pem_to_der_file(vhost->context, private_key,
(char *)mem_privkey, mem_privkey_len,
&p, &flen)) {
lwsl_err("couldn't find private key\n");
return 1;
}
err = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx, p, (long)flen);
lws_free_set_NULL(p);
if (!err) {
lwsl_err("Problem loading key\n");
return 1;
}
vhost->tls.skipped_certs = 0;
return 0;
}
int
lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info,
struct lws_vhost *vhost, struct lws *wsi)
{
const SSL_METHOD *method = TLS_server_method();
uint8_t *p;
lws_filepos_t flen;
int n;
vhost->tls.ssl_ctx = SSL_CTX_new(method, &vhost->context->mcdc); /* create context */
if (!vhost->tls.ssl_ctx) {
lwsl_err("problem creating ssl context\n");
return 1;
}
if (!vhost->tls.use_ssl ||
(!info->ssl_cert_filepath && !info->server_ssl_cert_mem))
return 0;
if (info->ssl_ca_filepath) {
lwsl_notice("%s: vh %s: loading CA filepath %s\n", __func__,
vhost->name, info->ssl_ca_filepath);
if (lws_tls_alloc_pem_to_der_file(vhost->context,
info->ssl_ca_filepath, NULL, 0, &p, &flen)) {
lwsl_err("couldn't find client CA file %s\n",
info->ssl_ca_filepath);
return 1;
}
if (SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx, (int)flen, p) != 1) {
lwsl_err("%s: SSL_CTX_add_client_CA_ASN1 unhappy\n",
__func__);
free(p);
return 1;
}
free(p);
} else {
if (info->server_ssl_ca_mem && info->server_ssl_ca_mem_len &&
SSL_CTX_add_client_CA_ASN1(vhost->tls.ssl_ctx,
(int)info->server_ssl_ca_mem_len,
info->server_ssl_ca_mem) != 1) {
lwsl_err("%s: mem SSL_CTX_add_client_CA_ASN1 unhappy\n",
__func__);
return 1;
}
lwsl_notice("%s: vh %s: mem CA OK\n", __func__, vhost->name);
}
n = lws_tls_server_certs_load(vhost, wsi, info->ssl_cert_filepath,
info->ssl_private_key_filepath,
info->server_ssl_cert_mem,
info->server_ssl_cert_mem_len,
info->server_ssl_private_key_mem,
info->server_ssl_private_key_mem_len);
if (n)
return n;
return 0;
}
int
lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd)
{
errno = 0;
wsi->tls.ssl = SSL_new(wsi->a.vhost->tls.ssl_ctx);
if (wsi->tls.ssl == NULL) {
lwsl_err("SSL_new failed: errno %d\n", errno);
lws_tls_err_describe_clear();
return 1;
}
SSL_set_fd(wsi->tls.ssl, (int)accept_fd);
if (wsi->a.vhost->tls.ssl_info_event_mask)
SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback);
SSL_set_sni_callback(wsi->tls.ssl, lws_mbedtls_sni_cb, wsi->a.context);
return 0;
}
enum lws_ssl_capable_status
lws_tls_server_abort_connection(struct lws *wsi)
{
if (wsi->tls.use_ssl)
__lws_tls_shutdown(wsi);
SSL_free(wsi->tls.ssl);
return 0;
}
enum lws_ssl_capable_status
lws_tls_server_accept(struct lws *wsi)
{
union lws_tls_cert_info_results ir;
int m, n;
n = SSL_accept(wsi->tls.ssl);
wsi->skip_fallback = 1;
if (n == 1) {
if (strstr(wsi->a.vhost->name, ".invalid")) {
lwsl_notice("%s: vhost has .invalid, "
"rejecting accept\n", __func__);
return LWS_SSL_CAPABLE_ERROR;
}
n = lws_tls_peer_cert_info(wsi, LWS_TLS_CERT_INFO_COMMON_NAME,
&ir, sizeof(ir.ns.name));
if (!n)
lwsl_notice("%s: client cert CN '%s'\n",
__func__, ir.ns.name);
else
lwsl_info("%s: couldn't get client cert CN\n",
__func__);
return LWS_SSL_CAPABLE_DONE;
}
m = SSL_get_error(wsi->tls.ssl, n);
lwsl_debug("%s: %s: accept SSL_get_error %d errno %d\n", __func__,
lws_wsi_tag(wsi), m, errno);
// mbedtls wrapper only
if (m == SSL_ERROR_SYSCALL && errno == 11)
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
#if defined(__APPLE__)
if (m == SSL_ERROR_SYSCALL && errno == 35)
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
#endif
#if defined(WIN32)
if (m == SSL_ERROR_SYSCALL && errno == 0)
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
#endif
if (m == SSL_ERROR_SYSCALL || m == SSL_ERROR_SSL)
return LWS_SSL_CAPABLE_ERROR;
if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {
if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) {
lwsl_info("%s: WANT_READ change_pollfd failed\n",
__func__);
return LWS_SSL_CAPABLE_ERROR;
}
lwsl_info("SSL_ERROR_WANT_READ\n");
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
}
if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {
lwsl_debug("%s: WANT_WRITE\n", __func__);
if (lws_change_pollfd(wsi, 0, LWS_POLLOUT)) {
lwsl_info("%s: WANT_WRITE change_pollfd failed\n",
__func__);
return LWS_SSL_CAPABLE_ERROR;
}
return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;
}
return LWS_SSL_CAPABLE_ERROR;
}
#if defined(LWS_WITH_ACME)
/*
* mbedtls doesn't support SAN for cert creation. So we use a known-good
* tls-sni-01 cert from OpenSSL that worked on Let's Encrypt, and just replace
* the pubkey n part and the signature part.
*
* This will need redoing for tls-sni-02...
*/
static uint8_t ss_cert_leadin[] = {
0x30, 0x82,
0x05, 0x56, /* total length: LEN1 (+2 / +3) (correct for 513 + 512)*/
0x30, 0x82, /* length: LEN2 (+6 / +7) (correct for 513) */
0x03, 0x3e,
/* addition: v3 cert (+5 bytes)*/
0xa0, 0x03,
0x02, 0x01, 0x02,
0x02, 0x01, 0x01,
0x30, 0x0d, 0x06, 0x09, 0x2a,
0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00, 0x30, 0x3f,
0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x47,
0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a, 0x0c, 0x0b,
0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e, 0x79, 0x31,
0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11, 0x74, 0x65,
0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e, 0x76, 0x61,
0x6c, 0x69, 0x64, 0x30, 0x1e, 0x17, 0x0d,
/* from 2017-10-29 ... */
0x31, 0x37, 0x31, 0x30, 0x32, 0x39, 0x31, 0x31, 0x34, 0x39, 0x34, 0x35,
0x5a, 0x17, 0x0d,
/* thru 2049-10-29 we immediately discard the private key, no worries */
0x34, 0x39, 0x31, 0x30, 0x32, 0x39, 0x31, 0x32, 0x34, 0x39, 0x34, 0x35,
0x5a,
0x30, 0x3f, 0x31, 0x0b, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13,
0x02, 0x47, 0x42, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0a,
0x0c, 0x0b, 0x73, 0x6f, 0x6d, 0x65, 0x63, 0x6f, 0x6d, 0x70, 0x61, 0x6e,
0x79, 0x31, 0x1a, 0x30, 0x18, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0c, 0x11,
0x74, 0x65, 0x6d, 0x70, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69, 0x6e,
0x76, 0x61, 0x6c, 0x69, 0x64, 0x30,
0x82,
0x02, 0x22, /* LEN3 (+C3 / C4) */
0x30, 0x0d, 0x06,
0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01, 0x05, 0x00,
0x03,
0x82,
0x02, 0x0f, /* LEN4 (+D6 / D7) */
0x00, 0x30, 0x82,
0x02, 0x0a, /* LEN5 (+ DB / DC) */
0x02, 0x82,
//0x02, 0x01, /* length of n in bytes (including leading 00 if any) */
},
/* 1 + (keybits / 8) bytes N */
ss_cert_san_leadin[] = {
/* e - fixed */
0x02, 0x03, 0x01, 0x00, 0x01,
0xa3, 0x5d, 0x30, 0x5b, 0x30, 0x59, 0x06, 0x03, 0x55, 0x1d,
0x11, 0x04, 0x52, 0x30, 0x50, /* <-- SAN length + 2 */
0x82, 0x4e, /* <-- SAN length */
},
/* 78 bytes of SAN (tls-sni-01)
0x61, 0x64, 0x34, 0x31, 0x61, 0x66, 0x62, 0x65, 0x30, 0x63, 0x61, 0x34,
0x36, 0x34, 0x32, 0x66, 0x30, 0x61, 0x34, 0x34, 0x39, 0x64, 0x39, 0x63,
0x61, 0x37, 0x36, 0x65, 0x62, 0x61, 0x61, 0x62, 0x2e, 0x32, 0x38, 0x39,
0x34, 0x64, 0x34, 0x31, 0x36, 0x63, 0x39, 0x38, 0x33, 0x66, 0x31, 0x32,
0x65, 0x64, 0x37, 0x33, 0x31, 0x61, 0x33, 0x30, 0x66, 0x35, 0x63, 0x34,
0x34, 0x37, 0x37, 0x66, 0x65, 0x2e, 0x61, 0x63, 0x6d, 0x65, 0x2e, 0x69,
0x6e, 0x76, 0x61, 0x6c, 0x69, 0x64, */
/* end of LEN2 area */
ss_cert_sig_leadin[] = {
/* it's saying that the signature is SHA256 + RSA */
0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d,
0x01, 0x01, 0x0b, 0x05, 0x00, 0x03,
0x82,
0x02, 0x01,
0x00,
};
/* (keybits / 8) bytes signature to end of LEN1 area */
#define SAN_A_LENGTH 78
int
lws_tls_acme_sni_cert_create(struct lws_vhost *vhost, const char *san_a,
const char *san_b)
{
int buflen = 0x560;
uint8_t *buf = lws_malloc((unsigned int)buflen, "tmp cert buf"), *p = buf, *pkey_asn1;
struct lws_genrsa_ctx ctx;
struct lws_gencrypto_keyelem el[LWS_GENCRYPTO_RSA_KEYEL_COUNT];
uint8_t digest[32];
struct lws_genhash_ctx hash_ctx;
int pkey_asn1_len = 3 * 1024;
int n, m, keybits = lws_plat_recommended_rsa_bits(), adj;
if (!buf)
return 1;
n = lws_genrsa_new_keypair(vhost->context, &ctx, LGRSAM_PKCS1_1_5,
&el[0], keybits);
if (n < 0) {
lws_genrsa_destroy_elements(&el[0]);
goto bail1;
}
n = sizeof(ss_cert_leadin);
memcpy(p, ss_cert_leadin, (unsigned int)n);
p += n;
adj = (0x0556 - 0x401) + (keybits / 4) + 1;
buf[2] = (uint8_t)(adj >> 8);
buf[3] = (uint8_t)(adj & 0xff);
adj = (0x033e - 0x201) + (keybits / 8) + 1;
buf[6] = (uint8_t)(adj >> 8);
buf[7] = (uint8_t)(adj & 0xff);
adj = (0x0222 - 0x201) + (keybits / 8) + 1;
buf[0xc3] = (uint8_t)(adj >> 8);
buf[0xc4] = (uint8_t)(adj & 0xff);
adj = (0x020f - 0x201) + (keybits / 8) + 1;
buf[0xd6] = (uint8_t)(adj >> 8);
buf[0xd7] = (uint8_t)(adj & 0xff);
adj = (0x020a - 0x201) + (keybits / 8) + 1;
buf[0xdb] = (uint8_t)(adj >> 8);
buf[0xdc] = (uint8_t)(adj & 0xff);
*p++ = (uint8_t)(((keybits / 8) + 1) >> 8);
*p++ = (uint8_t)(((keybits / 8) + 1) & 0xff);
/* we need to drop 1 + (keybits / 8) bytes of n in here, 00 + key */
*p++ = 0x00;
memcpy(p, el[LWS_GENCRYPTO_RSA_KEYEL_N].buf, el[LWS_GENCRYPTO_RSA_KEYEL_N].len);
p += el[LWS_GENCRYPTO_RSA_KEYEL_N].len;
memcpy(p, ss_cert_san_leadin, sizeof(ss_cert_san_leadin));
p += sizeof(ss_cert_san_leadin);
/* drop in 78 bytes of san_a */
memcpy(p, san_a, SAN_A_LENGTH);
p += SAN_A_LENGTH;
memcpy(p, ss_cert_sig_leadin, sizeof(ss_cert_sig_leadin));
p[17] = (uint8_t)(((keybits / 8) + 1) >> 8);
p[18] = (uint8_t)(((keybits / 8) + 1) & 0xff);
p += sizeof(ss_cert_sig_leadin);
/* hash the cert plaintext */
if (lws_genhash_init(&hash_ctx, LWS_GENHASH_TYPE_SHA256))
goto bail2;
if (lws_genhash_update(&hash_ctx, buf, lws_ptr_diff_size_t(p, buf))) {
lws_genhash_destroy(&hash_ctx, NULL);
goto bail2;
}
if (lws_genhash_destroy(&hash_ctx, digest))
goto bail2;
/* sign the hash */
n = lws_genrsa_hash_sign(&ctx, digest, LWS_GENHASH_TYPE_SHA256, p,
(size_t)((size_t)buflen - lws_ptr_diff_size_t(p, buf)));
if (n < 0)
goto bail2;
p += n;
pkey_asn1 = lws_malloc((unsigned int)pkey_asn1_len, "mbed crt tmp");
if (!pkey_asn1)
goto bail2;
m = lws_genrsa_render_pkey_asn1(&ctx, 1, pkey_asn1, (size_t)pkey_asn1_len);
if (m < 0) {
lws_free(pkey_asn1);
goto bail2;
}
// lwsl_hexdump_level(LLL_DEBUG, buf, lws_ptr_diff(p, buf));
n = SSL_CTX_use_certificate_ASN1(vhost->tls.ssl_ctx,
lws_ptr_diff(p, buf), buf);
if (n != 1) {
lws_free(pkey_asn1);
lwsl_err("%s: generated cert failed to load 0x%x\n",
__func__, -n);
} else {
//lwsl_debug("private key\n");
//lwsl_hexdump_level(LLL_DEBUG, pkey_asn1, n);
/* and to use our generated private key */
n = SSL_CTX_use_PrivateKey_ASN1(0, vhost->tls.ssl_ctx,
pkey_asn1, m);
lws_free(pkey_asn1);
if (n != 1) {
lwsl_err("%s: SSL_CTX_use_PrivateKey_ASN1 failed\n",
__func__);
}
}
lws_genrsa_destroy(&ctx);
lws_genrsa_destroy_elements(&el[0]);
lws_free(buf);
return n != 1;
bail2:
lws_genrsa_destroy(&ctx);
lws_genrsa_destroy_elements(&el[0]);
bail1:
lws_free(buf);
return -1;
}
void
lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost)
{
}
#if defined(LWS_WITH_JOSE)
static int
_rngf(void *context, unsigned char *buf, size_t len)
{
if ((size_t)lws_get_random(context, buf, len) == len)
return 0;
return -1;
}
static const char *x5[] = { "C", "ST", "L", "O", "CN" };
/*
* CSR is output formatted as b64url(DER)
* Private key is output as a PEM in memory
*/
int
lws_tls_acme_sni_csr_create(struct lws_context *context, const char *elements[],
uint8_t *dcsr, size_t csr_len, char **privkey_pem,
size_t *privkey_len)
{
mbedtls_x509write_csr csr;
mbedtls_pk_context mpk;
int buf_size = 4096, n;
char subject[200], *p = subject, *end = p + sizeof(subject) - 1;
uint8_t *buf = malloc((unsigned int)buf_size); /* malloc because given to user code */
if (!buf)
return -1;
mbedtls_x509write_csr_init(&csr);
mbedtls_pk_init(&mpk);
if (mbedtls_pk_setup(&mpk, mbedtls_pk_info_from_type(MBEDTLS_PK_RSA))) {
lwsl_notice("%s: pk_setup failed\n", __func__);
goto fail;
}
n = mbedtls_rsa_gen_key(mbedtls_pk_rsa(mpk), _rngf, context,
(unsigned int)lws_plat_recommended_rsa_bits(), 65537);
if (n) {
lwsl_notice("%s: failed to generate keys\n", __func__);
goto fail1;
}
/* subject must be formatted like "C=TW,O=warmcat,CN=myserver" */
for (n = 0; n < (int)LWS_ARRAY_SIZE(x5); n++) {
if (p != subject)
*p++ = ',';
if (elements[n])
p += lws_snprintf(p, lws_ptr_diff_size_t(end, p), "%s=%s", x5[n],
elements[n]);
}
if (mbedtls_x509write_csr_set_subject_name(&csr, subject))
goto fail1;
mbedtls_x509write_csr_set_key(&csr, &mpk);
mbedtls_x509write_csr_set_md_alg(&csr, MBEDTLS_MD_SHA256);
/*
* data is written at the end of the buffer! Use the
* return value to determine where you should start
* using the buffer
*/
n = mbedtls_x509write_csr_der(&csr, buf, (size_t)buf_size, _rngf, context);
if (n < 0) {
lwsl_notice("%s: write csr der failed\n", __func__);
goto fail1;
}
/* we have it in DER, we need it in b64URL */
n = lws_jws_base64_enc((char *)(buf + buf_size) - n, (size_t)n,
(char *)dcsr, csr_len);
if (n < 0)
goto fail1;
/*
* okay, the CSR is done, last we need the private key in PEM
* re-use the DER CSR buf as the result buffer since we cn do it in
* one step
*/
if (mbedtls_pk_write_key_pem(&mpk, buf, (size_t)buf_size)) {
lwsl_notice("write key pem failed\n");
goto fail1;
}
*privkey_pem = (char *)buf;
*privkey_len = strlen((const char *)buf);
mbedtls_pk_free(&mpk);
mbedtls_x509write_csr_free(&csr);
return n;
fail1:
mbedtls_pk_free(&mpk);
fail:
mbedtls_x509write_csr_free(&csr);
free(buf);
return -1;
}
#endif
#endif

320
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-session.c Normal file
View File

@ -0,0 +1,320 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
typedef struct lws_tls_session_cache_mbedtls {
lws_dll2_t list;
mbedtls_ssl_session session;
lws_sorted_usec_list_t sul_ttl;
/* name is overallocated here */
} lws_tls_scm_t;
#define lwsl_tlssess lwsl_info
static void
__lws_tls_session_destroy(lws_tls_scm_t *ts)
{
lwsl_tlssess("%s: %s (%u)\n", __func__, (const char *)&ts[1],
(unsigned int)(ts->list.owner->count - 1));
lws_sul_cancel(&ts->sul_ttl);
mbedtls_ssl_session_free(&ts->session);
lws_dll2_remove(&ts->list); /* vh lock */
lws_free(ts);
}
static lws_tls_scm_t *
__lws_tls_session_lookup_by_name(struct lws_vhost *vh, const char *name)
{
lws_start_foreach_dll(struct lws_dll2 *, p,
lws_dll2_get_head(&vh->tls_sessions)) {
lws_tls_scm_t *ts = lws_container_of(p, lws_tls_scm_t, list);
const char *ts_name = (const char *)&ts[1];
if (!strcmp(name, ts_name))
return ts;
} lws_end_foreach_dll(p);
return NULL;
}
/*
* If possible, reuse an existing, cached session
*/
void
lws_tls_reuse_session(struct lws *wsi)
{
char buf[LWS_SESSION_TAG_LEN];
mbedtls_ssl_context *msc;
lws_tls_scm_t *ts;
if (!wsi->a.vhost ||
wsi->a.vhost->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return;
lws_context_lock(wsi->a.context, __func__); /* -------------- cx { */
lws_vhost_lock(wsi->a.vhost); /* -------------- vh { */
if (lws_tls_session_tag_from_wsi(wsi, buf, sizeof(buf)))
goto bail;
ts = __lws_tls_session_lookup_by_name(wsi->a.vhost, buf);
if (!ts) {
lwsl_tlssess("%s: no existing session for %s\n", __func__, buf);
goto bail;
}
lwsl_tlssess("%s: %s\n", __func__, (const char *)&ts[1]);
wsi->tls_session_reused = 1;
msc = SSL_mbedtls_ssl_context_from_SSL(wsi->tls.ssl);
mbedtls_ssl_set_session(msc, &ts->session);
/* keep our session list sorted in lru -> mru order */
lws_dll2_remove(&ts->list);
lws_dll2_add_tail(&ts->list, &wsi->a.vhost->tls_sessions);
bail:
lws_vhost_unlock(wsi->a.vhost); /* } vh -------------- */
lws_context_unlock(wsi->a.context); /* } cx -------------- */
}
int
lws_tls_session_is_reused(struct lws *wsi)
{
#if defined(LWS_WITH_CLIENT)
struct lws *nwsi = lws_get_network_wsi(wsi);
if (!nwsi)
return 0;
return nwsi->tls_session_reused;
#else
return 0;
#endif
}
static int
lws_tls_session_destroy_dll(struct lws_dll2 *d, void *user)
{
lws_tls_scm_t *ts = lws_container_of(d, lws_tls_scm_t, list);
__lws_tls_session_destroy(ts);
return 0;
}
void
lws_tls_session_vh_destroy(struct lws_vhost *vh)
{
lws_dll2_foreach_safe(&vh->tls_sessions, NULL,
lws_tls_session_destroy_dll);
}
static void
lws_tls_session_expiry_cb(lws_sorted_usec_list_t *sul)
{
lws_tls_scm_t *ts = lws_container_of(sul, lws_tls_scm_t, sul_ttl);
struct lws_vhost *vh = lws_container_of(ts->list.owner,
struct lws_vhost, tls_sessions);
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
__lws_tls_session_destroy(ts);
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
}
/*
* Called after SSL_accept on the wsi
*/
int
lws_tls_session_new_mbedtls(struct lws *wsi)
{
char buf[LWS_SESSION_TAG_LEN];
mbedtls_ssl_context *msc;
struct lws_vhost *vh;
lws_tls_scm_t *ts;
size_t nl;
#if !defined(LWS_WITH_NO_LOGS) && defined(_DEBUG)
const char *disposition = "reuse";
#endif
vh = wsi->a.vhost;
if (vh->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return 0;
if (lws_tls_session_tag_from_wsi(wsi, buf, sizeof(buf)))
return 0;
nl = strlen(buf);
msc = SSL_mbedtls_ssl_context_from_SSL(wsi->tls.ssl);
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
ts = __lws_tls_session_lookup_by_name(vh, buf);
if (!ts) {
/*
* We have to make our own, new session
*/
if (vh->tls_sessions.count == vh->tls_session_cache_max) {
/*
* We have reached the vhost's session cache limit,
* prune the LRU / head
*/
ts = lws_container_of(vh->tls_sessions.head,
lws_tls_scm_t, list);
lwsl_tlssess("%s: pruning oldest session (hit max %u)\n",
__func__,
(unsigned int)vh->tls_session_cache_max);
lws_vhost_lock(vh); /* -------------- vh { */
__lws_tls_session_destroy(ts);
lws_vhost_unlock(vh); /* } vh -------------- */
}
ts = lws_malloc(sizeof(*ts) + nl + 1, __func__);
if (!ts)
goto bail;
memset(ts, 0, sizeof(*ts));
memcpy(&ts[1], buf, nl + 1);
if (mbedtls_ssl_get_session(msc, &ts->session)) {
lws_free(ts);
/* no joy for whatever reason */
goto bail;
}
lws_dll2_add_tail(&ts->list, &vh->tls_sessions);
lws_sul_schedule(wsi->a.context, wsi->tsi, &ts->sul_ttl,
lws_tls_session_expiry_cb,
(int64_t)vh->tls.tls_session_cache_ttl *
LWS_US_PER_SEC);
#if !defined(LWS_WITH_NO_LOGS) && defined(_DEBUG)
disposition = "new";
#endif
} else {
mbedtls_ssl_session_free(&ts->session);
if (mbedtls_ssl_get_session(msc, &ts->session))
/* no joy for whatever reason */
goto bail;
/* keep our session list sorted in lru -> mru order */
lws_dll2_remove(&ts->list);
lws_dll2_add_tail(&ts->list, &vh->tls_sessions);
}
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
lwsl_tlssess("%s: %s: %s %s, (%s:%u)\n", __func__,
wsi->lc.gutag, disposition, buf, vh->name,
(unsigned int)vh->tls_sessions.count);
/*
* indicate we will hold on to the SSL_SESSION reference, and take
* responsibility to call SSL_SESSION_free() on it ourselves
*/
return 1;
bail:
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
return 0;
}
#if defined(LWS_TLS_SYNTHESIZE_CB)
/*
* On openssl, there is an async cb coming when the server issues the session
* information on the link, so we can pick it up and update the cache at the
* right time.
*
* On mbedtls and some version at least of borning ssl, this cb is either not
* part of the tls library apis or fails to arrive.
*/
void
lws_sess_cache_synth_cb(lws_sorted_usec_list_t *sul)
{
struct lws_lws_tls *tls = lws_container_of(sul, struct lws_lws_tls,
sul_cb_synth);
struct lws *wsi = lws_container_of(tls, struct lws, tls);
lws_tls_session_new_mbedtls(wsi);
}
#endif
void
lws_tls_session_cache(struct lws_vhost *vh, uint32_t ttl)
{
/* Default to 1hr max recommendation from RFC5246 F.1.4 */
vh->tls.tls_session_cache_ttl = !ttl ? 3600 : ttl;
}
int
lws_tls_session_dump_save(struct lws_vhost *vh, const char *host, uint16_t port,
lws_tls_sess_cb_t cb_save, void *opq)
{
/* there seems no serialization / deserialization helper in mbedtls */
lwsl_warn("%s: only supported on openssl atm\n", __func__);
return 1;
}
int
lws_tls_session_dump_load(struct lws_vhost *vh, const char *host, uint16_t port,
lws_tls_sess_cb_t cb_load, void *opq)
{
/* there seems no serialization / deserialization helper in mbedtls */
lwsl_warn("%s: only supported on openssl atm\n", __func__);
return 1;
}

356
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-ssl.c Normal file
View File

@ -0,0 +1,356 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
void
lws_ssl_destroy(struct lws_vhost *vhost)
{
if (!lws_check_opt(vhost->context->options,
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
return;
if (vhost->tls.ssl_ctx)
SSL_CTX_free(vhost->tls.ssl_ctx);
if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx)
SSL_CTX_free(vhost->tls.ssl_client_ctx);
if (vhost->tls.x509_client_CA)
X509_free(vhost->tls.x509_client_CA);
}
int
lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, size_t len)
{
struct lws_context *context = wsi->a.context;
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
int n = 0, m;
if (!wsi->tls.ssl)
return lws_ssl_capable_read_no_ssl(wsi, buf, len);
errno = 0;
n = SSL_read(wsi->tls.ssl, buf, (int)len);
#if defined(LWS_PLAT_FREERTOS)
if (!n && errno == LWS_ENOTCONN) {
lwsl_debug("%s: SSL_read ENOTCONN\n", lws_wsi_tag(wsi));
return LWS_SSL_CAPABLE_ERROR;
}
#endif
lwsl_debug("%s: %s: SSL_read says %d\n", __func__, lws_wsi_tag(wsi), n);
/* manpage: returning 0 means connection shut down */
if (!n) {
wsi->socket_is_permanently_unusable = 1;
return LWS_SSL_CAPABLE_ERROR;
}
if (n < 0) {
m = SSL_get_error(wsi->tls.ssl, n);
lwsl_debug("%s: %s: ssl err %d errno %d\n", __func__, lws_wsi_tag(wsi), m, errno);
if (errno == LWS_ENOTCONN)
/* If the socket isn't connected anymore, bail out. */
goto do_err1;
#if defined(LWS_PLAT_FREERTOS)
if (errno == LWS_ECONNABORTED)
goto do_err1;
#endif
if (m == SSL_ERROR_ZERO_RETURN ||
m == SSL_ERROR_SYSCALL)
goto do_err;
if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {
lwsl_debug("%s: WANT_READ\n", __func__);
lwsl_debug("%s: LWS_SSL_CAPABLE_MORE_SERVICE\n", lws_wsi_tag(wsi));
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {
lwsl_info("%s: WANT_WRITE\n", __func__);
lwsl_debug("%s: LWS_SSL_CAPABLE_MORE_SERVICE\n", lws_wsi_tag(wsi));
wsi->tls_read_wanted_write = 1;
lws_callback_on_writable(wsi);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
do_err1:
wsi->socket_is_permanently_unusable = 1;
do_err:
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_rx, METRES_NOGO, 0);
#endif
return LWS_SSL_CAPABLE_ERROR;
}
#if defined(LWS_TLS_LOG_PLAINTEXT_RX)
/*
* If using mbedtls type tls library, this is the earliest point for all
* paths to dump what was received as decrypted data from the tls tunnel
*/
lwsl_notice("%s: len %d\n", __func__, n);
lwsl_hexdump_notice(buf, (size_t)n);
#endif
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_rx,
METRES_GO /* rx */, (u_mt_t)n);
#endif
/*
* if it was our buffer that limited what we read,
* check if SSL has additional data pending inside SSL buffers.
*
* Because these won't signal at the network layer with POLLIN
* and if we don't realize, this data will sit there forever
*/
if (n != (int)len)
goto bail;
if (!wsi->tls.ssl)
goto bail;
if (SSL_pending(wsi->tls.ssl)) {
if (lws_dll2_is_detached(&wsi->tls.dll_pending_tls))
lws_dll2_add_head(&wsi->tls.dll_pending_tls,
&pt->tls.dll_pending_tls_owner);
} else
__lws_ssl_remove_wsi_from_buffered_list(wsi);
return n;
bail:
lws_ssl_remove_wsi_from_buffered_list(wsi);
return n;
}
int
lws_ssl_pending(struct lws *wsi)
{
if (!wsi->tls.ssl)
return 0;
return SSL_pending(wsi->tls.ssl);
}
int
lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, size_t len)
{
int n, m;
#if defined(LWS_TLS_LOG_PLAINTEXT_TX)
/*
* If using mbedtls type tls library, this is the last point for all
* paths before sending data into the tls tunnel, where you can dump it
* and see what is being sent.
*/
lwsl_notice("%s: len %d\n", __func__, (int)len);
lwsl_hexdump_notice(buf, len);
#endif
if (!wsi->tls.ssl)
return lws_ssl_capable_write_no_ssl(wsi, buf, len);
n = SSL_write(wsi->tls.ssl, buf, (int)len);
if (n > 0) {
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_tx,
METRES_GO, (u_mt_t)n);
#endif
return n;
}
m = SSL_get_error(wsi->tls.ssl, n);
if (m != SSL_ERROR_SYSCALL) {
if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {
lwsl_notice("%s: want read\n", __func__);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {
lws_set_blocking_send(wsi);
lwsl_debug("%s: want write\n", __func__);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
}
lwsl_debug("%s failed: %d\n",__func__, m);
wsi->socket_is_permanently_unusable = 1;
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_tx,
METRES_NOGO, (u_mt_t)n);
#endif
return LWS_SSL_CAPABLE_ERROR;
}
int openssl_SSL_CTX_private_data_index;
void
lws_ssl_info_callback(const SSL *ssl, int where, int ret)
{
struct lws *wsi;
struct lws_context *context;
struct lws_ssl_info si;
context = (struct lws_context *)SSL_CTX_get_ex_data(
SSL_get_SSL_CTX(ssl),
openssl_SSL_CTX_private_data_index);
if (!context)
return;
wsi = wsi_from_fd(context, SSL_get_fd(ssl));
if (!wsi)
return;
if (!(where & wsi->a.vhost->tls.ssl_info_event_mask))
return;
si.where = where;
si.ret = ret;
if (user_callback_handle_rxflow(wsi->a.protocol->callback,
wsi, LWS_CALLBACK_SSL_INFO,
wsi->user_space, &si, 0))
lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1);
}
int
lws_ssl_close(struct lws *wsi)
{
lws_sockfd_type n;
if (!wsi->tls.ssl)
return 0; /* not handled */
#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
/* kill ssl callbacks, becausse we will remove the fd from the
* table linking it to the wsi
*/
if (wsi->a.vhost->tls.ssl_info_event_mask)
SSL_set_info_callback(wsi->tls.ssl, NULL);
#endif
#if defined(LWS_TLS_SYNTHESIZE_CB)
lws_sul_cancel(&wsi->tls.sul_cb_synth);
/*
* ... check the session in case it did not live long enough to get
* the scheduled callback to sample it
*/
lws_sess_cache_synth_cb(&wsi->tls.sul_cb_synth);
#endif
n = SSL_get_fd(wsi->tls.ssl);
if (!wsi->socket_is_permanently_unusable)
SSL_shutdown(wsi->tls.ssl);
compatible_close(n);
SSL_free(wsi->tls.ssl);
wsi->tls.ssl = NULL;
lws_tls_restrict_return(wsi);
return 1; /* handled */
}
void
lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost)
{
if (vhost->tls.ssl_ctx)
SSL_CTX_free(vhost->tls.ssl_ctx);
if (!vhost->tls.user_supplied_ssl_ctx && vhost->tls.ssl_client_ctx)
SSL_CTX_free(vhost->tls.ssl_client_ctx);
#if defined(LWS_WITH_ACME)
lws_tls_acme_sni_cert_destroy(vhost);
#endif
}
void
lws_ssl_context_destroy(struct lws_context *context)
{
}
lws_tls_ctx *
lws_tls_ctx_from_wsi(struct lws *wsi)
{
if (!wsi->tls.ssl)
return NULL;
return SSL_get_SSL_CTX(wsi->tls.ssl);
}
enum lws_ssl_capable_status
__lws_tls_shutdown(struct lws *wsi)
{
int n = SSL_shutdown(wsi->tls.ssl);
lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd);
switch (n) {
case 1: /* successful completion */
(void)shutdown(wsi->desc.sockfd, SHUT_WR);
return LWS_SSL_CAPABLE_DONE;
case 0: /* needs a retry */
__lws_change_pollfd(wsi, 0, LWS_POLLIN);
return LWS_SSL_CAPABLE_MORE_SERVICE;
default: /* fatal error, or WANT */
n = SSL_get_error(wsi->tls.ssl, n);
if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) {
if (SSL_want_read(wsi->tls.ssl)) {
lwsl_debug("(wants read)\n");
__lws_change_pollfd(wsi, 0, LWS_POLLIN);
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
}
if (SSL_want_write(wsi->tls.ssl)) {
lwsl_debug("(wants write)\n");
__lws_change_pollfd(wsi, 0, LWS_POLLOUT);
return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;
}
}
return LWS_SSL_CAPABLE_ERROR;
}
}
static int
tops_fake_POLLIN_for_buffered_mbedtls(struct lws_context_per_thread *pt)
{
return lws_tls_fake_POLLIN_for_buffered(pt);
}
const struct lws_tls_ops tls_ops_mbedtls = {
/* fake_POLLIN_for_buffered */ tops_fake_POLLIN_for_buffered_mbedtls,
};

50
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-tls.c Normal file
View File

