diff options
Diffstat (limited to 'lib/auth')
-rw-r--r-- | lib/auth/anon.c | 226 | ||||
-rw-r--r-- | lib/auth/anon.h | 25 | ||||
-rw-r--r-- | lib/auth/anon_ecdh.c | 162 | ||||
-rw-r--r-- | lib/auth/cert.c | 3935 | ||||
-rw-r--r-- | lib/auth/cert.h | 223 | ||||
-rw-r--r-- | lib/auth/dh_common.c | 489 | ||||
-rw-r--r-- | lib/auth/dh_common.h | 37 | ||||
-rw-r--r-- | lib/auth/dhe.c | 227 | ||||
-rw-r--r-- | lib/auth/dhe_psk.c | 744 | ||||
-rw-r--r-- | lib/auth/ecdhe.c | 529 | ||||
-rw-r--r-- | lib/auth/ecdhe.h | 29 | ||||
-rw-r--r-- | lib/auth/psk.c | 502 | ||||
-rw-r--r-- | lib/auth/psk.h | 67 | ||||
-rw-r--r-- | lib/auth/psk_passwd.c | 294 | ||||
-rw-r--r-- | lib/auth/psk_passwd.h | 6 | ||||
-rw-r--r-- | lib/auth/rsa.c | 455 | ||||
-rw-r--r-- | lib/auth/rsa_common.h | 6 | ||||
-rw-r--r-- | lib/auth/rsa_psk.c | 640 | ||||
-rw-r--r-- | lib/auth/srp.c | 1601 | ||||
-rw-r--r-- | lib/auth/srp.h | 47 | ||||
-rw-r--r-- | lib/auth/srp_passwd.c | 763 | ||||
-rw-r--r-- | lib/auth/srp_passwd.h | 25 | ||||
-rw-r--r-- | lib/auth/srp_rsa.c | 398 | ||||
-rw-r--r-- | lib/auth/srp_sb64.c | 622 |
24 files changed, 5937 insertions, 6115 deletions
diff --git a/lib/auth/anon.c b/lib/auth/anon.c index e30261dcf4..54548300eb 100644 --- a/lib/auth/anon.c +++ b/lib/auth/anon.c @@ -38,136 +38,134 @@ #include <gnutls_state.h> #include <auth/dh_common.h> -static int gen_anon_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_anon_client_kx (gnutls_session_t, uint8_t *, size_t); -static int proc_anon_server_kx (gnutls_session_t, uint8_t *, size_t); +static int gen_anon_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_anon_client_kx(gnutls_session_t, uint8_t *, size_t); +static int proc_anon_server_kx(gnutls_session_t, uint8_t *, size_t); const mod_auth_st anon_auth_struct = { - "ANON", - NULL, - NULL, - gen_anon_server_kx, - _gnutls_gen_dh_common_client_kx, /* this can be shared */ - NULL, - NULL, - - NULL, - NULL, /* certificate */ - proc_anon_server_kx, - proc_anon_client_kx, - NULL, - NULL + "ANON", + NULL, + NULL, + gen_anon_server_kx, + _gnutls_gen_dh_common_client_kx, /* this can be shared */ + NULL, + NULL, + + NULL, + NULL, /* certificate */ + proc_anon_server_kx, + proc_anon_client_kx, + NULL, + NULL }; static int -gen_anon_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_anon_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - bigint_t g, p; - const bigint_t *mpis; - int ret; - gnutls_dh_params_t dh_params; - gnutls_anon_server_credentials_t cred; - - cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; - } - - p = mpis[0]; - g = mpis[1]; - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_ANON, - sizeof (anon_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - _gnutls_dh_set_group (session, g, p); - - ret = _gnutls_dh_common_print_server_kx (session, g, p, dh_params->q_bits, data); - if (ret < 0) - { - gnutls_assert (); - } - - return ret; + bigint_t g, p; + const bigint_t *mpis; + int ret; + gnutls_dh_params_t dh_params; + gnutls_anon_server_credentials_t cred; + + cred = (gnutls_anon_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_ANON, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) { + gnutls_assert(); + return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; + } + + p = mpis[0]; + g = mpis[1]; + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + _gnutls_dh_set_group(session, g, p); + + ret = + _gnutls_dh_common_print_server_kx(session, g, p, + dh_params->q_bits, data); + if (ret < 0) { + gnutls_assert(); + } + + return ret; } static int -proc_anon_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_anon_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - gnutls_anon_server_credentials_t cred; - int ret; - bigint_t p, g; - gnutls_dh_params_t dh_params; - const bigint_t *mpis; - - cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; - } - - p = mpis[0]; - g = mpis[1]; - - ret = _gnutls_proc_dh_common_client_kx (session, data, _data_size, g, p, NULL); - - return ret; + gnutls_anon_server_credentials_t cred; + int ret; + bigint_t p, g; + gnutls_dh_params_t dh_params; + const bigint_t *mpis; + + cred = (gnutls_anon_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_ANON, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) { + gnutls_assert(); + return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; + } + + p = mpis[0]; + g = mpis[1]; + + ret = + _gnutls_proc_dh_common_client_kx(session, data, _data_size, g, + p, NULL); + + return ret; } int -proc_anon_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_anon_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret; - - /* set auth_info */ - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_ANON, - sizeof (anon_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_proc_dh_common_server_kx (session, data, _data_size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + int ret; + + /* set auth_info */ + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } -#endif /* ENABLE_ANON */ +#endif /* ENABLE_ANON */ diff --git a/lib/auth/anon.h b/lib/auth/anon.h index b17c10cfc3..6424fdd9a7 100644 --- a/lib/auth/anon.h +++ b/lib/auth/anon.h @@ -24,24 +24,21 @@ #include <gnutls_auth.h> #include <auth/dh_common.h> -typedef struct gnutls_anon_server_credentials_st -{ - gnutls_dh_params_t dh_params; - /* this callback is used to retrieve the DH or RSA - * parameters. - */ - gnutls_params_function *params_func; +typedef struct gnutls_anon_server_credentials_st { + gnutls_dh_params_t dh_params; + /* this callback is used to retrieve the DH or RSA + * parameters. + */ + gnutls_params_function *params_func; } anon_server_credentials_st; -typedef struct gnutls_anon_client_credentials_st -{ - int dummy; +typedef struct gnutls_anon_client_credentials_st { + int dummy; } anon_client_credentials_st; -typedef struct anon_auth_info_st -{ - dh_info_st dh; - gnutls_ecc_curve_t curve; +typedef struct anon_auth_info_st { + dh_info_st dh; + gnutls_ecc_curve_t curve; } *anon_auth_info_t; typedef struct anon_auth_info_st anon_auth_info_st; diff --git a/lib/auth/anon_ecdh.c b/lib/auth/anon_ecdh.c index 3a99c482c6..7fc99e59b6 100644 --- a/lib/auth/anon_ecdh.c +++ b/lib/auth/anon_ecdh.c @@ -27,7 +27,7 @@ #include <gnutls_int.h> -#if defined(ENABLE_ANON) && defined(ENABLE_ECDHE) +#if defined(ENABLE_ANON) && defined(ENABLE_ECDHE) #include "gnutls_auth.h" #include "gnutls_errors.h" @@ -39,101 +39,101 @@ #include <auth/ecdhe.h> #include <ext/ecc.h> -static int gen_anon_ecdh_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_anon_ecdh_client_kx (gnutls_session_t, uint8_t *, size_t); -static int proc_anon_ecdh_server_kx (gnutls_session_t, uint8_t *, size_t); +static int gen_anon_ecdh_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_anon_ecdh_client_kx(gnutls_session_t, uint8_t *, size_t); +static int proc_anon_ecdh_server_kx(gnutls_session_t, uint8_t *, size_t); const mod_auth_st anon_ecdh_auth_struct = { - "ANON ECDH", - NULL, - NULL, - gen_anon_ecdh_server_kx, - _gnutls_gen_ecdh_common_client_kx, /* this can be shared */ - NULL, - NULL, - - NULL, - NULL, /* certificate */ - proc_anon_ecdh_server_kx, - proc_anon_ecdh_client_kx, - NULL, - NULL + "ANON ECDH", + NULL, + NULL, + gen_anon_ecdh_server_kx, + _gnutls_gen_ecdh_common_client_kx, /* this can be shared */ + NULL, + NULL, + + NULL, + NULL, /* certificate */ + proc_anon_ecdh_server_kx, + proc_anon_ecdh_client_kx, + NULL, + NULL }; static int -gen_anon_ecdh_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_anon_ecdh_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - int ret; - gnutls_anon_server_credentials_t cred; - - cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_ANON, - sizeof (anon_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_ecdh_common_print_server_kx (session, data, _gnutls_session_ecc_curve_get(session)); - if (ret < 0) - { - gnutls_assert (); - } - - return ret; + int ret; + gnutls_anon_server_credentials_t cred; + + cred = (gnutls_anon_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_ANON, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_ecdh_common_print_server_kx(session, data, + _gnutls_session_ecc_curve_get + (session)); + if (ret < 0) { + gnutls_assert(); + } + + return ret; } static int -proc_anon_ecdh_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_anon_ecdh_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - gnutls_anon_server_credentials_t cred; - - cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - return _gnutls_proc_ecdh_common_client_kx (session, data, _data_size, - _gnutls_session_ecc_curve_get(session), NULL); + gnutls_anon_server_credentials_t cred; + + cred = (gnutls_anon_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_ANON, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + return _gnutls_proc_ecdh_common_client_kx(session, data, + _data_size, + _gnutls_session_ecc_curve_get + (session), NULL); } int -proc_anon_ecdh_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_anon_ecdh_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret; - - /* set auth_info */ - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_ANON, - sizeof (anon_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_proc_ecdh_common_server_kx (session, data, _data_size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + int ret; + + /* set auth_info */ + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_proc_ecdh_common_server_kx(session, data, _data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } -#endif /* ENABLE_ANON */ +#endif /* ENABLE_ANON */ diff --git a/lib/auth/cert.c b/lib/auth/cert.c index 9a5f5590c5..606e798607 100644 --- a/lib/auth/cert.c +++ b/lib/auth/cert.c @@ -47,98 +47,95 @@ #ifdef ENABLE_OPENPGP #include "openpgp/gnutls_openpgp.h" -static gnutls_privkey_t alloc_and_load_pgp_key (const gnutls_openpgp_privkey_t - key, int deinit); -static gnutls_pcert_st *alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert); +static gnutls_privkey_t alloc_and_load_pgp_key(const + gnutls_openpgp_privkey_t + key, int deinit); +static gnutls_pcert_st *alloc_and_load_pgp_certs(gnutls_openpgp_crt_t + cert); #endif -static gnutls_pcert_st *alloc_and_load_x509_certs (gnutls_x509_crt_t * certs, - unsigned); -static gnutls_privkey_t alloc_and_load_x509_key (gnutls_x509_privkey_t key, - int deinit); +static gnutls_pcert_st *alloc_and_load_x509_certs(gnutls_x509_crt_t * + certs, unsigned); +static gnutls_privkey_t alloc_and_load_x509_key(gnutls_x509_privkey_t key, + int deinit); #ifdef ENABLE_PKCS11 -static gnutls_privkey_t alloc_and_load_pkcs11_key (gnutls_pkcs11_privkey_t - key, int deinit); +static gnutls_privkey_t alloc_and_load_pkcs11_key(gnutls_pkcs11_privkey_t + key, int deinit); #endif #define MAX_CLIENT_SIGN_ALGOS 3 #define CERTTYPE_SIZE (MAX_CLIENT_SIGN_ALGOS+1) typedef enum CertificateSigType -{ RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64 + { RSA_SIGN = 1, DSA_SIGN = 2, ECDSA_SIGN = 64 } CertificateSigType; /* Copies data from a internal certificate struct (gnutls_pcert_st) to * exported certificate struct (cert_auth_info_t) */ -static int -_gnutls_copy_certificate_auth_info (cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts, /* openpgp only */ - void *keyid) +static int _gnutls_copy_certificate_auth_info(cert_auth_info_t info, gnutls_pcert_st * certs, size_t ncerts, /* openpgp only */ + void *keyid) { - /* Copy peer's information to auth_info_t - */ - int ret; - size_t i, j; - - if (info->raw_certificate_list != NULL) - { - for (j = 0; j < info->ncerts; j++) - _gnutls_free_datum (&info->raw_certificate_list[j]); - gnutls_free (info->raw_certificate_list); - } - - if (ncerts == 0) - { - info->raw_certificate_list = NULL; - info->ncerts = 0; - return 0; - } - - info->raw_certificate_list = - gnutls_calloc (ncerts, sizeof (gnutls_datum_t)); - if (info->raw_certificate_list == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - for (i = 0; i < ncerts; i++) - { - if (certs[i].cert.size > 0) - { - ret = - _gnutls_set_datum (&info->raw_certificate_list[i], - certs[i].cert.data, certs[i].cert.size); - if (ret < 0) - { - gnutls_assert (); - goto clear; - } - } - } - info->ncerts = ncerts; - info->cert_type = certs[0].type; + /* Copy peer's information to auth_info_t + */ + int ret; + size_t i, j; + + if (info->raw_certificate_list != NULL) { + for (j = 0; j < info->ncerts; j++) + _gnutls_free_datum(&info->raw_certificate_list[j]); + gnutls_free(info->raw_certificate_list); + } + + if (ncerts == 0) { + info->raw_certificate_list = NULL; + info->ncerts = 0; + return 0; + } + + info->raw_certificate_list = + gnutls_calloc(ncerts, sizeof(gnutls_datum_t)); + if (info->raw_certificate_list == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + for (i = 0; i < ncerts; i++) { + if (certs[i].cert.size > 0) { + ret = + _gnutls_set_datum(&info-> + raw_certificate_list[i], + certs[i].cert.data, + certs[i].cert.size); + if (ret < 0) { + gnutls_assert(); + goto clear; + } + } + } + info->ncerts = ncerts; + info->cert_type = certs[0].type; #ifdef ENABLE_OPENPGP - if (certs[0].type == GNUTLS_CRT_OPENPGP) - { - if (keyid) - memcpy (info->subkey_id, keyid, GNUTLS_OPENPGP_KEYID_SIZE); - } + if (certs[0].type == GNUTLS_CRT_OPENPGP) { + if (keyid) + memcpy(info->subkey_id, keyid, + GNUTLS_OPENPGP_KEYID_SIZE); + } #endif - return 0; + return 0; -clear: + clear: - for (j = 0; j < i; j++) - _gnutls_free_datum (&info->raw_certificate_list[j]); + for (j = 0; j < i; j++) + _gnutls_free_datum(&info->raw_certificate_list[j]); - gnutls_free (info->raw_certificate_list); - info->raw_certificate_list = NULL; + gnutls_free(info->raw_certificate_list); + info->raw_certificate_list = NULL; - return ret; + return ret; } @@ -148,19 +145,17 @@ clear: * -1 otherwise. */ inline static int -_gnutls_check_pk_algo_in_list (const gnutls_pk_algorithm_t * - pk_algos, int pk_algos_length, - gnutls_pk_algorithm_t algo_to_check) +_gnutls_check_pk_algo_in_list(const gnutls_pk_algorithm_t * + pk_algos, int pk_algos_length, + gnutls_pk_algorithm_t algo_to_check) { - int i; - for (i = 0; i < pk_algos_length; i++) - { - if (algo_to_check == pk_algos[i]) - { - return 0; - } - } - return -1; + int i; + for (i = 0; i < pk_algos_length; i++) { + if (algo_to_check == pk_algos[i]) { + return 0; + } + } + return -1; } @@ -168,46 +163,48 @@ _gnutls_check_pk_algo_in_list (const gnutls_pk_algorithm_t * * specified in cert. */ static int -_gnutls_cert_get_issuer_dn (gnutls_pcert_st * cert, gnutls_datum_t * odn) +_gnutls_cert_get_issuer_dn(gnutls_pcert_st * cert, gnutls_datum_t * odn) { - ASN1_TYPE dn; - int len, result; - int start, end; - - if ((result = asn1_create_element - (_gnutls_get_pkix (), "PKIX1.Certificate", &dn)) != ASN1_SUCCESS) - { - gnutls_assert (); - return _gnutls_asn2err (result); - } - - result = asn1_der_decoding (&dn, cert->cert.data, cert->cert.size, NULL); - if (result != ASN1_SUCCESS) - { - /* couldn't decode DER */ - gnutls_assert (); - asn1_delete_structure (&dn); - return _gnutls_asn2err (result); - } - - result = asn1_der_decoding_startEnd (dn, cert->cert.data, cert->cert.size, - "tbsCertificate.issuer", &start, &end); - - if (result != ASN1_SUCCESS) - { - /* couldn't decode DER */ - gnutls_assert (); - asn1_delete_structure (&dn); - return _gnutls_asn2err (result); - } - asn1_delete_structure (&dn); - - len = end - start + 1; - - odn->size = len; - odn->data = &cert->cert.data[start]; - - return 0; + ASN1_TYPE dn; + int len, result; + int start, end; + + if ((result = asn1_create_element + (_gnutls_get_pkix(), "PKIX1.Certificate", + &dn)) != ASN1_SUCCESS) { + gnutls_assert(); + return _gnutls_asn2err(result); + } + + result = + asn1_der_decoding(&dn, cert->cert.data, cert->cert.size, NULL); + if (result != ASN1_SUCCESS) { + /* couldn't decode DER */ + gnutls_assert(); + asn1_delete_structure(&dn); + return _gnutls_asn2err(result); + } + + result = + asn1_der_decoding_startEnd(dn, cert->cert.data, + cert->cert.size, + "tbsCertificate.issuer", &start, + &end); + + if (result != ASN1_SUCCESS) { + /* couldn't decode DER */ + gnutls_assert(); + asn1_delete_structure(&dn); + return _gnutls_asn2err(result); + } + asn1_delete_structure(&dn); + + len = end - start + 1; + + odn->size = len; + odn->data = &cert->cert.data[start]; + + return 0; } @@ -218,80 +215,85 @@ _gnutls_cert_get_issuer_dn (gnutls_pcert_st * cert, gnutls_datum_t * odn) * CAs and sign algorithms supported by the peer server. */ static int -_find_x509_cert (const gnutls_certificate_credentials_t cred, - uint8_t * _data, size_t _data_size, - const gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, int *indx) +_find_x509_cert(const gnutls_certificate_credentials_t cred, + uint8_t * _data, size_t _data_size, + const gnutls_pk_algorithm_t * pk_algos, + int pk_algos_length, int *indx) { - unsigned size; - gnutls_datum_t odn = { NULL, 0 }; - uint8_t *data = _data; - ssize_t data_size = _data_size; - unsigned i, j; - int result, cert_pk; - - *indx = -1; - - /* If peer doesn't send any issuers and we have a single certificate - * then send that one. - */ - if (data_size == 0 && cred->ncerts == 1) - { - *indx = 0; - return 0; - } - - do - { - DECR_LENGTH_RET (data_size, 2, 0); - size = _gnutls_read_uint16 (data); - DECR_LENGTH_RET (data_size, size, 0); - data += 2; - - for (i = 0; i < cred->ncerts; i++) - { - for (j = 0; j < cred->certs[i].cert_list_length; j++) - { - if ((result = - _gnutls_cert_get_issuer_dn (&cred->certs[i].cert_list[j], - &odn)) < 0) - { - gnutls_assert (); - return result; - } - - if (odn.size != size) - continue; - - /* If the DN matches and - * the *_SIGN algorithm matches - * the cert is our cert! - */ - cert_pk = - gnutls_pubkey_get_pk_algorithm (cred->certs[i].cert_list[0].pubkey, - NULL); - - if ((memcmp (odn.data, data, size) == 0) && - (_gnutls_check_pk_algo_in_list - (pk_algos, pk_algos_length, cert_pk) == 0)) - { - *indx = i; - break; - } - } - if (*indx != -1) - break; - } - - if (*indx != -1) - break; - - /* move to next record */ - data += size; - } - while (1); - - return 0; + unsigned size; + gnutls_datum_t odn = { NULL, 0 }; + uint8_t *data = _data; + ssize_t data_size = _data_size; + unsigned i, j; + int result, cert_pk; + + *indx = -1; + + /* If peer doesn't send any issuers and we have a single certificate + * then send that one. + */ + if (data_size == 0 && cred->ncerts == 1) { + *indx = 0; + return 0; + } + + do { + DECR_LENGTH_RET(data_size, 2, 0); + size = _gnutls_read_uint16(data); + DECR_LENGTH_RET(data_size, size, 0); + data += 2; + + for (i = 0; i < cred->ncerts; i++) { + for (j = 0; j < cred->certs[i].cert_list_length; + j++) { + if ((result = + _gnutls_cert_get_issuer_dn(&cred-> + certs[i]. + cert_list + [j], + &odn)) < + 0) { + gnutls_assert(); + return result; + } + + if (odn.size != size) + continue; + + /* If the DN matches and + * the *_SIGN algorithm matches + * the cert is our cert! + */ + cert_pk = + gnutls_pubkey_get_pk_algorithm(cred-> + certs + [i]. + cert_list + [0]. + pubkey, + NULL); + + if ((memcmp(odn.data, data, size) == 0) && + (_gnutls_check_pk_algo_in_list + (pk_algos, pk_algos_length, + cert_pk) == 0)) { + *indx = i; + break; + } + } + if (*indx != -1) + break; + } + + if (*indx != -1) + break; + + /* move to next record */ + data += size; + } + while (1); + + return 0; } @@ -299,37 +301,38 @@ _find_x509_cert (const gnutls_certificate_credentials_t cred, /* Locates the most appropriate openpgp cert */ static int -_find_openpgp_cert (const gnutls_certificate_credentials_t cred, - gnutls_pk_algorithm_t * pk_algos, - int pk_algos_length, int *indx) +_find_openpgp_cert(const gnutls_certificate_credentials_t cred, + gnutls_pk_algorithm_t * pk_algos, + int pk_algos_length, int *indx) { - unsigned i, j; - - *indx = -1; - - for (i = 0; i < cred->ncerts; i++) - { - for (j = 0; j < cred->certs[i].cert_list_length; j++) - { - - /* If the *_SIGN algorithm matches - * the cert is our cert! - */ - if ((_gnutls_check_pk_algo_in_list - (pk_algos, pk_algos_length, - gnutls_pubkey_get_pk_algorithm (cred->certs[i].cert_list[0].pubkey, - NULL)) == 0) - && (cred->certs[i].cert_list[0].type == GNUTLS_CRT_OPENPGP)) - { - *indx = i; - break; - } - } - if (*indx != -1) - break; - } - - return 0; + unsigned i, j; + + *indx = -1; + + for (i = 0; i < cred->ncerts; i++) { + for (j = 0; j < cred->certs[i].cert_list_length; j++) { + + /* If the *_SIGN algorithm matches + * the cert is our cert! + */ + if ((_gnutls_check_pk_algo_in_list + (pk_algos, pk_algos_length, + gnutls_pubkey_get_pk_algorithm(cred-> + certs[i]. + cert_list[0]. + pubkey, + NULL)) == 0) + && (cred->certs[i].cert_list[0].type == + GNUTLS_CRT_OPENPGP)) { + *indx = i; + break; + } + } + if (*indx != -1) + break; + } + + return 0; } #endif @@ -337,343 +340,318 @@ _find_openpgp_cert (const gnutls_certificate_credentials_t cred, * certificate request packet. */ static int -get_issuers_num (gnutls_session_t session, uint8_t * data, ssize_t data_size) +get_issuers_num(gnutls_session_t session, uint8_t * data, + ssize_t data_size) { - int issuers_dn_len = 0, result; - unsigned size; + int issuers_dn_len = 0, result; + unsigned size; - /* Count the number of the given issuers; - * This is used to allocate the issuers_dn without - * using realloc(). - */ + /* Count the number of the given issuers; + * This is used to allocate the issuers_dn without + * using realloc(). + */ - if (data_size == 0 || data == NULL) - return 0; + if (data_size == 0 || data == NULL) + return 0; - if (data_size > 0) - do - { - /* This works like DECR_LEN() - */ - result = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - DECR_LENGTH_COM (data_size, 2, goto error); - size = _gnutls_read_uint16 (data); + if (data_size > 0) + do { + /* This works like DECR_LEN() + */ + result = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + DECR_LENGTH_COM(data_size, 2, goto error); + size = _gnutls_read_uint16(data); - result = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - DECR_LENGTH_COM (data_size, size, goto error); + result = GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + DECR_LENGTH_COM(data_size, size, goto error); - data += 2; + data += 2; - if (size > 0) - { - issuers_dn_len++; - data += size; - } + if (size > 0) { + issuers_dn_len++; + data += size; + } - if (data_size == 0) - break; + if (data_size == 0) + break; - } - while (1); + } + while (1); - return issuers_dn_len; + return issuers_dn_len; -error: - return result; + error: + return result; } /* Returns the issuers in the server's certificate request * packet. */ static int -get_issuers (gnutls_session_t session, - gnutls_datum_t * issuers_dn, int issuers_len, - uint8_t * data, size_t data_size) +get_issuers(gnutls_session_t session, + gnutls_datum_t * issuers_dn, int issuers_len, + uint8_t * data, size_t data_size) { - int i; - unsigned size; + int i; + unsigned size; - if (gnutls_certificate_type_get (session) != GNUTLS_CRT_X509) - return 0; + if (gnutls_certificate_type_get(session) != GNUTLS_CRT_X509) + return 0; - /* put the requested DNs to req_dn, only in case - * of X509 certificates. - */ - if (issuers_len > 0) - { + /* put the requested DNs to req_dn, only in case + * of X509 certificates. + */ + if (issuers_len > 0) { - for (i = 0; i < issuers_len; i++) - { - /* The checks here for the buffer boundaries - * are not needed since the buffer has been - * parsed above. - */ - data_size -= 2; + for (i = 0; i < issuers_len; i++) { + /* The checks here for the buffer boundaries + * are not needed since the buffer has been + * parsed above. + */ + data_size -= 2; - size = _gnutls_read_uint16 (data); + size = _gnutls_read_uint16(data); - data += 2; + data += 2; - issuers_dn[i].data = data; - issuers_dn[i].size = size; + issuers_dn[i].data = data; + issuers_dn[i].size = size; - data += size; - } - } + data += size; + } + } - return 0; + return 0; } -static void -st_to_st2 (gnutls_retr2_st * st2, gnutls_retr_st * st) +static void st_to_st2(gnutls_retr2_st * st2, gnutls_retr_st * st) { - st2->cert_type = st->type; - if (st->type == GNUTLS_CRT_OPENPGP) - { - st2->key_type = GNUTLS_PRIVKEY_OPENPGP; - } - else - { - st2->key_type = GNUTLS_PRIVKEY_X509; - } - st2->ncerts = st->ncerts; - st2->deinit_all = st->deinit_all; - - switch (st2->cert_type) - { - case GNUTLS_CRT_OPENPGP: - st2->cert.pgp = st->cert.pgp; - st2->key.pgp = st->key.pgp; - break; - case GNUTLS_CRT_X509: - st2->cert.x509 = st->cert.x509; - st2->key.x509 = st->key.x509; - break; - default: - return; - } + st2->cert_type = st->type; + if (st->type == GNUTLS_CRT_OPENPGP) { + st2->key_type = GNUTLS_PRIVKEY_OPENPGP; + } else { + st2->key_type = GNUTLS_PRIVKEY_X509; + } + st2->ncerts = st->ncerts; + st2->deinit_all = st->deinit_all; + + switch (st2->cert_type) { + case GNUTLS_CRT_OPENPGP: + st2->cert.pgp = st->cert.pgp; + st2->key.pgp = st->key.pgp; + break; + case GNUTLS_CRT_X509: + st2->cert.x509 = st->cert.x509; + st2->key.x509 = st->key.x509; + break; + default: + return; + } } /* Calls the client get callback. */ static int -call_get_cert_callback (gnutls_session_t session, - const gnutls_datum_t * issuers_dn, - int issuers_dn_length, - gnutls_pk_algorithm_t * pk_algos, int pk_algos_length) +call_get_cert_callback(gnutls_session_t session, + const gnutls_datum_t * issuers_dn, + int issuers_dn_length, + gnutls_pk_algorithm_t * pk_algos, + int pk_algos_length) { - unsigned i; - gnutls_pcert_st *local_certs = NULL; - gnutls_privkey_t local_key = NULL; - int ret = GNUTLS_E_INTERNAL_ERROR; - gnutls_certificate_type_t type = gnutls_certificate_type_get (session); - gnutls_certificate_credentials_t cred; - gnutls_retr2_st st2; - gnutls_pcert_st *pcert = NULL; - unsigned int pcert_length = 0; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - memset (&st2, 0, sizeof (st2)); - - if (cred->get_cert_callback2) - { - /* we avoid all allocations and transformations */ - ret = cred->get_cert_callback2 (session, issuers_dn, issuers_dn_length, - pk_algos, pk_algos_length, - &pcert, &pcert_length, &local_key); - if (ret < 0) - return gnutls_assert_val (GNUTLS_E_USER_ERROR); - - if (pcert_length > 0 && type != pcert[0].type) - return gnutls_assert_val (GNUTLS_E_INVALID_REQUEST); - - if (pcert_length == 0) - { - pcert = NULL; - local_key = NULL; - } - _gnutls_selected_certs_set (session, pcert, pcert_length, local_key, 0); - - return 0; - - } - else if (cred->get_cert_callback) - { - ret = cred->get_cert_callback (session, issuers_dn, issuers_dn_length, - pk_algos, pk_algos_length, &st2); - - } - else - { /* compatibility mode */ - gnutls_retr_st st; - memset (&st, 0, sizeof (st)); - if (session->security_parameters.entity == GNUTLS_SERVER) - { - if (cred->server_get_cert_callback == NULL) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - ret = cred->server_get_cert_callback (session, &st); - if (ret >= 0) - st_to_st2 (&st2, &st); - } - else - { /* CLIENT */ - - if (cred->client_get_cert_callback == NULL) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - ret = cred->client_get_cert_callback (session, - issuers_dn, issuers_dn_length, - pk_algos, pk_algos_length, - &st); - if (ret >= 0) - st_to_st2 (&st2, &st); - } - } - - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_USER_ERROR; - } - - if (st2.ncerts == 0) - return 0; /* no certificate was selected */ - - if (type != st2.cert_type) - { - gnutls_assert (); - ret = GNUTLS_E_INVALID_REQUEST; - goto cleanup; - } - - - if (type == GNUTLS_CRT_X509) - { - local_certs = alloc_and_load_x509_certs (st2.cert.x509, st2.ncerts); - } - else - { /* PGP */ - if (st2.ncerts > 1) - { - gnutls_assert (); - ret = GNUTLS_E_INVALID_REQUEST; - goto cleanup; - } + unsigned i; + gnutls_pcert_st *local_certs = NULL; + gnutls_privkey_t local_key = NULL; + int ret = GNUTLS_E_INTERNAL_ERROR; + gnutls_certificate_type_t type = + gnutls_certificate_type_get(session); + gnutls_certificate_credentials_t cred; + gnutls_retr2_st st2; + gnutls_pcert_st *pcert = NULL; + unsigned int pcert_length = 0; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + memset(&st2, 0, sizeof(st2)); + + if (cred->get_cert_callback2) { + /* we avoid all allocations and transformations */ + ret = + cred->get_cert_callback2(session, issuers_dn, + issuers_dn_length, pk_algos, + pk_algos_length, &pcert, + &pcert_length, &local_key); + if (ret < 0) + return gnutls_assert_val(GNUTLS_E_USER_ERROR); + + if (pcert_length > 0 && type != pcert[0].type) + return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST); + + if (pcert_length == 0) { + pcert = NULL; + local_key = NULL; + } + _gnutls_selected_certs_set(session, pcert, pcert_length, + local_key, 0); + + return 0; + + } else if (cred->get_cert_callback) { + ret = + cred->get_cert_callback(session, issuers_dn, + issuers_dn_length, pk_algos, + pk_algos_length, &st2); + + } else { /* compatibility mode */ + gnutls_retr_st st; + memset(&st, 0, sizeof(st)); + if (session->security_parameters.entity == GNUTLS_SERVER) { + if (cred->server_get_cert_callback == NULL) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + ret = cred->server_get_cert_callback(session, &st); + if (ret >= 0) + st_to_st2(&st2, &st); + } else { /* CLIENT */ + + if (cred->client_get_cert_callback == NULL) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + ret = cred->client_get_cert_callback(session, + issuers_dn, + issuers_dn_length, + pk_algos, + pk_algos_length, + &st); + if (ret >= 0) + st_to_st2(&st2, &st); + } + } + + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_USER_ERROR; + } + + if (st2.ncerts == 0) + return 0; /* no certificate was selected */ + + if (type != st2.cert_type) { + gnutls_assert(); + ret = GNUTLS_E_INVALID_REQUEST; + goto cleanup; + } + + + if (type == GNUTLS_CRT_X509) { + local_certs = + alloc_and_load_x509_certs(st2.cert.x509, st2.ncerts); + } else { /* PGP */ + if (st2.ncerts > 1) { + gnutls_assert(); + ret = GNUTLS_E_INVALID_REQUEST; + goto cleanup; + } #ifdef ENABLE_OPENPGP - { - local_certs = alloc_and_load_pgp_certs (st2.cert.pgp); - } + { + local_certs = + alloc_and_load_pgp_certs(st2.cert.pgp); + } #else - ret = GNUTLS_E_UNIMPLEMENTED_FEATURE; - goto cleanup; + ret = GNUTLS_E_UNIMPLEMENTED_FEATURE; + goto cleanup; #endif - } - - if (local_certs == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - switch (st2.key_type) - { - case GNUTLS_PRIVKEY_OPENPGP: + } + + if (local_certs == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + switch (st2.key_type) { + case GNUTLS_PRIVKEY_OPENPGP: #ifdef ENABLE_OPENPGP - if (st2.key.pgp != NULL) - { - local_key = alloc_and_load_pgp_key (st2.key.pgp, st2.deinit_all); - if (local_key == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - } + if (st2.key.pgp != NULL) { + local_key = + alloc_and_load_pgp_key(st2.key.pgp, + st2.deinit_all); + if (local_key == NULL) { + gnutls_assert(); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + } #endif - break; - case GNUTLS_PRIVKEY_PKCS11: + break; + case GNUTLS_PRIVKEY_PKCS11: #ifdef ENABLE_PKCS11 - if (st2.key.pkcs11 != NULL) - { - local_key = - alloc_and_load_pkcs11_key (st2.key.pkcs11, st2.deinit_all); - if (local_key == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - } + if (st2.key.pkcs11 != NULL) { + local_key = + alloc_and_load_pkcs11_key(st2.key.pkcs11, + st2.deinit_all); + if (local_key == NULL) { + gnutls_assert(); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + } #endif - break; - case GNUTLS_PRIVKEY_X509: - if (st2.key.x509 != NULL) - { - local_key = alloc_and_load_x509_key (st2.key.x509, st2.deinit_all); - if (local_key == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - } - break; - default: - gnutls_assert(); - ret = GNUTLS_E_INVALID_REQUEST; - goto cleanup; - } - - _gnutls_selected_certs_set (session, local_certs, - (local_certs != NULL) ? st2.ncerts : 0, - local_key, 1); - - ret = 0; - -cleanup: - - if (st2.cert_type == GNUTLS_CRT_X509) - { - if (st2.deinit_all) - { - for (i = 0; i < st2.ncerts; i++) - { - gnutls_x509_crt_deinit (st2.cert.x509[i]); - } - gnutls_free(st2.cert.x509); - } - } - else - { + break; + case GNUTLS_PRIVKEY_X509: + if (st2.key.x509 != NULL) { + local_key = + alloc_and_load_x509_key(st2.key.x509, + st2.deinit_all); + if (local_key == NULL) { + gnutls_assert(); + ret = GNUTLS_E_INTERNAL_ERROR; + goto cleanup; + } + } + break; + default: + gnutls_assert(); + ret = GNUTLS_E_INVALID_REQUEST; + goto cleanup; + } + + _gnutls_selected_certs_set(session, local_certs, + (local_certs != NULL) ? st2.ncerts : 0, + local_key, 1); + + ret = 0; + + cleanup: + + if (st2.cert_type == GNUTLS_CRT_X509) { + if (st2.deinit_all) { + for (i = 0; i < st2.ncerts; i++) { + gnutls_x509_crt_deinit(st2.cert.x509[i]); + } + gnutls_free(st2.cert.x509); + } + } else { #ifdef ENABLE_OPENPGP - if (st2.deinit_all) - { - gnutls_openpgp_crt_deinit (st2.cert.pgp); - } + if (st2.deinit_all) { + gnutls_openpgp_crt_deinit(st2.cert.pgp); + } #endif - } + } - if (ret < 0) - { - if (local_key != NULL) - gnutls_privkey_deinit (local_key); - } + if (ret < 0) { + if (local_key != NULL) + gnutls_privkey_deinit(local_key); + } - return ret; + return ret; } /* Finds the appropriate certificate depending on the cA Distinguished name @@ -684,358 +662,365 @@ cleanup: * algorithm (only in automatic mode). */ static int -_select_client_cert (gnutls_session_t session, - uint8_t * _data, size_t _data_size, - gnutls_pk_algorithm_t * pk_algos, int pk_algos_length) +_select_client_cert(gnutls_session_t session, + uint8_t * _data, size_t _data_size, + gnutls_pk_algorithm_t * pk_algos, int pk_algos_length) { - int result; - int indx = -1; - gnutls_certificate_credentials_t cred; - uint8_t *data = _data; - ssize_t data_size = _data_size; - int issuers_dn_length; - gnutls_datum_t *issuers_dn = NULL; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if (cred->client_get_cert_callback != NULL - || cred->get_cert_callback != NULL || cred->get_cert_callback2 != NULL) - { - - /* use a callback to get certificate - */ - if (session->security_parameters.cert_type != GNUTLS_CRT_X509) - issuers_dn_length = 0; - else - { - issuers_dn_length = get_issuers_num (session, data, data_size); - if (issuers_dn_length < 0) - { - gnutls_assert (); - return issuers_dn_length; - } - - if (issuers_dn_length > 0) - { - issuers_dn = - gnutls_malloc (sizeof (gnutls_datum_t) * issuers_dn_length); - if (issuers_dn == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - result = - get_issuers (session, issuers_dn, issuers_dn_length, - data, data_size); - if (result < 0) - { - gnutls_assert (); - goto cleanup; - } - } - } - - result = - call_get_cert_callback (session, issuers_dn, issuers_dn_length, - pk_algos, pk_algos_length); - goto cleanup; - - } - else - { - /* If we have no callbacks, try to guess. - */ - result = 0; - - if (session->security_parameters.cert_type == GNUTLS_CRT_X509) - result = - _find_x509_cert (cred, _data, _data_size, - pk_algos, pk_algos_length, &indx); + int result; + int indx = -1; + gnutls_certificate_credentials_t cred; + uint8_t *data = _data; + ssize_t data_size = _data_size; + int issuers_dn_length; + gnutls_datum_t *issuers_dn = NULL; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if (cred->client_get_cert_callback != NULL + || cred->get_cert_callback != NULL + || cred->get_cert_callback2 != NULL) { + + /* use a callback to get certificate + */ + if (session->security_parameters.cert_type != + GNUTLS_CRT_X509) + issuers_dn_length = 0; + else { + issuers_dn_length = + get_issuers_num(session, data, data_size); + if (issuers_dn_length < 0) { + gnutls_assert(); + return issuers_dn_length; + } + + if (issuers_dn_length > 0) { + issuers_dn = + gnutls_malloc(sizeof(gnutls_datum_t) * + issuers_dn_length); + if (issuers_dn == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + result = + get_issuers(session, issuers_dn, + issuers_dn_length, data, + data_size); + if (result < 0) { + gnutls_assert(); + goto cleanup; + } + } + } + + result = + call_get_cert_callback(session, issuers_dn, + issuers_dn_length, pk_algos, + pk_algos_length); + goto cleanup; + + } else { + /* If we have no callbacks, try to guess. + */ + result = 0; + + if (session->security_parameters.cert_type == + GNUTLS_CRT_X509) + result = + _find_x509_cert(cred, _data, _data_size, + pk_algos, pk_algos_length, + &indx); #ifdef ENABLE_OPENPGP - else if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP) - result = _find_openpgp_cert (cred, pk_algos, pk_algos_length, &indx); + else if (session->security_parameters.cert_type == + GNUTLS_CRT_OPENPGP) + result = + _find_openpgp_cert(cred, pk_algos, + pk_algos_length, &indx); #endif - if (result < 0) - { - gnutls_assert (); - return result; - } - - if (indx >= 0) - { - _gnutls_selected_certs_set (session, - &cred->certs[indx].cert_list[0], - cred->certs[indx].cert_list_length, - cred->pkey[indx], 0); - } - else - { - _gnutls_selected_certs_set (session, NULL, 0, NULL, 0); - } - - result = 0; - } - -cleanup: - gnutls_free (issuers_dn); - return result; + if (result < 0) { + gnutls_assert(); + return result; + } + + if (indx >= 0) { + _gnutls_selected_certs_set(session, + &cred->certs[indx]. + cert_list[0], + cred->certs[indx]. + cert_list_length, + cred->pkey[indx], 0); + } else { + _gnutls_selected_certs_set(session, NULL, 0, NULL, + 0); + } + + result = 0; + } + + cleanup: + gnutls_free(issuers_dn); + return result; } /* Generate certificate message */ static int -_gnutls_gen_x509_crt (gnutls_session_t session, gnutls_buffer_st * data) +_gnutls_gen_x509_crt(gnutls_session_t session, gnutls_buffer_st * data) { - int ret, i; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - - /* find the appropriate certificate - */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = 3; - for (i = 0; i < apr_cert_list_length; i++) - { - ret += apr_cert_list[i].cert.size + 3; - /* hold size - * for uint24 */ - } - - /* if no certificates were found then send: - * 0B 00 00 03 00 00 00 // Certificate with no certs - * instead of: - * 0B 00 00 00 // empty certificate handshake - * - * ( the above is the whole handshake message, not - * the one produced here ) - */ - - ret = _gnutls_buffer_append_prefix (data, 24, ret - 3); - if (ret < 0) - return gnutls_assert_val (ret); - - for (i = 0; i < apr_cert_list_length; i++) - { - ret = - _gnutls_buffer_append_data_prefix (data, 24, - apr_cert_list[i].cert.data, - apr_cert_list[i].cert.size); - if (ret < 0) - return gnutls_assert_val (ret); - } - - return data->length; + int ret, i; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + + /* find the appropriate certificate + */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + ret = 3; + for (i = 0; i < apr_cert_list_length; i++) { + ret += apr_cert_list[i].cert.size + 3; + /* hold size + * for uint24 */ + } + + /* if no certificates were found then send: + * 0B 00 00 03 00 00 00 // Certificate with no certs + * instead of: + * 0B 00 00 00 // empty certificate handshake + * + * ( the above is the whole handshake message, not + * the one produced here ) + */ + + ret = _gnutls_buffer_append_prefix(data, 24, ret - 3); + if (ret < 0) + return gnutls_assert_val(ret); + + for (i = 0; i < apr_cert_list_length; i++) { + ret = + _gnutls_buffer_append_data_prefix(data, 24, + apr_cert_list[i]. + cert.data, + apr_cert_list[i]. + cert.size); + if (ret < 0) + return gnutls_assert_val(ret); + } + + return data->length; } enum PGPKeyDescriptorType -{ PGP_EMPTY_KEY=1, PGP_KEY_SUBKEY, PGP_KEY_FINGERPRINT_SUBKEY }; + { PGP_EMPTY_KEY = 1, PGP_KEY_SUBKEY, PGP_KEY_FINGERPRINT_SUBKEY }; #ifdef ENABLE_OPENPGP static int -_gnutls_gen_openpgp_certificate (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_openpgp_certificate(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - unsigned int subkey; - uint8_t type; - uint8_t fpr[GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE]; - char buf[2*GNUTLS_OPENPGP_KEYID_SIZE+1]; - size_t fpr_size; - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = 3 + 1 + 3; - - if (apr_cert_list_length > 0) - { - fpr_size = sizeof (fpr); - ret = - gnutls_pubkey_get_openpgp_key_id (apr_cert_list[0].pubkey, 0, fpr, - &fpr_size, &subkey); - if (ret < 0) - return gnutls_assert_val (ret); - - ret += 1 + fpr_size; /* for the keyid */ - _gnutls_handshake_log("Sending PGP key ID %s (%s)\n", _gnutls_bin2hex(fpr, GNUTLS_OPENPGP_KEYID_SIZE, buf, sizeof(buf), NULL), - subkey?"subkey":"master"); - - ret += apr_cert_list[0].cert.size; - } - - ret = _gnutls_buffer_append_prefix (data, 24, ret - 3); - if (ret < 0) - return gnutls_assert_val (ret); - - - if (apr_cert_list_length > 0) - { - type = PGP_KEY_SUBKEY; - - ret = _gnutls_buffer_append_data (data, &type, 1); - if (ret < 0) - return gnutls_assert_val (ret); - - ret = _gnutls_buffer_append_data_prefix (data, 8, fpr, fpr_size); - if (ret < 0) - return gnutls_assert_val (ret); - - ret = - _gnutls_buffer_append_data_prefix (data, 24, - apr_cert_list[0].cert.data, - apr_cert_list[0].cert.size); - if (ret < 0) - return gnutls_assert_val (ret); - } - else /* empty - no certificate */ - { - type = PGP_EMPTY_KEY; - - ret = _gnutls_buffer_append_data (data, &type, 1); - if (ret < 0) - return gnutls_assert_val (ret); - - ret = _gnutls_buffer_append_prefix (data, 24, 0); - if (ret < 0) - return gnutls_assert_val (ret); - } - - return data->length; + int ret; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + unsigned int subkey; + uint8_t type; + uint8_t fpr[GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE]; + char buf[2 * GNUTLS_OPENPGP_KEYID_SIZE + 1]; + size_t fpr_size; + + /* find the appropriate certificate */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + ret = 3 + 1 + 3; + + if (apr_cert_list_length > 0) { + fpr_size = sizeof(fpr); + ret = + gnutls_pubkey_get_openpgp_key_id(apr_cert_list[0]. + pubkey, 0, fpr, + &fpr_size, &subkey); + if (ret < 0) + return gnutls_assert_val(ret); + + ret += 1 + fpr_size; /* for the keyid */ + _gnutls_handshake_log("Sending PGP key ID %s (%s)\n", + _gnutls_bin2hex(fpr, + GNUTLS_OPENPGP_KEYID_SIZE, + buf, sizeof(buf), + NULL), + subkey ? "subkey" : "master"); + + ret += apr_cert_list[0].cert.size; + } + + ret = _gnutls_buffer_append_prefix(data, 24, ret - 3); + if (ret < 0) + return gnutls_assert_val(ret); + + + if (apr_cert_list_length > 0) { + type = PGP_KEY_SUBKEY; + + ret = _gnutls_buffer_append_data(data, &type, 1); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 8, fpr, + fpr_size); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 24, + apr_cert_list[0]. + cert.data, + apr_cert_list[0]. + cert.size); + if (ret < 0) + return gnutls_assert_val(ret); + } else { /* empty - no certificate */ + + type = PGP_EMPTY_KEY; + + ret = _gnutls_buffer_append_data(data, &type, 1); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_buffer_append_prefix(data, 24, 0); + if (ret < 0) + return gnutls_assert_val(ret); + } + + return data->length; } static int -_gnutls_gen_openpgp_certificate_fpr (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_openpgp_certificate_fpr(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret, packet_size; - uint8_t type, fpr[GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE]; - uint8_t id[GNUTLS_OPENPGP_KEYID_SIZE]; - unsigned int subkey; - size_t fpr_size, id_size; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - if (apr_cert_list_length <= 0) - return _gnutls_gen_openpgp_certificate (session, data); - - id_size = sizeof (id); - ret = - gnutls_pubkey_get_openpgp_key_id (apr_cert_list[0].pubkey, 0, id, - &id_size, &subkey); - if (ret < 0) - return gnutls_assert_val (ret); - - fpr_size = sizeof (fpr); - ret = - gnutls_pubkey_get_openpgp_key_id (apr_cert_list[0].pubkey, - GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT, - fpr, &fpr_size, NULL); - if (ret < 0) - return gnutls_assert_val (ret); - - packet_size = 3 + 1; - packet_size += 1 + fpr_size; /* for the keyid */ - - /* Only v4 fingerprints are sent - */ - packet_size += 20 + 1; - - ret = _gnutls_buffer_append_prefix (data, 24, packet_size - 3); - if (ret < 0) - return gnutls_assert_val (ret); - - type = PGP_KEY_FINGERPRINT_SUBKEY; - ret = _gnutls_buffer_append_data (data, &type, 1); - if (ret < 0) - return gnutls_assert_val (ret); - - ret = _gnutls_buffer_append_data_prefix (data, 8, id, id_size); - if (ret < 0) - return gnutls_assert_val (ret); - - ret = _gnutls_buffer_append_data_prefix (data, 8, fpr, fpr_size); - if (ret < 0) - return gnutls_assert_val (ret); - - return data->length; + int ret, packet_size; + uint8_t type, fpr[GNUTLS_OPENPGP_V4_FINGERPRINT_SIZE]; + uint8_t id[GNUTLS_OPENPGP_KEYID_SIZE]; + unsigned int subkey; + size_t fpr_size, id_size; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + + /* find the appropriate certificate */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + if (apr_cert_list_length <= 0) + return _gnutls_gen_openpgp_certificate(session, data); + + id_size = sizeof(id); + ret = + gnutls_pubkey_get_openpgp_key_id(apr_cert_list[0].pubkey, 0, + id, &id_size, &subkey); + if (ret < 0) + return gnutls_assert_val(ret); + + fpr_size = sizeof(fpr); + ret = + gnutls_pubkey_get_openpgp_key_id(apr_cert_list[0].pubkey, + GNUTLS_PUBKEY_GET_OPENPGP_FINGERPRINT, + fpr, &fpr_size, NULL); + if (ret < 0) + return gnutls_assert_val(ret); + + packet_size = 3 + 1; + packet_size += 1 + fpr_size; /* for the keyid */ + + /* Only v4 fingerprints are sent + */ + packet_size += 20 + 1; + + ret = _gnutls_buffer_append_prefix(data, 24, packet_size - 3); + if (ret < 0) + return gnutls_assert_val(ret); + + type = PGP_KEY_FINGERPRINT_SUBKEY; + ret = _gnutls_buffer_append_data(data, &type, 1); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_buffer_append_data_prefix(data, 8, id, id_size); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_buffer_append_data_prefix(data, 8, fpr, fpr_size); + if (ret < 0) + return gnutls_assert_val(ret); + + return data->length; } #endif int -_gnutls_gen_cert_client_crt (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_cert_client_crt(gnutls_session_t session, + gnutls_buffer_st * data) { - switch (session->security_parameters.cert_type) - { + switch (session->security_parameters.cert_type) { #ifdef ENABLE_OPENPGP - case GNUTLS_CRT_OPENPGP: - if (_gnutls_openpgp_send_fingerprint (session) == 0) - return _gnutls_gen_openpgp_certificate (session, data); - else - return _gnutls_gen_openpgp_certificate_fpr (session, data); + case GNUTLS_CRT_OPENPGP: + if (_gnutls_openpgp_send_fingerprint(session) == 0) + return _gnutls_gen_openpgp_certificate(session, + data); + else + return _gnutls_gen_openpgp_certificate_fpr(session, + data); #endif - case GNUTLS_CRT_X509: - return _gnutls_gen_x509_crt (session, data); + case GNUTLS_CRT_X509: + return _gnutls_gen_x509_crt(session, data); - default: - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } + default: + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } } int -_gnutls_gen_cert_server_crt (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_cert_server_crt(gnutls_session_t session, + gnutls_buffer_st * data) { - switch (session->security_parameters.cert_type) - { + switch (session->security_parameters.cert_type) { #ifdef ENABLE_OPENPGP - case GNUTLS_CRT_OPENPGP: - return _gnutls_gen_openpgp_certificate (session, data); + case GNUTLS_CRT_OPENPGP: + return _gnutls_gen_openpgp_certificate(session, data); #endif - case GNUTLS_CRT_X509: - return _gnutls_gen_x509_crt (session, data); - default: - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } + case GNUTLS_CRT_X509: + return _gnutls_gen_x509_crt(session, data); + default: + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } } /* Process server certificate @@ -1043,385 +1028,360 @@ _gnutls_gen_cert_server_crt (gnutls_session_t session, #define CLEAR_CERTS for(x=0;x<peer_certificate_list_size;x++) gnutls_pcert_deinit(&peer_certificate_list[x]) static int -_gnutls_proc_x509_server_crt (gnutls_session_t session, - uint8_t * data, size_t data_size) +_gnutls_proc_x509_server_crt(gnutls_session_t session, + uint8_t * data, size_t data_size) { - int size, len, ret; - uint8_t *p = data; - cert_auth_info_t info; - gnutls_certificate_credentials_t cred; - ssize_t dsize = data_size; - int i; - gnutls_pcert_st *peer_certificate_list; - size_t peer_certificate_list_size = 0, j, x; - gnutls_datum_t tmp; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - info = _gnutls_get_auth_info (session); - - if (data == NULL || data_size == 0) - { - gnutls_assert (); - /* no certificate was sent */ - return GNUTLS_E_NO_CERTIFICATE_FOUND; - } - - DECR_LEN (dsize, 3); - size = _gnutls_read_uint24 (p); - p += 3; - - /* some implementations send 0B 00 00 06 00 00 03 00 00 00 - * instead of just 0B 00 00 03 00 00 00 as an empty certificate message. - */ - if (size == 0 || size == 3) - { - gnutls_assert (); - /* no certificate was sent */ - return GNUTLS_E_NO_CERTIFICATE_FOUND; - } - - i = dsize; - while (i > 0) - { - DECR_LEN (dsize, 3); - len = _gnutls_read_uint24 (p); - p += 3; - DECR_LEN (dsize, len); - peer_certificate_list_size++; - p += len; - i -= len + 3; - } - - if (peer_certificate_list_size == 0) - { - gnutls_assert (); - return GNUTLS_E_NO_CERTIFICATE_FOUND; - } - - /* Ok we now allocate the memory to hold the - * certificate list - */ - - peer_certificate_list = - gnutls_calloc (1, - sizeof (gnutls_pcert_st) * (peer_certificate_list_size)); - if (peer_certificate_list == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - p = data + 3; - - /* Now we start parsing the list (again). - * We don't use DECR_LEN since the list has - * been parsed before. - */ - - for (j = 0; j < peer_certificate_list_size; j++) - { - len = _gnutls_read_uint24 (p); - p += 3; - - tmp.size = len; - tmp.data = p; - - ret = - gnutls_pcert_import_x509_raw (&peer_certificate_list - [j], &tmp, GNUTLS_X509_FMT_DER, 0); - if (ret < 0) - { - gnutls_assert (); - peer_certificate_list_size = j; - goto cleanup; - } - - p += len; - } - - - if ((ret = - _gnutls_copy_certificate_auth_info (info, - peer_certificate_list, - peer_certificate_list_size, - NULL)) < 0) - { - gnutls_assert (); - goto cleanup; - } - - if ((ret = - _gnutls_check_key_usage (&peer_certificate_list[0], - gnutls_kx_get (session))) < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = 0; - -cleanup: - CLEAR_CERTS; - gnutls_free (peer_certificate_list); - return ret; + int size, len, ret; + uint8_t *p = data; + cert_auth_info_t info; + gnutls_certificate_credentials_t cred; + ssize_t dsize = data_size; + int i; + gnutls_pcert_st *peer_certificate_list; + size_t peer_certificate_list_size = 0, j, x; + gnutls_datum_t tmp; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, + sizeof(cert_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + info = _gnutls_get_auth_info(session); + + if (data == NULL || data_size == 0) { + gnutls_assert(); + /* no certificate was sent */ + return GNUTLS_E_NO_CERTIFICATE_FOUND; + } + + DECR_LEN(dsize, 3); + size = _gnutls_read_uint24(p); + p += 3; + + /* some implementations send 0B 00 00 06 00 00 03 00 00 00 + * instead of just 0B 00 00 03 00 00 00 as an empty certificate message. + */ + if (size == 0 || size == 3) { + gnutls_assert(); + /* no certificate was sent */ + return GNUTLS_E_NO_CERTIFICATE_FOUND; + } + + i = dsize; + while (i > 0) { + DECR_LEN(dsize, 3); + len = _gnutls_read_uint24(p); + p += 3; + DECR_LEN(dsize, len); + peer_certificate_list_size++; + p += len; + i -= len + 3; + } + + if (peer_certificate_list_size == 0) { + gnutls_assert(); + return GNUTLS_E_NO_CERTIFICATE_FOUND; + } + + /* Ok we now allocate the memory to hold the + * certificate list + */ + + peer_certificate_list = + gnutls_calloc(1, + sizeof(gnutls_pcert_st) * + (peer_certificate_list_size)); + if (peer_certificate_list == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + p = data + 3; + + /* Now we start parsing the list (again). + * We don't use DECR_LEN since the list has + * been parsed before. + */ + + for (j = 0; j < peer_certificate_list_size; j++) { + len = _gnutls_read_uint24(p); + p += 3; + + tmp.size = len; + tmp.data = p; + + ret = + gnutls_pcert_import_x509_raw(&peer_certificate_list + [j], &tmp, + GNUTLS_X509_FMT_DER, 0); + if (ret < 0) { + gnutls_assert(); + peer_certificate_list_size = j; + goto cleanup; + } + + p += len; + } + + + if ((ret = + _gnutls_copy_certificate_auth_info(info, + peer_certificate_list, + peer_certificate_list_size, + NULL)) < 0) { + gnutls_assert(); + goto cleanup; + } + + if ((ret = + _gnutls_check_key_usage(&peer_certificate_list[0], + gnutls_kx_get(session))) < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = 0; + + cleanup: + CLEAR_CERTS; + gnutls_free(peer_certificate_list); + return ret; } #ifdef ENABLE_OPENPGP static int -_gnutls_proc_openpgp_server_crt (gnutls_session_t session, - uint8_t * data, size_t data_size) +_gnutls_proc_openpgp_server_crt(gnutls_session_t session, + uint8_t * data, size_t data_size) { - int size, ret, len; - uint8_t *p = data; - cert_auth_info_t info; - gnutls_certificate_credentials_t cred; - ssize_t dsize = data_size; - int key_type; - gnutls_pcert_st *peer_certificate_list = NULL; - gnutls_datum_t tmp, akey = { NULL, 0 }; - unsigned int compat = 0; - uint8_t subkey_id[GNUTLS_OPENPGP_KEYID_SIZE]; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - info = _gnutls_get_auth_info (session); - - if (data == NULL || data_size == 0) - { - gnutls_assert (); - return GNUTLS_E_NO_CERTIFICATE_FOUND; - } - - DECR_LEN (dsize, 3); - size = _gnutls_read_uint24 (p); - p += 3; - - if (size == 0) - { - gnutls_assert (); - /* no certificate was sent */ - return GNUTLS_E_NO_CERTIFICATE_FOUND; - } - - /* Read PGPKeyDescriptor */ - DECR_LEN (dsize, 1); - key_type = *p; - p++; - - /* Try to read the keyid if present */ - if (key_type == PGP_KEY_FINGERPRINT_SUBKEY || key_type == PGP_KEY_SUBKEY) - { - /* check size */ - if (*p != GNUTLS_OPENPGP_KEYID_SIZE) - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - } - - DECR_LEN (dsize, 1); - p++; - - DECR_LEN (dsize, GNUTLS_OPENPGP_KEYID_SIZE); - memcpy (subkey_id, p, GNUTLS_OPENPGP_KEYID_SIZE); - p += GNUTLS_OPENPGP_KEYID_SIZE; - } - - if (key_type == PGP_KEY_FINGERPRINT_SUBKEY) - { - DECR_LEN (dsize, 1); - len = (uint8_t) * p; - p++; - - if (len != 20) - { - gnutls_assert (); - return GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED; - } - - DECR_LEN (dsize, 20); - - /* request the actual key from our database, or - * a key server or anything. - */ - if ((ret = - _gnutls_openpgp_request_key (session, &akey, cred, p, 20)) < 0) - { - gnutls_assert (); - return ret; - } - tmp = akey; - } - else if (key_type == PGP_KEY_SUBKEY) - { /* the whole key */ - - /* Read the actual certificate */ - DECR_LEN (dsize, 3); - len = _gnutls_read_uint24 (p); - p += 3; - - if (len == 0) - { - gnutls_assert (); - /* no certificate was sent */ - return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); - } - - DECR_LEN (dsize, len); - - tmp.size = len; - tmp.data = p; - - } - else if (key_type == PGP_EMPTY_KEY) - { /* the whole key */ - - /* Read the actual certificate */ - DECR_LEN (dsize, 3); - len = _gnutls_read_uint24 (p); - p += 3; - - if (len == 0) /* PGP_EMPTY_KEY */ - return GNUTLS_E_NO_CERTIFICATE_FOUND; - /* Uncomment to remove compatibility with RFC5081. - else - return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);*/ - - DECR_LEN (dsize, len); - - tmp.size = len; - tmp.data = p; - - compat = 1; - } - else - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; - } - - /* ok we now have the peer's key in tmp datum - */ - peer_certificate_list = - gnutls_calloc (1, sizeof (gnutls_pcert_st)); - if (peer_certificate_list == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - ret = - gnutls_pcert_import_openpgp_raw (&peer_certificate_list[0], - &tmp, - GNUTLS_OPENPGP_FMT_RAW, - (compat==0)?subkey_id:NULL, - 0); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - if (compat != 0) - { - size_t t = sizeof(subkey_id); - gnutls_pubkey_get_openpgp_key_id(peer_certificate_list[0].pubkey, 0, subkey_id, &t, NULL); - } - - ret = - _gnutls_copy_certificate_auth_info (info, - peer_certificate_list, - 1, subkey_id); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - if ((ret = - _gnutls_check_key_usage (&peer_certificate_list[0], - gnutls_kx_get (session))) < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = 0; - -cleanup: - - _gnutls_free_datum (&akey); - gnutls_pcert_deinit(&peer_certificate_list[0]); - gnutls_free (peer_certificate_list); - return ret; + int size, ret, len; + uint8_t *p = data; + cert_auth_info_t info; + gnutls_certificate_credentials_t cred; + ssize_t dsize = data_size; + int key_type; + gnutls_pcert_st *peer_certificate_list = NULL; + gnutls_datum_t tmp, akey = { NULL, 0 }; + unsigned int compat = 0; + uint8_t subkey_id[GNUTLS_OPENPGP_KEYID_SIZE]; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, + sizeof(cert_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + info = _gnutls_get_auth_info(session); + + if (data == NULL || data_size == 0) { + gnutls_assert(); + return GNUTLS_E_NO_CERTIFICATE_FOUND; + } + + DECR_LEN(dsize, 3); + size = _gnutls_read_uint24(p); + p += 3; + + if (size == 0) { + gnutls_assert(); + /* no certificate was sent */ + return GNUTLS_E_NO_CERTIFICATE_FOUND; + } + + /* Read PGPKeyDescriptor */ + DECR_LEN(dsize, 1); + key_type = *p; + p++; + + /* Try to read the keyid if present */ + if (key_type == PGP_KEY_FINGERPRINT_SUBKEY + || key_type == PGP_KEY_SUBKEY) { + /* check size */ + if (*p != GNUTLS_OPENPGP_KEYID_SIZE) { + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + } + + DECR_LEN(dsize, 1); + p++; + + DECR_LEN(dsize, GNUTLS_OPENPGP_KEYID_SIZE); + memcpy(subkey_id, p, GNUTLS_OPENPGP_KEYID_SIZE); + p += GNUTLS_OPENPGP_KEYID_SIZE; + } + + if (key_type == PGP_KEY_FINGERPRINT_SUBKEY) { + DECR_LEN(dsize, 1); + len = (uint8_t) * p; + p++; + + if (len != 20) { + gnutls_assert(); + return GNUTLS_E_OPENPGP_FINGERPRINT_UNSUPPORTED; + } + + DECR_LEN(dsize, 20); + + /* request the actual key from our database, or + * a key server or anything. + */ + if ((ret = + _gnutls_openpgp_request_key(session, &akey, cred, p, + 20)) < 0) { + gnutls_assert(); + return ret; + } + tmp = akey; + } else if (key_type == PGP_KEY_SUBKEY) { /* the whole key */ + + /* Read the actual certificate */ + DECR_LEN(dsize, 3); + len = _gnutls_read_uint24(p); + p += 3; + + if (len == 0) { + gnutls_assert(); + /* no certificate was sent */ + return + gnutls_assert_val + (GNUTLS_E_UNEXPECTED_PACKET_LENGTH); + } + + DECR_LEN(dsize, len); + + tmp.size = len; + tmp.data = p; + + } else if (key_type == PGP_EMPTY_KEY) { /* the whole key */ + + /* Read the actual certificate */ + DECR_LEN(dsize, 3); + len = _gnutls_read_uint24(p); + p += 3; + + if (len == 0) /* PGP_EMPTY_KEY */ + return GNUTLS_E_NO_CERTIFICATE_FOUND; + /* Uncomment to remove compatibility with RFC5081. + else + return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH); */ + + DECR_LEN(dsize, len); + + tmp.size = len; + tmp.data = p; + + compat = 1; + } else { + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_CERTIFICATE_TYPE; + } + + /* ok we now have the peer's key in tmp datum + */ + peer_certificate_list = gnutls_calloc(1, sizeof(gnutls_pcert_st)); + if (peer_certificate_list == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + ret = + gnutls_pcert_import_openpgp_raw(&peer_certificate_list[0], + &tmp, + GNUTLS_OPENPGP_FMT_RAW, + (compat == + 0) ? subkey_id : NULL, 0); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + if (compat != 0) { + size_t t = sizeof(subkey_id); + gnutls_pubkey_get_openpgp_key_id(peer_certificate_list[0]. + pubkey, 0, subkey_id, &t, + NULL); + } + + ret = + _gnutls_copy_certificate_auth_info(info, + peer_certificate_list, + 1, subkey_id); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + if ((ret = + _gnutls_check_key_usage(&peer_certificate_list[0], + gnutls_kx_get(session))) < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = 0; + + cleanup: + + _gnutls_free_datum(&akey); + gnutls_pcert_deinit(&peer_certificate_list[0]); + gnutls_free(peer_certificate_list); + return ret; } #endif int -_gnutls_proc_crt (gnutls_session_t session, uint8_t * data, size_t data_size) +_gnutls_proc_crt(gnutls_session_t session, uint8_t * data, + size_t data_size) { - int ret; - gnutls_certificate_credentials_t cred; - - cred = - (gnutls_certificate_credentials_t) _gnutls_get_cred (session, - GNUTLS_CRD_CERTIFICATE, - NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - switch (session->security_parameters.cert_type) - { + int ret; + gnutls_certificate_credentials_t cred; + + cred = + (gnutls_certificate_credentials_t) _gnutls_get_cred(session, + GNUTLS_CRD_CERTIFICATE, + NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + switch (session->security_parameters.cert_type) { #ifdef ENABLE_OPENPGP - case GNUTLS_CRT_OPENPGP: - ret = _gnutls_proc_openpgp_server_crt (session, - data, data_size); - break; + case GNUTLS_CRT_OPENPGP: + ret = _gnutls_proc_openpgp_server_crt(session, + data, data_size); + break; #endif - case GNUTLS_CRT_X509: - ret = _gnutls_proc_x509_server_crt (session, data, data_size); - break; - default: - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - return ret; + case GNUTLS_CRT_X509: + ret = + _gnutls_proc_x509_server_crt(session, data, data_size); + break; + default: + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + return ret; } @@ -1430,352 +1390,332 @@ _gnutls_proc_crt (gnutls_session_t session, uint8_t * data, size_t data_size) * if true; */ inline static int -_gnutls_check_supported_sign_algo (CertificateSigType algo) +_gnutls_check_supported_sign_algo(CertificateSigType algo) { - switch (algo) - { - case RSA_SIGN: - return GNUTLS_PK_RSA; - case DSA_SIGN: - return GNUTLS_PK_DSA; - case ECDSA_SIGN: - return GNUTLS_PK_EC; - } - - return -1; + switch (algo) { + case RSA_SIGN: + return GNUTLS_PK_RSA; + case DSA_SIGN: + return GNUTLS_PK_DSA; + case ECDSA_SIGN: + return GNUTLS_PK_EC; + } + + return -1; } int -_gnutls_proc_cert_cert_req (gnutls_session_t session, uint8_t * data, - size_t data_size) +_gnutls_proc_cert_cert_req(gnutls_session_t session, uint8_t * data, + size_t data_size) { - int size, ret; - uint8_t *p; - gnutls_certificate_credentials_t cred; - ssize_t dsize; - int i; - gnutls_pk_algorithm_t pk_algos[MAX_CLIENT_SIGN_ALGOS]; - int pk_algos_length; - const version_entry_st* ver = get_version (session); - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 0)) < 0) - { - gnutls_assert (); - return ret; - } - - p = data; - dsize = data_size; - - DECR_LEN (dsize, 1); - size = p[0]; - p++; - /* check if the sign algorithm is supported. - */ - pk_algos_length = 0; - for (i = 0; i < size; i++, p++) - { - DECR_LEN (dsize, 1); - if ((ret = _gnutls_check_supported_sign_algo (*p)) > 0) - { - if (pk_algos_length < MAX_CLIENT_SIGN_ALGOS) - { - pk_algos[pk_algos_length++] = ret; - } - } - } - - if (pk_algos_length == 0) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_PK_ALGORITHM; - } - - if (_gnutls_version_has_selectable_sighash (ver)) - { - /* read supported hashes */ - int hash_num; - DECR_LEN (dsize, 2); - hash_num = _gnutls_read_uint16 (p); - p += 2; - DECR_LEN (dsize, hash_num); - - ret = _gnutls_sign_algorithm_parse_data (session, p, hash_num); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - p += hash_num; - } - - /* read the certificate authorities */ - DECR_LEN (dsize, 2); - size = _gnutls_read_uint16 (p); - p += 2; - - if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP - && size != 0) - { - gnutls_assert (); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } - - DECR_LEN (dsize, size); - - /* now we ask the user to tell which one - * he wants to use. - */ - if ((ret = - _select_client_cert (session, p, size, pk_algos, pk_algos_length)) < 0) - { - gnutls_assert (); - return ret; - } - - /* We should reply with a certificate message, - * even if we have no certificate to send. - */ - session->key.crt_requested = 1; - - return 0; + int size, ret; + uint8_t *p; + gnutls_certificate_credentials_t cred; + ssize_t dsize; + int i; + gnutls_pk_algorithm_t pk_algos[MAX_CLIENT_SIGN_ALGOS]; + int pk_algos_length; + const version_entry_st *ver = get_version(session); + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, + sizeof(cert_auth_info_st), 0)) < 0) { + gnutls_assert(); + return ret; + } + + p = data; + dsize = data_size; + + DECR_LEN(dsize, 1); + size = p[0]; + p++; + /* check if the sign algorithm is supported. + */ + pk_algos_length = 0; + for (i = 0; i < size; i++, p++) { + DECR_LEN(dsize, 1); + if ((ret = _gnutls_check_supported_sign_algo(*p)) > 0) { + if (pk_algos_length < MAX_CLIENT_SIGN_ALGOS) { + pk_algos[pk_algos_length++] = ret; + } + } + } + + if (pk_algos_length == 0) { + gnutls_assert(); + return GNUTLS_E_UNKNOWN_PK_ALGORITHM; + } + + if (_gnutls_version_has_selectable_sighash(ver)) { + /* read supported hashes */ + int hash_num; + DECR_LEN(dsize, 2); + hash_num = _gnutls_read_uint16(p); + p += 2; + DECR_LEN(dsize, hash_num); + + ret = + _gnutls_sign_algorithm_parse_data(session, p, + hash_num); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + p += hash_num; + } + + /* read the certificate authorities */ + DECR_LEN(dsize, 2); + size = _gnutls_read_uint16(p); + p += 2; + + if (session->security_parameters.cert_type == GNUTLS_CRT_OPENPGP + && size != 0) { + gnutls_assert(); + return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + } + + DECR_LEN(dsize, size); + + /* now we ask the user to tell which one + * he wants to use. + */ + if ((ret = + _select_client_cert(session, p, size, pk_algos, + pk_algos_length)) < 0) { + gnutls_assert(); + return ret; + } + + /* We should reply with a certificate message, + * even if we have no certificate to send. + */ + session->key.crt_requested = 1; + + return 0; } int -_gnutls_gen_cert_client_crt_vrfy (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_cert_client_crt_vrfy(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - gnutls_datum_t signature = { NULL, 0 }; - gnutls_sign_algorithm_t sign_algo; - const version_entry_st* ver = get_version (session); - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - if (apr_cert_list_length > 0) - { - if ((ret = - _gnutls_handshake_sign_crt_vrfy (session, - &apr_cert_list[0], - apr_pkey, &signature)) < 0) - { - gnutls_assert (); - return ret; - } - sign_algo = ret; - } - else - { - return 0; - } - - if (_gnutls_version_has_selectable_sighash (ver)) - { - const sign_algorithm_st *aid; - uint8_t p[2]; - /* error checking is not needed here since we have used those algorithms */ - aid = _gnutls_sign_to_tls_aid (sign_algo); - if (aid == NULL) - return gnutls_assert_val (GNUTLS_E_UNKNOWN_ALGORITHM); - - p[0] = aid->hash_algorithm; - p[1] = aid->sign_algorithm; - ret = _gnutls_buffer_append_data (data, p, 2); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - } - - ret = - _gnutls_buffer_append_data_prefix (data, 16, signature.data, - signature.size); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = data->length; - -cleanup: - _gnutls_free_datum (&signature); - return ret; + int ret; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + gnutls_datum_t signature = { NULL, 0 }; + gnutls_sign_algorithm_t sign_algo; + const version_entry_st *ver = get_version(session); + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + /* find the appropriate certificate */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + if (apr_cert_list_length > 0) { + if ((ret = + _gnutls_handshake_sign_crt_vrfy(session, + &apr_cert_list[0], + apr_pkey, + &signature)) < 0) { + gnutls_assert(); + return ret; + } + sign_algo = ret; + } else { + return 0; + } + + if (_gnutls_version_has_selectable_sighash(ver)) { + const sign_algorithm_st *aid; + uint8_t p[2]; + /* error checking is not needed here since we have used those algorithms */ + aid = _gnutls_sign_to_tls_aid(sign_algo); + if (aid == NULL) + return + gnutls_assert_val(GNUTLS_E_UNKNOWN_ALGORITHM); + + p[0] = aid->hash_algorithm; + p[1] = aid->sign_algorithm; + ret = _gnutls_buffer_append_data(data, p, 2); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + } + + ret = + _gnutls_buffer_append_data_prefix(data, 16, signature.data, + signature.