aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl')
-rw-r--r--src/ssl/cert_req.cpp31
-rw-r--r--src/ssl/cert_ver.cpp2
-rw-r--r--src/ssl/hello.cpp50
-rw-r--r--src/ssl/rec_read.cpp16
-rw-r--r--src/ssl/rec_wri.cpp10
-rw-r--r--src/ssl/s_kex.cpp14
-rw-r--r--src/ssl/tls_client.cpp4
-rw-r--r--src/ssl/tls_handshake_hash.cpp12
-rw-r--r--src/ssl/tls_policy.cpp30
-rw-r--r--src/ssl/tls_server.cpp40
10 files changed, 108 insertions, 101 deletions
diff --git a/src/ssl/cert_req.cpp b/src/ssl/cert_req.cpp
index e72ffe735..b8b2624bf 100644
--- a/src/ssl/cert_req.cpp
+++ b/src/ssl/cert_req.cpp
@@ -21,7 +21,7 @@ Certificate_Req::Certificate_Req(Record_Writer& writer,
HandshakeHash& hash,
const std::vector<X509_Certificate>& certs)
{
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
names.push_back(certs[i].subject_dn());
// FIXME: should be able to choose what to ask for
@@ -41,7 +41,7 @@ SecureVector<byte> Certificate_Req::serialize() const
append_tls_length_value(buf, types, 1);
DER_Encoder encoder;
- for(u32bit i = 0; i != names.size(); i++)
+ for(size_t i = 0; i != names.size(); ++i)
encoder.encode(names[i]);
append_tls_length_value(buf, encoder.get_contents(), 2);
@@ -57,15 +57,15 @@ void Certificate_Req::deserialize(const MemoryRegion<byte>& buf)
if(buf.size() < 4)
throw Decoding_Error("Certificate_Req: Bad certificate request");
- u32bit types_size = buf[0];
+ size_t types_size = buf[0];
if(buf.size() < types_size + 3)
throw Decoding_Error("Certificate_Req: Bad certificate request");
- for(u32bit i = 0; i != types_size; i++)
+ for(size_t i = 0; i != types_size; ++i)
types.push_back(static_cast<Certificate_Type>(buf[i+1]));
- u32bit names_size = make_u16bit(buf[types_size+2], buf[types_size+3]);
+ size_t names_size = make_u16bit(buf[types_size+2], buf[types_size+3]);
if(buf.size() != names_size + types_size + 3)
throw Decoding_Error("Certificate_Req: Bad certificate request");
@@ -98,18 +98,18 @@ SecureVector<byte> Certificate::serialize() const
{
SecureVector<byte> buf(3);
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
{
SecureVector<byte> raw_cert = certs[i].BER_encode();
- u32bit cert_size = raw_cert.size();
- for(u32bit j = 0; j != 3; j++)
- buf.push_back(get_byte(j+1, cert_size));
+ const size_t cert_size = raw_cert.size();
+ for(size_t i = 0; i != 3; ++i)
+ buf.push_back(get_byte<u32bit>(i+1, cert_size));
buf += raw_cert;
}
- u32bit buf_size = buf.size() - 3;
- for(u32bit i = 0; i != 3; i++)
- buf[i] = get_byte(i+1, buf_size);
+ const size_t buf_size = buf.size() - 3;
+ for(size_t i = 0; i != 3; ++i)
+ buf[i] = get_byte<u32bit>(i+1, buf_size);
return buf;
}
@@ -122,7 +122,7 @@ void Certificate::deserialize(const MemoryRegion<byte>& buf)
if(buf.size() < 3)
throw Decoding_Error("Certificate: Message malformed");
- u32bit total_size = make_u32bit(0, buf[0], buf[1], buf[2]);
+ const size_t total_size = make_u32bit(0, buf[0], buf[1], buf[2]);
SecureQueue queue;
queue.write(&buf[3], buf.size() - 3);
@@ -137,9 +137,10 @@ void Certificate::deserialize(const MemoryRegion<byte>& buf)
byte len[3];
queue.read(len, 3);
- u32bit cert_size = make_u32bit(0, len[0], len[1], len[2]);
- u32bit original_size = queue.size();
+ const size_t cert_size = make_u32bit(0, len[0], len[1], len[2]);
