From e4f94b6285c8db53ba725f82a409f6782645e223 Mon Sep 17 00:00:00 2001 From: lloyd Date: Thu, 25 Mar 2010 18:56:38 +0000 Subject: Also remove compression bits from record writer --- src/ssl/rec_wri.cpp | 18 ++++-------------- 1 file changed, 4 insertions(+), 14 deletions(-) (limited to 'src/ssl/rec_wri.cpp') diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp index 258b4ec17..0e30da759 100644 --- a/src/ssl/rec_wri.cpp +++ b/src/ssl/rec_wri.cpp @@ -1,6 +1,6 @@ /** -* TLS Record Writing -* (C) 2004-2006 Jack Lloyd +* TLS Record Writing +* (C) 2004-2010 Jack Lloyd * * Released under the terms of the Botan license */ @@ -26,11 +26,9 @@ Record_Writer::Record_Writer(Socket& sock) : */ void Record_Writer::reset() { - compress.reset(); cipher.reset(); mac.reset(); buffer.clear(); - do_compress = false; major = minor = buf_type = 0; pad_amount = mac_size = buf_pos = 0; seq_no = 0; @@ -48,15 +46,6 @@ void Record_Writer::set_version(Version_Code version) minor = (version & 0xFF); } -/** -* Set the compression algorithm -*/ -void Record_Writer::set_compressor(Filter* compressor) - { - throw TLS_Exception(INTERNAL_ERROR, "Compression not implemented (FIXME)"); - compress.append(compressor); - } - /** * Set the keys for writing */ @@ -203,6 +192,8 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length) mac.write(buf, length); mac.end_msg(); + // TODO: This could all use a single buffer + SecureVector buf_mac = mac.read_all(Pipe::LAST_MESSAGE); cipher.start_msg(); @@ -240,7 +231,6 @@ void Record_Writer::send_record(byte type, byte major, byte minor, for(u32bit j = 0; j != 2; j++) header[j+3] = get_byte(j, length); - // FIXME: tradoff of TCP/syscall overhead vs copy overhead socket.write(header, 5); socket.write(out, length); } -- cgit v1.2.3 From 6d141cd765d840d8bbfdaaa8154494d3c9ecce50 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 30 Mar 2010 02:24:38 +0000 Subject: Rename pad_amount to block_size, more accurate/descriptive --- src/ssl/rec_read.cpp | 12 +++++++----- src/ssl/rec_wri.cpp | 16 +++++++++++----- src/ssl/tls_record.h | 4 ++-- 3 files changed, 20 insertions(+), 12 deletions(-) (limited to 'src/ssl/rec_wri.cpp') diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp index 11dedc41c..4a042c28b 100644 --- a/src/ssl/rec_read.cpp +++ b/src/ssl/rec_read.cpp @@ -19,7 +19,8 @@ void Record_Reader::reset() { cipher.reset(); mac.reset(); - mac_size = pad_amount = 0; + mac_size = 0; + block_size = 0; major = minor = 0; seq_no = 0; } @@ -70,12 +71,12 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys, cipher_algo + "/CBC/NoPadding", cipher_key, iv, DECRYPTION) ); - pad_amount = block_size_of(cipher_algo); + block_size = block_size_of(cipher_algo); } else if(have_stream_cipher(cipher_algo)) { cipher.append(get_cipher(cipher_algo, cipher_key, DECRYPTION)); - pad_amount = 0; + block_size = 0; } else throw Invalid_Argument("Record_Reader: Unknown cipher " + cipher_algo); @@ -149,14 +150,15 @@ u32bit Record_Reader::get_record(byte& msg_type, SecureVector plaintext = cipher.read_all(Pipe::LAST_MESSAGE); u32bit pad_size = 0; - if(pad_amount) + + if(block_size) { byte pad_value = plaintext[plaintext.size()-1]; pad_size = pad_value + 1; if(version == SSL_V3) { - if(pad_value > pad_amount) + if(pad_value > block_size) throw TLS_Exception(BAD_RECORD_MAC, "Record_Reader: Bad padding"); } diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp index 0e30da759..dc51a06b0 100644 --- a/src/ssl/rec_wri.cpp +++ b/src/ssl/rec_wri.cpp @@ -28,9 +28,14 @@ void Record_Writer::reset() { cipher.reset(); mac.reset(); + buffer.clear(); + buf_pos = 0; + major = minor = buf_type = 0; - pad_amount = mac_size = buf_pos = 0; + block_size = 0; + mac_size = 0; + seq_no = 0; } @@ -80,12 +85,12 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys, cipher_algo + "/CBC/NoPadding", cipher_key, iv, ENCRYPTION) ); - pad_amount = block_size_of(cipher_algo); + block_size = block_size_of(cipher_algo); } else if(have_stream_cipher(cipher_algo)) { cipher.append(get_cipher(cipher_algo, cipher_key, ENCRYPTION)); - pad_amount = 0; + block_size = 