| blob | f09257481b0ab5df1e3df58d53cc2b7a24e950f2 |
1 /*
2 * Copyright (C) 2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GNUTLS.
7 *
8 * The GNUTLS library is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public
19 * License along with this library; if not, write to the Free Software
20 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
21 * USA
22 *
23 */
25 /* Functions to manipulate the session (gnutls_int.h), and some other stuff
26 * are included here. The file's name is traditionally gnutls_state even if the
27 * state has been renamed to session.
28 */
30 #include <gnutls_int.h>
31 #include <gnutls_errors.h>
32 #include <gnutls_auth_int.h>
33 #include <gnutls_num.h>
34 #include <gnutls_datum.h>
35 #include <gnutls_db.h>
36 #include <gnutls_record.h>
37 #include <gnutls_handshake.h>
38 #include <gnutls_dh.h>
39 #include <gnutls_buffers.h>
40 #include <gnutls_state.h>
41 #include <auth_cert.h>
42 #include <auth_anon.h>
43 #include <auth_psk.h>
44 #include <gnutls_algorithms.h>
45 #include <gnutls_rsa_export.h>
47 void
49 gnutls_certificate_type_t ct)
50 {
52 }
54 /**
55 * gnutls_cipher_get - Returns the currently used cipher.
56 * @session: is a #gnutls_session_t structure.
57 *
58 * Get currently used cipher.
59 *
60 * Returns: the currently used cipher, an #gnutls_cipher_algorithm_t
61 * type.
62 **/
63 gnutls_cipher_algorithm_t
65 {
67 }
69 /**
70 * gnutls_certificate_type_get - Returns the currently used certificate type.
71 * @session: is a #gnutls_session_t structure.
72 *
73 * The certificate type is by default X.509, unless it is negotiated
74 * as a TLS extension.
75 *
76 * Returns: the currently used #gnutls_certificate_type_t certificate
77 * type.
78 **/
79 gnutls_certificate_type_t
81 {
83 }
85 /**
86 * gnutls_kx_get - Returns the key exchange algorithm.
87 * @session: is a #gnutls_session_t structure.
88 *
89 * Get currently used key exchange algorithm.
90 *
91 * Returns: the key exchange algorithm used in the last handshake, a
92 * #gnutls_kx_algorithm_t value.
93 **/
94 gnutls_kx_algorithm_t
96 {
98 }
100 /**
101 * gnutls_mac_get - Returns the currently used mac algorithm.
102 * @session: is a #gnutls_session_t structure.
103 *
104 * Get currently used MAC algorithm.
105 *
106 * Returns: the currently used mac algorithm, a
107 * #gnutls_mac_algorithm_t value.
108 **/
109 gnutls_mac_algorithm_t
111 {
113 }
115 /**
116 * gnutls_compression_get - Returns the currently used compression algorithm.
117 * @session: is a #gnutls_session_t structure.
118 *
119 * Get currently used compression algorithm.
120 *
121 * Returns: the currently used compression method, a
122 * #gnutls_compression_method_t value.
123 **/
124 gnutls_compression_method_t
126 {
128 }
130 /* Check if the given certificate type is supported.
131 * This means that it is enabled by the priority functions,
132 * and a matching certificate exists.
133 */
134 int
136 gnutls_certificate_type_t cert_type)
137 {
140 gnutls_certificate_credentials_t cred;
143 {
151 {
153 {
155 {
158 }
159 }
162 /* no certificate is of that type.
163 */
165 }
166 }
173 {
175 {
177 }
178 }
181 }
183 /* this function deinitializes all the internal parameters stored
184 * in a session struct.
185 */
188 {
196 }
198 /* This function will clear all the variables in internals
199 * structure within the session, which depend on the current handshake.
200 * This is used to allow further handshakes.
201 */
202 void
204 {
207 /* by default no selected certificate */
218 /* use out of band data for the last
219 * handshake messages received.
