aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-04-27 18:51:08 +0000
committerlloyd <[email protected]>2010-04-27 18:51:08 +0000
commit5a234818cb1e987e0fd950b987bb695ebeeac783 (patch)
tree3534da74a18c42a01ebd21788de7b978edcace59
parentfe7818196e5caf898a0b67658b53adcb9a50a1c3 (diff)
Remove add_entropy_vec. Much cleaner way of doing this: add the entire
contents of all SSL/TLS handshake messages into the PRNG input.
-rw-r--r--src/rng/rng.h3
-rw-r--r--src/ssl/tls_client.cpp4
-rw-r--r--src/ssl/tls_server.cpp4
3 files changed, 4 insertions, 7 deletions
diff --git a/src/rng/rng.h b/src/rng/rng.h
index e0c361fd5..c53d8e22d 100644
--- a/src/rng/rng.h
+++ b/src/rng/rng.h
@@ -74,9 +74,6 @@ class BOTAN_DLL RandomNumberGenerator
*/
virtual void add_entropy(const byte in[], u32bit length) = 0;
- void add_entropy_vec(const MemoryRegion<byte>& vec)
- { add_entropy(&vec[0], vec.size()); }
-
RandomNumberGenerator() {}
virtual ~RandomNumberGenerator() {}
private:
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp
index bb00886b4..8a4275d93 100644
--- a/src/ssl/tls_client.cpp
+++ b/src/ssl/tls_client.cpp
@@ -363,6 +363,8 @@ void TLS_Client::read_handshake(byte rec_type,
void TLS_Client::process_handshake_msg(Handshake_Type type,
const MemoryRegion<byte>& contents)
{
+ rng.add_entropy(&contents[0], contents.size());
+
if(type == HELLO_REQUEST)
{
if(state == 0)
@@ -405,8 +407,6 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
state->version = state->server_hello->version();
- rng.add_entropy_vec(state->server_hello->random());
-
if(state->version > state->client_hello->version())
throw TLS_Exception(HANDSHAKE_FAILURE,
"TLS_Client: Server replied with bad version");
diff --git a/src/ssl/tls_server.cpp b/src/ssl/tls_server.cpp
index a6e1a8758..a4cfcf7de 100644
--- a/src/ssl/tls_server.cpp
+++ b/src/ssl/tls_server.cpp
@@ -325,6 +325,8 @@ void TLS_Server::read_handshake(byte rec_type,
void TLS_Server::process_handshake_msg(Handshake_Type type,
const MemoryRegion<byte>& contents)
{
+ rng.add_entropy(&contents[0], contents.size());
+
if(state == 0)
throw Unexpected_Message("Unexpected handshake message");
@@ -348,8 +350,6 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
state->client_hello = new Client_Hello(contents, type);
- rng.add_entropy_vec(state->client_hello->random());
-
client_requested_hostname = state->client_hello->hostname();
state->version = choose_version(state->client_hello->version(),