diff options
author | lloyd <lloyd@randombit.net> | 2012-01-27 21:00:21 +0000 |
---|---|---|
committer | lloyd <lloyd@randombit.net> | 2012-01-27 21:00:21 +0000 |
commit | b0180988f9282099ae1f3e0118adcd657c18b982 (patch) | |
tree | da7bc167e70624d325f1805b9a3bbdedfc858cdb /src | |
parent | 1bb039c61c9b372e5780a1bceaf673b0be459f17 (diff) |
Change naming convention to match RFCs
Diffstat (limited to 'src')
-rw-r--r-- | src/tls/c_kex.cpp | 14 | ||||
-rw-r--r-- | src/tls/s_kex.cpp | 12 | ||||
-rw-r--r-- | src/tls/tls_ciphersuite.cpp | 24 | ||||
-rw-r--r-- | src/tls/tls_client.cpp | 2 | ||||
-rw-r--r-- | src/tls/tls_policy.cpp | 4 |
5 files changed, 26 insertions, 30 deletions
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp index 434dd6ed7..36fc39b34 100644 --- a/src/tls/c_kex.cpp +++ b/src/tls/c_kex.cpp @@ -84,7 +84,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer, SymmetricKey psk; - if(kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + if(kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK") { std::string identity_hint = reader.get_string(2, 0, 65535); @@ -99,7 +99,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer, psk = creds.psk("tls-client", hostname, psk_identity); } - if(kex_algo == "DH" || kex_algo == "PSK_DHE") + if(kex_algo == "DH" || kex_algo == "DHE_PSK") { BigInt p = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535)); @@ -134,7 +134,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer, append_tls_length_value(key_material, priv_key.public_value(), 2); } - else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") + else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK") { const byte curve_type = reader.get_byte(); @@ -275,7 +275,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents, SymmetricKey psk; - if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK") { const std::string psk_identity = reader.get_string(2, 0, 65535); @@ -300,8 +300,8 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents, append_tls_length_value(pre_master, zeros, 2); append_tls_length_value(pre_master, psk.bits_of(), 2); } - else if(kex_algo == "DH" || kex_algo == "PSK_DHE" || - kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") + else if(kex_algo == "DH" || kex_algo == "DHE_PSK" || + kex_algo == "ECDH" || kex_algo == "ECDHE_PSK") { const Private_Key& private_key = state->server_kex->server_kex_key(); @@ -328,7 +328,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents, if(ka_key->algo_name() == "DH") shared_secret = strip_leading_zeros(shared_secret); - if(kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + if(kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK") { append_tls_length_value(pre_master, shared_secret, 2); append_tls_length_value(pre_master, psk.bits_of(), 2); diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index 951107045..f25205e99 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -35,7 +35,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, { const std::string kex_algo = state->suite.kex_algo(); - if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK") { std::string identity_hint = creds.psk_identity_hint("tls-server", @@ -44,7 +44,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, append_tls_length_value(m_params, identity_hint, 2); } - if(kex_algo == "DH" || kex_algo == "PSK_DHE") + if(kex_algo == "DH" || kex_algo == "DHE_PSK") { std::auto_ptr<DH_PrivateKey> dh(new DH_PrivateKey(rng, policy.dh_group())); @@ -53,7 +53,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, append_tls_length_value(m_params, dh->public_value(), 2); m_kex_key = dh.release(); } - else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") + else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK") { const std::vector<std::string>& curves = state->client_hello->supported_ecc_curves(); @@ -128,13 +128,13 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, * to be able to parse the whole thing anyway. */ - if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE") + if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK") { const std::string identity_hint = reader.get_string(2, 0, 65535); append_tls_length_value(m_params, identity_hint, 2); } - if(kex_algo == "DH" || kex_algo == "PSK_DHE") + if(kex_algo == "DH" || kex_algo == "DHE_PSK") { // 3 bigints, DH p, g, Y @@ -144,7 +144,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, append_tls_length_value(m_params, BigInt::encode(v), 2); } } - else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE") + else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK") { const byte curve_type = reader.get_byte(); diff --git a/src/tls/tls_ciphersuite.cpp b/src/tls/tls_ciphersuite.cpp index 6eeb6931d..15a8d5e12 100644 --- a/src/tls/tls_ciphersuite.cpp +++ b/src/tls/tls_ciphersuite.cpp @@ -149,36 +149,36 @@ Ciphersuite Ciphersuite::lookup_ciphersuite(u16bit suite) // PSK+DH ciphersuites case TLS_DHE_PSK_WITH_RC4_128_SHA: - return Ciphersuite("", "PSK_DHE", "SHA-1", "ARC4", 16); + return Ciphersuite("", "DHE_PSK", "SHA-1", "ARC4", 16); case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: - return Ciphersuite("", "PSK_DHE", "SHA-1", "3DES", 24); + return Ciphersuite("", "DHE_PSK", "SHA-1", "3DES", 24); case TLS_DHE_PSK_WITH_AES_128_CBC_SHA: - return Ciphersuite("", "PSK_DHE", "SHA-1", "AES-128", 16); + return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-128", 16); case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: - return Ciphersuite("", "PSK_DHE", "SHA-256", "AES-128", 16); + return Ciphersuite("", "DHE_PSK", "SHA-256", "AES-128", 16); case TLS_DHE_PSK_WITH_AES_256_CBC_SHA: - return Ciphersuite("", "PSK_DHE", "SHA-1", "AES-256", 32); + return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-256", 32); // PSK+ECDH ciphersuites case TLS_ECDHE_PSK_WITH_RC4_128_SHA: - return Ciphersuite("", "PSK_ECDHE", "SHA-1", "ARC4", 16); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "ARC4", 16); case TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA: - return Ciphersuite("", "PSK_ECDHE", "SHA-1", "3DES", 24); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "3DES", 24); case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA: - return Ciphersuite("", "PSK_ECDHE", "SHA-1", "AES-128", 16); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-128", 16); case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256: - return Ciphersuite("", "PSK_ECDHE", "SHA-256", "AES-128", 16); + return Ciphersuite("", "ECDHE_PSK", "SHA-256", "AES-128", 16); case TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA: - return Ciphersuite("", "PSK_ECDHE", "SHA-1", "AES-256", 32); + return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-256", 32); // SRP/RSA ciphersuites @@ -228,10 +228,6 @@ std::string Ciphersuite::to_string() const out << "ECDHE"; else if(kex_algo() == "SRP") out << "SRP_SHA"; - else if(kex_algo() == "PSK_DHE") - out << "DHE_PSK"; - else if(kex_algo() == "PSK_ECDHE") - out << "ECDHE_PSK"; else out << kex_algo(); diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index 39b0d3e59..5c7b50abc 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -227,7 +227,7 @@ void Client::process_handshake_msg(Handshake_Type type, ever sent. The server may or may not send a server kex, depending on if it has an identity hint for us. - PSK_DHE always sends a server key exchange for the DH + DHE_PSK always sends a server key exchange for the DH exchange portion. */ diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 34db6d59e..f0ad89a6a 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -47,8 +47,8 @@ std::vector<std::string> Policy::allowed_key_exchange_methods() const std::vector<std::string> allowed; //allowed.push_back("SRP"); - //allowed.push_back("PSK_ECDHE"); - //allowed.push_back("PSK_DHE"); + //allowed.push_back("ECDHE_PSK"); + //allowed.push_back("DHE_PSK"); //allowed.push_back("PSK"); allowed.push_back("ECDH"); allowed.push_back("DH"); |