};
METHOD(eap_peap_avp_t, build, void,
- private_eap_peap_avp_t *this, tls_writer_t *writer, chunk_t data)
+ private_eap_peap_avp_t *this, bio_writer_t *writer, chunk_t data)
{
u_int8_t code;
eap_packet_t *pkt;
}
METHOD(eap_peap_avp_t, process, status_t,
- private_eap_peap_avp_t* this, tls_reader_t *reader, chunk_t *data,
+ private_eap_peap_avp_t* this, bio_reader_t *reader, chunk_t *data,
u_int8_t identifier)
{
u_int8_t code;
#include <library.h>
-#include <tls_reader.h>
-#include <tls_writer.h>
+#include <bio/bio_reader.h>
+#include <bio/bio_writer.h>
/**
* EAP-PEAP Attribute-Value Pair (AVP) handler.
* - FAILED if AVP processing failed
* - NEED_MORE if another invocation of process/build needed
*/
- status_t (*process)(eap_peap_avp_t *this, tls_reader_t *reader,
+ status_t (*process)(eap_peap_avp_t *this, bio_reader_t *reader,
chunk_t *data, u_int8_t identifier);
/**
* @param writer TLS data buffer to write to
* @param data EAP Message to send
*/
- void (*build)(eap_peap_avp_t *this, tls_writer_t *writer, chunk_t data);
+ void (*build)(eap_peap_avp_t *this, bio_writer_t *writer, chunk_t data);
/**
* Destroy a eap_peap_application_t.
};
METHOD(tls_application_t, process, status_t,
- private_eap_peap_peer_t *this, tls_reader_t *reader)
+ private_eap_peap_peer_t *this, bio_reader_t *reader)
{
chunk_t data = chunk_empty;
status_t status;
}
METHOD(tls_application_t, build, status_t,
- private_eap_peap_peer_t *this, tls_writer_t *writer)
+ private_eap_peap_peer_t *this, bio_writer_t *writer)
{
chunk_t data;
eap_code_t code;
}
METHOD(tls_application_t, process, status_t,
- private_eap_peap_server_t *this, tls_reader_t *reader)
+ private_eap_peap_server_t *this, bio_reader_t *reader)
{
chunk_t data = chunk_empty;
status_t status;
}
METHOD(tls_application_t, build, status_t,
- private_eap_peap_server_t *this, tls_writer_t *writer)
+ private_eap_peap_server_t *this, bio_writer_t *writer)
{
chunk_t data;
eap_code_t code;
};
METHOD(eap_ttls_avp_t, build, void,
- private_eap_ttls_avp_t *this, tls_writer_t *writer, chunk_t data)
+ private_eap_ttls_avp_t *this, bio_writer_t *writer, chunk_t data)
{
char zero_padding[] = { 0x00, 0x00, 0x00 };
chunk_t avp_padding;
}
METHOD(eap_ttls_avp_t, process, status_t,
- private_eap_ttls_avp_t* this, tls_reader_t *reader, chunk_t *data)
+ private_eap_ttls_avp_t* this, bio_reader_t *reader, chunk_t *data)
{
size_t len;
chunk_t buf;
if (this->process_header)
{
- tls_reader_t *header;
+ bio_reader_t *header;
u_int32_t avp_code;
u_int8_t avp_flags;
u_int32_t avp_len;
}
/* parse AVP header */
- header = tls_reader_create(this->input);
+ header = bio_reader_create(this->input);
success = header->read_uint32(header, &avp_code) &&
header->read_uint8(header, &avp_flags) &&
header->read_uint24(header, &avp_len);
#include <library.h>
-#include <tls_reader.h>
-#include <tls_writer.h>
+#include <bio/bio_reader.h>
+#include <bio/bio_writer.h>
/**
* EAP-TTLS Attribute-Value Pair (AVP) handler.
* - FAILED if AVP processing failed
* - NEED_MORE if another invocation of process/build needed
*/
- status_t (*process)(eap_ttls_avp_t *this, tls_reader_t *reader,
+ status_t (*process)(eap_ttls_avp_t *this, bio_reader_t *reader,
chunk_t *data);
/**
* @param writer TLS data buffer to write to
* @param data EAP Message to send
*/
- void (*build)(eap_ttls_avp_t *this, tls_writer_t *writer, chunk_t data);
+ void (*build)(eap_ttls_avp_t *this, bio_writer_t *writer, chunk_t data);
/**
* Destroy a eap_ttls_application_t.
#define MAX_RADIUS_ATTRIBUTE_SIZE 253
METHOD(tls_application_t, process, status_t,
- private_eap_ttls_peer_t *this, tls_reader_t *reader)
+ private_eap_ttls_peer_t *this, bio_reader_t *reader)
{
chunk_t avp_data = chunk_empty;
chunk_t eap_data = chunk_empty;
}
METHOD(tls_application_t, build, status_t,
- private_eap_ttls_peer_t *this, tls_writer_t *writer)
+ private_eap_ttls_peer_t *this, bio_writer_t *writer)
{
chunk_t data;
eap_code_t code;
}
METHOD(tls_application_t, process, status_t,
- private_eap_ttls_server_t *this, tls_reader_t *reader)
+ private_eap_ttls_server_t *this, bio_reader_t *reader)
{
chunk_t data = chunk_empty;
status_t status;
}
METHOD(tls_application_t, build, status_t,
- private_eap_ttls_server_t *this, tls_writer_t *writer)
+ private_eap_ttls_server_t *this, bio_writer_t *writer)
{
chunk_t data;
eap_code_t code;
noinst_LTLIBRARIES = libstrongswan-tnccs-20.la
else
plugin_LTLIBRARIES = libstrongswan-tnccs-20.la
-libstrongswan_tnccs_20_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
endif
libstrongswan_tnccs_20_la_SOURCES = \
#include <debug.h>
#include <utils/linked_list.h>
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <tnc/tnccs/tnccs.h>
#include <tnc/pen/pen.h>
enumerator_t *enumerator;
pb_tnc_msg_type_t msg_type;
pb_tnc_msg_t *msg;
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* compute total PB-TNC batch size by summing over all messages */
batch_len = PB_TNC_BATCH_HEADER_SIZE;
enumerator->destroy(enumerator);
/* build PB-TNC batch header */
- writer = tls_writer_create(batch_len);
+ writer = bio_writer_create(batch_len);
writer->write_uint8 (writer, PB_TNC_VERSION);
writer->write_uint8 (writer, this->is_server ?
