wtls_statesupport.c

The Kannel Open Source WAP and SMS gateway works as both an SMS gateway, for implementing keyword b

        gw_free(outputDataTemp);
        gw_free(inputDataTemp);
        outputDataTemp = NULL;
        inputDataTemp = NULL;
        
        /* Return the outputData */
        return outputData;
}

Octstr* wtls_decrypt_rc5(Octstr* data, WTLSMachine* wtls_machine)
{
        Octstr* encryptedData;
        Octstr* decryptedData;
        Octstr* duplicatedIv;
        unsigned char* output;
        unsigned char* input;
        unsigned char* iv;
        unsigned char* keyData;
        int keyLen;
        int ivLen;
        int dataLen;
        
        RC5_32_KEY* key = NULL;
        ivLen = bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size;
        duplicatedIv = octstr_duplicate(wtls_machine->client_write_IV);
        iv = octstr_get_cstr(duplicatedIv);

        keyLen = bulk_table[wtls_machine->bulk_cipher_algorithm].key_material;
        keyData = octstr_get_cstr(wtls_machine->client_write_enc_key);

        dataLen = octstr_len(data);
        input = octstr_get_cstr(data);
        
        key = gw_malloc (sizeof(RC5_32_KEY));
        
        /* Key generation */
        RC5_32_set_key(key, keyLen, keyData,  RC5_16_ROUNDS);
        
        /* Malloc our output */
        output = gw_malloc (dataLen);
        
        /* Encrypt the string */
         debug("wtls_statesupport",0,"About to decrypt: dataLen = %d, iv = %x", dataLen, iv);
         octstr_dump(data,0);
         RC5_32_cbc_encrypt(input, output, dataLen, key, iv, RC5_DECRYPT);
         debug("wtls_statesupport",0,"Decrypted");
         decryptedData = octstr_create_from_data(output, dataLen);
         octstr_dump(decryptedData,0);         

         /* Encrypt it just to test */
         gw_free(output);
         output = NULL;
         output = gw_malloc (dataLen);
         
          /* Ensure that we preserve the iv */
         octstr_destroy(duplicatedIv);
         duplicatedIv = octstr_duplicate(wtls_machine->client_write_IV);
         iv = octstr_get_cstr(duplicatedIv);

         octstr_get_many_chars(iv, wtls_machine->client_write_IV,0,ivLen);         
         input = octstr_get_cstr(decryptedData);
        
         RC5_32_cbc_encrypt(input, output, dataLen, key, iv, RC5_ENCRYPT);
         encryptedData = octstr_create_from_data(output, dataLen);
         
         gw_free(output);
         output = NULL;
         octstr_destroy(duplicatedIv);
         return decryptedData;
}

Octstr* wtls_encrypt_rc5(Octstr* data, WTLSMachine* wtls_machine)
{
        Octstr* encryptedData;
        Octstr* decryptedData;
        Octstr* duplicatedIv;
        unsigned char* output;
        unsigned char* input;
        unsigned char* iv;
        unsigned char* keyData;
        int keyLen;
        int ivLen;
        int dataLen;
        
        RC5_32_KEY* key = NULL;
        ivLen = bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size;
        duplicatedIv = octstr_duplicate(wtls_machine->server_write_IV);
        iv = octstr_get_cstr(duplicatedIv);

        keyLen = bulk_table[wtls_machine->bulk_cipher_algorithm].key_material;
        keyData = octstr_get_cstr(wtls_machine->server_write_enc_key);

        dataLen = octstr_len(data);
        input = octstr_get_cstr(data);
        
        key = gw_malloc (sizeof(RC5_32_KEY));
        
        /* Key generation */
        debug("wtls_statesupport",0,"Key generation");
        RC5_32_set_key(key, keyLen, keyData,  RC5_16_ROUNDS);
        
        /* Malloc our output */
        output = gw_malloc (dataLen);
        
