diff options
Diffstat (limited to 'lib/auth/anon.c')
-rw-r--r-- | lib/auth/anon.c | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/lib/auth/anon.c b/lib/auth/anon.c new file mode 100644 index 0000000..2fc2cd7 --- /dev/null +++ b/lib/auth/anon.c @@ -0,0 +1,131 @@ +/* + * Copyright (C) 2000-2012 Free Software Foundation, Inc. + * Copyright (C) 2017 Red Hat, Inc. + * + * Author: Nikos Mavrogiannopoulos + * + * This file is part of GnuTLS. + * + * The GnuTLS is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public License + * as published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program. If not, see <https://www.gnu.org/licenses/> + * + */ + +/* This file contains the Anonymous Diffie-Hellman key exchange part of + * the anonymous authentication. The functions here are used in the + * handshake. + */ + +#include "gnutls_int.h" + +#if defined(ENABLE_ANON) && defined(ENABLE_DHE) + +#include "auth.h" +#include "errors.h" +#include "dh.h" +#include "auth/anon.h" +#include "num.h" +#include "mpi.h" +#include <state.h> +#include <auth/dh_common.h> + +static int gen_anon_server_kx(gnutls_session_t, gnutls_buffer_st *); +static int proc_anon_client_kx(gnutls_session_t, uint8_t *, size_t); +static int proc_anon_server_kx(gnutls_session_t, uint8_t *, size_t); + +const mod_auth_st anon_auth_struct = { + "ANON", + NULL, + NULL, + gen_anon_server_kx, + _gnutls_gen_dh_common_client_kx, /* this can be shared */ + NULL, + NULL, + + NULL, + NULL, /* certificate */ + proc_anon_server_kx, + proc_anon_client_kx, + NULL, + NULL +}; + +static int +gen_anon_server_kx(gnutls_session_t session, gnutls_buffer_st * data) +{ + int ret; + gnutls_anon_server_credentials_t cred; + + cred = (gnutls_anon_server_credentials_t) + _gnutls_get_cred(session, GNUTLS_CRD_ANON); + if (cred == NULL) { + gnutls_assert(); + return GNUTLS_E_INSUFFICIENT_CREDENTIALS; + } + + if ((ret = + _gnutls_auth_info_init(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param); + if (ret < 0) { + return gnutls_assert_val(ret); + } + + ret = + _gnutls_dh_common_print_server_kx(session, data); + if (ret < 0) { + gnutls_assert(); + } + + return ret; +} + + +static int +proc_anon_client_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) +{ + return + _gnutls_proc_dh_common_client_kx(session, data, _data_size, NULL); + +} + +int +proc_anon_server_kx(gnutls_session_t session, uint8_t * data, + size_t _data_size) +{ + + int ret; + + /* set auth_info */ + if ((ret = + _gnutls_auth_info_init(session, GNUTLS_CRD_ANON, + sizeof(anon_auth_info_st), 1)) < 0) { + gnutls_assert(); + return ret; + } + + ret = _gnutls_proc_dh_common_server_kx(session, data, _data_size); + if (ret < 0) { + gnutls_assert(); + return ret; + } + + return 0; +} + +#endif /* ENABLE_ANON */ |