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = data->length; + + cleanup: + _gnutls_free_datum(&signature); + return ret; } int -_gnutls_proc_cert_client_crt_vrfy (gnutls_session_t session, - uint8_t * data, size_t data_size) +_gnutls_proc_cert_client_crt_vrfy(gnutls_session_t session, + uint8_t * data, size_t data_size) { - int size, ret; - ssize_t dsize = data_size; - uint8_t *pdata = data; - gnutls_datum_t sig; - cert_auth_info_t info = _gnutls_get_auth_info (session); - gnutls_pcert_st peer_cert; - gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; - const version_entry_st* ver = get_version (session); - - if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) - { - gnutls_assert (); - /* we need this in order to get peer's certificate */ - return GNUTLS_E_INTERNAL_ERROR; - } - - if (_gnutls_version_has_selectable_sighash (ver)) - { - sign_algorithm_st aid; - - DECR_LEN (dsize, 2); - aid.hash_algorithm = pdata[0]; - aid.sign_algorithm = pdata[1]; - - sign_algo = _gnutls_tls_aid_to_sign (&aid); - if (sign_algo == GNUTLS_SIGN_UNKNOWN) - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; - } - pdata += 2; - } - - ret = _gnutls_session_sign_algo_enabled (session, sign_algo); - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; - } - - DECR_LEN (dsize, 2); - size = _gnutls_read_uint16 (pdata); - pdata += 2; - - DECR_LEN (dsize, size); - - sig.data = pdata; - sig.size = size; - - ret = _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - if ((ret = - _gnutls_handshake_verify_crt_vrfy (session, &peer_cert, &sig, - sign_algo)) < 0) - { - gnutls_assert (); - gnutls_pcert_deinit (&peer_cert); - return ret; - } - gnutls_pcert_deinit (&peer_cert); - - return 0; + int size, ret; + ssize_t dsize = data_size; + uint8_t *pdata = data; + gnutls_datum_t sig; + cert_auth_info_t info = _gnutls_get_auth_info(session); + gnutls_pcert_st peer_cert; + gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; + const version_entry_st *ver = get_version(session); + + if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) { + gnutls_assert(); + /* we need this in order to get peer's certificate */ + return GNUTLS_E_INTERNAL_ERROR; + } + + if (_gnutls_version_has_selectable_sighash(ver)) { + sign_algorithm_st aid; + + DECR_LEN(dsize, 2); + aid.hash_algorithm = pdata[0]; + aid.sign_algorithm = pdata[1]; + + sign_algo = _gnutls_tls_aid_to_sign(&aid); + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; + } + pdata += 2; + } + + ret = _gnutls_session_sign_algo_enabled(session, sign_algo); + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; + } + + DECR_LEN(dsize, 2); + size = _gnutls_read_uint16(pdata); + pdata += 2; + + DECR_LEN(dsize, size); + + sig.data = pdata; + sig.size = size; + + ret = _gnutls_get_auth_info_pcert(&peer_cert, + session->security_parameters. + cert_type, info); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + if ((ret = + _gnutls_handshake_verify_crt_vrfy(session, &peer_cert, &sig, + sign_algo)) < 0) { + gnutls_assert(); + gnutls_pcert_deinit(&peer_cert); + return ret; + } + gnutls_pcert_deinit(&peer_cert); + + return 0; } int -_gnutls_gen_cert_server_cert_req (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_cert_server_cert_req(gnutls_session_t session, + gnutls_buffer_st * data) { - gnutls_certificate_credentials_t cred; - int ret; - uint8_t tmp_data[CERTTYPE_SIZE]; - const version_entry_st* ver = get_version (session); - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - /* Now we need to generate the RDN sequence. This is - * already in the CERTIFICATE_CRED structure, to improve - * performance. - */ - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - tmp_data[0] = CERTTYPE_SIZE - 1; - tmp_data[1] = RSA_SIGN; - tmp_data[2] = DSA_SIGN; - tmp_data[3] = ECDSA_SIGN; /* only these for now */ - - ret = _gnutls_buffer_append_data (data, tmp_data, CERTTYPE_SIZE); - if (ret < 0) - return gnutls_assert_val (ret); - - if (_gnutls_version_has_selectable_sighash (ver)) - { - uint8_t p[MAX_SIGN_ALGO_SIZE]; - - ret = - _gnutls_sign_algorithm_write_params (session, p, MAX_SIGN_ALGO_SIZE); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_buffer_append_data (data, p, ret); - if (ret < 0) - return gnutls_assert_val (ret); - } - - if (session->security_parameters.cert_type == GNUTLS_CRT_X509 && - session->internals.ignore_rdn_sequence == 0) - { - ret = - _gnutls_buffer_append_data_prefix (data, 16, - cred->x509_rdn_sequence.data, - cred->x509_rdn_sequence.size); - if (ret < 0) - return gnutls_assert_val (ret); - } - else - { - ret = _gnutls_buffer_append_prefix (data, 16, 0); - if (ret < 0) - return gnutls_assert_val (ret); - } - - return data->length; + gnutls_certificate_credentials_t cred; + int ret; + uint8_t tmp_data[CERTTYPE_SIZE]; + const version_entry_st *ver = get_version(session); + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + /* Now we need to generate the RDN sequence. This is + * already in the CERTIFICATE_CRED structure, to improve + * performance. + */ + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + tmp_data[0] = CERTTYPE_SIZE - 1; + tmp_data[1] = RSA_SIGN; + tmp_data[2] = DSA_SIGN; + tmp_data[3] = ECDSA_SIGN; /* only these for now */ + + ret = _gnutls_buffer_append_data(data, tmp_data, CERTTYPE_SIZE); + if (ret < 0) + return gnutls_assert_val(ret); + + if (_gnutls_version_has_selectable_sighash(ver)) { + uint8_t p[MAX_SIGN_ALGO_SIZE]; + + ret = + _gnutls_sign_algorithm_write_params(session, p, + MAX_SIGN_ALGO_SIZE); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_buffer_append_data(data, p, ret); + if (ret < 0) + return gnutls_assert_val(ret); + } + + if (session->security_parameters.cert_type == GNUTLS_CRT_X509 && + session->internals.ignore_rdn_sequence == 0) { + ret = + _gnutls_buffer_append_data_prefix(data, 16, + cred-> + x509_rdn_sequence. + data, + cred-> + x509_rdn_sequence. + size); + if (ret < 0) + return gnutls_assert_val(ret); + } else { + ret = _gnutls_buffer_append_prefix(data, 16, 0); + if (ret < 0) + return gnutls_assert_val(ret); + } + + return data->length; } @@ -1787,187 +1727,176 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, * */ int -_gnutls_get_selected_cert (gnutls_session_t session, - gnutls_pcert_st ** apr_cert_list, - int *apr_cert_list_length, - gnutls_privkey_t * apr_pkey) +_gnutls_get_selected_cert(gnutls_session_t session, + gnutls_pcert_st ** apr_cert_list, + int *apr_cert_list_length, + gnutls_privkey_t * apr_pkey) { - if (session->security_parameters.entity == GNUTLS_SERVER) - { + if (session->security_parameters.entity == GNUTLS_SERVER) { - /* select_client_cert() has been called before. - */ + /* select_client_cert() has been called before. + */ - *apr_cert_list = session->internals.selected_cert_list; - *apr_pkey = session->internals.selected_key; - *apr_cert_list_length = session->internals.selected_cert_list_length; + *apr_cert_list = session->internals.selected_cert_list; + *apr_pkey = session->internals.selected_key; + *apr_cert_list_length = + session->internals.selected_cert_list_length; - if (*apr_cert_list_length == 0 || *apr_cert_list == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } + if (*apr_cert_list_length == 0 || *apr_cert_list == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } - } - else - { /* CLIENT SIDE - */ + } else { /* CLIENT SIDE + */ - /* we have already decided which certificate - * to send. - */ - *apr_cert_list = session->internals.selected_cert_list; - *apr_cert_list_length = session->internals.selected_cert_list_length; - *apr_pkey = session->internals.selected_key; + /* we have already decided which certificate + * to send. + */ + *apr_cert_list = session->internals.selected_cert_list; + *apr_cert_list_length = + session->internals.selected_cert_list_length; + *apr_pkey = session->internals.selected_key; - } + } - return 0; + return 0; } /* converts the given x509 certificate list to gnutls_pcert_st* and allocates * space for them. */ -static gnutls_pcert_st * -alloc_and_load_x509_certs (gnutls_x509_crt_t * certs, unsigned ncerts) +static gnutls_pcert_st *alloc_and_load_x509_certs(gnutls_x509_crt_t * + certs, unsigned ncerts) { - gnutls_pcert_st *local_certs; - int ret = 0; - unsigned i, j; - - if (certs == NULL) - return NULL; - - local_certs = gnutls_malloc (sizeof (gnutls_pcert_st) * ncerts); - if (local_certs == NULL) - { - gnutls_assert (); - return NULL; - } - - for (i = 0; i < ncerts; i++) - { - ret = gnutls_pcert_import_x509 (&local_certs[i], certs[i], 0); - if (ret < 0) - break; - } - - if (ret < 0) - { - gnutls_assert (); - for (j = 0; j < i; j++) - { - gnutls_pcert_deinit (&local_certs[j]); - } - gnutls_free (local_certs); - return NULL; - } - - return local_certs; + gnutls_pcert_st *local_certs; + int ret = 0; + unsigned i, j; + + if (certs == NULL) + return NULL; + + local_certs = gnutls_malloc(sizeof(gnutls_pcert_st) * ncerts); + if (local_certs == NULL) { + gnutls_assert(); + return NULL; + } + + for (i = 0; i < ncerts; i++) { + ret = + gnutls_pcert_import_x509(&local_certs[i], certs[i], 0); + if (ret < 0) + break; + } + + if (ret < 0) { + gnutls_assert(); + for (j = 0; j < i; j++) { + gnutls_pcert_deinit(&local_certs[j]); + } + gnutls_free(local_certs); + return NULL; + } + + return local_certs; } /* converts the given x509 key to gnutls_privkey* and allocates * space for it. */ static gnutls_privkey_t -alloc_and_load_x509_key (gnutls_x509_privkey_t key, int deinit) +alloc_and_load_x509_key(gnutls_x509_privkey_t key, int deinit) { - gnutls_privkey_t local_key; - int ret = 0; - - if (key == NULL) - return NULL; - - ret = gnutls_privkey_init (&local_key); - if (ret < 0) - { - gnutls_assert (); - return NULL; - } - - ret = - gnutls_privkey_import_x509 (local_key, key, - deinit ? GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE : - 0); - if (ret < 0) - { - gnutls_assert (); - gnutls_privkey_deinit (local_key); - return NULL; - } - - return local_key; + gnutls_privkey_t local_key; + int ret = 0; + + if (key == NULL) + return NULL; + + ret = gnutls_privkey_init(&local_key); + if (ret < 0) { + gnutls_assert(); + return NULL; + } + + ret = + gnutls_privkey_import_x509(local_key, key, + deinit ? + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE : + 0); + if (ret < 0) { + gnutls_assert(); + gnutls_privkey_deinit(local_key); + return NULL; + } + + return local_key; } /* converts the given pgp certificate to gnutls_cert* and allocates * space for them. */ #ifdef ENABLE_OPENPGP -static gnutls_pcert_st * -alloc_and_load_pgp_certs (gnutls_openpgp_crt_t cert) +static gnutls_pcert_st *alloc_and_load_pgp_certs(gnutls_openpgp_crt_t cert) { - gnutls_pcert_st *local_certs; - int ret = 0; - - if (cert == NULL) - return NULL; - - local_certs = gnutls_malloc (sizeof (gnutls_pcert_st)); - if (local_certs == NULL) - { - gnutls_assert (); - return NULL; - } - - ret = gnutls_pcert_import_openpgp (local_certs, cert, 0); - if (ret < 0) - { - gnutls_assert (); - return NULL; - } - - if (ret < 0) - { - gnutls_assert (); - gnutls_pcert_deinit (local_certs); - gnutls_free (local_certs); - return NULL; - } - - return local_certs; + gnutls_pcert_st *local_certs; + int ret = 0; + + if (cert == NULL) + return NULL; + + local_certs = gnutls_malloc(sizeof(gnutls_pcert_st)); + if (local_certs == NULL) { + gnutls_assert(); + return NULL; + } + + ret = gnutls_pcert_import_openpgp(local_certs, cert, 0); + if (ret < 0) { + gnutls_assert(); + return NULL; + } + + if (ret < 0) { + gnutls_assert(); + gnutls_pcert_deinit(local_certs); + gnutls_free(local_certs); + return NULL; + } + + return local_certs; } /* converts the given raw key to gnutls_privkey* and allocates * space for it. */ static gnutls_privkey_t -alloc_and_load_pgp_key (gnutls_openpgp_privkey_t key, int deinit) +alloc_and_load_pgp_key(gnutls_openpgp_privkey_t key, int deinit) { - gnutls_privkey_t local_key; - int ret = 0; - - if (key == NULL) - return NULL; - - ret = gnutls_privkey_init (&local_key); - if (ret < 0) - { - gnutls_assert (); - return NULL; - } - - ret = - gnutls_privkey_import_openpgp (local_key, key, - deinit ? GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE - : 0); - if (ret < 0) - { - gnutls_assert (); - gnutls_privkey_deinit (local_key); - return NULL; - } - - return local_key; + gnutls_privkey_t local_key; + int ret = 0; + + if (key == NULL) + return NULL; + + ret = gnutls_privkey_init(&local_key); + if (ret < 0) { + gnutls_assert(); + return NULL; + } + + ret = + gnutls_privkey_import_openpgp(local_key, key, + deinit ? + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE + : 0); + if (ret < 0) { + gnutls_assert(); + gnutls_privkey_deinit(local_key); + return NULL; + } + + return local_key; } #endif @@ -1977,91 +1906,92 @@ alloc_and_load_pgp_key (gnutls_openpgp_privkey_t key, int deinit) * space for it. */ static gnutls_privkey_t -alloc_and_load_pkcs11_key (gnutls_pkcs11_privkey_t key, int deinit) +alloc_and_load_pkcs11_key(gnutls_pkcs11_privkey_t key, int deinit) { - gnutls_privkey_t local_key; - int ret = 0; - - if (key == NULL) - return NULL; - - ret = gnutls_privkey_init (&local_key); - if (ret < 0) - { - gnutls_assert (); - return NULL; - } - - ret = - gnutls_privkey_import_pkcs11 (local_key, key, - deinit ? GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE - : 0); - if (ret < 0) - { - gnutls_assert (); - gnutls_privkey_deinit (local_key); - return NULL; - } - - return local_key; + gnutls_privkey_t local_key; + int ret = 0; + + if (key == NULL) + return NULL; + + ret = gnutls_privkey_init(&local_key); + if (ret < 0) { + gnutls_assert(); + return NULL; + } + + ret = + gnutls_privkey_import_pkcs11(local_key, key, + deinit ? + GNUTLS_PRIVKEY_IMPORT_AUTO_RELEASE + : 0); + if (ret < 0) { + gnutls_assert(); + gnutls_privkey_deinit(local_key); + return NULL; + } + + return local_key; } #endif -void -_gnutls_selected_certs_deinit (gnutls_session_t session) +void _gnutls_selected_certs_deinit(gnutls_session_t session) { - if (session->internals.selected_need_free != 0) - { - int i; - - for (i = 0; i < session->internals.selected_cert_list_length; i++) - { - gnutls_pcert_deinit (&session->internals.selected_cert_list[i]); - } - gnutls_free (session->internals.selected_cert_list); - session->internals.selected_cert_list = NULL; - session->internals.selected_cert_list_length = 0; - - gnutls_privkey_deinit(session->internals.selected_key); - session->internals.selected_key = NULL; - } - - return; + if (session->internals.selected_need_free != 0) { + int i; + + for (i = 0; + i < session->internals.selected_cert_list_length; + i++) { + gnutls_pcert_deinit(&session->internals. + selected_cert_list[i]); + } + gnutls_free(session->internals.selected_cert_list); + session->internals.selected_cert_list = NULL; + session->internals.selected_cert_list_length = 0; + + gnutls_privkey_deinit(session->internals.selected_key); + session->internals.selected_key = NULL; + } + + return; } void -_gnutls_selected_certs_set (gnutls_session_t session, - gnutls_pcert_st * certs, int ncerts, - gnutls_privkey_t key, int need_free) +_gnutls_selected_certs_set(gnutls_session_t session, + gnutls_pcert_st * certs, int ncerts, + gnutls_privkey_t key, int need_free) { - _gnutls_selected_certs_deinit (session); + _gnutls_selected_certs_deinit(session); - session->internals.selected_cert_list = certs; - session->internals.selected_cert_list_length = ncerts; - session->internals.selected_key = key; - session->internals.selected_need_free = need_free; + session->internals.selected_cert_list = certs; + session->internals.selected_cert_list_length = ncerts; + session->internals.selected_key = key; + session->internals.selected_need_free = need_free; } -static void get_server_name(gnutls_session_t session, uint8_t* name, size_t max_name_size) +static void get_server_name(gnutls_session_t session, uint8_t * name, + size_t max_name_size) { -int ret, i; -size_t max_name; -unsigned int type; - - ret = 0; - for (i=0; !(ret<0);i++) - { - max_name = max_name_size; - ret = gnutls_server_name_get (session, name, &max_name, &type, i); - if (ret >= 0 && type == GNUTLS_NAME_DNS) - return; - } - - name[0] = 0; - - return; + int ret, i; + size_t max_name; + unsigned int type; + + ret = 0; + for (i = 0; !(ret < 0); i++) { + max_name = max_name_size; + ret = + gnutls_server_name_get(session, name, &max_name, &type, + i); + if (ret >= 0 && type == GNUTLS_NAME_DNS) + return; + } + + name[0] = 0; + + return; } /* finds the most appropriate certificate in the cert list. @@ -2075,98 +2005,109 @@ unsigned int type; * */ int -_gnutls_server_select_cert (gnutls_session_t session, - gnutls_pk_algorithm_t * pk_algos, - size_t pk_algos_size) +_gnutls_server_select_cert(gnutls_session_t session, + gnutls_pk_algorithm_t * pk_algos, + size_t pk_algos_size) { - unsigned i, j; - int idx, ret; - gnutls_certificate_credentials_t cred; - char server_name[MAX_CN]; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - /* If the callback which retrieves certificate has been set, - * use it and leave. - */ - if (cred->server_get_cert_callback || cred->get_cert_callback - || cred->get_cert_callback2) - { - ret = call_get_cert_callback (session, NULL, 0, NULL, 0); - if (ret < 0) - return gnutls_assert_val (ret); - return ret; - } - - /* Otherwise... */ - - get_server_name(session, (unsigned char*)server_name, sizeof(server_name)); - - idx = -1; /* default is use no certificate */ - - /* find certificates that match the requested server_name - */ - - if (server_name[0] != 0) - { - for (i = 0; i < cred->ncerts; i++) - { - if (cred->certs[i].names != NULL && _gnutls_str_array_match(cred->certs[i].names, server_name) != 0) - { - /* if requested algorithms are also compatible select it */ - gnutls_pk_algorithm pk = - gnutls_pubkey_get_pk_algorithm (cred->certs[i].cert_list[0].pubkey, - NULL); - - _gnutls_handshake_log("HSK[%p]: Requested server name: '%s', ctype: %s (%d)", session, server_name, - gnutls_certificate_type_get_name (session->security_parameters.cert_type), - session->security_parameters.cert_type); - - if (session->security_parameters.cert_type == cred->certs[i].cert_list[0].type) - { - for (j = 0; j < pk_algos_size; j++) - if (pk_algos[j] == pk) - { - idx = i; - goto finished; - } - } - } - } - } - - for (j = 0; j < pk_algos_size; j++) - { - _gnutls_handshake_log - ("HSK[%p]: Requested PK algorithm: %s (%d) -- ctype: %s (%d)\n", - session, gnutls_pk_get_name (pk_algos[j]), pk_algos[j], - gnutls_certificate_type_get_name (session->security_parameters. - cert_type), - session->security_parameters.cert_type); - - for (i = 0; i < cred->ncerts; i++) - { - gnutls_pk_algorithm pk = - gnutls_pubkey_get_pk_algorithm (cred->certs[i].cert_list[0].pubkey, - NULL); - /* find one compatible certificate - */ - _gnutls_handshake_log - ("HSK[%p]: certificate[%d] PK algorithm: %s (%d) - ctype: %s (%d)\n", - session, i, gnutls_pk_get_name (pk), pk, - gnutls_certificate_type_get_name (cred->certs[i].cert_list[0].type), - cred->certs[i].cert_list[0].type); - - if (pk_algos[j] == pk) - { - /* if cert type matches - */ + unsigned i, j; + int idx, ret; + gnutls_certificate_credentials_t cred; + char server_name[MAX_CN]; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + /* If the callback which retrieves certificate has been set, + * use it and leave. + */ + if (cred->server_get_cert_callback || cred->get_cert_callback + || cred->get_cert_callback2) { + ret = call_get_cert_callback(session, NULL, 0, NULL, 0); + if (ret < 0) + return gnutls_assert_val(ret); + return ret; + } + + /* Otherwise... */ + + get_server_name(session, (unsigned char *) server_name, + sizeof(server_name)); + + idx = -1; /* default is use no certificate */ + + /* find certificates that match the requested server_name + */ + + if (server_name[0] != 0) { + for (i = 0; i < cred->ncerts; i++) { + if (cred->certs[i].names != NULL + && _gnutls_str_array_match(cred->certs[i]. + names, + server_name) != 0) { + /* if requested algorithms are also compatible select it */ + gnutls_pk_algorithm pk = + gnutls_pubkey_get_pk_algorithm(cred-> + certs + [i]. + cert_list + [0]. + pubkey, + NULL); + + _gnutls_handshake_log + ("HSK[%p]: Requested server name: '%s', ctype: %s (%d)", + session, server_name, + gnutls_certificate_type_get_name + (session->security_parameters. + cert_type), + session->security_parameters. + cert_type); + + if (session->security_parameters. + cert_type == + cred->certs[i].cert_list[0].type) { + for (j = 0; j < pk_algos_size; j++) + if (pk_algos[j] == pk) { + idx = i; + goto finished; + } + } + } + } + } + + for (j = 0; j < pk_algos_size; j++) { + _gnutls_handshake_log + ("HSK[%p]: Requested PK algorithm: %s (%d) -- ctype: %s (%d)\n", + session, gnutls_pk_get_name(pk_algos[j]), pk_algos[j], + gnutls_certificate_type_get_name(session-> + security_parameters.cert_type), + session->security_parameters.cert_type); + + for (i = 0; i < cred->ncerts; i++) { + gnutls_pk_algorithm pk = + gnutls_pubkey_get_pk_algorithm(cred->certs[i]. + cert_list[0]. + pubkey, + NULL); + /* find one compatible certificate + */ + _gnutls_handshake_log + ("HSK[%p]: certificate[%d] PK algorithm: %s (%d) - ctype: %s (%d)\n", + session, i, gnutls_pk_get_name(pk), pk, + gnutls_certificate_type_get_name(cred-> + certs[i]. + cert_list[0]. + type), + cred->certs[i].cert_list[0].type); + + if (pk_algos[j] == pk) { + /* if cert type matches + */ /* *INDENT-OFF* */ if (session->security_parameters.cert_type == cred->certs[i].cert_list[0].type) { @@ -2174,191 +2115,181 @@ _gnutls_server_select_cert (gnutls_session_t session, goto finished; } /* *INDENT-ON* */ - } - } - } - - /* store the certificate pointer for future use, in the handshake. - * (This will allow not calling this callback again.) - */ -finished: - if (idx >= 0) - { - _gnutls_selected_certs_set (session, - &cred->certs[idx].cert_list[0], - cred->certs[idx].cert_list_length, - cred->pkey[idx], 0); - } - else - { - gnutls_assert (); - /* Certificate does not support REQUESTED_ALGO. */ - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - return 0; + } + } + } + + /* store the certificate pointer for future use, in the handshake. + * (This will allow not calling this callback again.) + */ + finished: + if (idx >= 0) { + _gnutls_selected_certs_set(session, + &cred->certs[idx].cert_list[0], + cred->certs[idx]. + cert_list_length, + cred->pkey[idx], 0); + } else { + gnutls_assert(); + /* Certificate does not support REQUESTED_ALGO. */ + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + return 0; } /* Frees the rsa_info_st structure. */ -void -_gnutls_free_rsa_info (rsa_info_st * rsa) +void _gnutls_free_rsa_info(rsa_info_st * rsa) { - _gnutls_free_datum (&rsa->modulus); - _gnutls_free_datum (&rsa->exponent); + _gnutls_free_datum(&rsa->modulus); + _gnutls_free_datum(&rsa->exponent); } -int _gnutls_gen_dhe_signature(gnutls_session_t session, gnutls_buffer_st* data, - uint8_t* plain, unsigned plain_size) +int _gnutls_gen_dhe_signature(gnutls_session_t session, + gnutls_buffer_st * data, uint8_t * plain, + unsigned plain_size) { -gnutls_pcert_st *apr_cert_list; -gnutls_privkey_t apr_pkey; -int apr_cert_list_length; -gnutls_datum_t signature = { NULL, 0 }, ddata; -gnutls_sign_algorithm_t sign_algo; -const version_entry_st* ver = get_version (session); -int ret; - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - ddata.data = plain; - ddata.size = plain_size; - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - if (apr_cert_list_length > 0) - { - if ((ret = - _gnutls_handshake_sign_data (session, &apr_cert_list[0], - apr_pkey, &ddata, &signature, - &sign_algo)) < 0) - { - gnutls_assert (); - goto cleanup; - } - } - else - { - gnutls_assert (); - ret = 0; /* ANON-DH, do not put a signature - ILLEGAL! */ - goto cleanup; - } - - if (_gnutls_version_has_selectable_sighash (ver)) - { - const sign_algorithm_st *aid; - uint8_t p[2]; - - if (sign_algo == GNUTLS_SIGN_UNKNOWN) - { - ret = GNUTLS_E_UNKNOWN_ALGORITHM; - goto cleanup; - } - - aid = _gnutls_sign_to_tls_aid (sign_algo); - if (aid == NULL) - { - gnutls_assert(); - ret = GNUTLS_E_UNKNOWN_ALGORITHM; - goto cleanup; - } - - p[0] = aid->hash_algorithm; - p[1] = aid->sign_algorithm; - - ret = _gnutls_buffer_append_data(data, p, 2); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - } - - ret = _gnutls_buffer_append_data_prefix(data, 16, signature.data, signature.size); - if (ret < 0) - { - gnutls_assert(); - } - - ret = 0; - -cleanup: - _gnutls_free_datum (&signature); - return ret; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + gnutls_datum_t signature = { NULL, 0 }, ddata; + gnutls_sign_algorithm_t sign_algo; + const version_entry_st *ver = get_version(session); + int ret; + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + ddata.data = plain; + ddata.size = plain_size; + + /* find the appropriate certificate */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + if (apr_cert_list_length > 0) { + if ((ret = + _gnutls_handshake_sign_data(session, + &apr_cert_list[0], + apr_pkey, &ddata, + &signature, + &sign_algo)) < 0) { + gnutls_assert(); + goto cleanup; + } + } else { + gnutls_assert(); + ret = 0; /* ANON-DH, do not put a signature - ILLEGAL! */ + goto cleanup; + } + + if (_gnutls_version_has_selectable_sighash(ver)) { + const sign_algorithm_st *aid; + uint8_t p[2]; + + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + ret = GNUTLS_E_UNKNOWN_ALGORITHM; + goto cleanup; + } + + aid = _gnutls_sign_to_tls_aid(sign_algo); + if (aid == NULL) { + gnutls_assert(); + ret = GNUTLS_E_UNKNOWN_ALGORITHM; + goto cleanup; + } + + p[0] = aid->hash_algorithm; + p[1] = aid->sign_algorithm; + + ret = _gnutls_buffer_append_data(data, p, 2); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + } + + ret = + _gnutls_buffer_append_data_prefix(data, 16, signature.data, + signature.size); + if (ret < 0) { + gnutls_assert(); + } + + ret = 0; + + cleanup: + _gnutls_free_datum(&signature); + return ret; } int -_gnutls_proc_dhe_signature (gnutls_session_t session, uint8_t * data, - size_t _data_size, gnutls_datum_t* vparams) +_gnutls_proc_dhe_signature(gnutls_session_t session, uint8_t * data, + size_t _data_size, gnutls_datum_t * vparams) { - int sigsize; - gnutls_datum_t signature; - int ret; - cert_auth_info_t info = _gnutls_get_auth_info (session); - ssize_t data_size = _data_size; - gnutls_pcert_st peer_cert; - gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; - const version_entry_st* ver = get_version (session); - - if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) - { - gnutls_assert (); - /* we need this in order to get peer's certificate */ - return GNUTLS_E_INTERNAL_ERROR; - } - - /* VERIFY SIGNATURE */ - if (_gnutls_version_has_selectable_sighash (ver)) - { - sign_algorithm_st aid; - - DECR_LEN (data_size, 1); - aid.hash_algorithm = *data++; - DECR_LEN (data_size, 1); - aid.sign_algorithm = *data++; - sign_algo = _gnutls_tls_aid_to_sign (&aid); - if (sign_algo == GNUTLS_SIGN_UNKNOWN) - { - _gnutls_debug_log("unknown signature %d.%d\n", aid.sign_algorithm, aid.hash_algorithm); - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; - } - } - DECR_LEN (data_size, 2); - sigsize = _gnutls_read_uint16 (data); - data += 2; - - DECR_LEN (data_size, sigsize); - signature.data = data; - signature.size = sigsize; - - if ((ret = - _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = - _gnutls_handshake_verify_data (session, &peer_cert, vparams, &signature, - sign_algo); - - gnutls_pcert_deinit (&peer_cert); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + int sigsize; + gnutls_datum_t signature; + int ret; + cert_auth_info_t info = _gnutls_get_auth_info(session); + ssize_t data_size = _data_size; + gnutls_pcert_st peer_cert; + gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; + const version_entry_st *ver = get_version(session); + + if (unlikely(info == NULL || info->ncerts == 0 || ver == NULL)) { + gnutls_assert(); + /* we need this in order to get peer's certificate */ + return GNUTLS_E_INTERNAL_ERROR; + } + + /* VERIFY SIGNATURE */ + if (_gnutls_version_has_selectable_sighash(ver)) { + sign_algorithm_st aid; + + DECR_LEN(data_size, 1); + aid.hash_algorithm = *data++; + DECR_LEN(data_size, 1); + aid.sign_algorithm = *data++; + sign_algo = _gnutls_tls_aid_to_sign(&aid); + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + _gnutls_debug_log("unknown signature %d.%d\n", + aid.sign_algorithm, + aid.hash_algorithm); + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; + } + } + DECR_LEN(data_size, 2); + sigsize = _gnutls_read_uint16(data); + data += 2; + + DECR_LEN(data_size, sigsize); + signature.data = data; + signature.size = sigsize; + + if ((ret = + _gnutls_get_auth_info_pcert(&peer_cert, + session->security_parameters. + cert_type, info)) < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_handshake_verify_data(session, &peer_cert, vparams, + &signature, sign_algo); + + gnutls_pcert_deinit(&peer_cert); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } diff --git a/lib/auth/cert.h b/lib/auth/cert.h index 3bf59b1eb1..f6295e9576 100644 --- a/lib/auth/cert.h +++ b/lib/auth/cert.h @@ -31,142 +31,139 @@ #include <gnutls_str_array.h> typedef struct { - gnutls_pcert_st * cert_list; /* a certificate chain */ - unsigned int cert_list_length; /* its length */ - gnutls_str_array_t names; /* the names in the first certificate */ + gnutls_pcert_st *cert_list; /* a certificate chain */ + unsigned int cert_list_length; /* its length */ + gnutls_str_array_t names; /* the names in the first certificate */ } certs_st; /* This structure may be complex, but it's the only way to * support a server that has multiple certificates */ -typedef struct gnutls_certificate_credentials_st -{ - gnutls_dh_params_t dh_params; - /* this callback is used to retrieve the DH or RSA - * parameters. - */ - gnutls_params_function *params_func; - - certs_st *certs; - unsigned ncerts; /* the number of certs */ - - gnutls_privkey_t *pkey; - /* private keys. It contains ncerts private - * keys. pkey[i] corresponds to certificate in - * cert_list[i][0]. - */ +typedef struct gnutls_certificate_credentials_st { + gnutls_dh_params_t dh_params; + /* this callback is used to retrieve the DH or RSA + * parameters. + */ + gnutls_params_function *params_func; + + certs_st *certs; + unsigned ncerts; /* the number of certs */ + + gnutls_privkey_t *pkey; + /* private keys. It contains ncerts private + * keys. pkey[i] corresponds to certificate in + * cert_list[i][0]. + */ #ifdef ENABLE_OPENPGP - /* OpenPGP specific stuff */ - gnutls_openpgp_keyring_t keyring; + /* OpenPGP specific stuff */ + gnutls_openpgp_keyring_t keyring; #endif - /* X509 specific stuff */ - gnutls_x509_trust_list_t tlist; - unsigned int verify_flags; /* flags to be used at - * certificate verification. - */ - unsigned int verify_depth; - unsigned int verify_bits; - - /* holds a sequence of the - * RDNs of the CAs above. - * This is better than - * generating on every handshake. - */ - gnutls_datum_t x509_rdn_sequence; - - /* It's a mess here. However we need to keep the old 3 functions - * for compatibility */ - gnutls_certificate_retrieve_function *get_cert_callback; /* deprecated */ - gnutls_certificate_client_retrieve_function *client_get_cert_callback; /* deprecated */ - gnutls_certificate_server_retrieve_function *server_get_cert_callback; /* deprecated */ - gnutls_certificate_retrieve_function2 *get_cert_callback2; - - gnutls_certificate_verify_function *verify_callback; - - struct pin_info_st pin; - /* temporarily hold the PIN if set_key_file2() is used with a PIN */ - char pin_tmp[GNUTLS_PKCS11_MAX_PIN_LEN]; - - /* OCSP */ - gnutls_status_request_ocsp_func ocsp_func; - void *ocsp_func_ptr; - char *ocsp_response_file; + /* X509 specific stuff */ + gnutls_x509_trust_list_t tlist; + unsigned int verify_flags; /* flags to be used at + * certificate verification. + */ + unsigned int verify_depth; + unsigned int verify_bits; + + /* holds a sequence of the + * RDNs of the CAs above. + * This is better than + * generating on every handshake. + */ + gnutls_datum_t x509_rdn_sequence; + + /* It's a mess here. However we need to keep the old 3 functions + * for compatibility */ + gnutls_certificate_retrieve_function *get_cert_callback; /* deprecated */ + gnutls_certificate_client_retrieve_function *client_get_cert_callback; /* deprecated */ + gnutls_certificate_server_retrieve_function *server_get_cert_callback; /* deprecated */ + gnutls_certificate_retrieve_function2 *get_cert_callback2; + + gnutls_certificate_verify_function *verify_callback; + + struct pin_info_st pin; + /* temporarily hold the PIN if set_key_file2() is used with a PIN */ + char pin_tmp[GNUTLS_PKCS11_MAX_PIN_LEN]; + + /* OCSP */ + gnutls_status_request_ocsp_func ocsp_func; + void *ocsp_func_ptr; + char *ocsp_response_file; } certificate_credentials_st; -typedef struct rsa_info_st -{ - gnutls_datum_t modulus; - gnutls_datum_t exponent; +typedef struct rsa_info_st { + gnutls_datum_t modulus; + gnutls_datum_t exponent; } rsa_info_st; /* This is the information we keep for the peer * certificate. */ -typedef struct cert_auth_info_st -{ - /* These (dh/rsa) are just copies from the credentials_t structure. - * They must be freed. - */ - dh_info_st dh; - - gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the - * peer. - */ - unsigned int ncerts; /* holds the size of the list above */ - - gnutls_certificate_type_t cert_type; +typedef struct cert_auth_info_st { + /* These (dh/rsa) are just copies from the credentials_t structure. + * They must be freed. + */ + dh_info_st dh; + + gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the + * peer. + */ + unsigned int ncerts; /* holds the size of the list above */ + + gnutls_certificate_type_t cert_type; #ifdef ENABLE_OPENPGP - uint8_t subkey_id[GNUTLS_OPENPGP_KEYID_SIZE]; + uint8_t subkey_id[GNUTLS_OPENPGP_KEYID_SIZE]; #endif } *cert_auth_info_t; typedef struct cert_auth_info_st cert_auth_info_st; -void _gnutls_free_rsa_info (rsa_info_st * rsa); +void _gnutls_free_rsa_info(rsa_info_st * rsa); /* AUTH X509 functions */ -int _gnutls_gen_cert_server_crt (gnutls_session_t, gnutls_buffer_st *); -int _gnutls_gen_cert_client_crt (gnutls_session_t, gnutls_buffer_st *); -int _gnutls_gen_cert_client_crt_vrfy (gnutls_session_t, gnutls_buffer_st *); -int _gnutls_gen_cert_server_cert_req (gnutls_session_t, gnutls_buffer_st *); -int _gnutls_proc_cert_cert_req (gnutls_session_t, uint8_t *, size_t); -int _gnutls_proc_cert_client_crt_vrfy (gnutls_session_t, uint8_t *, size_t); -int _gnutls_proc_crt (gnutls_session_t, uint8_t *, size_t); -int _gnutls_get_selected_cert (gnutls_session_t session, - gnutls_pcert_st ** apr_cert_list, - int *apr_cert_list_length, - gnutls_privkey_t * apr_pkey); - -int _gnutls_server_select_cert (struct gnutls_session_int *, - gnutls_pk_algorithm_t*, size_t); -void _gnutls_selected_certs_deinit (gnutls_session_t session); -void _gnutls_selected_certs_set (gnutls_session_t session, - gnutls_pcert_st * certs, int ncerts, - gnutls_privkey_t key, int need_free); - -int _gnutls_get_auth_info_pcert (gnutls_pcert_st* gcert, - gnutls_certificate_type_t type, - cert_auth_info_t info); - -int certificate_credential_append_crt_list (gnutls_certificate_credentials_t - res, gnutls_str_array_t names, - gnutls_pcert_st* crt, int nr); -int certificate_credentials_append_pkey (gnutls_certificate_credentials_t res, - gnutls_privkey_t pkey); - -int _gnutls_selected_cert_supported_kx (struct gnutls_session_int *session, - gnutls_kx_algorithm_t * alg, - int *alg_size); - -int -_gnutls_check_key_cert_match (gnutls_certificate_credentials_t res); - -int _gnutls_gen_dhe_signature(gnutls_session_t session, gnutls_buffer_st* data, - uint8_t* plain, unsigned plain_size); -int -_gnutls_proc_dhe_signature (gnutls_session_t session, uint8_t * data, - size_t _data_size, gnutls_datum_t *vparams); +int _gnutls_gen_cert_server_crt(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_gen_cert_client_crt(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_gen_cert_client_crt_vrfy(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_gen_cert_server_cert_req(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_proc_cert_cert_req(gnutls_session_t, uint8_t *, size_t); +int _gnutls_proc_cert_client_crt_vrfy(gnutls_session_t, uint8_t *, size_t); +int _gnutls_proc_crt(gnutls_session_t, uint8_t *, size_t); +int _gnutls_get_selected_cert(gnutls_session_t session, + gnutls_pcert_st ** apr_cert_list, + int *apr_cert_list_length, + gnutls_privkey_t * apr_pkey); + +int _gnutls_server_select_cert(struct gnutls_session_int *, + gnutls_pk_algorithm_t *, size_t); +void _gnutls_selected_certs_deinit(gnutls_session_t session); +void _gnutls_selected_certs_set(gnutls_session_t session, + gnutls_pcert_st * certs, int ncerts, + gnutls_privkey_t key, int need_free); + +int _gnutls_get_auth_info_pcert(gnutls_pcert_st * gcert, + gnutls_certificate_type_t type, + cert_auth_info_t info); + +int certificate_credential_append_crt_list(gnutls_certificate_credentials_t + res, gnutls_str_array_t names, + gnutls_pcert_st * crt, int nr); +int certificate_credentials_append_pkey(gnutls_certificate_credentials_t + res, gnutls_privkey_t pkey); + +int _gnutls_selected_cert_supported_kx(struct gnutls_session_int *session, + gnutls_kx_algorithm_t * alg, + int *alg_size); + +int _gnutls_check_key_cert_match(gnutls_certificate_credentials_t res); + +int _gnutls_gen_dhe_signature(gnutls_session_t session, + gnutls_buffer_st * data, uint8_t * plain, + unsigned plain_size); +int _gnutls_proc_dhe_signature(gnutls_session_t session, uint8_t * data, + size_t _data_size, + gnutls_datum_t * vparams); #endif diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c index 0d7f088cb7..1efb4a2771 100644 --- a/lib/auth/dh_common.c +++ b/lib/auth/dh_common.c @@ -42,287 +42,282 @@ /* Frees the dh_info_st structure. */ -void -_gnutls_free_dh_info (dh_info_st * dh) +void _gnutls_free_dh_info(dh_info_st * dh) { - dh->secret_bits = 0; - _gnutls_free_datum (&dh->prime); - _gnutls_free_datum (&dh->generator); - _gnutls_free_datum (&dh->public_key); + dh->secret_bits = 0; + _gnutls_free_datum(&dh->prime); + _gnutls_free_datum(&dh->generator); + _gnutls_free_datum(&dh->public_key); } int -_gnutls_proc_dh_common_client_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size, - bigint_t g, bigint_t p, - gnutls_datum_t* psk_key) +_gnutls_proc_dh_common_client_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size, + bigint_t g, bigint_t p, + gnutls_datum_t * psk_key) { - uint16_t n_Y; - size_t _n_Y; - int ret; - ssize_t data_size = _data_size; + uint16_t n_Y; + size_t _n_Y; + int ret; + ssize_t data_size = _data_size; - DECR_LEN (data_size, 2); - n_Y = _gnutls_read_uint16 (&data[0]); - _n_Y = n_Y; + DECR_LEN(data_size, 2); + n_Y = _gnutls_read_uint16(&data[0]); + _n_Y = n_Y; - DECR_LEN (data_size, n_Y); - if (_gnutls_mpi_scan_nz (&session->key.client_Y, &data[2], _n_Y)) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } + DECR_LEN(data_size, n_Y); + if (_gnutls_mpi_scan_nz(&session->key.client_Y, &data[2], _n_Y)) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } - _gnutls_dh_set_peer_public (session, session->key.client_Y); + _gnutls_dh_set_peer_public(session, session->key.client_Y); - ret = - gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, session->key.dh_secret, p); - if (ret < 0) - return gnutls_assert_val(ret); + ret = + gnutls_calc_dh_key(&session->key.KEY, session->key.client_Y, + session->key.dh_secret, p); + if (ret < 0) + return gnutls_assert_val(ret); - _gnutls_mpi_release (&session->key.client_Y); - _gnutls_mpi_release (&session->key.dh_secret); + _gnutls_mpi_release(&session->key.client_Y); + _gnutls_mpi_release(&session->key.dh_secret); - if (psk_key == NULL) - { - ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); - } - else /* In DHE_PSK the key is set differently */ - { - gnutls_datum_t tmp_dh_key; - ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key); - if (ret < 0) - { - gnutls_assert (); - return ret; - } + if (psk_key == NULL) { + ret = + _gnutls_mpi_dprint(session->key.KEY, + &session->key.key); + } else { /* In DHE_PSK the key is set differently */ - ret = _gnutls_set_psk_session_key (session, psk_key, &tmp_dh_key); - _gnutls_free_datum (&tmp_dh_key); + gnutls_datum_t tmp_dh_key; + ret = _gnutls_mpi_dprint(session->key.KEY, &tmp_dh_key); + if (ret < 0) { + gnutls_assert(); + return ret; + } - } + ret = + _gnutls_set_psk_session_key(session, psk_key, + &tmp_dh_key); + _gnutls_free_datum(&tmp_dh_key); - _gnutls_mpi_release (&session->key.KEY); + } - if (ret < 0) - { - return ret; - } + _gnutls_mpi_release(&session->key.KEY); - return 0; + if (ret < 0) { + return ret; + } + + return 0; } -int _gnutls_gen_dh_common_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +int _gnutls_gen_dh_common_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - return _gnutls_gen_dh_common_client_kx_int(session, data, NULL); + return _gnutls_gen_dh_common_client_kx_int(session, data, NULL); } int -_gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* data, gnutls_datum_t* pskkey) +_gnutls_gen_dh_common_client_kx_int(gnutls_session_t session, + gnutls_buffer_st * data, + gnutls_datum_t * pskkey) { - bigint_t x = NULL, X = NULL; - int ret; - - ret = gnutls_calc_dh_secret (&X, &x, session->key.client_g, - session->key.client_p, 0); - if (ret < 0) - { - gnutls_assert (); - goto error; - } - - _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); - - ret = _gnutls_buffer_append_mpi( data, 16, X, 0); - if (ret < 0) - { - gnutls_assert(); - goto error; - } - - /* calculate the key after calculating the message */ - ret = - gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, x, session->key.client_p); - if (ret < 0) - { - gnutls_assert(); - goto error; - } - - /* THESE SHOULD BE DISCARDED */ - _gnutls_mpi_release (&session->key.client_Y); - _gnutls_mpi_release (&session->key.client_p); - _gnutls_mpi_release (&session->key.client_g); - - if (_gnutls_cipher_suite_get_kx_algo - (session->security_parameters.cipher_suite) - != GNUTLS_KX_DHE_PSK) - { - ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); - } - else /* In DHE_PSK the key is set differently */ - { - gnutls_datum_t tmp_dh_key; - - ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key); - if (ret < 0) - { - gnutls_assert (); - goto error; - } - - ret = _gnutls_set_psk_session_key (session, pskkey, &tmp_dh_key); - _gnutls_free_datum (&tmp_dh_key); - } - - _gnutls_mpi_release (&session->key.KEY); - - if (ret < 0) - { - gnutls_assert (); - goto error; - } - - ret = data->length; - -error: - _gnutls_mpi_release (&x); - _gnutls_mpi_release (&X); - return ret; + bigint_t x = NULL, X = NULL; + int ret; + + ret = gnutls_calc_dh_secret(&X, &x, session->key.client_g, + session->key.client_p, 0); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + _gnutls_dh_set_secret_bits(session, _gnutls_mpi_get_nbits(x)); + + ret = _gnutls_buffer_append_mpi(data, 16, X, 0); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + /* calculate the key after calculating the message */ + ret = + gnutls_calc_dh_key(&session->key.KEY, session->key.client_Y, x, + session->key.client_p); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + /* THESE SHOULD BE DISCARDED */ + _gnutls_mpi_release(&session->key.client_Y); + _gnutls_mpi_release(&session->key.client_p); + _gnutls_mpi_release(&session->key.client_g); + + if (_gnutls_cipher_suite_get_kx_algo + (session->security_parameters.cipher_suite) + != GNUTLS_KX_DHE_PSK) { + ret = + _gnutls_mpi_dprint(session->key.KEY, + &session->key.key); + } else { /* In DHE_PSK the key is set differently */ + + gnutls_datum_t tmp_dh_key; + + ret = _gnutls_mpi_dprint(session->key.KEY, &tmp_dh_key); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = + _gnutls_set_psk_session_key(session, pskkey, + &tmp_dh_key); + _gnutls_free_datum(&tmp_dh_key); + } + + _gnutls_mpi_release(&session->key.KEY); + + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = data->length; + + error: + _gnutls_mpi_release(&x); + _gnutls_mpi_release(&X); + return ret; } /* Returns the bytes parsed */ int -_gnutls_proc_dh_common_server_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size) +_gnutls_proc_dh_common_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size) { - uint16_t n_Y, n_g, n_p; - size_t _n_Y, _n_g, _n_p; - uint8_t *data_p; - uint8_t *data_g; - uint8_t *data_Y; - int i, bits, ret; - ssize_t data_size = _data_size; - - i = 0; - - DECR_LEN (data_size, 2); - n_p = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_p); - data_p = &data[i]; - i += n_p; - - DECR_LEN (data_size, 2); - n_g = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_g); - data_g = &data[i]; - i += n_g; - - DECR_LEN (data_size, 2); - n_Y = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_Y); - data_Y = &data[i]; - - _n_Y = n_Y; - _n_g = n_g; - _n_p = n_p; - - if (_gnutls_mpi_scan_nz (&session->key.client_Y, data_Y, _n_Y) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - if (_gnutls_mpi_scan_nz (&session->key.client_g, data_g, _n_g) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - if (_gnutls_mpi_scan_nz (&session->key.client_p, data_p, _n_p) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - bits = _gnutls_dh_get_min_prime_bits (session); - if (bits < 0) - { - gnutls_assert (); - return bits; - } - - if (_gnutls_mpi_get_nbits (session->key.client_p) < (size_t) bits) - { - /* the prime used by the peer is not acceptable - */ - gnutls_assert (); - _gnutls_debug_log("Received a prime of %u bits, limit is %u\n", (unsigned)_gnutls_mpi_get_nbits (session->key.client_p), - (unsigned)bits); - return GNUTLS_E_DH_PRIME_UNACCEPTABLE; - } - - _gnutls_dh_set_group (session, session->key.client_g, - session->key.client_p); - _gnutls_dh_set_peer_public (session, session->key.client_Y); - - ret = n_Y + n_p + n_g + 6; - - return ret; + uint16_t n_Y, n_g, n_p; + size_t _n_Y, _n_g, _n_p; + uint8_t *data_p; + uint8_t *data_g; + uint8_t *data_Y; + int i, bits, ret; + ssize_t data_size = _data_size; + + i = 0; + + DECR_LEN(data_size, 2); + n_p = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_p); + data_p = &data[i]; + i += n_p; + + DECR_LEN(data_size, 2); + n_g = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_g); + data_g = &data[i]; + i += n_g; + + DECR_LEN(data_size, 2); + n_Y = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_Y); + data_Y = &data[i]; + + _n_Y = n_Y; + _n_g = n_g; + _n_p = n_p; + + if (_gnutls_mpi_scan_nz(&session->key.client_Y, data_Y, _n_Y) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + if (_gnutls_mpi_scan_nz(&session->key.client_g, data_g, _n_g) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + if (_gnutls_mpi_scan_nz(&session->key.client_p, data_p, _n_p) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + bits = _gnutls_dh_get_min_prime_bits(session); + if (bits < 0) { + gnutls_assert(); + return bits; + } + + if (_gnutls_mpi_get_nbits(session->key.client_p) < (size_t) bits) { + /* the prime used by the peer is not acceptable + */ + gnutls_assert(); + _gnutls_debug_log + ("Received a prime of %u bits, limit is %u\n", + (unsigned) _gnutls_mpi_get_nbits(session->key. + client_p), + (unsigned) bits); + return GNUTLS_E_DH_PRIME_UNACCEPTABLE; + } + + _gnutls_dh_set_group(session, session->key.client_g, + session->key.client_p); + _gnutls_dh_set_peer_public(session, session->key.client_Y); + + ret = n_Y + n_p + n_g + 6; + + return ret; } int -_gnutls_dh_common_print_server_kx (gnutls_session_t session, - bigint_t g, bigint_t p, unsigned int q_bits, - gnutls_buffer_st* data) +_gnutls_dh_common_print_server_kx(gnutls_session_t session, + bigint_t g, bigint_t p, + unsigned int q_bits, + gnutls_buffer_st * data) { - bigint_t x, Y; - int ret; - - /* Y=g^x mod p */ - ret = gnutls_calc_dh_secret (&Y, &x, g, p, q_bits); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - session->key.dh_secret = x; - _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); - - ret = _gnutls_buffer_append_mpi(data, 16, p, 0); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = _gnutls_buffer_append_mpi(data, 16, g, 0); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = _gnutls_buffer_append_mpi(data, 16, Y, 0); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = data->length; -cleanup: - _gnutls_mpi_release (&Y); - - return ret; + bigint_t x, Y; + int ret; + + /* Y=g^x mod p */ + ret = gnutls_calc_dh_secret(&Y, &x, g, p, q_bits); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + session->key.dh_secret = x; + _gnutls_dh_set_secret_bits(session, _gnutls_mpi_get_nbits(x)); + + ret = _gnutls_buffer_append_mpi(data, 16, p, 0); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = _gnutls_buffer_append_mpi(data, 16, g, 0); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = _gnutls_buffer_append_mpi(data, 16, Y, 0); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = data->length; + cleanup: + _gnutls_mpi_release(&Y); + + return ret; } #endif diff --git a/lib/auth/dh_common.h b/lib/auth/dh_common.h index 8ab25a70a4..8bfaaaecff 100644 --- a/lib/auth/dh_common.h +++ b/lib/auth/dh_common.h @@ -25,26 +25,27 @@ #include <gnutls_auth.h> -typedef struct -{ - int secret_bits; +typedef struct { + int secret_bits; - gnutls_datum_t prime; - gnutls_datum_t generator; - gnutls_datum_t public_key; + gnutls_datum_t prime; + gnutls_datum_t generator; + gnutls_datum_t public_key; } dh_info_st; -void _gnutls_free_dh_info (dh_info_st * dh); -int _gnutls_gen_dh_common_client_kx_int (gnutls_session_t, gnutls_buffer_st*, gnutls_datum_t *pskkey); -int _gnutls_gen_dh_common_client_kx (gnutls_session_t, gnutls_buffer_st*); -int _gnutls_proc_dh_common_client_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size, - bigint_t p, bigint_t g, - gnutls_datum_t* psk_key); -int _gnutls_dh_common_print_server_kx (gnutls_session_t, bigint_t g, - bigint_t p, unsigned int q_bits, - gnutls_buffer_st* data); -int _gnutls_proc_dh_common_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); +void _gnutls_free_dh_info(dh_info_st * dh); +int _gnutls_gen_dh_common_client_kx_int(gnutls_session_t, + gnutls_buffer_st *, + gnutls_datum_t * pskkey); +int _gnutls_gen_dh_common_client_kx(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_proc_dh_common_client_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size, + bigint_t p, bigint_t g, + gnutls_datum_t * psk_key); +int _gnutls_dh_common_print_server_kx(gnutls_session_t, bigint_t g, + bigint_t p, unsigned int q_bits, + gnutls_buffer_st * data); +int _gnutls_proc_dh_common_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size); #endif diff --git a/lib/auth/dhe.c b/lib/auth/dhe.c index 24732d6f92..546194cdca 100644 --- a/lib/auth/dhe.c +++ b/lib/auth/dhe.c @@ -39,142 +39,145 @@ #include <auth/dh_common.h> #include <auth/ecdhe.h> -static int gen_dhe_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_dhe_server_kx (gnutls_session_t, uint8_t *, size_t); -static int proc_dhe_client_kx (gnutls_session_t, uint8_t *, size_t); +static int gen_dhe_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_dhe_server_kx(gnutls_session_t, uint8_t *, size_t); +static int proc_dhe_client_kx(gnutls_session_t, uint8_t *, size_t); #ifdef ENABLE_DHE const mod_auth_st dhe_rsa_auth_struct = { - "DHE_RSA", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - gen_dhe_server_kx, - _gnutls_gen_dh_common_client_kx, - _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ - _gnutls_gen_cert_server_cert_req, /* server cert request */ - - _gnutls_proc_crt, - _gnutls_proc_crt, - proc_dhe_server_kx, - proc_dhe_client_kx, - _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ - _gnutls_proc_cert_cert_req /* proc server cert request */ + "DHE_RSA", + _gnutls_gen_cert_server_crt, + _gnutls_gen_cert_client_crt, + gen_dhe_server_kx, + _gnutls_gen_dh_common_client_kx, + _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ + _gnutls_gen_cert_server_cert_req, /* server cert request */ + + _gnutls_proc_crt, + _gnutls_proc_crt, + proc_dhe_server_kx, + proc_dhe_client_kx, + _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ + _gnutls_proc_cert_cert_req /* proc server cert request */ }; const mod_auth_st dhe_dss_auth_struct = { - "DHE_DSS", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - gen_dhe_server_kx, - _gnutls_gen_dh_common_client_kx, - _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ - _gnutls_gen_cert_server_cert_req, /* server cert request */ - - _gnutls_proc_crt, - _gnutls_proc_crt, - proc_dhe_server_kx, - proc_dhe_client_kx, - _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ - _gnutls_proc_cert_cert_req /* proc server cert request */ + "DHE_DSS", + _gnutls_gen_cert_server_crt, + _gnutls_gen_cert_client_crt, + gen_dhe_server_kx, + _gnutls_gen_dh_common_client_kx, + _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ + _gnutls_gen_cert_server_cert_req, /* server cert request */ + + _gnutls_proc_crt, + _gnutls_proc_crt, + proc_dhe_server_kx, + proc_dhe_client_kx, + _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ + _gnutls_proc_cert_cert_req /* proc server cert request */ }; #endif static int -gen_dhe_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_dhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - bigint_t g, p; - const bigint_t *mpis; - int ret = 0; - gnutls_certificate_credentials_t cred; - gnutls_dh_params_t dh_params; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - - if ((ret = _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 0)) < 0) - { - gnutls_assert (); - return ret; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; - } - - p = mpis[0]; - g = mpis[1]; - - _gnutls_dh_set_group (session, g, p); - - ret = _gnutls_dh_common_print_server_kx (session, g, p, dh_params->q_bits, data); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - /* Generate the signature. */ - return _gnutls_gen_dhe_signature(session, data, data->data, data->length); + bigint_t g, p; + const bigint_t *mpis; + int ret = 0; + gnutls_certificate_credentials_t cred; + gnutls_dh_params_t dh_params; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + + if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, + sizeof(cert_auth_info_st), + 0)) < 0) { + gnutls_assert(); + return ret; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) { + gnutls_assert(); + return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; + } + + p = mpis[0]; + g = mpis[1]; + + _gnutls_dh_set_group(session, g, p); + + ret = + _gnutls_dh_common_print_server_kx(session, g, p, + dh_params->q_bits, data); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + /* Generate the signature. */ + return _gnutls_gen_dhe_signature(session, data, data->data, + data->length); } static int -proc_dhe_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_dhe_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { -gnutls_datum_t vdata; -int ret; + gnutls_datum_t vdata; + int ret; - ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size); - if (ret < 0) - return gnutls_assert_val(ret); + ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size); + if (ret < 0) + return gnutls_assert_val(ret); - vdata.data = data; - vdata.size = ret; + vdata.data = data; + vdata.size = ret; - return _gnutls_proc_dhe_signature(session, data+ret, _data_size-ret, &vdata); + return _gnutls_proc_dhe_signature(session, data + ret, + _data_size - ret, &vdata); } static int -proc_dhe_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_dhe_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - gnutls_certificate_credentials_t cred; - bigint_t p, g; - const bigint_t *mpis; - gnutls_dh_params_t dh_params; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS); - - p = mpis[0]; - g = mpis[1]; - - return _gnutls_proc_dh_common_client_kx (session, data, _data_size, g, p, NULL); + gnutls_certificate_credentials_t cred; + bigint_t p, g; + const bigint_t *mpis; + gnutls_dh_params_t dh_params; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) + return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS); + + p = mpis[0]; + g = mpis[1]; + + return _gnutls_proc_dh_common_client_kx(session, data, _data_size, + g, p, NULL); } diff --git a/lib/auth/dhe_psk.c b/lib/auth/dhe_psk.c index a51aaa1305..08dc3ef8cc 100644 --- a/lib/auth/dhe_psk.c +++ b/lib/auth/dhe_psk.c @@ -44,424 +44,418 @@ #include <auth/psk_passwd.h> static int -proc_ecdhe_psk_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); -static int gen_dhe_psk_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int gen_dhe_psk_client_kx (gnutls_session_t, gnutls_buffer_st*); -static int gen_ecdhe_psk_client_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_ecdhe_psk_client_kx (gnutls_session_t, uint8_t *, size_t); -static int proc_dhe_psk_server_kx (gnutls_session_t, uint8_t *, size_t); -static int gen_ecdhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data); -static int proc_dhe_psk_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); +proc_ecdhe_psk_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size); +static int gen_dhe_psk_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int gen_dhe_psk_client_kx(gnutls_session_t, gnutls_buffer_st *); +static int gen_ecdhe_psk_client_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_ecdhe_psk_client_kx(gnutls_session_t, uint8_t *, size_t); +static int proc_dhe_psk_server_kx(gnutls_session_t, uint8_t *, size_t); +static int gen_ecdhe_psk_server_kx(gnutls_session_t session, + gnutls_buffer_st * data); +static int proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size); #ifdef ENABLE_DHE const mod_auth_st dhe_psk_auth_struct = { - "DHE PSK", - NULL, - NULL, - gen_dhe_psk_server_kx, - gen_dhe_psk_client_kx, - NULL, - NULL, - - NULL, - NULL, /* certificate */ - proc_dhe_psk_server_kx, - proc_dhe_psk_client_kx, - NULL, - NULL + "DHE PSK", + NULL, + NULL, + gen_dhe_psk_server_kx, + gen_dhe_psk_client_kx, + NULL, + NULL, + + NULL, + NULL, /* certificate */ + proc_dhe_psk_server_kx, + proc_dhe_psk_client_kx, + NULL, + NULL }; #endif #ifdef ENABLE_ECDHE const mod_auth_st ecdhe_psk_auth_struct = { - "ECDHE PSK", - NULL, - NULL, - gen_ecdhe_psk_server_kx, - gen_ecdhe_psk_client_kx, - NULL, - NULL, - - NULL, - NULL, /* certificate */ - proc_ecdhe_psk_server_kx, - proc_ecdhe_psk_client_kx, - NULL, - NULL + "ECDHE PSK", + NULL, + NULL, + gen_ecdhe_psk_server_kx, + gen_ecdhe_psk_client_kx, + NULL, + NULL, + + NULL, + NULL, /* certificate */ + proc_ecdhe_psk_server_kx, + proc_ecdhe_psk_client_kx, + NULL, + NULL }; #endif static int -gen_ecdhe_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_ecdhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data) { - int ret, free; - gnutls_psk_client_credentials_t cred; - gnutls_datum_t username, key; - - cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); - - ret = _gnutls_find_psk_key( session, cred, &username, &key, &free); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_data_prefix(data, 16, username.data, username.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - /* The PSK key is set in there */ - ret = _gnutls_gen_ecdh_common_client_kx_int (session, data, &key); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = data->length; - -cleanup: - if (free) - { - _gnutls_free_datum(&username); - _gnutls_free_datum(&key); - } - - return ret; + int ret, free; + gnutls_psk_client_credentials_t cred; + gnutls_datum_t username, key; + + cred = (gnutls_psk_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) + return + gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); + + ret = _gnutls_find_psk_key(session, cred, &username, &key, &free); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 16, username.data, + username.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* The PSK key is set in there */ + ret = _gnutls_gen_ecdh_common_client_kx_int(session, data, &key); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = data->length; + + cleanup: + if (free) { + _gnutls_free_datum(&username); + _gnutls_free_datum(&key); + } + + return ret; } static int -gen_dhe_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_dhe_psk_client_kx(gnutls_session_t session, gnutls_buffer_st * data) { - int ret, free; - gnutls_psk_client_credentials_t cred; - gnutls_datum_t username, key; - - cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); - - ret = _gnutls_find_psk_key( session, cred, &username, &key, &free); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_data_prefix(data, 16, username.data, username.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - /* The PSK key is set in there */ - ret = _gnutls_gen_dh_common_client_kx_int (session, data, &key); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = data->length; - -cleanup: - if (free) - { - _gnutls_free_datum(&username); - _gnutls_free_datum(&key); - } - - return ret; + int ret, free; + gnutls_psk_client_credentials_t cred; + gnutls_datum_t username, key; + + cred = (gnutls_psk_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) + return + gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); + + ret = _gnutls_find_psk_key(session, cred, &username, &key, &free); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 16, username.data, + username.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* The PSK key is set in there */ + ret = _gnutls_gen_dh_common_client_kx_int(session, data, &key); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = data->length; + + cleanup: + if (free) { + _gnutls_free_datum(&username); + _gnutls_free_datum(&key); + } + + return ret; } static int -gen_dhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_dhe_psk_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - bigint_t g, p; - const bigint_t *mpis; - int ret; - gnutls_dh_params_t dh_params; - gnutls_psk_server_credentials_t cred; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; - } - - p = mpis[0]; - g = mpis[1]; - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - _gnutls_dh_set_group (session, g, p); - - ret = _gnutls_buffer_append_prefix(data, 16, 0); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_dh_common_print_server_kx (session, g, p, dh_params->q_bits, data); - if (ret < 0) - gnutls_assert (); - - return ret; + bigint_t g, p; + const bigint_t *mpis; + int ret; + gnutls_dh_params_t dh_params; + gnutls_psk_server_credentials_t cred; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) { + gnutls_assert(); + return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; + } + + p = mpis[0]; + g = mpis[1]; + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + _gnutls_dh_set_group(session, g, p); + + ret = _gnutls_buffer_append_prefix(data, 16, 0); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_dh_common_print_server_kx(session, g, p, + dh_params->q_bits, data); + if (ret < 0) + gnutls_assert(); + + return ret; } static int -gen_ecdhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_ecdhe_psk_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - int ret; - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_buffer_append_prefix(data, 16, 0); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_ecdh_common_print_server_kx (session, data, - _gnutls_session_ecc_curve_get(session)); - if (ret < 0) - gnutls_assert (); - - return ret; + int ret; + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_buffer_append_prefix(data, 16, 0); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_ecdh_common_print_server_kx(session, data, + _gnutls_session_ecc_curve_get + (session)); + if (ret < 0) + gnutls_assert(); + + return ret; } static int -proc_dhe_psk_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_dhe_psk_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret; - bigint_t p, g; - gnutls_dh_params_t dh_params; - const bigint_t *mpis; - gnutls_datum_t psk_key; - gnutls_psk_server_credentials_t cred; - psk_auth_info_t info; - gnutls_datum_t username; - ssize_t data_size = _data_size; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - dh_params = - _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); - mpis = _gnutls_dh_params_to_mpi (dh_params); - if (mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; - } - - p = mpis[0]; - g = mpis[1]; - - DECR_LEN (data_size, 2); - username.size = _gnutls_read_uint16 (&data[0]); - - DECR_LEN (data_size, username.size); - - username.data = &data[2]; - - /* copy the username to the auth info structures - */ - info = _gnutls_get_auth_info (session); - - if (username.size > MAX_USERNAME_SIZE) - { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; - } - - memcpy (info->username, username.data, username.size); - info->username[username.size] = 0; - - /* Adjust the data */ - data += username.size + 2; - - ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_proc_dh_common_client_kx (session, data, data_size, - g, p, &psk_key); - - _gnutls_free_datum(&psk_key); - - return ret; + int ret; + bigint_t p, g; + gnutls_dh_params_t dh_params; + const bigint_t *mpis; + gnutls_datum_t psk_key; + gnutls_psk_server_credentials_t cred; + psk_auth_info_t info; + gnutls_datum_t username; + ssize_t data_size = _data_size; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + dh_params = + _gnutls_get_dh_params(cred->dh_params, cred->params_func, + session); + mpis = _gnutls_dh_params_to_mpi(dh_params); + if (mpis == NULL) { + gnutls_assert(); + return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; + } + + p = mpis[0]; + g = mpis[1]; + + DECR_LEN(data_size, 2); + username.size = _gnutls_read_uint16(&data[0]); + + DECR_LEN(data_size, username.size); + + username.data = &data[2]; + + /* copy the username to the auth info structures + */ + info = _gnutls_get_auth_info(session); + + if (username.size > MAX_USERNAME_SIZE) { + gnutls_assert(); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; + } + + memcpy(info->username, username.data, username.size); + info->username[username.size] = 0; + + /* Adjust the data */ + data += username.size + 2; + + ret = + _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_proc_dh_common_client_kx(session, data, data_size, + g, p, &psk_key); + + _gnutls_free_datum(&psk_key); + + return ret; } static int -proc_ecdhe_psk_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_ecdhe_psk_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret; - gnutls_psk_server_credentials_t cred; - gnutls_datum_t psk_key; - psk_auth_info_t info; - gnutls_datum_t username; - ssize_t data_size = _data_size; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - DECR_LEN (data_size, 2); - username.size = _gnutls_read_uint16 (&data[0]); - - DECR_LEN (data_size, username.size); - - username.data = &data[2]; - - /* copy the username to the auth info structures - */ - info = _gnutls_get_auth_info (session); - - if (username.size > MAX_USERNAME_SIZE) - { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; - } - - memcpy (info->username, username.data, username.size); - info->username[username.size] = 0; - - /* Adjust the data */ - data += username.size + 2; - - /* should never fail. It will always return a key even if it is - * a random one */ - ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_proc_ecdh_common_client_kx(session, data, data_size, - _gnutls_session_ecc_curve_get(session), &psk_key); - - _gnutls_free_datum(&psk_key); - - return ret; + int ret; + gnutls_psk_server_credentials_t cred; + gnutls_datum_t psk_key; + psk_auth_info_t info; + gnutls_datum_t username; + ssize_t data_size = _data_size; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + DECR_LEN(data_size, 2); + username.size = _gnutls_read_uint16(&data[0]); + + DECR_LEN(data_size, username.size); + + username.data = &data[2]; + + /* copy the username to the auth info structures + */ + info = _gnutls_get_auth_info(session); + + if (username.size > MAX_USERNAME_SIZE) { + gnutls_assert(); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; + } + + memcpy(info->username, username.data, username.size); + info->username[username.size] = 0; + + /* Adjust the data */ + data += username.size + 2; + + /* should never fail. It will always return a key even if it is + * a random one */ + ret = + _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_proc_ecdh_common_client_kx(session, data, data_size, + _gnutls_session_ecc_curve_get + (session), &psk_key); + + _gnutls_free_datum(&psk_key); + + return ret; } static int -proc_dhe_psk_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_dhe_psk_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret, psk_size; - ssize_t data_size = _data_size; - - /* set auth_info */ - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - DECR_LEN (data_size, 2); - psk_size = _gnutls_read_uint16 (data); - DECR_LEN (data_size, psk_size); - data += 2 + psk_size; - - ret = _gnutls_proc_dh_common_server_kx (session, data, data_size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + int ret, psk_size; + ssize_t data_size = _data_size; + + /* set auth_info */ + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + DECR_LEN(data_size, 2); + psk_size = _gnutls_read_uint16(data); + DECR_LEN(data_size, psk_size); + data += 2 + psk_size; + + ret = _gnutls_proc_dh_common_server_kx(session, data, data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } static int -proc_ecdhe_psk_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_ecdhe_psk_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - int ret, psk_size; - ssize_t data_size = _data_size; - - /* set auth_info */ - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - DECR_LEN (data_size, 2); - psk_size = _gnutls_read_uint16 (data); - DECR_LEN (data_size, psk_size); - data += 2 + psk_size; - - ret = _gnutls_proc_ecdh_common_server_kx (session, data, data_size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + int ret, psk_size; + ssize_t data_size = _data_size; + + /* set auth_info */ + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + DECR_LEN(data_size, 2); + psk_size = _gnutls_read_uint16(data); + DECR_LEN(data_size, psk_size); + data += 2 + psk_size; + + ret = _gnutls_proc_ecdh_common_server_kx(session, data, data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } -#endif /* ENABLE_PSK */ +#endif /* ENABLE_PSK */ diff --git a/lib/auth/ecdhe.c b/lib/auth/ecdhe.c index 060c683233..8e8abbe498 100644 --- a/lib/auth/ecdhe.c +++ b/lib/auth/ecdhe.c @@ -42,308 +42,341 @@ #include <auth/cert.h> #include <gnutls_pk.h> -static int gen_ecdhe_server_kx (gnutls_session_t, gnutls_buffer_st*); +static int gen_ecdhe_server_kx(gnutls_session_t, gnutls_buffer_st *); static int -proc_ecdhe_server_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size); +proc_ecdhe_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size); static int -proc_ecdhe_client_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size); +proc_ecdhe_client_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size); #if defined(ENABLE_ECDHE) const mod_auth_st ecdhe_ecdsa_auth_struct = { - "ECDHE_ECDSA", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - gen_ecdhe_server_kx, - _gnutls_gen_ecdh_common_client_kx, /* This is the only difference */ - _gnutls_gen_cert_client_crt_vrfy, - _gnutls_gen_cert_server_cert_req, - - _gnutls_proc_crt, - _gnutls_proc_crt, - proc_ecdhe_server_kx, - proc_ecdhe_client_kx, - _gnutls_proc_cert_client_crt_vrfy, - _gnutls_proc_cert_cert_req + "ECDHE_ECDSA", + _gnutls_gen_cert_server_crt, + _gnutls_gen_cert_client_crt, + gen_ecdhe_server_kx, + _gnutls_gen_ecdh_common_client_kx, /* This is the only difference */ + _gnutls_gen_cert_client_crt_vrfy, + _gnutls_gen_cert_server_cert_req, + + _gnutls_proc_crt, + _gnutls_proc_crt, + proc_ecdhe_server_kx, + proc_ecdhe_client_kx, + _gnutls_proc_cert_client_crt_vrfy, + _gnutls_proc_cert_cert_req }; const mod_auth_st ecdhe_rsa_auth_struct = { - "ECDHE_RSA", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - gen_ecdhe_server_kx, - _gnutls_gen_ecdh_common_client_kx, /* This is the only difference */ - _gnutls_gen_cert_client_crt_vrfy, - _gnutls_gen_cert_server_cert_req, - - _gnutls_proc_crt, - _gnutls_proc_crt, - proc_ecdhe_server_kx, - proc_ecdhe_client_kx, - _gnutls_proc_cert_client_crt_vrfy, - _gnutls_proc_cert_cert_req + "ECDHE_RSA", + _gnutls_gen_cert_server_crt, + _gnutls_gen_cert_client_crt, + gen_ecdhe_server_kx, + _gnutls_gen_ecdh_common_client_kx, /* This is the only difference */ + _gnutls_gen_cert_client_crt_vrfy, + _gnutls_gen_cert_server_cert_req, + + _gnutls_proc_crt, + _gnutls_proc_crt, + proc_ecdhe_server_kx, + proc_ecdhe_client_kx, + _gnutls_proc_cert_client_crt_vrfy, + _gnutls_proc_cert_cert_req }; -static int calc_ecdh_key( gnutls_session_t session, gnutls_datum_t * psk_key, - gnutls_ecc_curve_t curve) +static int calc_ecdh_key(gnutls_session_t session, + gnutls_datum_t * psk_key, + gnutls_ecc_curve_t curve) { -gnutls_pk_params_st pub; -int ret; - - memset(&pub,0,sizeof(pub)); - pub.params[ECC_X] = session->key.ecdh_x; - pub.params[ECC_Y] = session->key.ecdh_y; - pub.flags = curve; - - if (psk_key == NULL) - ret = _gnutls_pk_derive(GNUTLS_PK_EC, &session->key.key, &session->key.ecdh_params, &pub); - else - { - gnutls_datum_t tmp_dh_key; - - ret = _gnutls_pk_derive(GNUTLS_PK_EC, &tmp_dh_key, &session->key.ecdh_params, &pub); - if (ret < 0) - { - ret = gnutls_assert_val(ret); - goto cleanup; - } - - ret = _gnutls_set_psk_session_key (session, psk_key, &tmp_dh_key); - _gnutls_free_datum (&tmp_dh_key); - } - - if (ret < 0) - { - ret = gnutls_assert_val(ret); - goto cleanup; - } - - ret = 0; - -cleanup: - /* no longer needed */ - _gnutls_mpi_release (&session->key.ecdh_x); - _gnutls_mpi_release (&session->key.ecdh_y); - gnutls_pk_params_release( &session->key.ecdh_params); - return ret; + gnutls_pk_params_st pub; + int ret; + + memset(&pub, 0, sizeof(pub)); + pub.params[ECC_X] = session->key.ecdh_x; + pub.params[ECC_Y] = session->key.ecdh_y; + pub.flags = curve; + + if (psk_key == NULL) + ret = + _gnutls_pk_derive(GNUTLS_PK_EC, &session->key.key, + &session->key.ecdh_params, &pub); + else { + gnutls_datum_t tmp_dh_key; + + ret = + _gnutls_pk_derive(GNUTLS_PK_EC, &tmp_dh_key, + &session->key.ecdh_params, &pub); + if (ret < 0) { + ret = gnutls_assert_val(ret); + goto cleanup; + } + + ret = + _gnutls_set_psk_session_key(session, psk_key, + &tmp_dh_key); + _gnutls_free_datum(&tmp_dh_key); + } + + if (ret < 0) { + ret = gnutls_assert_val(ret); + goto cleanup; + } + + ret = 0; + + cleanup: + /* no longer needed */ + _gnutls_mpi_release(&session->key.ecdh_x); + _gnutls_mpi_release(&session->key.ecdh_y); + gnutls_pk_params_release(&session->key.ecdh_params); + return ret; } int _gnutls_proc_ecdh_common_client_kx(gnutls_session_t session, - uint8_t * data, size_t _data_size, - gnutls_ecc_curve_t curve, - gnutls_datum_t* psk_key) + uint8_t * data, size_t _data_size, + gnutls_ecc_curve_t curve, + gnutls_datum_t * psk_key) { - ssize_t data_size = _data_size; - int ret, i = 0; - int point_size; - - if (curve == GNUTLS_ECC_CURVE_INVALID) - return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); - - DECR_LEN (data_size, 1); - point_size = data[i]; - i+=1; - - DECR_LEN (data_size, point_size); - ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key.ecdh_x, &session->key.ecdh_y); - if (ret < 0) - return gnutls_assert_val(ret); - - /* generate pre-shared key */ - ret = calc_ecdh_key(session, psk_key, curve); - if (ret < 0) - return gnutls_assert_val(ret); - - return 0; + ssize_t data_size = _data_size; + int ret, i = 0; + int point_size; + + if (curve == GNUTLS_ECC_CURVE_INVALID) + return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); + + DECR_LEN(data_size, 1); + point_size = data[i]; + i += 1; + + DECR_LEN(data_size, point_size); + ret = + _gnutls_ecc_ansi_x963_import(&data[i], point_size, + &session->key.ecdh_x, + &session->key.ecdh_y); + if (ret < 0) + return gnutls_assert_val(ret); + + /* generate pre-shared key */ + ret = calc_ecdh_key(session, psk_key, curve); + if (ret < 0) + return gnutls_assert_val(ret); + + return 0; } static int -proc_ecdhe_client_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size) +proc_ecdhe_client_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size) { - gnutls_certificate_credentials_t