220 */
229 }
231 #define MIN_DH_BITS 727
232 /**
233 * gnutls_init - initialize the session to null (null encryption etc...).
234 * @con_end: indicate if this session is to be used for server or client.
235 * @session: is a pointer to a #gnutls_session_t structure.
236 *
237 * This function initializes the current session to null. Every
238 * session must be initialized before use, so internal structures can
239 * be allocated. This function allocates structures which can only
240 * be free'd by calling gnutls_deinit(). Returns zero on success.
241 *
242 * @con_end can be one of %GNUTLS_CLIENT and %GNUTLS_SERVER.
243 *
244 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
245 **/
246 int
248 {
255 /* the default certificate type for TLS */
258 /* Set the defaults for initial handshake */
261 GNUTLS_CIPHER_NULL;
267 GNUTLS_COMP_NULL;
269 GNUTLS_COMP_NULL;
273 /* Initialize buffers */
287 {
288 cleanup_session:
292 }
301 MAX_HANDSHAKE_PACKET_SIZE);
303 /* Allocate a minimum size for recv_data
304 * This is allocated in order to avoid small messages, making
305 * the receive procedure slow.
306 */
310 {
313 }
315 /* set the socket pointers to -1;
316 */
320 /* set the default maximum record size for TLS
321 */
323 DEFAULT_MAX_RECORD_SIZE;
325 DEFAULT_MAX_RECORD_SIZE;
327 /* everything else not initialized here is initialized
328 * as NULL or 0. This is why calloc is used.
329 */
334 }
336 /* returns RESUME_FALSE or RESUME_TRUE.
337 */
338 int
340 {
342 }
345 /**
346 * gnutls_deinit - clear all buffers associated with a session
347 * @session: is a #gnutls_session_t structure.
348 *
349 * This function clears all buffers associated with the @session.
350 * This function will also remove session data from the session
351 * database if the session was terminated abnormally.
352 **/
353 void
355 {
360 /* remove auth info firstly */
396 {
409 /* RSA */
417 }
422 {
426 }
430 }
432 /* Returns the minimum prime bits that are acceptable.
433 */
434 int
436 {
438 }
440 int
442 {
447 {
449 {
450 anon_auth_info_t info;
457 }
459 {
460 psk_auth_info_t info;
467 }
469 {
470 cert_auth_info_t info;
478 }
482 }
486 {
489 }
492 }
494 int
496 {
498 {
500 {
501 anon_auth_info_t info;
507 }
509 {
510 psk_auth_info_t info;
516 }
518 {
519 cert_auth_info_t info;
530 }
531 }
534 }
536 /* This function will set in the auth info structure the
537 * RSA exponent and the modulus.
538 */
539 int
542 {
543 cert_auth_info_t info;
552 {
555 }
559 {
563 }
566 }
569 /* Sets the prime and the generator in the auth info structure.
570 */
571 int
573 {
578 {
580 {
581 anon_auth_info_t info;
588 }
590 {
591 psk_auth_info_t info;
598 }
600 {
601 cert_auth_info_t info;
609 }
613 }
615 /* prime
616 */
619 {
622 }
624 /* generator
625 */
628 {
632 }
635 }
637 #ifdef ENABLE_OPENPGP
638 /**
639 * gnutls_openpgp_send_cert - order gnutls to send the openpgp fingerprint instead of the key
640 * @session: is a pointer to a #gnutls_session_t structure.
641 * @status: is one of GNUTLS_OPENPGP_CERT, or GNUTLS_OPENPGP_CERT_FINGERPRINT
642 *
643 * This function will order gnutls to send the key fingerprint
644 * instead of the key in the initial handshake procedure. This should
645 * be used with care and only when there is indication or knowledge
646 * that the server can obtain the client's key.
647 **/
648 void
650 gnutls_openpgp_crt_status_t status)
651 {
653 }
654 #endif
656 /**
657 * gnutls_certificate_send_x509_rdn_sequence - order gnutls to send or not the x.509 rdn sequence
658 * @session: is a pointer to a #gnutls_session_t structure.
