lws-api-doc-main/html/lws-jwe_8h_source.html

  /*

  * libwebsockets - small server side websockets and web server implementation

  *

  * Copyright (C) 2010 - 2019 Andy Green <andy@warmcat.com>

  *

  * Permission is hereby granted, free of charge, to any person obtaining a copy

  * of this software and associated documentation files (the "Software"), to

  * deal in the Software without restriction, including without limitation the

  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or

  * sell copies of the Software, and to permit persons to whom the Software is

  * furnished to do so, subject to the following conditions:

  *

  * The above copyright notice and this permission notice shall be included in

  * all copies or substantial portions of the Software.

  *

  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING

  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS

  * IN THE SOFTWARE.

  *

  * JWE Compact Serialization consists of

  *

  *     BASE64URL(UTF8(JWE Protected Header)) || '.' ||

  *     BASE64URL(JWE Encrypted Key)          || '.' ||

  *     BASE64URL(JWE Initialization Vector)  || '.' ||

  *     BASE64URL(JWE Ciphertext)             || '.' ||

  *     BASE64URL(JWE Authentication Tag)

  */


 #define LWS_JWE_RFC3394_OVERHEAD_BYTES 8

 #define LWS_JWE_AES_IV_BYTES 16


 #define LWS_JWE_LIMIT_RSA_KEY_BITS 4096

 #define LWS_JWE_LIMIT_AES_KEY_BITS (512 + 64) /* RFC3394 Key Wrap adds 64b */

 #define LWS_JWE_LIMIT_EC_KEY_BITS  528 /* 521 rounded to byte boundary */

 #define LWS_JWE_LIMIT_HASH_BITS    (LWS_GENHASH_LARGEST * 8)


 /* the largest key element for any cipher */

 #define LWS_JWE_LIMIT_KEY_ELEMENT_BYTES (LWS_JWE_LIMIT_RSA_KEY_BITS / 8)


 struct lws_jwe {

         struct lws_jose jose;

         struct lws_jws jws;

         struct lws_jwk jwk;


         /*

          * We have to keep a copy of the CEK so we can reuse it with later

          * key encryptions for the multiple recipient case.

          */

         uint8_t cek[LWS_JWE_LIMIT_KEY_ELEMENT_BYTES];

         unsigned int cek_valid:1;


         int recip;

 };


 LWS_VISIBLE LWS_EXTERN void

 lws_jwe_init(struct lws_jwe *jwe, struct lws_context *context);


 LWS_VISIBLE LWS_EXTERN void

 lws_jwe_destroy(struct lws_jwe *jwe);


 LWS_VISIBLE LWS_EXTERN void

 lws_jwe_be64(uint64_t c, uint8_t *p8);


 /*

  * JWE Compact Serialization consists of

  *

  *     BASE64URL(UTF8(JWE Protected Header)) || '.' ||

  *     BASE64URL(JWE Encrypted Key)          || '.' ||

  *     BASE64URL(JWE Initialization Vector)  || '.' ||

  *     BASE64URL(JWE Ciphertext)             || '.' ||

  *     BASE64URL(JWE Authentication Tag)

  */


 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_render_compact(struct lws_jwe *jwe, char *out, size_t out_len);


 LWS_VISIBLE int

 lws_jwe_render_flattened(struct lws_jwe *jwe, char *out, size_t out_len);


 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_json_parse(struct lws_jwe *jwe, const uint8_t *buf, int len,

                    char *temp, int *temp_len);


 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_auth_and_decrypt(struct lws_jwe *jwe, char *temp, int *temp_len);


 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_encrypt(struct lws_jwe *jwe, char *temp, int *temp_len);


 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_create_packet(struct lws_jwe *jwe,

                       const char *payload, size_t len, const char *nonce,

                       char *out, size_t out_len, struct lws_context *context);


 /* only exposed because we have test vectors that need it */

 LWS_VISIBLE LWS_EXTERN int

 lws_jwe_auth_and_decrypt_cbc_hs(struct lws_jwe *jwe, uint8_t *enc_cek,

                                         uint8_t *aad, int aad_len);


 /* only exposed because we have test vectors that need it */

 LWS_VISIBLE LWS_EXTERN int

 lws_jwa_concat_kdf(struct lws_jwe *jwe, int direct,

                    uint8_t *out, const uint8_t *shared_secret, int sslen);

lws_jwk
Definition: lws-jwk.h:50

lws_jws
Definition: lws-jws.h:68

LWS_EXTERN
#define LWS_EXTERN
Definition: libwebsockets.h:225

uint8_t
unsigned char uint8_t
Definition: libwebsockets.h:572

LWS_VISIBLE
#define LWS_VISIBLE
Definition: libwebsockets.h:220

lws_jose
Definition: lws-jose.h:116

lws_jwe_render_compact
LWS_VISIBLE LWS_EXTERN int lws_jwe_render_compact(struct lws_jwe *jwe, char *out, size_t out_len)

lws_jwe_be64
LWS_VISIBLE LWS_EXTERN void lws_jwe_be64(uint64_t c, uint8_t *p8)

lws_jwe::cek
uint8_t cek[LWS_JWE_LIMIT_KEY_ELEMENT_BYTES]
Definition: lws-jwe.h:54

LWS_JWE_LIMIT_KEY_ELEMENT_BYTES
#define LWS_JWE_LIMIT_KEY_ELEMENT_BYTES
Definition: lws-jwe.h:42

lws_jwe_auth_and_decrypt_cbc_hs
LWS_VISIBLE LWS_EXTERN int lws_jwe_auth_and_decrypt_cbc_hs(struct lws_jwe *jwe, uint8_t *enc_cek, uint8_t *aad, int aad_len)

lws_jwe_auth_and_decrypt
LWS_VISIBLE LWS_EXTERN int lws_jwe_auth_and_decrypt(struct lws_jwe *jwe, char *temp, int *temp_len)

lws_jwe::jose
struct lws_jose jose
Definition: lws-jwe.h:46

lws_jwe::cek_valid
unsigned int cek_valid
Definition: lws-jwe.h:55

lws_jwe::jwk
struct lws_jwk jwk
Definition: lws-jwe.h:48

lws_jwe_encrypt
LWS_VISIBLE LWS_EXTERN int lws_jwe_encrypt(struct lws_jwe *jwe, char *temp, int *temp_len)

lws_jwe_json_parse
LWS_VISIBLE LWS_EXTERN int lws_jwe_json_parse(struct lws_jwe *jwe, const uint8_t *buf, int len, char *temp, int *temp_len)

lws_jwa_concat_kdf
LWS_VISIBLE LWS_EXTERN int lws_jwa_concat_kdf(struct lws_jwe *jwe, int direct, uint8_t *out, const uint8_t *shared_secret, int sslen)

lws_jwe_destroy
LWS_VISIBLE LWS_EXTERN void lws_jwe_destroy(struct lws_jwe *jwe)

lws_jwe_create_packet
LWS_VISIBLE LWS_EXTERN int lws_jwe_create_packet(struct lws_jwe *jwe, const char *payload, size_t len, const char *nonce, char *out, size_t out_len, struct lws_context *context)

lws_jwe::jws
struct lws_jws jws
Definition: lws-jwe.h:47

lws_jwe_init
LWS_VISIBLE LWS_EXTERN void lws_jwe_init(struct lws_jwe *jwe, struct lws_context *context)

lws_jwe_render_flattened
LWS_VISIBLE int lws_jwe_render_flattened(struct lws_jwe *jwe, char *out, size_t out_len)

lws_jwe::recip
int recip
Definition: lws-jwe.h:57

lws_jwe
Definition: lws-jwe.h:45