/* Format:
* 1 byte the credentials type
* 4 bytes the size of the whole structure
* 2 bytes the size of secret key in bits
* 4 bytes the size of the prime
* x bytes the prime
* 4 bytes the size of the generator
* x bytes the generator
* 4 bytes the size of the public key
* x bytes the public key
*/
static int
pack_anon_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
{
int cur_size, ret;
anon_auth_info_t info = _gnutls_get_auth_info (session);
int size_offset;
size_offset = ps->length;
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
if (info)
{
BUFFER_APPEND_NUM (ps, info->dh.secret_bits);
BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size);
BUFFER_APPEND_PFX (ps, info->dh.generator.data,
info->dh.generator.size);
BUFFER_APPEND_PFX (ps, info->dh.public_key.data,
info->dh.public_key.size);
}
/* write the real size */
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
return 0;
}
static int
signature_algorithms_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
sig_ext_st *priv = epriv.ptr;
int ret, i;
BUFFER_APPEND_NUM (ps, priv->sign_algorithms_size);
for (i = 0; i < priv->sign_algorithms_size; i++)
{
BUFFER_APPEND_NUM (ps, priv->sign_algorithms[i]);
}
return 0;
}
static int
_gnutls_server_name_pack(extension_priv_data_t epriv,
gnutls_buffer_st * ps)
{
server_name_ext_st *priv = epriv;
unsigned int i;
int ret;
BUFFER_APPEND_NUM(ps, priv->server_names_size);
for (i = 0; i < priv->server_names_size; i++) {
BUFFER_APPEND_NUM(ps, priv->server_names[i].type);
BUFFER_APPEND_PFX4(ps, priv->server_names[i].name,
priv->server_names[i].name_length);
}
return 0;
}
static int _proxyinfo_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
// Append the extension's internal state to buffer
ProxyInfo_ext_st *priv = epriv.ptr;
int i, ret;
BUFFER_APPEND_NUM (ps, priv->proxy_cnt);
BUFFER_APPEND_NUM (ps, priv->server_names_size);
for (i = 0; i < priv->server_names_size; i++)
{
BUFFER_APPEND_NUM (ps, priv->server_names[i].type);
BUFFER_APPEND_PFX (ps, priv->server_names[i].name,
priv->server_names[i].name_length);
}
return 0;
}
static int
_gnutls_srtp_pack(extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
srtp_ext_st *priv = epriv;
unsigned int i;
int ret;
BUFFER_APPEND_NUM(ps, priv->profiles_size);
for (i = 0; i < priv->profiles_size; i++) {
BUFFER_APPEND_NUM(ps, priv->profiles[i]);
}
BUFFER_APPEND_NUM(ps, priv->mki_received);
if (priv->mki_received) {
BUFFER_APPEND_NUM(ps, priv->selected_profile);
BUFFER_APPEND_PFX4(ps, priv->mki, priv->mki_size);
}
return 0;
}
static int
_gnutls_max_record_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
int ret;
BUFFER_APPEND_NUM (ps, epriv.num);
return 0;
}
int _gnutls_ext_pack(gnutls_session_t session, gnutls_buffer_st * packed)
{
unsigned int i;
int ret;
extension_priv_data_t data;
int cur_size;
int size_offset;
int total_exts_pos;
int exts = 0;
total_exts_pos = packed->length;
BUFFER_APPEND_NUM(packed, 0);
for (i = 0; i < extfunc_size; i++) {
ret =
_gnutls_ext_get_session_data(session, extfunc[i].type,
&data);
if (ret >= 0 && extfunc[i].pack_func != NULL) {
BUFFER_APPEND_NUM(packed, extfunc[i].type);
size_offset = packed->length;
BUFFER_APPEND_NUM(packed, 0);
cur_size = packed->length;
ret = extfunc[i].pack_func(data, packed);
if (ret < 0) {
gnutls_assert();
return ret;
}
exts++;
/* write the actual size */
_gnutls_write_uint32(packed->length - cur_size,
packed->data + size_offset);
}
}
_gnutls_write_uint32(exts, packed->data + total_exts_pos);
return 0;
}
static int
ia_pack (extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
ia_ext_st *priv = epriv.ptr;
int ret;
BUFFER_APPEND_NUM (ps, priv->flags);
BUFFER_APPEND_PFX (ps, priv->inner_secret, GNUTLS_MASTER_SIZE);
return 0;
}
static int
session_ticket_pack(extension_priv_data_t epriv, gnutls_buffer_st * ps)
{
session_ticket_ext_st *priv = epriv;
int ret;
BUFFER_APPEND_PFX4(ps, priv->session_ticket,
priv->session_ticket_len);
BUFFER_APPEND_NUM(ps, priv->session_ticket_enable);
return 0;
}
/* Format:
* 1 byte the credentials type
* 4 bytes the size of the whole structure
*
* 4 bytes the size of the PSK username (x)
* x bytes the PSK username
* 2 bytes the size of secret key in bits
* 4 bytes the size of the prime
* x bytes the prime
* 4 bytes the size of the generator
* x bytes the generator
* 4 bytes the size of the public key
* x bytes the public key
*/
static int
pack_psk_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
{
psk_auth_info_t info;
int username_len;
int hint_len, ret;
int size_offset;
size_t cur_size;
info = _gnutls_get_auth_info (session);
if (info && info->username)
username_len = strlen (info->username) + 1; /* include the terminating null */
else
username_len = 0;
if (info && info->hint)
hint_len = strlen (info->hint) + 1; /* include the terminating null */
else
hint_len = 0;
size_offset = ps->length;
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
BUFFER_APPEND_PFX (ps, info->username, username_len);
BUFFER_APPEND_PFX (ps, info->hint, hint_len);
BUFFER_APPEND_NUM (ps, info->dh.secret_bits);
BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size);
BUFFER_APPEND_PFX (ps, info->dh.generator.data, info->dh.generator.size);
BUFFER_APPEND_PFX (ps, info->dh.public_key.data, info->dh.public_key.size);
/* write the real size */
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
return 0;
}
/* Format:
* 1 byte the credentials type
* 4 bytes the size of the whole structure
* DH stuff
* 2 bytes the size of secret key in bits
* 4 bytes the size of the prime
* x bytes the prime
* 4 bytes the size of the generator
* x bytes the generator
* 4 bytes the size of the public key
* x bytes the public key
* RSA stuff
* 4 bytes the size of the modulus
* x bytes the modulus
* 4 bytes the size of the exponent
* x bytes the exponent
* CERTIFICATES
* 4 bytes the length of the certificate list
* 4 bytes the size of first certificate
* x bytes the certificate
* and so on...
