diff options
| author | lloyd <[email protected]> | 2012-01-19 18:14:20 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-01-19 18:14:20 +0000 |
| commit | 265cf8e312723e688f4dbc8e4d90e0eae5445c97 (patch) | |
| tree | 4532f1435286ad17cc3752ba77b71e59af622bbf /src | |
| parent | 239241568d4d3ff14d2d1994e5829f3d548f2078 (diff) | |
Kinda maybe working TLS 1.2 for clients. Not well tested at all, but a
basic connection with a GnuTLS server does work. Currently we don't
respect the signature_algorithms extension at all, and using SHA-256
with a 12-byte finished value is hardcoded though the spec is that it
can depend on the ciphersuite (likely relevant for GOST ciphersuites
in particular).
Diffstat (limited to 'src')
| -rw-r--r-- | src/kdf/prf_tls/info.txt | 1 | ||||
| -rw-r--r-- | src/libstate/get_enc.cpp | 11 | ||||
| -rw-r--r-- | src/tls/cert_ver.cpp | 10 | ||||
| -rw-r--r-- | src/tls/finished.cpp | 27 | ||||
| -rw-r--r-- | src/tls/rec_read.cpp | 3 | ||||
| -rw-r--r-- | src/tls/rec_wri.cpp | 3 | ||||
| -rw-r--r-- | src/tls/s_hello.cpp | 12 | ||||
| -rw-r--r-- | src/tls/s_kex.cpp | 58 | ||||
| -rw-r--r-- | src/tls/tls_client.cpp | 23 | ||||
| -rw-r--r-- | src/tls/tls_extensions.cpp | 6 | ||||
| -rw-r--r-- | src/tls/tls_extensions.h | 12 | ||||
| -rw-r--r-- | src/tls/tls_handshake_hash.cpp | 33 | ||||
| -rw-r--r-- | src/tls/tls_handshake_hash.h | 4 | ||||
| -rw-r--r-- | src/tls/tls_handshake_state.cpp | 18 | ||||
| -rw-r--r-- | src/tls/tls_handshake_state.h | 4 | ||||
| -rw-r--r-- | src/tls/tls_magic.h | 2 | ||||
| -rw-r--r-- | src/tls/tls_messages.h | 8 | ||||
| -rw-r--r-- | src/tls/tls_reader.h | 7 | ||||
| -rw-r--r-- | src/tls/tls_session_key.cpp | 2 | ||||
| -rw-r--r-- | src/tls/tls_suites.cpp | 11 | ||||
| -rw-r--r-- | src/tls/tls_suites.h | 5 |
21 files changed, 172 insertions, 88 deletions
diff --git a/src/kdf/prf_tls/info.txt b/src/kdf/prf_tls/info.txt index 9531a6a83..113c92251 100644 --- a/src/kdf/prf_tls/info.txt +++ b/src/kdf/prf_tls/info.txt @@ -1,4 +1,5 @@ define TLS_V10_PRF +define TLS_V12_PRF <requires> hmac diff --git a/src/libstate/get_enc.cpp b/src/libstate/get_enc.cpp index 6a87268e8..6b74f8793 100644 --- a/src/libstate/get_enc.cpp +++ b/src/libstate/get_enc.cpp @@ -200,9 +200,14 @@ KDF* get_kdf(const std::string& algo_spec) return new TLS_PRF; #endif -#if defined(BOTAN_HAS_SSL_V3_PRF) - if(request.algo_name() == "SSL3-PRF" && request.arg_count() == 0) - return new SSL3_PRF; +#if defined(BOTAN_HAS_TLS_V10_PRF) + if(request.algo_name() == "TLS-PRF" && request.arg_count() == 0) + return new TLS_PRF; +#endif + +#if defined(BOTAN_HAS_TLS_V12_PRF) + if(request.algo_name() == "TLS-12-PRF" && request.arg_count() == 1) + return new TLS_12_PRF(af.make_mac("HMAC(" + request.arg(0) + ")")); #endif throw Algorithm_Not_Found(algo_spec); diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp index 77d9fe74b..f35202734 100644 --- a/src/tls/cert_ver.cpp +++ b/src/tls/cert_ver.cpp @@ -27,8 +27,14 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer, { BOTAN_ASSERT_NONNULL(priv_key); + // FIXME: this should respect server's hash preferences + if(state->version >= TLS_V12) + hash_algo = TLS_ALGO_HASH_SHA256; + else + hash_algo = TLS_ALGO_NONE; + std::pair<std::string, Signature_Format> format = - state->choose_sig_format(priv_key, true); + state->choose_sig_format(priv_key, hash_algo, true); PK_Signer signer(*priv_key, format.first, format.second); @@ -86,7 +92,7 @@ bool Certificate_Verify::verify(const X509_Certificate& cert, std::auto_ptr<Public_Key> key(cert.subject_public_key()); std::pair<std::string, Signature_Format> format = - state->choose_sig_format(key.get(), true); + state->choose_sig_format(key.get(), hash_algo, true); PK_Verifier verifier(*key, format.first, format.second); diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp index baa663798..2eec244f2 100644 --- a/src/tls/finished.cpp +++ b/src/tls/finished.cpp @@ -7,11 +7,27 @@ #include <botan/internal/tls_messages.h> #include <botan/prf_tls.h> +#include <botan/hmac.h> +#include <botan/sha2_32.h> +#include <memory> + +#include <stdio.h> namespace Botan { namespace { +KDF* choose_tls_prf(Version_Code version) + { + if(version == TLS_V10 || version == TLS_V11) + return new TLS_PRF; + else if(version == TLS_V12) + return new TLS_12_PRF(new HMAC(new SHA_256)); // might depend on ciphersuite + else + throw TLS_Exception(PROTOCOL_VERSION, + "Unknown version for PRF"); + } + /* * Compute the verify_data */ @@ -32,7 +48,7 @@ MemoryVector<byte> finished_compute_verify(TLS_Handshake_State* state, return state->hash.final_ssl3(state->keys.master_secret()); } - else if(state->version == TLS_V10 || state->version == TLS_V11) + else { const byte TLS_CLIENT_LABEL[] = { 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x66, 0x69, 0x6E, 0x69, @@ -42,19 +58,18 @@ MemoryVector<byte> finished_compute_verify(TLS_Handshake_State* state, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x66, 0x69, 0x6E, 0x69, 0x73, 0x68, 0x65, 0x64 }; - TLS_PRF prf; + std::auto_ptr<KDF> prf(choose_tls_prf(state->version)); MemoryVector<byte> input; if(side == CLIENT) input += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL)); else input += std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL)); - input += state->hash.final(); - return prf.derive_key(12, state->keys.master_secret(), input); + input += state->hash.final(state->version); + + return prf->derive_key(12, state->keys.master_secret(), input); } - else - throw Invalid_Argument("Finished message: Unknown protocol version"); } } diff --git a/src/tls/rec_read.cpp b/src/tls/rec_read.cpp index 20dfaae2e..2376dfd2b 100644 --- a/src/tls/rec_read.cpp +++ b/src/tls/rec_read.cpp @@ -57,9 +57,6 @@ void Record_Reader::set_maximum_fragment_size(size_t max_fragment) */ void Record_Reader::set_version(Version_Code version) { - if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11) - throw Invalid_Argument("Record_Reader: Invalid protocol version"); - m_major = (version >> 8) & 0xFF; m_minor = (version & 0xFF); } diff --git a/src/tls/rec_wri.cpp b/src/tls/rec_wri.cpp index c0a79a631..7a67ed962 100644 --- a/src/tls/rec_wri.cpp +++ b/src/tls/rec_wri.cpp @@ -60,9 +60,6 @@ void Record_Writer::reset() */ void Record_Writer::set_version(Version_Code version) { - if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11) - throw Invalid_Argument("Record_Writer: Invalid protocol version"); - m_major = (version >> 8) & 0xFF; m_minor = (version & 0xFF); } diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp index fa185599d..21619fe0c 100644 --- a/src/tls/s_hello.cpp +++ b/src/tls/s_hello.cpp @@ -104,7 +104,10 @@ Server_Hello::Server_Hello(const MemoryRegion<byte>& buf) s_version = static_cast<Version_Code>(reader.get_u16bit()); - if(s_version != SSL_V3 && s_version != TLS_V10 && s_version != TLS_V11) + if(s_version != SSL_V3 && + s_version != TLS_V10 && + s_version != TLS_V11 && + s_version != TLS_V12) { throw TLS_Exception(PROTOCOL_VERSION, "Server_Hello: Unsupported server version"); @@ -135,6 +138,10 @@ Server_Hello::Server_Hello(const MemoryRegion<byte>& buf) m_next_protocols = npn->protocols(); m_next_protocol = true; } + else if(Signature_Algorithms* sigs = dynamic_cast<Signature_Algorithms*>(extn)) + { + // save