search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
updated doc
[gnutls.git] / lib / auth / dhe_psk.c
blob5205cf515b5a441d02762096be99fc1dd1998c73
1 /*
2 * Copyright (C) 2005-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23 /* This file contains the PSK Diffie-Hellman key exchange part of the
24 * PSK authentication. The functions here are used in the handshake.
25 */
26
27 #include <gnutls_int.h>
28
29 #ifdef ENABLE_PSK
30
31 /* Contains PSK code for DHE and ECDHE
32 */
33
34 #include "gnutls_auth.h"
35 #include "gnutls_errors.h"
36 #include "gnutls_dh.h"
37 #include <auth/psk.h>
38 #include "gnutls_num.h"
39 #include "gnutls_mpi.h"
40 #include <gnutls_state.h>
41 #include <auth/dh_common.h>
42 #include <auth/ecdh_common.h>
43 #include <gnutls_datum.h>
44 #include <auth/psk_passwd.h>
45
46 static int gen_psk_server_kx (gnutls_session_t, gnutls_buffer_st*);
47 static int gen_psk_client_kx (gnutls_session_t, gnutls_buffer_st*);
48 static int proc_psk_client_kx (gnutls_session_t, uint8_t *, size_t);
49 static int proc_psk_server_kx (gnutls_session_t, uint8_t *, size_t);
50 static int gen_ecdhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data);
51 static int proc_ecdhe_psk_client_kx (gnutls_session_t session, uint8_t * data,
52 size_t _data_size);
53
54 const mod_auth_st dhe_psk_auth_struct = {
55 "DHE PSK",
56 NULL,
57 NULL,
58 gen_psk_server_kx,
59 gen_psk_client_kx,
60 NULL,
61 NULL,
62
63 NULL,
64 NULL, /* certificate */
65 proc_psk_server_kx,
66 proc_psk_client_kx,
67 NULL,
68 NULL
69 };
70
71 const mod_auth_st ecdhe_psk_auth_struct = {
72 "ECDHE PSK",
73 NULL,
74 NULL,
75 gen_ecdhe_psk_server_kx,
76 gen_psk_client_kx,
77 NULL,
78 NULL,
79
80 NULL,
81 NULL, /* certificate */
82 proc_psk_server_kx,
83 proc_ecdhe_psk_client_kx,
84 NULL,
85 NULL
86 };
87
88 static int
89 gen_psk_client_kx (gnutls_session_t session, gnutls_buffer_st* data)
90 {
91 int ret, free;
92 gnutls_psk_client_credentials_t cred;
93 gnutls_datum_t username, key;
94
95 cred = (gnutls_psk_client_credentials_t)
96 _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL);
97
98 if (cred == NULL)
99 return gnutls_assert_val(GNUTLS_E_INSUFFICIENT_CREDENTIALS);
100
101 ret = _gnutls_find_psk_key( session, cred, &username, &key, &free);
102 if (ret < 0)
103 return gnutls_assert_val(ret);
104
105 ret = _gnutls_buffer_append_data_prefix(data, 16, username.data, username.size);
106 if (ret < 0)
107 {
108 gnutls_assert();
109 goto cleanup;
110 }
111
112 /* The PSK key is set in there */
113 if (!_gnutls_session_is_ecc (session))
114 ret = _gnutls_gen_dh_common_client_kx_int (session, data, &key);
115 else
116 ret = _gnutls_gen_ecdh_common_client_kx_int (session, data, &key);
117
118 if (ret < 0)
119 {
120 gnutls_assert ();
121 goto cleanup;
122 }
123
124 ret = data->length;
125
126 cleanup:
127 if (free)
128 {
129 _gnutls_free_datum(&username);
130 _gnutls_free_datum(&key);
131 }
132
133 return ret;
134
135 }
136
137 static int
138 gen_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data)
139 {
140 bigint_t g, p;
141 const bigint_t *mpis;
142 int ret;
143 gnutls_dh_params_t dh_params;
144 gnutls_psk_server_credentials_t cred;
145
146 cred = (gnutls_psk_server_credentials_t)
147 _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL);
148 if (cred == NULL)
149 {
150 gnutls_assert ();
151 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
152 }
153
154 dh_params =
155 _gnutls_get_dh_params (cred->dh_params, cred->params_func, session);
156 mpis = _gnutls_dh_params_to_mpi (dh_params);
157 if (mpis == NULL)
158 {
159 gnutls_assert ();
160 return GNUTLS_E_NO_TEMPORARY_DH_PARAMS;
161 }
162
163 p = mpis[0];
164 g = mpis[1];
165
166 if ((ret =
167 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
168 sizeof (psk_auth_info_st), 1)) < 0)
169 {
170 gnutls_assert ();
171 return ret;
172 }
173
174 _gnutls_dh_set_group (session, g, p);
175
176 ret = _gnutls_buffer_append_prefix(data, 16, 0);
177 if (ret < 0)
178 return gnutls_assert_val(ret);
179
180 ret = _gnutls_dh_common_print_server_kx (session, g, p, dh_params->q_bits, data);
181 if (ret < 0)
182 gnutls_assert ();
183
184 return ret;
185 }
186
187 static int
188 gen_ecdhe_psk_server_kx (gnutls_session_t session, gnutls_buffer_st* data)
189 {
190 int ret;
191
192 if ((ret =
193 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
194 sizeof (psk_auth_info_st), 1)) < 0)
195 {
196 gnutls_assert ();
197 return ret;
198 }
199
200 ret = _gnutls_buffer_append_prefix(data, 16, 0);
201 if (ret < 0)
202 return gnutls_assert_val(ret);
203
