diff options
author | Simon Josefsson <simon@josefsson.org> | 2008-06-04 06:55:56 +0200 |
---|---|---|
committer | Simon Josefsson <simon@josefsson.org> | 2008-06-04 06:55:56 +0200 |
commit | f160fdc487fcb04bb3357d6b4ed07e7b2ff7427b (patch) | |
tree | 27333ff11dfdeb0895b76004e0073c0aa22cf688 | |
parent | 22534570d23a82b0b0707c49400fd094e4f92ff8 (diff) | |
download | gnutls-f160fdc487fcb04bb3357d6b4ed07e7b2ff7427b.tar.gz |
Generate server key exchange (psk identity hint). Invoke client callback.
-rw-r--r-- | lib/auth_psk.c | 75 |
1 files changed, 72 insertions, 3 deletions
diff --git a/lib/auth_psk.c b/lib/auth_psk.c index ad8ad5ed1a..53cd1b45b0 100644 --- a/lib/auth_psk.c +++ b/lib/auth_psk.c @@ -36,6 +36,7 @@ #include <gnutls_str.h> #include <gnutls_datum.h> +int _gnutls_gen_psk_server_kx (gnutls_session_t session, opaque ** data); int _gnutls_gen_psk_client_kx (gnutls_session_t, opaque **); int _gnutls_proc_psk_client_kx (gnutls_session_t, opaque *, size_t); @@ -47,7 +48,7 @@ const mod_auth_st psk_auth_struct = { "PSK", NULL, NULL, - NULL, + _gnutls_gen_psk_server_kx, _gnutls_gen_psk_client_kx, NULL, NULL, @@ -167,7 +168,37 @@ _gnutls_gen_psk_client_kx (gnutls_session_t session, opaque ** data) return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - if (cred->username.data == NULL || cred->key.data == NULL) + if (cred->username.data == NULL && cred->key.data == NULL && + cred->get_function != NULL) + { + char *username; + gnutls_datum_t key; + + ret = cred->get_function (session, &username, &key); + if (ret) + { + gnutls_assert (); + return ret; + } + + ret = _gnutls_set_datum (&cred->username, username, strlen (username)); + gnutls_free (username); + if (ret < 0) + { + gnutls_assert (); + _gnutls_free_datum (&key); + return ret; + } + + ret = _gnutls_set_datum (&cred->key, key.data, key.size); + _gnutls_free_datum (&key); + if (ret < 0) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + } + else if (cred->username.data == NULL || cred->key.data == NULL) { gnutls_assert (); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; @@ -256,7 +287,8 @@ error: return ret; } -/* + +/* Generates the PSK server key exchange * * struct { * select (KeyExchangeAlgorithm) { @@ -267,6 +299,43 @@ error: * } ServerKeyExchange; * */ +int +_gnutls_gen_psk_server_kx (gnutls_session_t session, opaque ** data) +{ + gnutls_psk_server_credentials_t cred; + gnutls_datum_t hint; + + cred = (gnutls_psk_server_credentials_t) + _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + + if (cred == NULL) + { + gnutls_assert (); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + /* Abort sending this message if there is no PSK identity hint. */ + if (cred->hint == NULL) + { + gnutls_assert (); + return GNUTLS_E_INT_RET_0; + } + + hint.data = cred->hint; + hint.size = strlen (cred->hint); + + (*data) = gnutls_malloc (2 + hint.size); + if ((*data) == NULL) + { + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; + } + + _gnutls_write_datum16 (*data, hint); + + return hint.size + 2; +} + /* just read the hint from the server key exchange. */ |