diff options
author | Simon Josefsson <simon@josefsson.org> | 2005-12-15 11:28:00 +0000 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2005-12-15 11:28:00 +0000 |
commit | c134471a6b35383004b4fcb592e180d90740b619 (patch) | |
tree | f40e1930befca68190a5d862d48c2dff68c29bb4 | |
parent | 7f81b41cf85c3b222afeb74acdbfc31897565176 (diff) | |
download | gnutls-c134471a6b35383004b4fcb592e180d90740b619.tar.gz |
Add functions to access the TLS PRF and to extract client/server random fields, suggested by Jouni Malinen <jkmaline@cc.hut.fi>.
-rw-r--r-- | NEWS | 8 | ||||
-rw-r--r-- | includes/gnutls/gnutls.h.in | 16 | ||||
-rw-r--r-- | lib/gnutls_state.c | 164 |
3 files changed, 187 insertions, 1 deletions
@@ -17,6 +17,14 @@ correct types on platforms that lack them. The uint type have been replaced by unsigned. ** API and ABI modifications: +New functions to invoke the TLS Pseudo-Random-Function (PRF): + gnutls_prf + gnutls_prf_raw + +New functions to retrieve the session's client and server random values: + gnutls_session_get_server_random + gnutls_session_get_client_random + New function, to perform TLS/IA handshake: gnutls_ia_handshake diff --git a/includes/gnutls/gnutls.h.in b/includes/gnutls/gnutls.h.in index 714d13c50b..7c752cfc7d 100644 --- a/includes/gnutls/gnutls.h.in +++ b/includes/gnutls/gnutls.h.in @@ -263,7 +263,6 @@ const char *gnutls_compression_get_name( gnutls_compression_method_t algorithm); const char *gnutls_kx_get_name( gnutls_kx_algorithm_t algorithm); const char *gnutls_certificate_type_get_name( gnutls_certificate_type_t type); - /* error functions */ int gnutls_error_is_fatal( int error); int gnutls_error_to_alert( int err, int* level); @@ -291,6 +290,17 @@ ssize_t gnutls_record_set_max_size( gnutls_session_t session, size_t size); size_t gnutls_record_check_pending(gnutls_session_t session); +int gnutls_prf (gnutls_session_t session, + size_t label_size, const char *label, + int server_random_first, + size_t extra_size, const char *extra, + size_t outsize, char *out); + +int gnutls_prf_raw (gnutls_session_t session, + size_t label_size, const char *label, + size_t seed_size, const char *seed, + size_t outsize, char *out); + /* TLS Extensions */ typedef enum { GNUTLS_NAME_DNS=1 @@ -345,6 +355,10 @@ int gnutls_session_get_data2( gnutls_session_t session, gnutls_datum* data); #define GNUTLS_MAX_SESSION_ID 32 int gnutls_session_get_id( gnutls_session_t session, void* session_id, size_t *session_id_size); +/* returns the client/server random fields. */ +const char *gnutls_session_get_server_random (gnutls_session_t session); +const char *gnutls_session_get_client_random (gnutls_session_t session); + /* checks if this session is a resumed one */ int gnutls_session_is_resumed(gnutls_session_t session); diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index d67077c191..bdbf6c5cc8 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -900,6 +900,170 @@ _gnutls_PRF (const opaque * secret, int secret_size, const char *label, } /** + * gnutls_prf_raw - access the TLS PRF directly + * @session: is a #gnutls_session_t structure. + * @label_size: length of the @label variable. + * @label: label used in PRF computation, typically a short string. + * @seed_size: length of the @seed variable. + * @seed: optional extra data to seed the PRF with. + * @outsize: size of pre-allocated output buffer to hold the output. + * @out: pre-allocate buffer to hold the generated data. + * + * Apply the TLS Pseudo-Random-Function (PRF) using the master secret + * on some data. + * + * The @label variable usually contain a string denoting the purpose + * for the generated data. The @seed usually contain data such as the + * client and server random, perhaps together with some additional + * data that is added to guarantee uniqueness of the output for a + * particular purpose. + * + * Because the output is not guaranteed to be unique for a particular + * session unless @seed include the client random and server random + * fields (the PRF would output the same data on another connection + * resumed from the first one), it is not recommended to use this + * function directly. The gnutls_prf() function seed the PRF with the + * client and server random fields