diff options
-rw-r--r-- | src/tls/c_hello.cpp | 3 | ||||
-rw-r--r-- | src/tls/s_hello.cpp | 3 | ||||
-rw-r--r-- | src/tls/s_kex.cpp | 22 | ||||
-rw-r--r-- | src/tls/tls_extensions.h | 2 | ||||
-rw-r--r-- | src/tls/tls_messages.h | 2 | ||||
-rw-r--r-- | src/tls/tls_policy.cpp | 4 | ||||
-rw-r--r-- | src/tls/tls_policy.h | 2 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 2 | ||||
-rw-r--r-- | src/tls/tls_session.h | 2 |
9 files changed, 31 insertions, 11 deletions
diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp index 60f6de487..a70713a80 100644 --- a/src/tls/c_hello.cpp +++ b/src/tls/c_hello.cpp @@ -151,6 +151,9 @@ MemoryVector<byte> Client_Hello::serialize() const extensions.push_back(new Server_Name_Indicator(m_hostname)); extensions.push_back(new SRP_Identifier(m_srp_identifier)); + if(m_version >= TLS_V12) + extensions.push_back(new Signature_Algorithms()); + if(m_next_protocol) extensions.push_back(new Next_Protocol_Notification()); } diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp index 21619fe0c..652544806 100644 --- a/src/tls/s_hello.cpp +++ b/src/tls/s_hello.cpp @@ -174,9 +174,6 @@ MemoryVector<byte> Server_Hello::serialize() const if(m_next_protocol) extensions.push_back(new Next_Protocol_Notification(m_next_protocols)); - if(s_version == TLS_V12) - extensions.push_back(new Signature_Algorithms()); - buf += extensions.serialize(); return buf; diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp index 2e2bc4cb0..ac6ee15ee 100644 --- a/src/tls/s_kex.cpp +++ b/src/tls/s_kex.cpp @@ -37,9 +37,15 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer, // FIXME: this should respect client's hash preferences if(state->version >= TLS_V12) + { hash_algo = TLS_ALGO_HASH_SHA256; + sig_algo = TLS_ALGO_SIGNER_RSA; + } else + { hash_algo = TLS_ALGO_NONE; + sig_algo = TLS_ALGO_NONE; + } std::pair<std::string, Signature_Format> format = state->choose_sig_format(private_key, hash_algo, false); @@ -62,7 +68,10 @@ MemoryVector<byte> Server_Key_Exchange::serialize() const MemoryVector<byte> buf = serialize_params(); if(hash_algo != TLS_ALGO_NONE) - {} + { + buf.push_back(Signature_Algorithms::hash_algo_code(hash_algo)); + buf.push_back(Signature_Algorithms::sig_algo_code(sig_algo)); + } append_tls_length_value(buf, signature, 2); return buf; @@ -110,9 +119,16 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf, if(sig_alg != TLS_ALGO_SIGNER_ANON) { if(version < TLS_V12) - hash_algo = TLS_ALGO_NONE; // use old defaults + { + // use old defaults + hash_algo = TLS_ALGO_NONE; + sig_algo = TLS_ALGO_NONE; + } else + { hash_algo = Signature_Algorithms::hash_algo_code(reader.get_byte()); + sig_algo = Signature_Algorithms::sig_algo_code(reader.get_byte()); + } signature = reader.get_range<byte>(2, 0, 65535); } @@ -137,6 +153,8 @@ bool Server_Key_Exchange::verify(const X509_Certificate& cert, { std::auto_ptr<Public_Key> key(cert.subject_public_key()); + printf("Checking %s vs code %d\n", key->algo_name().c_str(), sig_algo); + std::pair<std::string, Signature_Format> format = state->choose_sig_format(key.get(), hash_algo, false); diff --git a/src/tls/tls_extensions.h b/src/tls/tls_extensions.h index 1811bab01..2f4f711c2 100644 --- a/src/tls/tls_extensions.h +++ b/src/tls/tls_extensions.h @@ -189,7 +189,7 @@ class Signature_Algorithms : public TLS_Extension static byte sig_algo_code(TLS_Ciphersuite_Algos code); TLS_Handshake_Extension_Type type() const - { return TLSEXT_NEXT_PROTOCOL; } + { return TLSEXT_SIGNATURE_ALGORITHMS; } std::vector<std::pair<TLS_Ciphersuite_Algos, TLS_Ciphersuite_Algos> > supported_signature_algorthms() const diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index f2052c5e7..9ea0b1a2d 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -300,6 +300,7 @@ class Certificate_Verify : public Handshake_Message private: MemoryVector<byte> serialize() const; + TLS_Ciphersuite_Algos sig_algo; // sig algo used to create signature TLS_Ciphersuite_Algos hash_algo; // hash used to create signature MemoryVector<byte> signature; }; @@ -371,6 +372,7 @@ class Server_Key_Exchange : public Handshake_Message std::vector<BigInt> params; + TLS_Ciphersuite_Algos sig_algo; // sig algo used to create signature TLS_Ciphersuite_Algos hash_algo; // hash used to create signature MemoryVector<byte> signature; }; diff --git a/src/tls/tls_policy.cpp b/src/tls/tls_policy.cpp index 391e8e758..b510c3d4b 100644 --- a/src/tls/tls_policy.cpp +++ b/src/tls/tls_policy.cpp @@ -72,8 +72,8 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa, if(use_rsa) { - suites.push_back(TLS_RSA_WITH_AES_256_CBC_SHA_256); - suites.push_back(TLS_RSA_WITH_AES_128_CBC_SHA_256); + suites.push_back(TLS_RSA_WITH_AES_256_CBC_SHA256); + suites.push_back(TLS_RSA_WITH_AES_128_CBC_SHA256); suites.push_back(TLS_RSA_WITH_AES_256_CBC_SHA); suites.push_back(TLS_RSA_WITH_AES_128_CBC_SHA); diff --git a/src/tls/tls_policy.h b/src/tls/tls_policy.h index 48ff9185e..a0bca4e7f 100644 --- a/src/tls/tls_policy.h +++ b/src/tls/tls_policy.h @@ -52,7 +52,7 @@ class BOTAN_DLL TLS_Policy /* * @return the version we would prefer to negotiate */ - virtual Version_Code pref_version() const { return TLS_V11; } + virtual Version_Code pref_version() const { return TLS_V12; } virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const = 0; diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index e3e2fe208..503d55610 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -25,7 +25,7 @@ Version_Code choose_version(Version_Code client, Version_Code minimum) throw TLS_Exception(PROTOCOL_VERSION, "Client version is unacceptable by policy"); - if(client == SSL_V3 || client == TLS_V10 || client == TLS_V11) + if(client == SSL_V3 || client == TLS_V10 || client == TLS_V11 || client == TLS_V12) return client; return TLS_V11; } diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h index f1352a0e0..12b76bcab 100644 --- a/src/tls/tls_session.h +++ b/src/tls/tls_session.h @@ -75,7 +75,7 @@ class BOTAN_DLL TLS_Session /** * Get the minor version of the saved session */ - byte minor_version() const { return get_byte(0, m_version); } + byte minor_version() const { return get_byte(1, m_version); } /** * Get the ciphersuite of the saved session |