in handshake state + } } } @@ -167,6 +174,9 @@ MemoryVector<byte> Server_Hello::serialize() const if(m_next_protocol) extensions.push_back(new Next_Protocol_Notification(m_next_protocols)); + if(s_version == TLS_V12) + extensions.push_back(new Signature_Algorithms()); + buf += extensions.serialize(); return buf; diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index 7008c89de..2e2bc4cb0 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -7,6 +7,7 @@ #include <botan/internal/tls_messages.h> #include <botan/internal/tls_reader.h> +#include <botan/internal/tls_extensions.h> #include <botan/pubkey.h> #include <botan/dh.h> #include <botan/loadstor.h> @@ -34,8 +35,14 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, throw Invalid_Argument("Unknown key type " + state->kex_priv->algo_name() + " for TLS key exchange"); + // FIXME: this should respect client's hash preferences + if(state->version >= TLS_V12) + hash_algo = TLS_ALGO_HASH_SHA256; + else + hash_algo = TLS_ALGO_NONE; + std::pair<std::string, Signature_Format> format = - state->choose_sig_format(private_key, false); + state->choose_sig_format(private_key, hash_algo, false); PK_Signer signer(*private_key, format.first, format.second); @@ -53,6 +60,10 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, MemoryVector<byte> Server_Key_Exchange::serialize() const { MemoryVector<byte> buf = serialize_params(); + + if(hash_algo != TLS_ALGO_NONE) + {} + append_tls_length_value(buf, signature, 2); return buf; } @@ -73,39 +84,38 @@ MemoryVector<byte> Server_Key_Exchange::serialize_params() const /** * Deserialize a Server Key Exchange message */ -Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf) +Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, + TLS_Ciphersuite_Algos kex_alg, + TLS_Ciphersuite_Algos sig_alg, + Version_Code version) { if(buf.size() < 6) throw Decoding_Error("Server_Key_Exchange: Packet corrupted"); - MemoryVector<byte> values[4]; - size_t so_far = 0; + TLS_Data_Reader reader(buf); - for(size_t i = 0; i != 4; ++i) + if(kex_alg == TLS_ALGO_KEYEXCH_DH) { - const u16bit len = make_u16bit(buf[so_far], buf[so_far+1]); - so_far += 2; - - if(len + so_far > buf.size()) - throw Decoding_Error("Server_Key_Exchange: Packet corrupted"); + // 3 bigints, DH p, g, Y - values[i].resize(len); - copy_mem(&values[i][0], &buf[so_far], len); - so_far += len; - - if(i == 2 && so_far == buf.size()) - break; + for(size_t i = 0; i != 3; ++i) + { + BigInt v = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); + params.push_back(v); + } } + else + throw Decoding_Error("Unsupported server key exchange type"); - params.push_back(BigInt::decode(values[0])); - params.push_back(BigInt::decode(values[1])); - if(values[3].size()) + if(sig_alg != TLS_ALGO_SIGNER_ANON) { - params.push_back(BigInt::decode(values[2])); - signature = values[3]; + if(version < TLS_V12) + hash_algo = TLS_ALGO_NONE; // use old defaults + else + hash_algo = Signature_Algorithms::hash_algo_code(reader.get_byte()); + + signature = reader.get_range<byte>(2, 0, 65535); } - else - signature = values[2]; } /** @@ -128,7 +138,7 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert, std::auto_ptr<Public_Key> key(cert.subject_public_key()); std::pair<std::string, Signature_Format> format = - state->choose_sig_format(key.get(), false); + state->choose_sig_format(key.get(), hash_algo, false); PK_Verifier verifier(*key, format.first, format.second); diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index ef96c04fb..c8fcd8144 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -277,7 +277,19 