aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2011-12-29 02:41:53 +0000
committerlloyd <[email protected]>2011-12-29 02:41:53 +0000
commitcaa9dfa12cf69bb4ab88c399e61e856fedb24900 (patch)
tree2df3665d97199c4150515667e89272679210f069 /src
parent6432abc730f65328affb4f0ca7c0116b3ded353f (diff)
Clean up the ordering of constructor args to the various message types
Diffstat (limited to 'src')
-rw-r--r--src/tls/c_kex.cpp22
-rw-r--r--src/tls/cert_req.cpp4
-rw-r--r--src/tls/cert_ver.cpp4
-rw-r--r--src/tls/finished.cpp7
-rw-r--r--src/tls/hello.cpp22
-rw-r--r--src/tls/s_kex.cpp8
-rw-r--r--src/tls/tls_client.cpp22
-rw-r--r--src/tls/tls_messages.h84
-rw-r--r--src/tls/tls_server.cpp34
9 files changed, 108 insertions, 99 deletions
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp
index ced31f870..341ae1e14 100644
--- a/src/tls/c_kex.cpp
+++ b/src/tls/c_kex.cpp
@@ -16,12 +16,12 @@
namespace Botan {
-/**
+/*
* Create a new Client Key Exchange message
*/
-Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const Public_Key* pub_key,
Version_Code using_version,
Version_Code pref_version)
@@ -57,7 +57,7 @@ Client_Key_Exchange::Client_Key_Exchange(RandomNumberGenerator& rng,
send(writer, hash);
}
-/**
+/*
* Read a Client Key Exchange message
*/
Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
@@ -72,7 +72,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
deserialize(contents);
}
-/**
+/*
* Serialize a Client Key Exchange message
*/
MemoryVector<byte> Client_Key_Exchange::serialize() const
@@ -87,7 +87,7 @@ MemoryVector<byte> Client_Key_Exchange::serialize() const
return key_material;
}
-/**
+/*
* Deserialize a Client Key Exchange message
*/
void Client_Key_Exchange::deserialize(const MemoryRegion<byte>& buf)
@@ -101,7 +101,7 @@ void Client_Key_Exchange::deserialize(const MemoryRegion<byte>& buf)
key_material = buf;
}
-/**
+/*
* Return the pre_master_secret
*/
SecureVector<byte>
@@ -154,12 +154,4 @@ Client_Key_Exchange::pre_master_secret(RandomNumberGenerator& rng,
throw Invalid_Argument("Client_Key_Exchange: Bad key for decrypt");
}
-/**
-* Return the pre_master_secret
-*/
-SecureVector<byte> Client_Key_Exchange::pre_master_secret() const
- {
- return pre_master;
- }
-
}
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index 85c017fac..78c786262 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -89,8 +89,8 @@ void Certificate_Req::deserialize(const MemoryRegion<byte>& buf)
* Create a new Certificate message
*/
Certificate::Certificate(Record_Writer& writer,
- const std::vector<X509_Certificate>& cert_list,
- TLS_Handshake_Hash& hash)
+ TLS_Handshake_Hash& hash,
+ const std::vector<X509_Certificate>& cert_list)
{
certs = cert_list;
send(writer, hash);
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp
index e4dd7a840..5a20e3029 100644
--- a/src/tls/cert_ver.cpp
+++ b/src/tls/cert_ver.cpp
@@ -20,9 +20,9 @@ namespace Botan {
/*
* Create a new Certificate Verify message
*/
-Certificate_Verify::Certificate_Verify(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Certificate_Verify::Certificate_Verify(Record_Writer& writer,
TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const Private_Key* priv_key)
{
BOTAN_ASSERT_NONNULL(priv_key);
diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp
index bc072bc9d..c8d0173da 100644
--- a/src/tls/finished.cpp
+++ b/src/tls/finished.cpp
@@ -14,9 +14,10 @@ namespace Botan {
* Create a new Finished message
*/
Finished::Finished(Record_Writer& writer,
- Version_Code version, Connection_Side side,
- const MemoryRegion<byte>& master_secret,
- TLS_Handshake_Hash& hash)
+ TLS_Handshake_Hash& hash,
+ Version_Code version,
+ Connection_Side side,
+ const MemoryRegion<byte>& master_secret)
{
verification_data = compute_verify(master_secret, hash, side, version);
send(writer, hash);
diff --git a/src/tls/hello.cpp b/src/tls/hello.cpp
index 510aabb3a..0343b649e 100644
--- a/src/tls/hello.cpp
+++ b/src/tls/hello.cpp
@@ -63,10 +63,10 @@ void Hello_Request::deserialize(const MemoryRegion<byte>& buf)
/*
* Create a new Client Hello message
*/
