aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <lloyd@randombit.net>2012-01-27 21:00:21 +0000
committerlloyd <lloyd@randombit.net>2012-01-27 21:00:21 +0000
commitb0180988f9282099ae1f3e0118adcd657c18b982 (patch)
treeda7bc167e70624d325f1805b9a3bbdedfc858cdb /src
parent1bb039c61c9b372e5780a1bceaf673b0be459f17 (diff)
Change naming convention to match RFCs
Diffstat (limited to 'src')
-rw-r--r--src/tls/c_kex.cpp14
-rw-r--r--src/tls/s_kex.cpp12
-rw-r--r--src/tls/tls_ciphersuite.cpp24
-rw-r--r--src/tls/tls_client.cpp2
-rw-r--r--src/tls/tls_policy.cpp4
5 files changed, 26 insertions, 30 deletions
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp
index 434dd6ed7..36fc39b34 100644
--- a/src/tls/c_kex.cpp
+++ b/src/tls/c_kex.cpp
@@ -84,7 +84,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
SymmetricKey psk;
- if(kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE")
+ if(kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
std::string identity_hint = reader.get_string(2, 0, 65535);
@@ -99,7 +99,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
psk = creds.psk("tls-client", hostname, psk_identity);
}
- if(kex_algo == "DH" || kex_algo == "PSK_DHE")
+ if(kex_algo == "DH" || kex_algo == "DHE_PSK")
{
BigInt p = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
@@ -134,7 +134,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
append_tls_length_value(key_material, priv_key.public_value(), 2);
}
- else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE")
+ else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK")
{
const byte curve_type = reader.get_byte();
@@ -275,7 +275,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
SymmetricKey psk;
- if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE")
+ if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
const std::string psk_identity = reader.get_string(2, 0, 65535);
@@ -300,8 +300,8 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
append_tls_length_value(pre_master, zeros, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
}
- else if(kex_algo == "DH" || kex_algo == "PSK_DHE" ||
- kex_algo == "ECDH" || kex_algo == "PSK_ECDHE")
+ else if(kex_algo == "DH" || kex_algo == "DHE_PSK" ||
+ kex_algo == "ECDH" || kex_algo == "ECDHE_PSK")
{
const Private_Key& private_key = state->server_kex->server_kex_key();
@@ -328,7 +328,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
if(ka_key->algo_name() == "DH")
shared_secret = strip_leading_zeros(shared_secret);
- if(kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE")
+ if(kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
append_tls_length_value(pre_master, shared_secret, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp
index 951107045..f25205e99 100644
--- a/src/tls/s_kex.cpp
+++ b/src/tls/s_kex.cpp
@@ -35,7 +35,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
{
const std::string kex_algo = state->suite.kex_algo();
- if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE")
+ if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
std::string identity_hint =
creds.psk_identity_hint("tls-server",
@@ -44,7 +44,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
append_tls_length_value(m_params, identity_hint, 2);
}
- if(kex_algo == "DH" || kex_algo == "PSK_DHE")
+ if(kex_algo == "DH" || kex_algo == "DHE_PSK")
{
std::auto_ptr<DH_PrivateKey> dh(new DH_PrivateKey(rng, policy.dh_group()));
@@ -53,7 +53,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
append_tls_length_value(m_params, dh->public_value(), 2);
m_kex_key = dh.release();
}
- else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE")
+ else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK")
{
const std::vector<std::string>& curves =
state->client_hello->supported_ecc_curves();
@@ -128,13 +128,13 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
* to be able to parse the whole thing anyway.
