jws-alignment-with-gnutls

Author: lws-team

include/libwebsockets/lws-genaes.h

@@ -90,6 +90,7 @@ struct lws_genaes_ctx {
 	} u;
 #elif defined(LWS_WITH_GNUTLS)
 	gnutls_cipher_hd_t ctx;
+	int gnutls_gcm_initialized;
 #else
 	EVP_CIPHER_CTX *ctx;
 	const EVP_CIPHER *cipher;

lib/jose/jwe/jwe-rsa-aescbc.c

@@ -97,13 +97,14 @@ lws_jwe_encrypt_rsa_aes_cbc_hs(struct lws_jwe *jwe,
 		return -1;
 	}
 
-	if (lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
+	int res = lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
 			!strcmp(jwe->jose.alg->alg,   "RSA-OAEP") ?
 					LGRSAM_PKCS1_OAEP_PSS : LGRSAM_PKCS1_1_5,
-					LWS_GENHASH_TYPE_UNKNOWN)) {
+					LWS_GENHASH_TYPE_UNKNOWN);
+	if (res) {
 		lwsl_notice("%s: lws_genrsa_create\n",
 			    __func__);
-		return -1;
+		return res < -1 ? res : -1;
 	}
 
 	/* encrypt the CEK using RSA, mbedtls can't handle both in and out are
@@ -117,7 +118,7 @@ lws_jwe_encrypt_rsa_aes_cbc_hs(struct lws_jwe *jwe,
 	lws_explicit_bzero(ekey, (unsigned int)hlen); /* cleanse the temp CEK copy */
 	if (n < 0) {
 		lwsl_err("%s: encrypt cek fail\n", __func__);
-		return -1;
+		return n < -1 ? n : -1;
 	}
 	jwe->jws.map.len[LJWE_EKEY] = (unsigned int)n; /* update to encrypted EKEY size */
 
@@ -151,13 +152,14 @@ lws_jwe_auth_and_decrypt_rsa_aes_cbc_hs(struct lws_jwe *jwe)
 
 	/* Decrypt the JWE Encrypted Key to get the raw MAC || CEK */
 
-	if (lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
+	int res = lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
 			!strcmp(jwe->jose.alg->alg,   "RSA-OAEP") ?
 				LGRSAM_PKCS1_OAEP_PSS : LGRSAM_PKCS1_1_5,
-				LWS_GENHASH_TYPE_UNKNOWN)) {
+				LWS_GENHASH_TYPE_UNKNOWN);
+	if (res) {
 		lwsl_notice("%s: lws_genrsa_public_decrypt_create\n",
 			    __func__);
-		return -1;
+		return res < -1 ? res : -1;
 	}
 
 	n = lws_genrsa_private_decrypt(&rsactx,
@@ -167,7 +169,7 @@ lws_jwe_auth_and_decrypt_rsa_aes_cbc_hs(struct lws_jwe *jwe)
 	lws_genrsa_destroy(&rsactx);
 	if (n < 0) {
 		lwsl_err("%s: decrypt cek fail: \n", __func__);
-		return -1;
+		return n < -1 ? n : -1;
 	}
 
 	n = lws_jwe_auth_and_decrypt_cbc_hs(jwe, enc_cek,

lib/jose/jwe/jwe-rsa-aesgcm.c

@@ -93,12 +93,14 @@ lws_jwe_encrypt_rsa_aes_gcm(struct lws_jwe *jwe, char *temp, int *temp_len)
 
 	/* Encrypt the CEK into EKEY to make the JWE Encrypted Key */
 
-	if (lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
+	int res = lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
 			!strcmp(jwe->jose.alg->alg,   "RSA-OAEP") ?
 				LGRSAM_PKCS1_OAEP_PSS : LGRSAM_PKCS1_1_5,
-			LWS_GENHASH_TYPE_SHA1 /* !!! */)) {
+			LWS_GENHASH_TYPE_SHA1 /* !!! */);
+	if (res) {
 		lwsl_notice("%s: lws_genrsa_public_decrypt_create\n",
 			    __func__);
+		ret = res < -1 ? res : -1;
 		goto bail;
 	}
 
