|
Packit |
aea12f |
/*
|
|
Packit |
aea12f |
* Copyright (C) 2001-2012 Free Software Foundation, Inc.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Author: Nikos Mavrogiannopoulos
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This file is part of GnuTLS.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* The GnuTLS is free software; you can redistribute it and/or
|
|
Packit |
aea12f |
* modify it under the terms of the GNU Lesser General Public License
|
|
Packit |
aea12f |
* as published by the Free Software Foundation; either version 2.1 of
|
|
Packit |
aea12f |
* the License, or (at your option) any later version.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This library is distributed in the hope that it will be useful, but
|
|
Packit |
aea12f |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
aea12f |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
aea12f |
* Lesser General Public License for more details.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* You should have received a copy of the GNU Lesser General Public License
|
|
Packit |
aea12f |
* along with this program. If not, see <https://www.gnu.org/licenses/>
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#include "gnutls_int.h"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#ifdef ENABLE_ANON
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
#include "errors.h"
|
|
Packit |
aea12f |
#include <auth/anon.h>
|
|
Packit |
aea12f |
#include "auth.h"
|
|
Packit |
aea12f |
#include "dh.h"
|
|
Packit |
aea12f |
#include "num.h"
|
|
Packit |
aea12f |
#include "mpi.h"
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_free_server_credentials:
|
|
Packit |
aea12f |
* @sc: is a #gnutls_anon_server_credentials_t type.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Free a gnutls_anon_server_credentials_t structure.
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
void
|
|
Packit |
aea12f |
gnutls_anon_free_server_credentials(gnutls_anon_server_credentials_t sc)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
if (sc->deinit_dh_params) {
|
|
Packit |
aea12f |
gnutls_dh_params_deinit(sc->dh_params);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
gnutls_free(sc);
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_allocate_server_credentials:
|
|
Packit |
aea12f |
* @sc: is a pointer to a #gnutls_anon_server_credentials_t type.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Allocate a gnutls_anon_server_credentials_t structure.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Returns: %GNUTLS_E_SUCCESS on success, or an error code.
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_anon_allocate_server_credentials(gnutls_anon_server_credentials_t *
|
|
Packit |
aea12f |
sc)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
*sc = gnutls_calloc(1, sizeof(anon_server_credentials_st));
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_free_client_credentials:
|
|
Packit |
aea12f |
* @sc: is a #gnutls_anon_client_credentials_t type.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Free a gnutls_anon_client_credentials_t structure.
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
void
|
|
Packit |
aea12f |
gnutls_anon_free_client_credentials(gnutls_anon_client_credentials_t sc)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
static struct gnutls_anon_client_credentials_st anon_dummy_struct;
|
|
Packit |
aea12f |
static const gnutls_anon_client_credentials_t anon_dummy =
|
|
Packit |
aea12f |
&anon_dummy_struct;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_allocate_client_credentials:
|
|
Packit |
aea12f |
* @sc: is a pointer to a #gnutls_anon_client_credentials_t type.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Allocate a gnutls_anon_client_credentials_t structure.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Returns: %GNUTLS_E_SUCCESS on success, or an error code.
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_anon_allocate_client_credentials(gnutls_anon_client_credentials_t *
|
|
Packit |
aea12f |
sc)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
/* anon_dummy is only there for *sc not to be null.
|
|
Packit |
aea12f |
* it is not used at all;
|
|
Packit |
aea12f |
*/
|
|
Packit |
aea12f |
*sc = anon_dummy;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_set_server_dh_params:
|
|
Packit |
aea12f |
* @res: is a gnutls_anon_server_credentials_t type
|
|
Packit |
aea12f |
* @dh_params: The Diffie-Hellman parameters.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This function will set the Diffie-Hellman parameters for an
|
|
Packit |
aea12f |
* anonymous server to use. These parameters will be used in
|
|
Packit |
aea12f |
* Anonymous Diffie-Hellman cipher suites.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
|
|
Packit |
aea12f |
* or later. Since 3.6.0, DH parameters are negotiated
|
|
Packit |
aea12f |
* following RFC7919.