0; } else throw Invalid_Argument("Record_Writer: Unknown cipher " + cipher_algo); @@ -199,10 +204,11 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length) cipher.start_msg(); cipher.write(buf, length); cipher.write(buf_mac); - if(pad_amount) + + if(block_size) { u32bit pad_val = - (pad_amount - (1 + length + buf_mac.size())) % pad_amount; + (block_size - (1 + length + buf_mac.size())) % block_size; for(u32bit j = 0; j != pad_val + 1; j++) cipher.write(pad_val); diff --git a/src/ssl/tls_record.h b/src/ssl/tls_record.h index 358051b35..c3bfcc14e 100644 --- a/src/ssl/tls_record.h +++ b/src/ssl/tls_record.h @@ -44,7 +44,7 @@ class BOTAN_DLL Record_Writer Socket& socket; Pipe cipher, mac; SecureVector buffer; - u32bit pad_amount, mac_size, buf_pos; + u32bit block_size, mac_size, buf_pos; u64bit seq_no; byte major, minor, buf_type; }; @@ -80,7 +80,7 @@ class BOTAN_DLL Record_Reader SecureQueue input_queue; Pipe cipher, mac; - u32bit pad_amount, mac_size; + u32bit block_size, mac_size; u64bit seq_no; byte major, minor; }; -- cgit v1.2.3 From 2c0cd825b6368f61afdba0eab8c8697d25451787 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 30 Mar 2010 02:50:15 +0000 Subject: Add support for TLS v1.1's per-record random IV. Tested against GnuTLS server. --- doc/log.txt | 1 + src/ssl/finished.cpp | 2 +- src/ssl/hello.cpp | 6 +++++- src/ssl/rec_read.cpp | 17 ++++++++++++----- src/ssl/rec_wri.cpp | 22 +++++++++++++++++++++- src/ssl/tls_policy.h | 2 +- src/ssl/tls_record.h | 7 +++++-- src/ssl/tls_session_key.cpp | 2 +- 8 files changed, 47 insertions(+), 12 deletions(-) (limited to 'src/ssl/rec_wri.cpp') diff --git a/doc/log.txt b/doc/log.txt index ac9354048..398f780e3 100644 --- a/doc/log.txt +++ b/doc/log.txt @@ -1,5 +1,6 @@ * 1.9.6-dev, ????-??-?? + - Add support for TLS v1.1 * 1.9.5, 2010-03-29 - Numerous ECC optimizations diff --git a/src/ssl/finished.cpp b/src/ssl/finished.cpp index edbd4a3fe..b0f6abd25 100644 --- a/src/ssl/finished.cpp +++ b/src/ssl/finished.cpp @@ -72,7 +72,7 @@ SecureVector Finished::compute_verify(const MemoryRegion& secret, return hash.final_ssl3(secret); } - else if(version == TLS_V10) + else if(version == TLS_V10 || version == TLS_V11) { const byte TLS_CLIENT_LABEL[] = { 0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x66, 0x69, 0x6E, 0x69, diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp index 53f680fba..e4a04dfa7 100644 --- a/src/ssl/hello.cpp +++ b/src/ssl/hello.cpp @@ -219,9 +219,13 @@ void Server_Hello::deserialize(const MemoryRegion& buf) throw Decoding_Error("Server_Hello: Packet corrupted"); s_version = static_cast(make_u16bit(buf[0], buf[1])); - if(s_version != SSL_V3 && s_version != TLS_V10) + if(s_version != SSL_V3 && + s_version != TLS_V10 && + s_version != TLS_V11) + { throw TLS_Exception(PROTOCOL_VERSION, "Server_Hello: Unsupported server version"); + } s_random.set(buf + 2, 32); diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp index 4a042c28b..4f030cf1e 100644 --- a/src/ssl/rec_read.cpp +++ b/src/ssl/rec_read.cpp @@ -21,6 +21,7 @@ void Record_Reader::reset() mac.reset(); mac_size = 0; block_size = 0; + iv_size = 0; major = minor = 0; seq_no = 0; } @@ -30,7 +31,7 @@ void Record_Reader::reset() */ void Record_Reader::set_version(Version_Code version) { - if(version != SSL_V3 && version != TLS_V10) + if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11) throw Invalid_Argument("Record_Reader: Invalid protocol version"); major = (version >> 8) & 0xFF; @@ -72,11 +73,17 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys, cipher_key, iv, DECRYPTION) ); block_size = block_size_of(cipher_algo); + + if(major == 3 && minor >= 2) + iv_size = block_size; + else + iv_size = 0; } else if(have_stream_cipher(cipher_algo)) { cipher.append(get_cipher(cipher_algo, cipher_key, DECRYPTION)); block_size = 0; + iv_size = 0; } else throw Invalid_Argument("Record_Reader: Unknown cipher " + cipher_algo); @@ -171,14 +178,14 @@ u32bit Record_Reader::get_record(byte& msg_type, } } - if(plaintext.size() < mac_size + pad_size) + if(plaintext.size() < mac_size + pad_size + iv_size) throw