diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-10 08:32:07 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-10-10 08:32:07 +0200 |
| commit | 80c4b5e316002b6b5d2ffaf22a22f8f8cce1a142 (patch) | |
| tree | cbf438fb2eae55ba85259ea260fb4f245d947e0f /lib/auth | |
| parent | 9ffddfaf6a983378358eef7d33f32b9da49662f7 (diff) | |
| download | gnutls-80c4b5e316002b6b5d2ffaf22a22f8f8cce1a142.tar.gz | |
session->key no longer needs to be an allocated structure.
Diffstat (limited to 'lib/auth')
| -rw-r--r-- | lib/auth/anon.c | 4 | ||||
| -rw-r--r-- | lib/auth/anon_ecdh.c | 4 | ||||
| -rw-r--r-- | lib/auth/cert.c | 18 | ||||
| -rw-r--r-- | lib/auth/dh_common.c | 50 | ||||
| -rw-r--r-- | lib/auth/dhe.c | 4 | ||||
| -rw-r--r-- | lib/auth/dhe_psk.c | 8 | ||||
| -rw-r--r-- | lib/auth/ecdh_common.c | 42 | ||||
| -rw-r--r-- | lib/auth/psk.c | 16 | ||||
| -rw-r--r-- | lib/auth/psk_passwd.c | 2 | ||||
| -rw-r--r-- | lib/auth/rsa.c | 44 | ||||
| -rw-r--r-- | lib/auth/rsa_export.c | 30 | ||||
| -rw-r--r-- | lib/auth/srp.c | 46 | ||||
| -rw-r--r-- | lib/auth/srp_passwd.c | 2 | ||||
| -rw-r--r-- | lib/auth/srp_rsa.c | 2 |
14 files changed, 136 insertions, 136 deletions
diff --git a/lib/auth/anon.c b/lib/auth/anon.c index 789e9084a9..0071761309 100644 --- a/lib/auth/anon.c +++ b/lib/auth/anon.c @@ -69,7 +69,7 @@ gen_anon_server_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_anon_server_credentials_t cred; cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_ANON, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); if (cred == NULL) { gnutls_assert (); @@ -119,7 +119,7 @@ proc_anon_client_kx (gnutls_session_t session, uint8_t * data, const bigint_t *mpis; cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_ANON, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/anon_ecdh.c b/lib/auth/anon_ecdh.c index 63e72edd4a..b81f97e273 100644 --- a/lib/auth/anon_ecdh.c +++ b/lib/auth/anon_ecdh.c @@ -67,7 +67,7 @@ gen_anon_ecdh_server_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_anon_server_credentials_t cred; cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_ANON, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); if (cred == NULL) { gnutls_assert (); @@ -99,7 +99,7 @@ proc_anon_ecdh_client_kx (gnutls_session_t session, uint8_t * data, gnutls_anon_server_credentials_t cred; cred = (gnutls_anon_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_ANON, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_ANON, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/cert.c b/lib/auth/cert.c index 44835f03e9..34bc6d2dd4 100644 --- a/lib/auth/cert.c +++ b/lib/auth/cert.c @@ -475,7 +475,7 @@ call_get_cert_callback (gnutls_session_t session, unsigned int pcert_length = 0; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -698,7 +698,7 @@ _select_client_cert (gnutls_session_t session, gnutls_datum_t *issuers_dn = NULL; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -1080,7 +1080,7 @@ _gnutls_proc_x509_server_crt (gnutls_session_t session, gnutls_datum_t tmp; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -1223,7 +1223,7 @@ _gnutls_proc_openpgp_server_crt (gnutls_session_t session, unsigned int subkey_id_set = 0; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -1402,7 +1402,7 @@ _gnutls_proc_crt (gnutls_session_t session, uint8_t * data, size_t data_size) gnutls_certificate_credentials_t cred; cred = - (gnutls_certificate_credentials_t) _gnutls_get_cred (session->key, + (gnutls_certificate_credentials_t) _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) @@ -1465,7 +1465,7 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, uint8_t * data, gnutls_protocol_t ver = gnutls_protocol_get_version (session); cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -1553,7 +1553,7 @@ _gnutls_proc_cert_cert_req (gnutls_session_t session, uint8_t * data, /* We should reply with a certificate message, * even if we have no certificate to send. */ - session->key->crt_requested = 1; + session->key.crt_requested = 1; return 0; } @@ -1722,7 +1722,7 @@ _gnutls_gen_cert_server_cert_req (gnutls_session_t session, */ cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -2082,7 +2082,7 @@ _gnutls_server_select_cert (gnutls_session_t session, char server_name[MAX_CN]; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/dh_common.c b/lib/auth/dh_common.c index dda96fa8d7..bb1e217c35 100644 --- a/lib/auth/dh_common.c +++ b/lib/auth/dh_common.c @@ -66,31 +66,31 @@ _gnutls_proc_dh_common_client_kx (gnutls_session_t session, _n_Y = n_Y; DECR_LEN (data_size, n_Y); - if (_gnutls_mpi_scan_nz (&session->key->client_Y, &data[2], _n_Y)) + if (_gnutls_mpi_scan_nz (&session->key.client_Y, &data[2], _n_Y)) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - _gnutls_dh_set_peer_public (session, session->key->client_Y); + _gnutls_dh_set_peer_public (session, session->key.client_Y); ret = - gnutls_calc_dh_key (&session->key->KEY, session->key->client_Y, session->key->dh_secret, p); + gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, session->key.dh_secret, p); if (ret < 0) return gnutls_assert_val(ret); - _gnutls_mpi_release (&session->key->client_Y); - _gnutls_mpi_release (&session->key->dh_secret); + _gnutls_mpi_release (&session->key.client_Y); + _gnutls_mpi_release (&session->key.dh_secret); if (psk_key == NULL) { - ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key); + ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); } else /* In DHE_PSK the key is set differently */ { gnutls_datum_t tmp_dh_key; - ret = _gnutls_mpi_dprint (session->key->KEY, &tmp_dh_key); + ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key); if (ret < 0) { gnutls_assert (); @@ -102,7 +102,7 @@ _gnutls_proc_dh_common_client_kx (gnutls_session_t session, } - _gnutls_mpi_release (&session->key->KEY); + _gnutls_mpi_release (&session->key.KEY); if (ret < 0) { @@ -123,8 +123,8 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* bigint_t x = NULL, X = NULL; int ret; - ret = gnutls_calc_dh_secret (&X, &x, session->key->client_g, - session->key->client_p, 0); + ret = gnutls_calc_dh_secret (&X, &x, session->key.client_g, + session->key.client_p, 0); if (ret < 0) { gnutls_assert (); @@ -142,7 +142,7 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* /* calculate the key after calculating the message */ ret = - gnutls_calc_dh_key (&session->key->KEY, session->key->client_Y, x, session->key->client_p); + gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, x, session->key.client_p); if (ret < 0) { gnutls_assert(); @@ -150,21 +150,21 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* } /* THESE SHOULD BE DISCARDED */ - _gnutls_mpi_release (&session->key->client_Y); - _gnutls_mpi_release (&session->key->client_p); - _gnutls_mpi_release (&session->key->client_g); + _gnutls_mpi_release (&session->key.client_Y); + _gnutls_mpi_release (&session->key.client_p); + _gnutls_mpi_release (&session->key.client_g); if (_gnutls_cipher_suite_get_kx_algo (session->security_parameters.cipher_suite) != GNUTLS_KX_DHE_PSK) { - ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key); + ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); } else /* In DHE_PSK the key is set differently */ { gnutls_datum_t tmp_dh_key; - ret = _gnutls_mpi_dprint (session->key->KEY, &tmp_dh_key); + ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key); if (ret < 0) { gnutls_assert (); @@ -175,7 +175,7 @@ _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* _gnutls_free_datum (&tmp_dh_key); } - _gnutls_mpi_release (&session->key->KEY); + _gnutls_mpi_release (&session->key.KEY); if (ret < 0) { @@ -233,18 +233,18 @@ _gnutls_proc_dh_common_server_kx (gnutls_session_t session, _n_g = n_g; _n_p = n_p; - if (_gnutls_mpi_scan_nz (&session->key->client_Y, data_Y, _n_Y) != 0) + if (_gnutls_mpi_scan_nz (&session->key.client_Y, data_Y, _n_Y) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - if (_gnutls_mpi_scan_nz (&session->key->client_g, data_g, _n_g) != 0) + if (_gnutls_mpi_scan_nz (&session->key.client_g, data_g, _n_g) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - if (_gnutls_mpi_scan_nz (&session->key->client_p, data_p, _n_p) != 0) + if (_gnutls_mpi_scan_nz (&session->key.client_p, data_p, _n_p) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; @@ -257,7 +257,7 @@ _gnutls_proc_dh_common_server_kx (gnutls_session_t session, return bits; } - if (_gnutls_mpi_get_nbits (session->key->client_p) < (size_t) bits) + if (_gnutls_mpi_get_nbits (session->key.client_p) < (size_t) bits) { /* the prime used by the peer is not acceptable */ @@ -265,9 +265,9 @@ _gnutls_proc_dh_common_server_kx (gnutls_session_t session, return GNUTLS_E_DH_PRIME_UNACCEPTABLE; } - _gnutls_dh_set_group (session, session->key->client_g, - session->key->client_p); - _gnutls_dh_set_peer_public (session, session->key->client_Y); + _gnutls_dh_set_group (session, session->key.client_g, + session->key.client_p); + _gnutls_dh_set_peer_public (session, session->key.client_Y); ret = n_Y + n_p + n_g + 6; @@ -290,7 +290,7 @@ _gnutls_dh_common_print_server_kx (gnutls_session_t session, return ret; } - session->key->dh_secret = x; + session->key.dh_secret = x; _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); ret = _gnutls_buffer_append_mpi(data, 16, p, 0); diff --git a/lib/auth/dhe.c b/lib/auth/dhe.c index 26e0718a40..946cc9e7aa 100644 --- a/lib/auth/dhe.c +++ b/lib/auth/dhe.c @@ -128,7 +128,7 @@ gen_dhe_server_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_protocol_t ver = gnutls_protocol_get_version (session); cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -346,7 +346,7 @@ proc_dhe_client_kx (gnutls_session_t session, uint8_t * data, gnutls_dh_params_t dh_params; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/dhe_psk.c b/lib/auth/dhe_psk.c index 410c7c5de0..5205cf515b 100644 --- a/lib/auth/dhe_psk.c +++ b/lib/auth/dhe_psk.c @@ -93,7 +93,7 @@ gen_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_datum_t username, key; cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS); @@ -144,7 +144,7 @@ gen_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_psk_server_credentials_t cred; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { gnutls_assert (); @@ -225,7 +225,7 @@ proc_psk_client_kx (gnutls_session_t session, uint8_t * data, ssize_t data_size = _data_size; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { @@ -301,7 +301,7 @@ proc_ecdhe_psk_client_kx (gnutls_session_t session, uint8_t * data, ssize_t data_size = _data_size; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { diff --git a/lib/auth/ecdh_common.c b/lib/auth/ecdh_common.c index 72b75641da..3655cade11 100644 --- a/lib/auth/ecdh_common.c +++ b/lib/auth/ecdh_common.c @@ -47,22 +47,22 @@ gnutls_pk_params_st pub; int ret; memset(&pub,0,sizeof(pub)); - pub.params[ECC_PRIME] = session->key->ecdh_params.params[ECC_PRIME]; - pub.params[ECC_ORDER] = session->key->ecdh_params.params[ECC_ORDER]; - pub.params[ECC_A] = session->key->ecdh_params.params[ECC_A]; - pub.params[ECC_B] = session->key->ecdh_params.params[ECC_B]; - pub.params[ECC_GX] = session->key->ecdh_params.params[ECC_GX]; - pub.params[ECC_GY] = session->key->ecdh_params.params[ECC_GY]; - pub.params[ECC_X] = session->key->ecdh_x; - pub.params[ECC_Y] = session->key->ecdh_y; + pub.params[ECC_PRIME] = session->key.ecdh_params.params[ECC_PRIME]; + pub.params[ECC_ORDER] = session->key.ecdh_params.params[ECC_ORDER]; + pub.params[ECC_A] = session->key.ecdh_params.params[ECC_A]; + pub.params[ECC_B] = session->key.ecdh_params.params[ECC_B]; + pub.params[ECC_GX] = session->key.ecdh_params.params[ECC_GX]; + pub.params[ECC_GY] = session->key.ecdh_params.params[ECC_GY]; + pub.params[ECC_X] = session->key.ecdh_x; + pub.params[ECC_Y] = session->key.ecdh_y; if (psk_key == NULL) - ret = _gnutls_pk_derive(GNUTLS_PK_EC, &session->key->key, &session->key->ecdh_params, &pub); + ret = _gnutls_pk_derive(GNUTLS_PK_EC, &session->key.key, &session->key.ecdh_params, &pub); else { gnutls_datum_t tmp_dh_key; - ret = _gnutls_pk_derive(GNUTLS_PK_EC, &tmp_dh_key, &session->key->ecdh_params, &pub); + ret = _gnutls_pk_derive(GNUTLS_PK_EC, &tmp_dh_key, &session->key.ecdh_params, &pub); if (ret < 0) { ret = gnutls_assert_val(ret); @@ -84,9 +84,9 @@ int ret; cleanup: /* no longer needed */ - _gnutls_mpi_release (&session->key->ecdh_x); - _gnutls_mpi_release (&session->key->ecdh_y); - gnutls_pk_params_release( &session->key->ecdh_params); + _gnutls_mpi_release (&session->key.ecdh_x); + _gnutls_mpi_release (&session->key.ecdh_y); + gnutls_pk_params_release( &session->key.ecdh_params); return ret; } @@ -110,7 +110,7 @@ _gnutls_proc_ecdh_common_client_kx (gnutls_session_t session, i+=1; DECR_LEN (data_size, point_size); - ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key->ecdh_x, &session->key->ecdh_y); + ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key.ecdh_x, &session->key.ecdh_y); if (ret < 0) return gnutls_assert_val(ret); @@ -139,12 +139,12 @@ _gnutls_gen_ecdh_common_client_kx_int (gnutls_session_t session, int curve = _gnutls_session_ecc_curve_get(session); /* generate temporal key */ - ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key->ecdh_params); + ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key.ecdh_params); if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_ecc_ansi_x963_export(curve, session->key->ecdh_params.params[6] /* x */, - session->key->ecdh_params.params[7] /* y */, &out); + ret = _gnutls_ecc_ansi_x963_export(curve, session->key.ecdh_params.params[6] /* x */, + session->key.ecdh_params.params[7] /* y */, &out); if (ret < 0) return gnutls_assert_val(ret); @@ -192,7 +192,7 @@ _gnutls_proc_ecdh_common_server_kx (gnutls_session_t session, i++; DECR_LEN (data_size, point_size); - ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key->ecdh_x, &session->key->ecdh_y); + ret = _gnutls_ecc_ansi_x963_import(&data[i], point_size, &session->key.ecdh_x, &session->key.ecdh_y); if (ret < 0) return gnutls_assert_val(ret); @@ -225,12 +225,12 @@ int _gnutls_ecdh_common_print_server_kx (gnutls_session_t session, gnutls_buffer return gnutls_assert_val(ret); /* generate temporal key */ - ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key->ecdh_params); + ret = _gnutls_pk_generate(GNUTLS_PK_EC, curve, &session->key.ecdh_params); if (ret < 0) return gnutls_assert_val(ret); - ret = _gnutls_ecc_ansi_x963_export(curve, session->key->ecdh_params.params[6] /* x */, - session->key->ecdh_params.params[7] /* y */, &out); + ret = _gnutls_ecc_ansi_x963_export(curve, session->key.ecdh_params.params[6] /* x */, + session->key.ecdh_params.params[7] /* y */, &out); if (ret < 0) return gnutls_assert_val(ret); diff --git a/lib/auth/psk.c b/lib/auth/psk.c index 858f2f9978..fa475aa6ea 100644 --- a/lib/auth/psk.c +++ b/lib/auth/psk.c @@ -78,9 +78,9 @@ _gnutls_set_psk_session_key (gnutls_session_t session, /* set the session key */ - session->key->key.size = 4 + dh_secret_size + ppsk->size; - session->key->key.data = gnutls_malloc (session->key->key.size); - if (session->key->key.data == NULL) + session->key.key.size = 4 + dh_secret_size + ppsk->size; + session->key.key.data = gnutls_malloc (session->key.key.size); + if (session->key.key.data == NULL) { gnutls_assert (); ret = GNUTLS_E_MEMORY_ERROR; @@ -93,7 +93,7 @@ _gnutls_set_psk_session_key (gnutls_session_t session, * (uint16_t) psk_size * the psk */ - p = session->key->key.data; + p = session->key.key.data; _gnutls_write_uint16 (dh_secret_size, p); p+=2; if (dh_secret == NULL) @@ -168,7 +168,7 @@ _gnutls_gen_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_psk_client_credentials_t cred; cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { @@ -217,7 +217,7 @@ _gnutls_proc_psk_client_kx (gnutls_session_t session, uint8_t * data, psk_auth_info_t info; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { @@ -292,7 +292,7 @@ _gnutls_gen_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_datum_t