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
void
|
|
Packit |
aea12f |
gnutls_anon_set_server_dh_params(gnutls_anon_server_credentials_t res,
|
|
Packit |
aea12f |
gnutls_dh_params_t dh_params)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
if (res->deinit_dh_params) {
|
|
Packit |
aea12f |
res->deinit_dh_params = 0;
|
|
Packit |
aea12f |
gnutls_dh_params_deinit(res->dh_params);
|
|
Packit |
aea12f |
res->dh_params = NULL;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
res->dh_params = dh_params;
|
|
Packit |
aea12f |
res->dh_sec_param = gnutls_pk_bits_to_sec_param(GNUTLS_PK_DH, _gnutls_mpi_get_nbits(dh_params->params[0]));
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_set_server_known_dh_params:
|
|
Packit |
aea12f |
* @res: is a gnutls_anon_server_credentials_t type
|
|
Packit |
aea12f |
* @sec_param: is an option of the %gnutls_sec_param_t enumeration
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This function will set the Diffie-Hellman parameters for an
|
|
Packit |
aea12f |
* anonymous server to use. These parameters will be used in
|
|
Packit |
aea12f |
* Anonymous Diffie-Hellman cipher suites and will be selected from
|
|
Packit |
aea12f |
* the FFDHE set of RFC7919 according to the security level provided.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
|
|
Packit |
aea12f |
* or later. Since 3.6.0, DH parameters are negotiated
|
|
Packit |
aea12f |
* following RFC7919.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise a
|
|
Packit |
aea12f |
* negative error value.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Since: 3.5.6
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
int
|
|
Packit |
aea12f |
gnutls_anon_set_server_known_dh_params(gnutls_anon_server_credentials_t res,
|
|
Packit |
aea12f |
gnutls_sec_param_t sec_param)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
res->dh_sec_param = sec_param;
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
return 0;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_set_server_params_function:
|
|
Packit |
aea12f |
* @res: is a gnutls_certificate_credentials_t type
|
|
Packit |
aea12f |
* @func: is the function to be called
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This function will set a callback in order for the server to get
|
|
Packit |
aea12f |
* the Diffie-Hellman parameters for anonymous authentication. The
|
|
Packit |
aea12f |
* callback should return %GNUTLS_E_SUCCESS (0) on success.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
|
|
Packit |
aea12f |
* or later. Since 3.6.0, DH parameters are negotiated
|
|
Packit |
aea12f |
* following RFC7919.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
void
|
|
Packit |
aea12f |
gnutls_anon_set_server_params_function(gnutls_anon_server_credentials_t
|
|
Packit |
aea12f |
res, gnutls_params_function * func)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
res->params_func = func;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
|
|
Packit |
aea12f |
/**
|
|
Packit |
aea12f |
* gnutls_anon_set_params_function:
|
|
Packit |
aea12f |
* @res: is a gnutls_anon_server_credentials_t type
|
|
Packit |
aea12f |
* @func: is the function to be called
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* This function will set a callback in order for the server to get
|
|
Packit |
aea12f |
* the Diffie-Hellman or RSA parameters for anonymous authentication.
|
|
Packit |
aea12f |
* The callback should return %GNUTLS_E_SUCCESS (0) on success.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
* Deprecated: This function is unnecessary and discouraged on GnuTLS 3.6.0
|
|
Packit |
aea12f |
* or later. Since 3.6.0, DH parameters are negotiated
|
|
Packit |
aea12f |
* following RFC7919.
|
|
Packit |
aea12f |
*
|
|
Packit |
aea12f |
**/
|
|
Packit |
aea12f |
void
|
|
Packit |
aea12f |
gnutls_anon_set_params_function(gnutls_anon_server_credentials_t res,
|
|
Packit |
aea12f |
gnutls_params_function * func)
|
|
Packit |
aea12f |
{
|
|
Packit |
aea12f |
res->params_func = func;
|
|
Packit |
aea12f |
}
|
|
Packit |
aea12f |
#endif
|