📄 handshake.cpp
字号:
// old style sslv2 client hello?
if (ssl.getSecurity().get_parms().entity_ == server_end &&
ssl.getStates().getServer() == clientNull)
if (buffer.peek() != handshake)
ProcessOldClientHello(buffer, ssl);
while(!buffer.eof()) {
// each record
RecordLayerHeader hdr;
buffer >> hdr;
ssl.verifyState(hdr);
// make sure we have enough input in buffer to process this record
if (hdr.length_ > buffer.get_remaining()) {
uint sz = buffer.get_remaining() + RECORD_HEADER;
buffered.reset(NEW_YS input_buffer(sz, buffer.get_buffer() +
buffer.get_current() - RECORD_HEADER, sz));
break;
}
while (buffer.get_current() < hdr.length_ + RECORD_HEADER + offset) {
// each message in record
if (ssl.getSecurity().get_parms().pending_ == false) // cipher on
decrypt_message(ssl, buffer, hdr.length_);
mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_), ysDelete);
if (!msg.get()) {
ssl.SetError(factory_error);
return buffered = null_buffer;
}
buffer >> *msg;
msg->Process(buffer, ssl);
if (ssl.GetError()) return buffered = null_buffer;
}
offset += hdr.length_ + RECORD_HEADER;
}
return buffered; // done, don't call again
}
// process input requests
void processReply(SSL& ssl)
{
if (ssl.GetError()) return;
mySTL::auto_ptr<input_buffer> buffered(ysDelete);
for (;;) {
mySTL::auto_ptr<input_buffer> tmp(DoProcessReply(ssl, buffered));
if (tmp.get()) // had only part of a record's data, call again
buffered = tmp;
else
break;
if (ssl.GetError()) return;
}
}
// send client_hello, no buffering
void sendClientHello(SSL& ssl)
{
ssl.verifyState(serverNull);
if (ssl.GetError()) return;
ClientHello ch(ssl.getSecurity().get_connection().version_);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
output_buffer out;
buildClientHello(ssl, ch);
ssl.set_random(ch.get_random(), client_end);
buildHeaders(ssl, hsHeader, rlHeader, ch);
buildOutput(out, rlHeader, hsHeader, ch);
hashHandShake(ssl, out);
ssl.Send(out.get_buffer(), out.get_size());
}
// send client key exchange
void sendClientKeyExchange(SSL& ssl, BufferOutput buffer)
{
ssl.verifyState(serverHelloDoneComplete);
if (ssl.GetError()) return;
ClientKeyExchange ck(ssl);
ck.build(ssl);
ssl.makeMasterSecret();
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, ck);
buildOutput(*out.get(), rlHeader, hsHeader, ck);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send server key exchange
void sendServerKeyExchange(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
ServerKeyExchange sk(ssl);
sk.build(ssl);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, sk);
buildOutput(*out.get(), rlHeader, hsHeader, sk);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send change cipher
void sendChangeCipher(SSL& ssl, BufferOutput buffer)
{
if (ssl.getSecurity().get_parms().entity_ == server_end)
if (ssl.getSecurity().get_resuming())
ssl.verifyState(clientKeyExchangeComplete);
else
ssl.verifyState(clientFinishedComplete);
if (ssl.GetError()) return;
ChangeCipherSpec ccs;
RecordLayerHeader rlHeader;
buildHeader(ssl, rlHeader, ccs);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildOutput(*out.get(), rlHeader, ccs);
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send finished
void sendFinished(SSL& ssl, ConnectionEnd side, BufferOutput buffer)
{
if (ssl.GetError()) return;
Finished fin;
buildFinished(ssl, fin, side == client_end ? client : server);
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
cipherFinished(ssl, fin, *out.get()); // hashes handshake
if (ssl.getSecurity().get_resuming()) {
if (side == server_end)
buildFinished(ssl, ssl.useHashes().use_verify(), client); // client
}
else {
GetSessions().add(ssl); // store session
if (side == client_end)
buildFinished(ssl, ssl.useHashes().use_verify(), server); // server
}
ssl.useSecurity().use_connection().CleanMaster();
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send data
int sendData(SSL& ssl, const void* buffer, int sz)
{
ssl.verfiyHandShakeComplete();
if (ssl.GetError()) return 0;
int sent = 0;
for (;;) {
int len = min(sz - sent, MAX_RECORD_SIZE);
output_buffer out;
const Data data(len, static_cast<const opaque*>(buffer) + sent);
buildMessage(ssl, out, data);
ssl.Send(out.get_buffer(), out.get_size());
if (ssl.GetError()) return 0;
sent += len;
if (sent == sz) break;
}
ssl.useLog().ShowData(sent, true);
return sent;
}
// send alert
int sendAlert(SSL& ssl, const Alert& alert)
{
output_buffer out;
buildAlert(ssl, out, alert);
ssl.Send(out.get_buffer(), out.get_size());
return alert.get_length();
}
// process input data
int receiveData(SSL& ssl, Data& data)
{
ssl.verfiyHandShakeComplete();
if (ssl.GetError()) return 0;
if (!ssl.bufferedData())
processReply(ssl);
ssl.fillData(data);
ssl.useLog().ShowData(data.get_length());
if (ssl.GetError()) return 0;
return data.get_length();
}
// send server hello
void sendServerHello(SSL& ssl, BufferOutput buffer)
{
if (ssl.getSecurity().get_resuming())
ssl.verifyState(clientKeyExchangeComplete);
else
ssl.verifyState(clientHelloComplete);
if (ssl.GetError()) return;
ServerHello sh(ssl.getSecurity().get_connection().version_);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildServerHello(ssl, sh);
ssl.set_random(sh.get_random(), server_end);
buildHeaders(ssl, hsHeader, rlHeader, sh);
buildOutput(*out.get(), rlHeader, hsHeader, sh);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send server hello done
void sendServerHelloDone(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
ServerHelloDone shd;
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, shd);
buildOutput(*out.get(), rlHeader, hsHeader, shd);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send certificate
void sendCertificate(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
Certificate cert(ssl.getCrypto().get_certManager().get_cert());
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, cert);
buildOutput(*out.get(), rlHeader, hsHeader, cert);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send certificate request
void sendCertificateRequest(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
CertificateRequest request;
request.Build();
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, request);
buildOutput(*out.get(), rlHeader, hsHeader, request);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
// send certificate verify
void sendCertificateVerify(SSL& ssl, BufferOutput buffer)
{
if (ssl.GetError()) return;
CertificateVerify verify;
verify.Build(ssl);
RecordLayerHeader rlHeader;
HandShakeHeader hsHeader;
mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer, ysDelete);
buildHeaders(ssl, hsHeader, rlHeader, verify);
buildOutput(*out.get(), rlHeader, hsHeader, verify);
hashHandShake(ssl, *out.get());
if (buffer == buffered)
ssl.addBuffer(out.release());
else
ssl.Send(out->get_buffer(), out->get_size());
}
} // namespace
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -