From: Nikos Mavrogiannopoulos Date: Sun, 7 Apr 2013 11:34:11 +0000 (+0200) Subject: Removed the RSA-EXPORT ciphersuites. X-Git-Tag: gnutls_3_2_0~70 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f0145a76fcbd2ab87163fb67b9cf58749c12fa90;p=thirdparty%2Fgnutls.git Removed the RSA-EXPORT ciphersuites. --- diff --git a/NEWS b/NEWS index 29d24dde90..887d323106 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,8 @@ See the end for copying conditions. ** libgnutls: Added support for DTLS 1.2. +** libgnutls: Removed support for the RSA-EXPORT ciphersuites. + ** API and ABI modifications: gnutls_cipher_get_iv_size: Added gnutls_hmac_set_nonce: Added diff --git a/configure.ac b/configure.ac index bab5c1bbdb..3f33c25e8a 100644 --- a/configure.ac +++ b/configure.ac @@ -655,9 +655,9 @@ if features are disabled) PSK support: $ac_enable_psk DHE support: $ac_enable_dhe ECDHE support: $ac_enable_ecdhe - RSA-EXPORT support: $ac_enable_rsa_export Anon auth support: $ac_enable_anon Heartbeat support: $ac_enable_heartbeat + RSA-EXPORT compat: $ac_enable_rsa_export ]) AC_MSG_NOTICE([Optional applications: diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 0f264def59..cb28e1be2c 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -913,8 +913,7 @@ compression NULL; for certificate types X.509. In key exchange algorithms when in NORMAL or SECURE levels the perfect forward secrecy algorithms take precedence of the other protocols. In all cases all the supported key exchange algorithms -are enabled@footnote{Except for the RSA-EXPORT which is only enabled in -EXPORT level.}. +are enabled. Note that the SECURE levels distinguish between overall security level and message authenticity security level. That is because the message @@ -957,7 +956,7 @@ priority. @item Key exchange @tab RSA, DHE-RSA, DHE-DSS, SRP, SRP-RSA, SRP-DSS, -PSK, DHE-PSK, ECDHE-RSA, ANON-ECDH, ANON-DH, RSA-EXPORT. The +PSK, DHE-PSK, ECDHE-RSA, ANON-ECDH, ANON-DH. The Catch all name is KX-ALL which will add all the algorithms from NORMAL priority. @@ -1375,16 +1374,6 @@ member of the structure is set, allowing the server utilizing the parameters to use keys of the size of the security parameter. This provides better performance in key exchange. -The ciphersuites that involve the RSA-EXPORT key exchange require -additional parameters. Those ciphersuites are rarely used today -because they are by design insecure, thus if you have no requirement -for them, the rest of this section can be skipped. The RSA-EXPORT key exchange -requires 512-bit RSA keys to be generated. It is recommended those -parameters to be refreshed (regenerated) in short intervals. The -following functions can be used for these parameters. - -@showfuncD{gnutls_rsa_params_generate2,gnutls_certificate_set_rsa_export_params,gnutls_rsa_params_import_pkcs1,gnutls_rsa_params_export_pkcs1} - To allow renewal of the parameters within an application without accessing the credentials, which are a shared structure, an alternative interface is available using a callback function. diff --git a/lib/Makefile.am b/lib/Makefile.am index a34977c0ef..2ddec34da4 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -98,7 +98,7 @@ HFILES = abstract_int.h debug.h gnutls_compress.h gnutls_cipher.h \ gnutls_constate.h gnutls_global.h gnutls_sig.h gnutls_mem.h \ gnutls_session_pack.h gnutls_str.h gnutls_str_array.h \ gnutls_state.h gnutls_x509.h crypto-backend.h \ - gnutls_rsa_export.h gnutls_srp.h auth/srp.h auth/srp_passwd.h \ + gnutls_srp.h auth/srp.h auth/srp_passwd.h \ gnutls_helper.h gnutls_supplemental.h crypto.h random.h system.h\ locks.h gnutls_mbuffers.h gnutls_ecc.h pin.h diff --git a/lib/algorithms.h b/lib/algorithms.h index 752ee617c2..c49f277b9c 100644 --- a/lib/algorithms.h +++ b/lib/algorithms.h @@ -93,7 +93,6 @@ int _gnutls_cipher_get_tag_size (gnutls_cipher_algorithm_t algorithm); /* Functions for key exchange. */ int _gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm); -int _gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm); mod_auth_st *_gnutls_kx_auth_struct (gnutls_kx_algorithm_t algorithm); int _gnutls_kx_is_ok (gnutls_kx_algorithm_t algorithm); diff --git a/lib/algorithms/ciphersuites.c b/lib/algorithms/ciphersuites.c index 8ce09af53c..dafba06e40 100644 --- a/lib/algorithms/ciphersuites.c +++ b/lib/algorithms/ciphersuites.c @@ -103,8 +103,6 @@ typedef struct #define GNUTLS_RSA_ARCFOUR_MD5 { 0x00, 0x04 } #define GNUTLS_RSA_3DES_EDE_CBC_SHA1 { 0x00, 0x0A } -#define GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5 { 0x00, 0x03 } - /* rfc3268: */ #define GNUTLS_RSA_AES_128_CBC_SHA1 { 0x00, 0x2F } @@ -633,13 +631,6 @@ static const gnutls_cipher_suite_entry cs_algorithms[] = { GNUTLS_CIPHER_AES_256_CBC, GNUTLS_KX_SRP_RSA, GNUTLS_MAC_SHA1, GNUTLS_TLS1, GNUTLS_DTLS_VERSION_MIN), -#endif -#ifdef ENABLE_RSA_EXPORT - /* RSA-EXPORT */ - ENTRY (GNUTLS_RSA_EXPORT_ARCFOUR_40_MD5, - GNUTLS_CIPHER_ARCFOUR_40, - GNUTLS_KX_RSA_EXPORT, GNUTLS_MAC_MD5, - GNUTLS_SSL3, GNUTLS_VERSION_UNKNOWN), #endif {0, {0, 0}, 0, 0, 0, 0, 0, 0} }; diff --git a/lib/algorithms/kx.c b/lib/algorithms/kx.c index cc378bc7d8..0865b0d74b 100644 --- a/lib/algorithms/kx.c +++ b/lib/algorithms/kx.c @@ -27,7 +27,6 @@ extern mod_auth_st rsa_auth_struct; -extern mod_auth_st rsa_export_auth_struct; extern mod_auth_st dhe_rsa_auth_struct; extern mod_auth_st ecdhe_rsa_auth_struct; extern mod_auth_st ecdhe_psk_auth_struct; @@ -58,7 +57,6 @@ static const gnutls_cred_map cred_mappings[] = { {GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON}, {GNUTLS_KX_ANON_ECDH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON}, {GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE}, - {GNUTLS_KX_RSA_EXPORT, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE}, {GNUTLS_KX_ECDHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE}, {GNUTLS_KX_ECDHE_ECDSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE}, {GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE}, @@ -85,46 +83,41 @@ struct gnutls_kx_algo_entry gnutls_kx_algorithm_t algorithm; mod_auth_st *auth_struct; int needs_dh_params; - int needs_rsa_params; }; typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry; static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = { #if defined(ENABLE_ANON) && defined(ENABLE_DHE) - {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0}, + {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1}, #endif #if defined(ENABLE_ANON) && defined(ENABLE_ECDHE) - {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0, 0}, -#endif - {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0, 0}, -#ifdef ENABLE_RSA_EXPORT - {"RSA-EXPORT", GNUTLS_KX_RSA_EXPORT, &rsa_export_auth_struct, 0, - 1 /* needs RSA params */ }, + {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0}, #endif + {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0}, #ifdef ENABLE_DHE - {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 0}, - {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 0}, + {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1}, + {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1}, #endif #ifdef ENABLE_ECDHE - {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0, 0}, - {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0, 0}, + {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0}, + {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0}, #endif #ifdef ENABLE_SRP - {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0}, - {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0}, - {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0}, + {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0}, + {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0}, + {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0}, #endif #ifdef ENABLE_PSK - {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0}, + {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0}, # ifdef ENABLE_DHE {"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct, - 1 /* needs DHE params */ , 0}, + 1 /* needs DHE params */}, # endif # ifdef ENABLE_ECDHE - {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0 , 0}, + {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0}, # endif #endif - {0, 0, 0, 0, 0} + {0, 0, 0, 0} }; #define GNUTLS_KX_LOOP(b) \ @@ -145,7 +138,6 @@ _gnutls_kx_auth_struct (gnutls_kx_algorithm_t algorithm) } - int _gnutls_kx_priority (gnutls_session_t session, gnutls_kx_algorithm_t algorithm) @@ -243,14 +235,6 @@ _gnutls_kx_is_ok (gnutls_kx_algorithm_t algorithm) return ret; } -int -_gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm) -{ - ssize_t ret = 0; - GNUTLS_KX_ALG_LOOP (ret = p->needs_rsa_params); - return ret; -} - int _gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm) { diff --git a/lib/algorithms/publickey.c b/lib/algorithms/publickey.c index c24cf3f133..7e5c8789b3 100644 --- a/lib/algorithms/publickey.c +++ b/lib/algorithms/publickey.c @@ -47,7 +47,6 @@ typedef struct */ static const gnutls_pk_map pk_mappings[] = { {GNUTLS_KX_RSA, GNUTLS_PK_RSA, CIPHER_ENCRYPT}, - {GNUTLS_KX_RSA_EXPORT, GNUTLS_PK_RSA, CIPHER_SIGN}, {GNUTLS_KX_DHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN}, {GNUTLS_KX_SRP_RSA, GNUTLS_PK_RSA, CIPHER_SIGN}, {GNUTLS_KX_ECDHE_RSA, GNUTLS_PK_RSA, CIPHER_SIGN}, diff --git a/lib/auth/Makefile.am b/lib/auth/Makefile.am index 1d5d8da888..966bd7ac25 100644 --- a/lib/auth/Makefile.am +++ b/lib/auth/Makefile.am @@ -35,7 +35,7 @@ endif noinst_LTLIBRARIES = libgnutls_auth.la libgnutls_auth_la_SOURCES = anon.c cert.c dh_common.c dhe.c \ - dhe_psk.c psk.c psk_passwd.c rsa.c rsa_export.c srp.c \ + dhe_psk.c psk.c psk_passwd.c rsa.c srp.c \ srp_passwd.c srp_rsa.c srp_sb64.c anon.h cert.h dh_common.h \ psk.h psk_passwd.h srp.h srp_passwd.h anon_ecdh.c \ ecdhe.c ecdhe.h diff --git a/lib/auth/cert.h b/lib/auth/cert.h index 18a383df22..48168291b9 100644 --- a/lib/auth/cert.h +++ b/lib/auth/cert.h @@ -42,7 +42,6 @@ typedef struct { typedef struct gnutls_certificate_credentials_st { gnutls_dh_params_t dh_params; - gnutls_rsa_params_t rsa_params; /* this callback is used to retrieve the DH or RSA * parameters. */ @@ -109,7 +108,6 @@ typedef struct cert_auth_info_st * They must be freed. */ dh_info_st dh; - rsa_info_st rsa_export; gnutls_datum_t *raw_certificate_list; /* holds the raw certificate of the * peer. @@ -146,12 +144,6 @@ void _gnutls_selected_certs_set (gnutls_session_t session, gnutls_pcert_st * certs, int ncerts, gnutls_privkey_t key, int need_free); -gnutls_rsa_params_t _gnutls_certificate_get_rsa_params (gnutls_rsa_params_t - rsa_params, - gnutls_params_function - * func, - gnutls_session_t); - int _gnutls_get_auth_info_pcert (gnutls_pcert_st* gcert, gnutls_certificate_type_t type, cert_auth_info_t info); diff --git a/lib/auth/rsa.c b/lib/auth/rsa.c index 832f16a9ef..f71d95a389 100644 --- a/lib/auth/rsa.c +++ b/lib/auth/rsa.c @@ -70,7 +70,6 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, int ret; cert_auth_info_t info; gnutls_pcert_st peer_cert; - unsigned int i; /* normal non export case */ @@ -95,34 +94,6 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, gnutls_pk_params_init(params); - /* EXPORT case: */ - if (_gnutls_cipher_suite_get_kx_algo - (session->security_parameters.cipher_suite) == - GNUTLS_KX_RSA_EXPORT && - _gnutls_pubkey_is_over_rsa_512(peer_cert.pubkey) == 0) - { - if (session->key.rsa[0] == NULL || session->key.rsa[1] == NULL) - { - gnutls_assert (); - ret = GNUTLS_E_INTERNAL_ERROR; - goto cleanup; - } - - for (i = 0; i < RSA_PUBLIC_PARAMS; i++) - { - params->params[i] = _gnutls_mpi_copy (session->key.rsa[i]); - if (params->params[i] != NULL) - params->params_nr++; - else - { - ret = gnutls_assert_val(GNUTLS_E_MEMORY_ERROR); - goto cleanup; - } - } - - goto done; - } - ret = _gnutls_pubkey_get_mpis(peer_cert.pubkey, params); if (ret < 0) { @@ -130,13 +101,9 @@ _gnutls_get_public_rsa_params (gnutls_session_t session, goto cleanup2; } -done: gnutls_pcert_deinit (&peer_cert); return 0; -cleanup: - for (i=0;iparams_nr;i++) - _gnutls_mpi_release(params->params[i]); cleanup2: gnutls_pcert_deinit (&peer_cert); diff --git a/lib/auth/rsa_export.c b/lib/auth/rsa_export.c deleted file mode 100644 index cf09f8d908..0000000000 --- a/lib/auth/rsa_export.c +++ /dev/null @@ -1,467 +0,0 @@ -/* - * Copyright (C) 2000-2012 Free Software Foundation, Inc. - * - * Author: Nikos Mavrogiannopoulos - * - * This file is part of GnuTLS. - * - * The GnuTLS is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program. If not, see - * - */ - -/* This file contains the RSA key exchange part of the certificate - * authentication. - */ - -#include "gnutls_int.h" -#include "gnutls_auth.h" -#include "gnutls_errors.h" -#include "gnutls_dh.h" -#include "gnutls_num.h" -#include "gnutls_datum.h" -#include -#include -#include -#include -#include "debug.h" -#include -#include -#include -#include -#include -#include - -#ifdef ENABLE_RSA_EXPORT - -int _gnutls_gen_rsa_client_kx (gnutls_session_t, gnutls_buffer_st*); -static int gen_rsa_export_server_kx (gnutls_session_t, gnutls_buffer_st*); -static int proc_rsa_export_server_kx (gnutls_session_t, uint8_t *, size_t); -static int proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size); - -const mod_auth_st rsa_export_auth_struct = { - "RSA