From 4b089788bc33b5a74c3c69bdbcf01980c223de06 Mon Sep 17 00:00:00 2001 From: Andy Green Date: Fri, 9 Jul 2021 18:04:08 +0100 Subject: [PATCH] tls: mbedtls-3 Adapt mbedtls support for compatibility with v3, while maintaining compatibility with v2. Notice v3 has removed the ability to encrypt with pubkey and decrypt with privkey. Openssl still has it, atm with v3 these fall back to encrypt with privkey and decrypt with pubkey. > The RSA module no longer supports private-key operations with the > public key or vice versa. As a consequence, RSA operation functions > no longer have a mode parameter. If you were calling RSA operations > with the normal mode (public key for verification or encryption, > private key for signature or decryption), remove the > MBEDTLS_MODE_PUBLIC or MBEDTLS_MODE_PRIVATE argument. If you were > calling RSA operations with the wrong mode, which rarely makes sense >from a security perspective, this is no longer supported. --- include/libwebsockets.h | 5 + include/libwebsockets/lws-x509.h | 5 +- lib/core/private-lib-core.h | 2 +- lib/plat/unix/unix-init.c | 27 ++++ lib/plat/unix/unix-sockets.c | 4 +- lib/plat/windows/windows-init.c | 27 ++++ lib/tls/mbedtls/lws-genaes.c | 27 ++++ lib/tls/mbedtls/lws-genec.c | 65 ++++---- lib/tls/mbedtls/lws-genhash.c | 17 ++- lib/tls/mbedtls/lws-genrsa.c | 120 +++++++++++---- lib/tls/mbedtls/mbedtls-client.c | 2 +- lib/tls/mbedtls/mbedtls-extensions.c | 77 +++++----- lib/tls/mbedtls/mbedtls-server.c | 2 +- lib/tls/mbedtls/mbedtls-x509.c | 139 ++++++++++-------- .../wrapper/include/internal/ssl_cert.h | 4 +- .../wrapper/include/internal/ssl_pkey.h | 6 +- .../wrapper/include/internal/ssl_types.h | 4 +- lib/tls/mbedtls/wrapper/include/openssl/ssl.h | 2 +- .../mbedtls/wrapper/include/platform/ssl_pm.h | 2 +- lib/tls/mbedtls/wrapper/library/ssl_cert.c | 8 +- lib/tls/mbedtls/wrapper/library/ssl_lib.c | 7 +- lib/tls/mbedtls/wrapper/library/ssl_pkey.c | 16 +- lib/tls/mbedtls/wrapper/platform/ssl_pm.c | 34 +++-- lib/tls/openssl/openssl-x509.c | 4 +- .../api-tests/api-test-jose/jws.c | 2 +- .../crypto/minimal-crypto-x509/main.c | 3 +- .../minimal-http-client.c | 5 +- 27 files changed, 412 insertions(+), 204 deletions(-) diff --git a/include/libwebsockets.h b/include/libwebsockets.h index af3671bc5..5f14f19b4 100644 --- a/include/libwebsockets.h +++ b/include/libwebsockets.h @@ -287,6 +287,11 @@ typedef int suseconds_t; #include #include #include + +#if !defined(MBEDTLS_PRIVATE) +#define MBEDTLS_PRIVATE(_q) _q +#endif + #endif #else #include diff --git a/include/libwebsockets/lws-x509.h b/include/libwebsockets/lws-x509.h index 75ceb249f..17a834c19 100644 --- a/include/libwebsockets/lws-x509.h +++ b/include/libwebsockets/lws-x509.h @@ -148,6 +148,7 @@ lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509, * lws_x509_jwk_privkey_pem() - Copy a private key PEM into a jwk that has the * public part already * + * \param cx: lws_context (for random) * \param jwk: pointer to the jwk to initialize and set to the public key * \param pem: pointer to PEM private key in memory * \param len: length of PEM private key in memory @@ -163,8 +164,8 @@ lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509, * The caller should take care to zero down passphrase if used. */ LWS_VISIBLE LWS_EXTERN int -lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, - const char *passphrase); +lws_x509_jwk_privkey_pem(struct lws_context *cx, struct lws_jwk *jwk, + void *pem, size_t len, const char *passphrase); /** * lws_x509_destroy() - Destroy a previously allocated lws_x509_cert object diff --git a/lib/core/private-lib-core.h b/lib/core/private-lib-core.h index e5fb25a5b..1b5225209 100644 --- a/lib/core/private-lib-core.h +++ b/lib/core/private-lib-core.h @@ -617,7 +617,7 @@ struct lws_context { const char *username, *groupname; #endif -#if defined(LWS_AMAZON_RTOS) && defined(LWS_WITH_MBEDTLS) +#if defined(LWS_WITH_MBEDTLS) mbedtls_entropy_context mec; mbedtls_ctr_drbg_context mcdc; #endif diff --git a/lib/plat/unix/unix-init.c b/lib/plat/unix/unix-init.c index 8621640a6..46f072f9b 100644 --- a/lib/plat/unix/unix-init.c +++ b/lib/plat/unix/unix-init.c @@ -136,6 +136,33 @@ lws_plat_init(struct lws_context *context, return 1; } +#if defined(LWS_WITH_MBEDTLS) + { + int n; + + /* initialize platform random through mbedtls */ + mbedtls_entropy_init(&context->mec); + mbedtls_ctr_drbg_init(&context->mcdc); + + n = mbedtls_ctr_drbg_seed(&context->mcdc, mbedtls_entropy_func, + &context->mec, NULL, 0); + if (n) + lwsl_err("%s: mbedtls_ctr_drbg_seed() returned 0x%x\n", + __func__, n); +#if 0 + else { + uint8_t rtest[16]; + lwsl_notice("%s: started drbg\n", __func__); + if (mbedtls_ctr_drbg_random(&context->mcdc, rtest, + sizeof(rtest))) + lwsl_err("%s: get random failed\n", __func__); + else + lwsl_hexdump_notice(rtest, sizeof(rtest)); + } +#endif + } +#endif + lwsl_cx_info(context, " mem: platform fd map: %5lu B", (unsigned long)(sizeof(struct lws *) * context->max_fds)); #endif diff --git a/lib/plat/unix/unix-sockets.c b/lib/plat/unix/unix-sockets.c index 116a9dc91..525fcfc5b 100644 --- a/lib/plat/unix/unix-sockets.c +++ b/lib/plat/unix/unix-sockets.c @@ -557,7 +557,7 @@ lws_plat_vhost_tls_client_ctx_init(struct lws_vhost *vhost) int lws_plat_mbedtls_net_send(void *ctx, const uint8_t *buf, size_t len) { - int fd = ((mbedtls_net_context *) ctx)->fd; + int fd = ((mbedtls_net_context *) ctx)->MBEDTLS_PRIVATE(fd); int ret; if (fd < 0) @@ -582,7 +582,7 @@ lws_plat_mbedtls_net_send(void *ctx, const uint8_t *buf, size_t len) int lws_plat_mbedtls_net_recv(void *ctx, unsigned char *buf, size_t len) { - int fd = ((mbedtls_net_context *) ctx)->fd; + int fd = ((mbedtls_net_context *) ctx)->MBEDTLS_PRIVATE(fd); int ret; if (fd < 0) diff --git a/lib/plat/windows/windows-init.c b/lib/plat/windows/windows-init.c index 43956b433..00190c710 100644 --- a/lib/plat/windows/windows-init.c +++ b/lib/plat/windows/windows-init.c @@ -77,6 +77,33 @@ lws_plat_init(struct lws_context *context, struct lws_context_per_thread *pt = &context->pt[0]; int i, n = context->count_threads; +#if defined(LWS_WITH_MBEDTLS) + { + int n; + + /* initialize platform random through mbedtls */ + mbedtls_entropy_init(&context->mec); + mbedtls_ctr_drbg_init(&context->mcdc); + + n = mbedtls_ctr_drbg_seed(&context->mcdc, mbedtls_entropy_func, + &context->mec, NULL, 0); + if (n) + lwsl_err("%s: mbedtls_ctr_drbg_seed() returned 0x%x\n", + __func__, n); +#if 0 + else { + uint8_t rtest[16]; + lwsl_notice("%s: started drbg\n", __func__); + if (mbedtls_ctr_drbg_random(&context->mcdc, rtest, + sizeof(rtest))) + lwsl_err("%s: get random failed\n", __func__); + else + lwsl_hexdump_notice(rtest, sizeof(rtest)); + } +#endif + } +#endif + for (i = 0; i < FD_HASHTABLE_MODULUS; i++) { context->fd_hashtable[i].wsi = lws_zalloc(sizeof(struct lws*) * context->max_fds, diff --git a/lib/tls/mbedtls/lws-genaes.c b/lib/tls/mbedtls/lws-genaes.c index 0bde745c1..f6a4ebd95 100644 --- a/lib/tls/mbedtls/lws-genaes.c +++ b/lib/tls/mbedtls/lws-genaes.c @@ -131,10 +131,20 @@ lws_genaes_create(struct lws_genaes_ctx *ctx, enum enum_aes_operation op, int lws_genaes_destroy(struct lws_genaes_ctx *ctx, unsigned char *tag, size_t tlen) { +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + size_t last_len = 0; + uint8_t last[16]; +#endif int n; if (ctx->mode == LWS_GAESM_GCM) { +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + n = mbedtls_gcm_finish(&ctx->u.ctx_gcm, last, sizeof(last), + &last_len, tag, tlen); +#else n = mbedtls_gcm_finish(&ctx->u.ctx_gcm, tag, tlen); +#endif + if (n) lwsl_notice("%s: mbedtls_gcm_finish: -0x%x\n", __func__, -n); @@ -388,9 +398,18 @@ lws_genaes_crypt(struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len, * additional data len: len */ +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + n = mbedtls_gcm_starts(&ctx->u.ctx_gcm, (int)ctx->op, + iv_or_nonce_ctr_or_data_unit_16, + *nc_or_iv_off); + if (!n) + n = mbedtls_gcm_update_ad(&ctx->u.ctx_gcm, + in, len); +#else n = mbedtls_gcm_starts(&ctx->u.ctx_gcm, (int)ctx->op, iv_or_nonce_ctr_or_data_unit_16, *nc_or_iv_off, in, len); +#endif if (n) { lwsl_notice("%s: mbedtls_gcm_starts: -0x%x\n", __func__, -n); @@ -400,7 +419,15 @@ lws_genaes_crypt(struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len, break; } +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + { + size_t al; + + n = mbedtls_gcm_update(&ctx->u.ctx_gcm, in, len, out, len, &al); + } +#else n = mbedtls_gcm_update(&ctx->u.ctx_gcm, len, in, out); +#endif if (n) { lwsl_notice("%s: mbedtls_gcm_update: -0x%x\n", __func__, -n); diff --git a/lib/tls/mbedtls/lws-genec.c b/lib/tls/mbedtls/lws-genec.c index ef95c3166..db7f67f67 100644 --- a/lib/tls/mbedtls/lws-genec.c +++ b/lib/tls/mbedtls/lws-genec.c @@ -27,6 +27,15 @@ #include "private-lib-core.h" #include "private-lib-tls-mbedtls.h" +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 +#define ECDHCTX(_c, _ins) _c->u.ctx_ecdh->MBEDTLS_PRIVATE(ctx).\ + MBEDTLS_PRIVATE(mbed_ecdh).MBEDTLS_PRIVATE(_ins) +#define ECDSACTX(_c, _ins) _c->u.ctx_ecdsa->MBEDTLS_PRIVATE(_ins) +#else +#define ECDHCTX(_c, _ins) _c->u.ctx_ecdh->_ins +#define ECDSACTX(_c, _ins) _c->u.ctx_ecdsa->_ins +#endif + const struct lws_ec_curves lws_ec_curves[] = { /* * These are the curves we are willing to use by default... @@ -76,7 +85,8 @@ lws_genec_keypair_import(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side, return -23; mbedtls_ecp_keypair_init(&kp); - if (mbedtls_ecp_group_load(&kp.grp, (mbedtls_ecp_group_id)curve->tls_lib_nid)) + if (mbedtls_ecp_group_load(&kp.MBEDTLS_PRIVATE(grp), + (mbedtls_ecp_group_id)curve->tls_lib_nid)) goto bail1; ctx->has_private = !!el[LWS_GENCRYPTO_EC_KEYEL_D].len; @@ -84,21 +94,24 @@ lws_genec_keypair_import(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side, /* d (the private key) is directly an mpi */ if (ctx->has_private && - mbedtls_mpi_read_binary(&kp.d, el[LWS_GENCRYPTO_EC_KEYEL_D].buf, + mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(d), + el[LWS_GENCRYPTO_EC_KEYEL_D].buf, el[LWS_GENCRYPTO_EC_KEYEL_D].len)) goto bail1; - mbedtls_ecp_set_zero(&kp.Q); + mbedtls_ecp_set_zero(&kp.MBEDTLS_PRIVATE(Q)); - if (mbedtls_mpi_read_binary(&kp.Q.X, el[LWS_GENCRYPTO_EC_KEYEL_X].buf, + if (mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), + el[LWS_GENCRYPTO_EC_KEYEL_X].buf, el[LWS_GENCRYPTO_EC_KEYEL_X].len)) goto bail1; - if (mbedtls_mpi_read_binary(&kp.Q.Y, el[LWS_GENCRYPTO_EC_KEYEL_Y].buf, + if (mbedtls_mpi_read_binary(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), + el[LWS_GENCRYPTO_EC_KEYEL_Y].buf, el[LWS_GENCRYPTO_EC_KEYEL_Y].len)) goto bail1; - mbedtls_mpi_lset(&kp.Q.Z, 1); + mbedtls_mpi_lset(&kp.MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 1); switch (ctx->genec_alg) { case LEGENEC_ECDH: @@ -107,11 +120,11 @@ lws_genec_keypair_import(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side, goto bail1; /* verify the key is consistent with the claimed curve */ if (ctx->has_private && - mbedtls_ecp_check_privkey(&ctx->u.ctx_ecdh->grp, - &ctx->u.ctx_ecdh->d)) + mbedtls_ecp_check_privkey(&ECDHCTX(ctx, grp), + &ECDHCTX(ctx, d))) goto bail1; - if (mbedtls_ecp_check_pubkey(&ctx->u.ctx_ecdh->grp, - &ctx->u.ctx_ecdh->Q)) + if (mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp), + &ECDHCTX(ctx, Q))) goto bail1; break; case LEGENEC_ECDSA: @@ -119,11 +132,11 @@ lws_genec_keypair_import(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side, goto bail1; /* verify the key is consistent with the claimed curve */ if (ctx->has_private && - mbedtls_ecp_check_privkey(&ctx->u.ctx_ecdsa->grp, - &ctx->u.ctx_ecdsa->d)) + mbedtls_ecp_check_privkey(&ECDSACTX(ctx, grp), + &ECDSACTX(ctx, d))) goto bail1; - if (mbedtls_ecp_check_pubkey(&ctx->u.ctx_ecdsa->grp, - &ctx->u.ctx_ecdsa->Q)) + if (mbedtls_ecp_check_pubkey(&ECDSACTX(ctx, grp), + &ECDSACTX(ctx, Q))) goto bail1; break; default: @@ -265,9 +278,9 @@ lws_genecdh_new_keypair(struct lws_genec_ctx *ctx, enum enum_lws_dh_side side, * lws_gencrypto_keyelem, so they can be serialized, used in jwk etc */ - mpi[0] = &kp->Q.X; - mpi[1] = &kp->d; - mpi[2] = &kp->Q.Y; + mpi[0] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X); + mpi[1] = &kp->MBEDTLS_PRIVATE(d); + mpi[2] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y); el[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)strlen(curve_name) + 1; el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf = @@ -339,9 +352,9 @@ lws_genecdsa_new_keypair(struct lws_genec_ctx *ctx, const char *curve_name, kp = (mbedtls_ecp_keypair *)ctx->u.ctx_ecdsa; - mpi[0] = &kp->Q.X; - mpi[1] = &kp->d; - mpi[2] = &kp->Q.Y; + mpi[0] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X); + mpi[1] = &kp->MBEDTLS_PRIVATE(d); + mpi[2] = &kp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y); el[LWS_GENCRYPTO_EC_KEYEL_CRV].len = (uint32_t)strlen(curve_name) + 1; el[LWS_GENCRYPTO_EC_KEYEL_CRV].buf = @@ -412,8 +425,8 @@ lws_genecdsa_hash_sign_jws(struct lws_genec_ctx *ctx, const uint8_t *in, mbedtls_mpi_init(&mpi_r); mbedtls_mpi_init(&mpi_s); - n = mbedtls_ecdsa_sign(&ctx->u.ctx_ecdsa->grp, &mpi_r, &mpi_s, - &ctx->u.ctx_ecdsa->d, in, hlen, + n = mbedtls_ecdsa_sign(&ECDSACTX(ctx, grp), &mpi_r, &mpi_s, + &ECDSACTX(ctx, d), in, hlen, lws_gencrypto_mbedtls_rngf, ctx->context); if (n) { lwsl_err("%s: mbedtls_ecdsa_sign failed: -0x%x\n", @@ -476,8 +489,8 @@ lws_genecdsa_hash_sig_verify_jws(struct lws_genec_ctx *ctx, const uint8_t *in, if (mbedtls_mpi_read_binary(&mpi_s, sig + keybytes, (unsigned int)keybytes)) goto bail1; - n = mbedtls_ecdsa_verify(&ctx->u.ctx_ecdsa->grp, in, hlen, - &ctx->u.ctx_ecdsa->Q, &mpi_r, &mpi_s); + n = mbedtls_ecdsa_verify(&ECDSACTX(ctx, grp), in, hlen, + &ECDSACTX(ctx, Q), &mpi_r, &mpi_s); mbedtls_mpi_free(&mpi_s); mbedtls_mpi_free(&mpi_r); @@ -504,8 +517,8 @@ lws_genecdh_compute_shared_secret(struct lws_genec_ctx *ctx, uint8_t *ss, { int n; size_t st; - if (mbedtls_ecp_check_pubkey(&ctx->u.ctx_ecdh->grp, &ctx->u.ctx_ecdh->Q) || - mbedtls_ecp_check_pubkey(&ctx->u.ctx_ecdh->grp, &ctx->u.ctx_ecdh->Qp)) { + if (mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp), &ECDHCTX(ctx, Q)) || + mbedtls_ecp_check_pubkey(&ECDHCTX(ctx, grp), &ECDHCTX(ctx, Qp))) { lwsl_err("%s: both sides must be set up\n", __func__); return -1; diff --git a/lib/tls/mbedtls/lws-genhash.c b/lib/tls/mbedtls/lws-genhash.c index 8f578a957..c9ea3669c 100644 --- a/lib/tls/mbedtls/lws-genhash.c +++ b/lib/tls/mbedtls/lws-genhash.c @@ -27,7 +27,22 @@ #include "libwebsockets.h" #include -#if (MBEDTLS_VERSION_NUMBER >= 0x02070000) +#if defined(MBEDTLS_VERSION_NUMBER) && (MBEDTLS_VERSION_NUMBER >= 0x03000000) +#define mbedtls_md5_starts_ret mbedtls_md5_starts +#define mbedtls_md5_update_ret mbedtls_md5_update +#define mbedtls_md5_finish_ret mbedtls_md5_finish +#define mbedtls_sha1_finish_ret mbedtls_sha1_finish +#define mbedtls_sha1_update_ret mbedtls_sha1_update +#define mbedtls_sha1_starts_ret mbedtls_sha1_starts +#define mbedtls_sha256_starts_ret mbedtls_sha256_starts +#define mbedtls_sha256_update_ret mbedtls_sha256_update +#define mbedtls_sha256_finish_ret mbedtls_sha256_finish +#define mbedtls_sha512_starts_ret mbedtls_sha512_starts +#define mbedtls_sha512_update_ret mbedtls_sha512_update +#define mbedtls_sha512_finish_ret mbedtls_sha512_finish +#endif + +#if defined(MBEDTLS_VERSION_NUMBER) && (MBEDTLS_VERSION_NUMBER >= 0x02070000) /* * We have the _ret variants available, check the return codes on everything diff --git a/lib/tls/mbedtls/lws-genrsa.c b/lib/tls/mbedtls/lws-genrsa.c index e5d9ba0a6..35883d2a3 100644 --- a/lib/tls/mbedtls/lws-genrsa.c +++ b/lib/tls/mbedtls/lws-genrsa.c @@ -56,18 +56,29 @@ lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_gencrypto_keyelem *el, if (mode >= LGRSAM_COUNT) return -1; +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 mbedtls_rsa_init(ctx->ctx, mode_map[mode], 0); +#else + mbedtls_rsa_init(ctx->ctx); + mbedtls_rsa_set_padding(ctx->ctx, mode_map[mode], 0); +#endif - ctx->ctx->padding = mode_map[mode]; - ctx->ctx->hash_id = (int)lws_gencrypto_mbedtls_hash_to_MD_TYPE(oaep_hashid); + ctx->ctx->MBEDTLS_PRIVATE(padding) = mode_map[mode]; + ctx->ctx->MBEDTLS_PRIVATE(hash_id) = + (int)lws_gencrypto_mbedtls_hash_to_MD_TYPE(oaep_hashid); { int n; mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = { - &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, + &ctx->ctx->MBEDTLS_PRIVATE(E), + &ctx->ctx->MBEDTLS_PRIVATE(N), + &ctx->ctx->MBEDTLS_PRIVATE(D), + &ctx->ctx->MBEDTLS_PRIVATE(P), + &ctx->ctx->MBEDTLS_PRIVATE(Q), + &ctx->ctx->MBEDTLS_PRIVATE(DP), + &ctx->ctx->MBEDTLS_PRIVATE(DQ), + &ctx->ctx->MBEDTLS_PRIVATE(QP), }; for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++) @@ -100,7 +111,7 @@ lws_genrsa_create(struct lws_genrsa_ctx *ctx, struct lws_gencrypto_keyelem *el, } } - ctx->ctx->len = el[LWS_GENCRYPTO_RSA_KEYEL_N].len; + ctx->ctx->MBEDTLS_PRIVATE(len) = el[LWS_GENCRYPTO_RSA_KEYEL_N].len; return 0; } @@ -132,7 +143,12 @@ lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, if (mode >= LGRSAM_COUNT) return -1; +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 mbedtls_rsa_init(ctx->ctx, mode_map[mode], 0); +#else + mbedtls_rsa_init(ctx->ctx); + mbedtls_rsa_set_padding(ctx->ctx, mode_map[mode], 0); +#endif n = mbedtls_rsa_gen_key(ctx->ctx, _rngf, context, (unsigned int)bits, 65537); if (n) { @@ -142,9 +158,14 @@ lws_genrsa_new_keypair(struct lws_context *context, struct lws_genrsa_ctx *ctx, { mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = { - &ctx->ctx->E, &ctx->ctx->N, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, + &ctx->ctx->MBEDTLS_PRIVATE(E), + &ctx->ctx->MBEDTLS_PRIVATE(N), + &ctx->ctx->MBEDTLS_PRIVATE(D), + &ctx->ctx->MBEDTLS_PRIVATE(P), + &ctx->ctx->MBEDTLS_PRIVATE(Q), + &ctx->ctx->MBEDTLS_PRIVATE(DP), + &ctx->ctx->MBEDTLS_PRIVATE(DQ), + &ctx->ctx->MBEDTLS_PRIVATE(QP), }; for (n = 0; n < LWS_GENCRYPTO_RSA_KEYEL_COUNT; n++) @@ -179,7 +200,7 @@ lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, size_t olen = 0; int n; - ctx->ctx->len = in_len; + ctx->ctx->MBEDTLS_PRIVATE(len) = in_len; #if defined(LWS_HAVE_mbedtls_rsa_complete) mbedtls_rsa_complete(ctx->ctx); @@ -189,14 +210,18 @@ lws_genrsa_public_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, case LGRSAM_PKCS1_1_5: n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PUBLIC, +#endif &olen, in, out, out_max); break; case LGRSAM_PKCS1_OAEP_PSS: n = mbedtls_rsa_rsaes_oaep_decrypt(ctx->ctx, _rngf, ctx->context, - MBEDTLS_RSA_PUBLIC, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 + MBEDTLS_RSA_PUBLIC, +#endif NULL, 0, &olen, in, out, out_max); break; @@ -219,7 +244,7 @@ lws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, size_t olen = 0; int n; - ctx->ctx->len = in_len; + ctx->ctx->MBEDTLS_PRIVATE(len) = in_len; #if defined(LWS_HAVE_mbedtls_rsa_complete) mbedtls_rsa_complete(ctx->ctx); @@ -229,14 +254,18 @@ lws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, case LGRSAM_PKCS1_1_5: n = mbedtls_rsa_rsaes_pkcs1_v15_decrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, +#endif &olen, in, out, out_max); break; case LGRSAM_PKCS1_OAEP_PSS: n = mbedtls_rsa_rsaes_oaep_decrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, +#endif NULL, 0, &olen, in, out, out_max); break; @@ -266,13 +295,17 @@ lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, case LGRSAM_PKCS1_1_5: n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PUBLIC, +#endif in_len, in, out); break; case LGRSAM_PKCS1_OAEP_PSS: n = mbedtls_rsa_rsaes_oaep_encrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PUBLIC, +#endif NULL, 0, in_len, in, out); break; @@ -286,7 +319,7 @@ lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, return -1; } - return (int)mbedtls_mpi_size(&ctx->ctx->N); + return (int)mbedtls_mpi_size(&ctx->ctx->MBEDTLS_PRIVATE(N)); } int @@ -303,13 +336,17 @@ lws_genrsa_private_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, case LGRSAM_PKCS1_1_5: n = mbedtls_rsa_rsaes_pkcs1_v15_encrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, +#endif in_len, in, out); break; case LGRSAM_PKCS1_OAEP_PSS: n = mbedtls_rsa_rsaes_oaep_encrypt(ctx->ctx, _rngf, ctx->context, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, +#endif NULL, 0, in_len, in, out); break; @@ -323,7 +360,7 @@ lws_genrsa_private_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in, return -1; } - return (int)mbedtls_mpi_size(&ctx->ctx->N); + return (int)mbedtls_mpi_size(&ctx->ctx->MBEDTLS_PRIVATE(N)); } int @@ -342,20 +379,30 @@ lws_genrsa_hash_sig_verify(struct lws_genrsa_ctx *ctx, const uint8_t *in, switch(ctx->mode) { case LGRSAM_PKCS1_1_5: - n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx, NULL, NULL, + n = mbedtls_rsa_rsassa_pkcs1_v15_verify(ctx->ctx, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 + NULL, NULL, MBEDTLS_RSA_PUBLIC, - (mbedtls_md_type_t)h, 0, in, sig); +#endif + (mbedtls_md_type_t)h, + (unsigned int)lws_genhash_size(hash_type), + in, sig); break; case LGRSAM_PKCS1_OAEP_PSS: - n = mbedtls_rsa_rsassa_pss_verify(ctx->ctx, NULL, NULL, + n = mbedtls_rsa_rsassa_pss_verify(ctx->ctx, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 + NULL, NULL, MBEDTLS_RSA_PUBLIC, - (mbedtls_md_type_t)h, 0, in, sig); +#endif + (mbedtls_md_type_t)h, + (unsigned int)lws_genhash_size(hash_type), + in, sig); break; default: return -1; } if (n < 0) { - lwsl_notice("%s: -0x%x\n", __func__, -n); + lwsl_notice("%s: (mode %d) -0x%x\n", __func__, ctx->mode, -n); return -1; } @@ -381,19 +428,31 @@ lws_genrsa_hash_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, * The "sig" buffer must be as large as the size of ctx->N * (eg. 128 bytes if RSA-1024 is used). */ - if (sig_len < ctx->ctx->len) + if (sig_len < ctx->ctx->MBEDTLS_PRIVATE(len)) return -1; switch(ctx->mode) { case LGRSAM_PKCS1_1_5: - n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx, NULL, NULL, + n = mbedtls_rsa_rsassa_pkcs1_v15_sign(ctx->ctx, + mbedtls_ctr_drbg_random, + &ctx->context->mcdc, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, - (mbedtls_md_type_t)h, 0, in, sig); +#endif + (mbedtls_md_type_t)h, + (unsigned int)lws_genhash_size(hash_type), + in, sig); break; case LGRSAM_PKCS1_OAEP_PSS: - n = mbedtls_rsa_rsassa_pss_sign(ctx->ctx, NULL, NULL, + n = mbedtls_rsa_rsassa_pss_sign(ctx->ctx, + mbedtls_ctr_drbg_random, + &ctx->context->mcdc, +#if !defined(MBEDTLS_VERSION_NUMBER) || MBEDTLS_VERSION_NUMBER < 0x03000000 MBEDTLS_RSA_PRIVATE, - (mbedtls_md_type_t)h, 0, in, sig); +#endif + (mbedtls_md_type_t)h, + (unsigned int)lws_genhash_size(hash_type), + in, sig); break; default: return -1; @@ -405,7 +464,7 @@ lws_genrsa_hash_sign(struct lws_genrsa_ctx *ctx, const uint8_t *in, return -1; } - return (int)ctx->ctx->len; + return (int)ctx->ctx->MBEDTLS_PRIVATE(len); } int @@ -414,9 +473,14 @@ lws_genrsa_render_pkey_asn1(struct lws_genrsa_ctx *ctx, int _private, { uint8_t *p = pkey_asn1, *totlen, *end = pkey_asn1 + pkey_asn1_len - 1; mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT] = { - &ctx->ctx->N, &ctx->ctx->E, &ctx->ctx->D, &ctx->ctx->P, - &ctx->ctx->Q, &ctx->ctx->DP, &ctx->ctx->DQ, - &ctx->ctx->QP, + &ctx->ctx->MBEDTLS_PRIVATE(N), + &ctx->ctx->MBEDTLS_PRIVATE(E), + &ctx->ctx->MBEDTLS_PRIVATE(D), + &ctx->ctx->MBEDTLS_PRIVATE(P), + &ctx->ctx->MBEDTLS_PRIVATE(Q), + &ctx->ctx->MBEDTLS_PRIVATE(DP), + &ctx->ctx->MBEDTLS_PRIVATE(DQ), + &ctx->ctx->MBEDTLS_PRIVATE(QP), }; int n; diff --git a/lib/tls/mbedtls/mbedtls-client.c b/lib/tls/mbedtls/mbedtls-client.c index 949ab4359..9897b55a8 100644 --- a/lib/tls/mbedtls/mbedtls-client.c +++ b/lib/tls/mbedtls/mbedtls-client.c @@ -382,7 +382,7 @@ lws_tls_client_create_vhost_context(struct lws_vhost *vh, return 1; } /* create context */ - vh->tls.ssl_client_ctx = SSL_CTX_new(method); + vh->tls.ssl_client_ctx = SSL_CTX_new(method, &vh->context->mcdc); if (!vh->tls.ssl_client_ctx) { error = (unsigned long)ERR_get_error(); lwsl_err("problem creating ssl context %lu: %s\n", diff --git a/lib/tls/mbedtls/mbedtls-extensions.c b/lib/tls/mbedtls/mbedtls-extensions.c index 77d4aadb8..092c36dc7 100644 --- a/lib/tls/mbedtls/mbedtls-extensions.c +++ b/lib/tls/mbedtls/mbedtls-extensions.c @@ -103,9 +103,9 @@ static const oid_x509_ext_t oid_x509_ext[] = { const mbedtls_oid_descriptor_t *cur = \ (const mbedtls_oid_descriptor_t *) p; \ if( p == NULL || oid == NULL ) return( NULL ); \ - while( cur->asn1 != NULL ) { \ - if( cur->asn1_len == oid->len && \ - memcmp( cur->asn1, oid->p, oid->len ) == 0 ) { \ + while( cur->MBEDTLS_PRIVATE(asn1) != NULL ) { \ + if( cur->MBEDTLS_PRIVATE(asn1_len) == oid->MBEDTLS_PRIVATE(len) && \ + memcmp( cur->MBEDTLS_PRIVATE(asn1), oid->MBEDTLS_PRIVATE(p), oid->MBEDTLS_PRIVATE(len) ) == 0 ) { \ return( p ); \ } \ p++; \ @@ -177,9 +177,9 @@ x509_get_skid(uint8_t **p, const uint8_t *end, mbedtls_x509_buf *skid) if (ret) return ret; - skid->len = len; - skid->tag = MBEDTLS_ASN1_OCTET_STRING; - skid->p = *p; + skid->MBEDTLS_PRIVATE(len) = len; + skid->MBEDTLS_PRIVATE(tag) = MBEDTLS_ASN1_OCTET_STRING; + skid->MBEDTLS_PRIVATE(p) = *p; *p += len; return *p != end; @@ -194,7 +194,8 @@ lws_mbedtls_x509_parse_general_name(const mbedtls_x509_buf *name_buf, mbedtls_x509_name rfc822Name; int ret; - switch (name_buf->tag & (LWS_MBEDTLS_ASN1_TAG_CLASS_MASK | + switch (name_buf->MBEDTLS_PRIVATE(tag) & + (LWS_MBEDTLS_ASN1_TAG_CLASS_MASK | LWS_MBEDTLS_ASN1_TAG_VALUE_MASK)) { #if 0 @@ -210,9 +211,10 @@ lws_mbedtls_x509_parse_general_name(const mbedtls_x509_buf *name_buf, #endif case MBEDTLS_ASN1_SEQUENCE | LWS_MBEDTLS_X509_SAN_RFC822_NAME: - bufferPointer = name_buf->p; + bufferPointer = name_buf->MBEDTLS_PRIVATE(p); p = &bufferPointer; - end = name_buf->p + name_buf->len; + end = name_buf->MBEDTLS_PRIVATE(p) + + name_buf->MBEDTLS_PRIVATE(len); /* The leading ASN1 tag and length has been processed. * Stepping back with 2 bytes, because mbedtls_x509_get_name @@ -284,50 +286,52 @@ lws_x509_get_general_names(uint8_t **p, const uint8_t *end, /* * Check that the name is structured correctly. */ - r = lws_mbedtls_x509_parse_general_name(&cur->buf, &dnb); + r = lws_mbedtls_x509_parse_general_name( + &cur->MBEDTLS_PRIVATE(buf), &dnb); /* * In case the extension is malformed, return an error, * and clear the allocated sequences. */ if (r && r != MBEDTLS_ERR_X509_FEATURE_UNAVAILABLE) { - mbedtls_x509_sequence *seq_cur = name->next; + mbedtls_x509_sequence *seq_cur = name->MBEDTLS_PRIVATE(next); mbedtls_x509_sequence *seq_prv; while( seq_cur != NULL ) { seq_prv = seq_cur; - seq_cur = seq_cur->next; + seq_cur = seq_cur->MBEDTLS_PRIVATE(next); lws_explicit_bzero(seq_prv, sizeof(*seq_cur)); lws_free(seq_prv); } - name->next = NULL; + name->MBEDTLS_PRIVATE(next) = NULL; return r; } /* Allocate and assign next pointer */ - if (cur->buf.p) { - if (cur->next) + if (cur->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(p)) { + if (cur->MBEDTLS_PRIVATE(next)) return 1; - cur->next = lws_zalloc(sizeof(*cur), __func__); + cur->MBEDTLS_PRIVATE(next) = + lws_zalloc(sizeof(*cur), __func__); - if (!cur->next) + if (!cur->MBEDTLS_PRIVATE(next)) return 1; - cur = cur->next; + cur = cur->MBEDTLS_PRIVATE(next); } - buf = &(cur->buf); - buf->tag = tag; - buf->p = *p; - buf->len = tag_len; + buf = &(cur->MBEDTLS_PRIVATE(buf)); + buf->MBEDTLS_PRIVATE(tag) = tag; + buf->MBEDTLS_PRIVATE(p) = *p; + buf->MBEDTLS_PRIVATE(len) = tag_len; - *p += buf->len; + *p += buf->MBEDTLS_PRIVATE(len); } /* Set final sequence entry's next pointer to NULL */ - cur->next = NULL; + cur->MBEDTLS_PRIVATE(next) = NULL; return *p != end; } @@ -345,9 +349,9 @@ x509_get_akid(uint8_t **p, uint8_t *end, lws_mbedtls_x509_authority *akid) r = mbedtls_asn1_get_tag(p, end, &len, MBEDTLS_ASN1_CONTEXT_SPECIFIC); if (!r) { - akid->keyIdentifier.len = len; - akid->keyIdentifier.p = *p; - akid->keyIdentifier.tag = MBEDTLS_ASN1_OCTET_STRING; + akid->keyIdentifier.MBEDTLS_PRIVATE(len) = len; + akid->keyIdentifier.MBEDTLS_PRIVATE(p) = *p; + akid->keyIdentifier.MBEDTLS_PRIVATE(tag) = MBEDTLS_ASN1_OCTET_STRING; *p += len; } @@ -381,9 +385,9 @@ x509_get_akid(uint8_t **p, uint8_t *end, lws_mbedtls_x509_authority *akid) if (r) return r; - akid->authorityCertSerialNumber.len = len; - akid->authorityCertSerialNumber.p = *p; - akid->authorityCertSerialNumber.tag = MBEDTLS_ASN1_OCTET_STRING; + akid->authorityCertSerialNumber.MBEDTLS_PRIVATE(len) = len; + akid->authorityCertSerialNumber.MBEDTLS_PRIVATE(p) = *p; + akid->authorityCertSerialNumber.MBEDTLS_PRIVATE(tag) = MBEDTLS_ASN1_OCTET_STRING; *p += len; } @@ -399,8 +403,9 @@ int lws_x509_get_crt_ext(mbedtls_x509_crt *crt, mbedtls_x509_buf *skid, lws_mbedtls_x509_authority *akid) { - uint8_t *p = crt->v3_ext.p, *end_ext_data, *end_ext_octet; - const uint8_t *end = p + crt->v3_ext.len; + uint8_t *p = crt->MBEDTLS_PRIVATE(v3_ext).MBEDTLS_PRIVATE(p), + *end_ext_data, *end_ext_octet; + const uint8_t *end = p + crt->MBEDTLS_PRIVATE(v3_ext).MBEDTLS_PRIVATE(len); size_t len; int r = mbedtls_asn1_get_tag(&p, end, &len, MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); @@ -421,14 +426,14 @@ lws_x509_get_crt_ext(mbedtls_x509_crt *crt, mbedtls_x509_buf *skid, end_ext_data = p + len; /* Get extension ID */ - r = mbedtls_asn1_get_tag(&p, end_ext_data, &extn_oid.len, + r = mbedtls_asn1_get_tag(&p, end_ext_data, &extn_oid.MBEDTLS_PRIVATE(len), MBEDTLS_ASN1_OID); if (r) return r; - extn_oid.tag = MBEDTLS_ASN1_OID; - extn_oid.p = p; - p += extn_oid.len; + extn_oid.MBEDTLS_PRIVATE(tag) = MBEDTLS_ASN1_OID; + extn_oid.MBEDTLS_PRIVATE(p) = p; + p += extn_oid.MBEDTLS_PRIVATE(len); /* Get optional critical */ r = mbedtls_asn1_get_bool(&p, end_ext_data, &is_critical); diff --git a/lib/tls/mbedtls/mbedtls-server.c b/lib/tls/mbedtls/mbedtls-server.c index 253612e01..ec337edc4 100644 --- a/lib/tls/mbedtls/mbedtls-server.c +++ b/lib/tls/mbedtls/mbedtls-server.c @@ -190,7 +190,7 @@ lws_tls_server_vhost_backend_init(const struct lws_context_creation_info *info, lws_filepos_t flen; int n; - vhost->tls.ssl_ctx = SSL_CTX_new(method); /* create context */ + vhost->tls.ssl_ctx = SSL_CTX_new(method, &vhost->context->mcdc); /* create context */ if (!vhost->tls.ssl_ctx) { lwsl_err("problem creating ssl context\n"); return 1; diff --git a/lib/tls/mbedtls/mbedtls-x509.c b/lib/tls/mbedtls/mbedtls-x509.c index 6ca10020b..8d372c381 100644 --- a/lib/tls/mbedtls/mbedtls-x509.c +++ b/lib/tls/mbedtls/mbedtls-x509.c @@ -49,17 +49,17 @@ lws_tls_mbedtls_time_to_unix(mbedtls_x509_time *xtime) { struct tm t; - if (!xtime || !xtime->year || xtime->year < 0) + if (!xtime || !xtime->MBEDTLS_PRIVATE(year) || xtime->MBEDTLS_PRIVATE(year) < 0) return (time_t)(long long)-1; memset(&t, 0, sizeof(t)); - t.tm_year = xtime->year - 1900; - t.tm_mon = xtime->mon - 1; /* mbedtls months are 1+, tm are 0+ */ - t.tm_mday = xtime->day - 1; /* mbedtls days are 1+, tm are 0+ */ - t.tm_hour = xtime->hour; - t.tm_min = xtime->min; - t.tm_sec = xtime->sec; + t.tm_year = xtime->MBEDTLS_PRIVATE(year) - 1900; + t.tm_mon = xtime->MBEDTLS_PRIVATE(mon) - 1; /* mbedtls months are 1+, tm are 0+ */ + t.tm_mday = xtime->MBEDTLS_PRIVATE(day) - 1; /* mbedtls days are 1+, tm are 0+ */ + t.tm_hour = xtime->MBEDTLS_PRIVATE(hour); + t.tm_min = xtime->MBEDTLS_PRIVATE(min); + t.tm_sec = xtime->MBEDTLS_PRIVATE(sec); t.tm_isdst = -1; return mktime(&t); @@ -81,12 +81,13 @@ lws_tls_mbedtls_get_x509_name(mbedtls_x509_name *name, } */ lws_strnncpy(&buf->ns.name[buf->ns.len], - (const char *)name->val.p, - name->val.len, len - (size_t)buf->ns.len); + (const char *)name->MBEDTLS_PRIVATE(val).MBEDTLS_PRIVATE(p), + name->MBEDTLS_PRIVATE(val).MBEDTLS_PRIVATE(len), + len - (size_t)buf->ns.len); buf->ns.len = (int)strlen(buf->ns.name); r = 0; - name = name->next; + name = name->MBEDTLS_PRIVATE(next); } return r; @@ -108,25 +109,25 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, switch (type) { case LWS_TLS_CERT_INFO_VALIDITY_FROM: - buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_from); + buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE(valid_from)); if (buf->time == (time_t)(long long)-1) return -1; break; case LWS_TLS_CERT_INFO_VALIDITY_TO: - buf->time = lws_tls_mbedtls_time_to_unix(&x509->valid_to); + buf->time = lws_tls_mbedtls_time_to_unix(&x509->MBEDTLS_PRIVATE(valid_to)); if (buf->time == (time_t)(long long)-1) return -1; break; case LWS_TLS_CERT_INFO_COMMON_NAME: - return lws_tls_mbedtls_get_x509_name(&x509->subject, buf, len); + return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE(subject), buf, len); case LWS_TLS_CERT_INFO_ISSUER_NAME: - return lws_tls_mbedtls_get_x509_name(&x509->issuer, buf, len); + return lws_tls_mbedtls_get_x509_name(&x509->MBEDTLS_PRIVATE(issuer), buf, len); case LWS_TLS_CERT_INFO_USAGE: - buf->usage = x509->key_usage; + buf->usage = x509->MBEDTLS_PRIVATE(key_usage); break; case LWS_TLS_CERT_INFO_OPAQUE_PUBLIC_KEY: @@ -134,16 +135,16 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, char *p = buf->ns.name; size_t r = len, u; - switch (mbedtls_pk_get_type(&x509->pk)) { + switch (mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE(pk))) { case MBEDTLS_PK_RSA: { - mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->pk); + mbedtls_rsa_context *rsa = mbedtls_pk_rsa(x509->MBEDTLS_PRIVATE(pk)); - if (mbedtls_mpi_write_string(&rsa->N, 16, p, r, &u)) + if (mbedtls_mpi_write_string(&rsa->MBEDTLS_PRIVATE(N), 16, p, r, &u)) return -1; r -= u; p += u; - if (mbedtls_mpi_write_string(&rsa->E, 16, p, r, &u)) + if (mbedtls_mpi_write_string(&rsa->MBEDTLS_PRIVATE(E), 16, p, r, &u)) return -1; p += u; @@ -152,17 +153,17 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, } case MBEDTLS_PK_ECKEY: { - mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->pk); + mbedtls_ecp_keypair *ecp = mbedtls_pk_ec(x509->MBEDTLS_PRIVATE(pk)); - if (mbedtls_mpi_write_string(&ecp->Q.X, 16, p, r, &u)) + if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X), 16, p, r, &u)) return -1; r -= u; p += u; - if (mbedtls_mpi_write_string(&ecp->Q.Y, 16, p, r, &u)) + if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y), 16, p, r, &u)) return -1; r -= u; p += u; - if (mbedtls_mpi_write_string(&ecp->Q.Z, 16, p, r, &u)) + if (mbedtls_mpi_write_string(&ecp->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Z), 16, p, r, &u)) return -1; p += u; buf->ns.len = lws_ptr_diff(p, buf->ns.name); @@ -171,7 +172,7 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, default: lwsl_notice("%s: x509 has unsupported pubkey type %d\n", __func__, - mbedtls_pk_get_type(&x509->pk)); + mbedtls_pk_get_type(&x509->MBEDTLS_PRIVATE(pk))); return -1; } @@ -179,16 +180,17 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, } case LWS_TLS_CERT_INFO_DER_RAW: - buf->ns.len = (int)x509->raw.len; + buf->ns.len = (int)x509->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len); - if (len < x509->raw.len) + if (len < x509->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len)) /* * The buffer is too small and the attempt failed, but * the required object length is in buf->ns.len */ return -1; - memcpy(buf->ns.name, x509->raw.p, x509->raw.len); + memcpy(buf->ns.name, x509->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(p), + x509->MBEDTLS_PRIVATE(raw).MBEDTLS_PRIVATE(len)); break; case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID: @@ -197,12 +199,12 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, memset(&skid, 0, sizeof(skid)); lws_x509_get_crt_ext(x509, &skid, &akid); - if (akid.keyIdentifier.tag != MBEDTLS_ASN1_OCTET_STRING) + if (akid.keyIdentifier.MBEDTLS_PRIVATE(tag) != MBEDTLS_ASN1_OCTET_STRING) return 1; - buf->ns.len = (int)akid.keyIdentifier.len; + buf->ns.len = (int)akid.keyIdentifier.MBEDTLS_PRIVATE(len); if (len < (size_t)buf->ns.len) return -1; - memcpy(buf->ns.name, akid.keyIdentifier.p, (size_t)buf->ns.len); + memcpy(buf->ns.name, akid.keyIdentifier.MBEDTLS_PRIVATE(p), (size_t)buf->ns.len); break; case LWS_TLS_CERT_INFO_AUTHORITY_KEY_ID_ISSUER: { @@ -221,15 +223,16 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, return 1; while (ip) { - if (akid.keyIdentifier.tag != MBEDTLS_ASN1_OCTET_STRING || - ip->buf.len < 9 || len < (size_t)ip->buf.len - 9u) + if (akid.keyIdentifier.MBEDTLS_PRIVATE(tag) != MBEDTLS_ASN1_OCTET_STRING || + ip->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(len) < 9 || + len < (size_t)ip->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(len) - 9u) break; - memcpy(buf->ns.name + buf->ns.len, ip->buf.p, - (size_t)ip->buf.len - 9); - buf->ns.len = buf->ns.len + (int)ip->buf.len - 9; + memcpy(buf->ns.name + buf->ns.len, ip->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(p), + (size_t)ip->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(len) - 9); + buf->ns.len = buf->ns.len + (int)ip->MBEDTLS_PRIVATE(buf).MBEDTLS_PRIVATE(len) - 9; - ip = ip->next; + ip = ip->MBEDTLS_PRIVATE(next); } break; } @@ -240,12 +243,13 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, lws_x509_get_crt_ext(x509, &skid, &akid); - if (akid.authorityCertSerialNumber.tag != MBEDTLS_ASN1_OCTET_STRING) + if (akid.authorityCertSerialNumber.MBEDTLS_PRIVATE(tag) != MBEDTLS_ASN1_OCTET_STRING) return 1; - buf->ns.len = (int)akid.authorityCertSerialNumber.len; + buf->ns.len = (int)akid.authorityCertSerialNumber.MBEDTLS_PRIVATE(len); if (len < (size_t)buf->ns.len) return -1; - memcpy(buf->ns.name, akid.authorityCertSerialNumber.p, (size_t)buf->ns.len); + memcpy(buf->ns.name, akid.authorityCertSerialNumber. + MBEDTLS_PRIVATE(p), (size_t)buf->ns.len); break; case LWS_TLS_CERT_INFO_SUBJECT_KEY_ID: @@ -255,12 +259,12 @@ lws_tls_mbedtls_cert_info(mbedtls_x509_crt *x509, enum lws_tls_cert_info type, lws_x509_get_crt_ext(x509, &skid, &akid); - if (skid.tag != MBEDTLS_ASN1_OCTET_STRING) - return 1;; - buf->ns.len = (int)skid.len; + if (skid.MBEDTLS_PRIVATE(tag) != MBEDTLS_ASN1_OCTET_STRING) + return 1; + buf->ns.len = (int)skid.MBEDTLS_PRIVATE(len); if (len < (size_t)buf->ns.len) return -1; - memcpy(buf->ns.name, skid.p, (size_t)buf->ns.len); + memcpy(buf->ns.name, skid.MBEDTLS_PRIVATE(p), (size_t)buf->ns.len); break; default: return -1; @@ -375,7 +379,8 @@ int lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509, const char *curves, int rsa_min_bits) { - int kt = (int)mbedtls_pk_get_type(&x509->cert.pk), n, count = 0, ret = -1; + int kt = (int)mbedtls_pk_get_type(&x509->cert.MBEDTLS_PRIVATE(pk)), + n, count = 0, ret = -1; mbedtls_rsa_context *rsactx; mbedtls_ecp_keypair *ecpctx; mbedtls_mpi *mpi[LWS_GENCRYPTO_RSA_KEYEL_COUNT]; @@ -386,16 +391,16 @@ lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509, case MBEDTLS_PK_RSA: lwsl_notice("%s: RSA key\n", __func__); jwk->kty = LWS_GENCRYPTO_KTY_RSA; - rsactx = mbedtls_pk_rsa(x509->cert.pk); + rsactx = mbedtls_pk_rsa(x509->cert.MBEDTLS_PRIVATE(pk)); - mpi[LWS_GENCRYPTO_RSA_KEYEL_E] = &rsactx->E; - mpi[LWS_GENCRYPTO_RSA_KEYEL_N] = &rsactx->N; - mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->D; - mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->P; - mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->Q; - mpi[LWS_GENCRYPTO_RSA_KEYEL_DP] = &rsactx->DP; - mpi[LWS_GENCRYPTO_RSA_KEYEL_DQ] = &rsactx->DQ; - mpi[LWS_GENCRYPTO_RSA_KEYEL_QI] = &rsactx->QP; + mpi[LWS_GENCRYPTO_RSA_KEYEL_E] = &rsactx->MBEDTLS_PRIVATE(E); + mpi[LWS_GENCRYPTO_RSA_KEYEL_N] = &rsactx->MBEDTLS_PRIVATE(N); + mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->MBEDTLS_PRIVATE(D); + mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->MBEDTLS_PRIVATE(P); + mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->MBEDTLS_PRIVATE(Q); + mpi[LWS_GENCRYPTO_RSA_KEYEL_DP] = &rsactx->MBEDTLS_PRIVATE(DP); + mpi[LWS_GENCRYPTO_RSA_KEYEL_DQ] = &rsactx->MBEDTLS_PRIVATE(DQ); + mpi[LWS_GENCRYPTO_RSA_KEYEL_QI] = &rsactx->MBEDTLS_PRIVATE(QP); count = LWS_GENCRYPTO_RSA_KEYEL_COUNT; n = LWS_GENCRYPTO_RSA_KEYEL_E; @@ -404,13 +409,13 @@ lws_x509_public_to_jwk(struct lws_jwk *jwk, struct lws_x509_cert *x509, case MBEDTLS_PK_ECKEY: lwsl_notice("%s: EC key\n", __func__); jwk->kty = LWS_GENCRYPTO_KTY_EC; - ecpctx = mbedtls_pk_ec(x509->cert.pk); - mpi[LWS_GENCRYPTO_EC_KEYEL_X] = &ecpctx->Q.X; - mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->d; - mpi[LWS_GENCRYPTO_EC_KEYEL_Y] = &ecpctx->Q.Y; + ecpctx = mbedtls_pk_ec(x509->cert.MBEDTLS_PRIVATE(pk)); + mpi[LWS_GENCRYPTO_EC_KEYEL_X] = &ecpctx->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(X); + mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->MBEDTLS_PRIVATE(d); + mpi[LWS_GENCRYPTO_EC_KEYEL_Y] = &ecpctx->MBEDTLS_PRIVATE(Q).MBEDTLS_PRIVATE(Y); if (lws_genec_confirm_curve_allowed_by_tls_id(curves, - (int)ecpctx->grp.id, jwk)) + (int)ecpctx->MBEDTLS_PRIVATE(grp).id, jwk)) /* already logged */ goto bail; @@ -445,8 +450,8 @@ bail: } int -lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, - const char *passphrase) +lws_x509_jwk_privkey_pem(struct lws_context *cx, struct lws_jwk *jwk, + void *pem, size_t len, const char *passphrase) { mbedtls_rsa_context *rsactx; mbedtls_ecp_keypair *ecpctx; @@ -459,7 +464,11 @@ lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, n = 0; if (passphrase) n = (int)strlen(passphrase); - n = mbedtls_pk_parse_key(&pk, pem, len, (uint8_t *)passphrase, (unsigned int)n); + n = mbedtls_pk_parse_key(&pk, pem, len, (uint8_t *)passphrase, (unsigned int)n +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + , mbedtls_ctr_drbg_random, &cx->mcdc +#endif + ); if (n) { lwsl_err("%s: parse PEM key failed: -0x%x\n", __func__, -n); @@ -474,9 +483,9 @@ lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, goto bail; } rsactx = mbedtls_pk_rsa(pk); - mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->D; - mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->P; - mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->Q; + mpi[LWS_GENCRYPTO_RSA_KEYEL_D] = &rsactx->MBEDTLS_PRIVATE(D); + mpi[LWS_GENCRYPTO_RSA_KEYEL_P] = &rsactx->MBEDTLS_PRIVATE(P); + mpi[LWS_GENCRYPTO_RSA_KEYEL_Q] = &rsactx->MBEDTLS_PRIVATE(Q); n = LWS_GENCRYPTO_RSA_KEYEL_D; count = LWS_GENCRYPTO_RSA_KEYEL_Q + 1; break; @@ -486,7 +495,7 @@ lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, goto bail; } ecpctx = mbedtls_pk_ec(pk); - mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->d; + mpi[LWS_GENCRYPTO_EC_KEYEL_D] = &ecpctx->MBEDTLS_PRIVATE(d); n = LWS_GENCRYPTO_EC_KEYEL_D; count = n + 1; break; diff --git a/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h b/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h index 86cf31ad5..ab344f4d8 100644 --- a/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h +++ b/lib/tls/mbedtls/wrapper/include/internal/ssl_cert.h @@ -28,7 +28,7 @@ * * @return certification object point */ -CERT *__ssl_cert_new(CERT *ic); +CERT *__ssl_cert_new(CERT *ic, void *rngctx); /** * @brief create a certification object include private key object @@ -37,7 +37,7 @@ CERT *__ssl_cert_new(CERT *ic); * * @return certification object point */ -CERT* ssl_cert_new(void); +CERT* ssl_cert_new(void *rngctx); /** * @brief free a certification object diff --git a/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h b/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h index e790fcc99..edb744677 100644 --- a/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h +++ b/lib/tls/mbedtls/wrapper/include/internal/ssl_pkey.h @@ -28,7 +28,7 @@ * * @return new private key object point */ -EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk); +EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk, void *rngctx); /** * @brief create a private key object @@ -37,7 +37,7 @@ EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk); * * @return private key object point */ -EVP_PKEY* EVP_PKEY_new(void); +EVP_PKEY* EVP_PKEY_new(void *rngctx); /** * @brief load a character key context into system context. If '*a' is pointed to the @@ -53,7 +53,7 @@ EVP_PKEY* EVP_PKEY_new(void); EVP_PKEY* d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length); + long length, void *rngctx); /** * @brief free a private key object diff --git a/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h b/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h index 959ad9dbc..564a94d88 100644 --- a/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h +++ b/lib/tls/mbedtls/wrapper/include/internal/ssl_types.h @@ -196,6 +196,8 @@ struct ssl_ctx_st int read_buffer_len; X509_VERIFY_PARAM param; + + void *rngctx; }; struct ssl_st @@ -300,7 +302,7 @@ struct x509_method_st { struct pkey_method_st { - int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey); + int (*pkey_new)(EVP_PKEY *pkey, EVP_PKEY *m_pkey, void *rngctx); void (*pkey_free)(EVP_PKEY *pkey); diff --git a/lib/tls/mbedtls/wrapper/include/openssl/ssl.h b/lib/tls/mbedtls/wrapper/include/openssl/ssl.h index 8c1e4cca2..8ff1e7744 100755 --- a/lib/tls/mbedtls/wrapper/include/openssl/ssl.h +++ b/lib/tls/mbedtls/wrapper/include/openssl/ssl.h @@ -60,7 +60,7 @@ * * @return the context point */ -SSL_CTX* SSL_CTX_new(const SSL_METHOD *method); +SSL_CTX* SSL_CTX_new(const SSL_METHOD *method, void *rngctx); /** * @brief free a SSL context diff --git a/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h b/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h index cbbe3aa3a..874d2d115 100644 --- a/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h +++ b/lib/tls/mbedtls/wrapper/include/platform/ssl_pm.h @@ -48,7 +48,7 @@ int x509_pm_new(X509 *x, X509 *m_x); void x509_pm_free(X509 *x); int x509_pm_load(X509 *x, const unsigned char *buffer, int len); -int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk); +int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pk, void *rngctx); void pkey_pm_free(EVP_PKEY *pk); int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len); diff --git a/lib/tls/mbedtls/wrapper/library/ssl_cert.c b/lib/tls/mbedtls/wrapper/library/ssl_cert.c index cd10e2f0d..dab197c51 100644 --- a/lib/tls/mbedtls/wrapper/library/ssl_cert.c +++ b/lib/tls/mbedtls/wrapper/library/ssl_cert.c @@ -23,7 +23,7 @@ /** * @brief create a certification object according to input certification */ -CERT *__ssl_cert_new(CERT *ic) +CERT *__ssl_cert_new(CERT *ic, void *rngctx) { CERT *cert; @@ -44,7 +44,7 @@ CERT *__ssl_cert_new(CERT *ic) ix = NULL; } - cert->pkey = __EVP_PKEY_new(ipk); + cert->pkey = __EVP_PKEY_new(ipk, rngctx); if (!cert->pkey) { SSL_DEBUG(SSL_CERT_ERROR_LEVEL, "__EVP_PKEY_new() return NULL"); goto pkey_err; @@ -69,9 +69,9 @@ no_mem: /** * @brief create a certification object include private key object */ -CERT *ssl_cert_new(void) +CERT *ssl_cert_new(void *rngctx) { - return __ssl_cert_new(NULL); + return __ssl_cert_new(NULL, rngctx); } /** diff --git a/lib/tls/mbedtls/wrapper/library/ssl_lib.c b/lib/tls/mbedtls/wrapper/library/ssl_lib.c index 6ea71512d..d751d78c2 100644 --- a/lib/tls/mbedtls/wrapper/library/ssl_lib.c +++ b/lib/tls/mbedtls/wrapper/library/ssl_lib.c @@ -185,7 +185,7 @@ const char *mbedtls_client_preload_filepath; /** * @brief create a SSL context */ -SSL_CTX* SSL_CTX_new(const SSL_METHOD *method) +SSL_CTX* SSL_CTX_new(const SSL_METHOD *method, void *rngctx) { SSL_CTX *ctx; CERT *cert; @@ -205,7 +205,7 @@ SSL_CTX* SSL_CTX_new(const SSL_METHOD *method) goto failed1; } - cert = ssl_cert_new(); + cert = ssl_cert_new(rngctx); if (!cert) { SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "ssl_cert_new() return NULL"); goto failed2; @@ -220,6 +220,7 @@ SSL_CTX* SSL_CTX_new(const SSL_METHOD *method) ctx->method = method; ctx->client_CA = client_ca; ctx->cert = cert; + ctx->rngctx = rngctx; ctx->version = method->version; @@ -316,7 +317,7 @@ SSL *SSL_new(SSL_CTX *ctx) goto failed2; } - ssl->cert = __ssl_cert_new(ctx->cert); + ssl->cert = __ssl_cert_new(ctx->cert, ctx->rngctx); if (!ssl->cert) { SSL_DEBUG(SSL_LIB_ERROR_LEVEL, "__ssl_cert_new() return NULL"); goto failed3; diff --git a/lib/tls/mbedtls/wrapper/library/ssl_pkey.c b/lib/tls/mbedtls/wrapper/library/ssl_pkey.c index eb4e6fec6..18436a253 100644 --- a/lib/tls/mbedtls/wrapper/library/ssl_pkey.c +++ b/lib/tls/mbedtls/wrapper/library/ssl_pkey.c @@ -22,7 +22,7 @@ /** * @brief create a private key object according to input private key */ -EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk) +EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk, void *rngctx) { int ret; EVP_PKEY *pkey; @@ -39,7 +39,7 @@ EVP_PKEY* __EVP_PKEY_new(EVP_PKEY *ipk) pkey->method = EVP_PKEY_method(); } - ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk); + ret = EVP_PKEY_METHOD_CALL(new, pkey, ipk, rngctx); if (ret) { SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_METHOD_CALL(new) return %d", ret); goto failed; @@ -56,9 +56,9 @@ no_mem: /** * @brief create a private key object */ -EVP_PKEY* EVP_PKEY_new(void) +EVP_PKEY* EVP_PKEY_new(void *rngctx) { - return __EVP_PKEY_new(NULL); + return __EVP_PKEY_new(NULL, rngctx); } /** @@ -80,7 +80,7 @@ void EVP_PKEY_free(EVP_PKEY *pkey) EVP_PKEY *d2i_PrivateKey(int type, EVP_PKEY **a, const unsigned char **pp, - long length) + long length, void *rngctx) { int m = 0; int ret; @@ -93,7 +93,7 @@ EVP_PKEY *d2i_PrivateKey(int type, if (a && *a) { pkey = *a; } else { - pkey = EVP_PKEY_new();; + pkey = EVP_PKEY_new(rngctx); if (!pkey) { SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "EVP_PKEY_new() return NULL"); goto failed1; @@ -167,7 +167,7 @@ int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx, int ret; EVP_PKEY *pk; - pk = d2i_PrivateKey(0, NULL, &d, len); + pk = d2i_PrivateKey(0, NULL, &d, len, ctx->rngctx); if (!pk) { SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); goto failed1; @@ -196,7 +196,7 @@ int SSL_use_PrivateKey_ASN1(int type, SSL *ssl, int ret; EVP_PKEY *pk; - pk = d2i_PrivateKey(0, NULL, &d, len); + pk = d2i_PrivateKey(0, NULL, &d, len, ssl->ctx->rngctx); if (!pk) { SSL_DEBUG(SSL_PKEY_ERROR_LEVEL, "d2i_PrivateKey() return NULL"); goto failed1; diff --git a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c index 8b221daf0..9f878ed5f 100755 --- a/lib/tls/mbedtls/wrapper/platform/ssl_pm.c +++ b/lib/tls/mbedtls/wrapper/platform/ssl_pm.c @@ -63,6 +63,8 @@ struct pkey_pm mbedtls_pk_context *pkey; mbedtls_pk_context *ex_pkey; + + void *rngctx; }; unsigned int max_content_len; @@ -173,15 +175,15 @@ int ssl_pm_new(SSL *ssl) if (TLS1_2_VERSION == ssl->version) version = MBEDTLS_SSL_MINOR_VERSION_3; else if (TLS1_1_VERSION == ssl->version) - version = MBEDTLS_SSL_MINOR_VERSION_2; + version = 2; else - version = MBEDTLS_SSL_MINOR_VERSION_1; + version = 1; mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version); } else { mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); - mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_1); + mbedtls_ssl_conf_min_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, 1); } mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg); @@ -289,10 +291,10 @@ static int mbedtls_handshake( mbedtls_ssl_context *ssl ) { int ret = 0; - while (ssl->state != MBEDTLS_SSL_HANDSHAKE_OVER) { + while (ssl->MBEDTLS_PRIVATE(state) != MBEDTLS_SSL_HANDSHAKE_OVER) { ret = mbedtls_ssl_handshake_step(ssl); - lwsl_info("%s: ssl ret -%x state %d\n", __func__, -ret, ssl->state); + lwsl_info("%s: ssl ret -%x state %d\n", __func__, -ret, ssl->MBEDTLS_PRIVATE(state)); if (ret != 0) break; @@ -319,7 +321,7 @@ int ssl_pm_handshake(SSL *ssl) return 0; } - if (ssl_pm->ssl.state != MBEDTLS_SSL_HANDSHAKE_OVER) { + if (ssl_pm->ssl.MBEDTLS_PRIVATE(state) != MBEDTLS_SSL_HANDSHAKE_OVER) { ssl_speed_up_enter(); /* mbedtls return codes @@ -425,7 +427,11 @@ int ssl_pm_read(SSL *ssl, void *buffer, int len) // lwsl_notice("%s: mbedtls_ssl_read says -0x%x\n", __func__, -ret); SSL_DEBUG(SSL_PLATFORM_ERROR_LEVEL, "mbedtls_ssl_read() return -0x%x", -ret); if (ret == MBEDTLS_ERR_NET_CONN_RESET || +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret <= MBEDTLS_ERR_SSL_HANDSHAKE_FAILURE) /* fatal errors */ +#else ret <= MBEDTLS_ERR_SSL_NO_USABLE_CIPHERSUITE) /* fatal errors */ +#endif ssl->err = SSL_ERROR_SYSCALL; ret = -1; } @@ -496,14 +502,14 @@ void ssl_pm_set_fd(SSL *ssl, int fd, int mode) { struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - ssl_pm->fd.fd = fd; + ssl_pm->fd.MBEDTLS_PRIVATE(fd) = fd; } int ssl_pm_get_fd(const SSL *ssl, int mode) { struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - return ssl_pm->fd.fd; + return ssl_pm->fd.MBEDTLS_PRIVATE(fd); } OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl) @@ -512,7 +518,7 @@ OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl) struct ssl_pm *ssl_pm = (struct ssl_pm *)ssl->ssl_pm; - switch (ssl_pm->ssl.state) + switch (ssl_pm->ssl.MBEDTLS_PRIVATE(state)) { case MBEDTLS_SSL_CLIENT_HELLO: state = TLS_ST_CW_CLNT_HELLO; @@ -695,7 +701,7 @@ no_mem: return -1; } -int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey) +int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey, void *rngctx) { struct pkey_pm *pkey_pm; @@ -704,6 +710,7 @@ int pkey_pm_new(EVP_PKEY *pk, EVP_PKEY *m_pkey) return -1; pk->pkey_pm = pkey_pm; + pkey_pm->rngctx = rngctx; if (m_pkey) { struct pkey_pm *m_pkey_pm = (struct pkey_pm *)m_pkey->pkey_pm; @@ -757,7 +764,12 @@ int pkey_pm_load(EVP_PKEY *pk, const unsigned char *buffer, int len) mbedtls_pk_init(pkey_pm->pkey); +#if defined(MBEDTLS_VERSION_NUMBER) && MBEDTLS_VERSION_NUMBER >= 0x03000000 + ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, (unsigned int)len + 1, NULL, 0, + mbedtls_ctr_drbg_random, pkey_pm->rngctx); +#else ret = mbedtls_pk_parse_key(pkey_pm->pkey, load_buf, (unsigned int)len + 1, NULL, 0); +#endif ssl_mem_free(load_buf); if (ret) { @@ -949,7 +961,7 @@ void SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx) if (ssl->cert) ssl_cert_free(ssl->cert); ssl->ctx = ctx; - ssl->cert = __ssl_cert_new(ctx->cert); + ssl->cert = __ssl_cert_new(ctx->cert, ctx->rngctx); #if defined(LWS_HAVE_mbedtls_ssl_set_hs_authmode) diff --git a/lib/tls/openssl/openssl-x509.c b/lib/tls/openssl/openssl-x509.c index ce84fe786..9a0b2190f 100644 --- a/lib/tls/openssl/openssl-x509.c +++ b/lib/tls/openssl/openssl-x509.c @@ -663,8 +663,8 @@ lws_x509_jwk_privkey_pem_pp_cb(char *buf, int size, int rwflag, void *u) } int -lws_x509_jwk_privkey_pem(struct lws_jwk *jwk, void *pem, size_t len, - const char *passphrase) +lws_x509_jwk_privkey_pem(struct lws_context *cx, struct lws_jwk *jwk, + void *pem, size_t len, const char *passphrase) { BIO* bio = BIO_new(BIO_s_mem()); BIGNUM *mpi, *dummy[6]; diff --git a/minimal-examples/api-tests/api-test-jose/jws.c b/minimal-examples/api-tests/api-test-jose/jws.c index 7626e1ca0..8d03a8198 100644 --- a/minimal-examples/api-tests/api-test-jose/jws.c +++ b/minimal-examples/api-tests/api-test-jose/jws.c @@ -853,7 +853,7 @@ test_jwt_RS256(struct lws_context *context) goto bail; } - if (lws_x509_jwk_privkey_pem(&jwk, (char *)rsa_key, + if (lws_x509_jwk_privkey_pem(context, &jwk, (char *)rsa_key, LWS_ARRAY_SIZE(rsa_key), NULL)) { lwsl_err("%s: failed to copy private key to jwk\n", __func__); goto bail; diff --git a/minimal-examples/crypto/minimal-crypto-x509/main.c b/minimal-examples/crypto/minimal-crypto-x509/main.c index e6f210bc9..7a3bc3bc9 100644 --- a/minimal-examples/crypto/minimal-crypto-x509/main.c +++ b/minimal-examples/crypto/minimal-crypto-x509/main.c @@ -166,7 +166,8 @@ int main(int argc, const char **argv) goto bail3; } - if (lws_x509_jwk_privkey_pem(&jwk, pembuf, (unsigned int)n, NULL)) { + if (lws_x509_jwk_privkey_pem(context, &jwk, pembuf, + (unsigned int)n, NULL)) { lwsl_err("%s: unable to parse privkey %s\n", __func__, p); diff --git a/minimal-examples/http-client/minimal-http-client-jit-trust/minimal-http-client.c b/minimal-examples/http-client/minimal-http-client-jit-trust/minimal-http-client.c index 55ff73f04..92fd04e64 100644 --- a/minimal-examples/http-client/minimal-http-client-jit-trust/minimal-http-client.c +++ b/minimal-examples/http-client/minimal-http-client-jit-trust/minimal-http-client.c @@ -340,10 +340,9 @@ static const struct lws_protocols protocols[] = { { "http", callback_http, - 0, - 0, + 0, 0, 0, NULL, 0 }, - { NULL, NULL, 0, 0 } + LWS_PROTOCOL_LIST_TERM }; static void