summaryrefslogtreecommitdiff
path: root/lib/gnutls_ui.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/gnutls_ui.c')
-rw-r--r--lib/gnutls_ui.c465
1 files changed, 250 insertions, 215 deletions
diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c
index 2e0a038c70..ec2a007dfd 100644
--- a/lib/gnutls_ui.c
+++ b/lib/gnutls_ui.c
@@ -53,9 +53,10 @@
* handshake.
*
**/
-void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits)
+void
+gnutls_dh_set_prime_bits (gnutls_session_t session, unsigned int bits)
{
- session->internals.dh_prime_bits = bits;
+ session->internals.dh_prime_bits = bits;
}
@@ -73,48 +74,50 @@ void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits)
* Returns a negative value in case of an error.
*
**/
-int gnutls_dh_get_group(gnutls_session_t session,
- gnutls_datum_t * raw_gen,
- gnutls_datum_t * raw_prime)
+int
+gnutls_dh_get_group (gnutls_session_t session,
+ gnutls_datum_t * raw_gen, gnutls_datum_t * raw_prime)
{
- dh_info_st *dh;
- int ret;
- anon_server_auth_info_t anon_info;
- cert_auth_info_t cert_info;
+ dh_info_st *dh;
+ int ret;
+ anon_server_auth_info_t anon_info;
+ cert_auth_info_t cert_info;
- switch (gnutls_auth_get_type(session)) {
+ switch (gnutls_auth_get_type (session))
+ {
case GNUTLS_CRD_ANON:
- anon_info = _gnutls_get_auth_info(session);
- if (anon_info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- dh = &anon_info->dh;
- break;
+ anon_info = _gnutls_get_auth_info (session);
+ if (anon_info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ dh = &anon_info->dh;
+ break;
case GNUTLS_CRD_CERTIFICATE:
- cert_info = _gnutls_get_auth_info(session);
- if (cert_info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- dh = &cert_info->dh;
- break;
+ cert_info = _gnutls_get_auth_info (session);
+ if (cert_info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ dh = &cert_info->dh;
+ break;
default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
- ret = _gnutls_set_datum(raw_prime, dh->prime.data, dh->prime.size);
- if (ret < 0) {
- gnutls_assert();
- return ret;
+ ret = _gnutls_set_datum (raw_prime, dh->prime.data, dh->prime.size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
}
- ret =
- _gnutls_set_datum(raw_gen, dh->generator.data, dh->generator.size);
- if (ret < 0) {
- gnutls_assert();
- _gnutls_free_datum(raw_prime);
- return ret;
+ ret = _gnutls_set_datum (raw_gen, dh->generator.data, dh->generator.size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ _gnutls_free_datum (raw_prime);
+ return ret;
}
- return 0;
+ return 0;
}
/**
@@ -129,36 +132,39 @@ int gnutls_dh_get_group(gnutls_session_t session,
* Returns a negative value in case of an error.
*
**/
-int gnutls_dh_get_pubkey(gnutls_session_t session,
- gnutls_datum_t * raw_key)
+int
+gnutls_dh_get_pubkey (gnutls_session_t session, gnutls_datum_t * raw_key)
{
- dh_info_st *dh;
- anon_server_auth_info_t anon_info;
- cert_auth_info_t cert_info;
-
- switch (gnutls_auth_get_type(session)) {
- case GNUTLS_CRD_ANON:{
- anon_info = _gnutls_get_auth_info(session);
- if (anon_info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- dh = &anon_info->dh;
- break;
- }
- case GNUTLS_CRD_CERTIFICATE:{
+ dh_info_st *dh;
+ anon_server_auth_info_t anon_info;
+ cert_auth_info_t cert_info;
- cert_info = _gnutls_get_auth_info(session);
- if (cert_info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- dh = &cert_info->dh;
- break;
- }
+ switch (gnutls_auth_get_type (session))
+ {
+ case GNUTLS_CRD_ANON:
+ {
+ anon_info = _gnutls_get_auth_info (session);
+ if (anon_info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ dh = &anon_info->dh;
+ break;
+ }
+ case GNUTLS_CRD_CERTIFICATE:
+ {
+
+ cert_info = _gnutls_get_auth_info (session);
+ if (cert_info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ dh = &cert_info->dh;
+ break;
+ }
default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
- return _gnutls_set_datum(raw_key, dh->public_key.data,
- dh->public_key.size);
+ return _gnutls_set_datum (raw_key, dh->public_key.data,
+ dh->public_key.size);
}
/**
@@ -174,37 +180,41 @@ int gnutls_dh_get_pubkey(gnutls_session_t session,
* Returns a negative value in case of an error.
