source-git / gnutls

Clone
Source Code
GIT

Blame lib/dh-session.c

c8 c8s master
  1.   c8s
  2.   lib
  3.   dh-session.c
Blob History Raw
Packit Service 4684c1 
/*
Packit Service 4684c1 
 * Copyright (C) 2001-2015 Free Software Foundation, Inc.
Packit Service 4684c1 
 * Copyright (C) 2015 Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Author: Nikos Mavrogiannopoulos
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This file is part of GnuTLS.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The GnuTLS is free software; you can redistribute it and/or
Packit Service 4684c1 
 * modify it under the terms of the GNU Lesser General Public License
Packit Service 4684c1 
 * as published by the Free Software Foundation; either version 2.1 of
Packit Service 4684c1 
 * the License, or (at your option) any later version.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This library is distributed in the hope that it will be useful, but
Packit Service 4684c1 
 * WITHOUT ANY WARRANTY; without even the implied warranty of
Packit Service 4684c1 
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
Packit Service 4684c1 
 * Lesser General Public License for more details.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * You should have received a copy of the GNU Lesser General Public License
Packit Service 4684c1 
 * along with this program.  If not, see <https://www.gnu.org/licenses/>
Packit Service 4684c1 
 *
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
/* This file contains certificate authentication functions to be exported in the
Packit Service 4684c1 
 * API which did not fit elsewhere.
Packit Service 4684c1 
 */
Packit Service 4684c1
Packit Service 4684c1 
#include "gnutls_int.h"
Packit Service 4684c1 
#include <auth/srp_kx.h>
Packit Service 4684c1 
#include <auth/anon.h>
Packit Service 4684c1 
#include <auth/cert.h>
Packit Service 4684c1 
#include <auth/psk.h>
Packit Service 4684c1 
#include "errors.h"
Packit Service 4684c1 
#include <auth.h>
Packit Service 4684c1 
#include <state.h>
Packit Service 4684c1 
#include <datum.h>
Packit Service 4684c1 
#include <algorithms.h>
Packit Service 4684c1
Packit Service 4684c1 
/* ANON & DHE */
Packit Service 4684c1
Packit Service 4684c1 
#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_set_prime_bits:
Packit Service 4684c1 
 * @session: is a #gnutls_session_t type.
Packit Service 4684c1 
 * @bits: is the number of bits
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function sets the number of bits, for use in a Diffie-Hellman
Packit Service 4684c1 
 * key exchange.  This is used both in DH ephemeral and DH anonymous
Packit Service 4684c1 
 * cipher suites.  This will set the minimum size of the prime that
Packit Service 4684c1 
 * will be used for the handshake.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * In the client side it sets the minimum accepted number of bits.  If
Packit Service 4684c1 
 * a server sends a prime with less bits than that
Packit Service 4684c1 
 * %GNUTLS_E_DH_PRIME_UNACCEPTABLE will be returned by the handshake.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note that this function will warn via the audit log for value that
Packit Service 4684c1 
 * are believed to be weak.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * The function has no effect in server side.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note that since 3.1.7 this function is deprecated. The minimum
Packit Service 4684c1 
 * number of bits is set by the priority string level.
Packit Service 4684c1 
 * Also this function must be called after gnutls_priority_set_direct()
Packit Service 4684c1 
 * or the set value may be overridden by the selected priority options.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 *
Packit Service 4684c1 
 **/
Packit Service 4684c1 
void gnutls_dh_set_prime_bits(gnutls_session_t session, unsigned int bits)
Packit Service 4684c1 
{
Packit Service 4684c1 
	if (bits < gnutls_sec_param_to_pk_bits(GNUTLS_PK_DH, GNUTLS_SEC_PARAM_WEAK)
Packit Service 4684c1 
		&& bits != 0)
Packit Service 4684c1 
		_gnutls_audit_log(session,
Packit Service 4684c1 
				  "Note that the security level of the Diffie-Hellman key exchange has been lowered to %u bits and this may allow decryption of the session data\n",
Packit Service 4684c1 
				  bits);
Packit Service 4684c1 
	session->internals.dh_prime_bits = bits;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_get_group:
Packit Service 4684c1 
 * @session: is a gnutls session
Packit Service 4684c1 
 * @raw_gen: will hold the generator.
Packit Service 4684c1 
 * @raw_prime: will hold the prime.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will return the group parameters used in the last
Packit Service 4684c1 
 * Diffie-Hellman key exchange with the peer.  These are the prime and
Packit Service 4684c1 
 * the generator used.  This function should be used for both
Packit Service 4684c1 
 * anonymous and ephemeral Diffie-Hellman.  The output parameters must
Packit Service 4684c1 
 * be freed with gnutls_free().
