aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-08-06 12:05:41 +0000
committerlloyd <[email protected]>2012-08-06 12:05:41 +0000
commit0d30fb9811786b8cf85d091baf1d7490deb17398 (patch)
treec99fb81900c4d8499254aaa523ebe4847f5d3c36 /src/tls
parentab195a19bc5a938af1d70f28186c164a48e5c009 (diff)
Make the handshake Ciphersuite only available by const reference.
Derive it when the server hello is set.
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/msg_client_kex.cpp4
-rw-r--r--src/tls/msg_finished.cpp2
-rw-r--r--src/tls/msg_server_kex.cpp4
-rw-r--r--src/tls/tls_client.cpp24
-rw-r--r--src/tls/tls_handshake_state.cpp9
-rw-r--r--src/tls/tls_handshake_state.h4
-rw-r--r--src/tls/tls_server.cpp16
-rw-r--r--src/tls/tls_session_key.cpp8
8 files changed, 35 insertions, 36 deletions
diff --git a/src/tls/msg_client_kex.cpp b/src/tls/msg_client_kex.cpp
index 0fbd03b72..1677f3f39 100644
--- a/src/tls/msg_client_kex.cpp
+++ b/src/tls/msg_client_kex.cpp
@@ -55,7 +55,7 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io,
const std::string& hostname,
RandomNumberGenerator& rng)
{
- const std::string kex_algo = state->suite.kex_algo();
+ const std::string kex_algo = state->ciphersuite().kex_algo();
if(kex_algo == "PSK")
{
@@ -271,7 +271,7 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents,
const Policy& policy,
RandomNumberGenerator& rng)
{
- const std::string kex_algo = state->suite.kex_algo();
+ const std::string kex_algo = state->ciphersuite().kex_algo();
if(kex_algo == "RSA")
{
diff --git a/src/tls/msg_finished.cpp b/src/tls/msg_finished.cpp
index 761313e0a..c25bfd961 100644
--- a/src/tls/msg_finished.cpp
+++ b/src/tls/msg_finished.cpp
@@ -55,7 +55,7 @@ std::vector<byte> finished_compute_verify(const Handshake_State* state,
else
input += std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL));
- input += state->hash.final(state->version(), state->suite.mac_algo());
+ input += state->hash.final(state->version(), state->ciphersuite().mac_algo());
return unlock(prf->derive_key(12, state->keys.master_secret(), input));
}
diff --git a/src/tls/msg_server_kex.cpp b/src/tls/msg_server_kex.cpp
index f88972836..f3721a2b5 100644
--- a/src/tls/msg_server_kex.cpp
+++ b/src/tls/msg_server_kex.cpp
@@ -35,7 +35,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
const Private_Key* signing_key)
{
const std::string hostname = state->client_hello()->sni_hostname();
- const std::string kex_algo = state->suite.kex_algo();
+ const std::string kex_algo = state->ciphersuite().kex_algo();
if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
@@ -120,7 +120,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
else if(kex_algo != "PSK")
throw Internal_Error("Server_Key_Exchange: Unknown kex type " + kex_algo);
- if(state->suite.sig_algo() != "")
+ if(state->ciphersuite().sig_algo() != "")
{
BOTAN_ASSERT(signing_key, "Signing key was set");
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index e0f9b11d8..d60aa611e 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -218,8 +218,6 @@ void Client::process_handshake_msg(Handshake_Type type,
m_peer_supports_heartbeats = m_state->server_hello()->supports_heartbeats();
m_heartbeat_sending_allowed = m_state->server_hello()->peer_can_send_heartbeats();
- m_state->suite = Ciphersuite::by_id(m_state->server_hello()->ciphersuite());
-
const bool server_returned_same_session_id =
!m_state->server_hello()->session_id().empty() &&
(m_state->server_hello()->session_id() == m_state->client_hello()->session_id());
@@ -262,11 +260,11 @@ void Client::process_handshake_msg(Handshake_Type type,
"Server version is unacceptable by policy");
