Add format() hook to Handshake_Writer, so that Handshake_Hash does not

need to know what the handshake format is. Remove unused functions from Handshake_Hash and store all handshake data as a plain std::vector, since as handshake information it is not sensitive.
author: lloyd <[email protected]> 2012-07-28 19:35:09 +0000
committer: lloyd <[email protected]> 2012-07-28 19:35:09 +0000
commit: 9e52358bb627c68d0e8c94a2a12d5e46aa6376d3 (patch)
tree: 45a0236bb019c9f46552006574f0fbfb983da35a /src
parent: 4d0008edca9d3c0a119518e7d9b49c81d7dbe33c (diff)
6 files changed, 34 insertions, 39 deletions
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index a62bcbba5..fe25736d7 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -181,7 +181,7 @@ void Client::process_handshake_msg(Handshake_Type type,
    m_state->confirm_transition_to(type);
 
    if(type != HANDSHAKE_CCS && type != FINISHED)
-      m_state->hash.update(type, contents);
+      m_state->hash.update(m_state->handshake_writer().format(contents, type));
 
    if(type == SERVER_HELLO)
       {
@@ -444,7 +444,7 @@ void Client::process_handshake_msg(Handshake_Type type,
          throw TLS_Exception(Alert::DECRYPT_ERROR,
                              "Finished message didn't verify");
 
-      m_state->hash.update(type, contents);
+      m_state->hash.update(m_state->handshake_writer().format(contents, type));
 
       if(!m_state->client_finished) // session resume case
          {
diff --git a/src/tls/tls_handshake_hash.cpp b/src/tls/tls_handshake_hash.cpp
index df956e7bb..fd9d93bb2 100644
--- a/src/tls/tls_handshake_hash.cpp
+++ b/src/tls/tls_handshake_hash.cpp
@@ -1,6 +1,6 @@
 /*
 * TLS Handshake Hash
-* (C) 2004-2006,2011 Jack Lloyd
+* (C) 2004-2006,2011,2012 Jack Lloyd
 *
 * Released under the terms of the Botan license
 */
@@ -15,23 +15,11 @@ namespace Botan {
 
 namespace TLS {
 
-void Handshake_Hash::update(Handshake_Type handshake_type,
-                            const std::vector<byte>& handshake_msg)
-   {
-   update(static_cast<byte>(handshake_type));
-
-   const size_t record_length = handshake_msg.size();
-   for(size_t i = 0; i != 3; i++)
-      update(get_byte<u32bit>(i+1, record_length));
-
-   update(handshake_msg);
-   }
-
 /**
 * Return a TLS Handshake Hash
 */
 secure_vector<byte> Handshake_Hash::final(Protocol_Version version,
-                                         const std::string& mac_algo)
+                                          const std::string& mac_algo)
    {
    Algorithm_Factory& af = global_state().algorithm_factory();
 
diff --git a/src/tls/tls_handshake_hash.h b/src/tls/tls_handshake_hash.h
index 02943977f..bf6c8ff8b 100644
--- a/src/tls/tls_handshake_hash.h
+++ b/src/tls/tls_handshake_hash.h
@@ -1,6 +1,6 @@
 /*
 * TLS Handshake Hash
-* (C) 2004-2006,2011 Jack Lloyd
+* (C) 2004-2006,2011,2012 Jack Lloyd
 *
 * Released under the terms of the Botan license
 */
@@ -27,28 +27,19 @@ class Handshake_Hash
       void update(const byte in[], size_t length)
          { data += std::make_pair(in, length); }
 
-      void update(const secure_vector<byte>& in)
-         { data += in; }
-
       void update(const std::vector<byte>& in)
          { data += in; }
 
-      void update(byte in)
-         { data.push_back(in); }
-
-      void update(Handshake_Type handshake_type,
-                  const std::vector<byte>& handshake_msg);
-
       secure_vector<byte> final(Protocol_Version version,
                                const std::string& mac_algo);
 
       secure_vector<byte> final_ssl3(const secure_vector<byte>& master_secret);
 
-      const secure_vector<byte>& get_contents() const
+      const std::vector<byte>& get_contents() const
          { return data; }
 
    private:
-      secure_vector<byte> data;
+      std::vector<byte> data;
    };
 
