aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/ssl/c_kex.cpp13
-rw-r--r--src/ssl/cert_req.cpp12
-rw-r--r--src/ssl/hello.cpp22
-rw-r--r--src/ssl/info.txt2
-rw-r--r--src/ssl/s_kex.cpp15
-rw-r--r--src/ssl/tls_reader.h43
6 files changed, 60 insertions, 47 deletions
diff --git a/src/ssl/c_kex.cpp b/src/ssl/c_kex.cpp
index 3ce4a2f06..0f20b819c 100644
--- a/src/ssl/c_kex.cpp
+++ b/src/ssl/c_kex.cpp
@@ -77,17 +77,14 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
*/
SecureVector<byte> Client_Key_Exchange::serialize() const
{
- SecureVector<byte> buf;
-
if(include_length)
{
- u16bit key_size = key_material.size();
- buf.push_back(get_byte(0, key_size));
- buf.push_back(get_byte(1, key_size));
+ SecureVector<byte> buf;
+ append_tls_length_value(buf, key_material, 2);
+ return buf;
}
- buf += key_material;
-
- return buf;
+ else
+ return key_material;
}
/**
diff --git a/src/ssl/cert_req.cpp b/src/ssl/cert_req.cpp
index f30bc2fd7..e72ffe735 100644
--- a/src/ssl/cert_req.cpp
+++ b/src/ssl/cert_req.cpp
@@ -6,6 +6,7 @@
*/
#include <botan/internal/tls_messages.h>
+#include <botan/internal/tls_reader.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
#include <botan/loadstor.h>
@@ -37,20 +38,13 @@ SecureVector<byte> Certificate_Req::serialize() const
{
SecureVector<byte> buf;
- buf.push_back(types.size());
- for(u32bit i = 0; i != types.size(); i++)
- buf.push_back(types[i]);
+ append_tls_length_value(buf, types, 1);
DER_Encoder encoder;
for(u32bit i = 0; i != names.size(); i++)
encoder.encode(names[i]);
- SecureVector<byte> der_names = encoder.get_contents();
- u16bit names_size = der_names.size();
-
- buf.push_back(get_byte(0, names_size));
- buf.push_back(get_byte(1, names_size));
- buf += der_names;
+ append_tls_length_value(buf, encoder.get_contents(), 2);
return buf;
}
diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp
index b0f18d28f..5228807b4 100644
--- a/src/ssl/hello.cpp
+++ b/src/ssl/hello.cpp
@@ -86,22 +86,9 @@ SecureVector<byte> Client_Hello::serialize() const
buf.push_back(static_cast<byte>(c_version ));
buf += c_random;
- buf.push_back(static_cast<byte>(sess_id.size()));
- buf += sess_id;
-
- u16bit suites_size = 2*suites.size();
-
- buf.push_back(get_byte(0, suites_size));
- buf.push_back(get_byte(1, suites_size));
- for(u32bit i = 0; i != suites.size(); i++)
- {
- buf.push_back(get_byte(0, suites[i]));
- buf.push_back(get_byte(1, suites[i]));
- }
-
- buf.push_back(static_cast<byte>(comp_algos.size()));
- for(u32bit i = 0; i != comp_algos.size(); i++)
- buf.push_back(comp_algos[i]);
+ append_tls_length_value(buf, sess_id, 1);
+ append_tls_length_value(buf, suites, 2);
+ append_tls_length_value(buf, comp_algos, 1);
return buf;
}
@@ -265,8 +252,7 @@ SecureVector<byte> Server_Hello::serialize() const
buf.push_back(static_cast<byte>(s_version ));
buf += s_random;
- buf.push_back(static_cast<byte>(sess_id.size()));
- buf += sess_id;
+ append_tls_length_value(buf, sess_id, 1);
buf.push_back(get_byte(0, suite));
buf.push_back(get_byte(1, suite));
diff --git a/src/ssl/info.txt b/src/ssl/info.txt
index 8460e68e4..161b51569 100644
--- a/src/ssl/info.txt
+++ b/src/ssl/info.txt
@@ -52,7 +52,7 @@ md5
rng
rsa
sha1
-ssl3_mac
+ssl3mac
ssl_prf
tls_prf
x509
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index b04cad3ea..f9a595fe9 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -6,6 +6,7 @@
*/
#include <botan/internal/tls_messages.h>
+#include <botan/internal/tls_reader.h>
#include <botan/pubkey.h>
#include <botan/dh.h>
#include <botan/rsa.h>
@@ -74,10 +75,7 @@ Server_Key_Exchange::Server_Key_Exchange(RandomNumberGenerator& rng,
SecureVector<byte> Server_Key_Exchange::serialize() const
{
SecureVector<byte> buf = serialize_params();
- u16bit sig_len = signature.size();
- buf.push_back(get_byte(0, sig_len));
- buf.push_back(get_byte(1, sig_len));
- buf += signature;
+ append_tls_length_value(buf, signature, 2);
return buf;
}
@@ -87,15 +85,10 @@ SecureVector<byte> Server_Key_Exchange::serialize() const
SecureVector<byte> Server_Key_Exchange::serialize_params() const
{
SecureVector<byte> buf;
+
for(u32bit j = 0; j != params.size(); j++)
- {
- SecureVector<byte> param = BigInt::encode(params[j]);
- u16bit param_size = param.size();
+ append_tls_length_value(buf, BigInt::encode(params[j]), 2);
- buf.push_back(get_byte(0, param_size));
- buf.push_back(get_byte(1, param_size));
- buf += param;
- }
return buf;
}
diff --git a/src/ssl/tls_reader.h b/src/ssl/tls_reader.h
index 641d1ecdb..733e9bdc9 100644
--- a/src/ssl/tls_reader.h
+++ b/src/ssl/tls_reader.h
@@ -138,6 +138,49 @@ class TLS_Data_Reader
u32bit offset;
};
+/**
+* Helper function for encoding length-tagged vectors
+*/
+template<typename T>
+void append_tls_length_value(MemoryRegion<byte>& buf,
+ const T* vals,
+ u32bit vals_size,
+ u32bit tag_size)
+ {
+ const u32bit T_size = sizeof(T);
+ const u32bit val_bytes = T_size * vals_size;
+
+ if(tag_size != 1 && tag_size != 2)
+ throw std::invalid_argument("append_tls_length_value: invalid tag size");
+
+ if((tag_size == 1 && val_bytes > 255) ||
+ (tag_size == 2 && val_bytes > 65535))
+ throw std::invalid_argument("append_tls_length_value: value too large");
+
+ for(u32bit i = 0; i != tag_size; ++i)
+ buf.push_back(get_byte(4-tag_size+i, val_bytes));
+
+ for(u32bit i = 0; i != vals_size; ++i)
+ for(u32bit j = 0; j != T_size; ++j)
+ buf.push_back(get_byte(j, vals[i]));
+ }
+
+template<typename T>
+void append_tls_length_value(MemoryRegion<byte>& buf,
+ const MemoryRegion<T>& vals,
+ u32bit tag_size)
+ {
+ append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
+ }
+
+template<typename T>
+void append_tls_length_value(MemoryRegion<byte>& buf,
+ const std::vector<T>& vals,
+ u32bit tag_size)
+ {
+ append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
+ }
+
}
#endif