+ const size_t original_size = queue.size();
+
X509_Certificate cert(queue);
if(queue.size() + cert_size != original_size)
throw Decoding_Error("Certificate: Message malformed");
diff --git a/src/ssl/cert_ver.cpp b/src/ssl/cert_ver.cpp
index 293f643dc..3220a8c9e 100644
--- a/src/ssl/cert_ver.cpp
+++ b/src/ssl/cert_ver.cpp
@@ -50,7 +50,7 @@ SecureVector<byte> Certificate_Verify::serialize() const
{
SecureVector<byte> buf;
- u16bit sig_len = signature.size();
+ const u16bit sig_len = signature.size();
buf.push_back(get_byte(0, sig_len));
buf.push_back(get_byte(1, sig_len));
buf += signature;
diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp
index a06fd75b4..1efef9213 100644
--- a/src/ssl/hello.cpp
+++ b/src/ssl/hello.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-/**
+/*
* Encode and send a Handshake message
*/
void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
@@ -18,12 +18,12 @@ void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
SecureVector<byte> buf = serialize();
SecureVector<byte> send_buf(4);
- u32bit buf_size = buf.size();
+ const size_t buf_size = buf.size();
send_buf[0] = type();
- send_buf[1] = get_byte(1, buf_size);
- send_buf[2] = get_byte(2, buf_size);
- send_buf[3] = get_byte(3, buf_size);
+
+ for(size_t i = 1; i != 4; ++i)
+ send_buf[i] = get_byte<u32bit>(i, buf_size);
send_buf += buf;
@@ -33,7 +33,7 @@ void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
writer.flush();
}
-/**
+/*
* Create a new Hello Request message
*/
Hello_Request::Hello_Request(Record_Writer& writer)
@@ -42,7 +42,7 @@ Hello_Request::Hello_Request(Record_Writer& writer)
send(writer, dummy);
}
-/**
+/*
* Serialize a Hello Request message
*/
SecureVector<byte> Hello_Request::serialize() const
@@ -50,7 +50,7 @@ SecureVector<byte> Hello_Request::serialize() const
return SecureVector<byte>();
}
-/**
+/*
* Deserialize a Hello Request message
*/
void Hello_Request::deserialize(const MemoryRegion<byte>& buf)
@@ -59,7 +59,7 @@ void Hello_Request::deserialize(const MemoryRegion<byte>& buf)
throw Decoding_Error("Hello_Request: Must be empty, and is not");
}
-/**
+/*
* Create a new Client Hello message
*/
Client_Hello::Client_Hello(RandomNumberGenerator& rng,
@@ -76,7 +76,7 @@ Client_Hello::Client_Hello(RandomNumberGenerator& rng,
send(writer, hash);
}
-/**
+/*
* Serialize a Client Hello message
*/
SecureVector<byte> Client_Hello::serialize() const
@@ -99,11 +99,11 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
if(buf.size() < 12 || buf[0] != 1)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
- const u32bit cipher_spec_len = make_u16bit(buf[3], buf[4]);
- const u32bit sess_id_len = make_u16bit(buf[5], buf[6]);
- const u32bit challenge_len = make_u16bit(buf[7], buf[8]);
+ const size_t cipher_spec_len = make_u16bit(buf[3], buf[4]);
+ const size_t sess_id_len = make_u16bit(buf[5], buf[6]);
+ const size_t challenge_len = make_u16bit(buf[7], buf[8]);
- const u32bit expected_size =
+ const size_t expected_size =
(9 + sess_id_len + cipher_spec_len + challenge_len);
if(buf.size() != expected_size)
@@ -115,7 +115,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
}
- for(u32bit i = 9; i != 9 + cipher_spec_len; i += 3)
