lws-genhash.h

Go to the documentation of this file.

/*
 * libwebsockets - small server side websockets and web server implementation
 *
 * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>
 *
 * Permission is hereby granted, free of charge, to any person obtaining a copy
 * of this software and associated documentation files (the "Software"), to
 * deal in the Software without restriction, including without limitation the
 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
 * sell copies of the Software, and to permit persons to whom the Software is
 * furnished to do so, subject to the following conditions:
 *
 * The above copyright notice and this permission notice shall be included in
 * all copies or substantial portions of the Software.
 *
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
 * IN THE SOFTWARE.
 */
 
#ifndef __LWS_GENHASH_H__
#define __LWS_GENHASH_H__

 
#if defined(LWS_WITH_AWSLC) || defined(LWS_WITH_BORINGSSL)
#include <openssl/hmac.h>
#endif
 
#if defined(LWS_HAVE_MBEDTLS_V4)
#include <psa/crypto.h>
#endif
 
 
enum lws_genhash_types {
        LWS_GENHASH_TYPE_UNKNOWN,
        LWS_GENHASH_TYPE_MD5,
        LWS_GENHASH_TYPE_SHA1,
        LWS_GENHASH_TYPE_SHA256,
        LWS_GENHASH_TYPE_SHA384,
        LWS_GENHASH_TYPE_SHA512,
};
 
enum lws_genhmac_types {
        LWS_GENHMAC_TYPE_UNKNOWN,
        LWS_GENHMAC_TYPE_SHA1,
        LWS_GENHMAC_TYPE_SHA256,
        LWS_GENHMAC_TYPE_SHA384,
        LWS_GENHMAC_TYPE_SHA512,
};
 
#define LWS_GENHASH_LARGEST 64
 
#if defined(LWS_WITH_TLS) && defined(LWS_WITH_GENCRYPTO)
 
struct lws_genhash_ctx {
        uint8_t type;
#if defined(LWS_WITH_MBEDTLS)
#if defined(LWS_HAVE_MBEDTLS_V4)
        psa_hash_operation_t hash_ctx;
#else
        union {
                mbedtls_md5_context md5;
                mbedtls_sha1_context sha1;
                mbedtls_sha256_context sha256;
                mbedtls_sha512_context sha512; /* 384 also uses this */
                const mbedtls_md_info_t *hmac;
        } u;
#endif
#elif defined(LWS_WITH_SCHANNEL)
        struct {
                void *hAlg;
                void *hHash;
        } u;
#elif defined(LWS_WITH_GNUTLS)
        union {
                void *hash; /* gnutls_hash_hd_t */
        } u;
#elif defined(LWS_WITH_BEARSSL)
        union {
                br_md5_context md5;
                br_sha1_context sha1;
                br_sha256_context sha256;
                br_sha384_context sha384;
                br_sha512_context sha512;
        } u;
#else
        const EVP_MD *evp_type;
        EVP_MD_CTX *mdctx;
#endif
};
 
struct lws_genhmac_ctx {
        uint8_t type;
#if defined(LWS_WITH_MBEDTLS)
#if defined(LWS_HAVE_MBEDTLS_V4)
        psa_mac_operation_t mac_ctx;
        psa_key_id_t key_id;
#else
        const mbedtls_md_info_t *hmac;
        mbedtls_md_context_t ctx;
#endif
#elif defined(LWS_WITH_SCHANNEL)
        struct {
                void *hAlg;
                void *hHash;
        } u;
#elif defined(LWS_WITH_GNUTLS)
        union {
                void *hash; /* gnutls_hash_hd_t */
        } u;
#elif defined(LWS_WITH_BEARSSL)
        br_hmac_key_context hmac_key;
        br_hmac_context ctx;
#else
        const EVP_MD *evp_type;
 
#if defined(LWS_HAVE_EVP_PKEY_new_raw_private_key) && !defined(LWS_WITH_BORINGSSL) && !defined(LWS_WITH_AWSLC)
        EVP_MD_CTX *ctx;
        EVP_PKEY *key;
#else
#if defined(LWS_HAVE_HMAC_CTX_new) || defined(LWS_WITH_BORINGSSL) || defined(LWS_WITH_AWSLC)
        HMAC_CTX *ctx;
#else
        HMAC_CTX ctx;
#endif
#endif
 
#endif
};

LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT
lws_genhash_size(enum lws_genhash_types type);

LWS_VISIBLE LWS_EXTERN size_t LWS_WARN_UNUSED_RESULT
lws_genhmac_size(enum lws_genhmac_types type);

LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
lws_genhash_init(struct lws_genhash_ctx *ctx, enum lws_genhash_types type);

LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
lws_genhash_update(struct lws_genhash_ctx *ctx, const void *in, size_t len);

LWS_VISIBLE LWS_EXTERN int
lws_genhash_destroy(struct lws_genhash_ctx *ctx, void *result);

LWS_VISIBLE LWS_EXTERN int
lws_genhash_render(enum lws_genhash_types type, const uint8_t *hash, char *out, size_t out_len);

LWS_VISIBLE LWS_EXTERN int
lws_genhash_render_prefixed(enum lws_genhash_types type, const uint8_t *hash, char *out, size_t out_len);

LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
lws_genhmac_init(struct lws_genhmac_ctx *ctx, enum lws_genhmac_types type,
                 const uint8_t *key, size_t key_len);

LWS_VISIBLE LWS_EXTERN int LWS_WARN_UNUSED_RESULT
lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len);

LWS_VISIBLE LWS_EXTERN int
lws_genhmac_destroy(struct lws_genhmac_ctx *ctx, void *result);

LWS_VISIBLE LWS_EXTERN int
lws_genhkdf_extract(enum lws_genhmac_types type, const uint8_t *salt,
                    size_t salt_len, const uint8_t *ikm, size_t ikm_len,
                    uint8_t *prk);

LWS_VISIBLE LWS_EXTERN int
lws_genhkdf_expand(enum lws_genhmac_types type, const uint8_t *prk,
                   size_t prk_len, const uint8_t *info, size_t info_len,
                   uint8_t *okm, size_t okm_len);

LWS_VISIBLE LWS_EXTERN int
lws_genhkdf_expand_label(enum lws_genhmac_types type, const uint8_t *prk,
                         size_t prk_len, const char *label,
                         const uint8_t *context, size_t context_len,
                         uint8_t *okm, size_t okm_len);
 
#endif
 
#endif /* __LWS_GENHASH_H__ */