@@ -107,6 +109,7 @@ lws_jwe_encrypt_rsa_aes_gcm(struct lws_jwe *jwe, char *temp, int *temp_len)
 	lws_genrsa_destroy(&rsactx);
 	if (n < 0) {
 		lwsl_err("%s: encrypt cek fail: \n", __func__);
+		ret = n < -1 ? n : -1;
 		goto bail;
 	}
 
@@ -142,13 +145,14 @@ lws_jwe_auth_and_decrypt_rsa_aes_gcm(struct lws_jwe *jwe)
 
 	/* Decrypt the JWE Encrypted Key to get the direct CEK */
 
-	if (lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
+	int res = lws_genrsa_create(&rsactx, jwe->jws.jwk->e, jwe->jws.context,
 			!strcmp(jwe->jose.alg->alg,   "RSA-OAEP") ?
 				LGRSAM_PKCS1_OAEP_PSS : LGRSAM_PKCS1_1_5,
-			LWS_GENHASH_TYPE_SHA1 /* !!! */)) {
+			LWS_GENHASH_TYPE_SHA1 /* !!! */);
+	if (res) {
 		lwsl_notice("%s: lws_genrsa_public_decrypt_create\n",
 			    __func__);
-		return -1;
+		return res < -1 ? res : -1;
 	}
 
 	n = lws_genrsa_private_decrypt(&rsactx,
@@ -158,7 +162,7 @@ lws_jwe_auth_and_decrypt_rsa_aes_gcm(struct lws_jwe *jwe)
 	lws_genrsa_destroy(&rsactx);
 	if (n < 0) {
 		lwsl_err("%s: decrypt cek fail: \n", __func__);
-		return -1;
+		return n < -1 ? n : -1;
 	}
 
 	n = lws_jwe_auth_and_decrypt_gcm(jwe, enc_cek,

lib/media/alsa/CMakeLists.txt

@@ -1,6 +1,6 @@
 if (LWS_WITH_ALSA)
 	set(SRCS alsa.c)
 	add_library(alsa STATIC ${SRCS})
-	target_include_directories(alsa PRIVATE ${LWS_LIB_BUILD_INC_PATHS})
+	target_include_directories(alsa PRIVATE ${LWS_LIB_BUILD_INC_PATHS} ${LWS_LIB_BUILD_INC_PATHS_TEMP})
 	target_link_libraries(alsa websockets asound)
 endif()

lib/tls/gnutls/lws-genaes.c

@@ -70,7 +70,7 @@ lws_genaes_create(struct lws_genaes_ctx *ctx, enum enum_aes_operation op,
 		break;
 	default:
 		lwsl_err("%s: unsupported mode %d\n", __func__, mode);
-		return 1;
+		return -2;
 	}
 
 	if (alg == GNUTLS_CIPHER_UNKNOWN)
@@ -183,7 +183,11 @@ lws_genaes_crypt(struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len,
 	}
 
 	if (iv_or_nonce_ctr_or_data_unit_16) {
-		gnutls_cipher_set_iv(ctx->ctx, iv_or_nonce_ctr_or_data_unit_16, 16);
+		if (ctx->mode != LWS_GAESM_GCM || !ctx->gnutls_gcm_initialized) {
+			size_t iv_len = (nc_or_iv_off && *nc_or_iv_off) ? *nc_or_iv_off : 16;
+			gnutls_cipher_set_iv(ctx->ctx, iv_or_nonce_ctr_or_data_unit_16, iv_len);
+			ctx->gnutls_gcm_initialized = 1;
+		}
 	}
 
