Botan  1.10.9
finished.cpp
Go to the documentation of this file.
1 /*
2 * Finished Message
3 * (C) 2004-2006 Jack Lloyd
4 *
5 * Released under the terms of the Botan license
6 */
7 
8 #include <botan/internal/tls_messages.h>
9 #include <botan/prf_tls.h>
10 
11 namespace Botan {
12 
13 /**
14 * Create a new Finished message
15 */
17  Version_Code version, Connection_Side side,
18  const MemoryRegion<byte>& master_secret,
19  HandshakeHash& hash)
20  {
21  verification_data = compute_verify(master_secret, hash, side, version);
22  send(writer, hash);
23  }
24 
25 /**
26 * Serialize a Finished message
27 */
28 SecureVector<byte> Finished::serialize() const
29  {
30  return verification_data;
31  }
32 
33 /**
34 * Deserialize a Finished message
35 */
36 void Finished::deserialize(const MemoryRegion<byte>& buf)
37  {
38  verification_data = buf;
39  }
40 
41 /**
42 * Verify a Finished message
43 */
44 bool Finished::verify(const MemoryRegion<byte>& secret, Version_Code version,
45  const HandshakeHash& hash, Connection_Side side)
46  {
47  SecureVector<byte> computed = compute_verify(secret, hash, side, version);
48  if(computed == verification_data)
49  return true;
50  return false;
51  }
52 
53 /**
54 * Compute the verify_data
55 */
56 SecureVector<byte> Finished::compute_verify(const MemoryRegion<byte>& secret,
57  HandshakeHash hash,
58  Connection_Side side,
59  Version_Code version)
60  {
61  if(version == SSL_V3)
62  {
63  const byte SSL_CLIENT_LABEL[] = { 0x43, 0x4C, 0x4E, 0x54 };
64  const byte SSL_SERVER_LABEL[] = { 0x53, 0x52, 0x56, 0x52 };
65 
66  SecureVector<byte> ssl3_finished;
67 
68  if(side == CLIENT)
69  hash.update(SSL_CLIENT_LABEL, sizeof(SSL_CLIENT_LABEL));
70  else
71  hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
72 
73  return hash.final_ssl3(secret);
74  }
75  else if(version == TLS_V10 || version == TLS_V11)
76  {
77  const byte TLS_CLIENT_LABEL[] = {
78  0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x66, 0x69, 0x6E, 0x69,
79  0x73, 0x68, 0x65, 0x64 };
80 
81  const byte TLS_SERVER_LABEL[] = {
82  0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x66, 0x69, 0x6E, 0x69,
83  0x73, 0x68, 0x65, 0x64 };
84 
85  TLS_PRF prf;
86 
87  SecureVector<byte> input;
88  if(side == CLIENT)
89  input += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL));
90  else
91  input += std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL));
92  input += hash.final();
93 
94  return prf.derive_key(12, secret, input);
95  }
96  else
97  throw Invalid_Argument("Finished message: Unknown protocol version");
98  }
99 
100 }
void send(Record_Writer &, HandshakeHash &) const
Definition: hello.cpp:16
std::invalid_argument Invalid_Argument
Definition: exceptn.h:20
Finished(Record_Writer &, Version_Code, Connection_Side, const MemoryRegion< byte > &, HandshakeHash &)
Definition: finished.cpp:16
unsigned char byte
Definition: types.h:22
Connection_Side
Definition: tls_magic.h:29
Version_Code
Definition: tls_magic.h:22
void update(const byte in[], size_t length)
SecureVector< byte > final_ssl3(const MemoryRegion< byte > &)
SecureVector< byte > final()
bool verify(const MemoryRegion< byte > &, Version_Code, const HandshakeHash &, Connection_Side)
Definition: finished.cpp:44