EXPORT", - _gnutls_gen_cert_server_crt, - _gnutls_gen_cert_client_crt, - gen_rsa_export_server_kx, - _gnutls_gen_rsa_client_kx, - _gnutls_gen_cert_client_crt_vrfy, /* gen client cert vrfy */ - _gnutls_gen_cert_server_cert_req, /* server cert request */ - - _gnutls_proc_crt, - _gnutls_proc_crt, - proc_rsa_export_server_kx, - proc_rsa_export_client_kx, /* proc client kx */ - _gnutls_proc_cert_client_crt_vrfy, /* proc client cert vrfy */ - _gnutls_proc_cert_cert_req /* proc server cert request */ -}; - -/* This function reads the RSA parameters from the private key - */ -static int -_gnutls_get_private_rsa_params (gnutls_session_t session, - gnutls_pk_params_st** params) -{ - int ret; - gnutls_certificate_credentials_t cred; - gnutls_rsa_params_t rsa_params; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - if (session->internals.selected_cert_list == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - ret = _gnutls_pubkey_is_over_rsa_512(session->internals.selected_cert_list[0].pubkey); - - if (_gnutls_cipher_suite_get_kx_algo - (session->security_parameters.cipher_suite) - != GNUTLS_KX_RSA_EXPORT || ret < 0) - { - gnutls_assert (); - return GNUTLS_E_INVALID_REQUEST; - } - - rsa_params = - _gnutls_certificate_get_rsa_params (cred->rsa_params, - cred->params_func, session); - /* EXPORT case: */ - if (rsa_params == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS; - } - - /* In the export case, we do use temporary RSA params - * of 512 bits size. The params in the certificate are - * used to sign this temporary stuff. - */ - *params = &rsa_params->params; - - return 0; -} - -int -proc_rsa_export_client_kx (gnutls_session_t session, uint8_t * data, - size_t _data_size) -{ - gnutls_datum_t plaintext; - gnutls_datum_t ciphertext; - int ret, dsize; - gnutls_pk_params_st *params; - int randomize_key = 0; - ssize_t data_size = _data_size; - - if (gnutls_protocol_get_version (session) == GNUTLS_SSL3) - { - /* SSL 3.0 - */ - ciphertext.data = data; - ciphertext.size = data_size; - } - else - { - /* TLS 1.0 - */ - DECR_LEN (data_size, 2); - ciphertext.data = &data[2]; - dsize = _gnutls_read_uint16 (data); - - if (dsize != data_size) - { - gnutls_assert (); - return GNUTLS_E_UNEXPECTED_PACKET_LENGTH; - } - ciphertext.size = dsize; - } - - ret = _gnutls_get_private_rsa_params (session, ¶ms); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_pk_decrypt (GNUTLS_PK_RSA, &plaintext, &ciphertext, params); - - if (ret < 0 || plaintext.size != GNUTLS_MASTER_SIZE) - { - /* In case decryption fails then don't inform - * the peer. Just use a random key. (in order to avoid - * attack against pkcs-1 formating). - */ - gnutls_assert (); - _gnutls_audit_log (session, "auth_rsa: Possible PKCS #1 format attack\n"); - randomize_key = 1; - } - else - { - /* If the secret was properly formatted, then - * check the version number. - */ - if (_gnutls_get_adv_version_major (session) != plaintext.data[0] - || _gnutls_get_adv_version_minor (session) != plaintext.data[1]) - { - /* No error is returned here, if the version number check - * fails. We proceed normally. - * That is to defend against the attack described in the paper - * "Attacking RSA-based sessions in SSL/TLS" by Vlastimil Klima, - * Ondej Pokorny and Tomas Rosa. - */ - gnutls_assert (); - _gnutls_audit_log - (session, "auth_rsa: Possible PKCS #1 version check format attack\n"); - } - } - - if (randomize_key != 0) - { - session->key.key.size = GNUTLS_MASTER_SIZE; - session->key.key.data = gnutls_malloc (session->key.key.size); - if (session->key.key.data == NULL) - { - gnutls_assert (); - return GNUTLS_E_MEMORY_ERROR; - } - - /* we do not need strong random numbers here. - */ - ret = _gnutls_rnd (GNUTLS_RND_NONCE, session->key.key.data, - session->key.key.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - } - else - { - session->key.key.data = plaintext.data; - session->key.key.size = plaintext.size; - } - - /* This is here to avoid the version check attack - * discussed above. - */ - session->key.key.data[0] = _gnutls_get_adv_version_major (session); - session->key.key.data[1] = _gnutls_get_adv_version_minor (session); - - return 0; -} - -static int -gen_rsa_export_server_kx (gnutls_session_t session, gnutls_buffer_st* data) -{ - gnutls_rsa_params_t rsa_params; - const gnutls_pk_params_st *rsa_mpis; - int ret = 0; - gnutls_pcert_st *apr_cert_list; - gnutls_privkey_t apr_pkey; - int apr_cert_list_length; - gnutls_datum_t signature, ddata; - gnutls_certificate_credentials_t