diff --git a/lib/jws/jwk.c b/lib/jws/jwk.c index 9ba6f953..2a93843e 100644 --- a/lib/jws/jwk.c +++ b/lib/jws/jwk.c @@ -276,17 +276,12 @@ lws_jwk_load(struct lws_jwk *s, const char *filename) { int buflen = 4096; char *buf = lws_malloc(buflen, "jwk-load"); - int fd, n; + int n; if (!buf) return -1; - fd = open(filename, O_RDONLY); - if (fd == -1) - goto bail; - - n = read(fd, buf, buflen); - close(fd); + n = lws_plat_read_file(filename, buf, buflen); if (n < 0) goto bail; @@ -305,25 +300,19 @@ lws_jwk_save(struct lws_jwk *s, const char *filename) { int buflen = 4096; char *buf = lws_malloc(buflen, "jwk-save"); - int fd, n, m; + int n, m; if (!buf) return -1; - fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); - if (fd == -1) - goto bail; - n = lws_jwk_export(s, 1, buf, buflen); - if (n < 0) { - close(fd); + if (n < 0) goto bail; - } - m = write(fd, buf, n); - close(fd); + m = lws_plat_write_file(filename, buf, n); + lws_free(buf); - if (m < 0 || m != n) + if (m) return -1; return 0; diff --git a/lib/libwebsockets.h b/lib/libwebsockets.h index f8d57050..fe2d2028 100644 --- a/lib/libwebsockets.h +++ b/lib/libwebsockets.h @@ -4311,9 +4311,17 @@ lws_sql_purify(char *escaped, const char *string, int len); LWS_VISIBLE LWS_EXTERN const char * lws_json_purify(char *escaped, const char *string, int len); -LWS_VISIBLE int +LWS_VISIBLE LWS_EXTERN int lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, int len); +LWS_VISIBLE LWS_EXTERN int +lws_plat_write_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_read_file(const char *filename, void *buf, int len); + +LWS_VISIBLE LWS_EXTERN int +lws_plat_recommended_rsa_bits(); ///@} /*! \defgroup ev libev helpers diff --git a/lib/plat/lws-plat-esp32.c b/lib/plat/lws-plat-esp32.c index 4344ebd9..094959a0 100644 --- a/lib/plat/lws-plat-esp32.c +++ b/lib/plat/lws-plat-esp32.c @@ -1949,6 +1949,28 @@ uint16_t lws_esp32_sine_interp(int n) sine_lu((n >> 4) + 1) * (n & 15)) / 15; } +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + nvs_handle nvh; + int n; + + if (nvs_open("lws-station", NVS_READWRITE, &nvh)) { + lwsl_notice("%s: failed to open nvs\n", __func__); + return 1; + } + + n = nvs_set_blob(nvh, filename, buf, len); + if (n) + nvs_commit(nvh); + + nvs_close(nvh); + + lwsl_notice("%s: wrote %s\n", __func__, filename); + + return n; +} + /* we write vhostname.cert.pem and vhostname.key.pem, 0 return means OK */ LWS_VISIBLE int @@ -1956,26 +1978,54 @@ lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, int len) { const char *name = vhost->alloc_cert_path; - nvs_handle nvh; - int n; if (is_key) name = vhost->key_path; + return lws_plat_write_file(name, buf, len); +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + nvs_handle nvh; + size_t s = 0; + int n = 0; + if (nvs_open("lws-station", NVS_READWRITE, &nvh)) { lwsl_notice("%s: failed to open nvs\n", __func__); return 1; } - n = nvs_set_blob(nvh, name, buf, len); - if (n) - nvs_commit(nvh); + ESP_ERROR_CHECK(nvs_open("lws-station", NVS_READWRITE, &nvh)); + if (nvs_get_blob(nvh, filename, NULL, &s) != ESP_OK) + goto bail; + if (s > (size_t)len) + goto bail; + + n = nvs_get_blob(nvh, filename, buf, &s); nvs_close(nvh); - lwsl_notice("%s: wrote %s\n", __func__, name); + lwsl_notice("%s: read %s (%d)\n", __func__, filename, (int)s); - return n; + if (n) + return -1; + + return (int)s; + +bail: + nvs_close(nvh); + + return -1; } - +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + /* + * 2048-bit key generation takes up to a minute on ESP32, 4096 + * is like 15 minutes + + */ + return 2048; +} diff --git a/lib/plat/lws-plat-esp8266.c b/lib/plat/lws-plat-esp8266.c index 74375798..5bd343aa 100644 --- a/lib/plat/lws-plat-esp8266.c +++ b/lib/plat/lws-plat-esp8266.c @@ -719,4 +719,25 @@ lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, { return 1; } + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + return 1; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + return -1; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + /* + * 2048-bit key generation takes up to a minute on ESP32, 4096 + * is like 15 minutes + + */ + return 2048; } diff --git a/lib/plat/lws-plat-optee.c b/lib/plat/lws-plat-optee.c index 3288b2cc..38037d20 100644 --- a/lib/plat/lws-plat-optee.c +++ b/lib/plat/lws-plat-optee.c @@ -332,3 +332,21 @@ lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, { return 1; } + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + return 1; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + return -1; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} diff --git a/lib/plat/lws-plat-unix.c b/lib/plat/lws-plat-unix.c index fe302ce7..7bca1ac9 100644 --- a/lib/plat/lws-plat-unix.c +++ b/lib/plat/lws-plat-unix.c @@ -883,3 +883,38 @@ lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, return n != len; } + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return 1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +} diff --git a/lib/plat/lws-plat-win.c b/lib/plat/lws-plat-win.c index 031ae51b..5e2bab7f 100644 --- a/lib/plat/lws-plat-win.c +++ b/lib/plat/lws-plat-win.c @@ -767,3 +767,38 @@ lws_plat_write_cert(struct lws_vhost *vhost, int is_key, int fd, void *buf, return n != len; } + +LWS_VISIBLE int +lws_plat_write_file(const char *filename, void *buf, int len) +{ + int m, fd; + + fd = open(filename, O_WRONLY | O_CREAT | O_TRUNC, 0600); + + if (fd == -1) + return -1; + + m = write(fd, buf, len); + close(fd); + + return m != len; +} + +LWS_VISIBLE int +lws_plat_read_file(const char *filename, void *buf, int len) +{ + int n, fd = open(filename, O_RDONLY); + if (fd == -1) + return -1; + + n = read(fd, buf, len); + close(fd); + + return n; +} + +LWS_VISIBLE int +lws_plat_recommended_rsa_bits(void) +{ + return 4096; +}