PB_TNC_BATCH_FLAG_D : PB_TNC_BATCH_FLAG_NONE);
static status_t process_batch_header(private_pb_tnc_batch_t *this,
pb_tnc_state_machine_t *state_machine)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
pb_tnc_msg_t *msg;
pb_error_msg_t *err_msg;
u_int8_t version, flags, reserved, type;
goto fatal;
}
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint8 (reader, &version);
reader->read_uint8 (reader, &flags);
reader->read_uint8 (reader, &reserved);
static status_t process_tnc_msg(private_pb_tnc_batch_t *this)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
pb_tnc_msg_t *pb_tnc_msg, *msg;
u_int8_t flags;
u_int32_t vendor_id, msg_type, msg_len, offset;
goto fatal;
}
- reader = tls_reader_create(data);
+ reader = bio_reader_create(data);
reader->read_uint8 (reader, &flags);
reader->read_uint24(reader, &vendor_id);
reader->read_uint32(reader, &msg_type);
#include "pb_access_recommendation_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <debug.h>
ENUM(pb_access_recommendation_code_names, PB_REC_ACCESS_ALLOWED, PB_REC_QUARANTINED,
METHOD(pb_tnc_msg_t, build, void,
private_pb_access_recommendation_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message */
- writer = tls_writer_create(ACCESS_RECOMMENDATION_MSG_SIZE);
+ writer = bio_writer_create(ACCESS_RECOMMENDATION_MSG_SIZE);
writer->write_uint16(writer, ACCESS_RECOMMENDATION_RESERVED);
writer->write_uint16(writer, this->recommendation);
free(this->encoding.ptr);
METHOD(pb_tnc_msg_t, process, status_t,
private_pb_access_recommendation_msg_t *this, u_int32_t *offset)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
u_int16_t reserved;
/* process message */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint16(reader, &reserved);
reader->read_uint16(reader, &this->recommendation);
reader->destroy(reader);
#include "pb_assessment_result_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <tnc/tncifimv.h>
#include <debug.h>
METHOD(pb_tnc_msg_t, build, void,
private_pb_assessment_result_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message */
- writer = tls_writer_create(ASSESSMENT_RESULT_MSG_SIZE);
+ writer = bio_writer_create(ASSESSMENT_RESULT_MSG_SIZE);
writer->write_uint32(writer, this->assessment_result);
free(this->encoding.ptr);
this->encoding = writer->get_buf(writer);
METHOD(pb_tnc_msg_t, process, status_t,
private_pb_assessment_result_msg_t *this, u_int32_t *offset)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
/* process message */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint32(reader, &this->assessment_result);
reader->destroy(reader);
#include "pb_error_msg.h"
#include <debug.h>
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <tnc/tnccs/tnccs.h>
#include <tnc/pen/pen.h>
METHOD(pb_tnc_msg_t, build, void,
private_pb_error_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message header */
- writer = tls_writer_create(ERROR_HEADER_SIZE);
+ writer = bio_writer_create(ERROR_HEADER_SIZE);
writer->write_uint8 (writer, this->fatal ?
ERROR_FLAG_FATAL : ERROR_FLAG_NONE);
writer->write_uint24(writer, this->vendor_id);
{
u_int8_t flags, max_version, min_version;
u_int16_t reserved;
- tls_reader_t *reader;
+ bio_reader_t *reader;
if (this->encoding.len < ERROR_HEADER_SIZE)
{
}
/* process message header */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint8 (reader, &flags);
reader->read_uint24(reader, &this->vendor_id);
reader->read_uint16(reader, &this->error_code);
#include "pb_language_preference_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <debug.h>
typedef struct private_pb_language_preference_msg_t private_pb_language_preference_msg_t;
#include "pb_pa_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <tnc/tnccs/tnccs.h>
#include <tnc/pen/pen.h>
#include <debug.h>
private_pb_pa_msg_t *this)
{
chunk_t msg_header;
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message header */
- writer = tls_writer_create(64);
+ writer = bio_writer_create(64);
writer->write_uint8 (writer, this->excl ? PA_FLAG_EXCL : PA_FLAG_NONE);
writer->write_uint24(writer, this->vendor_id);
writer->write_uint32(writer, this->subtype);
{
u_int8_t flags;
size_t msg_body_len;
- tls_reader_t *reader;
+ bio_reader_t *reader;
/* process message header */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint8 (reader, &flags);
reader->read_uint24(reader, &this->vendor_id);
reader->read_uint32(reader, &this->subtype);
#include "pb_reason_string_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <debug.h>
typedef struct private_pb_reason_string_msg_t private_pb_reason_string_msg_t;
METHOD(pb_tnc_msg_t, build, void,
private_pb_reason_string_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message */
- writer = tls_writer_create(64);
+ writer = bio_writer_create(64);
writer->write_data32(writer, this->reason_string);
writer->write_data8 (writer, this->language_code);
METHOD(pb_tnc_msg_t, process, status_t,
private_pb_reason_string_msg_t *this, u_int32_t *offset)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
/* process message */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
if (!reader->read_data32(reader, &this->reason_string))
{
DBG1(DBG_TNC, "could not parse reason string");
#include "pb_remediation_parameters_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <debug.h>
ENUM(pb_tnc_remed_param_type_names, PB_REMEDIATION_URI, PB_REMEDIATION_STRING,
METHOD(pb_tnc_msg_t, build, void,
private_pb_remediation_parameters_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
/* build message */
- writer = tls_writer_create(64);
+ writer = bio_writer_create(64);
writer->write_uint32(writer, this->vendor_id);
writer->write_uint32(writer, this->parameters_type);
writer->write_data32(writer, this->remediation_string);
METHOD(pb_tnc_msg_t, process, status_t,
private_pb_remediation_parameters_msg_t *this, u_int32_t *offset)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
/* process message */
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
reader->read_uint32(reader, &this->vendor_id);
reader->read_uint32(reader, &this->parameters_type);
noinst_LTLIBRARIES = libstrongswan-tnccs-dynamic.la
else
plugin_LTLIBRARIES = libstrongswan-tnccs-dynamic.la
