Project homepage Mailing List  Warmcat.com  API Docs  Github Mirror 
{"schema":"libjg2-1", "vpath":"/git/", "avatar":"/git/avatar/", "alang":"en-US,en;q\u003d0.5", "gen_ut":1685553044, "reponame":"libwebsockets", "desc":"libwebsockets lightweight C networking library", "owner": { "name": "Andy Green", "email": "andy@warmcat.com", "md5": "c50933ca2aa61e0fe2c43d46bb6b59cb" },"url":"https://libwebsockets.org/repo/libwebsockets", "f":3, "items": [ {"schema":"libjg2-1", "cid":"521f7c0b8679873b0617df342b563075", "oid":{ "oid": "e8eb7d6bd66dde2156dbcd37b0e9048ed4006320", "alias": [ "refs/heads/main"]},"blobname": "include/libwebsockets/lws-genrsa.h", "blob": "/*\n * libwebsockets - small server side websockets and web server implementation\n *\n * Copyright (C) 2010 - 2019 Andy Green \u003candy@warmcat.com\u003e\n *\n * Permission is hereby granted, free of charge, to any person obtaining a copy\n * of this software and associated documentation files (the \u0022Software\u0022), to\n * deal in the Software without restriction, including without limitation the\n * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or\n * sell copies of the Software, and to permit persons to whom the Software is\n * furnished to do so, subject to the following conditions:\n *\n * The above copyright notice and this permission notice shall be included in\n * all copies or substantial portions of the Software.\n *\n * THE SOFTWARE IS PROVIDED \u0022AS IS\u0022, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\n * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\n * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\n * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\n * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING\n * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS\n * IN THE SOFTWARE.\n */\n\n/*! \u005cdefgroup genericRSA Generic RSA\n * ## Generic RSA related functions\n *\n * Lws provides generic RSA functions that abstract the ones\n * provided by whatever OpenSSL library you are linking against.\n *\n * It lets you use the same code if you build against mbedtls or OpenSSL\n * for example.\n */\n///@{\n\n/* include/libwebsockets/lws-jwk.h must be included before this */\n\nenum enum_genrsa_mode {\n\tLGRSAM_PKCS1_1_5,\n\tLGRSAM_PKCS1_OAEP_PSS,\n\n\tLGRSAM_COUNT\n};\n\nstruct lws_genrsa_ctx {\n#if defined(LWS_WITH_MBEDTLS)\n\tmbedtls_rsa_context *ctx;\n#else\n\tBIGNUM *bn[LWS_GENCRYPTO_RSA_KEYEL_COUNT];\n\tEVP_PKEY_CTX *ctx;\n\tRSA *rsa;\n#endif\n\tstruct lws_context *context;\n\tenum enum_genrsa_mode mode;\n};\n\n/** lws_genrsa_public_decrypt_create() - Create RSA public decrypt context\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam el: struct prepared with key element data\n * \u005cparam context: lws_context for RNG\n * \u005cparam mode: RSA mode, one of LGRSAM_ constants\n * \u005cparam oaep_hashid: the lws genhash id for the hash used in MFG1 hash\n *\t\t\tused in OAEP mode - normally, SHA1\n *\n * Creates an RSA context with a public key associated with it, formed from\n * the key elements in \u005cp el.\n *\n * Mode LGRSAM_PKCS1_1_5 is in widespread use but has weaknesses. It's\n * recommended to use LGRSAM_PKCS1_OAEP_PSS for new implementations.\n *\n * Returns 0 for OK or nonzero for error.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_create(struct lws_genrsa_ctx *ctx,\n\t\t const struct lws_gencrypto_keyelem *el,\n\t\t struct lws_context *context, enum enum_genrsa_mode mode,\n\t\t enum lws_genhash_types oaep_hashid);\n\n/** lws_genrsa_destroy_elements() - Free allocations in genrsa_elements\n *\n * \u005cparam el: your struct lws_gencrypto_keyelem\n *\n * This is a helper for user code making use of struct lws_gencrypto_keyelem\n * where the elements are allocated on the heap, it frees any non-NULL\n * buf element and sets the buf to NULL.\n *\n * NB: lws_genrsa_public_... apis do not need this as they take care of the key\n * creation and destruction themselves.\n */\nLWS_VISIBLE LWS_EXTERN void\nlws_genrsa_destroy_elements(struct lws_gencrypto_keyelem *el);\n\n/** lws_genrsa_new_keypair() - Create new RSA keypair\n *\n * \u005cparam context: your struct lws_context (may be used for RNG)\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam mode: RSA mode, one of LGRSAM_ constants\n * \u005cparam el: struct to get the new key element data allocated into it\n * \u005cparam bits: key size, eg, 4096\n *\n * Creates a new RSA context and generates a new keypair into it, with \u005cp bits\n * bits.\n *\n * Returns 0 for OK or nonzero for error.\n *\n * Mode LGRSAM_PKCS1_1_5 is in widespread use but has weaknesses. It's\n * recommended to use LGRSAM_PKCS1_OAEP_PSS for new implementations.