6 files changed, 53 insertions, 15 deletions

diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index ce1941a0a..0168e4b7d 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -45,7 +45,7 @@ MemoryVector<byte> Certificate_Req::serialize() const
 
    append_tls_length_value(buf, types, 1);
 
-   for(size_t i = 0; i 1= names.size(); ++i)
+   for(size_t i = 0; i != names.size(); ++i)
       {
       DER_Encoder encoder;
       encoder.encode(names[i]);
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp
index 5a20e3029..2c2ec9b2a 100644
--- a/src/tls/cert_ver.cpp
+++ b/src/tls/cert_ver.cpp
@@ -1,6 +1,6 @@
 /*
 * Certificate Verify Message
-* (C) 2004-2011 Jack Lloyd
+* (C) 2004,2006,2011,2012 Jack Lloyd
 *
 * Released under the terms of the Botan license
 */
@@ -23,6 +23,8 @@ namespace Botan {
 Certificate_Verify::Certificate_Verify(Record_Writer& writer,
                                        TLS_Handshake_Hash& hash,
                                        RandomNumberGenerator& rng,
+                                       Version_Code version,
+                                       const SecureVector<byte>& master_secret,
                                        const Private_Key* priv_key)
    {
    BOTAN_ASSERT_NONNULL(priv_key);
@@ -34,7 +36,10 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
       padding = "EMSA3(TLS.Digest.0)";
    else if(priv_key->algo_name() == "DSA")
       {
-      padding = "EMSA1(SHA-1)";
+      if(version == SSL_V3)
+         padding = "Raw";
+      else
+         padding = "EMSA1(SHA-1)";
       format = DER_SEQUENCE;
       }
    else
@@ -43,7 +48,20 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
 
    PK_Signer signer(*priv_key, padding, format);
 
-   signature = signer.sign_message(hash.final(), rng);
+   if(version == SSL_V3)
+      {
+      SecureVector<byte> md5_sha = hash.final_ssl3(master_secret);
+
+      signature = signer.sign_message(&md5_sha[16], md5_sha.size()-16, rng);
+      }
+   else if(version == TLS_V10 || version == TLS_V11)
+      {
+      signature = signer.sign_message(hash.get_contents(), rng);
+      }
+   else
+      throw TLS_Exception(PROTOCOL_VERSION,
+                          "Unknown TLS version in certificate verification");
+
    send(writer, hash);
    }
 
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index 7abcdf644..ca4a56007 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -333,6 +333,11 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
                                  state->kex_pub, state->version,
                                  state->client_hello->version());
 
+      state->keys = SessionKeys(state->suite, state->version,
+                                state->client_kex->pre_master_secret(),
+                                state->client_hello->random(),
+                                state->server_hello->random());
+
       if(state->received_handshake_msg(CERTIFICATE_REQUEST) &&
          !state->client_certs->empty())
          {
@@ -341,15 +346,14 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
                                   "tls-client",
                                   state->client_hello->sni_hostname());
 
-         state->client_verify = new Certificate_Verify(writer, state->hash,
-                                                       rng, private_key);
+         state->client_verify = new Certificate_Verify(writer,
+                                                       state->hash,
+                                                       rng,
+                                                       state->version,
+                                                       state->keys.master_secret(),
+                                                       private_key);
          }
 
-      state->keys = SessionKeys(state->suite, state->version,
-                                state->client_kex->pre_master_secret(),
-                                state->client_hello->random(),
-                                state->server_hello->random());
-
       writer.send(CHANGE_CIPHER_SPEC, 1);
 
       writer.activate(state->suite, state->keys, CLIENT);
diff --git a/src/tls/tls_magic.h b/src/tls/tls_magic.h
index 51fe91e8b..231ac363f 100644
--- a/src/tls/tls_magic.h
+++ b/src/tls/tls_magic.h
@@ -101,10 +101,14 @@ enum Alert_Type {
 };
 
 enum Certificate_Type {
-   RSA_CERT    = 1,
-   DSS_CERT    = 2,
-   DH_RSA_CERT = 3,
-   DH_DSS_CERT = 4
+   RSA_CERT        = 1,
+   DSS_CERT        = 2,
+   DH_RSA_CERT     = 3,
+   DH_DSS_CERT     = 4,
+
+   ECDSA_CERT      = 64,
+   ECDH_RSA_CERT   = 65,
+   ECDH_ECDSA_CERT = 66
 };
 
 enum Ciphersuite_Code {
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index 6c2749e42..ee05031c0 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -302,6 +302,8 @@ class Certificate_Verify : public Handshake_Message
       Certificate_Verify(Record_Writer& writer,
                          TLS_Handshake_Hash& hash,
                          RandomNumberGenerator& rng,
+                         Version_Code version,
+                         const SecureVector<byte>& master_secret,
                          const Private_Key* key);
 
       Certificate_Verify(const MemoryRegion<byte>& buf) { deserialize(buf); }
diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h
index b4b3861ed..f1352a0e0 100644
--- a/src/tls/tls_session.h
+++ b/src/tls/tls_session.h
@@ -68,6 +68,16 @@ class BOTAN_DLL TLS_Session
          { return static_cast<Version_Code>(m_version); }
 
       /**
+      * Get the major version of the saved session
+      */
+      byte major_version() const { return get_byte(0, m_version); }
+
+      /**
+      * Get the minor version of the saved session
+      */
+      byte minor_version() const { return get_byte(0, m_version); }
+
+      /**
       * Get the ciphersuite of the saved session
       */
       u16bit ciphersuite() const { return m_ciphersuite; }