1 files changed, 187 insertions, 4 deletions

diff --git a/src/gnutls.c b/src/gnutls.c
index 52e96791ff0..54b7eb4c90e 100644
--- a/src/gnutls.c
+++ b/src/gnutls.c
@@ -34,6 +34,7 @@ along with GNU Emacs.  If not, see <https://www.gnu.org/licenses/>.  */
 # endif
 
 # if GNUTLS_VERSION_NUMBER >= 0x030200
+#  define HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
 #  define HAVE_GNUTLS_CIPHER_GET_IV_SIZE
 # endif
 
@@ -50,6 +51,10 @@ along with GNU Emacs.  If not, see <https://www.gnu.org/licenses/>.  */
 #  define HAVE_GNUTLS_ETM_STATUS
 # endif
 
+# if GNUTLS_VERSION_NUMBER >= 0x030401
+#  define HAVE_GNUTLS_KEYID_USE_SHA256
+# endif
+
 # if GNUTLS_VERSION_NUMBER < 0x030600
 #  define HAVE_GNUTLS_COMPRESSION_GET
 # endif
@@ -121,6 +126,11 @@ DEF_DLL_FN (int, gnutls_certificate_set_x509_crl_file,
 DEF_DLL_FN (int, gnutls_certificate_set_x509_key_file,
 	    (gnutls_certificate_credentials_t, const char *, const char *,
 	     gnutls_x509_crt_fmt_t));
+#  ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+DEF_DLL_FN (int, gnutls_certificate_set_x509_key_file2,
+	    (gnutls_certificate_credentials_t, const char *, const char *,
+	     gnutls_x509_crt_fmt_t, const char *, unsigned int));
+#  endif
 #  ifdef HAVE_GNUTLS_X509_SYSTEM_TRUST
 DEF_DLL_FN (int, gnutls_certificate_set_x509_system_trust,
 	    (gnutls_certificate_credentials_t));
@@ -314,6 +324,9 @@ init_gnutls_functions (void)
   LOAD_DLL_FN (library, gnutls_certificate_set_verify_flags);
   LOAD_DLL_FN (library, gnutls_certificate_set_x509_crl_file);
   LOAD_DLL_FN (library, gnutls_certificate_set_x509_key_file);
+#  ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+  LOAD_DLL_FN (library, gnutls_certificate_set_x509_key_file2);
+#  endif
 #  ifdef HAVE_GNUTLS_X509_SYSTEM_TRUST
   LOAD_DLL_FN (library, gnutls_certificate_set_x509_system_trust);
 #  endif
@@ -455,6 +468,9 @@ init_gnutls_functions (void)
 #  define gnutls_certificate_set_verify_flags fn_gnutls_certificate_set_verify_flags
 #  define gnutls_certificate_set_x509_crl_file fn_gnutls_certificate_set_x509_crl_file
 #  define gnutls_certificate_set_x509_key_file fn_gnutls_certificate_set_x509_key_file
+#  ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+#   define gnutls_certificate_set_x509_key_file2 fn_gnutls_certificate_set_x509_key_file2
+#  endif
 #  define gnutls_certificate_set_x509_system_trust fn_gnutls_certificate_set_x509_system_trust
 #  define gnutls_certificate_set_x509_trust_file fn_gnutls_certificate_set_x509_trust_file
 #  define gnutls_certificate_type_get fn_gnutls_certificate_type_get
@@ -1071,8 +1087,8 @@ gnutls_hex_string (unsigned char *buf, ptrdiff_t buf_size, const char *prefix)
 {
   ptrdiff_t prefix_length = strlen (prefix);
   ptrdiff_t retlen;
-  if (INT_MULTIPLY_WRAPV (buf_size, 3, &retlen)
-      || INT_ADD_WRAPV (prefix_length - (buf_size != 0), retlen, &retlen))
+  if (ckd_mul (&retlen, buf_size, 3)
+      || ckd_add (&retlen, retlen, prefix_length - (buf_size != 0)))
     string_overflow ();
   Lisp_Object ret = make_uninit_string (retlen);
   char *string = SSDATA (ret);
@@ -1266,6 +1282,23 @@ emacs_gnutls_certificate_details (gnutls_x509_crt_t cert)
       xfree (buf);
     }
 
