Botan
1.11.15
|
00001 /* 00002 * DTLS Hello Verify Request 00003 * (C) 2012 Jack Lloyd 00004 * 00005 * Botan is released under the Simplified BSD License (see license.txt) 00006 */ 00007 00008 #include <botan/internal/tls_messages.h> 00009 #include <botan/mac.h> 00010 #include <botan/lookup.h> 00011 00012 namespace Botan { 00013 00014 namespace TLS { 00015 00016 Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& buf) 00017 { 00018 if(buf.size() < 3) 00019 throw Decoding_Error("Hello verify request too small"); 00020 00021 Protocol_Version version(buf[0], buf[1]); 00022 00023 if(version != Protocol_Version::DTLS_V10 && 00024 version != Protocol_Version::DTLS_V12) 00025 { 00026 throw Decoding_Error("Unknown version from server in hello verify request"); 00027 } 00028 00029 if(static_cast<size_t>(buf[2]) + 3 != buf.size()) 00030 throw Decoding_Error("Bad length in hello verify request"); 00031 00032 m_cookie.assign(&buf[3], &buf[buf.size()]); 00033 } 00034 00035 Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& client_hello_bits, 00036 const std::string& client_identity, 00037 const SymmetricKey& secret_key) 00038 { 00039 std::unique_ptr<MessageAuthenticationCode> hmac(get_mac("HMAC(SHA-256)")); 00040 hmac->set_key(secret_key); 00041 00042 hmac->update_be(client_hello_bits.size()); 00043 hmac->update(client_hello_bits); 00044 hmac->update_be(client_identity.size()); 00045 hmac->update(client_identity); 00046 00047 m_cookie = unlock(hmac->final()); 00048 } 00049 00050 std::vector<byte> Hello_Verify_Request::serialize() const 00051 { 00052 /* DTLS 1.2 server implementations SHOULD use DTLS version 1.0 00053 regardless of the version of TLS that is expected to be 00054 negotiated (RFC 6347, section 4.2.1) 00055 */ 00056 00057 Protocol_Version format_version(Protocol_Version::DTLS_V10); 00058 00059 std::vector<byte> bits; 00060 bits.push_back(format_version.major_version()); 00061 bits.push_back(format_version.minor_version()); 00062 bits.push_back(static_cast<byte>(m_cookie.size())); 00063 bits += m_cookie; 00064 return bits; 00065 } 00066 00067 } 00068 00069 }