-libstrongswan_tnccs_dynamic_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
endif
libstrongswan_tnccs_dynamic_la_SOURCES = \
-INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libcharon \
- -I$(top_srcdir)/src/libtls
+INCLUDES = -I$(top_srcdir)/src/libstrongswan -I$(top_srcdir)/src/libcharon
noinst_LTLIBRARIES = libimcv.la
-libimcv_la_LIBADD = $(top_builddir)/src/libtls/libtls.la
-
libimcv_la_SOURCES = \
imc/imc_agent.h imc/imc_agent.c imc/imc_state.h \
imv/imv_agent.h imv/imv_agent.c imv/imv_state.h \
#include "pa_tnc_msg.h"
-#include <tls_writer.h>
-#include <tls_reader.h>
+#include <bio/bio_writer.h>
+#include <bio/bio_reader.h>
#include <utils/linked_list.h>
#include <tnc/pen/pen.h>
#include <debug.h>
METHOD(pa_tnc_msg_t, build, void,
private_pa_tnc_msg_t *this)
{
- tls_writer_t *writer;
+ bio_writer_t *writer;
enumerator_t *enumerator;
pa_tnc_attr_t *attr;
pen_t vendor_id;
DBG2(DBG_TNC, "creating PA-TNC message with ID 0x%08x", this->identifier);
/* build message header */
- writer = tls_writer_create(PA_TNC_HEADER_SIZE);
+ writer = bio_writer_create(PA_TNC_HEADER_SIZE);
writer->write_uint8 (writer, PA_TNC_VERSION);
writer->write_uint24(writer, PA_TNC_RESERVED);
writer->write_uint32(writer, this->identifier);
{
u_int8_t version;
u_int32_t reserved;
- tls_reader_t *reader;
+ bio_reader_t *reader;
status_t status = FAILED;
- reader = tls_reader_create(this->encoding);
+ reader = bio_reader_create(this->encoding);
/* process message header */
if (reader->remaining(reader) < PA_TNC_HEADER_SIZE)
asn1/asn1.c asn1/asn1.h \
asn1/asn1_parser.c asn1/asn1_parser.h \
asn1/oid.c asn1/oid.h \
+bio/bio_reader.h bio/bio_reader.c bio/bio_writer.h bio/bio_writer.c \
crypto/crypters/crypter.c crypto/crypters/crypter.h \
crypto/hashers/hasher.h crypto/hashers/hasher.c \
crypto/pkcs9.c crypto/pkcs9.h \
* for more details.
*/
-#include "tls_reader.h"
+#include "bio_reader.h"
#include <debug.h>
-typedef struct private_tls_reader_t private_tls_reader_t;
+typedef struct private_bio_reader_t private_bio_reader_t;
/**
- * Private data of an tls_reader_t object.
+ * Private data of an bio_reader_t object.
*/
-struct private_tls_reader_t {
+struct private_bio_reader_t {
/**
- * Public tls_reader_t interface.
+ * Public bio_reader_t interface.
*/
- tls_reader_t public;
+ bio_reader_t public;
/**
* Remaining data to process
chunk_t buf;
};
-METHOD(tls_reader_t, remaining, u_int32_t,
- private_tls_reader_t *this)
+METHOD(bio_reader_t, remaining, u_int32_t,
+ private_bio_reader_t *this)
{
return this->buf.len;
}
-METHOD(tls_reader_t, peek, chunk_t,
- private_tls_reader_t *this)
+METHOD(bio_reader_t, peek, chunk_t,
+ private_bio_reader_t *this)
{
return this->buf;
}
-METHOD(tls_reader_t, read_uint8, bool,
- private_tls_reader_t *this, u_int8_t *res)
+METHOD(bio_reader_t, read_uint8, bool,
+ private_bio_reader_t *this, u_int8_t *res)
{
if (this->buf.len < 1)
{
- DBG1(DBG_TLS, "%d bytes insufficient to parse u_int8 data",
+ DBG1(DBG_LIB, "%d bytes insufficient to parse u_int8 data",
this->buf.len);
return FALSE;
}
return TRUE;
}
-METHOD(tls_reader_t, read_uint16, bool,
- private_tls_reader_t *this, u_int16_t *res)
+METHOD(bio_reader_t, read_uint16, bool,
+ private_bio_reader_t *this, u_int16_t *res)
{
if (this->buf.len < 2)
{
- DBG1(DBG_TLS, "%d bytes insufficient to parse u_int16 data",
+ DBG1(DBG_LIB, "%d bytes insufficient to parse u_int16 data",
this->buf.len);
return FALSE;
}
return TRUE;
}
-METHOD(tls_reader_t, read_uint24, bool,
- private_tls_reader_t *this, u_int32_t *res)
+METHOD(bio_reader_t, read_uint24, bool,
+ private_bio_reader_t *this, u_int32_t *res)
{
if (this->buf.len < 3)
{
- DBG1(DBG_TLS, "%d bytes insufficient to parse u_int24 data",
+ DBG1(DBG_LIB, "%d bytes insufficient to parse u_int24 data",
this->buf.len);
return FALSE;
}
return TRUE;
}
-METHOD(tls_reader_t, read_uint32, bool,
- private_tls_reader_t *this, u_int32_t *res)
+METHOD(bio_reader_t, read_uint32, bool,
+ private_bio_reader_t *this, u_int32_t *res)
{
if (this->buf.len < 4)
{
- DBG1(DBG_TLS, "%d bytes insufficient to parse u_int32 data",
+ DBG1(DBG_LIB, "%d bytes insufficient to parse u_int32 data",
this->buf.len);
return FALSE;
}
return TRUE;
}
-METHOD(tls_reader_t, read_data, bool,
- private_tls_reader_t *this, u_int32_t len, chunk_t *res)
+METHOD(bio_reader_t, read_data, bool,
+ private_bio_reader_t *this, u_int32_t len, chunk_t *res)
{
if (this->buf.len < len)
{
- DBG1(DBG_TLS, "%d bytes insufficient to parse %d bytes of data",
+ DBG1(DBG_LIB, "%d bytes insufficient to parse %d bytes of data",
this->buf.len, len);
return FALSE;
}
return TRUE;
}
-METHOD(tls_reader_t, read_data8, bool,
- private_tls_reader_t *this, chunk_t *res)
+METHOD(bio_reader_t, read_data8, bool,
+ private_bio_reader_t *this, chunk_t *res)
{
u_int8_t len;
return read_data(this, len, res);
}
-METHOD(tls_reader_t, read_data16, bool,
- private_tls_reader_t *this, chunk_t *res)
+METHOD(bio_reader_t, read_data16, bool,
+ private_bio_reader_t *this, chunk_t *res)
{
u_int16_t len;
return read_data(this, len, res);
}
-METHOD(tls_reader_t, read_data24, bool,
- private_tls_reader_t *this, chunk_t *res)
+METHOD(bio_reader_t, read_data24, bool,
+ private_bio_reader_t *this, chunk_t *res)
{
u_int32_t len;
return read_data(this, len, res);
}
-METHOD(tls_reader_t, read_data32, bool,
- private_tls_reader_t *this, chunk_t *res)
+METHOD(bio_reader_t, read_data32, bool,
+ private_bio_reader_t *this, chunk_t *res)
{
u_int32_t len;
return read_data(this, len, res);
}
-METHOD(tls_reader_t, destroy, void,
- private_tls_reader_t *this)
+METHOD(bio_reader_t, destroy, void,
+ private_bio_reader_t *this)
{
free(this);
}
/**
* See header
*/
-tls_reader_t *tls_reader_create(chunk_t data)
+bio_reader_t *bio_reader_create(chunk_t data)
{
- private_tls_reader_t *this;
+ private_bio_reader_t *this;
INIT(this,
.public = {
*/
/**
- * @defgroup tls_reader tls_reader
- * @{ @ingroup libtls
+ * @defgroup bio_reader bio_reader
+ * @{ @ingroup bio
*/
-#ifndef TLS_READER_H_
-#define TLS_READER_H_
+#ifndef BIO_READER_H_
+#define BIO_READER_H_
-typedef struct tls_reader_t tls_reader_t;
+typedef struct bio_reader_t bio_reader_t;
#include <library.h>
/**
- * TLS record parser.
