diff options
author | lloyd <[email protected]> | 2010-03-08 15:36:18 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-03-08 15:36:18 +0000 |
commit | 8a47f6f2bbf169a2ea0853234f81b49070c770df (patch) | |
tree | 2633ed0d927faf23a067aa88d6cceb9de29f0be4 /src/ssl/s_kex.cpp | |
parent | 05f6d6c8edec9907778f362c927f368140fee6a2 (diff) |
Modify pubkey classes to take names instead of object pointers.
Remove use of look_pk from the source and examples, instead
instantiate classes directly.
Diffstat (limited to 'src/ssl/s_kex.cpp')
-rw-r--r-- | src/ssl/s_kex.cpp | 62 |
1 files changed, 33 insertions, 29 deletions
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp index d568ef14f..94b17cb7e 100644 --- a/src/ssl/s_kex.cpp +++ b/src/ssl/s_kex.cpp @@ -6,10 +6,10 @@ */ #include <botan/tls_messages.h> +#include <botan/pubkey.h> #include <botan/dh.h> #include <botan/rsa.h> #include <botan/dsa.h> -#include <botan/look_pk.h> #include <botan/loadstor.h> #include <memory> @@ -43,25 +43,27 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng, else throw Invalid_Argument("Bad key for TLS key exchange: not DH or RSA"); - std::auto_ptr<PK_Signer> signer; - if(const RSA_PrivateKey* rsa = dynamic_cast<const RSA_PrivateKey*>(priv_key)) - { - signer.reset(get_pk_signer(*rsa, "EMSA3(TLS.Digest.0)")); - } - else if(const DSA_PrivateKey* dsa = - dynamic_cast<const DSA_PrivateKey*>(priv_key)) + std::string padding = ""; + Signature_Format format = IEEE_1363; + + if(priv_key->algo_name() == "RSA") + padding = "EMSA3(TLS.Digest.0)"; + else if(priv_key->algo_name() == "DSA") { - signer.reset(get_pk_signer(*dsa, "EMSA1(SHA-1)")); - signer->set_output_format(DER_SEQUENCE); + padding == "EMSA1(SHA-1)"; + format = DER_SEQUENCE; } else - throw Invalid_Argument("Bad key for TLS signature: not RSA or DSA"); + throw Invalid_Argument(priv_key->algo_name() + + " is invalid/unknown for TLS signatures"); + + PK_Signer signer(*priv_key, padding, format); - signer->update(c_random); - signer->update(s_random); - signer->update(serialize_params()); - signature = signer->signature(rng); + signer.update(c_random); + signer.update(s_random); + signer.update(serialize_params()); + signature = signer.signature(rng); send(writer, hash); } @@ -154,29 +156,31 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert, const MemoryRegion<byte>& c_random, const MemoryRegion<byte>& s_random) const { - std::auto_ptr<Public_Key> key(cert.subject_public_key()); - DSA_PublicKey* dsa_pub = dynamic_cast<DSA_PublicKey*>(key.get()); - RSA_PublicKey* rsa_pub = dynamic_cast<RSA_PublicKey*>(key.get()); + std::auto_ptr<Public_Key> key(cert.subject_public_key()); - std::auto_ptr<PK_Verifier> verifier; + std::string padding = ""; + Signature_Format format = IEEE_1363; - if(dsa_pub) + if(key->algo_name() == "RSA") + padding = "EMSA3(TLS.Digest.0)"; + else if(key->algo_name() == "DSA") { - verifier.reset(get_pk_verifier(*dsa_pub, "EMSA1(SHA-1)", DER_SEQUENCE)); - verifier->set_input_format(DER_SEQUENCE); + padding == "EMSA1(SHA-1)"; + format = DER_SEQUENCE; } - else if(rsa_pub) - verifier.reset(get_pk_verifier(*rsa_pub, "EMSA3(TLS.Digest.0)")); else - throw Invalid_Argument("Server did not provide a RSA/DSA cert"); + throw Invalid_Argument(key->algo_name() + + " is invalid/unknown for TLS signatures"); + + PK_Verifier verifier(*key, padding, format); SecureVector<byte> params_got = serialize_params(); - verifier->update(c_random); - verifier->update(s_random); - verifier->update(params_got); + verifier.update(c_random); + verifier.update(s_random); + verifier.update(params_got); - return verifier->check_signature(signature, signature.size()); + return verifier.check_signature(signature, signature.size()); } } |