}
- if(m_state->suite.sig_algo() != "")
+ if(m_state->ciphersuite().sig_algo() != "")
{
m_state->set_expected_next(CERTIFICATE);
}
- else if(m_state->suite.kex_algo() == "PSK")
+ else if(m_state->ciphersuite().kex_algo() == "PSK")
{
/* PSK is anonymous so no certificate/cert req message is
ever sent. The server may or may not send a server kex,
@@ -279,7 +277,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_state->set_expected_next(SERVER_KEX);
m_state->set_expected_next(SERVER_HELLO_DONE);
}
- else if(m_state->suite.kex_algo() != "RSA")
+ else if(m_state->ciphersuite().kex_algo() != "RSA")
{
m_state->set_expected_next(SERVER_KEX);
}
@@ -292,7 +290,7 @@ void Client::process_handshake_msg(Handshake_Type type,
}
else if(type == CERTIFICATE)
{
- if(m_state->suite.kex_algo() != "RSA")
+ if(m_state->ciphersuite().kex_algo() != "RSA")
{
m_state->set_expected_next(SERVER_KEX);
}
@@ -320,7 +318,7 @@ void Client::process_handshake_msg(Handshake_Type type,
std::unique_ptr<Public_Key> peer_key(m_peer_certs[0].subject_public_key());
- if(peer_key->algo_name() != m_state->suite.sig_algo())
+ if(peer_key->algo_name() != m_state->ciphersuite().sig_algo())
throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
"Certificate key type did not match ciphersuite");
}
@@ -331,12 +329,12 @@ void Client::process_handshake_msg(Handshake_Type type,
m_state->server_kex(
new Server_Key_Exchange(contents,
- m_state->suite.kex_algo(),
- m_state->suite.sig_algo(),
+ m_state->ciphersuite().kex_algo(),
+ m_state->ciphersuite().sig_algo(),
m_state->version())
);
- if(m_state->suite.sig_algo() != "")
+ if(m_state->ciphersuite().sig_algo() != "")
{
if(!m_state->server_kex()->verify(m_peer_certs[0], m_state.get()))
{
@@ -409,7 +407,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_writer.send(CHANGE_CIPHER_SPEC, 1);
m_writer.change_cipher_spec(CLIENT,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
@@ -443,7 +441,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_state->set_expected_next(FINISHED);
m_reader.change_cipher_spec(CLIENT,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
}
@@ -464,7 +462,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_writer.send(CHANGE_CIPHER_SPEC, 1);
m_writer.change_cipher_spec(CLIENT,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index 8e9d6b0ba..c90e5d6c2 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -101,6 +101,7 @@ void Handshake_State::client_hello(Client_Hello* client_hello)
void Handshake_State::server_hello(Server_Hello* server_hello)
{
m_server_hello.reset(server_hello);
+ m_ciphersuite = Ciphersuite::by_id(m_server_hello->ciphersuite());
}
void Handshake_State::server_certs(Certificate* server_certs)
@@ -198,7 +199,7 @@ bool Handshake_State::received_handshake_msg(Handshake_Type handshake_msg) const
std::string Handshake_State::srp_identifier() const
{
- if(suite.valid() && suite.kex_algo() == "SRP_SHA")
+ if(ciphersuite().valid() && ciphersuite().kex_algo() == "SRP_SHA")
return client_hello()->srp_identifier();
return "";
@@ -220,10 +221,12 @@ KDF* Handshake_State::protocol_specific_prf() const
}
else if(version().supports_ciphersuite_specific_prf())
{
- if(suite.mac_algo() == "MD5" || suite.mac_algo() == "SHA-1")
+ const std::string mac_algo = ciphersuite().mac_algo();
+
+ if(mac_algo == "MD5" || mac_algo == "SHA-1")
return get_kdf("TLS-12-PRF(SHA-256)");
- return get_kdf("TLS-12-PRF(" + suite.mac_algo() + ")");
+ return get_kdf("TLS-12-PRF(" + mac_algo + ")");
}
else
{
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 7dea555cc..5669cbd06 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -135,10 +135,11 @@ class Handshake_State