+ * Buffered input parser.
*/
-struct tls_reader_t {
+struct bio_reader_t {
/**
* Get the number of remaining bytes.
*
* @return number of remaining bytes in buffer
*/
- u_int32_t (*remaining)(tls_reader_t *this);
+ u_int32_t (*remaining)(bio_reader_t *this);
/**
* Peek the remaining data, not consuming any bytes.
*
* @return remaining data
*/
- chunk_t (*peek)(tls_reader_t *this);
+ chunk_t (*peek)(bio_reader_t *this);
/**
* Read a 8-bit integer from the buffer, advance.
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint8)(tls_reader_t *this, u_int8_t *res);
+ bool (*read_uint8)(bio_reader_t *this, u_int8_t *res);
/**
* Read a 16-bit integer from the buffer, advance.
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint16)(tls_reader_t *this, u_int16_t *res);
+ bool (*read_uint16)(bio_reader_t *this, u_int16_t *res);
/**
* Read a 24-bit integer from the buffer, advance.
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint24)(tls_reader_t *this, u_int32_t *res);
+ bool (*read_uint24)(bio_reader_t *this, u_int32_t *res);
/**
* Read a 32-bit integer from the buffer, advance.
* @param res pointer to result
* @return TRUE if integer read successfully
*/
- bool (*read_uint32)(tls_reader_t *this, u_int32_t *res);
+ bool (*read_uint32)(bio_reader_t *this, u_int32_t *res);
/**
* Read a chunk of len bytes, advance.
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data)(tls_reader_t *this, u_int32_t len, chunk_t *res);
+ bool (*read_data)(bio_reader_t *this, u_int32_t len, chunk_t *res);
/**
* Read a chunk of bytes with a 8-bit length header, advance.
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data8)(tls_reader_t *this, chunk_t *res);
+ bool (*read_data8)(bio_reader_t *this, chunk_t *res);
/**
* Read a chunk of bytes with a 16-bit length header, advance.
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data16)(tls_reader_t *this, chunk_t *res);
+ bool (*read_data16)(bio_reader_t *this, chunk_t *res);
/**
* Read a chunk of bytes with a 24-bit length header, advance.
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data24)(tls_reader_t *this, chunk_t *res);
+ bool (*read_data24)(bio_reader_t *this, chunk_t *res);
/**
* Read a chunk of bytes with a 32-bit length header, advance.
* @param res pointer to result, not cloned
* @return TRUE if data read successfully
*/
- bool (*read_data32)(tls_reader_t *this, chunk_t *res);
+ bool (*read_data32)(bio_reader_t *this, chunk_t *res);
/**
- * Destroy a tls_reader_t.
+ * Destroy a bio_reader_t.
*/
- void (*destroy)(tls_reader_t *this);
+ void (*destroy)(bio_reader_t *this);
};
/**
- * Create a tls_reader instance.
+ * Create a bio_reader instance.
*/
-tls_reader_t *tls_reader_create(chunk_t data);
+bio_reader_t *bio_reader_create(chunk_t data);
-#endif /** tls_reader_H_ @}*/
+#endif /** bio_reader_H_ @}*/
* for more details.
*/
-#include "tls_writer.h"
+#include "bio_writer.h"
-typedef struct private_tls_writer_t private_tls_writer_t;
+typedef struct private_bio_writer_t private_bio_writer_t;
/**
- * Private data of an tls_writer_t object.
+ * Private data of an bio_writer_t object.
*/
-struct private_tls_writer_t {
+struct private_bio_writer_t {
/**
- * Public tls_writer_t interface.
+ * Public bio_writer_t interface.