@ -0,0 +1,50 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
void
lws_tls_err_describe_clear(void)
{
}
int
lws_context_init_ssl_library(struct lws_context *cx,
const struct lws_context_creation_info *info)
{
lwsl_info(" Compiled with MbedTLS support");
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
lwsl_info(" SSL disabled: no "
"LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT");
return 0;
}
void
lws_context_deinit_ssl_library(struct lws_context *context)
{
}

539
Kinc/Sources/kinc/libs/core/tls/mbedtls/mbedtls-x509.c Normal file
View File

@ -0,0 +1,539 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-mbedtls.h"
#include <mbedtls/oid.h>
#if defined(LWS_PLAT_OPTEE) || defined(OPTEE_DEV_KIT)
struct tm {
int tm_sec; // seconds [0,61]
int tm_min; // minutes [0,59]
int tm_hour; // hour [0,23]
int tm_mday; // day of month [1,31]
int tm_mon; // month of year [0,11]
int tm_year; // years since 1900
int tm_wday; // day of week [0,6] (Sunday = 0)
int tm_yday; // day of year [0,365]
int tm_isdst; // daylight savings flag
};
time_t mktime(struct tm *t)
{
return (time_t)0;
}
#endif
static time_t
lws_tls_mbedtls_time_to_unix(mbedtls_x509_time *xtime)
{
struct tm t;
if (!xtime || !xtime->MBEDTLS_PRIVATE_V30_ONLY(year) || xtime->MBEDTLS_PRIVATE_V30_ONLY(year) < 0)
return (time_t)(long long)-1;
memset(&t, 0, sizeof(t));
t.tm_year = xtime->MBEDTLS_PRIVATE_V30_ONLY(year) - 1900;
t.tm_mon = xtime->MBEDTLS_PRIVATE_V30_ONLY(mon) - 1; /* mbedtls months are 1+, tm are 0+ */
t.tm_mday = xtime->MBEDTLS_PRIVATE_V30_ONLY(day) - 1; /* mbedtls days are 1+, tm are 0+ */
t.tm_hour = xtime->MBEDTLS_PRIVATE_V30_ONLY(hour);
t.tm_min = xtime->MBEDTLS_PRIVATE_V30_ONLY(min);
t.tm_sec = xtime->MBEDTLS_PRIVATE_V30_ONLY(sec);
t.tm_isdst = -1;
return mktime(&t);
}
static int
lws_tls_mbedtls_get_x509_name(mbedtls_x509_name *name,
union lws_tls_cert_info_results *buf, size_t len)
{
int r = -1;
buf->ns.len = 0;
while (name) {
/*
if (MBEDTLS_OID_CMP(type, &name->oid)) {
name = name->next;
continue;
}
*/
lws_strnncpy(&buf->ns.name[buf->ns.len],
(const char *)name->MBEDTLS_PRIVATE_V30_ONLY(val).MBEDTLS_PRIVATE_V30_ONLY(p),
name->MBEDTLS_PRIVATE_V30_ONLY(val).MBEDTLS_PRIVATE_V30_ONLY(len),
len - (size_t)buf->ns.len);
buf->ns.len = (int)strlen(buf->ns.name);
r = 0;
name = name->MBEDTLS_PRIVATE_V30_ONLY(next);
}
return r;
}
int
lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
mbedtls_x509_buf skid;
lws_mbedtls_x509_authority akid;
if (!x509)
return -1;
if (!len)
len = sizeof(buf->ns.name);
switch (type) {
case LWS_TLS_CERT_INFO_VALIDITY_FROM:
buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE_V30_ONLY(valid_from));
if (buf->time == (time_t)(long long)-1)
return -1;
break;
case LWS_TLS_CERT_INFO_VALIDITY_TO:
buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE_V30_ONLY(valid_to));
if (buf->time == (time_t)(long long)-1)
return -1;
break;
case LWS_TLS_CERT_INFO_COMMON_NAME:
return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE_V30_ONLY(subject), buf, len);
case LWS_TLS_CERT_INFO_ISSUER_NAME:
return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE_V30_ONLY(issuer), buf, len);
case LWS_TLS_CERT_INFO_USAGE:
buf->usage = x509->MBEDTLS_PRIVATE(key_usage);
break;
case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY:
{
char *p = buf->ns.name;
size_t r = len, u;
switch (mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE_V30_ONLY(pk))) {
case MBEDTLS_PK_RSA:
{
mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->MBEDTLS_PRIVATE_V30_ONLY(pk));
if (mbedtls_mpi_write_string(&rsa->MBEDTLS_PRIVATE(N), 16, p, r, &u))
return -1;
r -= u;
p += u;
if (mbedtls_mpi_write_string(&rsa->MBEDTLS_PRIVATE(E), 16, p, r, &u))
return -1;
p += u;
buf->ns.len = lws_ptr_diff(p, buf->ns.name);
break;
}
case MBEDTLS_PK_ECKEY:
{
mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->MBEDTLS_PRIVATE_V30_ONLY(pk));
if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, p, r, &u))
return -1;
r -= u;
p += u;
if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, p, r, &u))
return -1;
r -= u;
p += u;
if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, p, r, &u))
return -1;
p += u;
buf->ns.len = lws_ptr_diff(p, buf->ns.name);
break;
}
default:
lwsl_notice("%s: x509 has unsupported pubkey type %d\n",
__func__,
mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE_V30_ONLY(pk)));
return -1;
}
break;
}
case LWS_TLS_CERT_INFO_DER_RAW:
buf->ns.len = (int)x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len);
if (len < x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len))
/*
* The buffer is too small and the attempt failed, but
* the required object length is in buf->ns.len
*/
return -1;
memcpy(buf->ns.name, x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(p),
x509->MBEDTLS_PRIVATE_V30_ONLY(raw).MBEDTLS_PRIVATE_V30_ONLY(len));
break;
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID:
memset(&akid, 0, sizeof(akid));
memset(&skid, 0, sizeof(skid));
lws_x509_get_crt_ext(x509, &skid, &akid);
if (akid.keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(tag) != MBEDTLS_ASN1_OCTET_STRING)
return 1;
buf->ns.len = (int)akid.keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(len);
if (!akid.keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(p) ||
len < (size_t)buf->ns.len)
return -1;
memcpy(buf->ns.name, akid.keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(p), (size_t)buf->ns.len);
break;
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID_ISSUER: {
mbedtls_x509_sequence * ip;
memset(&akid, 0, sizeof(akid));
memset(&skid, 0, sizeof(skid));
lws_x509_get_crt_ext(x509, &skid, &akid);
ip = &akid.authorityCertIssuer;
buf->ns.len = 0;
while (ip) {
if (akid.keyIdentifier.MBEDTLS_PRIVATE_V30_ONLY(tag) != MBEDTLS_ASN1_OCTET_STRING ||
!ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(p) ||
ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(len) < 9 ||
len < (size_t)ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(len) - 9u)
break;
memcpy(buf->ns.name + buf->ns.len, ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(p),
(size_t)ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(len) - 9);
buf->ns.len = buf->ns.len + (int)ip->MBEDTLS_PRIVATE_V30_ONLY(buf).MBEDTLS_PRIVATE_V30_ONLY(len) - 9;
ip = ip->MBEDTLS_PRIVATE_V30_ONLY(next);
}
break;
}
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID_SERIAL:
memset(&akid, 0, sizeof(akid));
memset(&skid, 0, sizeof(skid));
lws_x509_get_crt_ext(x509, &skid, &akid);
if (akid.authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(tag) != MBEDTLS_ASN1_OCTET_STRING)
return 1;
buf->ns.len = (int)akid.authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(len);
if (!akid.authorityCertSerialNumber.MBEDTLS_PRIVATE_V30_ONLY(p) ||
len < (size_t)buf->ns.len)
return -1;
memcpy(buf->ns.name, akid.authorityCertSerialNumber.
MBEDTLS_PRIVATE_V30_ONLY(p), (size_t)buf->ns.len);
break;
case LWS_TLS_CERT_INFO_SUBJECT_KEY_ID:
memset(&akid, 0, sizeof(akid));
memset(&skid, 0, sizeof(skid));
lws_x509_get_crt_ext(x509, &skid, &akid);
if (skid.MBEDTLS_PRIVATE_V30_ONLY(tag) != MBEDTLS_ASN1_OCTET_STRING)
return 1;
buf->ns.len = (int)skid.MBEDTLS_PRIVATE_V30_ONLY(len);
if (len < (size_t)buf->ns.len)
return -1;
memcpy(buf->ns.name, skid.MBEDTLS_PRIVATE_V30_ONLY(p), (size_t)buf->ns.len);
break;
default:
return -1;
}
return 0;
}
#if defined(LWS_WITH_NETWORK)
int
lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
mbedtls_x509_crt *x509;
x509 = ssl_ctx_get_mbedtls_x509_crt(vhost->tls.ssl_ctx);
return lws_tls_mbedtls_cert_info(x509, type, buf, len);
}
int
lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
mbedtls_x509_crt *x509;
wsi = lws_get_network_wsi(wsi);
x509 = ssl_get_peer_mbedtls_x509_crt(wsi->tls.ssl);
if (!x509)
return -1;
switch (type) {
case LWS_TLS_CERT_INFO_VERIFIED:
buf->verified = SSL_get_verify_result(wsi->tls.ssl) == X509_V_OK;
return 0;
default:
return lws_tls_mbedtls_cert_info(x509, type, buf, len);
}
return -1;
}
#endif
int
lws_x509_info(struct lws_x509_cert *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
return lws_tls_mbedtls_cert_info(&x509->cert, type, buf, len);
}
int
lws_x509_create(struct lws_x509_cert **x509)
{
*x509 = lws_malloc(sizeof(**x509), __func__);
return !(*x509);
}
/*
* Parse one DER-encoded or one or more concatenated PEM-encoded certificates
* and add them to the chained list.
*/
int
lws_x509_parse_from_pem(struct lws_x509_cert *x509, const void *pem, size_t len)
{
int ret;
mbedtls_x509_crt_init(&x509->cert);
ret = mbedtls_x509_crt_parse(&x509->cert, pem, len);
if (ret) {
if (ret > 0)
mbedtls_x509_crt_free(&x509->cert);
lwsl_err("%s: unable to parse PEM cert: -0x%x\n",
__func__, -ret);
return -1;
}
return 0;
}
int
lws_x509_verify(struct lws_x509_cert *x509, struct lws_x509_cert *trusted,
const char *common_name)
{
uint32_t flags = 0;
int ret;
ret = mbedtls_x509_crt_verify_with_profile(&x509->cert, &trusted->cert,
NULL,
&mbedtls_x509_crt_profile_next,
common_name, &flags, NULL,
NULL);
if (ret) {
lwsl_err("%s: unable to parse PEM cert: -0x%x\n",
__func__, -ret);
return -1;
}
return 0;
}
#if defined(LWS_WITH_JOSE)
int
lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509,
const char *curves, int rsa_min_bits)
{
int kt = (int)mbedtls_pk_get_type(&x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk)),
n, count = 0, ret = -1;
mbedtls_rsa_context *rsactx;
mbedtls_ecp_keypair *ecpctx;
mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT];
memset(jwk, 0, sizeof(*jwk));
switch (kt) {
case MBEDTLS_PK_RSA:
lwsl_notice("%s: RSA key\n", __func__);
jwk->kty = LWS_GENCRYPTO_KTY_RSA;
rsactx = mbedtls_pk_rsa(x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk));
mpi[LWS_GENCRYPTO_RSA_KEYEL_E] = &rsactx->MBEDTLS_PRIVATE(E);
mpi[LWS_GENCRYPTO_RSA_KEYEL_N] = &rsactx->MBEDTLS_PRIVATE(N);
mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->MBEDTLS_PRIVATE(D);
mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->MBEDTLS_PRIVATE(P);
mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->MBEDTLS_PRIVATE(Q);
mpi[LWS_GENCRYPTO_RSA_KEYEL_DP] = &rsactx->MBEDTLS_PRIVATE(DP);
mpi[LWS_GENCRYPTO_RSA_KEYEL_DQ] = &rsactx->MBEDTLS_PRIVATE(DQ);
mpi[LWS_GENCRYPTO_RSA_KEYEL_QI] = &rsactx->MBEDTLS_PRIVATE(QP);
count = LWS_GENCRYPTO_RSA_KEYEL_QI + 1;
n = LWS_GENCRYPTO_RSA_KEYEL_E;
break;
case MBEDTLS_PK_ECKEY:
lwsl_notice("%s: EC key\n", __func__);
jwk->kty = LWS_GENCRYPTO_KTY_EC;
ecpctx = mbedtls_pk_ec(x509->cert.MBEDTLS_PRIVATE_V30_ONLY(pk));
mpi[LWS_GENCRYPTO_EC_KEYEL_X] = &ecpctx->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X);
mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->MBEDTLS_PRIVATE(d);
mpi[LWS_GENCRYPTO_EC_KEYEL_Y] = &ecpctx->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y);
if (lws_genec_confirm_curve_allowed_by_tls_id(curves,
(int)ecpctx->MBEDTLS_PRIVATE(grp).id, jwk))
/* already logged */
goto bail;
count = LWS_GENCRYPTO_EC_KEYEL_COUNT;
n = LWS_GENCRYPTO_EC_KEYEL_X;
break;
default:
lwsl_err("%s: key type %d not supported\n", __func__, kt);
return -1;
}
for (; n < count; n++) {
if (!mbedtls_mpi_size(mpi[n]))
continue;
jwk->e[n].buf = lws_malloc(mbedtls_mpi_size(mpi[n]), "certjwk");
if (!jwk->e[n].buf)
goto bail;
jwk->e[n].len = (uint32_t)mbedtls_mpi_size(mpi[n]);
mbedtls_mpi_write_binary(mpi[n], jwk->e[n].buf, jwk->e[n].len);
}
ret = 0;
bail:
/* jwk destroy will clean up partials */
if (ret)
lws_jwk_destroy(jwk);
return ret;
}
int
lws_x509_jwk_privkey_pem(struct lws_context *cx, struct lws_jwk *jwk,
void *pem, size_t len, const char *passphrase)
{
mbedtls_rsa_context *rsactx;
mbedtls_ecp_keypair *ecpctx;
mbedtls_pk_context pk;
mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT];
int n, ret = -1, count = 0;
mbedtls_pk_init(&pk);
n = 0;
if (passphrase)
n = (int)strlen(passphrase);
n = mbedtls_pk_parse_key(&pk, pem, len, (uint8_t *)passphrase, (unsigned int)n
#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000
, mbedtls_ctr_drbg_random, &cx->mcdc
#endif
);
if (n) {
lwsl_err("%s: parse PEM key failed: -0x%x\n", __func__, -n);
return -1;
}
/* the incoming private key type */
switch (mbedtls_pk_get_type(&pk)) {
case MBEDTLS_PK_RSA:
if (jwk->kty != LWS_GENCRYPTO_KTY_RSA) {
lwsl_err("%s: RSA privkey, non-RSA jwk\n", __func__);
goto bail;
}
rsactx = mbedtls_pk_rsa(pk);
mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->MBEDTLS_PRIVATE(D);
mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->MBEDTLS_PRIVATE(P);
mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->MBEDTLS_PRIVATE(Q);
n = LWS_GENCRYPTO_RSA_KEYEL_D;
count = LWS_GENCRYPTO_RSA_KEYEL_Q + 1;
break;
case MBEDTLS_PK_ECKEY:
if (jwk->kty != LWS_GENCRYPTO_KTY_EC) {
lwsl_err("%s: EC privkey, non-EC jwk\n", __func__);
goto bail;
}
ecpctx = mbedtls_pk_ec(pk);
mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->MBEDTLS_PRIVATE(d);
n = LWS_GENCRYPTO_EC_KEYEL_D;
count = n + 1;
break;
default:
lwsl_err("%s: unusable key type %d\n", __func__,
mbedtls_pk_get_type(&pk));
goto bail;
}
for (; n < count; n++) {
if (!mbedtls_mpi_size(mpi[n])) {
lwsl_err("%s: empty privkey\n", __func__);
goto bail;
}
jwk->e[n].buf = lws_malloc(mbedtls_mpi_size(mpi[n]), "certjwk");
if (!jwk->e[n].buf)
goto bail;
jwk->e[n].len = (uint32_t)mbedtls_mpi_size(mpi[n]);
mbedtls_mpi_write_binary(mpi[n], jwk->e[n].buf, jwk->e[n].len);
}
ret = 0;
bail:
mbedtls_pk_free(&pk);
return ret;
}
#endif
void
lws_x509_destroy(struct lws_x509_cert **x509)
{
if (!*x509)
return;
mbedtls_x509_crt_free(&(*x509)->cert);
lws_free_set_NULL(*x509);
}

65
Kinc/Sources/kinc/libs/core/tls/mbedtls/private-lib-tls-mbedtls.h Normal file
View File

@ -0,0 +1,65 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* gencrypto mbedtls-specific helper declarations
*/
#include <mbedtls/x509_crl.h>
#include <errno.h>
struct lws_x509_cert {
mbedtls_x509_crt cert; /* has a .next for linked-list / chain */
};
typedef struct lws_mbedtls_x509_authority
{
mbedtls_x509_buf keyIdentifier;
mbedtls_x509_sequence authorityCertIssuer;
mbedtls_x509_buf authorityCertSerialNumber;
mbedtls_x509_buf raw;
}
lws_mbedtls_x509_authority;
mbedtls_md_type_t
lws_gencrypto_mbedtls_hash_to_MD_TYPE(enum lws_genhash_types hash_type);
int
lws_gencrypto_mbedtls_rngf(void *context, unsigned char *buf, size_t len);
int
lws_tls_session_new_mbedtls(struct lws *wsi);
int
lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len);
int
lws_x509_get_crt_ext(mbedtls_x509_crt *crt, mbedtls_x509_buf *skid,
lws_mbedtls_x509_authority *akid);
#if (MBEDTLS_VERSION_MAJOR == 3) && (MBEDTLS_VERSION_MINOR >= 5)
int mbedtls_x509_get_name(unsigned char **p, const unsigned char *end,
mbedtls_x509_name *cur);
#endif

44
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl3.h Normal file
View File

@ -0,0 +1,44 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL3_H_
#define _SSL3_H_
#ifdef __cplusplus
extern "C" {
#endif
# define SSL3_AD_CLOSE_NOTIFY 0
# define SSL3_AD_UNEXPECTED_MESSAGE 10/* fatal */
# define SSL3_AD_BAD_RECORD_MAC 20/* fatal */
# define SSL3_AD_DECOMPRESSION_FAILURE 30/* fatal */
# define SSL3_AD_HANDSHAKE_FAILURE 40/* fatal */
# define SSL3_AD_NO_CERTIFICATE 41
# define SSL3_AD_BAD_CERTIFICATE 42
# define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
# define SSL3_AD_CERTIFICATE_REVOKED 44
# define SSL3_AD_CERTIFICATE_EXPIRED 45
# define SSL3_AD_CERTIFICATE_UNKNOWN 46
# define SSL3_AD_ILLEGAL_PARAMETER 47/* fatal */
# define SSL3_AL_WARNING 1
# define SSL3_AL_FATAL 2
#define SSL3_VERSION 0x0300
#ifdef __cplusplus
}
#endif
#endif

55
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_cert.h Normal file
View File

@ -0,0 +1,55 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_CERT_H_
#define _SSL_CERT_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl_types.h"
/**
* @brief create a certification object include private key object according to input certification
*
* @param ic - input certification point
*
* @return certification object point
*/
CERT *__ssl_cert_new(CERT *ic, void *rngctx);
/**
* @brief create a certification object include private key object
*
* @param none
*
* @return certification object point
*/
CERT* ssl_cert_new(void *rngctx);
/**
* @brief free a certification object
*
* @param cert - certification object point
*
* @return none
*/
void ssl_cert_free(CERT *cert);
#ifdef __cplusplus
}
#endif
#endif

124
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_code.h Normal file
View File

@ -0,0 +1,124 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_CODE_H_
#define _SSL_CODE_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl3.h"
#include "tls1.h"
#include "x509_vfy.h"
/* Used in SSL_set_shutdown()/SSL_get_shutdown(); */
# define SSL_SENT_SHUTDOWN 1
# define SSL_RECEIVED_SHUTDOWN 2
# define SSL_VERIFY_NONE 0x00
# define SSL_VERIFY_PEER 0x01
# define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
# define SSL_VERIFY_CLIENT_ONCE 0x04
/*
* The following 3 states are kept in ssl->rlayer.rstate when reads fail, you
* should not need these
*/
# define SSL_ST_READ_HEADER 0xF0
# define SSL_ST_READ_BODY 0xF1
# define SSL_ST_READ_DONE 0xF2
# define SSL_NOTHING 1
# define SSL_WRITING 2
# define SSL_READING 3
# define SSL_X509_LOOKUP 4
# define SSL_ASYNC_PAUSED 5
# define SSL_ASYNC_NO_JOBS 6
# define SSL_ERROR_NONE 0
# define SSL_ERROR_SSL 1
# define SSL_ERROR_WANT_READ 2
# define SSL_ERROR_WANT_WRITE 3
# define SSL_ERROR_WANT_X509_LOOKUP 4
# define SSL_ERROR_SYSCALL 5/* look at error stack/return value/errno */
# define SSL_ERROR_ZERO_RETURN 6
# define SSL_ERROR_WANT_CONNECT 7
# define SSL_ERROR_WANT_ACCEPT 8
# define SSL_ERROR_WANT_ASYNC 9
# define SSL_ERROR_WANT_ASYNC_JOB 10
/* Message flow states */
typedef enum {
/* No handshake in progress */
MSG_FLOW_UNINITED,
/* A permanent error with this connection */
MSG_FLOW_ERROR,
/* We are about to renegotiate */
MSG_FLOW_RENEGOTIATE,
/* We are reading messages */
MSG_FLOW_READING,
/* We are writing messages */
MSG_FLOW_WRITING,
/* Handshake has finished */
MSG_FLOW_FINISHED
} MSG_FLOW_STATE;
/* SSL subsystem states */
typedef enum {
TLS_ST_BEFORE,
TLS_ST_OK,
DTLS_ST_CR_HELLO_VERIFY_REQUEST,
TLS_ST_CR_SRVR_HELLO,
TLS_ST_CR_CERT,
TLS_ST_CR_CERT_STATUS,
TLS_ST_CR_KEY_EXCH,
TLS_ST_CR_CERT_REQ,
TLS_ST_CR_SRVR_DONE,
TLS_ST_CR_SESSION_TICKET,
TLS_ST_CR_CHANGE,
TLS_ST_CR_FINISHED,
TLS_ST_CW_CLNT_HELLO,
TLS_ST_CW_CERT,
TLS_ST_CW_KEY_EXCH,
TLS_ST_CW_CERT_VRFY,
TLS_ST_CW_CHANGE,
TLS_ST_CW_NEXT_PROTO,
TLS_ST_CW_FINISHED,
TLS_ST_SW_HELLO_REQ,
TLS_ST_SR_CLNT_HELLO,
DTLS_ST_SW_HELLO_VERIFY_REQUEST,
TLS_ST_SW_SRVR_HELLO,
TLS_ST_SW_CERT,
TLS_ST_SW_KEY_EXCH,
TLS_ST_SW_CERT_REQ,
TLS_ST_SW_SRVR_DONE,
TLS_ST_SR_CERT,
TLS_ST_SR_KEY_EXCH,
TLS_ST_SR_CERT_VRFY,
TLS_ST_SR_NEXT_PROTO,
TLS_ST_SR_CHANGE,
TLS_ST_SR_FINISHED,
TLS_ST_SW_SESSION_TICKET,
TLS_ST_SW_CERT_STATUS,
TLS_ST_SW_CHANGE,
TLS_ST_SW_FINISHED
} OSSL_HANDSHAKE_STATE;
#ifdef __cplusplus
}
#endif
#endif

190
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_dbg.h Normal file
View File

@ -0,0 +1,190 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_DEBUG_H_
#define _SSL_DEBUG_H_
#include "ssl_port.h"
#ifdef __cplusplus
extern "C" {
#endif
#ifdef CONFIG_OPENSSL_DEBUG_LEVEL
#define SSL_DEBUG_LEVEL CONFIG_OPENSSL_DEBUG_LEVEL
#else
#define SSL_DEBUG_LEVEL 0
#endif
#define SSL_DEBUG_ON (SSL_DEBUG_LEVEL + 1)
#define SSL_DEBUG_OFF (SSL_DEBUG_LEVEL - 1)
#ifdef CONFIG_OPENSSL_DEBUG
#ifndef SSL_DEBUG_LOG
#error "SSL_DEBUG_LOG is not defined"
#endif
#ifndef SSL_DEBUG_FL
#define SSL_DEBUG_FL "\n"
#endif
#define SSL_SHOW_LOCATION() \
SSL_DEBUG_LOG("SSL assert : %s %d\n", \
__FILE__, __LINE__)
#define SSL_DEBUG(level, fmt, ...) \
{ \
if (level > SSL_DEBUG_LEVEL) { \
SSL_DEBUG_LOG(fmt SSL_DEBUG_FL, ##__VA_ARGS__); \
} \
}
#else /* CONFIG_OPENSSL_DEBUG */
#define SSL_SHOW_LOCATION()
#define SSL_DEBUG(level, fmt, ...)
#endif /* CONFIG_OPENSSL_DEBUG */
/**
* OpenSSL assert function
*
* if select "CONFIG_OPENSSL_ASSERT_DEBUG", SSL_ASSERT* will show error file name and line
* if select "CONFIG_OPENSSL_ASSERT_EXIT", SSL_ASSERT* will just return error code.
* if select "CONFIG_OPENSSL_ASSERT_DEBUG_EXIT" SSL_ASSERT* will show error file name and line,
* then return error code.
* if select "CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK", SSL_ASSERT* will show error file name and line,
* then block here with "while (1)"
*
* SSL_ASSERT1 may will return "-1", so function's return argument is integer.
* SSL_ASSERT2 may will return "NULL", so function's return argument is a point.
* SSL_ASSERT2 may will return nothing, so function's return argument is "void".
*/
#if defined(CONFIG_OPENSSL_ASSERT_DEBUG)
#define SSL_ASSERT1(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
} \
}
#define SSL_ASSERT2(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
} \
}
#define SSL_ASSERT3(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
} \
}
#elif defined(CONFIG_OPENSSL_ASSERT_EXIT)
#define SSL_ASSERT1(s) \
{ \
if (!(s)) { \
return -1; \
} \
}
#define SSL_ASSERT2(s) \
{ \
if (!(s)) { \
return NULL; \
} \
}
#define SSL_ASSERT3(s) \
{ \
if (!(s)) { \
return ; \
} \
}
#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_EXIT)
#define SSL_ASSERT1(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
return -1; \
} \
}
#define SSL_ASSERT2(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
return NULL; \
} \
}
#define SSL_ASSERT3(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
return ; \
} \
}
#elif defined(CONFIG_OPENSSL_ASSERT_DEBUG_BLOCK)
#define SSL_ASSERT1(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
while (1); \
} \
}
#define SSL_ASSERT2(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
while (1); \
} \
}
#define SSL_ASSERT3(s) \
{ \
if (!(s)) { \
SSL_SHOW_LOCATION(); \
while (1); \
} \
}
#else
#define SSL_ASSERT1(s)
#define SSL_ASSERT2(s)
#define SSL_ASSERT3(s)
#endif
#define SSL_PLATFORM_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_PLATFORM_ERROR_LEVEL SSL_DEBUG_ON
#define SSL_CERT_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_CERT_ERROR_LEVEL SSL_DEBUG_ON
#define SSL_PKEY_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_PKEY_ERROR_LEVEL SSL_DEBUG_ON
#define SSL_X509_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_X509_ERROR_LEVEL SSL_DEBUG_ON
#define SSL_LIB_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_LIB_ERROR_LEVEL SSL_DEBUG_ON
#define SSL_STACK_DEBUG_LEVEL SSL_DEBUG_OFF
#define SSL_STACK_ERROR_LEVEL SSL_DEBUG_ON
#ifdef __cplusplus
}
#endif
#endif

30
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_lib.h Normal file
View File

@ -0,0 +1,30 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_LIB_H_
#define _SSL_LIB_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl_types.h"
void _ssl_set_alpn_list(const SSL *ssl);
#ifdef __cplusplus
}
#endif
#endif

121
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_methods.h Normal file
View File

@ -0,0 +1,121 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_METHODS_H_
#define _SSL_METHODS_H_
#include "ssl_types.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* TLS method function implement
*/
#define IMPLEMENT_TLS_METHOD_FUNC(func_name, \
new, free, \
handshake, shutdown, clear, \
read, send, pending, \
set_fd, get_fd, \
set_bufflen, \
get_verify_result, \
get_state) \
static const SSL_METHOD_FUNC func_name LOCAL_ATRR = { \
new, \
free, \
handshake, \
shutdown, \
clear, \
read, \
send, \
pending, \
set_fd, \
get_fd, \
set_bufflen, \
get_verify_result, \
get_state \
};
#define IMPLEMENT_TLS_METHOD(ver, mode, fun, func_name) \
const SSL_METHOD* func_name(void) { \
static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
ver, \
mode, \
&(fun), \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_SSL_METHOD(ver, mode, fun, func_name) \
const SSL_METHOD* func_name(void) { \
static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
ver, \
mode, \
&(fun), \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_X509_METHOD(func_name, \
new, \
free, \
load, \
show_info) \
const X509_METHOD* func_name(void) { \
static const X509_METHOD func_name##_data LOCAL_ATRR = { \
new, \
free, \
load, \
show_info \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_PKEY_METHOD(func_name, \
new, \
free, \
load) \
const PKEY_METHOD* func_name(void) { \
static const PKEY_METHOD func_name##_data LOCAL_ATRR = { \
new, \
free, \
load \
}; \
return &func_name##_data; \
}
/**
* @brief get X509 object method
*
* @param none
*
* @return X509 object method point
*/
const X509_METHOD* X509_method(void);
/**
* @brief get private key object method
*
* @param none
*
* @return private key object method point
*/
const PKEY_METHOD* EVP_PKEY_method(void);
#ifdef __cplusplus
}
#endif
#endif

86
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_pkey.h Normal file
View File

@ -0,0 +1,86 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PKEY_H_
#define _SSL_PKEY_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl_types.h"
/**
* @brief create a private key object according to input private key
*
* @param ipk - input private key point
*
* @return new private key object point
*/
EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk, void *rngctx);
/**
* @brief create a private key object
*
* @param none
*
* @return private key object point
*/
EVP_PKEY* EVP_PKEY_new(void *rngctx);
/**
* @brief load a character key context into system context. If '*a' is pointed to the
* private key, then load key into it. Or create a new private key object
*
* @param type - private key type
* @param a - a point pointed to a private key point
* @param pp - a point pointed to the key context memory point
* @param length - key bytes
*
* @return private key object point
*/
EVP_PKEY* d2i_PrivateKey(int type,
EVP_PKEY **a,
const unsigned char **pp,
long length, void *rngctx);
/**
* @brief free a private key object
*
* @param pkey - private key object point
*
* @return none
*/
void EVP_PKEY_free(EVP_PKEY *x);
/**
* @brief load private key into the SSL
*
* @param type - private key type
* @param ssl - SSL point
* @param len - data bytes
* @param d - data point
*
* @return result
* 0 : failed
* 1 : OK
*/
int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, const unsigned char *d, long len);
#ifdef __cplusplus
}
#endif
#endif

52
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_stack.h Normal file
View File

@ -0,0 +1,52 @@
#ifndef _SSL_STACK_H_
#define _SSL_STACK_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl_types.h"
#define STACK_OF(type) struct stack_st_##type
#define SKM_DEFINE_STACK_OF(t1, t2, t3) \
STACK_OF(t1); \
static ossl_inline STACK_OF(t1) *sk_##t1##_new_null(void) \
{ \
return (STACK_OF(t1) *)OPENSSL_sk_new_null(); \
} \
#define DEFINE_STACK_OF(t) SKM_DEFINE_STACK_OF(t, t, t)
/**
* @brief create a openssl stack object
*
* @param c - stack function
*
* @return openssl stack object point
*/
OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c);
/**
* @brief create a NULL function openssl stack object
*
* @param none
*
* @return openssl stack object point
*/
OPENSSL_STACK *OPENSSL_sk_new_null(void);
/**
* @brief free openssl stack object
*
* @param openssl stack object point
*
* @return none
*/
void OPENSSL_sk_free(OPENSSL_STACK *stack);
#ifdef __cplusplus
}
#endif
#endif

321
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_types.h Normal file
View File

