** libgnutls: Added support for DTLS 1.2.
+** libgnutls: Removed support for the RSA-EXPORT ciphersuites.
+
** API and ABI modifications:
gnutls_cipher_get_iv_size: Added
gnutls_hmac_set_nonce: Added
PSK support: $ac_enable_psk
DHE support: $ac_enable_dhe
ECDHE support: $ac_enable_ecdhe
- RSA-EXPORT support: $ac_enable_rsa_export
Anon auth support: $ac_enable_anon
Heartbeat support: $ac_enable_heartbeat
+ RSA-EXPORT compat: $ac_enable_rsa_export
])
AC_MSG_NOTICE([Optional applications:
In key exchange algorithms when in NORMAL or SECURE levels the
perfect forward secrecy algorithms take precedence of the other
protocols. In all cases all the supported key exchange algorithms
-are enabled@footnote{Except for the RSA-EXPORT which is only enabled in
-EXPORT level.}.
+are enabled.
Note that the SECURE levels distinguish between overall security level and
message authenticity security level. That is because the message
@item Key exchange @tab
RSA, DHE-RSA, DHE-DSS, SRP, SRP-RSA, SRP-DSS,
-PSK, DHE-PSK, ECDHE-RSA, ANON-ECDH, ANON-DH, RSA-EXPORT. The
+PSK, DHE-PSK, ECDHE-RSA, ANON-ECDH, ANON-DH. The
Catch all name is KX-ALL which will add all the algorithms from NORMAL
priority.
parameters to use keys of the size of the security parameter. This
provides better performance in key exchange.
-The ciphersuites that involve the RSA-EXPORT key exchange require
-additional parameters. Those ciphersuites are rarely used today
-because they are by design insecure, thus if you have no requirement
-for them, the rest of this section can be skipped. The RSA-EXPORT key exchange
-requires 512-bit RSA keys to be generated. It is recommended those
-parameters to be refreshed (regenerated) in short intervals. The
-following functions can be used for these parameters.
-
-@showfuncD{gnutls_rsa_params_generate2,gnutls_certificate_set_rsa_export_params,gnutls_rsa_params_import_pkcs1,gnutls_rsa_params_export_pkcs1}
-
To allow renewal of the parameters within an application without
accessing the credentials, which are a shared structure,
an alternative interface is available using a callback function.
gnutls_constate.h gnutls_global.h gnutls_sig.h gnutls_mem.h \
gnutls_session_pack.h gnutls_str.h gnutls_str_array.h \
gnutls_state.h gnutls_x509.h crypto-backend.h \
- gnutls_rsa_export.h gnutls_srp.h auth/srp.h auth/srp_passwd.h \
+ gnutls_srp.h auth/srp.h auth/srp_passwd.h \
gnutls_helper.h gnutls_supplemental.h crypto.h random.h system.h\
locks.h gnutls_mbuffers.h gnutls_ecc.h pin.h
/* Functions for key exchange. */
int _gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm);
-int _gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm);
mod_auth_st *_gnutls_kx_auth_struct (gnutls_kx_algorithm_t algorithm);
int _gnutls_kx_is_ok (gnutls_kx_algorithm_t algorithm);
#define GNUTLS_RSA_ARCFOUR_MD5 { 0x00, 0x04 }
#define GNUTLS_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x0A }
-#define GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5 { 0x00, 0x03 }
-
/* rfc3268:
*/
#define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F }
GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA,
GNUTLS_MAC_SHA1, GNUTLS_TLS1,
GNUTLS_DTLS_VERSION_MIN),
-#endif
-#ifdef ENABLE_RSA_EXPORT
- /* RSA-EXPORT */
- ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5,
- GNUTLS_CIPHER_ARCFOUR_40,
- GNUTLS_KX_RSA_EXPORT, GNUTLS_MAC_MD5,
- GNUTLS_SSL3, GNUTLS_VERSION_UNKNOWN),
#endif
{0, {0, 0}, 0, 0, 0, 0, 0, 0}
};
extern mod_auth_st rsa_auth_struct;
-extern mod_auth_st rsa_export_auth_struct;
extern mod_auth_st dhe_rsa_auth_struct;
extern mod_auth_st ecdhe_rsa_auth_struct;
extern mod_auth_st ecdhe_psk_auth_struct;
{GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
{GNUTLS_KX_ANON_ECDH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
{GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