*/
- tls_writer_t public;
+ bio_writer_t public;
/**
* Allocated buffer
/**
* Increase buffer size
*/
-static void increase(private_tls_writer_t *this)
+static void increase(private_bio_writer_t *this)
{
this->buf.len += this->increase;
this->buf.ptr = realloc(this->buf.ptr, this->buf.len);
}
-METHOD(tls_writer_t, write_uint8, void,
- private_tls_writer_t *this, u_int8_t value)
+METHOD(bio_writer_t, write_uint8, void,
+ private_bio_writer_t *this, u_int8_t value)
{
if (this->used + 1 > this->buf.len)
{
this->used += 1;
}
-METHOD(tls_writer_t, write_uint16, void,
- private_tls_writer_t *this, u_int16_t value)
+METHOD(bio_writer_t, write_uint16, void,
+ private_bio_writer_t *this, u_int16_t value)
{
if (this->used + 2 > this->buf.len)
{
this->used += 2;
}
-METHOD(tls_writer_t, write_uint24, void,
- private_tls_writer_t *this, u_int32_t value)
+METHOD(bio_writer_t, write_uint24, void,
+ private_bio_writer_t *this, u_int32_t value)
{
if (this->used + 3 > this->buf.len)
{
this->used += 3;
}
-METHOD(tls_writer_t, write_uint32, void,
- private_tls_writer_t *this, u_int32_t value)
+METHOD(bio_writer_t, write_uint32, void,
+ private_bio_writer_t *this, u_int32_t value)
{
if (this->used + 4 > this->buf.len)
{
this->used += 4;
}
-METHOD(tls_writer_t, write_data, void,
- private_tls_writer_t *this, chunk_t value)
+METHOD(bio_writer_t, write_data, void,
+ private_bio_writer_t *this, chunk_t value)
{
while (this->used + value.len > this->buf.len)
{
this->used += value.len;
}
-METHOD(tls_writer_t, write_data8, void,
- private_tls_writer_t *this, chunk_t value)
+METHOD(bio_writer_t, write_data8, void,
+ private_bio_writer_t *this, chunk_t value)
{
write_uint8(this, value.len);
write_data(this, value);
}
-METHOD(tls_writer_t, write_data16, void,
- private_tls_writer_t *this, chunk_t value)
+METHOD(bio_writer_t, write_data16, void,
+ private_bio_writer_t *this, chunk_t value)
{
write_uint16(this, value.len);
write_data(this, value);
}
-METHOD(tls_writer_t, write_data24, void,
- private_tls_writer_t *this, chunk_t value)
+METHOD(bio_writer_t, write_data24, void,
+ private_bio_writer_t *this, chunk_t value)
{
write_uint24(this, value.len);
write_data(this, value);
}
-METHOD(tls_writer_t, write_data32, void,
- private_tls_writer_t *this, chunk_t value)
+METHOD(bio_writer_t, write_data32, void,
+ private_bio_writer_t *this, chunk_t value)
{
write_uint32(this, value.len);
write_data(this, value);
}
-METHOD(tls_writer_t, wrap8, void,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, wrap8, void,
+ private_bio_writer_t *this)
{
if (this->used + 1 > this->buf.len)
{
this->used += 1;
}
-METHOD(tls_writer_t, wrap16, void,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, wrap16, void,
+ private_bio_writer_t *this)
{
if (this->used + 2 > this->buf.len)
{
this->used += 2;
}
-METHOD(tls_writer_t, wrap24, void,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, wrap24, void,
+ private_bio_writer_t *this)
{
u_int32_t len;
this->used += 3;
}
-METHOD(tls_writer_t, wrap32, void,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, wrap32, void,
+ private_bio_writer_t *this)
{
if (this->used + 4 > this->buf.len)
{
this->used += 4;
}
-METHOD(tls_writer_t, get_buf, chunk_t,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, get_buf, chunk_t,
+ private_bio_writer_t *this)
{
return chunk_create(this->buf.ptr, this->used);
}
-METHOD(tls_writer_t, destroy, void,
- private_tls_writer_t *this)
+METHOD(bio_writer_t, destroy, void,
+ private_bio_writer_t *this)
{
free(this->buf.ptr);
free(this);
/**
* See header
*/
-tls_writer_t *tls_writer_create(u_int32_t bufsize)
+bio_writer_t *bio_writer_create(u_int32_t bufsize)
{
- private_tls_writer_t *this;
+ private_bio_writer_t *this;
INIT(this,
.public = {
*/
/**
- * @defgroup tls_writer tls_writer
- * @{ @ingroup libtls
+ * @defgroup bio_writer bio_writer
+ * @{ @ingroup bio
*/
-#ifndef TLS_WRITER_H_
-#define TLS_WRITER_H_
+#ifndef BIO_WRITER_H_
+#define BIO_WRITER_H_
-typedef struct tls_writer_t tls_writer_t;
+typedef struct bio_writer_t bio_writer_t;
#include <library.h>
/**
- * TLS record generator.
+ * Buffered output generator.
*/
-struct tls_writer_t {
+struct bio_writer_t {
/**
* Append a 8-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint8)(tls_writer_t *this, u_int8_t value);
+ void (*write_uint8)(bio_writer_t *this, u_int8_t value);
/**
* Append a 16-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint16)(tls_writer_t *this, u_int16_t value);
+ void (*write_uint16)(bio_writer_t *this, u_int16_t value);
/**
* Append a 24-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint24)(tls_writer_t *this, u_int32_t value);
+ void (*write_uint24)(bio_writer_t *this, u_int32_t value);
/**
* Append a 32-bit integer to the buffer.
*
* @param value value to append
*/
- void (*write_uint32)(tls_writer_t *this, u_int32_t value);
+ void (*write_uint32)(bio_writer_t *this, u_int32_t value);
/**
* Append a chunk of data without a length header.
*
* @param value value to append
*/
- void (*write_data)(tls_writer_t *this, chunk_t value);
+ void (*write_data)(bio_writer_t *this, chunk_t value);
/**
* Append a chunk of data with a 8-bit length header.
*
* @param value value to append
*/
- void (*write_data8)(tls_writer_t *this, chunk_t value);
+ void (*write_data8)(bio_writer_t *this, chunk_t value);
/**
* Append a chunk of data with a 16-bit length header.
*
* @param value value to append
*/
- void (*write_data16)(tls_writer_t *this, chunk_t value);
+ void (*write_data16)(bio_writer_t *this, chunk_t value);
/**
* Append a chunk of data with a 24-bit length header.
*
* @param value value to append
*/
- void (*write_data24)(tls_writer_t *this, chunk_t value);
+ void (*write_data24)(bio_writer_t *this, chunk_t value);
/**
* Append a chunk of data with a 32-bit length header.
*
* @param value value to append
*/
- void (*write_data32)(tls_writer_t *this, chunk_t value);
+ void (*write_data32)(bio_writer_t *this, chunk_t value);
/**
* Prepend a 8-bit length header to existing data.
*/
- void (*wrap8)(tls_writer_t *this);
+ void (*wrap8)(bio_writer_t *this);
/**
* Prepend a 16-bit length header to existing data.
*/
- void (*wrap16)(tls_writer_t *this);
+ void (*wrap16)(bio_writer_t *this);
/**
* Prepend a 24-bit length header to existing data.
*/
- void (*wrap24)(tls_writer_t *this);
+ void (*wrap24)(bio_writer_t *this);
/**
* Prepend a 32-bit length header to existing data.
*/
- void (*wrap32)(tls_writer_t *this);
+ void (*wrap32)(bio_writer_t *this);
/**
* Get the encoded data buffer.
*
* @return chunk to internal buffer
*/
- chunk_t (*get_buf)(tls_writer_t *this);
+ chunk_t (*get_buf)(bio_writer_t *this);
/**
- * Destroy a tls_writer_t.