*/
- if(kex_algo == "PSK" || kex_algo == "PSK_DHE" || kex_algo == "PSK_ECDHE")
+ if(kex_algo == "PSK" || kex_algo == "DHE_PSK" || kex_algo == "ECDHE_PSK")
{
const std::string identity_hint = reader.get_string(2, 0, 65535);
append_tls_length_value(m_params, identity_hint, 2);
}
- if(kex_algo == "DH" || kex_algo == "PSK_DHE")
+ if(kex_algo == "DH" || kex_algo == "DHE_PSK")
{
// 3 bigints, DH p, g, Y
@@ -144,7 +144,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
append_tls_length_value(m_params, BigInt::encode(v), 2);
}
}
- else if(kex_algo == "ECDH" || kex_algo == "PSK_ECDHE")
+ else if(kex_algo == "ECDH" || kex_algo == "ECDHE_PSK")
{
const byte curve_type = reader.get_byte();
diff --git a/src/tls/tls_ciphersuite.cpp b/src/tls/tls_ciphersuite.cpp
index 6eeb6931d..15a8d5e12 100644
--- a/src/tls/tls_ciphersuite.cpp
+++ b/src/tls/tls_ciphersuite.cpp
@@ -149,36 +149,36 @@ Ciphersuite Ciphersuite::lookup_ciphersuite(u16bit suite)
// PSK+DH ciphersuites
case TLS_DHE_PSK_WITH_RC4_128_SHA:
- return Ciphersuite("", "PSK_DHE", "SHA-1", "ARC4", 16);
+ return Ciphersuite("", "DHE_PSK", "SHA-1", "ARC4", 16);
case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
- return Ciphersuite("", "PSK_DHE", "SHA-1", "3DES", 24);
+ return Ciphersuite("", "DHE_PSK", "SHA-1", "3DES", 24);
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
- return Ciphersuite("", "PSK_DHE", "SHA-1", "AES-128", 16);
+ return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-128", 16);
case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
- return Ciphersuite("", "PSK_DHE", "SHA-256", "AES-128", 16);
+ return Ciphersuite("", "DHE_PSK", "SHA-256", "AES-128", 16);
case TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
- return Ciphersuite("", "PSK_DHE", "SHA-1", "AES-256", 32);
+ return Ciphersuite("", "DHE_PSK", "SHA-1", "AES-256", 32);
// PSK+ECDH ciphersuites
case TLS_ECDHE_PSK_WITH_RC4_128_SHA:
- return Ciphersuite("", "PSK_ECDHE", "SHA-1", "ARC4", 16);
+ return Ciphersuite("", "ECDHE_PSK", "SHA-1", "ARC4", 16);
case TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
- return Ciphersuite("", "PSK_ECDHE", "SHA-1", "3DES", 24);
+ return Ciphersuite("", "ECDHE_PSK", "SHA-1", "3DES", 24);
case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
- return Ciphersuite("", "PSK_ECDHE", "SHA-1", "AES-128", 16);
+ return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-128", 16);
case TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
- return Ciphersuite("", "PSK_ECDHE", "SHA-256", "AES-128", 16);
+ return Ciphersuite("", "ECDHE_PSK", "SHA-256", "AES-128", 16);
case TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
- return Ciphersuite("", "PSK_ECDHE", "SHA-1", "AES-256", 32);
+ return Ciphersuite("", "ECDHE_PSK", "SHA-1", "AES-256", 32);
// SRP/RSA ciphersuites
@@ -228,10 +228,6 @@ std::string Ciphersuite::to_string() const
out << "ECDHE";
else if(kex_algo() == "SRP")
out << "SRP_SHA";
- else if(kex_algo() == "PSK_DHE")
- out << "DHE_PSK";
- else if(kex_algo() == "PSK_ECDHE")
- out << "ECDHE_PSK";
else
out << kex_algo();
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 39b0d3e59..5c7b50abc 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -227,7 +227,7 @@ void Client::process_handshake_msg(Handshake_Type type,
ever sent. The server may or may not send a server kex,
depending on if it has an identity hint for us.
- PSK_DHE always sends a server key exchange for the DH
+ DHE_PSK always sends a server key exchange for the DH
exchange portion.
*/
diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp
index 34db6d59e..f0ad89a6a 100644
--- a/src/tls/tls_policy.cpp
+++ b/src/tls/tls_policy.cpp
@@ -47,8 +47,8 @@ std::vector<std::string> Policy::allowed_key_exchange_methods() const
std::vector<std::string> allowed;
//allowed.push_back("SRP");
- //allowed.push_back("PSK_ECDHE");
- //allowed.push_back("PSK_DHE");
+ //allowed.push_back("ECDHE_PSK");
+ //allowed.push_back("DHE_PSK");
//allowed.push_back("PSK");
allowed.push_back("ECDH");
allowed.push_back("DH");