 |
libwebsockets
Lightweight C library for HTML5 websockets
|
|
libwebsockets
Lightweight C library for HTML5 websockets
|
Go to the source code of this file.
Data Structures | |
| struct | lws_genec_ctx |
| struct | lws_ec_curves |
Enumerations | |
| enum | enum_genec_alg { LEGENEC_UNKNOWN , LEGENEC_ECDH , LEGENEC_ECDSA } |
| enum | enum_lws_dh_side { LDHS_OURS , LDHS_THEIRS } |
| struct lws_genec_ctx |
Definition at line 32 of file lws-genec.h.
Collaboration diagram for lws_genec_ctx:| Data Fields | ||
|---|---|---|
| EVP_PKEY_CTX * | ctx[2] | |
| struct lws_context * | context | |
| const struct lws_ec_curves * | curve_table | |
| enum enum_genec_alg | genec_alg | |
| char | has_private | |
| struct lws_ec_curves |
Definition at line 60 of file lws-genec.h.
Collaboration diagram for lws_ec_curves:| Data Fields | ||
|---|---|---|
| const char * | name | |
| int | tls_lib_nid | |
| uint16_t | key_bytes | |
| enum enum_genec_alg |
| Enumerator | |
|---|---|
| LEGENEC_UNKNOWN | |
| LEGENEC_ECDH | |
| LEGENEC_ECDSA | |
Definition at line 25 of file lws-genec.h.
| enum enum_lws_dh_side |
| Enumerator | |
|---|---|
| LDHS_OURS | |
| LDHS_THEIRS | |
Definition at line 54 of file lws-genec.h.
| LWS_VISIBLE int lws_genecdh_create | ( | struct lws_genec_ctx * | ctx, |
| struct lws_context * | context, | ||
| const struct lws_ec_curves * | curve_table ) |
lws_genecdh_create() - Create a genecdh
| ctx | your genec context |
| context | your lws_context (for RNG access) |
| curve_table | NULL, enabling P-256, P-384 and P-521, or a replacement struct lws_ec_curves array, terminated by an entry with .name = NULL, of curves you want to allow |
Initializes a genecdh
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdh_set_key | ( | struct lws_genec_ctx * | ctx, |
| struct lws_gencrypto_keyelem * | el, | ||
| enum enum_lws_dh_side | side ) |
lws_genecdh_set_key() - Apply an EC key to our or theirs side
| ctx | your genecdh context |
| el | your key elements |
| side | LDHS_OURS or LDHS_THEIRS |
Applies an EC key to one side or the other of an ECDH ctx
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdh_new_keypair | ( | struct lws_genec_ctx * | ctx, |
| enum enum_lws_dh_side | side, | ||
| const char * | curve_name, | ||
| struct lws_gencrypto_keyelem * | el ) |
lws_genecdh_new_keypair() - Create a genec with a new public / private key
| ctx | your genec context |
| side | LDHS_OURS or LDHS_THEIRS |
| curve_name | an EC curve name, like "P-256" |
| el | array pf LWS_GENCRYPTO_EC_KEYEL_COUNT key elems to take the new key |
Creates a genecdh with a newly minted EC public / private key
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdh_compute_shared_secret | ( | struct lws_genec_ctx * | ctx, |
| uint8_t * | ss, | ||
| int * | ss_len ) |
References LWS_VISIBLE.
| LWS_VISIBLE int lws_genecdsa_create | ( | struct lws_genec_ctx * | ctx, |
| struct lws_context * | context, | ||
| const struct lws_ec_curves * | curve_table ) |
lws_genecdsa_create() - Create a genecdsa and
| ctx | your genec context |
| context | your lws_context (for RNG access) |
| curve_table | NULL, enabling P-256, P-384 and P-521, or a replacement struct lws_ec_curves array, terminated by an entry with .name = NULL, of curves you want to allow |
Initializes a genecdh
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdsa_new_keypair | ( | struct lws_genec_ctx * | ctx, |
| const char * | curve_name, | ||
| struct lws_gencrypto_keyelem * | el ) |
lws_genecdsa_new_keypair() - Create a genecdsa with a new public / private key
| ctx | your genec context |
| curve_name | an EC curve name, like "P-256" |
| el | array pf LWS_GENCRYPTO_EC_KEYEL_COUNT key elements to take the new key |
Creates a genecdsa with a newly minted EC public / private key
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdsa_set_key | ( | struct lws_genec_ctx * | ctx, |
| const struct lws_gencrypto_keyelem * | el ) |
lws_genecdsa_set_key() - Apply an EC key to an ecdsa context
| ctx | your genecdsa context |
| el | your key elements |
Applies an EC key to an ecdsa context
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdsa_hash_sig_verify_jws | ( | struct lws_genec_ctx * | ctx, |
| const uint8_t * | in, | ||
| enum lws_genhash_types | hash_type, | ||
| int | keybits, | ||
| const uint8_t * | sig, | ||
| size_t | sig_len ) |
lws_genecdsa_hash_sig_verify_jws() - Verifies a JWS ECDSA signature on a given hash
| ctx | your struct lws_genrsa_ctx |
| in | unencrypted payload (usually a recomputed hash) |
| hash_type | one of LWS_GENHASH_TYPE_ |
| keybits | number of bits in the crypto key |
| sig | pointer to the signature we received with the payload |
| sig_len | length of the signature we are checking in bytes |
This just looks at the signed hash... that's why there's no input length parameter, it's decided by the choice of hash. It's up to you to confirm separately the actual payload matches the hash that was confirmed by this to be validly signed.
Returns <0 for error, or 0 if signature matches the hash + key..
The JWS ECDSA signature verification algorithm differs to generic ECDSA signatures and they're not interoperable.
This and related APIs operate identically with OpenSSL or mbedTLS backends.
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genecdsa_hash_sign_jws | ( | struct lws_genec_ctx * | ctx, |
| const uint8_t * | in, | ||
| enum lws_genhash_types | hash_type, | ||
| int | keybits, | ||
| uint8_t * | sig, | ||
| size_t | sig_len ) |
lws_genecdsa_hash_sign_jws() - Creates a JWS ECDSA signature for a hash you provide
| ctx | your struct lws_genrsa_ctx |
| in | precomputed hash |
| hash_type | one of LWS_GENHASH_TYPE_ |
| keybits | number of bits in the crypto key |
| sig | pointer to buffer to take signature |
| sig_len | length of the buffer (must be >= length of key N) |
Returns <0 for error, or >=0 for success.
This creates a JWS ECDSA signature for a hash you already computed and provide.
The JWS ECDSA signature generation algorithm differs to generic ECDSA signatures and they're not interoperable.
This and related APIs operate identically with OpenSSL or mbedTLS backends.
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN void lws_genec_destroy | ( | struct lws_genec_ctx * | ctx | ) |
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN void lws_genec_destroy_elements | ( | struct lws_gencrypto_keyelem * | el | ) |
References LWS_EXTERN, and LWS_VISIBLE.
| LWS_VISIBLE LWS_EXTERN int lws_genec_dump | ( | struct lws_gencrypto_keyelem * | el | ) |
1.13.2 