- {GNUTLS_KX_RSA_EXPORT, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
{GNUTLS_KX_ECDHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
{GNUTLS_KX_ECDHE_ECDSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
{GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
gnutls_kx_algorithm_t algorithm;
mod_auth_st *auth_struct;
int needs_dh_params;
- int needs_rsa_params;
};
typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry;
static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = {
#if defined(ENABLE_ANON) && defined(ENABLE_DHE)
- {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0},
+ {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1},
#endif
#if defined(ENABLE_ANON) && defined(ENABLE_ECDHE)
- {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0, 0},
-#endif
- {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0, 0},
-#ifdef ENABLE_RSA_EXPORT
- {"RSA-EXPORT", GNUTLS_KX_RSA_EXPORT, &rsa_export_auth_struct, 0,
- 1 /* needs RSA params */ },
+ {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0},
#endif
+ {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0},
#ifdef ENABLE_DHE
- {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 0},
- {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 0},
+ {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1},
+ {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1},
#endif
#ifdef ENABLE_ECDHE
- {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0, 0},
- {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0, 0},
+ {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0},
+ {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0},
#endif
#ifdef ENABLE_SRP
- {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0},
- {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0},
- {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0},
+ {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0},
+ {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0},
+ {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0},
#endif
#ifdef ENABLE_PSK
- {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0},
+ {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0},
# ifdef ENABLE_DHE
{"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct,
- 1 /* needs DHE params */ , 0},
+ 1 /* needs DHE params */},
# endif
# ifdef ENABLE_ECDHE
- {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0 , 0},
+ {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0},
# endif
#endif
- {0, 0, 0, 0, 0}
+ {0, 0, 0, 0}
};
#define GNUTLS_KX_LOOP(b) \
}
-
int
_gnutls_kx_priority (gnutls_session_t session,
gnutls_kx_algorithm_t algorithm)
return ret;
}
-int
-_gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm)
-{
- ssize_t ret = 0;
- GNUTLS_KX_ALG_LOOP (ret = p->needs_rsa_params);
- return ret;
-}
-
int
_gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm)
{
*/
static const gnutls_pk_map pk_mappings[] = {
{GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT},
- {GNUTLS_KX_RSA_EXPORT, GNUTLS_PK_RSA, CIPHER_SIGN},
{GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
{GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
{GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN},
noinst_LTLIBRARIES = libgnutls_auth.la
libgnutls_auth_la_SOURCES = anon.c cert.c dh_common.c dhe.c \
- dhe_psk.c psk.c psk_passwd.c rsa.c rsa_export.c srp.c \
+ dhe_psk.c psk.c psk_passwd.c rsa.c srp.c \
srp_passwd.c srp_rsa.c srp_sb64.c anon.h cert.h dh_common.h \
psk.h psk_passwd.h srp.h srp_passwd.h anon_ecdh.c \
ecdhe.c ecdhe.h
typedef struct gnutls_certificate_credentials_st
{
gnutls_dh_params_t dh_params;
- gnutls_rsa_params_t rsa_params;
/* this callback is used to retrieve the DH or RSA
* parameters.
*/
* They must be freed.
*/
dh_info_st dh;
- rsa_info_st rsa_export;
gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the
* peer.
