Skip navigation links

MySQL Newsletter - Subscribe Today!

The world's most popular open source database

MySQL 5.1: yaSSL::DH_Server Class Reference
yaSSL::DH_Server

yaSSL::DH_Server Class Reference

#include <yassl_imp.hpp>

Inheritance diagram for yaSSL::DH_Server:

Inheritance graph
[legend]
Collaboration diagram for yaSSL::DH_Server:

Collaboration graph
[legend]
List of all members.

Public Member Functions

 DH_Server ()
 ~DH_Server ()
void build (SSL &)
void read (SSL &, input_buffer &)
int get_length () const
opaqueget_serverKey () const

Private Member Functions

 DH_Server (const DH_Server &)
DH_Serveroperator= (const DH_Server &)

Private Attributes

ServerDHParams parms_
opaquesignature_
int length_
opaquekeyMessage_

Detailed Description

Definition at line 373 of file yassl_imp.hpp.

Constructor & Destructor Documentation

yaSSL::DH_Server::DH_Server (  ) 

Definition at line 409 of file yassl_imp.cpp.

00410     : signature_(0), length_(0), keyMessage_(0)
00411 {}

yaSSL::DH_Server::~DH_Server (  ) 

Definition at line 414 of file yassl_imp.cpp.

References keyMessage_, signature_, and yaSSL::ysArrayDelete().

00415 {
00416     ysArrayDelete(keyMessage_);
00417     ysArrayDelete(signature_);
00418 }

Here is the call graph for this function:

yaSSL::DH_Server::DH_Server ( const DH_Server  )  [private]

Member Function Documentation

void yaSSL::DH_Server::build ( SSL  )  [virtual]

Reimplemented from yaSSL::ServerKeyBase.

Definition at line 132 of file yassl_imp.cpp.

References yaSSL::ServerDHParams::alloc_g(), yaSSL::ServerDHParams::alloc_p(), yaSSL::ServerDHParams::alloc_pub(), yaSSL::c16toa(), cert, yaSSL::Connection::client_random_, yaSSL::DSS_ENCODED_EXTRA, yaSSL::DSS_SIG_SZ, TaoCrypt::EncodeDSA_Signature(), yaSSL::FINISHED_SZ, yaSSL::output_buffer::get_buffer(), yaSSL::Crypto::get_certManager(), yaSSL::Security::get_connection(), yaSSL::ServerDHParams::get_g(), yaSSL::ServerDHParams::get_p(), yaSSL::Security::get_parms(), yaSSL::DiffieHellman::get_parms(), yaSSL::ServerDHParams::get_pub(), yaSSL::Crypto::get_random(), yaSSL::output_buffer::get_size(), yaSSL::SSL::getCrypto(), yaSSL::SSL::getSecurity(), hash(), keyMessage_, length_, yaSSL::md5, yaSSL::MD5_LEN, memcpy, NEW_YS, parms_, yaSSL::RAN_LEN, mySTL::auto_ptr< T >::reset(), yaSSL::rsa_sa_algo, yaSSL::Connection::server_random_, yaSSL::DiffieHellman::set_sizes(), yaSSL::sha, yaSSL::SHA_LEN, yaSSL::Parameters::sig_algo_, signature_, yaSSL::Crypto::use_dh(), yaSSL::SSL::useCrypto(), yaSSL::output_buffer::write(), and yaSSL::ysDelete().

