added function to access the DH (peer's) public key.

author: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2004-06-04 13:24:18 +0000
committer: Nikos Mavrogiannopoulos <nmav@gnutls.org> 2004-06-04 13:24:18 +0000
commit: 0967470bf44d67ca43cb958f55c8d0685f2add1e (patch)
tree: 77dce09f12e5681993b05521ccb2a293d60e34af /lib
parent: 023322da75b4c46f5361de32b11f3967cf736d1b (diff)
download: gnutls-0967470bf44d67ca43cb958f55c8d0685f2add1e.tar.gz
8 files changed, 70 insertions, 21 deletions
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index de5cb94a1f..d4e4940570 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -56,8 +56,7 @@ int _gnutls_proc_dh_common_client_kx(gnutls_session session, opaque * data,
 		return GNUTLS_E_MPI_SCAN_FAILED;
 	}
 
-	ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits(
-		session->key->client_Y));
+	ret=_gnutls_dh_set_peer_public( session, session->key->client_Y);
 	if (ret<0) {
 		gnutls_assert();
 		return ret;
@@ -132,8 +131,7 @@ int _gnutls_gen_dh_common_client_kx(gnutls_session session, opaque ** data)
 		return GNUTLS_E_MEMORY_ERROR;
 	}
 
-	ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits(
-		session->key->client_Y));
+	ret=_gnutls_dh_set_peer_public( session, session->key->client_Y);
 	if (ret<0) {
 		gnutls_assert();
 		failed:
@@ -232,8 +230,7 @@ int _gnutls_proc_dh_common_server_kx( gnutls_session session, opaque* data, size
 		return ret;
 	}
 
-	ret=_gnutls_dh_set_peer_public_bits( session, _gnutls_mpi_get_nbits(
-		session->key->client_Y));
+	ret = _gnutls_dh_set_peer_public( session, session->key->client_Y);
 	if (ret<0) {
 		gnutls_assert();
 		return ret;
diff --git a/lib/auth_dh_common.h b/lib/auth_dh_common.h
index 53c2b51879..46372678b2 100644
--- a/lib/auth_dh_common.h
+++ b/lib/auth_dh_common.h
@@ -10,6 +10,8 @@ typedef struct dh_info_st_int {
 	size_t prime_size;
 	opaque generator[16];
 	size_t generator_size;
+	opaque public_key[1024];
+	size_t public_key_size;
 } dh_info_st;
 
 int _gnutls_gen_dh_common_client_kx(gnutls_session, opaque **);
diff --git a/lib/gnutls_compress_int.c b/lib/gnutls_compress_int.c
index 2b83f92d4d..87ac63b895 100644
--- a/lib/gnutls_compress_int.c
+++ b/lib/gnutls_compress_int.c
@@ -114,6 +114,9 @@ int err;
 		
 		break;
 #endif
+	   default:
+	        gnutls_free(ret);
+		return NULL;	
 	}
 	return ret;
 }
@@ -123,8 +126,6 @@ int err;
 
 	if (handle!=NULL) {
 		switch( handle->algo) {
-			/* case GNUTLS_COMP_LZO:
-				break; */
 #ifdef HAVE_LIBZ
 			case GNUTLS_COMP_DEFLATE:
 				if (d)
@@ -133,6 +134,8 @@ int err;
 					err = deflateEnd( handle->handle);
 				break;
 #endif
+			default:
+				break;
 		}
 		gnutls_free( handle->handle);
 		gnutls_free( handle);
diff --git a/lib/gnutls_mpi.c b/lib/gnutls_mpi.c
index c230481378..9d135ae092 100644
--- a/lib/gnutls_mpi.c
+++ b/lib/gnutls_mpi.c
@@ -32,7 +32,7 @@
 /* Functions that refer to the libgcrypt library.
  */
  
-void _gnutls_mpi_release( GNUTLS_MPI* x) {
+void _gnutls_mpi_release( mpi_t* x) {
 	if (*x==NULL) return;
 	gcry_mpi_release(*x);
 	*x=NULL;
@@ -40,7 +40,7 @@ void _gnutls_mpi_release( GNUTLS_MPI* x) {
 