gnutls_pcert_st * certs, int ncerts,
gnutls_privkey_t key, int need_free);
-gnutls_rsa_params_t _gnutls_certificate_get_rsa_params (gnutls_rsa_params_t
- rsa_params,
- gnutls_params_function
- * func,
- gnutls_session_t);
-
int _gnutls_get_auth_info_pcert (gnutls_pcert_st* gcert,
gnutls_certificate_type_t type,
cert_auth_info_t info);
int ret;
cert_auth_info_t info;
gnutls_pcert_st peer_cert;
- unsigned int i;
/* normal non export case */
gnutls_pk_params_init(params);
- /* EXPORT case: */
- if (_gnutls_cipher_suite_get_kx_algo
- (session->security_parameters.cipher_suite) ==
- GNUTLS_KX_RSA_EXPORT &&
- _gnutls_pubkey_is_over_rsa_512(peer_cert.pubkey) == 0)
- {
- if (session->key.rsa[0] == NULL || session->key.rsa[1] == NULL)
- {
- gnutls_assert ();
- ret = GNUTLS_E_INTERNAL_ERROR;
- goto cleanup;
- }
-
- for (i = 0; i < RSA_PUBLIC_PARAMS; i++)
- {
- params->params[i] = _gnutls_mpi_copy (session->key.rsa[i]);
- if (params->params[i] != NULL)
- params->params_nr++;
- else
- {
- ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR);
- goto cleanup;
- }
- }
-
- goto done;
- }
-
ret = _gnutls_pubkey_get_mpis(peer_cert.pubkey, params);
if (ret < 0)
{
goto cleanup2;
}
-done:
gnutls_pcert_deinit (&peer_cert);
return 0;
-cleanup:
- for (i=0;i<params->params_nr;i++)
- _gnutls_mpi_release(params->params[i]);
cleanup2:
gnutls_pcert_deinit (&peer_cert);
+++ /dev/null
-/*
- * Copyright (C) 2000-2012 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * The GnuTLS is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-/* This file contains the RSA key exchange part of the certificate
- * authentication.
- */
-
-#include "gnutls_int.h"
-#include "gnutls_auth.h"
-#include "gnutls_errors.h"
-#include "gnutls_dh.h"
-#include "gnutls_num.h"
-#include "gnutls_datum.h"
-#include <auth/cert.h>
-#include <gnutls_pk.h>
-#include <algorithms.h>
-#include <gnutls_global.h>
-#include "debug.h"
-#include <gnutls_sig.h>
-#include <gnutls_x509.h>
-#include <gnutls_rsa_export.h>
-#include <gnutls_state.h>
-#include <random.h>
-#include <abstract_int.h>
-
-#ifdef ENABLE_RSA_EXPORT
-
-int _gnutls_gen_rsa_client_kx (gnutls_session_t, gnutls_buffer_st*);
-static int gen_rsa_export_server_kx (gnutls_session_t, gnutls_buffer_st*);
-static int proc_rsa_export_server_kx (gnutls_session_t, uint8_t *, size_t);
-static int proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data,
- size_t _data_size);
-
-const mod_auth_st rsa_export_auth_struct = {
- "RSA EXPORT",
- _gnutls_gen_cert_server_crt,
- _gnutls_gen_cert_client_crt,
- gen_rsa_export_server_kx,
- _gnutls_gen_rsa_client_kx,
- _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */
- _gnutls_gen_cert_server_cert_req, /* server cert request */
-
- _gnutls_proc_crt,
- _gnutls_proc_crt,
- proc_rsa_export_server_kx,
- proc_rsa_export_client_kx, /* proc client kx */
- _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */
- _gnutls_proc_cert_cert_req /* proc server cert request */
-};
-
-/* This function reads the RSA parameters from the private key
- */
-static int
-_gnutls_get_private_rsa_params (gnutls_session_t session,
- gnutls_pk_params_st** params)
-{
- int ret;
- gnutls_certificate_credentials_t cred;
- gnutls_rsa_params_t rsa_params;
-
- cred = (gnutls_certificate_credentials_t)
- _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL);
- if (cred == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
- }
-
- if (session->internals.selected_cert_list == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
- }
-
- ret = _gnutls_pubkey_is_over_rsa_512(session->internals.selected_cert_list[0].pubkey);
-
- if (_gnutls_cipher_suite_get_kx_algo
- (session->security_parameters.cipher_suite)
- != GNUTLS_KX_RSA_EXPORT || ret < 0)
- {
- gnutls_assert ();
- return GNUTLS_E_INVALID_REQUEST;
- }
-
- rsa_params =
- _gnutls_certificate_get_rsa_params (cred->rsa_params,
- cred->params_func, session);
- /* EXPORT case: */
- if (rsa_params == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS;
- }
-
- /* In the export case, we do use temporary RSA params
- * of 512 bits size. The params in the certificate are
- * used to sign this temporary stuff.