@ -0,0 +1,321 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_TYPES_H_
#define _SSL_TYPES_H_
#ifdef __cplusplus
extern "C" {
#endif
//#include "private-lib-core.h"
#include <lws_config.h>
#if defined(LWS_PLAT_FREERTOS)
/* AMAZON RTOS has its own setting via MTK_MBEDTLS_CONFIG_FILE */
#if !defined(LWS_AMAZON_RTOS)
#undef MBEDTLS_CONFIG_FILE
#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h>
#endif
#endif
#include "ssl_code.h"
#include <mbedtls/x509_crt.h>
#include "private-jit-trust.h"
typedef void SSL_CIPHER;
typedef void X509_STORE_CTX;
typedef void X509_STORE;
typedef void RSA;
typedef void STACK;
typedef void BIO;
#if defined(WIN32) || defined(_WIN32)
#define ossl_inline __inline
#else
#define ossl_inline inline
#endif
#define SSL_METHOD_CALL(f, s, ...) s->method->func->ssl_##f(s, ##__VA_ARGS__)
#define X509_METHOD_CALL(f, x, ...) x->method->x509_##f(x, ##__VA_ARGS__)
#define EVP_PKEY_METHOD_CALL(f, k, ...) k->method->pkey_##f(k, ##__VA_ARGS__)
typedef int (*OPENSSL_sk_compfunc)(const void *, const void *);
struct stack_st;
typedef struct stack_st OPENSSL_STACK;
struct ssl_method_st;
typedef struct ssl_method_st SSL_METHOD;
struct ssl_method_func_st;
typedef struct ssl_method_func_st SSL_METHOD_FUNC;
struct record_layer_st;
typedef struct record_layer_st RECORD_LAYER;
struct ossl_statem_st;
typedef struct ossl_statem_st OSSL_STATEM;
struct ssl_session_st;
typedef struct ssl_session_st SSL_SESSION;
struct ssl_ctx_st;
typedef struct ssl_ctx_st SSL_CTX;
struct ssl_st;
typedef struct ssl_st SSL;
struct cert_st;
typedef struct cert_st CERT;
struct x509_st;
typedef struct x509_st X509;
struct X509_VERIFY_PARAM_st;
typedef struct X509_VERIFY_PARAM_st X509_VERIFY_PARAM;
struct evp_pkey_st;
typedef struct evp_pkey_st EVP_PKEY;
struct x509_method_st;
typedef struct x509_method_st X509_METHOD;
struct pkey_method_st;
typedef struct pkey_method_st PKEY_METHOD;
struct stack_st {
char **data;
int num_alloc;
OPENSSL_sk_compfunc c;
};
struct evp_pkey_st {
void *pkey_pm;
const PKEY_METHOD *method;
};
struct x509_st {
/* X509 certification platform private point */
void *x509_pm;
const X509_METHOD *method;
};
struct cert_st {
int sec_level;
X509 *x509;
EVP_PKEY *pkey;
};
struct ossl_statem_st {
MSG_FLOW_STATE state;
int hand_state;
};
struct record_layer_st {
int rstate;
int read_ahead;
};
struct ssl_session_st {
long timeout;
long time;
X509 *peer;
};
struct X509_VERIFY_PARAM_st {
int depth;
};
typedef int (*next_proto_cb)(SSL *ssl, const unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg);
struct ssl_ctx_st
{
int version;
int references;
unsigned long options;
const SSL_METHOD *method;
CERT *cert;
X509 *client_CA;
const char **alpn_protos;
next_proto_cb alpn_cb;
int verify_mode;
int (*default_verify_callback) (SSL *, mbedtls_x509_crt *);
long session_timeout;
int read_ahead;
int read_buffer_len;
X509_VERIFY_PARAM param;
void *rngctx;
};
struct ssl_st
{
/* protocol version(one of SSL3.0, TLS1.0, etc.) */
int version;
unsigned long options;
/* shut things down(0x01 : sent, 0x02 : received) */
int shutdown;
CERT *cert;
X509 *client_CA;
SSL_CTX *ctx;
const SSL_METHOD *method;
const char **alpn_protos;
RECORD_LAYER rlayer;
/* where we are */
OSSL_STATEM statem;
SSL_SESSION *session;
int verify_mode;
int (*verify_callback) (SSL *, mbedtls_x509_crt *);
#if defined(LWS_WITH_TLS_JIT_TRUST)
lws_tls_kid_chain_t kid_chain;
#endif
int rwstate;
int interrupted_remaining_write;
long verify_result;
X509_VERIFY_PARAM param;
int err;
void (*info_callback) (const SSL *ssl, int type, int val);
/* SSL low-level system arch point */
void *ssl_pm;
};
struct ssl_method_st {
/* protocol version(one of SSL3.0, TLS1.0, etc.) */
int version;
/* SSL mode(client(0) , server(1), not known(-1)) */
int endpoint;
const SSL_METHOD_FUNC *func;
};
struct ssl_method_func_st {
int (*ssl_new)(SSL *ssl);
void (*ssl_free)(SSL *ssl);
int (*ssl_handshake)(SSL *ssl);
int (*ssl_shutdown)(SSL *ssl);
int (*ssl_clear)(SSL *ssl);
int (*ssl_read)(SSL *ssl, void *buffer, int len);
int (*ssl_send)(SSL *ssl, const void *buffer, int len);
int (*ssl_pending)(const SSL *ssl);
void (*ssl_set_fd)(SSL *ssl, int fd, int mode);
int (*ssl_get_fd)(const SSL *ssl, int mode);
void (*ssl_set_bufflen)(SSL *ssl, int len);
long (*ssl_get_verify_result)(const SSL *ssl);
OSSL_HANDSHAKE_STATE (*ssl_get_state)(const SSL *ssl);
};
struct x509_method_st {
int (*x509_new)(X509 *x, X509 *m_x);
void (*x509_free)(X509 *x);
int (*x509_load)(X509 *x, const unsigned char *buf, int len);
int (*x509_show_info)(X509 *x);
};
struct pkey_method_st {
int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey, void *rngctx);
void (*pkey_free)(EVP_PKEY *pkey);
int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len);
};
#define OPENSSL_NPN_NEGOTIATED 1
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
#ifdef __cplusplus
}
#endif
#endif

111
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/ssl_x509.h Normal file
View File

@ -0,0 +1,111 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_X509_H_
#define _SSL_X509_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "ssl_types.h"
#include "ssl_stack.h"
DEFINE_STACK_OF(X509_NAME)
/**
* @brief create a X509 certification object according to input X509 certification
*
* @param ix - input X509 certification point
*
* @return new X509 certification object point
*/
X509* __X509_new(X509 *ix);
/**
* @brief create a X509 certification object
*
* @param none
*
* @return X509 certification object point
*/
X509* X509_new(void);
/**
* @brief load a character certification context into system context. If '*cert' is pointed to the
* certification, then load certification into it. Or create a new X509 certification object
*
* @param cert - a point pointed to X509 certification
* @param buffer - a point pointed to the certification context memory point
* @param length - certification bytes
*
* @return X509 certification object point
*/
X509* d2i_X509(X509 **cert, const unsigned char **buffer, long len);
/**
* @brief free a X509 certification object
*
* @param x - X509 certification object point
*
* @return none
*/
void X509_free(X509 *x);
/**
* @brief set SSL context client CA certification
*
* @param ctx - SSL context point
* @param x - X509 certification point
*
* @return result
* 0 : failed
* 1 : OK
*/
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x);
/**
* @brief add CA client certification into the SSL
*
* @param ssl - SSL point
* @param x - X509 certification point
*
* @return result
* 0 : failed
* 1 : OK
*/
int SSL_add_client_CA(SSL *ssl, X509 *x);
/**
* @brief load certification into the SSL
*
* @param ssl - SSL point
* @param len - data bytes
* @param d - data point
*
* @return result
* 0 : failed
* 1 : OK
*
*/
int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len);
const char *X509_verify_cert_error_string(long n);
#ifdef __cplusplus
}
#endif
#endif

58
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/tls1.h Normal file
View File

@ -0,0 +1,58 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _TLS1_H_
#define _TLS1_H_
#ifdef __cplusplus
extern "C" {
#endif
# define TLS1_AD_DECRYPTION_FAILED 21
# define TLS1_AD_RECORD_OVERFLOW 22
# define TLS1_AD_UNKNOWN_CA 48/* fatal */
# define TLS1_AD_ACCESS_DENIED 49/* fatal */
# define TLS1_AD_DECODE_ERROR 50/* fatal */
# define TLS1_AD_DECRYPT_ERROR 51
# define TLS1_AD_EXPORT_RESTRICTION 60/* fatal */
# define TLS1_AD_PROTOCOL_VERSION 70/* fatal */
# define TLS1_AD_INSUFFICIENT_SECURITY 71/* fatal */
# define TLS1_AD_INTERNAL_ERROR 80/* fatal */
# define TLS1_AD_INAPPROPRIATE_FALLBACK 86/* fatal */
# define TLS1_AD_USER_CANCELLED 90
# define TLS1_AD_NO_RENEGOTIATION 100
/* codes 110-114 are from RFC3546 */
# define TLS1_AD_UNSUPPORTED_EXTENSION 110
# define TLS1_AD_CERTIFICATE_UNOBTAINABLE 111
# define TLS1_AD_UNRECOGNIZED_NAME 112
# define TLS1_AD_BAD_CERTIFICATE_STATUS_RESPONSE 113
# define TLS1_AD_BAD_CERTIFICATE_HASH_VALUE 114
# define TLS1_AD_UNKNOWN_PSK_IDENTITY 115/* fatal */
# define TLS1_AD_NO_APPLICATION_PROTOCOL 120 /* fatal */
/* Special value for method supporting multiple versions */
#define TLS_ANY_VERSION 0x10000
#define TLS1_VERSION 0x0301
#define TLS1_1_VERSION 0x0302
#define TLS1_2_VERSION 0x0303
#define SSL_TLSEXT_ERR_OK 0
#define SSL_TLSEXT_ERR_NOACK 3
#ifdef __cplusplus
}
#endif
#endif

111
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/internal/x509_vfy.h Normal file
View File

@ -0,0 +1,111 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _X509_VFY_H_
#define _X509_VFY_H_
#ifdef __cplusplus
extern "C" {
#endif
#define X509_V_OK 0
#define X509_V_ERR_UNSPECIFIED 1
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
#define X509_V_ERR_UNABLE_TO_GET_CRL 3
#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
#define X509_V_ERR_CERT_NOT_YET_VALID 9
#define X509_V_ERR_CERT_HAS_EXPIRED 10
#define X509_V_ERR_CRL_NOT_YET_VALID 11
#define X509_V_ERR_CRL_HAS_EXPIRED 12
#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD 15
#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD 16
#define X509_V_ERR_OUT_OF_MEM 17
#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
#define X509_V_ERR_CERT_REVOKED 23
#define X509_V_ERR_INVALID_CA 24
#define X509_V_ERR_PATH_LENGTH_EXCEEDED 25
#define X509_V_ERR_INVALID_PURPOSE 26
#define X509_V_ERR_CERT_UNTRUSTED 27
#define X509_V_ERR_CERT_REJECTED 28
/* These are 'informational' when looking for issuer cert */
#define X509_V_ERR_SUBJECT_ISSUER_MISMATCH 29
#define X509_V_ERR_AKID_SKID_MISMATCH 30
#define X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH 31
#define X509_V_ERR_KEYUSAGE_NO_CERTSIGN 32
#define X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER 33
#define X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION 34
#define X509_V_ERR_KEYUSAGE_NO_CRL_SIGN 35
#define X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION 36
#define X509_V_ERR_INVALID_NON_CA 37
#define X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED 38
#define X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE 39
#define X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED 40
#define X509_V_ERR_INVALID_EXTENSION 41
#define X509_V_ERR_INVALID_POLICY_EXTENSION 42
#define X509_V_ERR_NO_EXPLICIT_POLICY 43
#define X509_V_ERR_DIFFERENT_CRL_SCOPE 44
#define X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE 45
#define X509_V_ERR_UNNESTED_RESOURCE 46
#define X509_V_ERR_PERMITTED_VIOLATION 47
#define X509_V_ERR_EXCLUDED_VIOLATION 48
#define X509_V_ERR_SUBTREE_MINMAX 49
/* The application is not happy */
#define X509_V_ERR_APPLICATION_VERIFICATION 50
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE 51
#define X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX 52
#define X509_V_ERR_UNSUPPORTED_NAME_SYNTAX 53
#define X509_V_ERR_CRL_PATH_VALIDATION_ERROR 54
/* Another issuer check debug option */
#define X509_V_ERR_PATH_LOOP 55
/* Suite B mode algorithm violation */
#define X509_V_ERR_SUITE_B_INVALID_VERSION 56
#define X509_V_ERR_SUITE_B_INVALID_ALGORITHM 57
#define X509_V_ERR_SUITE_B_INVALID_CURVE 58
#define X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM 59
#define X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED 60
#define X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
/* Host, email and IP check errors */
#define X509_V_ERR_HOSTNAME_MISMATCH 62
#define X509_V_ERR_EMAIL_MISMATCH 63
#define X509_V_ERR_IP_ADDRESS_MISMATCH 64
/* DANE TLSA errors */
#define X509_V_ERR_DANE_NO_MATCH 65
/* security level errors */
#define X509_V_ERR_EE_KEY_TOO_SMALL 66
#define X509_V_ERR_CA_KEY_TOO_SMALL 67
#define X509_V_ERR_CA_MD_TOO_WEAK 68
/* Caller error */
#define X509_V_ERR_INVALID_CALL 69
/* Issuer lookup error */
#define X509_V_ERR_STORE_LOOKUP 70
/* Certificate transparency */
#define X509_V_ERR_NO_VALID_SCTS 71
#define X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION 72
#ifdef __cplusplus
}
#endif
#endif

1829
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/openssl/ssl.h Executable file
View File

File diff suppressed because it is too large Load Diff

61
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/platform/ssl_pm.h Normal file
View File

@ -0,0 +1,61 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PM_H_
#define _SSL_PM_H_
#ifdef __cplusplus
extern "C" {
#endif
#include <string.h>
#include "ssl_types.h"
#include "ssl_port.h"
#define LOCAL_ATRR
int ssl_pm_new(SSL *ssl);
void ssl_pm_free(SSL *ssl);
int ssl_pm_handshake(SSL *ssl);
int ssl_pm_shutdown(SSL *ssl);
int ssl_pm_clear(SSL *ssl);
int ssl_pm_read(SSL *ssl, void *buffer, int len);
int ssl_pm_send(SSL *ssl, const void *buffer, int len);
int ssl_pm_pending(const SSL *ssl);
void ssl_pm_set_fd(SSL *ssl, int fd, int mode);
int ssl_pm_get_fd(const SSL *ssl, int mode);
OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);
void ssl_pm_set_bufflen(SSL *ssl, int len);
int x509_pm_show_info(X509 *x);
int x509_pm_new(X509 *x, X509 *m_x);
void x509_pm_free(X509 *x);
int x509_pm_load(X509 *x, const unsigned char *buffer, int len);
int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk, void *rngctx);
void pkey_pm_free(EVP_PKEY *pk);
int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len);
long ssl_pm_get_verify_result(const SSL *ssl);
#ifdef __cplusplus
}
#endif
#endif

46
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/include/platform/ssl_port.h Normal file
View File

@ -0,0 +1,46 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PORT_H_
#define _SSL_PORT_H_
#ifdef __cplusplus
extern "C" {
#endif
#include "string.h"
#include "stdlib.h"
#if defined(LWS_HAVE_MALLOC_H)
#include "malloc.h"
#endif
void *ssl_mem_zalloc(size_t size);
#define ssl_mem_malloc malloc
#define ssl_mem_free free
#define ssl_memcpy memcpy
#define ssl_strlen strlen
#define ssl_speed_up_enter()
#define ssl_speed_up_exit()
#define SSL_DEBUG_FL
#define SSL_DEBUG_LOG(fmt, ...) ESP_LOGI("openssl", fmt, ##__VA_ARGS__)
#ifdef __cplusplus
}
#endif
#endif

89
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_cert.c Normal file
View File

@ -0,0 +1,89 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "private-lib-core.h"
#include "ssl_cert.h"
#include "ssl_pkey.h"
#include "ssl_x509.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
/**
* @brief create a certification object according to input certification
*/
CERT *__ssl_cert_new(CERT *ic, void *rngctx)
{
CERT *cert;
X509 *ix;
EVP_PKEY *ipk;
cert = ssl_mem_zalloc(sizeof(CERT));
if (!cert) {
SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "no enough memory > (cert)");
goto no_mem;
}
if (ic) {
ipk = ic->pkey;
ix = ic->x509;
} else {
ipk = NULL;
ix = NULL;
}
cert->pkey = __EVP_PKEY_new(ipk, rngctx);
if (!cert->pkey) {
SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__EVP_PKEY_new() return NULL");
goto pkey_err;
}
cert->x509 = __X509_new(ix);
if (!cert->x509) {
SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__X509_new() return NULL");
goto x509_err;
}
return cert;
x509_err:
EVP_PKEY_free(cert->pkey);
pkey_err:
ssl_mem_free(cert);
no_mem:
return NULL;
}
/**
* @brief create a certification object include private key object
*/
CERT *ssl_cert_new(void *rngctx)
{
return __ssl_cert_new(NULL, rngctx);
}
/**
* @brief free a certification object
*/
void ssl_cert_free(CERT *cert)
{
SSL_ASSERT3(cert);
X509_free(cert->x509);
EVP_PKEY_free(cert->pkey);
ssl_mem_free(cert);
}

1246
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_lib.c Normal file
View File

File diff suppressed because it is too large Load Diff

89
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_methods.c Normal file
View File

@ -0,0 +1,89 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "private-lib-core.h"
#include "ssl_methods.h"
#include "ssl_pm.h"
/**
* TLS method function collection
*/
IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func,
ssl_pm_new, ssl_pm_free,
ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear,
ssl_pm_read, ssl_pm_send, ssl_pm_pending,
ssl_pm_set_fd, ssl_pm_get_fd,
ssl_pm_set_bufflen,
ssl_pm_get_verify_result,
ssl_pm_get_state);
/**
* TLS or SSL client method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method);
IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method);
#if 0
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 0, TLS_method_func, TLSv1_1_client_method);
IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method);
#endif
/**
* TLS or SSL server method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method);
IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 1, TLS_method_func, TLSv1_2_server_method);
#if 0
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method);
IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method);
#endif
/**
* TLS or SSL method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method);
IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method);
#if 0
IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method);
IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method);
#endif
/**
* @brief get X509 object method
*/
IMPLEMENT_X509_METHOD(X509_method,
x509_pm_new, x509_pm_free,
x509_pm_load, x509_pm_show_info);
/**
* @brief get private key object method
*/
IMPLEMENT_PKEY_METHOD(EVP_PKEY_method,
pkey_pm_new, pkey_pm_free,
pkey_pm_load);

241
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_pkey.c Normal file
View File

@ -0,0 +1,241 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "private-lib-core.h"
#include "ssl_pkey.h"
#include "ssl_methods.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
/**
* @brief create a private key object according to input private key
*/
EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk, void *rngctx)
{
int ret;
EVP_PKEY *pkey;
pkey = ssl_mem_zalloc(sizeof(EVP_PKEY));
if (!pkey) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "no enough memory > (pkey)");
goto no_mem;
}
if (ipk) {
pkey->method = ipk->method;
} else {
pkey->method = EVP_PKEY_method();
}
ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk, rngctx);
if (ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(new) return %d", ret);
goto failed;
}
return pkey;
failed:
ssl_mem_free(pkey);
no_mem:
return NULL;
}
/**
* @brief create a private key object
*/
EVP_PKEY* EVP_PKEY_new(void *rngctx)
{
return __EVP_PKEY_new(NULL, rngctx);
}
/**
* @brief free a private key object
*/
void EVP_PKEY_free(EVP_PKEY *pkey)
{
SSL_ASSERT3(pkey);
EVP_PKEY_METHOD_CALL(free, pkey);
ssl_mem_free(pkey);
}
/**
* @brief load a character key context into system context. If '*a' is pointed to the
* private key, then load key into it. Or create a new private key object
*/
EVP_PKEY *d2i_PrivateKey(int type,
EVP_PKEY **a,
const unsigned char **pp,
long length, void *rngctx)
{
int m = 0;
int ret;
EVP_PKEY *pkey;
SSL_ASSERT2(pp);
SSL_ASSERT2(*pp);
SSL_ASSERT2(length);
if (a && *a) {
pkey = *a;
} else {
pkey = EVP_PKEY_new(rngctx);
if (!pkey) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_new() return NULL");
goto failed1;
}
m = 1;
}
ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, (int)length);
if (ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(load) return %d", ret);
goto failed2;
}
if (a)
*a = pkey;
return pkey;
failed2:
if (m)
EVP_PKEY_free(pkey);
failed1:
return NULL;
}
/**
* @brief set the SSL context private key
*/
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
{
SSL_ASSERT1(ctx);
SSL_ASSERT1(pkey);
if (ctx->cert->pkey == pkey)
return 1;
if (ctx->cert->pkey)
EVP_PKEY_free(ctx->cert->pkey);
ctx->cert->pkey = pkey;
return 1;
}
/**
* @brief set the SSL private key
*/
int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey)
{
SSL_ASSERT1(ssl);
SSL_ASSERT1(pkey);
if (ssl->cert->pkey == pkey)
return 1;
if (ssl->cert->pkey)
EVP_PKEY_free(ssl->cert->pkey);
ssl->cert->pkey = pkey;
return 1;
}
/**
* @brief load private key into the SSL context
*/
int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
const unsigned char *d, long len)
{
int ret;
EVP_PKEY *pk;
pk = d2i_PrivateKey(0, NULL, &d, len, ctx->rngctx);
if (!pk) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL");
goto failed1;
}
ret = SSL_CTX_use_PrivateKey(ctx, pk);
if (!ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_PrivateKey() return %d", ret);
goto failed2;
}
return 1;
failed2:
EVP_PKEY_free(pk);
failed1:
return 0;
}
/**
* @brief load private key into the SSL
*/
int SSL_use_PrivateKey_ASN1(int type, SSL *ssl,
const unsigned char *d, long len)
{
int ret;
EVP_PKEY *pk;
pk = d2i_PrivateKey(0, NULL, &d, len, ssl->ctx->rngctx);
if (!pk) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL");
goto failed1;
}
ret = SSL_use_PrivateKey(ssl, pk);
if (!ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_PrivateKey() return %d", ret);
goto failed2;
}
return 1;
failed2:
EVP_PKEY_free(pk);
failed1:
return 0;
}
/**
* @brief load the private key file into SSL context
*/
int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
return 0;
}
/**
* @brief load the private key file into SSL
*/
int SSL_use_PrivateKey_file(SSL_CTX *ctx, const char *file, int type)
{
return 0;
}
/**
* @brief load the RSA ASN1 private key into SSL context
*/
int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, const unsigned char *d, long len)
{
return SSL_CTX_use_PrivateKey_ASN1(0, ctx, d, len);
}

76
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_stack.c Normal file
View File

@ -0,0 +1,76 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "private-lib-core.h"
#include "ssl_stack.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
#ifndef CONFIG_MIN_NODES
#define MIN_NODES 4
#else
#define MIN_NODES CONFIG_MIN_NODES
#endif
/**
* @brief create a openssl stack object
*/
OPENSSL_STACK* OPENSSL_sk_new(OPENSSL_sk_compfunc c)
{
OPENSSL_STACK *stack;
char **data;
stack = ssl_mem_zalloc(sizeof(OPENSSL_STACK));
if (!stack) {
SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (stack)");
goto no_mem1;
}
data = ssl_mem_zalloc(sizeof(*data) * MIN_NODES);
if (!data) {
SSL_DEBUG(SSL_STACK_ERROR_LEVEL, "no enough memory > (data)");
goto no_mem2;
}
stack->data = data;
stack->num_alloc = MIN_NODES;
stack->c = c;
return stack;
no_mem2:
ssl_mem_free(stack);
no_mem1:
return NULL;
}
/**
* @brief create a NULL function openssl stack object
*/
OPENSSL_STACK *OPENSSL_sk_new_null(void)
{
return OPENSSL_sk_new((OPENSSL_sk_compfunc)NULL);
}
/**
* @brief free openssl stack object
*/
void OPENSSL_sk_free(OPENSSL_STACK *stack)
{
SSL_ASSERT3(stack);
ssl_mem_free(stack->data);
ssl_mem_free(stack);
}

349
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/library/ssl_x509.c Normal file
View File

@ -0,0 +1,349 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "private-lib-core.h"
#include "ssl_x509.h"
#include "ssl_methods.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
#include <assert.h>
/**
* @brief show X509 certification information
*/
int __X509_show_info(X509 *x)
{
return X509_METHOD_CALL(show_info, x);
}
/**
* @brief create a X509 certification object according to input X509 certification
*/
X509* __X509_new(X509 *ix)
{
int ret;
X509 *x;
x = ssl_mem_zalloc(sizeof(X509));
if (!x) {
SSL_DEBUG(SSL_X509_ERROR_LEVEL, "no enough memory > (x)");
goto no_mem;
}
if (ix)
x->method = ix->method;
else
x->method = X509_method();
ret = X509_METHOD_CALL(new, x, ix);
if (ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(new) return %d", ret);
goto failed;
}
return x;
failed:
ssl_mem_free(x);
no_mem:
return NULL;
}
/**
* @brief create a X509 certification object
*/
X509* X509_new(void)
{
return __X509_new(NULL);
}
/**
* @brief free a X509 certification object
*/
void X509_free(X509 *x)
{
SSL_ASSERT3(x);
X509_METHOD_CALL(free, x);
ssl_mem_free(x);
};
/**
* @brief load a character certification context into system context. If '*cert' is pointed to the
* certification, then load certification into it. Or create a new X509 certification object
*/
X509* d2i_X509(X509 **cert, const unsigned char **buffer, long len)
{
int m = 0;
int ret;
X509 *x;
SSL_ASSERT2(buffer);
SSL_ASSERT2(len);
if (cert && *cert) {
x = *cert;
} else {
x = X509_new();
if (!x) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_new() return NULL");
goto failed1;
}
m = 1;
}
ret = X509_METHOD_CALL(load, x, *buffer, (int)len);
if (ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "X509_METHOD_CALL(load) return %d", ret);
goto failed2;
}
return x;
failed2:
if (m)
X509_free(x);
failed1:
return NULL;
}
/**
* @brief return SSL X509 verify parameters
*/
X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
{
return &ssl->param;
}
/**
* @brief set X509 host verification flags
*/
int X509_VERIFY_PARAM_set_hostflags(X509_VERIFY_PARAM *param,
unsigned long flags)
{
/* flags not supported yet */
return 0;
}
/**
* @brief clear X509 host verification flags
*/
int X509_VERIFY_PARAM_clear_hostflags(X509_VERIFY_PARAM *param,
unsigned long flags)
{
/* flags not supported yet */
return 0;
}
/**
* @brief set SSL context client CA certification
*/
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
{
SSL_ASSERT1(ctx);
SSL_ASSERT1(x);
assert(ctx);
if (ctx->client_CA == x)
return 1;
X509_free(ctx->client_CA);
ctx->client_CA = x;
return 1;
}
/**
* @brief add CA client certification into the SSL
*/
int SSL_CTX_add_client_CA_ASN1(SSL_CTX *ctx, int len,
const unsigned char *d)
{
SSL_ASSERT1(ctx);
if (!d2i_X509(&ctx->client_CA, &d, len)) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL");
return 0;
}
return 1;
}
/**
* @brief add CA client certification into the SSL
*/
int SSL_add_client_CA(SSL *ssl, X509 *x)
{
SSL_ASSERT1(ssl);
SSL_ASSERT1(x);
if (ssl->client_CA == x)
return 1;
X509_free(ssl->client_CA);
ssl->client_CA = x;
return 1;
}
/**
* @brief set the SSL context certification
*/
int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
{
SSL_ASSERT1(ctx);
SSL_ASSERT1(x);
if (ctx->cert->x509 == x)
return 1;
X509_free(ctx->cert->x509);
ctx->cert->x509 = x;
return 1;
}
/**
* @brief set the SSL certification
*/
int SSL_use_certificate(SSL *ssl, X509 *x)
{
SSL_ASSERT1(ssl);
SSL_ASSERT1(x);
if (ssl->cert->x509 == x)
return 1;
X509_free(ssl->cert->x509);
ssl->cert->x509 = x;
return 1;
}
/**
* @brief get the SSL certification point
*/
X509 *SSL_get_certificate(const SSL *ssl)
{
SSL_ASSERT2(ssl);
return ssl->cert->x509;
}
/**
* @brief load certification into the SSL context
*/
int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
const unsigned char *d)
{
int ret;
X509 *x;
x = d2i_X509(NULL, &d, len);
if (!x) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL");
goto failed1;
}
ret = SSL_CTX_use_certificate(ctx, x);
if (!ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_CTX_use_certificate() return %d", ret);
goto failed2;
}
return 1;
failed2:
X509_free(x);
failed1:
return 0;
}
/**
* @brief load certification into the SSL
*/
int SSL_use_certificate_ASN1(SSL *ssl, const unsigned char *d, int len)
{
int ret;
X509 *x;
x = d2i_X509(NULL, &d, len);
if (!x) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_X509() return NULL");
goto failed1;
}
ret = SSL_use_certificate(ssl, x);
if (!ret) {
SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "SSL_use_certificate() return %d", ret);
goto failed2;
}
return 1;
failed2:
X509_free(x);
failed1:
return 0;
}
/**
* @brief load the certification file into SSL context
*/
int SSL_CTX_use_certificate_file(SSL_CTX *ctx, const char *file, int type)
{
return 0;
}
/**
* @brief load the certification file into SSL
*/
int SSL_use_certificate_file(SSL *ssl, const char *file, int type)
{
return 0;
}
/**
* @brief get peer certification
*/
X509 *SSL_get_peer_certificate(const SSL *ssl)
{
SSL_ASSERT2(ssl);
return ssl->session->peer;
}
int X509_STORE_CTX_get_error(X509_STORE_CTX *ctx)
{
return X509_V_ERR_UNSPECIFIED;
}
int X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx)
{
return 0;
}
const char *X509_verify_cert_error_string(long n)
{
return "unknown";
}

1008
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/platform/ssl_pm.c Executable file
View File

File diff suppressed because it is too large Load Diff

29
Kinc/Sources/kinc/libs/core/tls/mbedtls/wrapper/platform/ssl_port.c Normal file
View File

@ -0,0 +1,29 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_port.h"
/*********************************************************************************************/
/********************************* SSL general interface *************************************/
void *ssl_mem_zalloc(size_t size)
{
void *p = malloc(size);
if (p)
memset(p, 0, size);
return p;
}

412
Kinc/Sources/kinc/libs/core/tls/openssl/lws-genaes.c Normal file
View File

@ -0,0 +1,412 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genaes provides an AES abstraction api in lws that works the
* same whether you are using openssl or mbedtls hash functions underneath.
*/
#include "private-lib-core.h"
#if defined(LWS_WITH_JOSE)
#include "private-lib-jose.h"
#endif
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
int
lws_genaes_create(struct lws_genaes_ctx *ctx, enum enum_aes_operation op,
enum enum_aes_modes mode, struct lws_gencrypto_keyelem *el,
enum enum_aes_padding padding, void *engine)
{
int n = 0;
ctx->ctx = EVP_CIPHER_CTX_new();
if (!ctx->ctx)
return -1;
ctx->mode = mode;
ctx->k = el;
ctx->engine = engine;
ctx->init = 0;
ctx->op = op;
ctx->padding = padding;
switch (ctx->k->len) {
case 128 / 8:
switch (mode) {
case LWS_GAESM_KW:
#if defined(LWS_HAVE_EVP_aes_128_wrap)
EVP_CIPHER_CTX_set_flags(ctx->ctx,
EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
ctx->cipher = EVP_aes_128_wrap();
break;
#else
lwsl_err("%s: your OpenSSL lacks AES wrap apis, update it\n",
__func__);
return -1;
#endif
case LWS_GAESM_CBC:
ctx->cipher = EVP_aes_128_cbc();
break;
#if defined(LWS_HAVE_EVP_aes_128_cfb128)
case LWS_GAESM_CFB128:
ctx->cipher = EVP_aes_128_cfb128();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_cfb8)
case LWS_GAESM_CFB8:
ctx->cipher = EVP_aes_128_cfb8();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ctr)
case LWS_GAESM_CTR:
ctx->cipher = EVP_aes_128_ctr();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ecb)
case LWS_GAESM_ECB:
ctx->cipher = EVP_aes_128_ecb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ofb)
case LWS_GAESM_OFB:
ctx->cipher = EVP_aes_128_ofb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_xts)
case LWS_GAESM_XTS:
lwsl_err("%s: AES XTS requires double-length key\n",
__func__);
break;
#endif
case LWS_GAESM_GCM:
ctx->cipher = EVP_aes_128_gcm();
break;
default:
goto bail;
}
break;
case 192 / 8:
switch (mode) {
case LWS_GAESM_KW:
#if defined(LWS_HAVE_EVP_aes_128_wrap)
EVP_CIPHER_CTX_set_flags(ctx->ctx,
EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
ctx->cipher = EVP_aes_192_wrap();
break;
#else
lwsl_err("%s: your OpenSSL lacks AES wrap apis, update it\n",
__func__);
return -1;
#endif
case LWS_GAESM_CBC:
ctx->cipher = EVP_aes_192_cbc();
break;
#if defined(LWS_HAVE_EVP_aes_192_cfb128)
case LWS_GAESM_CFB128:
ctx->cipher = EVP_aes_192_cfb128();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_192_cfb8)
case LWS_GAESM_CFB8:
ctx->cipher = EVP_aes_192_cfb8();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ctr)
case LWS_GAESM_CTR:
ctx->cipher = EVP_aes_192_ctr();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ecb)
case LWS_GAESM_ECB:
ctx->cipher = EVP_aes_192_ecb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ofb)
case LWS_GAESM_OFB:
ctx->cipher = EVP_aes_192_ofb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_xts)
case LWS_GAESM_XTS:
lwsl_err("%s: AES XTS 192 invalid\n", __func__);
goto bail;
#endif
case LWS_GAESM_GCM:
ctx->cipher = EVP_aes_192_gcm();
break;
default:
goto bail;
}
break;
case 256 / 8:
switch (mode) {
case LWS_GAESM_KW:
#if defined(LWS_HAVE_EVP_aes_128_wrap)
EVP_CIPHER_CTX_set_flags(ctx->ctx,
EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
ctx->cipher = EVP_aes_256_wrap();
break;
#else
lwsl_err("%s: your OpenSSL lacks AES wrap apis, update it\n",
__func__);
return -1;
#endif
case LWS_GAESM_CBC:
ctx->cipher = EVP_aes_256_cbc();
break;
#if defined(LWS_HAVE_EVP_aes_256_cfb128)
case LWS_GAESM_CFB128:
ctx->cipher = EVP_aes_256_cfb128();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_256_cfb8)
case LWS_GAESM_CFB8:
ctx->cipher = EVP_aes_256_cfb8();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ctr)
case LWS_GAESM_CTR:
ctx->cipher = EVP_aes_256_ctr();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ecb)
case LWS_GAESM_ECB:
ctx->cipher = EVP_aes_256_ecb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_ofb)
case LWS_GAESM_OFB:
ctx->cipher = EVP_aes_256_ofb();
break;
#endif
#if defined(LWS_HAVE_EVP_aes_128_xts)
case LWS_GAESM_XTS:
ctx->cipher = EVP_aes_128_xts();
break;
#endif
case LWS_GAESM_GCM:
ctx->cipher = EVP_aes_256_gcm();
break;
default:
goto bail;
}
break;
case 512 / 8:
switch (mode) {
#if defined(LWS_HAVE_EVP_aes_128_xts)
case LWS_GAESM_XTS:
ctx->cipher = EVP_aes_256_xts();
#endif
break;
default:
goto bail;
}
break;
default:
lwsl_err("%s: unsupported AES size %d bits\n", __func__,
ctx->k->len * 8);
goto bail;
}
switch (ctx->op) {
case LWS_GAESO_ENC:
n = EVP_EncryptInit_ex(ctx->ctx, ctx->cipher, ctx->engine,
NULL, NULL);
EVP_CIPHER_CTX_set_padding(ctx->ctx, (int)padding);
break;
case LWS_GAESO_DEC:
n = EVP_DecryptInit_ex(ctx->ctx, ctx->cipher, ctx->engine,
NULL, NULL);
EVP_CIPHER_CTX_set_padding(ctx->ctx, (int)padding);
break;
}
if (!n) {
lwsl_err("%s: cipher init failed (cipher %p)\n", __func__,
ctx->cipher);
lws_tls_err_describe_clear();
goto bail;
}
return 0;
bail:
EVP_CIPHER_CTX_free(ctx->ctx);
ctx->ctx = NULL;
return -1;
}
int
lws_genaes_destroy(struct lws_genaes_ctx *ctx, unsigned char *tag, size_t tlen)
{
uint8_t buf[256];
int outl = sizeof(buf), n = 0;
if (!ctx->ctx)
return 0;
if (ctx->init) {
switch (ctx->op) {
case LWS_GAESO_ENC:
if (EVP_EncryptFinal_ex(ctx->ctx, buf, &outl) != 1) {
lwsl_err("%s: enc final failed\n", __func__);
n = -1;
}
if (ctx->mode == LWS_GAESM_GCM) {
if (EVP_CIPHER_CTX_ctrl(ctx->ctx,
EVP_CTRL_GCM_GET_TAG,
ctx->taglen, tag) != 1) {
lwsl_err("get tag ctrl failed\n");
//lws_tls_err_describe_clear();
n = 1;
}
}
if (ctx->mode == LWS_GAESM_CBC)
memcpy(tag, buf, (unsigned int)outl);
break;
case LWS_GAESO_DEC:
if (EVP_DecryptFinal_ex(ctx->ctx, buf, &outl) != 1) {
lwsl_err("%s: dec final failed\n", __func__);
lws_tls_err_describe_clear();
n = -1;
}
break;
}
if (outl)
lwsl_debug("%s: final len %d\n", __func__, outl);
}
ctx->k = NULL;
EVP_CIPHER_CTX_free(ctx->ctx);
ctx->ctx = NULL;
return n;
}
int
lws_genaes_crypt(struct lws_genaes_ctx *ctx,
const uint8_t *in, size_t len, uint8_t *out,
uint8_t *iv_or_nonce_ctr_or_data_unit_16,
uint8_t *stream_block_16, size_t *nc_or_iv_off, int taglen)
{
int n = 0, outl, olen;
if (!ctx->init) {
EVP_CIPHER_CTX_set_key_length(ctx->ctx, (int)ctx->k->len);
if (ctx->mode == LWS_GAESM_GCM) {
n = EVP_CIPHER_CTX_ctrl(ctx->ctx, EVP_CTRL_GCM_SET_IVLEN,
(int)*nc_or_iv_off, NULL);
if (n != 1) {
lwsl_err("%s: SET_IVLEN failed\n", __func__);
return -1;
}
memcpy(ctx->tag, stream_block_16, (unsigned int)taglen);
ctx->taglen = taglen;
}
switch (ctx->op) {
case LWS_GAESO_ENC:
n = EVP_EncryptInit_ex(ctx->ctx, NULL, NULL,
ctx->k->buf,
iv_or_nonce_ctr_or_data_unit_16);
break;
case LWS_GAESO_DEC:
if (ctx->mode == LWS_GAESM_GCM)
EVP_CIPHER_CTX_ctrl(ctx->ctx,
EVP_CTRL_GCM_SET_TAG,
ctx->taglen, ctx->tag);
n = EVP_DecryptInit_ex(ctx->ctx, NULL, NULL,
ctx->k->buf,
iv_or_nonce_ctr_or_data_unit_16);
break;
}
if (!n) {
lws_tls_err_describe_clear();
lwsl_err("%s: init failed (cipher %p)\n",
__func__, ctx->cipher);
return -1;
}
ctx->init = 1;
}
if (ctx->mode == LWS_GAESM_GCM && !out) {
/* AAD */
if (!len)
return 0;
switch (ctx->op) {
case LWS_GAESO_ENC:
n = EVP_EncryptUpdate(ctx->ctx, NULL, &olen, in, (int)len);
break;
case LWS_GAESO_DEC:
n = EVP_DecryptUpdate(ctx->ctx, NULL, &olen, in, (int)len);
break;
default:
return -1;
}
if (n != 1) {
lwsl_err("%s: set AAD failed\n", __func__);
lws_tls_err_describe_clear();
lwsl_hexdump_err(in, len);
return -1;
}
return 0;
}
switch (ctx->op) {
case LWS_GAESO_ENC:
n = EVP_EncryptUpdate(ctx->ctx, out, &outl, in, (int)len);
break;
case LWS_GAESO_DEC:
n = EVP_DecryptUpdate(ctx->ctx, out, &outl, in, (int)len);
break;
default:
return -1;
}
// lwsl_notice("discarding outl %d\n", (int)outl);
if (!n) {
lwsl_notice("%s: update failed\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return 0;
}