+ * Destroy a bio_writer_t.
*/
- void (*destroy)(tls_writer_t *this);
+ void (*destroy)(bio_writer_t *this);
};
/**
- * Create a tls_writer instance.
+ * Create a bio_writer instance.
*
* @param bufsize initially allocated buffer size
*/
-tls_writer_t *tls_writer_create(u_int32_t bufsize);
+bio_writer_t *bio_writer_create(u_int32_t bufsize);
-#endif /** TLS_WRITER_H_ @}*/
+#endif /** BIO_WRITER_H_ @}*/
tls_alert.h tls_alert.c \
tls_crypto.h tls_crypto.c \
tls_prf.h tls_prf.c \
- tls_reader.h tls_reader.c \
- tls_writer.h tls_writer.c \
tls_socket.h tls_socket.c \
tls_eap.h tls_eap.c \
tls_peer.h tls_peer.c \
typedef struct tls_application_t tls_application_t;
-#include "tls_reader.h"
-#include "tls_writer.h"
+#include <bio/bio_reader.h>
+#include <bio/bio_writer.h>
/**
* TLS application data interface.
* - FAILED if application data processing failed
* - NEED_MORE if another invocation of process/build needed
*/
- status_t (*process)(tls_application_t *this, tls_reader_t *reader);
+ status_t (*process)(tls_application_t *this, bio_reader_t *reader);
/**
* Build TLS application data to send out.
* - NEED_MORE if more data ready for delivery
* - INVALID_STATE if more input to process() required
*/
- status_t (*build)(tls_application_t *this, tls_writer_t *writer);
+ status_t (*build)(tls_application_t *this, bio_writer_t *writer);
/**
* Destroy a tls_application_t.
}
METHOD(tls_crypto_t, get_signature_algorithms, void,
- private_tls_crypto_t *this, tls_writer_t *writer)
+ private_tls_crypto_t *this, bio_writer_t *writer)
{
- tls_writer_t *supported;
+ bio_writer_t *supported;
enumerator_t *enumerator;
hash_algorithm_t alg;
tls_hash_algorithm_t hash;
const char *plugin_name;
- supported = tls_writer_create(32);
+ supported = bio_writer_create(32);
enumerator = lib->crypto->create_hasher_enumerator(lib->crypto);
while (enumerator->enumerate(enumerator, &alg, &plugin_name))
{
}
METHOD(tls_crypto_t, sign, bool,
- private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer,
+ private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer,
chunk_t data, chunk_t hashsig)
{
if (this->tls->get_version(this->tls) >= TLS_1_2)
{
signature_scheme_t scheme;
- tls_reader_t *reader;
+ bio_reader_t *reader;
u_int8_t hash, alg;
chunk_t sig;
bool done = FALSE;
hashsig = chunk_from_chars(
TLS_HASH_SHA1, TLS_SIG_RSA, TLS_HASH_SHA1, TLS_SIG_ECDSA);
}
- reader = tls_reader_create(hashsig);
+ reader = bio_reader_create(hashsig);
while (reader->remaining(reader) >= 2)
{
if (reader->read_uint8(reader, &hash) &&
}
METHOD(tls_crypto_t, verify, bool,
- private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader,
+ private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader,
chunk_t data)
{
if (this->tls->get_version(this->tls) >= TLS_1_2)
}
METHOD(tls_crypto_t, sign_handshake, bool,
- private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer,
+ private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer,
chunk_t hashsig)
{
return sign(this, key, writer, this->handshake, hashsig);
}
METHOD(tls_crypto_t, verify_handshake, bool,
- private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader)
+ private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader)
{
return verify(this, key, reader, this->handshake);
}
*
* @param writer writer to write supported hash/sig algorithms
*/
- void (*get_signature_algorithms)(tls_crypto_t *this, tls_writer_t *writer);
+ void (*get_signature_algorithms)(tls_crypto_t *this, bio_writer_t *writer);
/**
* Create an enumerator over supported ECDH groups.
* @return TRUE if signature create successfully
*/
bool (*sign)(tls_crypto_t *this, private_key_t *key,
- tls_writer_t *writer, chunk_t data, chunk_t hashsig);
+ bio_writer_t *writer, chunk_t data, chunk_t hashsig);
/**
* Verify a blob of data, read signature from a reader.
* @return TRUE if signature valid
*/
bool (*verify)(tls_crypto_t *this, public_key_t *key,
- tls_reader_t *reader, chunk_t data);
+ bio_reader_t *reader, chunk_t data);
/**
* Create a signature of the handshake data using a given private key.
* @return TRUE if signature create successfully
*/
bool (*sign_handshake)(tls_crypto_t *this, private_key_t *key,
- tls_writer_t *writer, chunk_t hashsig);
+ bio_writer_t *writer, chunk_t hashsig);
/**
* Verify the signature over handshake data using a given public key.
* @return TRUE if signature valid
*/
bool (*verify_handshake)(tls_crypto_t *this, public_key_t *key,
- tls_reader_t *reader);
+ bio_reader_t *reader);
/**
* Calculate the data of a TLS finished message.