hint; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { @@ -327,7 +327,7 @@ _gnutls_proc_psk_server_kx (gnutls_session_t session, uint8_t * data, psk_auth_info_t info; cred = (gnutls_psk_client_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { diff --git a/lib/auth/psk_passwd.c b/lib/auth/psk_passwd.c index 8e60bf2826..a27cb69921 100644 --- a/lib/auth/psk_passwd.c +++ b/lib/auth/psk_passwd.c @@ -131,7 +131,7 @@ _gnutls_psk_pwd_find_entry (gnutls_session_t session, char *username, int ret; cred = (gnutls_psk_server_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_PSK, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c index 0be2653aca..4bd6b81528 100644 --- a/lib/auth/rsa.c +++ b/lib/auth/rsa.c @@ -102,7 +102,7 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, GNUTLS_KX_RSA_EXPORT && _gnutls_pubkey_is_over_rsa_512(peer_cert.pubkey) == 0) { - if (session->key->rsa[0] == NULL || session->key->rsa[1] == NULL) + if (session->key.rsa[0] == NULL || session->key.rsa[1] == NULL) { gnutls_assert (); ret = GNUTLS_E_INTERNAL_ERROR; @@ -111,7 +111,7 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, for (i = 0; i < params->params_nr; i++) { - params->params[i] = _gnutls_mpi_copy (session->key->rsa[i]); + params->params[i] = _gnutls_mpi_copy (session->key.rsa[i]); } ret = 0; @@ -202,9 +202,9 @@ proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, if (randomize_key != 0) { - session->key->key.size = GNUTLS_MASTER_SIZE; - session->key->key.data = gnutls_malloc (session->key->key.size); - if (session->key->key.data == NULL) + session->key.key.size = GNUTLS_MASTER_SIZE; + session->key.key.data = gnutls_malloc (session->key.key.size); + if (session->key.key.data == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -212,8 +212,8 @@ proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, /* we do not need strong random numbers here. */ - ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key->key.data, - session->key->key.size); + ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key.key.data, + session->key.key.size); if (ret < 0) { gnutls_assert (); @@ -223,15 +223,15 @@ proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, } else { - session->key->key.data = plaintext.data; - session->key->key.size = plaintext.size; + session->key.key.data = plaintext.data; + session->key.key.size = plaintext.size; } /* This is here to avoid the version check attack * discussed above. */ - session->key->key.data[0] = _gnutls_get_adv_version_major (session); - session->key->key.data[1] = _gnutls_get_adv_version_minor (session); + session->key.key.data[0] = _gnutls_get_adv_version_major (session); + session->key.key.data[1] = _gnutls_get_adv_version_minor (session); return 0; } @@ -243,7 +243,7 @@ proc_rsa_client_kx (gnutls_session_t session, uint8_t * data, int _gnutls_gen_rsa_client_kx (gnutls_session_t session, gnutls_buffer_st* data) { - cert_auth_info_t auth = session->key->auth_info; + cert_auth_info_t auth = session->key.auth_info; gnutls_datum_t sdata; /* data to send */ gnutls_pk_params_st params; int ret; @@ -258,17 +258,17 @@ _gnutls_gen_rsa_client_kx (gnutls_session_t session, gnutls_buffer_st* data) return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - session->key->key.size = GNUTLS_MASTER_SIZE; - session->key->key.data = gnutls_malloc (session->key->key.size); + session->key.key.size = GNUTLS_MASTER_SIZE; + session->key.key.data = gnutls_malloc (session->key.key.size); - if (session->key->key.data == NULL) + if (session->key.key.data == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - ret = _gnutls_rnd (GNUTLS_RND_RANDOM, session->key->key.data, - session->key->key.size); + ret = _gnutls_rnd (GNUTLS_RND_RANDOM, session->key.key.data, + session->key.key.size); if (ret < 0) { gnutls_assert (); @@ -279,13 +279,13 @@ _gnutls_gen_rsa_client_kx (gnutls_session_t session, gnutls_buffer_st* data) if (session->internals.rsa_pms_version[0] == 0) { - session->key->key.data[0] = _gnutls_version_get_major (ver); - session->key->key.data[1] = _gnutls_version_get_minor (ver); + session->key.key.data[0] = _gnutls_version_get_major (ver); + session->key.key.data[1] = _gnutls_version_get_minor (ver); } else { /* use the version provided */ - session->key->key.data[0] = session->internals.rsa_pms_version[0]; - session->key->key.data[1] = session->internals.rsa_pms_version[1]; + session->key.key.data[0] = session->internals.rsa_pms_version[0]; + session->key.key.data[1] = session->internals.rsa_pms_version[1]; } /* move RSA parameters to key (session). @@ -298,7 +298,7 @@ _gnutls_gen_rsa_client_kx (gnutls_session_t session, gnutls_buffer_st* data) } ret = - _gnutls_pk_encrypt (GNUTLS_PK_RSA, &sdata, &session->key->key, + _gnutls_pk_encrypt (GNUTLS_PK_RSA, &sdata, &session->key.key, ¶ms); gnutls_pk_params_release(¶ms); diff --git a/lib/auth/rsa_export.c b/lib/auth/rsa_export.c index d547e39d45..95f815c7f0 100644 --- a/lib/auth/rsa_export.c +++ b/lib/auth/rsa_export.c @@ -76,7 +76,7 @@ _gnutls_get_private_rsa_params (gnutls_session_t session, gnutls_rsa_params_t rsa_params; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -193,9 +193,9 @@ proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data, if (randomize_key != 0) { - session->key->key.size = GNUTLS_MASTER_SIZE; - session->key->key.data = gnutls_malloc (session->key->key.size); - if (session->key->key.data == NULL) + session->key.key.size = GNUTLS_MASTER_SIZE; + session->key.key.data = gnutls_malloc (session->key.key.size); + if (session->key.key.data == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; @@ -203,8 +203,8 @@ proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data, /* we do not need strong random numbers here. */ - ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key->key.data, - session->key->key.size); + ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key.key.data, + session->key.key.size); if (ret < 0) { gnutls_assert (); @@ -214,15 +214,15 @@ proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data, } else { - session->key->key.data = plaintext.data; - session->key->key.size = plaintext.size; + session->key.key.data = plaintext.data; + session->key.key.size = plaintext.size; } /* This is here to avoid the version check attack * discussed above. */ - session->key->key.data[0] = _gnutls_get_adv_version_major (session); - session->key->key.data[1] = _gnutls_get_adv_version_minor (session); + session->key.key.data[0] = _gnutls_get_adv_version_major (session); + session->key.key.data[1] = _gnutls_get_adv_version_minor (session); return 0; } @@ -242,7 +242,7 @@ gen_rsa_export_server_kx (gnutls_session_t session, gnutls_buffer_st* data) unsigned int bits = 0; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); @@ -413,20 +413,20 @@ proc_rsa_export_server_kx (gnutls_session_t session, _n_e = n_e; _n_m = n_m; - if (_gnutls_mpi_scan_nz (&session->key->rsa[0], data_m, _n_m) != 0) + if (_gnutls_mpi_scan_nz (&session->key.rsa[0], data_m, _n_m) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - if (_gnutls_mpi_scan_nz (&session->key->rsa[1], data_e, _n_e) != 0) + if (_gnutls_mpi_scan_nz (&session->key.rsa[1], data_e, _n_e) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; } - _gnutls_rsa_export_set_pubkey (session, session->key->rsa[1], - session->key->rsa[0]); + _gnutls_rsa_export_set_pubkey (session, session->key.rsa[1], + session->key.rsa[0]); /* VERIFY SIGNATURE */ diff --git a/lib/auth/srp.c b/lib/auth/srp.c index 835c87162b..b617d43676 100644 --- a/lib/auth/srp.c +++ b/lib/auth/srp.c @@ -53,14 +53,14 @@ const mod_auth_st srp_auth_struct = { }; -#define _b session->key->b -#define B session->key->B -#define _a session->key->a -#define A session->key->A -#define N session->key->client_p -#define G session->key->client_g -#define V session->key->x -#define S session->key->KEY +#define _b session->key.b +#define B session->key.B +#define _a session->key.a +#define A session->key.A +#define N session->key.client_p +#define G session->key.client_g +#define V session->key.x +#define S session->key.KEY /* Checks if a%n==0,+1,-1%n which is a fatal srp error. * Returns a proper error code in that case, and 0 when @@ -250,7 +250,7 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, gnutls_buffer_st* data) priv = epriv.ptr; cred = (gnutls_srp_client_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_SRP, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_SRP, NULL); if (cred == NULL) { @@ -295,17 +295,17 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, gnutls_buffer_st* data) */ /* calculate u */ - session->key->u = _gnutls_calc_srp_u (A, B, N); - if (session->key->u == NULL) + session->key.u = _gnutls_calc_srp_u (A, B, N); + if (session->key.u == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - _gnutls_mpi_log ("SRP U: ", session->key->u); + _gnutls_mpi_log ("SRP U: ", session->key.u); /* S = (B - g^x) ^ (a + u * x) % N */ - S = _gnutls_calc_srp_S2 (B, G, session->key->x, _a, session->key->u, N); + S = _gnutls_calc_srp_S2 (B, G, session->key.x, _a, session->key.u, N); if (S == NULL) { gnutls_assert (); @@ -316,10 +316,10 @@ _gnutls_gen_srp_client_kx (gnutls_session_t session, gnutls_buffer_st* data) _gnutls_mpi_release (&_b); _gnutls_mpi_release (&V); - _gnutls_mpi_release (&session->key->u); + _gnutls_mpi_release (&session->key.u); _gnutls_mpi_release (&B); - ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key); + ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); _gnutls_mpi_release (&S); if (ret < 0) @@ -373,18 +373,18 @@ _gnutls_proc_srp_client_kx (gnutls_session_t session, uint8_t * data, /* Start the SRP calculations. * - Calculate u */ - session->key->u = _gnutls_calc_srp_u (A, B, N); - if (session->key->u == NULL) + session->key.u = _gnutls_calc_srp_u (A, B, N); + if (session->key.u == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - _gnutls_mpi_log ("SRP U: ", session->key->u); + _gnutls_mpi_log ("SRP U: ", session->key.u); /* S = (A * v^u) ^ b % N */ - S = _gnutls_calc_srp_S1 (A, _b, session->key->u, V, N); + S = _gnutls_calc_srp_S1 (A, _b, session->key.u, V, N); if (S == NULL) { gnutls_assert (); @@ -396,10 +396,10 @@ _gnutls_proc_srp_client_kx (gnutls_session_t session, uint8_t * data, _gnutls_mpi_release (&A); _gnutls_mpi_release (&_b); _gnutls_mpi_release (&V); - _gnutls_mpi_release (&session->key->u); + _gnutls_mpi_release (&session->key.u); _gnutls_mpi_release (&B); - ret = _gnutls_mpi_dprint (session->key->KEY, &session->key->key); + ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); _gnutls_mpi_release (&S); if (ret < 0) @@ -812,7 +812,7 @@ _gnutls_proc_srp_server_kx (gnutls_session_t session, uint8_t * data, priv = epriv.ptr; cred = (gnutls_srp_client_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_SRP, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_SRP, NULL); if (cred == NULL) { @@ -936,7 +936,7 @@ _gnutls_proc_srp_server_kx (gnutls_session_t session, uint8_t * data, return ret; } - if (_gnutls_mpi_scan_nz (&session->key->x, hd, _n_g) != 0) + if (_gnutls_mpi_scan_nz (&session->key.x, hd, _n_g) != 0) { gnutls_assert (); return GNUTLS_E_MPI_SCAN_FAILED; diff --git a/lib/auth/srp_passwd.c b/lib/auth/srp_passwd.c index 18a96ab119..7ff8540a96 100644 --- a/lib/auth/srp_passwd.c +++ b/lib/auth/srp_passwd.c @@ -269,7 +269,7 @@ _gnutls_srp_pwd_read_entry (gnutls_session_t state, char *username, entry = *_entry; cred = (gnutls_srp_server_credentials_t) - _gnutls_get_cred (state->key, GNUTLS_CRD_SRP, NULL); + _gnutls_get_cred (state, GNUTLS_CRD_SRP, NULL); if (cred == NULL) { gnutls_assert (); diff --git a/lib/auth/srp_rsa.c b/lib/auth/srp_rsa.c index 135b76215d..4f6eb30a71 100644 --- a/lib/auth/srp_rsa.c +++ b/lib/auth/srp_rsa.c @@ -98,7 +98,7 @@ gen_srp_cert_server_kx (gnutls_session_t session, gnutls_buffer_st* data) ddata.size = data->length; cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); + _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); |