89
Kinc/Sources/kinc/libs/core/tls/openssl/lws-gencrypto.c Normal file
View File

@ -0,0 +1,89 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws-gencrypto openssl-specific common code
*/
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
int
lws_gencrypto_openssl_hash_to_NID(enum lws_genhash_types hash_type)
{
int h = -1;
switch (hash_type) {
case LWS_GENHASH_TYPE_UNKNOWN:
break;
case LWS_GENHASH_TYPE_MD5:
h = NID_md5;
break;
case LWS_GENHASH_TYPE_SHA1:
h = NID_sha1;
break;
case LWS_GENHASH_TYPE_SHA256:
h = NID_sha256;
break;
case LWS_GENHASH_TYPE_SHA384:
h = NID_sha384;
break;
case LWS_GENHASH_TYPE_SHA512:
h = NID_sha512;
break;
}
return h;
}
const EVP_MD *
lws_gencrypto_openssl_hash_to_EVP_MD(enum lws_genhash_types hash_type)
{
const EVP_MD *h = NULL;
switch (hash_type) {
case LWS_GENHASH_TYPE_UNKNOWN:
break;
case LWS_GENHASH_TYPE_MD5:
h = EVP_md5();
break;
case LWS_GENHASH_TYPE_SHA1:
h = EVP_sha1();
break;
case LWS_GENHASH_TYPE_SHA256:
h = EVP_sha256();
break;
case LWS_GENHASH_TYPE_SHA384:
h = EVP_sha384();
break;
case LWS_GENHASH_TYPE_SHA512:
h = EVP_sha512();
break;
}
return h;
}

715
Kinc/Sources/kinc/libs/core/tls/openssl/lws-genec.c Normal file
View File

@ -0,0 +1,715 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genec provides an EC abstraction api in lws that works the
* same whether you are using openssl or mbedtls crypto functions underneath.
*/
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
#if !defined(OPENSSL_NO_EC) && defined(LWS_HAVE_EC_KEY_new_by_curve_name) && \
(OPENSSL_VERSION_NUMBER >= 0x30000000l) && \
!defined(LWS_SUPPRESS_DEPRECATED_API_WARNINGS)
/* msvc doesn't have #warning... */
#error "You probably need LWS_SUPPRESS_DEPRECATED_API_WARNINGS"
#endif
#if defined(USE_WOLFSSL)
#include "openssl/ecdh.h"
#endif
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
#if defined(USE_WOLFSSL)
EVP_PKEY * EVP_PKEY_CTX_get0_pkey(EVP_PKEY_CTX *p)
{
return p->pkey;
}
#endif
#if !defined(LWS_HAVE_ECDSA_SIG_set0)
static void
ECDSA_SIG_get0(const ECDSA_SIG *sig, const BIGNUM **pr, const BIGNUM **ps)
{
if (pr != NULL)
*pr = sig->r;
if (ps != NULL)
*ps = sig->s;
}
static int
ECDSA_SIG_set0(ECDSA_SIG *sig, BIGNUM *r, BIGNUM *s)
{
if (r == NULL || s == NULL)
return 0;
BN_clear_free(sig->r);
BN_clear_free(sig->s);
sig->r = r;
sig->s = s;
return 1;
}
#endif
#if !defined(LWS_HAVE_BN_bn2binpad)
int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen)
{
int i;
#if !defined(USE_WOLFSSL)
BN_ULONG l;
#endif
#if !defined(LIBRESSL_VERSION_NUMBER) && !defined(USE_WOLFSSL)
bn_check_top(a);
#endif
i = BN_num_bytes(a);
/* Add leading zeroes if necessary */
if (tolen > i) {
memset(to, 0, (size_t)(tolen - i));
to += tolen - i;
}
#if defined(USE_WOLFSSL)
BN_bn2bin(a, to);
#else
while (i--) {
l = a->d[i / BN_BYTES];
*(to++) = (unsigned char)(l >> (8 * (i % BN_BYTES))) & 0xff;
}
#endif
return tolen;
}
#endif
const struct lws_ec_curves lws_ec_curves[4] = {
/*
* These are the curves we are willing to use by default...
*
* The 3 recommended+ (P-256) and optional curves in RFC7518 7.6
*
* Specific keys lengths from RFC8422 p20
*/
{ "P-256", NID_X9_62_prime256v1, 32 },
{ "P-384", NID_secp384r1, 48 },
{ "P-521", NID_secp521r1, 66 },
{ NULL, 0, 0 }
};
static int
lws_genec_eckey_import(int nid, EVP_PKEY *pkey,
const struct lws_gencrypto_keyelem *el)
{
EC_KEY *ec = EC_KEY_new_by_curve_name(nid);
BIGNUM *bn_d, *bn_x, *bn_y;
int n;
if (!ec)
return -1;
/*
* EC_KEY contains
*
* EC_GROUP * group
* EC_POINT * pub_key
* BIGNUM * priv_key (ie, d)
*/
bn_x = BN_bin2bn(el[LWS_GENCRYPTO_EC_KEYEL_X].buf,
(int)el[LWS_GENCRYPTO_EC_KEYEL_X].len, NULL);
if (!bn_x) {
lwsl_err("%s: BN_bin2bn (x) fail\n", __func__);
goto bail;
}
bn_y = BN_bin2bn(el[LWS_GENCRYPTO_EC_KEYEL_Y].buf,
(int)el[LWS_GENCRYPTO_EC_KEYEL_Y].len, NULL);
if (!bn_y) {
lwsl_err("%s: BN_bin2bn (y) fail\n", __func__);
goto bail1;
}
/*
* EC_KEY_set_public_key_affine_coordinates sets the public key for
* key based on its affine co-ordinates, i.e. it constructs an
* EC_POINT object based on the supplied x and y values and sets
* the public key to be this EC_POINT. It will also performs
* certain sanity checks on the key to confirm that it is valid.
*/
#if defined(USE_WOLFSSL)
n = wolfSSL_EC_POINT_set_affine_coordinates_GFp(ec->group,
ec->pub_key,
bn_x, bn_y,
NULL);
#else
n = EC_KEY_set_public_key_affine_coordinates(ec, bn_x, bn_y);
#endif
BN_free(bn_x);
BN_free(bn_y);
if (n != 1) {
lwsl_err("%s: EC_KEY_set_public_key_affine_coordinates fail:\n",
__func__);
lws_tls_err_describe_clear();
goto bail;
}
if (el[LWS_GENCRYPTO_EC_KEYEL_D].len) {
bn_d = BN_bin2bn(el[LWS_GENCRYPTO_EC_KEYEL_D].buf,
(int)el[LWS_GENCRYPTO_EC_KEYEL_D].len, NULL);
if (!bn_d) {
lwsl_err("%s: BN_bin2bn (d) fail\n", __func__);
goto bail;
}
n = EC_KEY_set_private_key(ec, bn_d);
BN_clear_free(bn_d);
if (n != 1) {
lwsl_err("%s: EC_KEY_set_private_key fail\n", __func__);
goto bail;
}
}
/* explicitly confirm the key pieces are consistent */
#if !defined(USE_WOLFSSL)
if (EC_KEY_check_key(ec) != 1) {
lwsl_err("%s: EC_KEY_set_private_key fail\n", __func__);
goto bail;
}
#endif
n = EVP_PKEY_assign_EC_KEY(pkey, ec);
if (n != 1) {
lwsl_err("%s: EVP_PKEY_set1_EC_KEY failed\n", __func__);
return -1;
}
return 0;
bail1:
BN_free(bn_x);
bail:
EC_KEY_free(ec);
return -1;
}
static int
lws_genec_keypair_import(struct lws_genec_ctx *ctx,
const struct lws_ec_curves *curve_table,
EVP_PKEY_CTX **pctx,
const struct lws_gencrypto_keyelem *el)
{
EVP_PKEY *pkey = NULL;
const struct lws_ec_curves *curve;
if (el[LWS_GENCRYPTO_EC_KEYEL_CRV].len < 4)
return -2;
curve = lws_genec_curve(curve_table,
(char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf);
if (!curve)
return -3;
if ((el[LWS_GENCRYPTO_EC_KEYEL_D].len &&
el[LWS_GENCRYPTO_EC_KEYEL_D].len != curve->key_bytes) ||
el[LWS_GENCRYPTO_EC_KEYEL_X].len != curve->key_bytes ||
el[LWS_GENCRYPTO_EC_KEYEL_Y].len != curve->key_bytes)
return -4;
ctx->has_private = !!el[LWS_GENCRYPTO_EC_KEYEL_D].len;
pkey = EVP_PKEY_new();
if (!pkey)
return -7;
if (lws_genec_eckey_import(curve->tls_lib_nid, pkey, el)) {
lwsl_err("%s: lws_genec_eckey_import fail\n", __func__);
goto bail;
}
*pctx = EVP_PKEY_CTX_new(pkey, NULL);
EVP_PKEY_free(pkey);
pkey = NULL;
if (!*pctx)
goto bail;
return 0;
bail:
if (pkey)
EVP_PKEY_free(pkey);
if (*pctx) {
EVP_PKEY_CTX_free(*pctx);
*pctx = NULL;
}
return -9;
}
int
lws_genecdh_create(struct lws_genec_ctx *ctx, struct lws_context *context,
const struct lws_ec_curves *curve_table)
{
ctx->context = context;
ctx->ctx[0] = NULL;
ctx->ctx[1] = NULL;
ctx->curve_table = curve_table;
ctx->genec_alg = LEGENEC_ECDH;
return 0;
}
int
lws_genecdsa_create(struct lws_genec_ctx *ctx, struct lws_context *context,
const struct lws_ec_curves *curve_table)
{
ctx->context = context;
ctx->ctx[0] = NULL;
ctx->ctx[1] = NULL;
ctx->curve_table = curve_table;
ctx->genec_alg = LEGENEC_ECDSA;
return 0;
}
int
lws_genecdh_set_key(struct lws_genec_ctx *ctx, struct lws_gencrypto_keyelem *el,
enum enum_lws_dh_side side)
{
if (ctx->genec_alg != LEGENEC_ECDH)
return -1;
return lws_genec_keypair_import(ctx, ctx->curve_table, &ctx->ctx[side], el);
}
int
lws_genecdsa_set_key(struct lws_genec_ctx *ctx,
const struct lws_gencrypto_keyelem *el)
{
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
return lws_genec_keypair_import(ctx, ctx->curve_table, &ctx->ctx[0], el);
}
static void
lws_genec_keypair_destroy(EVP_PKEY_CTX **pctx)
{
if (!*pctx)
return;
// lwsl_err("%p\n", EVP_PKEY_get1_EC_KEY(EVP_PKEY_CTX_get0_pkey(*pctx)));
// EC_KEY_free(EVP_PKEY_get1_EC_KEY(EVP_PKEY_CTX_get0_pkey(*pctx)));
EVP_PKEY_CTX_free(*pctx);
*pctx = NULL;
}
void
lws_genec_destroy(struct lws_genec_ctx *ctx)
{
if (ctx->ctx[0])
lws_genec_keypair_destroy(&ctx->ctx[0]);
if (ctx->ctx[1])
lws_genec_keypair_destroy(&ctx->ctx[1]);
}
static int
lws_genec_new_keypair(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side,
const char *curve_name, struct lws_gencrypto_keyelem *el)
{
const struct lws_ec_curves *curve;
const EC_POINT *pubkey;
EVP_PKEY *pkey = NULL;
int ret = -29, n, m;
BIGNUM *bn[3];
EC_KEY *ec;
curve = lws_genec_curve(ctx->curve_table, curve_name);
if (!curve) {
lwsl_err("%s: curve '%s' not supported\n",
__func__, curve_name);
return -22;
}
ec = EC_KEY_new_by_curve_name(curve->tls_lib_nid);
if (!ec) {
lwsl_err("%s: unknown nid %d\n", __func__, curve->tls_lib_nid);
return -23;
}
if (EC_KEY_generate_key(ec) != 1) {
lwsl_err("%s: EC_KEY_generate_key failed\n", __func__);
goto bail;
}
pkey = EVP_PKEY_new();
if (!pkey)
goto bail;
if (EVP_PKEY_set1_EC_KEY(pkey, ec) != 1) {
lwsl_err("%s: EVP_PKEY_assign_EC_KEY failed\n", __func__);
goto bail1;
}
ctx->ctx[side] = EVP_PKEY_CTX_new(pkey, NULL);
if (!ctx->ctx[side]) {
lwsl_err("%s: EVP_PKEY_CTX_new failed\n", __func__);
goto bail1;
}
/*
* we need to capture the individual element BIGNUMs into
* lws_gencrypto_keyelem, so they can be serialized, used in jwk etc
*/
pubkey = EC_KEY_get0_public_key(ec);
if (!pubkey) {
lwsl_err("%s: EC_KEY_get0_public_key failed\n", __func__);
goto bail1;
}
bn[0] = BN_new();
bn[1] = (BIGNUM *)EC_KEY_get0_private_key(ec);
bn[2] = BN_new();
#if defined(LWS_HAVE_EC_POINT_get_affine_coordinates)
if (EC_POINT_get_affine_coordinates(EC_KEY_get0_group(ec),
#else
if (EC_POINT_get_affine_coordinates_GFp(EC_KEY_get0_group(ec),
#endif
pubkey, bn[0], bn[2], NULL) != 1) {
lwsl_err("%s: EC_POINT_get_affine_coordinates_GFp failed\n",
__func__);
goto bail2;
}
el[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)strlen(curve_name) + 1;
el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf =
lws_malloc(el[LWS_GENCRYPTO_EC_KEYEL_CRV].len, "ec");
if (!el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf) {
lwsl_err("%s: OOM\n", __func__);
goto bail2;
}
strcpy((char *)el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf, curve_name);
for (n = LWS_GENCRYPTO_EC_KEYEL_X; n < LWS_GENCRYPTO_EC_KEYEL_COUNT;
n++) {
el[n].len = curve->key_bytes;
el[n].buf = lws_malloc(curve->key_bytes, "ec");
if (!el[n].buf)
goto bail2;
m = BN_bn2binpad(bn[n - 1], el[n].buf, (int32_t)el[n].len);
if ((uint32_t)m != el[n].len)
goto bail2;
}
ctx->has_private = 1;
ret = 0;
bail2:
BN_clear_free(bn[0]);
BN_clear_free(bn[2]);
bail1:
EVP_PKEY_free(pkey);
bail:
EC_KEY_free(ec);
return ret;
}
int
lws_genecdh_new_keypair(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side,
const char *curve_name,
struct lws_gencrypto_keyelem *el)
{
if (ctx->genec_alg != LEGENEC_ECDH)
return -1;
return lws_genec_new_keypair(ctx, side, curve_name, el);
}
int
lws_genecdsa_new_keypair(struct lws_genec_ctx *ctx, const char *curve_name,
struct lws_gencrypto_keyelem *el)
{
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
return lws_genec_new_keypair(ctx, LDHS_OURS, curve_name, el);
}
#if 0
int
lws_genecdsa_hash_sign(struct lws_genec_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type,
uint8_t *sig, size_t sig_len)
{
const EVP_MD *md = lws_gencrypto_openssl_hash_to_EVP_MD(hash_type);
EVP_MD_CTX *mdctx = NULL;
if (ctx->genec_alg != LEGENEC_ECDSA)
return -1;
if (!md)
return -1;
mdctx = EVP_MD_CTX_create();
if (!mdctx)
goto bail;
if (EVP_DigestSignInit(mdctx, NULL, md, NULL,
EVP_PKEY_CTX_get0_pkey(ctx->ctx))) {
lwsl_err("%s: EVP_DigestSignInit failed\n", __func__);
goto bail;
}
if (EVP_DigestSignUpdate(mdctx, in, EVP_MD_size(md))) {
lwsl_err("%s: EVP_DigestSignUpdate failed\n", __func__);
goto bail;
}
if (EVP_DigestSignFinal(mdctx, sig, &sig_len)) {
lwsl_err("%s: EVP_DigestSignFinal failed\n", __func__);
goto bail;
}
EVP_MD_CTX_free(mdctx);
return (int)sig_len;
bail:
if (mdctx)
EVP_MD_CTX_free(mdctx);
return -1;
}
#endif
int
lws_genecdsa_hash_sign_jws(struct lws_genec_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, int keybits,
uint8_t *sig, size_t sig_len)
{
int ret = -1, n, keybytes = lws_gencrypto_bits_to_bytes(keybits);
size_t hs = lws_genhash_size(hash_type);
const BIGNUM *r = NULL, *s = NULL;
ECDSA_SIG *ecdsasig;
EC_KEY *eckey;
if (ctx->genec_alg != LEGENEC_ECDSA) {
lwsl_notice("%s: ctx alg %d\n", __func__, ctx->genec_alg);
return -1;
}
if (!ctx->has_private)
return -1;
if ((int)sig_len != (int)(keybytes * 2)) {
lwsl_notice("%s: sig buff %d < %d\n", __func__,
(int)sig_len, (int)(hs * 2));
return -1;
}
eckey = EVP_PKEY_get1_EC_KEY(EVP_PKEY_CTX_get0_pkey(ctx->ctx[0]));
/*
* The ECDSA P-256 SHA-256 digital signature is generated as follows:
*
* 1. Generate a digital signature of the JWS Signing Input using ECDSA
* P-256 SHA-256 with the desired private key. The output will be
* the pair (R, S), where R and S are 256-bit unsigned integers.
*
* 2. Turn R and S into octet sequences in big-endian order, with each
* array being be 32 octets long. The octet sequence
* representations MUST NOT be shortened to omit any leading zero
* octets contained in the values.
*
* 3. Concatenate the two octet sequences in the order R and then S.
* (Note that many ECDSA implementations will directly produce this
* concatenation as their output.)
*
* 4. The resulting 64-octet sequence is the JWS Signature value.
*/
ecdsasig = ECDSA_do_sign(in, (int)hs, eckey);
EC_KEY_free(eckey);
if (!ecdsasig) {
lwsl_notice("%s: ECDSA_do_sign fail\n", __func__);
goto bail;
}
ECDSA_SIG_get0(ecdsasig, &r, &s);
/*
* in the 521-bit case, we have to pad the last byte as it only
* generates 65 bytes
*/
n = BN_bn2binpad(r, sig, keybytes);
if (n != keybytes) {
lwsl_notice("%s: bignum r fail %d %d\n", __func__, n, keybytes);
goto bail;
}
n = BN_bn2binpad(s, sig + keybytes, keybytes);
if (n != keybytes) {
lwsl_notice("%s: bignum s fail %d %d\n", __func__, n, keybytes);
goto bail;
}
ret = 0;
bail:
if (ecdsasig)
ECDSA_SIG_free(ecdsasig);
return ret;
}
/* in is the JWS Signing Input hash */
int
lws_genecdsa_hash_sig_verify_jws(struct lws_genec_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, int keybits,
const uint8_t *sig, size_t sig_len)
{
int ret = -1, n, hlen = (int)lws_genhash_size(hash_type),
keybytes = lws_gencrypto_bits_to_bytes(keybits);
ECDSA_SIG *ecsig = ECDSA_SIG_new();
BIGNUM *r = NULL, *s = NULL;
EC_KEY *eckey;
if (!ecsig)
return -1;
if (ctx->genec_alg != LEGENEC_ECDSA)
goto bail;
if ((int)sig_len != keybytes * 2) {
lwsl_err("%s: sig buf size %d vs %d\n", __func__,
(int)sig_len, keybytes * 2);
goto bail;
}
/*
* 1. The JWS Signature value MUST be a 64-octet sequence. If it is
* not a 64-octet sequence, the validation has failed.
*
* 2. Split the 64-octet sequence into two 32-octet sequences. The
* first octet sequence represents R and the second S. The values R
* and S are represented as octet sequences using the Integer-to-
* OctetString Conversion defined in Section 2.3.7 of SEC1 [SEC1]
* (in big-endian octet order).
*
* 3. Submit the JWS Signing Input, R, S, and the public key (x, y) to
* the ECDSA P-256 SHA-256 validator.
*/
r = BN_bin2bn(sig, keybytes, NULL);
if (!r) {
lwsl_err("%s: BN_bin2bn (r) fail\n", __func__);
goto bail;
}
s = BN_bin2bn(sig + keybytes, keybytes, NULL);
if (!s) {
lwsl_err("%s: BN_bin2bn (s) fail\n", __func__);
goto bail1;
}
if (ECDSA_SIG_set0(ecsig, r, s) != 1) {
lwsl_err("%s: ECDSA_SIG_set0 fail\n", __func__);
goto bail1;
}
eckey = EVP_PKEY_get1_EC_KEY(EVP_PKEY_CTX_get0_pkey(ctx->ctx[0]));
n = ECDSA_do_verify(in, hlen, ecsig, eckey);
EC_KEY_free(eckey);
if (n != 1) {
lwsl_err("%s: ECDSA_do_verify fail, hlen %d\n", __func__, (int)hlen);
lws_tls_err_describe_clear();
goto bail;
}
ret = 0;
goto bail;
bail1:
if (r)
BN_free(r);
if (s)
BN_free(s);
bail:
ECDSA_SIG_free(ecsig);
return ret;
}
int
lws_genecdh_compute_shared_secret(struct lws_genec_ctx *ctx, uint8_t *ss,
int *ss_len)
{
int len, ret = -1;
EC_KEY *eckey[2];
if (!ctx->ctx[LDHS_OURS] || !ctx->ctx[LDHS_THEIRS]) {
lwsl_err("%s: both sides must be set up\n", __func__);
return -1;
}
eckey[LDHS_OURS] = EVP_PKEY_get1_EC_KEY(
EVP_PKEY_CTX_get0_pkey(ctx->ctx[LDHS_OURS]));
eckey[LDHS_THEIRS] = EVP_PKEY_get1_EC_KEY(
EVP_PKEY_CTX_get0_pkey(ctx->ctx[LDHS_THEIRS]));
len = (EC_GROUP_get_degree(EC_KEY_get0_group(eckey[LDHS_OURS])) + 7) / 8;
if (len <= *ss_len) {
#if defined(USE_WOLFSSL)
*ss_len = wolfSSL_ECDH_compute_key(
#else
*ss_len = ECDH_compute_key(
#endif
ss, (unsigned int)len,
EC_KEY_get0_public_key(eckey[LDHS_THEIRS]),
eckey[LDHS_OURS], NULL);
ret = -(*ss_len < 0);
}
EC_KEY_free(eckey[LDHS_OURS]);
EC_KEY_free(eckey[LDHS_THEIRS]);
return ret;
}

257
Kinc/Sources/kinc/libs/core/tls/openssl/lws-genhash.c Normal file
View File

@ -0,0 +1,257 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genhash provides a hash / hmac abstraction api in lws that works the
* same whether you are using openssl or mbedtls hash functions underneath.
*/
#include <private-lib-core.h>
#include <openssl/obj_mac.h>
#include <openssl/opensslv.h>
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
int
lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type)
{
ctx->type = (uint8_t)type;
ctx->mdctx = EVP_MD_CTX_create();
if (!ctx->mdctx)
return 1;
switch (ctx->type) {
case LWS_GENHASH_TYPE_MD5:
ctx->evp_type = EVP_md5();
break;
case LWS_GENHASH_TYPE_SHA1:
ctx->evp_type = EVP_sha1();
break;
case LWS_GENHASH_TYPE_SHA256:
ctx->evp_type = EVP_sha256();
break;
case LWS_GENHASH_TYPE_SHA384:
ctx->evp_type = EVP_sha384();
break;
case LWS_GENHASH_TYPE_SHA512:
ctx->evp_type = EVP_sha512();
break;
default:
return 1;
}
if (EVP_DigestInit_ex(ctx->mdctx, ctx->evp_type, NULL) != 1) {
EVP_MD_CTX_destroy(ctx->mdctx);
return 1;
}
return 0;
}
int
lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len)
{
if (!len)
return 0;
return EVP_DigestUpdate(ctx->mdctx, in, len) != 1;
}
int
lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result)
{
unsigned int len;
int ret = 0;
if (!ctx->mdctx)
return 0;
if (result)
ret = EVP_DigestFinal_ex(ctx->mdctx, result, &len) != 1;
(void)len;
EVP_MD_CTX_destroy(ctx->mdctx);
ctx->mdctx = NULL;
return ret;
}
#if defined(LWS_HAVE_EVP_PKEY_new_raw_private_key)
int
lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
const uint8_t *key, size_t key_len)
{
ctx->ctx = EVP_MD_CTX_create();
if (!ctx->ctx)
return -1;
ctx->evp_type = 0;
ctx->type = (uint8_t)type;
switch (type) {
case LWS_GENHMAC_TYPE_SHA256:
ctx->evp_type = EVP_sha256();
break;
case LWS_GENHMAC_TYPE_SHA384:
ctx->evp_type = EVP_sha384();
break;
case LWS_GENHMAC_TYPE_SHA512:
ctx->evp_type = EVP_sha512();
break;
default:
lwsl_err("%s: unknown HMAC type %d\n", __func__, type);
goto bail;
}
ctx->key = EVP_PKEY_new_raw_private_key(EVP_PKEY_HMAC, NULL, key, key_len);
if (!ctx->key)
goto bail;
if (EVP_DigestSignInit(ctx->ctx, NULL, ctx->evp_type, NULL, ctx->key) != 1)
goto bail1;
return 0;
bail1:
EVP_PKEY_free(ctx->key);
bail:
EVP_MD_CTX_free(ctx->ctx);
return -1;
}
int
lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len)
{
if (EVP_DigestSignUpdate(ctx->ctx, in, len) != 1)
return -1;
return 0;
}
int
lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result)
{
size_t size = (size_t)lws_genhmac_size(ctx->type);
int n;
n = EVP_DigestSignFinal(ctx->ctx, result, &size);
EVP_MD_CTX_free(ctx->ctx);
EVP_PKEY_free(ctx->key);
if (n != 1)
return -1;
return 0;
}
#else
int
lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
const uint8_t *key, size_t key_len)
{
#if defined(LWS_HAVE_HMAC_CTX_new)
ctx->ctx = HMAC_CTX_new();
if (!ctx->ctx)
return -1;
#else
HMAC_CTX_init(&ctx->ctx);
#endif
ctx->evp_type = 0;
ctx->type = (uint8_t)type;
switch (type) {
case LWS_GENHMAC_TYPE_SHA256:
ctx->evp_type = EVP_sha256();
break;
case LWS_GENHMAC_TYPE_SHA384:
ctx->evp_type = EVP_sha384();
break;
case LWS_GENHMAC_TYPE_SHA512:
ctx->evp_type = EVP_sha512();
break;
default:
lwsl_err("%s: unknown HMAC type %d\n", __func__, type);
goto bail;
}
#if defined(LWS_HAVE_HMAC_CTX_new)
if (HMAC_Init_ex(ctx->ctx, key, (int)key_len, ctx->evp_type, NULL) != 1)
#else
if (HMAC_Init_ex(&ctx->ctx, key, (int)key_len, ctx->evp_type, NULL) != 1)
#endif
goto bail;
return 0;
bail:
#if defined(LWS_HAVE_HMAC_CTX_new)
HMAC_CTX_free(ctx->ctx);
#endif
return -1;
}
int
lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len)
{
#if defined(LWS_HAVE_HMAC_CTX_new)
#if defined(LIBRESSL_VERSION_NUMBER)
if (HMAC_Update(ctx->ctx, in, len) != 1)
#else
if (HMAC_Update(ctx->ctx, in, (int)len) != 1)
#endif
#else /* HMAC_CTX_new */
if (HMAC_Update(&ctx->ctx, in, len) != 1)
#endif
return -1;
return 0;
}
int
lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result)
{
unsigned int size = (unsigned int)lws_genhmac_size(ctx->type);
#if defined(LWS_HAVE_HMAC_CTX_new)
int n = HMAC_Final(ctx->ctx, result, &size);
HMAC_CTX_free(ctx->ctx);
#else
int n = HMAC_Final(&ctx->ctx, result, &size);
#endif
if (n != 1)
return -1;
return 0;
}
#endif

