summaryrefslogtreecommitdiffstats
path: root/lib/auth/anon.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/auth/anon.c')
-rw-r--r--lib/auth/anon.c131
1 files changed, 131 insertions, 0 deletions
diff --git a/lib/auth/anon.c b/lib/auth/anon.c
new file mode 100644
index 0000000..2fc2cd7
--- /dev/null
+++ b/lib/auth/anon.c
@@ -0,0 +1,131 @@
+/*
+ * Copyright (C) 2000-2012 Free Software Foundation, Inc.
+ * Copyright (C) 2017 Red Hat, Inc.
+ *
+ * Author: Nikos Mavrogiannopoulos
+ *
+ * This file is part of GnuTLS.
+ *
+ * The GnuTLS is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public License
+ * as published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>
+ *
+ */
+
+/* This file contains the Anonymous Diffie-Hellman key exchange part of
+ * the anonymous authentication. The functions here are used in the
+ * handshake.
+ */
+
+#include "gnutls_int.h"
+
+#if defined(ENABLE_ANON) && defined(ENABLE_DHE)
+
+#include "auth.h"
+#include "errors.h"
+#include "dh.h"
+#include "auth/anon.h"
+#include "num.h"
+#include "mpi.h"
+#include <state.h>
+#include <auth/dh_common.h>
+
+static int gen_anon_server_kx(gnutls_session_t, gnutls_buffer_st *);
+static int proc_anon_client_kx(gnutls_session_t, uint8_t *, size_t);
+static int proc_anon_server_kx(gnutls_session_t, uint8_t *, size_t);
+
+const mod_auth_st anon_auth_struct = {
+ "ANON",
+ NULL,
+ NULL,
+ gen_anon_server_kx,
+ _gnutls_gen_dh_common_client_kx, /* this can be shared */
+ NULL,
+ NULL,
+
+ NULL,
+ NULL, /* certificate */
+ proc_anon_server_kx,
+ proc_anon_client_kx,
+ NULL,
+ NULL
+};
+
+static int
+gen_anon_server_kx(gnutls_session_t session, gnutls_buffer_st * data)
+{
+ int ret;
+ gnutls_anon_server_credentials_t cred;
+
+ cred = (gnutls_anon_server_credentials_t)
+ _gnutls_get_cred(session, GNUTLS_CRD_ANON);
+ if (cred == NULL) {
+ gnutls_assert();
+ return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
+ }
+
+ if ((ret =
+ _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+ sizeof(anon_auth_info_st), 1)) < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ ret = _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param);
+ if (ret < 0) {
+ return gnutls_assert_val(ret);
+ }
+
+ ret =
+ _gnutls_dh_common_print_server_kx(session, data);
+ if (ret < 0) {
+ gnutls_assert();
+ }
+
+ return ret;
+}
+
+
+static int
+proc_anon_client_kx(gnutls_session_t session, uint8_t * data,
+ size_t _data_size)
+{
+ return
+ _gnutls_proc_dh_common_client_kx(session, data, _data_size, NULL);
+
+}
+
+int
+proc_anon_server_kx(gnutls_session_t session, uint8_t * data,
+ size_t _data_size)
+{
+
+ int ret;
+
+ /* set auth_info */
+ if ((ret =
+ _gnutls_auth_info_init(session, GNUTLS_CRD_ANON,
+ sizeof(anon_auth_info_st), 1)) < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size);
+ if (ret < 0) {
+ gnutls_assert();
+ return ret;
+ }
+
+ return 0;
+}
+
+#endif /* ENABLE_ANON */