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note, that the prime and generator are exported as non-negative
Packit Service 4684c1 
 * integers and may include a leading zero byte.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
Packit Service 4684c1 
 *   an error code is returned.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int
Packit Service 4684c1 
gnutls_dh_get_group(gnutls_session_t session,
Packit Service 4684c1 
		    gnutls_datum_t * raw_gen, gnutls_datum_t * raw_prime)
Packit Service 4684c1 
{
Packit Service 4684c1 
	dh_info_st *dh;
Packit Service 4684c1 
	int ret;
Packit Service 4684c1 
	anon_auth_info_t anon_info;
Packit Service 4684c1 
	cert_auth_info_t cert_info;
Packit Service 4684c1 
	psk_auth_info_t psk_info;
Packit Service 4684c1
Packit Service 4684c1 
	switch (gnutls_auth_get_type(session)) {
Packit Service 4684c1 
	case GNUTLS_CRD_ANON:
Packit Service 4684c1 
		anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
Packit Service 4684c1 
		if (anon_info == NULL)
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
		dh = &anon_info->dh;
Packit Service 4684c1 
		break;
Packit Service 4684c1 
	case GNUTLS_CRD_PSK:
Packit Service 4684c1 
		psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
Packit Service 4684c1 
		if (psk_info == NULL)
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
		dh = &psk_info->dh;
Packit Service 4684c1 
		break;
Packit Service 4684c1 
	case GNUTLS_CRD_CERTIFICATE:
Packit Service 4684c1 
		cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
Packit Service 4684c1 
		if (cert_info == NULL)
Packit Service 4684c1 
			return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
		dh = &cert_info->dh;
Packit Service 4684c1 
		break;
Packit Service 4684c1 
	default:
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	ret = _gnutls_set_datum(raw_prime, dh->prime.data, dh->prime.size);
Packit Service 4684c1 
	if (ret < 0) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return ret;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	ret =
Packit Service 4684c1 
	    _gnutls_set_datum(raw_gen, dh->generator.data,
Packit Service 4684c1 
			      dh->generator.size);
Packit Service 4684c1 
	if (ret < 0) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		_gnutls_free_datum(raw_prime);
Packit Service 4684c1 
		return ret;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return 0;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_get_pubkey:
Packit Service 4684c1 
 * @session: is a gnutls session
Packit Service 4684c1 
 * @raw_key: will hold the public key.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will return the peer's public key used in the last
Packit Service 4684c1 
 * Diffie-Hellman key exchange.  This function should be used for both
Packit Service 4684c1 
 * anonymous and ephemeral Diffie-Hellman.  The output parameters must
Packit Service 4684c1 
 * be freed with gnutls_free().
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Note, that public key is exported as non-negative
Packit Service 4684c1 
 * integer and may include a leading zero byte.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
Packit Service 4684c1 
 *   an error code is returned.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int
Packit Service 4684c1 
gnutls_dh_get_pubkey(gnutls_session_t session, gnutls_datum_t * raw_key)
Packit Service 4684c1 
{
Packit Service 4684c1 
	dh_info_st *dh;
Packit Service 4684c1 
	anon_auth_info_t anon_info;
Packit Service 4684c1 
	cert_auth_info_t cert_info;
Packit Service 4684c1 
	psk_auth_info_t psk_info;
Packit Service 4684c1
Packit Service 4684c1 
	switch (gnutls_auth_get_type(session)) {
Packit Service 4684c1 
	case GNUTLS_CRD_ANON:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			anon_info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
Packit Service 4684c1 
			if (anon_info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			dh = &anon_info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_PSK:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			psk_info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
Packit Service 4684c1 
			if (psk_info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			dh = &psk_info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_CERTIFICATE:
Packit Service 4684c1 
		{
Packit Service 4684c1
Packit Service 4684c1 
			cert_info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
Packit Service 4684c1 
			if (cert_info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			dh = &cert_info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	default:
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return _gnutls_set_datum(raw_key, dh->public_key.data,
Packit Service 4684c1 
				 dh->public_key.size);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_get_secret_bits:
Packit Service 4684c1 
 * @session: is a gnutls session
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will return the bits used in the last Diffie-Hellman
Packit Service 4684c1 
 * key exchange with the peer.  Should be used for both anonymous and
Packit Service 4684c1 
 * ephemeral Diffie-Hellman.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: On success, %GNUTLS_E_SUCCESS (0) is returned, otherwise
Packit Service 4684c1 
