wtls_statesupport.c

The Kannel Open Source WAP and SMS gateway works as both an SMS gateway, for implementing keyword b

        //returnSuite = gw_malloc(sizeof(CipherSuite));

		/* the first CS in the list */
		do {
			/* the next CS in the list */
			currentCS = list_get(ciphersuites, i);
			/* Check if we support this BulkCipher */
			if(currentCS->bulk_cipher_algo >= RC5_CBC_40 &&
			   currentCS->bulk_cipher_algo <= IDEA_CBC) {
				
				/* Check if we support this MAC algsorithm */
				if(currentCS->mac_algo >= SHA_0 &&
				   currentCS->mac_algo <= MD5_NOLIMIT) {
					/* We can use this CipherSuite then */
					returnSuite = currentCS;
				}
			}
			i++;
		} while(returnSuite == NULL && i < listLen);
		
        return returnSuite;
}

int isSupportedKeyEx(int keyExId) {
	int maxSupported;
	int i;
	int retCode = 0;
	
	maxSupported = sizeof(supportedKeyExSuite) / sizeof(KeyExchangeSuite);
	
	for(i = 0; i<maxSupported; i++) {
		if(keyExId == supportedKeyExSuite[i]) {
			retCode = 1;
		}
	}
	return retCode;
}

int wtls_choose_clientkeyid(List* clientKeyIds) {
		int returnKey = 0;
		KeyExchangeId *currentKeyId = NULL;
		int i = 0;
		int listLen;
		
		listLen = list_len(clientKeyIds);
		debug("wtls", 0, "listLen = %d", listLen);
		
		do {
			currentKeyId = list_get(clientKeyIds, i);
			debug("wtls", 0, "Key %d", i);
			dump_key_exchange_id("wtls", 0, currentKeyId);
			
			/* check if the current key suite is supported */
			if(isSupportedKeyEx(currentKeyId->key_exchange_suite)) {
				returnKey = i+1;
			}
			i++;

		} while(returnKey == 0 && i < listLen);
		
        return returnKey;
}

int wtls_choose_snmode(int snmode)
{
        return 2;
}

int wtls_choose_krefresh(int krefresh)
{
        return 2;
}

Random* wtls_get_random(void)
{
        Random* randomData;
        randomData = gw_malloc(sizeof(Random));
        randomData->gmt_unix_time = 0x0000;

        /* Yeah, I know, it's not very random */
        randomData->random_bytes = octstr_create("000000000000");
        return randomData;
}


int clienthellos_are_identical (List* pdu_list, List* last_received_packet)
{
        return 0;
}

int certifcateverifys_are_identical (List* pdu_list, List* last_received_packet)
{
        return 0;
}
int certificates_are_identical (List* pdu_list, List* last_received_packet)
{
        return 0;
}
int clientkeyexchanges_are_identical (List* pdu_list, List* last_received_packet)
{
        return 0;
}
int changecipherspecs_are_identical (List* pdu_list, List* last_received_packet)
{
        return 0;
}
int finisheds_are_indentical (List* pdu_list, List* last_received_packet)
{
        return 0;
}

int packet_contains_changecipherspec (List* pdu_list)
{
        return 0;
}

int packet_contains_finished (List* pdu_list)
{
        return 0;
}

int packet_contains_optional_stuff (List* pdu_list)
{
        return 0;
}

int packet_contains_userdata (List* pdu_list)
{
		/* FIXME: need to check if it is really Userdata !! */
        return 1;
}

int packet_contains_clienthello (List* pdu_list)
{
        return 0;
}

int is_critical_alert (List* pdu_list)
{
        return 0;
}

int is_warning_alert (List* pdu_list)
{
        return 0;
}


/* go through the list of wtls_Payloads and add the data of any 
   handshake message to wtls_machine->handshake_data */
void add_all_handshake_data(WTLSMachine *wtls_machine, List *pdu_list)
{
	long i, listlen;
	wtls_Payload *payload;

	gw_assert(pdu_list != NULL);
	
	listlen = list_len(pdu_list);
	debug("wtls", 0,"adding handshake data from %d PDU(s)", listlen);
	for(i=0; i<listlen; i++) {
		payload = (wtls_Payload *)list_get(pdu_list, i);
		if(payload->type == Handshake_PDU) {
            octstr_insert(wtls_machine->handshake_data, payload->data,
                          octstr_len(wtls_machine->handshake_data));
			debug("wtls", 0, "Data from PDU %d:", i);
			octstr_dump(payload->data, 2);
		}
	}
}

void calculate_server_key_block(WTLSMachine *wtls_machine)
{
    Octstr* concatenatedRandoms=0;
    Octstr* labelMaster=0;
    Octstr* key_block;
    Octstr* final_server_write_enc_key = NULL;
    Octstr* final_server_write_IV = NULL;
    Octstr* emptySecret = NULL;

    /* Concatenate our random data */
    concatenatedRandoms = octstr_create("");
    pack_int16(concatenatedRandoms, 0, wtls_machine->server_seq_num);
    octstr_append(concatenatedRandoms, wtls_machine->server_random);
    octstr_append(concatenatedRandoms, wtls_machine->client_random);

    /* Calculate the key_block */
    labelMaster = octstr_create("server expansion");
    key_block = wtls_calculate_prf(wtls_machine->master_secret, labelMaster,
                                   concatenatedRandoms,
                                   hash_table[wtls_machine->mac_algorithm].key_size
                                   + bulk_table[wtls_machine->bulk_cipher_algorithm].key_material
                                   + bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size,
                                   wtls_machine );

    octstr_destroy(labelMaster);
    labelMaster = NULL;
    octstr_destroy(concatenatedRandoms);
    concatenatedRandoms = NULL;

