Bug Summary

File:lib/algorithms/kx.c
Location:line 217, column 21
Description:Value stored to 'i' is never read

Annotated Source Code

1/*
2 * Copyright (C) 2011-2012 Free Software Foundation, Inc.
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of GnuTLS.
7 *
8 * The GnuTLS is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 3 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 *
21 */
22
23#include <gnutls_int.h>
24#include <algorithms.h>
25#include <gnutls_errors.h>
26#include <x509/common.h>
27
28
29extern mod_auth_st rsa_auth_struct;
30extern mod_auth_st rsa_export_auth_struct;
31extern mod_auth_st dhe_rsa_auth_struct;
32extern mod_auth_st ecdhe_rsa_auth_struct;
33extern mod_auth_st ecdhe_psk_auth_struct;
34extern mod_auth_st ecdhe_ecdsa_auth_struct;
35extern mod_auth_st dhe_dss_auth_struct;
36extern mod_auth_st anon_auth_struct;
37extern mod_auth_st anon_ecdh_auth_struct;
38extern mod_auth_st srp_auth_struct;
39extern mod_auth_st psk_auth_struct;
40extern mod_auth_st dhe_psk_auth_struct;
41extern mod_auth_st srp_rsa_auth_struct;
42extern mod_auth_st srp_dss_auth_struct;
43
44
45/* Cred type mappings to KX algorithms
46 * FIXME: The mappings are not 1-1. Some KX such as SRP_RSA require
47 * more than one credentials type.
48 */
49typedef struct
50{
51 gnutls_kx_algorithm_t algorithm;
52 gnutls_credentials_type_t client_type;
53 gnutls_credentials_type_t server_type; /* The type of credentials a server
54 * needs to set */
55} gnutls_cred_map;
56
57static const gnutls_cred_map cred_mappings[] = {
58 {GNUTLS_KX_ANON_DH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
59 {GNUTLS_KX_ANON_ECDH, GNUTLS_CRD_ANON, GNUTLS_CRD_ANON},
60 {GNUTLS_KX_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
61 {GNUTLS_KX_RSA_EXPORT, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
62 {GNUTLS_KX_ECDHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
63 {GNUTLS_KX_ECDHE_ECDSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
64 {GNUTLS_KX_DHE_DSS, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
65 {GNUTLS_KX_DHE_RSA, GNUTLS_CRD_CERTIFICATE, GNUTLS_CRD_CERTIFICATE},
66 {GNUTLS_KX_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
67 {GNUTLS_KX_DHE_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
68 {GNUTLS_KX_ECDHE_PSK, GNUTLS_CRD_PSK, GNUTLS_CRD_PSK},
69 {GNUTLS_KX_SRP, GNUTLS_CRD_SRP, GNUTLS_CRD_SRP},
70 {GNUTLS_KX_SRP_RSA, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
71 {GNUTLS_KX_SRP_DSS, GNUTLS_CRD_SRP, GNUTLS_CRD_CERTIFICATE},
72 {0, 0, 0}
73};
74
75#define GNUTLS_KX_MAP_LOOP(b)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { b ; } \
76 const gnutls_cred_map *p; \
77 for(p = cred_mappings; p->algorithm != 0; p++) { b ; }
78
79#define GNUTLS_KX_MAP_ALG_LOOP_SERVER(a)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if(p->server_type == type) { a; break; } ; } \
80 GNUTLS_KX_MAP_LOOP( if(p->server_type == type) { a; break; })const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if(p->server_type == type) { a; break; } ; }
81
82struct gnutls_kx_algo_entry
83{
84 const char *name;
85 gnutls_kx_algorithm_t algorithm;
86 mod_auth_st *auth_struct;
87 int needs_dh_params;
