move getHandshakeDigest in HandshakeM
This commit is contained in:
parent
37ef6af6e8
commit
f9ae636351
4 changed files with 12 additions and 11 deletions
|
@ -85,7 +85,7 @@ sendChangeCipherAndFinish ctx role = do
|
|||
(Nothing, _) -> return ()
|
||||
liftIO $ contextFlush ctx
|
||||
|
||||
cf <- usingState_ ctx $ getHandshakeDigest role
|
||||
cf <- usingState_ ctx getVersion >>= \ver -> usingHState ctx $ getHandshakeDigest ver role
|
||||
sendPacket ctx (Handshake [Finished cf])
|
||||
liftIO $ contextFlush ctx
|
||||
|
||||
|
|
|
@ -32,6 +32,7 @@ module Network.TLS.Handshake.State
|
|||
, addHandshakeMessage
|
||||
, updateHandshakeDigest
|
||||
, getHandshakeMessages
|
||||
, getHandshakeDigest
|
||||
-- * master secret
|
||||
, setMasterSecret
|
||||
, setMasterSecretFromPre
|
||||
|
@ -159,6 +160,14 @@ getHandshakeMessages = gets (reverse . hstHandshakeMessages)
|
|||
updateHandshakeDigest :: Bytes -> HandshakeM ()
|
||||
updateHandshakeDigest content = modify $ \hs -> hs { hstHandshakeDigest = hashUpdate (hstHandshakeDigest hs) content }
|
||||
|
||||
getHandshakeDigest :: Version -> Role -> HandshakeM Bytes
|
||||
getHandshakeDigest ver role = gets gen
|
||||
where gen hst = let hashctx = hstHandshakeDigest hst
|
||||
msecret = fromJust "master secret" $ hstMasterSecret hst
|
||||
in generateFinish ver msecret hashctx
|
||||
generateFinish | role == ClientRole = generateClientFinished
|
||||
| otherwise = generateServerFinished
|
||||
|
||||
setMasterSecretFromPre :: Version -> Role -> Bytes -> HandshakeM ()
|
||||
setMasterSecretFromPre ver role premasterSecret = do
|
||||
secret <- genSecret <$> get
|
||||
|
|
|
@ -154,7 +154,8 @@ processClientKeyXchg encryptedPremaster = do
|
|||
processClientFinished :: FinishedData -> TLSSt ()
|
||||
processClientFinished fdata = do
|
||||
cc <- isClientContext
|
||||
expected <- getHandshakeDigest $ invertRole cc
|
||||
ver <- getVersion
|
||||
expected <- withHandshakeM $ getHandshakeDigest ver $ invertRole cc
|
||||
when (expected /= fdata) $ do
|
||||
throwError $ Error_Protocol("bad record mac", True, BadRecordMac)
|
||||
updateVerifiedData ServerRole fdata
|
||||
|
|
|
@ -56,7 +56,6 @@ module Network.TLS.State
|
|||
import Data.Maybe (isNothing)
|
||||
import Network.TLS.Util
|
||||
import Network.TLS.Struct
|
||||
import Network.TLS.Packet
|
||||
import Network.TLS.Crypto
|
||||
import Network.TLS.Cipher
|
||||
import Network.TLS.Record.State
|
||||
|
@ -265,14 +264,6 @@ withHandshakeM f =
|
|||
put (st { stHandshake = Just nhst })
|
||||
return a
|
||||
|
||||
getHandshakeDigest :: MonadState TLSState m => Role -> m Bytes
|
||||
getHandshakeDigest role = do
|
||||
st <- get
|
||||
let hst = fromJust "handshake" $ stHandshake st
|
||||
let hashctx = hstHandshakeDigest hst
|
||||
let msecret = fromJust "master secret" $ hstMasterSecret hst
|
||||
return $ (if role == ClientRole then generateClientFinished else generateServerFinished) (stVersion $ stRecordState st) msecret hashctx
|
||||
|
||||
endHandshake :: MonadState TLSState m => m ()
|
||||
endHandshake = modify (\st -> st { stHandshake = Nothing })
|
||||
|
||||
|
|
Loading…
Reference in a new issue