Botan  1.10.9
tls_session_key.cpp
Go to the documentation of this file.
1 /*
2 * TLS Session Key
3 * (C) 2004-2006 Jack Lloyd
4 *
5 * Released under the terms of the Botan license
6 */
7 
8 #include <botan/tls_session_key.h>
9 #include <botan/prf_ssl3.h>
10 #include <botan/prf_tls.h>
11 #include <botan/lookup.h>
12 
13 namespace Botan {
14 
15 /**
16 * Return the client cipher key
17 */
19  {
20  return c_cipher;
21  }
22 
23 /**
24 * Return the server cipher key
25 */
27  {
28  return s_cipher;
29  }
30 
31 /**
32 * Return the client MAC key
33 */
35  {
36  return c_mac;
37  }
38 
39 /**
40 * Return the server MAC key
41 */
43  {
44  return s_mac;
45  }
46 
47 /**
48 * Return the client cipher IV
49 */
51  {
52  return c_iv;
53  }
54 
55 /**
56 * Return the server cipher IV
57 */
59  {
60  return s_iv;
61  }
62 
63 /**
64 * Return the TLS master secret
65 */
67  {
68  return master_sec;
69  }
70 
71 /**
72 * Generate SSLv3 session keys
73 */
74 SymmetricKey SessionKeys::ssl3_keygen(size_t prf_gen,
75  const MemoryRegion<byte>& pre_master,
76  const MemoryRegion<byte>& client_random,
77  const MemoryRegion<byte>& server_random)
78  {
79  SSL3_PRF prf;
80 
81  SecureVector<byte> salt;
82  salt += client_random;
83  salt += server_random;
84 
85  master_sec = prf.derive_key(48, pre_master, salt);
86 
87  salt.clear();
88  salt += server_random;
89  salt += client_random;
90 
91  return prf.derive_key(prf_gen, master_sec, salt);
92  }
93 
94 /**
95 * Generate TLS 1.0 session keys
96 */
97 SymmetricKey SessionKeys::tls1_keygen(size_t prf_gen,
98  const MemoryRegion<byte>& pre_master,
99  const MemoryRegion<byte>& client_random,
100  const MemoryRegion<byte>& server_random)
101  {
102  const byte MASTER_SECRET_MAGIC[] = {
103  0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x73, 0x65, 0x63, 0x72, 0x65,
104  0x74 };
105  const byte KEY_GEN_MAGIC[] = {
106  0x6B, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6E, 0x73, 0x69, 0x6F,
107  0x6E };
108 
109  TLS_PRF prf;
110 
111  SecureVector<byte> salt;
112  salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
113  salt += client_random;
114  salt += server_random;
115 
116  master_sec = prf.derive_key(48, pre_master, salt);
117 
118  salt.clear();
119  salt += std::make_pair(KEY_GEN_MAGIC, sizeof(KEY_GEN_MAGIC));
120  salt += server_random;
121  salt += client_random;
122 
123  return prf.derive_key(prf_gen, master_sec, salt);
124  }
125 
126 /**
127 * SessionKeys Constructor
128 */
130  const MemoryRegion<byte>& pre_master_secret,
131  const MemoryRegion<byte>& c_random,
132  const MemoryRegion<byte>& s_random)
133  {
134  if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11)
135  throw Invalid_Argument("SessionKeys: Unknown version code");
136 
137  const size_t mac_keylen = output_length_of(suite.mac_algo());
138  const size_t cipher_keylen = suite.cipher_keylen();
139 
140  size_t cipher_ivlen = 0;
141  if(have_block_cipher(suite.cipher_algo()))
142  cipher_ivlen = block_size_of(suite.cipher_algo());
143 
144  const size_t prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_ivlen);
145 
146  SymmetricKey keyblock = (version == SSL_V3) ?
147  ssl3_keygen(prf_gen, pre_master_secret, c_random, s_random) :
148  tls1_keygen(prf_gen, pre_master_secret, c_random, s_random);
149 
150  const byte* key_data = keyblock.begin();
151 
152  c_mac = SymmetricKey(key_data, mac_keylen);
153  key_data += mac_keylen;
154 
155  s_mac = SymmetricKey(key_data, mac_keylen);
156  key_data += mac_keylen;
157 
158  c_cipher = SymmetricKey(key_data, cipher_keylen);
159  key_data += cipher_keylen;
160 
161  s_cipher = SymmetricKey(key_data, cipher_keylen);
162  key_data += cipher_keylen;
163 
164  c_iv = InitializationVector(key_data, cipher_ivlen);
165  key_data += cipher_ivlen;
166 
167  s_iv = InitializationVector(key_data, cipher_ivlen);
168  }
169 
170 }
size_t cipher_keylen() const
Definition: tls_suites.h:28
SymmetricKey server_mac_key() const
SymmetricKey client_cipher_key() const
SymmetricKey client_mac_key() const
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
InitializationVector server_iv() const
std::string cipher_algo() const
Definition: tls_suites.h:25
unsigned char byte
Definition: types.h:22
SymmetricKey server_cipher_key() const
OctetString SymmetricKey
Definition: symkey.h:147
const byte * begin() const
Definition: symkey.h:35
SecureVector< byte > master_secret() const
size_t block_size_of(const std::string &name)
Definition: lookup.cpp:35
Version_Code
Definition: tls_magic.h:22
SecureVector< byte > derive_key(size_t key_len, const MemoryRegion< byte > &secret, const std::string &salt="") const
Definition: kdf.cpp:15
std::string mac_algo() const
Definition: tls_suites.h:26
bool have_block_cipher(const std::string &algo_spec)
Definition: lookup.h:235
size_t output_length_of(const std::string &name)
Definition: lookup.cpp:51
InitializationVector client_iv() const
OctetString InitializationVector
Definition: symkey.h:152