#include "tls_fragmentation.h"
-#include "tls_reader.h"
-
+#include <bio/bio_reader.h>
#include <debug.h>
typedef struct private_tls_fragmentation_t private_tls_fragmentation_t;
* Process a TLS alert
*/
static status_t process_alert(private_tls_fragmentation_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
u_int8_t level, description;
* Process TLS handshake protocol data
*/
static status_t process_handshake(private_tls_fragmentation_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
while (reader->remaining(reader))
{
- tls_reader_t *msg;
+ bio_reader_t *msg;
u_int8_t type;
u_int32_t len;
status_t status;
if (this->input.len == this->inpos)
{ /* message completely defragmented, process */
- msg = tls_reader_create(this->input);
+ msg = bio_reader_create(this->input);
DBG2(DBG_TLS, "received TLS %N handshake (%u bytes)",
tls_handshake_type_names, this->type, this->input.len);
status = this->handshake->process(this->handshake, this->type, msg);
* Process TLS application data
*/
static status_t process_application(private_tls_fragmentation_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
while (reader->remaining(reader))
{
METHOD(tls_fragmentation_t, process, status_t,
private_tls_fragmentation_t *this, tls_content_type_t type, chunk_t data)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
status_t status;
switch (this->state)
case ALERT_NONE:
break;
}
- reader = tls_reader_create(data);
+ reader = bio_reader_create(data);
switch (type)
{
case TLS_CHANGE_CIPHER_SPEC:
{
tls_alert_level_t level;
tls_alert_desc_t desc;
- tls_writer_t *writer;
+ bio_writer_t *writer;
if (this->alert->get(this->alert, &level, &desc))
{
- writer = tls_writer_create(2);
+ writer = bio_writer_create(2);
writer->write_uint8(writer, level);
writer->write_uint8(writer, desc);
*/
static status_t build_handshake(private_tls_fragmentation_t *this)
{
- tls_writer_t *hs, *msg;
+ bio_writer_t *hs, *msg;
tls_handshake_type_t type;
status_t status;
- msg = tls_writer_create(64);
+ msg = bio_writer_create(64);
while (TRUE)
{
- hs = tls_writer_create(64);
+ hs = bio_writer_create(64);
status = this->handshake->build(this->handshake, &type, hs);
switch (status)
{
*/
static status_t build_application(private_tls_fragmentation_t *this)
{
- tls_writer_t *msg;
+ bio_writer_t *msg;
status_t status;
- msg = tls_writer_create(64);
+ msg = bio_writer_create(64);
while (TRUE)
{
status = this->application->build(this->application, msg);
typedef struct tls_handshake_t tls_handshake_t;
#include "tls.h"
-#include "tls_reader.h"
-#include "tls_writer.h"
+
+#include <bio/bio_reader.h>
+#include <bio/bio_writer.h>
/**
* TLS handshake state machine interface.
* - DESTROY_ME if a fatal TLS alert received
*/
status_t (*process)(tls_handshake_t *this,
- tls_handshake_type_t type, tls_reader_t *reader);
+ tls_handshake_type_t type, bio_reader_t *reader);
/**
* Build TLS handshake messages to send out.
* - INVALID_STATE if more input to process() required
*/
status_t (*build)(tls_handshake_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer);
+ tls_handshake_type_t *type, bio_writer_t *writer);
/**
* Check if the cipher spec for outgoing messages has changed.
* Process a server hello message
*/
static status_t process_server_hello(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
u_int8_t compression;
u_int16_t version, cipher;
* Process a Certificate message
*/
static status_t process_certificate(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
certificate_t *cert;
- tls_reader_t *certs;
+ bio_reader_t *certs;
chunk_t data;
bool first = TRUE;
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
return NEED_MORE;
}
- certs = tls_reader_create(data);
+ certs = bio_reader_create(data);
while (certs->remaining(certs))
{
if (!certs->read_data24(certs, &data))
* Process a Key Exchange message using MODP Diffie Hellman
*/
static status_t process_modp_key_exchange(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
chunk_t prime, generator, pub, chunk;
public_key_t *public;
* Process a Key Exchange message using EC Diffie Hellman
*/
static status_t process_ec_key_exchange(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
diffie_hellman_group_t group;
public_key_t *public;
* Process a Server Key Exchange
*/
static status_t process_key_exchange(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
diffie_hellman_group_t group;
/**
* Process a Certificate Request message
*/
-static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader)
+static status_t process_certreq(private_tls_peer_t *this, bio_reader_t *reader)
{
chunk_t types, hashsig, data;
- tls_reader_t *authorities;
+ bio_reader_t *authorities;
identification_t *id;
certificate_t *cert;
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
return NEED_MORE;
}
- authorities = tls_reader_create(data);
+ authorities = bio_reader_create(data);
while (authorities->remaining(authorities))
{
if (!authorities->read_data16(authorities, &data))
* Process Hello Done message
*/
static status_t process_hello_done(private_tls_peer_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
this->crypto->append_handshake(this->crypto,
TLS_SERVER_HELLO_DONE, reader->peek(reader));
/**
* Process finished message
*/
-static status_t process_finished(private_tls_peer_t *this, tls_reader_t *reader)
+static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader)
{
chunk_t received;
char buf[12];
}
METHOD(tls_handshake_t, process, status_t,
- private_tls_peer_t *this, tls_handshake_type_t type, tls_reader_t *reader)
+ private_tls_peer_t *this, tls_handshake_type_t type, bio_reader_t *reader)
{
tls_handshake_type_t expected;
* Send a client hello
*/
static status_t send_client_hello(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
tls_cipher_suite_t *suites;
- tls_writer_t *extensions, *curves = NULL;
+ bio_writer_t *extensions, *curves = NULL;
tls_version_t version;
tls_named_curve_t curve;
enumerator_t *enumerator;
writer->write_uint8(writer, 1);
writer->write_uint8(writer, 0);
- extensions = tls_writer_create(32);
+ extensions = bio_writer_create(32);
extensions->write_uint16(extensions, TLS_EXT_SIGNATURE_ALGORITHMS);
this->crypto->get_signature_algorithms(this->crypto, extensions);
if (!curves)
{
extensions->write_uint16(extensions, TLS_EXT_ELLIPTIC_CURVES);
- curves = tls_writer_create(16);
+ curves = bio_writer_create(16);
}
curves->write_uint16(curves, curve);
}
}
if (this->server->get_type(this->server) == ID_FQDN)
{
- tls_writer_t *names;
+ bio_writer_t *names;
DBG2(DBG_TLS, "sending Server Name Indication for '%Y'", this->server);
- names = tls_writer_create(8);
+ names = bio_writer_create(8);
names->write_uint8(names, TLS_NAME_TYPE_HOST_NAME);
names->write_data16(names, this->server->get_encoding(this->server));
names->wrap16(names);
static private_key_t *find_private_key(private_tls_peer_t *this)
{
private_key_t *key = NULL;
- tls_reader_t *reader;
+ bio_reader_t *reader;
key_type_t type;
u_int8_t cert;
{
return NULL;
}
- reader = tls_reader_create(this->cert_types);
+ reader = bio_reader_create(this->cert_types);
while (reader->remaining(reader) && reader->read_uint8(reader, &cert))