cred; - gnutls_sign_algorithm_t sign_algo; - unsigned int bits = 0; - - cred = (gnutls_certificate_credentials_t) - _gnutls_get_cred (session, GNUTLS_CRD_CERTIFICATE, NULL); - if (cred == NULL) - { - gnutls_assert (); - return GNUTLS_E_INSUFFICIENT_CREDENTIALS; - } - - /* find the appropriate certificate */ - if ((ret = - _gnutls_get_selected_cert (session, &apr_cert_list, - &apr_cert_list_length, &apr_pkey)) < 0) - { - gnutls_assert (); - return ret; - } - - /* abort sending this message if we have a certificate - * of 512 bits or less. - */ - gnutls_privkey_get_pk_algorithm (apr_pkey, &bits); - if (apr_pkey && bits <= 512) - { - gnutls_assert (); - return GNUTLS_E_INT_RET_0; - } - - rsa_params = - _gnutls_certificate_get_rsa_params (cred->rsa_params, cred->params_func, - session); - rsa_mpis = _gnutls_rsa_params_to_mpi (rsa_params); - if (rsa_mpis == NULL) - { - gnutls_assert (); - return GNUTLS_E_NO_TEMPORARY_RSA_PARAMS; - } - - if ((ret = _gnutls_auth_info_set (session, GNUTLS_CRD_CERTIFICATE, - sizeof (cert_auth_info_st), 0)) < 0) - { - gnutls_assert (); - return ret; - } - - _gnutls_rsa_export_set_pubkey (session, rsa_mpis->params[1], rsa_mpis->params[0]); - - ret = _gnutls_buffer_append_mpi( data, 16, rsa_mpis->params[0], 0); - if (ret < 0) - return gnutls_assert_val(ret); - - ret = _gnutls_buffer_append_mpi( data, 16, rsa_mpis->params[1], 0); - if (ret < 0) - return gnutls_assert_val(ret); - - /* Generate the signature. */ - - ddata.data = data->data; - ddata.size = data->length; - - if (apr_cert_list_length > 0) - { - if ((ret = - _gnutls_handshake_sign_data (session, &apr_cert_list[0], - apr_pkey, &ddata, &signature, - &sign_algo)) < 0) - { - gnutls_assert (); - return ret; - } - } - else - { - gnutls_assert (); - return data->length; /* do not put a signature - ILLEGAL! */ - } - - ret = _gnutls_buffer_append_data_prefix( data, 16, signature.data, signature.size); - _gnutls_free_datum (&signature); - - if (ret < 0) - return gnutls_assert_val(ret); - - return data->length; -} - -/* if the peer's certificate is of 512 bits or less, returns non (0). - */ -int -_gnutls_peers_cert_less_512 (gnutls_session_t session) -{ - gnutls_pcert_st peer_cert; - int ret; - cert_auth_info_t info = _gnutls_get_auth_info (session); - - if (info == NULL || info->ncerts == 0) - { - gnutls_assert (); - /* we need this in order to get peer's certificate */ - return 0; - } - - if ((ret = - _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info)) < 0) - { - gnutls_assert (); - return 0; - } - - if (gnutls_pubkey_get_pk_algorithm(peer_cert.pubkey, NULL) != GNUTLS_PK_RSA) - { - gnutls_assert (); - gnutls_pcert_deinit (&peer_cert); - return 0; - } - - if (_gnutls_pubkey_is_over_rsa_512(peer_cert.pubkey) < 0) - { - gnutls_pcert_deinit (&peer_cert); - return 1; - } - - gnutls_pcert_deinit (&peer_cert); - - return 0; -} - -static int -proc_rsa_export_server_kx (gnutls_session_t session, - uint8_t * data, size_t _data_size) -{ - uint16_t n_m, n_e; - size_t _n_m, _n_e; - uint8_t *data_m; - uint8_t *data_e; - int i, sigsize; - gnutls_datum_t vparams, signature; - int ret; - ssize_t data_size = _data_size; - cert_auth_info_t info; - gnutls_pcert_st peer_cert; - - info = _gnutls_get_auth_info (session); - if (info == NULL || info->ncerts == 0) - { - gnutls_assert (); - /* we need this in order to get peer's certificate */ - return GNUTLS_E_INTERNAL_ERROR; - } - - - i = 0; - - DECR_LEN (data_size, 2); - n_m = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_m); - data_m = &data[i]; - i += n_m; - - DECR_LEN (data_size, 2); - n_e = _gnutls_read_uint16 (&data[i]); - i += 2; - - DECR_LEN (data_size, n_e); - data_e = &data[i]; - - _n_e = n_e; - _n_m = n_m; - - if (_gnutls_mpi_scan_nz (&session->key.rsa[0], data_m, _n_m) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - if (_gnutls_mpi_scan_nz (&session->key.rsa[1], data_e, _n_e) != 0) - { - gnutls_assert (); - return GNUTLS_E_MPI_SCAN_FAILED; - } - - _gnutls_rsa_export_set_pubkey (session, session->key.rsa[1], - session->key.rsa[0]); - - /* VERIFY SIGNATURE */ - - vparams.size = n_m + n_e + 4; - vparams.data = data; - - DECR_LEN (data_size, 2); - sigsize = _gnutls_read_uint16 (&data[vparams.size]); - - DECR_LEN (data_size, sigsize); - signature.data = &data[vparams.size + 2]; - signature.size = sigsize; - - if ((ret = - _gnutls_get_auth_info_pcert (&peer_cert, - session->security_parameters.cert_type, - info)) < 