- */
- *params = &rsa_params->params;
-
- return 0;
-}
-
-int
-proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data,
- size_t _data_size)
-{
- gnutls_datum_t plaintext;
- gnutls_datum_t ciphertext;
- int ret, dsize;
- gnutls_pk_params_st *params;
- int randomize_key = 0;
- ssize_t data_size = _data_size;
-
- if (gnutls_protocol_get_version (session) == GNUTLS_SSL3)
- {
- /* SSL 3.0
- */
- ciphertext.data = data;
- ciphertext.size = data_size;
- }
- else
- {
- /* TLS 1.0
- */
- DECR_LEN (data_size, 2);
- ciphertext.data = &data[2];
- dsize = _gnutls_read_uint16 (data);
-
- if (dsize != data_size)
- {
- gnutls_assert ();
- return GNUTLS_E_UNEXPECTED_PACKET_LENGTH;
- }
- ciphertext.size = dsize;
- }
-
- ret = _gnutls_get_private_rsa_params (session, ¶ms);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- ret = _gnutls_pk_decrypt (GNUTLS_PK_RSA, &plaintext, &ciphertext, params);
-
- if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE)
- {
- /* In case decryption fails then don't inform
- * the peer. Just use a random key. (in order to avoid
- * attack against pkcs-1 formating).
- */
- gnutls_assert ();
- _gnutls_audit_log (session, "auth_rsa: Possible PKCS #1 format attack\n");
- randomize_key = 1;
- }
- else
- {
- /* If the secret was properly formatted, then
- * check the version number.
- */
- if (_gnutls_get_adv_version_major (session) != plaintext.data[0]
- || _gnutls_get_adv_version_minor (session) != plaintext.data[1])
- {
- /* No error is returned here, if the version number check
- * fails. We proceed normally.
- * That is to defend against the attack described in the paper
- * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima,
- * Ondej Pokorny and Tomas Rosa.
- */
- gnutls_assert ();
- _gnutls_audit_log
- (session, "auth_rsa: Possible PKCS #1 version check format attack\n");
- }
- }
-
- if (randomize_key != 0)
- {
- session->key.key.size = GNUTLS_MASTER_SIZE;
- session->key.key.data = gnutls_malloc (session->key.key.size);
- if (session->key.key.data == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_MEMORY_ERROR;
- }
-
- /* we do not need strong random numbers here.
- */
- ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key.key.data,
- session->key.key.size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- }
- else
- {
- session->key.key.data = plaintext.data;
- session->key.key.size = plaintext.size;
- }
-
- /* This is here to avoid the version check attack
- * discussed above.
- */
- session->key.key.data[0] = _gnutls_get_adv_version_major (session);
- session->key.key.data[1] = _gnutls_get_adv_version_minor (session);
-
- return 0;
-}
-
-static int
-gen_rsa_export_server_kx (gnutls_session_t session, gnutls_buffer_st* data)
-{
- gnutls_rsa_params_t rsa_params;
- const gnutls_pk_params_st *rsa_mpis;
- int ret = 0;
- gnutls_pcert_st *apr_cert_list;
- gnutls_privkey_t apr_pkey;
- int apr_cert_list_length;
- gnutls_datum_t signature, ddata;
- gnutls_certificate_credentials_t cred;
- gnutls_sign_algorithm_t sign_algo;
- unsigned int bits = 0;
-
- cred = (gnutls_certificate_credentials_t)
- _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL);
- if (cred == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
- }
-
- /* find the appropriate certificate */
- if ((ret =
- _gnutls_get_selected_cert (session, &apr_cert_list,
- &apr_cert_list_length, &apr_pkey)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- /* abort sending this message if we have a certificate
- * of 512 bits or less.