-Client_Hello::Client_Hello(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Client_Hello::Client_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
const TLS_Policy& policy,
- TLS_Handshake_Hash& hash)
+ RandomNumberGenerator& rng)
{
c_random = rng.random_vec(32);
@@ -221,14 +221,14 @@ bool Client_Hello::offered_suite(u16bit ciphersuite) const
/*
* Create a new Server Hello message
*/
-Server_Hello::Server_Hello(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Server_Hello::Server_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
const TLS_Policy& policy,
+ RandomNumberGenerator& rng,
const std::vector<X509_Certificate>& certs,
const Client_Hello& c_hello,
const MemoryRegion<byte>& session_id,
- Version_Code ver,
- TLS_Handshake_Hash& hash) :
+ Version_Code ver) :
s_version(ver),
sess_id(session_id),
s_random(rng.random_vec(32))
@@ -259,13 +259,13 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng,
/*
* Create a new Server Hello message
*/
-Server_Hello::Server_Hello(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Server_Hello::Server_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const MemoryRegion<byte>& session_id,
u16bit ciphersuite,
byte compression,
- Version_Code ver,
- TLS_Handshake_Hash& hash) :
+ Version_Code ver) :
s_version(ver),
sess_id(session_id),
s_random(rng.random_vec(32)),
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp
index dd79e527e..150f13474 100644
--- a/src/tls/s_kex.cpp
+++ b/src/tls/s_kex.cpp
@@ -19,13 +19,13 @@ namespace Botan {
/**
* Create a new Server Key Exchange message
*/
-Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng,
- Record_Writer& writer,
+Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const Public_Key* kex_key,
const Private_Key* priv_key,
const MemoryRegion<byte>& c_random,
- const MemoryRegion<byte>& s_random,
- TLS_Handshake_Hash& hash)
+ const MemoryRegion<byte>& s_random)
{
const DH_PublicKey* dh_pub = dynamic_cast<const DH_PublicKey*>(kex_key);
const RSA_PublicKey* rsa_pub = dynamic_cast<const RSA_PublicKey*>(kex_key);
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index b58a6766f..19ae44ace 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -31,7 +31,7 @@ TLS_Client::TLS_Client(std::tr1::function<void (const byte[], size_t)> output_fn
state = new Handshake_State;
state->set_expected_next(SERVER_HELLO);
- state->client_hello = new Client_Hello(rng, writer, policy, state->hash);
+ state->client_hello = new Client_Hello(writer, state->hash, policy, rng);
}
void TLS_Client::add_client_cert(const X509_Certificate& cert,
@@ -74,7 +74,7 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
if(type == HELLO_REQUEST)
{
Hello_Request hello_request(contents);
- state->client_hello = new Client_Hello(rng, writer, policy, state->hash);
+ state->client_hello = new Client_Hello( writer, state->hash, policy, rng);
}
else if(type == SERVER_HELLO)
{
@@ -213,21 +213,21 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
state->cert_req->acceptable_types();
// FIXME: Fill in useful certs here, if any
- state->client_certs = new Certificate(writer, send_certs,
- state->hash);
+ state->client_certs = new Certificate(writer,
+ state->hash,
+ send_certs);
}
state->client_kex =
- new Client_Key_Exchange(rng, writer, state->hash,
+ new Client_Key_Exchange(writer, state->hash, rng,
state->kex_pub, state->version,
state->client_hello->version());
if(state->received_handshake_msg(CERTIFICATE_REQUEST))
{
Private_Key* key_matching_cert = 0; // FIXME
- state->client_verify = new Certificate_Verify(rng,
- writer, state->hash,
- key_matching_cert);
+ state->client_verify = new Certificate_Verify(writer, state->hash,
+ rng, key_matching_cert);
}
state->keys = SessionKeys(state->suite, state->version,
@@ -239,9 +239,9 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
writer.set_keys(state->suite, state->keys, CLIENT);
- state->client_finished = new Finished(writer, state->version, CLIENT,
- state->keys.master_secret(),
- state->hash);
+ state->client_finished = new Finished(writer, state->hash,
+ state->version, CLIENT,
+ state->keys.master_secret());
}
else if(type == HANDSHAKE_CCS)
{