659 * @status: is 0 or 1
660 *
661 * If status is non zero, this function will order gnutls not to send
662 * the rdnSequence in the certificate request message. That is the
663 * server will not advertize it's trusted CAs to the peer. If status
664 * is zero then the default behaviour will take effect, which is to
665 * advertize the server's trusted CAs.
666 *
667 * This function has no effect in clients, and in authentication
668 * methods other than certificate with X.509 certificates.
669 **/
670 void
673 {
675 }
677 #ifdef ENABLE_OPENPGP
678 int
680 {
682 }
683 #endif
685 /*-
686 * _gnutls_record_set_default_version - Used to set the default version for the first record packet
687 * @session: is a #gnutls_session_t structure.
688 * @major: is a tls major version
689 * @minor: is a tls minor version
690 *
691 * This function sets the default version that we will use in the first
692 * record packet (client hello). This function is only useful to people
693 * that know TLS internals and want to debug other implementations.
694 *
695 -*/
696 void
699 {
702 }
704 /**
705 * gnutls_handshake_set_private_extensions - Used to enable the private cipher suites
706 * @session: is a #gnutls_session_t structure.
707 * @allow: is an integer (0 or 1)
708 *
709 * This function will enable or disable the use of private cipher
710 * suites (the ones that start with 0xFF). By default or if @allow
711 * is 0 then these cipher suites will not be advertized nor used.
712 *
713 * Unless this function is called with the option to allow (1), then
714 * no compression algorithms, like LZO. That is because these
715 * algorithms are not yet defined in any RFC or even internet draft.
716 *
717 * Enabling the private ciphersuites when talking to other than
718 * gnutls servers and clients may cause interoperability problems.
719 **/
720 void
722 {
724 }
730 {
731 digest_hd_st td1;
736 {
739 }
745 }
747 #define MAX_SEED_SIZE 200
749 /* Produces "total_bytes" bytes using the hash algorithm specified.
750 * (used in the PRF function)
751 */
752 static int
757 {
759 digest_hd_st td2;
765 {
768 }
773 do
774 {
776 }
779 /* calculate A(0) */
787 {
790 {
793 }
795 /* here we calculate A(i+1) */
799 {
803 }
812 {
814 }
815 else
816 {
818 }
821 {
823 }
824 }
827 }
829 /* Xor's two buffers and puts the output in the first one.
830 */
833 {
836 {
838 }
839 }
843 #define MAX_PRF_BYTES 200
845 /* The PRF function expands a given secret
846 * needed by the TLS specification. ret must have a least total_bytes
847 * available.
848 */
849 int
854 {
863 {
866 }
867 /* label+seed = s_seed */
871 {
874 }
880 {
881 result =
886 {
889 }
890 }
891 else
892 {
899 {
900 l_s++;
901 }
903 result =
907 {
910 }
912 result =
916 {
919 }
924 }
928 }
930 /**
931 * gnutls_prf_raw - access the TLS PRF directly
932 * @session: is a #gnutls_session_t structure.
933 * @label_size: length of the @label variable.
934 * @label: label used in PRF computation, typically a short string.
935 * @seed_size: length of the @seed variable.
936 * @seed: optional extra data to seed the PRF with.
937 * @outsize: size of pre-allocated output buffer to hold the output.
938 * @out: pre-allocate buffer to hold the generated data.
939 *
940 * Apply the TLS Pseudo-Random-Function (PRF) using the master secret
941 * on some data.
942 *
943 * The @label variable usually contain a string denoting the purpose
944 * for the generated data. The @seed usually contain data such as the
945 * client and server random, perhaps together with some additional
946 * data that is added to guarantee uniqueness of the output for a
947 * particular purpose.
948 *
949 * Because the output is not guaranteed to be unique for a particular
950 * session unless @seed include the client random and server random
951 * fields (the PRF would output the same data on another connection
952 * resumed from the first one), it is not recommended to use this
953 * function directly. The gnutls_prf() function seed the PRF with the
954 * client and server random fields directly, and is recommended if you
955 * want to generate pseudo random data unique for each session.