 	if (ctx->op == LWS_GAESO_ENC) {
@@ -218,15 +222,22 @@ lws_genaes_crypt(struct lws_genaes_ctx *ctx, const uint8_t *in, size_t len,
 				ctx->buf_len += (int)left;
 			}
 		} else {
-			if (gnutls_cipher_encrypt2(ctx->ctx, in, len, out, len) < 0)
-				return 1;
-			if (ctx->mode == LWS_GAESM_GCM && stream_block_16) {
-				gnutls_cipher_tag(ctx->ctx, stream_block_16, (size_t)taglen);
+			if (!out && ctx->mode == LWS_GAESM_GCM) {
+				if (gnutls_cipher_add_auth(ctx->ctx, in, len) < 0)
+					return 1;
+			} else {
+				if (gnutls_cipher_encrypt2(ctx->ctx, in, len, out, len) < 0)
+					return 1;
 			}
 		}
 	} else {
-		if (gnutls_cipher_decrypt2(ctx->ctx, in, len, out, len) < 0)
-			return 1;
+		if (!out && ctx->mode == LWS_GAESM_GCM) {
+			if (gnutls_cipher_add_auth(ctx->ctx, in, len) < 0)
+				return 1;
+		} else {
+			if (gnutls_cipher_decrypt2(ctx->ctx, in, len, out, len) < 0)
+				return 1;
+		}
 	}
 
 	return 0;

lib/tls/gnutls/lws-genrsa.c

@@ -58,6 +58,11 @@ lws_genrsa_create(struct lws_genrsa_ctx *ctx,
 	u.size = el[LWS_GENCRYPTO_RSA_KEYEL_QI].len;
 
 	if (d.data) {
+		if (!p.data || !q.data || !e1.data || !e2.data || !u.data) {
+			lwsl_notice("GnuTLS requires all private key params, skipping\n");
+			return -2;
+		}
+
 		if (gnutls_privkey_init(&ctx->priv) < 0)
 			return 1;
 
@@ -113,12 +118,18 @@ lws_genrsa_public_encrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
 
 	if (ctx->mode == LGRSAM_PKCS1_OAEP_PSS) {
 		lwsl_err("%s: GnuTLS does not support RSA OAEP\n", __func__);
-		return -1;
+		return -2;
 	}
 
 	n = gnutls_pubkey_encrypt_data(ctx->pub, 0, &v_in, &v_out);
 
 	if (n < 0) {
+		if (
+#if defined(GNUTLS_E_UNSUPPORTED_ENCRYPTION_ALGORITHM)
+		    n == GNUTLS_E_UNSUPPORTED_ENCRYPTION_ALGORITHM ||
+#endif
+		    0)
+			return -2;
 		lwsl_err("%s: gnutls_pubkey_encrypt_data failed: %s\n", __func__, gnutls_strerror(n));
 		return -1;
 	}
@@ -142,12 +153,18 @@ lws_genrsa_private_decrypt(struct lws_genrsa_ctx *ctx, const uint8_t *in,
 
 	if (ctx->mode == LGRSAM_PKCS1_OAEP_PSS) {
 		lwsl_err("%s: GnuTLS does not support RSA OAEP\n", __func__);
-		return -1;
+		return -2;
 	}
 
 	n = gnutls_privkey_decrypt_data(ctx->priv, 0, &v_in, &v_out);
 
 	if (n < 0) {
+		if (
+#if defined(GNUTLS_E_UNSUPPORTED_ENCRYPTION_ALGORITHM)
+		    n == GNUTLS_E_UNSUPPORTED_ENCRYPTION_ALGORITHM ||
+#endif
+		    n == GNUTLS_E_DECRYPTION_FAILED)
+			return -2;
 		lwsl_err("%s: gnutls_privkey_decrypt_data failed: %s\n", __func__, gnutls_strerror(n));
 		return -1;
 	}

minimal-examples-lowlevel/api-tests/api-test-gencrypto/lws-genaes.c

@@ -143,7 +143,12 @@ test_genaes_cfb128(void)
 	e.buf = (uint8_t *)cfb128_key;
 	e.len = sizeof(cfb128_key);
 
-	if (lws_genaes_create(&ctx, LWS_GAESO_ENC, LWS_GAESM_CFB128, &e, 0, NULL)) {
+	int n = lws_genaes_create(&ctx, LWS_GAESO_ENC, LWS_GAESM_CFB128, &e, 0, NULL);
+	if (n) {
+		if (n == -2) {
+			lwsl_notice("%s: lws_genaes_create unsupported\n", __func__);
+			return 0;
+		}
 		lwsl_err("%s: lws_genaes_create failed\n", __func__);
 		return 1;
 	}