{
switch (cert)
* Send Certificate
*/
static status_t send_certificate(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
enumerator_t *enumerator;
certificate_t *cert;
auth_rule_t rule;
- tls_writer_t *certs;
+ bio_writer_t *certs;
chunk_t data;
this->private = find_private_key(this);
}
/* generate certificate payload */
- certs = tls_writer_create(256);
+ certs = bio_writer_create(256);
if (this->peer)
{
cert = this->peer_auth->get(this->peer_auth, AUTH_RULE_SUBJECT_CERT);
* Send client key exchange, using premaster encryption
*/
static status_t send_key_exchange_encrypt(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
public_key_t *public;
rng_t *rng;
* Send client key exchange, using DHE exchange
*/
static status_t send_key_exchange_dhe(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
chunk_t premaster, pub;
* Send client key exchange, depending on suite
*/
static status_t send_key_exchange(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
if (this->dh)
{
* Send certificate verify
*/
static status_t send_certificate_verify(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
if (!this->private ||
!this->crypto->sign_handshake(this->crypto, this->private,
* Send Finished
*/
static status_t send_finished(private_tls_peer_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
char buf[12];
}
METHOD(tls_handshake_t, build, status_t,
- private_tls_peer_t *this, tls_handshake_type_t *type, tls_writer_t *writer)
+ private_tls_peer_t *this, tls_handshake_type_t *type, bio_writer_t *writer)
{
switch (this->state)
{
* Process client hello message
*/
static status_t process_client_hello(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
u_int16_t version, extension;
chunk_t random, session, ciphers, compression, ext = chunk_empty;
- tls_reader_t *extensions;
+ bio_reader_t *extensions;
tls_cipher_suite_t *suites;
int count, i;
if (ext.len)
{
- extensions = tls_reader_create(ext);
+ extensions = bio_reader_create(ext);
while (extensions->remaining(extensions))
{
if (!extensions->read_uint16(extensions, &extension) ||
* Process certificate
*/
static status_t process_certificate(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
certificate_t *cert;
- tls_reader_t *certs;
+ bio_reader_t *certs;
chunk_t data;
bool first = TRUE;
this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR);
return NEED_MORE;
}
- certs = tls_reader_create(data);
+ certs = bio_reader_create(data);
while (certs->remaining(certs))
{
if (!certs->read_data24(certs, &data))
* Process Client Key Exchange, using premaster encryption
*/
static status_t process_key_exchange_encrypted(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
chunk_t encrypted, decrypted;
char premaster[48];
* Process client key exchange, using DHE exchange
*/
static status_t process_key_exchange_dhe(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
chunk_t premaster, pub;
bool ec;
* Process Client Key Exchange
*/
static status_t process_key_exchange(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
if (this->dh)
{
* Process Certificate verify
*/
static status_t process_cert_verify(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
bool verified = FALSE;
enumerator_t *enumerator;
public_key_t *public;
auth_cfg_t *auth;
- tls_reader_t *sig;
+ bio_reader_t *sig;
enumerator = lib->credmgr->create_public_enumerator(lib->credmgr,
KEY_ANY, this->peer, this->peer_auth);
while (enumerator->enumerate(enumerator, &public, &auth))
{
- sig = tls_reader_create(reader->peek(reader));
+ sig = bio_reader_create(reader->peek(reader));
verified = this->crypto->verify_handshake(this->crypto, public, sig);
sig->destroy(sig);
if (verified)
* Process finished message
*/
static status_t process_finished(private_tls_server_t *this,
- tls_reader_t *reader)
+ bio_reader_t *reader)
{
chunk_t received;
char buf[12];
}
METHOD(tls_handshake_t, process, status_t,
- private_tls_server_t *this, tls_handshake_type_t type, tls_reader_t *reader)
+ private_tls_server_t *this, tls_handshake_type_t type, bio_reader_t *reader)
{
tls_handshake_type_t expected;
* Send ServerHello message
*/
static status_t send_server_hello(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
tls_version_t version;
rng_t *rng;
* Send Certificate
*/
static status_t send_certificate(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
enumerator_t *enumerator;
certificate_t *cert;
auth_rule_t rule;
- tls_writer_t *certs;
+ bio_writer_t *certs;
chunk_t data;
/* generate certificate payload */
- certs = tls_writer_create(256);
+ certs = bio_writer_create(256);
cert = this->server_auth->get(this->server_auth, AUTH_RULE_SUBJECT_CERT);
if (cert)
{
* Send Certificate Request
*/
static status_t send_certificate_request(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
- tls_writer_t *authorities, *supported;
+ bio_writer_t *authorities, *supported;
enumerator_t *enumerator;
certificate_t *cert;
x509_t *x509;
identification_t *id;
- supported = tls_writer_create(4);
+ supported = bio_writer_create(4);
/* we propose both RSA and ECDSA */
supported->write_uint8(supported, TLS_RSA_SIGN);
supported->write_uint8(supported, TLS_ECDSA_SIGN);
this->crypto->get_signature_algorithms(this->crypto, writer);
}
- authorities = tls_writer_create(64);
+ authorities = bio_writer_create(64);
enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
CERT_X509, KEY_RSA, NULL, TRUE);
while (enumerator->enumerate(enumerator, &cert))
*/
bool peer_supports_curve(private_tls_server_t *this, tls_named_curve_t curve)
{
- tls_reader_t *reader;
+ bio_reader_t *reader;
u_int16_t current;
if (!this->curves_received)
{ /* none received, assume yes */
return TRUE;
}
- reader = tls_reader_create(this->curves);
+ reader = bio_reader_create(this->curves);
while (reader->remaining(reader) && reader->read_uint16(reader, ¤t))
{
if (current == curve)
* Send Server key Exchange
*/
static status_t send_server_key_exchange(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer,
+ tls_handshake_type_t *type, bio_writer_t *writer,
diffie_hellman_group_t group)
{
diffie_hellman_params_t *params = NULL;
* Send Hello Done
*/
static status_t send_hello_done(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
*type = TLS_SERVER_HELLO_DONE;
this->state = STATE_HELLO_DONE;
* Send Finished
*/
static status_t send_finished(private_tls_server_t *this,
- tls_handshake_type_t *type, tls_writer_t *writer)
+ tls_handshake_type_t *type, bio_writer_t *writer)
{
char buf[12];
}
METHOD(tls_handshake_t, build, status_t,
- private_tls_server_t *this, tls_handshake_type_t *type, tls_writer_t *writer)
+ private_tls_server_t *this, tls_handshake_type_t *type, bio_writer_t *writer)
{
diffie_hellman_group_t group;
};
METHOD(tls_application_t, process, status_t,
- private_tls_application_t *this, tls_reader_t *reader)
+ private_tls_application_t *this, bio_reader_t *reader)
{
chunk_t data;
}
METHOD(tls_application_t, build, status_t,
- private_tls_application_t *this, tls_writer_t *writer)
+ private_tls_application_t *this, bio_writer_t *writer)
{
if (this->out.len)
{
projects / people / ms / strongswan.git / commitdiff