 /* returns zero on success
  */
-int _gnutls_mpi_scan( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes ) {
+int _gnutls_mpi_scan( mpi_t *ret_mpi, const opaque *buffer, size_t *nbytes ) {
 	int ret;
 	
 	ret = gcry_mpi_scan( ret_mpi, GCRYMPI_FMT_USG, buffer, *nbytes, nbytes);
@@ -56,7 +56,7 @@ int _gnutls_mpi_scan( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes
 	return 0;
 }
 
-int _gnutls_mpi_scan_pgp( GNUTLS_MPI *ret_mpi, const opaque *buffer, size_t *nbytes)
+int _gnutls_mpi_scan_pgp( mpi_t *ret_mpi, const opaque *buffer, size_t *nbytes)
 {
 int ret;
 	ret = gcry_mpi_scan( ret_mpi, GCRYMPI_FMT_PGP, buffer, *nbytes, nbytes);
@@ -72,7 +72,7 @@ int ret;
 	return 0;
 }
 
-int _gnutls_mpi_print( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) 
+int _gnutls_mpi_print( void *buffer, size_t *nbytes, const mpi_t a ) 
 {
 int ret;
 
@@ -85,7 +85,7 @@ int ret;
 }
 
 /* Always has the first bit zero */
-int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const GNUTLS_MPI a ) 
+int _gnutls_mpi_print_lz( void *buffer, size_t *nbytes, const mpi_t a ) 
 {
 int ret;
 
@@ -98,7 +98,7 @@ int ret;
 }
 
 /* Always has the first bit zero */
-int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const GNUTLS_MPI a ) 
+int _gnutls_mpi_dprint_lz( gnutls_datum* dest, const mpi_t a ) 
 {
 int ret;
 opaque* buf = NULL;
@@ -130,7 +130,7 @@ size_t bytes = 0;
  * steps.
  */
 int _gnutls_x509_read_int( ASN1_TYPE node, const char* value, 
-	GNUTLS_MPI* ret_mpi)
+	mpi_t* ret_mpi)
 {
 int result;
 size_t s_len;
@@ -171,7 +171,7 @@ int tmpstr_size;
 
 /* Writes the specified integer into the specified node.
  */
-int _gnutls_x509_write_int( ASN1_TYPE node, const char* value, GNUTLS_MPI mpi, int lz)
+int _gnutls_x509_write_int( ASN1_TYPE node, const char* value, mpi_t mpi, int lz)
 {
 opaque *tmpstr;
 size_t s_len;
diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c
index 29500e38b8..240f9d05af 100644
--- a/lib/gnutls_state.c
+++ b/lib/gnutls_state.c
@@ -392,7 +392,7 @@ int _gnutls_dh_get_allowed_prime_bits( gnutls_session session)
 	return session->internals.dh_prime_bits;
 }
 
-int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits) 
+int _gnutls_dh_set_peer_public( gnutls_session session, mpi_t public)
 {
 	switch( gnutls_auth_get_type( session)) {
 		case GNUTLS_CRD_ANON: {
@@ -400,7 +400,9 @@ int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits)
 			info = _gnutls_get_auth_info(session);
 			if (info == NULL)
 				return GNUTLS_E_INTERNAL_ERROR;
-			info->dh.peer_public_bits = bits;
+
+			 _gnutls_mpi_print_lz( info->dh.public_key, &info->dh.public_key_size, public);
+			info->dh.peer_public_bits = _gnutls_mpi_get_nbits(public);
 			break;
 		}
 		case GNUTLS_CRD_CERTIFICATE: {
@@ -410,7 +412,8 @@ int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits)
 			if (info == NULL)
 				return GNUTLS_E_INTERNAL_ERROR;
 
