diff options
Diffstat (limited to 'lib/ext_signature.c')
| -rw-r--r-- | lib/ext_signature.c | 149 |
1 files changed, 80 insertions, 69 deletions
diff --git a/lib/ext_signature.c b/lib/ext_signature.c index abc2da9088..03b47d12dc 100644 --- a/lib/ext_signature.c +++ b/lib/ext_signature.c @@ -36,27 +36,30 @@ #include <gnutls_algorithms.h> static int _gnutls_signature_algorithm_recv_params (gnutls_session_t session, - const opaque * data, - size_t data_size); + const opaque * data, + size_t data_size); static int _gnutls_signature_algorithm_send_params (gnutls_session_t session, - opaque * data, size_t); -static void signature_algorithms_deinit_data(extension_priv_data_t priv); -static int signature_algorithms_pack(extension_priv_data_t epriv, gnutls_buffer_st* ps); -static int signature_algorithms_unpack(gnutls_buffer_st* ps, extension_priv_data_t* _priv); + opaque * data, size_t); +static void signature_algorithms_deinit_data (extension_priv_data_t priv); +static int signature_algorithms_pack (extension_priv_data_t epriv, + gnutls_buffer_st * ps); +static int signature_algorithms_unpack (gnutls_buffer_st * ps, + extension_priv_data_t * _priv); extension_entry_st ext_mod_sig = { - .name = "SIGNATURE ALGORITHMS", - .type = GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - .parse_type = GNUTLS_EXT_TLS, - - .recv_func = _gnutls_signature_algorithm_recv_params, - .send_func = _gnutls_signature_algorithm_send_params, - .pack_func = signature_algorithms_pack, - .unpack_func = signature_algorithms_unpack, - .deinit_func = signature_algorithms_deinit_data, + .name = "SIGNATURE ALGORITHMS", + .type = GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, + .parse_type = GNUTLS_EXT_TLS, + + .recv_func = _gnutls_signature_algorithm_recv_params, + .send_func = _gnutls_signature_algorithm_send_params, + .pack_func = signature_algorithms_pack, + .unpack_func = signature_algorithms_unpack, + .deinit_func = signature_algorithms_deinit_data, }; -typedef struct { +typedef struct +{ /* TLS 1.2 signature algorithms */ gnutls_sign_algorithm_t sign_algorithms[MAX_SIGNATURE_ALGORITHMS]; uint16_t sign_algorithms_size; @@ -106,14 +109,14 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t session, const opaque * data, size_t data_size) { int sig, i; - sig_ext_st * priv; + sig_ext_st *priv; extension_priv_data_t epriv; - priv = gnutls_calloc(1, sizeof(*priv)); + priv = gnutls_calloc (1, sizeof (*priv)); if (priv == NULL) { - gnutls_assert(); - return GNUTLS_E_MEMORY_ERROR; + gnutls_assert (); + return GNUTLS_E_MEMORY_ERROR; } for (i = 0; i < data_size; i += 2) @@ -126,15 +129,15 @@ _gnutls_sign_algorithm_parse_data (gnutls_session_t session, sig = _gnutls_tls_aid_to_sign (&aid); if (sig != GNUTLS_SIGN_UNKNOWN) { - priv->sign_algorithms[priv->sign_algorithms_size++] - = sig; + priv->sign_algorithms[priv->sign_algorithms_size++] = sig; if (priv->sign_algorithms_size == MAX_SIGNATURE_ALGORITHMS) break; } } - epriv.ptr = priv; - _gnutls_ext_set_session_data(session, GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, epriv); + epriv.ptr = priv; + _gnutls_ext_set_session_data (session, + GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, epriv); return 0; } @@ -232,11 +235,13 @@ _gnutls_session_get_sign_algo (gnutls_session_t session, unsigned i; int ret; gnutls_protocol_t ver = gnutls_protocol_get_version (session); - sig_ext_st * priv; + sig_ext_st *priv; extension_priv_data_t epriv; - ret = _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - &epriv); + ret = + _gnutls_ext_get_session_data (session, + GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, + &epriv); priv = epriv.ptr; if (ret < 0 || !_gnutls_version_has_selectable_sighash (ver) @@ -247,14 +252,11 @@ _gnutls_session_get_sign_algo (gnutls_session_t session, return _gnutls_x509_pk_to_sign (pk, *hash); } - for (i = 0; - i < priv->sign_algorithms_size; i++) + for (i = 0; i < priv->sign_algorithms_size; i++) { - if (_gnutls_sign_get_pk_algorithm - (priv->sign_algorithms[i]) == pk) + if (_gnutls_sign_get_pk_algorithm (priv->sign_algorithms[i]) == pk) { - *hash = - _gnutls_sign_get_hash_algorithm (priv->sign_algorithms[i]); + *hash = _gnutls_sign_get_hash_algorithm (priv->sign_algorithms[i]); return priv->sign_algorithms[i]; } } @@ -274,7 +276,7 @@ _gnutls_session_sign_algo_requested (gnutls_session_t session, unsigned i; int ret, hash; gnutls_protocol_t ver = gnutls_protocol_get_version (session); - sig_ext_st * priv; + sig_ext_st *priv; extension_priv_data_t epriv; if (!