    /* Break the key_block in its 3 parts */
    wtls_machine->server_write_MAC_secret = octstr_copy(key_block, 0, hash_table[wtls_machine->mac_algorithm].key_size);
    octstr_delete(key_block, 0, hash_table[wtls_machine->mac_algorithm].key_size);
    wtls_machine->server_write_enc_key = octstr_copy(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].key_material);
    octstr_delete(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].key_material);
    wtls_machine->server_write_IV = octstr_copy(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size);

    /* Additional calculations for exportable encryption algos */
    if(bulk_table[wtls_machine->bulk_cipher_algorithm].is_exportable == EXPORTABLE) {
        concatenatedRandoms = octstr_cat(wtls_machine->client_random, wtls_machine->server_random);
        labelMaster = octstr_create("server write key");
        final_server_write_enc_key = wtls_calculate_prf(wtls_machine->server_write_enc_key, labelMaster,
                                                concatenatedRandoms,
                                                bulk_table[wtls_machine->bulk_cipher_algorithm].key_material,
                                                wtls_machine);
        octstr_destroy(labelMaster);
        labelMaster = NULL;
        octstr_destroy(concatenatedRandoms);
        concatenatedRandoms = NULL;

        octstr_destroy(wtls_machine->server_write_enc_key);
        wtls_machine->server_write_enc_key = final_server_write_enc_key;
        final_server_write_enc_key = NULL;

        concatenatedRandoms = octstr_create("");
        octstr_append_char(concatenatedRandoms, wtls_machine->server_seq_num);
        octstr_append(concatenatedRandoms, wtls_machine->client_random);
        octstr_append(concatenatedRandoms, wtls_machine->server_random);

        emptySecret = octstr_create("");
        final_server_write_IV = wtls_calculate_prf(emptySecret, labelMaster,
                                concatenatedRandoms,
                                bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size,
                                wtls_machine);
        octstr_destroy(labelMaster);
        labelMaster = NULL;
        octstr_destroy(concatenatedRandoms);
        concatenatedRandoms = NULL;
    }
}

void calculate_client_key_block(WTLSMachine *wtls_machine) {
    Octstr* concatenatedRandoms=0;
    Octstr* key_block;
    Octstr* final_client_write_enc_key = NULL;
    Octstr* final_client_write_IV = NULL;
    Octstr* emptySecret = NULL;
    Octstr* labelMaster=0;

    /* Concatenate our random data */
    concatenatedRandoms = octstr_create("");
    pack_int16(concatenatedRandoms, 0,wtls_machine->client_seq_num);
    octstr_append(concatenatedRandoms, wtls_machine->server_random);
    octstr_append(concatenatedRandoms, wtls_machine->client_random);

    /* Calculate the key_block */
    labelMaster = octstr_create("client expansion");
    key_block = wtls_calculate_prf(wtls_machine->master_secret, labelMaster,
                                 concatenatedRandoms,
                                 hash_table[wtls_machine->mac_algorithm].key_size
                                 + bulk_table[wtls_machine->bulk_cipher_algorithm].key_material
                                 + bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size,
                                 wtls_machine );


    octstr_destroy(labelMaster);
    labelMaster = NULL;
    octstr_destroy(concatenatedRandoms);
    concatenatedRandoms = NULL;

    /* Break the key_block in its 3 parts */
    wtls_machine->client_write_MAC_secret = octstr_copy(key_block, 0, hash_table[wtls_machine->mac_algorithm].key_size);
    octstr_delete(key_block, 0, hash_table[wtls_machine->mac_algorithm].key_size);
    wtls_machine->client_write_enc_key = octstr_copy(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].key_material);
    octstr_delete(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].key_material);
    wtls_machine->client_write_IV = octstr_copy(key_block, 0, bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size);

    /* Additional calculations for exportable encryption algos */
    if(bulk_table[wtls_machine->bulk_cipher_algorithm].is_exportable == EXPORTABLE) {
        concatenatedRandoms = octstr_cat(wtls_machine->client_random, wtls_machine->server_random);
        labelMaster = octstr_create("client write key");
        final_client_write_enc_key = wtls_calculate_prf(wtls_machine->client_write_enc_key, labelMaster,
                                         concatenatedRandoms,
                                         bulk_table[wtls_machine->bulk_cipher_algorithm].key_material,
                                         wtls_machine);
        octstr_destroy(labelMaster);
        labelMaster = NULL;

        octstr_destroy(wtls_machine->client_write_enc_key);
        wtls_machine->client_write_enc_key = final_client_write_enc_key;
        final_client_write_enc_key = NULL;

        octstr_destroy(labelMaster);
        labelMaster = NULL;
        octstr_destroy(concatenatedRandoms);
        concatenatedRandoms = NULL;

        emptySecret = octstr_create("");
        final_client_write_IV = wtls_calculate_prf(emptySecret, labelMaster,
                                concatenatedRandoms,
                                bulk_table[wtls_machine->bulk_cipher_algorithm].iv_size,
                                wtls_machine);
        octstr_destroy(labelMaster);
        labelMaster = NULL;
        octstr_destroy(concatenatedRandoms);
                        concatenatedRandoms = NULL;
    }
}

#endif