+ for(size_t i = 9; i != 9 + cipher_spec_len; i += 3)
{
if(buf[i] != 0) // a SSLv2 cipherspec; ignore it
continue;
@@ -128,7 +128,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
c_random.set(&buf[9+cipher_spec_len+sess_id_len], challenge_len);
}
-/**
+/*
* Deserialize a Client Hello message
*/
void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
@@ -196,18 +196,18 @@ void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
}
}
-/**
+/*
* Check if we offered this ciphersuite
*/
bool Client_Hello::offered_suite(u16bit ciphersuite) const
{
- for(u32bit i = 0; i != suites.size(); i++)
+ for(size_t i = 0; i != suites.size(); ++i)
if(suites[i] == ciphersuite)
return true;
return false;
}
-/**
+/*
* Create a new Server Hello message
*/
Server_Hello::Server_Hello(RandomNumberGenerator& rng,
@@ -220,7 +220,7 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng,
{
bool have_rsa = false, have_dsa = false;
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
{
Public_Key* key = certs[i].subject_public_key();
if(key->algo_name() == "RSA")
@@ -244,7 +244,7 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng,
send(writer, hash);
}
-/**
+/*
* Serialize a Server Hello message
*/
SecureVector<byte> Server_Hello::serialize() const
@@ -265,7 +265,7 @@ SecureVector<byte> Server_Hello::serialize() const
return buf;
}
-/**
+/*
* Deserialize a Server Hello message
*/
void Server_Hello::deserialize(const MemoryRegion<byte>& buf)
@@ -292,7 +292,7 @@ void Server_Hello::deserialize(const MemoryRegion<byte>& buf)
comp_algo = reader.get_byte();
}
-/**
+/*
* Create a new Server Hello Done message
*/
Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
@@ -301,7 +301,7 @@ Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
send(writer, hash);
}
-/**
+/*
* Serialize a Server Hello Done message
*/
SecureVector<byte> Server_Hello_Done::serialize() const
@@ -309,7 +309,7 @@ SecureVector<byte> Server_Hello_Done::serialize() const
return SecureVector<byte>();
}
-/**
+/*
* Deserialize a Server Hello Done message
*/
void Server_Hello_Done::deserialize(const MemoryRegion<byte>& buf)
diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp
index 0886a688f..e34359862 100644
--- a/src/ssl/rec_read.cpp
+++ b/src/ssl/rec_read.cpp
@@ -206,8 +206,8 @@ size_t Record_Reader::get_record(byte& msg_type,
}
else
{
- for(size_t j = 0; j != pad_size; j++)
- if(plaintext[plaintext.size()-j-1] != pad_value)
+ for(size_t i = 0; i != pad_size; ++i)
+ if(plaintext[plaintext.size()-i-1] != pad_value)
pad_size = 0;
}
}
@@ -222,16 +222,16 @@ size_t Record_Reader::get_record(byte& msg_type,
const u16bit plain_length = plaintext.size() - (mac_size + pad_size + iv_size);
mac.start_msg();
- for(size_t j = 0; j != 8; j++)
- mac.write(get_byte(j, seq_no));
+ for(size_t i = 0; i != 8; ++i)
+ mac.write(get_byte(i, seq_no));
mac.write(header[0]); // msg_type
if(version != SSL_V3)
- for(size_t j = 0; j != 2; j++)
- mac.write(get_byte(j, version));
+ for(size_t i = 0; i != 2; ++i)
+ mac.write(get_byte(i, version));
- for(size_t j = 0; j != 2; j++)
- mac.write(get_byte(j, plain_length));
+ for(size_t i = 0; i != 2; ++i)
+ mac.write(get_byte(i, plain_length));
mac.write(&plaintext[iv_size], plain_length);
mac.end_msg();