- */
- gnutls_privkey_get_pk_algorithm (apr_pkey, &bits);
- if (apr_pkey && bits <= 512)
- {
- gnutls_assert ();
- return GNUTLS_E_INT_RET_0;
- }
-
- rsa_params =
- _gnutls_certificate_get_rsa_params (cred->rsa_params, cred->params_func,
- session);
- rsa_mpis = _gnutls_rsa_params_to_mpi (rsa_params);
- if (rsa_mpis == NULL)
- {
- gnutls_assert ();
- return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS;
- }
-
- if ((ret = _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE,
- sizeof (cert_auth_info_st), 0)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- _gnutls_rsa_export_set_pubkey (session, rsa_mpis->params[1], rsa_mpis->params[0]);
-
- ret = _gnutls_buffer_append_mpi( data, 16, rsa_mpis->params[0], 0);
- if (ret < 0)
- return gnutls_assert_val(ret);
-
- ret = _gnutls_buffer_append_mpi( data, 16, rsa_mpis->params[1], 0);
- if (ret < 0)
- return gnutls_assert_val(ret);
-
- /* Generate the signature. */
-
- ddata.data = data->data;
- ddata.size = data->length;
-
- if (apr_cert_list_length > 0)
- {
- if ((ret =
- _gnutls_handshake_sign_data (session, &apr_cert_list[0],
- apr_pkey, &ddata, &signature,
- &sign_algo)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
- }
- else
- {
- gnutls_assert ();
- return data->length; /* do not put a signature - ILLEGAL! */
- }
-
- ret = _gnutls_buffer_append_data_prefix( data, 16, signature.data, signature.size);
- _gnutls_free_datum (&signature);
-
- if (ret < 0)
- return gnutls_assert_val(ret);
-
- return data->length;
-}
-
-/* if the peer's certificate is of 512 bits or less, returns non (0).
- */
-int
-_gnutls_peers_cert_less_512 (gnutls_session_t session)
-{
- gnutls_pcert_st peer_cert;
- int ret;
- cert_auth_info_t info = _gnutls_get_auth_info (session);
-
- if (info == NULL || info->ncerts == 0)
- {
- gnutls_assert ();
- /* we need this in order to get peer's certificate */
- return 0;
- }
-
- if ((ret =
- _gnutls_get_auth_info_pcert (&peer_cert,
- session->security_parameters.cert_type,
- info)) < 0)
- {
- gnutls_assert ();
- return 0;
- }
-
- if (gnutls_pubkey_get_pk_algorithm(peer_cert.pubkey, NULL) != GNUTLS_PK_RSA)
- {
- gnutls_assert ();
- gnutls_pcert_deinit (&peer_cert);
- return 0;
- }
-
- if (_gnutls_pubkey_is_over_rsa_512(peer_cert.pubkey) < 0)
- {
- gnutls_pcert_deinit (&peer_cert);
- return 1;
- }
-
- gnutls_pcert_deinit (&peer_cert);
-
- return 0;
-}
-
-static int
-proc_rsa_export_server_kx (gnutls_session_t session,
- uint8_t * data, size_t _data_size)
-{
- uint16_t n_m, n_e;
- size_t _n_m, _n_e;
- uint8_t *data_m;
- uint8_t *data_e;
- int i, sigsize;
- gnutls_datum_t vparams, signature;
- int ret;
- ssize_t data_size = _data_size;
- cert_auth_info_t info;
- gnutls_pcert_st peer_cert;
-
- info = _gnutls_get_auth_info (session);
- if (info == NULL || info->ncerts == 0)
- {
- gnutls_assert ();
- /* we need this in order to get peer's certificate */
- return GNUTLS_E_INTERNAL_ERROR;
- }
-
-
- i = 0;
-
- DECR_LEN (data_size, 2);
- n_m = _gnutls_read_uint16 (&data[i]);
- i += 2;
-
- DECR_LEN (data_size, n_m);
- data_m = &data[i];
- i += n_m;
-
- DECR_LEN (data_size, 2);
- n_e = _gnutls_read_uint16 (&data[i]);
- i += 2;
-
- DECR_LEN (data_size, n_e);
- data_e = &data[i];
-
- _n_e = n_e;
- _n_m = n_m;
-
- if (_gnutls_mpi_scan_nz (&session->key.rsa[0], data_m, _n_m) != 0)
- {
- gnutls_assert ();