88 int needs_rsa_params;
89};
90typedef struct gnutls_kx_algo_entry gnutls_kx_algo_entry;
91
92static const gnutls_kx_algo_entry _gnutls_kx_algorithms[] = {
93#ifdef ENABLE_ANON1
94 {"ANON-DH", GNUTLS_KX_ANON_DH, &anon_auth_struct, 1, 0},
95 {"ANON-ECDH", GNUTLS_KX_ANON_ECDH, &anon_ecdh_auth_struct, 0, 0},
96#endif
97 {"RSA", GNUTLS_KX_RSA, &rsa_auth_struct, 0, 0},
98 {"RSA-EXPORT", GNUTLS_KX_RSA_EXPORT, &rsa_export_auth_struct, 0,
99 1 /* needs RSA params */ },
100 {"DHE-RSA", GNUTLS_KX_DHE_RSA, &dhe_rsa_auth_struct, 1, 0},
101 {"ECDHE-RSA", GNUTLS_KX_ECDHE_RSA, &ecdhe_rsa_auth_struct, 0, 0},
102 {"ECDHE-ECDSA", GNUTLS_KX_ECDHE_ECDSA, &ecdhe_ecdsa_auth_struct, 0, 0},
103 {"DHE-DSS", GNUTLS_KX_DHE_DSS, &dhe_dss_auth_struct, 1, 0},
104
105#ifdef ENABLE_SRP1
106 {"SRP-DSS", GNUTLS_KX_SRP_DSS, &srp_dss_auth_struct, 0, 0},
107 {"SRP-RSA", GNUTLS_KX_SRP_RSA, &srp_rsa_auth_struct, 0, 0},
108 {"SRP", GNUTLS_KX_SRP, &srp_auth_struct, 0, 0},
109#endif
110#ifdef ENABLE_PSK1
111 {"PSK", GNUTLS_KX_PSK, &psk_auth_struct, 0, 0},
112 {"DHE-PSK", GNUTLS_KX_DHE_PSK, &dhe_psk_auth_struct,
113 1 /* needs DHE params */ , 0},
114 {"ECDHE-PSK", GNUTLS_KX_ECDHE_PSK, &ecdhe_psk_auth_struct, 0 , 0},
115#endif
116 {0, 0, 0, 0, 0}
117};
118
119#define GNUTLS_KX_LOOP(b)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { b ; } \
120 const gnutls_kx_algo_entry *p; \
121 for(p = _gnutls_kx_algorithms; p->name != NULL((void*)0); p++) { b ; }
122
123#define GNUTLS_KX_ALG_LOOP(a)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { a; break; } ; } \
124 GNUTLS_KX_LOOP( if(p->algorithm == algorithm) { a; break; } )const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { a; break; } ; }
125
126
127/* Key EXCHANGE functions */
128mod_auth_st *
129_gnutls_kx_auth_struct (gnutls_kx_algorithm_t algorithm)
130{
131 mod_auth_st *ret = NULL((void*)0);
132 GNUTLS_KX_ALG_LOOP (ret = p->auth_struct)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { ret = p->auth_struct; break; } ; };
133 return ret;
134
135}
136
137
138int
139_gnutls_kx_priority (gnutls_session_t session,
140 gnutls_kx_algorithm_t algorithm)
141{
142 unsigned int i;
143 for (i = 0; i < session->internals.priorities.kx.algorithms; i++)
144 {
145 if (session->internals.priorities.kx.priority[i] == algorithm)
146 return i;
147 }
148 return -1;
149}
150
151/**
152 * gnutls_kx_get_name:
153 * @algorithm: is a key exchange algorithm
154 *
155 * Convert a #gnutls_kx_algorithm_t value to a string.
156 *
157 * Returns: a pointer to a string that contains the name of the
158 * specified key exchange algorithm, or %NULL.
159 **/
160const char *
161gnutls_kx_get_name (gnutls_kx_algorithm_t algorithm)
162{
163 const char *ret = NULL((void*)0);
164
165 /* avoid prefix */
166 GNUTLS_KX_ALG_LOOP (ret = p->name)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { ret = p->name; break; } ; };
167
168 return ret;
169}
170
171/**
172 * gnutls_kx_get_id:
173 * @name: is a KX name
174 *
175 * Convert a string to a #gnutls_kx_algorithm_t value. The names are
176 * compared in a case insensitive way.
177 *
178 * Returns: an id of the specified KX algorithm, or %GNUTLS_KX_UNKNOWN
179 * on error.
