38
38
#include <gnutls_state.h>
39
39
#include <gnutls_datum.h>
40
40
#include <gnutls_rsa_export.h>
41
#include <gnutls_mbuffers.h>
42
#include "../libextra/ext_inner_application.h" /* isn't this too much? */
44
/* This is a temporary function to be used before the generate_*
45
internal API is changed to use mbuffers. For now we don't avoid the
46
extra alloc + memcpy. */
48
send_handshake (gnutls_session_t session, opaque * data, size_t size,
49
gnutls_handshake_description_t type)
53
if (data == NULL && size == 0)
54
return _gnutls_send_handshake (session, NULL, type);
56
if (data == NULL && size > 0)
59
return GNUTLS_E_INVALID_REQUEST;
62
bufel = _gnutls_handshake_alloc (size, size);
66
return GNUTLS_E_MEMORY_ERROR;
69
_mbuffer_set_udata (bufel, data, size);
71
return _gnutls_send_handshake (session, bufel, type);
42
75
/* This file contains important thing for the TLS handshake procedure.
65
98
_gnutls_hard_log ("INT: PREMASTER SECRET[%d]: %s\n", PREMASTER.size,
66
_gnutls_bin2hex (PREMASTER.data, PREMASTER.size, buf,
99
_gnutls_bin2hex (PREMASTER.data, PREMASTER.size, buf,
100
sizeof (buf), NULL));
68
101
_gnutls_hard_log ("INT: CLIENT RANDOM[%d]: %s\n", 32,
69
_gnutls_bin2hex (session->
70
security_parameters.client_random, 32,
102
_gnutls_bin2hex (session->
103
security_parameters.client_random, 32,
104
buf, sizeof (buf), NULL));
72
105
_gnutls_hard_log ("INT: SERVER RANDOM[%d]: %s\n", 32,
73
_gnutls_bin2hex (session->
74
security_parameters.server_random, 32,
106
_gnutls_bin2hex (session->
107
security_parameters.server_random, 32,
108
buf, sizeof (buf), NULL));
77
110
if (gnutls_protocol_get_version (session) == GNUTLS_SSL3)
79
112
opaque rnd[2 * GNUTLS_RANDOM_SIZE + 1];
81
114
memcpy (rnd, session->security_parameters.client_random,
83
116
memcpy (&rnd[GNUTLS_RANDOM_SIZE],
84
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
117
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
87
_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size,
88
rnd, 2 * GNUTLS_RANDOM_SIZE,
91
security_parameters.master_secret);
94
else if (session->security_parameters.extensions.oprfi_client_len > 0 &&
95
session->security_parameters.extensions.oprfi_server_len > 0)
98
size_t rndlen = 2 * GNUTLS_RANDOM_SIZE;
100
rndlen += session->security_parameters.extensions.oprfi_client_len;
101
rndlen += session->security_parameters.extensions.oprfi_server_len;
103
rnd = gnutls_malloc (rndlen + 1);
107
return GNUTLS_E_MEMORY_ERROR;
110
_gnutls_hard_log ("INT: CLIENT OPRFI[%d]: %s\n",
111
session->security_parameters.extensions.
113
_gnutls_bin2hex (session->
114
security_parameters.extensions.
117
security_parameters.extensions.
118
oprfi_client_len, buf,
120
_gnutls_hard_log ("INT: SERVER OPRFI[%d]: %s\n",
121
session->security_parameters.extensions.
123
_gnutls_bin2hex (session->
124
security_parameters.extensions.
127
security_parameters.extensions.