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
index addb159ef..57eb62f6e 100644
--- a/src/ssl/rec_wri.cpp
+++ b/src/ssl/rec_wri.cpp
@@ -190,8 +190,8 @@ void Record_Writer::send_record(byte type, const byte buf[], size_t length)
else
{
mac.start_msg();
- for(size_t j = 0; j != 8; j++)
- mac.write(get_byte(j, seq_no));
+ for(size_t i = 0; i != 8; ++i)
+ mac.write(get_byte(i, seq_no));
mac.write(type);
if(major > 3 || (major == 3 && minor != 0))
@@ -230,7 +230,7 @@ void Record_Writer::send_record(byte type, const byte buf[], size_t length)
size_t pad_val =
(block_size - (1 + length + buf_mac.size())) % block_size;
- for(size_t j = 0; j != pad_val + 1; j++)
+ for(size_t i = 0; i != pad_val + 1; ++i)
cipher.write(pad_val);
}
cipher.end_msg();
@@ -254,8 +254,8 @@ void Record_Writer::send_record(byte type, byte major, byte minor,
"Record_Writer: Record is too big");
byte header[5] = { type, major, minor, 0 };
- for(size_t j = 0; j != 2; j++)
- header[j+3] = get_byte<u16bit>(j, length);
+ for(size_t i = 0; i != 2; ++i)
+ header[i+3] = get_byte<u16bit>(i, length);
socket.write(header, 5);
socket.write(out, length);
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index f9a595fe9..757738859 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -86,8 +86,8 @@ SecureVector<byte> Server_Key_Exchange::serialize_params() const
{
SecureVector<byte> buf;
- for(u32bit j = 0; j != params.size(); j++)
- append_tls_length_value(buf, BigInt::encode(params[j]), 2);
+ for(size_t i = 0; i != params.size(); ++i)
+ append_tls_length_value(buf, BigInt::encode(params[i]), 2);
return buf;
}
@@ -101,20 +101,20 @@ void Server_Key_Exchange::deserialize(const MemoryRegion<byte>& buf)
throw Decoding_Error("Server_Key_Exchange: Packet corrupted");
SecureVector<byte> values[4];
- u32bit so_far = 0;
+ size_t so_far = 0;
- for(u32bit j = 0; j != 4; j++)
+ for(size_t i = 0; i != 4; ++i)
{
- u16bit len = make_u16bit(buf[so_far], buf[so_far+1]);
+ const u16bit len = make_u16bit(buf[so_far], buf[so_far+1]);
so_far += 2;
if(len + so_far > buf.size())
throw Decoding_Error("Server_Key_Exchange: Packet corrupted");
- values[j].set(&buf[so_far], len);
+ values[i].set(&buf[so_far], len);
so_far += len;
- if(j == 2 && so_far == buf.size())
+ if(i == 2 && so_far == buf.size())
break;
}
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp
index 18f6981e3..976b7c917 100644
--- a/src/ssl/tls_client.cpp
+++ b/src/ssl/tls_client.cpp
@@ -383,9 +383,9 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
if(type != HANDSHAKE_CCS && type != HELLO_REQUEST && type != FINISHED)
{
state->hash.update(static_cast<byte>(type));
- const u32bit record_length = contents.size();
+ const size_t record_length = contents.size();
for(size_t i = 0; i != 3; i++)
- state->hash.update(get_byte(i+1, record_length));
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
state->hash.update(contents);
}
diff --git a/src/ssl/tls_handshake_hash.cpp b/src/ssl/tls_handshake_hash.cpp
index 93442cad1..7c1e2e385 100644
--- a/src/ssl/tls_handshake_hash.cpp
+++ b/src/ssl/tls_handshake_hash.cpp
@@ -45,15 +45,19 @@ SecureVector<byte> HandshakeHash::final_ssl3(const MemoryRegion<byte>& secret)
md5.update(secret);
sha1.update(secret);
- for(u32bit j = 0; j != 48; j++) md5.update(PAD_INNER);