413
Kinc/Sources/kinc/libs/core/tls/openssl/lws-genrsa.c Normal file
View File

@ -0,0 +1,413 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* lws_genrsa provides an RSA abstraction api in lws that works the
* same whether you are using openssl or mbedtls crypto functions underneath.
*/
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
void
lws_genrsa_destroy_elements(struct lws_gencrypto_keyelem *el)
{
lws_gencrypto_destroy_elements(el, LWS_GENCRYPTO_RSA_KEYEL_COUNT);
}
static int mode_map_crypt[] = { RSA_PKCS1_PADDING, RSA_PKCS1_OAEP_PADDING },
mode_map_sig[] = { RSA_PKCS1_PADDING, RSA_PKCS1_PSS_PADDING };
static int
rsa_pkey_wrap(struct lws_genrsa_ctx *ctx, RSA *rsa)
{
EVP_PKEY *pkey;
/* we have the RSA object filled up... wrap in a PKEY */
pkey = EVP_PKEY_new();
if (!pkey)
return 1;
/* bind the PKEY to the RSA key we just prepared */
if (EVP_PKEY_assign_RSA(pkey, rsa) != 1) {
lwsl_err("%s: EVP_PKEY_assign_RSA_KEY failed\n", __func__);
goto bail;
}
/* pepare our PKEY_CTX with the PKEY */
ctx->ctx = EVP_PKEY_CTX_new(pkey, NULL);
EVP_PKEY_free(pkey);
pkey = NULL;
if (!ctx->ctx)
goto bail;
return 0;
bail:
if (pkey)
EVP_PKEY_free(pkey);
return 1;
}
int
lws_genrsa_create(struct lws_genrsa_ctx *ctx,
const struct lws_gencrypto_keyelem *el,
struct lws_context *context, enum enum_genrsa_mode mode,
enum lws_genhash_types oaep_hashid)
{
int n;
memset(ctx, 0, sizeof(*ctx));
ctx->context = context;
ctx->mode = mode;
/* Step 1:
*
* convert the MPI for e and n to OpenSSL BIGNUMs
*/
for (n = 0; n < 5; n++) {
ctx->bn[n] = BN_bin2bn(el[n].buf, (int)el[n].len, NULL);
if (!ctx->bn[n]) {
lwsl_notice("mpi load failed\n");
goto bail;
}
}
/* Step 2:
*
* assemble the OpenSSL RSA from the BIGNUMs
*/
ctx->rsa = RSA_new();
if (!ctx->rsa) {
lwsl_notice("Failed to create RSA\n");
goto bail;
}
#if defined(LWS_HAVE_RSA_SET0_KEY) && !defined(USE_WOLFSSL)
if (RSA_set0_key(ctx->rsa, ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_N],
ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_E],
ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_D]) != 1) {
lwsl_notice("RSA_set0_key failed\n");
goto bail;
}
RSA_set0_factors(ctx->rsa, ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_P],
ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_Q]);
#else
ctx->rsa->e = ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_E];
ctx->rsa->n = ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_N];
ctx->rsa->d = ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_D];
ctx->rsa->p = ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_P];
ctx->rsa->q = ctx->bn[LWS_GENCRYPTO_RSA_KEYEL_Q];
#endif
if (!rsa_pkey_wrap(ctx, ctx->rsa))
return 0;
bail:
for (n = 0; n < 5; n++)
if (ctx->bn[n]) {
BN_clear_free(ctx->bn[n]);
ctx->bn[n] = NULL;
}
if (ctx->rsa) {
RSA_free(ctx->rsa);
ctx->rsa = NULL;
}
return 1;
}
int
lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx,
enum enum_genrsa_mode mode, struct lws_gencrypto_keyelem *el,
int bits)
{
BIGNUM *bn;
int n;
memset(ctx, 0, sizeof(*ctx));
ctx->context = context;
ctx->mode = mode;
ctx->rsa = RSA_new();
if (!ctx->rsa) {
lwsl_notice("Failed to create RSA\n");
return -1;
}
bn = BN_new();
if (!bn)
goto cleanup_1;
if (BN_set_word(bn, RSA_F4) != 1) {
BN_free(bn);
goto cleanup_1;
}
n = RSA_generate_key_ex(ctx->rsa, bits, bn, NULL);
BN_clear_free(bn);
if (n != 1)
goto cleanup_1;
#if defined(LWS_HAVE_RSA_SET0_KEY) && !defined(USE_WOLFSSL)
{
const BIGNUM *mpi[5];
RSA_get0_key(ctx->rsa, &mpi[LWS_GENCRYPTO_RSA_KEYEL_N],
&mpi[LWS_GENCRYPTO_RSA_KEYEL_E], &mpi[LWS_GENCRYPTO_RSA_KEYEL_D]);
RSA_get0_factors(ctx->rsa, &mpi[LWS_GENCRYPTO_RSA_KEYEL_P],
&mpi[LWS_GENCRYPTO_RSA_KEYEL_Q]);
#else
{
BIGNUM *mpi[5] = { ctx->rsa->e, ctx->rsa->n, ctx->rsa->d,
ctx->rsa->p, ctx->rsa->q, };
#endif
for (n = 0; n < 5; n++)
if (BN_num_bytes(mpi[n])) {
el[n].buf = lws_malloc(
(unsigned int)BN_num_bytes(mpi[n]), "genrsakey");
if (!el[n].buf)
goto cleanup;
el[n].len = (unsigned int)BN_num_bytes(mpi[n]);
BN_bn2bin(mpi[n], el[n].buf);
}
}
if (!rsa_pkey_wrap(ctx, ctx->rsa))
return 0;
cleanup:
for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++)
if (el[n].buf)
lws_free_set_NULL(el[n].buf);
cleanup_1:
RSA_free(ctx->rsa);
ctx->rsa = NULL;
return -1;
}
/*
* in_len must be less than RSA_size(rsa) - 11 for the PKCS #1 v1.5
* based padding modes
*/
int
lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out)
{
int n = RSA_public_encrypt((int)in_len, in, out, ctx->rsa,
mode_map_crypt[ctx->mode]);
if (n < 0) {
lwsl_err("%s: RSA_public_encrypt failed\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return n;
}
int
lws_genrsa_private_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out)
{
int n = RSA_private_encrypt((int)in_len, in, out, ctx->rsa,
mode_map_crypt[ctx->mode]);
if (n < 0) {
lwsl_err("%s: RSA_private_encrypt failed\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return n;
}
int
lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out, size_t out_max)
{
int n = RSA_public_decrypt((int)in_len, in, out, ctx->rsa,
mode_map_crypt[ctx->mode]);
if (n < 0) {
lwsl_err("%s: RSA_public_decrypt failed\n", __func__);
return -1;
}
return n;
}
int
lws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
size_t in_len, uint8_t *out, size_t out_max)
{
int n = RSA_private_decrypt((int)in_len, in, out, ctx->rsa,
mode_map_crypt[ctx->mode]);
if (n < 0) {
lwsl_err("%s: RSA_private_decrypt failed\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return n;
}
int
lws_genrsa_hash_sig_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, const uint8_t *sig,
size_t sig_len)
{
int n = lws_gencrypto_openssl_hash_to_NID(hash_type),
h = (int)lws_genhash_size(hash_type);
const EVP_MD *md = NULL;
if (n < 0)
return -1;
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
n = RSA_verify(n, in, (unsigned int)h, (uint8_t *)sig,
(unsigned int)sig_len, ctx->rsa);
break;
case LGRSAM_PKCS1_OAEP_PSS:
md = lws_gencrypto_openssl_hash_to_EVP_MD(hash_type);
if (!md)
return -1;
#if defined(LWS_HAVE_RSA_verify_pss_mgf1)
n = RSA_verify_pss_mgf1(ctx->rsa, in, h, md, NULL, -1,
(uint8_t *)sig,
#else
n = RSA_verify_PKCS1_PSS(ctx->rsa, in, md, (uint8_t *)sig,
#endif
(int)sig_len);
break;
default:
return -1;
}
if (n != 1) {
lwsl_notice("%s: fail\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return 0;
}
int
lws_genrsa_hash_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in,
enum lws_genhash_types hash_type, uint8_t *sig,
size_t sig_len)
{
int n = lws_gencrypto_openssl_hash_to_NID(hash_type),
h = (int)lws_genhash_size(hash_type);
unsigned int used = 0;
EVP_MD_CTX *mdctx = NULL;
const EVP_MD *md = NULL;
if (n < 0)
return -1;
switch(ctx->mode) {
case LGRSAM_PKCS1_1_5:
if (RSA_sign(n, in, (unsigned int)h, sig, &used, ctx->rsa) != 1) {
lwsl_err("%s: RSA_sign failed\n", __func__);
goto bail;
}
break;
case LGRSAM_PKCS1_OAEP_PSS:
md = lws_gencrypto_openssl_hash_to_EVP_MD(hash_type);
if (!md)
return -1;
if (EVP_PKEY_CTX_set_rsa_padding(ctx->ctx,
mode_map_sig[ctx->mode]) != 1) {
lwsl_err("%s: set_rsa_padding failed\n", __func__);
goto bail;
}
mdctx = EVP_MD_CTX_create();
if (!mdctx)
goto bail;
if (EVP_DigestSignInit(mdctx, NULL, md, NULL,
#if defined(USE_WOLFSSL)
ctx->ctx->pkey)) {
#else
EVP_PKEY_CTX_get0_pkey(ctx->ctx))) {
#endif
lwsl_err("%s: EVP_DigestSignInit failed\n", __func__);
goto bail;
}
if (EVP_DigestSignUpdate(mdctx, in, (unsigned int)EVP_MD_size(md))) {
lwsl_err("%s: EVP_DigestSignUpdate failed\n", __func__);
goto bail;
}
if (EVP_DigestSignFinal(mdctx, sig, &sig_len)) {
lwsl_err("%s: EVP_DigestSignFinal failed\n", __func__);
goto bail;
}
EVP_MD_CTX_free(mdctx);
used = (unsigned int)sig_len;
break;
default:
return -1;
}
return (int)used;
bail:
if (mdctx)
EVP_MD_CTX_free(mdctx);
return -1;
}
void
lws_genrsa_destroy(struct lws_genrsa_ctx *ctx)
{
if (!ctx->ctx)
return;
EVP_PKEY_CTX_free(ctx->ctx);
ctx->ctx = NULL;
ctx->rsa = NULL;
}

1242
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-client.c Normal file
View File

File diff suppressed because it is too large Load Diff

1139
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-server.c Normal file
View File

File diff suppressed because it is too large Load Diff

491
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-session.c Normal file
View File

@ -0,0 +1,491 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2022 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
typedef struct lws_tls_session_cache_openssl {
lws_dll2_t list;
SSL_SESSION *session;
lws_sorted_usec_list_t sul_ttl;
/* name is overallocated here */
} lws_tls_sco_t;
#define tlssess_loglevel LLL_INFO
#if (_LWS_ENABLED_LOGS & tlssess_loglevel)
#define lwsl_tlssess(...) _lws_log(tlssess_loglevel, __VA_ARGS__)
#else
#define lwsl_tlssess(...)
#endif
static void
__lws_tls_session_destroy(lws_tls_sco_t *ts)
{
lwsl_tlssess("%s: %s (%u)\n", __func__, (const char *)&ts[1],
ts->list.owner->count - 1);
lws_sul_cancel(&ts->sul_ttl);
SSL_SESSION_free(ts->session);
lws_dll2_remove(&ts->list); /* vh lock */
lws_free(ts);
}
static lws_tls_sco_t *
__lws_tls_session_lookup_by_name(struct lws_vhost *vh, const char *name)
{
lws_start_foreach_dll(struct lws_dll2 *, p,
lws_dll2_get_head(&vh->tls_sessions)) {
lws_tls_sco_t *ts = lws_container_of(p, lws_tls_sco_t, list);
const char *ts_name = (const char *)&ts[1];
if (!strcmp(name, ts_name))
return ts;
} lws_end_foreach_dll(p);
return NULL;
}
/*
* If possible, reuse an existing, cached session
*/
void
lws_tls_reuse_session(struct lws *wsi)
{
char tag[LWS_SESSION_TAG_LEN];
lws_tls_sco_t *ts;
if (!wsi->a.vhost ||
wsi->a.vhost->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return;
lws_context_lock(wsi->a.context, __func__); /* -------------- cx { */
lws_vhost_lock(wsi->a.vhost); /* -------------- vh { */
if (lws_tls_session_tag_from_wsi(wsi, tag, sizeof(tag)))
goto bail;
ts = __lws_tls_session_lookup_by_name(wsi->a.vhost, tag);
if (!ts) {
lwsl_tlssess("%s: no existing session for %s\n", __func__, tag);
goto bail;
}
lwsl_tlssess("%s: %s\n", __func__, (const char *)&ts[1]);
if (!SSL_set_session(wsi->tls.ssl, ts->session)) {
lwsl_err("%s: session not set for %s\n", __func__, tag);
goto bail;
}
#if !defined(USE_WOLFSSL)
/* extend session lifetime */
SSL_SESSION_set_time(ts->session,
#if defined(OPENSSL_IS_BORINGSSL)
(unsigned long)
#else
(long)
#endif
time(NULL));
#endif
/* keep our session list sorted in lru -> mru order */
lws_dll2_remove(&ts->list);
lws_dll2_add_tail(&ts->list, &wsi->a.vhost->tls_sessions);
bail:
lws_vhost_unlock(wsi->a.vhost); /* } vh -------------- */
lws_context_unlock(wsi->a.context); /* } cx -------------- */
}
int
lws_tls_session_is_reused(struct lws *wsi)
{
#if defined(LWS_WITH_CLIENT)
struct lws *nwsi = lws_get_network_wsi(wsi);
if (!nwsi || !nwsi->tls.ssl)
return 0;
return (int)SSL_session_reused(nwsi->tls.ssl);
#else
return 0;
#endif
}
static int
lws_tls_session_destroy_dll(struct lws_dll2 *d, void *user)
{
lws_tls_sco_t *ts = lws_container_of(d, lws_tls_sco_t, list);
__lws_tls_session_destroy(ts);
return 0;
}
void
lws_tls_session_vh_destroy(struct lws_vhost *vh)
{
lws_dll2_foreach_safe(&vh->tls_sessions, NULL,
lws_tls_session_destroy_dll);
}
static void
lws_tls_session_expiry_cb(lws_sorted_usec_list_t *sul)
{
lws_tls_sco_t *ts = lws_container_of(sul, lws_tls_sco_t, sul_ttl);
struct lws_vhost *vh = lws_container_of(ts->list.owner,
struct lws_vhost, tls_sessions);
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
__lws_tls_session_destroy(ts);
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
}
static lws_tls_sco_t *
lws_tls_session_add_entry(struct lws_vhost *vh, const char *tag)
{
lws_tls_sco_t *ts;
size_t nl = strlen(tag);
if (vh->tls_sessions.count == (vh->tls_session_cache_max ?
vh->tls_session_cache_max : 10)) {
/*
* We have reached the vhost's session cache limit,
* prune the LRU / head
*/
ts = lws_container_of(vh->tls_sessions.head,
lws_tls_sco_t, list);
if (ts) { /* centos 7 ... */
lwsl_tlssess("%s: pruning oldest session\n", __func__);
lws_vhost_lock(vh); /* -------------- vh { */
__lws_tls_session_destroy(ts);
lws_vhost_unlock(vh); /* } vh -------------- */
}
}
ts = lws_malloc(sizeof(*ts) + nl + 1, __func__);
if (!ts)
return NULL;
memset(ts, 0, sizeof(*ts));
memcpy(&ts[1], tag, nl + 1);
lws_dll2_add_tail(&ts->list, &vh->tls_sessions);
return ts;
}
static int
lws_tls_session_new_cb(SSL *ssl, SSL_SESSION *sess)
{
struct lws *wsi = (struct lws *)SSL_get_ex_data(ssl,
openssl_websocket_private_data_index);
char tag[LWS_SESSION_TAG_LEN];
struct lws_vhost *vh;
lws_tls_sco_t *ts;
long ttl;
#if (_LWS_ENABLED_LOGS & tlssess_loglevel)
const char *disposition = "reuse";
#endif
if (!wsi) {
lwsl_warn("%s: can't get wsi from ssl privdata\n", __func__);
return 0;
}
vh = wsi->a.vhost;
if (vh->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return 0;
if (lws_tls_session_tag_from_wsi(wsi, tag, sizeof(tag)))
return 0;
/* api return is long, although we only support setting
* default (300s) or max uint32_t */
ttl = SSL_SESSION_get_timeout(sess);
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
ts = __lws_tls_session_lookup_by_name(vh, tag);
if (!ts) {
ts = lws_tls_session_add_entry(vh, tag);
if (!ts)
goto bail;
lws_sul_schedule(wsi->a.context, wsi->tsi, &ts->sul_ttl,
lws_tls_session_expiry_cb,
ttl * LWS_US_PER_SEC);
#if (_LWS_ENABLED_LOGS & tlssess_loglevel)
disposition = "new";
#endif
/*
* We don't have to do a SSL_SESSION_up_ref() here, because
* we will return from this callback indicating that we kept the
* ref
*/
} else {
/*
* Give up our refcount on the session we are about to replace
* with a newer one
*/
SSL_SESSION_free(ts->session);
/* keep our session list sorted in lru -> mru order */
lws_dll2_remove(&ts->list);
lws_dll2_add_tail(&ts->list, &vh->tls_sessions);
}
ts->session = sess;
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
lwsl_tlssess("%s: %p: %s: %s %s, ttl %lds (%s:%u)\n", __func__,
sess, wsi->lc.gutag, disposition, tag, ttl, vh->name,
vh->tls_sessions.count);
/*
* indicate we will hold on to the SSL_SESSION reference, and take
* responsibility to call SSL_SESSION_free() on it ourselves
*/
return 1;
bail:
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
return 0;
}
#if defined(LWS_TLS_SYNTHESIZE_CB)
/*
* On openssl, there is an async cb coming when the server issues the session
* information on the link, so we can pick it up and update the cache at the
* right time.
*
* On mbedtls and some version at least of borning ssl, this cb is either not
* part of the tls library apis or fails to arrive.
*
* This synthetic cb is called instead for those build cases, scheduled for
* +500ms after the tls negotiation completed.
*/
void
lws_sess_cache_synth_cb(lws_sorted_usec_list_t *sul)
{
struct lws_lws_tls *tls = lws_container_of(sul, struct lws_lws_tls,
sul_cb_synth);
struct lws *wsi = lws_container_of(tls, struct lws, tls);
SSL_SESSION *sess;
if (lws_tls_session_is_reused(wsi))
return;
sess = SSL_get1_session(tls->ssl);
if (!sess)
return;
if (!SSL_SESSION_is_resumable(sess) || /* not worth caching, or... */
!lws_tls_session_new_cb(tls->ssl, sess)) { /* ...cb didn't keep it */
/*
* For now the policy if no session message after the wait,
* is just let it be. Typically the session info is sent
* early.
*/
SSL_SESSION_free(sess);
}
}
#endif
void
lws_tls_session_cache(struct lws_vhost *vh, uint32_t ttl)
{
long cmode;
if (vh->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return;
cmode = SSL_CTX_get_session_cache_mode(vh->tls.ssl_client_ctx);
SSL_CTX_set_session_cache_mode(vh->tls.ssl_client_ctx,
(int)(cmode | SSL_SESS_CACHE_CLIENT));
SSL_CTX_sess_set_new_cb(vh->tls.ssl_client_ctx, lws_tls_session_new_cb);
if (!ttl)
return;
#if defined(OPENSSL_IS_BORINGSSL)
SSL_CTX_set_timeout(vh->tls.ssl_client_ctx, ttl);
#else
SSL_CTX_set_timeout(vh->tls.ssl_client_ctx, (long)ttl);
#endif
}
int
lws_tls_session_dump_save(struct lws_vhost *vh, const char *host, uint16_t port,
lws_tls_sess_cb_t cb_save, void *opq)
{
struct lws_tls_session_dump d;
lws_tls_sco_t *ts;
int ret = 1, bl;
void *v;
if (vh->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return 1;
lws_tls_session_tag_discrete(vh->name, host, port, d.tag, sizeof(d.tag));
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
ts = __lws_tls_session_lookup_by_name(vh, d.tag);
if (!ts)
goto bail;
/* We have a ref on the session, exit via bail to clean it... */
bl = i2d_SSL_SESSION(ts->session, NULL);
if (!bl)
goto bail;
d.blob_len = (size_t)bl;
v = d.blob = lws_malloc(d.blob_len, __func__);
if (d.blob) {
/* this advances d.blob by the blob size ;-) */
i2d_SSL_SESSION(ts->session, (uint8_t **)&d.blob);
d.opaque = opq;
d.blob = v;
if (cb_save(vh->context, &d))
lwsl_notice("%s: save failed\n", __func__);
else
ret = 0;
lws_free(v);
}
bail:
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
return ret;
}
int
lws_tls_session_dump_load(struct lws_vhost *vh, const char *host, uint16_t port,
lws_tls_sess_cb_t cb_load, void *opq)
{
struct lws_tls_session_dump d;
lws_tls_sco_t *ts;
SSL_SESSION *sess = NULL; /* allow it to "bail" early */
void *v;
if (vh->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE)
return 1;
d.opaque = opq;
lws_tls_session_tag_discrete(vh->name, host, port, d.tag, sizeof(d.tag));
lws_context_lock(vh->context, __func__); /* -------------- cx { */
lws_vhost_lock(vh); /* -------------- vh { */
ts = __lws_tls_session_lookup_by_name(vh, d.tag);
if (ts) {
/*
* Since we are getting this out of cold storage, we should
* not replace any existing session since it is likely newer
*/
lwsl_notice("%s: session already exists for %s\n", __func__,
d.tag);
goto bail1;
}
if (cb_load(vh->context, &d)) {
lwsl_warn("%s: load failed\n", __func__);
goto bail1;
}
/* the callback has allocated the blob and set d.blob / d.blob_len */
v = d.blob;
/* this advances d.blob by the blob size ;-) */
sess = d2i_SSL_SESSION(NULL, (const uint8_t **)&d.blob,
(long)d.blob_len);
free(v); /* user code will have used malloc() */
if (!sess) {
lwsl_warn("%s: d2i_SSL_SESSION failed\n", __func__);
goto bail;
}
lws_vhost_lock(vh); /* -------------- vh { */
ts = lws_tls_session_add_entry(vh, d.tag);
lws_vhost_unlock(vh); /* } vh -------------- */
if (!ts) {
lwsl_warn("%s: unable to add cache entry\n", __func__);
goto bail;
}
ts->session = sess;
lwsl_tlssess("%s: session loaded OK\n", __func__);
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
return 0;
bail:
SSL_SESSION_free(sess);
bail1:
lws_vhost_unlock(vh); /* } vh -------------- */
lws_context_unlock(vh->context); /* } cx -------------- */
return 1;
}

603
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-ssl.c Normal file
View File

@ -0,0 +1,603 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
int openssl_websocket_private_data_index,
openssl_SSL_CTX_private_data_index;
/*
* Care: many openssl apis return 1 for success. These are translated to the
* lws convention of 0 for success.
*/
int lws_openssl_describe_cipher(struct lws *wsi)
{
#if !defined(LWS_WITH_NO_LOGS) && !defined(USE_WOLFSSL)
int np = -1;
SSL *s = wsi->tls.ssl;
SSL_get_cipher_bits(s, &np);
lwsl_info("%s: %s: %s, %s, %d bits, %s\n", __func__, lws_wsi_tag(wsi),
SSL_get_cipher_name(s), SSL_get_cipher(s), np,
SSL_get_cipher_version(s));
#endif
return 0;
}
int lws_ssl_get_error(struct lws *wsi, int n)
{
int m;
unsigned long l;
char buf[160];
if (!wsi->tls.ssl)
return 99;
m = SSL_get_error(wsi->tls.ssl, n);
lwsl_debug("%s: %p %d -> %d (errno %d)\n", __func__, wsi->tls.ssl, n, m, LWS_ERRNO);
if (m == SSL_ERROR_SSL) {
if (!wsi->tls.err_helper[0]) {
/* Append first error for clarity */
l = ERR_get_error();
if (l) {
ERR_error_string_n(
#if defined(LWS_WITH_BORINGSSL)
(uint32_t)
#endif
l, buf, sizeof(buf) - 1);
buf[sizeof(buf) - 1] = '\0';
lws_strncpy(wsi->tls.err_helper, buf,
sizeof(wsi->tls.err_helper));
}
}
// Describe other errors
lws_tls_err_describe_clear();
}
// assert (LWS_ERRNO != 9);
return m;
}
#if defined(LWS_WITH_SERVER)
static int
lws_context_init_ssl_pem_passwd_cb(char *buf, int size, int rwflag,
void *userdata)
{
struct lws_context_creation_info * info =
(struct lws_context_creation_info *)userdata;
strncpy(buf, info->ssl_private_key_password, (unsigned int)size);
buf[size - 1] = '\0';
return (int)strlen(buf);
}
#endif
#if defined(LWS_WITH_CLIENT)
static int
lws_context_init_ssl_pem_passwd_client_cb(char *buf, int size, int rwflag,
void *userdata)
{
struct lws_context_creation_info * info =
(struct lws_context_creation_info *)userdata;
const char *p = info->ssl_private_key_password;
if (info->client_ssl_private_key_password)
p = info->client_ssl_private_key_password;
strncpy(buf, p, (unsigned int)size);
buf[size - 1] = '\0';
return (int)strlen(buf);
}
#endif
void
lws_ssl_bind_passphrase(SSL_CTX *ssl_ctx, int is_client,
const struct lws_context_creation_info *info)
{
if (
#if defined(LWS_WITH_SERVER)
!info->ssl_private_key_password
#endif
#if defined(LWS_WITH_SERVER) && defined(LWS_WITH_CLIENT)
&&
#endif
#if defined(LWS_WITH_CLIENT)
!info->client_ssl_private_key_password
#endif
)
return;
/*
* password provided, set ssl callback and user data
* for checking password which will be trigered during
* SSL_CTX_use_PrivateKey_file function
*/
SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, (void *)info);
SSL_CTX_set_default_passwd_cb(ssl_ctx, is_client ?
#if defined(LWS_WITH_CLIENT)
lws_context_init_ssl_pem_passwd_client_cb:
#else
NULL:
#endif
#if defined(LWS_WITH_SERVER)
lws_context_init_ssl_pem_passwd_cb
#else
NULL
#endif
);
}
#if defined(LWS_WITH_CLIENT)
static void
lws_ssl_destroy_client_ctx(struct lws_vhost *vhost)
{
if (vhost->tls.user_supplied_ssl_ctx || !vhost->tls.ssl_client_ctx)
return;
if (vhost->tls.tcr && --vhost->tls.tcr->refcount)
return;
SSL_CTX_free(vhost->tls.ssl_client_ctx);
vhost->tls.ssl_client_ctx = NULL;
vhost->context->tls.count_client_contexts--;
if (vhost->tls.tcr) {
lws_dll2_remove(&vhost->tls.tcr->cc_list);
lws_free(vhost->tls.tcr);
vhost->tls.tcr = NULL;
}
}
#endif
void
lws_ssl_destroy(struct lws_vhost *vhost)
{
if (!lws_check_opt(vhost->context->options,
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
return;
if (vhost->tls.ssl_ctx)
SSL_CTX_free(vhost->tls.ssl_ctx);
#if defined(LWS_WITH_CLIENT)
lws_ssl_destroy_client_ctx(vhost);
#endif
// after 1.1.0 no need
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
// <= 1.0.1f = old api, 1.0.1g+ = new api
#if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
ERR_remove_state(0);
#else
#if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
!defined(LIBRESSL_VERSION_NUMBER) && \
!defined(OPENSSL_IS_BORINGSSL)
ERR_remove_thread_state();
#else
ERR_remove_thread_state(NULL);
#endif
#endif
/* not needed after 1.1.0 */
#if (OPENSSL_VERSION_NUMBER >= 0x10002000) && \
(OPENSSL_VERSION_NUMBER <= 0x10100000)
SSL_COMP_free_compression_methods();
#endif
ERR_free_strings();
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#endif
}
int
lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, size_t len)
{
struct lws_context *context = wsi->a.context;
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
int n = 0, m;
if (!wsi->tls.ssl)
return lws_ssl_capable_read_no_ssl(wsi, buf, len);
#ifndef WIN32
errno = 0;
#else
WSASetLastError(0);
#endif
ERR_clear_error();
n = SSL_read(wsi->tls.ssl, buf, (int)(ssize_t)len);
#if defined(LWS_PLAT_FREERTOS)
if (!n && errno == LWS_ENOTCONN) {
lwsl_debug("%s: SSL_read ENOTCONN\n", lws_wsi_tag(wsi));
return LWS_SSL_CAPABLE_ERROR;
}
#endif
lwsl_debug("%s: SSL_read says %d\n", lws_wsi_tag(wsi), n);
/* manpage: returning 0 means connection shut down
*
* 2018-09-10: https://github.com/openssl/openssl/issues/1903
*
* So, in summary, if you get a 0 or -1 return from SSL_read() /
* SSL_write(), you should call SSL_get_error():
*
* - If you get back SSL_ERROR_RETURN_ZERO then you know the connection
* has been cleanly shutdown by the peer. To fully close the
* connection you may choose to call SSL_shutdown() to send a
* close_notify back.
*
* - If you get back SSL_ERROR_SSL then some kind of internal or
* protocol error has occurred. More details will be on the SSL error
* queue. You can also call SSL_get_shutdown(). If this indicates a
* state of SSL_RECEIVED_SHUTDOWN then you know a fatal alert has
* been received from the peer (if it had been a close_notify then
* SSL_get_error() would have returned SSL_ERROR_RETURN_ZERO).
* SSL_ERROR_SSL is considered fatal - you should not call
* SSL_shutdown() in this case.
*
* - If you get back SSL_ERROR_SYSCALL then some kind of fatal (i.e.
* non-retryable) error has occurred in a system call.
*/
if (n <= 0) {
m = lws_ssl_get_error(wsi, n);
lwsl_debug("%s: ssl err %d errno %d\n", lws_wsi_tag(wsi), m, LWS_ERRNO);
if (m == SSL_ERROR_ZERO_RETURN) /* cleanly shut down */
goto do_err;
if (m == SSL_ERROR_SSL)
lws_tls_err_describe_clear();
/* hm not retryable.. could be 0 size pkt or error */
if (m == SSL_ERROR_SSL || m == SSL_ERROR_SYSCALL ||
LWS_ERRNO == LWS_ENOTCONN) {
/* unclean, eg closed conn */
wsi->socket_is_permanently_unusable = 1;
do_err:
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_rx,
METRES_NOGO, 0);
#endif
return LWS_SSL_CAPABLE_ERROR;
}
/* retryable? */
if (SSL_want_read(wsi->tls.ssl)) {
lwsl_debug("%s: WANT_READ\n", __func__);
lwsl_debug("%s: LWS_SSL_CAPABLE_MORE_SERVICE\n", lws_wsi_tag(wsi));
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
if (SSL_want_write(wsi->tls.ssl)) {
lwsl_info("%s: WANT_WRITE\n", __func__);
lwsl_debug("%s: LWS_SSL_CAPABLE_MORE_SERVICE\n", lws_wsi_tag(wsi));
wsi->tls_read_wanted_write = 1;
lws_callback_on_writable(wsi);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
/* keep on trucking it seems */
}
#if defined(LWS_TLS_LOG_PLAINTEXT_RX)
/*
* If using openssl type tls library, this is the earliest point for all
* paths to dump what was received as decrypted data from the tls tunnel
*/
lwsl_notice("%s: len %d\n", __func__, n);
lwsl_hexdump_notice(buf, (unsigned int)n);
#endif
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_rx, METRES_GO, (u_mt_t)n);
#endif
/*
* if it was our buffer that limited what we read,
* check if SSL has additional data pending inside SSL buffers.
*
* Because these won't signal at the network layer with POLLIN
* and if we don't realize, this data will sit there forever
*/
if (n != (int)(ssize_t)len)
goto bail;
if (!wsi->tls.ssl)
goto bail;
if (SSL_pending(wsi->tls.ssl)) {
if (lws_dll2_is_detached(&wsi->tls.dll_pending_tls))
lws_dll2_add_head(&wsi->tls.dll_pending_tls,
&pt->tls.dll_pending_tls_owner);
} else
__lws_ssl_remove_wsi_from_buffered_list(wsi);
return n;
bail:
lws_ssl_remove_wsi_from_buffered_list(wsi);
return n;
}
int
lws_ssl_pending(struct lws *wsi)
{
if (!wsi->tls.ssl)
return 0;
return SSL_pending(wsi->tls.ssl);
}
int
lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, size_t len)
{
int n, m;
#if defined(LWS_TLS_LOG_PLAINTEXT_TX)
/*
* If using OpenSSL type tls library, this is the last point for all
* paths before sending data into the tls tunnel, where you can dump it
* and see what is being sent.
*/
lwsl_notice("%s: len %u\n", __func__, (unsigned int)len);
lwsl_hexdump_notice(buf, len);
#endif
if (!wsi->tls.ssl)
return lws_ssl_capable_write_no_ssl(wsi, buf, len);
errno = 0;
ERR_clear_error();
n = SSL_write(wsi->tls.ssl, buf, (int)(ssize_t)len);
if (n > 0) {
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_tx,
METRES_GO, (u_mt_t)n);
#endif
return n;
}
m = lws_ssl_get_error(wsi, n);
if (m != SSL_ERROR_SYSCALL) {
if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {
lwsl_notice("%s: want read\n", __func__);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {
lws_set_blocking_send(wsi);
lwsl_debug("%s: want write\n", __func__);
return LWS_SSL_CAPABLE_MORE_SERVICE;
}
}
lwsl_debug("%s failed: %s\n",__func__, ERR_error_string((unsigned int)m, NULL));
lws_tls_err_describe_clear();
wsi->socket_is_permanently_unusable = 1;
#if defined(LWS_WITH_SYS_METRICS)
if (wsi->a.vhost)
lws_metric_event(wsi->a.vhost->mt_traffic_tx,
METRES_NOGO, 0);
#endif
return LWS_SSL_CAPABLE_ERROR;
}
void
lws_ssl_info_callback(const SSL *ssl, int where, int ret)
{
struct lws *wsi;
struct lws_context *context;
struct lws_ssl_info si;
int fd;
#ifndef USE_WOLFSSL
context = (struct lws_context *)SSL_CTX_get_ex_data(
SSL_get_SSL_CTX(ssl),
openssl_SSL_CTX_private_data_index);
#else
context = (struct lws_context *)SSL_CTX_get_ex_data(
SSL_get_SSL_CTX((SSL*) ssl),
openssl_SSL_CTX_private_data_index);
#endif
if (!context)
return;
fd = SSL_get_fd(ssl);
if (fd < 0 || (fd - lws_plat_socket_offset()) < 0)
return;
wsi = wsi_from_fd(context, fd);
if (!wsi)
return;
if (!(where & wsi->a.vhost->tls.ssl_info_event_mask))
return;
si.where = where;
si.ret = ret;
if (user_callback_handle_rxflow(wsi->a.protocol->callback,
wsi, LWS_CALLBACK_SSL_INFO,
wsi->user_space, &si, 0))
lws_set_timeout(wsi, PENDING_TIMEOUT_KILLED_BY_SSL_INFO, -1);
}
int
lws_ssl_close(struct lws *wsi)
{
lws_sockfd_type n;
if (!wsi->tls.ssl)
return 0; /* not handled */
#if defined (LWS_HAVE_SSL_SET_INFO_CALLBACK)
/* kill ssl callbacks, because we will remove the fd from the
* table linking it to the wsi
*/
if (wsi->a.vhost->tls.ssl_info_event_mask)
SSL_set_info_callback(wsi->tls.ssl, NULL);
#endif
#if defined(LWS_TLS_SYNTHESIZE_CB)
lws_sul_cancel(&wsi->tls.sul_cb_synth);
/*
* ... check the session in case it did not live long enough to get
* the scheduled callback to sample it
*/
lws_sess_cache_synth_cb(&wsi->tls.sul_cb_synth);
#endif
n = SSL_get_fd(wsi->tls.ssl);
if (!wsi->socket_is_permanently_unusable)
SSL_shutdown(wsi->tls.ssl);
compatible_close(n);
SSL_free(wsi->tls.ssl);
wsi->tls.ssl = NULL;
lws_tls_restrict_return(wsi);
// lwsl_notice("%s: ssl restr %d, simul %d\n", __func__,
// wsi->a.context->simultaneous_ssl_restriction,
// wsi->a.context->simultaneous_ssl);
return 1; /* handled */
}
void
lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost)
{
if (vhost->tls.ssl_ctx)
SSL_CTX_free(vhost->tls.ssl_ctx);
#if defined(LWS_WITH_CLIENT)
lws_ssl_destroy_client_ctx(vhost);
#endif
#if defined(LWS_WITH_ACME)
lws_tls_acme_sni_cert_destroy(vhost);
#endif
}
void
lws_ssl_context_destroy(struct lws_context *context)
{
// after 1.1.0 no need
#if (OPENSSL_VERSION_NUMBER < 0x10100000)
// <= 1.0.1f = old api, 1.0.1g+ = new api
#if (OPENSSL_VERSION_NUMBER <= 0x1000106f) || defined(USE_WOLFSSL)
ERR_remove_state(0);
#else
#if OPENSSL_VERSION_NUMBER >= 0x1010005f && \
!defined(LIBRESSL_VERSION_NUMBER) && \
!defined(OPENSSL_IS_BORINGSSL)
ERR_remove_thread_state();
#else
ERR_remove_thread_state(NULL);
#endif
#endif
// after 1.1.0 no need
#if (OPENSSL_VERSION_NUMBER >= 0x10002000) && (OPENSSL_VERSION_NUMBER <= 0x10100000)
SSL_COMP_free_compression_methods();
#endif
ERR_free_strings();
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
#endif
}
lws_tls_ctx *
lws_tls_ctx_from_wsi(struct lws *wsi)
{
if (!wsi->tls.ssl)
return NULL;
return SSL_get_SSL_CTX(wsi->tls.ssl);
}
enum lws_ssl_capable_status
__lws_tls_shutdown(struct lws *wsi)
{
int n;
#ifndef WIN32
errno = 0;
#else
WSASetLastError(0);
#endif
ERR_clear_error();
n = SSL_shutdown(wsi->tls.ssl);
lwsl_debug("SSL_shutdown=%d for fd %d\n", n, wsi->desc.sockfd);
switch (n) {
case 1: /* successful completion */
n = shutdown(wsi->desc.sockfd, SHUT_WR);
return LWS_SSL_CAPABLE_DONE;
case 0: /* needs a retry */
__lws_change_pollfd(wsi, 0, LWS_POLLIN);
return LWS_SSL_CAPABLE_MORE_SERVICE;
default: /* fatal error, or WANT */
n = SSL_get_error(wsi->tls.ssl, n);
if (n != SSL_ERROR_SYSCALL && n != SSL_ERROR_SSL) {
if (SSL_want_read(wsi->tls.ssl)) {
lwsl_debug("(wants read)\n");
__lws_change_pollfd(wsi, 0, LWS_POLLIN);
return LWS_SSL_CAPABLE_MORE_SERVICE_READ;
}
if (SSL_want_write(wsi->tls.ssl)) {
lwsl_debug("(wants write)\n");
__lws_change_pollfd(wsi, 0, LWS_POLLOUT);
return LWS_SSL_CAPABLE_MORE_SERVICE_WRITE;
}
}
return LWS_SSL_CAPABLE_ERROR;
}
}
static int
tops_fake_POLLIN_for_buffered_openssl(struct lws_context_per_thread *pt)
{
return lws_tls_fake_POLLIN_for_buffered(pt);
}
const struct lws_tls_ops tls_ops_openssl = {
/* fake_POLLIN_for_buffered */ tops_fake_POLLIN_for_buffered_openssl,
};