+#ifdef HAVE_GNUTLS_KEYID_USE_SHA256
+  /* Public key ID, SHA-256 version. */
+  buf_size = 0;
+  err = gnutls_x509_crt_get_key_id (cert, GNUTLS_KEYID_USE_SHA256, NULL, &buf_size);
+  check_memory_full (err);
+  if (err == GNUTLS_E_SHORT_MEMORY_BUFFER)
+    {
+      void *buf = xmalloc (buf_size);
+      err = gnutls_x509_crt_get_key_id (cert, GNUTLS_KEYID_USE_SHA256, buf, &buf_size);
+      check_memory_full (err);
+      if (err >= GNUTLS_E_SUCCESS)
+	res = nconc2 (res, list2 (intern (":public-key-id-sha256"),
+				  gnutls_hex_string (buf, buf_size, "sha256:")));
+      xfree (buf);
+    }
+#endif
+
   /* Certificate fingerprint. */
   buf_size = 0;
   err = gnutls_x509_crt_get_fingerprint (cert, GNUTLS_DIG_SHA1,
@@ -1774,6 +1807,88 @@ gnutls_verify_boot (Lisp_Object proc, Lisp_Object proplist)
   return gnutls_make_error (ret);
 }
 
+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+
+/* Helper function for gnutls-boot.
+
+   The key :flags receives a list of symbols, each of which
+   corresponds to a GnuTLS C flag, the ORed result is to be passed to
+   the function `gnutls_certificate_set_x509_key_file2' as its last
+   argument.  */
+static unsigned int
+key_file2_aux (Lisp_Object flags)
+{
+  unsigned int rv = 0;
+  Lisp_Object tail = flags;
+  FOR_EACH_TAIL_SAFE (tail)
+    {
+      Lisp_Object flag = XCAR (tail);
+      if (EQ (flag, Qgnutls_pkcs_plain))
+	rv |= GNUTLS_PKCS_PLAIN;
+#ifdef GNUTLS_PKCS_PKCS12_3DES
+      else if (EQ (flag, Qgnutls_pkcs_pkcs12_3des))
+	rv |= GNUTLS_PKCS_PKCS12_3DES;
+#endif
+#ifdef GNUTLS_PKCS_PKCS12_ARCFOUR
+      else if (EQ (flag, Qgnutls_pkcs_pkcs12_arcfour))
+	rv |= GNUTLS_PKCS_PKCS12_ARCFOUR;
+#endif
+#ifdef GNUTLS_PKCS_PKCS12_RC2_40
+      else if (EQ (flag, Qgnutls_pkcs_pkcs12_rc2_40))
+	rv |= GNUTLS_PKCS_PKCS12_RC2_40;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_3DES
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_3des))
+	rv |= GNUTLS_PKCS_PBES2_3DES;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_AES_128
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_aes_128))
+	rv |= GNUTLS_PKCS_PBES2_AES_128;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_AES_192
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_aes_192))
+	rv |= GNUTLS_PKCS_PBES2_AES_192;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_AES_256
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_aes_256))
+	rv |= GNUTLS_PKCS_PBES2_AES_256;
+#endif
+      else if (EQ (flag, Qgnutls_pkcs_null_password))
+	rv |= GNUTLS_PKCS_NULL_PASSWORD;
+#ifdef GNUTLS_PKCS_PBES2_DES
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_des))
+	rv |= GNUTLS_PKCS_PBES2_DES;
+#endif
+#ifdef GNUTLS_PKCS_PBES1_DES_MD5
+      else if (EQ (flag, Qgnutls_pkcs_pbes1_des_md5))
+	rv |= GNUTLS_PKCS_PBES1_DES_MD5;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_GOST_TC26Z
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_gost_tc26z))
+	rv |= GNUTLS_PKCS_PBES2_GOST_TC26Z;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_GOST_CPA
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_gost_cpa))
+	rv |= GNUTLS_PKCS_PBES2_GOST_CPA;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_GOST_CPB
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_gost_cpb))
+	rv |= GNUTLS_PKCS_PBES2_GOST_CPB;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_GOST_CPC
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_gost_cpc))
+	rv |= GNUTLS_PKCS_PBES2_GOST_CPC;
+#endif
+#ifdef GNUTLS_PKCS_PBES2_GOST_CPD
+      else if (EQ (flag, Qgnutls_pkcs_pbes2_gost_cpd))
+	rv |= GNUTLS_PKCS_PBES2_GOST_CPD;
+#endif
+    }
+  return rv;
+}
+
+#endif /* HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2 */
+
 DEFUN ("gnutls-boot", Fgnutls_boot, Sgnutls_boot, 3, 3, 0,
        doc: /* Initialize GnuTLS client for process PROC with TYPE+PROPLIST.
 Currently only client mode is supported.  Return a success/failure
@@ -1813,6 +1928,22 @@ accept in Diffie-Hellman key exchange.
 :complete-negotiation, if non-nil, will make negotiation complete
 before returning even on non-blocking sockets.
 
