aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/msg_cert_verify.cpp4
-rw-r--r--src/tls/msg_finished.cpp4
-rw-r--r--src/tls/tls_client.cpp16
-rw-r--r--src/tls/tls_handshake_state.cpp10
-rw-r--r--src/tls/tls_handshake_state.h8
-rw-r--r--src/tls/tls_server.cpp15
6 files changed, 33 insertions, 24 deletions
diff --git a/src/tls/msg_cert_verify.cpp b/src/tls/msg_cert_verify.cpp
index 79e7bcaf6..c3ad38322 100644
--- a/src/tls/msg_cert_verify.cpp
+++ b/src/tls/msg_cert_verify.cpp
@@ -35,7 +35,7 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io,
if(state->version() == Protocol_Version::SSL_V3)
{
secure_vector<byte> md5_sha = state->hash.final_ssl3(
- state->keys.master_secret());
+ state->session_keys().master_secret());
if(priv_key->algo_name() == "DSA")
m_signature = signer.sign_message(&md5_sha[16], md5_sha.size()-16, rng);
@@ -104,7 +104,7 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
if(state->version() == Protocol_Version::SSL_V3)
{
secure_vector<byte> md5_sha = state->hash.final_ssl3(
- state->keys.master_secret());
+ state->session_keys().master_secret());
return verifier.verify_message(&md5_sha[16], md5_sha.size()-16,
&m_signature[0], m_signature.size());
diff --git a/src/tls/msg_finished.cpp b/src/tls/msg_finished.cpp
index c25bfd961..24b41c370 100644
--- a/src/tls/msg_finished.cpp
+++ b/src/tls/msg_finished.cpp
@@ -35,7 +35,7 @@ std::vector<byte> finished_compute_verify(const Handshake_State* state,
else
hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
- return unlock(hash.final_ssl3(state->keys.master_secret()));
+ return unlock(hash.final_ssl3(state->session_keys().master_secret()));
}
else
{
@@ -57,7 +57,7 @@ std::vector<byte> finished_compute_verify(const Handshake_State* state,
input += state->hash.final(state->version(), state->ciphersuite().mac_algo());
- return unlock(prf->derive_key(12, state->keys.master_secret(), input));
+ return unlock(prf->derive_key(12, state->session_keys().master_secret(), input));
}
}
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index d60aa611e..d1b076498 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -234,9 +234,7 @@ void Client::process_handshake_msg(Handshake_Type type,
throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
"Server resumed session but with wrong version");
- m_state->keys = Session_Keys(m_state.get(),
- m_state->resume_master_secret,
- true);
+ m_state->compute_session_keys(m_state->resume_master_secret);
// The server is not strictly required to send us a new ticket
if(m_state->server_hello()->supports_session_ticket())
@@ -383,9 +381,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_rng)
);
- m_state->keys = Session_Keys(m_state.get(),
- m_state->client_kex()->pre_master_secret(),
- false);
+ m_state->compute_session_keys();
if(m_state->received_handshake_msg(CERTIFICATE_REQUEST) &&
!m_state->client_certs()->empty())
@@ -408,7 +404,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_writer.change_cipher_spec(CLIENT,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
if(m_state->server_hello()->next_protocol_notification())
@@ -442,7 +438,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_reader.change_cipher_spec(CLIENT,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
}
else if(type == FINISHED)
@@ -463,7 +459,7 @@ void Client::process_handshake_msg(Handshake_Type type,
m_writer.change_cipher_spec(CLIENT,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
m_state->client_finished(
@@ -483,7 +479,7 @@ void Client::process_handshake_msg(Handshake_Type type,
Session session_info(
session_id,
- m_state->keys.master_secret(),
+ m_state->session_keys().master_secret(),
m_state->server_hello()->version(),
m_state->server_hello()->ciphersuite(),
m_state->server_hello()->compression_method(),
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index c90e5d6c2..4be0c58e7 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -164,6 +164,16 @@ void Handshake_State::set_version(const Protocol_Version& version)
m_version = version;
}
+void Handshake_State::compute_session_keys()
+ {
+ m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false);
+ }
+
+void Handshake_State::compute_session_keys(const secure_vector<byte>& resume_master_secret)
+ {
+ m_session_keys = Session_Keys(this, resume_master_secret, true);
+ }
+
void Handshake_State::confirm_transition_to(Handshake_Type handshake_msg)
{
const u32bit mask = bitmask_for_handshake_type(handshake_msg);
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 5669cbd06..8fc9cc89e 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -137,10 +137,15 @@ class Handshake_State
const Ciphersuite& ciphersuite() const { return m_ciphersuite; }
+ const Session_Keys& session_keys() const { return m_session_keys; }
+
+ void compute_session_keys();
+
+ void compute_session_keys(const secure_vector<byte>& resume_master_secret);
+
// Used by the server only, in case of RSA key exchange
Private_Key* server_rsa_kex_key = nullptr; // FIXME make private
- Session_Keys keys; // FIXME make private
Handshake_Hash hash; // FIXME make private
/*
@@ -166,6 +171,7 @@ class Handshake_State
u32bit m_hand_received_mask = 0;
Protocol_Version m_version;
Ciphersuite m_ciphersuite;
+ Session_Keys m_session_keys;
std::unique_ptr<Client_Hello> m_client_hello;
std::unique_ptr<Server_Hello> m_server_hello;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 6f6b0adf3..dbdea9eac 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -389,7 +389,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.set_maximum_fragment_size(session_info.fragment_size());
}
- m_state->keys = Session_Keys(m_state.get(), session_info.master_secret(), true);
+ m_state->compute_session_keys(session_info.master_secret());
if(!m_handshake_fn(session_info))
{
@@ -431,7 +431,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.change_cipher_spec(SERVER,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
m_state->server_finished(
@@ -580,10 +580,7 @@ void Server::process_handshake_msg(Handshake_Type type,
new Client_Key_Exchange(contents, m_state.get(), m_creds, m_policy, m_rng)
);
- m_state->keys = Session_Keys(m_state.get(),
- m_state->client_kex()->pre_master_secret(),
- false);
-
+ m_state->compute_session_keys();
}
else if(type == CERTIFICATE_VERIFY)
{
@@ -624,7 +621,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_reader.change_cipher_spec(SERVER,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
}
else if(type == NEXT_PROTOCOL)
@@ -654,7 +651,7 @@ void Server::process_handshake_msg(Handshake_Type type,
Session session_info(
m_state->server_hello()->session_id(),
- m_state->keys.master_secret(),
+ m_state->session_keys().master_secret(),
m_state->server_hello()->version(),
m_state->server_hello()->ciphersuite(),
m_state->server_hello()->compression_method(),
@@ -700,7 +697,7 @@ void Server::process_handshake_msg(Handshake_Type type,
m_writer.change_cipher_spec(SERVER,
m_state->ciphersuite(),
- m_state->keys,
+ m_state->session_keys(),
m_state->server_hello()->compression_method());
m_state->server_finished(