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 51569fbc0..68d564fff 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -28,7 +28,7 @@ class Record_Reader;
class HandshakeMessage
{
public:
- void send(Record_Writer&, TLS_Handshake_Hash&) const;
+ void send(Record_Writer& writer, TLS_Handshake_Hash& hash) const;
virtual Handshake_Type type() const = 0;
@@ -67,8 +67,10 @@ class Client_Hello : public HandshakeMessage
bool offered_suite(u16bit) const;
- Client_Hello(RandomNumberGenerator& rng,
- Record_Writer&, const TLS_Policy&, TLS_Handshake_Hash&);
+ Client_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ const TLS_Policy& policy,
+ RandomNumberGenerator& rng);
Client_Hello(const MemoryRegion<byte>& buf,
Handshake_Type type)
@@ -81,8 +83,8 @@ class Client_Hello : public HandshakeMessage
private:
MemoryVector<byte> serialize() const;
- void deserialize(const MemoryRegion<byte>&);
- void deserialize_sslv2(const MemoryRegion<byte>&);
+ void deserialize(const MemoryRegion<byte>& buf);
+ void deserialize_sslv2(const MemoryRegion<byte>& buf);
Version_Code c_version;
MemoryVector<byte> sess_id, c_random;
@@ -100,15 +102,16 @@ class Client_Key_Exchange : public HandshakeMessage
public:
Handshake_Type type() const { return CLIENT_KEX; }
- SecureVector<byte> pre_master_secret() const;
+ const SecureVector<byte>& pre_master_secret() const
+ { return pre_master; }
SecureVector<byte> pre_master_secret(RandomNumberGenerator& rng,
const Private_Key* key,
Version_Code version);
- Client_Key_Exchange(RandomNumberGenerator& rng,
- Record_Writer& output,
+ Client_Key_Exchange(Record_Writer& output,
TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const Public_Key* my_key,
Version_Code using_version,
Version_Code pref_version);
@@ -136,8 +139,10 @@ class Certificate : public HandshakeMessage
size_t count() const { return certs.size(); }
bool empty() const { return certs.empty(); }
- Certificate(Record_Writer&, const std::vector<X509_Certificate>&,
- TLS_Handshake_Hash&);
+ Certificate(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ const std::vector<X509_Certificate>& certs);
+
Certificate(const MemoryRegion<byte>& buf) { deserialize(buf); }
private:
MemoryVector<byte> serialize() const;
@@ -191,9 +196,9 @@ class Certificate_Verify : public HandshakeMessage
Version_Code version,
const SecureVector<byte>& master_secret);
- Certificate_Verify(RandomNumberGenerator& rng,
- Record_Writer& writer,
+ Certificate_Verify(Record_Writer& writer,
TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const Private_Key* key);
Certificate_Verify(const MemoryRegion<byte>& buf) { deserialize(buf); }
@@ -212,19 +217,26 @@ class Finished : public HandshakeMessage
public:
Handshake_Type type() const { return FINISHED; }
- bool verify(const MemoryRegion<byte>&, Version_Code,
- const TLS_Handshake_Hash&, Connection_Side);
+ bool verify(const MemoryRegion<byte>& buf,
+ Version_Code version,
+ const TLS_Handshake_Hash& hash,
+ Connection_Side side);
+
+ Finished(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ Version_Code version,
+ Connection_Side side,
+ const MemoryRegion<byte>& master_secret);
- Finished(Record_Writer&, Version_Code, Connection_Side,
- const MemoryRegion<byte>&, TLS_Handshake_Hash&);
Finished(const MemoryRegion<byte>& buf) { deserialize(buf); }
private:
MemoryVector<byte> serialize() const;
void deserialize(const MemoryRegion<byte>&);
- MemoryVector<byte> compute_verify(const MemoryRegion<byte>&,
- TLS_Handshake_Hash, Connection_Side,
- Version_Code);
+ MemoryVector<byte> compute_verify(const MemoryRegion<byte>& master_secret,
+ TLS_Handshake_Hash hash,
+ Connection_Side side,
+ Version_Code version);
Connection_Side side;
MemoryVector<byte> verification_data;
@@ -266,22 +278,22 @@ class Server_Hello : public HandshakeMessage
const MemoryVector<byte>& random() const { return s_random; }
- Server_Hello(RandomNumberGenerator& rng,
- Record_Writer& writer,
+ Server_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
const TLS_Policy& policies,
+ RandomNumberGenerator& rng,
const std::vector<X509_Certificate>& certs,
const Client_Hello& other,
