static int gen_ecdhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { int ret = 0; gnutls_certificate_credentials_t cred; cred = (gnutls_certificate_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, sizeof(cert_auth_info_st), 0)) < 0) { gnutls_assert(); return ret; } ret = _gnutls_ecdh_common_print_server_kx(session, data, _gnutls_session_ecc_curve_get (session)); if (ret < 0) { gnutls_assert(); return ret; } /* Generate the signature. */ return _gnutls_gen_dhe_signature(session, data, data->data, data->length); }
static int gen_dhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { bigint_t g, p; const bigint_t *mpis; int ret = 0; gnutls_certificate_credentials_t cred; gnutls_dh_params_t dh_params; cred = (gnutls_certificate_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_CERTIFICATE, sizeof(cert_auth_info_st), 0)) < 0) { gnutls_assert(); return ret; } dh_params = _gnutls_get_dh_params(cred->dh_params, cred->params_func, session); mpis = _gnutls_dh_params_to_mpi(dh_params); if (mpis == NULL) { gnutls_assert(); return GNUTLS_E_NO_TEMPORARY_DH_PARAMS; } p = mpis[0]; g = mpis[1]; _gnutls_dh_set_group(session, g, p); ret = _gnutls_set_dh_pk_params(session, g, p, dh_params->q_bits); if (ret < 0) return gnutls_assert_val(ret); ret = _gnutls_dh_common_print_server_kx(session, data); if (ret < 0) { gnutls_assert(); return ret; } /* Generate the signature. */ return _gnutls_gen_dhe_signature(session, data, data->data, data->length); }
static int gen_dhe_server_kx(gnutls_session_t session, gnutls_buffer_st * data) { int ret = 0; gnutls_certificate_credentials_t cred; unsigned sig_pos; cred = (gnutls_certificate_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE); if (cred == NULL) { gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } if ((ret = _gnutls_auth_info_init(session, GNUTLS_CRD_CERTIFICATE, sizeof(cert_auth_info_st), 1)) < 0) { gnutls_assert(); return ret; } ret = _gnutls_figure_dh_params(session, cred->dh_params, cred->params_func, cred->dh_sec_param); if (ret < 0) { return gnutls_assert_val(ret); } sig_pos = data->length; ret = _gnutls_dh_common_print_server_kx(session, data); if (ret < 0) { gnutls_assert(); return ret; } /* Generate the signature. */ return _gnutls_gen_dhe_signature(session, data, &data->data[sig_pos], data->length-sig_pos); }