+:pass, the password of the private key as per GnuTLS'
+gnutls_certificate_set_x509_key_file2.  Specify as nil to have a NULL
+password.
+
+:flags, a list of symbols relating to :pass, each specifying a flag:
+GNUTLS_PKCS_PLAIN, GNUTLS_PKCS_PKCS12_3DES,
+GNUTLS_PKCS_PKCS12_ARCFOUR, GNUTLS_PKCS_PKCS12_RC2_40,
+GNUTLS_PKCS_PBES2_3DES, GNUTLS_PKCS_PBES2_AES_128,
+GNUTLS_PKCS_PBES2_AES_192, GNUTLS_PKCS_PBES2_AES_256,
+GNUTLS_PKCS_NULL_PASSWORD, GNUTLS_PKCS_PBES2_DES,
+GNUTLS_PKCS_PBES2_DES_MD5, GNUTLS_PKCS_PBES2_GOST_TC26Z,
+GNUTLS_PKCS_PBES2_GOST_CPA, GNUTLS_PKCS_PBES2_GOST_CPB,
+GNUTLS_PKCS_PBES2_GOST_CPC, GNUTLS_PKCS_PBES2_GOST_CPD.  If not
+specified, or if nil, the bitflag with value 0 is used.
+Note that some of these are only supported since GnuTLS 3.6.3.
+
 The debug level will be set for this process AND globally for GnuTLS.
 So if you set it higher or lower at any point, it affects global
 debugging.
@@ -1825,6 +1956,9 @@ Processes must be initialized with this function before other GnuTLS
 functions are used.  This function allocates resources which can only
 be deallocated by calling `gnutls-deinit' or by calling it again.
 
+The :pass and :flags keys are ignored with old versions of GnuTLS, and
+:flags is ignored if :pass is not specified.
+
 The callbacks alist can have a `verify' key, associated with a
 verification function (UNUSED).
 
@@ -1842,16 +1976,22 @@ one trustfile (usually a CA bundle).  */)
   Lisp_Object global_init;
   char const *priority_string_ptr = "NORMAL"; /* default priority string.  */
   char *c_hostname;
+  const char *c_pass;
 
   /* Placeholders for the property list elements.  */
   Lisp_Object priority_string;
   Lisp_Object trustfiles;
   Lisp_Object crlfiles;
   Lisp_Object keylist;
+  Lisp_Object pass;
+  Lisp_Object flags;
   /* Lisp_Object callbacks; */
   Lisp_Object loglevel;
   Lisp_Object hostname;
   Lisp_Object prime_bits;
+#ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+  unsigned int aux_key_file;
+#endif
   struct Lisp_Process *p = XPROCESS (proc);
 
   CHECK_PROCESS (proc);
@@ -1877,6 +2017,13 @@ one trustfile (usually a CA bundle).  */)
   crlfiles              = plist_get (proplist, QCcrlfiles);
   loglevel              = plist_get (proplist, QCloglevel);
   prime_bits            = plist_get (proplist, QCmin_prime_bits);
+  pass                  = plist_get (proplist, QCpass);
+  flags                 = plist_get (proplist, QCflags);
+
+  if (STRINGP (pass))
+    c_pass = SSDATA (pass);
+  else
+    c_pass = NULL;
 
   if (!STRINGP (hostname))
     {
@@ -2038,6 +2185,20 @@ one trustfile (usually a CA bundle).  */)
 	      keyfile = ansi_encode_filename (keyfile);
 	      certfile = ansi_encode_filename (certfile);
 # endif
+# ifdef HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
+	      if (!NILP (plist_member (proplist, QCpass)))
+		{
+		  aux_key_file = key_file2_aux (flags);
+		  ret
+		    = gnutls_certificate_set_x509_key_file2 (x509_cred,
+							     SSDATA (certfile),
+							     SSDATA (keyfile),
+							     file_format,
+							     c_pass,
+							     aux_key_file);
+		}
+	      else
+# endif
 	      ret = gnutls_certificate_set_x509_key_file
 		(x509_cred, SSDATA (certfile), SSDATA (keyfile), file_format);
 
@@ -2238,7 +2399,7 @@ gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca,
 
   ptrdiff_t cipher_tag_size = gnutls_cipher_get_tag_size (gca);
   ptrdiff_t tagged_size;
-  if (INT_ADD_WRAPV (isize, cipher_tag_size, &tagged_size)
+  if (ckd_add (&tagged_size, isize, cipher_tag_size)
       || SIZE_MAX < tagged_size)
     memory_full (SIZE_MAX);
   size_t storage_length = tagged_size;
@@ -2265,6 +2426,9 @@ gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca,
       aead_auth_size = aend_byte - astart_byte;
     }
 