*
**/
-int gnutls_rsa_export_get_pubkey(gnutls_session_t session,
- gnutls_datum_t * exponent,
- gnutls_datum_t * modulus)
+int
+gnutls_rsa_export_get_pubkey (gnutls_session_t session,
+ gnutls_datum_t * exponent,
+ gnutls_datum_t * modulus)
{
- cert_auth_info_t info;
- int ret;
+ cert_auth_info_t info;
+ int ret;
- if (gnutls_auth_get_type(session) == GNUTLS_CRD_CERTIFICATE) {
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ if (gnutls_auth_get_type (session) == GNUTLS_CRD_CERTIFICATE)
+ {
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- ret = _gnutls_set_datum(modulus, info->rsa_export.modulus.data,
- info->rsa_export.modulus.size);
- if (ret < 0) {
- gnutls_assert();
- return ret;
+ ret = _gnutls_set_datum (modulus, info->rsa_export.modulus.data,
+ info->rsa_export.modulus.size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ return ret;
}
- ret = _gnutls_set_datum(exponent, info->rsa_export.exponent.data,
- info->rsa_export.exponent.size);
- if (ret < 0) {
- gnutls_assert();
- _gnutls_free_datum(modulus);
- return ret;
+ ret = _gnutls_set_datum (exponent, info->rsa_export.exponent.data,
+ info->rsa_export.exponent.size);
+ if (ret < 0)
+ {
+ gnutls_assert ();
+ _gnutls_free_datum (modulus);
+ return ret;
}
- return 0;
+ return 0;
}
- return GNUTLS_E_INVALID_REQUEST;
+ return GNUTLS_E_INVALID_REQUEST;
}
@@ -217,29 +227,33 @@ int gnutls_rsa_export_get_pubkey(gnutls_session_t session,
* Returns a negative value in case of an error.
*
**/
-int gnutls_dh_get_secret_bits(gnutls_session_t session)
+int
+gnutls_dh_get_secret_bits (gnutls_session_t session)
{
- switch (gnutls_auth_get_type(session)) {
- case GNUTLS_CRD_ANON:{
- anon_server_auth_info_t info;
-
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- return info->dh.secret_bits;
- }
- case GNUTLS_CRD_CERTIFICATE:{
- cert_auth_info_t info;
+ switch (gnutls_auth_get_type (session))
+ {
+ case GNUTLS_CRD_ANON:
+ {
+ anon_server_auth_info_t info;
+
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ return info->dh.secret_bits;
+ }
+ case GNUTLS_CRD_CERTIFICATE:
+ {
+ cert_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- return info->dh.secret_bits;
- }
+ return info->dh.secret_bits;
+ }
default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
}
@@ -253,36 +267,40 @@ int gnutls_dh_get_secret_bits(gnutls_session_t session)
* Returns a negative value in case of an error.
*
**/
-int gnutls_dh_get_prime_bits(gnutls_session_t session)
+int
+gnutls_dh_get_prime_bits (gnutls_session_t session)
{
- dh_info_st *dh;
+ dh_info_st *dh;
- switch (gnutls_auth_get_type(session)) {
- case GNUTLS_CRD_ANON:{
- anon_server_auth_info_t info;
+ switch (gnutls_auth_get_type (session))
+ {
+ case GNUTLS_CRD_ANON:
+ {
+ anon_server_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- dh = &info->dh;
- break;
- }
- case GNUTLS_CRD_CERTIFICATE:{
- cert_auth_info_t info;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ dh = &info->dh;
+ break;
+ }
+ case GNUTLS_CRD_CERTIFICATE:
+ {
+ cert_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- dh = &info->dh;
- break;
- }
+ dh = &info->dh;
+ break;
+ }
default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
- return (dh->prime.size) * 8;
+ return (dh->prime.size) * 8;
}
@@ -295,15 +313,16 @@ int gnutls_dh_get_prime_bits(gnutls_session_t session)
* Returns a negative value in case of an error.
*
**/
-int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session)
+int
+gnutls_rsa_export_get_modulus_bits (gnutls_session_t session)
{
- cert_auth_info_t info;
+ cert_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- return info->rsa_export.modulus.size * 8;
+ return info->rsa_export.modulus.size * 8;
}
/**
@@ -315,37 +334,41 @@ int gnutls_rsa_export_get_modulus_bits(gnutls_session_t session)
* Returns a negative value in case of an error.
