Botan  1.11.15
src/lib/tls/tls_session_key.cpp
Go to the documentation of this file.
00001 /*
00002 * TLS Session Key
00003 * (C) 2004-2006,2011 Jack Lloyd
00004 *
00005 * Botan is released under the Simplified BSD License (see license.txt)
00006 */
00007 
00008 #include <botan/internal/tls_session_key.h>
00009 #include <botan/internal/tls_handshake_state.h>
00010 #include <botan/internal/tls_messages.h>
00011 
00012 namespace Botan {
00013 
00014 namespace TLS {
00015 
00016 /**
00017 * Session_Keys Constructor
00018 */
00019 Session_Keys::Session_Keys(const Handshake_State* state,
00020                            const secure_vector<byte>& pre_master_secret,
00021                            bool resuming)
00022    {
00023    const size_t cipher_keylen = state->ciphersuite().cipher_keylen();
00024    const size_t mac_keylen = state->ciphersuite().mac_keylen();
00025    const size_t cipher_nonce_bytes = state->ciphersuite().nonce_bytes_from_handshake();
00026 
00027    const size_t prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_nonce_bytes);
00028 
00029    const byte MASTER_SECRET_MAGIC[] = {
00030       0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };
00031 
00032    const byte KEY_GEN_MAGIC[] = {
00033       0x6B, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6E, 0x73, 0x69, 0x6F, 0x6E };
00034 
00035    std::unique_ptr<KDF> prf(state->protocol_specific_prf());
00036 
00037    if(resuming)
00038       {
00039       master_sec = pre_master_secret;
00040       }
00041    else
00042       {
00043       secure_vector<byte> salt;
00044       salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
00045       salt += state->client_hello()->random();
00046       salt += state->server_hello()->random();
00047 
00048       master_sec = prf->derive_key(48, pre_master_secret, salt);
00049       }
00050 
00051    secure_vector<byte> salt;
00052    salt += std::make_pair(KEY_GEN_MAGIC, sizeof(KEY_GEN_MAGIC));
00053    salt += state->server_hello()->random();
00054    salt += state->client_hello()->random();
00055 
00056    SymmetricKey keyblock = prf->derive_key(prf_gen, master_sec, salt);
00057 
00058    const byte* key_data = keyblock.begin();
00059 
00060    c_mac = SymmetricKey(key_data, mac_keylen);
00061    key_data += mac_keylen;
00062 
00063    s_mac = SymmetricKey(key_data, mac_keylen);
00064    key_data += mac_keylen;
00065 
00066    c_cipher = SymmetricKey(key_data, cipher_keylen);
00067    key_data += cipher_keylen;
00068 
00069    s_cipher = SymmetricKey(key_data, cipher_keylen);
00070    key_data += cipher_keylen;
00071 
00072    c_iv = InitializationVector(key_data, cipher_nonce_bytes);
00073    key_data += cipher_nonce_bytes;
00074 
00075    s_iv = InitializationVector(key_data, cipher_nonce_bytes);
00076    }
00077 
00078 }
00079 
00080 }