176
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-tls.c Normal file
View File

@ -0,0 +1,176 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
extern int openssl_websocket_private_data_index,
openssl_SSL_CTX_private_data_index;
#if defined(LWS_WITH_NETWORK)
static char openssl_ex_indexes_acquired;
#endif
void
lws_tls_err_describe_clear(void)
{
char buf[160];
unsigned long l;
do {
l = ERR_get_error();
if (!l)
break;
ERR_error_string_n(
#if defined(LWS_WITH_BORINGSSL)
(uint32_t)
#endif
l, buf, sizeof(buf));
lwsl_info(" openssl error: %s\n", buf);
} while (l);
lwsl_info("\n");
}
#if LWS_MAX_SMP != 1
static pthread_mutex_t *openssl_mutexes = NULL;
static void
lws_openssl_lock_callback(int mode, int type, const char *file, int line)
{
(void)file;
(void)line;
if (mode & CRYPTO_LOCK)
pthread_mutex_lock(&openssl_mutexes[type]);
else
pthread_mutex_unlock(&openssl_mutexes[type]);
}
static unsigned long
lws_openssl_thread_id(void)
{
#ifdef __PTW32_H
return (unsigned long)(intptr_t)(pthread_self()).p;
#else
return (unsigned long)pthread_self();
#endif
}
#endif
int
lws_context_init_ssl_library(struct lws_context *cx,
const struct lws_context_creation_info *info)
{
#ifdef USE_WOLFSSL
#ifdef USE_OLD_CYASSL
lwsl_cx_info(cx, " Compiled with CyaSSL support");
#else
lwsl_cx_info(cx, " Compiled with wolfSSL support");
#endif
#else
#if defined(LWS_WITH_BORINGSSL)
lwsl_cx_info(cx, " Compiled with BoringSSL support");
#else
lwsl_cx_info(cx, " Compiled with OpenSSL support");
#endif
#endif
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
if (!info->provided_client_ssl_ctx)
lwsl_cx_info(cx, " SSL disabled: no "
"LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT");
return 0;
}
/* basic openssl init */
lwsl_cx_info(cx, "Doing SSL library init");
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
#else
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
#endif
#if defined(LWS_WITH_NETWORK)
if (!openssl_ex_indexes_acquired) {
openssl_websocket_private_data_index =
SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
openssl_SSL_CTX_private_data_index =
SSL_CTX_get_ex_new_index(0, NULL, NULL, NULL, NULL);
openssl_ex_indexes_acquired = 1;
}
#endif
#if LWS_MAX_SMP != 1
{
int n;
openssl_mutexes = (pthread_mutex_t *)
OPENSSL_malloc((size_t)((unsigned long)CRYPTO_num_locks() *
(unsigned long)sizeof(openssl_mutexes[0])));
for (n = 0; n < CRYPTO_num_locks(); n++)
pthread_mutex_init(&openssl_mutexes[n], NULL);
/*
* These "functions" disappeared in later OpenSSL which is
* already threadsafe.
*/
(void)lws_openssl_thread_id;
(void)lws_openssl_lock_callback;
CRYPTO_set_id_callback(lws_openssl_thread_id);
CRYPTO_set_locking_callback(lws_openssl_lock_callback);
}
#endif
return 0;
}
void
lws_context_deinit_ssl_library(struct lws_context *context)
{
#if LWS_MAX_SMP != 1
int n;
if (!lws_check_opt(context->options,
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
return;
CRYPTO_set_locking_callback(NULL);
if (openssl_mutexes) {
for (n = 0; n < CRYPTO_num_locks(); n++)
pthread_mutex_destroy(&openssl_mutexes[n]);
OPENSSL_free(openssl_mutexes);
openssl_mutexes = NULL;
}
#endif
}

854
Kinc/Sources/kinc/libs/core/tls/openssl/openssl-x509.c Normal file
View File

@ -0,0 +1,854 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#define WIN32_LEAN_AND_MEAN
#include "private-lib-core.h"
#include "private-lib-tls-openssl.h"
#if !defined(LWS_PLAT_OPTEE)
static int
dec(char c)
{
return c - '0';
}
#endif
static time_t
lws_tls_openssl_asn1time_to_unix(ASN1_TIME *as)
{
#if !defined(LWS_PLAT_OPTEE)
const char *p = (const char *)as->data;
struct tm t;
/* [YY]YYMMDDHHMMSSZ */
memset(&t, 0, sizeof(t));
if (strlen(p) == 13) {
t.tm_year = (dec(p[0]) * 10) + dec(p[1]) + 100;
p += 2;
} else {
t.tm_year = (dec(p[0]) * 1000) + (dec(p[1]) * 100) +
(dec(p[2]) * 10) + dec(p[3]);
p += 4;
}
t.tm_mon = (dec(p[0]) * 10) + dec(p[1]) - 1;
p += 2;
t.tm_mday = (dec(p[0]) * 10) + dec(p[1]) - 1;
p += 2;
t.tm_hour = (dec(p[0]) * 10) + dec(p[1]);
p += 2;
t.tm_min = (dec(p[0]) * 10) + dec(p[1]);
p += 2;
t.tm_sec = (dec(p[0]) * 10) + dec(p[1]);
t.tm_isdst = 0;
return mktime(&t);
#else
return (time_t)-1;
#endif
}
#if defined(USE_WOLFSSL)
#define AUTHORITY_KEYID WOLFSSL_AUTHORITY_KEYID
#endif
int
lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
#ifndef USE_WOLFSSL
const unsigned char *dp;
ASN1_OCTET_STRING *val;
AUTHORITY_KEYID *akid;
X509_EXTENSION *ext;
int tag, xclass, r = 1;
long xlen, loc;
#endif
X509_NAME *xn;
#if !defined(LWS_PLAT_OPTEE)
char *p, *p1;
size_t rl;
#endif
buf->ns.len = 0;
if (!x509)
return -1;
if (!len)
len = sizeof(buf->ns.name);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(X509_get_notBefore)
#define X509_get_notBefore(x) X509_getm_notBefore(x)
#define X509_get_notAfter(x) X509_getm_notAfter(x)
#endif
switch (type) {
case LWS_TLS_CERT_INFO_VALIDITY_FROM:
buf->time = lws_tls_openssl_asn1time_to_unix(
X509_get_notBefore(x509));
if (buf->time == (time_t)-1)
return -1;
break;
case LWS_TLS_CERT_INFO_VALIDITY_TO:
buf->time = lws_tls_openssl_asn1time_to_unix(
X509_get_notAfter(x509));
if (buf->time == (time_t)-1)
return -1;
break;
case LWS_TLS_CERT_INFO_COMMON_NAME:
#if defined(LWS_PLAT_OPTEE)
return -1;
#else
xn = X509_get_subject_name(x509);
if (!xn)
return -1;
X509_NAME_oneline(xn, buf->ns.name, (int)len - 2);
p = strstr(buf->ns.name, "/CN=");
if (p) {
p += 4;
p1 = strchr(p, '/');
if (p1)
rl = lws_ptr_diff_size_t(p1, p);
else
rl = strlen(p);
memmove(buf->ns.name, p, rl);
buf->ns.name[rl] = '\0';
}
buf->ns.len = (int)strlen(buf->ns.name);
return 0;
#endif
case LWS_TLS_CERT_INFO_ISSUER_NAME:
xn = X509_get_issuer_name(x509);
if (!xn)
return -1;
X509_NAME_oneline(xn, buf->ns.name, (int)len - 1);
buf->ns.len = (int)strlen(buf->ns.name);
return 0;
case LWS_TLS_CERT_INFO_USAGE:
#if defined(LWS_HAVE_X509_get_key_usage)
buf->usage = X509_get_key_usage(x509);
break;
#else
return -1;
#endif
case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY:
{
#ifndef USE_WOLFSSL
size_t klen = (unsigned int)i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x509), NULL);
uint8_t *tmp, *ptmp;
if (!klen || klen > len)
return -1;
tmp = (uint8_t *)OPENSSL_malloc(klen);
if (!tmp)
return -1;
ptmp = tmp;
if (i2d_X509_PUBKEY(
X509_get_X509_PUBKEY(x509), &ptmp) != (int)klen ||
!ptmp || lws_ptr_diff(ptmp, tmp) != (int)klen) {
lwsl_info("%s: cert public key extraction failed\n",
__func__);
if (ptmp)
OPENSSL_free(tmp);
return -1;
}
buf->ns.len = (int)klen;
memcpy(buf->ns.name, tmp, klen);
OPENSSL_free(tmp);
#endif
return 0;
}
case LWS_TLS_CERT_INFO_DER_RAW:
{
int der_len = i2d_X509(x509, NULL);
uint8_t *tmp = (uint8_t *)buf->ns.name;
buf->ns.len = der_len < 0 ? 0 : der_len;
if (der_len < 0 || (size_t)der_len > len)
return -1;
der_len = i2d_X509(x509, &tmp);
if (der_len < 0)
return -1;
return 0;
}
#ifndef USE_WOLFSSL
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID:
loc = X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
if (loc < 0)
return 1;
ext = X509_get_ext(x509, (int)loc);
if (!ext)
return 1;
#ifndef USE_WOLFSSL
akid = (AUTHORITY_KEYID *)X509V3_EXT_d2i(ext);
#else
akid = (AUTHORITY_KEYID *)wolfSSL_X509V3_EXT_d2i(ext);
#endif
if (!akid || !akid->keyid)
return 1;
val = akid->keyid;
dp = (const unsigned char *)val->data;
xlen = val->length;
buf->ns.len = (int)xlen;
if (len < (size_t)buf->ns.len)
return -1;
memcpy(buf->ns.name, dp, (size_t)buf->ns.len);
AUTHORITY_KEYID_free(akid);
break;
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID_ISSUER:
loc = X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
if (loc < 0)
return 1;
ext = X509_get_ext(x509, (int)loc);
if (!ext)
return 1;
#ifndef USE_WOLFSSL
akid = (AUTHORITY_KEYID *)X509V3_EXT_d2i(ext);
#else
akid = (AUTHORITY_KEYID *)wolfSSL_X509V3_EXT_d2i(ext);
#endif
if (!akid || !akid->issuer)
return 1;
#if defined(LWS_HAVE_OPENSSL_STACK)
{
const X509V3_EXT_METHOD* method = X509V3_EXT_get(ext);
STACK_OF(CONF_VALUE) *cv;
int j;
cv = i2v_GENERAL_NAMES((X509V3_EXT_METHOD*)method, akid->issuer, NULL);
if (!cv)
goto bail_ak;
for (j = 0; j < OPENSSL_sk_num((const OPENSSL_STACK *)&cv); j++) {
CONF_VALUE *nval = OPENSSL_sk_value((const OPENSSL_STACK *)&cv, j);
size_t ln = (nval->name ? strlen(nval->name) : 0),
lv = (nval->value ? strlen(nval->value) : 0),
l = ln + lv;
if (len > l) {
if (nval->name)
memcpy(buf->ns.name + buf->ns.len, nval->name, ln);
if (nval->value)
memcpy(buf->ns.name + buf->ns.len + ln, nval->value, lv);
buf->ns.len = (int)((size_t)buf->ns.len + l);
len -= l;
buf->ns.name[buf->ns.len] = '\0';
r = 0;
}
}
}
bail_ak:
#endif
AUTHORITY_KEYID_free(akid);
return r;
case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID_SERIAL:
loc = X509_get_ext_by_NID(x509, NID_authority_key_identifier, -1);
if (loc < 0)
return 1;
ext = X509_get_ext(x509, (int)loc);
if (!ext)
return 1;
akid = (AUTHORITY_KEYID *)X509V3_EXT_d2i(ext);
if (!akid || !akid->serial)
return 1;
#if 0
// need to handle blobs, and ASN1_INTEGER_get_uint64 not
// available on older openssl
{
uint64_t res;
if (ASN1_INTEGER_get_uint64(&res, akid->serial) != 1)
break;
buf->ns.len = lws_snprintf(buf->ns.name, len, "%llu",
(unsigned long long)res);
}
#endif
break;
case LWS_TLS_CERT_INFO_SUBJECT_KEY_ID:
loc = X509_get_ext_by_NID(x509, NID_subject_key_identifier, -1);
if (loc < 0)
return 1;
ext = X509_get_ext(x509, (int)loc);
if (!ext)
return 1;
val = X509_EXTENSION_get_data(ext);
if (!val)
return 1;
#if defined(USE_WOLFSSL)
return 1;
#else
dp = (const unsigned char *)val->data;
if (ASN1_get_object(&dp, &xlen,
&tag, &xclass, val->length) & 0x80)
return -1;
if (tag != V_ASN1_OCTET_STRING) {
lwsl_notice("not octet string %d\n", (int)tag);
return 1;
}
#endif
buf->ns.len = (int)xlen;
if (len < (size_t)buf->ns.len)
return -1;
memcpy(buf->ns.name, dp, (size_t)buf->ns.len);
break;
#endif
default:
return -1;
}
return 0;
}
int
lws_x509_info(struct lws_x509_cert *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
return lws_tls_openssl_cert_info(x509->cert, type, buf, len);
}
#if defined(LWS_WITH_NETWORK)
int
lws_tls_vhost_cert_info(struct lws_vhost *vhost, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
#if defined(LWS_HAVE_SSL_CTX_get0_certificate)
X509 *x509 = SSL_CTX_get0_certificate(vhost->tls.ssl_ctx);
return lws_tls_openssl_cert_info(x509, type, buf, len);
#else
lwsl_notice("openssl is too old to support %s\n", __func__);
return -1;
#endif
}
int
lws_tls_peer_cert_info(struct lws *wsi, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len)
{
int rc = 0;
X509 *x509;
wsi = lws_get_network_wsi(wsi);
x509 = SSL_get_peer_certificate(wsi->tls.ssl);
if (!x509) {
lwsl_debug("no peer cert\n");
return -1;
}
switch (type) {
case LWS_TLS_CERT_INFO_VERIFIED:
buf->verified = SSL_get_verify_result(wsi->tls.ssl) ==
X509_V_OK;
break;
default:
rc = lws_tls_openssl_cert_info(x509, type, buf, len);
}
X509_free(x509);
return rc;
}
#endif
int
lws_x509_create(struct lws_x509_cert **x509)
{
*x509 = lws_malloc(sizeof(**x509), __func__);
if (*x509)
(*x509)->cert = NULL;
return !(*x509);
}
int
lws_x509_parse_from_pem(struct lws_x509_cert *x509, const void *pem, size_t len)
{
BIO* bio = BIO_new(BIO_s_mem());
BIO_write(bio, pem, (int)len);
x509->cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
BIO_free(bio);
if (!x509->cert) {
lwsl_err("%s: unable to parse PEM cert\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return 0;
}
int
lws_x509_verify(struct lws_x509_cert *x509, struct lws_x509_cert *trusted,
const char *common_name)
{
char c[32], *p;
int ret;
if (common_name) {
X509_NAME *xn = X509_get_subject_name(x509->cert);
if (!xn)
return -1;
X509_NAME_oneline(xn, c, (int)sizeof(c) - 2);
p = strstr(c, "/CN=");
if (p)
p = p + 4;
else
p = c;
if (strcmp(p, common_name)) {
lwsl_err("%s: common name mismatch\n", __func__);
return -1;
}
}
ret = X509_check_issued(trusted->cert, x509->cert);
if (ret != X509_V_OK) {
lwsl_err("%s: unable to verify cert relationship\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
return 0;
}
#if defined(LWS_WITH_JOSE)
int
lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509,
const char *curves, int rsa_min_bits)
{
int id, n, ret = -1, count;
ASN1_OBJECT *obj = NULL;
const EC_POINT *ecpoint;
const EC_GROUP *ecgroup;
EC_KEY *ecpub = NULL;
X509_PUBKEY *pubkey;
RSA *rsapub = NULL;
BIGNUM *mpi[4];
EVP_PKEY *pkey;
memset(jwk, 0, sizeof(*jwk));
pubkey = X509_get_X509_PUBKEY(x509->cert);
if (!pubkey) {
lwsl_err("%s: missing pubkey alg in cert\n", __func__);
goto bail;
}
if (X509_PUBKEY_get0_param(&obj, NULL, NULL, NULL, pubkey) != 1) {
lwsl_err("%s: missing pubkey alg in cert\n", __func__);
goto bail;
}
id = OBJ_obj2nid(obj);
if (id == NID_undef) {
lwsl_err("%s: missing pubkey alg in cert\n", __func__);
goto bail;
}
lwsl_debug("%s: key type %d \"%s\"\n", __func__, id, OBJ_nid2ln(id));
pkey = X509_get_pubkey(x509->cert);
if (!pkey) {
lwsl_notice("%s: unable to extract pubkey", __func__);
goto bail;
}
switch (id) {
case NID_X9_62_id_ecPublicKey:
lwsl_debug("%s: EC key\n", __func__);
jwk->kty = LWS_GENCRYPTO_KTY_EC;
if (!curves) {
lwsl_err("%s: ec curves not allowed\n", __func__);
goto bail1;
}
ecpub = EVP_PKEY_get1_EC_KEY(pkey);
if (!ecpub) {
lwsl_notice("%s: missing EC pubkey\n", __func__);
goto bail1;
}
ecpoint = EC_KEY_get0_public_key(ecpub);
if (!ecpoint) {
lwsl_err("%s: EC_KEY_get0_public_key failed\n", __func__);
goto bail2;
}
ecgroup = EC_KEY_get0_group(ecpub);
if (!ecgroup) {
lwsl_err("%s: EC_KEY_get0_group failed\n", __func__);
goto bail2;
}
/* validate the curve against ones we allow */
if (lws_genec_confirm_curve_allowed_by_tls_id(curves,
EC_GROUP_get_curve_name(ecgroup), jwk))
/* already logged */
goto bail2;
mpi[LWS_GENCRYPTO_EC_KEYEL_CRV] = NULL;
mpi[LWS_GENCRYPTO_EC_KEYEL_X] = BN_new(); /* X */
mpi[LWS_GENCRYPTO_EC_KEYEL_D] = NULL;
mpi[LWS_GENCRYPTO_EC_KEYEL_Y] = BN_new(); /* Y */
#if defined(LWS_HAVE_EC_POINT_get_affine_coordinates)
if (EC_POINT_get_affine_coordinates(ecgroup, ecpoint,
#else
if (EC_POINT_get_affine_coordinates_GFp(ecgroup, ecpoint,
#endif
mpi[LWS_GENCRYPTO_EC_KEYEL_X],
mpi[LWS_GENCRYPTO_EC_KEYEL_Y],
NULL) != 1) {
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_X]);
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_Y]);
lwsl_err("%s: EC_POINT_get_aff failed\n", __func__);
goto bail2;
}
count = LWS_GENCRYPTO_EC_KEYEL_COUNT;
n = LWS_GENCRYPTO_EC_KEYEL_X;
break;
case NID_rsaEncryption:
lwsl_debug("%s: rsa key\n", __func__);
jwk->kty = LWS_GENCRYPTO_KTY_RSA;
rsapub = EVP_PKEY_get1_RSA(pkey);
if (!rsapub) {
lwsl_notice("%s: missing RSA pubkey\n", __func__);
goto bail1;
}
if ((size_t)RSA_size(rsapub) * 8 < (size_t)rsa_min_bits) {
lwsl_err("%s: key bits %d less than minimum %d\n",
__func__, RSA_size(rsapub) * 8, rsa_min_bits);
goto bail2;
}
#if defined(LWS_HAVE_RSA_SET0_KEY)
/* we don't need d... but the api wants to write it */
RSA_get0_key(rsapub,
(const BIGNUM **)&mpi[LWS_GENCRYPTO_RSA_KEYEL_N],
(const BIGNUM **)&mpi[LWS_GENCRYPTO_RSA_KEYEL_E],
(const BIGNUM **)&mpi[LWS_GENCRYPTO_RSA_KEYEL_D]);
#else
mpi[LWS_GENCRYPTO_RSA_KEYEL_E] = rsapub->e;
mpi[LWS_GENCRYPTO_RSA_KEYEL_N] = rsapub->n;
mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = NULL;
#endif
count = LWS_GENCRYPTO_RSA_KEYEL_D;
n = LWS_GENCRYPTO_RSA_KEYEL_E;
break;
default:
lwsl_err("%s: unknown NID\n", __func__);
goto bail2;
}
for (; n < count; n++) {
if (!mpi[n])
continue;
jwk->e[n].len = (unsigned int)BN_num_bytes(mpi[n]);
jwk->e[n].buf = lws_malloc(jwk->e[n].len, "certkeyimp");
if (!jwk->e[n].buf) {
if (id == NID_X9_62_id_ecPublicKey) {
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_X]);
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_Y]);
}
goto bail2;
}
BN_bn2bin(mpi[n], jwk->e[n].buf);
}
if (id == NID_X9_62_id_ecPublicKey) {
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_X]);
BN_clear_free(mpi[LWS_GENCRYPTO_EC_KEYEL_Y]);
}
ret = 0;
bail2:
if (id == NID_X9_62_id_ecPublicKey)
EC_KEY_free(ecpub);
else
RSA_free(rsapub);
bail1:
EVP_PKEY_free(pkey);
bail:
/* jwk destroy will clean any partial state */
if (ret)
lws_jwk_destroy(jwk);
return ret;
}
static int
lws_x509_jwk_privkey_pem_pp_cb(char *buf, int size, int rwflag, void *u)
{
const char *pp = (const char *)u;
size_t n = strlen(pp);
if ((int)n > size - 1)
return -1;
memcpy(buf, pp, n + 1);
return (int)n;
}
int
lws_x509_jwk_privkey_pem(struct lws_context *cx, struct lws_jwk *jwk,
void *pem, size_t len, const char *passphrase)
{
BIO* bio = BIO_new(BIO_s_mem());
BIGNUM *mpi, *dummy[6];
EVP_PKEY *pkey = NULL;
EC_KEY *ecpriv = NULL;
RSA *rsapriv = NULL;
const BIGNUM *cmpi;
int n, m, ret = -1;
BIO_write(bio, pem, (int)len);
PEM_read_bio_PrivateKey(bio, &pkey, lws_x509_jwk_privkey_pem_pp_cb,
(void *)passphrase);
BIO_free(bio);
lws_explicit_bzero((void *)pem, len);
if (!pkey) {
lwsl_err("%s: unable to parse PEM privkey\n", __func__);
lws_tls_err_describe_clear();
return -1;
}
/* confirm the key type matches the existing jwk situation */
switch (jwk->kty) {
case LWS_GENCRYPTO_KTY_EC:
if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_EC) {
lwsl_err("%s: jwk is EC but privkey isn't\n", __func__);
goto bail;
}
ecpriv = EVP_PKEY_get1_EC_KEY(pkey);
if (!ecpriv) {
lwsl_notice("%s: missing EC key\n", __func__);
goto bail;
}
cmpi = EC_KEY_get0_private_key(ecpriv);
/* quick size check first */
n = BN_num_bytes(cmpi);
if (jwk->e[LWS_GENCRYPTO_EC_KEYEL_Y].len != (uint32_t)n) {
lwsl_err("%s: jwk key size doesn't match\n", __func__);
goto bail1;
}
/* TODO.. check public curve / group + point */
jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].len = (unsigned int)n;
jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].buf = lws_malloc((unsigned int)n, "ec");
if (!jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].buf)
goto bail1;
m = BN_bn2binpad(cmpi, jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].buf,
(int32_t)jwk->e[LWS_GENCRYPTO_EC_KEYEL_D].len);
if ((unsigned int)m != (unsigned int)BN_num_bytes(cmpi))
goto bail1;
break;
case LWS_GENCRYPTO_KTY_RSA:
if (EVP_PKEY_type(EVP_PKEY_id(pkey)) != EVP_PKEY_RSA) {
lwsl_err("%s: RSA jwk, non-RSA privkey\n", __func__);
goto bail;
}
rsapriv = EVP_PKEY_get1_RSA(pkey);
if (!rsapriv) {
lwsl_notice("%s: missing RSA key\n", __func__);
goto bail;
}
#if defined(LWS_HAVE_RSA_SET0_KEY) && !defined(USE_WOLFSSL)
RSA_get0_key(rsapriv, (const BIGNUM **)&dummy[0], /* n */
(const BIGNUM **)&dummy[1], /* e */
(const BIGNUM **)&mpi); /* d */
RSA_get0_factors(rsapriv, (const BIGNUM **)&dummy[4], /* p */
(const BIGNUM **)&dummy[5]); /* q */
#else
dummy[0] = rsapriv->n;
dummy[1] = rsapriv->e;
dummy[4] = rsapriv->p;
dummy[5] = rsapriv->q;
mpi = rsapriv->d;
#endif
/* quick size check first */
n = BN_num_bytes(mpi);
if (jwk->e[LWS_GENCRYPTO_RSA_KEYEL_N].len != (uint32_t)n) {
lwsl_err("%s: jwk key size doesn't match\n", __func__);
goto bail1;
}
/* then check that n & e match what we got from the cert */
dummy[2] = BN_bin2bn(jwk->e[LWS_GENCRYPTO_RSA_KEYEL_N].buf,
(int32_t)jwk->e[LWS_GENCRYPTO_RSA_KEYEL_N].len,
NULL);
dummy[3] = BN_bin2bn(jwk->e[LWS_GENCRYPTO_RSA_KEYEL_E].buf,
(int32_t)jwk->e[LWS_GENCRYPTO_RSA_KEYEL_E].len,
NULL);
m = BN_cmp(dummy[2], dummy[0]) | BN_cmp(dummy[3], dummy[1]);
BN_clear_free(dummy[2]);
BN_clear_free(dummy[3]);
if (m) {
lwsl_err("%s: privkey doesn't match jwk pubkey\n",
__func__);
goto bail1;
}
/* accept d from the PEM privkey into the JWK */
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].len = (unsigned int)n;
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].buf = lws_malloc((unsigned int)n, "privjk");
if (!jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].buf)
goto bail1;
BN_bn2bin(mpi, jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].buf);
/* accept p and q from the PEM privkey into the JWK */
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_P].len = (unsigned int)BN_num_bytes(dummy[4]);
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_P].buf = lws_malloc((unsigned int)n, "privjk");
if (!jwk->e[LWS_GENCRYPTO_RSA_KEYEL_P].buf) {
lws_free_set_NULL(jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].buf);
goto bail1;
}
BN_bn2bin(dummy[4], jwk->e[LWS_GENCRYPTO_RSA_KEYEL_P].buf);
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_Q].len = (unsigned int)BN_num_bytes(dummy[5]);
jwk->e[LWS_GENCRYPTO_RSA_KEYEL_Q].buf = lws_malloc((unsigned int)n, "privjk");
if (!jwk->e[LWS_GENCRYPTO_RSA_KEYEL_Q].buf) {
lws_free_set_NULL(jwk->e[LWS_GENCRYPTO_RSA_KEYEL_D].buf);
lws_free_set_NULL(jwk->e[LWS_GENCRYPTO_RSA_KEYEL_P].buf);
goto bail1;
}
BN_bn2bin(dummy[5], jwk->e[LWS_GENCRYPTO_RSA_KEYEL_Q].buf);
break;
default:
lwsl_err("%s: JWK has unknown kty %d\n", __func__, jwk->kty);
return -1;
}
ret = 0;
bail1:
if (jwk->kty == LWS_GENCRYPTO_KTY_EC)
EC_KEY_free(ecpriv);
else
RSA_free(rsapriv);
bail:
EVP_PKEY_free(pkey);
return ret;
}
#endif
void
lws_x509_destroy(struct lws_x509_cert **x509)
{
if (!*x509)
return;
if ((*x509)->cert) {
X509_free((*x509)->cert);
(*x509)->cert = NULL;
}
lws_free_set_NULL(*x509);
}

62
Kinc/Sources/kinc/libs/core/tls/openssl/private-lib-tls-openssl.h Normal file
View File

@ -0,0 +1,62 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* gencrypto openssl-specific helper declarations
*/
#if !defined(__LWS_PRIVATE_LIB_TLS_OPENSSL_H__)
#define __LWS_PRIVATE_LIB_TLS_OPENSSL_H__
/*
* one of these per different client context
* cc_owner is in lws_context.lws_context_tls
*/
struct lws_tls_client_reuse {
lws_tls_ctx *ssl_client_ctx;
uint8_t hash[32];
struct lws_dll2 cc_list;
int refcount;
int index;
};
typedef int (*next_proto_cb)(SSL *, const unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg);
struct lws_x509_cert {
X509 *cert; /* X509 is opaque, this has to be a pointer */
};
int
lws_gencrypto_openssl_hash_to_NID(enum lws_genhash_types hash_type);
const EVP_MD *
lws_gencrypto_openssl_hash_to_EVP_MD(enum lws_genhash_types hash_type);
#if !defined(LWS_HAVE_BN_bn2binpad)
int BN_bn2binpad(const BIGNUM *a, unsigned char *to, int tolen);
#endif
#endif

149
Kinc/Sources/kinc/libs/core/tls/private-jit-trust.h Normal file
View File

@ -0,0 +1,149 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* This is included from private-lib-core.h if LWS_WITH_TLS
*
* First-party trusted certs are handled outside of JIT Trust, eg, in SS policy.
* JIT Trust is used to validate arbitrary connections on demand, without
* needing a complete set of CAs in memory.
*
* Instantiated CA X509s are bound to dedicated SSL_CTX in their own dynamic
* vhosts for client connections to use, these are lazily culled when they have
* no remaining active connections using them.
*
* - check jit trust cache to see if hostname has vhost already
* - if so, use it
* - if not, check jit trust cache to see if we know the trusted kids list,
* - attempt connection
* - remote or local trust blob / store
*/
#if !defined(__LWS_TLS_PRIVATE_JIT_TRUST_H__)
#define __LWS_TLS_PRIVATE_JIT_TRUST_H__
/*
* Refer to ./READMEs/README.jit-trust.md for blob layout specification
*/
#define LWS_JIT_TRUST_MAGIC_BE 0x54424c42
enum {
LJT_OFS_32_COUNT_CERTS = 6,
LJT_OFS_32_DERLEN = 0x0c,
LJT_OFS_32_SKIDLEN = 0x10,
LJT_OFS_32_SKID = 0x14,
LJT_OFS_END = 0x18,
LJT_OFS_DER = 0x1c,
};
typedef struct {
uint8_t kid[20];
uint8_t kid_len;
} lws_tls_kid_t;
typedef struct {
lws_tls_kid_t akid[4];
lws_tls_kid_t skid[4];
uint8_t count;
} lws_tls_kid_chain_t;
/*
* This is used to manage ongoing jit trust lookups for a specific host. It
* collects results and any trusted DER certs until all of them have arrived,
* then caches the hostname -> trusted SKIDs mapping, and creates a vhost +
* SSL_CTX trusting the certs named after the trusted SKIDs.
*
* The cert copies and this inflight object are then freed.
*
* JIT Trust lookups may be async, there may be multiple lookups fired at one
* time, and these mappings are not actually related to a wsi lifetime, so these
* separate inflight tracking objects are needed.
*
* These objects only live until all the AKID lookups for the host that created
* them complete.
*/
typedef struct {
lws_dll2_t list;
lws_tls_kid_t kid[2]; /* SKID of the der if any */
uint8_t *der[2]; /* temp allocated */
int ders;
uint32_t tag; /* xor'd from start of SKIDs that
* that contributed certs, so we
* can name the vhost in a way that
* can be regenerated no matter
* the order of SKID results
*/
short der_len[2];
char refcount; /* expected results left */
/* hostname overcommitted */
} lws_tls_jit_inflight_t;
/*
* These are the items in the jit trust cache, the cache tag is the hostname
* and it resolves to one of these if present. It describes 1 - 3 SKIDs
* of trusted CAs needed to validate that host, and a 32-bit tag that is
* the first 4 bytes of each valid SKID xor'd together, so you can find any
* existing vhost that already has the required trust (independent of the
* order they are checked in due to commutative xor).
*/
typedef struct {
lws_tls_kid_t skids[3];
int count_skids;
uint32_t xor_tag;
} lws_tls_jit_cache_item_t;
union lws_tls_cert_info_results;
void
lws_tls_kid_copy(union lws_tls_cert_info_results *ci, lws_tls_kid_t *kid);
int
lws_tls_kid_cmp(const lws_tls_kid_t *a, const lws_tls_kid_t *b);
int
lws_tls_jit_trust_sort_kids(struct lws *wsi, lws_tls_kid_chain_t *ch);
void
lws_tls_jit_trust_inflight_destroy(lws_tls_jit_inflight_t *inf);
void
lws_tls_jit_trust_inflight_destroy_all(struct lws_context *cx);
int
lws_tls_jit_trust_vhost_bind(struct lws_context *cx, const char *address,
struct lws_vhost **pvh);
void
lws_tls_jit_trust_vh_start_grace(struct lws_vhost *vh);
#endif

