int
_gnutls_dh_common_print_server_kx (gnutls_session_t session,
bigint_t g, bigint_t p, unsigned int q_bits,
gnutls_buffer_st* data)
{
bigint_t x, Y;
int ret;
/* Y=g^x mod p */
ret = gnutls_calc_dh_secret (&Y, &x, g, p, q_bits);
if (ret < 0)
{
gnutls_assert ();
return ret;
}
session->key.dh_secret = x;
_gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x));
ret = _gnutls_buffer_append_mpi(data, 16, p, 0);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = _gnutls_buffer_append_mpi(data, 16, g, 0);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = _gnutls_buffer_append_mpi(data, 16, Y, 0);
if (ret < 0)
{
gnutls_assert();
goto cleanup;
}
ret = data->length;
cleanup:
_gnutls_mpi_release (&Y);
return ret;
}
/* If the psk flag is set, then an empty psk_identity_hint will
* be inserted */
int
_gnutls_dh_common_print_server_kx (gnutls_session_t session,
mpi_t g, mpi_t p, opaque ** data, int psk)
{
mpi_t x, X;
size_t n_X, n_g, n_p;
int ret, data_size, pos;
uint8_t *pdata;
X = gnutls_calc_dh_secret (&x, g, p);
if (X == NULL || x == NULL)
{
gnutls_assert ();
return GNUTLS_E_MEMORY_ERROR;
}
session->key->dh_secret = x;
_gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x));
_gnutls_mpi_print (NULL, &n_g, g);
_gnutls_mpi_print (NULL, &n_p, p);
_gnutls_mpi_print (NULL, &n_X, X);
data_size = n_g + n_p + n_X + 6;
if (psk != 0)
data_size += 2;
(*data) = gnutls_malloc (data_size);
if (*data == NULL)
{
_gnutls_mpi_release (&X);
return GNUTLS_E_MEMORY_ERROR;
}
pos = 0;
pdata = *data;
if (psk != 0)
{
_gnutls_write_uint16 (0, &pdata[pos]);
pos += 2;
}
_gnutls_mpi_print (&pdata[pos + 2], &n_p, p);
_gnutls_write_uint16 (n_p, &pdata[pos]);
pos += n_p + 2;
_gnutls_mpi_print (&pdata[pos + 2], &n_g, g);
_gnutls_write_uint16 (n_g, &pdata[pos]);
pos += n_g + 2;
_gnutls_mpi_print (&pdata[pos + 2], &n_X, X);
_gnutls_mpi_release (&X);
_gnutls_write_uint16 (n_X, &pdata[pos]);
ret = data_size;
return ret;
}
int
_gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* data, gnutls_datum_t* pskkey)
{
bigint_t x = NULL, X = NULL;
int ret;
ret = gnutls_calc_dh_secret (&X, &x, session->key.client_g,
session->key.client_p, 0);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
_gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x));
ret = _gnutls_buffer_append_mpi( data, 16, X, 0);
if (ret < 0)
{
gnutls_assert();
goto error;
}
/* calculate the key after calculating the message */
ret =
gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, x, session->key.client_p);
if (ret < 0)
{
gnutls_assert();
goto error;
}
/* THESE SHOULD BE DISCARDED */
_gnutls_mpi_release (&session->key.client_Y);
_gnutls_mpi_release (&session->key.client_p);
_gnutls_mpi_release (&session->key.client_g);
if (_gnutls_cipher_suite_get_kx_algo
(session->security_parameters.cipher_suite)
!= GNUTLS_KX_DHE_PSK)
{
ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key);
}
else /* In DHE_PSK the key is set differently */
{
gnutls_datum_t tmp_dh_key;
ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
ret = _gnutls_set_psk_session_key (session, pskkey, &tmp_dh_key);
_gnutls_free_datum (&tmp_dh_key);
}
_gnutls_mpi_release (&session->key.KEY);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
ret = data->length;
error:
_gnutls_mpi_release (&x);
_gnutls_mpi_release (&X);
return ret;
}
int
_gnutls_gen_dh_common_client_kx (gnutls_session_t session, opaque ** data)
{
mpi_t x = NULL, X = NULL;
size_t n_X;
int ret;
*data = NULL;
X = gnutls_calc_dh_secret (&x, session->key->client_g,
session->key->client_p);
if (X == NULL || x == NULL)
{
gnutls_assert ();
ret = GNUTLS_E_MEMORY_ERROR;
goto error;
}
_gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x));
_gnutls_mpi_print (NULL, &n_X, X);
(*data) = gnutls_malloc (n_X + 2);
if (*data == NULL)
{
ret = GNUTLS_E_MEMORY_ERROR;
goto error;
}
_gnutls_mpi_print (&(*data)[2], &n_X, X);
_gnutls_mpi_release (&X);
_gnutls_write_uint16 (n_X, &(*data)[0]);
/* calculate the key after calculating the message */
session->key->KEY =
gnutls_calc_dh_key (session->key->client_Y, x, session->key->client_p);
_gnutls_mpi_release (&x);
if (session->key->KEY == NULL)
{
gnutls_assert ();
ret = GNUTLS_E_MEMORY_ERROR;
goto error;
}
_gnutls_dh_set_peer_public (session, session->key->client_Y);
/* THESE SHOULD BE DISCARDED */
_gnutls_mpi_release (&session->key->client_Y);
_gnutls_mpi_release (&session->key->client_p);
_gnutls_mpi_release (&session->key->client_g);
if (_gnutls_cipher_suite_get_kx_algo
(&session->security_parameters.current_cipher_suite)
!= GNUTLS_KX_DHE_PSK)
{
ret = _gnutls_mpi_dprint (&session->key->key, session->key->KEY);
}
else /* In DHE_PSK the key is set differently */
{
gnutls_datum tmp_dh_key;
ret = _gnutls_mpi_dprint (&tmp_dh_key, session->key->KEY);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
ret = _gnutls_set_psk_session_key (session, &tmp_dh_key);
_gnutls_free_datum (&tmp_dh_key);
}
_gnutls_mpi_release (&session->key->KEY);
if (ret < 0)
{
gnutls_assert ();
goto error;
}
return n_X + 2;
error:
_gnutls_mpi_release (&x);
_gnutls_mpi_release (&X);
gnutls_free (*data);
*data = NULL;
return ret;
}