180 **/
181gnutls_kx_algorithm_t
182gnutls_kx_get_id (const char *name)
183{
184 gnutls_cipher_algorithm_t ret = GNUTLS_KX_UNKNOWN;
185
186 GNUTLS_KX_LOOP (const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
187 if (strcasecmp (p->name, name) == 0)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
188 {const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
189 ret = p->algorithm;const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
190 break;const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
191 }const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; }
192 )const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if (strcasecmp (p->name,
name) == 0) { ret = p->algorithm; break; } ; };
193
194 return ret;
195}
196
197/**
198 * gnutls_kx_list:
199 *
200 * Get a list of supported key exchange algorithms.
201 *
202 * This function is not thread safe.
203 *
204 * Returns: a (0)-terminated list of #gnutls_kx_algorithm_t integers
205 * indicating the available key exchange algorithms.
206 **/
207const gnutls_kx_algorithm_t *
208gnutls_kx_list (void)
209{
210static gnutls_kx_algorithm_t supported_kxs[MAX_ALGOS32] = {0};
211
212 if (supported_kxs[0] == 0)
213 {
214 int i = 0;
215
216 GNUTLS_KX_LOOP (supported_kxs[i++]=p->algorithm)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { supported_kxs[i++]=p->algorithm
; };
217 supported_kxs[i++]=0;
Value stored to 'i' is never read
218 }
219
220 return supported_kxs;
221}
222
223int
224_gnutls_kx_is_ok (gnutls_kx_algorithm_t algorithm)
225{
226 ssize_t ret = -1;
227 GNUTLS_KX_ALG_LOOP (ret = p->algorithm)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { ret = p->algorithm; break; } ; };
228 if (ret >= 0)
229 ret = 0;
230 else
231 ret = 1;
232 return ret;
233}
234
235int
236_gnutls_kx_needs_rsa_params (gnutls_kx_algorithm_t algorithm)
237{
238 ssize_t ret = 0;
239 GNUTLS_KX_ALG_LOOP (ret = p->needs_rsa_params)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { ret = p->needs_rsa_params; break; } ; };
240 return ret;
241}
242
243int
244_gnutls_kx_needs_dh_params (gnutls_kx_algorithm_t algorithm)
245{
246 ssize_t ret = 0;
247 GNUTLS_KX_ALG_LOOP (ret = p->needs_dh_params)const gnutls_kx_algo_entry *p; for(p = _gnutls_kx_algorithms;
p->name != ((void*)0); p++) { if(p->algorithm == algorithm
) { ret = p->needs_dh_params; break; } ; };
248 return ret;
249}
250
251/* Type to KX mappings */
252gnutls_kx_algorithm_t
253_gnutls_map_kx_get_kx (gnutls_credentials_type_t type, int server)
254{
255 gnutls_kx_algorithm_t ret = -1;
256
257 if (server)
258 {
259 GNUTLS_KX_MAP_ALG_LOOP_SERVER (ret = p->algorithm)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if(p->server_type == type) { ret = p->algorithm
; break; } ; };
260 }
261 else
262 {
263 GNUTLS_KX_MAP_ALG_LOOP_SERVER (ret = p->algorithm)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if(p->server_type == type) { ret = p->algorithm
; break; } ; };
264 }
265 return ret;
266}
267
268/* Returns the credentials type required for this
269 * Key exchange method.
270 */
271gnutls_credentials_type_t
272_gnutls_map_kx_get_cred (gnutls_kx_algorithm_t algorithm, int server)
273{
274 gnutls_credentials_type_t ret = -1;
275 if (server)
276 {
277 GNUTLS_KX_MAP_LOOP (if (p->algorithm == algorithm) ret =const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if (p->algorithm == algorithm) ret = p->server_type
; }
278 p->server_type)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if (p->algorithm == algorithm) ret = p->server_type
; };
279 }
280 else
281 {
282 GNUTLS_KX_MAP_LOOP (if (p->algorithm == algorithm) ret =const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if (p->algorithm == algorithm) ret = p->client_type
; }
283 p->client_type)const gnutls_cred_map *p; for(p = cred_mappings; p->algorithm
!= 0; p++) { if (p->algorithm == algorithm) ret = p->client_type
; };
284 }
285
286 return ret;
287}
288