/* Format: * 1 byte the credentials type * 4 bytes the size of the whole structure * 2 bytes the size of secret key in bits * 4 bytes the size of the prime * x bytes the prime * 4 bytes the size of the generator * x bytes the generator * 4 bytes the size of the public key * x bytes the public key */ static int pack_anon_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) { int cur_size, ret; anon_auth_info_t info = _gnutls_get_auth_info (session); int size_offset; size_offset = ps->length; BUFFER_APPEND_NUM (ps, 0); cur_size = ps->length; if (info) { BUFFER_APPEND_NUM (ps, info->dh.secret_bits); BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size); BUFFER_APPEND_PFX (ps, info->dh.generator.data, info->dh.generator.size); BUFFER_APPEND_PFX (ps, info->dh.public_key.data, info->dh.public_key.size); } /* write the real size */ _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset); return 0; }
static int signature_algorithms_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps) { sig_ext_st *priv = epriv.ptr; int ret, i; BUFFER_APPEND_NUM (ps, priv->sign_algorithms_size); for (i = 0; i < priv->sign_algorithms_size; i++) { BUFFER_APPEND_NUM (ps, priv->sign_algorithms[i]); } return 0; }
static int _gnutls_server_name_pack(extension_priv_data_t epriv, gnutls_buffer_st * ps) { server_name_ext_st *priv = epriv; unsigned int i; int ret; BUFFER_APPEND_NUM(ps, priv->server_names_size); for (i = 0; i < priv->server_names_size; i++) { BUFFER_APPEND_NUM(ps, priv->server_names[i].type); BUFFER_APPEND_PFX4(ps, priv->server_names[i].name, priv->server_names[i].name_length); } return 0; }
static int _proxyinfo_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps) { // Append the extension's internal state to buffer ProxyInfo_ext_st *priv = epriv.ptr; int i, ret; BUFFER_APPEND_NUM (ps, priv->proxy_cnt); BUFFER_APPEND_NUM (ps, priv->server_names_size); for (i = 0; i < priv->server_names_size; i++) { BUFFER_APPEND_NUM (ps, priv->server_names[i].type); BUFFER_APPEND_PFX (ps, priv->server_names[i].name, priv->server_names[i].name_length); } return 0; }
static int _gnutls_srtp_pack(extension_priv_data_t epriv, gnutls_buffer_st * ps) { srtp_ext_st *priv = epriv; unsigned int i; int ret; BUFFER_APPEND_NUM(ps, priv->profiles_size); for (i = 0; i < priv->profiles_size; i++) { BUFFER_APPEND_NUM(ps, priv->profiles[i]); } BUFFER_APPEND_NUM(ps, priv->mki_received); if (priv->mki_received) { BUFFER_APPEND_NUM(ps, priv->selected_profile); BUFFER_APPEND_PFX4(ps, priv->mki, priv->mki_size); } return 0; }
static int _gnutls_max_record_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps) { int ret; BUFFER_APPEND_NUM (ps, epriv.num); return 0; }
int _gnutls_ext_pack(gnutls_session_t session, gnutls_buffer_st * packed) { unsigned int i; int ret; extension_priv_data_t data; int cur_size; int size_offset; int total_exts_pos; int exts = 0; total_exts_pos = packed->length; BUFFER_APPEND_NUM(packed, 0); for (i = 0; i < extfunc_size; i++) { ret = _gnutls_ext_get_session_data(session, extfunc[i].type, &data); if (ret >= 0 && extfunc[i].pack_func != NULL) { BUFFER_APPEND_NUM(packed, extfunc[i].type); size_offset = packed->length; BUFFER_APPEND_NUM(packed, 0); cur_size = packed->length; ret = extfunc[i].pack_func(data, packed); if (ret < 0) { gnutls_assert(); return ret; } exts++; /* write the actual size */ _gnutls_write_uint32(packed->length - cur_size, packed->data + size_offset); } } _gnutls_write_uint32(exts, packed->data + total_exts_pos); return 0; }
static int ia_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps) { ia_ext_st *priv = epriv.ptr; int ret; BUFFER_APPEND_NUM (ps, priv->flags); BUFFER_APPEND_PFX (ps, priv->inner_secret, GNUTLS_MASTER_SIZE); return 0; }
static int session_ticket_pack(extension_priv_data_t epriv, gnutls_buffer_st * ps) { session_ticket_ext_st *priv = epriv; int ret; BUFFER_APPEND_PFX4(ps, priv->session_ticket, priv->session_ticket_len); BUFFER_APPEND_NUM(ps, priv->session_ticket_enable); return 0; }
/* Format: * 1 byte the credentials type * 4 bytes the size of the whole structure * * 4 bytes the size of the PSK username (x) * x bytes the PSK username * 2 bytes the size of secret key in bits * 4 bytes the size of the prime * x bytes the prime * 4 bytes the size of the generator * x bytes the generator * 4 bytes the size of the public key * x bytes the public key */ static int pack_psk_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) { psk_auth_info_t info; int username_len; int hint_len, ret; int size_offset; size_t cur_size; info = _gnutls_get_auth_info (session); if (info && info->username) username_len = strlen (info->username) + 1; /* include the terminating null */ else username_len = 0; if (info && info->hint) hint_len = strlen (info->hint) + 1; /* include the terminating null */ else hint_len = 0; size_offset = ps->length; BUFFER_APPEND_NUM (ps, 0); cur_size = ps->length; BUFFER_APPEND_PFX (ps, info->username, username_len); BUFFER_APPEND_PFX (ps, info->hint, hint_len); BUFFER_APPEND_NUM (ps, info->dh.secret_bits); BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size); BUFFER_APPEND_PFX (ps, info->dh.generator.data, info->dh.generator.size); BUFFER_APPEND_PFX (ps, info->dh.public_key.data, info->dh.public_key.size); /* write the real size */ _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset); return 0; }