- for(u32bit j = 0; j != 40; j++) sha1.update(PAD_INNER);
+ for(size_t i = 0; i != 48; ++i)
+ md5.update(PAD_INNER);
+ for(size_t i = 0; i != 40; ++i)
+ sha1.update(PAD_INNER);
SecureVector<byte> inner_md5 = md5.final(), inner_sha1 = sha1.final();
md5.update(secret);
sha1.update(secret);
- for(u32bit j = 0; j != 48; j++) md5.update(PAD_OUTER);
- for(u32bit j = 0; j != 40; j++) sha1.update(PAD_OUTER);
+ for(size_t i = 0; i != 48; ++i)
+ md5.update(PAD_OUTER);
+ for(size_t i = 0; i != 40; ++i)
+ sha1.update(PAD_OUTER);
md5.update(inner_md5);
sha1.update(inner_sha1);
diff --git a/src/ssl/tls_policy.cpp b/src/ssl/tls_policy.cpp
index e7e25a877..38fcf58cc 100644
--- a/src/ssl/tls_policy.cpp
+++ b/src/ssl/tls_policy.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-/**
+/*
* Return allowed ciphersuites
*/
std::vector<u16bit> TLS_Policy::ciphersuites() const
@@ -18,7 +18,7 @@ std::vector<u16bit> TLS_Policy::ciphersuites() const
return suite_list(allow_static_rsa(), allow_edh_rsa(), allow_edh_dsa());
}
-/**
+/*
* Return allowed ciphersuites
*/
std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa,
@@ -60,7 +60,7 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa,
return suites;
}
-/**
+/*
* Return allowed compression algorithms
*/
std::vector<byte> TLS_Policy::compression() const
@@ -70,7 +70,7 @@ std::vector<byte> TLS_Policy::compression() const
return algs;
}
-/**
+/*
* Choose which ciphersuite to use
*/
u16bit TLS_Policy::choose_suite(const std::vector<u16bit>& c_suites,
@@ -84,30 +84,30 @@ u16bit TLS_Policy::choose_suite(const std::vector<u16bit>& c_suites,
std::vector<u16bit> s_suites = suite_list(use_static_rsa, use_edh_rsa,
use_edh_dsa);
- for(u32bit j = 0; j != s_suites.size(); j++)
- for(u32bit k = 0; k != c_suites.size(); k++)
- if(s_suites[j] == c_suites[k])
- return s_suites[j];
+ for(size_t i = 0; i != s_suites.size(); ++i)
+ for(size_t j = 0; j != c_suites.size(); ++j)
+ if(s_suites[i] == c_suites[j])
+ return s_suites[i];
return 0;
}
-/**
+/*
* Choose which compression algorithm to use
*/
byte TLS_Policy::choose_compression(const std::vector<byte>& c_comp) const
{
std::vector<byte> s_comp = compression();
- for(u32bit j = 0; j != s_comp.size(); j++)
- for(u32bit k = 0; k != c_comp.size(); k++)
- if(s_comp[j] == c_comp[k])
- return s_comp[j];
+ for(size_t i = 0; i != s_comp.size(); ++i)
+ for(size_t j = 0; j != c_comp.size(); ++j)
+ if(s_comp[i] == c_comp[j])
+ return s_comp[i];
return NO_COMPRESSION;
}
-/**
+/*
* Return the group to use for empheral DH
*/
DL_Group TLS_Policy::dh_group() const
@@ -115,7 +115,7 @@ DL_Group TLS_Policy::dh_group() const
return DL_Group("modp/ietf/1024");
}
-/**
+/*
* Default certificate check
*/
bool TLS_Policy::check_cert(const std::vector<X509_Certificate>& certs) const
diff --git a/src/ssl/tls_server.cpp b/src/ssl/tls_server.cpp
index 8a5cefa02..5412771ff 100644
--- a/src/ssl/tls_server.cpp
+++ b/src/ssl/tls_server.cpp
@@ -16,7 +16,7 @@ namespace Botan {
namespace {
-/**
+/*
* Choose what version to respond with
*/
Version_Code choose_version(Version_Code client, Version_Code minimum)
@@ -31,7 +31,7 @@ Version_Code choose_version(Version_Code client, Version_Code minimum)
}