- return GNUTLS_E_MPI_SCAN_FAILED;
- }
-
- if (_gnutls_mpi_scan_nz (&session->key.rsa[1], data_e, _n_e) != 0)
- {
- gnutls_assert ();
- return GNUTLS_E_MPI_SCAN_FAILED;
- }
-
- _gnutls_rsa_export_set_pubkey (session, session->key.rsa[1],
- session->key.rsa[0]);
-
- /* VERIFY SIGNATURE */
-
- vparams.size = n_m + n_e + 4;
- vparams.data = data;
-
- DECR_LEN (data_size, 2);
- sigsize = _gnutls_read_uint16 (&data[vparams.size]);
-
- DECR_LEN (data_size, sigsize);
- signature.data = &data[vparams.size + 2];
- signature.size = sigsize;
-
- if ((ret =
- _gnutls_get_auth_info_pcert (&peer_cert,
- session->security_parameters.cert_type,
- info)) < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- ret =
- _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature,
- GNUTLS_SIGN_UNKNOWN);
-
- gnutls_pcert_deinit (&peer_cert);
- if (ret < 0)
- {
- gnutls_assert ();
- }
-
- return ret;
-}
-
-#endif
_gnutls_free_auth_info (gnutls_session_t session)
{
dh_info_st *dh_info;
- rsa_info_st *rsa_info;
if (session == NULL)
{
break;
dh_info = &info->dh;
- rsa_info = &info->rsa_export;
for (i = 0; i < info->ncerts; i++)
{
_gnutls_free_datum (&info->raw_certificate_list[i]);
info->ncerts = 0;
_gnutls_free_dh_info (dh_info);
- _gnutls_free_rsa_info (rsa_info);
}
_gnutls_free_datum (&sc->x509_rdn_sequence);
}
-/*-
- * _gnutls_certificate_get_rsa_params - Returns the RSA parameters pointer
- * @rsa_params: holds the RSA parameters or NULL.
- * @func: function to retrieve the parameters or NULL.
- * @session: The session.
- *
- * This function will return the rsa parameters pointer.
- -*/
-gnutls_rsa_params_t
-_gnutls_certificate_get_rsa_params (gnutls_rsa_params_t rsa_params,
- gnutls_params_function * func,
- gnutls_session_t session)
-{
- gnutls_params_st params;
- int ret;
-
- if (session->internals.params.rsa_params)
- {
- return session->internals.params.rsa_params;
- }
-
- if (rsa_params)
- {
- session->internals.params.rsa_params = rsa_params;
- }
- else if (func)
- {
- ret = func (session, GNUTLS_PARAMS_RSA_EXPORT, ¶ms);
- if (ret == 0 && params.type == GNUTLS_PARAMS_RSA_EXPORT)
- {
- session->internals.params.rsa_params = params.params.rsa_export;
- session->internals.params.free_rsa_params = params.deinit;
- }
- }
-
- return session->internals.params.rsa_params;
-}
-
-
/**
* gnutls_certificate_free_credentials:
* @sc: is a #gnutls_certificate_credentials_t structure.
#include <ext/session_ticket.h>
#include <ext/status_request.h>
#include <ext/safe_renegotiation.h>
-#include <gnutls_rsa_export.h> /* for gnutls_get_rsa_params() */
#include <auth/anon.h> /* for gnutls_anon_server_credentials_t */
#include <auth/psk.h> /* for gnutls_psk_server_credentials_t */
#include <random.h>
{
int cred_type;
gnutls_dh_params_t dh_params = NULL;
- gnutls_rsa_params_t rsa_params = NULL;
int j;
cred_type = _gnutls_map_kx_get_cred (kx, 1);
dh_params =
_gnutls_get_dh_params (x509_cred->dh_params,
x509_cred->params_func, session);
-#ifdef ENABLE_RSA_EXPORT
- rsa_params =
- _gnutls_certificate_get_rsa_params (x509_cred->rsa_params,
- x509_cred->params_func,
- session);
-#endif
}
/* Check also if the certificate supports the
else
return 0; /* no need for params */
-
-#ifdef ENABLE_RSA_EXPORT
- /* If the key exchange method needs RSA or DH params,
- * but they are not set then remove it.