/* Format: * 1 byte the credentials type * 4 bytes the size of the whole structure * DH stuff * 2 bytes the size of secret key in bits * 4 bytes the size of the prime * x bytes the prime * 4 bytes the size of the generator * x bytes the generator * 4 bytes the size of the public key * x bytes the public key * RSA stuff * 4 bytes the size of the modulus * x bytes the modulus * 4 bytes the size of the exponent * x bytes the exponent * CERTIFICATES * 4 bytes the length of the certificate list * 4 bytes the size of first certificate * x bytes the certificate * and so on... */ static int pack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) { unsigned int i; int cur_size, ret; cert_auth_info_t info = _gnutls_get_auth_info (session); int size_offset; size_offset = ps->length; BUFFER_APPEND_NUM (ps, 0); cur_size = ps->length; if (info) { BUFFER_APPEND_NUM (ps, info->dh.secret_bits); BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size); BUFFER_APPEND_PFX (ps, info->dh.generator.data, info->dh.generator.size); BUFFER_APPEND_PFX (ps, info->dh.public_key.data, info->dh.public_key.size); BUFFER_APPEND_PFX (ps, info->rsa_export.modulus.data, info->rsa_export.modulus.size); BUFFER_APPEND_PFX (ps, info->rsa_export.exponent.data, info->rsa_export.exponent.size); BUFFER_APPEND_NUM (ps, info->ncerts); for (i = 0; i < info->ncerts; i++) BUFFER_APPEND_PFX (ps, info->raw_certificate_list[i].data, info->raw_certificate_list[i].size); } /* write the real size */ _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset); return 0; }
/* Format: * 1 byte the credentials type * 4 bytes the size of the SRP username (x) * x bytes the SRP username */ static int pack_srp_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) { srp_server_auth_info_t info = _gnutls_get_auth_info (session); int len, ret; int size_offset; size_t cur_size; if (info && info->username) len = strlen (info->username) + 1; /* include the terminating null */ else len = 0; size_offset = ps->length; BUFFER_APPEND_NUM (ps, 0); cur_size = ps->length; BUFFER_APPEND_PFX (ps, info->username, len); /* write the real size */ _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset); return 0; }
/* Format: * 4 bytes the total security data size * 1 byte the entity type (client/server) * 1 byte the key exchange algorithm used * 1 byte the read cipher algorithm * 1 byte the read mac algorithm * 1 byte the read compression algorithm * * 1 byte the write cipher algorithm * 1 byte the write mac algorithm * 1 byte the write compression algorithm * * 1 byte the certificate type * 1 byte the protocol version * * 2 bytes the cipher suite * * 48 bytes the master secret * * 32 bytes the client random * 32 bytes the server random * * 1 byte the session ID size * x bytes the session ID (32 bytes max) * * 4 bytes a timestamp * ------------------- * MAX: 165 bytes * */ static int pack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps) { int ret; int size_offset; size_t cur_size; record_parameters_st *params; if (session->security_parameters.epoch_read != session->security_parameters.epoch_write) { gnutls_assert (); return GNUTLS_E_INVALID_REQUEST; } ret = _gnutls_epoch_get (session, EPOCH_READ_CURRENT, ¶ms); if (ret < 0) { gnutls_assert (); return ret; } /* move after the auth info stuff. */ size_offset = ps->length; BUFFER_APPEND_NUM (ps, 0); cur_size = ps->length; BUFFER_APPEND (ps, &session->security_parameters.entity, 1); BUFFER_APPEND (ps, &session->security_parameters.kx_algorithm, 1); BUFFER_APPEND (ps, &session->security_parameters.current_cipher_suite.suite[0], 1); BUFFER_APPEND (ps, &session->security_parameters.current_cipher_suite.suite[1], 1); BUFFER_APPEND (ps, ¶ms->compression_algorithm, 1); BUFFER_APPEND (ps, &session->security_parameters.cert_type, 1); BUFFER_APPEND (ps, &session->security_parameters.version, 1); BUFFER_APPEND (ps, session->security_parameters.master_secret, GNUTLS_MASTER_SIZE); BUFFER_APPEND (ps, session->security_parameters.client_random, GNUTLS_RANDOM_SIZE); BUFFER_APPEND (ps, session->security_parameters.server_random, GNUTLS_RANDOM_SIZE); BUFFER_APPEND_NUM (ps, session->security_parameters.session_id_size); BUFFER_APPEND (ps, session->security_parameters.session_id, session->security_parameters.session_id_size); BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_send_size); BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_recv_size); BUFFER_APPEND_NUM (ps, session->security_parameters.timestamp); _gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset); return 0; }