Botan  1.11.15
src/lib/tls/msg_finished.cpp
Go to the documentation of this file.
00001 /*
00002 * Finished Message
00003 * (C) 2004-2006,2012 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/internal/tls_messages.h>
00009 #include <botan/internal/tls_handshake_io.h>
00010 
00011 namespace Botan {
00012 
00013 namespace TLS {
00014 
00015 namespace {
00016 
00017 /*
00018 * Compute the verify_data
00019 */
00020 std::vector<byte> finished_compute_verify(const Handshake_State& state,
00021                                           Connection_Side side)
00022    {
00023    const byte TLS_CLIENT_LABEL[] = {
00024       0x63, 0x6C, 0x69, 0x65, 0x6E, 0x74, 0x20, 0x66, 0x69, 0x6E, 0x69,
00025       0x73, 0x68, 0x65, 0x64 };
00026 
00027    const byte TLS_SERVER_LABEL[] = {
00028       0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x20, 0x66, 0x69, 0x6E, 0x69,
00029       0x73, 0x68, 0x65, 0x64 };
00030 
00031    std::unique_ptr<KDF> prf(state.protocol_specific_prf());
00032 
00033    std::vector<byte> input;
00034    if(side == CLIENT)
00035       input += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL));
00036    else
00037       input += std::make_pair(TLS_SERVER_LABEL, sizeof(TLS_SERVER_LABEL));
00038 
00039    input += state.hash().final(state.version(), state.ciphersuite().prf_algo());
00040 
00041    return unlock(prf->derive_key(12, state.session_keys().master_secret(), input));
00042    }
00043 
00044 }
00045 
00046 /*
00047 * Create a new Finished message
00048 */
00049 Finished::Finished(Handshake_IO& io,
00050                    Handshake_State& state,
00051                    Connection_Side side)
00052    {
00053    m_verification_data = finished_compute_verify(state, side);
00054    state.hash().update(io.send(*this));
00055    }
00056 
00057 /*
00058 * Serialize a Finished message
00059 */
00060 std::vector<byte> Finished::serialize() const
00061    {
00062    return m_verification_data;
00063    }
00064 
00065 /*
00066 * Deserialize a Finished message
00067 */
00068 Finished::Finished(const std::vector<byte>& buf)
00069    {
00070    m_verification_data = buf;
00071    }
00072 
00073 /*
00074 * Verify a Finished message
00075 */
00076 bool Finished::verify(const Handshake_State& state,
00077                       Connection_Side side) const
00078    {
00079    return (m_verification_data == finished_compute_verify(state, side));
00080    }
00081 
00082 }
00083 
00084 }