propagate from branch 'net.randombit.botan.x509-path-validation' (head 63b5a20eab129ca13287fda33d2d02eec329708f)

to branch 'net.randombit.botan' (head 8b8150f09c55184f028f2929c4e7f7cd0d46d96e)
author: lloyd <[email protected]> 2012-05-25 22:52:00 +0000
committer: lloyd <[email protected]> 2012-05-25 22:52:00 +0000
commit: 12090a7148d9ee73572cc1a7268fc489504a8173 (patch)
tree: 51e50ce0852c56231e9e6dc13f168b10edd45d01 /src/kdf/prf_tls/prf_tls.cpp
parent: 9594979caf775dc4062850044715b804d1fda60c (diff)
parent: 65cc04445f8d40497f02a14bd8cb97081790e54b (diff)
1 files changed, 17 insertions, 8 deletions
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp
index 2b57cdd25..006b418c9 100644
--- a/src/kdf/prf_tls/prf_tls.cpp
+++ b/src/kdf/prf_tls/prf_tls.cpp
@@ -18,14 +18,23 @@ namespace {
 /*
 * TLS PRF P_hash function
 */
-void P_hash(MemoryRegion<byte>& output,
+void P_hash(secure_vector<byte>& output,
             MessageAuthenticationCode* mac,
             const byte secret[], size_t secret_len,
             const byte seed[], size_t seed_len)
    {
-   mac->set_key(secret, secret_len);
+   try
+      {
+      mac->set_key(secret, secret_len);
+      }
+   catch(Invalid_Key_Length)
+      {
+      throw Internal_Error("The premaster secret of " +
+                           std::to_string(secret_len) +
+                           " bytes is too long for the PRF");
+      }
 
-   SecureVector<byte> A(seed, seed_len);
+   secure_vector<byte> A(seed, seed + seed_len);
 
    size_t offset = 0;
 
@@ -38,7 +47,7 @@ void P_hash(MemoryRegion<byte>& output,
 
       mac->update(A);
       mac->update(seed, seed_len);
-      SecureVector<byte> block = mac->final();
+      secure_vector<byte> block = mac->final();
 
       xor_buf(&output[offset], &block[0], this_block_len);
       offset += this_block_len;
@@ -65,11 +74,11 @@ TLS_PRF::~TLS_PRF()
 /*
 * TLS PRF
 */
-SecureVector<byte> TLS_PRF::derive(size_t key_len,
+secure_vector<byte> TLS_PRF::derive(size_t key_len,
                                    const byte secret[], size_t secret_len,
                                    const byte seed[], size_t seed_len) const
    {
-   SecureVector<byte> output(key_len);
+   secure_vector<byte> output(key_len);
 
    size_t S1_len = (secret_len + 1) / 2,
           S2_len = (secret_len + 1) / 2;
@@ -94,11 +103,11 @@ TLS_12_PRF::~TLS_12_PRF()
    delete hmac;
    }
 
-SecureVector<byte> TLS_12_PRF::derive(size_t key_len,
+secure_vector<byte> TLS_12_PRF::derive(size_t key_len,
                                       const byte secret[], size_t secret_len,
                                       const byte seed[], size_t seed_len) const
    {
-   SecureVector<byte> output(key_len);
+   secure_vector<byte> output(key_len);
 
    P_hash(output, hmac, secret, secret_len, seed, seed_len);
author	lloyd <[email protected]>	2012-05-25 22:52:00 +0000
committer	lloyd <[email protected]>	2012-05-25 22:52:00 +0000
commit	12090a7148d9ee73572cc1a7268fc489504a8173 (patch)
tree	51e50ce0852c56231e9e6dc13f168b10edd45d01 /src/kdf/prf_tls/prf_tls.cpp
parent	9594979caf775dc4062850044715b804d1fda60c (diff)
parent	65cc04445f8d40497f02a14bd8cb97081790e54b (diff)