directly, and is recommended if you + * want to generate pseudo random data unique for each session. + * + * Return value: Return 0 on success, or an error code. + **/ +int +gnutls_prf_raw (gnutls_session_t session, + size_t label_size, + const char *label, + size_t seed_size, + const char *seed, + size_t outsize, + char *out) +{ + int ret; + + ret = _gnutls_PRF (session->security_parameters.master_secret, + TLS_MASTER_SIZE, + label, + label_size, + seed, + seedsize, + outsize, + out); + + return ret; +} + +/** + * gnutls_prf - derive pseudo-random data using the TLS PRF + * @session: is a #gnutls_session_t structure. + * @label_size: length of the @label variable. + * @label: label used in PRF computation, typically a short string. + * @server_random_first: non-0 if server random field should be first in seed + * @extra_size: length of the @extra variable. + * @extra: optional extra data to seed the PRF with. + * @outsize: size of pre-allocated output buffer to hold the output. + * @out: pre-allocate buffer to hold the generated data. + * + * Apply the TLS Pseudo-Random-Function (PRF) using the master secret + * on some data, seeded with the client and server random fields. + * + * The @label variable usually contain a string denoting the purpose + * for the generated data. The @server_random_first indicate whether + * the client random field or the server random field should be first + * in the seed. Non-0 indicate that the server random field is first, + * 0 that the client random field is first. + * + * The @extra variable can be used to add more data to the seed, after + * the random variables. It can be used to tie make sure the + * generated output is strongly connected to some additional data + * (e.g., a string used in user authentication). + * + * The output is placed in *@OUT, which must be pre-allocated. + * + * Return value: Return 0 on success, or an error code. + **/ +int +gnutls_prf (gnutls_session_t session, + size_t label_size, + const char *label, + int server_random_first, + size_t extra_size, + const char *extra, + size_t outsize, + char *out) +{ + int ret; + opaque *seed; + size_t seedsize = 2 * TLS_RANDOM_SIZE + extra_size; + + seed = gnutls_malloc (seedsize); + if (!seed) + { + gnutls_assert(); + return GNUTLS_E_MEMORY_ERROR; + } + + memcpy (seed, server_random_first ? + session->security_parameters.server_random : + session->security_parameters.client_random, TLS_RANDOM_SIZE); + memcpy (seed + TLS_RANDOM_SIZE, server_random_first ? + session->security_parameters.client_random : + session->security_parameters.server_random, + TLS_RANDOM_SIZE); + + memcpy (seed + 2 * TLS_RANDOM_SIZE, extra, extra_size); + + ret = _gnutls_PRF (session->security_parameters.master_secret, + TLS_MASTER_SIZE, + label, + label_size, + seed, + seedsize, + outsize, + out); + + gnutls_free (seed); + + return ret; +} + +/** + * gnutls_session_get_client_random - get the session's client random value + * @session: is a #gnutls_session_t structure. + * + * Return a pointer to the 32-byte client random field used in the + * session. The pointer must not be modified or deallocated. + * + * If a client random value has not yet been established, the output + * will be garbage, and in particular a %NULL return value should not + * be expected. + * + * Return value: pointer to client random. + **/ +const char * +gnutls_session_get_client_random (gnutls_session_t session) +{ + return session->security_parameters.client_random; +} + +/** + * gnutls_session_get_server_random - get the session's server random value + * @session: is a #gnutls_session_t structure. + * + * Return a pointer to the 32-byte server random field used in the + * session. The pointer must not be modified or deallocated. + * + * If a server random value has not yet been established, the output + * will be garbage, and in particular a %NULL return value should not + * be expected. + * + * Return value: pointer to server random. + **/ +const char * +gnutls_session_get_server_random (gnutls_session_t session) +{ + return session->security_parameters.server_random; +} + +/** * gnutls_session_is_resumed - Used to check whether this session is a resumed one * @session: is a #gnutls_session_t structure. * |