diff options
| author | lloyd <[email protected]> | 2014-01-10 03:41:59 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2014-01-10 03:41:59 +0000 |
| commit | 6894dca64c04936d07048c0e8cbf7e25858548c3 (patch) | |
| tree | 5d572bfde9fe667dab14e3f04b5285a85d8acd95 /src/lib/tls/msg_hello_verify.cpp | |
| parent | 9efa3be92442afb3d0b69890a36c7f122df18eda (diff) | |
Move lib into src
Diffstat (limited to 'src/lib/tls/msg_hello_verify.cpp')
| -rw-r--r-- | src/lib/tls/msg_hello_verify.cpp | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/src/lib/tls/msg_hello_verify.cpp b/src/lib/tls/msg_hello_verify.cpp new file mode 100644 index 000000000..f8a117c03 --- /dev/null +++ b/src/lib/tls/msg_hello_verify.cpp @@ -0,0 +1,69 @@ +/* +* DTLS Hello Verify Request +* (C) 2012 Jack Lloyd +* +* Released under the terms of the Botan license +*/ + +#include <botan/internal/tls_messages.h> +#include <botan/lookup.h> +#include <memory> + +namespace Botan { + +namespace TLS { + +Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& buf) + { + if(buf.size() < 3) + throw Decoding_Error("Hello verify request too small"); + + Protocol_Version version(buf[0], buf[1]); + + if(version != Protocol_Version::DTLS_V10 && + version != Protocol_Version::DTLS_V12) + { + throw Decoding_Error("Unknown version from server in hello verify request"); + } + + if(static_cast<size_t>(buf[2]) + 3 != buf.size()) + throw Decoding_Error("Bad length in hello verify request"); + + m_cookie.assign(&buf[3], &buf[buf.size()]); + } + +Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& client_hello_bits, + const std::string& client_identity, + const SymmetricKey& secret_key) + { + std::unique_ptr<MessageAuthenticationCode> hmac(get_mac("HMAC(SHA-256)")); + hmac->set_key(secret_key); + + hmac->update_be(client_hello_bits.size()); + hmac->update(client_hello_bits); + hmac->update_be(client_identity.size()); + hmac->update(client_identity); + + m_cookie = unlock(hmac->final()); + } + +std::vector<byte> Hello_Verify_Request::serialize() const + { + /* DTLS 1.2 server implementations SHOULD use DTLS version 1.0 + regardless of the version of TLS that is expected to be + negotiated (RFC 6347, section 4.2.1) + */ + + Protocol_Version format_version(Protocol_Version::DTLS_V10); + + std::vector<byte> bits; + bits.push_back(format_version.major_version()); + bits.push_back(format_version.minor_version()); + bits.push_back(static_cast<byte>(m_cookie.size())); + bits += m_cookie; + return bits; + } + +} + +} |