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx,\n\t\t enum enum_genrsa_mode mode, struct lws_gencrypto_keyelem *el,\n\t\t int bits);\n\n/** lws_genrsa_public_encrypt() - Perform RSA public key encryption\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: plaintext input\n * \u005cparam in_len: length of plaintext input\n * \u005cparam out: encrypted output\n *\n * Performs PKCS1 v1.5 Encryption\n *\n * Returns \u003c0 for error, or length of decrypted data.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t\t size_t in_len, uint8_t *out);\n\n/** lws_genrsa_private_encrypt() - Perform RSA private key encryption\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: plaintext input\n * \u005cparam in_len: length of plaintext input\n * \u005cparam out: encrypted output\n *\n * Performs PKCS1 v1.5 Encryption\n *\n * Returns \u003c0 for error, or length of decrypted data.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_private_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t\t size_t in_len, uint8_t *out);\n\n/** lws_genrsa_public_decrypt() - Perform RSA public key decryption\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: encrypted input\n * \u005cparam in_len: length of encrypted input\n * \u005cparam out: decrypted output\n * \u005cparam out_max: size of output buffer\n *\n * Performs PKCS1 v1.5 Decryption\n *\n * Returns \u003c0 for error, or length of decrypted data.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t\t size_t in_len, uint8_t *out, size_t out_max);\n\n/** lws_genrsa_private_decrypt() - Perform RSA private key decryption\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: encrypted input\n * \u005cparam in_len: length of encrypted input\n * \u005cparam out: decrypted output\n * \u005cparam out_max: size of output buffer\n *\n * Performs PKCS1 v1.5 Decryption\n *\n * Returns \u003c0 for error, or length of decrypted data.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t\t size_t in_len, uint8_t *out, size_t out_max);\n\n/** lws_genrsa_hash_sig_verify() - Verifies RSA signature on a given hash\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: input to be hashed\n * \u005cparam hash_type: one of LWS_GENHASH_TYPE_\n * \u005cparam sig: pointer to the signature we received with the payload\n * \u005cparam sig_len: length of the signature we are checking in bytes\n *\n * Returns \u003c0 for error, or 0 if signature matches the payload + key.\n *\n * This just looks at a hash... that's why there's no input length\n * parameter, it's decided by the choice of hash. It's up to you to confirm\n * separately the actual payload matches the hash that was confirmed by this to\n * be validly signed.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_hash_sig_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t\t enum lws_genhash_types hash_type,\n\t\t\t const uint8_t *sig, size_t sig_len);\n\n/** lws_genrsa_hash_sign() - Creates an ECDSA signature for a hash you provide\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam in: input to be hashed and signed\n * \u005cparam hash_type: one of LWS_GENHASH_TYPE_\n * \u005cparam sig: pointer to buffer to take signature\n * \u005cparam sig_len: length of the buffer (must be \u003e\u003d length of key N)\n *\n * Returns \u003c0 for error, or \u005cp sig_len for success.\n *\n * This creates an RSA signature for a hash you already computed and provide.\n * You should have created the hash before calling this by iterating over the\n * actual payload you need to confirm.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_hash_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in,\n\t\t enum lws_genhash_types hash_type,\n\t\t uint8_t *sig, size_t sig_len);\n\n/** lws_genrsa_public_decrypt_destroy() - Destroy RSA public decrypt context\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n *\n * Destroys any allocations related to \u005cp ctx.\n *\n * This and related APIs operate identically with OpenSSL or mbedTLS backends.\n */\nLWS_VISIBLE LWS_EXTERN void\nlws_genrsa_destroy(struct lws_genrsa_ctx *ctx);\n\n/** lws_genrsa_render_pkey_asn1() - Exports public or private key to ASN1/DER\n *\n * \u005cparam ctx: your struct lws_genrsa_ctx\n * \u005cparam _private: 0 \u003d public part only, 1 \u003d all parts of the key\n * \u005cparam pkey_asn1: pointer to buffer to take the ASN1\n * \u005cparam pkey_asn1_len: max size of the pkey_asn1_len\n *\n * Returns length of pkey_asn1 written, or -1 for error.\n */\nLWS_VISIBLE LWS_EXTERN int\nlws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private,\n\t\t\t uint8_t *pkey_asn1, size_t pkey_asn1_len);\n///@}\n","s":{"c":1685503539,"u": 1075}} ],"g": 9254,"chitpc": 0,"ehitpc": 0,"indexed":0 , "ab": 0, "si": 0, "db":0, "di":0, "sat":0, "lfc": "7d0a"}