const Finished* client_finished() const
{ return m_client_finished.get(); }
+ const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
+
// Used by the server only, in case of RSA key exchange
Private_Key* server_rsa_kex_key = nullptr; // FIXME make private
- Ciphersuite suite; // FIXME make private
Session_Keys keys; // FIXME make private
Handshake_Hash hash; // FIXME make private
@@ -164,6 +165,7 @@ class Handshake_State
u32bit m_hand_expecting_mask = 0;
u32bit m_hand_received_mask = 0;
Protocol_Version m_version;
+ Ciphersuite m_ciphersuite;
std::unique_ptr<Client_Hello> m_client_hello;
std::unique_ptr<Server_Hello> m_server_hello;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 9669693c5..6f6b0adf3 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -389,8 +389,6 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.set_maximum_fragment_size(session_info.fragment_size());
}
- m_state->suite = Ciphersuite::by_id(m_state->server_hello()->ciphersuite());
-
m_state->keys = Session_Keys(m_state.get(), session_info.master_secret(), true);
if(!m_handshake_fn(session_info))
@@ -432,7 +430,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.send(CHANGE_CIPHER_SPEC, 1);
m_writer.change_cipher_spec(SERVER,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
@@ -493,10 +491,8 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.set_maximum_fragment_size(m_state->client_hello()->fragment_size());
}
- m_state->suite = Ciphersuite::by_id(m_state->server_hello()->ciphersuite());
-
- const std::string sig_algo = m_state->suite.sig_algo();
- const std::string kex_algo = m_state->suite.kex_algo();
+ const std::string sig_algo = m_state->ciphersuite().sig_algo();
+ const std::string kex_algo = m_state->ciphersuite().kex_algo();
if(sig_algo != "")
{
@@ -542,7 +538,7 @@ void Server::process_handshake_msg(Handshake_Type type,
std::vector<X509_Certificate> client_auth_CAs =
m_creds.trusted_certificate_authorities("tls-server", m_hostname);
- if(!client_auth_CAs.empty() && m_state->suite.sig_algo() != "")
+ if(!client_auth_CAs.empty() && m_state->ciphersuite().sig_algo() != "")
{
m_state->cert_req(
new Certificate_Req(m_state->handshake_io(),
@@ -627,7 +623,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_state->set_expected_next(FINISHED);
m_reader.change_cipher_spec(SERVER,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
}
@@ -703,7 +699,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.send(CHANGE_CIPHER_SPEC, 1);
m_writer.change_cipher_spec(SERVER,
- m_state->suite,
+ m_state->ciphersuite(),
m_state->keys,
m_state->server_hello()->compression_method());
diff --git a/src/tls/tls_session_key.cpp b/src/tls/tls_session_key.cpp
index bc636c0cb..9f06ecdab 100644
--- a/src/tls/tls_session_key.cpp
+++ b/src/tls/tls_session_key.cpp
@@ -22,12 +22,12 @@ Session_Keys::Session_Keys(const Handshake_State* state,
const secure_vector<byte>& pre_master_secret,
bool resuming)
{
- const size_t mac_keylen = output_length_of(state->suite.mac_algo());
- const size_t cipher_keylen = state->suite.cipher_keylen();
+ const size_t mac_keylen = output_length_of(state->ciphersuite().mac_algo());
+ const size_t cipher_keylen = state->ciphersuite().cipher_keylen();
size_t cipher_ivlen = 0;
- if(have_block_cipher(state->suite.cipher_algo()))
- cipher_ivlen = block_size_of(state->suite.cipher_algo());
+ if(have_block_cipher(state->ciphersuite().cipher_algo()))
+ cipher_ivlen = block_size_of(state->ciphersuite().cipher_algo());
const size_t prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_ivlen);