00133 {
00134     DiffieHellman& dhServer = ssl.useCrypto().use_dh();
00135 
00136     int pSz, gSz, pubSz;
00137     dhServer.set_sizes(pSz, gSz, pubSz);
00138     dhServer.get_parms(parms_.alloc_p(pSz), parms_.alloc_g(gSz),
00139                        parms_.alloc_pub(pubSz));
00140 
00141     short sigSz = 0;
00142     mySTL::auto_ptr<Auth> auth(ysDelete);
00143     const CertManager& cert = ssl.getCrypto().get_certManager();
00144     
00145     if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
00146         auth.reset(NEW_YS RSA(cert.get_privateKey(),
00147                    cert.get_privateKeyLength(), false));
00148     else {
00149         auth.reset(NEW_YS DSS(cert.get_privateKey(),
00150                    cert.get_privateKeyLength(), false));
00151         sigSz += DSS_ENCODED_EXTRA;
00152     }
00153     
00154 
00155     sigSz += auth->get_signatureLength();
00156 
00157 
00158     length_ = 8; // pLen + gLen + YsLen + SigLen
00159     length_ += pSz + gSz + pubSz + sigSz;
00160 
00161     output_buffer tmp(length_);
00162     byte len[2];
00163     // P
00164     c16toa(pSz, len);
00165     tmp.write(len, sizeof(len));
00166     tmp.write(parms_.get_p(), pSz);
00167     // G
00168     c16toa(gSz, len);
00169     tmp.write(len, sizeof(len));
00170     tmp.write(parms_.get_g(), gSz);
00171     // Ys
00172     c16toa(pubSz, len);
00173     tmp.write(len, sizeof(len));
00174     tmp.write(parms_.get_pub(), pubSz);
00175 
00176     // Sig
00177     byte hash[FINISHED_SZ];
00178     MD5  md5;
00179     SHA  sha;
00180     signature_ = NEW_YS byte[sigSz];
00181 
00182     const Connection& conn = ssl.getSecurity().get_connection();
00183     // md5
00184     md5.update(conn.client_random_, RAN_LEN);
00185     md5.update(conn.server_random_, RAN_LEN);
00186     md5.update(tmp.get_buffer(), tmp.get_size());
00187     md5.get_digest(hash);
00188 
00189     // sha
00190     sha.update(conn.client_random_, RAN_LEN);
00191     sha.update(conn.server_random_, RAN_LEN);
00192     sha.update(tmp.get_buffer(), tmp.get_size());
00193     sha.get_digest(&hash[MD5_LEN]);
00194 
00195     if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo)
00196         auth->sign(signature_, hash, sizeof(hash),
00197                    ssl.getCrypto().get_random());
00198     else {
00199         auth->sign(signature_, &hash[MD5_LEN], SHA_LEN,
00200                    ssl.getCrypto().get_random());
00201         byte encoded[DSS_SIG_SZ + DSS_ENCODED_EXTRA];
00202         TaoCrypt::EncodeDSA_Signature(signature_, encoded);
00203         memcpy(signature_, encoded, sizeof(encoded));
00204     }
00205 
00206     c16toa(sigSz, len);
00207     tmp.write(len, sizeof(len));
00208     tmp.write(signature_, sigSz);
00209 
00210     // key message
00211     keyMessage_ = NEW_YS opaque[length_];
00212     memcpy(keyMessage_, tmp.get_buffer(), tmp.get_size());
00213 }

Here is the call graph for this function:

int yaSSL::DH_Server::get_length (  )  const [virtual]

Reimplemented from yaSSL::ServerKeyBase.

Definition at line 421 of file yassl_imp.cpp.

References length_.

00422 {
00423     return length_;
00424 }

opaque * yaSSL::DH_Server::get_serverKey (  )  const [virtual]

Reimplemented from yaSSL::ServerKeyBase.

Definition at line 427 of file yassl_imp.cpp.

References keyMessage_.

00428 {
00429     return keyMessage_;
00430 }

DH_Server& yaSSL::DH_Server::operator= ( const DH_Server  )  [private]

void yaSSL::DH_Server::read ( SSL ,
input_buffer  
) [virtual]

Reimplemented from yaSSL::ServerKeyBase.

Definition at line 324 of file yassl_imp.cpp.

References yaSSL::ServerDHParams::alloc_g(), yaSSL::ServerDHParams::alloc_p(), yaSSL::ServerDHParams::alloc_pub(), yaSSL::ato16(), yaSSL::AUTO, cert, yaSSL::Connection::client_random_, TaoCrypt::DecodeDSA_Signature(), yaSSL::DSS_SIG_SZ, yaSSL::FINISHED_SZ, yaSSL::Crypto::get_certManager(), yaSSL::Security::get_connection(), yaSSL::input_buffer::get_current(), yaSSL::ServerDHParams::get_g(), yaSSL::ServerDHParams::get_gSize(), yaSSL::ServerDHParams::get_p(), yaSSL::Security::get_parms(), yaSSL::ServerDHParams::get_pSize(), yaSSL::ServerDHParams::get_pub(), yaSSL::ServerDHParams::get_pubSize(), yaSSL::Crypto::get_random(), yaSSL::SSL::getCrypto(), yaSSL::SSL::getSecurity(), hash(), yaSSL::md5, yaSSL::MD5_LEN, message(), NEW_YS, parms_, yaSSL::RAN_LEN, yaSSL::input_buffer::read(), yaSSL::rsa_sa_algo, yaSSL::Connection::server_random_, yaSSL::input_buffer::set_current(), yaSSL::Crypto::SetDH(), yaSSL::SSL::SetError(), yaSSL::sha, yaSSL::SHA_LEN, yaSSL::Parameters::sig_algo_, signature_, yaSSL::SSL::useCrypto(), and yaSSL::verify_error.