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, state->set_expected_next(CERTIFICATE_REQUEST); // optional state->set_expected_next(SERVER_HELLO_DONE); - state->server_kex = new Server_Key_Exchange(contents); + state->server_kex = new Server_Key_Exchange(contents, + state->suite.kex_type(), + state->suite.sig_type(), + state->version); + + if(state->suite.sig_type() != TLS_ALGO_SIGNER_ANON) + { + if(!state->server_kex->verify(peer_certs[0], state)) + { + throw TLS_Exception(DECRYPT_ERROR, + "Bad signature on server key exchange"); + } + } if(state->kex_pub) delete state->kex_pub; @@ -290,15 +302,6 @@ void TLS_Client::process_handshake_msg(Handshake_Type type, throw TLS_Exception(HANDSHAKE_FAILURE, "Server sent DH key but negotiated something else"); } - - if(state->suite.sig_type() != TLS_ALGO_SIGNER_ANON) - { - if(!state->server_kex->verify(peer_certs[0], state)) - { - throw TLS_Exception(DECRYPT_ERROR, - "Bad signature on server key exchange"); - } - } } else if(type == CERTIFICATE_REQUEST) { diff --git a/src/tls/tls_extensions.cpp b/src/tls/tls_extensions.cpp index d414a979d..9f80744f9 100644 --- a/src/tls/tls_extensions.cpp +++ b/src/tls/tls_extensions.cpp @@ -288,7 +288,7 @@ TLS_Ciphersuite_Algos Signature_Algorithms::hash_algo_code(byte code) case 6: return TLS_ALGO_HASH_SHA512; default: - return TLS_ALGO_UNKNOWN; + return TLS_ALGO_NONE; } } @@ -324,7 +324,7 @@ TLS_Ciphersuite_Algos Signature_Algorithms::sig_algo_code(byte code) case 3: return TLS_ALGO_SIGNER_ECDSA; default: - return TLS_ALGO_UNKNOWN; + return TLS_ALGO_NONE; } } @@ -399,7 +399,7 @@ Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader, TLS_Ciphersuite_Algos sig_code = sig_algo_code(reader.get_byte()); // If not something we know, ignore completely - if(hash_code == TLS_ALGO_UNKNOWN || sig_code == TLS_ALGO_UNKNOWN) + if(hash_code == TLS_ALGO_NONE || sig_code == TLS_ALGO_NONE) continue; m_supported_algos.push_back(std::make_pair(hash_code, sig_code)); diff --git a/src/tls/tls_extensions.h b/src/tls/tls_extensions.h index 94be97d7f..1811bab01 100644 --- a/src/tls/tls_extensions.h +++ b/src/tls/tls_extensions.h @@ -182,6 +182,12 @@ class Next_Protocol_Notification : public TLS_Extension class Signature_Algorithms : public TLS_Extension { public: + static TLS_Ciphersuite_Algos hash_algo_code(byte code); + static byte hash_algo_code(TLS_Ciphersuite_Algos code); + + static TLS_Ciphersuite_Algos sig_algo_code(byte code); + static byte sig_algo_code(TLS_Ciphersuite_Algos code); + TLS_Handshake_Extension_Type type() const { return TLSEXT_NEXT_PROTOCOL; } @@ -200,12 +206,6 @@ class Signature_Algorithms : public TLS_Extension Signature_Algorithms(TLS_Data_Reader& reader, u16bit extension_size); private: - static TLS_Ciphersuite_Algos hash_algo_code(byte code); - static byte hash_algo_code(TLS_Ciphersuite_Algos code); - - static TLS_Ciphersuite_Algos sig_algo_code(byte code); - static byte sig_algo_code(TLS_Ciphersuite_Algos code); - std::vector<std::pair<TLS_Ciphersuite_Algos, TLS_Ciphersuite_Algos> > m_supported_algos; }; diff --git a/src/tls/tls_handshake_hash.cpp b/src/tls/tls_handshake_hash.cpp index 9621af535..14d5cd5a1 100644 --- a/src/tls/tls_handshake_hash.cpp +++ b/src/tls/tls_handshake_hash.cpp @@ -6,8 +6,10 @@ */ #include <botan/internal/tls_handshake_hash.h> +#include <botan/tls_exceptn.h> #include <botan/md5.h> #include <botan/sha160.h> +#include <botan/sha2_32.h> #include <memory> namespace Botan { @@ -27,17 +29,32 @@ void TLS_Handshake_Hash::update(Handshake_Type handshake_type, /** * Return a TLS Handshake Hash */ -SecureVector<byte> TLS_Handshake_Hash::final() +SecureVector<byte> TLS_Handshake_Hash::final(Version_Code