diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-08-30 23:34:51 +0300 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2013-08-30 23:34:51 +0300 |
commit | e9b9c1c518cb3751f54b114d2f847b0b59662d54 (patch) | |
tree | b9016beb0818643ebbcc386ebb38ad77935a84aa /lib | |
parent | 6d25d31976892cadd8c8cef7c93509bd6ede7dbe (diff) | |
download | gnutls-e9b9c1c518cb3751f54b114d2f847b0b59662d54.tar.gz |
Optimizations in RSA-PSK by removing unneeded code.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/algorithms/kx.c | 40 | ||||
-rw-r--r-- | lib/auth/cert.h | 7 | ||||
-rw-r--r-- | lib/auth/rsa_common.h | 4 | ||||
-rw-r--r-- | lib/auth/rsa_psk.c | 118 | ||||
-rw-r--r-- | lib/gnutls_cert.c | 38 | ||||
-rw-r--r-- | lib/gnutls_handshake.c | 31 |
6 files changed, 41 insertions, 197 deletions
diff --git a/lib/algorithms/kx.c b/lib/algorithms/kx.c index 2123feb1cd..eb7e11ac78 100644 --- a/lib/algorithms/kx.c +++ b/lib/algorithms/kx.c @@ -85,44 +85,42 @@ struct gnutls_kx_algo_entry gnutls_kx_algorithm_t algorithm; mod_auth_st *auth_struct; int needs_dh_params; - int needs_rsa_params; }; typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry; static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = { #if defined(ENABLE_ANON) && defined(ENABLE_DHE) - {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0}, + {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1}, #endif #if defined(ENABLE_ANON) && defined(ENABLE_ECDHE) - {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0, 0}, + {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0}, #endif - {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0}, + {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct}, #ifdef ENABLE_DHE - {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 0}, - {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 0}, + {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1}, + {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1}, #endif #ifdef ENABLE_ECDHE - {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0, 0}, - {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0, 0}, + {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0}, + {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0}, #endif #ifdef ENABLE_SRP - {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0}, - {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0}, - {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0}, + {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0}, + {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0}, + {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0}, #endif #ifdef ENABLE_PSK - {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0}, - {"RSA-PSK", GNUTLS_KX_RSA_PSK, &rsa_psk_auth_struct, 0, - 1 /* needs RSA params */}, + {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0}, + {"RSA-PSK", GNUTLS_KX_RSA_PSK, &rsa_psk_auth_struct, 0}, # ifdef ENABLE_DHE {"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct, - 1 /* needs DHE params */, 0}, + 1 /* needs DHE params */}, # endif # ifdef ENABLE_ECDHE - {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0, 0}, + {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0}, # endif #endif - {0, 0, 0, 0, 0} + {0, 0, 0, 0} }; #define GNUTLS_KX_LOOP(b) \ @@ -265,14 +263,6 @@ _gnutls_map_kx_get_kx (gnutls_credentials_type_t type, int server) return ret; } -int -_gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm) -{ - ssize_t ret = 0; - GNUTLS_KX_ALG_LOOP (ret = p->needs_rsa_params); - return ret; -} - /* Returns the credentials type required for this * Key exchange method. */ diff --git a/lib/auth/cert.h b/lib/auth/cert.h index b0c7932f4a..3bf59b1eb1 100644 --- a/lib/auth/cert.h +++ b/lib/auth/cert.h @@ -42,7 +42,6 @@ typedef struct { typedef struct gnutls_certificate_credentials_st { gnutls_dh_params_t dh_params; - gnutls_rsa_params_t rsa_params; /* this callback is used to retrieve the DH or RSA * parameters. */ @@ -147,12 +146,6 @@ void _gnutls_selected_certs_set (gnutls_session_t session, gnutls_pcert_st * certs, int ncerts, gnutls_privkey_t key, int need_free); -gnutls_rsa_params_t _gnutls_certificate_get_rsa_params (gnutls_rsa_params_t - rsa_params, - gnutls_params_function - * func, - gnutls_session_t); - int _gnutls_get_auth_info_pcert (gnutls_pcert_st* gcert, gnutls_certificate_type_t type, cert_auth_info_t info); diff --git a/lib/auth/rsa_common.h b/lib/auth/rsa_common.h index 858d18f174..e1d2f39479 100644 --- a/lib/auth/rsa_common.h +++ b/lib/auth/rsa_common.h @@ -36,8 +36,4 @@ int _gnutls_get_public_rsa_params (gnutls_session_t session, gnutls_pk_params_st * params); -int -_gnutls_get_private_rsa_params (gnutls_session_t