diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-06-04 13:24:18 +0000 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2004-06-04 13:24:18 +0000 |
commit | 0967470bf44d67ca43cb958f55c8d0685f2add1e (patch) | |
tree | 77dce09f12e5681993b05521ccb2a293d60e34af /lib | |
parent | 023322da75b4c46f5361de32b11f3967cf736d1b (diff) | |
download | gnutls-0967470bf44d67ca43cb958f55c8d0685f2add1e.tar.gz |
added function to access the DH (peer's) public key.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/auth_dh_common.c | 9 | ||||
-rw-r--r-- | lib/auth_dh_common.h | 2 | ||||
-rw-r--r-- | lib/gnutls_compress_int.c | 7 | ||||
-rw-r--r-- | lib/gnutls_mpi.c | 16 | ||||
-rw-r--r-- | lib/gnutls_state.c | 9 | ||||
-rw-r--r-- | lib/gnutls_state.h | 4 | ||||
-rw-r--r-- | lib/gnutls_ui.c | 43 | ||||
-rw-r--r-- | lib/gnutls_ui.h | 1 |
8 files changed, 70 insertions, 21 deletions
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c index de5cb94a1f..d4e4940570 100644 --- a/lib/auth_dh_common.c +++ b/lib/auth_dh_common.c @@ -56,8 +56,7 @@ int _gnutls_proc_dh_common_client_kx(gnutls_session session, opaque * data, return GNUTLS_E_MPI_SCAN_FAILED; } - ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits( - session->key->client_Y)); + ret=_gnutls_dh_set_peer_public( session, session->key->client_Y); if (ret<0) { gnutls_assert(); return ret; @@ -132,8 +131,7 @@ int _gnutls_gen_dh_common_client_kx(gnutls_session session, opaque ** data) return GNUTLS_E_MEMORY_ERROR; } - ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits( - session->key->client_Y)); + ret=_gnutls_dh_set_peer_public( session, session->key->client_Y); if (ret<0) { gnutls_assert(); failed: @@ -232,8 +230,7 @@ int _gnutls_proc_dh_common_server_kx( gnutls_session session, opaque* data, size return ret; } - ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits( - session->key->client_Y)); + ret = _gnutls_dh_set_peer_public( session, session->key->client_Y); if (ret<0) { gnutls_assert(); return ret; diff --git a/lib/auth_dh_common.h b/lib/auth_dh_common.h index 53c2b51879..46372678b2 100644 --- a/lib/auth_dh_common.h +++ b/lib/auth_dh_common.h @@ -10,6 +10,8 @@ typedef struct dh_info_st_int { size_t prime_size; opaque generator[16]; size_t generator_size; + opaque public_key[1024]; + size_t public_key_size; } dh_info_st; int _gnutls_gen_dh_common_client_kx(gnutls_session, opaque **); diff --git a/lib/gnutls_compress_int.c b/lib/gnutls_compress_int.c index 2b83f92d4d..87ac63b895 100644 --- a/lib/gnutls_compress_int.c +++ b/lib/gnutls_compress_int.c @@ -114,6 +114,9 @@ int err; break; #endif + default: + gnutls_free(ret); + return NULL; } return ret; } @@ -123,8 +126,6 @@ int err; if (handle!=NULL) { switch( handle->algo) { - /* case GNUTLS_COMP_LZO: - break; */ #ifdef HAVE_LIBZ case GNUTLS_COMP_DEFLATE: if (d) @@ -133,6 +134,8 @@ int err; err = deflateEnd( handle->handle); break; #endif + default: + break; } gnutls_free( handle->handle); gnutls_free( handle); diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c index c230481378..9d135ae092 100644 --- a/lib/gnutls_mpi.c +++ b/lib/gnutls_mpi.c @@ -32,7 +32,7 @@ /* Functions that refer to the libgcrypt library. */ -void _gnutls_mpi_release( GNUTLS_MPI* x) { +void _gnutls_mpi_release( mpi_t* x) { if (*x==NULL) return; gcry_mpi_release(*x); *x=NULL; @@ -40,7 +40,7 @@ void _gnutls_mpi_release( GNUTLS_MPI* x) { /* returns zero on success */ -int _gnutls_mpi_scan( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes ) { +int _gnutls_mpi_scan( mpi_t *ret_mpi, const opaque *buffer, size_t *nbytes ) { int ret; ret = gcry_mpi_scan( ret_mpi, GCRYMPI_FMT_USG, buffer, *nbytes, nbytes); @@ -56,7 +56,7 @@ int _gnutls_mpi_scan( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes return 0; } -int _gnutls_mpi_scan_pgp( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes) +int _gnutls_mpi_scan_pgp( mpi_t *ret_mpi, const opaque *buffer, size_t *nbytes) { int ret; ret = gcry_mpi_scan( ret_mpi, GCRYMPI_FMT_PGP, buffer, *nbytes, nbytes); @@ -72,7 +72,7 @@ int ret; return 0; } -int _gnutls_mpi_print( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) +int _gnutls_mpi_print( void *buffer, size_t *nbytes, const mpi_t a ) { int ret; @@ -85,7 +85,7 @@ int ret; } /* Always has the first bit zero */ -int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) +int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const mpi_t a ) { int ret; @@ -98,7 +98,7 @@ int ret; } /* Always has the first bit zero */ -int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const