- */
- if (_gnutls_kx_needs_rsa_params (kx) != 0)
- {
- /* needs rsa params. */
- if (_gnutls_rsa_params_to_mpi (rsa_params) == NULL)
- {
- gnutls_assert ();
- return 1;
- }
- }
-#endif
-
if (_gnutls_kx_needs_dh_params (kx) != 0)
{
/* needs DH params. */
{
gnutls_dh_params_t dh_params;
int free_dh_params;
- gnutls_rsa_params_t rsa_params;
- int free_rsa_params;
} internal_params_st;
/* DTLS session state
#include "gnutls_mpi.h"
#include <gnutls_state.h>
#include <gnutls_datum.h>
-#include <gnutls_rsa_export.h>
#include <gnutls_mbuffers.h>
/* This is a temporary function to be used before the generate_*
if (session->internals.auth_struct->gnutls_process_server_kx != NULL)
{
-#ifdef ENABLE_RSA_EXPORT
- /* EXCEPTION FOR RSA_EXPORT cipher suite
- */
- if (_gnutls_session_is_export (session) != 0 &&
- _gnutls_peers_cert_less_512 (session) != 0)
- {
- gnutls_assert ();
- return 0;
- }
-#endif
-
/* Server key exchange packet is optional for PSK. */
if (_gnutls_session_is_psk (session))
optflag = 1;
#ifdef ENABLE_DHE
GNUTLS_KX_DHE_RSA,
GNUTLS_KX_DHE_DSS,
-#endif
-#ifdef ENABLE_RSA_EXPORT
- GNUTLS_KX_RSA_EXPORT,
#endif
0
};
GNUTLS_KX_DHE_DSS,
#endif
/* GNUTLS_KX_ANON_DH: Man-in-the-middle prone, don't add!
- * GNUTLS_KX_RSA_EXPORT: Deprecated, don't add!
*/
0
};
#include <gnutls_int.h>
#include <gnutls_errors.h>
#include <gnutls_datum.h>
-#include <gnutls_rsa_export.h>
#include "x509/x509_int.h"
#include "debug.h"
#ifdef ENABLE_RSA_EXPORT
-/* returns e and m, depends on the requested bits.
- * We only support limited key sizes.
- */
-const gnutls_pk_params_st*
-_gnutls_rsa_params_to_mpi (gnutls_rsa_params_t rsa_params)
-{
- if (rsa_params == NULL)
- {
- return NULL;
- }
-
- return &rsa_params->params;
-}
+/* The are included for binary compatibility with previous versions
+ * only */
/**
* gnutls_rsa_params_import_raw:
return 0;
}
-#endif
+#endif /* ENABLE_RSA_EXPORT */
+++ /dev/null
-/*
- * Copyright (C) 2000-2012 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * The GnuTLS is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public License
- * as published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This library is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>
- *
- */
-
-const gnutls_pk_params_st *_gnutls_rsa_params_to_mpi (gnutls_rsa_params_t);
-int _gnutls_peers_cert_less_512 (gnutls_session_t session);
info->dh.generator.size);
BUFFER_APPEND_PFX4 (ps, info->dh.public_key.data,
info->dh.public_key.size);
- BUFFER_APPEND_PFX4 (ps, info->rsa_export.modulus.data,
- info->rsa_export.modulus.size);
- BUFFER_APPEND_PFX4 (ps, info->rsa_export.exponent.data,
- info->rsa_export.exponent.size);
BUFFER_APPEND_NUM (ps, info->ncerts);
BUFFER_POP_DATUM (ps, &info->dh.prime);
BUFFER_POP_DATUM (ps, &info->dh.generator);
BUFFER_POP_DATUM (ps, &info->dh.public_key);
- BUFFER_POP_DATUM (ps, &info->rsa_export.modulus);
- BUFFER_POP_DATUM (ps, &info->rsa_export.exponent);
BUFFER_POP_NUM (ps, info->ncerts);
_gnutls_free_datum (&info->dh.generator);
_gnutls_free_datum (&info->dh.public_key);
- _gnutls_free_datum (&info->rsa_export.modulus);
- _gnutls_free_datum (&info->rsa_export.exponent);
-
for (j = 0; j < i; j++)
_gnutls_free_datum (&info->raw_certificate_list[j]);
#include <auth/anon.h>
#include <auth/psk.h>
#include <algorithms.h>
-#include <gnutls_rsa_export.h>
#include <gnutls_extensions.h>
#include <system.h>
#include <random.h>
gnutls_dh_params_deinit (session->internals.params.dh_params);
#endif
-#ifdef ENABLE_RSA_EXPORT
- if (session->internals.params.free_rsa_params)
- gnutls_rsa_params_deinit (session->internals.params.rsa_params);
-#endif
-
_gnutls_handshake_hash_buffers_clear (session);
memset (&session->internals.params, 0, sizeof (session->internals.params));
return 0;
}
-/* This function will set in the auth info structure the
- * RSA exponent and the modulus.