session, - gnutls_pk_params_st** params); - #endif diff --git a/lib/auth/rsa_psk.c b/lib/auth/rsa_psk.c index abb5199343..866e3e633b 100644 --- a/lib/auth/rsa_psk.c +++ b/lib/auth/rsa_psk.c @@ -54,7 +54,7 @@ static int _gnutls_proc_rsa_psk_client_kx (gnutls_session_t, uint8_t *, size_t); const mod_auth_st rsa_psk_auth_struct = { "RSA PSK", - NULL,/*_gnutls_gen_cert_server_certificate,*/ + _gnutls_gen_cert_server_crt, NULL, /* generate_client_certificate */ _gnutls_gen_psk_server_kx, _gnutls_gen_rsa_psk_client_kx, @@ -68,62 +68,9 @@ const mod_auth_st rsa_psk_auth_struct = { NULL /* process_server_certificate_reuqest */ }; -/* This function reads the RSA parameters from the private key - */ -int -_gnutls_get_private_rsa_params (gnutls_session_t session, - gnutls_pk_params_st** params) -{ - int ret; - gnutls_certificate_credentials_t cred; - gnutls_rsa_params_t rsa_params; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if (session->internals.selected_cert_list == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - ret = _gnutls_pubkey_is_over_rsa_512(session->internals.selected_cert_list[0].pubkey); - - if (_gnutls_cipher_suite_get_kx_algo - (session->security_parameters.cipher_suite) - != GNUTLS_KX_RSA_EXPORT || ret < 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - - rsa_params = - _gnutls_certificate_get_rsa_params (cred->rsa_params, - cred->params_func, session); - /* EXPORT case: */ - if (rsa_params == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS; - } - - /* In the export case, we do use temporary RSA params - * of 512 bits size. The params in the certificate are - * used to sign this temporary stuff. - */ - *params = &rsa_params->params; - - return 0; -} - /* Set the PSK premaster secret. */ -int +static int set_rsa_psk_session_key (gnutls_session_t session, gnutls_datum_t * rsa_secret) { @@ -215,6 +162,7 @@ _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) cert_auth_info_t auth = session->key.auth_info; gnutls_datum_t sdata; /* data to send */ gnutls_pk_params_st params; + gnutls_psk_client_credentials_t cred; int ret; if (auth == NULL) @@ -277,10 +225,6 @@ _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) gnutls_pk_params_release(¶ms); - -/* retrieve PSK credentials */ - gnutls_psk_client_credentials_t cred; - cred = (gnutls_psk_client_credentials_t) _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); @@ -290,9 +234,9 @@ _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - /* TODO: Bei dhe_psk wird keine PSK aufgerufen, wenn die Parameter - leer sind. Die Funktion wird an dieser Stelle dann abgebrochen. - Können diese womöglich an anderer Stelle übergeben werden? */ + /* TODO: Bei dhe_psk wird keine PSK aufgerufen, wenn die Parameter + leer sind. Die Funktion wird an dieser Stelle dann abgebrochen. + Können diese womöglich an anderer Stelle übergeben werden? */ if (cred->username.data == NULL && cred->key.data == NULL && cred->get_function != NULL) { @@ -329,24 +273,21 @@ _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } - /* Here we set the PSK key */ - ret = set_rsa_psk_session_key (session, &premaster_secret); - + /* Here we set the PSK key */ + ret = set_rsa_psk_session_key (session, &premaster_secret); if (ret < 0) { gnutls_assert (); return ret; } - -/* Create message for client key exchange - * - * struct { - * uint8_t psk_identity<0..2^16-1>; - * EncryptedPreMasterSecret; - * } - */ - _gnutls_buffer_init (data); + /* Create message for client key exchange + * + * struct { + * uint8_t psk_identity<0..2^16-1>; + * EncryptedPreMasterSecret; + * } + */ /* Write psk_identity and EncryptedPreMasterSecret into data stream */ @@ -357,6 +298,7 @@ _gnutls_gen_rsa_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data) _gnutls_free_datum (&sdata); return GNUTLS_E_MEMORY_ERROR; } + ret = _gnutls_buffer_append_data_prefix (data, 16, sdata.data, sdata.size); if (ret < 0) @@ -383,10 +325,10 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, gnutls_datum_t plaintext; gnutls_datum_t ciphertext; int ret, dsize; - gnutls_pk_params_st *params; int randomize_key = 0; ssize_t data_size = _data_size; gnutls_psk_server_credentials_t cred; + gnutls_datum_t premaster_secret; cred = (gnutls_psk_server_credentials_t) _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL); @@ -444,16 +386,8 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, } ciphertext.size = dsize; - - ret = _gnutls_get_private_rsa_params (session, ¶ms); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_pk_decrypt (GNUTLS_PK_RSA, &ciphertext, &plaintext, params); /* btype==2 */ - + ret = gnutls_privkey_decrypt_data (session->internals.selected_key, 0, + &ciphertext, &plaintext); if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) { /* In