Browse Source

calculate MAC

pull/163/head
orignal 10 years ago
parent
commit
5deccd7833
  1. 17
      Reseed.cpp
  2. 2
      Reseed.h

17
Reseed.cpp

@ -3,7 +3,6 @@
#include <sstream> #include <sstream>
#include <boost/regex.hpp> #include <boost/regex.hpp>
#include <boost/filesystem.hpp> #include <boost/filesystem.hpp>
#include <cryptopp/hmac.h>
#include <cryptopp/asn.h> #include <cryptopp/asn.h>
#include <cryptopp/base64.h> #include <cryptopp/base64.h>
#include <cryptopp/crc.h> #include <cryptopp/crc.h>
@ -648,7 +647,9 @@ namespace data
finishedPayload[1] = 0; finishedPayload[2] = 0; finishedPayload[3] = 0x0C; // 12 bytes finishedPayload[1] = 0; finishedPayload[2] = 0; finishedPayload[3] = 0x0C; // 12 bytes
finishedHash.Final (finishedHashDigest); finishedHash.Final (finishedHashDigest);
PRF (masterSecret, "client finished", finishedHashDigest, 32, 12, finishedPayload + 4); PRF (masterSecret, "client finished", finishedHashDigest, 32, 12, finishedPayload + 4);
Encrypt (finishedPayload, 16, finishedHashDigest/*TODO*/, encryptedPayload); uint8_t mac[32];
CalculateMACKey (0x16, 0, finishedPayload, 16, mac);
Encrypt (finishedPayload, 16, mac, encryptedPayload);
site.write ((char *)finished, sizeof (finished)); site.write ((char *)finished, sizeof (finished));
site.write ((char *)encryptedPayload, 80); site.write ((char *)encryptedPayload, 80);
// read ChangeCipherSpecs // read ChangeCipherSpecs
@ -718,6 +719,18 @@ namespace data
return len - 48 - in[len -1] - 1; return len - 48 - in[len -1] - 1;
} }
void TlsSession::CalculateMACKey (uint8_t type, uint64_t seqn, const uint8_t * buf, size_t len, uint8_t * mac)
{
uint8_t header[13]; // seqn (8) + type (1) + version (2) + length (2)
htobuf64 (header, seqn);
header[8] = type; header[9] = 3; header[10] = 3; // 3,3 means TLS 1.2
htobuf16 (header + 11, len);
CryptoPP::HMAC<CryptoPP::SHA256> hmac (m_MacKey, 32);
hmac.Update (header, 13);
hmac.Update (buf, len);
hmac.Final (mac);
}
CryptoPP::RSA::PublicKey TlsSession::ExtractPublicKey (const uint8_t * certificate, size_t len) CryptoPP::RSA::PublicKey TlsSession::ExtractPublicKey (const uint8_t * certificate, size_t len)
{ {
CryptoPP::ByteQueue queue; CryptoPP::ByteQueue queue;

2
Reseed.h

@ -7,6 +7,7 @@
#include <map> #include <map>
#include <cryptopp/osrng.h> #include <cryptopp/osrng.h>
#include <cryptopp/rsa.h> #include <cryptopp/rsa.h>
#include <cryptopp/hmac.h>
#include "Identity.h" #include "Identity.h"
#include "aes.h" #include "aes.h"
@ -57,6 +58,7 @@ namespace data
CryptoPP::RSA::PublicKey ExtractPublicKey (const uint8_t * certificate, size_t len); CryptoPP::RSA::PublicKey ExtractPublicKey (const uint8_t * certificate, size_t len);
void PRF (const uint8_t * secret, const char * label, const uint8_t * random, size_t randomLen, void PRF (const uint8_t * secret, const char * label, const uint8_t * random, size_t randomLen,
size_t len, uint8_t * buf); size_t len, uint8_t * buf);
void CalculateMACKey (uint8_t type, uint64_t seqn, const uint8_t * buf, size_t len, uint8_t * mac);
size_t Encrypt (const uint8_t * in, size_t len, const uint8_t * mac, uint8_t * out); size_t Encrypt (const uint8_t * in, size_t len, const uint8_t * mac, uint8_t * out);
size_t Decrypt (uint8_t * in, size_t len, uint8_t * out); size_t Decrypt (uint8_t * in, size_t len, uint8_t * out);

Loading…
Cancel
Save