-			info->dh.peer_public_bits = bits;
+			 _gnutls_mpi_print_lz( info->dh.public_key, &info->dh.public_key_size, public);
+			info->dh.peer_public_bits = _gnutls_mpi_get_nbits(public);
 			break;
 		}
 		default:
diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h
index 0a26bf7757..90199e25f5 100644
--- a/lib/gnutls_state.h
+++ b/lib/gnutls_state.h
@@ -19,10 +19,10 @@ gnutls_certificate_type gnutls_certificate_type_get( gnutls_session session);
 
 int _gnutls_session_cert_type_supported( gnutls_session, gnutls_certificate_type);
 
-int _gnutls_dh_set_peer_public_bits( gnutls_session session, uint bits);
 int _gnutls_dh_set_secret_bits( gnutls_session session, uint bits);
 
-int _gnutls_dh_set_prime( gnutls_session session, GNUTLS_MPI gen, GNUTLS_MPI prime);
+int _gnutls_dh_set_peer_public( gnutls_session session, mpi_t public);
+int _gnutls_dh_set_prime( gnutls_session session, mpi_t gen, mpi_t prime);
 
 int _gnutls_dh_get_allowed_prime_bits( gnutls_session session);
 void gnutls_dh_set_prime_bits( gnutls_session session, unsigned int bits);
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c
index a3678836aa..134f9def9e 100644
--- a/lib/gnutls_ui.c
+++ b/lib/gnutls_ui.c
@@ -133,6 +133,49 @@ CERTIFICATE_AUTH_INFO cert_info;
 	return 0;
 }
 
+/**
+  * gnutls_dh_get_public_key - This function returns the peer's public key used in DH authentication
+  * @session: is a gnutls session
+  * @raw_key: will hold the public key. To be treated as constant.
+  *
+  * This function will return the peer's public key used in the last Diffie Hellman authentication.
+  * Should be used for both anonymous and ephemeral diffie Hellman.
+  * Returns a negative value in case of an error.
+  *
+  **/
+int gnutls_dh_get_public_key(gnutls_session session, gnutls_datum* key)
+{
+dh_info_st dh;
+ANON_SERVER_AUTH_INFO anon_info;
+CERTIFICATE_AUTH_INFO cert_info;
+
+	switch( gnutls_auth_get_type( session)) {
+		case GNUTLS_CRD_ANON: {
+			anon_info = _gnutls_get_auth_info(session);
+			if (anon_info == NULL)
+				return GNUTLS_E_INTERNAL_ERROR;
+			dh = anon_info->dh;
+			break;
+		}
+		case GNUTLS_CRD_CERTIFICATE: {
+
+			cert_info = _gnutls_get_auth_info(session);
+			if (cert_info == NULL)
+				return GNUTLS_E_INTERNAL_ERROR;
+			dh = cert_info->dh;
+			break;
+		}
+		default:
+			gnutls_assert();
+			return GNUTLS_E_INVALID_REQUEST;
+	}
+
+	key->data = dh.public_key;
+	key->size = dh.public_key_size;
+	
+	return 0;
+}
+
 
 /**
   * gnutls_dh_get_generator - This function returns the generator used in DH authentication
diff --git a/lib/gnutls_ui.h b/lib/gnutls_ui.h
index 4d837d6f24..642680c023 100644
--- a/lib/gnutls_ui.h
+++ b/lib/gnutls_ui.h
@@ -54,6 +54,7 @@ int gnutls_dh_get_peers_public_bits(gnutls_session);
 
 int gnutls_dh_get_prime(gnutls_session, gnutls_datum* prime);
 int gnutls_dh_get_generator(gnutls_session, gnutls_datum* gen);
+int gnutls_dh_get_public_key(gnutls_session, gnutls_datum* gen);
 
 /* RSA */
 int gnutls_rsa_export_get_modulus_bits(gnutls_session session);
author	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2004-06-04 13:24:18 +0000
committer	Nikos Mavrogiannopoulos <nmav@gnutls.org>	2004-06-04 13:24:18 +0000
commit	0967470bf44d67ca43cb958f55c8d0685f2add1e (patch)
tree	77dce09f12e5681993b05521ccb2a293d60e34af /lib
parent	023322da75b4c46f5361de32b11f3967cf736d1b (diff)
download	gnutls-0967470bf44d67ca43cb958f55c8d0685f2add1e.tar.gz