search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
*** empty log message ***
[gnutls.git] / libextra / ext_srp.c
blob4dda8943980a58b59058d26cbef46977346decc7
1 /*
2 * Copyright (C) 2001,2002 Nikos Mavroyanopoulos
3 *
4 * This file is part of GNUTLS.
5 *
6 * GNUTLS-EXTRA is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * GNUTLS-EXTRA is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
19 */
20
21 #include "gnutls_int.h"
22
23 #ifdef ENABLE_SRP
24
25 #include "gnutls_auth_int.h"
26 #include "auth_srp.h"
27 #include "gnutls_errors.h"
28 #include "gnutls_algorithms.h"
29
30 int _gnutls_srp_recv_params( GNUTLS_STATE state, const opaque* data, int data_size) {
31 uint8 len;
32
33 if (_gnutls_kx_priority( state, GNUTLS_KX_SRP) < 0) {
34 /* algorithm was not allowed in this state
35 */
36 return 0;
37 }
38
39 if (state->security_parameters.entity == GNUTLS_SERVER) {
40 if (data_size > 0) {
41 len = data[0];
42 if (len > data_size) {
43 gnutls_assert();
44 return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
45 }
46 if ( sizeof( state->security_parameters.extensions.srp_username) <= len) {
47 gnutls_assert();
48 return GNUTLS_E_MEMORY_ERROR;
49 }
50 memcpy( state->security_parameters.extensions.srp_username, &data[1], len);
51 state->security_parameters.extensions.srp_username[len]=0; /* null terminated */
52 }
53 } else { /* client side reading server hello extensions */
54 if (state->gnutls_internals.resumed==RESUME_FALSE)
55 return proc_srp_server_hello( state, data, data_size);
56 else /* we do not need to process this if
57 * we are resuming.
58 */
59 return 0;
60 }
61 return 0;
62 }
63
64 /* returns data_size or a negative number on failure
65 * data is allocated localy
66 */
67 int _gnutls_srp_send_params( GNUTLS_STATE state, opaque* data, int data_size) {
68 uint8 len;
69
70 if (_gnutls_kx_priority( state, GNUTLS_KX_SRP) < 0) {
71 /* algorithm was not allowed in this state
72 */
73 return 0;
74 }
75
76 /* this function sends the client extension data (username) */
77 if (state->security_parameters.entity == GNUTLS_CLIENT) {
78 const GNUTLS_SRP_CLIENT_CREDENTIALS cred = _gnutls_get_cred( state->gnutls_key, GNUTLS_CRD_SRP, NULL);
79
80 if (cred==NULL) return 0;
81
82 if (cred->username!=NULL) { /* send username */
83 len = strlen(cred->username);
84 if (data_size < len+1) {
85 gnutls_assert();
86 return GNUTLS_E_INVALID_REQUEST;
87 }
88
89 data[0] = len;
90 memcpy( &data[1], cred->username, len);
91 return len + 1;
92 }
93 } else { /* SERVER SIDE sending (g,n,s) */
94 /* We only send the packet if we are NOT
95 * resuming AND we are using SRP
96 */
97
98 /* note that security parameters are not fully established
99 */
100 if ( _gnutls_cipher_suite_get_kx_algo(state->security_parameters.current_cipher_suite) != GNUTLS_KX_SRP)
101 return 0; /* no data to send */
102
103 if (state->gnutls_internals.resumed==RESUME_FALSE)
104 return gen_srp_server_hello( state, data, data_size);
105 else
106 return 0;
107 }
108 return 0;
109 }
110
111 #endif /* ENABLE_SRP */
Implementation of the SSL/TLS protocol