0) - { - gnutls_assert (); - return ret; - } - - ret = - _gnutls_handshake_verify_data (session, &peer_cert, &vparams, &signature, - GNUTLS_SIGN_UNKNOWN); - - gnutls_pcert_deinit (&peer_cert); - if (ret < 0) - { - gnutls_assert (); - } - - return ret; -} - -#endif diff --git a/lib/gnutls_auth.c b/lib/gnutls_auth.c index e11d68221c..24df4579fb 100644 --- a/lib/gnutls_auth.c +++ b/lib/gnutls_auth.c @@ -296,7 +296,6 @@ void _gnutls_free_auth_info (gnutls_session_t session) { dh_info_st *dh_info; - rsa_info_st *rsa_info; if (session == NULL) { @@ -339,7 +338,6 @@ _gnutls_free_auth_info (gnutls_session_t session) break; dh_info = &info->dh; - rsa_info = &info->rsa_export; for (i = 0; i < info->ncerts; i++) { _gnutls_free_datum (&info->raw_certificate_list[i]); @@ -350,7 +348,6 @@ _gnutls_free_auth_info (gnutls_session_t session) info->ncerts = 0; _gnutls_free_dh_info (dh_info); - _gnutls_free_rsa_info (rsa_info); } diff --git a/lib/gnutls_cert.c b/lib/gnutls_cert.c index 7b845d8079..dbfec96b3e 100644 --- a/lib/gnutls_cert.c +++ b/lib/gnutls_cert.c @@ -139,45 +139,6 @@ gnutls_certificate_free_ca_names (gnutls_certificate_credentials_t sc) _gnutls_free_datum (&sc->x509_rdn_sequence); } -/*- - * _gnutls_certificate_get_rsa_params - Returns the RSA parameters pointer - * @rsa_params: holds the RSA parameters or NULL. - * @func: function to retrieve the parameters or NULL. - * @session: The session. - * - * This function will return the rsa parameters pointer. - -*/ -gnutls_rsa_params_t -_gnutls_certificate_get_rsa_params (gnutls_rsa_params_t rsa_params, - gnutls_params_function * func, - gnutls_session_t session) -{ - gnutls_params_st params; - int ret; - - if (session->internals.params.rsa_params) - { - return session->internals.params.rsa_params; - } - - if (rsa_params) - { - session->internals.params.rsa_params = rsa_params; - } - else if (func) - { - ret = func (session, GNUTLS_PARAMS_RSA_EXPORT, ¶ms); - if (ret == 0 && params.type == GNUTLS_PARAMS_RSA_EXPORT) - { - session->internals.params.rsa_params = params.params.rsa_export; - session->internals.params.free_rsa_params = params.deinit; - } - } - - return session->internals.params.rsa_params; -} - - /** * gnutls_certificate_free_credentials: * @sc: is a #gnutls_certificate_credentials_t structure. diff --git a/lib/gnutls_handshake.c b/lib/gnutls_handshake.c index 6ba70f7385..cf1e06cc67 100644 --- a/lib/gnutls_handshake.c +++ b/lib/gnutls_handshake.c @@ -49,7 +49,6 @@ #include #include #include -#include /* for gnutls_get_rsa_params() */ #include /* for gnutls_anon_server_credentials_t */ #include /* for gnutls_psk_server_credentials_t */ #include @@ -3172,7 +3171,6 @@ check_server_params (gnutls_session_t session, { int cred_type; gnutls_dh_params_t dh_params = NULL; - gnutls_rsa_params_t rsa_params = NULL; int j; cred_type = _gnutls_map_kx_get_cred (kx, 1); @@ -3191,12 +3189,6 @@ check_server_params (gnutls_session_t session, dh_params = _gnutls_get_dh_params (x509_cred->dh_params, x509_cred->params_func, session); -#ifdef ENABLE_RSA_EXPORT - rsa_params = - _gnutls_certificate_get_rsa_params (x509_cred->rsa_params, - x509_cred->params_func, - session); -#endif } /* Check also if the certificate supports the @@ -3249,22 +3241,6 @@ check_server_params (gnutls_session_t session, else return 0; /* no need for params */ - -#ifdef ENABLE_RSA_EXPORT - /* If the key exchange method needs RSA or DH params, - * but they are not set then remove it. - */ - if (_gnutls_kx_needs_rsa_params (kx) != 0) - { - /* needs rsa params. */ - if (_gnutls_rsa_params_to_mpi (rsa_params) == NULL) - { - gnutls_assert (); - return 1; - } - } -#endif - if (_gnutls_kx_needs_dh_params (kx) != 0) { /* needs DH params. */ diff --git a/lib/gnutls_int.h b/lib/gnutls_int.h index 41efec9030..14ddfbec15 100644 --- a/lib/gnutls_int.h +++ b/lib/gnutls_int.h @@ -659,8 +659,6 @@ typedef struct { gnutls_dh_params_t dh_params; int free_dh_params; - gnutls_rsa_params_t rsa_params; - int free_rsa_params; } internal_params_st; /* DTLS session state diff --git a/lib/gnutls_kx.c b/lib/gnutls_kx.c index d84303f762..31cff20bb8 100644 --- a/lib/gnutls_kx.c +++ b/lib/gnutls_kx.c @@ -34,7 +34,6 @@ #include "gnutls_mpi.h" #include #include -#include #include /* This is a temporary function to be used before the generate_* @@ -459,17 +458,6 @@ _gnutls_recv_server_kx_message (gnutls_session_t session) if (session->internals.auth_struct->gnutls_process_server_kx != NULL) { -#ifdef ENABLE_RSA_EXPORT - /* EXCEPTION FOR RSA_EXPORT cipher suite - */ - if (_gnutls_session_is_export (session) != 0 && - _gnutls_peers_cert_less_512 (session) != 0) - { - gnutls_assert (); - return 0; - } -#endif - /* Server key exchange packet is optional for PSK. */ if (_gnutls_session_is_psk (session)) optflag = 1; diff --git a/lib/gnutls_priority.c b/lib/gnutls_priority.c index 6b35de5f54..260909984a 100644 --- a/lib/gnutls_priority.c +++ b/lib/gnutls_priority.c @@ -319,9 +319,6 @@ static const int kx_priority_export[] = { #ifdef ENABLE_DHE GNUTLS_KX_DHE_RSA, GNUTLS_KX_DHE_DSS, -#endif -#ifdef ENABLE_RSA_EXPORT - GNUTLS_KX_RSA_EXPORT, #endif 0 }; @@ -344,7 +341,6 @@ static const int kx_priority_secure[] = { GNUTLS_KX_DHE_DSS, #endif /* GNUTLS_KX_ANON_DH: Man-in-the-middle prone, don't add! - * GNUTLS_KX_RSA_EXPORT: Deprecated, don't add! */ 0 }; diff --git a/lib/gnutls_rsa_export.c b/lib/gnutls_rsa_export.c index 954abf3ee6..396bc73d5f 100644 --- a/lib/gnutls_rsa_export.c +++ b/lib/gnutls_rsa_export.c @@ -27,25 +27,13 @@ #include #include #include -#include #include "x509/x509_int.h" #include "debug.h" #ifdef ENABLE_RSA_EXPORT -/* returns e and m, depends on the requested bits. - * We only support limited key sizes. - */ -const gnutls_pk_params_st* -_gnutls_rsa_params_to_mpi (gnutls_rsa_params_t rsa_params) -{ - if (rsa_params == NULL) - { - return NULL; - } - - return &rsa_params->params; -} +/* The are included for binary compatibility with previous versions + * only */ /** * gnutls_rsa_params_import_raw: @@ -235,4 +223,4 @@ gnutls_rsa_params_export_raw (gnutls_rsa_params_t rsa, return 0; } -#endif +#endif /* ENABLE_RSA_EXPORT */ diff --git a/lib/gnutls_rsa_export.h b/lib/gnutls_rsa_export.h deleted file mode 100644 index 22ce475af6..0000000000 --- a/lib/gnutls_rsa_export.h +++ /dev/null @@ -1,24 +0,0 @@ -/* - * Copyright (C) 2000-2012 Free Software Foundation, Inc. - * - * Author: Nikos Mavrogiannopoulos - * - * This file is part of GnuTLS. - * - * The GnuTLS is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public License - * as published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program. If not, see - * - */ - -const gnutls_pk_params_st *_gnutls_rsa_params_to_mpi (gnutls_rsa_params_t); -int _gnutls_peers_cert_less_512 (gnutls_session_t session); diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c index c2cb25dc6e..c10d86fee5 100644 --- a/lib/gnutls_session_pack.c +++ b/lib/gnutls_session_pack.c @@ -331,10 +331,6 @@ pack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) info->dh.generator.size); BUFFER_APPEND_PFX4 (ps, info->dh.public_key.data, info->dh.public_key.size); - BUFFER_APPEND_PFX4 (ps, info->rsa_export.modulus.data, - info->rsa_export.modulus.size); - BUFFER_APPEND_PFX4 (ps, info->rsa_export.exponent.data, - info->rsa_export.exponent.size); BUFFER_APPEND_NUM (ps, info->ncerts); @@ -385,8 +381,6 @@ unpack_certificate_auth_info (gnutls_session_t session, gnutls_buffer_st * ps) BUFFER_POP_DATUM (ps, &info->dh.prime); BUFFER_POP_DATUM (ps, &info->dh.generator); BUFFER_POP_DATUM (ps, &info->dh.public_key); - BUFFER_POP_DATUM (ps, &info->rsa_export.modulus); - BUFFER_POP_DATUM (ps, &info->rsa_export.exponent); BUFFER_POP_NUM (ps, info->ncerts); @@ -416,9 +410,6 @@ error: _gnutls_free_datum (&info->dh.generator); _gnutls_free_datum (&info->dh.public_key); - _gnutls_free_datum (&info->rsa_export.modulus); - _gnutls_free_datum (&info->rsa_export.exponent); - for (j = 0; j < i; j++) _gnutls_free_datum (&info->raw_certificate_list[j]); diff --git a/lib/gnutls_state.c b/lib/gnutls_state.c index 2f460a6b92..5d05254ca0 100644 --- a/lib/gnutls_state.c +++ b/lib/gnutls_state.c @@ -42,7 +42,6 @@ #include #include #include -#include #include #include #include @@ -235,11 +234,6 @@ deinit_internal_params (gnutls_session_t session) gnutls_dh_params_deinit (session->internals.params.dh_params); #endif -#ifdef ENABLE_RSA_EXPORT - if (session->internals.params.free_rsa_params) - gnutls_rsa_params_deinit (session->internals.params.rsa_params); -#endif - _gnutls_handshake_hash_buffers_clear (session); memset (&session->internals.params, 0, sizeof (session->internals.params)); @@ -591,45 +585,6 @@ _gnutls_dh_set_secret_bits (gnutls_session_t session, unsigned bits) return 0; } -/* This function will set in the auth info structure the - * RSA exponent and the modulus. - */ -int -_gnutls_rsa_export_set_pubkey (gnutls_session_t