_gnutls_version_has_selectable_sighash (ver)) @@ -282,17 +284,19 @@ _gnutls_session_sign_algo_requested (gnutls_session_t session, return 0; } - ret = _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - &epriv); + ret = + _gnutls_ext_get_session_data (session, + GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, + &epriv); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); /* extension not received allow SHA1 and SHA256 */ - hash = _gnutls_sign_get_hash_algorithm(sig); + hash = _gnutls_sign_get_hash_algorithm (sig); if (hash == GNUTLS_DIG_SHA1 || hash == GNUTLS_DIG_SHA256) - return 0; + return 0; else - return ret; + return ret; } priv = epriv.ptr; @@ -302,8 +306,7 @@ _gnutls_session_sign_algo_requested (gnutls_session_t session, return 0; } - for (i = 0; - i < priv->sign_algorithms_size; i++) + for (i = 0; i < priv->sign_algorithms_size; i++) { if (priv->sign_algorithms[i] == sig) { @@ -325,14 +328,16 @@ _gnutls_session_sign_algo_enabled (gnutls_session_t session, unsigned i; int ret; gnutls_protocol_t ver = gnutls_protocol_get_version (session); - sig_ext_st * priv; + sig_ext_st *priv; extension_priv_data_t epriv; - ret = _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - &epriv); + ret = + _gnutls_ext_get_session_data (session, + GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, + &epriv); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return 0; } priv = epriv.ptr; @@ -355,50 +360,54 @@ _gnutls_session_sign_algo_enabled (gnutls_session_t session, return GNUTLS_E_UNSUPPORTED_SIGNATURE_ALGORITHM; } -static void signature_algorithms_deinit_data(extension_priv_data_t priv) +static void +signature_algorithms_deinit_data (extension_priv_data_t priv) { - gnutls_free(priv.ptr); + gnutls_free (priv.ptr); } -static int signature_algorithms_pack(extension_priv_data_t epriv, gnutls_buffer_st* ps) +static int +signature_algorithms_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps) { -sig_ext_st* priv = epriv.ptr; -int ret, i; + sig_ext_st *priv = epriv.ptr; + int ret, i; - BUFFER_APPEND_NUM(ps, priv->sign_algorithms_size); - for (i = 0; i < priv->sign_algorithms_size;i++) + BUFFER_APPEND_NUM (ps, priv->sign_algorithms_size); + for (i = 0; i < priv->sign_algorithms_size; i++) { - BUFFER_APPEND_NUM(ps, priv->sign_algorithms[i]); + BUFFER_APPEND_NUM (ps, priv->sign_algorithms[i]); } return 0; } -static int signature_algorithms_unpack(gnutls_buffer_st* ps, extension_priv_data_t* _priv) +static int +signature_algorithms_unpack (gnutls_buffer_st * ps, + extension_priv_data_t * _priv) { -sig_ext_st* priv; -int i, ret; -extension_priv_data_t epriv; + sig_ext_st *priv; + int i, ret; + extension_priv_data_t epriv; - priv = gnutls_calloc(1, sizeof(*priv)); + priv = gnutls_calloc (1, sizeof (*priv)); if (priv == NULL) { - gnutls_assert(); + gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } - BUFFER_POP_NUM(ps, priv->sign_algorithms_size); - for (i = 0; i < priv->sign_algorithms_size;i++) + BUFFER_POP_NUM (ps, priv->sign_algorithms_size); + for (i = 0; i < priv->sign_algorithms_size; i++) { - BUFFER_POP_NUM(ps, priv->sign_algorithms[i]); + BUFFER_POP_NUM (ps, priv->sign_algorithms[i]); } epriv.ptr = priv; *_priv = epriv; - + return 0; error: - gnutls_free(priv); + gnutls_free (priv); return ret; } @@ -431,15 +440,17 @@ gnutls_sign_algorithm_get_requested (gnutls_session_t session, gnutls_sign_algorithm_t * algo) { gnutls_protocol_t ver = gnutls_protocol_get_version (session); - sig_ext_st * priv; + sig_ext_st *priv; extension_priv_data_t epriv; int ret; - ret = _gnutls_ext_get_session_data(session, GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, - &epriv); + ret = + _gnutls_ext_get_session_data (session, + GNUTLS_EXTENSION_SIGNATURE_ALGORITHMS, + &epriv); if (ret < 0) { - gnutls_assert(); + gnutls_assert (); return ret; } priv = epriv.ptr; |