const MemoryRegion<byte>& session_id,
- Version_Code version,
- TLS_Handshake_Hash& hash);
+ Version_Code version);
- Server_Hello(RandomNumberGenerator& rng,
- Record_Writer& writer,
+ Server_Hello(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
const MemoryRegion<byte>& session_id,
u16bit ciphersuite,
byte compression,
- Version_Code ver,
- TLS_Handshake_Hash& hash);
+ Version_Code ver);
Server_Hello(const MemoryRegion<byte>& buf) { deserialize(buf); }
private:
@@ -303,13 +315,17 @@ class Server_Key_Exchange : public HandshakeMessage
Handshake_Type type() const { return SERVER_KEX; }
Public_Key* key() const;
- bool verify(const X509_Certificate&, const MemoryRegion<byte>&,
- const MemoryRegion<byte>&) const;
+ bool verify(const X509_Certificate& cert,
+ const MemoryRegion<byte>& c_random,
+ const MemoryRegion<byte>& s_random) const;
- Server_Key_Exchange(RandomNumberGenerator& rng,
- Record_Writer&, const Public_Key*,
- const Private_Key*, const MemoryRegion<byte>&,
- const MemoryRegion<byte>&, TLS_Handshake_Hash&);
+ Server_Key_Exchange(Record_Writer& writer,
+ TLS_Handshake_Hash& hash,
+ RandomNumberGenerator& rng,
+ const Public_Key* kex_key,
+ const Private_Key* priv_key,
+ const MemoryRegion<byte>& c_random,
+ const MemoryRegion<byte>& s_random);
Server_Key_Exchange(const MemoryRegion<byte>& buf) { deserialize(buf); }
private:
@@ -329,7 +345,7 @@ class Server_Hello_Done : public HandshakeMessage
public:
Handshake_Type type() const { return SERVER_HELLO_DONE; }
- Server_Hello_Done(Record_Writer&, TLS_Handshake_Hash&);
+ Server_Hello_Done(Record_Writer& writer, TLS_Handshake_Hash& hash);
Server_Hello_Done(const MemoryRegion<byte>& buf) { deserialize(buf); }
private:
MemoryVector<byte> serialize() const;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 16bf554d3..090a55566 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -167,13 +167,13 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
{
// resume session
state->server_hello = new Server_Hello(
- rng,
writer,
+ state->hash,
+ rng,
session_info.session_id(),
session_info.ciphersuite(),
session_info.compression_method(),
- Version_Code(session_info.version()),
- state->hash);
+ Version_Code(session_info.version()));
state->suite = CipherSuite(state->server_hello->ciphersuite());
@@ -187,31 +187,32 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
writer.set_keys(state->suite, state->keys, SERVER);
- state->server_finished = new Finished(writer, state->version, SERVER,
- state->keys.master_secret(),
- state->hash);
+ state->server_finished = new Finished(writer, state->hash,
+ state->version, SERVER,
+ state->keys.master_secret());
state->set_expected_next(HANDSHAKE_CCS);
}
else // new session
{
state->server_hello = new Server_Hello(
- rng,
writer,
+ state->hash,
policy,
+ rng,
cert_chain,
*(state->client_hello),
rng.random_vec(32),
- state->version,
- state->hash);
+ state->version);
state->suite = CipherSuite(state->server_hello->ciphersuite());
if(state->suite.sig_type() != TLS_ALGO_SIGNER_ANON)
{
// FIXME: should choose certs based on sig type
- state->server_certs = new Certificate(writer, cert_chain,
- state->hash);
+ state->server_certs = new Certificate(writer,
+ state->hash,
+ cert_chain);
}
if(state->suite.kex_type() == TLS_ALGO_KEYEXCH_NOKEX)
@@ -231,11 +232,10 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
throw Internal_Error("TLS_Server: Unknown ciphersuite kex type");
state->server_kex =
- new Server_Key_Exchange(rng, writer,
+ new Server_Key_Exchange(writer, state->hash, rng,
state->kex_priv, private_key,
state->client_hello->random(),
- state->server_hello->random(),
- state->hash);
+ state->server_hello->random());
if(policy.require_client_auth())
{
@@ -339,9 +339,9 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
writer.set_keys(state->suite, state->keys, SERVER);
- state->server_finished = new Finished(writer, state->version, SERVER,
- state->keys.master_secret(),
- state->hash);
+ state->server_finished = new Finished(writer, state->hash,
+ state->version, SERVER,
+ state->keys.master_secret());
std::vector<X509_Certificate> peer_certs;