diff options
Diffstat (limited to 'src/lib/tls')
-rw-r--r-- | src/lib/tls/msg_cert_req.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_cert_verify.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_client_hello.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_client_kex.cpp | 8 | ||||
-rw-r--r-- | src/lib/tls/msg_next_protocol.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_server_hello.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_server_kex.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/msg_session_ticket.cpp | 8 | ||||
-rw-r--r-- | src/lib/tls/tls_extensions.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/tls_heartbeats.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/tls_messages.h | 2 | ||||
-rw-r--r-- | src/lib/tls/tls_reader.h | 57 |
12 files changed, 47 insertions, 44 deletions
diff --git a/src/lib/tls/msg_cert_req.cpp b/src/lib/tls/msg_cert_req.cpp index 23d59c6d4..619502f4f 100644 --- a/src/lib/tls/msg_cert_req.cpp +++ b/src/lib/tls/msg_cert_req.cpp @@ -81,7 +81,7 @@ Certificate_Req::Certificate_Req(const std::vector<byte>& buf, if(buf.size() < 4) throw Decoding_Error("Certificate_Req: Bad certificate request"); - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("CertificateRequest", buf); std::vector<byte> cert_type_codes = reader.get_range_vector<byte>(1, 1, 255); diff --git a/src/lib/tls/msg_cert_verify.cpp b/src/lib/tls/msg_cert_verify.cpp index 4b6d85e51..adf74b2e1 100644 --- a/src/lib/tls/msg_cert_verify.cpp +++ b/src/lib/tls/msg_cert_verify.cpp @@ -54,7 +54,7 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io, Certificate_Verify::Certificate_Verify(const std::vector<byte>& buf, Protocol_Version version) { - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("CertificateVerify", buf); if(version.supports_negotiable_signature_algorithms()) { diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp index 0d91af472..087fefcb4 100644 --- a/src/lib/tls/msg_client_hello.cpp +++ b/src/lib/tls/msg_client_hello.cpp @@ -235,7 +235,7 @@ void Client_Hello::deserialize(const std::vector<byte>& buf) if(buf.size() < 41) throw Decoding_Error("Client_Hello: Packet corrupted"); - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("ClientHello", buf); const byte major_version = reader.get_byte(); const byte minor_version = reader.get_byte(); diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp index 29a47684b..a6368bb50 100644 --- a/src/lib/tls/msg_client_kex.cpp +++ b/src/lib/tls/msg_client_kex.cpp @@ -61,7 +61,7 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io, if(state.server_kex()) { - TLS_Data_Reader reader(state.server_kex()->params()); + TLS_Data_Reader reader("ClientKeyExchange", state.server_kex()->params()); identity_hint = reader.get_string(2, 0, 65535); } @@ -82,7 +82,7 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io, } else if(state.server_kex()) { - TLS_Data_Reader reader(state.server_kex()->params()); + TLS_Data_Reader reader("ClientKeyExchange", state.server_kex()->params()); SymmetricKey psk; @@ -309,7 +309,7 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents, } else { - TLS_Data_Reader reader(contents); + TLS_Data_Reader reader("ClientKeyExchange", contents); m_pre_master = decryptor.decrypt(reader.get_range<byte>(2, 0, 65535)); } @@ -327,7 +327,7 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents, } else { - TLS_Data_Reader reader(contents); + TLS_Data_Reader