LibTLS+Everywhere: Switch to using WolfSSL

This commit replaces all TLS connection code with wolfssl. The certificate parsing code has to remain for now, as wolfssl does not seem to have any exposed API for that.
Author: https://github.com/alimpfard Commit: 8bb610b97a Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/330 Reviewed-by: https://github.com/trflynn89 ✅
2025-09-04 08:36:12 +00:00 · 2024-07-01 17:11:35 +02:00 · 2024-07-01 17:11:35 +02:00 · 8bb610b97a · 2024-07-16 23:57:20 +09:00
commit 8bb610b97a
parent 82915e1914
28 changed files with 197 additions and 3977 deletions
--- a/Userland/Libraries/LibTLS/CipherSuite.h
+++ b/Userland/Libraries/LibTLS/CipherSuite.h
@ -1,90 +0,0 @@
-/*
- * Copyright (c) 2020, Ali Mohammad Pur <mpfard@serenityos.org>
- *
- * SPDX-License-Identifier: BSD-2-Clause
- */
-
-#pragma once
-
-#include <AK/Types.h>
-#include <LibTLS/Extensions.h>
-
-namespace TLS {
-
-// Defined in RFC 5246 section 7.4.1.4.1
-struct SignatureAndHashAlgorithm {
-    HashAlgorithm hash;
-    SignatureAlgorithm signature;
-};
-
-enum class KeyExchangeAlgorithm {
-    Invalid,
-    // Defined in RFC 5246 section 7.4.2 / RFC 4279 section 4
-    RSA_PSK,
-    // Defined in RFC 5246 section 7.4.3
-    DHE_DSS,
-    DHE_RSA,
-    DH_anon,
-    RSA,
-    DH_DSS,
-    DH_RSA,
-    // Defined in RFC 4492 section 2
-    ECDHE_RSA,
-    ECDH_ECDSA,
-    ECDH_RSA,
-    ECDHE_ECDSA,
-    ECDH_anon,
-};
-
-// Defined in RFC 5246 section 7.4.1.4.1
-constexpr SignatureAlgorithm signature_for_key_exchange_algorithm(KeyExchangeAlgorithm algorithm)
-{
-    switch (algorithm) {
-    case KeyExchangeAlgorithm::RSA:
-    case KeyExchangeAlgorithm::DHE_RSA:
-    case KeyExchangeAlgorithm::DH_RSA:
-    case KeyExchangeAlgorithm::RSA_PSK:
-    case KeyExchangeAlgorithm::ECDH_RSA:
-    case KeyExchangeAlgorithm::ECDHE_RSA:
-        return SignatureAlgorithm::RSA;
-    case KeyExchangeAlgorithm::DHE_DSS:
-    case KeyExchangeAlgorithm::DH_DSS:
-        return SignatureAlgorithm::DSA;
-    case KeyExchangeAlgorithm::ECDH_ECDSA:
-    case KeyExchangeAlgorithm::ECDHE_ECDSA:
-        return SignatureAlgorithm::ECDSA;
-    case KeyExchangeAlgorithm::DH_anon:
-    case KeyExchangeAlgorithm::ECDH_anon:
-    default:
-        return SignatureAlgorithm::ANONYMOUS;
-    }
-}
-
-enum class CipherAlgorithm {
-    Invalid,
-    AES_128_CBC,
-    AES_128_GCM,
-    AES_128_CCM,
-    AES_128_CCM_8,
-    AES_256_CBC,
-    AES_256_GCM,
-};
-
-constexpr size_t cipher_key_size(CipherAlgorithm algorithm)
-{
-    switch (algorithm) {
-    case CipherAlgorithm::AES_128_CBC:
-    case CipherAlgorithm::AES_128_GCM:
-    case CipherAlgorithm::AES_128_CCM:
-    case CipherAlgorithm::AES_128_CCM_8:
-        return 128;
-    case CipherAlgorithm::AES_256_CBC:
-    case CipherAlgorithm::AES_256_GCM:
-        return 256;
-    case CipherAlgorithm::Invalid:
-    default:
-        return 0;
-    }
-}
-
-}