session, - bigint_t exponent, bigint_t modulus) -{ - cert_auth_info_t info; - int ret; - - info = _gnutls_get_auth_info (session); - if (info == NULL) - return GNUTLS_E_INTERNAL_ERROR; - - if (info->rsa_export.modulus.data) - _gnutls_free_datum (&info->rsa_export.modulus); - - if (info->rsa_export.exponent.data) - _gnutls_free_datum (&info->rsa_export.exponent); - - ret = _gnutls_mpi_dprint_lz (modulus, &info->rsa_export.modulus); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_mpi_dprint_lz (exponent, &info->rsa_export.exponent); - if (ret < 0) - { - gnutls_assert (); - _gnutls_free_datum (&info->rsa_export.modulus); - return ret; - } - - return 0; -} - - /* Sets the prime and the generator in the auth info structure. */ int diff --git a/lib/gnutls_state.h b/lib/gnutls_state.h index a10f93f086..c383e4ea3d 100644 --- a/lib/gnutls_state.h +++ b/lib/gnutls_state.h @@ -71,9 +71,6 @@ _gnutls_dh_get_min_prime_bits (gnutls_session_t session) void _gnutls_handshake_internal_state_clear (gnutls_session_t); -int _gnutls_rsa_export_set_pubkey (gnutls_session_t session, - bigint_t exponent, bigint_t modulus); - int _gnutls_session_is_resumable (gnutls_session_t session); int _gnutls_session_is_export (gnutls_session_t session); diff --git a/lib/gnutls_ui.c b/lib/gnutls_ui.c index d4cce95e07..25da85f7b3 100644 --- a/lib/gnutls_ui.c +++ b/lib/gnutls_ui.c @@ -768,36 +768,7 @@ gnutls_rsa_export_get_pubkey (gnutls_session_t session, gnutls_datum_t * exponent, gnutls_datum_t * modulus) { - cert_auth_info_t info; - int ret; - - if (gnutls_auth_get_type (session) == GNUTLS_CRD_CERTIFICATE) - { - info = _gnutls_get_auth_info (session); - if (info == NULL) - return GNUTLS_E_INTERNAL_ERROR; - - ret = _gnutls_set_datum (modulus, info->rsa_export.modulus.data, - info->rsa_export.modulus.size); - if (ret < 0) - { - gnutls_assert (); - return ret; - } - - ret = _gnutls_set_datum (exponent, info->rsa_export.exponent.data, - info->rsa_export.exponent.size); - if (ret < 0) - { - gnutls_assert (); - _gnutls_free_datum (modulus); - return ret; - } - - return 0; - } - - return GNUTLS_E_INVALID_REQUEST; + return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); } /** @@ -812,13 +783,7 @@ gnutls_rsa_export_get_pubkey (gnutls_session_t session, int gnutls_rsa_export_get_modulus_bits (gnutls_session_t session) { - cert_auth_info_t info; - - info = _gnutls_get_auth_info (session); - if (info == NULL) - return GNUTLS_E_INTERNAL_ERROR; - - return mpi_buf2bits (&info->rsa_export.modulus); + return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE); } /** @@ -834,7 +799,7 @@ void gnutls_certificate_set_rsa_export_params (gnutls_certificate_credentials_t res, gnutls_rsa_params_t rsa_params) { - res->rsa_params = rsa_params; + return; } #endif diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in index e985eb7295..79d6517a04 100644 --- a/lib/includes/gnutls/gnutls.h.in +++ b/lib/includes/gnutls/gnutls.h.in @@ -137,7 +137,7 @@ extern "C" * @GNUTLS_KX_ANON_DH: Anon-DH key-exchange algorithm. * @GNUTLS_KX_ANON_ECDH: Anon-ECDH key-exchange algorithm. * @GNUTLS_KX_SRP: SRP key-exchange algorithm. - * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm. + * @GNUTLS_KX_RSA_EXPORT: RSA-EXPORT key-exchange algorithm (defunc). * @GNUTLS_KX_SRP_RSA: SRP-RSA key-exchange algorithm. * @GNUTLS_KX_SRP_DSS: SRP-DSS key-exchange algorithm. * @GNUTLS_KX_PSK: PSK key-exchange algorithm. @@ -167,7 +167,7 @@ extern "C" /** * gnutls_params_type_t: - * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters. + * @GNUTLS_PARAMS_RSA_EXPORT: Session RSA-EXPORT parameters (defunc). * @GNUTLS_PARAMS_DH: Session Diffie-Hellman parameters. * @GNUTLS_PARAMS_ECDH: Session Elliptic-Curve Diffie-Hellman parameters. * diff --git a/lib/x509/privkey.c b/lib/x509/privkey.c index a755d888b8..34cee63900 100644 --- a/lib/x509/privkey.c +++ b/lib/x509/privkey.c @@ -24,7 +24,6 @@ #include #include #include -#include #include #include #include diff --git a/lib/x509/privkey_openssl.c b/lib/x509/privkey_openssl.c index 389f531e34..396020e1af 100644 --- a/lib/x509/privkey_openssl.c +++ b/lib/x509/privkey_openssl.c @@ -25,7 +25,6 @@ #include #include #include -#include #include #include #include diff --git a/lib/x509/privkey_pkcs8.c b/lib/x509/privkey_pkcs8.c index 1bbfc78223..9a94c35009 100644 --- a/lib/x509/privkey_pkcs8.c +++ b/lib/x509/privkey_pkcs8.c @@ -25,7 +25,6 @@ #include #include #include -#include #include #include #include