diff --git a/lib/tls/CMakeLists.txt b/lib/tls/CMakeLists.txt index ef3c7e38a..8d427c15e 100644 --- a/lib/tls/CMakeLists.txt +++ b/lib/tls/CMakeLists.txt @@ -107,6 +107,7 @@ else() endif() if (LWS_WITH_SSL) + list(APPEND SOURCES tls/tls.c) if (LWS_WITH_NETWORK) diff --git a/lib/tls/openssl/lws-genhash.c b/lib/tls/openssl/lws-genhash.c index 5b4bfda77..85581f036 100644 --- a/lib/tls/openssl/lws-genhash.c +++ b/lib/tls/openssl/lws-genhash.c @@ -26,6 +26,7 @@ */ #include #include +#include /* * Care: many openssl apis return 1 for success. These are translated to the * lws convention of 0 for success. @@ -217,9 +218,13 @@ int lws_genhmac_update(struct lws_genhmac_ctx *ctx, const void *in, size_t len) { #if defined(LWS_HAVE_HMAC_CTX_new) - if (HMAC_Update(ctx->ctx, in, (int)len) != 1) +#if defined(LIBRESSL_VERSION_NUMBER) + if (HMAC_Update(ctx->ctx, in, len) != 1) #else - if (HMAC_Update(&ctx->ctx, in, (int)len) != 1) + if (HMAC_Update(ctx->ctx, in, (int)len) != 1) +#endif +#else /* HMAC_CTX_new */ + if (HMAC_Update(&ctx->ctx, in, len) != 1) #endif return -1; diff --git a/minimal-examples/api-tests/api-test-gencrypto/lws-genaes.c b/minimal-examples/api-tests/api-test-gencrypto/lws-genaes.c index 41650d26a..e7f2aa2f9 100644 --- a/minimal-examples/api-tests/api-test-gencrypto/lws-genaes.c +++ b/minimal-examples/api-tests/api-test-gencrypto/lws-genaes.c @@ -9,7 +9,9 @@ #include -#if defined(LWS_HAVE_EVP_aes_128_cbc) || defined(LWS_WITH_MBEDTLS) + +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CBC))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cbc)) static const uint8_t /* @@ -35,13 +37,10 @@ static const uint8_t 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, } ; -#endif static int test_genaes_cbc(void) { -#if defined(LWS_HAVE_EVP_aes_128_cbc) || defined(LWS_WITH_MBEDTLS) - struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; uint8_t res[32], res1[32]; @@ -105,11 +104,11 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } +#endif +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cfb128)) static const uint8_t /* * produced with (plaintext.txt contains "test plaintext\0\0") @@ -135,8 +134,6 @@ cfb128_enc[] = { static int test_genaes_cfb128(void) { -#if defined(LWS_HAVE_EVP_aes_128_cfb128) || defined(LWS_WITH_MBEDTLS) - struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; uint8_t res[32], res1[32]; @@ -197,10 +194,11 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } +#endif + +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cfb8)) static const uint8_t /* @@ -227,8 +225,6 @@ cfb8_enc[] = { static int test_genaes_cfb8(void) { -#if defined(LWS_HAVE_EVP_aes_128_cfb8) || defined(LWS_WITH_MBEDTLS) - struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; uint8_t res[32], res1[32]; @@ -286,13 +282,11 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } +#endif -#if defined(LWS_HAVE_EVP_aes_128_ctr) || defined(LWS_WITH_MBEDTLS) - +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CTR))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ctr)) static const uint8_t /* * produced with (plaintext.txt contains "test plaintext\0\0") @@ -314,13 +308,10 @@ ctr_enc[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, }; -#endif static int test_genaes_ctr(void) { -#if defined(LWS_HAVE_EVP_aes_128_ctr) || defined(LWS_WITH_MBEDTLS) - uint8_t nonce_counter[16], sb[16]; struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; @@ -387,12 +378,11 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } -#if defined(LWS_HAVE_EVP_aes_128_ecb) || defined(LWS_WITH_MBEDTLS) +#endif +#if (defined(LWS_WITH_MBEDTLS)) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ecb)) static const uint8_t /* * produced with (plaintext.txt contains "test plaintext\0\0") @@ -412,13 +402,10 @@ ecb_enc[] = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, }; -#endif static int test_genaes_ecb(void) { -#if defined(LWS_HAVE_EVP_aes_128_ecb) || defined(LWS_WITH_MBEDTLS) - struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; uint8_t res[32], res1[32]; @@ -478,15 +465,11 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } +#endif -#if defined(MBEDTLS_CONFIG_H) && defined(MBEDTLS_CIPHER_MODE_OFB) -#else -#if defined(LWS_HAVE_EVP_aes_128_ofb) || defined(LWS_WITH_MBEDTLS) - +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_OFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ofb)) static const uint8_t /* * produced with (plaintext.txt contains "test plaintext\0\0") @@ -515,12 +498,9 @@ static const uint8_t 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, } ; -#endif static int test_genaes_ofb(void) { -#if defined(LWS_HAVE_EVP_aes_128_ofb) || defined(LWS_WITH_MBEDTLS) - struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; uint8_t res[32], res1[32]; @@ -581,16 +561,12 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } #endif -#if defined(MBEDTLS_CONFIG_H) && !defined(MBEDTLS_CIPHER_MODE_XTS) -#else -#if defined(LWS_HAVE_EVP_aes_128_xts) || defined(LWS_WITH_MBEDTLS) +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_XTS))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_xts)) static const uint8_t /* @@ -615,11 +591,9 @@ static const uint8_t 0x5f, 0x31, 0x9e, 0xcd, 0x33, 0x08, 0xa0, 0x44 } ; -#endif static int test_genaes_xts(void) { -#if defined(LWS_HAVE_EVP_aes_128_xts) || defined(LWS_WITH_MBEDTLS) struct lws_genaes_ctx ctx; struct lws_gencrypto_keyelem e; @@ -678,9 +652,6 @@ bail: lws_genaes_destroy(&ctx, NULL, 0); return -1; -#else - return 0; -#endif } #endif @@ -802,30 +773,38 @@ bail: int test_genaes(struct lws_context *context) { - +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CBC))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cbc)) if (test_genaes_cbc()) goto bail; - +#endif +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cfb128)) if (test_genaes_cfb128()) goto bail; - +#endif +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_cfb8)) if (test_genaes_cfb8()) goto bail; - +#endif +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_CTR))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ctr)) if (test_genaes_ctr()) goto bail; - +#endif +#if (defined(LWS_WITH_MBEDTLS)) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ecb)) if (test_genaes_ecb()) goto bail; - -#if defined(MBEDTLS_CONFIG_H) && !defined(MBEDTLS_CIPHER_MODE_OFB) -#else +#endif +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_OFB))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_ofb)) if (test_genaes_ofb()) goto bail; #endif - -#if defined(MBEDTLS_CONFIG_H) && !defined(MBEDTLS_CIPHER_MODE_XTS) -#else +#if (defined(LWS_WITH_MBEDTLS) && (!defined(MBEDTLS_CONFIG_H) || defined(MBEDTLS_CIPHER_MODE_XTS))) || \ + (!defined(LWS_WITH_MBEDTLS) && defined(LWS_HAVE_EVP_aes_128_xts)) if (test_genaes_xts()) goto bail; #endif