diff options
| author | lloyd <[email protected]> | 2010-09-13 15:54:50 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-09-13 15:54:50 +0000 |
| commit | 36bfef27271eadffefbc6891a9d7fa7eed7b1e10 (patch) | |
| tree | 81fe9b37bb580cedba5bb25ac04dfecdd36b18de /src/ssl/c_kex.cpp | |
| parent | 4a7e9edcc92b08a285ea24549fd8c813d10b63b9 (diff) | |
More vector->pointer conversion removals.
Add RandomNumberGenerator::random_vec, which takes an length n and
returns a new SecureVector with randomized contents of that size. This
nicely covers most of the cases where randomize was being called on a
vector, and is a little cleaner in the code as well, instead of
vec.resize(length);
rng.randomize(&vec[0], vec.size());
we just write
vec = rng.random_vec(length);
Diffstat (limited to 'src/ssl/c_kex.cpp')
| -rw-r--r-- | src/ssl/c_kex.cpp | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/ssl/c_kex.cpp b/src/ssl/c_kex.cpp index 5194c8c3d..fafb67d3d 100644 --- a/src/ssl/c_kex.cpp +++ b/src/ssl/c_kex.cpp @@ -40,8 +40,7 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng, } else if(const RSA_PublicKey* rsa_pub = dynamic_cast<const RSA_PublicKey*>(pub_key)) { - pre_master.resize(48); - rng.randomize(pre_master, 48); + pre_master = rng.random_vec(48); pre_master[0] = (pref_version >> 8) & 0xFF; pre_master[1] = (pref_version ) & 0xFF; @@ -123,8 +122,13 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng, } catch(...) { - pre_master.resize(dh_priv->public_value().size()); - rng.randomize(pre_master, pre_master.size()); + /* + * Something failed in the DH computation. To avoid possible + * timing attacks, randomize the pre-master output and carry + * on, allowing the protocol to fail later in the finished + * checks. + */ + pre_master = rng.random_vec(dh_priv->public_value().size()); } return pre_master; @@ -142,8 +146,7 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng, } catch(...) { - pre_master.resize(48); - rng.randomize(pre_master, pre_master.size()); + pre_master = rng.random_vec(48); pre_master[0] = (version >> 8) & 0xFF; pre_master[1] = (version ) & 0xFF; } |