        /* Encrypt the string */
         RC5_32_cbc_encrypt(input, output, dataLen, key, iv, RC5_ENCRYPT);
         encryptedData = octstr_create_from_data(output, dataLen);

         /* Decrypt it just to test */
         gw_free(output);
         output = NULL;
         output = gw_malloc (dataLen);
         
          /* Ensure that we preserve the iv */
         octstr_destroy(duplicatedIv);
         duplicatedIv = octstr_duplicate(wtls_machine->server_write_IV);
         iv = octstr_get_cstr(duplicatedIv);

         octstr_get_many_chars(iv, wtls_machine->server_write_IV,0,ivLen);         
         input = octstr_get_cstr(encryptedData);
        
         RC5_32_cbc_encrypt(input, output, dataLen, key, iv, RC5_DECRYPT);
         decryptedData = octstr_create_from_data(output, dataLen);

         gw_free(output);
         output = NULL;
         octstr_destroy(duplicatedIv);
         return encryptedData;
}

Octstr* wtls_decrypt_rsa(Octstr* encryptedData)
{
        int numBytesWritten=0,numBytesToRead=0;
        Octstr *decryptedData=0;
        unsigned char* tempDecryptionBuffer=0;
        char* tempEncryptionPointer=0;
        
        /* Allocate some memory for our decryption buffer */
        tempDecryptionBuffer = gw_malloc(RSA_size(private_key));

        /* Calculate the number of bytes to read from encryptedData when decrypting */
        numBytesToRead = octstr_len(encryptedData);

        /* Don't write to this pointer. Ever ever ever. */
        tempEncryptionPointer = octstr_get_cstr(encryptedData);
        
        /* Decrypt the data in encryptedData */
        numBytesWritten = RSA_private_decrypt(numBytesToRead, tempEncryptionPointer,
                                              tempDecryptionBuffer, private_key, RSA_PKCS1_PADDING);

		if(numBytesWritten == -1) {
			tempEncryptionPointer += 2;
			numBytesToRead -= 2;
	        numBytesWritten = RSA_private_decrypt(numBytesToRead, tempEncryptionPointer,
                                              tempDecryptionBuffer, private_key, RSA_PKCS1_PADDING);
		}		
 
        /* Move the tempDecryptionBuffer to an Octstr */
        decryptedData = octstr_create_from_data(tempDecryptionBuffer,numBytesWritten);

        /* Deallocate the tempDecryptionBuffer */
        gw_free(tempDecryptionBuffer);
        tempDecryptionBuffer = NULL;

		debug("wtls",0, "Decrypted secret");
		octstr_dump(   decryptedData, 0);
		     
        /* Return the decrypted data */
        return decryptedData;
}

void wtls_decrypt_pdu_list(WTLSMachine *wtls_machine, List *pdu_list)
{
	int i, listlen;
    Octstr* decryptedData = NULL;
	wtls_Payload *payload;
	
	listlen = list_len(pdu_list);
	for( i=0; i<listlen; i++) {
		payload = (wtls_Payload *)list_get(pdu_list, i);
		
		if(payload->cipher) {
			debug("wtls", 0, "Decrypting PDU %d", i);
            decryptedData = wtls_decrypt(payload->data, wtls_machine);
			/* replace the data */
			octstr_destroy(payload->data);
			payload->data = decryptedData;
		}
		else {
			debug("wtls", 0, "PDU %d is not encrypted.", i);
		}
	}
}


RSAPublicKey* wtls_get_rsapublickey(void)
{
        RSA* rsaStructure=0;
        EVP_PKEY* publicKey=0;
        BIGNUM *modulus=0,*exponent=0;
        unsigned char* tempModulusStorage=0,*tempExponentStorage=0;
        int numbytes=0;
        RSAPublicKey* returnStructure=0;
        Octstr *octstrModulus=0, *octstrExponent=0;
        
