int _gnutls_dh_common_print_server_kx (gnutls_session_t session, bigint_t g, bigint_t p, unsigned int q_bits, gnutls_buffer_st* data) { bigint_t x, Y; int ret; /* Y=g^x mod p */ ret = gnutls_calc_dh_secret (&Y, &x, g, p, q_bits); if (ret < 0) { gnutls_assert (); return ret; } session->key.dh_secret = x; _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); ret = _gnutls_buffer_append_mpi(data, 16, p, 0); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = _gnutls_buffer_append_mpi(data, 16, g, 0); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = _gnutls_buffer_append_mpi(data, 16, Y, 0); if (ret < 0) { gnutls_assert(); goto cleanup; } ret = data->length; cleanup: _gnutls_mpi_release (&Y); return ret; }
/* If the psk flag is set, then an empty psk_identity_hint will * be inserted */ int _gnutls_dh_common_print_server_kx (gnutls_session_t session, mpi_t g, mpi_t p, opaque ** data, int psk) { mpi_t x, X; size_t n_X, n_g, n_p; int ret, data_size, pos; uint8_t *pdata; X = gnutls_calc_dh_secret (&x, g, p); if (X == NULL || x == NULL) { gnutls_assert (); return GNUTLS_E_MEMORY_ERROR; } session->key->dh_secret = x; _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); _gnutls_mpi_print (NULL, &n_g, g); _gnutls_mpi_print (NULL, &n_p, p); _gnutls_mpi_print (NULL, &n_X, X); data_size = n_g + n_p + n_X + 6; if (psk != 0) data_size += 2; (*data) = gnutls_malloc (data_size); if (*data == NULL) { _gnutls_mpi_release (&X); return GNUTLS_E_MEMORY_ERROR; } pos = 0; pdata = *data; if (psk != 0) { _gnutls_write_uint16 (0, &pdata[pos]); pos += 2; } _gnutls_mpi_print (&pdata[pos + 2], &n_p, p); _gnutls_write_uint16 (n_p, &pdata[pos]); pos += n_p + 2; _gnutls_mpi_print (&pdata[pos + 2], &n_g, g); _gnutls_write_uint16 (n_g, &pdata[pos]); pos += n_g + 2; _gnutls_mpi_print (&pdata[pos + 2], &n_X, X); _gnutls_mpi_release (&X); _gnutls_write_uint16 (n_X, &pdata[pos]); ret = data_size; return ret; }
int _gnutls_gen_dh_common_client_kx_int (gnutls_session_t session, gnutls_buffer_st* data, gnutls_datum_t* pskkey) { bigint_t x = NULL, X = NULL; int ret; ret = gnutls_calc_dh_secret (&X, &x, session->key.client_g, session->key.client_p, 0); if (ret < 0) { gnutls_assert (); goto error; } _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); ret = _gnutls_buffer_append_mpi( data, 16, X, 0); if (ret < 0) { gnutls_assert(); goto error; } /* calculate the key after calculating the message */ ret = gnutls_calc_dh_key (&session->key.KEY, session->key.client_Y, x, session->key.client_p); if (ret < 0) { gnutls_assert(); goto error; } /* THESE SHOULD BE DISCARDED */ _gnutls_mpi_release (&session->key.client_Y); _gnutls_mpi_release (&session->key.client_p); _gnutls_mpi_release (&session->key.client_g); if (_gnutls_cipher_suite_get_kx_algo (session->security_parameters.cipher_suite) != GNUTLS_KX_DHE_PSK) { ret = _gnutls_mpi_dprint (session->key.KEY, &session->key.key); } else /* In DHE_PSK the key is set differently */ { gnutls_datum_t tmp_dh_key; ret = _gnutls_mpi_dprint (session->key.KEY, &tmp_dh_key); if (ret < 0) { gnutls_assert (); goto error; } ret = _gnutls_set_psk_session_key (session, pskkey, &tmp_dh_key); _gnutls_free_datum (&tmp_dh_key); } _gnutls_mpi_release (&session->key.KEY); if (ret < 0) { gnutls_assert (); goto error; } ret = data->length; error: _gnutls_mpi_release (&x); _gnutls_mpi_release (&X); return ret; }
int _gnutls_gen_dh_common_client_kx (gnutls_session_t session, opaque ** data) { mpi_t x = NULL, X = NULL; size_t n_X; int ret; *data = NULL; X = gnutls_calc_dh_secret (&x, session->key->client_g, session->key->client_p); if (X == NULL || x == NULL) { gnutls_assert (); ret = GNUTLS_E_MEMORY_ERROR; goto error; } _gnutls_dh_set_secret_bits (session, _gnutls_mpi_get_nbits (x)); _gnutls_mpi_print (NULL, &n_X, X); (*data) = gnutls_malloc (n_X + 2); if (*data == NULL) { ret = GNUTLS_E_MEMORY_ERROR; goto error; } _gnutls_mpi_print (&(*data)[2], &n_X, X); _gnutls_mpi_release (&X); _gnutls_write_uint16 (n_X, &(*data)[0]); /* calculate the key after calculating the message */ session->key->KEY = gnutls_calc_dh_key (session->key->client_Y, x, session->key->client_p); _gnutls_mpi_release (&x); if (session->key->KEY == NULL) { gnutls_assert (); ret = GNUTLS_E_MEMORY_ERROR; goto error; } _gnutls_dh_set_peer_public (session, session->key->client_Y); /* THESE SHOULD BE DISCARDED */ _gnutls_mpi_release (&session->key->client_Y); _gnutls_mpi_release (&session->key->client_p); _gnutls_mpi_release (&session->key->client_g); if (_gnutls_cipher_suite_get_kx_algo (&session->security_parameters.current_cipher_suite) != GNUTLS_KX_DHE_PSK) { ret = _gnutls_mpi_dprint (&session->key->key, session->key->KEY); } else /* In DHE_PSK the key is set differently */ { gnutls_datum tmp_dh_key; ret = _gnutls_mpi_dprint (&tmp_dh_key, session->key->KEY); if (ret < 0) { gnutls_assert (); goto error; } ret = _gnutls_set_psk_session_key (session, &tmp_dh_key); _gnutls_free_datum (&tmp_dh_key); } _gnutls_mpi_release (&session->key->KEY); if (ret < 0) { gnutls_assert (); goto error; } return n_X + 2; error: _gnutls_mpi_release (&x); _gnutls_mpi_release (&X); gnutls_free (*data); *data = NULL; return ret; }