*
**/
-int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
+int
+gnutls_dh_get_peers_public_bits (gnutls_session_t session)
{
- dh_info_st *dh;
+ dh_info_st *dh;
- switch (gnutls_auth_get_type(session)) {
- case GNUTLS_CRD_ANON:{
- anon_server_auth_info_t info;
+ switch (gnutls_auth_get_type (session))
+ {
+ case GNUTLS_CRD_ANON:
+ {
+ anon_server_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- dh = &info->dh;
- break;
- }
- case GNUTLS_CRD_CERTIFICATE:{
- cert_auth_info_t info;
+ dh = &info->dh;
+ break;
+ }
+ case GNUTLS_CRD_CERTIFICATE:
+ {
+ cert_auth_info_t info;
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
- dh = &info->dh;
- break;
- }
+ dh = &info->dh;
+ break;
+ }
default:
- gnutls_assert();
- return GNUTLS_E_INVALID_REQUEST;
+ gnutls_assert ();
+ return GNUTLS_E_INVALID_REQUEST;
}
- return dh->public_key.size * 8;
+ return dh->public_key.size * 8;
}
@@ -362,23 +385,25 @@ int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
* Returns NULL in case of an error, or if no certificate was used.
*
**/
-const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t session)
+const gnutls_datum_t *
+gnutls_certificate_get_ours (gnutls_session_t session)
{
- gnutls_certificate_credentials_t cred;
+ gnutls_certificate_credentials_t cred;
- CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, NULL);
+ CHECK_AUTH (GNUTLS_CRD_CERTIFICATE, NULL);
- cred = (gnutls_certificate_credentials_t)
- _gnutls_get_cred(session->key, GNUTLS_CRD_CERTIFICATE, NULL);
- if (cred == NULL || cred->cert_list == NULL) {
- gnutls_assert();
- return NULL;
+ cred = (gnutls_certificate_credentials_t)
+ _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL);
+ if (cred == NULL || cred->cert_list == NULL)
+ {
+ gnutls_assert ();
+ return NULL;
}
- if (session->internals.selected_cert_list == NULL)
- return NULL;
+ if (session->internals.selected_cert_list == NULL)
+ return NULL;
- return &session->internals.selected_cert_list[0].raw;
+ return &session->internals.selected_cert_list[0].raw;
}
/**
@@ -398,20 +423,20 @@ const gnutls_datum_t *gnutls_certificate_get_ours(gnutls_session_t session)
* Returns NULL in case of an error, or if no certificate was sent.
*
**/
-const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
- session,
- unsigned int *list_size)
+const gnutls_datum_t *
+gnutls_certificate_get_peers (gnutls_session_t
+ session, unsigned int *list_size)
{
- cert_auth_info_t info;
+ cert_auth_info_t info;
- CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, NULL);
+ CHECK_AUTH (GNUTLS_CRD_CERTIFICATE, NULL);
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return NULL;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return NULL;
- *list_size = info->ncerts;
- return info->raw_certificate_list;
+ *list_size = info->ncerts;
+ return info->raw_certificate_list;
}
@@ -424,16 +449,17 @@ const gnutls_datum_t *gnutls_certificate_get_peers(gnutls_session_t
* Returns a negative value in case of an error.
*
**/
-int gnutls_certificate_client_get_request_status(gnutls_session_t session)
+int
+gnutls_certificate_client_get_request_status (gnutls_session_t session)
{
- cert_auth_info_t info;
+ cert_auth_info_t info;
- CHECK_AUTH(GNUTLS_CRD_CERTIFICATE, 0);
+ CHECK_AUTH (GNUTLS_CRD_CERTIFICATE, 0);
- info = _gnutls_get_auth_info(session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
- return info->certificate_requested;
+ info = _gnutls_get_auth_info (session);
+ if (info == NULL)
+ return GNUTLS_E_INTERNAL_ERROR;
+ return info->certificate_requested;
}
/**
@@ -456,30 +482,33 @@ int gnutls_certificate_client_get_request_status(gnutls_session_t session)
* Returns a negative value in case of an error.