version) { - MD5 md5; - SHA_160 sha1; + SecureVector<byte> output; - md5.update(data); - sha1.update(data); + if(version == TLS_V10 || version == TLS_V11) + { + MD5 md5; + SHA_160 sha1; + + md5.update(data); + sha1.update(data); + + output += md5.final(); + output += sha1.final(); + } + else if(version == TLS_V12) + { + // This might depend on the ciphersuite + SHA_256 sha256; + sha256.update(data); + output += sha256.final(); + } + else + throw TLS_Exception(PROTOCOL_VERSION, + "Unknown version for handshake hashes"); - SecureVector<byte> output; - output += md5.final(); - output += sha1.final(); return output; } diff --git a/src/tls/tls_handshake_hash.h b/src/tls/tls_handshake_hash.h index 4ee1fc1b9..1ca11b99f 100644 --- a/src/tls/tls_handshake_hash.h +++ b/src/tls/tls_handshake_hash.h @@ -33,8 +33,8 @@ class TLS_Handshake_Hash void update(Handshake_Type handshake_type, const MemoryRegion<byte>& handshake_msg); - SecureVector<byte> final(); - SecureVector<byte> final_ssl3(const MemoryRegion<byte>&); + SecureVector<byte> final(Version_Code version); + SecureVector<byte> final_ssl3(const MemoryRegion<byte>& master_secret); const SecureVector<byte>& get_contents() const { return data; } diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp index f2f6a2baf..a816e9f6a 100644 --- a/src/tls/tls_handshake_state.cpp +++ b/src/tls/tls_handshake_state.cpp @@ -130,7 +130,9 @@ bool TLS_Handshake_State::received_handshake_msg(Handshake_Type handshake_msg) c } std::pair<std::string, Signature_Format> -TLS_Handshake_State::choose_sig_format(const Public_Key* key, bool for_client_auth) +TLS_Handshake_State::choose_sig_format(const Public_Key* key, + TLS_Ciphersuite_Algos hash_algo, + bool for_client_auth) { const std::string algo_name = key->algo_name(); @@ -140,8 +142,13 @@ TLS_Handshake_State::choose_sig_format(const Public_Key* key, bool for_client_au if(for_client_auth && this->version == SSL_V3) padding = "EMSA3(Raw)"; - else + else if(hash_algo == TLS_ALGO_NONE) padding = "EMSA3(TLS.Digest.0)"; + else + { + std::string hash = TLS_Cipher_Suite::hash_code_to_name(hash_algo); + padding = "EMSA3(" + hash + ")"; + } return std::make_pair(padding, IEEE_1363); } @@ -151,8 +158,13 @@ TLS_Handshake_State::choose_sig_format(const Public_Key* key, bool for_client_au if(for_client_auth && this->version == SSL_V3) padding = "Raw"; - else + else if(hash_algo == TLS_ALGO_NONE) padding = "EMSA1(SHA-1)"; + else + { + std::string hash = TLS_Cipher_Suite::hash_code_to_name(hash_algo); + padding = "EMSA1(" + hash + ")"; + } return std::make_pair(padding, DER_SEQUENCE); } diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h index e58a83f3e..1beaf74b3 100644 --- a/src/tls/tls_handshake_state.h +++ b/src/tls/tls_handshake_state.h @@ -47,7 +47,9 @@ class TLS_Handshake_State void set_expected_next(Handshake_Type handshake_msg); std::pair<std::string, Signature_Format> - choose_sig_format(const Public_Key* key, bool for_client_auth); + choose_sig_format(const Public_Key* key, + TLS_Ciphersuite_Algos hash_algo, + bool for_client_auth); Version_Code version; diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h index 231ac363f..ac3c562dc 100644 --- a/src/tls/tls_magic.h +++ b/src/tls/tls_magic.h @@ -167,7 +167,7 @@ enum Ciphersuite_Code { * being randomly assigned codepoints. */ enum TLS_Ciphersuite_Algos { - TLS_ALGO_UNKNOWN = 0x00000000, + TLS_ALGO_NONE = 0x00000000, TLS_ALGO_SIGNER_MASK = 0xFF000000, TLS_ALGO_SIGNER_ANON = 0x01000000, diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index d3735972e..f2052c5e7 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -300,6 +300,7 @@ class Certificate_Verify : public Handshake_Message private: MemoryVector<byte> serialize() const; + TLS_Ciphersuite_Algos hash_algo; // hash used to create signature MemoryVector<byte> signature; }; @@ -360,12 +361,17 @@ class Server_Key_Exchange : public Handshake_Message RandomNumberGenerator& rng, const Private_Key* priv_key); - Server_Key_Exchange(const MemoryRegion<byte>& buf); + Server_Key_Exchange(const MemoryRegion<byte>& buf, + TLS_Ciphersuite_Algos kex_alg, + TLS_Ciphersuite_Algos sig_alg, + Version_Code version); private: MemoryVector<byte> serialize() const; MemoryVector<byte> serialize_params() const; std::vector<BigInt> params; + + TLS_Ciphersuite_Algos hash_algo; // hash used to create signature MemoryVector<byte> signature; }; diff --git a/src/tls/tls_reader.h b/src/tls/tls_reader.h index 6a0bcd5b1..3f7123b89 100644 --- a/src/tls/tls_reader.h +++ b/src/tls/tls_reader.h @@ -151,10 +151,9 @@ class TLS_Data_Reader void assert_at_least(size_t n) const { if(buf.size() - offset < n) - { - abort(); - throw Decoding_Error("TLS_Data_Reader: Corrupt packet"); - } + throw Decoding_Error("TLS_Data_Reader: Expected " + to_string(n) + + "bytes remaining, only " + to_string(buf.size()-offset) + + " left"); } const MemoryRegion<byte>& buf; diff --git a/src/tls/tls_session_key.cpp b/src/tls/tls_session_key.cpp index 66a02542b..cb55499f0 100644 --- a/src/tls/tls_session_key.cpp +++ b/src/tls/tls_session_key.cpp @@ -21,6 +21,8 @@ std::string lookup_prf_name(Version_Code version) return "SSL3-PRF"; else if(version == TLS_V10 || version == TLS_V11) return "TLS-PRF"; + else if(version == TLS_V12) + return "TLS-12-PRF(SHA-256)"; else throw Invalid_Argument("Session_Keys: Unknown version code"); } diff --git a/src/tls/tls_suites.cpp b/src/tls/tls_suites.cpp index 3b715b04c..f3a967b3e 100644 --- a/src/tls/tls_suites.cpp +++ b/src/tls/tls_suites.cpp @@ -254,9 +254,8 @@ TLS_Ciphersuite_Algos TLS_Cipher_Suite::lookup_ciphersuite(u16bit suite) return TLS_Ciphersuite_Algos(0); } -namespace { - -std::pair<std::string, size_t> cipher_code_to_name(TLS_Ciphersuite_Algos algo) +std::pair<std::string, size_t> +TLS_Cipher_Suite::cipher_code_to_name(TLS_Ciphersuite_Algos algo) { if((algo & TLS_ALGO_CIPHER_MASK) == TLS_ALGO_CIPHER_RC4_128) return std::make_pair("ARC4", 16); @@ -277,7 +276,7 @@ std::pair<std::string, size_t> cipher_code_to_name(TLS_Ciphersuite_Algos algo) "TLS_Cipher_Suite: Unknown cipher type " + to_string(algo)); } -std::string mac_code_to_name(TLS_Ciphersuite_Algos algo) +std::string TLS_Cipher_Suite::hash_code_to_name(TLS_Ciphersuite_Algos algo) { if((algo & TLS_ALGO_HASH_MASK) == TLS_ALGO_HASH_MD5) return "MD5"; @@ -301,8 +300,6 @@ std::string mac_code_to_name(TLS_Ciphersuite_Algos algo) "TLS_Cipher_Suite: Unknown MAC type " + to_string(algo)); } -} - /** * TLS_Cipher_Suite Constructor */ @@ -325,7 +322,7 @@ TLS_Cipher_Suite::TLS_Cipher_Suite(u16bit suite_code) cipher = cipher_info.first; cipher_key_length = cipher_info.second; - mac = mac_code_to_name(algos); + mac = hash_code_to_name(algos); } } diff --git a/src/tls/tls_suites.h b/src/tls/tls_suites.h index 3256dc198..adb40a692 100644 --- a/src/tls/tls_suites.h +++ b/src/tls/tls_suites.h @@ -22,6 +22,11 @@ class BOTAN_DLL TLS_Cipher_Suite public: static TLS_Ciphersuite_Algos lookup_ciphersuite(u16bit suite); + static std::pair<std::string, size_t> + cipher_code_to_name(TLS_Ciphersuite_Algos algo); + + static std::string hash_code_to_name(TLS_Ciphersuite_Algos algo); + std::string cipher_algo() const { return cipher; } std::string mac_algo() const { return mac; } |