File Coverage

inc/matrixssl-3-9-3-open/matrixssl/psk.c

Criterion	Covered	Total	%
statement	0	56	0.0
branch	0	36	0.0
condition			n/a
subroutine			n/a
pod			n/a
total	0	92	0.0

line	stmt	bran	code
1			/**
2			* @file psk.c
3			* @version 950bba4 (HEAD -> master)
4			*
5			* Pre-Shared Key cipher suite support.
6			*/
7			/*
8			* Copyright (c) 2013-2017 INSIDE Secure Corporation
9			* Copyright (c) PeerSec Networks, 2002-2011
10			* All Rights Reserved
11			*
12			* The latest version of this code is available at http://www.matrixssl.org
13			*
14			* This software is open source; you can redistribute it and/or modify
15			* it under the terms of the GNU General Public License as published by
16			* the Free Software Foundation; either version 2 of the License, or
17			* (at your option) any later version.
18			*
19			* This General Public License does NOT permit incorporating this software
20			* into proprietary programs. If you are unable to comply with the GPL, a
21			* commercial license for this software may be purchased from INSIDE at
22			* http://www.insidesecure.com/
23			*
24			* This program is distributed in WITHOUT ANY WARRANTY; without even the
25			* implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
26			* See the GNU General Public License for more details.
27			*
28			* You should have received a copy of the GNU General Public License
29			* along with this program; if not, write to the Free Software
30			* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
31			* http://www.gnu.org/copyleft/gpl.html
32			*/
33			/******************************************************************************/
34
35			#include "matrixsslImpl.h"
36
37			#ifdef USE_PSK_CIPHER_SUITE
38
39			/******************************************************************************/
40			/*
41			Add a pre-shared key and ID to the static table in the first NULL spot
42			*/
43	0		int32_t matrixSslLoadPsk(sslKeys_t *keys,
44			const unsigned char key[SSL_PSK_MAX_KEY_SIZE], uint8_t keyLen,
45			const unsigned char id[SSL_PSK_MAX_ID_SIZE], uint8_t idLen)
46			{
47			psPsk_t psk, list;
48
49	0	0	if (keys == NULL \|\| key == NULL \|\| id == NULL)
		0
		0
50			{
51	0		return PS_ARG_FAIL;
52			}
53	0	0	if (keyLen > SSL_PSK_MAX_KEY_SIZE)
54			{
55			psTraceIntInfo("Can't add PSK. Key too large: %d\n", keyLen);
56	0		return PS_ARG_FAIL;
57			}
58
59	0	0	if (idLen > SSL_PSK_MAX_ID_SIZE)
60			{
61			psTraceIntInfo("Can't add PSK. Key ID too large: %d\n", idLen);
62	0		return PS_ARG_FAIL;
63			}
64
65	0	0	if (keyLen < 1 \|\| idLen < 1)
		0
66			{
67			psTraceInfo("Can't add PSK. Both key and identity length must be >0\n");
68	0		return PS_ARG_FAIL;
69			}
70
71	0	0	if ((psk = psMalloc(keys->pool, sizeof(psPsk_t))) == NULL)
72			{
73	0		return PS_MEM_FAIL;
74			}
75	0		memset(psk, 0, sizeof(psPsk_t));
76
77	0	0	if ((psk->pskKey = psMalloc(keys->pool, keyLen)) == NULL)
78			{
79	0		psFree(psk, keys->pool);
80	0		return PS_MEM_FAIL;
81			}
82	0	0	if ((psk->pskId = psMalloc(keys->pool, idLen)) == NULL)
83			{
84	0		psFree(psk->pskKey, keys->pool);
85	0		psFree(psk, keys->pool);
86	0		return PS_MEM_FAIL;
87			}
88	0		memcpy(psk->pskKey, key, keyLen);
89	0		psk->pskLen = keyLen;
90
91	0		memcpy(psk->pskId, id, idLen);
92	0		psk->pskIdLen = idLen;
93
94	0	0	if (keys->pskKeys == NULL)
95			{
96	0		keys->pskKeys = psk;
97			}
98			else
99			{
100	0		list = keys->pskKeys;
101	0	0	while (list->next != NULL)
102			{
103	0		list = list->next;
104			}
105	0		list->next = psk;
106			}
107
108	0		return 0;
109			}
110
111
112			/******************************************************************************/
113			/*
114			The ServerKeyExchange message passes an optional 'hint' to the client about
115			which PSK it might want to use.
116			*/
117	0		int32_t matrixPskGetHint(ssl_t *ssl,
118			unsigned char hint[SSL_PSK_MAX_HINT_SIZE], uint8_t hintLen)
119			{
120			/*
121			RFC4279: In the absence of an application profile specification specifying
122			otherwise, servers SHOULD NOT provide an identity hint and clients
123			MUST ignore the identity hint field. Applications that do use this
124			field MUST specify its contents, how the value is chosen by the TLS
125			server, and what the TLS client is expected to do with the value.
126
127			NOTE: If you are adding support for a hint, make sure to also modify the
128			SSL_PSK_MAX_HINT_SIZE define in matrixInternal.h so that messsageSize
129			checks will work inside sslEncode.c
130			*/
131	0		*hint = NULL;
132	0		*hintLen = 0;
133	0		return 0;
134			}
135
136			/******************************************************************************/
137			/*
138			Get the id from the pre-shared key table based on given SSL session
139			hint and hintLen are not currently used for the lookup
140			*/
141	0		int32_t matrixSslPskGetKeyId(ssl_t *ssl,
142			unsigned char id[SSL_PSK_MAX_ID_SIZE], uint8_t idLen,
143			const unsigned char hint[SSL_PSK_MAX_HINT_SIZE], uint8_t hintLen)
144			{
145			psPsk_t *psk;
146
147	0		psk = ssl->keys->pskKeys;
148
149	0	0	if (psk == NULL)
150			{
151			psTraceInfo("No pre-shared keys loaded\n");
152	0		return PS_FAILURE;
153			}
154
155	0		*id = psk->pskId;
156	0		*idLen = psk->pskIdLen;
157	0		return PS_SUCCESS;
158			}
159
160			/******************************************************************************/
161			/*
162			Get the key from the pre-shared list based on id
163			*/
164	0		int32_t matrixSslPskGetKey(ssl_t *ssl,
165			const unsigned char id[SSL_PSK_MAX_ID_SIZE], uint8_t idLen,
166			unsigned char key[SSL_PSK_MAX_KEY_SIZE], uint8_t keyLen)
167			{
168			psPsk_t *psk;
169
170	0		*key = NULL;
171
172	0		psk = ssl->keys->pskKeys;
173
174	0	0	if (psk == NULL)
175			{
176			psTraceInfo("No pre-shared keys loaded\n");
177	0		return PS_FAILURE;
178			}
179
180	0	0	if (idLen <= 0)
181			{
182			psTraceIntInfo("Bad PSK identity length: %d\n", idLen);
183	0		return PS_ARG_FAIL;
184			}
185
186			/*
187			Make sure the length matches as well
188			*/
189	0	0	while (psk)
190			{
191	0	0	if (psk->pskIdLen == idLen)
192			{
193	0	0	if (memcmp(psk->pskId, id, idLen) == 0)
194			{
195	0		*key = psk->pskKey;
196	0		*keyLen = psk->pskLen;
197	0		return PS_SUCCESS;
198			}
199			}
200	0		psk = psk->next;
201			}
202
203			psTraceInfo("Can't find PSK key from id\n");
204	0		return PS_SUCCESS;
205			}
206			#endif /* USE_PSK_CIPHER_SUITE */
207
208			/******************************************************************************/