        /* First, we need to extract the RSA structure from the X509 Cert */
        /* Get the EVP_PKEY structure from the X509 cert */
        publicKey = X509_PUBKEY_get(x509_cert->cert_info->key);
        
        /* Take said EVP_PKEY structure and get the RSA component */
        if (EVP_PKEY_type(publicKey->type) != EVP_PKEY_RSA)
        {
                return NULL;
        }
        else
        {
                rsaStructure = publicKey->pkey.rsa;
        }
        
        /* Then we need to grab the exponent component from the cert */
        exponent = rsaStructure->e;
        
        /* We need to allocate sufficient memory to hold the exponent */
        numbytes = BN_num_bytes(exponent);
        tempExponentStorage = gw_malloc(numbytes);
        
        /* Then we get the exponent */
        numbytes = BN_bn2bin(exponent, tempExponentStorage);
        
        /* And finally we convert the exponent to an Octstr */
        octstrExponent = octstr_create_from_data(tempExponentStorage,numbytes);

        /* Then we need to grab the modulus component from the cert */
        modulus = rsaStructure->n;
        
        /* We need to allocate sufficient memory to hold the modulus */
        numbytes = BN_num_bytes(modulus);
        tempModulusStorage = gw_malloc(numbytes);
        
        /* Then we get the modulus */
        numbytes = BN_bn2bin(modulus, tempModulusStorage);
        
        /* And finally we convert the modulus to an Octstr */
        octstrModulus = octstr_create_from_data(tempModulusStorage,numbytes);

        /* Put the components into our return structure */
        returnStructure = gw_malloc(sizeof(RSAPublicKey));
        returnStructure->rsa_exponent = octstrExponent;
        returnStructure->rsa_modulus = octstrModulus;
        
        /* And deallocate the memory allocated for holding the modulus */
        gw_free(tempModulusStorage);
        gw_free(tempExponentStorage);
        tempModulusStorage = NULL;
        tempExponentStorage = NULL;
        
        return returnStructure;
}

Octstr* wtls_get_certificate(void)
{
        unsigned char** pp;
        unsigned char* ppStart;
        int amountWritten = 1260;
        Octstr* returnOctstr;
        
        debug("wtls_get_certificate",0,"x509_cert : %x", x509_cert);
        /* Convert the x509 certificate to DER-encoding */
        amountWritten =i2d_X509(x509_cert, NULL);
        debug("wtls_get_certificate",0,"amountWritten : %d", amountWritten);

        /* Allocate some memory for *pp */
        pp = (unsigned char**) gw_malloc(sizeof(unsigned char**));
        
        /* Allocate the memory and call the same function again?!!?
           What an original idea :-/ */
        ppStart = (unsigned char *) gw_malloc (sizeof(unsigned char)*amountWritten);
        debug("wtls_get_certificate",0,"x509_cert_DER_pre : %x", *pp);
        *pp = ppStart;
        amountWritten =i2d_X509(x509_cert, pp);

        /* And we do this, because otherwise *pp is pointing to the end of the buffer. Yay */
        *pp = ppStart;
        debug("wtls_get_certificate",0,"x509_cert_DER_post : %x", *pp);
        
        /* Convert the DER-encoded char string to an octstr */
        returnOctstr = octstr_create_from_data(*pp,amountWritten);

        /* Destroy the memory allocated temporarily above */
        gw_free(*pp);
        *pp = NULL;
        
        /* Destroy the memory allocated for pp as well */
        gw_free(pp);
        pp = NULL;
        
        /* Return the octstr */
        return returnOctstr;
}

/* Chooses a CipherSuite from the list provided by the client.
   Returns NULL if none is acceptable. */
CipherSuite* wtls_choose_ciphersuite(List* ciphersuites) {
        CipherSuite* returnSuite = NULL;
        CipherSuite* currentCS = NULL;
		int i = 0;
        int listLen;
		
		listLen = list_len(ciphersuites);