 }
diff --git a/src/tls/tls_handshake_writer.cpp b/src/tls/tls_handshake_writer.cpp
index f3bb30965..7af9a3f52 100644
--- a/src/tls/tls_handshake_writer.cpp
+++ b/src/tls/tls_handshake_writer.cpp
@@ -25,24 +25,32 @@ void store_be24(byte* out, size_t val)
 
 }
 
-std::vector<byte> Stream_Handshake_Writer::send(Handshake_Message& msg)
+std::vector<byte>
+Stream_Handshake_Writer::format(const std::vector<byte>& msg,
+                                Handshake_Type type)
    {
-   const std::vector<byte> buf = msg.serialize();
-   std::vector<byte> send_buf(4);
+   std::vector<byte> send_buf(4 + msg.size());
 
-   const size_t buf_size = buf.size();
+   const size_t buf_size = msg.size();
 
-   send_buf[0] = msg.type();
+   send_buf[0] = type;
 
    store_be24(&send_buf[1], buf_size);
 
-   send_buf += buf;
-
-   m_writer.send(HANDSHAKE, &send_buf[0], send_buf.size());
+   copy_mem(&send_buf[4], &msg[0], msg.size());
 
    return send_buf;
    }
 
+std::vector<byte> Stream_Handshake_Writer::send(Handshake_Message& msg)
+   {
+   const std::vector<byte> buf = format(msg.serialize(), msg.type());
+
+   m_writer.send(HANDSHAKE, &buf[0], buf.size());
+
+   return buf;
+   }
+
 }
 
 }
diff --git a/src/tls/tls_handshake_writer.h b/src/tls/tls_handshake_writer.h
index 0d6ddb0a0..7edf28e74 100644
--- a/src/tls/tls_handshake_writer.h
+++ b/src/tls/tls_handshake_writer.h
@@ -29,6 +29,10 @@ class Handshake_Writer
    public:
       virtual std::vector<byte> send(Handshake_Message& msg) = 0;
 
+      virtual std::vector<byte> format(
+         const std::vector<byte>& handshake_msg,
+         Handshake_Type handshake_type) = 0;
+
       virtual ~Handshake_Writer() {}
    };
 
@@ -41,6 +45,10 @@ class Stream_Handshake_Writer : public Handshake_Writer
       Stream_Handshake_Writer(Record_Writer& writer) : m_writer(writer) {}
 
       std::vector<byte> send(Handshake_Message& msg) override;
+
+      std::vector<byte> format(
+         const std::vector<byte>& handshake_msg,
+         Handshake_Type handshake_type) override;
    private:
       Record_Writer& m_writer;
    };
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index d6d408db5..a88675de7 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -271,7 +271,7 @@ void Server::process_handshake_msg(Handshake_Type type,
       if(type == CLIENT_HELLO_SSLV2)
          m_state->hash.update(contents);
       else
-         m_state->hash.update(type, contents);
+         m_state->hash.update(m_state->handshake_writer().format(contents, type));
       }
 
    if(type == CLIENT_HELLO || type == CLIENT_HELLO_SSLV2)
@@ -580,7 +580,7 @@ void Server::process_handshake_msg(Handshake_Type type,
       const bool sig_valid =
          m_state->client_verify->verify(m_peer_certs[0], m_state);
 
-      m_state->hash.update(type, contents);
+      m_state->hash.update(m_state->handshake_writer().format(contents, type));
 
       /*
       * Using DECRYPT_ERROR looks weird here, but per RFC 4346 is for
@@ -633,7 +633,7 @@ void Server::process_handshake_msg(Handshake_Type type,
          {
          // already sent finished if resuming, so this is a new session
 
-         m_state->hash.update(type, contents);
+         m_state->hash.update(m_state->handshake_writer().format(contents, type));
 
          Session session_info(
             m_state->server_hello->session_id(),
author	lloyd <[email protected]>	2012-07-28 19:35:09 +0000
committer	lloyd <[email protected]>	2012-07-28 19:35:09 +0000
commit	9e52358bb627c68d0e8c94a2a12d5e46aa6376d3 (patch)
tree	45a0236bb019c9f46552006574f0fbfb983da35a /src
parent	4d0008edca9d3c0a119518e7d9b49c81d7dbe33c (diff)