diff options
author | lloyd <[email protected]> | 2012-01-27 18:57:43 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-01-27 18:57:43 +0000 |
commit | ce8566f949b714366f104d8a1c09e0602f380f06 (patch) | |
tree | 74a9e68a85b3a7b8ace6fb85a3fba2ef53919210 /src/tls/s_kex.cpp | |
parent | 8d0bbed5d5ccd0995d4794644172b6508959798e (diff) |
Working though somewhat clumsy DHE_PSK and ECDHE_PSK. Tested against GnuTLS
Diffstat (limited to 'src/tls/s_kex.cpp')
-rw-r--r-- | src/tls/s_kex.cpp | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index b8aba344c..5a2c4d55f 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -32,7 +32,13 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, { const std::string kex_algo = state->suite.kex_algo(); - if(kex_algo == "DH") + if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + { + std::string identity_hint = "botan"; + append_tls_length_value(m_params, identity_hint, 2); + } + + if(kex_algo == "DH" || kex_algo == "PSK_DHE") { std::auto_ptr<DH_PrivateKey> dh(new DH_PrivateKey(rng, policy.dh_group())); @@ -41,7 +47,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, append_tls_length_value(m_params, dh->public_value(), 2); m_kex_key = dh.release(); } - else if(kex_algo == "ECDH") + else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") { const std::vector<std::string>& curves = state->client_hello->supported_ecc_curves(); @@ -75,7 +81,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, m_kex_key = ecdh.release(); } - else + else if(kex_algo != "PSK") throw Internal_Error("Server_Key_Exchange: Unknown kex type " + kex_algo); if(state->suite.sig_algo() != "") @@ -116,12 +122,13 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, * to be able to parse the whole thing anyway. */ - if(kex_algo == "PSK") + if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") { - std::string identity_hint = reader.get_string(2, 1, 65535); + const std::string identity_hint = reader.get_string(2, 0, 65535); append_tls_length_value(m_params, identity_hint, 2); } - else if(kex_algo == "DH") + + if(kex_algo == "DH" || kex_algo == "PSK_DHE") { // 3 bigints, DH p, g, Y @@ -131,7 +138,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, append_tls_length_value(m_params, BigInt::encode(v), 2); } } - else if(kex_algo == "ECDH") + else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") { const byte curve_type = reader.get_byte(); @@ -153,7 +160,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, m_params.push_back(get_byte(1, curve_id)); append_tls_length_value(m_params, ecdh_key, 1); } - else + else if(kex_algo != "PSK") throw Decoding_Error("Server_Key_Exchange: Unsupported kex type " + kex_algo); if(sig_algo != "") |