cred; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - return _gnutls_proc_ecdh_common_client_kx(session, data, _data_size, - _gnutls_session_ecc_curve_get(session), NULL); + gnutls_certificate_credentials_t cred; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + return _gnutls_proc_ecdh_common_client_kx(session, data, + _data_size, + _gnutls_session_ecc_curve_get + (session), NULL); } int -_gnutls_gen_ecdh_common_client_kx (gnutls_session_t session, - gnutls_buffer_st* data) +_gnutls_gen_ecdh_common_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - return _gnutls_gen_ecdh_common_client_kx_int(session, data, NULL); + return _gnutls_gen_ecdh_common_client_kx_int(session, data, NULL); } int -_gnutls_gen_ecdh_common_client_kx_int (gnutls_session_t session, - gnutls_buffer_st* data, - gnutls_datum_t * psk_key) +_gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session, + gnutls_buffer_st * data, + gnutls_datum_t * psk_key) { - int ret; - gnutls_datum_t out; - int curve = _gnutls_session_ecc_curve_get(session); - - /* generate temporal key */ - ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key.ecdh_params); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_ecc_ansi_x963_export(curve, session->key.ecdh_params.params[ECC_X] /* x */, - session->key.ecdh_params.params[ECC_Y] /* y */, &out); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size); - - _gnutls_free_datum(&out); - - if (ret < 0) - return gnutls_assert_val(ret); - - /* generate pre-shared key */ - ret = calc_ecdh_key(session, psk_key, curve); - if (ret < 0) - return gnutls_assert_val(ret); - - return data->length; + int ret; + gnutls_datum_t out; + int curve = _gnutls_session_ecc_curve_get(session); + + /* generate temporal key */ + ret = + _gnutls_pk_generate(GNUTLS_PK_EC, curve, + &session->key.ecdh_params); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_ecc_ansi_x963_export(curve, + session->key.ecdh_params. + params[ECC_X] /* x */ , + session->key.ecdh_params. + params[ECC_Y] /* y */ , &out); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size); + + _gnutls_free_datum(&out); + + if (ret < 0) + return gnutls_assert_val(ret); + + /* generate pre-shared key */ + ret = calc_ecdh_key(session, psk_key, curve); + if (ret < 0) + return gnutls_assert_val(ret); + + return data->length; } static int -proc_ecdhe_server_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size) +proc_ecdhe_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size) { -int ret; -gnutls_datum_t vparams; + int ret; + gnutls_datum_t vparams; - ret = _gnutls_proc_ecdh_common_server_kx(session, data, _data_size); - if (ret < 0) - return gnutls_assert_val(ret); + ret = + _gnutls_proc_ecdh_common_server_kx(session, data, _data_size); + if (ret < 0) + return gnutls_assert_val(ret); - vparams.data = data; - vparams.size = ret; + vparams.data = data; + vparams.size = ret; - return _gnutls_proc_dhe_signature(session, data+ret, _data_size-ret, &vparams); + return _gnutls_proc_dhe_signature(session, data + ret, + _data_size - ret, &vparams); } int -_gnutls_proc_ecdh_common_server_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size) +_gnutls_proc_ecdh_common_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size) { - int i, ret, point_size; - gnutls_ecc_curve_t curve; - ssize_t data_size = _data_size; + int i, ret, point_size; + gnutls_ecc_curve_t curve; + ssize_t data_size = _data_size; - i = 0; - DECR_LEN (data_size, 1); - if (data[i++] != 3) - return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); - - DECR_LEN (data_size, 2); - curve = _gnutls_tls_id_to_ecc_curve(_gnutls_read_uint16 (&data[i])); - i += 2; + i = 0; + DECR_LEN(data_size, 1); + if (data[i++] != 3) + return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); - ret = _gnutls_session_supports_ecc_curve(session, curve); - if (ret < 0) - return gnutls_assert_val(ret); + DECR_LEN(data_size, 2); + curve = _gnutls_tls_id_to_ecc_curve(_gnutls_read_uint16(&data[i])); + i += 2; - _gnutls_session_ecc_curve_set(session, curve); + ret = _gnutls_session_supports_ecc_curve(session, curve); + if (ret < 0) + return gnutls_assert_val(ret); - DECR_LEN (data_size, 1); - point_size = data[i]; - i++; + _gnutls_session_ecc_curve_set(session, curve); - DECR_LEN (data_size, point_size); - ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key.ecdh_x, &session->key.ecdh_y); - if (ret < 0) - return gnutls_assert_val(ret); + DECR_LEN(data_size, 1); + point_size = data[i]; + i++; - i+=point_size; + DECR_LEN(data_size, point_size); + ret = + _gnutls_ecc_ansi_x963_import(&data[i], point_size, + &session->key.ecdh_x, + &session->key.ecdh_y); + if (ret < 0) + return gnutls_assert_val(ret); - return i; + i += point_size; + + return i; } /* If the psk flag is set, then an empty psk_identity_hint will * be inserted */ -int _gnutls_ecdh_common_print_server_kx (gnutls_session_t session, gnutls_buffer_st* data, - gnutls_ecc_curve_t curve) +int _gnutls_ecdh_common_print_server_kx(gnutls_session_t session, + gnutls_buffer_st * data, + gnutls_ecc_curve_t curve) { - uint8_t p; - int ret; - gnutls_datum_t out; - - if (curve == GNUTLS_ECC_CURVE_INVALID) - return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); - - /* curve type */ - p = 3; - - ret = _gnutls_buffer_append_data(data, &p, 1); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_prefix(data, 16, _gnutls_ecc_curve_get_tls_id(curve)); - if (ret < 0) - return gnutls_assert_val(ret); - - /* generate temporal key */ - ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key.ecdh_params); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_ecc_ansi_x963_export(curve, session->key.ecdh_params.params[ECC_X] /* x */, - session->key.ecdh_params.params[ECC_Y] /* y */, &out); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size); - - _gnutls_free_datum(&out); - - if (ret < 0) - return gnutls_assert_val(ret); - - return data->length; + uint8_t p; + int ret; + gnutls_datum_t out; + + if (curve == GNUTLS_ECC_CURVE_INVALID) + return gnutls_assert_val(GNUTLS_E_ECC_NO_SUPPORTED_CURVES); + + /* curve type */ + p = 3; + + ret = _gnutls_buffer_append_data(data, &p, 1); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_prefix(data, 16, + _gnutls_ecc_curve_get_tls_id + (curve)); + if (ret < 0) + return gnutls_assert_val(ret); + + /* generate temporal key */ + ret = + _gnutls_pk_generate(GNUTLS_PK_EC, curve, + &session->key.ecdh_params); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_ecc_ansi_x963_export(curve, + session->key.ecdh_params. + params[ECC_X] /* x */ , + session->key.ecdh_params. + params[ECC_Y] /* y */ , &out); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = + _gnutls_buffer_append_data_prefix(data, 8, out.data, out.size); + + _gnutls_free_datum(&out); + + if (ret < 0) + return gnutls_assert_val(ret); + + return data->length; } static int -gen_ecdhe_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_ecdhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - int ret = 0; - gnutls_certificate_credentials_t cred; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 0)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_ecdh_common_print_server_kx (session, data, _gnutls_session_ecc_curve_get(session)); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - /* Generate the signature. */ - return _gnutls_gen_dhe_signature(session, data, data->data, data->length); + int ret = 0; + gnutls_certificate_credentials_t cred; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, + sizeof(cert_auth_info_st), + 0)) < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_ecdh_common_print_server_kx(session, data, + _gnutls_session_ecc_curve_get + (session)); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + /* Generate the signature. */ + return _gnutls_gen_dhe_signature(session, data, data->data, + data->length); } #endif diff --git a/lib/auth/ecdhe.h b/lib/auth/ecdhe.h index 1401b19a22..33a0f47bb8 100644 --- a/lib/auth/ecdhe.h +++ b/lib/auth/ecdhe.h @@ -26,24 +26,25 @@ #include <gnutls_auth.h> int -_gnutls_gen_ecdh_common_client_kx (gnutls_session_t session, - gnutls_buffer_st* data); +_gnutls_gen_ecdh_common_client_kx(gnutls_session_t session, + gnutls_buffer_st * data); int -_gnutls_gen_ecdh_common_client_kx_int (gnutls_session_t session, - gnutls_buffer_st* data, - gnutls_datum_t * psk_key); +_gnutls_gen_ecdh_common_client_kx_int(gnutls_session_t session, + gnutls_buffer_st * data, + gnutls_datum_t * psk_key); int -_gnutls_proc_ecdh_common_client_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size, - gnutls_ecc_curve_t curve, - gnutls_datum_t *psk_key); - -int _gnutls_ecdh_common_print_server_kx (gnutls_session_t, gnutls_buffer_st* data, - gnutls_ecc_curve_t curve); -int _gnutls_proc_ecdh_common_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); +_gnutls_proc_ecdh_common_client_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size, + gnutls_ecc_curve_t curve, + gnutls_datum_t * psk_key); + +int _gnutls_ecdh_common_print_server_kx(gnutls_session_t, + gnutls_buffer_st * data, + gnutls_ecc_curve_t curve); +int _gnutls_proc_ecdh_common_server_kx(gnutls_session_t session, + uint8_t * data, size_t _data_size); diff --git a/lib/auth/psk.c b/lib/auth/psk.c index 053f6027fa..828ded4ff8 100644 --- a/lib/auth/psk.c +++ b/lib/auth/psk.c @@ -35,113 +35,111 @@ #include <gnutls_datum.h> -int _gnutls_proc_psk_client_kx (gnutls_session_t, uint8_t *, size_t); +int _gnutls_proc_psk_client_kx(gnutls_session_t, uint8_t *, size_t); const mod_auth_st psk_auth_struct = { - "PSK", - NULL, - NULL, - _gnutls_gen_psk_server_kx, - _gnutls_gen_psk_client_kx, - NULL, - NULL, - - NULL, - NULL, /* certificate */ - _gnutls_proc_psk_server_kx, - _gnutls_proc_psk_client_kx, - NULL, - NULL + "PSK", + NULL, + NULL, + _gnutls_gen_psk_server_kx, + _gnutls_gen_psk_client_kx, + NULL, + NULL, + + NULL, + NULL, /* certificate */ + _gnutls_proc_psk_server_kx, + _gnutls_proc_psk_client_kx, + NULL, + NULL }; /* Set the PSK premaster secret. */ int -_gnutls_set_psk_session_key (gnutls_session_t session, - gnutls_datum_t * ppsk /* key */, - gnutls_datum_t * dh_secret) +_gnutls_set_psk_session_key(gnutls_session_t session, + gnutls_datum_t * ppsk /* key */ , + gnutls_datum_t * dh_secret) { - gnutls_datum_t pwd_psk = { NULL, 0 }; - size_t dh_secret_size; - uint8_t * p; - int ret; - - if (dh_secret == NULL) - dh_secret_size = ppsk->size; - else - dh_secret_size = dh_secret->size; - - /* set the session key - */ - session->key.key.size = 4 + dh_secret_size + ppsk->size; - session->key.key.data = gnutls_malloc (session->key.key.size); - if (session->key.key.data == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto error; - } - - /* format of the premaster secret: - * (uint16_t) psk_size - * psk_size bytes of (0)s - * (uint16_t) psk_size - * the psk - */ - p = session->key.key.data; - _gnutls_write_uint16 (dh_secret_size, p); - p+=2; - if (dh_secret == NULL) - memset (p, 0, dh_secret_size); - else - memcpy (p, dh_secret->data, dh_secret->size); - - p += dh_secret_size; - _gnutls_write_uint16 (ppsk->size, p); - if (ppsk->data != NULL) - memcpy (p+2, ppsk->data, ppsk->size); - - ret = 0; - -error: - _gnutls_free_datum (&pwd_psk); - return ret; + gnutls_datum_t pwd_psk = { NULL, 0 }; + size_t dh_secret_size; + uint8_t *p; + int ret; + + if (dh_secret == NULL) + dh_secret_size = ppsk->size; + else + dh_secret_size = dh_secret->size; + + /* set the session key + */ + session->key.key.size = 4 + dh_secret_size + ppsk->size; + session->key.key.data = gnutls_malloc(session->key.key.size); + if (session->key.key.data == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto error; + } + + /* format of the premaster secret: + * (uint16_t) psk_size + * psk_size bytes of (0)s + * (uint16_t) psk_size + * the psk + */ + p = session->key.key.data; + _gnutls_write_uint16(dh_secret_size, p); + p += 2; + if (dh_secret == NULL) + memset(p, 0, dh_secret_size); + else + memcpy(p, dh_secret->data, dh_secret->size); + + p += dh_secret_size; + _gnutls_write_uint16(ppsk->size, p); + if (ppsk->data != NULL) + memcpy(p + 2, ppsk->data, ppsk->size); + + ret = 0; + + error: + _gnutls_free_datum(&pwd_psk); + return ret; } /* returns the username and they key for the PSK session. * Free is non (0) if they have to be freed. */ -int _gnutls_find_psk_key( gnutls_session_t session, gnutls_psk_client_credentials_t cred, - gnutls_datum_t * username, gnutls_datum_t* key, int* free) +int _gnutls_find_psk_key(gnutls_session_t session, + gnutls_psk_client_credentials_t cred, + gnutls_datum_t * username, gnutls_datum_t * key, + int *free) { -char* user_p; -int ret; - - *free = 0; - - if (cred->username.data != NULL && cred->key.data != NULL) - { - username->data = cred->username.data; - username->size = cred->username.size; - key->data = cred->key.data; - key->size = cred->key.size; - } - else if (cred->get_function != NULL) - { - ret = cred->get_function (session, &user_p, key); - if (ret) - return gnutls_assert_val(ret); - - username->data = (uint8_t*)user_p; - username->size = strlen(user_p); - - *free = 1; - } - else - return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); - - return 0; + char *user_p; + int ret; + + *free = 0; + + if (cred->username.data != NULL && cred->key.data != NULL) { + username->data = cred->username.data; + username->size = cred->username.size; + key->data = cred->key.data; + key->size = cred->key.size; + } else if (cred->get_function != NULL) { + ret = cred->get_function(session, &user_p, key); + if (ret) + return gnutls_assert_val(ret); + + username->data = (uint8_t *) user_p; + username->size = strlen(user_p); + + *free = 1; + } else + return + gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); + + return 0; } @@ -156,117 +154,113 @@ int ret; * */ int -_gnutls_gen_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +_gnutls_gen_psk_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret, free; - gnutls_datum_t username; - gnutls_datum_t key; - gnutls_psk_client_credentials_t cred; - - cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - ret = _gnutls_find_psk_key( session, cred, &username, &key, &free); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_set_psk_session_key (session, &key, NULL); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = _gnutls_buffer_append_data_prefix(data, 16, username.data, username.size); - if (ret < 0) - { - gnutls_assert(); - } - -cleanup: - if (free) - { - gnutls_free(username.data); - gnutls_free(key.data); - } - - return ret; + int ret, free; + gnutls_datum_t username; + gnutls_datum_t key; + gnutls_psk_client_credentials_t cred; + + cred = (gnutls_psk_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + ret = _gnutls_find_psk_key(session, cred, &username, &key, &free); + if (ret < 0) + return gnutls_assert_val(ret); + + ret = _gnutls_set_psk_session_key(session, &key, NULL); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = + _gnutls_buffer_append_data_prefix(data, 16, username.data, + username.size); + if (ret < 0) { + gnutls_assert(); + } + + cleanup: + if (free) { + gnutls_free(username.data); + gnutls_free(key.data); + } + + return ret; } /* just read the username from the client key exchange. */ int -_gnutls_proc_psk_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +_gnutls_proc_psk_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - ssize_t data_size = _data_size; - int ret; - gnutls_datum_t username, psk_key; - gnutls_psk_server_credentials_t cred; - psk_auth_info_t info; + ssize_t data_size = _data_size; + int ret; + gnutls_datum_t username, psk_key; + gnutls_psk_server_credentials_t cred; + psk_auth_info_t info; - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } - DECR_LEN (data_size, 2); - username.size = _gnutls_read_uint16 (&data[0]); + DECR_LEN(data_size, 2); + username.size = _gnutls_read_uint16(&data[0]); - DECR_LEN (data_size, username.size); + DECR_LEN(data_size, username.size); - username.data = &data[2]; + username.data = &data[2]; - /* copy the username to the auth info structures - */ - info = _gnutls_get_auth_info (session); + /* copy the username to the auth info structures + */ + info = _gnutls_get_auth_info(session); - if (username.size > MAX_USERNAME_SIZE) - { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; - } + if (username.size > MAX_USERNAME_SIZE) { + gnutls_assert(); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; + } - memcpy (info->username, username.data, username.size); - info->username[username.size] = 0; + memcpy(info->username, username.data, username.size); + info->username[username.size] = 0; - ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); - if (ret < 0) - return gnutls_assert_val(ret); + ret = + _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); + if (ret < 0) + return gnutls_assert_val(ret); - ret = _gnutls_set_psk_session_key (session, &psk_key, NULL); - if (ret < 0) - { - gnutls_assert (); - goto error; - } + ret = _gnutls_set_psk_session_key(session, &psk_key, NULL); + if (ret < 0) { + gnutls_assert(); + goto error; + } - ret = 0; + ret = 0; -error: - _gnutls_free_datum(&psk_key); + error: + _gnutls_free_datum(&psk_key); - return ret; + return ret; } @@ -282,94 +276,90 @@ error: * */ int -_gnutls_gen_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +_gnutls_gen_psk_server_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - gnutls_psk_server_credentials_t cred; - gnutls_datum_t hint; + gnutls_psk_server_credentials_t cred; + gnutls_datum_t hint; - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } - /* Abort sending this message if there is no PSK identity hint. */ - if (cred->hint == NULL) - { - gnutls_assert (); - return GNUTLS_E_INT_RET_0; - } + /* Abort sending this message if there is no PSK identity hint. */ + if (cred->hint == NULL) { + gnutls_assert(); + return GNUTLS_E_INT_RET_0; + } - hint.data = (uint8_t*)cred->hint; - hint.size = strlen (cred->hint); + hint.data = (uint8_t *) cred->hint; + hint.size = strlen(cred->hint); - return _gnutls_buffer_append_data_prefix(data, 16, hint.data, hint.size); + return _gnutls_buffer_append_data_prefix(data, 16, hint.data, + hint.size); } /* just read the hint from the server key exchange. */ int -_gnutls_proc_psk_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +_gnutls_proc_psk_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - ssize_t data_size = _data_size; - int ret; - gnutls_datum_t hint; - gnutls_psk_client_credentials_t cred; - psk_auth_info_t info; - - cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - DECR_LENGTH_RET (data_size, 2, 0); - hint.size = _gnutls_read_uint16 (&data[0]); - - DECR_LEN (data_size, hint.size); - - hint.data = &data[2]; - - /* copy the hint to the auth info structures - */ - info = _gnutls_get_auth_info (session); - - if (hint.size > MAX_USERNAME_SIZE) - { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; - } - - memcpy (info->hint, hint.data, hint.size); - info->hint[hint.size] = 0; - - ret = _gnutls_set_psk_session_key (session, &cred->key, NULL); - if (ret < 0) - { - gnutls_assert (); - goto error; - } - - ret = 0; - -error: - return ret; + ssize_t data_size = _data_size; + int ret; + gnutls_datum_t hint; + gnutls_psk_client_credentials_t cred; + psk_auth_info_t info; + + cred = (gnutls_psk_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + DECR_LENGTH_RET(data_size, 2, 0); + hint.size = _gnutls_read_uint16(&data[0]); + + DECR_LEN(data_size, hint.size); + + hint.data = &data[2]; + + /* copy the hint to the auth info structures + */ + info = _gnutls_get_auth_info(session); + + if (hint.size > MAX_USERNAME_SIZE) { + gnutls_assert(); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; + } + + memcpy(info->hint, hint.data, hint.size); + info->hint[hint.size] = 0; + + ret = _gnutls_set_psk_session_key(session, &cred->key, NULL); + if (ret < 0) { + gnutls_assert(); + goto error; + } + + ret = 0; + + error: + return ret; } -#endif /* ENABLE_PSK */ +#endif /* ENABLE_PSK */ diff --git a/lib/auth/psk.h b/lib/auth/psk.h index 1507425f47..3322493762 100644 --- a/lib/auth/psk.h +++ b/lib/auth/psk.h @@ -26,38 +26,35 @@ #include <gnutls_auth.h> #include <auth/dh_common.h> -typedef struct gnutls_psk_client_credentials_st -{ - gnutls_datum_t username; - gnutls_datum_t key; - gnutls_psk_client_credentials_function *get_function; +typedef struct gnutls_psk_client_credentials_st { + gnutls_datum_t username; + gnutls_datum_t key; + gnutls_psk_client_credentials_function *get_function; } psk_client_credentials_st; -typedef struct gnutls_psk_server_credentials_st -{ - char *password_file; - /* callback function, instead of reading the - * password files. - */ - gnutls_psk_server_credentials_function *pwd_callback; +typedef struct gnutls_psk_server_credentials_st { + char *password_file; + /* callback function, instead of reading the + * password files. + */ + gnutls_psk_server_credentials_function *pwd_callback; - /* For DHE_PSK */ - gnutls_dh_params_t dh_params; - /* this callback is used to retrieve the DH or RSA - * parameters. - */ - gnutls_params_function *params_func; + /* For DHE_PSK */ + gnutls_dh_params_t dh_params; + /* this callback is used to retrieve the DH or RSA + * parameters. + */ + gnutls_params_function *params_func; - /* Identity hint. */ - char *hint; + /* Identity hint. */ + char *hint; } psk_server_cred_st; /* these structures should not use allocated data */ -typedef struct psk_auth_info_st -{ - char username[MAX_USERNAME_SIZE + 1]; - dh_info_st dh; - char hint[MAX_USERNAME_SIZE + 1]; +typedef struct psk_auth_info_st { + char username[MAX_USERNAME_SIZE + 1]; + dh_info_st dh; + char hint[MAX_USERNAME_SIZE + 1]; } *psk_auth_info_t; @@ -66,17 +63,21 @@ typedef struct psk_auth_info_st typedef struct psk_auth_info_st psk_auth_info_st; int -_gnutls_set_psk_session_key (gnutls_session_t session, gnutls_datum_t* key, gnutls_datum_t * psk2); -int _gnutls_gen_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data); -int _gnutls_gen_psk_client_kx (gnutls_session_t, gnutls_buffer_st*); -int _gnutls_proc_psk_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); +_gnutls_set_psk_session_key(gnutls_session_t session, gnutls_datum_t * key, + gnutls_datum_t * psk2); +int _gnutls_gen_psk_server_kx(gnutls_session_t session, + gnutls_buffer_st * data); +int _gnutls_gen_psk_client_kx(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_proc_psk_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size); -int _gnutls_find_psk_key( gnutls_session_t session, gnutls_psk_client_credentials_t cred, - gnutls_datum_t * username, gnutls_datum_t* key, int* free); +int _gnutls_find_psk_key(gnutls_session_t session, + gnutls_psk_client_credentials_t cred, + gnutls_datum_t * username, gnutls_datum_t * key, + int *free); #else #define _gnutls_set_psk_session_key(x,y,z) GNUTLS_E_UNIMPLEMENTED_FEATURE -#endif /* ENABLE_PSK */ +#endif /* ENABLE_PSK */ #endif diff --git a/lib/auth/psk_passwd.c b/lib/auth/psk_passwd.c index b27161a663..5f39955c9c 100644 --- a/lib/auth/psk_passwd.c +++ b/lib/auth/psk_passwd.c @@ -42,50 +42,46 @@ /* this function parses passwd.psk file. Format is: * string(username):hex(passwd) */ -static int -pwd_put_values (gnutls_datum_t * psk, char *str) +static int pwd_put_values(gnutls_datum_t * psk, char *str) { - char *p; - int len, ret; - size_t size; - - p = strchr (str, ':'); - if (p == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - /* skip username - */ - - /* read the key - */ - len = strlen (p); - if (p[len - 1] == '\n' || p[len - 1] == ' ') - len--; - - size = psk->size = len / 2; - psk->data = gnutls_malloc (size); - if (psk->data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = _gnutls_hex2bin (p, len, psk->data, &size); - psk->size = (unsigned int) size; - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - - return 0; + char *p; + int len, ret; + size_t size; + + p = strchr(str, ':'); + if (p == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + /* skip username + */ + + /* read the key + */ + len = strlen(p); + if (p[len - 1] == '\n' || p[len - 1] == ' ') + len--; + + size = psk->size = len / 2; + psk->data = gnutls_malloc(size); + if (psk->data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = _gnutls_hex2bin(p, len, psk->data, &size); + psk->size = (unsigned int) size; + if (ret < 0) { + gnutls_assert(); + return ret; + } + + + return 0; } @@ -93,132 +89,118 @@ pwd_put_values (gnutls_datum_t * psk, char *str) /* Randomizes the given password entry. It actually sets a random password. * Returns 0 on success. */ -static int -_randomize_psk (gnutls_datum_t * psk) +static int _randomize_psk(gnutls_datum_t * psk) { - int ret; + int ret; - psk->data = gnutls_malloc (16); - if (psk->data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } + psk->data = gnutls_malloc(16); + if (psk->data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } - psk->size = 16; + psk->size = 16; - ret = _gnutls_rnd (GNUTLS_RND_NONCE, (char *) psk->data, 16); - if (ret < 0) - { - gnutls_assert (); - return ret; - } + ret = _gnutls_rnd(GNUTLS_RND_NONCE, (char *) psk->data, 16); + if (ret < 0) { + gnutls_assert(); + return ret; + } - return 0; + return 0; } /* Returns the PSK key of the given user. * If the user doesn't exist a random password is returned instead. */ int -_gnutls_psk_pwd_find_entry (gnutls_session_t session, char *username, - gnutls_datum_t * psk) +_gnutls_psk_pwd_find_entry(gnutls_session_t session, char *username, + gnutls_datum_t * psk) { - gnutls_psk_server_credentials_t cred; - FILE *fd; - char line[2 * 1024]; - unsigned i, len; - int ret; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - /* if the callback which sends the parameters is - * set, use it. - */ - if (cred->pwd_callback != NULL) - { - ret = cred->pwd_callback (session, username, psk); - - if (ret == 1) - { /* the user does not exist */ - ret = _randomize_psk (psk); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - return 0; - } - - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_ERROR; - } - - return 0; - } - - /* The callback was not set. Proceed. - */ - if (cred->password_file == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_ERROR; - } - - /* Open the selected password file. - */ - fd = fopen (cred->password_file, "r"); - if (fd == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_ERROR; - } - - len = strlen (username); - while (fgets (line, sizeof (line), fd) != NULL) - { - /* move to first ':' */ - i = 0; - while ((line[i] != ':') && (line[i] != '\0') && (i < sizeof (line))) - { - i++; - } - - if (strncmp (username, line, MAX (i, len)) == 0) - { - ret = pwd_put_values (psk, line); - fclose (fd); - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_ERROR; - } - return 0; - } - } - fclose (fd); - - /* user was not found. Fake him. - * the last index found and randomize the entry. - */ - ret = _randomize_psk (psk); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + gnutls_psk_server_credentials_t cred; + FILE *fd; + char line[2 * 1024]; + unsigned i, len; + int ret; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + /* if the callback which sends the parameters is + * set, use it. + */ + if (cred->pwd_callback != NULL) { + ret = cred->pwd_callback(session, username, psk); + + if (ret == 1) { /* the user does not exist */ + ret = _randomize_psk(psk); + if (ret < 0) { + gnutls_assert(); + return ret; + } + return 0; + } + + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_ERROR; + } + + return 0; + } + + /* The callback was not set. Proceed. + */ + if (cred->password_file == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_ERROR; + } + + /* Open the selected password file. + */ + fd = fopen(cred->password_file, "r"); + if (fd == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_ERROR; + } + + len = strlen(username); + while (fgets(line, sizeof(line), fd) != NULL) { + /* move to first ':' */ + i = 0; + while ((line[i] != ':') && (line[i] != '\0') + && (i < sizeof(line))) { + i++; + } + + if (strncmp(username, line, MAX(i, len)) == 0) { + ret = pwd_put_values(psk, line); + fclose(fd); + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_ERROR; + } + return 0; + } + } + fclose(fd); + + /* user was not found. Fake him. + * the last index found and randomize the entry. + */ + ret = _randomize_psk(psk); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } -#endif /* ENABLE PSK */ +#endif /* ENABLE PSK */ diff --git a/lib/auth/psk_passwd.h b/lib/auth/psk_passwd.h index 9af98d4651..f09df621d5 100644 --- a/lib/auth/psk_passwd.h +++ b/lib/auth/psk_passwd.h @@ -23,7 +23,7 @@ #ifdef ENABLE_PSK /* this is locally allocated. It should be freed using the provided function */ -int _gnutls_psk_pwd_find_entry (gnutls_session_t, char *username, - gnutls_datum_t * key); +int _gnutls_psk_pwd_find_entry(gnutls_session_t, char *username, + gnutls_datum_t * key); -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c index 5a17627f62..aaaeb95888 100644 --- a/lib/auth/rsa.c +++ b/lib/auth/rsa.c @@ -42,177 +42,166 @@ #include <abstract_int.h> #include <auth/rsa_common.h> -int _gnutls_gen_rsa_client_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_rsa_client_kx (gnutls_session_t, uint8_t *, size_t); +int _gnutls_gen_rsa_client_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_rsa_client_kx(gnutls_session_t, uint8_t *, size_t); const mod_auth_st rsa_auth_struct = { - "RSA", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - NULL, /* gen server kx */ - _gnutls_gen_rsa_client_kx, - _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ - _gnutls_gen_cert_server_cert_req, /* server cert request */ - - _gnutls_proc_crt, - _gnutls_proc_crt, - NULL, /* proc server kx */ - proc_rsa_client_kx, /* proc client kx */ - _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ - _gnutls_proc_cert_cert_req /* proc server cert request */ + "RSA", + _gnutls_gen_cert_server_crt, + _gnutls_gen_cert_client_crt, + NULL, /* gen server kx */ + _gnutls_gen_rsa_client_kx, + _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ + _gnutls_gen_cert_server_cert_req, /* server cert request */ + + _gnutls_proc_crt, + _gnutls_proc_crt, + NULL, /* proc server kx */ + proc_rsa_client_kx, /* proc client kx */ + _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ + _gnutls_proc_cert_cert_req /* proc server cert request */ }; /* This function reads the RSA parameters from peer's certificate; */ int -_gnutls_get_public_rsa_params (gnutls_session_t session, - gnutls_pk_params_st * params) +_gnutls_get_public_rsa_params(gnutls_session_t session, + gnutls_pk_params_st * params) { - int ret; - cert_auth_info_t info; - gnutls_pcert_st peer_cert; - - /* normal non export case */ - - info = _gnutls_get_auth_info (session); - - if (info == NULL || info->ncerts == 0) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - ret = - _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - gnutls_pk_params_init(params); - - ret = _gnutls_pubkey_get_mpis(peer_cert.pubkey, params); - if (ret < 0) - { - ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - goto cleanup2; - } - - gnutls_pcert_deinit (&peer_cert); - return 0; - -cleanup2: - gnutls_pcert_deinit (&peer_cert); - - return ret; + int ret; + cert_auth_info_t info; + gnutls_pcert_st peer_cert; + + /* normal non export case */ + + info = _gnutls_get_auth_info(session); + + if (info == NULL || info->ncerts == 0) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + ret = + _gnutls_get_auth_info_pcert(&peer_cert, + session->security_parameters. + cert_type, info); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + gnutls_pk_params_init(params); + + ret = _gnutls_pubkey_get_mpis(peer_cert.pubkey, params); + if (ret < 0) { + ret = gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + goto cleanup2; + } + + gnutls_pcert_deinit(&peer_cert); + return 0; + + cleanup2: + gnutls_pcert_deinit(&peer_cert); + + return ret; } static int -proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_rsa_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - gnutls_datum_t plaintext; - gnutls_datum_t ciphertext; - int ret, dsize; - int randomize_key = 0; - ssize_t data_size = _data_size; - - if (get_num_version (session) == GNUTLS_SSL3) - { - /* SSL 3.0 - */ - ciphertext.data = data; - ciphertext.size = data_size; - } - else - { - /* TLS 1.0 - */ - DECR_LEN (data_size, 2); - ciphertext.data = &data[2]; - dsize = _gnutls_read_uint16 (data); - - if (dsize != data_size) - { - gnutls_assert (); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } - ciphertext.size = dsize; - } - - ret = - gnutls_privkey_decrypt_data (session->internals.selected_key, 0, - &ciphertext, &plaintext); - - if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) - { - /* In case decryption fails then don't inform - * the peer. Just use a random key. (in order to avoid - * attack against pkcs-1 formating). - */ - gnutls_assert (); - _gnutls_audit_log (session, "auth_rsa: Possible PKCS #1 format attack\n"); - randomize_key = 1; - } - else - { - /* If the secret was properly formatted, then - * check the version number. - */ - if (_gnutls_get_adv_version_major (session) != plaintext.data[0] || - (session->internals.priorities.allow_wrong_pms == 0 && - _gnutls_get_adv_version_minor (session) != plaintext.data[1])) - { - /* No error is returned here, if the version number check - * fails. We proceed normally. - * That is to defend against the attack described in the paper - * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, - * Ondej Pokorny and Tomas Rosa. - */ - gnutls_assert (); - _gnutls_audit_log - (session, "auth_rsa: Possible PKCS #1 version check format attack\n"); - } - } - - if (randomize_key != 0) - { - session->key.key.size = GNUTLS_MASTER_SIZE; - session->key.key.data = gnutls_malloc (session->key.key.size); - if (session->key.key.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - /* we do not need strong random numbers here. - */ - ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key.key.data, - session->key.key.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - } - else - { - session->key.key.data = plaintext.data; - session->key.key.size = plaintext.size; - } - - /* This is here to avoid the version check attack - * discussed above. - */ - session->key.key.data[0] = _gnutls_get_adv_version_major (session); - session->key.key.data[1] = _gnutls_get_adv_version_minor (session); - - return 0; + gnutls_datum_t plaintext; + gnutls_datum_t ciphertext; + int ret, dsize; + int randomize_key = 0; + ssize_t data_size = _data_size; + + if (get_num_version(session) == GNUTLS_SSL3) { + /* SSL 3.0 + */ + ciphertext.data = data; + ciphertext.size = data_size; + } else { + /* TLS 1.0 + */ + DECR_LEN(data_size, 2); + ciphertext.data = &data[2]; + dsize = _gnutls_read_uint16(data); + + if (dsize != data_size) { + gnutls_assert(); + return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + } + ciphertext.size = dsize; + } + + ret = + gnutls_privkey_decrypt_data(session->internals.selected_key, 0, + &ciphertext, &plaintext); + + if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) { + /* In case decryption fails then don't inform + * the peer. Just use a random key. (in order to avoid + * attack against pkcs-1 formating). + */ + gnutls_assert(); + _gnutls_audit_log(session, + "auth_rsa: Possible PKCS #1 format attack\n"); + randomize_key = 1; + } else { + /* If the secret was properly formatted, then + * check the version number. + */ + if (_gnutls_get_adv_version_major(session) != + plaintext.data[0] + || (session->internals.priorities.allow_wrong_pms == 0 + && _gnutls_get_adv_version_minor(session) != + plaintext.data[1])) { + /* No error is returned here, if the version number check + * fails. We proceed normally. + * That is to defend against the attack described in the paper + * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, + * Ondej Pokorny and Tomas Rosa. + */ + gnutls_assert(); + _gnutls_audit_log + (session, + "auth_rsa: Possible PKCS #1 version check format attack\n"); + } + } + + if (randomize_key != 0) { + session->key.key.size = GNUTLS_MASTER_SIZE; + session->key.key.data = + gnutls_malloc(session->key.key.size); + if (session->key.key.