956 *
957 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
958 **/
959 int
964 {
969 TLS_MASTER_SIZE,
970 label,
974 }
976 /**
977 * gnutls_prf - derive pseudo-random data using the TLS PRF
978 * @session: is a #gnutls_session_t structure.
979 * @label_size: length of the @label variable.
980 * @label: label used in PRF computation, typically a short string.
981 * @server_random_first: non-0 if server random field should be first in seed
982 * @extra_size: length of the @extra variable.
983 * @extra: optional extra data to seed the PRF with.
984 * @outsize: size of pre-allocated output buffer to hold the output.
985 * @out: pre-allocate buffer to hold the generated data.
986 *
987 * Apply the TLS Pseudo-Random-Function (PRF) using the master secret
988 * on some data, seeded with the client and server random fields.
989 *
990 * The @label variable usually contain a string denoting the purpose
991 * for the generated data. The @server_random_first indicate whether
992 * the client random field or the server random field should be first
993 * in the seed. Non-0 indicate that the server random field is first,
994 * 0 that the client random field is first.
995 *
996 * The @extra variable can be used to add more data to the seed, after
997 * the random variables. It can be used to tie make sure the
998 * generated output is strongly connected to some additional data
999 * (e.g., a string used in user authentication).
1000 *
1001 * The output is placed in *@OUT, which must be pre-allocated.
1002 *
1003 * Returns: %GNUTLS_E_SUCCESS on success, or an error code.
1004 **/
1005 int
1011 {
1018 {
1021 }
1033 TLS_MASTER_SIZE,
1039 }
1041 /**
1042 * gnutls_session_get_client_random - get the session's client random value
1043 * @session: is a #gnutls_session_t structure.
1044 *
1045 * Return a pointer to the 32-byte client random field used in the
1046 * session. The pointer must not be modified or deallocated.
1047 *
1048 * If a client random value has not yet been established, the output
1049 * will be garbage; in particular, a %NULL return value should not be
1050 * expected.
1051 *
1052 * Returns: pointer to client random data.
1053 **/
1056 {
1058 }
1060 /**
1061 * gnutls_session_get_server_random - get the session's server random value
1062 * @session: is a #gnutls_session_t structure.
1063 *
1064 * Return a pointer to the 32-byte server random field used in the
1065 * session. The pointer must not be modified or deallocated.
1066 *
1067 * If a server random value has not yet been established, the output
1068 * will be garbage; in particular, a %NULL return value should not be
1069 * expected.
1070 *
1071 * Returns: pointer to server random data.
1072 **/
1075 {
1077 }
1079 /**
1080 * gnutls_session_get_master_secret - get the session's master secret value
1081 * @session: is a #gnutls_session_t structure.
1082 *
1083 * Return a pointer to the 48-byte master secret in the session. The
1084 * pointer must not be modified or deallocated.
1085 *
1086 * If a master secret value has not yet been established, the output
1087 * will be garbage; in particular, a %NULL return value should not be
1088 * expected.
1089 *
1090 * Consider using gnutls_prf() rather than extracting the master
1091 * secret and use it to derive further data.
1092 *
1093 * Returns: pointer to master secret data.
1094 **/
1097 {
1099 }
1101 /**
1102 * gnutls_session_is_resumed - check whether this session is a resumed one
1103 * @session: is a #gnutls_session_t structure.
1104 *
1105 * Check whether session is resumed or not.
1106 *
1107 * Returns: non zero if this session is resumed, or a zero if this is
1108 * a new session.
1109 **/
1110 int
1112 {
1114 {
1120 session_id,
1123 }
1124 else
1125 {
1128 }
1131 }
1133 /*-
1134 * _gnutls_session_is_export - Used to check whether this session is of export grade
1135 * @session: is a #gnutls_session_t structure.
1136 *
1137 * This function will return non zero if this session is of export grade.
