📄 yassl_int.cpp
字号:
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS SHA);
crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_SHA], MAX_SUITE_NAME);
break;
case TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = sha;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = dsa_sa_algo;
parms.hash_size_ = SHA_LEN;
parms.key_size_ = AES_128_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS SHA);
crypto_.setCipher(NEW_YS AES);
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_SHA], MAX_SUITE_NAME);
break;
case TLS_RSA_WITH_AES_256_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = rsa_kea;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_256_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
strncpy(parms.cipher_name_,
cipher_names[TLS_RSA_WITH_AES_256_CBC_RMD160], MAX_SUITE_NAME);
break;
case TLS_RSA_WITH_AES_128_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = rsa_kea;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_128_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES);
strncpy(parms.cipher_name_,
cipher_names[TLS_RSA_WITH_AES_128_CBC_RMD160], MAX_SUITE_NAME);
break;
case TLS_RSA_WITH_3DES_EDE_CBC_RMD160:
parms.bulk_cipher_algorithm_ = triple_des;
parms.mac_algorithm_ = rmd;
parms.kea_ = rsa_kea;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = DES_EDE_KEY_SZ;
parms.iv_size_ = DES_IV_SZ;
parms.cipher_type_ = block;
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS DES_EDE);
strncpy(parms.cipher_name_,
cipher_names[TLS_RSA_WITH_3DES_EDE_CBC_RMD160], MAX_SUITE_NAME);
break;
case TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160:
parms.bulk_cipher_algorithm_ = triple_des;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = rsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = DES_EDE_KEY_SZ;
parms.iv_size_ = DES_IV_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS DES_EDE);
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_RSA_WITH_3DES_EDE_CBC_RMD160],
MAX_SUITE_NAME);
break;
case TLS_DHE_RSA_WITH_AES_256_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = rsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_256_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_RSA_WITH_AES_256_CBC_RMD160],
MAX_SUITE_NAME);
break;
case TLS_DHE_RSA_WITH_AES_128_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = rsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_128_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES);
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_RSA_WITH_AES_128_CBC_RMD160],
MAX_SUITE_NAME);
break;
case TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160:
parms.bulk_cipher_algorithm_ = triple_des;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = dsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = DES_EDE_KEY_SZ;
parms.iv_size_ = DES_IV_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS DES_EDE);
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_DSS_WITH_3DES_EDE_CBC_RMD160],
MAX_SUITE_NAME);
break;
case TLS_DHE_DSS_WITH_AES_256_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = dsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_256_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES(AES_256_KEY_SZ));
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_DSS_WITH_AES_256_CBC_RMD160],
MAX_SUITE_NAME);
break;
case TLS_DHE_DSS_WITH_AES_128_CBC_RMD160:
parms.bulk_cipher_algorithm_ = aes;
parms.mac_algorithm_ = rmd;
parms.kea_ = diffie_hellman_kea;
parms.sig_algo_ = dsa_sa_algo;
parms.hash_size_ = RMD_LEN;
parms.key_size_ = AES_128_KEY_SZ;
parms.iv_size_ = AES_BLOCK_SZ;
parms.cipher_type_ = block;
secure_.use_connection().send_server_key_ = true; // eph
crypto_.setDigest(NEW_YS RMD);
crypto_.setCipher(NEW_YS AES);
strncpy(parms.cipher_name_,
cipher_names[TLS_DHE_DSS_WITH_AES_128_CBC_RMD160],
MAX_SUITE_NAME);
break;
default:
SetError(unknown_cipher);
}
}
// store peer's random
