diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/tls/msg_cert_verify.cpp | 4 | ||||
-rw-r--r-- | src/tls/msg_finished.cpp | 4 | ||||
-rw-r--r-- | src/tls/tls_client.cpp | 16 | ||||
-rw-r--r-- | src/tls/tls_handshake_state.cpp | 10 | ||||
-rw-r--r-- | src/tls/tls_handshake_state.h | 8 | ||||
-rw-r--r-- | src/tls/tls_server.cpp | 15 |
6 files changed, 33 insertions, 24 deletions
diff --git a/src/tls/msg_cert_verify.cpp b/src/tls/msg_cert_verify.cpp index 79e7bcaf6..c3ad38322 100644 --- a/src/tls/msg_cert_verify.cpp +++ b/src/tls/msg_cert_verify.cpp @@ -35,7 +35,7 @@ Certificate_Verify::Certificate_Verify(Handshake_IO& io, if(state->version() == Protocol_Version::SSL_V3) { secure_vector<byte> md5_sha = state->hash.final_ssl3( - state->keys.master_secret()); + state->session_keys().master_secret()); if(priv_key->algo_name() == "DSA") m_signature = signer.sign_message(&md5_sha[16], md5_sha.size()-16, rng); @@ -104,7 +104,7 @@ bool Certificate_Verify::verify(const X509_Certificate& cert, if(state->version() == Protocol_Version::SSL_V3) { secure_vector<byte> md5_sha = state->hash.final_ssl3( - state->keys.master_secret()); + state->session_keys().master_secret()); return verifier.verify_message(&md5_sha[16], md5_sha.size()-16, &m_signature[0], m_signature.size()); diff --git a/src/tls/msg_finished.cpp b/src/tls/msg_finished.cpp index c25bfd961..24b41c370 100644 --- a/src/tls/msg_finished.cpp +++ b/src/tls/msg_finished.cpp @@ -35,7 +35,7 @@ std::vector<byte> finished_compute_verify(const Handshake_State* state, else hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL)); - return unlock(hash.final_ssl3(state->keys.master_secret())); + return unlock(hash.final_ssl3(state->session_keys().master_secret())); } else { @@ -57,7 +57,7 @@ std::vector<byte> finished_compute_verify(const Handshake_State* state, input += state->hash.final(state->version(), state->ciphersuite().mac_algo()); - return unlock(prf->derive_key(12, state->keys.master_secret(), input)); + return unlock(prf->derive_key(12, state->session_keys().master_secret(), input)); } } diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp index d60aa611e..d1b076498 100644 --- a/src/tls/tls_client.cpp +++ b/src/tls/tls_client.cpp @@ -234,9 +234,7 @@ void Client::process_handshake_msg(Handshake_Type type, throw TLS_Exception(Alert::HANDSHAKE_FAILURE, "Server resumed session but with wrong version"); - m_state->keys = Session_Keys(m_state.get(), - m_state->resume_master_secret, - true); + m_state->compute_session_keys(m_state->resume_master_secret); // The server is not strictly required to send us a new ticket if(m_state->server_hello()->supports_session_ticket()) @@ -383,9 +381,7 @@ void Client::process_handshake_msg(Handshake_Type type, m_rng) ); - m_state->keys = Session_Keys(m_state.get(), - m_state->client_kex()->pre_master_secret(), - false); + m_state->compute_session_keys(); if(m_state->received_handshake_msg(CERTIFICATE_REQUEST) && !m_state->client_certs()->empty()) @@ -408,7 +404,7 @@ void Client::process_handshake_msg(Handshake_Type type, m_writer.change_cipher_spec(CLIENT, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); if(m_state->server_hello()->next_protocol_notification()) @@ -442,7 +438,7 @@ void Client::process_handshake_msg(Handshake_Type type, m_reader.change_cipher_spec(CLIENT, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); } else if(type == FINISHED) @@ -463,7 +459,7 @@ void Client::process_handshake_msg(Handshake_Type type, m_writer.change_cipher_spec(CLIENT, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); m_state->client_finished( @@ -483,7 +479,7 @@ void Client::process_handshake_msg(Handshake_Type type, Session session_info( session_id, - m_state->keys.master_secret(), + m_state->session_keys().master_secret(), m_state->server_hello()->version(), m_state->server_hello()->ciphersuite(), m_state->server_hello()->compression_method(), diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp index c90e5d6c2..4be0c58e7 100644 --- a/src/tls/tls_handshake_state.cpp +++ b/src/tls/tls_handshake_state.cpp @@ -164,6 +164,16 @@ void Handshake_State::set_version(const Protocol_Version& version) m_version = version; } +void Handshake_State::compute_session_keys() + { + m_session_keys = Session_Keys(this, client_kex()->pre_master_secret(), false); + } + +void Handshake_State::compute_session_keys(const secure_vector<byte>& resume_master_secret) + { + m_session_keys = Session_Keys(this, resume_master_secret, true); + } + void Handshake_State::confirm_transition_to(Handshake_Type handshake_msg) { const u32bit mask = bitmask_for_handshake_type(handshake_msg); diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h index 5669cbd06..8fc9cc89e 100644 --- a/src/tls/tls_handshake_state.h +++ b/src/tls/tls_handshake_state.h @@ -137,10 +137,15 @@ class Handshake_State const Ciphersuite& ciphersuite() const { return m_ciphersuite; } + const Session_Keys& session_keys() const { return m_session_keys; } + + void compute_session_keys(); + + void compute_session_keys(const secure_vector<byte>& resume_master_secret); + // Used by the server only, in case of RSA key exchange Private_Key* server_rsa_kex_key = nullptr; // FIXME make private - Session_Keys keys; // FIXME make private Handshake_Hash hash; // FIXME make private /* @@ -166,6 +171,7 @@ class Handshake_State u32bit m_hand_received_mask = 0; Protocol_Version m_version; Ciphersuite m_ciphersuite; + Session_Keys m_session_keys; std::unique_ptr<Client_Hello> m_client_hello; std::unique_ptr<Server_Hello> m_server_hello; diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp index 6f6b0adf3..dbdea9eac 100644 --- a/src/tls/tls_server.cpp +++ b/src/tls/tls_server.cpp @@ -389,7 +389,7 @@ void Server::process_handshake_msg(Handshake_Type type, m_writer.set_maximum_fragment_size(session_info.fragment_size()); } - m_state->keys = Session_Keys(m_state.get(), session_info.master_secret(), true); + m_state->compute_session_keys(session_info.master_secret()); if(!m_handshake_fn(session_info)) { @@ -431,7 +431,7 @@ void Server::process_handshake_msg(Handshake_Type type, m_writer.change_cipher_spec(SERVER, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); m_state->server_finished( @@ -580,10 +580,7 @@ void Server::process_handshake_msg(Handshake_Type type, new Client_Key_Exchange(contents, m_state.get(), m_creds, m_policy, m_rng) ); - m_state->keys = Session_Keys(m_state.get(), - m_state->client_kex()->pre_master_secret(), - false); - + m_state->compute_session_keys(); } else if(type == CERTIFICATE_VERIFY) { @@ -624,7 +621,7 @@ void Server::process_handshake_msg(Handshake_Type type, m_reader.change_cipher_spec(SERVER, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); } else if(type == NEXT_PROTOCOL) @@ -654,7 +651,7 @@ void Server::process_handshake_msg(Handshake_Type type, Session session_info( m_state->server_hello()->session_id(), - m_state->keys.master_secret(), + m_state->session_keys().master_secret(), m_state->server_hello()->version(), m_state->server_hello()->ciphersuite(), m_state->server_hello()->compression_method(), @@ -700,7 +697,7 @@ void Server::process_handshake_msg(Handshake_Type type, m_writer.change_cipher_spec(SERVER, m_state->ciphersuite(), - m_state->keys, + m_state->session_keys(), m_state->server_hello()->compression_method()); m_state->server_finished( |