1138 *
1139 -*/
1140 int
1142 {
1143 gnutls_cipher_algorithm_t cipher;
1145 cipher =
1147 current_cipher_suite);
1153 }
1155 /**
1156 * gnutls_session_get_ptr - Get the user pointer from the session structure
1157 * @session: is a #gnutls_session_t structure.
1158 *
1159 * Get user pointer for session. Useful in callbacks. This is the
1160 * pointer set with gnutls_session_set_ptr().
1161 *
1162 * Returns: the user given pointer from the session structure, or
1163 * %NULL if it was never set.
1164 **/
1167 {
1169 }
1171 /**
1172 * gnutls_session_set_ptr - Used to set the user pointer to the session structure
1173 * @session: is a #gnutls_session_t structure.
1174 * @ptr: is the user pointer
1175 *
1176 * This function will set (associate) the user given pointer @ptr to
1177 * the session structure. This is pointer can be accessed with
1178 * gnutls_session_get_ptr().
1179 **/
1180 void
1182 {
1184 }
1187 /**
1188 * gnutls_record_get_direction - return the direction of the last interrupted function call
1189 * @session: is a #gnutls_session_t structure.
1190 *
1191 * This function provides information about the internals of the
1192 * record protocol and is only useful if a prior gnutls function call
1193 * (e.g. gnutls_handshake()) was interrupted for some reason, that
1194 * is, if a function returned %GNUTLS_E_INTERRUPTED or
1195 * %GNUTLS_E_AGAIN. In such a case, you might want to call select()
1196 * or poll() before calling the interrupted gnutls function again. To
1197 * tell you whether a file descriptor should be selected for either
1198 * reading or writing, gnutls_record_get_direction() returns 0 if the
1199 * interrupted function was trying to read data, and 1 if it was
1200 * trying to write data.
1201 *
1202 * Returns: 0 if trying to read data, 1 if trying to write data.
1203 **/
1204 int
1206 {
1208 }
1210 /*-
1211 * _gnutls_rsa_pms_set_version - Sets a version to be used at the RSA PMS
1212 * @session: is a #gnutls_session_t structure.
1213 * @major: is the major version to use
1214 * @minor: is the minor version to use
1215 *
1216 * This function will set the given version number to be used at the
1217 * RSA PMS secret. This is only useful to clients, which want to
1218 * test server's capabilities.
1219 *
1220 -*/
1221 void
1224 {
1227 }
1229 /**
1230 * gnutls_handshake_set_post_client_hello_function - set callback to be called after the client hello is received
1231 * @res: is a gnutls_anon_server_credentials_t structure
1232 * @func: is the function to be called
1233 *
1234 * This function will set a callback to be called after the client
1235 * hello has been received (callback valid in server side only). This
1236 * allows the server to adjust settings based on received extensions.
1237 *
1238 * Those settings could be ciphersuites, requesting certificate, or
1239 * anything else except for version negotiation (this is done before
1240 * the hello message is parsed).
1241 *
1242 * This callback must return 0 on success or a gnutls error code to
1243 * terminate the handshake.
1244 *
1245 * Warning: You should not use this function to terminate the
1246 * handshake based on client input unless you know what you are
1247 * doing. Before the handshake is finished there is no way to know if
1248 * there is a man-in-the-middle attack being performed.
1249 **/
1250 void
1252 gnutls_handshake_post_client_hello_func func)
1253 {
1255 }
1257 /**
1258 * gnutls_session_enable_compatibility_mode - disable certain features in TLS in order to honour compatibility
1259 * @session: is a #gnutls_session_t structure.
1260 *
1261 * This function can be used to disable certain (security) features in
1262 * TLS in order to maintain maximum compatibility with buggy
1263 * clients. It is equivalent to calling:
1264 * gnutls_record_disable_padding()
1265 *
1266 * Normally only servers that require maximum compatibility with
1267 * everything out there, need to call this function.
1268 **/
1269 void
1271 {
1273 }