diff options
| author | lloyd <[email protected]> | 2012-05-25 22:52:00 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-05-25 22:52:00 +0000 |
| commit | 12090a7148d9ee73572cc1a7268fc489504a8173 (patch) | |
| tree | 51e50ce0852c56231e9e6dc13f168b10edd45d01 /src/kdf/prf_tls | |
| parent | 9594979caf775dc4062850044715b804d1fda60c (diff) | |
| parent | 65cc04445f8d40497f02a14bd8cb97081790e54b (diff) | |
propagate from branch 'net.randombit.botan.x509-path-validation' (head 63b5a20eab129ca13287fda33d2d02eec329708f)
to branch 'net.randombit.botan' (head 8b8150f09c55184f028f2929c4e7f7cd0d46d96e)
Diffstat (limited to 'src/kdf/prf_tls')
| -rw-r--r-- | src/kdf/prf_tls/info.txt | 1 | ||||
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.cpp | 25 | ||||
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.h | 4 |
3 files changed, 20 insertions, 10 deletions
diff --git a/src/kdf/prf_tls/info.txt b/src/kdf/prf_tls/info.txt index 9531a6a83..113c92251 100644 --- a/src/kdf/prf_tls/info.txt +++ b/src/kdf/prf_tls/info.txt @@ -1,4 +1,5 @@ define TLS_V10_PRF +define TLS_V12_PRF <requires> hmac diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp index 2b57cdd25..006b418c9 100644 --- a/src/kdf/prf_tls/prf_tls.cpp +++ b/src/kdf/prf_tls/prf_tls.cpp @@ -18,14 +18,23 @@ namespace { /* * TLS PRF P_hash function */ -void P_hash(MemoryRegion<byte>& output, +void P_hash(secure_vector<byte>& output, MessageAuthenticationCode* mac, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) { - mac->set_key(secret, secret_len); + try + { + mac->set_key(secret, secret_len); + } + catch(Invalid_Key_Length) + { + throw Internal_Error("The premaster secret of " + + std::to_string(secret_len) + + " bytes is too long for the PRF"); + } - SecureVector<byte> A(seed, seed_len); + secure_vector<byte> A(seed, seed + seed_len); size_t offset = 0; @@ -38,7 +47,7 @@ void P_hash(MemoryRegion<byte>& output, mac->update(A); mac->update(seed, seed_len); - SecureVector<byte> block = mac->final(); + secure_vector<byte> block = mac->final(); xor_buf(&output[offset], &block[0], this_block_len); offset += this_block_len; @@ -65,11 +74,11 @@ TLS_PRF::~TLS_PRF() /* * TLS PRF */ -SecureVector<byte> TLS_PRF::derive(size_t key_len, +secure_vector<byte> TLS_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { - SecureVector<byte> output(key_len); + secure_vector<byte> output(key_len); size_t S1_len = (secret_len + 1) / 2, S2_len = (secret_len + 1) / 2; @@ -94,11 +103,11 @@ TLS_12_PRF::~TLS_12_PRF() delete hmac; } -SecureVector<byte> TLS_12_PRF::derive(size_t key_len, +secure_vector<byte> TLS_12_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { - SecureVector<byte> output(key_len); + secure_vector<byte> output(key_len); P_hash(output, hmac, secret, secret_len, seed, seed_len); diff --git a/src/kdf/prf_tls/prf_tls.h b/src/kdf/prf_tls/prf_tls.h index 5237f17c0..fce11eae0 100644 --- a/src/kdf/prf_tls/prf_tls.h +++ b/src/kdf/prf_tls/prf_tls.h @@ -20,7 +20,7 @@ namespace Botan { class BOTAN_DLL TLS_PRF : public KDF { public: - SecureVector<byte> derive(size_t key_len, + secure_vector<byte> derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const; @@ -40,7 +40,7 @@ class BOTAN_DLL TLS_PRF : public KDF class BOTAN_DLL TLS_12_PRF : public KDF { public: - SecureVector<byte> derive(size_t key_len, + secure_vector<byte> derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const; |