void SSL::set_random(const opaque* random, ConnectionEnd sender)
{
if (sender == client_end)
memcpy(secure_.use_connection().client_random_, random, RAN_LEN);
else
memcpy(secure_.use_connection().server_random_, random, RAN_LEN);
}
// store client pre master secret
void SSL::set_preMaster(const opaque* pre, uint sz)
{
secure_.use_connection().AllocPreSecret(sz);
memcpy(secure_.use_connection().pre_master_secret_, pre, sz);
}
// store master secret
void SSL::set_masterSecret(const opaque* sec)
{
memcpy(secure_.use_connection().master_secret_, sec, SECRET_LEN);
}
// store server issued id
void SSL::set_sessionID(const opaque* sessionID)
{
memcpy(secure_.use_connection().sessionID_, sessionID, ID_LEN);
}
// store error
void SSL::SetError(YasslError ye)
{
states_.SetError(ye);
//strncpy(states_.useString(), e.what(), mySTL::named_exception::NAME_SIZE);
// TODO: add string here
}
// locals
namespace {
// DeriveKeys and MasterSecret helper sets prefix letters
static bool setPrefix(opaque* sha_input, int i)
{
switch (i) {
case 0:
memcpy(sha_input, "A", 1);
break;
case 1:
memcpy(sha_input, "BB", 2);
break;
case 2:
memcpy(sha_input, "CCC", 3);
break;
case 3:
memcpy(sha_input, "DDDD", 4);
break;
case 4:
memcpy(sha_input, "EEEEE", 5);
break;
case 5:
memcpy(sha_input, "FFFFFF", 6);
break;
case 6:
memcpy(sha_input, "GGGGGGG", 7);
break;
default:
return false; // prefix_error
}
return true;
}
const char handshake_order[] = "Out of order HandShake Message!";
} // namespcae for locals
void SSL::order_error()
{
SetError(out_of_order);
}
// Create and store the master secret see page 32, 6.1
void SSL::makeMasterSecret()
{
if (isTLS())
makeTLSMasterSecret();
else {
opaque sha_output[SHA_LEN];
const uint& preSz = secure_.get_connection().pre_secret_len_;
output_buffer md5_input(preSz + SHA_LEN);
output_buffer sha_input(PREFIX + preSz + 2 * RAN_LEN);
MD5 md5;
SHA sha;
md5_input.write(secure_.get_connection().pre_master_secret_, preSz);
for (int i = 0; i < MASTER_ROUNDS; ++i) {
opaque prefix[PREFIX];
if (!setPrefix(prefix, i)) {
SetError(prefix_error);
return;
}
sha_input.set_current(0);
sha_input.write(prefix, i + 1);
sha_input.write(secure_.get_connection().pre_master_secret_,preSz);
sha_input.write(secure_.get_connection().client_random_, RAN_LEN);
sha_input.write(secure_.get_connection().server_random_, RAN_LEN);
sha.get_digest(sha_output, sha_input.get_buffer(),
sha_input.get_size());
md5_input.set_current(preSz);
md5_input.write(sha_output, SHA_LEN);
md5.get_digest(&secure_.use_connection().master_secret_[i*MD5_LEN],
md5_input.get_buffer(), md5_input.get_size());
}
deriveKeys();
}
secure_.use_connection().CleanPreMaster();
}
// create TLSv1 master secret
void SSL::makeTLSMasterSecret()
{
opaque seed[SEED_LEN];
memcpy(seed, secure_.get_connection().client_random_, RAN_LEN);
memcpy(&seed[RAN_LEN], secure_.get_connection().server_random_, RAN_LEN);
PRF(secure_.use_connection().master_secret_, SECRET_LEN,
secure_.get_connection().pre_master_secret_,
secure_.get_connection().pre_secret_len_,
master_label, MASTER_LABEL_SZ,
seed, SEED_LEN);
deriveTLSKeys();
}
// derive mac, write, and iv keys for server and client, see page 34, 6.2.2
void SSL::deriveKeys()
{
int length = 2 * secure_.get_parms().hash_size_ +
2 * secure_.get_parms().key_size_ +
2 * secure_.get_parms().iv_size_;
int rounds = (length + MD5_LEN - 1 ) / MD5_LEN;
input_buffer key_data(rounds * MD5_LEN);
opaque sha_output[SHA_LEN];
opaque md5_input[SECRET_LEN + SHA_LEN];
opaque sha_input[KEY_PREFIX + SECRET_LEN + 2 * RAN_LEN];
MD5 md5;
SHA sha;
memcpy(md5_input, secure_.get_connection().master_secret_, SECRET_LEN);
for (int i = 0; i < rounds; ++i) {
int j = i + 1;
if (!setPrefix(sha_input, i)) {
SetError(prefix_error);
return;
}
memcpy(&sha_input[j], secure_.get_connection().master_secret_,
SECRET_LEN);
memcpy(&sha_input[j+SECRET_LEN],
secure_.get_connection().server_random_, RAN_LEN);