+  /* Only block ciphers require that ISIZE be a multiple of the block
+     size, and AEAD ciphers are not block ciphers.  */
+#if 0
   ptrdiff_t expected_remainder = encrypting ? 0 : cipher_tag_size;
   ptrdiff_t cipher_block_size = gnutls_cipher_get_block_size (gca);
 
@@ -2274,6 +2438,7 @@ gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca,
 	    "is not %"pD"d greater than a multiple of the required %"pD"d"),
            gnutls_cipher_get_name (gca), desc,
 	   isize, expected_remainder, cipher_block_size);
+#endif
 
   ret = ((encrypting ? gnutls_aead_cipher_encrypt : gnutls_aead_cipher_decrypt)
 	 (acipher, vdata, vsize, aead_auth_data, aead_auth_size,
@@ -2282,7 +2447,7 @@ gnutls_symmetric_aead (bool encrypting, gnutls_cipher_algorithm_t gca,
   Lisp_Object output;
   if (GNUTLS_E_SUCCESS <= ret)
     output = make_unibyte_string (storage, storage_length);
-  explicit_bzero (storage, storage_length);
+  memset_explicit (storage, 0, storage_length);
   gnutls_aead_cipher_deinit (acipher);
 
   if (ret < GNUTLS_E_SUCCESS)
@@ -2862,8 +3027,26 @@ level in the ones.  For builds without libgnutls, the value is -1.  */);
   DEFSYM (QCmin_prime_bits, ":min-prime-bits");
   DEFSYM (QCloglevel, ":loglevel");
   DEFSYM (QCcomplete_negotiation, ":complete-negotiation");
+  DEFSYM (QCpass, ":pass");
+  DEFSYM (QCflags, ":flags");
   DEFSYM (QCverify_flags, ":verify-flags");
   DEFSYM (QCverify_error, ":verify-error");
+  DEFSYM (Qgnutls_pkcs_plain, "GNUTLS_PKCS_PLAIN");
+  DEFSYM (Qgnutls_pkcs_pkcs12_3des, "GNUTLS_PKCS_PKCS12_3DES");
+  DEFSYM (Qgnutls_pkcs_pkcs12_arcfour, "GNUTLS_PKCS_PKCS12_ARCFOUR");
+  DEFSYM (Qgnutls_pkcs_pkcs12_rc2_40, "GNUTLS_PKCS_PKCS12_RC2_40");
+  DEFSYM (Qgnutls_pkcs_pbes2_3des, "GNUTLS_PKCS_PBES2_3DES");
+  DEFSYM (Qgnutls_pkcs_pbes2_aes_128, "GNUTLS_PKCS_PBES2_AES_128");
+  DEFSYM (Qgnutls_pkcs_pbes2_aes_192, "GNUTLS_PKCS_PBES2_AES_192");
+  DEFSYM (Qgnutls_pkcs_pbes2_aes_256, "GNUTLS_PKCS_PBES2_AES_256");
+  DEFSYM (Qgnutls_pkcs_null_password, "GNUTLS_PKCS_NULL_PASSWORD");
+  DEFSYM (Qgnutls_pkcs_pbes2_des, "GNUTLS_PKCS_PBES2_DES");
+  DEFSYM (Qgnutls_pkcs_pbes1_des_md5, "GNUTLS_PKCS_PBES1_DES_MD5");
+  DEFSYM (Qgnutls_pkcs_pbes2_gost_tc26z, "GNUTLS_PKCS_PBES2_GOST_TC26Z");
+  DEFSYM (Qgnutls_pkcs_pbes2_gost_cpa, "GNUTLS_PKCS_PBES2_GOST_CPA");
+  DEFSYM (Qgnutls_pkcs_pbes2_gost_cpb, "GNUTLS_PKCS_PBES2_GOST_CPB");
+  DEFSYM (Qgnutls_pkcs_pbes2_gost_cpc, "GNUTLS_PKCS_PBES2_GOST_CPC");
+  DEFSYM (Qgnutls_pkcs_pbes2_gost_cpd, "GNUTLS_PKCS_PBES2_GOST_CPD");
 
   DEFSYM (QCcipher_id, ":cipher-id");
   DEFSYM (QCcipher_aead_capable, ":cipher-aead-capable");