static int proc_ecdhe_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size) { gnutls_certificate_credentials_t cred; cred = (gnutls_certificate_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } return _gnutls_proc_ecdh_common_client_kx(session, data, _data_size, _gnutls_session_ecc_curve_get (session), NULL); }
static int proc_dhe_client_kx (gnutls_session_t session, uint8_t * data, size_t _data_size) { gnutls_certificate_credentials_t cred; int ret; bigint_t p, g; const bigint_t *mpis; gnutls_dh_params_t dh_params; cred = (gnutls_certificate_credentials_t) _gnutls_get_cred (session->key, GNUTLS_CRD_CERTIFICATE, NULL); if (cred == NULL) { gnutls_assert (); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } if (!_gnutls_session_is_ecc (session)) { dh_params = _gnutls_get_dh_params (cred->dh_params, cred->params_func, session); mpis = _gnutls_dh_params_to_mpi (dh_params); if (mpis == NULL) return gnutls_assert_val(GNUTLS_E_NO_TEMPORARY_DH_PARAMS); p = mpis[0]; g = mpis[1]; ret = _gnutls_proc_dh_common_client_kx (session, data, _data_size, g, p, NULL); } else ret = _gnutls_proc_ecdh_common_client_kx (session, data, _data_size, _gnutls_session_ecc_curve_get(session), NULL); return ret; }
static int proc_ecdhe_psk_client_kx(gnutls_session_t session, uint8_t * data, size_t _data_size) { int ret; gnutls_psk_server_credentials_t cred; gnutls_datum_t psk_key; psk_auth_info_t info; gnutls_datum_t username; ssize_t data_size = _data_size; cred = (gnutls_psk_server_credentials_t) _gnutls_get_cred(session, GNUTLS_CRD_PSK, NULL); if (cred == NULL) { gnutls_assert(); return GNUTLS_E_INSUFFICIENT_CREDENTIALS; } if ((ret = _gnutls_auth_info_set(session, GNUTLS_CRD_PSK, sizeof(psk_auth_info_st), 1)) < 0) { gnutls_assert(); return ret; } DECR_LEN(data_size, 2); username.size = _gnutls_read_uint16(&data[0]); DECR_LEN(data_size, username.size); username.data = &data[2]; /* copy the username to the auth info structures */ info = _gnutls_get_auth_info(session); if (username.size > MAX_USERNAME_SIZE) { gnutls_assert(); return GNUTLS_E_ILLEGAL_SRP_USERNAME; } memcpy(info->username, username.data, username.size); info->username[username.size] = 0; /* Adjust the data */ data += username.size + 2; /* should never fail. It will always return a key even if it is * a random one */ ret = _gnutls_psk_pwd_find_entry(session, info->username, &psk_key); if (ret < 0) return gnutls_assert_val(ret); ret = _gnutls_proc_ecdh_common_client_kx(session, data, data_size, _gnutls_session_ecc_curve_get (session), &psk_key); _gnutls_free_datum(&psk_key); return ret; }