diff options
| author | lloyd <[email protected]> | 2011-12-29 02:41:53 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2011-12-29 02:41:53 +0000 |
| commit | caa9dfa12cf69bb4ab88c399e61e856fedb24900 (patch) | |
| tree | 2df3665d97199c4150515667e89272679210f069 | |
| parent | 6432abc730f65328affb4f0ca7c0116b3ded353f (diff) | |
Clean up the ordering of constructor args to the various message types
| -rw-r--r-- | src/tls/c_kex.cpp | 22 | ||||
| -rw-r--r-- | src/tls/cert_req.cpp | 4 | ||||
| -rw-r--r-- | src/tls/cert_ver.cpp | 4 | ||||
| -rw-r--r-- | src/tls/finished.cpp | 7 | ||||
| -rw-r--r-- | src/tls/hello.cpp | 22 | ||||
| -rw-r--r-- | src/tls/s_kex.cpp | 8 | ||||
| -rw-r--r-- | src/tls/tls_client.cpp | 22 | ||||
| -rw-r--r-- | src/tls/tls_messages.h | 84 | ||||
| -rw-r--r-- | src/tls/tls_server.cpp | 34 |
9 files changed, 108 insertions, 99 deletions
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp index ced31f870..341ae1e14 100644 --- a/src/tls/c_kex.cpp +++ b/src/tls/c_kex.cpp @@ -16,12 +16,12 @@ namespace Botan { -/** +/* * Create a new Client Key Exchange message */ -Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng, - Record_Writer& writer, +Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer, TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const Public_Key* pub_key, Version_Code using_version, Version_Code pref_version) @@ -57,7 +57,7 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng, send(writer, hash); } -/** +/* * Read a Client Key Exchange message */ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents, @@ -72,7 +72,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents, deserialize(contents); } -/** +/* * Serialize a Client Key Exchange message */ MemoryVector<byte> Client_Key_Exchange::serialize() const @@ -87,7 +87,7 @@ MemoryVector<byte> Client_Key_Exchange::serialize() const return key_material; } -/** +/* * Deserialize a Client Key Exchange message */ void Client_Key_Exchange::deserialize(const MemoryRegion<byte>& buf) @@ -101,7 +101,7 @@ void Client_Key_Exchange::deserialize(const MemoryRegion<byte>& buf) key_material = buf; } -/** +/* * Return the pre_master_secret */ SecureVector<byte> @@ -154,12 +154,4 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng, throw Invalid_Argument("Client_Key_Exchange: Bad key for decrypt"); } -/** -* Return the pre_master_secret -*/ -SecureVector<byte> Client_Key_Exchange::pre_master_secret() const - { - return pre_master; - } - } diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp index 85c017fac..78c786262 100644 --- a/src/tls/cert_req.cpp +++ b/src/tls/cert_req.cpp @@ -89,8 +89,8 @@ void Certificate_Req::deserialize(const MemoryRegion<byte>& buf) * Create a new Certificate message */ Certificate::Certificate(Record_Writer& writer, - const std::vector<X509_Certificate>& cert_list, - TLS_Handshake_Hash& hash) + TLS_Handshake_Hash& hash, + const std::vector<X509_Certificate>& cert_list) { certs = cert_list; send(writer, hash); diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp index e4dd7a840..5a20e3029 100644 --- a/src/tls/cert_ver.cpp +++ b/src/tls/cert_ver.cpp @@ -20,9 +20,9 @@ namespace Botan { /* * Create a new Certificate Verify message */ -Certificate_Verify::Certificate_Verify(RandomNumberGenerator& rng, - Record_Writer& writer, +Certificate_Verify::Certificate_Verify(Record_Writer& writer, TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const Private_Key* priv_key) { BOTAN_ASSERT_NONNULL(priv_key); diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp index bc072bc9d..c8d0173da 100644 --- a/src/tls/finished.cpp +++ b/src/tls/finished.cpp @@ -14,9 +14,10 @@ namespace Botan { * Create a new Finished message */ Finished::Finished(Record_Writer& writer, - Version_Code version, Connection_Side side, - const MemoryRegion<byte>& master_secret, - TLS_Handshake_Hash& hash) + TLS_Handshake_Hash& hash, + Version_Code version, + Connection_Side side, + const MemoryRegion<byte>& master_secret) { verification_data = compute_verify(master_secret, hash, side, version); send(writer, hash); diff --git a/src/tls/hello.cpp b/src/tls/hello.cpp index 510aabb3a..0343b649e 100644 --- a/src/tls/hello.cpp +++ b/src/tls/hello.cpp @@ -63,10 +63,10 @@ void Hello_Request::deserialize(const MemoryRegion<byte>& buf) /* * Create a new Client Hello message */ -Client_Hello::Client_Hello(RandomNumberGenerator& rng, - Record_Writer& writer, +Client_Hello::Client_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, const TLS_Policy& policy, - TLS_Handshake_Hash& hash) + RandomNumberGenerator& rng) { c_random = rng.random_vec(32); @@ -221,14 +221,14 @@ bool Client_Hello::offered_suite(u16bit ciphersuite) const /* * Create a new Server Hello message */ -Server_Hello::Server_Hello(RandomNumberGenerator& rng, - Record_Writer& writer, +Server_Hello::Server_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, const TLS_Policy& policy, + RandomNumberGenerator& rng, const std::vector<X509_Certificate>& certs, const Client_Hello& c_hello, const MemoryRegion<byte>& session_id, - Version_Code ver, - TLS_Handshake_Hash& hash) : + Version_Code ver) : s_version(ver), sess_id(session_id), s_random(rng.random_vec(32)) @@ -259,13 +259,13 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng, /* * Create a new Server Hello message */ -Server_Hello::Server_Hello(RandomNumberGenerator& rng, - Record_Writer& writer, +Server_Hello::Server_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const MemoryRegion<byte>& session_id, u16bit ciphersuite, byte compression, - Version_Code ver, - TLS_Handshake_Hash& hash) : + Version_Code ver) : s_version(ver), sess_id(session_id), s_random(rng.random_vec(32)), diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index dd79e527e..150f13474 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -19,13 +19,13 @@ namespace Botan { /** * Create a new Server Key Exchange message */ -Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng, - Record_Writer& writer, +Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, + TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const Public_Key* kex_key, const Private_Key* priv_key, const MemoryRegion<byte>& c_random, - const MemoryRegion<byte>& s_random, - TLS_Handshake_Hash& hash) + const MemoryRegion<byte>& s_random) { const DH_PublicKey* dh_pub = dynamic_cast<const DH_PublicKey*>(kex_key); const RSA_PublicKey* rsa_pub = dynamic_cast<const RSA_PublicKey*>(kex_key); diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index b58a6766f..19ae44ace 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -31,7 +31,7 @@ TLS_Client::TLS_Client(std::tr1::function<void (const byte[], size_t)> output_fn state = new Handshake_State; state->set_expected_next(SERVER_HELLO); - state->client_hello = new Client_Hello(rng, writer, policy, state->hash); + state->client_hello = new Client_Hello(writer, state->hash, policy, rng); } void TLS_Client::add_client_cert(const X509_Certificate& cert, @@ -74,7 +74,7 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, if(type == HELLO_REQUEST) { Hello_Request hello_request(contents); - state->client_hello = new Client_Hello(rng, writer, policy, state->hash); + state->client_hello = new Client_Hello( writer, state->hash, policy, rng); } else if(type == SERVER_HELLO) { @@ -213,21 +213,21 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, state->cert_req->acceptable_types(); // FIXME: Fill in useful certs here, if any - state->client_certs = new Certificate(writer, send_certs, - state->hash); + state->client_certs = new Certificate(writer, + state->hash, + send_certs); } state->client_kex = - new Client_Key_Exchange(rng, writer, state->hash, + new Client_Key_Exchange(writer, state->hash, rng, state->kex_pub, state->version, state->client_hello->version()); if(state->received_handshake_msg(CERTIFICATE_REQUEST)) { Private_Key* key_matching_cert = 0; // FIXME - state->client_verify = new Certificate_Verify(rng, - writer, state->hash, - key_matching_cert); + state->client_verify = new Certificate_Verify(writer, state->hash, + rng, key_matching_cert); } state->keys = SessionKeys(state->suite, state->version, @@ -239,9 +239,9 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, writer.set_keys(state->suite, state->keys, CLIENT); - state->client_finished = new Finished(writer, state->version, CLIENT, - state->keys.master_secret(), - state->hash); + state->client_finished = new