aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/cert_ver.cpp24
-rw-r--r--src/tls/tls_messages.h11
-rw-r--r--src/tls/tls_server.cpp9
-rw-r--r--src/tls/tls_session_key.h2
4 files changed, 37 insertions, 9 deletions
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp
index 4203e2542..023c6ccd7 100644
--- a/src/tls/cert_ver.cpp
+++ b/src/tls/cert_ver.cpp
@@ -7,6 +7,7 @@
#include <botan/internal/tls_messages.h>
#include <botan/internal/tls_reader.h>
+#include <botan/tls_exceptn.h>
#include <botan/pubkey.h>
#include <botan/rsa.h>
#include <botan/dsa.h>
@@ -71,7 +72,9 @@ void Certificate_Verify::deserialize(const MemoryRegion<byte>& buf)
* Verify a Certificate Verify message
*/
bool Certificate_Verify::verify(const X509_Certificate& cert,
- TLS_Handshake_Hash& hash)
+ TLS_Handshake_Hash& hash,
+ Version_Code version,
+ const SecureVector<byte>& master_secret)
{
// FIXME: duplicate of Server_Key_Exchange::verify
@@ -84,7 +87,10 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
padding = "EMSA3(TLS.Digest.0)";
else if(key->algo_name() == "DSA")
{
- padding == "EMSA1(SHA-1)";
+ if(version == SSL_V3)
+ padding = "Raw";
+ else
+ padding = "EMSA1(SHA-1)";
format = DER_SEQUENCE;
}
else
@@ -92,7 +98,19 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
" is invalid/unknown for TLS signatures");
PK_Verifier verifier(*key, padding, format);
- return verifier.verify_message(hash.get_contents(), signature);
+
+ if(version == SSL_V3)
+ {
+ SecureVector<byte> md5_sha = hash.final_ssl3(master_secret);
+
+ return verifier.verify_message(&md5_sha[16], md5_sha.size()-16,
+ &signature[0], signature.size());
+ }
+ else if(version == TLS_V10 || version == TLS_V11)
+ return verifier.verify_message(hash.get_contents(), signature);
+ else
+ throw TLS_Exception(PROTOCOL_VERSION,
+ "Unknown TLS version in certificate verification");
}
}
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 8cfaea37e..51569fbc0 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -179,8 +179,17 @@ class Certificate_Verify : public HandshakeMessage
public:
Handshake_Type type() const { return CERTIFICATE_VERIFY; }
+ /**
+ * Check the signature on a certificate verify message
+ * @param cert the purported certificate
+ * @param hash the running handshake message hash
+ * @param version the version number we negotiated
+ * @param master_secret the session key (only used if version is SSL_V3)
+ */
bool verify(const X509_Certificate& cert,
- TLS_Handshake_Hash& hash);
+ TLS_Handshake_Hash& hash,
+ Version_Code version,
+ const SecureVector<byte>& master_secret);
Certificate_Verify(RandomNumberGenerator& rng,
Record_Writer& writer,
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 784bdc031..bc8ce5e31 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -12,8 +12,6 @@
#include <botan/rsa.h>
#include <botan/dh.h>
-#include <stdio.h>
-
namespace Botan {
namespace {
@@ -296,8 +294,11 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
const std::vector<X509_Certificate>& client_certs =
state->client_certs->cert_chain();
- const bool sig_valid = state->client_verify->verify(client_certs[0],
- state->hash);
+ const bool sig_valid =
+ state->client_verify->verify(client_certs[0],
+ state->hash,
+ state->server_hello->version(),
+ state->keys.master_secret());
state->hash.update(type, contents);
diff --git a/src/tls/tls_session_key.h b/src/tls/tls_session_key.h
index 92e8d7a18..c967eaf22 100644
--- a/src/tls/tls_session_key.h
+++ b/src/tls/tls_session_key.h
@@ -29,7 +29,7 @@ class BOTAN_DLL SessionKeys
InitializationVector client_iv() const { return c_iv; }
InitializationVector server_iv() const { return s_iv; }
- SecureVector<byte> master_secret() const { return master_sec; }
+ const SecureVector<byte>& master_secret() const { return master_sec; }
SessionKeys() {}