 *   an error code is returned.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_dh_get_secret_bits(gnutls_session_t session)
Packit Service 4684c1 
{
Packit Service 4684c1 
	switch (gnutls_auth_get_type(session)) {
Packit Service 4684c1 
	case GNUTLS_CRD_ANON:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			anon_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			return info->dh.secret_bits;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_PSK:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			psk_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			return info->dh.secret_bits;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_CERTIFICATE:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			cert_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1
Packit Service 4684c1 
			return info->dh.secret_bits;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	default:
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
	}
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
static int mpi_buf2bits(gnutls_datum_t * mpi_buf)
Packit Service 4684c1 
{
Packit Service 4684c1 
	bigint_t mpi;
Packit Service 4684c1 
	int rc;
Packit Service 4684c1
Packit Service 4684c1 
	rc = _gnutls_mpi_init_scan_nz(&mpi, mpi_buf->data, mpi_buf->size);
Packit Service 4684c1 
	if (rc) {
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return rc;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	rc = _gnutls_mpi_get_nbits(mpi);
Packit Service 4684c1 
	_gnutls_mpi_release(&mpi;;
Packit Service 4684c1
Packit Service 4684c1 
	return rc;
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_get_prime_bits:
Packit Service 4684c1 
 * @session: is a gnutls session
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * This function will return the bits of the prime used in the last
Packit Service 4684c1 
 * Diffie-Hellman key exchange with the peer.  Should be used for both
Packit Service 4684c1 
 * anonymous and ephemeral Diffie-Hellman.  Note that some ciphers,
Packit Service 4684c1 
 * like RSA and DSA without DHE, do not use a Diffie-Hellman key
Packit Service 4684c1 
 * exchange, and then this function will return 0.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: The Diffie-Hellman bit strength is returned, or 0 if no
Packit Service 4684c1 
 *   Diffie-Hellman key exchange was done, or a negative error code on
Packit Service 4684c1 
 *   failure.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_dh_get_prime_bits(gnutls_session_t session)
Packit Service 4684c1 
{
Packit Service 4684c1 
	dh_info_st *dh;
Packit Service 4684c1
Packit Service 4684c1 
	switch (gnutls_auth_get_type(session)) {
Packit Service 4684c1 
	case GNUTLS_CRD_ANON:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			anon_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_PSK:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			psk_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_CERTIFICATE:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			cert_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	default:
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	if(dh->prime.size == 0)
Packit Service 4684c1 
		return 0;
Packit Service 4684c1
Packit Service 4684c1 
	return mpi_buf2bits(&dh->prime);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1
Packit Service 4684c1 
/**
Packit Service 4684c1 
 * gnutls_dh_get_peers_public_bits:
Packit Service 4684c1 
 * @session: is a gnutls session
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Get the Diffie-Hellman public key bit size.  Can be used for both
Packit Service 4684c1 
 * anonymous and ephemeral Diffie-Hellman.
Packit Service 4684c1 
 *
Packit Service 4684c1 
 * Returns: The public key bit size used in the last Diffie-Hellman
Packit Service 4684c1 
 *   key exchange with the peer, or a negative error code in case of error.
Packit Service 4684c1 
 **/
Packit Service 4684c1 
int gnutls_dh_get_peers_public_bits(gnutls_session_t session)
Packit Service 4684c1 
{
Packit Service 4684c1 
	dh_info_st *dh;
Packit Service 4684c1
Packit Service 4684c1 
	switch (gnutls_auth_get_type(session)) {
Packit Service 4684c1 
	case GNUTLS_CRD_ANON:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			anon_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_ANON);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_PSK:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			psk_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_PSK);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	case GNUTLS_CRD_CERTIFICATE:
Packit Service 4684c1 
		{
Packit Service 4684c1 
			cert_auth_info_t info;
Packit Service 4684c1
Packit Service 4684c1 
			info = _gnutls_get_auth_info(session, GNUTLS_CRD_CERTIFICATE);
Packit Service 4684c1 
			if (info == NULL)
Packit Service 4684c1 
				return gnutls_assert_val(GNUTLS_E_INTERNAL_ERROR);
Packit Service 4684c1
Packit Service 4684c1 
			dh = &info->dh;
Packit Service 4684c1 
			break;
Packit Service 4684c1 
		}
Packit Service 4684c1 
	default:
Packit Service 4684c1 
		gnutls_assert();
Packit Service 4684c1 
		return GNUTLS_E_INVALID_REQUEST;
Packit Service 4684c1 
	}
Packit Service 4684c1
Packit Service 4684c1 
	return mpi_buf2bits(&dh->public_key);
Packit Service 4684c1 
}
Packit Service 4684c1
Packit Service 4684c1 
#endif				/* DH */
Packit Service 4684c1

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation