diff options
Diffstat (limited to 'src/tls')
-rw-r--r-- | src/tls/cert_ver.cpp | 24 | ||||
-rw-r--r-- | src/tls/tls_messages.h | 11 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 9 | ||||
-rw-r--r-- | src/tls/tls_session_key.h | 2 |
4 files changed, 37 insertions, 9 deletions
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp index 4203e2542..023c6ccd7 100644 --- a/src/tls/cert_ver.cpp +++ b/src/tls/cert_ver.cpp @@ -7,6 +7,7 @@ #include <botan/internal/tls_messages.h> #include <botan/internal/tls_reader.h> +#include <botan/tls_exceptn.h> #include <botan/pubkey.h> #include <botan/rsa.h> #include <botan/dsa.h> @@ -71,7 +72,9 @@ void Certificate_Verify::deserialize(const MemoryRegion<byte>& buf) * Verify a Certificate Verify message */ bool Certificate_Verify::verify(const X509_Certificate& cert, - TLS_Handshake_Hash& hash) + TLS_Handshake_Hash& hash, + Version_Code version, + const SecureVector<byte>& master_secret) { // FIXME: duplicate of Server_Key_Exchange::verify @@ -84,7 +87,10 @@ bool Certificate_Verify::verify(const X509_Certificate& cert, padding = "EMSA3(TLS.Digest.0)"; else if(key->algo_name() == "DSA") { - padding == "EMSA1(SHA-1)"; + if(version == SSL_V3) + padding = "Raw"; + else + padding = "EMSA1(SHA-1)"; format = DER_SEQUENCE; } else @@ -92,7 +98,19 @@ bool Certificate_Verify::verify(const X509_Certificate& cert, " is invalid/unknown for TLS signatures"); PK_Verifier verifier(*key, padding, format); - return verifier.verify_message(hash.get_contents(), signature); + + if(version == SSL_V3) + { + SecureVector<byte> md5_sha = hash.final_ssl3(master_secret); + + return verifier.verify_message(&md5_sha[16], md5_sha.size()-16, + &signature[0], signature.size()); + } + else if(version == TLS_V10 || version == TLS_V11) + return verifier.verify_message(hash.get_contents(), signature); + else + throw TLS_Exception(PROTOCOL_VERSION, + "Unknown TLS version in certificate verification"); } } diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h index 8cfaea37e..51569fbc0 100644 --- a/src/tls/tls_messages.h +++ b/src/tls/tls_messages.h @@ -179,8 +179,17 @@ class Certificate_Verify : public HandshakeMessage public: Handshake_Type type() const { return CERTIFICATE_VERIFY; } + /** + * Check the signature on a certificate verify message + * @param cert the purported certificate + * @param hash the running handshake message hash + * @param version the version number we negotiated + * @param master_secret the session key (only used if version is SSL_V3) + */ bool verify(const X509_Certificate& cert, - TLS_Handshake_Hash& hash); + TLS_Handshake_Hash& hash, + Version_Code version, + const SecureVector<byte>& master_secret); Certificate_Verify(RandomNumberGenerator& rng, Record_Writer& writer, diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index 784bdc031..bc8ce5e31 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -12,8 +12,6 @@ #include <botan/rsa.h> #include <botan/dh.h> -#include <stdio.h> - namespace Botan { namespace { @@ -296,8 +294,11 @@ void TLS_Server::process_handshake_msg(Handshake_Type type, const std::vector<X509_Certificate>& client_certs = state->client_certs->cert_chain(); - const bool sig_valid = state->client_verify->verify(client_certs[0], - state->hash); + const bool sig_valid = + state->client_verify->verify(client_certs[0], + state->hash, + state->server_hello->version(), + state->keys.master_secret()); state->hash.update(type, contents); diff --git a/src/tls/tls_session_key.h b/src/tls/tls_session_key.h index 92e8d7a18..c967eaf22 100644 --- a/src/tls/tls_session_key.h +++ b/src/tls/tls_session_key.h @@ -29,7 +29,7 @@ class BOTAN_DLL SessionKeys InitializationVector client_iv() const { return c_iv; } InitializationVector server_iv() const { return s_iv; } - SecureVector<byte> master_secret() const { return master_sec; } + const SecureVector<byte>& master_secret() const { return master_sec; } SessionKeys() {} |