reader("ClientKeyExchange", contents); SymmetricKey psk; diff --git a/src/lib/tls/msg_next_protocol.cpp b/src/lib/tls/msg_next_protocol.cpp index a09fd02d1..4371ce33c 100644 --- a/src/lib/tls/msg_next_protocol.cpp +++ b/src/lib/tls/msg_next_protocol.cpp @@ -24,7 +24,7 @@ Next_Protocol::Next_Protocol(Handshake_IO& io, Next_Protocol::Next_Protocol(const std::vector<byte>& buf) { - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("NextProtocol", buf); m_protocol = reader.get_string(1, 0, 255); diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp index a775e0b4b..f4acc5481 100644 --- a/src/lib/tls/msg_server_hello.cpp +++ b/src/lib/tls/msg_server_hello.cpp @@ -70,7 +70,7 @@ Server_Hello::Server_Hello(const std::vector<byte>& buf) if(buf.size() < 38) throw Decoding_Error("Server_Hello: Packet corrupted"); - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("ServerHello", buf); const byte major_version = reader.get_byte(); const byte minor_version = reader.get_byte(); diff --git a/src/lib/tls/msg_server_kex.cpp b/src/lib/tls/msg_server_kex.cpp index 3a97d7175..1c169877c 100644 --- a/src/lib/tls/msg_server_kex.cpp +++ b/src/lib/tls/msg_server_kex.cpp @@ -148,7 +148,7 @@ Server_Key_Exchange::Server_Key_Exchange(const std::vector<byte>& buf, if(buf.size() < 6) throw Decoding_Error("Server_Key_Exchange: Packet corrupted"); - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("ServerKeyExchange", buf); /* * We really are just serializing things back to what they were diff --git a/src/lib/tls/msg_session_ticket.cpp b/src/lib/tls/msg_session_ticket.cpp index 2bb9987a9..2d5411a86 100644 --- a/src/lib/tls/msg_session_ticket.cpp +++ b/src/lib/tls/msg_session_ticket.cpp @@ -26,19 +26,17 @@ New_Session_Ticket::New_Session_Ticket(Handshake_IO& io, } New_Session_Ticket::New_Session_Ticket(Handshake_IO& io, - Handshake_Hash& hash) : - m_ticket_lifetime_hint(0) + Handshake_Hash& hash) { hash.update(io.send(*this)); } -New_Session_Ticket::New_Session_Ticket(const std::vector<byte>& buf) : - m_ticket_lifetime_hint(0) +New_Session_Ticket::New_Session_Ticket(const std::vector<byte>& buf) { if(buf.size() < 6) throw Decoding_Error("Session ticket message too short to be valid"); - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("SessionTicket", buf); m_ticket_lifetime_hint = reader.get_u32bit(); m_ticket = reader.get_range<byte>(2, 0, 65535); diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp index 0860006e6..79a839187 100644 --- a/src/lib/tls/tls_extensions.cpp +++ b/src/lib/tls/tls_extensions.cpp @@ -197,7 +197,7 @@ std::vector<byte> SRP_Identifier::serialize() const } Renegotiation_Extension::Renegotiation_Extension(TLS_Data_Reader& reader, - u16bit extension_size) + u16bit extension_size) { reneg_data = reader.get_range<byte>(1, 0, 255); diff --git a/src/lib/tls/tls_heartbeats.cpp b/src/lib/tls/tls_heartbeats.cpp index 8c129858e..1b4f099c1 100644 --- a/src/lib/tls/tls_heartbeats.cpp +++ b/src/lib/tls/tls_heartbeats.cpp @@ -16,7 +16,7 @@ namespace TLS { Heartbeat_Message::Heartbeat_Message(const std::vector<byte>& buf) { - TLS_Data_Reader reader(buf); + TLS_Data_Reader reader("Heartbeat", buf); const byte type = reader.get_byte(); diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h index f3bf8fad2..570ca9591 100644 --- a/src/lib/tls/tls_messages.h +++ b/src/lib/tls/tls_messages.h @@ -549,7 +549,7 @@ class New_Session_Ticket : public Handshake_Message private: std::vector<byte> serialize() const override; - u32bit