128
oprfi_server_len, buf,
131
memcpy (rnd, session->security_parameters.client_random,
133
memcpy (rnd + GNUTLS_RANDOM_SIZE,
134
session->security_parameters.extensions.oprfi_client,
135
session->security_parameters.extensions.oprfi_client_len);
136
memcpy (rnd + GNUTLS_RANDOM_SIZE +
137
session->security_parameters.extensions.oprfi_client_len,
138
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
139
memcpy (rnd + GNUTLS_RANDOM_SIZE +
140
session->security_parameters.extensions.oprfi_client_len +
142
session->security_parameters.extensions.oprfi_server,
143
session->security_parameters.extensions.oprfi_server_len);
145
ret = _gnutls_PRF (session, PREMASTER.data, PREMASTER.size,
146
MASTER_SECRET, strlen (MASTER_SECRET),
147
rnd, rndlen, GNUTLS_MASTER_SIZE,
148
session->security_parameters.master_secret);
120
_gnutls_ssl3_generate_random (PREMASTER.data, PREMASTER.size,
121
rnd, 2 * GNUTLS_RANDOM_SIZE,
124
security_parameters.master_secret);
154
129
opaque rnd[2 * GNUTLS_RANDOM_SIZE + 1];
156
131
memcpy (rnd, session->security_parameters.client_random,
158
133
memcpy (&rnd[GNUTLS_RANDOM_SIZE],
159
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
134
session->security_parameters.server_random, GNUTLS_RANDOM_SIZE);
162
_gnutls_PRF (session, PREMASTER.data, PREMASTER.size,
163
MASTER_SECRET, strlen (MASTER_SECRET),
164
rnd, 2 * GNUTLS_RANDOM_SIZE, GNUTLS_MASTER_SIZE,
165
session->security_parameters.master_secret);
137
_gnutls_PRF (session, PREMASTER.data, PREMASTER.size,
138
MASTER_SECRET, strlen (MASTER_SECRET),
139
rnd, 2 * GNUTLS_RANDOM_SIZE, GNUTLS_MASTER_SIZE,
140
session->security_parameters.master_secret);
168
143
/* TLS/IA inner secret is derived from the master secret. */
169
memcpy (session->security_parameters.inner_secret,
170
session->security_parameters.master_secret, GNUTLS_MASTER_SIZE);
144
_gnutls_ia_derive_inner_secret (session);
172
146
if (!keep_premaster)
173
147
_gnutls_free_datum (&PREMASTER);
625
594
/* if we have not requested a certificate then just return
627
596
if (session->internals.send_cert_req == 0)
632
601
if (session->internals.send_cert_req == GNUTLS_CERT_REQUIRE)
633
optional = MANDATORY_PACKET;
602
optional = MANDATORY_PACKET;
635
optional = OPTIONAL_PACKET;
604
optional = OPTIONAL_PACKET;
638
_gnutls_recv_handshake (session, &data,
640
GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional);
607
_gnutls_recv_handshake (session, &data,
609
GNUTLS_HANDSHAKE_CERTIFICATE_PKT, optional);
644
/* Handle the case of old SSL3 clients who send
645
* a warning alert instead of an empty certificate to indicate
648
if (optional == OPTIONAL_PACKET &&
649
ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
650
gnutls_protocol_get_version (session) == GNUTLS_SSL3 &&
651
gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE)
654
/* SSL3 does not send an empty certificate,
655
* but this alert. So we just ignore it.
661
/* certificate was required
663
if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED
664
|| ret == GNUTLS_E_FATAL_ALERT_RECEIVED)
665
&& optional == MANDATORY_PACKET)
668
return GNUTLS_E_NO_CERTIFICATE_FOUND;
613
/* Handle the case of old SSL3 clients who send
614
* a warning alert instead of an empty certificate to indicate
617
if (optional == OPTIONAL_PACKET &&
618
ret == GNUTLS_E_WARNING_ALERT_RECEIVED &&
619
gnutls_protocol_get_version (session) == GNUTLS_SSL3 &&
620
gnutls_alert_get (session) == GNUTLS_A_SSL3_NO_CERTIFICATE)
623
/* SSL3 does not send an empty certificate,
624
* but this alert. So we just ignore it.
630
/* certificate was required
632
if ((ret == GNUTLS_E_WARNING_ALERT_RECEIVED
633
|| ret == GNUTLS_E_FATAL_ALERT_RECEIVED)
634
&& optional == MANDATORY_PACKET)
637
return GNUTLS_E_NO_CERTIFICATE_FOUND;
674
643
if (ret == 0 && datasize == 0 && optional == OPTIONAL_PACKET)
676
/* Client has not sent the certificate message.
677
* well I'm not sure we should accept this
645
/* Client has not sent the certificate message.
646
* well I'm not sure we should accept this
685
auth_struct->gnutls_process_client_certificate (session, data,
654
auth_struct->gnutls_process_client_certificate (session, data,
688
657
gnutls_free (data);
689
658
if (ret < 0 && ret != GNUTLS_E_NO_CERTIFICATE_FOUND)
695
664
/* ok we should expect a certificate verify message now
697
666
if (ret == GNUTLS_E_NO_CERTIFICATE_FOUND && optional == OPTIONAL_PACKET)
700
session->key->certificate_requested = 1;
669
session->key->certificate_requested = 1;
759
728
if (session->internals.send_cert_req == 0 ||
760
session->key->certificate_requested == 0)
729
session->key->certificate_requested == 0)
766
_gnutls_recv_handshake (session, &data,
768
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY,
735
_gnutls_recv_handshake (session, &data,
737
GNUTLS_HANDSHAKE_CERTIFICATE_VERIFY,
773
742
if (ret == 0 && datasize == 0
774
&& session->internals.send_cert_req == GNUTLS_CERT_REQUIRE)
776
/* certificate was required */
778
return GNUTLS_E_NO_CERTIFICATE_FOUND;
743
&& session->internals.send_cert_req == GNUTLS_CERT_REQUIRE)
745
/* certificate was required */
747
return GNUTLS_E_NO_CERTIFICATE_FOUND;
783
auth_struct->gnutls_process_client_cert_vrfy (session, data,
752
auth_struct->gnutls_process_client_cert_vrfy (session, data,
785
754
gnutls_free (data);