245
Kinc/Sources/kinc/libs/core/tls/private-lib-tls.h Normal file
View File

@ -0,0 +1,245 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* This is included from private-lib-core.h if LWS_WITH_TLS
*/
#if !defined(__LWS_TLS_PRIVATE_H__)
#define __LWS_TLS_PRIVATE_H__
#if defined(LWS_WITH_TLS)
#include "private-jit-trust.h"
#if defined(USE_WOLFSSL)
#if defined(USE_OLD_CYASSL)
#if defined(_WIN32)
#include <IDE/WIN/user_settings.h>
#include <cyassl/ctaocrypt/settings.h>
#else
#include <cyassl/options.h>
#endif
#include <cyassl/openssl/ssl.h>
#include <cyassl/error-ssl.h>
#else
#if defined(_WIN32)
#include <IDE/WIN/user_settings.h>
#include <wolfssl/wolfcrypt/settings.h>
#else
#include <wolfssl/options.h>
#endif
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/error-ssl.h>
#define OPENSSL_NO_TLSEXT
#endif /* not USE_OLD_CYASSL */
#else /* WOLFSSL */
#if defined(LWS_PLAT_FREERTOS)
#define OPENSSL_NO_TLSEXT
#if !defined(LWS_AMAZON_RTOS)
/* AMAZON RTOS has its own setting via MTK_MBEDTLS_CONFIG_FILE */
#undef MBEDTLS_CONFIG_FILE
#define MBEDTLS_CONFIG_FILE <mbedtls/esp_config.h>
#endif
#include <mbedtls/ssl.h>
#include <mbedtls/aes.h>
#include <mbedtls/gcm.h>
#include <mbedtls/x509_crt.h>
#include "ssl.h" /* wrapper !!!! */
#else /* not esp32 */
#if defined(LWS_WITH_MBEDTLS)
#include <mbedtls/ssl.h>
#include <mbedtls/aes.h>
#include <mbedtls/gcm.h>
#include <mbedtls/x509_crt.h>
#include <mbedtls/x509_csr.h>
#include <mbedtls/ecp.h>
#include <mbedtls/ecdsa.h>
#if defined(LWS_AMAZON_LINUX)
#include "ssl.h" /* wrapper !!!! */
#else
#include "openssl/ssl.h" /* wrapper !!!! */
#endif
#else
#include <openssl/ssl.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/md5.h>
#include <openssl/sha.h>
#include <openssl/rsa.h>
#include <openssl/bn.h>
#include <openssl/aes.h>
#ifdef LWS_HAVE_OPENSSL_ECDH_H
#include <openssl/ecdh.h>
#endif
#if !defined(LWS_HAVE_EVP_MD_CTX_free) && !defined(USE_WOLFSSL)
#define EVP_MD_CTX_free EVP_MD_CTX_destroy
#endif
#include <openssl/x509v3.h>
#endif /* not mbedtls */
#if defined(OPENSSL_VERSION_NUMBER)
#if (OPENSSL_VERSION_NUMBER < 0x0009080afL)
/*
* later openssl defines this to negate the presence of tlsext... but it was
* only introduced at 0.9.8j. Earlier versions don't know it exists so don't
* define it... making it look like the feature exists...
*/
#define OPENSSL_NO_TLSEXT
#endif
#endif
#endif /* not ESP32 */
#endif /* not USE_WOLFSSL */
#endif /* LWS_WITH_TLS */
enum lws_tls_extant {
LWS_TLS_EXTANT_NO,
LWS_TLS_EXTANT_YES,
LWS_TLS_EXTANT_ALTERNATIVE
};
#if defined(LWS_WITH_TLS)
#if defined(LWS_WITH_TLS_SESSIONS) && defined(LWS_WITH_CLIENT) && \
(defined(LWS_WITH_MBEDTLS) || defined(OPENSSL_IS_BORINGSSL))
#define LWS_TLS_SYNTHESIZE_CB 1
#endif
int
lws_tls_restrict_borrow(struct lws *wsi);
void
lws_tls_restrict_return(struct lws *wsi);
void
lws_tls_restrict_return_handshake(struct lws *wsi);
typedef SSL lws_tls_conn;
typedef SSL_CTX lws_tls_ctx;
typedef BIO lws_tls_bio;
typedef X509 lws_tls_x509;
#if defined(LWS_WITH_NETWORK)
#include "private-network.h"
#endif
int
lws_context_init_ssl_library(struct lws_context *cx,
const struct lws_context_creation_info *info);
void
lws_context_deinit_ssl_library(struct lws_context *context);
#define LWS_SSL_ENABLED(vh) (vh && vh->tls.use_ssl)
extern const struct lws_tls_ops tls_ops_openssl, tls_ops_mbedtls;
struct lws_ec_valid_curves {
int id;
const char *jwa_name; /* list terminates with NULL jwa_name */
};
enum lws_tls_extant
lws_tls_use_any_upgrade_check_extant(const char *name);
extern int openssl_websocket_private_data_index;
void
lws_tls_err_describe_clear(void);
int
lws_tls_openssl_cert_info(X509 *x509, enum lws_tls_cert_info type,
union lws_tls_cert_info_results *buf, size_t len);
int
lws_tls_check_all_cert_lifetimes(struct lws_context *context);
int
lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename,
const char *inbuf, lws_filepos_t inlen,
uint8_t **buf, lws_filepos_t *amount);
int
lws_gencrypto_bits_to_bytes(int bits);
void
lws_gencrypto_destroy_elements(struct lws_gencrypto_keyelem *el, int m);
/* genec */
struct lws_gencrypto_keyelem;
struct lws_ec_curves;
extern const struct lws_ec_curves lws_ec_curves[4];
const struct lws_ec_curves *
lws_genec_curve(const struct lws_ec_curves *table, const char *name);
LWS_VISIBLE void
lws_genec_destroy_elements(struct lws_gencrypto_keyelem *el);
int
lws_gencrypto_mbedtls_rngf(void *context, unsigned char *buf, size_t len);
int
lws_genec_confirm_curve_allowed_by_tls_id(const char *allowed, int id,
struct lws_jwk *jwk);
void
lws_tls_reuse_session(struct lws *wsi);
void
lws_tls_session_cache(struct lws_vhost *vh, uint32_t ttl);
int
lws_tls_session_name_from_wsi(struct lws *wsi, char *buf, size_t len);
/**
* lws_tls_session_name_discrete() - form an lws session tag name from pieces
*
* \param vhname: name of the vhost
* \param host: name of the host we are connecting to, like warmcat.com
* \param port: the port we connected to
* \param buf: the destination buffer for the tag
* \param len: the max available size of the destination buffer
*
* Creates a tag string representing a specific host, for use with serializing
* sessions made with the host.
*/
void
lws_tls_session_tag_discrete(const char *vhname, const char *host,
uint16_t port, char *buf, size_t len);
/**
* lws_tls_session_name_from_wsi() - form an lws session tag name from a client wsi
*
* \param wsi: the wsi whose vhost, host and port we should use for the tag
* \param buf: the destination buffer for the tag
* \param len: the max available size of the destination buffer
*
* Creates a tag string representing a specific host, for use with serializing
* sessions made with the host.
*/
int
lws_tls_session_tag_from_wsi(struct lws *wsi, char *buf, size_t len);
#else /* ! WITH_TLS */
#define lws_tls_restrict_borrow(xxx) (0)
#define lws_tls_restrict_return(xxx)
#endif
#endif

208
Kinc/Sources/kinc/libs/core/tls/private-network.h Normal file
View File

@ -0,0 +1,208 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*
* This is included from private-lib-core.h if LWS_WITH_TLS
*/
struct lws_context_per_thread;
struct lws_tls_ops {
int (*fake_POLLIN_for_buffered)(struct lws_context_per_thread *pt);
};
struct lws_context_tls {
char alpn_discovered[32];
const char *alpn_default;
time_t last_cert_check_s;
struct lws_dll2_owner cc_owner;
int count_client_contexts;
};
struct lws_pt_tls {
struct lws_dll2_owner dll_pending_tls_owner;
};
struct lws_tls_ss_pieces;
struct alpn_ctx {
uint8_t data[23];
uint8_t len;
};
struct lws_vhost_tls {
lws_tls_ctx *ssl_ctx;
lws_tls_ctx *ssl_client_ctx;
struct lws_tls_client_reuse *tcr;
const char *alpn;
struct lws_tls_ss_pieces *ss; /* for acme tls certs */
char *alloc_cert_path;
char *key_path;
#if defined(LWS_WITH_MBEDTLS)
lws_tls_x509 *x509_client_CA;
#endif
char ecdh_curve[16];
struct alpn_ctx alpn_ctx;
int use_ssl;
int allow_non_ssl_on_ssl_port;
int ssl_info_event_mask;
#if defined(LWS_WITH_MBEDTLS)
uint32_t tls_session_cache_ttl;
#endif
unsigned int user_supplied_ssl_ctx:1;
unsigned int skipped_certs:1;
};
struct lws_lws_tls {
lws_tls_conn *ssl;
lws_tls_bio *client_bio;
#if defined(LWS_TLS_SYNTHESIZE_CB)
lws_sorted_usec_list_t sul_cb_synth;
#endif
#if !defined(LWS_WITH_MBEDTLS) && defined(LWS_WITH_TLS_JIT_TRUST)
/* mbedtls has this in the wrapper, since no wsi ptr at validation */
lws_tls_kid_chain_t kid_chain;
#endif
struct lws_dll2 dll_pending_tls;
char err_helper[64];
unsigned int use_ssl;
unsigned int redirect_to_https:1;
};
void
lws_context_init_alpn(struct lws_vhost *vhost);
int LWS_WARN_UNUSED_RESULT
lws_ssl_capable_read(struct lws *wsi, unsigned char *buf, size_t len);
int LWS_WARN_UNUSED_RESULT
lws_ssl_capable_write(struct lws *wsi, unsigned char *buf, size_t len);
int LWS_WARN_UNUSED_RESULT
lws_ssl_pending(struct lws *wsi);
int LWS_WARN_UNUSED_RESULT
lws_server_socket_service_ssl(struct lws *new_wsi, lws_sockfd_type accept_fd,
char is_pollin);
void
lws_sess_cache_synth_cb(lws_sorted_usec_list_t *sul);
int
lws_ssl_close(struct lws *wsi);
void
lws_ssl_SSL_CTX_destroy(struct lws_vhost *vhost);
void
lws_ssl_context_destroy(struct lws_context *context);
void
__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi);
LWS_VISIBLE void
lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi);
int
lws_ssl_client_bio_create(struct lws *wsi);
int
lws_ssl_client_connect2(struct lws *wsi, char *errbuf, size_t len);
int
lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt);
int
lws_gate_accepts(struct lws_context *context, int on);
void
lws_ssl_bind_passphrase(lws_tls_ctx *ssl_ctx, int is_client,
const struct lws_context_creation_info *info);
void
lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret);
int
lws_tls_server_certs_load(struct lws_vhost *vhost, struct lws *wsi,
const char *cert, const char *private_key,
const char *mem_cert, size_t len_mem_cert,
const char *mem_privkey, size_t mem_privkey_len);
enum lws_tls_extant
lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert,
const char *private_key);
#if defined(LWS_WITH_SERVER)
int
lws_context_init_server_ssl(const struct lws_context_creation_info *info,
struct lws_vhost *vhost);
void
lws_tls_acme_sni_cert_destroy(struct lws_vhost *vhost);
#else
#define lws_context_init_server_ssl(_a, _b) (0)
#define lws_tls_acme_sni_cert_destroy(_a)
#endif
void
lws_ssl_destroy(struct lws_vhost *vhost);
/*
* lws_tls_ abstract backend implementations
*/
int
lws_tls_server_client_cert_verify_config(struct lws_vhost *vh);
int
lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info,
struct lws_vhost *vhost, struct lws *wsi);
int
lws_tls_server_new_nonblocking(struct lws *wsi, lws_sockfd_type accept_fd);
enum lws_ssl_capable_status
lws_tls_server_accept(struct lws *wsi);
enum lws_ssl_capable_status
lws_tls_server_abort_connection(struct lws *wsi);
enum lws_ssl_capable_status
__lws_tls_shutdown(struct lws *wsi);
enum lws_ssl_capable_status
lws_tls_client_connect(struct lws *wsi, char *errbuf, size_t len);
int
lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, size_t ebuf_len);
int
lws_tls_client_create_vhost_context(struct lws_vhost *vh,
const struct lws_context_creation_info *info,
const char *cipher_list,
const char *ca_filepath,
const void *ca_mem,
unsigned int ca_mem_len,
const char *cert_filepath,
const void *cert_mem,
unsigned int cert_mem_len,
const char *private_key_filepath,
const void *key_mem,
unsigned int key_mem_len);
lws_tls_ctx *
lws_tls_ctx_from_wsi(struct lws *wsi);
int
lws_ssl_get_error(struct lws *wsi, int n);
int
lws_context_init_client_ssl(const struct lws_context_creation_info *info,
struct lws_vhost *vhost);
void
lws_ssl_info_callback(const lws_tls_conn *ssl, int where, int ret);
int
lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt);

238
Kinc/Sources/kinc/libs/core/tls/tls-client.c Normal file
View File

@ -0,0 +1,238 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
static int
lws_ssl_client_connect1(struct lws *wsi, char *errbuf, size_t len)
{
int n;
n = lws_tls_client_connect(wsi, errbuf, len);
switch (n) {
case LWS_SSL_CAPABLE_ERROR:
lws_tls_restrict_return_handshake(wsi);
return -1;
case LWS_SSL_CAPABLE_DONE:
lws_tls_restrict_return_handshake(wsi);
lws_metrics_caliper_report(wsi->cal_conn, METRES_GO);
#if defined(LWS_WITH_CONMON)
wsi->conmon.ciu_tls = (lws_conmon_interval_us_t)
(lws_now_usecs() - wsi->conmon_datum);
#endif
return 1; /* connected */
case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE:
lws_callback_on_writable(wsi);
/* fallthru */
case LWS_SSL_CAPABLE_MORE_SERVICE:
case LWS_SSL_CAPABLE_MORE_SERVICE_READ:
lwsi_set_state(wsi, LRS_WAITING_SSL);
break;
}
return 0; /* retry */
}
int
lws_ssl_client_connect2(struct lws *wsi, char *errbuf, size_t len)
{
int n;
if (lwsi_state(wsi) == LRS_WAITING_SSL) {
n = lws_tls_client_connect(wsi, errbuf, len);
lwsl_debug("%s: SSL_connect says %d\n", __func__, n);
switch (n) {
case LWS_SSL_CAPABLE_ERROR:
lws_tls_restrict_return_handshake(wsi);
if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) {
lws_metrics_caliper_report(wsi->cal_conn, METRES_NOGO);
return -1;
}
// lws_snprintf(errbuf, len, "client connect failed");
return -1;
case LWS_SSL_CAPABLE_DONE:
break; /* connected */
case LWS_SSL_CAPABLE_MORE_SERVICE_WRITE:
lws_callback_on_writable(wsi);
/* fallthru */
case LWS_SSL_CAPABLE_MORE_SERVICE_READ:
lwsi_set_state(wsi, LRS_WAITING_SSL);
/* fallthru */
case LWS_SSL_CAPABLE_MORE_SERVICE:
return 0; /* retry */
}
}
lws_tls_restrict_return_handshake(wsi);
if (lws_tls_client_confirm_peer_cert(wsi, errbuf, len)) {
lws_metrics_caliper_report(wsi->cal_conn, METRES_NOGO);
return -1;
}
lws_metrics_caliper_report(wsi->cal_conn, METRES_GO);
#if defined(LWS_WITH_CONMON)
wsi->conmon.ciu_tls = (lws_conmon_interval_us_t)
(lws_now_usecs() - wsi->conmon_datum);
#endif
return 1; /* connected */
}
int lws_context_init_client_ssl(const struct lws_context_creation_info *info,
struct lws_vhost *vhost)
{
const char *private_key_filepath = info->ssl_private_key_filepath;
const char *cert_filepath = info->ssl_cert_filepath;
const char *ca_filepath = info->ssl_ca_filepath;
const char *cipher_list = info->ssl_cipher_list;
lws_fakewsi_def_plwsa(&vhost->context->pt[0]);
lws_fakewsi_prep_plwsa_ctx(vhost->context);
if (vhost->options & LWS_SERVER_OPTION_ADOPT_APPLY_LISTEN_ACCEPT_CONFIG)
return 0;
if (vhost->tls.ssl_ctx) {
cert_filepath = NULL;
private_key_filepath = NULL;
ca_filepath = NULL;
}
/*
* for backwards-compatibility default to using ssl_... members, but
* if the newer client-specific ones are given, use those
*/
if (info->client_ssl_cipher_list)
cipher_list = info->client_ssl_cipher_list;
if (info->client_ssl_cert_filepath)
cert_filepath = info->client_ssl_cert_filepath;
if (info->client_ssl_private_key_filepath)
private_key_filepath = info->client_ssl_private_key_filepath;
if (info->client_ssl_ca_filepath)
ca_filepath = info->client_ssl_ca_filepath;
if (vhost->tls.ssl_client_ctx)
return 0;
#if !defined(LWS_WITH_MBEDTLS)
if (info->provided_client_ssl_ctx) {
/* use the provided OpenSSL context if given one */
vhost->tls.ssl_client_ctx = info->provided_client_ssl_ctx;
/* nothing for lib to delete */
vhost->tls.user_supplied_ssl_ctx = 1;
return 0;
}
#endif
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT))
return 0;
if (lws_tls_client_create_vhost_context(vhost, info, cipher_list,
ca_filepath,
info->client_ssl_ca_mem,
info->client_ssl_ca_mem_len,
cert_filepath,
info->client_ssl_cert_mem,
info->client_ssl_cert_mem_len,
private_key_filepath,
info->client_ssl_key_mem,
info->client_ssl_key_mem_len
))
return 1;
lwsl_info("created client ssl context for %s\n", vhost->name);
/*
* give him a fake wsi with context set, so he can use
* lws_get_context() in the callback
*/
plwsa->vhost = vhost; /* not a real bound wsi */
vhost->protocols[0].callback((struct lws *)plwsa,
LWS_CALLBACK_OPENSSL_LOAD_EXTRA_CLIENT_VERIFY_CERTS,
vhost->tls.ssl_client_ctx, NULL, 0);
return 0;
}
int
lws_client_create_tls(struct lws *wsi, const char **pcce, int do_c1)
{
/* we can retry this... just cook the SSL BIO the first time */
if (wsi->tls.use_ssl & LCCSCF_USE_SSL) {
int n;
if (!wsi->tls.ssl) {
#if defined(LWS_WITH_TLS)
if (!wsi->transaction_from_pipeline_queue &&
lws_tls_restrict_borrow(wsi)) {
*pcce = "tls restriction limit";
return CCTLS_RETURN_ERROR;
}
#endif
if (lws_ssl_client_bio_create(wsi) < 0) {
*pcce = "bio_create failed";
return CCTLS_RETURN_ERROR;
}
}
if (!do_c1)
return CCTLS_RETURN_DONE;
lws_metrics_caliper_report(wsi->cal_conn, METRES_GO);
lws_metrics_caliper_bind(wsi->cal_conn, wsi->a.context->mt_conn_tls);
#if defined(LWS_WITH_CONMON)
wsi->conmon_datum = lws_now_usecs();
#endif
n = lws_ssl_client_connect1(wsi, (char *)wsi->a.context->pt[(int)wsi->tsi].serv_buf,
wsi->a.context->pt_serv_buf_size);
lwsl_debug("%s: lws_ssl_client_connect1: %d\n", __func__, n);
if (!n)
return CCTLS_RETURN_RETRY; /* caller should return 0 */
if (n < 0) {
*pcce = (const char *)wsi->a.context->pt[(int)wsi->tsi].serv_buf;
lws_metrics_caliper_report(wsi->cal_conn, METRES_NOGO);
return CCTLS_RETURN_ERROR;
}
/* ...connect1 already handled caliper if SSL_accept done */
lws_tls_server_conn_alpn(wsi);
} else
wsi->tls.ssl = NULL;
return CCTLS_RETURN_DONE; /* OK */
}

689
Kinc/Sources/kinc/libs/core/tls/tls-jit-trust.c Normal file
View File

@ -0,0 +1,689 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
void
lws_tls_kid_copy(union lws_tls_cert_info_results *ci, lws_tls_kid_t *kid)
{
/*
* KIDs all seem to be 20 bytes / SHA1 or less. If we get one that
* is bigger, treat only the first 20 bytes as significant.
*/
if ((size_t)ci->ns.len > sizeof(kid->kid))
kid->kid_len = sizeof(kid->kid);
else
kid->kid_len = (uint8_t)ci->ns.len;
memcpy(kid->kid, ci->ns.name, kid->kid_len);
}
void
lws_tls_kid_copy_kid(lws_tls_kid_t *kid, const lws_tls_kid_t *src)
{
int klen = sizeof(kid->kid);
if (src->kid_len < klen)
klen = src->kid_len;
kid->kid_len = (uint8_t)klen;
memcpy(kid->kid, src->kid, (size_t)klen);
}
int
lws_tls_kid_cmp(const lws_tls_kid_t *a, const lws_tls_kid_t *b)
{
if (a->kid_len != b->kid_len)
return 1;
return memcmp(a->kid, b->kid, a->kid_len);
}
/*
* We have the SKID and AKID for every peer cert captured, but they may be
* in any order, and eg, falsely have sent the root CA, or an attacker may
* send unresolveable self-referencing loops of KIDs.
*
* Let's sort them into the SKID -> AKID hierarchy, so the last entry is the
* server cert and the first entry is the highest parent that the server sent.
* Normally the top one will be an intermediate, and its AKID is the ID of the
* root CA cert we would need to trust to validate the chain.
*
* It's not unknown the server is misconfigured to also send the root CA, if so
* the top slot's AKID is empty and we should look for its SKID in the trust
* blob.
*
* If we return 0, we succeeded and the AKID of ch[0] is the SKID we want to see
* try to import from the trust blob.
*
* If we return nonzero, we can't identify what we want and should abandon the
* connection.
*/
int
lws_tls_jit_trust_sort_kids(struct lws *wsi, lws_tls_kid_chain_t *ch)
{
size_t hl;
lws_tls_jit_inflight_t *inf;
int n, m, sanity = 10;
const char *host = wsi->cli_hostname_copy;
char more = 1;
lwsl_info("%s\n", __func__);
if (!host) {
if (wsi->stash && wsi->stash->cis[CIS_HOST])
host = wsi->stash->cis[CIS_HOST];
#if defined(LWS_ROLE_H1) || defined(LWS_ROLE_H2)
else
host = lws_hdr_simple_ptr(wsi,
_WSI_TOKEN_CLIENT_PEER_ADDRESS);
}
#endif
if (!host)
return 1;
hl = strlen(host);
/* something to work with? */
if (!ch->count)
return 1;
/* do we need to sort? */
if (ch->count > 1) {
/* okie... */
while (more) {
if (!sanity--)
/* let's not get fooled into spinning */
return 1;
more = 0;
for (n = 0; n < ch->count - 1; n++) {
if (!lws_tls_kid_cmp(&ch->skid[n],
&ch->akid[n + 1]))
/* next belongs with this one */
continue;
/*
* next doesn't belong with this one, let's
* try to figure out where this one does belong
* then
*/
for (m = 0; m < ch->count; m++) {
if (n == m)
continue;
if (!lws_tls_kid_cmp(&ch->skid[n],
&ch->akid[m])) {
lws_tls_kid_t t;
/*
* m references us, so we
* need to go one step above m,
* swap m and n
*/
more = 1;
t = ch->akid[m];
ch->akid[m] = ch->akid[n];
ch->akid[n] = t;
t = ch->skid[m];
ch->skid[m] = ch->skid[n];
ch->skid[n] = t;
break;
}
}
if (more)
break;
}
}
/* then we should be sorted */
}
for (n = 0; n < ch->count; n++) {
lwsl_info("%s: AKID[%d]\n", __func__, n);
lwsl_hexdump_info(ch->akid[n].kid, ch->akid[n].kid_len);
lwsl_info("%s: SKID[%d]\n", __func__, n);
lwsl_hexdump_info(ch->skid[n].kid, ch->skid[n].kid_len);
}
/* to go further, user must provide a lookup helper */
if (!wsi->a.context->system_ops ||
!wsi->a.context->system_ops->jit_trust_query)
return 1;
/*
* If there's already a pending lookup for this host, let's bail and
* just wait for that to complete (since it will be done async if we
* can see it)
*/
lws_start_foreach_dll(struct lws_dll2 *, d,
wsi->a.context->jit_inflight.head) {
inf = lws_container_of(d, lws_tls_jit_inflight_t, list);
if (!strcmp((const char *)&inf[1], host))
/* already being handled */
return 1;
} lws_end_foreach_dll(d);
/*
* No... let's make an inflight entry for this host, then
*/
inf = lws_zalloc(sizeof(*inf) + hl + 1, __func__);
if (!inf)
return 1;
memcpy(&inf[1], host, hl + 1);
inf->refcount = (char)ch->count;
lws_dll2_add_tail(&inf->list, &wsi->a.context->jit_inflight);
/*
* ...kid_chain[0] AKID should indicate the right CA SKID that we want.
*
* Because of cross-signing, we check all of them and accept we may get
* multiple (the inflight accepts up to 2) CAs needed.
*/
for (n = 0; n < ch->count; n++)
wsi->a.context->system_ops->jit_trust_query(wsi->a.context,
ch->akid[n].kid, (size_t)ch->akid[n].kid_len,
(void *)inf);
return 0;
}
static void
tag_to_vh_name(char *result, size_t max, uint32_t tag)
{
lws_snprintf(result, max, "jitt-%08X", (unsigned int)tag);
}
int
lws_tls_jit_trust_vhost_bind(struct lws_context *cx, const char *address,
struct lws_vhost **pvh)
{
lws_tls_jit_cache_item_t *ci, jci;
lws_tls_jit_inflight_t *inf;
char vhtag[32];
size_t size;
int n;
if (lws_cache_item_get(cx->trust_cache, address, (const void **)&ci,
&size))
/*
* There's no cached info, we have to start from scratch on
* this one
*/
return 1;
/* gotten cache item may be evicted by jit_trust_query */
jci = *ci;
/*
* We have some trust cache information for this host already, it tells
* us the trusted CA SKIDs we found before, and the xor tag used to name
* the vhost configured for these trust CAs in its SSL_CTX.
*
* Let's check first if the correct prepared vhost already exists, if
* so, we can just bind to that and go.
*/
tag_to_vh_name(vhtag, sizeof(vhtag), jci.xor_tag);
*pvh = lws_get_vhost_by_name(cx, vhtag);
if (*pvh) {
lwsl_info("%s: %s -> existing %s\n", __func__, address, vhtag);
/* hit, let's just use that then */
return 0;
}
/*
* ... so, we know the SKIDs of the missing CAs, but we don't have the
* DERs for them, and so no configured vhost trusting them yet. We have
* had the DERs at some point, but we can't afford to cache them, so
* we will have to get them again.
*
* Let's make an inflight for this, it will create the vhost when it
* completes. If syncrhronous, then it will complete before we leave
* here, otherwise it will have a life of its own until all the
* queries use the cb to succeed or fail.
*/
size = strlen(address);
inf = lws_zalloc(sizeof(*inf) + size + 1, __func__);
if (!inf)
return 1;
memcpy(&inf[1], address, size + 1);
inf->refcount = (char)jci.count_skids;
lws_dll2_add_tail(&inf->list, &cx->jit_inflight);
/*
* ...kid_chain[0] AKID should indicate the right CA SKID that we want.
*
* Because of cross-signing, we check all of them and accept we may get
* multiple (we can handle 3) CAs needed.
*/
for (n = 0; n < jci.count_skids; n++)
cx->system_ops->jit_trust_query(cx, jci.skids[n].kid,
(size_t)jci.skids[n].kid_len,
(void *)inf);
/* ... in case synchronous and it already finished the queries */
*pvh = lws_get_vhost_by_name(cx, vhtag);
if (*pvh) {
/* hit, let's just use that then */
lwsl_info("%s: bind to created vhost %s\n", __func__, vhtag);
return 0;
} else
lwsl_err("%s: unable to bind to %s\n", __func__, vhtag);
/* right now, nothing to offer */
return 1;
}
void
lws_tls_jit_trust_inflight_destroy(lws_tls_jit_inflight_t *inf)
{
int n;
for (n = 0; n < inf->ders; n++)
lws_free_set_NULL(inf->der[n]);
lws_dll2_remove(&inf->list);
lws_free(inf);
}
static int
inflight_destroy(struct lws_dll2 *d, void *user)
{
lws_tls_jit_inflight_t *inf;
inf = lws_container_of(d, lws_tls_jit_inflight_t, list);
lws_tls_jit_trust_inflight_destroy(inf);
return 0;
}
void
lws_tls_jit_trust_inflight_destroy_all(struct lws_context *cx)
{
lws_dll2_foreach_safe(&cx->jit_inflight, cx, inflight_destroy);
}
static void
unref_vh_grace_cb(lws_sorted_usec_list_t *sul)
{
struct lws_vhost *vh = lws_container_of(sul, struct lws_vhost,
sul_unref);
lwsl_info("%s: %s\n", __func__, vh->lc.gutag);
lws_vhost_destroy(vh);
}
void
lws_tls_jit_trust_vh_start_grace(struct lws_vhost *vh)
{
lwsl_info("%s: %s: unused, grace %dms\n", __func__, vh->lc.gutag,
vh->context->vh_idle_grace_ms);
lws_sul_schedule(vh->context, 0, &vh->sul_unref, unref_vh_grace_cb,
(lws_usec_t)vh->context->vh_idle_grace_ms *
LWS_US_PER_MS);
}
#if defined(_DEBUG)
static void
lws_tls_jit_trust_cert_info(const uint8_t *der, size_t der_len)
{
struct lws_x509_cert *x;
union lws_tls_cert_info_results *u;
char p = 0, buf[192 + sizeof(*u)];
if (lws_x509_create(&x))
return;
if (!lws_x509_parse_from_pem(x, der, der_len)) {
u = (union lws_tls_cert_info_results *)buf;
if (!lws_x509_info(x, LWS_TLS_CERT_INFO_ISSUER_NAME, u, 192)) {
lwsl_info("ISS: %s\n", u->ns.name);
p = 1;
}
if (!lws_x509_info(x, LWS_TLS_CERT_INFO_COMMON_NAME, u, 192)) {
lwsl_info("CN: %s\n", u->ns.name);
p = 1;
}
if (!p) {
lwsl_err("%s: unable to get any info\n", __func__);
lwsl_hexdump_err(der, der_len);
}
} else
lwsl_err("%s: unable to load DER\n", __func__);
lws_x509_destroy(&x);
}
#endif
/*
* This processes the JIT Trust lookup results independent of the tls backend.
*/
int
lws_tls_jit_trust_got_cert_cb(struct lws_context *cx, void *got_opaque,
const uint8_t *skid, size_t skid_len,
const uint8_t *der, size_t der_len)
{
lws_tls_jit_inflight_t *inf = (lws_tls_jit_inflight_t *)got_opaque;
struct lws_context_creation_info info;
lws_tls_jit_cache_item_t jci;
struct lws_vhost *v;
char vhtag[20];
char hit = 0;
int n;
/*
* Before anything else, check the inf is still valid. In the low
* probability but possible case it was reallocated to be a different
* inflight, that may cause different CA certs to apply to a connection,
* but since mbedtls will then validate the server cert using the wrong
* trusted CA, it will just cause temporary conn fail.
*/
lws_start_foreach_dll(struct lws_dll2 *, e, cx->jit_inflight.head) {
lws_tls_jit_inflight_t *i = lws_container_of(e,
lws_tls_jit_inflight_t, list);
if (i == inf) {
hit = 1;
break;
}
} lws_end_foreach_dll(e);
if (!hit)
/* inf has already gone */
return 1;
inf->refcount--;
if (skid_len >= 4)
inf->tag ^= *((uint32_t *)skid);
if (der && inf->ders < (int)LWS_ARRAY_SIZE(inf->der) && inf->refcount) {
/*
* We have a trusted CA, but more results coming... stash it
* in heap.
*/
inf->kid[inf->ders].kid_len = (uint8_t)((skid_len >
(uint8_t)sizeof(inf->kid[inf->ders].kid)) ?
sizeof(inf->kid[inf->ders].kid) : skid_len);
memcpy(inf->kid[inf->ders].kid, skid,
inf->kid[inf->ders].kid_len);
inf->der[inf->ders] = lws_malloc(der_len, __func__);
if (!inf->der[inf->ders])
return 1;
memcpy(inf->der[inf->ders], der, der_len);
inf->der_len[inf->ders] = (short)der_len;
inf->ders++;
return 0;
}
/*
* We accept up to three valid CA, and then end the inflight early.
* Any further pending results are dropped, since we got all we could
* use. Up to two valid CA would be held in the inflight and the other
* provided in the params.
*
* If we did not already fill up the inflight, keep waiting for any
* others expected
*/
if (inf->refcount && inf->ders < (int)LWS_ARRAY_SIZE(inf->der))
return 0;
if (!der && !inf->ders) {
lwsl_warn("%s: no trusted CA certs matching\n", __func__);
goto destroy_inf;
}
tag_to_vh_name(vhtag, sizeof(vhtag), inf->tag);
/*
* We have got at least one CA, it's all the CAs we're going to get,
* or that we can handle. So we have to process and drop the inf.
*
* First let's make a cache entry with a shortish ttl, mapping the
* hostname we were trying to connect to, to the SKIDs that actually
* had trust results. This may come in handy later when we want to
* connect to the same host again, but any vhost from before has been
* removed... we can just ask for the specific CAs to regenerate the
* vhost, without having to first fail the connection attempt to get the
* server cert.
*
* The cache entry can be evicted at any time, so it is selfcontained.
* If it's also lost, we start over with the initial failing connection
* to figure out what we need to make it work.
*/
memset(&jci, 0, sizeof(jci));
jci.xor_tag = inf->tag;
/* copy the SKIDs from the inflight and params into the cache item */
for (n = 0; n < (int)LWS_ARRAY_SIZE(inf->der); n++)
if (inf->kid[n].kid_len)
lws_tls_kid_copy_kid(&jci.skids[jci.count_skids++],
&inf->kid[n]);
if (skid_len) {
if (skid_len > sizeof(inf->kid[0].kid))
skid_len = sizeof(inf->kid[0].kid);
jci.skids[jci.count_skids].kid_len = (uint8_t)skid_len;
memcpy(jci.skids[jci.count_skids++].kid, skid, skid_len);
}
lwsl_info("%s: adding cache mapping %s -> %s\n", __func__,
(const char *)&inf[1], vhtag);
if (lws_cache_write_through(cx->trust_cache, (const char *)&inf[1],
(const uint8_t *)&jci, sizeof(jci),
lws_now_usecs() + (3600ll *LWS_US_PER_SEC),
NULL))
lwsl_warn("%s: add to cache failed\n", __func__);
/* is there already a vhost for this commutative-xor SKID trust? */
if (lws_get_vhost_by_name(cx, vhtag)) {
lwsl_info("%s: tag vhost %s already exists, skipping\n",
__func__, vhtag);
goto destroy_inf;
}
/*
* We only end up here when we attempted a connection to this hostname.
*
* We have the identified CA trust DER(s) to hand, let's create the
* necessary vhost + prepared SSL_CTX for it to use on the retry, it
* will be used straight away if the retry comes before the idle vhost
* timeout.
*
* We also use this path in the case we have the cache entry but no
* matching vhost already existing, to create one.
*/
memset(&info, 0, sizeof(info));
info.vhost_name = vhtag;
info.port = CONTEXT_PORT_NO_LISTEN;
info.options = cx->options;
/*
* We have to create the vhost with the first valid trusted DER...
* if we have a params one, use that so the rest are all from inflight
*/
if (der) {
info.client_ssl_ca_mem = der;
info.client_ssl_ca_mem_len = (unsigned int)der_len;
n = 0;
} else {
info.client_ssl_ca_mem = inf->der[0];
info.client_ssl_ca_mem_len = (unsigned int)inf->der_len[0];
n = 1;
}
#if defined(_DEBUG)
lws_tls_jit_trust_cert_info(info.client_ssl_ca_mem,
info.client_ssl_ca_mem_len);
#endif
info.protocols = cx->protocols_copy;
v = lws_create_vhost(cx, &info);
if (!v)
lwsl_err("%s: failed to create vh %s\n", __func__, vhtag);
v->grace_after_unref = 1;
lws_tls_jit_trust_vh_start_grace(v);
/*
* Do we need to add more trusted certs from inflight?
*/
while (n < inf->ders) {
#if defined(_DEBUG)
lws_tls_jit_trust_cert_info(inf->der[n],
(size_t)inf->der_len[n]);
#endif
if (lws_tls_client_vhost_extra_cert_mem(v, inf->der[n],
(size_t)inf->der_len[n]))
lwsl_err("%s: add extra cert failed\n", __func__);
n++;
}
lwsl_info("%s: created jitt %s -> vh %s\n", __func__,
(const char *)&inf[1], vhtag);
destroy_inf:
lws_tls_jit_trust_inflight_destroy(inf);
return 0;
}
/*
* Refer to ./READMEs/README.jit-trust.md for blob layout specification
*/
int
lws_tls_jit_trust_blob_queury_skid(const void *_blob, size_t blen,
const uint8_t *skid, size_t skid_len,
const uint8_t **prpder, size_t *prder_len)
{
const uint8_t *pskidlen, *pskids, *pder, *blob = (uint8_t *)_blob;
const uint16_t *pderlen;
int certs;
/* sanity check blob length and magic */
if (blen < 32768 ||
lws_ser_ru32be(blob) != LWS_JIT_TRUST_MAGIC_BE ||
lws_ser_ru32be(blob + LJT_OFS_END) != blen) {
lwsl_err("%s: blob not sane\n", __func__);
return -1;
}
if (!skid_len)
return 1;
/* point into the various sub-tables */
certs = (int)lws_ser_ru16be(blob + LJT_OFS_32_COUNT_CERTS);
pderlen = (uint16_t *)(blob + lws_ser_ru32be(blob +
LJT_OFS_32_DERLEN));
pskidlen = blob + lws_ser_ru32be(blob + LJT_OFS_32_SKIDLEN);
pskids = blob + lws_ser_ru32be(blob + LJT_OFS_32_SKID);
pder = blob + LJT_OFS_DER;
/* check each cert SKID in turn, return the DER if found */
while (certs--) {
/* paranoia / sanity */
assert(pskids < blob + blen);
assert(pder < blob + blen);
assert(pskidlen < blob + blen);
assert((uint8_t *)pderlen < blob + blen);
/* we will accept to match on truncated SKIDs */
if (*pskidlen >= skid_len &&
!memcmp(skid, pskids, skid_len)) {
/*
* We found a trusted CA cert of the right SKID
*/
*prpder = pder;
*prder_len = lws_ser_ru16be((uint8_t *)pderlen);
return 0;
}
pder += lws_ser_ru16be((uint8_t *)pderlen);
pskids += *pskidlen;
pderlen++;
pskidlen++;
}
return 1;
}

