aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl/rec_wri.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl/rec_wri.cpp')
-rw-r--r--src/ssl/rec_wri.cpp270
1 files changed, 0 insertions, 270 deletions
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
deleted file mode 100644
index 04b58e12f..000000000
--- a/src/ssl/rec_wri.cpp
+++ /dev/null
@@ -1,270 +0,0 @@
-/*
-* TLS Record Writing
-* (C) 2004-2010 Jack Lloyd
-*
-* Released under the terms of the Botan license
-*/
-
-#include <botan/tls_record.h>
-#include <botan/internal/tls_handshake_hash.h>
-#include <botan/lookup.h>
-#include <botan/loadstor.h>
-#include <botan/libstate.h>
-
-namespace Botan {
-
-/**
-* Record_Writer Constructor
-*/
-Record_Writer::Record_Writer(std::function<void (const byte[], size_t)> out) :
- output_fn(out),
- buffer(DEFAULT_BUFFERSIZE)
- {
- mac = 0;
- reset();
- }
-
-/**
-* Reset the state
-*/
-void Record_Writer::reset()
- {
- cipher.reset();
-
- delete mac;
- mac = 0;
-
- zeroise(buffer);
- buf_pos = 0;
-
- major = minor = buf_type = 0;
- block_size = 0;
- mac_size = 0;
- iv_size = 0;
-
- seq_no = 0;
- }
-
-/**
-* Set the version to use
-*/
-void Record_Writer::set_version(Version_Code version)
- {
- if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11)
- throw Invalid_Argument("Record_Writer: Invalid protocol version");
-
- major = (version >> 8) & 0xFF;
- minor = (version & 0xFF);
- }
-
-/**
-* Set the keys for writing
-*/
-void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
- Connection_Side side)
- {
- cipher.reset();
- delete mac;
- mac = 0;
-
- SymmetricKey mac_key, cipher_key;
- InitializationVector iv;
-
- if(side == CLIENT)
- {
- cipher_key = keys.client_cipher_key();
- iv = keys.client_iv();
- mac_key = keys.client_mac_key();
- }
- else
- {
- cipher_key = keys.server_cipher_key();
- iv = keys.server_iv();
- mac_key = keys.server_mac_key();
- }
-
- const std::string cipher_algo = suite.cipher_algo();
- const std::string mac_algo = suite.mac_algo();
-
- if(have_block_cipher(cipher_algo))
- {
- cipher.append(get_cipher(
- cipher_algo + "/CBC/NoPadding",
- cipher_key, iv, ENCRYPTION)
- );
- block_size = block_size_of(cipher_algo);
-
- if(major > 3 || (major == 3 && minor >= 2))
- iv_size = block_size;
- else
- iv_size = 0;
- }
- else if(have_stream_cipher(cipher_algo))
- {
- cipher.append(get_cipher(cipher_algo, cipher_key, ENCRYPTION));
- block_size = 0;
- iv_size = 0;
- }
- else
- throw Invalid_Argument("Record_Writer: Unknown cipher " + cipher_algo);
-
- if(have_hash(mac_algo))
- {
- Algorithm_Factory& af = global_state().algorithm_factory();
-
- if(major == 3 && minor == 0)
- mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
- else
- mac = af.make_mac("HMAC(" + mac_algo + ")");
-
- mac->set_key(mac_key);
- mac_size = mac->output_length();
- }
- else
- throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
- }
-
-/**
-* Send one or more records to the other side
-*/
-void Record_Writer::send(byte type, const byte input[], size_t length)
- {
- if(type != buf_type)
- flush();
-
- const size_t BUFFER_SIZE = buffer.size();
- buf_type = type;
-
- // FIXME: compression right here
-
- buffer.copy(buf_pos, input, length);
- if(buf_pos + length >= BUFFER_SIZE)
- {
- send_record(buf_type, &buffer[0], length);
- input += (BUFFER_SIZE - buf_pos);
- length -= (BUFFER_SIZE - buf_pos);
- while(length >= BUFFER_SIZE)
- {
- send_record(buf_type, input, BUFFER_SIZE);
- input += BUFFER_SIZE;
- length -= BUFFER_SIZE;
- }
- buffer.copy(input, length);
- buf_pos = 0;
- }
- buf_pos += length;
- }
-
-/**
-* Split buffer into records, and send them all
-*/
-void Record_Writer::flush()
- {
- const byte* buf_ptr = &buffer[0];
- size_t offset = 0;
-
- while(offset != buf_pos)
- {
- size_t record_size = buf_pos - offset;
- if(record_size > MAX_PLAINTEXT_SIZE)
- record_size = MAX_PLAINTEXT_SIZE;
-
- send_record(buf_type, buf_ptr + offset, record_size);
- offset += record_size;
- }
- buf_type = 0;
- buf_pos = 0;
- }
-
-/**
-* Encrypt and send the record
-*/
-void Record_Writer::send_record(byte type, const byte buf[], size_t length)
- {
- if(length >= MAX_COMPRESSED_SIZE)
- throw TLS_Exception(INTERNAL_ERROR,
- "Record_Writer: Compressed packet is too big");
-
- if(mac_size == 0)
- send_record(type, major, minor, buf, length);
- else
- {
- mac->update_be(seq_no);
- mac->update(type);
-
- if(major > 3 || (major == 3 && minor != 0))
- {
- mac->update(major);
- mac->update(minor);
- }
-
- mac->update(get_byte<u16bit>(0, length));
- mac->update(get_byte<u16bit>(1, length));
- mac->update(buf, length);
-
- SecureVector<byte> buf_mac = mac->final();
-
- // TODO: This could all use a single buffer
- cipher.start_msg();
-
- if(iv_size)
- {
- RandomNumberGenerator& rng = global_state().global_rng();
-
- SecureVector<byte> random_iv(iv_size);
-
- rng.randomize(&random_iv[0], random_iv.size());
-
- cipher.write(random_iv);
- }
-
- cipher.write(buf, length);
- cipher.write(buf_mac);
-
- if(block_size)
- {
- size_t pad_val =
- (block_size - (1 + length + buf_mac.size())) % block_size;
-
- for(size_t i = 0; i != pad_val + 1; ++i)
- cipher.write(pad_val);
- }
- cipher.end_msg();
-
- SecureVector<byte> output = cipher.read_all(Pipe::LAST_MESSAGE);
-
- send_record(type, major, minor, &output[0], output.size());
-
- seq_no++;
- }
- }
-
-/**
-* Send a final record packet
-*/
-void Record_Writer::send_record(byte type, byte major, byte minor,
- const byte out[], size_t length)
- {
- if(length >= MAX_CIPHERTEXT_SIZE)
- throw TLS_Exception(INTERNAL_ERROR,
- "Record_Writer: Record is too big");
-
- byte header[5] = { type, major, minor, 0 };
- for(size_t i = 0; i != 2; ++i)
- header[i+3] = get_byte<u16bit>(i, length);
-
- output_fn(header, 5);
- output_fn(out, length);
- }
-
-/**
-* Send an alert
-*/
-void Record_Writer::alert(Alert_Level level, Alert_Type type)
- {
- byte alert[2] = { (byte)level, (byte)type };
- send(ALERT, alert, sizeof(alert));
- flush();
- }
-
-}