GNUTLS_MPI a ) +int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const mpi_t a ) { int ret; opaque* buf = NULL; @@ -130,7 +130,7 @@ size_t bytes = 0; * steps. */ int _gnutls_x509_read_int( ASN1_TYPE node, const char* value, - GNUTLS_MPI* ret_mpi) + mpi_t* ret_mpi) { int result; size_t s_len; @@ -171,7 +171,7 @@ int tmpstr_size; /* Writes the specified integer into the specified node. */ -int _gnutls_x509_write_int( ASN1_TYPE node, const char* value, GNUTLS_MPI mpi, int lz) +int _gnutls_x509_write_int( ASN1_TYPE node, const char* value, mpi_t mpi, int lz) { opaque *tmpstr; size_t s_len; diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 29500e38b8..240f9d05af 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -392,7 +392,7 @@ int _gnutls_dh_get_allowed_prime_bits( gnutls_session session) return session->internals.dh_prime_bits; } -int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits) +int _gnutls_dh_set_peer_public( gnutls_session session, mpi_t public) { switch( gnutls_auth_get_type( session)) { case GNUTLS_CRD_ANON: { @@ -400,7 +400,9 @@ int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits) info = _gnutls_get_auth_info(session); if (info == NULL) return GNUTLS_E_INTERNAL_ERROR; - info->dh.peer_public_bits = bits; + + _gnutls_mpi_print_lz( info->dh.public_key, &info->dh.public_key_size, public); + info->dh.peer_public_bits = _gnutls_mpi_get_nbits(public); break; } case GNUTLS_CRD_CERTIFICATE: { @@ -410,7 +412,8 @@ int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits) if (info == NULL) return GNUTLS_E_INTERNAL_ERROR; - info->dh.peer_public_bits = bits; + _gnutls_mpi_print_lz( info->dh.public_key, &info->dh.public_key_size, public); + info->dh.peer_public_bits = _gnutls_mpi_get_nbits(public); break; } default: diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h index 0a26bf7757..90199e25f5 100644 --- a/lib/gnutls_state.h +++ b/lib/gnutls_state.h @@ -19,10 +19,10 @@ gnutls_certificate_type gnutls_certificate_type_get( gnutls_session session); int _gnutls_session_cert_type_supported( gnutls_session, gnutls_certificate_type); -int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits); int _gnutls_dh_set_secret_bits( gnutls_session session, uint bits); -int _gnutls_dh_set_prime( gnutls_session session, GNUTLS_MPI gen, GNUTLS_MPI prime); +int _gnutls_dh_set_peer_public( gnutls_session session, mpi_t public); +int _gnutls_dh_set_prime( gnutls_session session, mpi_t gen, mpi_t prime); int _gnutls_dh_get_allowed_prime_bits( gnutls_session session); void gnutls_dh_set_prime_bits( gnutls_session session, unsigned int bits); diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c index a3678836aa..134f9def9e 100644 --- a/lib/gnutls_ui.c +++ b/lib/gnutls_ui.c @@ -133,6 +133,49 @@ CERTIFICATE_AUTH_INFO cert_info; return 0; } +/** + * gnutls_dh_get_public_key - This function returns the peer's public key used in DH authentication + * @session: is a gnutls session + * @raw_key: will hold the public key. To be treated as constant. + * + * This function will return the peer's public key used in the last Diffie Hellman authentication. + * Should be used for both anonymous and ephemeral diffie Hellman. + * Returns a negative value in case of an error. + * + **/ +int gnutls_dh_get_public_key(gnutls_session session, gnutls_datum* key) +{ +dh_info_st dh; +ANON_SERVER_AUTH_INFO anon_info; +CERTIFICATE_AUTH_INFO cert_info; + + switch( gnutls_auth_get_type( session)) { + case GNUTLS_CRD_ANON: { + anon_info = _gnutls_get_auth_info(session); + if (anon_info == NULL) + return GNUTLS_E_INTERNAL_ERROR; + dh = anon_info->dh; + break; + } + case GNUTLS_CRD_CERTIFICATE: { + + cert_info = _gnutls_get_auth_info(session); + if (cert_info == NULL) + return GNUTLS_E_INTERNAL_ERROR; + dh = cert_info->dh; + break; + } + default: + gnutls_assert(); + return GNUTLS_E_INVALID_REQUEST; + } + + key->data = dh.public_key; + key->size = dh.public_key_size; + + return 0; +} + /** * gnutls_dh_get_generator - This function returns the generator used in DH authentication diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h index 4d837d6f24..642680c023 100644 --- a/lib/gnutls_ui.h +++ b/lib/gnutls_ui.h @@ -54,6 +54,7 @@ int gnutls_dh_get_peers_public_bits(gnutls_session); int gnutls_dh_get_prime(gnutls_session, gnutls_datum* prime); int gnutls_dh_get_generator(gnutls_session, gnutls_datum* gen); +int gnutls_dh_get_public_key(gnutls_session, gnutls_datum* gen); /* RSA */ int gnutls_rsa_export_get_modulus_bits(gnutls_session session); |