LibCrypto+LibTLS: Generalize the elliptic curve interface

These changes generalize the interface with an elliptic curve implementation. This allows LibTLS to support elliptic curves generally without needing the specifics of elliptic curve implementations. This should allow for easier addition of other elliptic curves.
2025-12-22 09:19:03 +00:00 · 2022-03-05 18:13:39 +01:00
parent 21bbff0349
commit c1b041e761
10 changed files with 133 additions and 122 deletions
--- a/Userland/Libraries/LibTLS/HandshakeServer.cpp
+++ b/Userland/Libraries/LibTLS/HandshakeServer.cpp
@@ -11,6 +11,9 @@

 #include <LibCore/Timer.h>
 #include <LibCrypto/ASN1/DER.h>
+#include <LibCrypto/Curves/EllipticCurve.h>
+#include <LibCrypto/Curves/X25519.h>
+#include <LibCrypto/Curves/X448.h>
 #include <LibCrypto/PK/Code/EMSA_PKCS1_V1_5.h>
 #include <LibCrypto/PK/Code/EMSA_PSS.h>
 #include <LibTLS/TLSv12.h>
@@ -290,8 +293,7 @@ ssize_t TLSv12::handle_dhe_rsa_server_key_exchange(ReadonlyBytes buffer)

 ssize_t TLSv12::handle_ecdhe_rsa_server_key_exchange(ReadonlyBytes buffer)
 {
-    size_t size_required_for_curve_name = 6;
-    if (buffer.size() < size_required_for_curve_name)
+    if (buffer.size() < 7)
        return (i8)Error::NeedMoreData;

    auto curve_type = buffer[3];
@@ -302,14 +304,23 @@ ssize_t TLSv12::handle_ecdhe_rsa_server_key_exchange(ReadonlyBytes buffer)
    if (!m_context.options.elliptic_curves.contains_slow(curve))
        return (i8)Error::NotUnderstood;

-    m_context.server_curve_choice = curve;
-    auto curve_key_size_bytes = named_curve_key_size(curve) / 8;
-    if (buffer.size() < curve_key_size_bytes + 1)
-        return (i8)Error::NeedMoreData;
+    switch ((NamedCurve)curve) {
+    case NamedCurve::x25519:
+        m_context.server_key_exchange_curve = make<Crypto::Curves::X25519>();
+        break;
+    case NamedCurve::x448:
+        m_context.server_key_exchange_curve = make<Crypto::Curves::X448>();
+        break;
+    default:
+        return (i8)Error::NotUnderstood;
+    }

    auto server_public_key_length = buffer[6];
-    if (server_public_key_length != curve_key_size_bytes)
-        return (i8)Error::FeatureNotSupported;
+    if (server_public_key_length != m_context.server_key_exchange_curve->key_size())
+        return (i8)Error::NotUnderstood;
+
+    if (buffer.size() < 7u + server_public_key_length)
+        return (i8)Error::NeedMoreData;

    auto server_public_key = buffer.slice(7, server_public_key_length);
    auto server_public_key_copy_result = ByteBuffer::copy(server_public_key);