- */
-int
-_gnutls_rsa_export_set_pubkey (gnutls_session_t session,
- bigint_t exponent, bigint_t modulus)
-{
- cert_auth_info_t info;
- int ret;
-
- info = _gnutls_get_auth_info (session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
-
- if (info->rsa_export.modulus.data)
- _gnutls_free_datum (&info->rsa_export.modulus);
-
- if (info->rsa_export.exponent.data)
- _gnutls_free_datum (&info->rsa_export.exponent);
-
- ret = _gnutls_mpi_dprint_lz (modulus, &info->rsa_export.modulus);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- ret = _gnutls_mpi_dprint_lz (exponent, &info->rsa_export.exponent);
- if (ret < 0)
- {
- gnutls_assert ();
- _gnutls_free_datum (&info->rsa_export.modulus);
- return ret;
- }
-
- return 0;
-}
-
-
/* Sets the prime and the generator in the auth info structure.
*/
int
void _gnutls_handshake_internal_state_clear (gnutls_session_t);
-int _gnutls_rsa_export_set_pubkey (gnutls_session_t session,
- bigint_t exponent, bigint_t modulus);
-
int _gnutls_session_is_resumable (gnutls_session_t session);
int _gnutls_session_is_export (gnutls_session_t session);
gnutls_datum_t * exponent,
gnutls_datum_t * modulus)
{
- cert_auth_info_t info;
- int ret;
-
- if (gnutls_auth_get_type (session) == GNUTLS_CRD_CERTIFICATE)
- {
- info = _gnutls_get_auth_info (session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
-
- ret = _gnutls_set_datum (modulus, info->rsa_export.modulus.data,
- info->rsa_export.modulus.size);
- if (ret < 0)
- {
- gnutls_assert ();
- return ret;
- }
-
- ret = _gnutls_set_datum (exponent, info->rsa_export.exponent.data,
- info->rsa_export.exponent.size);
- if (ret < 0)
- {
- gnutls_assert ();
- _gnutls_free_datum (modulus);
- return ret;
- }
-
- return 0;
- }
-
- return GNUTLS_E_INVALID_REQUEST;
+ return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
}
/**
int
gnutls_rsa_export_get_modulus_bits (gnutls_session_t session)
{
- cert_auth_info_t info;
-
- info = _gnutls_get_auth_info (session);
- if (info == NULL)
- return GNUTLS_E_INTERNAL_ERROR;
-
- return mpi_buf2bits (&info->rsa_export.modulus);
+ return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
}
/**
gnutls_certificate_set_rsa_export_params (gnutls_certificate_credentials_t
res, gnutls_rsa_params_t rsa_params)
{
- res->rsa_params = rsa_params;
+ return;
}
#endif
* @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm.
* @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm.
* @GNUTLS_KX_SRP: SRP key-exchange algorithm.
- * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm.
+ * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm (defunc).
* @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm.
* @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm.
* @GNUTLS_KX_PSK: PSK key-exchange algorithm.
/**
* gnutls_params_type_t:
- * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters.
+ * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc).
* @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters.
* @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters.
*
#include <gnutls_datum.h>
#include <gnutls_global.h>
#include <gnutls_errors.h>
-#include <gnutls_rsa_export.h>
#include <gnutls_sig.h>
#include <common.h>
#include <gnutls_x509.h>
#include <gnutls_datum.h>
#include <gnutls_global.h>
#include <gnutls_errors.h>
-#include <gnutls_rsa_export.h>
#include <common.h>
#include <gnutls_x509.h>
#include <x509_b64.h>
#include <gnutls_datum.h>
#include <gnutls_global.h>
#include <gnutls_errors.h>
-#include <gnutls_rsa_export.h>
#include <common.h>
#include <gnutls_x509.h>
#include <x509_b64.h>