*
**/
-int gnutls_fingerprint(gnutls_digest_algorithm_t algo,
- const gnutls_datum_t * data, void *result,
- size_t * result_size)
+int
+gnutls_fingerprint (gnutls_digest_algorithm_t algo,
+ const gnutls_datum_t * data, void *result,
+ size_t * result_size)
{
- GNUTLS_HASH_HANDLE td;
- int hash_len = _gnutls_hash_get_algo_len(HASH2MAC(algo));
+ GNUTLS_HASH_HANDLE td;
+ int hash_len = _gnutls_hash_get_algo_len (HASH2MAC (algo));
- if (hash_len < 0 || (uint) hash_len > *result_size || result == NULL) {
- *result_size = hash_len;
- return GNUTLS_E_SHORT_MEMORY_BUFFER;
+ if (hash_len < 0 || (uint) hash_len > *result_size || result == NULL)
+ {
+ *result_size = hash_len;
+ return GNUTLS_E_SHORT_MEMORY_BUFFER;
}
- *result_size = hash_len;
+ *result_size = hash_len;
- if (result) {
- td = _gnutls_hash_init(HASH2MAC(algo));
- if (td == NULL)
- return GNUTLS_E_HASH_FAILED;
+ if (result)
+ {
+ td = _gnutls_hash_init (HASH2MAC (algo));
+ if (td == NULL)
+ return GNUTLS_E_HASH_FAILED;
- _gnutls_hash(td, data->data, data->size);
+ _gnutls_hash (td, data->data, data->size);
- _gnutls_hash_deinit(td, result);
+ _gnutls_hash_deinit (td, result);
}
- return 0;
+ return 0;
}
/**
@@ -492,10 +521,11 @@ int gnutls_fingerprint(gnutls_digest_algorithm_t algo,
* cipher suites.
*
**/
-void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
- gnutls_dh_params_t dh_params)
+void
+gnutls_anon_set_server_dh_params (gnutls_anon_server_credentials_t res,
+ gnutls_dh_params_t dh_params)
{
- res->dh_params = dh_params;
+ res->dh_params = dh_params;
}
/**
@@ -511,10 +541,11 @@ void gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
* you must change the parameters stored in the certificate first.
*
**/
-void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
- gnutls_dh_params_t dh_params)
+void
+gnutls_certificate_set_dh_params (gnutls_certificate_credentials_t res,
+ gnutls_dh_params_t dh_params)
{
- res->dh_params = dh_params;
+ res->dh_params = dh_params;
}
/**
@@ -528,10 +559,10 @@ void gnutls_certificate_set_dh_params(gnutls_certificate_credentials_t res,
*
**/
void
-gnutls_certificate_set_params_function(gnutls_certificate_credentials_t res,
- gnutls_params_function * func)
+gnutls_certificate_set_params_function (gnutls_certificate_credentials_t res,
+ gnutls_params_function * func)
{
- res->params_func = func;
+ res->params_func = func;
}
/**
@@ -544,10 +575,11 @@ gnutls_certificate_set_params_function(gnutls_certificate_credentials_t res,
* return zero on success.
*
**/
-void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
- gnutls_params_function * func)
+void
+gnutls_anon_set_params_function (gnutls_anon_server_credentials_t res,
+ gnutls_params_function * func)
{
- res->params_func = func;
+ res->params_func = func;
}
@@ -561,10 +593,11 @@ void gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
* #gnutls_certificate_verify_flags enumerations.
*
**/
-void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t
- res, unsigned int flags)
+void
+gnutls_certificate_set_verify_flags (gnutls_certificate_credentials_t
+ res, unsigned int flags)
{
- res->verify_flags = flags;
+ res->verify_flags = flags;
}
/**
@@ -577,11 +610,13 @@ void gnutls_certificate_set_verify_flags(gnutls_certificate_credentials_t
* gnutls_certificate_verify_peers2(), to avoid denial of service attacks.
*
**/
-void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t
- res, unsigned int max_bits, unsigned int max_depth)
+void
+gnutls_certificate_set_verify_limits (gnutls_certificate_credentials_t
+ res, unsigned int max_bits,
+ unsigned int max_depth)
{
- res->verify_depth = max_depth;
- res->verify_bits = max_bits;
+ res->verify_depth = max_depth;
+ res->verify_bits = max_bits;
}
/**
@@ -595,8 +630,8 @@ void gnutls_certificate_set_verify_limits(gnutls_certificate_credentials_t
*
**/
void
-gnutls_certificate_set_rsa_export_params(gnutls_certificate_credentials_t
- res, gnutls_rsa_params_t rsa_params)
+gnutls_certificate_set_rsa_export_params (gnutls_certificate_credentials_t
+ res, gnutls_rsa_params_t rsa_params)
{
- res->rsa_params = rsa_params;
+ res->rsa_params = rsa_params;
}
View Lorry Controller Status