summaryrefslogtreecommitdiff
path: root/lib/auth/dhe.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/auth/dhe.c')
-rw-r--r--lib/auth/dhe.c227
1 files changed, 115 insertions, 112 deletions
diff --git a/lib/auth/dhe.c b/lib/auth/dhe.c
index 24732d6f92..546194cdca 100644
--- a/lib/auth/dhe.c
+++ b/lib/auth/dhe.c
@@ -39,142 +39,145 @@
#include <auth/dh_common.h>
#include <auth/ecdhe.h>
-static int gen_dhe_server_kx (gnutls_session_t, gnutls_buffer_st*);
-static int proc_dhe_server_kx (gnutls_session_t, uint8_t *, size_t);
-static int proc_dhe_client_kx (gnutls_session_t, uint8_t *, size_t);
+static int gen_dhe_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_dhe_server_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_dhe_client_kx(gnutls_session_t, uint8_t *, size_t);
#ifdef ENABLE_DHE
const mod_auth_st dhe_rsa_auth_struct = {
- "DHE_RSA",
- _gnutls_gen_cert_server_crt,
- _gnutls_gen_cert_client_crt,
- gen_dhe_server_kx,
- _gnutls_gen_dh_common_client_kx,
- _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */
- _gnutls_gen_cert_server_cert_req, /* server cert request */
-
- _gnutls_proc_crt,
- _gnutls_proc_crt,
- proc_dhe_server_kx,
- proc_dhe_client_kx,
- _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */
- _gnutls_proc_cert_cert_req /* proc server cert request */
+ "DHE_RSA",
+ _gnutls_gen_cert_server_crt,
+ _gnutls_gen_cert_client_crt,
+ gen_dhe_server_kx,
+ _gnutls_gen_dh_common_client_kx,
+ _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */
+ _gnutls_gen_cert_server_cert_req, /* server cert request */
+
+ _gnutls_proc_crt,
+ _gnutls_proc_crt,
+ proc_dhe_server_kx,
+ proc_dhe_client_kx,
+ _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */
+ _gnutls_proc_cert_cert_req /* proc server cert request */
};
const mod_auth_st dhe_dss_auth_struct = {
- "DHE_DSS",
- _gnutls_gen_cert_server_crt,
- _gnutls_gen_cert_client_crt,
- gen_dhe_server_kx,
- _gnutls_gen_dh_common_client_kx,
- _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */
- _gnutls_gen_cert_server_cert_req, /* server cert request */
-
- _gnutls_proc_crt,
- _gnutls_proc_crt,
- proc_dhe_server_kx,
- proc_dhe_client_kx,
- _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */
- _gnutls_proc_cert_cert_req /* proc server cert request */
+ "DHE_DSS",
+ _gnutls_gen_cert_server_crt,
+ _gnutls_gen_cert_client_crt,
+ gen_dhe_server_kx,
+ _gnutls_gen_dh_common_client_kx,
+ _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */
+ _gnutls_gen_cert_server_cert_req, /* server cert request */
+
+ _gnutls_proc_crt,
+ _gnutls_proc_crt,
+ proc_dhe_server_kx,
+ proc_dhe_client_kx,
+ _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */
+ _gnutls_proc_cert_cert_req /* proc server cert request */
};
#endif
static int
-gen_dhe_server_kx (gnutls_session_t session, gnutls_buffer_st* data)
+gen_dhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
{
- bigint_t g, p;
- const bigint_t *mpis;
- int ret = 0;
- gnutls_certificate_credentials_t cred;
- gnutls_dh_params_t dh_params;
-
- cred = (gnutls_certificate_credentials_t)
- _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL);
- if (cred == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
- }
-
-
- if ((ret = _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE,
- sizeof (cert_auth_info_st), 0)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- dh_params =
- _gnutls_get_dh_params (cred->dh_params, cred->params_func, session);
- mpis = _gnutls_dh_params_to_mpi (dh_params);
- if (mpis == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_NO_TEMPORARY_DH_PARAMS;
- }
-
- p = mpis[0];
- g = mpis[1];
-
- _gnutls_dh_set_group (session, g, p);
-
- ret = _gnutls_dh_common_print_server_kx (session, g, p, dh_params->q_bits, data);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- /* Generate the signature. */
- return _gnutls_gen_dhe_signature(session, data, data->data, data->length);
+ bigint_t g, p;
+ const bigint_t *mpis;
+ int ret = 0;
+ gnutls_certificate_credentials_t cred;
+ gnutls_dh_params_t dh_params;
+
+ cred = (gnutls_certificate_credentials_t)
+ _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL);
+ if (cred == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+ }
+
+
+ if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE,
+ sizeof(cert_auth_info_st),
+ 0)) < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ dh_params =
+ _gnutls_get_dh_params(cred->dh_params, cred->params_func,
+ session);
+ mpis = _gnutls_dh_params_to_mpi(dh_params);
+ if (mpis == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_NO_TEMPORARY_DH_PARAMS;
+ }
+
+ p = mpis[0];
+ g = mpis[1];
+
+ _gnutls_dh_set_group(session, g, p);
+
+ ret =
+ _gnutls_dh_common_print_server_kx(session, g, p,
+ dh_params->q_bits, data);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ /* Generate the signature. */
+ return _gnutls_gen_dhe_signature(session, data, data->data,
+ data->length);
}
static int
-proc_dhe_server_kx (gnutls_session_t session, uint8_t * data,
- size_t _data_size)
+proc_dhe_server_kx(gnutls_session_t session, uint8_t * data,
+ size_t _data_size)
{
-gnutls_datum_t vdata;
-int ret;
+ gnutls_datum_t vdata;
+ int ret;
- ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size);
- if (ret < 0)
- return gnutls_assert_val(ret);
+ ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
- vdata.data = data;
- vdata.size = ret;
+ vdata.data = data;
+ vdata.size = ret;
- return _gnutls_proc_dhe_signature(session, data+ret, _data_size-ret, &vdata);
+ return _gnutls_proc_dhe_signature(session, data + ret,
+ _data_size - ret, &vdata);
}
static int
-proc_dhe_client_kx (gnutls_session_t session, uint8_t * data,
- size_t _data_size)
+proc_dhe_client_kx(gnutls_session_t session, uint8_t * data,
+ size_t _data_size)
{
- gnutls_certificate_credentials_t cred;
- bigint_t p, g;
- const bigint_t *mpis;
- gnutls_dh_params_t dh_params;
-
- cred = (gnutls_certificate_credentials_t)
- _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL);
- if (cred == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
- }
-
- dh_params =
- _gnutls_get_dh_params (cred->dh_params, cred->params_func, session);
- mpis = _gnutls_dh_params_to_mpi (dh_params);
- if (mpis == NULL)
- return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS);
-
- p = mpis[0];
- g = mpis[1];
-
- return _gnutls_proc_dh_common_client_kx (session, data, _data_size, g, p, NULL);
+ gnutls_certificate_credentials_t cred;
+ bigint_t p, g;
+ const bigint_t *mpis;
+ gnutls_dh_params_t dh_params;
+
+ cred = (gnutls_certificate_credentials_t)
+ _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL);
+ if (cred == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+ }
+
+ dh_params =
+ _gnutls_get_dh_params(cred->dh_params, cred->params_func,
+ session);
+ mpis = _gnutls_dh_params_to_mpi(dh_params);
+ if (mpis == NULL)
+ return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS);
+
+ p = mpis[0];
+ g = mpis[1];
+
+ return _gnutls_proc_dh_common_client_kx(session, data, _data_size,
+ g, p, NULL);
}
View Lorry Controller Status