*/
static int
pack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
{
unsigned int i;
int cur_size, ret;
cert_auth_info_t info = _gnutls_get_auth_info (session);
int size_offset;
size_offset = ps->length;
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
if (info)
{
BUFFER_APPEND_NUM (ps, info->dh.secret_bits);
BUFFER_APPEND_PFX (ps, info->dh.prime.data, info->dh.prime.size);
BUFFER_APPEND_PFX (ps, info->dh.generator.data,
info->dh.generator.size);
BUFFER_APPEND_PFX (ps, info->dh.public_key.data,
info->dh.public_key.size);
BUFFER_APPEND_PFX (ps, info->rsa_export.modulus.data,
info->rsa_export.modulus.size);
BUFFER_APPEND_PFX (ps, info->rsa_export.exponent.data,
info->rsa_export.exponent.size);
BUFFER_APPEND_NUM (ps, info->ncerts);
for (i = 0; i < info->ncerts; i++)
BUFFER_APPEND_PFX (ps, info->raw_certificate_list[i].data,
info->raw_certificate_list[i].size);
}
/* write the real size */
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
return 0;
}
/* Format:
* 1 byte the credentials type
* 4 bytes the size of the SRP username (x)
* x bytes the SRP username
*/
static int
pack_srp_auth_info (gnutls_session_t session, gnutls_buffer_st * ps)
{
srp_server_auth_info_t info = _gnutls_get_auth_info (session);
int len, ret;
int size_offset;
size_t cur_size;
if (info && info->username)
len = strlen (info->username) + 1; /* include the terminating null */
else
len = 0;
size_offset = ps->length;
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
BUFFER_APPEND_PFX (ps, info->username, len);
/* write the real size */
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
return 0;
}
/* Format:
* 4 bytes the total security data size
* 1 byte the entity type (client/server)
* 1 byte the key exchange algorithm used
* 1 byte the read cipher algorithm
* 1 byte the read mac algorithm
* 1 byte the read compression algorithm
*
* 1 byte the write cipher algorithm
* 1 byte the write mac algorithm
* 1 byte the write compression algorithm
*
* 1 byte the certificate type
* 1 byte the protocol version
*
* 2 bytes the cipher suite
*
* 48 bytes the master secret
*
* 32 bytes the client random
* 32 bytes the server random
*
* 1 byte the session ID size
* x bytes the session ID (32 bytes max)
*
* 4 bytes a timestamp
* -------------------
* MAX: 165 bytes
*
*/
static int
pack_security_parameters (gnutls_session_t session, gnutls_buffer_st * ps)
{
int ret;
int size_offset;
size_t cur_size;
record_parameters_st *params;
if (session->security_parameters.epoch_read
!= session->security_parameters.epoch_write)
{
gnutls_assert ();
return GNUTLS_E_INVALID_REQUEST;
}
ret = _gnutls_epoch_get (session, EPOCH_READ_CURRENT, ¶ms);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
/* move after the auth info stuff.
*/
size_offset = ps->length;
BUFFER_APPEND_NUM (ps, 0);
cur_size = ps->length;
BUFFER_APPEND (ps, &session->security_parameters.entity, 1);
BUFFER_APPEND (ps, &session->security_parameters.kx_algorithm, 1);
BUFFER_APPEND (ps,
&session->security_parameters.current_cipher_suite.suite[0],
1);
BUFFER_APPEND (ps,
&session->security_parameters.current_cipher_suite.suite[1],
1);
BUFFER_APPEND (ps, ¶ms->compression_algorithm, 1);
BUFFER_APPEND (ps, &session->security_parameters.cert_type, 1);
BUFFER_APPEND (ps, &session->security_parameters.version, 1);
BUFFER_APPEND (ps, session->security_parameters.master_secret,
GNUTLS_MASTER_SIZE);
BUFFER_APPEND (ps, session->security_parameters.client_random,
GNUTLS_RANDOM_SIZE);
BUFFER_APPEND (ps, session->security_parameters.server_random,
GNUTLS_RANDOM_SIZE);
BUFFER_APPEND_NUM (ps, session->security_parameters.session_id_size);
BUFFER_APPEND (ps, session->security_parameters.session_id,
session->security_parameters.session_id_size);
BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_send_size);
BUFFER_APPEND_NUM (ps, session->security_parameters.max_record_recv_size);
BUFFER_APPEND_NUM (ps, session->security_parameters.timestamp);
_gnutls_write_uint32 (ps->length - cur_size, ps->data + size_offset);
return 0;
}