m_ticket_lifetime_hint; + u32bit m_ticket_lifetime_hint = 0; std::vector<byte> m_ticket; }; diff --git a/src/lib/tls/tls_reader.h b/src/lib/tls/tls_reader.h index 7440e16b7..59bc23a03 100644 --- a/src/lib/tls/tls_reader.h +++ b/src/lib/tls/tls_reader.h @@ -1,6 +1,6 @@ /* * TLS Data Reader -* (C) 2010-2011 Jack Lloyd +* (C) 2010-2011,2014 Jack Lloyd * * Released under the terms of the Botan license */ @@ -25,18 +25,18 @@ namespace TLS { class TLS_Data_Reader { public: - TLS_Data_Reader(const std::vector<byte>& buf_in) : - buf(buf_in), offset(0) {} + TLS_Data_Reader(const char* type, const std::vector<byte>& buf_in) : + m_typename(type), m_buf(buf_in), m_offset(0) {} void assert_done() const { if(has_remaining()) - throw Decoding_Error("Extra bytes at end of message"); + throw decode_error("Extra bytes at end of message"); } size_t remaining_bytes() const { - return buf.size() - offset; + return m_buf.size() - m_offset; } bool has_remaining() const @@ -47,31 +47,31 @@ class TLS_Data_Reader void discard_next(size_t bytes) { assert_at_least(bytes); - offset += bytes; + m_offset += bytes; } u16bit get_u32bit() { assert_at_least(4); - u16bit result = make_u32bit(buf[offset ], buf[offset+1], - buf[offset+2], buf[offset+3]); - offset += 4; + u16bit result = make_u32bit(m_buf[m_offset ], m_buf[m_offset+1], + m_buf[m_offset+2], m_buf[m_offset+3]); + m_offset += 4; return result; } u16bit get_u16bit() { assert_at_least(2); - u16bit result = make_u16bit(buf[offset], buf[offset+1]); - offset += 2; + u16bit result = make_u16bit(m_buf[m_offset], m_buf[m_offset+1]); + m_offset += 2; return result; } byte get_byte() { assert_at_least(1); - byte result = buf[offset]; - offset += 1; + byte result = m_buf[m_offset]; + m_offset += 1; return result; } @@ -83,9 +83,9 @@ class TLS_Data_Reader Container result(num_elems); for(size_t i = 0; i != num_elems; ++i) - result[i] = load_be<T>(&buf[offset], i); + result[i] = load_be<T>(&m_buf[m_offset], i); - offset += num_elems * sizeof(T); + m_offset += num_elems * sizeof(T); return result; } @@ -138,7 +138,7 @@ class TLS_Data_Reader else if(len_bytes == 2) return get_u16bit(); - throw Decoding_Error("TLS_Data_Reader: Bad length size"); + throw decode_error("Bad length size"); } size_t get_num_elems(size_t len_bytes, @@ -149,28 +149,33 @@ class TLS_Data_Reader const size_t byte_length = get_length_field(len_bytes); if(byte_length % T_size != 0) - throw Decoding_Error("TLS_Data_Reader: Size isn't multiple of T"); + throw decode_error("Size isn't multiple of T"); const size_t num_elems = byte_length / T_size; if(num_elems < min_elems || num_elems > max_elems) - throw Decoding_Error("TLS_Data_Reader: Range outside paramaters"); + throw decode_error("Length field outside parameters"); return num_elems; } void assert_at_least(size_t n) const { - if(buf.size() - offset < n) - { - throw Decoding_Error("TLS_Data_Reader: Expected " + std::to_string(n) + - " bytes remaining, only " + std::to_string(buf.size()-offset) + - " left"); - } + if(m_buf.size() - m_offset < n) + throw decode_error("Expected " + std::to_string(n) + + " bytes remaining, only " + + std::to_string(m_buf.size()-m_offset) + + " left"); } - const std::vector<byte>& buf; - size_t offset; + Decode_Error decode_error(const std::string& why) const + { + return Decode_Error("Invalid " + std::string(m_typename) + ": " + why); + } + + const char* m_typename; + const std::vector<byte>& m_buf; + size_t m_offset; }; /** |