memcpy(&sha_input[j + SECRET_LEN + RAN_LEN],
secure_.get_connection().client_random_, RAN_LEN);
sha.get_digest(sha_output, sha_input,
sizeof(sha_input) - KEY_PREFIX + j);
memcpy(&md5_input[SECRET_LEN], sha_output, SHA_LEN);
md5.get_digest(key_data.get_buffer() + i * MD5_LEN,
md5_input, sizeof(md5_input));
}
storeKeys(key_data.get_buffer());
}
// derive mac, write, and iv keys for server and client
void SSL::deriveTLSKeys()
{
int length = 2 * secure_.get_parms().hash_size_ +
2 * secure_.get_parms().key_size_ +
2 * secure_.get_parms().iv_size_;
opaque seed[SEED_LEN];
input_buffer key_data(length);
memcpy(seed, secure_.get_connection().server_random_, RAN_LEN);
memcpy(&seed[RAN_LEN], secure_.get_connection().client_random_, RAN_LEN);
PRF(key_data.get_buffer(), length, secure_.get_connection().master_secret_,
SECRET_LEN, key_label, KEY_LABEL_SZ, seed, SEED_LEN);
storeKeys(key_data.get_buffer());
}
// store mac, write, and iv keys for client and server
void SSL::storeKeys(const opaque* key_data)
{
int sz = secure_.get_parms().hash_size_;
memcpy(secure_.use_connection().client_write_MAC_secret_, key_data, sz);
int i = sz;
memcpy(secure_.use_connection().server_write_MAC_secret_,&key_data[i], sz);
i += sz;
sz = secure_.get_parms().key_size_;
memcpy(secure_.use_connection().client_write_key_, &key_data[i], sz);
i += sz;
memcpy(secure_.use_connection().server_write_key_, &key_data[i], sz);
i += sz;
sz = secure_.get_parms().iv_size_;
memcpy(secure_.use_connection().client_write_IV_, &key_data[i], sz);
i += sz;
memcpy(secure_.use_connection().server_write_IV_, &key_data[i], sz);
setKeys();
}
// set encrypt/decrypt keys and ivs
void SSL::setKeys()
{
Connection& conn = secure_.use_connection();
if (secure_.get_parms().entity_ == client_end) {
crypto_.use_cipher().set_encryptKey(conn.client_write_key_,
conn.client_write_IV_);
crypto_.use_cipher().set_decryptKey(conn.server_write_key_,
conn.server_write_IV_);
}
else {
crypto_.use_cipher().set_encryptKey(conn.server_write_key_,
conn.server_write_IV_);
crypto_.use_cipher().set_decryptKey(conn.client_write_key_,
conn.client_write_IV_);
}
}
// local functors
namespace yassl_int_cpp_local1 { // for explicit templates
struct SumData {
uint total_;
SumData() : total_(0) {}
void operator()(input_buffer* data) { total_ += data->get_remaining(); }
};
struct SumBuffer {
uint total_;
SumBuffer() : total_(0) {}
void operator()(output_buffer* buffer) { total_ += buffer->get_size(); }
};
} // namespace for locals
using namespace yassl_int_cpp_local1;
uint SSL::bufferedData()
{
return mySTL::for_each(buffers_.getData().begin(),buffers_.getData().end(),
SumData()).total_;
}
// use input buffer to fill data
void SSL::fillData(Data& data)
{
if (GetError()) return;
uint dataSz = data.get_length(); // input, data size to fill
uint elements = buffers_.getData().size();
data.set_length(0); // output, actual data filled
dataSz = min(dataSz, bufferedData());
for (uint i = 0; i < elements; i++) {
input_buffer* front = buffers_.getData().front();
uint frontSz = front->get_remaining();
uint readSz = min(dataSz - data.get_length(), frontSz);
front->read(data.set_buffer() + data.get_length(), readSz);
data.set_length(data.get_length() + readSz);
if (readSz == frontSz) {
buffers_.useData().pop_front();
ysDelete(front);
}
if (data.get_length() == dataSz)
break;
}
}
// flush output buffer
void SSL::flushBuffer()
{
if (GetError()) return;
uint sz = mySTL::for_each(buffers_.getHandShake().begin(),
buffers_.getHandShake().end(),
SumBuffer()).total_;
output_buffer out(sz);
uint elements = buffers_.getHandShake().size();
for (uint i = 0; i < elements; i++) {
output_buffer* front = buffers_.getHandShake().front();
out.write(front->get_buffer(), front->get_size());
buffers_.useHandShake().pop_front();
ysDelete(front);
}
Send(out.get_buffer(), out.get_size());
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -