yogsototh/hs-tls
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move getHandshakeDigest in HandshakeM

Browse source
This commit is contained in:
Vincent Hanquez 2013-07-23 07:39:52 +00:00
parent 37ef6af6e8
commit f9ae636351
4 changed files with 12 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
core/Network/TLS/Handshake/Common.hs
View file

@ -85,7 +85,7 @@ sendChangeCipherAndFinish ctx role = do
(Nothing, _) -> return ()
liftIO $ contextFlush ctx
cf <- usingState_ ctx $ getHandshakeDigest role
cf <- usingState_ ctx getVersion >>= \ver -> usingHState ctx $ getHandshakeDigest ver role
sendPacket ctx (Handshake [Finished cf])
liftIO $ contextFlush ctx

9
core/Network/TLS/Handshake/State.hs
View file

@ -32,6 +32,7 @@ module Network.TLS.Handshake.State
, addHandshakeMessage
, updateHandshakeDigest
, getHandshakeMessages
, getHandshakeDigest
-- * master secret
, setMasterSecret
, setMasterSecretFromPre
@ -159,6 +160,14 @@ getHandshakeMessages = gets (reverse . hstHandshakeMessages)
updateHandshakeDigest :: Bytes -> HandshakeM ()
updateHandshakeDigest content = modify $ \hs -> hs { hstHandshakeDigest = hashUpdate (hstHandshakeDigest hs) content }
getHandshakeDigest :: Version -> Role -> HandshakeM Bytes
getHandshakeDigest ver role = gets gen
where gen hst = let hashctx = hstHandshakeDigest hst
msecret = fromJust "master secret" $ hstMasterSecret hst
in generateFinish ver msecret hashctx
generateFinish | role == ClientRole = generateClientFinished
| otherwise = generateServerFinished
setMasterSecretFromPre :: Version -> Role -> Bytes -> HandshakeM ()
setMasterSecretFromPre ver role premasterSecret = do
secret <- genSecret <$> get

3
core/Network/TLS/Receiving.hs
View file

@ -154,7 +154,8 @@ processClientKeyXchg encryptedPremaster = do
processClientFinished :: FinishedData -> TLSSt ()
processClientFinished fdata = do
cc <- isClientContext
expected <- getHandshakeDigest $ invertRole cc
ver <- getVersion
expected <- withHandshakeM $ getHandshakeDigest ver $ invertRole cc
when (expected /= fdata) $ do
throwError $ Error_Protocol("bad record mac", True, BadRecordMac)
updateVerifiedData ServerRole fdata

9
core/Network/TLS/State.hs
View file

@ -56,7 +56,6 @@ module Network.TLS.State
import Data.Maybe (isNothing)
import Network.TLS.Util
import Network.TLS.Struct
import Network.TLS.Packet
import Network.TLS.Crypto
import Network.TLS.Cipher
import Network.TLS.Record.State
@ -265,14 +264,6 @@ withHandshakeM f =
put (st { stHandshake = Just nhst })
return a
getHandshakeDigest :: MonadState TLSState m => Role -> m Bytes
getHandshakeDigest role = do
st <- get
let hst = fromJust "handshake" $ stHandshake st
let hashctx = hstHandshakeDigest hst
let msecret = fromJust "master secret" $ hstMasterSecret hst
return $ (if role == ClientRole then generateClientFinished else generateServerFinished) (stVersion $ stRecordState st) msecret hashctx
endHandshake :: MonadState TLSState m => m ()
endHandshake = modify (\st -> st { stHandshake = Nothing })