279
Kinc/Sources/kinc/libs/core/tls/tls-network.c Normal file
View File

@ -0,0 +1,279 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
/*
* fakes POLLIN on all tls guys with buffered rx
*
* returns nonzero if any tls guys had POLLIN faked
*/
int
lws_tls_fake_POLLIN_for_buffered(struct lws_context_per_thread *pt)
{
int ret = 0;
lws_start_foreach_dll_safe(struct lws_dll2 *, p, p1,
lws_dll2_get_head(&pt->tls.dll_pending_tls_owner)) {
struct lws *wsi = lws_container_of(p, struct lws,
tls.dll_pending_tls);
/*
* ... allow custom event loop to override our POLLIN-setting
* implementation if it knows how to do it better for its case
*/
if (pt->context->event_loop_ops &&
pt->context->event_loop_ops->fake_POLLIN_override)
pt->context->event_loop_ops->fake_POLLIN_override(
pt->context, pt->tid);
else {
if (wsi->position_in_fds_table >= 0) {
pt->fds[wsi->position_in_fds_table].revents = (short)
(pt->fds[wsi->position_in_fds_table].revents |
(pt->fds[wsi->position_in_fds_table].events & LWS_POLLIN));
ret |= pt->fds[wsi->position_in_fds_table].revents & LWS_POLLIN;
}
}
} lws_end_foreach_dll_safe(p, p1);
return !!ret;
}
void
__lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi)
{
lws_dll2_remove(&wsi->tls.dll_pending_tls);
}
void
lws_ssl_remove_wsi_from_buffered_list(struct lws *wsi)
{
struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];
lws_pt_lock(pt, __func__);
__lws_ssl_remove_wsi_from_buffered_list(wsi);
lws_pt_unlock(pt);
}
#if defined(LWS_WITH_SERVER)
int
lws_tls_check_cert_lifetime(struct lws_vhost *v)
{
time_t now = (time_t)lws_now_secs(), life = 0;
struct lws_acme_cert_aging_args caa;
union lws_tls_cert_info_results ir;
int n;
if (v->tls.ssl_ctx && !v->tls.skipped_certs) {
if (now < 1542933698) /* Nov 23 2018 00:42 UTC */
/* our clock is wrong and we can't judge the certs */
return -1;
n = lws_tls_vhost_cert_info(v, LWS_TLS_CERT_INFO_VALIDITY_TO,
&ir, 0);
if (n)
return 1;
life = (ir.time - now) / (24 * 3600);
lwsl_vhost_notice(v, " vhost %s: cert expiry: %lldd", v->name,
(long long)life);
} else
lwsl_vhost_info(v, " vhost %s: no cert", v->name);
memset(&caa, 0, sizeof(caa));
caa.vh = v;
lws_broadcast(&v->context->pt[0], LWS_CALLBACK_VHOST_CERT_AGING, (void *)&caa,
(size_t)(ssize_t)life);
return 0;
}
int
lws_tls_check_all_cert_lifetimes(struct lws_context *context)
{
struct lws_vhost *v = context->vhost_list;
while (v) {
if (lws_tls_check_cert_lifetime(v) < 0)
return -1;
v = v->vhost_next;
}
return 0;
}
/*
* LWS_TLS_EXTANT_NO : skip adding the cert
* LWS_TLS_EXTANT_YES : use the cert and private key paths normally
* LWS_TLS_EXTANT_ALTERNATIVE: normal paths not usable, try alternate if poss
*/
enum lws_tls_extant
lws_tls_generic_cert_checks(struct lws_vhost *vhost, const char *cert,
const char *private_key)
{
int n, m;
/*
* The user code can choose to either pass the cert and
* key filepaths using the info members like this, or it can
* leave them NULL; force the vhost SSL_CTX init using the info
* options flag LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX; and
* set up the cert himself using the user callback
* LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
* happened just above and has the vhost SSL_CTX * in the user
* parameter.
*/
if (!cert || !private_key)
return LWS_TLS_EXTANT_NO;
n = (int)lws_tls_use_any_upgrade_check_extant(cert);
if (n == LWS_TLS_EXTANT_ALTERNATIVE)
return LWS_TLS_EXTANT_ALTERNATIVE;
m = (int)lws_tls_use_any_upgrade_check_extant(private_key);
if (m == LWS_TLS_EXTANT_ALTERNATIVE)
return LWS_TLS_EXTANT_ALTERNATIVE;
if ((n == LWS_TLS_EXTANT_NO || m == LWS_TLS_EXTANT_NO) &&
(vhost->options & LWS_SERVER_OPTION_IGNORE_MISSING_CERT)) {
lwsl_vhost_notice(vhost, "Ignoring missing %s or %s", cert, private_key);
vhost->tls.skipped_certs = 1;
return LWS_TLS_EXTANT_NO;
}
/*
* the cert + key exist
*/
return LWS_TLS_EXTANT_YES;
}
/*
* update the cert for every vhost using the given path
*/
int
lws_tls_cert_updated(struct lws_context *context, const char *certpath,
const char *keypath,
const char *mem_cert, size_t len_mem_cert,
const char *mem_privkey, size_t len_mem_privkey)
{
struct lws wsi;
wsi.a.context = context;
lws_start_foreach_ll(struct lws_vhost *, v, context->vhost_list) {
wsi.a.vhost = v; /* not a real bound wsi */
if (v->tls.alloc_cert_path && v->tls.key_path &&
!strcmp(v->tls.alloc_cert_path, certpath) &&
!strcmp(v->tls.key_path, keypath)) {
lws_tls_server_certs_load(v, &wsi, certpath, keypath,
mem_cert, len_mem_cert,
mem_privkey, len_mem_privkey);
if (v->tls.skipped_certs)
lwsl_vhost_notice(v, "vhost %s: cert unset", v->name);
}
} lws_end_foreach_ll(v, vhost_next);
return 0;
}
int
lws_gate_accepts(struct lws_context *context, int on)
{
struct lws_vhost *v = context->vhost_list;
if (context->tls_gate_accepts == (char)on)
return 0;
lwsl_cx_info(context, "on = %d", on);
context->tls_gate_accepts = (char)on;
while (v) {
lws_start_foreach_dll(struct lws_dll2 *, d,
lws_dll2_get_head(&v->listen_wsi)) {
struct lws *wsi = lws_container_of(d, struct lws,
listen_list);
if (v->tls.use_ssl &&
lws_change_pollfd(wsi, on ? LWS_POLLIN : 0,
on ? 0 : LWS_POLLIN))
lwsl_cx_notice(context, "Unable to set POLLIN %d", on);
} lws_end_foreach_dll(d);
v = v->vhost_next;
}
return 0;
}
#endif
/* comma-separated alpn list, like "h2,http/1.1" to openssl alpn format */
int
lws_alpn_comma_to_openssl(const char *comma, uint8_t *os, int len)
{
uint8_t *oos = os, *plen = NULL;
if (!comma)
return 0;
while (*comma && len > 2) {
if (!plen && *comma == ' ') {
comma++;
continue;
}
if (!plen) {
plen = os++;
len--;
}
if (*comma == ',') {
*plen = (uint8_t)lws_ptr_diff(os, plen + 1);
plen = NULL;
comma++;
} else {
*os++ = (uint8_t)*comma++;
len--;
}
}
if (plen)
*plen = (uint8_t)lws_ptr_diff(os, plen + 1);
*os = 0;
return lws_ptr_diff(os, oos);
}

374
Kinc/Sources/kinc/libs/core/tls/tls-server.c Normal file
View File

@ -0,0 +1,374 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#if defined(LWS_WITH_SERVER)
static void
lws_sul_tls_cb(lws_sorted_usec_list_t *sul)
{
struct lws_context_per_thread *pt = lws_container_of(sul,
struct lws_context_per_thread, sul_tls);
lws_tls_check_all_cert_lifetimes(pt->context);
__lws_sul_insert_us(&pt->pt_sul_owner[LWSSULLI_MISS_IF_SUSPENDED],
&pt->sul_tls,
(lws_usec_t)24 * 3600 * LWS_US_PER_SEC);
}
int
lws_context_init_server_ssl(const struct lws_context_creation_info *info,
struct lws_vhost *vhost)
{
struct lws_context *context = vhost->context;
lws_fakewsi_def_plwsa(&vhost->context->pt[0]);
lws_fakewsi_prep_plwsa_ctx(vhost->context);
if (!lws_check_opt(info->options,
LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
vhost->tls.use_ssl = 0;
return 0;
}
/*
* If he is giving a server cert, take it as a sign he wants to use
* it on this vhost. User code can leave the cert filepath NULL and
* set the LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX option itself, in
* which case he's expected to set up the cert himself at
* LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS, which
* provides the vhost SSL_CTX * in the user parameter.
*/
if (info->ssl_cert_filepath || info->server_ssl_cert_mem)
vhost->options |= LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX;
if (info->port != CONTEXT_PORT_NO_LISTEN) {
vhost->tls.use_ssl = lws_check_opt(vhost->options,
LWS_SERVER_OPTION_CREATE_VHOST_SSL_CTX);
if (vhost->tls.use_ssl && info->ssl_cipher_list)
lwsl_notice(" SSL ciphers: '%s'\n",
info->ssl_cipher_list);
lwsl_notice(" Vhost '%s' using %sTLS mode\n",
vhost->name, vhost->tls.use_ssl ? "" : "non-");
}
/*
* give him a fake wsi with context + vhost set, so he can use
* lws_get_context() in the callback
*/
plwsa->vhost = vhost; /* not a real bound wsi */
/*
* as a server, if we are requiring clients to identify themselves
* then set the backend up for it
*/
if (lws_check_opt(info->options,
LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT))
/* Normally SSL listener rejects non-ssl, optionally allow */
vhost->tls.allow_non_ssl_on_ssl_port = 1;
/*
* give user code a chance to load certs into the server
* allowing it to verify incoming client certs
*/
if (vhost->tls.use_ssl) {
if (lws_tls_server_vhost_backend_init(info, vhost, (struct lws *)plwsa))
return -1;
lws_tls_server_client_cert_verify_config(vhost);
if (vhost->protocols[0].callback((struct lws *)plwsa,
LWS_CALLBACK_OPENSSL_LOAD_EXTRA_SERVER_VERIFY_CERTS,
vhost->tls.ssl_ctx, vhost, 0))
return -1;
}
if (vhost->tls.use_ssl)
lws_context_init_alpn(vhost);
/* check certs in a few seconds (after protocol init) and then once a day */
context->pt[0].sul_tls.cb = lws_sul_tls_cb;
__lws_sul_insert_us(&context->pt[0].pt_sul_owner[LWSSULLI_MISS_IF_SUSPENDED],
&context->pt[0].sul_tls,
(lws_usec_t)5 * LWS_US_PER_SEC);
return 0;
}
#endif
int
lws_server_socket_service_ssl(struct lws *wsi, lws_sockfd_type accept_fd, char from_pollin)
{
struct lws_context *context = wsi->a.context;
struct lws_context_per_thread *pt = &context->pt[(int)wsi->tsi];
struct lws_vhost *vh;
ssize_t s;
int n;
if (!LWS_SSL_ENABLED(wsi->a.vhost))
return 0;
switch (lwsi_state(wsi)) {
case LRS_SSL_INIT:
if (wsi->tls.ssl)
lwsl_err("%s: leaking ssl\n", __func__);
if (accept_fd == LWS_SOCK_INVALID)
assert(0);
if (lws_tls_restrict_borrow(wsi)) {
lwsl_err("%s: failed on ssl restriction\n", __func__);
return 1;
}
if (lws_tls_server_new_nonblocking(wsi, accept_fd)) {
lwsl_err("%s: failed on lws_tls_server_new_nonblocking\n", __func__);
if (accept_fd != LWS_SOCK_INVALID)
compatible_close(accept_fd);
lws_tls_restrict_return(wsi);
goto fail;
}
/*
* we are not accepted yet, but we need to enter ourselves
* as a live connection. That way we can retry when more
* pieces come if we're not sorted yet
*/
lwsi_set_state(wsi, LRS_SSL_ACK_PENDING);
lws_pt_lock(pt, __func__);
if (__insert_wsi_socket_into_fds(context, wsi)) {
lwsl_err("%s: failed to insert into fds\n", __func__);
goto fail;
}
lws_pt_unlock(pt);
lws_set_timeout(wsi, PENDING_TIMEOUT_SSL_ACCEPT,
(int)context->timeout_secs);
lwsl_debug("inserted SSL accept into fds, trying SSL_accept\n");
/* fallthru */
case LRS_SSL_ACK_PENDING:
if (lws_change_pollfd(wsi, LWS_POLLOUT, 0)) {
lwsl_err("%s: lws_change_pollfd failed\n", __func__);
goto fail;
}
if (wsi->a.vhost->tls.allow_non_ssl_on_ssl_port && !wsi->skip_fallback) {
/*
* We came here by POLLIN, so there is supposed to be
* something to read...
*/
s = recv(wsi->desc.sockfd, (char *)pt->serv_buf,
context->pt_serv_buf_size, MSG_PEEK);
/*
* We have LWS_SERVER_OPTION_ALLOW_NON_SSL_ON_SSL_PORT..
* this just means don't hang up on him because of no
* tls hello... what happens next is driven by
* additional option flags:
*
* none: fail the connection
*
* LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS:
* Destroy the TLS, issue a redirect using plaintext
* http (this may not be accepted by a client that
* has visited the site before and received an STS
* header).
*
* LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER:
* Destroy the TLS, continue and serve normally
* using http
*
* LWS_SERVER_OPTION_FALLBACK_TO_APPLY_LISTEN_ACCEPT_CONFIG:
* Destroy the TLS, apply whatever role and protocol
* were told in the vhost info struct
* .listen_accept_role / .listen_accept_protocol and
* continue with that
*/
if (s >= 1 && pt->serv_buf[0] >= ' ') {
/*
* TLS content-type for Handshake is 0x16, and
* for ChangeCipherSpec Record, it's 0x14
*
* A non-ssl session will start with the HTTP
* method in ASCII. If we see it's not a legit
* SSL handshake kill the SSL for this
* connection and try to handle as a HTTP
* connection upgrade directly.
*/
wsi->tls.use_ssl = 0;
lws_tls_server_abort_connection(wsi);
/*
* care... this creates wsi with no ssl when ssl
* is enabled and normally mandatory
*/
wsi->tls.ssl = NULL;
if (lws_check_opt(wsi->a.vhost->options,
LWS_SERVER_OPTION_REDIRECT_HTTP_TO_HTTPS)) {
lwsl_info("%s: redirecting from http "
"to https\n", __func__);
wsi->tls.redirect_to_https = 1;
goto notls_accepted;
}
if (lws_check_opt(wsi->a.vhost->options,
LWS_SERVER_OPTION_ALLOW_HTTP_ON_HTTPS_LISTENER)) {
lwsl_info("%s: allowing unencrypted "
"http service on tls port\n",
__func__);
goto notls_accepted;
}
if (lws_check_opt(wsi->a.vhost->options,
LWS_SERVER_OPTION_FALLBACK_TO_APPLY_LISTEN_ACCEPT_CONFIG)) {
if (lws_http_to_fallback(wsi, NULL, 0))
goto fail;
lwsl_info("%s: allowing non-tls "
"fallback\n", __func__);
goto notls_accepted;
}
lwsl_notice("%s: client did not send a valid "
"tls hello (default vhost %s)\n",
__func__, wsi->a.vhost->name);
goto fail;
}
if (!s) {
/*
* POLLIN but nothing to read is supposed to
* mean the connection is gone, we should
* fail out...
*
*/
lwsl_debug("%s: PEEKed 0 (from_pollin %d)\n",
__func__, from_pollin);
if (!from_pollin)
/*
* If this wasn't actually info from a
* pollin let it go around again until
* either data came or we still get told
* zero length peek AND POLLIN
*/
goto punt;
/*
* treat as remote closed
*/
goto fail;
}
if (s < 0 && (LWS_ERRNO == LWS_EAGAIN ||
LWS_ERRNO == LWS_EWOULDBLOCK)) {
punt:
/*
* well, we get no way to know ssl or not
* so go around again waiting for something
* to come and give us a hint, or timeout the
* connection.
*/
if (lws_change_pollfd(wsi, 0, LWS_POLLIN)) {
lwsl_err("%s: change_pollfd failed\n",
__func__);
return -1;
}
lwsl_info("SSL_ERROR_WANT_READ\n");
return 0;
}
}
/* normal SSL connection processing path */
errno = 0;
n = lws_tls_server_accept(wsi);
lwsl_info("SSL_accept says %d\n", n);
switch (n) {
case LWS_SSL_CAPABLE_DONE:
lws_tls_restrict_return_handshake(wsi);
break;
case LWS_SSL_CAPABLE_ERROR:
lws_tls_restrict_return_handshake(wsi);
lwsl_info("%s: SSL_accept failed socket %u: %d\n",
__func__, wsi->desc.sockfd, n);
wsi->socket_is_permanently_unusable = 1;
goto fail;
default: /* MORE_SERVICE */
return 0;
}
/* adapt our vhost to match the SNI SSL_CTX that was chosen */
vh = context->vhost_list;
while (vh) {
if (!vh->being_destroyed && wsi->tls.ssl &&
vh->tls.ssl_ctx == lws_tls_ctx_from_wsi(wsi)) {
lwsl_info("setting wsi to vh %s\n", vh->name);
lws_vhost_bind_wsi(vh, wsi);
break;
}
vh = vh->vhost_next;
}
/* OK, we are accepted... give him some time to negotiate */
lws_set_timeout(wsi, PENDING_TIMEOUT_ESTABLISH_WITH_SERVER,
(int)context->timeout_secs);
lwsi_set_state(wsi, LRS_ESTABLISHED);
if (lws_tls_server_conn_alpn(wsi)) {
lwsl_warn("%s: fail on alpn\n", __func__);
goto fail;
}
lwsl_debug("accepted new SSL conn\n");
break;
default:
break;
}
return 0;
notls_accepted:
lwsi_set_state(wsi, LRS_ESTABLISHED);
return 0;
fail:
return 1;
}

64
Kinc/Sources/kinc/libs/core/tls/tls-sessions.c Normal file
View File

@ -0,0 +1,64 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2021 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
void
lws_tls_session_tag_discrete(const char *vhname, const char *host,
uint16_t port, char *buf, size_t len)
{
/*
* We have to include the vhost name in the session tag, since
* different vhosts may make connections to the same endpoint using
* different client certs.
*/
lws_snprintf(buf, len, "%s_%s_%u", vhname, host, (unsigned int)port);
}
int
lws_tls_session_tag_from_wsi(struct lws *wsi, char *buf, size_t len)
{
const char *host;
if (!wsi)
return 1;
if (!wsi->stash)
return 1;
host = wsi->stash->cis[CIS_HOST];
if (!host)
host = wsi->stash->cis[CIS_ADDRESS];
if (!host)
return 1;
lws_tls_session_tag_discrete(wsi->a.vhost->name, host, wsi->c_port,
buf, len);
return 0;
}

539
Kinc/Sources/kinc/libs/core/tls/tls.c Normal file
View File

@ -0,0 +1,539 @@
/*
* libwebsockets - small server side websockets and web server implementation
*
* Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to
* deal in the Software without restriction, including without limitation the
* rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
* sell copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#include "private-lib-core.h"
#include "private-lib-tls.h"
#if defined(LWS_WITH_NETWORK)
#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \
OPENSSL_VERSION_NUMBER >= 0x10002000L)
static int
alpn_cb(SSL *s, const unsigned char **out, unsigned char *outlen,
const unsigned char *in, unsigned int inlen, void *arg)
{
#if !defined(LWS_WITH_MBEDTLS)
struct alpn_ctx *alpn_ctx = (struct alpn_ctx *)arg;
if (SSL_select_next_proto((unsigned char **)out, outlen, alpn_ctx->data,
alpn_ctx->len, in, inlen) !=
OPENSSL_NPN_NEGOTIATED)
return SSL_TLSEXT_ERR_NOACK;
#endif
return SSL_TLSEXT_ERR_OK;
}
#endif
int
lws_tls_restrict_borrow(struct lws *wsi)
{
struct lws_context *cx = wsi->a.context;
if (cx->simultaneous_ssl_restriction &&
cx->simultaneous_ssl >= cx->simultaneous_ssl_restriction) {
lwsl_notice("%s: tls connection limit %d\n", __func__,
cx->simultaneous_ssl);
return 1;
}
if (cx->simultaneous_ssl_handshake_restriction &&
cx->simultaneous_ssl_handshake >=
cx->simultaneous_ssl_handshake_restriction) {
lwsl_notice("%s: tls handshake limit %d\n", __func__,
cx->simultaneous_ssl);
return 1;
}
cx->simultaneous_ssl++;
cx->simultaneous_ssl_handshake++;
wsi->tls_borrowed_hs = 1;
wsi->tls_borrowed = 1;
lwsl_info("%s: %d -> %d\n", __func__,
cx->simultaneous_ssl - 1,
cx->simultaneous_ssl);
assert(!cx->simultaneous_ssl_restriction ||
cx->simultaneous_ssl <=
cx->simultaneous_ssl_restriction);
assert(!cx->simultaneous_ssl_handshake_restriction ||
cx->simultaneous_ssl_handshake <=
cx->simultaneous_ssl_handshake_restriction);
#if defined(LWS_WITH_SERVER)
lws_gate_accepts(cx,
(cx->simultaneous_ssl_restriction &&
cx->simultaneous_ssl == cx->simultaneous_ssl_restriction) ||
(cx->simultaneous_ssl_handshake_restriction &&
cx->simultaneous_ssl_handshake == cx->simultaneous_ssl_handshake_restriction));
#endif
return 0;
}
static void
_lws_tls_restrict_return(struct lws *wsi)
{
#if defined(LWS_WITH_SERVER)
struct lws_context *cx = wsi->a.context;
assert(cx->simultaneous_ssl_handshake >= 0);
assert(cx->simultaneous_ssl >= 0);
lws_gate_accepts(cx,
(cx->simultaneous_ssl_restriction &&
cx->simultaneous_ssl == cx->simultaneous_ssl_restriction) ||
(cx->simultaneous_ssl_handshake_restriction &&
cx->simultaneous_ssl_handshake == cx->simultaneous_ssl_handshake_restriction));
#endif
}
void
lws_tls_restrict_return_handshake(struct lws *wsi)
{
struct lws_context *cx = wsi->a.context;
/* we're just returning the hs part */
if (!wsi->tls_borrowed_hs)
return;
wsi->tls_borrowed_hs = 0; /* return it one time per wsi */
cx->simultaneous_ssl_handshake--;
lwsl_info("%s: %d -> %d\n", __func__,
cx->simultaneous_ssl_handshake + 1,
cx->simultaneous_ssl_handshake);
_lws_tls_restrict_return(wsi);
}
void
lws_tls_restrict_return(struct lws *wsi)
{
struct lws_context *cx = wsi->a.context;
if (!wsi->tls_borrowed)
return;
wsi->tls_borrowed = 0;
cx->simultaneous_ssl--;
lwsl_info("%s: %d -> %d\n", __func__,
cx->simultaneous_ssl + 1,
cx->simultaneous_ssl);
/* We're returning everything, even if hs didn't complete */
if (wsi->tls_borrowed_hs)
lws_tls_restrict_return_handshake(wsi);
else
_lws_tls_restrict_return(wsi);
}
void
lws_context_init_alpn(struct lws_vhost *vhost)
{
#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \
OPENSSL_VERSION_NUMBER >= 0x10002000L)
const char *alpn_comma = vhost->context->tls.alpn_default;
if (vhost->tls.alpn)
alpn_comma = vhost->tls.alpn;
lwsl_info(" Server '%s' advertising ALPN: %s\n",
vhost->name, alpn_comma);
vhost->tls.alpn_ctx.len = (uint8_t)lws_alpn_comma_to_openssl(alpn_comma,
vhost->tls.alpn_ctx.data,
sizeof(vhost->tls.alpn_ctx.data) - 1);
SSL_CTX_set_alpn_select_cb(vhost->tls.ssl_ctx, alpn_cb,
&vhost->tls.alpn_ctx);
#else
lwsl_err(" HTTP2 / ALPN configured "
"but not supported by OpenSSL 0x%lx\n",
OPENSSL_VERSION_NUMBER);
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
}
int
lws_tls_server_conn_alpn(struct lws *wsi)
{
#if defined(LWS_WITH_MBEDTLS) || (defined(OPENSSL_VERSION_NUMBER) && \
OPENSSL_VERSION_NUMBER >= 0x10002000L)
const unsigned char *name = NULL;
char cstr[10];
unsigned len;
lwsl_info("%s\n", __func__);
if (!wsi->tls.ssl) {
lwsl_err("%s: non-ssl\n", __func__);
return 0;
}
SSL_get0_alpn_selected(wsi->tls.ssl, &name, &len);
if (!len) {
lwsl_info("no ALPN upgrade\n");
return 0;
}
if (len > sizeof(cstr) - 1)
len = sizeof(cstr) - 1;
memcpy(cstr, name, len);
cstr[len] = '\0';
lwsl_info("%s: negotiated '%s' using ALPN\n", __func__, cstr);
wsi->tls.use_ssl |= LCCSCF_USE_SSL;
return lws_role_call_alpn_negotiated(wsi, (const char *)cstr);
#else
lwsl_err("%s: openssl too old\n", __func__);
#endif // OPENSSL_VERSION_NUMBER >= 0x10002000L
return 0;
}
#endif
#if !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_DEV_KIT)
#if defined(LWS_PLAT_FREERTOS) && !defined(LWS_AMAZON_RTOS)
int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
lws_filepos_t *amount)
{
nvs_handle nvh;
size_t s;
int n = 0;
ESP_ERROR_CHECK(nvs_open("lws-station", NVS_READWRITE, &nvh));
if (nvs_get_blob(nvh, filename, NULL, &s) != ESP_OK) {
n = 1;
goto bail;
}
*buf = lws_malloc(s + 1, "alloc_file");
if (!*buf) {
n = 2;
goto bail;
}
if (nvs_get_blob(nvh, filename, (char *)*buf, &s) != ESP_OK) {
lws_free(*buf);
n = 1;
goto bail;
}
*amount = s;
(*buf)[s] = '\0';
lwsl_notice("%s: nvs: read %s, %d bytes\n", __func__, filename, (int)s);
bail:
nvs_close(nvh);
return n;
}
#else
int alloc_file(struct lws_context *context, const char *filename, uint8_t **buf,
lws_filepos_t *amount)
{
FILE *f;
size_t s;
ssize_t m;
int n = 0;
f = fopen(filename, "rb");
if (f == NULL) {
n = 1;
goto bail;
}
if (fseek(f, 0, SEEK_END) != 0) {
n = 1;
goto bail;
}
m = (ssize_t)ftell(f);
if (m == -1l) {
n = 1;
goto bail;
}
s = (size_t)m;
if (fseek(f, 0, SEEK_SET) != 0) {
n = 1;
goto bail;
}
*buf = lws_malloc(s + 1, "alloc_file");
if (!*buf) {
n = 2;
goto bail;
}
if (fread(*buf, s, 1, f) != 1) {
lws_free(*buf);
n = 1;
goto bail;
}
*amount = s;
bail:
if (f)
fclose(f);
return n;
}
#endif
/*
* filename: NULL means use buffer inbuf length inlen directly, otherwise
* load the file "filename" into an allocated buffer.
*
* Allocates a separate DER output buffer if inbuf / inlen are the input,
* since the
*
* Contents may be PEM or DER: returns with buf pointing to DER and amount
* set to the DER length.
*/
int
lws_tls_alloc_pem_to_der_file(struct lws_context *context, const char *filename,
const char *inbuf, lws_filepos_t inlen,
uint8_t **buf, lws_filepos_t *amount)
{
uint8_t *pem = NULL, *p, *end, *opem;
lws_filepos_t len;
uint8_t *q;
int n;
if (filename) {
n = alloc_file(context, filename, (uint8_t **)&pem, &len);
if (n)
return n;
} else {
pem = (uint8_t *)inbuf;
len = inlen;
}
opem = p = pem;
end = p + len;
if (strncmp((char *)p, "-----", 5)) {
/* take it as being already DER */
pem = lws_malloc((size_t)inlen, "alloc_der");
if (!pem)
return 1;
memcpy(pem, inbuf, (size_t)inlen);
*buf = pem;
*amount = inlen;
return 0;
}
/* PEM -> DER */
if (!filename) {
/* we don't know if it's in const memory... alloc the output */
pem = lws_malloc(((size_t)(inlen + 3) * 3) / 4, "alloc_der");
if (!pem) {
lwsl_err("a\n");
return 1;
}
} /* else overwrite the allocated, b64 input with decoded DER */
/* trim the first line */
p += 5;
while (p < end && *p != '\n' && *p != '-')
p++;
if (*p != '-') {
goto bail;
}
while (p < end && *p != '\n')
p++;
if (p >= end) {
goto bail;
}
p++;
/* trim the last line */
q = (uint8_t *)end - 2;
while (q > opem && *q != '\n')
q--;
if (*q != '\n')
goto bail;
/* we can't write into the input buffer for mem, since it may be in RO
* const segment
*/
if (filename)
*q = '\0';
n = lws_ptr_diff(q, p);
if (n == -1) /* coverity */
goto bail;
n = lws_b64_decode_string_len((char *)p, n,
(char *)pem, (int)(long long)len);
if (n < 0) {
lwsl_err("%s: base64 pem decode failed\n", __func__);
goto bail;
}
*amount = (unsigned int)n;
*buf = (uint8_t *)pem;
return 0;
bail:
lws_free((uint8_t *)pem);
return 4;
}
#endif
#if !defined(LWS_PLAT_FREERTOS) && !defined(LWS_PLAT_OPTEE) && !defined(OPTEE_DEV_KIT)
static int
lws_tls_extant(const char *name)
{
/* it exists if we can open it... */
int fd = open(name, O_RDONLY);
char buf[1];
ssize_t n;
if (fd < 0)
return 1;
/* and we can read at least one byte out of it */
n = read(fd, buf, 1);
close(fd);
return n != 1;
}
#endif
/*
* Returns 0 if the filepath "name" exists and can be read from.
*
* In addition, if "name".upd exists, backup "name" to "name.old.1"
* and rename "name".upd to "name" before reporting its existence.
*
* There are four situations and three results possible:
*
* 1) LWS_TLS_EXTANT_NO: There are no certs at all (we are waiting for them to
* be provisioned). We also feel like this if we need privs we don't have
* any more to look in the directory.
*
* 2) There are provisioned certs written (xxx.upd) and we still have root
* privs... in this case we rename any existing cert to have a backup name
* and move the upd cert into place with the correct name. This then becomes
* situation 4 for the caller.
*
* 3) LWS_TLS_EXTANT_ALTERNATIVE: There are provisioned certs written (xxx.upd)
* but we no longer have the privs needed to read or rename them. In this
* case, indicate that the caller should use temp copies if any we do have
* rights to access. This is normal after we have updated the cert.
*
* But if we dropped privs, we can't detect the provisioned xxx.upd cert +
* key, because we can't see in the dir. So we have to upgrade NO to
* ALTERNATIVE when we actually have the in-memory alternative.
*
* 4) LWS_TLS_EXTANT_YES: The certs are present with the correct name and we
* have the rights to read them.
*/
enum lws_tls_extant
lws_tls_use_any_upgrade_check_extant(const char *name)
{
#if !defined(LWS_PLAT_OPTEE) && !defined(LWS_AMAZON_RTOS)
int n;
#if !defined(LWS_PLAT_FREERTOS)
char buf[256];
lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name);
if (!lws_tls_extant(buf)) {
/* ah there is an updated file... how about the desired file? */
if (!lws_tls_extant(name)) {
/* rename the desired file */
for (n = 0; n < 50; n++) {
lws_snprintf(buf, sizeof(buf) - 1,
"%s.old.%d", name, n);
if (!rename(name, buf))
break;
}
if (n == 50) {
lwsl_notice("unable to rename %s\n", name);
return LWS_TLS_EXTANT_ALTERNATIVE;
}
lws_snprintf(buf, sizeof(buf) - 1, "%s.upd", name);
}
/* desired file is out of the way, rename the updated file */
if (rename(buf, name)) {
lwsl_notice("unable to rename %s to %s\n", buf, name);
return LWS_TLS_EXTANT_ALTERNATIVE;
}
}
if (lws_tls_extant(name))
return LWS_TLS_EXTANT_NO;
#else
nvs_handle nvh;
size_t s = 8192;
if (nvs_open("lws-station", NVS_READWRITE, &nvh)) {
lwsl_notice("%s: can't open nvs\n", __func__);
return LWS_TLS_EXTANT_NO;
}
n = nvs_get_blob(nvh, name, NULL, &s);
nvs_close(nvh);
if (n)
return LWS_TLS_EXTANT_NO;
#endif
#endif
return LWS_TLS_EXTANT_YES;
}