Decoding_Error("Record_Reader: Record truncated"); const u32bit mac_offset = plaintext.size() - (mac_size + pad_size); SecureVector recieved_mac(plaintext.begin() + mac_offset, mac_size); - const u16bit plain_length = plaintext.size() - (mac_size + pad_size); + const u16bit plain_length = plaintext.size() - (mac_size + pad_size + iv_size); mac.start_msg(); for(u32bit j = 0; j != 8; j++) @@ -191,7 +198,7 @@ u32bit Record_Reader::get_record(byte& msg_type, for(u32bit j = 0; j != 2; j++) mac.write(get_byte(j, plain_length)); - mac.write(plaintext, plain_length); + mac.write(&plaintext[iv_size], plain_length); mac.end_msg(); ++seq_no; @@ -202,7 +209,7 @@ u32bit Record_Reader::get_record(byte& msg_type, throw TLS_Exception(BAD_RECORD_MAC, "Record_Reader: MAC failure"); msg_type = header[0]; - output.set(plaintext, mac_offset); + output.set(&plaintext[iv_size], plain_length); return 0; } diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp index dc51a06b0..092ecdfe1 100644 --- a/src/ssl/rec_wri.cpp +++ b/src/ssl/rec_wri.cpp @@ -9,6 +9,7 @@ #include #include #include +#include namespace Botan { @@ -35,6 +36,7 @@ void Record_Writer::reset() major = minor = buf_type = 0; block_size = 0; mac_size = 0; + iv_size = 0; seq_no = 0; } @@ -44,7 +46,7 @@ void Record_Writer::reset() */ void Record_Writer::set_version(Version_Code version) { - if(version != SSL_V3 && version != TLS_V10) + if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11) throw Invalid_Argument("Record_Writer: Invalid protocol version"); major = (version >> 8) & 0xFF; @@ -86,11 +88,17 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys, cipher_key, iv, ENCRYPTION) ); block_size = block_size_of(cipher_algo); + + if(major == 3 && minor >= 2) + iv_size = block_size; + else + iv_size = 0; } else if(have_stream_cipher(cipher_algo)) { cipher.append(get_cipher(cipher_algo, cipher_key, ENCRYPTION)); block_size = 0; + iv_size = 0; } else throw Invalid_Argument("Record_Writer: Unknown cipher " + cipher_algo); @@ -202,6 +210,18 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length) SecureVector buf_mac = mac.read_all(Pipe::LAST_MESSAGE); cipher.start_msg(); + + if(iv_size) + { + RandomNumberGenerator& rng = global_state().global_rng(); + + SecureVector random_iv(iv_size); + + rng.randomize(&random_iv[0], random_iv.size()); + + cipher.write(random_iv); + } + cipher.write(buf, length); cipher.write(buf_mac); diff --git a/src/ssl/tls_policy.h b/src/ssl/tls_policy.h index 98297181c..75d6d7663 100644 --- a/src/ssl/tls_policy.h +++ b/src/ssl/tls_policy.h @@ -40,7 +40,7 @@ class BOTAN_DLL TLS_Policy virtual u32bit rsa_export_keysize() const { return 512; } virtual Version_Code min_version() const { return SSL_V3; } - virtual Version_Code pref_version() const { return TLS_V10; } + virtual Version_Code pref_version() const { return TLS_V11; } virtual bool check_cert(const std::vector&, const std::string&) const; diff --git a/src/ssl/tls_record.h b/src/ssl/tls_record.h index c3bfcc14e..2058933d0 100644 --- a/src/ssl/tls_record.h +++ b/src/ssl/tls_record.h @@ -44,7 +44,10 @@ class BOTAN_DLL Record_Writer Socket& socket; Pipe cipher, mac; SecureVector buffer; - u32bit block_size, mac_size, buf_pos; + u32bit buf_pos; + + u32bit block_size, mac_size, iv_size; + u64bit seq_no; byte major, minor, buf_type; }; @@ -80,7 +83,7 @@ class BOTAN_DLL Record_Reader SecureQueue input_queue; Pipe cipher, mac; - u32bit block_size, mac_size; + u32bit block_size, mac_size, iv_size; u64bit seq_no; byte major, minor; }; diff --git a/src/ssl/tls_session_key.cpp b/src/ssl/tls_session_key.cpp index 83c06ba07..13575adac 100644 --- a/src/ssl/tls_session_key.cpp +++ b/src/ssl/tls_session_key.cpp @@ -131,7 +131,7 @@ SessionKeys::SessionKeys(const CipherSuite& suite, Version_Code version, const MemoryRegion& c_random, const MemoryRegion& s_random) { - if(version != SSL_V3 && version != TLS_V10) + if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11) throw Invalid_Argument("SessionKeys: Unknown version code"); const u32bit mac_keylen = output_length_of(suite.mac_algo()); -- cgit v1.2.3