204 ret = _gnutls_ecdh_common_print_server_kx (session, data,
205 _gnutls_session_ecc_curve_get(session));
206 if (ret < 0)
207 gnutls_assert ();
208
209 return ret;
210 }
211
212
213 static int
214 proc_psk_client_kx (gnutls_session_t session, uint8_t * data,
215 size_t _data_size)
216 {
217 int ret;
218 bigint_t p, g;
219 gnutls_dh_params_t dh_params;
220 const bigint_t *mpis;
221 gnutls_datum_t psk_key;
222 gnutls_psk_server_credentials_t cred;
223 psk_auth_info_t info;
224 gnutls_datum_t username;
225 ssize_t data_size = _data_size;
226
227 cred = (gnutls_psk_server_credentials_t)
228 _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL);
229
230 if (cred == NULL)
231 {
232 gnutls_assert ();
233 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
234 }
235
236 if ((ret =
237 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
238 sizeof (psk_auth_info_st), 1)) < 0)
239 {
240 gnutls_assert ();
241 return ret;
242 }
243
244 dh_params =
245 _gnutls_get_dh_params (cred->dh_params, cred->params_func, session);
246 mpis = _gnutls_dh_params_to_mpi (dh_params);
247 if (mpis == NULL)
248 {
249 gnutls_assert ();
250 return GNUTLS_E_NO_TEMPORARY_DH_PARAMS;
251 }
252
253 p = mpis[0];
254 g = mpis[1];
255
256 DECR_LEN (data_size, 2);
257 username.size = _gnutls_read_uint16 (&data[0]);
258
259 DECR_LEN (data_size, username.size);
260
261 username.data = &data[2];
262
263 /* copy the username to the auth info structures
264 */
265 info = _gnutls_get_auth_info (session);
266
267 if (username.size > MAX_USERNAME_SIZE)
268 {
269 gnutls_assert ();
270 return GNUTLS_E_ILLEGAL_SRP_USERNAME;
271 }
272
273 memcpy (info->username, username.data, username.size);
274 info->username[username.size] = 0;
275
276 /* Adjust the data */
277 data += username.size + 2;
278
279 ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key);
280 if (ret < 0)
281 return gnutls_assert_val(ret);
282
283 ret = _gnutls_proc_dh_common_client_kx (session, data, data_size,
284 g, p, &psk_key);
285
286 _gnutls_free_datum(&psk_key);
287
288 return ret;
289
290 }
291
292 static int
293 proc_ecdhe_psk_client_kx (gnutls_session_t session, uint8_t * data,
294 size_t _data_size)
295 {
296 int ret;
297 gnutls_psk_server_credentials_t cred;
298 gnutls_datum_t psk_key;
299 psk_auth_info_t info;
300 gnutls_datum_t username;
301 ssize_t data_size = _data_size;
302
303 cred = (gnutls_psk_server_credentials_t)
304 _gnutls_get_cred (session, GNUTLS_CRD_PSK, NULL);
305
306 if (cred == NULL)
307 {
308 gnutls_assert ();
309 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
310 }
311
312 if ((ret =
313 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
314 sizeof (psk_auth_info_st), 1)) < 0)
315 {
316 gnutls_assert ();
317 return ret;
318 }
319
320 DECR_LEN (data_size, 2);
321 username.size = _gnutls_read_uint16 (&data[0]);
322
323 DECR_LEN (data_size, username.size);
324
325 username.data = &data[2];
326
327 /* copy the username to the auth info structures
328 */
329 info = _gnutls_get_auth_info (session);
330
331 if (username.size > MAX_USERNAME_SIZE)
332 {
333 gnutls_assert ();
334 return GNUTLS_E_ILLEGAL_SRP_USERNAME;
335 }
336
337 memcpy (info->username, username.data, username.size);
338 info->username[username.size] = 0;
339
340 /* Adjust the data */
341 data += username.size + 2;
342
343 /* should never fail. It will always return a key even if it is
344 * a random one */
345 ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key);
346 if (ret < 0)
347 return gnutls_assert_val(ret);
348
349 ret = _gnutls_proc_ecdh_common_client_kx(session, data, data_size,
350 _gnutls_session_ecc_curve_get(session), &psk_key);
351
352 _gnutls_free_datum(&psk_key);
353
354 return ret;
355 }
356
357 int
358 proc_psk_server_kx (gnutls_session_t session, uint8_t * data,
359 size_t _data_size)
360 {
361
362 int ret, psk_size;
363 ssize_t data_size = _data_size;
364
365 /* set auth_info */
366 if ((ret =
367 _gnutls_auth_info_set (session, GNUTLS_CRD_PSK,
368 sizeof (psk_auth_info_st), 1)) < 0)
369 {
370 gnutls_assert ();
371 return ret;
372 }
373
374 DECR_LEN (data_size, 2);
375 psk_size = _gnutls_read_uint16 (data);
376 DECR_LEN (data_size, psk_size);
377 data += 2 + psk_size;
378
379 if (!_gnutls_session_is_ecc (session))
380 ret = _gnutls_proc_dh_common_server_kx (session, data, data_size);
381 else
382 ret = _gnutls_proc_ecdh_common_server_kx (session, data, data_size);
383 if (ret < 0)
384 {
385 gnutls_assert ();
386 return ret;
387 }
388
389 return 0;
390 }
391
392 #endif /* ENABLE_PSK */
Implementation of the SSL/TLS protocol