// FIXME: checks are wrong for session reuse (add a flag for that)
-/**
+/*
* Verify the state transition is allowed
*/
void server_check_state(Handshake_Type new_msg, Handshake_State* state)
@@ -82,7 +82,7 @@ void server_check_state(Handshake_Type new_msg, Handshake_State* state)
}
-/**
+/*
* TLS Server Constructor
*/
TLS_Server::TLS_Server(const TLS_Policy& pol,
@@ -120,7 +120,7 @@ TLS_Server::TLS_Server(const TLS_Policy& pol,
}
}
-/**
+/*
* TLS Server Destructor
*/
TLS_Server::~TLS_Server()
@@ -130,7 +130,7 @@ TLS_Server::~TLS_Server()
delete state;
}
-/**
+/*
* Return the peer's certificate chain
*/
std::vector<X509_Certificate> TLS_Server::peer_cert_chain() const
@@ -138,7 +138,7 @@ std::vector<X509_Certificate> TLS_Server::peer_cert_chain() const
return peer_certs;
}
-/**
+/*
* Write to a TLS connection
*/
void TLS_Server::write(const byte buf[], size_t length)
@@ -149,7 +149,7 @@ void TLS_Server::write(const byte buf[], size_t length)
writer.send(APPLICATION_DATA, buf, length);
}
-/**
+/*
* Read from a TLS connection
*/
size_t TLS_Server::read(byte out[], size_t length)
@@ -171,7 +171,7 @@ size_t TLS_Server::read(byte out[], size_t length)
return got;
}
-/**
+/*
* Check connection status
*/
bool TLS_Server::is_closed() const
@@ -181,7 +181,7 @@ bool TLS_Server::is_closed() const
return false;
}
-/**
+/*
* Close a TLS connection
*/
void TLS_Server::close()
@@ -189,7 +189,7 @@ void TLS_Server::close()
close(WARNING, CLOSE_NOTIFY);
}
-/**
+/*
* Close a TLS connection
*/
void TLS_Server::close(Alert_Level level, Alert_Type alert_code)
@@ -205,7 +205,7 @@ void TLS_Server::close(Alert_Level level, Alert_Type alert_code)
}
}
-/**
+/*
* Iterate the TLS state machine
*/
void TLS_Server::state_machine()
@@ -264,7 +264,7 @@ void TLS_Server::state_machine()
throw Unexpected_Message("Unknown message type recieved");
}
-/**
+/*
* Split up and process handshake messages
*/
void TLS_Server::read_handshake(byte rec_type,
@@ -320,7 +320,7 @@ void TLS_Server::read_handshake(byte rec_type,
}
}
-/**
+/*
* Process a handshake message
*/
void TLS_Server::process_handshake_msg(Handshake_Type type,
@@ -333,13 +333,13 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
if(type != HANDSHAKE_CCS && type != FINISHED)
{
-
if(type != CLIENT_HELLO_SSLV2)
{
state->hash.update(static_cast<byte>(type));
- u32bit record_length = contents.size();
+
+ const size_t record_length = contents.size();
for(size_t i = 0; i != 3; i++)
- state->hash.update(get_byte(i+1, record_length));
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
}
state->hash.update(contents);
@@ -449,9 +449,11 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
"Finished message didn't verify");
state->hash.update(static_cast<byte>(type));
- u32bit record_length = contents.size();
+
+ const size_t record_length = contents.size();
for(size_t i = 0; i != 3; i++)
- state->hash.update(get_byte(i+1, record_length));
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
+
state->hash.update(contents);
writer.send(CHANGE_CIPHER_SPEC, 1);
@@ -471,7 +473,7 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
throw Unexpected_Message("Unknown handshake message recieved");
}
-/**
+/*
* Perform a server-side TLS handshake
*/
void TLS_Server::do_handshake()