case decryption fails then don't inform @@ -461,7 +395,7 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, * attack against pkcs-1 formating). */ gnutls_assert (); - _gnutls_debug_log ("auth_rsa: Possible PKCS #1 format attack\n"); + _gnutls_debug_log ("auth_rsa_psk: Possible PKCS #1 format attack\n"); randomize_key = 1; } else @@ -469,8 +403,9 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, /* If the secret was properly formatted, then * check the version number. */ - if (_gnutls_get_adv_version_major (session) != plaintext.data[0] - || _gnutls_get_adv_version_minor (session) != plaintext.data[1]) + if (_gnutls_get_adv_version_major (session) != plaintext.data[0] || + (session->internals.priorities.allow_wrong_pms == 0 && + _gnutls_get_adv_version_minor (session) != plaintext.data[1])) { /* No error is returned here, if the version number check * fails. We proceed normally. @@ -485,8 +420,6 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, } - gnutls_datum_t premaster_secret; - if (randomize_key != 0) { premaster_secret.size = GNUTLS_MASTER_SIZE; @@ -506,7 +439,6 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, gnutls_assert (); return ret; } - } else { @@ -514,7 +446,6 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, premaster_secret.size = plaintext.size; } - /* This is here to avoid the version check attack * discussed above. */ @@ -523,13 +454,14 @@ _gnutls_proc_rsa_psk_client_kx (gnutls_session_t session, uint8_t * data, premaster_secret.data[1] = _gnutls_get_adv_version_minor (session); ret = set_rsa_psk_session_key (session, &premaster_secret); + _gnutls_free_datum (&premaster_secret); + if (ret < 0) { gnutls_assert (); return ret; } - _gnutls_free_datum (&premaster_secret); return 0; } diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index a89adf4332..3697836af0 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -139,44 +139,6 @@ gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t sc) _gnutls_free_datum (&sc->x509_rdn_sequence); } -/*- - * _gnutls_certificate_get_rsa_params - Returns the RSA parameters pointer - * @rsa_params: holds the RSA parameters or NULL. - * @func: function to retrieve the parameters or NULL. - * @session: The session. - * - * This function will return the rsa parameters pointer. - -*/ -gnutls_rsa_params_t -_gnutls_certificate_get_rsa_params (gnutls_rsa_params_t rsa_params, - gnutls_params_function * func, - gnutls_session_t session) -{ - gnutls_params_st params; - int ret; - - if (session->internals.params.rsa_params) - { - return session->internals.params.rsa_params; - } - - if (rsa_params) - { - session->internals.params.rsa_params = rsa_params; - } - else if (func) - { - ret = func (session, GNUTLS_PARAMS_RSA_EXPORT, ¶ms); - if (ret == 0 && params.type == GNUTLS_PARAMS_RSA_EXPORT) - { - session->internals.params.rsa_params = params.params.rsa_export; - session->internals.params.free_rsa_params = params.deinit; - } - } - - return session->internals.params.rsa_params; -} - /** * gnutls_certificate_free_credentials: diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 37d269b3fe..7e5cc8b0d4 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -3252,20 +3252,6 @@ _gnutls_recv_hello_request (gnutls_session_t session, void *data, } } -/* returns e and m, depends on the requested bits. - * We only support limited key sizes. - */ -static const gnutls_pk_params_st* -_gnutls_rsa_params_to_mpi (gnutls_rsa_params_t rsa_params) -{ - if (rsa_params == NULL) - { - return NULL; - } - - return &rsa_params->params; -} - /* Returns 1 if the given KX has not the corresponding parameters * (DH or RSA) set up. Otherwise returns 0. */ @@ -3276,7 +3262,6 @@ check_server_params (gnutls_session_t session, { int cred_type; gnutls_dh_params_t dh_params = NULL; - gnutls_rsa_params_t rsa_params = NULL; int j; cred_type = _gnutls_map_kx_get_cred (kx, 1); @@ -3295,10 +3280,6 @@ check_server_params (gnutls_session_t session, dh_params = _gnutls_get_dh_params (x509_cred->dh_params, x509_cred->params_func, session); - rsa_params = - _gnutls_certificate_get_rsa_params (x509_cred->rsa_params, - x509_cred->params_func, - session); } /* Check also if the certificate supports the @@ -3351,19 +3332,9 @@ check_server_params (gnutls_session_t session, else return 0; /* no need for params */ - /* If the key exchange method needs RSA or DH params, + /* If the key exchange method needs DH params, * but they are not set then remove it. */ - if (_gnutls_kx_needs_rsa_params (kx) != 0) - { - /* needs rsa params. */ - if (_gnutls_rsa_params_to_mpi (rsa_params) == NULL) - { - gnutls_assert (); - return 1; - } - } - if (_gnutls_kx_needs_dh_params (kx) != 0) { /* needs DH params. */ |