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + /* we do not need strong random numbers here. + */ + ret = _gnutls_rnd(GNUTLS_RND_NONCE, session->key.key.data, + session->key.key.size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + } else { + session->key.key.data = plaintext.data; + session->key.key.size = plaintext.size; + } + + /* This is here to avoid the version check attack + * discussed above. + */ + session->key.key.data[0] = _gnutls_get_adv_version_major(session); + session->key.key.data[1] = _gnutls_get_adv_version_minor(session); + + return 0; } @@ -220,82 +209,78 @@ proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, /* return RSA(random) using the peers public key */ int -_gnutls_gen_rsa_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +_gnutls_gen_rsa_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - cert_auth_info_t auth = session->key.auth_info; - gnutls_datum_t sdata; /* data to send */ - gnutls_pk_params_st params; - int ret; - - if (auth == NULL) - { - /* this shouldn't have happened. The proc_certificate - * function should have detected that. - */ - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - session->key.key.size = GNUTLS_MASTER_SIZE; - session->key.key.data = gnutls_malloc (session->key.key.size); - - if (session->key.key.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = _gnutls_rnd (GNUTLS_RND_RANDOM, session->key.key.data, - session->key.key.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - if (session->internals.rsa_pms_version[0] == 0) - { - session->key.key.data[0] = _gnutls_get_adv_version_major(session); - session->key.key.data[1] = _gnutls_get_adv_version_minor(session); - } - else - { /* use the version provided */ - session->key.key.data[0] = session->internals.rsa_pms_version[0]; - session->key.key.data[1] = session->internals.rsa_pms_version[1]; - } - - /* move RSA parameters to key (session). - */ - if ((ret = - _gnutls_get_public_rsa_params (session, ¶ms)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = - _gnutls_pk_encrypt (GNUTLS_PK_RSA, &sdata, &session->key.key, - ¶ms); - - gnutls_pk_params_release(¶ms); - - if (ret < 0) - return gnutls_assert_val(ret); - - - if (get_num_version (session) == GNUTLS_SSL3) - { - /* SSL 3.0 */ - _gnutls_buffer_replace_data( data, &sdata); - - return data->length; - } - else - { /* TLS 1 */ - ret = _gnutls_buffer_append_data_prefix( data, 16, sdata.data, sdata.size); - - _gnutls_free_datum (&sdata); - return ret; - } + cert_auth_info_t auth = session->key.auth_info; + gnutls_datum_t sdata; /* data to send */ + gnutls_pk_params_st params; + int ret; + + if (auth == NULL) { + /* this shouldn't have happened. The proc_certificate + * function should have detected that. + */ + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + session->key.key.size = GNUTLS_MASTER_SIZE; + session->key.key.data = gnutls_malloc(session->key.key.size); + + if (session->key.key.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = _gnutls_rnd(GNUTLS_RND_RANDOM, session->key.key.data, + session->key.key.size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + if (session->internals.rsa_pms_version[0] == 0) { + session->key.key.data[0] = + _gnutls_get_adv_version_major(session); + session->key.key.data[1] = + _gnutls_get_adv_version_minor(session); + } else { /* use the version provided */ + session->key.key.data[0] = + session->internals.rsa_pms_version[0]; + session->key.key.data[1] = + session->internals.rsa_pms_version[1]; + } + + /* move RSA parameters to key (session). + */ + if ((ret = _gnutls_get_public_rsa_params(session, ¶ms)) < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_pk_encrypt(GNUTLS_PK_RSA, &sdata, &session->key.key, + ¶ms); + + gnutls_pk_params_release(¶ms); + + if (ret < 0) + return gnutls_assert_val(ret); + + + if (get_num_version(session) == GNUTLS_SSL3) { + /* SSL 3.0 */ + _gnutls_buffer_replace_data(data, &sdata); + + return data->length; + } else { /* TLS 1 */ + ret = + _gnutls_buffer_append_data_prefix(data, 16, sdata.data, + sdata.size); + + _gnutls_free_datum(&sdata); + return ret; + } } diff --git a/lib/auth/rsa_common.h b/lib/auth/rsa_common.h index e1d2f39479..38ee264d6c 100644 --- a/lib/auth/rsa_common.h +++ b/lib/auth/rsa_common.h @@ -28,12 +28,12 @@ */ #ifndef AUTH_RSA_COMMON -# define AUTH_RSA_COMMON +#define AUTH_RSA_COMMON #include <abstract_int.h> int -_gnutls_get_public_rsa_params (gnutls_session_t session, - gnutls_pk_params_st * params); +_gnutls_get_public_rsa_params(gnutls_session_t session, + gnutls_pk_params_st * params); #endif diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c index e72d55d32a..23ff898bcd 100644 --- a/lib/auth/rsa_psk.c +++ b/lib/auth/rsa_psk.c @@ -49,68 +49,68 @@ #include <gnutls_datum.h> #include <gnutls_state.h> -static int _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, - gnutls_buffer_st * data); -static int _gnutls_proc_rsa_psk_client_kx (gnutls_session_t, uint8_t *, - size_t); +static int _gnutls_gen_rsa_psk_client_kx(gnutls_session_t session, + gnutls_buffer_st * data); +static int _gnutls_proc_rsa_psk_client_kx(gnutls_session_t, uint8_t *, + size_t); const mod_auth_st rsa_psk_auth_struct = { - "RSA PSK", - _gnutls_gen_cert_server_crt, - NULL, /* generate_client_certificate */ - _gnutls_gen_psk_server_kx, - _gnutls_gen_rsa_psk_client_kx, - NULL, /* generate_client_cert_vrfy */ - NULL, /* generate_server_certificate_request */ - _gnutls_proc_crt, - NULL, /* process_client_certificate */ - _gnutls_proc_psk_server_kx, - _gnutls_proc_rsa_psk_client_kx, - NULL, /* process_client_cert_vrfy */ - NULL /* process_server_certificate_reuqest */ + "RSA PSK", + _gnutls_gen_cert_server_crt, + NULL, /* generate_client_certificate */ + _gnutls_gen_psk_server_kx, + _gnutls_gen_rsa_psk_client_kx, + NULL, /* generate_client_cert_vrfy */ + NULL, /* generate_server_certificate_request */ + _gnutls_proc_crt, + NULL, /* process_client_certificate */ + _gnutls_proc_psk_server_kx, + _gnutls_proc_rsa_psk_client_kx, + NULL, /* process_client_cert_vrfy */ + NULL /* process_server_certificate_reuqest */ }; /* Set the PSK premaster secret. */ static int -set_rsa_psk_session_key (gnutls_session_t session, - gnutls_datum_t *ppsk, gnutls_datum_t * rsa_secret) +set_rsa_psk_session_key(gnutls_session_t session, + gnutls_datum_t * ppsk, gnutls_datum_t * rsa_secret) { - unsigned char *p; - size_t rsa_secret_size; - int ret; - - - rsa_secret_size = rsa_secret->size; - - /* set the session key - */ - session->key.key.size = 2 + rsa_secret_size + 2 + ppsk->size; - session->key.key.data = gnutls_malloc (session->key.key.size); - if (session->key.key.data == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto error; - } - - /* format of the premaster secret: - * (uint16_t) other_secret size (48) - * other_secret: 2 byte version + 46 byte random - * (uint16_t) psk_size - * the psk - */ - _gnutls_write_uint16 (rsa_secret_size, session->key.key.data); - memcpy (&session->key.key.data[2], rsa_secret->data, rsa_secret->size); - p = &session->key.key.data[rsa_secret_size + 2]; - _gnutls_write_uint16 (ppsk->size, p); - if (ppsk->data != NULL) - memcpy (p + 2, ppsk->data, ppsk->size); - - ret = 0; - -error: - return ret; + unsigned char *p; + size_t rsa_secret_size; + int ret; + + + rsa_secret_size = rsa_secret->size; + + /* set the session key + */ + session->key.key.size = 2 + rsa_secret_size + 2 + ppsk->size; + session->key.key.data = gnutls_malloc(session->key.key.size); + if (session->key.key.data == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto error; + } + + /* format of the premaster secret: + * (uint16_t) other_secret size (48) + * other_secret: 2 byte version + 46 byte random + * (uint16_t) psk_size + * the psk + */ + _gnutls_write_uint16(rsa_secret_size, session->key.key.data); + memcpy(&session->key.key.data[2], rsa_secret->data, + rsa_secret->size); + p = &session->key.key.data[rsa_secret_size + 2]; + _gnutls_write_uint16(ppsk->size, p); + if (ppsk->data != NULL) + memcpy(p + 2, ppsk->data, ppsk->size); + + ret = 0; + + error: + return ret; } /* Generate client key exchange message @@ -124,297 +124,285 @@ error: * } ClientKeyExchange; */ static int -_gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, - gnutls_buffer_st * data) +_gnutls_gen_rsa_psk_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - cert_auth_info_t auth = session->key.auth_info; - gnutls_datum_t sdata; /* data to send */ - gnutls_pk_params_st params; - gnutls_psk_client_credentials_t cred; - gnutls_datum_t username, key; - int ret, free; - - if (auth == NULL) - { - /* this shouldn't have happened. The proc_certificate - * function should have detected that. - */ - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - gnutls_datum_t premaster_secret; - premaster_secret.size = GNUTLS_MASTER_SIZE; - premaster_secret.data = gnutls_secure_malloc (premaster_secret.size); - - if (premaster_secret.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - /* Generate random */ - ret = _gnutls_rnd (GNUTLS_RND_RANDOM, premaster_secret.data, - premaster_secret.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - /* Set version */ - if (session->internals.rsa_pms_version[0] == 0) - { - premaster_secret.data[0] = _gnutls_get_adv_version_major (session); - premaster_secret.data[1] = _gnutls_get_adv_version_minor (session); - } - else - { /* use the version provided */ - premaster_secret.data[0] = session->internals.rsa_pms_version[0]; - premaster_secret.data[1] = session->internals.rsa_pms_version[1]; - } - - /* move RSA parameters to key (session). - */ - if ((ret = _gnutls_get_public_rsa_params (session, ¶ms)) < 0) - { - gnutls_assert (); - return ret; - } - - /* Encrypt premaster secret */ - if ((ret = - _gnutls_pk_encrypt (GNUTLS_PK_RSA, &sdata, &premaster_secret, - ¶ms)) < 0) - { - gnutls_assert (); - return ret; - } - - gnutls_pk_params_release (¶ms); - - cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - ret = _gnutls_find_psk_key( session, cred, &username, &key, &free); - if (ret < 0) - return gnutls_assert_val(ret); - - /* Here we set the PSK key */ - ret = set_rsa_psk_session_key (session, &key, &premaster_secret); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - /* Create message for client key exchange - * - * struct { - * uint8_t psk_identity<0..2^16-1>; - * EncryptedPreMasterSecret; - * } - */ - - /* Write psk_identity and EncryptedPreMasterSecret into data stream - */ - ret = _gnutls_buffer_append_data_prefix (data, 16, cred->username.data, - cred->username.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = _gnutls_buffer_append_data_prefix (data, 16, sdata.data, sdata.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = 0; - -cleanup: - _gnutls_free_datum (&sdata); - _gnutls_free_datum (&premaster_secret); - if (free) - { - gnutls_free(key.data); - gnutls_free(username.data); - } - - return data->length; + cert_auth_info_t auth = session->key.auth_info; + gnutls_datum_t sdata; /* data to send */ + gnutls_pk_params_st params; + gnutls_psk_client_credentials_t cred; + gnutls_datum_t username, key; + int ret, free; + + if (auth == NULL) { + /* this shouldn't have happened. The proc_certificate + * function should have detected that. + */ + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + gnutls_datum_t premaster_secret; + premaster_secret.size = GNUTLS_MASTER_SIZE; + premaster_secret.data = + gnutls_secure_malloc(premaster_secret.size); + + if (premaster_secret.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + /* Generate random */ + ret = _gnutls_rnd(GNUTLS_RND_RANDOM, premaster_secret.data, + premaster_secret.size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + /* Set version */ + if (session->internals.rsa_pms_version[0] == 0) { + premaster_secret.data[0] = + _gnutls_get_adv_version_major(session); + premaster_secret.data[1] = + _gnutls_get_adv_version_minor(session); + } else { /* use the version provided */ + premaster_secret.data[0] = + session->internals.rsa_pms_version[0]; + premaster_secret.data[1] = + session->internals.rsa_pms_version[1]; + } + + /* move RSA parameters to key (session). + */ + if ((ret = _gnutls_get_public_rsa_params(session, ¶ms)) < 0) { + gnutls_assert(); + return ret; + } + + /* Encrypt premaster secret */ + if ((ret = + _gnutls_pk_encrypt(GNUTLS_PK_RSA, &sdata, &premaster_secret, + ¶ms)) < 0) { + gnutls_assert(); + return ret; + } + + gnutls_pk_params_release(¶ms); + + cred = (gnutls_psk_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + ret = _gnutls_find_psk_key(session, cred, &username, &key, &free); + if (ret < 0) + return gnutls_assert_val(ret); + + /* Here we set the PSK key */ + ret = set_rsa_psk_session_key(session, &key, &premaster_secret); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* Create message for client key exchange + * + * struct { + * uint8_t psk_identity<0..2^16-1>; + * EncryptedPreMasterSecret; + * } + */ + + /* Write psk_identity and EncryptedPreMasterSecret into data stream + */ + ret = + _gnutls_buffer_append_data_prefix(data, 16, + cred->username.data, + cred->username.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = + _gnutls_buffer_append_data_prefix(data, 16, sdata.data, + sdata.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = 0; + + cleanup: + _gnutls_free_datum(&sdata); + _gnutls_free_datum(&premaster_secret); + if (free) { + gnutls_free(key.data); + gnutls_free(username.data); + } + + return data->length; } /* Process the client key exchange message */ static int -_gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +_gnutls_proc_rsa_psk_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - gnutls_datum_t username; - psk_auth_info_t info; - gnutls_datum_t plaintext; - gnutls_datum_t ciphertext; - gnutls_datum_t pwd_psk = {NULL, 0}; - int ret, dsize; - int randomize_key = 0; - ssize_t data_size = _data_size; - gnutls_psk_server_credentials_t cred; - gnutls_datum_t premaster_secret = {NULL, 0}; - - cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - ret = _gnutls_auth_info_set (session, GNUTLS_CRD_PSK, - sizeof (psk_auth_info_st), 1); - if (ret < 0) - { - gnutls_assert (); - return ret; - } + gnutls_datum_t username; + psk_auth_info_t info; + gnutls_datum_t plaintext; + gnutls_datum_t ciphertext; + gnutls_datum_t pwd_psk = { NULL, 0 }; + int ret, dsize; + int randomize_key = 0; + ssize_t data_size = _data_size; + gnutls_psk_server_credentials_t cred; + gnutls_datum_t premaster_secret = { NULL, 0 }; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + ret = _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, + sizeof(psk_auth_info_st), 1); + if (ret < 0) { + gnutls_assert(); + return ret; + } /*** 1. Extract user psk_identity ***/ - DECR_LEN (data_size, 2); - username.size = _gnutls_read_uint16 (&data[0]); + DECR_LEN(data_size, 2); + username.size = _gnutls_read_uint16(&data[0]); - DECR_LEN (data_size, username.size); + DECR_LEN(data_size, username.size); - username.data = &data[2]; + username.data = &data[2]; - /* copy the username to the auth info structures - */ - info = _gnutls_get_auth_info (session); + /* copy the username to the auth info structures + */ + info = _gnutls_get_auth_info(session); - if (username.size > MAX_USERNAME_SIZE) - { - gnutls_assert (); - return GNUTLS_E_ILLEGAL_SRP_USERNAME; - } + if (username.size > MAX_USERNAME_SIZE) { + gnutls_assert(); + return GNUTLS_E_ILLEGAL_SRP_USERNAME; + } - memcpy (info->username, username.data, username.size); - info->username[username.size] = 0; + memcpy(info->username, username.data, username.size); + info->username[username.size] = 0; - /* Adjust data so it points to EncryptedPreMasterSecret */ - data += username.size + 2; + /* Adjust data so it points to EncryptedPreMasterSecret */ + data += username.size + 2; /*** 2. Decrypt and extract EncryptedPreMasterSecret ***/ - DECR_LEN (data_size, 2); - ciphertext.data = &data[2]; - dsize = _gnutls_read_uint16 (data); - - if (dsize != data_size) - { - gnutls_assert (); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } - ciphertext.size = dsize; - - ret = gnutls_privkey_decrypt_data (session->internals.selected_key, 0, - &ciphertext, &plaintext); - if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) - { - /* In case decryption fails then don't inform - * the peer. Just use a random key. (in order to avoid - * attack against pkcs-1 formating). - */ - gnutls_assert (); - _gnutls_debug_log ("auth_rsa_psk: Possible PKCS #1 format attack\n"); - randomize_key = 1; - } - else - { - /* If the secret was properly formatted, then - * check the version number. - */ - if (_gnutls_get_adv_version_major (session) != plaintext.data[0] || - (session->internals.priorities.allow_wrong_pms == 0 && - _gnutls_get_adv_version_minor (session) != plaintext.data[1])) - { - /* No error is returned here, if the version number check - * fails. We proceed normally. - * That is to defend against the attack described in the paper - * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, - * Ondej Pokorny and Tomas Rosa. - */ - gnutls_assert (); - _gnutls_debug_log - ("auth_rsa: Possible PKCS #1 version check format attack\n"); - } - } - - - if (randomize_key != 0) - { - premaster_secret.size = GNUTLS_MASTER_SIZE; - premaster_secret.data = gnutls_malloc (premaster_secret.size); - if (premaster_secret.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - /* we do not need strong random numbers here. - */ - ret = _gnutls_rnd (GNUTLS_RND_NONCE, premaster_secret.data, - premaster_secret.size); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - } - else - { - premaster_secret.data = plaintext.data; - premaster_secret.size = plaintext.size; - } - - /* This is here to avoid the version check attack - * discussed above. - */ - - premaster_secret.data[0] = _gnutls_get_adv_version_major (session); - premaster_secret.data[1] = _gnutls_get_adv_version_minor (session); - - /* find the key of this username - */ - ret = _gnutls_psk_pwd_find_entry (session, info->username, &pwd_psk); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = set_rsa_psk_session_key (session, &pwd_psk, &premaster_secret); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - ret = 0; -cleanup: - _gnutls_free_datum (&pwd_psk); - _gnutls_free_datum (&premaster_secret); - - return ret; + DECR_LEN(data_size, 2); + ciphertext.data = &data[2]; + dsize = _gnutls_read_uint16(data); + + if (dsize != data_size) { + gnutls_assert(); + return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; + } + ciphertext.size = dsize; + + ret = + gnutls_privkey_decrypt_data(session->internals.selected_key, 0, + &ciphertext, &plaintext); + if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) { + /* In case decryption fails then don't inform + * the peer. Just use a random key. (in order to avoid + * attack against pkcs-1 formating). + */ + gnutls_assert(); + _gnutls_debug_log + ("auth_rsa_psk: Possible PKCS #1 format attack\n"); + randomize_key = 1; + } else { + /* If the secret was properly formatted, then + * check the version number. + */ + if (_gnutls_get_adv_version_major(session) != + plaintext.data[0] + || (session->internals.priorities.allow_wrong_pms == 0 + && _gnutls_get_adv_version_minor(session) != + plaintext.data[1])) { + /* No error is returned here, if the version number check + * fails. We proceed normally. + * That is to defend against the attack described in the paper + * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, + * Ondej Pokorny and Tomas Rosa. + */ + gnutls_assert(); + _gnutls_debug_log + ("auth_rsa: Possible PKCS #1 version check format attack\n"); + } + } + + + if (randomize_key != 0) { + premaster_secret.size = GNUTLS_MASTER_SIZE; + premaster_secret.data = + gnutls_malloc(premaster_secret.size); + if (premaster_secret.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + /* we do not need strong random numbers here. + */ + ret = _gnutls_rnd(GNUTLS_RND_NONCE, premaster_secret.data, + premaster_secret.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + } else { + premaster_secret.data = plaintext.data; + premaster_secret.size = plaintext.size; + } + + /* This is here to avoid the version check attack + * discussed above. + */ + + premaster_secret.data[0] = _gnutls_get_adv_version_major(session); + premaster_secret.data[1] = _gnutls_get_adv_version_minor(session); + + /* find the key of this username + */ + ret = + _gnutls_psk_pwd_find_entry(session, info->username, &pwd_psk); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = + set_rsa_psk_session_key(session, &pwd_psk, &premaster_secret); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = 0; + cleanup: + _gnutls_free_datum(&pwd_psk); + _gnutls_free_datum(&premaster_secret); + + return ret; } -#endif /* ENABLE_PSK */ +#endif /* ENABLE_PSK */ diff --git a/lib/auth/srp.c b/lib/auth/srp.c index 8a0b1d7b7f..d5a0af3618 100644 --- a/lib/auth/srp.c +++ b/lib/auth/srp.c @@ -36,20 +36,20 @@ #include <ext/srp.h> const mod_auth_st srp_auth_struct = { - "SRP", - NULL, - NULL, - _gnutls_gen_srp_server_kx, - _gnutls_gen_srp_client_kx, - NULL, - NULL, - - NULL, - NULL, /* certificate */ - _gnutls_proc_srp_server_kx, - _gnutls_proc_srp_client_kx, - NULL, - NULL + "SRP", + NULL, + NULL, + _gnutls_gen_srp_server_kx, + _gnutls_gen_srp_client_kx, + NULL, + NULL, + + NULL, + NULL, /* certificate */ + _gnutls_proc_srp_server_kx, + _gnutls_proc_srp_client_kx, + NULL, + NULL }; @@ -66,41 +66,40 @@ const mod_auth_st srp_auth_struct = { * Returns a proper error code in that case, and 0 when * all are ok. */ -inline static int -check_param_mod_n (bigint_t a, bigint_t n, int is_a) +inline static int check_param_mod_n(bigint_t a, bigint_t n, int is_a) { - int ret, err = 0; - bigint_t r; - - r = _gnutls_mpi_mod (a, n); - if (r == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = _gnutls_mpi_cmp_ui (r, 0); - if (ret == 0) err = 1; - - if (is_a != 0) - { - ret = _gnutls_mpi_cmp_ui (r, 1); - if (ret == 0) err = 1; - - _gnutls_mpi_add_ui(r, r, 1); - ret = _gnutls_mpi_cmp (r, n); - if (ret == 0) err = 1; - } - - _gnutls_mpi_release (&r); - - if (err != 0) - { - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - return 0; + int ret, err = 0; + bigint_t r; + + r = _gnutls_mpi_mod(a, n); + if (r == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = _gnutls_mpi_cmp_ui(r, 0); + if (ret == 0) + err = 1; + + if (is_a != 0) { + ret = _gnutls_mpi_cmp_ui(r, 1); + if (ret == 0) + err = 1; + + _gnutls_mpi_add_ui(r, r, 1); + ret = _gnutls_mpi_cmp(r, n); + if (ret == 0) + err = 1; + } + + _gnutls_mpi_release(&r); + + if (err != 0) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + return 0; } @@ -108,307 +107,292 @@ check_param_mod_n (bigint_t a, bigint_t n, int is_a) * Data is allocated by the caller, and should have data_size size. */ int -_gnutls_gen_srp_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +_gnutls_gen_srp_server_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret; - char *username; - SRP_PWD_ENTRY *pwd_entry; - srp_server_auth_info_t info; - size_t tmp_size; - extension_priv_data_t epriv; - srp_ext_st *priv; - - ret = _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRP, &epriv); - if (ret < 0) /* peer didn't send a username */ - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_SRP_USERNAME; - } - priv = epriv.ptr; - - if ((ret = - _gnutls_auth_info_set (session, GNUTLS_CRD_SRP, - sizeof (srp_server_auth_info_st), 1)) < 0) - { - gnutls_assert (); - return ret; - } - - info = _gnutls_get_auth_info (session); - username = info->username; - - _gnutls_str_cpy (username, MAX_USERNAME_SIZE, priv->username); - - ret = _gnutls_srp_pwd_read_entry (session, username, &pwd_entry); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - /* copy from pwd_entry to local variables (actually in session) */ - tmp_size = pwd_entry->g.size; - if (_gnutls_mpi_scan_nz (&G, pwd_entry->g.data, tmp_size) < 0) - { - gnutls_assert (); - ret = GNUTLS_E_MPI_SCAN_FAILED; - goto cleanup; - } - - tmp_size = pwd_entry->n.size; - if (_gnutls_mpi_scan_nz (&N, pwd_entry->n.data, tmp_size) < 0) - { - gnutls_assert (); - ret = GNUTLS_E_MPI_SCAN_FAILED; - goto cleanup; - } - - tmp_size = pwd_entry->v.size; - if (_gnutls_mpi_scan_nz (&V, pwd_entry->v.data, tmp_size) < 0) - { - gnutls_assert (); - ret = GNUTLS_E_MPI_SCAN_FAILED; - goto cleanup; - } - - /* Calculate: B = (k*v + g^b) % N - */ - B = _gnutls_calc_srp_B (&_b, G, N, V); - if (B == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto cleanup; - } - - /* copy N (mod n) - */ - ret = _gnutls_buffer_append_data_prefix( data, 16, pwd_entry->n.data, - pwd_entry->n.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - /* copy G (generator) to data - */ - ret = _gnutls_buffer_append_data_prefix( data, 16, pwd_entry->g.data, - pwd_entry->g.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - /* copy the salt - */ - ret = _gnutls_buffer_append_data_prefix( data, 8, pwd_entry->salt.data, - pwd_entry->salt.size); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - /* Copy the B value - */ - - ret = _gnutls_buffer_append_mpi( data, 16, B, 0); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - _gnutls_mpi_log ("SRP B: ", B); - - ret = data->length; - -cleanup: - _gnutls_srp_entry_free (pwd_entry); - return ret; + int ret; + char *username; + SRP_PWD_ENTRY *pwd_entry; + srp_server_auth_info_t info; + size_t tmp_size; + extension_priv_data_t epriv; + srp_ext_st *priv; + + ret = + _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SRP, + &epriv); + if (ret < 0) { /* peer didn't send a username */ + gnutls_assert(); + return GNUTLS_E_UNKNOWN_SRP_USERNAME; + } + priv = epriv.ptr; + + if ((ret = + _gnutls_auth_info_set(session, GNUTLS_CRD_SRP, + sizeof(srp_server_auth_info_st), + 1)) < 0) { + gnutls_assert(); + return ret; + } + + info = _gnutls_get_auth_info(session); + username = info->username; + + _gnutls_str_cpy(username, MAX_USERNAME_SIZE, priv->username); + + ret = _gnutls_srp_pwd_read_entry(session, username, &pwd_entry); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + /* copy from pwd_entry to local variables (actually in session) */ + tmp_size = pwd_entry->g.size; + if (_gnutls_mpi_scan_nz(&G, pwd_entry->g.data, tmp_size) < 0) { + gnutls_assert(); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + + tmp_size = pwd_entry->n.size; + if (_gnutls_mpi_scan_nz(&N, pwd_entry->n.data, tmp_size) < 0) { + gnutls_assert(); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + + tmp_size = pwd_entry->v.size; + if (_gnutls_mpi_scan_nz(&V, pwd_entry->v.data, tmp_size) < 0) { + gnutls_assert(); + ret = GNUTLS_E_MPI_SCAN_FAILED; + goto cleanup; + } + + /* Calculate: B = (k*v + g^b) % N + */ + B = _gnutls_calc_srp_B(&_b, G, N, V); + if (B == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto cleanup; + } + + /* copy N (mod n) + */ + ret = + _gnutls_buffer_append_data_prefix(data, 16, pwd_entry->n.data, + pwd_entry->n.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* copy G (generator) to data + */ + ret = + _gnutls_buffer_append_data_prefix(data, 16, pwd_entry->g.data, + pwd_entry->g.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* copy the salt + */ + ret = + _gnutls_buffer_append_data_prefix(data, 8, + pwd_entry->salt.data, + pwd_entry->salt.size); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + /* Copy the B value + */ + + ret = _gnutls_buffer_append_mpi(data, 16, B, 0); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + _gnutls_mpi_log("SRP B: ", B); + + ret = data->length; + + cleanup: + _gnutls_srp_entry_free(pwd_entry); + return ret; } /* return A = g^a % N */ int -_gnutls_gen_srp_client_kx (gnutls_session_t session, gnutls_buffer_st* data) +_gnutls_gen_srp_client_kx(gnutls_session_t session, + gnutls_buffer_st * data) { - int ret; - char *username, *password; - gnutls_srp_client_credentials_t cred; - extension_priv_data_t epriv; - srp_ext_st *priv; - - ret = _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRP, &epriv); - if (ret < 0) /* peer didn't send a username */ - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_SRP_USERNAME; - } - priv = epriv.ptr; - - cred = (gnutls_srp_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_SRP, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if (priv->username == NULL) - { - username = cred->username; - password = cred->password; - } - else - { - - username = priv->username; - password = priv->password; - } - - if (username == NULL || password == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - /* calc A = g^a % N - */ - if (G == NULL || N == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - A = _gnutls_calc_srp_A (&_a, G, N); - if (A == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - /* Rest of SRP calculations - */ - - /* calculate u */ - session->key.u = _gnutls_calc_srp_u (A, B, N); - if (session->key.u == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - _gnutls_mpi_log ("SRP U: ", session->key.u); - - /* S = (B - g^x) ^ (a + u * x) % N */ - S = _gnutls_calc_srp_S2 (B, G, session->key.x, _a, session->key.u, N); - if (S == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - _gnutls_mpi_log ("SRP B: ", B); - - _gnutls_mpi_release (&_b); - _gnutls_mpi_release (&V); - _gnutls_mpi_release (&session->key.u); - _gnutls_mpi_release (&B); - - ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); - _gnutls_mpi_release (&S); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_buffer_append_mpi(data, 16, A, 0); - if (ret < 0) - return gnutls_assert_val(ret); - - _gnutls_mpi_log ("SRP A: ", A); - - _gnutls_mpi_release (&A); - - return data->length; + int ret; + char *username, *password; + gnutls_srp_client_credentials_t cred; + extension_priv_data_t epriv; + srp_ext_st *priv; + + ret = + _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SRP, + &epriv); + if (ret < 0) { /* peer didn't send a username */ + gnutls_assert(); + return GNUTLS_E_UNKNOWN_SRP_USERNAME; + } + priv = epriv.ptr; + + cred = (gnutls_srp_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_SRP, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if (priv->username == NULL) { + username = cred->username; + password = cred->password; + } else { + + username = priv->username; + password = priv->password; + } + + if (username == NULL || password == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + /* calc A = g^a % N + */ + if (G == NULL || N == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + A = _gnutls_calc_srp_A(&_a, G, N); + if (A == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + /* Rest of SRP calculations + */ + + /* calculate u */ + session->key.u = _gnutls_calc_srp_u(A, B, N); + if (session->key.u == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + _gnutls_mpi_log("SRP U: ", session->key.u); + + /* S = (B - g^x) ^ (a + u * x) % N */ + S = _gnutls_calc_srp_S2(B, G, session->key.x, _a, session->key.u, + N); + if (S == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + _gnutls_mpi_log("SRP B: ", B); + + _gnutls_mpi_release(&_b); + _gnutls_mpi_release(&V); + _gnutls_mpi_release(&session->key.u); + _gnutls_mpi_release(&B); + + ret = _gnutls_mpi_dprint(session->key.KEY, &session->key.key); + _gnutls_mpi_release(&S); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_buffer_append_mpi(data, 16, A, 0); + if (ret < 0) + return gnutls_assert_val(ret); + + _gnutls_mpi_log("SRP A: ", A); + + _gnutls_mpi_release(&A); + + return data->length; } /* just read A and put it to session */ int -_gnutls_proc_srp_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +_gnutls_proc_srp_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - size_t _n_A; - ssize_t data_size = _data_size; - int ret; - - DECR_LEN (data_size, 2); - _n_A = _gnutls_read_uint16 (&data[0]); - - DECR_LEN (data_size, _n_A); - if (_gnutls_mpi_scan_nz (&A, &data[2], _n_A) || A == NULL) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - _gnutls_mpi_log ("SRP A: ", A); - _gnutls_mpi_log ("SRP B: ", B); - - /* Checks if A % n == 0. - */ - if ((ret = check_param_mod_n (A, N, 1)) < 0) - { - gnutls_assert (); - return ret; - } - - /* Start the SRP calculations. - * - Calculate u - */ - session->key.u = _gnutls_calc_srp_u (A, B, N); - if (session->key.u == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - _gnutls_mpi_log ("SRP U: ", session->key.u); - - /* S = (A * v^u) ^ b % N - */ - S = _gnutls_calc_srp_S1 (A, _b, session->key.u, V, N); - if (S == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - _gnutls_mpi_log ("SRP S: ", S); - - _gnutls_mpi_release (&A); - _gnutls_mpi_release (&_b); - _gnutls_mpi_release (&V); - _gnutls_mpi_release (&session->key.u); - _gnutls_mpi_release (&B); - - ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); - _gnutls_mpi_release (&S); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + size_t _n_A; + ssize_t data_size = _data_size; + int ret; + + DECR_LEN(data_size, 2); + _n_A = _gnutls_read_uint16(&data[0]); + + DECR_LEN(data_size, _n_A); + if (_gnutls_mpi_scan_nz(&A, &data[2], _n_A) || A == NULL) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + _gnutls_mpi_log("SRP A: ", A); + _gnutls_mpi_log("SRP B: ", B); + + /* Checks if A % n == 0. + */ + if ((ret = check_param_mod_n(A, N, 1)) < 0) { + gnutls_assert(); + return ret; + } + + /* Start the SRP calculations. + * - Calculate u + */ + session->key.u = _gnutls_calc_srp_u(A, B, N); + if (session->key.u == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + _gnutls_mpi_log("SRP U: ", session->key.u); + + /* S = (A * v^u) ^ b % N + */ + S = _gnutls_calc_srp_S1(A, _b, session->key.u, V, N); + if (S == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + _gnutls_mpi_log("SRP S: ", S); + + _gnutls_mpi_release(&A); + _gnutls_mpi_release(&_b); + _gnutls_mpi_release(&V); + _gnutls_mpi_release(&session->key.u); + _gnutls_mpi_release(&B); + + ret = _gnutls_mpi_dprint(session->key.KEY, &session->key.key); + _gnutls_mpi_release(&S); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } @@ -418,260 +402,298 @@ _gnutls_proc_srp_client_kx (gnutls_session_t session, uint8_t * data, * and _gnutls_srp_entry_free() should be changed. */ static const unsigned char srp_params_1024[] = { - 0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, - 0x9C, 0x33, 0xF8, 0x0A, 0xFA, 0x8F, 0xC5, 0xE8, - 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, 0x3C, 0x0B, - 0x9E, 0xA2, 0x31, 0x4C, 0x9C, 0x25, 0x65, 0x76, - 0xD6, 0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3, - 0x38, 0x3B, 0x48, 0x13, 0xD6, 0x92, 0xC6, 0xE0, - 0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B, 0xE4, - 0x8E, 0x49, 0x5C, 0x1D, 0x60, 0x89, 0xDA, 0xD1, - 0x5D, 0xC7, 0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6, - 0xCE, 0x8E, 0xF4, 0xAD, 0x69, 0xB1, 0x5D, 0x49, - 0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85, - 0xC5, 0x29, 0xF5, 0x66, 0x66, 0x0E, 0x57, 0xEC, - 0x68, 0xED, 0xBC, 0x3C, 0x05, 0x72, 0x6C, 0xC0, - 0x2F, 0xD4, 0xCB, 0xF4, 0x97, 0x6E, 0xAA, 0x9A, - 0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B, - 0x9F, 0xC6, 0x1D, 0x2F, 0xC0, 0xEB, 0x06, 0xE3 + 0xEE, 0xAF, 0x0A, 0xB9, 0xAD, 0xB3, 0x8D, 0xD6, + 0x9C, 0x33, 0xF8, 0x0A, 0xFA, 0x8F, 0xC5, 0xE8, + 0x60, 0x72, 0x61, 0x87, 0x75, 0xFF, 0x3C, 0x0B, + 0x9E, 0xA2, 0x31, 0x4C, 0x9C, 0x25, 0x65, 0x76, + 0xD6, 0x74, 0xDF, 0x74, 0x96, 0xEA, 0x81, 0xD3, + 0x38, 0x3B, 0x48, 0x13, 0xD6, 0x92, 0xC6, 0xE0, + 0xE0, 0xD5, 0xD8, 0xE2, 0x50, 0xB9, 0x8B, 0xE4, + 0x8E, 0x49, 0x5C, 0x1D, 0x60, 0x89, 0xDA, 0xD1, + 0x5D, 0xC7, 0xD7, 0xB4, 0x61, 0x54, 0xD6, 0xB6, + 0xCE, 0x8E, 0xF4, 0xAD, 0x69, 0xB1, 0x5D, 0x49, + 0x82, 0x55, 0x9B, 0x29, 0x7B, 0xCF, 0x18, 0x85, + 0xC5, 0x29, 0xF5, 0x66, 0x66, 0x0E, 0x57, 0xEC, + 0x68, 0xED, 0xBC, 0x3C, 0x05, 0x72, 0x6C, 0xC0, + 0x2F, 0xD4, 0xCB, 0xF4, 0x97, 0x6E, 0xAA, 0x9A, + 0xFD, 0x51, 0x38, 0xFE, 0x83, 0x76, 0x43, 0x5B, + 0x9F, 0xC6, 0x1D, 0x2F, 0xC0, 0xEB, 0x06, 0xE3 }; static const unsigned char srp_generator = 0x02; static const unsigned char srp3072_generator = 0x05; const gnutls_datum_t gnutls_srp_1024_group_prime = { - (void *) srp_params_1024, sizeof (srp_params_1024) + (void *) srp_params_1024, sizeof(srp_params_1024) }; const gnutls_datum_t gnutls_srp_1024_group_generator = { - (void *) &srp_generator, sizeof (srp_generator) + (void *) &srp_generator, sizeof(srp_generator) }; static const unsigned char srp_params_1536[] = { - 0x9D, 0xEF, 0x3C, 0xAF, 0xB9, 0x39, 0x27, 0x7A, 0xB1, - 0xF1, 0x2A, 0x86, 0x17, 0xA4, 0x7B, 0xBB, 0xDB, 0xA5, - 0x1D, 0xF4, 0x99, 0xAC, 0x4C, 0x80, 0xBE, 0xEE, 0xA9, - 0x61, 0x4B, 0x19, 0xCC, 0x4D, 0x5F, 0x4F, 0x5F, 0x55, - 0x6E, 0x27, 0xCB, 0xDE, 0x51, 0xC6, 0xA9, 0x4B, 0xE4, - 0x60, 0x7A, 0x29, 0x15, 0x58, 0x90, 0x3B, 0xA0, 0xD0, - 0xF8, 0x43, 0x80, 0xB6, 0x55, 0xBB, 0x9A, 0x22, 0xE8, - 0xDC, 0xDF, 0x02, 0x8A, 0x7C, 0xEC, 0x67, 0xF0, 0xD0, - 0x81, 0x34, 0xB1, 0xC8, 0xB9, 0x79, 0x89, 0x14, 0x9B, - 0x60, 0x9E, 0x0B, 0xE3, 0xBA, 0xB6, 0x3D, 0x47, 0x54, - 0x83, 0x81, 0xDB, 0xC5, 0xB1, 0xFC, 0x76, 0x4E, 0x3F, - 0x4B, 0x53, 0xDD, 0x9D, 0xA1, 0x15, 0x8B, 0xFD, 0x3E, - 0x2B, 0x9C, 0x8C, 0xF5, 0x6E, 0xDF, 0x01, 0x95, 0x39, - 0x34, 0x96, 0x27, 0xDB, 0x2F, 0xD5, 0x3D, 0x24, 0xB7, - 0xC4, 0x86, 0x65, 0x77, 0x2E, 0x43, 0x7D, 0x6C, 0x7F, - 0x8C, 0xE4, 0x42, 0x73, 0x4A, 0xF7, 0xCC, 0xB7, 0xAE, - 0x83, 0x7C, 0x26, 0x4A, 0xE3, 0xA9, 0xBE, 0xB8, 0x7F, - 0x8A, 0x2F, 0xE9, 0xB8, 0xB5, 0x29, 0x2E, 0x5A, 0x02, - 0x1F, 0xFF, 0x5E, 0x91, 0x47, 0x9E, 0x8C, 0xE7, 0xA2, - 0x8C, 0x24, 0x42, 0xC6, 0xF3, 0x15, 0x18, 0x0F, 0x93, - 0x49, 0x9A, 0x23, 0x4D, 0xCF, 0x76, 0xE3, 0xFE, 0xD1, - 0x35, 0xF9, 0xBB + 0x9D, 0xEF, 0x3C, 0xAF, 0xB9, 0x39, 0x27, 0x7A, 0xB1, + 0xF1, 0x2A, 0x86, 0x17, 0xA4, 0x7B, 0xBB, 0xDB, 0xA5, + 0x1D, 0xF4, 0x99, 0xAC, 0x4C, 0x80, 0xBE, 0xEE, 0xA9, + 0x61, 0x4B, 0x19, 0xCC, 0x4D, 0x5F, 0x4F, 0x5F, 0x55, + 0x6E, 0x27, 0xCB, 0xDE, 0x51, 0xC6, 0xA9, 0x4B, 0xE4, + 0x60, 0x7A, 0x29, 0x15, 0x58, 0x90, 0x3B, 0xA0, 0xD0, + 0xF8, 0x43, 0x80, 0xB6, 0x55, 0xBB, 0x9A, 0x22, 0xE8, + 0xDC, 0xDF, 0x02, 0x8A, 0x7C, 0xEC, 0x67, 0xF0, 0xD0, + 0x81, 0x34, 0xB1, 0xC8, 0xB9, 0x79, 0x89, 0x14, 0x9B, + 0x60, 0x9E, 0x0B, 0xE3, 0xBA, 0xB6, 0x3D, 0x47, 0x54, + 0x83, 0x81, 0xDB, 0xC5, 0xB1, 0xFC, 0x76, 0x4E, 0x3F, + 0x4B, 0x53, 0xDD, 0x9D, 0xA1, 0x15, 0x8B, 0xFD, 0x3E, + 0x2B, 0x9C, 0x8C, 0xF5, 0x6E, 0xDF, 0x01, 0x95, 0x39, + 0x34, 0x96, 0x27, 0xDB, 0x2F, 0xD5, 0x3D, 0x24, 0xB7, + 0xC4, 0x86, 0x65, 0x77, 0x2E, 0x43, 0x7D, 0x6C, 0x7F, + 0x8C, 0xE4, 0x42, 0x73, 0x4A, 0xF7, 0xCC, 0xB7, 0xAE, + 0x83, 0x7C, 0x26, 0x4A, 0xE3, 0xA9, 0xBE, 0xB8, 0x7F, + 0x8A, 0x2F, 0xE9, 0xB8, 0xB5, 0x29, 0x2E, 0x5A, 0x02, + 0x1F, 0xFF, 0x5E, 0x91, 0x47, 0x9E, 0x8C, 0xE7, 0xA2, + 0x8C, 0x24, 0x42, 0xC6, 0xF3, 0x15, 0x18, 0x0F, 0x93, + 0x49, 0x9A, 0x23, 0x4D, 0xCF, 0x76, 0xE3, 0xFE, 0xD1, + 0x35, 0xF9, 0xBB }; const gnutls_datum_t gnutls_srp_1536_group_prime = { - (void *) srp_params_1536, sizeof (srp_params_1536) + (void *) srp_params_1536, sizeof(srp_params_1536) }; const gnutls_datum_t gnutls_srp_1536_group_generator = { - (void *) &srp_generator, sizeof (srp_generator) + (void *) &srp_generator, sizeof(srp_generator) }; static const unsigned char srp_params_2048[] = { - 0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 0xF1, - 0x66, 0xDE, 0x5E, 0x13, 0x89, 0x58, 0x2F, 0xAF, 0x72, - 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07, 0xFC, 0x31, 0x92, - 0x94, 0x3D, 0xB5, 0x60, 0x50, 0xA3, 0x73, 0x29, 0xCB, - 0xB4, 0xA0, 0x99, 0xED, 0x81, 0x93, 0xE0, 0x75, 0x77, - 0x67, 0xA1, 0x3D, 0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, - 0x31, 0x0D, 0xCD, 0x7F, 0x48, 0xA9, 0xDA, 0x04, 0xFD, - 0x50, 0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0, - 0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3, 0x66, - 0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8, 0x29, 0x18, - 0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8, 0x55, 0xF9, 0x79, - 0x93, 0xEC, 0x97, 0x5E, 0xEA, 0xA8, 0x0D, 0x74, 0x0A, - 0xDB, 0xF4, 0xFF, 0x74, 0x73, 0x59, 0xD0, 0x41, 0xD5, - 0xC3, 0x3E, 0xA7, 0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14, - 0x77, 0x3B, 0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80, - 0x16, 0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81, - 0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 0x5B, - 0x9D, 0x32, 0xE6, 0x88, 0xF8, 0x77, 0x48, 0x54, 0x45, - 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D, 0x5E, 0xA7, 0x7A, - 0x27, 0x75, 0xD2, 0xEC, 0xFA, 0x03, 0x2C, 0xFB, 0xDB, - 0xF5, 0x2F, 0xB3, 0x78, 0x61, 0x60, 0x27, 0x90, 0x04, - 0xE5, 0x7A, 0xE6, 0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, - 0x53, 0x29, 0x9C, 0xCC, 0x04, 0x1C, 0x7B, 0xC3, 0x08, - 0xD8, 0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82, - 0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6, 0x94, - 0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4, 0x35, 0xDE, - 0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75, 0x9B, 0x65, 0xE3, - 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F, - 0x9E, 0x4A, 0xFF, 0x73 + 0xAC, 0x6B, 0xDB, 0x41, 0x32, 0x4A, 0x9A, 0x9B, 0xF1, + 0x66, 0xDE, 0x5E, 0x13, 0x89, 0x58, 0x2F, 0xAF, 0x72, + 0xB6, 0x65, 0x19, 0x87, 0xEE, 0x07, 0xFC, 0x31, 0x92, + 0x94, 0x3D, 0xB5, 0x60, 0x50, 0xA3, 0x73, 0x29, 0xCB, + 0xB4, 0xA0, 0x99, 0xED, 0x81, 0x93, 0xE0, 0x75, 0x77, + 0x67, 0xA1, 0x3D, 0xD5, 0x23, 0x12, 0xAB, 0x4B, 0x03, + 0x31, 0x0D, 0xCD, 0x7F, 0x48, 0xA9, 0xDA, 0x04, 0xFD, + 0x50, 0xE8, 0x08, 0x39, 0x69, 0xED, 0xB7, 0x67, 0xB0, + 0xCF, 0x60, 0x95, 0x17, 0x9A, 0x16, 0x3A, 0xB3, 0x66, + 0x1A, 0x05, 0xFB, 0xD5, 0xFA, 0xAA, 0xE8, 0x29, 0x18, + 0xA9, 0x96, 0x2F, 0x0B, 0x93, 0xB8, 0x55, 0xF9, 0x79, + 0x93, 0xEC, 0x97, 0x5E, 0xEA, 0xA8, 0x0D, 0x74, 0x0A, + 0xDB, 0xF4, 0xFF, 0x74, 0x73, 0x59, 0xD0, 0x41, 0xD5, + 0xC3, 0x3E, 0xA7, 0x1D, 0x28, 0x1E, 0x44, 0x6B, 0x14, + 0x77, 0x3B, 0xCA, 0x97, 0xB4, 0x3A, 0x23, 0xFB, 0x80, + 0x16, 0x76, 0xBD, 0x20, 0x7A, 0x43, 0x6C, 0x64, 0x81, + 0xF1, 0xD2, 0xB9, 0x07, 0x87, 0x17, 0x46, 0x1A, 0x5B, + 0x9D, 0x32, 0xE6, 0x88, 0xF8, 0x77, 0x48, 0x54, 0x45, + 0x23, 0xB5, 0x24, 0xB0, 0xD5, 0x7D, 0x5E, 0xA7, 0x7A, + 0x27, 0x75, 0xD2, 0xEC, 0xFA, 0x03, 0x2C, 0xFB, 0xDB, + 0xF5, 0x2F, 0xB3, 0x78, 0x61, 0x60, 0x27, 0x90, 0x04, + 0xE5, 0x7A, 0xE6, 0xAF, 0x87, 0x4E, 0x73, 0x03, 0xCE, + 0x53, 0x29, 0x9C, 0xCC, 0x04, 0x1C, 0x7B, 0xC3, 0x08, + 0xD8, 0x2A, 0x56, 0x98, 0xF3, 0xA8, 0xD0, 0xC3, 0x82, + 0x71, 0xAE, 0x35, 0xF8, 0xE9, 0xDB, 0xFB, 0xB6, 0x94, + 0xB5, 0xC8, 0x03, 0xD8, 0x9F, 0x7A, 0xE4, 0x35, 0xDE, + 0x23, 0x6D, 0x52, 0x5F, 0x54, 0x75, 0x9B, 0x65, 0xE3, + 0x72, 0xFC, 0xD6, 0x8E, 0xF2, 0x0F, 0xA7, 0x11, 0x1F, + 0x9E, 0x4A, 0xFF, 0x73 }; const gnutls_datum_t gnutls_srp_2048_group_prime = { - (void *) srp_params_2048, sizeof (srp_params_2048) + (void *) srp_params_2048, sizeof(srp_params_2048) }; const gnutls_datum_t gnutls_srp_2048_group_generator = { - (void *) &srp_generator, sizeof (srp_generator) + (void *) &srp_generator, sizeof(srp_generator) }; static const unsigned char srp_params_3072[] = { - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, - 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, - 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, - 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, - 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, - 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, - 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, - 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, - 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, - 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, - 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, 0x6B, - 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, - 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, - 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, - 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, - 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, - 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, - 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, - 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, - 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, - 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, - 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, - 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, - 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, - 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, - 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, - 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 0x15, 0x72, 0x8E, - 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, - 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, - 0x1C, 0xBA, 0x64, 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, - 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, - 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, - 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, - 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, - 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, - 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, - 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, - 0x7B, 0x20, 0x0C, 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, - 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, - 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, - 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, - 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, - 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, + 0x0F, 0xDA, 0xA2, 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, + 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, 0x29, 0x02, 0x4E, + 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, + 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, + 0x34, 0x04, 0xDD, 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, + 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, 0xF2, 0x5F, 0x14, + 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, + 0x4C, 0x42, 0xE9, 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, + 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, 0xEE, 0x38, 0x6B, + 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, + 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, + 0xE4, 0x5B, 0x3D, 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, + 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, 0x1C, 0x55, 0xD3, + 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, + 0x62, 0xF3, 0x56, 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, + 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, 0x67, 0x0C, 0x35, + 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, + 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, + 0x36, 0xCE, 0x3B, 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, + 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, 0xEC, 0x07, 0xA2, + 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, + 0x95, 0x49, 0x7C, 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, + 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, 0x15, 0x72, 0x8E, + 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, + 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, + 0x1C, 0xBA, 0x64, 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, + 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, 0x5D, 0x06, 0x0C, + 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, + 0x8C, 0x94, 0xE0, 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, + 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, 0xF1, 0x2F, 0xFA, + 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, + 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, + 0x7B, 0x20, 0x0C, 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, + 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, 0xBA, 0xD9, 0x46, + 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, + 0x82, 0xD1, 0x20, 0xA9, 0x3A, 0xD2, 0xCA, 0xFF, 0xFF, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; const gnutls_datum_t gnutls_srp_3072_group_generator = { - (void *) &srp3072_generator, sizeof (srp3072_generator) + (void *) &srp3072_generator, sizeof(srp3072_generator) }; const gnutls_datum_t gnutls_srp_3072_group_prime = { - (void *) srp_params_3072, sizeof (srp_params_3072) + (void *) srp_params_3072, sizeof(srp_params_3072) }; static const unsigned char srp_params_4096[] = { -0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, 0xA2, -0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, 0xD1, -0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, 0xA6, -0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, 0xDD, -0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, 0x6D, -0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, 0x45, -0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, 0xE9, -0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, 0xED, -0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, 0x11, -0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, 0x3D, -0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, 0x36, -0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, 0x5F, -0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, 0x56, -0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, 0x6D, -0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, 0x08, -0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, 0x3B, -0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, 0xA2, -0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, 0xC9, -0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, 0x7C, -0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, 0x10, -0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, 0x0D, -0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, 0x64, -0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, 0x57, -0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, 0xC7, -0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, 0xE0, -0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, 0x6B, -0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, 0x73, -0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, 0x0C, -0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, 0xC0, -0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, 0x31, -0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, 0x20, -0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, 0xD7, -0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, 0x18, -0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, 0xDA, -0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, 0xDB, -0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, 0xA6, -0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, 0x4F, -0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, 0xED, -0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, 0x76, -0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, 0xA9, -0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, 0xDC, -0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, 0x99, -0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xC9, 0x0F, 0xDA, + 0xA2, + 0x21, 0x68, 0xC2, 0x34, 0xC4, 0xC6, 0x62, 0x8B, 0x80, 0xDC, 0x1C, + 0xD1, + 0x29, 0x02, 0x4E, 0x08, 0x8A, 0x67, 0xCC, 0x74, 0x02, 0x0B, 0xBE, + 0xA6, + 0x3B, 0x13, 0x9B, 0x22, 0x51, 0x4A, 0x08, 0x79, 0x8E, 0x34, 0x04, + 0xDD, + 0xEF, 0x95, 0x19, 0xB3, 0xCD, 0x3A, 0x43, 0x1B, 0x30, 0x2B, 0x0A, + 0x6D, + 0xF2, 0x5F, 0x14, 0x37, 0x4F, 0xE1, 0x35, 0x6D, 0x6D, 0x51, 0xC2, + 0x45, + 0xE4, 0x85, 0xB5, 0x76, 0x62, 0x5E, 0x7E, 0xC6, 0xF4, 0x4C, 0x42, + 0xE9, + 0xA6, 0x37, 0xED, 0x6B, 0x0B, 0xFF, 0x5C, 0xB6, 0xF4, 0x06, 0xB7, + 0xED, + 0xEE, 0x38, 0x6B, 0xFB, 0x5A, 0x89, 0x9F, 0xA5, 0xAE, 0x9F, 0x24, + 0x11, + 0x7C, 0x4B, 0x1F, 0xE6, 0x49, 0x28, 0x66, 0x51, 0xEC, 0xE4, 0x5B, + 0x3D, + 0xC2, 0x00, 0x7C, 0xB8, 0xA1, 0x63, 0xBF, 0x05, 0x98, 0xDA, 0x48, + 0x36, + 0x1C, 0x55, 0xD3, 0x9A, 0x69, 0x16, 0x3F, 0xA8, 0xFD, 0x24, 0xCF, + 0x5F, + 0x83, 0x65, 0x5D, 0x23, 0xDC, 0xA3, 0xAD, 0x96, 0x1C, 0x62, 0xF3, + 0x56, + 0x20, 0x85, 0x52, 0xBB, 0x9E, 0xD5, 0x29, 0x07, 0x70, 0x96, 0x96, + 0x6D, + 0x67, 0x0C, 0x35, 0x4E, 0x4A, 0xBC, 0x98, 0x04, 0xF1, 0x74, 0x6C, + 0x08, + 0xCA, 0x18, 0x21, 0x7C, 0x32, 0x90, 0x5E, 0x46, 0x2E, 0x36, 0xCE, + 0x3B, + 0xE3, 0x9E, 0x77, 0x2C, 0x18, 0x0E, 0x86, 0x03, 0x9B, 0x27, 0x83, + 0xA2, + 0xEC, 0x07, 0xA2, 0x8F, 0xB5, 0xC5, 0x5D, 0xF0, 0x6F, 0x4C, 0x52, + 0xC9, + 0xDE, 0x2B, 0xCB, 0xF6, 0x95, 0x58, 0x17, 0x18, 0x39, 0x95, 0x49, + 0x7C, + 0xEA, 0x95, 0x6A, 0xE5, 0x15, 0xD2, 0x26, 0x18, 0x98, 0xFA, 0x05, + 0x10, + 0x15, 0x72, 0x8E, 0x5A, 0x8A, 0xAA, 0xC4, 0x2D, 0xAD, 0x33, 0x17, + 0x0D, + 0x04, 0x50, 0x7A, 0x33, 0xA8, 0x55, 0x21, 0xAB, 0xDF, 0x1C, 0xBA, + 0x64, + 0xEC, 0xFB, 0x85, 0x04, 0x58, 0xDB, 0xEF, 0x0A, 0x8A, 0xEA, 0x71, + 0x57, + 0x5D, 0x06, 0x0C, 0x7D, 0xB3, 0x97, 0x0F, 0x85, 0xA6, 0xE1, 0xE4, + 0xC7, + 0xAB, 0xF5, 0xAE, 0x8C, 0xDB, 0x09, 0x33, 0xD7, 0x1E, 0x8C, 0x94, + 0xE0, + 0x4A, 0x25, 0x61, 0x9D, 0xCE, 0xE3, 0xD2, 0x26, 0x1A, 0xD2, 0xEE, + 0x6B, + 0xF1, 0x2F, 0xFA, 0x06, 0xD9, 0x8A, 0x08, 0x64, 0xD8, 0x76, 0x02, + 0x73, + 0x3E, 0xC8, 0x6A, 0x64, 0x52, 0x1F, 0x2B, 0x18, 0x17, 0x7B, 0x20, + 0x0C, + 0xBB, 0xE1, 0x17, 0x57, 0x7A, 0x61, 0x5D, 0x6C, 0x77, 0x09, 0x88, + 0xC0, + 0xBA, 0xD9, 0x46, 0xE2, 0x08, 0xE2, 0x4F, 0xA0, 0x74, 0xE5, 0xAB, + 0x31, + 0x43, 0xDB, 0x5B, 0xFC, 0xE0, 0xFD, 0x10, 0x8E, 0x4B, 0x82, 0xD1, + 0x20, + 0xA9, 0x21, 0x08, 0x01, 0x1A, 0x72, 0x3C, 0x12, 0xA7, 0x87, 0xE6, + 0xD7, + 0x88, 0x71, 0x9A, 0x10, 0xBD, 0xBA, 0x5B, 0x26, 0x99, 0xC3, 0x27, + 0x18, + 0x6A, 0xF4, 0xE2, 0x3C, 0x1A, 0x94, 0x68, 0x34, 0xB6, 0x15, 0x0B, + 0xDA, + 0x25, 0x83, 0xE9, 0xCA, 0x2A, 0xD4, 0x4C, 0xE8, 0xDB, 0xBB, 0xC2, + 0xDB, + 0x04, 0xDE, 0x8E, 0xF9, 0x2E, 0x8E, 0xFC, 0x14, 0x1F, 0xBE, 0xCA, + 0xA6, + 0x28, 0x7C, 0x59, 0x47, 0x4E, 0x6B, 0xC0, 0x5D, 0x99, 0xB2, 0x96, + 0x4F, + 0xA0, 0x90, 0xC3, 0xA2, 0x23, 0x3B, 0xA1, 0x86, 0x51, 0x5B, 0xE7, + 0xED, + 0x1F, 0x61, 0x29, 0x70, 0xCE, 0xE2, 0xD7, 0xAF, 0xB8, 0x1B, 0xDD, + 0x76, + 0x21, 0x70, 0x48, 0x1C, 0xD0, 0x06, 0x91, 0x27, 0xD5, 0xB0, 0x5A, + 0xA9, + 0x93, 0xB4, 0xEA, 0x98, 0x8D, 0x8F, 0xDD, 0xC1, 0x86, 0xFF, 0xB7, + 0xDC, + 0x90, 0xA6, 0xC0, 0x8F, 0x4D, 0xF4, 0x35, 0xC9, 0x34, 0x06, 0x31, + 0x99, + 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }; const gnutls_datum_t gnutls_srp_4096_group_generator = { - (void *) &srp3072_generator, sizeof (srp3072_generator) + (void *) &srp3072_generator, sizeof(srp3072_generator) }; const gnutls_datum_t gnutls_srp_4096_group_prime = { - (void *) srp_params_4096, sizeof (srp_params_4096) + (void *) srp_params_4096, sizeof(srp_params_4096) }; /* Check if G and N are parameters from the SRP draft. */ static int -check_g_n (const uint8_t * g, size_t n_g, const uint8_t * n, size_t n_n) +check_g_n(const uint8_t * g, size_t n_g, const uint8_t * n, size_t n_n) { - if ((n_n == sizeof (srp_params_3072) && - memcmp (srp_params_3072, n, n_n) == 0) || - (n_n == sizeof (srp_params_4096) && - memcmp (srp_params_4096, n, n_n) == 0)) - { - if (n_g != 1 || g[0] != srp3072_generator) - { - return gnutls_assert_val(GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); - } - return 0; - } - - if (n_g != 1 || g[0] != srp_generator) - { - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - if (n_n == sizeof (srp_params_1024) && - memcmp (srp_params_1024, n, n_n) == 0) - { - return 0; - } - - if (n_n == sizeof (srp_params_1536) && - memcmp (srp_params_1536, n, n_n) == 0) - { - return 0; - } - - if (n_n == sizeof (srp_params_2048) && - memcmp (srp_params_2048, n, n_n) == 0) - { - return 0; - } - - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + if ((n_n == sizeof(srp_params_3072) && + memcmp(srp_params_3072, n, n_n) == 0) || + (n_n == sizeof(srp_params_4096) && + memcmp(srp_params_4096, n, n_n) == 0)) { + if (n_g != 1 || g[0] != srp3072_generator) { + return + gnutls_assert_val + (GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER); + } + return 0; + } + + if (n_g != 1 || g[0] != srp_generator) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + if (n_n == sizeof(srp_params_1024) && + memcmp(srp_params_1024, n, n_n) == 0) { + return 0; + } + + if (n_n == sizeof(srp_params_1536) && + memcmp(srp_params_1536, n, n_n) == 0) { + return 0; + } + + if (n_n == sizeof(srp_params_2048) && + memcmp(srp_params_2048, n, n_n) == 0) { + return 0; + } + + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; } /* Check if N is a prime and G a generator of the @@ -679,273 +701,254 @@ check_g_n (const uint8_t * g, size_t n_g, const uint8_t * n, size_t n_n) * Otherwise only the included parameters must be used. */ static int -group_check_g_n (gnutls_session_t session, bigint_t g, bigint_t n) +group_check_g_n(gnutls_session_t session, bigint_t g, bigint_t n) { - bigint_t q = NULL, two = NULL, w = NULL; - int ret; - - if (_gnutls_mpi_get_nbits (n) < (session->internals.srp_prime_bits - ? session->internals.srp_prime_bits - : 2048)) - { - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - /* N must be of the form N=2q+1 - * where q is also a prime. - */ - if (_gnutls_prime_check (n) != 0) - { - _gnutls_mpi_log ("no prime N: ", n); - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - two = _gnutls_mpi_new (4); - if (two == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - q = _gnutls_mpi_alloc_like (n); - if (q == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto error; - } - - /* q = n-1 - */ - _gnutls_mpi_sub_ui (q, n, 1); - - /* q = q/2, remember that q is divisible by 2 (prime - 1) - */ - _gnutls_mpi_set_ui (two, 2); - _gnutls_mpi_div (q, q, two); - - if (_gnutls_prime_check (q) != 0) - { - /* N was not on the form N=2q+1, where q = prime - */ - _gnutls_mpi_log ("no prime Q: ", q); - gnutls_assert (); - return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - } - - /* We also check whether g is a generator, - */ - - /* check if g < q < N - */ - if (_gnutls_mpi_cmp (g, q) >= 0) - { - gnutls_assert (); - ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - goto error; - } - - w = _gnutls_mpi_alloc_like (q); - if (w == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_MEMORY_ERROR; - goto error; - } - - /* check if g^q mod N == N-1 - * w = g^q mod N - */ - _gnutls_mpi_powm (w, g, q, n); - - /* w++ - */ - _gnutls_mpi_add_ui (w, w, 1); - - if (_gnutls_mpi_cmp (w, n) != 0) - { - gnutls_assert (); - ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; - goto error; - } - - ret = 0; - -error: - _gnutls_mpi_release (&q); - _gnutls_mpi_release (&two); - _gnutls_mpi_release (&w); - - return ret; + bigint_t q = NULL, two = NULL, w = NULL; + int ret; + + if (_gnutls_mpi_get_nbits(n) < (session->internals.srp_prime_bits + ? session->internals.srp_prime_bits + : 2048)) { + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + /* N must be of the form N=2q+1 + * where q is also a prime. + */ + if (_gnutls_prime_check(n) != 0) { + _gnutls_mpi_log("no prime N: ", n); + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + two = _gnutls_mpi_new(4); + if (two == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + q = _gnutls_mpi_alloc_like(n); + if (q == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto error; + } + + /* q = n-1 + */ + _gnutls_mpi_sub_ui(q, n, 1); + + /* q = q/2, remember that q is divisible by 2 (prime - 1) + */ + _gnutls_mpi_set_ui(two, 2); + _gnutls_mpi_div(q, q, two); + + if (_gnutls_prime_check(q) != 0) { + /* N was not on the form N=2q+1, where q = prime + */ + _gnutls_mpi_log("no prime Q: ", q); + gnutls_assert(); + return GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + } + + /* We also check whether g is a generator, + */ + + /* check if g < q < N + */ + if (_gnutls_mpi_cmp(g, q) >= 0) { + gnutls_assert(); + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto error; + } + + w = _gnutls_mpi_alloc_like(q); + if (w == NULL) { + gnutls_assert(); + ret = GNUTLS_E_MEMORY_ERROR; + goto error; + } + + /* check if g^q mod N == N-1 + * w = g^q mod N + */ + _gnutls_mpi_powm(w, g, q, n); + + /* w++ + */ + _gnutls_mpi_add_ui(w, w, 1); + + if (_gnutls_mpi_cmp(w, n) != 0) { + gnutls_assert(); + ret = GNUTLS_E_RECEIVED_ILLEGAL_PARAMETER; + goto error; + } + + ret = 0; + + error: + _gnutls_mpi_release(&q); + _gnutls_mpi_release(&two); + _gnutls_mpi_release(&w); + + return ret; } /* receive the key exchange message ( n, g, s, B) */ int -_gnutls_proc_srp_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +_gnutls_proc_srp_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - uint8_t n_s; - uint16_t n_g, n_n, n_b; - size_t _n_g, _n_n, _n_b; - const uint8_t *data_n; - const uint8_t *data_g; - const uint8_t *data_s; - const uint8_t *data_b; - int i, ret; - uint8_t hd[SRP_MAX_HASH_SIZE]; - char *username, *password; - ssize_t data_size = _data_size; - gnutls_srp_client_credentials_t cred; - extension_priv_data_t epriv; - srp_ext_st *priv; - - ret = _gnutls_ext_get_session_data (session, GNUTLS_EXTENSION_SRP, &epriv); - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_UNKNOWN_SRP_USERNAME; - } - priv = epriv.ptr; - - cred = (gnutls_srp_client_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_SRP, NULL); - - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if (priv->username == NULL) - { - username = cred->username; - password = cred->password; - } - else - { - username = priv->username; - password = priv->password; - } - - if (username == NULL || password == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - i = 0; - - /* Read N - */ - DECR_LEN (data_size, 2); - n_n = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_n); - data_n = &data[i]; - i += n_n; - - /* Read G - */ - DECR_LEN (data_size, 2); - n_g = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_g); - data_g = &data[i]; - i += n_g; - - /* Read salt - */ - DECR_LEN (data_size, 1); - n_s = data[i]; - i += 1; - - DECR_LEN (data_size, n_s); - data_s = &data[i]; - i += n_s; - - /* Read B - */ - DECR_LEN (data_size, 2); - n_b = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_b); - data_b = &data[i]; - i += n_b; - - _n_g = n_g; - _n_n = n_n; - _n_b = n_b; - - if (_gnutls_mpi_scan_nz (&N, data_n, _n_n) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - if (_gnutls_mpi_scan_nz (&G, data_g, _n_g) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - if (_gnutls_mpi_scan_nz (&B, data_b, _n_b) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - - /* Check if the g and n are from the SRP - * draft. Otherwise check if N is a prime and G - * a generator. - */ - if ((ret = check_g_n (data_g, _n_g, data_n, _n_n)) < 0) - { - _gnutls_audit_log (session, "SRP group parameters are not in the white list. Checking validity.\n"); - if ((ret = group_check_g_n (session, G, N)) < 0) - { - gnutls_assert (); - return ret; - } - } - - /* Checks if b % n == 0 - */ - if ((ret = check_param_mod_n (B, N, 0)) < 0) - { - gnutls_assert (); - return ret; - } - - - /* generate x = SHA(s | SHA(U | ":" | p)) - * (or the equivalent using bcrypt) - */ - if ((ret = - _gnutls_calc_srp_x (username, password, (uint8_t *) data_s, n_s, - &_n_g, hd)) < 0) - { - gnutls_assert (); - return ret; - } - - if (_gnutls_mpi_scan_nz (&session->key.x, hd, _n_g) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - - return i; /* return the processed data - * needed in auth_srp_rsa. - */ + uint8_t n_s; + uint16_t n_g, n_n, n_b; + size_t _n_g, _n_n, _n_b; + const uint8_t *data_n; + const uint8_t *data_g; + const uint8_t *data_s; + const uint8_t *data_b; + int i, ret; + uint8_t hd[SRP_MAX_HASH_SIZE]; + char *username, *password; + ssize_t data_size = _data_size; + gnutls_srp_client_credentials_t cred; + extension_priv_data_t epriv; + srp_ext_st *priv; + + ret = + _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SRP, + &epriv); + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_UNKNOWN_SRP_USERNAME; + } + priv = epriv.ptr; + + cred = (gnutls_srp_client_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_SRP, NULL); + + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if (priv->username == NULL) { + username = cred->username; + password = cred->password; + } else { + username = priv->username; + password = priv->password; + } + + if (username == NULL || password == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + i = 0; + + /* Read N + */ + DECR_LEN(data_size, 2); + n_n = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_n); + data_n = &data[i]; + i += n_n; + + /* Read G + */ + DECR_LEN(data_size, 2); + n_g = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_g); + data_g = &data[i]; + i += n_g; + + /* Read salt + */ + DECR_LEN(data_size, 1); + n_s = data[i]; + i += 1; + + DECR_LEN(data_size, n_s); + data_s = &data[i]; + i += n_s; + + /* Read B + */ + DECR_LEN(data_size, 2); + n_b = _gnutls_read_uint16(&data[i]); + i += 2; + + DECR_LEN(data_size, n_b); + data_b = &data[i]; + i += n_b; + + _n_g = n_g; + _n_n = n_n; + _n_b = n_b; + + if (_gnutls_mpi_scan_nz(&N, data_n, _n_n) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + if (_gnutls_mpi_scan_nz(&G, data_g, _n_g) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + if (_gnutls_mpi_scan_nz(&B, data_b, _n_b) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + + /* Check if the g and n are from the SRP + * draft. Otherwise check if N is a prime and G + * a generator. + */ + if ((ret = check_g_n(data_g, _n_g, data_n, _n_n)) < 0) { + _gnutls_audit_log(session, + "SRP group parameters are not in the white list. Checking validity.\n"); + if ((ret = group_check_g_n(session, G, N)) < 0) { + gnutls_assert(); + return ret; + } + } + + /* Checks if b % n == 0 + */ + if ((ret = check_param_mod_n(B, N, 0)) < 0) { + gnutls_assert(); + return ret; + } + + + /* generate x = SHA(s | SHA(U | ":" | p)) + * (or the equivalent using bcrypt) + */ + if ((ret = + _gnutls_calc_srp_x(username, password, (uint8_t *) data_s, + n_s, &_n_g, hd)) < 0) { + gnutls_assert(); + return ret; + } + + if (_gnutls_mpi_scan_nz(&session->key.x, hd, _n_g) != 0) { + gnutls_assert(); + return GNUTLS_E_MPI_SCAN_FAILED; + } + + + return i; /* return the processed data + * needed in auth_srp_rsa. + */ } -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ diff --git a/lib/auth/srp.h b/lib/auth/srp.h index e7723e1884..2bfce81474 100644 --- a/lib/auth/srp.h +++ b/lib/auth/srp.h @@ -25,44 +25,41 @@ #include <gnutls_auth.h> -typedef struct gnutls_srp_client_credentials_st -{ - char *username; - char *password; - gnutls_srp_client_credentials_function *get_function; +typedef struct gnutls_srp_client_credentials_st { + char *username; + char *password; + gnutls_srp_client_credentials_function *get_function; } srp_client_credentials_st; -typedef struct gnutls_srp_server_credentials_st -{ - char *password_file; - char *password_conf_file; - /* callback function, instead of reading the - * password files. - */ - gnutls_srp_server_credentials_function *pwd_callback; +typedef struct gnutls_srp_server_credentials_st { + char *password_file; + char *password_conf_file; + /* callback function, instead of reading the + * password files. + */ + gnutls_srp_server_credentials_function *pwd_callback; } srp_server_cred_st; /* these structures should not use allocated data */ -typedef struct srp_server_auth_info_st -{ - char username[MAX_USERNAME_SIZE + 1]; +typedef struct srp_server_auth_info_st { + char username[MAX_USERNAME_SIZE + 1]; } *srp_server_auth_info_t; #ifdef ENABLE_SRP -int _gnutls_proc_srp_server_hello (gnutls_session_t state, - const uint8_t * data, size_t data_size); -int _gnutls_gen_srp_server_hello (gnutls_session_t state, uint8_t * data, - size_t data_size); +int _gnutls_proc_srp_server_hello(gnutls_session_t state, + const uint8_t * data, size_t data_size); +int _gnutls_gen_srp_server_hello(gnutls_session_t state, uint8_t * data, + size_t data_size); -int _gnutls_gen_srp_server_kx (gnutls_session_t, gnutls_buffer_st*); -int _gnutls_gen_srp_client_kx (gnutls_session_t, gnutls_buffer_st*); +int _gnutls_gen_srp_server_kx(gnutls_session_t, gnutls_buffer_st *); +int _gnutls_gen_srp_client_kx(gnutls_session_t, gnutls_buffer_st *); -int _gnutls_proc_srp_server_kx (gnutls_session_t, uint8_t *, size_t); -int _gnutls_proc_srp_client_kx (gnutls_session_t, uint8_t *, size_t); +int _gnutls_proc_srp_server_kx(gnutls_session_t, uint8_t *, size_t); +int _gnutls_proc_srp_client_kx(gnutls_session_t, uint8_t *, size_t); typedef struct srp_server_auth_info_st srp_server_auth_info_st; -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ #endif diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c index a9693d886e..a97114a2c1 100644 --- a/lib/auth/srp_passwd.c +++ b/lib/auth/srp_passwd.c @@ -39,160 +39,148 @@ #include <gnutls_num.h> #include <random.h> -static int _randomize_pwd_entry (SRP_PWD_ENTRY * entry); +static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry); /* this function parses tpasswd.conf file. Format is: * string(username):base64(v):base64(salt):int(index) */ -static int -parse_tpasswd_values (SRP_PWD_ENTRY * entry, char *str) +static int parse_tpasswd_values(SRP_PWD_ENTRY * entry, char *str) { - char *p; - int len, ret; - uint8_t *verifier; - size_t verifier_size; - int indx; - - p = strrchr (str, ':'); /* we have index */ - if (p == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - indx = atoi (p); - if (indx == 0) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - /* now go for salt */ - p = strrchr (str, ':'); /* we have salt */ - if (p == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - len = strlen (p); - - entry->salt.size = _gnutls_sbase64_decode (p, len, &entry->salt.data); - - if (entry->salt.size <= 0) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - /* now go for verifier */ - p = strrchr (str, ':'); /* we have verifier */ - if (p == NULL) - { - _gnutls_free_datum (&entry->salt); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - len = strlen (p); - ret = _gnutls_sbase64_decode (p, len, &verifier); - if (ret <= 0) - { - gnutls_assert (); - _gnutls_free_datum (&entry->salt); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - verifier_size = ret; - entry->v.data = verifier; - entry->v.size = verifier_size; - - /* now go for username */ - *p = '\0'; - - entry->username = gnutls_strdup (str); - if (entry->username == NULL) - { - _gnutls_free_datum (&entry->salt); - _gnutls_free_datum (&entry->v); - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - return indx; + char *p; + int len, ret; + uint8_t *verifier; + size_t verifier_size; + int indx; + + p = strrchr(str, ':'); /* we have index */ + if (p == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + indx = atoi(p); + if (indx == 0) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + /* now go for salt */ + p = strrchr(str, ':'); /* we have salt */ + if (p == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + len = strlen(p); + + entry->salt.size = + _gnutls_sbase64_decode(p, len, &entry->salt.data); + + if (entry->salt.size <= 0) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + /* now go for verifier */ + p = strrchr(str, ':'); /* we have verifier */ + if (p == NULL) { + _gnutls_free_datum(&entry->salt); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + len = strlen(p); + ret = _gnutls_sbase64_decode(p, len, &verifier); + if (ret <= 0) { + gnutls_assert(); + _gnutls_free_datum(&entry->salt); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + verifier_size = ret; + entry->v.data = verifier; + entry->v.size = verifier_size; + + /* now go for username */ + *p = '\0'; + + entry->username = gnutls_strdup(str); + if (entry->username == NULL) { + _gnutls_free_datum(&entry->salt); + _gnutls_free_datum(&entry->v); + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + return indx; } /* this function parses tpasswd.conf file. Format is: * int(index):base64(n):int(g) */ -static int -parse_tpasswd_conf_values (SRP_PWD_ENTRY * entry, char *str) +static int parse_tpasswd_conf_values(SRP_PWD_ENTRY * entry, char *str) { - char *p; - int len; - uint8_t *tmp; - int ret; - - p = strrchr (str, ':'); /* we have g */ - if (p == NULL) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - /* read the generator */ - len = strlen (p); - if (p[len - 1] == '\n' || p[len - 1] == ' ') - len--; - ret = _gnutls_sbase64_decode (p, len, &tmp); - - if (ret < 0) - { - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - entry->g.data = tmp; - entry->g.size = ret; - - /* now go for n - modulo */ - p = strrchr (str, ':'); /* we have n */ - if (p == NULL) - { - _gnutls_free_datum (&entry->g); - gnutls_assert (); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - *p = '\0'; - p++; - - len = strlen (p); - ret = _gnutls_sbase64_decode (p, len, &tmp); - - if (ret < 0) - { - gnutls_assert (); - _gnutls_free_datum (&entry->g); - return GNUTLS_E_SRP_PWD_PARSING_ERROR; - } - - entry->n.data = tmp; - entry->n.size = ret; - - return 0; + char *p; + int len; + uint8_t *tmp; + int ret; + + p = strrchr(str, ':'); /* we have g */ + if (p == NULL) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + /* read the generator */ + len = strlen(p); + if (p[len - 1] == '\n' || p[len - 1] == ' ') + len--; + ret = _gnutls_sbase64_decode(p, len, &tmp); + + if (ret < 0) { + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + entry->g.data = tmp; + entry->g.size = ret; + + /* now go for n - modulo */ + p = strrchr(str, ':'); /* we have n */ + if (p == NULL) { + _gnutls_free_datum(&entry->g); + gnutls_assert(); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + *p = '\0'; + p++; + + len = strlen(p); + ret = _gnutls_sbase64_decode(p, len, &tmp); + + if (ret < 0) { + gnutls_assert(); + _gnutls_free_datum(&entry->g); + return GNUTLS_E_SRP_PWD_PARSING_ERROR; + } + + entry->n.data = tmp; + entry->n.size = ret; + + return 0; } @@ -200,283 +188,256 @@ parse_tpasswd_conf_values (SRP_PWD_ENTRY * entry, char *str) * values. They are put in the entry. */ static int -pwd_read_conf (const char *pconf_file, SRP_PWD_ENTRY * entry, int idx) +pwd_read_conf(const char *pconf_file, SRP_PWD_ENTRY * entry, int idx) { - FILE *fd; - char line[2 * 1024]; - unsigned i, len; - char indexstr[10]; - int ret; - - snprintf (indexstr, sizeof(indexstr), "%u", (unsigned int)idx); - - fd = fopen (pconf_file, "r"); - if (fd == NULL) - { - gnutls_assert (); - return GNUTLS_E_FILE_ERROR; - } - - len = strlen (indexstr); - while (fgets (line, sizeof (line), fd) != NULL) - { - /* move to first ':' */ - i = 0; - while ((line[i] != ':') && (line[i] != '\0') && (i < sizeof (line))) - { - i++; - } - if (strncmp (indexstr, line, MAX (i, len)) == 0) - { - if ((idx = parse_tpasswd_conf_values (entry, line)) >= 0) - { - ret = 0; - goto cleanup; - } - else - { - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - } - } - ret = GNUTLS_E_SRP_PWD_ERROR; - -cleanup: - fclose(fd); - return ret; + FILE *fd; + char line[2 * 1024]; + unsigned i, len; + char indexstr[10]; + int ret; + + snprintf(indexstr, sizeof(indexstr), "%u", (unsigned int) idx); + + fd = fopen(pconf_file, "r"); + if (fd == NULL) { + gnutls_assert(); + return GNUTLS_E_FILE_ERROR; + } + + len = strlen(indexstr); + while (fgets(line, sizeof(line), fd) != NULL) { + /* move to first ':' */ + i = 0; + while ((line[i] != ':') && (line[i] != '\0') + && (i < sizeof(line))) { + i++; + } + if (strncmp(indexstr, line, MAX(i, len)) == 0) { + if ((idx = + parse_tpasswd_conf_values(entry, + line)) >= 0) { + ret = 0; + goto cleanup; + } else { + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + } + } + ret = GNUTLS_E_SRP_PWD_ERROR; + + cleanup: + fclose(fd); + return ret; } int -_gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username, - SRP_PWD_ENTRY ** _entry) +_gnutls_srp_pwd_read_entry(gnutls_session_t state, char *username, + SRP_PWD_ENTRY ** _entry) { - gnutls_srp_server_credentials_t cred; - FILE *fd = NULL; - char line[2 * 1024]; - unsigned i, len; - int ret; - int idx; - SRP_PWD_ENTRY *entry = NULL; - - *_entry = gnutls_calloc (1, sizeof (SRP_PWD_ENTRY)); - if (*_entry == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - entry = *_entry; - - cred = (gnutls_srp_server_credentials_t) - _gnutls_get_cred (state, GNUTLS_CRD_SRP, NULL); - if (cred == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS; - goto cleanup; - } - - /* if the callback which sends the parameters is - * set, use it. - */ - if (cred->pwd_callback != NULL) - { - ret = cred->pwd_callback (state, username, &entry->salt, - &entry->v, &entry->g, &entry->n); - - if (ret == 1) - { /* the user does not exist */ - if (entry->g.size != 0 && entry->n.size != 0) - { - ret = _randomize_pwd_entry (entry); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - return 0; - } - else - { - gnutls_assert (); - ret = -1; /* error in the callback */ - } - } - - if (ret < 0) - { - gnutls_assert (); - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - - return 0; - } - - /* The callback was not set. Proceed. - */ - - if (cred->password_file == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - - /* Open the selected password file. - */ - fd = fopen (cred->password_file, "r"); - if (fd == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - - len = strlen (username); - while (fgets (line, sizeof (line), fd) != NULL) - { - /* move to first ':' */ - i = 0; - while ((line[i] != ':') && (line[i] != '\0') && (i < sizeof (line))) - { - i++; - } - - if (strncmp (username, line, MAX (i, len)) == 0) - { - if ((idx = parse_tpasswd_values (entry, line)) >= 0) - { - /* Keep the last index in memory, so we can retrieve fake parameters (g,n) - * when the user does not exist. - */ - if (pwd_read_conf (cred->password_conf_file, entry, idx) == 0) - { - goto found; - } - else - { - gnutls_assert (); - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - } - else - { - gnutls_assert (); - ret = GNUTLS_E_SRP_PWD_ERROR; - goto cleanup; - } - } - } - - /* user was not found. Fake him. Actually read the g,n values from - * the last index found and randomize the entry. - */ - if (pwd_read_conf (cred->password_conf_file, entry, 1) == 0) - { - ret = _randomize_pwd_entry (entry); - if (ret < 0) - { - gnutls_assert (); - goto cleanup; - } - - goto found; - } - - ret = GNUTLS_E_SRP_PWD_ERROR; -cleanup: - gnutls_assert (); - if (fd) fclose(fd); - _gnutls_srp_entry_free (entry); - return ret; - -found: - if (fd) fclose(fd); - return 0; + gnutls_srp_server_credentials_t cred; + FILE *fd = NULL; + char line[2 * 1024]; + unsigned i, len; + int ret; + int idx; + SRP_PWD_ENTRY *entry = NULL; + + *_entry = gnutls_calloc(1, sizeof(SRP_PWD_ENTRY)); + if (*_entry == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + entry = *_entry; + + cred = (gnutls_srp_server_credentials_t) + _gnutls_get_cred(state, GNUTLS_CRD_SRP, NULL); + if (cred == NULL) { + gnutls_assert(); + ret = GNUTLS_E_INSUFFICIENT_CREDENTIALS; + goto cleanup; + } + + /* if the callback which sends the parameters is + * set, use it. + */ + if (cred->pwd_callback != NULL) { + ret = cred->pwd_callback(state, username, &entry->salt, + &entry->v, &entry->g, &entry->n); + + if (ret == 1) { /* the user does not exist */ + if (entry->g.size != 0 && entry->n.size != 0) { + ret = _randomize_pwd_entry(entry); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + return 0; + } else { + gnutls_assert(); + ret = -1; /* error in the callback */ + } + } + + if (ret < 0) { + gnutls_assert(); + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + + return 0; + } + + /* The callback was not set. Proceed. + */ + + if (cred->password_file == NULL) { + gnutls_assert(); + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + + /* Open the selected password file. + */ + fd = fopen(cred->password_file, "r"); + if (fd == NULL) { + gnutls_assert(); + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + + len = strlen(username); + while (fgets(line, sizeof(line), fd) != NULL) { + /* move to first ':' */ + i = 0; + while ((line[i] != ':') && (line[i] != '\0') + && (i < sizeof(line))) { + i++; + } + + if (strncmp(username, line, MAX(i, len)) == 0) { + if ((idx = parse_tpasswd_values(entry, line)) >= 0) { + /* Keep the last index in memory, so we can retrieve fake parameters (g,n) + * when the user does not exist. + */ + if (pwd_read_conf + (cred->password_conf_file, entry, + idx) == 0) { + goto found; + } else { + gnutls_assert(); + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + } else { + gnutls_assert(); + ret = GNUTLS_E_SRP_PWD_ERROR; + goto cleanup; + } + } + } + + /* user was not found. Fake him. Actually read the g,n values from + * the last index found and randomize the entry. + */ + if (pwd_read_conf(cred->password_conf_file, entry, 1) == 0) { + ret = _randomize_pwd_entry(entry); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + goto found; + } + + ret = GNUTLS_E_SRP_PWD_ERROR; + cleanup: + gnutls_assert(); + if (fd) + fclose(fd); + _gnutls_srp_entry_free(entry); + return ret; + + found: + if (fd) + fclose(fd); + return 0; } /* Randomizes the given password entry. It actually sets the verifier * and the salt. Returns 0 on success. */ -static int -_randomize_pwd_entry (SRP_PWD_ENTRY * entry) +static int _randomize_pwd_entry(SRP_PWD_ENTRY * entry) { - unsigned char rnd; - int ret; - - if (entry->g.size == 0 || entry->n.size == 0) - { - gnutls_assert (); - return GNUTLS_E_INTERNAL_ERROR; - } - - ret = _gnutls_rnd (GNUTLS_RND_NONCE, &rnd, 1); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - entry->salt.size = (rnd % 10) + 9; - - entry->v.data = gnutls_malloc (20); - entry->v.size = 20; - if (entry->v.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = _gnutls_rnd (GNUTLS_RND_RANDOM, entry->v.data, 20); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - entry->salt.data = gnutls_malloc (entry->salt.size); - if (entry->salt.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - ret = _gnutls_rnd (GNUTLS_RND_NONCE, entry->salt.data, entry->salt.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + unsigned char rnd; + int ret; + + if (entry->g.size == 0 || entry->n.size == 0) { + gnutls_assert(); + return GNUTLS_E_INTERNAL_ERROR; + } + + ret = _gnutls_rnd(GNUTLS_RND_NONCE, &rnd, 1); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + entry->salt.size = (rnd % 10) + 9; + + entry->v.data = gnutls_malloc(20); + entry->v.size = 20; + if (entry->v.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = _gnutls_rnd(GNUTLS_RND_RANDOM, entry->v.data, 20); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + entry->salt.data = gnutls_malloc(entry->salt.size); + if (entry->salt.data == NULL) { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + ret = + _gnutls_rnd(GNUTLS_RND_NONCE, entry->salt.data, + entry->salt.size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } /* Free all the entry parameters, except if g and n are * the static ones defined in gnutls.h */ -void -_gnutls_srp_entry_free (SRP_PWD_ENTRY * entry) +void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry) { - _gnutls_free_datum (&entry->v); - _gnutls_free_datum (&entry->salt); - - if ((entry->g.data != gnutls_srp_1024_group_generator.data) - && (entry->g.data != gnutls_srp_3072_group_generator.data)) - _gnutls_free_datum (&entry->g); - - if (entry->n.data != gnutls_srp_1024_group_prime.data && - entry->n.data != gnutls_srp_1536_group_prime.data && - entry->n.data != gnutls_srp_2048_group_prime.data && - entry->n.data != gnutls_srp_3072_group_prime.data && - entry->n.data != gnutls_srp_4096_group_prime.data) - _gnutls_free_datum (&entry->n); - - gnutls_free (entry->username); - gnutls_free (entry); + _gnutls_free_datum(&entry->v); + _gnutls_free_datum(&entry->salt); + + if ((entry->g.data != gnutls_srp_1024_group_generator.data) + && (entry->g.data != gnutls_srp_3072_group_generator.data)) + _gnutls_free_datum(&entry->g); + + if (entry->n.data != gnutls_srp_1024_group_prime.data && + entry->n.data != gnutls_srp_1536_group_prime.data && + entry->n.data != gnutls_srp_2048_group_prime.data && + entry->n.data != gnutls_srp_3072_group_prime.data && + entry->n.data != gnutls_srp_4096_group_prime.data) + _gnutls_free_datum(&entry->n); + + gnutls_free(entry->username); + gnutls_free(entry); } -#endif /* ENABLE SRP */ +#endif /* ENABLE SRP */ diff --git a/lib/auth/srp_passwd.h b/lib/auth/srp_passwd.h index a04b4466ee..71bcc220de 100644 --- a/lib/auth/srp_passwd.h +++ b/lib/auth/srp_passwd.h @@ -22,21 +22,20 @@ #ifdef ENABLE_SRP -typedef struct -{ - char *username; +typedef struct { + char *username; - gnutls_datum_t salt; - gnutls_datum_t v; - gnutls_datum_t g; - gnutls_datum_t n; + gnutls_datum_t salt; + gnutls_datum_t v; + gnutls_datum_t g; + gnutls_datum_t n; } SRP_PWD_ENTRY; /* this is locally allocated. It should be freed using the provided function */ -int _gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username, - SRP_PWD_ENTRY **); -void _gnutls_srp_entry_free (SRP_PWD_ENTRY * entry); -int _gnutls_sbase64_decode (char * data, size_t data_size, - uint8_t ** result); +int _gnutls_srp_pwd_read_entry(gnutls_session_t state, char *username, + SRP_PWD_ENTRY **); +void _gnutls_srp_entry_free(SRP_PWD_ENTRY * entry); +int _gnutls_sbase64_decode(char *data, size_t data_size, + uint8_t ** result); -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ diff --git a/lib/auth/srp_rsa.c b/lib/auth/srp_rsa.c index 97b5e918f5..83799ee388 100644 --- a/lib/auth/srp_rsa.c +++ b/lib/auth/srp_rsa.c @@ -40,222 +40,214 @@ #include <gnutls_x509.h> #include <algorithms.h> -static int gen_srp_cert_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_srp_cert_server_kx (gnutls_session_t, uint8_t *, size_t); +static int gen_srp_cert_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_srp_cert_server_kx(gnutls_session_t, uint8_t *, size_t); const mod_auth_st srp_rsa_auth_struct = { - "SRP", - _gnutls_gen_cert_server_crt, - NULL, - gen_srp_cert_server_kx, - _gnutls_gen_srp_client_kx, - NULL, - NULL, - - _gnutls_proc_crt, - NULL, /* certificate */ - proc_srp_cert_server_kx, - _gnutls_proc_srp_client_kx, - NULL, - NULL + "SRP", + _gnutls_gen_cert_server_crt, + NULL, + gen_srp_cert_server_kx, + _gnutls_gen_srp_client_kx, + NULL, + NULL, + + _gnutls_proc_crt, + NULL, /* certificate */ + proc_srp_cert_server_kx, + _gnutls_proc_srp_client_kx, + NULL, + NULL }; const mod_auth_st srp_dss_auth_struct = { - "SRP", - _gnutls_gen_cert_server_crt, - NULL, - gen_srp_cert_server_kx, - _gnutls_gen_srp_client_kx, - NULL, - NULL, - - _gnutls_proc_crt, - NULL, /* certificate */ - proc_srp_cert_server_kx, - _gnutls_proc_srp_client_kx, - NULL, - NULL + "SRP", + _gnutls_gen_cert_server_crt, + NULL, + gen_srp_cert_server_kx, + _gnutls_gen_srp_client_kx, + NULL, + NULL, + + _gnutls_proc_crt, + NULL, /* certificate */ + proc_srp_cert_server_kx, + _gnutls_proc_srp_client_kx, + NULL, + NULL }; static int -gen_srp_cert_server_kx (gnutls_session_t session, gnutls_buffer_st* data) +gen_srp_cert_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { - ssize_t ret; - gnutls_datum_t signature, ddata; - gnutls_certificate_credentials_t cred; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - gnutls_sign_algorithm_t sign_algo; - const version_entry_st* ver = get_version (session); - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - ret = _gnutls_gen_srp_server_kx (session, data); - - if (ret < 0) - return ret; - - ddata.data = data->data; - ddata.size = data->length; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - if ((ret = - _gnutls_handshake_sign_data (session, &apr_cert_list[0], - apr_pkey, &ddata, &signature, - &sign_algo)) < 0) - { - gnutls_assert (); - return ret; - } - - if (_gnutls_version_has_selectable_sighash (ver)) - { - const sign_algorithm_st *aid; - uint8_t p[2]; - - if (sign_algo == GNUTLS_SIGN_UNKNOWN) - { - ret = GNUTLS_E_UNKNOWN_ALGORITHM; - goto cleanup; - } - - aid = _gnutls_sign_to_tls_aid (sign_algo); - if (aid == NULL) - { - gnutls_assert(); - ret = GNUTLS_E_UNKNOWN_ALGORITHM; - goto cleanup; - } - - p[0] = aid->hash_algorithm; - p[1] = aid->sign_algorithm; - - ret = _gnutls_buffer_append_data(data, p, 2); - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - } - - ret = _gnutls_buffer_append_data_prefix( data, 16, signature.data, signature.size); - - if (ret < 0) - { - gnutls_assert(); - goto cleanup; - } - - ret = data->length; - -cleanup: - _gnutls_free_datum (&signature); - return ret; + ssize_t ret; + gnutls_datum_t signature, ddata; + gnutls_certificate_credentials_t cred; + gnutls_pcert_st *apr_cert_list; + gnutls_privkey_t apr_pkey; + int apr_cert_list_length; + gnutls_sign_algorithm_t sign_algo; + const version_entry_st *ver = get_version(session); + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + ret = _gnutls_gen_srp_server_kx(session, data); + + if (ret < 0) + return ret; + + ddata.data = data->data; + ddata.size = data->length; + + cred = (gnutls_certificate_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + /* find the appropriate certificate */ + if ((ret = + _gnutls_get_selected_cert(session, &apr_cert_list, + &apr_cert_list_length, + &apr_pkey)) < 0) { + gnutls_assert(); + return ret; + } + + if ((ret = + _gnutls_handshake_sign_data(session, &apr_cert_list[0], + apr_pkey, &ddata, &signature, + &sign_algo)) < 0) { + gnutls_assert(); + return ret; + } + + if (_gnutls_version_has_selectable_sighash(ver)) { + const sign_algorithm_st *aid; + uint8_t p[2]; + + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + ret = GNUTLS_E_UNKNOWN_ALGORITHM; + goto cleanup; + } + + aid = _gnutls_sign_to_tls_aid(sign_algo); + if (aid == NULL) { + gnutls_assert(); + ret = GNUTLS_E_UNKNOWN_ALGORITHM; + goto cleanup; + } + + p[0] = aid->hash_algorithm; + p[1] = aid->sign_algorithm; + + ret = _gnutls_buffer_append_data(data, p, 2); + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + } + + ret = + _gnutls_buffer_append_data_prefix(data, 16, signature.data, + signature.size); + + if (ret < 0) { + gnutls_assert(); + goto cleanup; + } + + ret = data->length; + + cleanup: + _gnutls_free_datum(&signature); + return ret; } static int -proc_srp_cert_server_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) +proc_srp_cert_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) { - ssize_t ret; - int sigsize; - gnutls_datum_t vparams, signature; - ssize_t data_size; - cert_auth_info_t info; - gnutls_pcert_st peer_cert; - uint8_t *p; - gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; - const version_entry_st* ver = get_version (session); - - if (unlikely(ver == NULL)) - return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); - - ret = _gnutls_proc_srp_server_kx (session, data, _data_size); - if (ret < 0) - return ret; - - data_size = _data_size - ret; - - info = _gnutls_get_auth_info (session); - if (info == NULL || info->ncerts == 0) - { - gnutls_assert (); - /* we need this in order to get peer's certificate */ - return GNUTLS_E_INTERNAL_ERROR; - } - - /* VERIFY SIGNATURE */ - - vparams.size = ret; /* all the data minus the signature */ - vparams.data = data; - - p = &data[vparams.size]; - if (_gnutls_version_has_selectable_sighash (ver)) - { - sign_algorithm_st aid; - - DECR_LEN (data_size, 1); - aid.hash_algorithm = *p++; - DECR_LEN (data_size, 1); - aid.sign_algorithm = *p++; - sign_algo = _gnutls_tls_aid_to_sign (&aid); - if (sign_algo == GNUTLS_SIGN_UNKNOWN) - { - _gnutls_debug_log("unknown signature %d.%d\n", aid.sign_algorithm, aid.hash_algorithm); - gnutls_assert (); - return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; - } - } - - DECR_LEN (data_size, 2); - sigsize = _gnutls_read_uint16 (p); - - DECR_LEN (data_size, sigsize); - signature.data = &p[2]; - signature.size = sigsize; - - ret = - _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info); - - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = - _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature, - sign_algo); - - gnutls_pcert_deinit (&peer_cert); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - return 0; + ssize_t ret; + int sigsize; + gnutls_datum_t vparams, signature; + ssize_t data_size; + cert_auth_info_t info; + gnutls_pcert_st peer_cert; + uint8_t *p; + gnutls_sign_algorithm_t sign_algo = GNUTLS_SIGN_UNKNOWN; + const version_entry_st *ver = get_version(session); + + if (unlikely(ver == NULL)) + return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR); + + ret = _gnutls_proc_srp_server_kx(session, data, _data_size); + if (ret < 0) + return ret; + + data_size = _data_size - ret; + + info = _gnutls_get_auth_info(session); + if (info == NULL || info->ncerts == 0) { + gnutls_assert(); + /* we need this in order to get peer's certificate */ + return GNUTLS_E_INTERNAL_ERROR; + } + + /* VERIFY SIGNATURE */ + + vparams.size = ret; /* all the data minus the signature */ + vparams.data = data; + + p = &data[vparams.size]; + if (_gnutls_version_has_selectable_sighash(ver)) { + sign_algorithm_st aid; + + DECR_LEN(data_size, 1); + aid.hash_algorithm = *p++; + DECR_LEN(data_size, 1); + aid.sign_algorithm = *p++; + sign_algo = _gnutls_tls_aid_to_sign(&aid); + if (sign_algo == GNUTLS_SIGN_UNKNOWN) { + _gnutls_debug_log("unknown signature %d.%d\n", + aid.sign_algorithm, + aid.hash_algorithm); + gnutls_assert(); + return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; + } + } + + DECR_LEN(data_size, 2); + sigsize = _gnutls_read_uint16(p); + + DECR_LEN(data_size, sigsize); + signature.data = &p[2]; + signature.size = sigsize; + + ret = + _gnutls_get_auth_info_pcert(&peer_cert, + session->security_parameters. + cert_type, info); + + if (ret < 0) { + gnutls_assert(); + return ret; + } + + ret = + _gnutls_handshake_verify_data(session, &peer_cert, &vparams, + &signature, sign_algo); + + gnutls_pcert_deinit(&peer_cert); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; } -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ diff --git a/lib/auth/srp_sb64.c b/lib/auth/srp_sb64.c index 47ae259fe5..852eb4dc09 100644 --- a/lib/auth/srp_sb64.c +++ b/lib/auth/srp_sb64.c @@ -31,115 +31,106 @@ * It seems that everybody makes their own base64 conversion. */ static const uint8_t b64table[] = - "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./"; + "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz./"; static const uint8_t asciitable[128] = { - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0x3e, 0x3f, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, - 0x06, 0x07, 0x08, 0x09, 0xff, 0xff, - 0xff, 0xff, 0xff, 0xff, 0xff, 0x0a, - 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, - 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, - 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, - 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, - 0x23, 0xff, 0xff, 0xff, 0xff, 0xff, - 0xff, 0x24, 0x25, 0x26, 0x27, 0x28, - 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, - 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, - 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, - 0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff, - 0xff, 0xff + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0x3e, 0x3f, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, + 0x06, 0x07, 0x08, 0x09, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0x0a, + 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, + 0x17, 0x18, 0x19, 0x1a, 0x1b, 0x1c, + 0x1d, 0x1e, 0x1f, 0x20, 0x21, 0x22, + 0x23, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0x24, 0x25, 0x26, 0x27, 0x28, + 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, + 0x2f, 0x30, 0x31, 0x32, 0x33, 0x34, + 0x35, 0x36, 0x37, 0x38, 0x39, 0x3a, + 0x3b, 0x3c, 0x3d, 0xff, 0xff, 0xff, + 0xff, 0xff }; -inline static int -encode (uint8_t * result, const uint8_t * rdata, int left) +inline static int encode(uint8_t * result, const uint8_t * rdata, int left) { - int data_len; - int c, ret = 4; - uint8_t data[3]; - - if (left > 3) - data_len = 3; - else - data_len = left; - - data[0] = data[1] = data[2] = 0; - memcpy (data, rdata, data_len); - - switch (data_len) - { - case 3: - result[0] = b64table[((data[0] & 0xfc) >> 2)]; - result[1] = - b64table[(((((data[0] & 0x03) & 0xff) << 4) & 0xff) | - ((data[1] & 0xf0) >> 4))]; - result[2] = - b64table[((((data[1] & 0x0f) << 2) & 0xff) | - ((data[2] & 0xc0) >> 6))]; - result[3] = b64table[(data[2] & 0x3f) & 0xff]; - break; - case 2: - if ((c = ((data[0] & 0xf0) >> 4)) != 0) - { - result[0] = b64table[c]; - result[1] = - b64table[((((data[0] & 0x0f) << 2) & 0xff) | - ((data[1] & 0xc0) >> 6))]; - result[2] = b64table[(data[1] & 0x3f) & 0xff]; - result[3] = '\0'; - ret -= 1; - } - else - { - if ((c = ((data[0] & 0x0f) << 2) | ((data[1] & 0xc0) >> 6)) != 0) - { - result[0] = b64table[c]; - result[1] = b64table[data[1] & 0x3f]; - result[2] = '\0'; - result[3] = '\0'; - ret -= 2; - } - else - { - result[0] = b64table[data[0] & 0x3f]; - result[1] = '\0'; - result[2] = '\0'; - result[3] = '\0'; - ret -= 3; - } - } - break; - case 1: - if ((c = ((data[0] & 0xc0) >> 6)) != 0) - { - result[0] = b64table[c]; - result[1] = b64table[(data[0] & 0x3f) & 0xff]; - result[2] = '\0'; - result[3] = '\0'; - ret -= 2; - } - else - { - result[0] = b64table[(data[0] & 0x3f) & 0xff]; - result[1] = '\0'; - result[2] = '\0'; - result[3] = '\0'; - ret -= 3; - } - break; - default: - return -1; - } - - return ret; + int data_len; + int c, ret = 4; + uint8_t data[3]; + + if (left > 3) + data_len = 3; + else + data_len = left; + + data[0] = data[1] = data[2] = 0; + memcpy(data, rdata, data_len); + + switch (data_len) { + case 3: + result[0] = b64table[((data[0] & 0xfc) >> 2)]; + result[1] = + b64table[(((((data[0] & 0x03) & 0xff) << 4) & 0xff) | + ((data[1] & 0xf0) >> 4))]; + result[2] = + b64table[((((data[1] & 0x0f) << 2) & 0xff) | + ((data[2] & 0xc0) >> 6))]; + result[3] = b64table[(data[2] & 0x3f) & 0xff]; + break; + case 2: + if ((c = ((data[0] & 0xf0) >> 4)) != 0) { + result[0] = b64table[c]; + result[1] = + b64table[((((data[0] & 0x0f) << 2) & 0xff) | + ((data[1] & 0xc0) >> 6))]; + result[2] = b64table[(data[1] & 0x3f) & 0xff]; + result[3] = '\0'; + ret -= 1; + } else { + if ((c = + ((data[0] & 0x0f) << 2) | ((data[1] & 0xc0) >> + 6)) != 0) { + result[0] = b64table[c]; + result[1] = b64table[data[1] & 0x3f]; + result[2] = '\0'; + result[3] = '\0'; + ret -= 2; + } else { + result[0] = b64table[data[0] & 0x3f]; + result[1] = '\0'; + result[2] = '\0'; + result[3] = '\0'; + ret -= 3; + } + } + break; + case 1: + if ((c = ((data[0] & 0xc0) >> 6)) != 0) { + result[0] = b64table[c]; + result[1] = b64table[(data[0] & 0x3f) & 0xff]; + result[2] = '\0'; + result[3] = '\0'; + ret -= 2; + } else { + result[0] = b64table[(data[0] & 0x3f) & 0xff]; + result[1] = '\0'; + result[2] = '\0'; + result[3] = '\0'; + ret -= 3; + } + break; + default: + return -1; + } + + return ret; } @@ -147,56 +138,52 @@ encode (uint8_t * result, const uint8_t * rdata, int left) * The result_size is the return value */ static int -_gnutls_sbase64_encode (uint8_t * data, size_t data_size, char ** result) +_gnutls_sbase64_encode(uint8_t * data, size_t data_size, char **result) { - unsigned i, j; - int ret, tmp; - uint8_t tmpres[4]; - int mod = data_size % 3; + unsigned i, j; + int ret, tmp; + uint8_t tmpres[4]; + int mod = data_size % 3; - ret = mod; - if (ret != 0) - ret = 4; - else - ret = 0; + ret = mod; + if (ret != 0) + ret = 4; + else + ret = 0; - ret += (data_size * 4) / 3; + ret += (data_size * 4) / 3; - (*result) = gnutls_calloc (1, ret + 1); - if ((*result) == NULL) - return -1; + (*result) = gnutls_calloc(1, ret + 1); + if ((*result) == NULL) + return -1; - i = j = 0; + i = j = 0; /* encode the bytes that are not a multiple of 3 */ - if (mod > 0) - { - tmp = encode (tmpres, &data[0], mod); - if (tmp < 0) - { - gnutls_free ((*result)); - return tmp; - } - - memcpy (&(*result)[0], tmpres, tmp); - i = mod; - j = tmp; - - } + if (mod > 0) { + tmp = encode(tmpres, &data[0], mod); + if (tmp < 0) { + gnutls_free((*result)); + return tmp; + } + + memcpy(&(*result)[0], tmpres, tmp); + i = mod; + j = tmp; + + } /* encode the rest */ - for (; i < data_size; i += 3, j += 4) - { - tmp = encode (tmpres, &data[i], data_size - i); - if (tmp < 0) - { - gnutls_free ((*result)); - return tmp; - } - memcpy (&(*result)[j], tmpres, tmp); - } - - return strlen (*result); + for (; i < data_size; i += 3, j += 4) { + tmp = encode(tmpres, &data[i], data_size - i); + if (tmp < 0) { + gnutls_free((*result)); + return tmp; + } + memcpy(&(*result)[j], tmpres, tmp); + } + + return strlen(*result); } @@ -204,42 +191,41 @@ _gnutls_sbase64_encode (uint8_t * data, size_t data_size, char ** result) * result should be 3 bytes */ #define TOASCII(c) (c < 127 ? asciitable[c] : 0xff) -inline static int -decode (uint8_t * result, const uint8_t * data) +inline static int decode(uint8_t * result, const uint8_t * data) { - uint8_t a1, a2; - int ret = 3; - - memset (result, 0, 3); - - a1 = TOASCII (data[3]); - a2 = TOASCII (data[2]); - if (a1 != 0xff) - result[2] = a1 & 0xff; - else - return -1; - if (a2 != 0xff) - result[2] |= ((a2 & 0x03) << 6) & 0xff; - - a1 = a2; - a2 = TOASCII (data[1]); - if (a1 != 0xff) - result[1] = ((a1 & 0x3c) >> 2); - if (a2 != 0xff) - result[1] |= ((a2 & 0x0f) << 4); - else if (a1 == 0xff || result[1] == 0) - ret--; - - a1 = a2; - a2 = TOASCII (data[0]); - if (a1 != 0xff) - result[0] = (((a1 & 0x30) >> 4) & 0xff); - if (a2 != 0xff) - result[0] |= ((a2 << 2) & 0xff); - else if (a1 == 0xff || result[0] == 0) - ret--; - - return ret; + uint8_t a1, a2; + int ret = 3; + + memset(result, 0, 3); + + a1 = TOASCII(data[3]); + a2 = TOASCII(data[2]); + if (a1 != 0xff) + result[2] = a1 & 0xff; + else + return -1; + if (a2 != 0xff) + result[2] |= ((a2 & 0x03) << 6) & 0xff; + + a1 = a2; + a2 = TOASCII(data[1]); + if (a1 != 0xff) + result[1] = ((a1 & 0x3c) >> 2); + if (a2 != 0xff) + result[1] |= ((a2 & 0x0f) << 4); + else if (a1 == 0xff || result[1] == 0) + ret--; + + a1 = a2; + a2 = TOASCII(data[0]); + if (a1 != 0xff) + result[0] = (((a1 & 0x30) >> 4) & 0xff); + if (a2 != 0xff) + result[0] |= ((a2 << 2) & 0xff); + else if (a1 == 0xff || result[0] == 0) + ret--; + + return ret; } /* decodes data and puts the result into result (locally allocated) @@ -248,63 +234,59 @@ decode (uint8_t * result, const uint8_t * data) * before calling it. */ int -_gnutls_sbase64_decode (char * data, size_t idata_size, uint8_t ** result) +_gnutls_sbase64_decode(char *data, size_t idata_size, uint8_t ** result) { - unsigned i, j; - int ret, left; - int data_size, tmp; - uint8_t datrev[4]; - uint8_t tmpres[3]; - - data_size = (idata_size / 4) * 4; - left = idata_size % 4; - - ret = (data_size / 4) * 3; - - if (left > 0) - ret += 3; - - (*result) = gnutls_malloc (ret + 1); - if ((*result) == NULL) - return -1; - - /* the first "block" is treated with special care */ - tmp = 0; - if (left > 0) - { - memset (datrev, 0, 4); - memcpy (&datrev[4 - left], data, left); - - tmp = decode (tmpres, datrev); - if (tmp < 0) - { - gnutls_free ((*result)); - *result = NULL; - return tmp; - } - - memcpy (*result, &tmpres[3 - tmp], tmp); - if (tmp < 3) - ret -= (3 - tmp); - } - - /* rest data */ - for (i = left, j = tmp; i < idata_size; i += 4) - { - tmp = decode (tmpres, (uint8_t*)&data[i]); - if (tmp < 0) - { - gnutls_free ((*result)); - *result = NULL; - return tmp; - } - memcpy (&(*result)[j], tmpres, tmp); - if (tmp < 3) - ret -= (3 - tmp); - j += 3; - } - - return ret; + unsigned i, j; + int ret, left; + int data_size, tmp; + uint8_t datrev[4]; + uint8_t tmpres[3]; + + data_size = (idata_size / 4) * 4; + left = idata_size % 4; + + ret = (data_size / 4) * 3; + + if (left > 0) + ret += 3; + + (*result) = gnutls_malloc(ret + 1); + if ((*result) == NULL) + return -1; + + /* the first "block" is treated with special care */ + tmp = 0; + if (left > 0) { + memset(datrev, 0, 4); + memcpy(&datrev[4 - left], data, left); + + tmp = decode(tmpres, datrev); + if (tmp < 0) { + gnutls_free((*result)); + *result = NULL; + return tmp; + } + + memcpy(*result, &tmpres[3 - tmp], tmp); + if (tmp < 3) + ret -= (3 - tmp); + } + + /* rest data */ + for (i = left, j = tmp; i < idata_size; i += 4) { + tmp = decode(tmpres, (uint8_t *) & data[i]); + if (tmp < 0) { + gnutls_free((*result)); + *result = NULL; + return tmp; + } + memcpy(&(*result)[j], tmpres, tmp); + if (tmp < 3) + ret -= (3 - tmp); + j += 3; + } + + return ret; } /** @@ -325,30 +307,27 @@ _gnutls_sbase64_decode (char * data, size_t idata_size, uint8_t ** result) * long enough, or 0 on success. **/ int -gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result, - size_t * result_size) +gnutls_srp_base64_encode(const gnutls_datum_t * data, char *result, + size_t * result_size) { - char *res; - int size; - - size = _gnutls_sbase64_encode (data->data, data->size, &res); - if (size < 0) - return size; - - if (result == NULL || *result_size < (size_t) size) - { - gnutls_free (res); - *result_size = size; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } - else - { - memcpy (result, res, size); - gnutls_free (res); - *result_size = size; - } - - return 0; + char *res; + int size; + + size = _gnutls_sbase64_encode(data->data, data->size, &res); + if (size < 0) + return size; + + if (result == NULL || *result_size < (size_t) size) { + gnutls_free(res); + *result_size = size; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } else { + memcpy(result, res, size); + gnutls_free(res); + *result_size = size; + } + + return 0; } /** @@ -369,28 +348,25 @@ gnutls_srp_base64_encode (const gnutls_datum_t * data, char *result, * Returns: 0 on success, or an error code. **/ int -gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data, - gnutls_datum_t * result) +gnutls_srp_base64_encode_alloc(const gnutls_datum_t * data, + gnutls_datum_t * result) { - char *res; - int size; - - size = _gnutls_sbase64_encode (data->data, data->size, &res); - if (size < 0) - return size; - - if (result == NULL) - { - gnutls_free (res); - return GNUTLS_E_INVALID_REQUEST; - } - else - { - result->data = (uint8_t*)res; - result->size = size; - } - - return 0; + char *res; + int size; + + size = _gnutls_sbase64_encode(data->data, data->size, &res); + if (size < 0) + return size; + + if (result == NULL) { + gnutls_free(res); + return GNUTLS_E_INVALID_REQUEST; + } else { + result->data = (uint8_t *) res; + result->size = size; + } + + return 0; } /** @@ -411,30 +387,29 @@ gnutls_srp_base64_encode_alloc (const gnutls_datum_t * data, * long enough, or 0 on success. **/ int -gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result, - size_t * result_size) +gnutls_srp_base64_decode(const gnutls_datum_t * b64_data, char *result, + size_t * result_size) { - uint8_t *res; - int size; - - size = _gnutls_sbase64_decode ((char*)b64_data->data, b64_data->size, &res); - if (size < 0) - return size; - - if (result == NULL || *result_size < (size_t) size) - { - gnutls_free (res); - *result_size = size; - return GNUTLS_E_SHORT_MEMORY_BUFFER; - } - else - { - memcpy (result, res, size); - gnutls_free (res); - *result_size = size; - } - - return 0; + uint8_t *res; + int size; + + size = + _gnutls_sbase64_decode((char *) b64_data->data, b64_data->size, + &res); + if (size < 0) + return size; + + if (result == NULL || *result_size < (size_t) size) { + gnutls_free(res); + *result_size = size; + return GNUTLS_E_SHORT_MEMORY_BUFFER; + } else { + memcpy(result, res, size); + gnutls_free(res); + *result_size = size; + } + + return 0; } /** @@ -454,28 +429,27 @@ gnutls_srp_base64_decode (const gnutls_datum_t * b64_data, char *result, * Returns: 0 on success, or an error code. **/ int -gnutls_srp_base64_decode_alloc (const gnutls_datum_t * b64_data, - gnutls_datum_t * result) +gnutls_srp_base64_decode_alloc(const gnutls_datum_t * b64_data, + gnutls_datum_t * result) { - uint8_t *ret; - int size; - - size = _gnutls_sbase64_decode ((char*)b64_data->data, b64_data->size, &ret); - if (size < 0) - return size; - - if (result == NULL) - { - gnutls_free (ret); - return GNUTLS_E_INVALID_REQUEST; - } - else - { - result->data = ret; - result->size = size; - } - - return 0; + uint8_t *ret; + int size; + + size = + _gnutls_sbase64_decode((char *) b64_data->data, b64_data->size, + &ret); + if (size < 0) + return size; + + if (result == NULL) { + gnutls_free(ret); + return GNUTLS_E_INVALID_REQUEST; + } else { + result->data = ret; + result->size = size; + } + + return 0; } -#endif /* ENABLE_SRP */ +#endif /* ENABLE_SRP */ |