aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/s_kex.cpp
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-03-08 15:36:18 +0000
committerlloyd <[email protected]>2010-03-08 15:36:18 +0000
commit8a47f6f2bbf169a2ea0853234f81b49070c770df (patch)
tree2633ed0d927faf23a067aa88d6cceb9de29f0be4 /src/ssl/s_kex.cpp
parent05f6d6c8edec9907778f362c927f368140fee6a2 (diff)
Modify pubkey classes to take names instead of object pointers.
Remove use of look_pk from the source and examples, instead instantiate classes directly.
Diffstat (limited to 'src/ssl/s_kex.cpp')
-rw-r--r--src/ssl/s_kex.cpp62
1 files changed, 33 insertions, 29 deletions
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index d568ef14f..94b17cb7e 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -6,10 +6,10 @@
*/
#include <botan/tls_messages.h>
+#include <botan/pubkey.h>
#include <botan/dh.h>
#include <botan/rsa.h>
#include <botan/dsa.h>
-#include <botan/look_pk.h>
#include <botan/loadstor.h>
#include <memory>
@@ -43,25 +43,27 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng,
else
throw Invalid_Argument("Bad key for TLS key exchange: not DH or RSA");
- std::auto_ptr<PK_Signer> signer;
- if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key))
- {
- signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)"));
- }
- else if(const DSA_PrivateKey* dsa =
- dynamic_cast<const DSA_PrivateKey*>(priv_key))
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
+
+ if(priv_key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(priv_key->algo_name() == "DSA")
{
- signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)"));
- signer->set_output_format(DER_SEQUENCE);
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
}
else
- throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA");
+ throw Invalid_Argument(priv_key->algo_name() +
+ " is invalid/unknown for TLS signatures");
+
+ PK_Signer signer(*priv_key, padding, format);
- signer->update(c_random);
- signer->update(s_random);
- signer->update(serialize_params());
- signature = signer->signature(rng);
+ signer.update(c_random);
+ signer.update(s_random);
+ signer.update(serialize_params());
+ signature = signer.signature(rng);
send(writer, hash);
}
@@ -154,29 +156,31 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert,
const MemoryRegion<byte>& c_random,
const MemoryRegion<byte>& s_random) const
{
- std::auto_ptr<Public_Key> key(cert.subject_public_key());
- DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get());
- RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get());
+ std::auto_ptr<Public_Key> key(cert.subject_public_key());
- std::auto_ptr<PK_Verifier> verifier;
+ std::string padding = "";
+ Signature_Format format = IEEE_1363;
- if(dsa_pub)
+ if(key->algo_name() == "RSA")
+ padding = "EMSA3(TLS.Digest.0)";
+ else if(key->algo_name() == "DSA")
{
- verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE));
- verifier->set_input_format(DER_SEQUENCE);
+ padding == "EMSA1(SHA-1)";
+ format = DER_SEQUENCE;
}
- else if(rsa_pub)
- verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)"));
else
- throw Invalid_Argument("Server did not provide a RSA/DSA cert");
+ throw Invalid_Argument(key->algo_name() +
+ " is invalid/unknown for TLS signatures");
+
+ PK_Verifier verifier(*key, padding, format);
SecureVector<byte> params_got = serialize_params();
- verifier->update(c_random);
- verifier->update(s_random);
- verifier->update(params_got);
+ verifier.update(c_random);
+ verifier.update(s_random);
+ verifier.update(params_got);
- return verifier->check_signature(signature, signature.size());
+ return verifier.check_signature(signature, signature.size());
}
}