diff options
author | lloyd <[email protected]> | 2012-09-06 13:32:20 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2012-09-06 13:32:20 +0000 |
commit | c1ab7196f60494eebf4f702da60bb96e49e4b670 (patch) | |
tree | 7fb622ddf56660b04db2d8156d1312859f259521 /src/tls/tls_record.cpp | |
parent | db9b72b1d6d42837fe6f06f070b72736188d2ea4 (diff) |
Move record cipher state to its own class. Currently write side only.
Diffstat (limited to 'src/tls/tls_record.cpp')
-rw-r--r-- | src/tls/tls_record.cpp | 75 |
1 files changed, 75 insertions, 0 deletions
diff --git a/src/tls/tls_record.cpp b/src/tls/tls_record.cpp new file mode 100644 index 000000000..d8d25448f --- /dev/null +++ b/src/tls/tls_record.cpp @@ -0,0 +1,75 @@ +/* +* TLS Record Handling +* (C) 2012 Jack Lloyd +* +* Released under the terms of the Botan license +*/ + +#include <botan/tls_record.h> +#include <botan/internal/tls_session_key.h> +#include <botan/libstate.h> + +namespace Botan { + +namespace TLS { + +Connection_Cipher_State::Connection_Cipher_State( + Protocol_Version version, + Connection_Side side, + const Ciphersuite& suite, + const Session_Keys& keys) + { + SymmetricKey mac_key, cipher_key; + InitializationVector iv; + + if(side == CLIENT) + { + cipher_key = keys.client_cipher_key(); + iv = keys.client_iv(); + mac_key = keys.client_mac_key(); + } + else + { + cipher_key = keys.server_cipher_key(); + iv = keys.server_iv(); + mac_key = keys.server_mac_key(); + } + + const std::string cipher_algo = suite.cipher_algo(); + const std::string mac_algo = suite.mac_algo(); + + Algorithm_Factory& af = global_state().algorithm_factory(); + + if(const BlockCipher* bc = af.prototype_block_cipher(cipher_algo)) + { + m_block_cipher.reset(bc->clone()); + m_block_cipher->set_key(cipher_key); + m_block_cipher_cbc_state = iv.bits_of(); + m_block_size = bc->block_size(); + + if(version.supports_explicit_cbc_ivs()) + m_iv_size = m_block_size; + else + m_iv_size = 0; + } + else if(const StreamCipher* sc = af.prototype_stream_cipher(cipher_algo)) + { + m_stream_cipher.reset(sc->clone()); + m_stream_cipher->set_key(cipher_key); + m_block_size = 0; + m_iv_size = 0; + } + else + throw Invalid_Argument("Unknown TLS cipher " + cipher_algo); + + if(version == Protocol_Version::SSL_V3) + m_mac.reset(af.make_mac("SSL3-MAC(" + mac_algo + ")")); + else + m_mac.reset(af.make_mac("HMAC(" + mac_algo + ")")); + + m_mac->set_key(mac_key); + } + +} + +} |