1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
/*
* lws-api-test-gencrypto - lws-genec
*
* Written in 2010-2018 by Andy Green <andy@warmcat.com>
*
* This file is made available under the Creative Commons CC0 1.0
* Universal Public Domain Dedication.
*/
#include <libwebsockets.h>
static const uint8_t
*jwk_ec1 = (uint8_t *)
"{\"kty\":\"EC\","
"\"crv\":\"P-256\","
"\"x\":\"MKBCTNIcKUSDii11ySs3526iDZ8AiTo7Tu6KPAqv7D4\","
"\"y\":\"4Etl6SRW2YiLUrN5vfvVHuhp7x8PxltmWWlbbM4IFyM\","
"\"d\":\"870MB6gfuTJ4HtUnUvYMyJpr5eUZNP4Bk43bVdj3eAE\","
"\"use\":\"enc\","
"\"kid\":\"rfc7517-A.2-example private key\"}"
;
static int
test_genec1(struct lws_context *context)
{
struct lws_genec_ctx ctx;
struct lws_jwk jwk;
struct lws_gencrypto_keyelem el[LWS_GENCRYPTO_EC_KEYEL_COUNT];
//uint8_t res[32], res1[32];
int n;
memset(el, 0, sizeof(el));
if (lws_genecdh_create(&ctx, context, NULL))
return 1;
/* let's create a new key */
if (lws_genecdh_new_keypair(&ctx, LDHS_OURS, "P-256", el)) {
lwsl_err("%s: lws_genec_new_keypair failed\n", __func__);
return 1;
}
lws_genec_dump(el);
lws_genec_destroy_elements(el);
lws_genec_destroy(&ctx);
if (lws_jwk_import(&jwk, NULL, NULL, (char *)jwk_ec1,
strlen((char *)jwk_ec1)) < 0) {
lwsl_notice("Failed to decode JWK test key\n");
return 1;
}
lws_jwk_dump(&jwk);
if (jwk.kty != LWS_GENCRYPTO_KTY_EC) {
lws_jwk_destroy(&jwk);
lwsl_err("%s: jwk is not an EC key\n", __func__);
return 1;
}
if (lws_genecdh_create(&ctx, context, NULL))
return 1;
n = lws_genecdh_set_key(&ctx, jwk.e, LDHS_OURS);
if (n) {
lws_jwk_destroy(&jwk);
lwsl_err("%s: lws_genec_create failed: %d\n", __func__, n);
return 1;
}
#if 0
if (lws_genec_crypt(&ctx, cbc256, 16, res, (uint8_t *)cbc256_iv,
NULL, NULL)) {
lwsl_err("%s: lws_genec_crypt failed\n", __func__);
goto bail;
}
if (lws_timingsafe_bcmp(cbc256_enc, res, 16)) {
lwsl_err("%s: lws_genec_crypt encoding mismatch\n", __func__);
lwsl_hexdump_notice(res, 16);
goto bail;
}
lws_genec_destroy(&ctx);
if (lws_genec_create(&ctx, LWS_GAESO_DEC, LWS_GAESM_CBC, &e, NULL)) {
lwsl_err("%s: lws_genec_create dec failed\n", __func__);
return -1;
}
if (lws_genec_crypt(&ctx, res, 16, res1, (uint8_t *)cbc256_iv,
NULL, NULL)) {
lwsl_err("%s: lws_genec_crypt dec failed\n", __func__);
goto bail;
}
if (lws_timingsafe_bcmp(cbc256, res1, 16)) {
lwsl_err("%s: lws_genec_crypt decoding mismatch\n", __func__);
lwsl_hexdump_notice(res, 16);
goto bail;
}
#endif
lws_genec_destroy(&ctx);
lws_jwk_destroy(&jwk);
return 0;
//bail:
// lws_genec_destroy(&ctx);
// return -1;
}
int
test_genec(struct lws_context *context)
{
if (test_genec1(context))
goto bail;
/* end */
lwsl_notice("%s: selftest OK\n", __func__);
return 0;
bail:
lwsl_err("%s: selftest failed ++++++++++++++++++++\n", __func__);
return 1;
}
|