00325 {
00326     uint16 length, messageTotal = 6; // pSz + gSz + pubSz
00327     byte tmp[2];
00328 
00329     // p
00330     tmp[0] = input[AUTO];
00331     tmp[1] = input[AUTO];
00332     ato16(tmp, length);
00333     messageTotal += length;
00334 
00335     input.read(parms_.alloc_p(length), length);
00336 
00337     // g
00338     tmp[0] = input[AUTO];
00339     tmp[1] = input[AUTO];
00340     ato16(tmp, length);
00341     messageTotal += length;
00342 
00343     input.read(parms_.alloc_g(length), length);
00344 
00345     // pub
00346     tmp[0] = input[AUTO];
00347     tmp[1] = input[AUTO];
00348     ato16(tmp, length);
00349     messageTotal += length;
00350 
00351     input.read(parms_.alloc_pub(length), length);
00352 
00353     // save message for hash verify
00354     input_buffer message(messageTotal);
00355     input.set_current(input.get_current() - messageTotal);
00356     input.read(message.get_buffer(), messageTotal);
00357     message.add_size(messageTotal);
00358 
00359     // signature
00360     tmp[0] = input[AUTO];
00361     tmp[1] = input[AUTO];
00362     ato16(tmp, length);
00363 
00364     signature_ = NEW_YS byte[length];
00365     input.read(signature_, length);
00366 
00367     // verify signature
00368     byte hash[FINISHED_SZ];
00369     MD5  md5;
00370     SHA  sha;
00371 
00372     const Connection& conn = ssl.getSecurity().get_connection();
00373     // md5
00374     md5.update(conn.client_random_, RAN_LEN);
00375     md5.update(conn.server_random_, RAN_LEN);
00376     md5.update(message.get_buffer(), message.get_size());
00377     md5.get_digest(hash);
00378 
00379     // sha
00380     sha.update(conn.client_random_, RAN_LEN);
00381     sha.update(conn.server_random_, RAN_LEN);
00382     sha.update(message.get_buffer(), message.get_size());
00383     sha.get_digest(&hash[MD5_LEN]);
00384 
00385     const CertManager& cert = ssl.getCrypto().get_certManager();
00386     
00387     if (ssl.getSecurity().get_parms().sig_algo_ == rsa_sa_algo) {
00388         RSA rsa(cert.get_peerKey(), cert.get_peerKeyLength());
00389         if (!rsa.verify(hash, sizeof(hash), signature_, length))
00390             ssl.SetError(verify_error);
00391     }
00392     else {
00393         byte decodedSig[DSS_SIG_SZ];
00394         length = TaoCrypt::DecodeDSA_Signature(decodedSig, signature_, length);
00395         
00396         DSS dss(cert.get_peerKey(), cert.get_peerKeyLength());
00397         if (!dss.verify(&hash[MD5_LEN], SHA_LEN, decodedSig, length))
00398             ssl.SetError(verify_error);
00399     }
00400 
00401     // save input
00402     ssl.useCrypto().SetDH(NEW_YS DiffieHellman(parms_.get_p(),
00403                parms_.get_pSize(), parms_.get_g(), parms_.get_gSize(),
00404                parms_.get_pub(), parms_.get_pubSize(),
00405                ssl.getCrypto().get_random()));
00406 }

Here is the call graph for this function:

Member Data Documentation

opaque* yaSSL::DH_Server::keyMessage_ [private]

Definition at line 378 of file yassl_imp.hpp.

Referenced by build(), get_serverKey(), and ~DH_Server().

int yaSSL::DH_Server::length_ [private]

Definition at line 377 of file yassl_imp.hpp.

Referenced by build(), and get_length().

ServerDHParams yaSSL::DH_Server::parms_ [private]

Definition at line 374 of file yassl_imp.hpp.

Referenced by build(), and read().

opaque* yaSSL::DH_Server::signature_ [private]

Definition at line 375 of file yassl_imp.hpp.

Referenced by build(), read(), and ~DH_Server().

The documentation for this class was generated from the following files:
Generated on Sun Sep 10 00:46:03 2006 for MySQL 5.1 by  doxygen 1.4.7