Finished(writer, state->hash, + state->version, CLIENT, + state->keys.master_secret()); } else if(type == HANDSHAKE_CCS) { diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index 51569fbc0..68d564fff 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -28,7 +28,7 @@ class Record_Reader; class HandshakeMessage { public: - void send(Record_Writer&, TLS_Handshake_Hash&) const; + void send(Record_Writer& writer, TLS_Handshake_Hash& hash) const; virtual Handshake_Type type() const = 0; @@ -67,8 +67,10 @@ class Client_Hello : public HandshakeMessage bool offered_suite(u16bit) const; - Client_Hello(RandomNumberGenerator& rng, - Record_Writer&, const TLS_Policy&, TLS_Handshake_Hash&); + Client_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, + const TLS_Policy& policy, + RandomNumberGenerator& rng); Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type) @@ -81,8 +83,8 @@ class Client_Hello : public HandshakeMessage private: MemoryVector<byte> serialize() const; - void deserialize(const MemoryRegion<byte>&); - void deserialize_sslv2(const MemoryRegion<byte>&); + void deserialize(const MemoryRegion<byte>& buf); + void deserialize_sslv2(const MemoryRegion<byte>& buf); Version_Code c_version; MemoryVector<byte> sess_id, c_random; @@ -100,15 +102,16 @@ class Client_Key_Exchange : public HandshakeMessage public: Handshake_Type type() const { return CLIENT_KEX; } - SecureVector<byte> pre_master_secret() const; + const SecureVector<byte>& pre_master_secret() const + { return pre_master; } SecureVector<byte> pre_master_secret(RandomNumberGenerator& rng, const Private_Key* key, Version_Code version); - Client_Key_Exchange(RandomNumberGenerator& rng, - Record_Writer& output, + Client_Key_Exchange(Record_Writer& output, TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const Public_Key* my_key, Version_Code using_version, Version_Code pref_version); @@ -136,8 +139,10 @@ class Certificate : public HandshakeMessage size_t count() const { return certs.size(); } bool empty() const { return certs.empty(); } - Certificate(Record_Writer&, const std::vector<X509_Certificate>&, - TLS_Handshake_Hash&); + Certificate(Record_Writer& writer, + TLS_Handshake_Hash& hash, + const std::vector<X509_Certificate>& certs); + Certificate(const MemoryRegion<byte>& buf) { deserialize(buf); } private: MemoryVector<byte> serialize() const; @@ -191,9 +196,9 @@ class Certificate_Verify : public HandshakeMessage Version_Code version, const SecureVector<byte>& master_secret); - Certificate_Verify(RandomNumberGenerator& rng, - Record_Writer& writer, + Certificate_Verify(Record_Writer& writer, TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const Private_Key* key); Certificate_Verify(const MemoryRegion<byte>& buf) { deserialize(buf); } @@ -212,19 +217,26 @@ class Finished : public HandshakeMessage public: Handshake_Type type() const { return FINISHED; } - bool verify(const MemoryRegion<byte>&, Version_Code, - const TLS_Handshake_Hash&, Connection_Side); + bool verify(const MemoryRegion<byte>& buf, + Version_Code version, + const TLS_Handshake_Hash& hash, + Connection_Side side); + + Finished(Record_Writer& writer, + TLS_Handshake_Hash& hash, + Version_Code version, + Connection_Side side, + const MemoryRegion<byte>& master_secret); - Finished(Record_Writer&, Version_Code, Connection_Side, - const MemoryRegion<byte>&, TLS_Handshake_Hash&); Finished(const MemoryRegion<byte>& buf) { deserialize(buf); } private: MemoryVector<byte> serialize() const; void deserialize(const MemoryRegion<byte>&); - MemoryVector<byte> compute_verify(const MemoryRegion<byte>&, - TLS_Handshake_Hash, Connection_Side, - Version_Code); + MemoryVector<byte> compute_verify(const MemoryRegion<byte>& master_secret, + TLS_Handshake_Hash hash, + Connection_Side side, + Version_Code version); Connection_Side side; MemoryVector<byte> verification_data; @@ -266,22 +278,22 @@ class Server_Hello : public HandshakeMessage const MemoryVector<byte>& random() const { return s_random; } - Server_Hello(RandomNumberGenerator& rng, - Record_Writer& writer, + Server_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, const TLS_Policy& policies, + RandomNumberGenerator& rng, const std::vector<X509_Certificate>& certs, const Client_Hello& other, const MemoryRegion<byte>& session_id, - Version_Code version, - TLS_Handshake_Hash& hash); + Version_Code version); - Server_Hello(RandomNumberGenerator& rng, - Record_Writer& writer, + Server_Hello(Record_Writer& writer, + TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, const MemoryRegion<byte>& session_id, u16bit ciphersuite, byte compression, - Version_Code ver, - TLS_Handshake_Hash& hash); + Version_Code ver); Server_Hello(const MemoryRegion<byte>& buf) { deserialize(buf); } private: @@ -303,13 +315,17 @@ class Server_Key_Exchange : public HandshakeMessage Handshake_Type type() const { return SERVER_KEX; } Public_Key* key() const; - bool verify(const X509_Certificate&, const MemoryRegion<byte>&, - const MemoryRegion<byte>&) const; + bool verify(const X509_Certificate& cert, + const MemoryRegion<byte>& c_random, + const MemoryRegion<byte>& s_random) const; - Server_Key_Exchange(RandomNumberGenerator& rng, - Record_Writer&, const Public_Key*, - const Private_Key*, const MemoryRegion<byte>&, - const MemoryRegion<byte>&, TLS_Handshake_Hash&); + Server_Key_Exchange(Record_Writer& writer, + TLS_Handshake_Hash& hash, + RandomNumberGenerator& rng, + const Public_Key* kex_key, + const Private_Key* priv_key, + const MemoryRegion<byte>& c_random, + const MemoryRegion<byte>& s_random); Server_Key_Exchange(const MemoryRegion<byte>& buf) { deserialize(buf); } private: @@ -329,7 +345,7 @@ class Server_Hello_Done : public HandshakeMessage public: Handshake_Type type() const { return SERVER_HELLO_DONE; } - Server_Hello_Done(Record_Writer&, TLS_Handshake_Hash&); + Server_Hello_Done(Record_Writer& writer, TLS_Handshake_Hash& hash); Server_Hello_Done(const MemoryRegion<byte>& buf) { deserialize(buf); } private: MemoryVector<byte> serialize() const; diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index 16bf554d3..090a55566 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -167,13 +167,13 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, { // resume session state->server_hello = new Server_Hello( - rng, writer, + state->hash, + rng, session_info.session_id(), session_info.ciphersuite(), session_info.compression_method(), - Version_Code(session_info.version()), - state->hash); + Version_Code(session_info.version())); state->suite = CipherSuite(state->server_hello->ciphersuite()); @@ -187,31 +187,32 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, writer.set_keys(state->suite, state->keys, SERVER); - state->server_finished = new Finished(writer, state->version, SERVER, - state->keys.master_secret(), - state->hash); + state->server_finished = new Finished(writer, state->hash, + state->version, SERVER, + state->keys.master_secret()); state->set_expected_next(HANDSHAKE_CCS); } else // new session { state->server_hello = new Server_Hello( - rng, writer, + state->hash, policy, + rng, cert_chain, *(state->client_hello), rng.random_vec(32), - state->version, - state->hash); + state->version); state->suite = CipherSuite(state->server_hello->ciphersuite()); if(state->suite.sig_type() != TLS_ALGO_SIGNER_ANON) { // FIXME: should choose certs based on sig type - state->server_certs = new Certificate(writer, cert_chain, - state->hash); + state->server_certs = new Certificate(writer, + state->hash, + cert_chain); } if(state->suite.kex_type() == TLS_ALGO_KEYEXCH_NOKEX) @@ -231,11 +232,10 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, throw Internal_Error("TLS_Server: Unknown ciphersuite kex type"); state->server_kex = - new Server_Key_Exchange(rng, writer, + new Server_Key_Exchange(writer, state->hash, rng, state->kex_priv, private_key, state->client_hello->random(), - state->server_hello->random(), - state->hash); + state->server_hello->random()); if(policy.require_client_auth()) { @@ -339,9 +339,9 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, writer.set_keys(state->suite, state->keys, SERVER); - state->server_finished = new Finished(writer, state->version, SERVER, - state->keys.master_secret(), - state->hash); + state->server_finished = new Finished(writer, state->hash, + state->version, SERVER, + state->keys.master_secret()); std::vector<X509_Certificate> peer_certs; |