diff options
Diffstat (limited to 'src/libtls')
| -rw-r--r-- | src/libtls/Makefile.am | 2 | ||||
| -rw-r--r-- | src/libtls/tls_application.h | 8 | ||||
| -rw-r--r-- | src/libtls/tls_crypto.c | 18 | ||||
| -rw-r--r-- | src/libtls/tls_crypto.h | 10 | ||||
| -rw-r--r-- | src/libtls/tls_fragmentation.c | 31 | ||||
| -rw-r--r-- | src/libtls/tls_handshake.h | 9 | ||||
| -rw-r--r-- | src/libtls/tls_peer.c | 60 | ||||
| -rw-r--r-- | src/libtls/tls_server.c | 56 | ||||
| -rw-r--r-- | src/libtls/tls_socket.c | 4 |
9 files changed, 98 insertions, 100 deletions
diff --git a/src/libtls/Makefile.am b/src/libtls/Makefile.am index a58e783d7..3be8b46c4 100644 --- a/src/libtls/Makefile.am +++ b/src/libtls/Makefile.am @@ -9,8 +9,6 @@ libtls_la_SOURCES = \ tls_alert.h tls_alert.c \ tls_crypto.h tls_crypto.c \ tls_prf.h tls_prf.c \ - tls_reader.h tls_reader.c \ - tls_writer.h tls_writer.c \ tls_socket.h tls_socket.c \ tls_eap.h tls_eap.c \ tls_peer.h tls_peer.c \ diff --git a/src/libtls/tls_application.h b/src/libtls/tls_application.h index b54a25e22..bd839fbb6 100644 --- a/src/libtls/tls_application.h +++ b/src/libtls/tls_application.h @@ -23,8 +23,8 @@ typedef struct tls_application_t tls_application_t; -#include "tls_reader.h" -#include "tls_writer.h" +#include <bio/bio_reader.h> +#include <bio/bio_writer.h> /** * TLS application data interface. @@ -40,7 +40,7 @@ struct tls_application_t { * - FAILED if application data processing failed * - NEED_MORE if another invocation of process/build needed */ - status_t (*process)(tls_application_t *this, tls_reader_t *reader); + status_t (*process)(tls_application_t *this, bio_reader_t *reader); /** * Build TLS application data to send out. @@ -52,7 +52,7 @@ struct tls_application_t { * - NEED_MORE if more data ready for delivery * - INVALID_STATE if more input to process() required */ - status_t (*build)(tls_application_t *this, tls_writer_t *writer); + status_t (*build)(tls_application_t *this, bio_writer_t *writer); /** * Destroy a tls_application_t. diff --git a/src/libtls/tls_crypto.c b/src/libtls/tls_crypto.c index b000f9d47..b5fd6a3f1 100644 --- a/src/libtls/tls_crypto.c +++ b/src/libtls/tls_crypto.c @@ -1057,15 +1057,15 @@ METHOD(tls_crypto_t, get_dh_group, diffie_hellman_group_t, } METHOD(tls_crypto_t, get_signature_algorithms, void, - private_tls_crypto_t *this, tls_writer_t *writer) + private_tls_crypto_t *this, bio_writer_t *writer) { - tls_writer_t *supported; + bio_writer_t *supported; enumerator_t *enumerator; hash_algorithm_t alg; tls_hash_algorithm_t hash; const char *plugin_name; - supported = tls_writer_create(32); + supported = bio_writer_create(32); enumerator = lib->crypto->create_hasher_enumerator(lib->crypto); while (enumerator->enumerate(enumerator, &alg, &plugin_name)) { @@ -1280,13 +1280,13 @@ static signature_scheme_t hashsig_to_scheme(key_type_t type, } METHOD(tls_crypto_t, sign, bool, - private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer, + private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer, chunk_t data, chunk_t hashsig) { if (this->tls->get_version(this->tls) >= TLS_1_2) { signature_scheme_t scheme; - tls_reader_t *reader; + bio_reader_t *reader; u_int8_t hash, alg; chunk_t sig; bool done = FALSE; @@ -1296,7 +1296,7 @@ METHOD(tls_crypto_t, sign, bool, hashsig = chunk_from_chars( TLS_HASH_SHA1, TLS_SIG_RSA, TLS_HASH_SHA1, TLS_SIG_ECDSA); } - reader = tls_reader_create(hashsig); + reader = bio_reader_create(hashsig); while (reader->remaining(reader) >= 2) { if (reader->read_uint8(reader, &hash) && @@ -1361,7 +1361,7 @@ METHOD(tls_crypto_t, sign, bool, } METHOD(tls_crypto_t, verify, bool, - private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader, + private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader, chunk_t data) { if (this->tls->get_version(this->tls) >= TLS_1_2) @@ -1432,14 +1432,14 @@ METHOD(tls_crypto_t, verify, bool, } METHOD(tls_crypto_t, sign_handshake, bool, - private_tls_crypto_t *this, private_key_t *key, tls_writer_t *writer, + private_tls_crypto_t *this, private_key_t *key, bio_writer_t *writer, chunk_t hashsig) { return sign(this, key, writer, this->handshake, hashsig); } METHOD(tls_crypto_t, verify_handshake, bool, - private_tls_crypto_t *this, public_key_t *key, tls_reader_t *reader) + private_tls_crypto_t *this, public_key_t *key, bio_reader_t *reader) { return verify(this, key, reader, this->handshake); } diff --git a/src/libtls/tls_crypto.h b/src/libtls/tls_crypto.h index f57b8f3e1..35c9b6e05 100644 --- a/src/libtls/tls_crypto.h +++ b/src/libtls/tls_crypto.h @@ -427,7 +427,7 @@ struct tls_crypto_t { * * @param writer writer to write supported hash/sig algorithms */ - void (*get_signature_algorithms)(tls_crypto_t *this, tls_writer_t *writer); + void (*get_signature_algorithms)(tls_crypto_t *this, bio_writer_t *writer); /** * Create an enumerator over supported ECDH groups. @@ -464,7 +464,7 @@ struct tls_crypto_t { * @return TRUE if signature create successfully */ bool (*sign)(tls_crypto_t *this, private_key_t *key, - tls_writer_t *writer, chunk_t data, chunk_t hashsig); + bio_writer_t *writer, chunk_t data, chunk_t hashsig); /** * Verify a blob of data, read signature from a reader. @@ -475,7 +475,7 @@ struct tls_crypto_t { * @return TRUE if signature valid */ bool (*verify)(tls_crypto_t *this, public_key_t *key, - tls_reader_t *reader, chunk_t data); + bio_reader_t *reader, chunk_t data); /** * Create a signature of the handshake data using a given private key. @@ -486,7 +486,7 @@ struct tls_crypto_t { * @return TRUE if signature create successfully */ bool (*sign_handshake)(tls_crypto_t *this, private_key_t *key, - tls_writer_t *writer, chunk_t hashsig); + bio_writer_t *writer, chunk_t hashsig); /** * Verify the signature over handshake data using a given public key. @@ -496,7 +496,7 @@ struct tls_crypto_t { * @return TRUE if signature valid */ bool (*verify_handshake)(tls_crypto_t *this, public_key_t *key, - tls_reader_t *reader); + bio_reader_t *reader); /** * Calculate the data of a TLS finished message. diff --git a/src/libtls/tls_fragmentation.c b/src/libtls/tls_fragmentation.c index 7d215bda1..72a7ce80a 100644 --- a/src/libtls/tls_fragmentation.c +++ b/src/libtls/tls_fragmentation.c @@ -15,8 +15,7 @@ #include "tls_fragmentation.h" -#include "tls_reader.h" - +#include <bio/bio_reader.h> #include <debug.h> typedef struct private_tls_fragmentation_t private_tls_fragmentation_t; @@ -108,7 +107,7 @@ struct private_tls_fragmentation_t { * Process a TLS alert */ static status_t process_alert(private_tls_fragmentation_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { u_int8_t level, description; @@ -125,11 +124,11 @@ static status_t process_alert(private_tls_fragmentation_t *this, * Process TLS handshake protocol data */ static status_t process_handshake(private_tls_fragmentation_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { while (reader->remaining(reader)) { - tls_reader_t *msg; + bio_reader_t *msg; u_int8_t type; u_int32_t len; status_t status; @@ -178,7 +177,7 @@ static status_t process_handshake(private_tls_fragmentation_t *this, if (this->input.len == this->inpos) { /* message completely defragmented, process */ - msg = tls_reader_create(this->input); + msg = bio_reader_create(this->input); DBG2(DBG_TLS, "received TLS %N handshake (%u bytes)", tls_handshake_type_names, this->type, this->input.len); status = this->handshake->process(this->handshake, this->type, msg); @@ -201,7 +200,7 @@ static status_t process_handshake(private_tls_fragmentation_t *this, * Process TLS application data */ static status_t process_application(private_tls_fragmentation_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { while (reader->remaining(reader)) { @@ -236,7 +235,7 @@ static status_t process_application(private_tls_fragmentation_t *this, METHOD(tls_fragmentation_t, process, status_t, private_tls_fragmentation_t *this, tls_content_type_t type, chunk_t data) { - tls_reader_t *reader; + bio_reader_t *reader; status_t status; switch (this->state) @@ -248,7 +247,7 @@ METHOD(tls_fragmentation_t, process, status_t, case ALERT_NONE: break; } - reader = tls_reader_create(data); + reader = bio_reader_create(data); switch (type) { case TLS_CHANGE_CIPHER_SPEC: @@ -284,11 +283,11 @@ static bool check_alerts(private_tls_fragmentation_t *this, chunk_t *data) { tls_alert_level_t level; tls_alert_desc_t desc; - tls_writer_t *writer; + bio_writer_t *writer; if (this->alert->get(this->alert, &level, &desc)) { - writer = tls_writer_create(2); + writer = bio_writer_create(2); writer->write_uint8(writer, level); writer->write_uint8(writer, desc); @@ -305,14 +304,14 @@ static bool check_alerts(private_tls_fragmentation_t *this, chunk_t *data) */ static status_t build_handshake(private_tls_fragmentation_t *this) { - tls_writer_t *hs, *msg; + bio_writer_t *hs, *msg; tls_handshake_type_t type; status_t status; - msg = tls_writer_create(64); + msg = bio_writer_create(64); while (TRUE) { - hs = tls_writer_create(64); + hs = bio_writer_create(64); status = this->handshake->build(this->handshake, &type, hs); switch (status) { @@ -346,10 +345,10 @@ static status_t build_handshake(private_tls_fragmentation_t *this) */ static status_t build_application(private_tls_fragmentation_t *this) { - tls_writer_t *msg; + bio_writer_t *msg; status_t status; - msg = tls_writer_create(64); + msg = bio_writer_create(64); while (TRUE) { status = this->application->build(this->application, msg); diff --git a/src/libtls/tls_handshake.h b/src/libtls/tls_handshake.h index 6703b341b..4f6af2a54 100644 --- a/src/libtls/tls_handshake.h +++ b/src/libtls/tls_handshake.h @@ -24,8 +24,9 @@ typedef struct tls_handshake_t tls_handshake_t; #include "tls.h" -#include "tls_reader.h" -#include "tls_writer.h" + +#include <bio/bio_reader.h> +#include <bio/bio_writer.h> /** * TLS handshake state machine interface. @@ -44,7 +45,7 @@ struct tls_handshake_t { * - DESTROY_ME if a fatal TLS alert received */ status_t (*process)(tls_handshake_t *this, - tls_handshake_type_t type, tls_reader_t *reader); + tls_handshake_type_t type, bio_reader_t *reader); /** * Build TLS handshake messages to send out. @@ -58,7 +59,7 @@ struct tls_handshake_t { * - INVALID_STATE if more input to process() required */ status_t (*build)(tls_handshake_t *this, - tls_handshake_type_t *type, tls_writer_t *writer); + tls_handshake_type_t *type, bio_writer_t *writer); /** * Check if the cipher spec for outgoing messages has changed. diff --git a/src/libtls/tls_peer.c b/src/libtls/tls_peer.c index 621f1729d..d3b5ff0aa 100644 --- a/src/libtls/tls_peer.c +++ b/src/libtls/tls_peer.c @@ -124,7 +124,7 @@ struct private_tls_peer_t { * Process a server hello message */ static status_t process_server_hello(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { u_int8_t compression; u_int16_t version, cipher; @@ -209,10 +209,10 @@ static bool check_certificate(private_tls_peer_t *this, certificate_t *cert) * Process a Certificate message */ static status_t process_certificate(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { certificate_t *cert; - tls_reader_t *certs; + bio_reader_t *certs; chunk_t data; bool first = TRUE; @@ -225,7 +225,7 @@ static status_t process_certificate(private_tls_peer_t *this, this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR); return NEED_MORE; } - certs = tls_reader_create(data); + certs = bio_reader_create(data); while (certs->remaining(certs)) { if (!certs->read_data24(certs, &data)) @@ -302,7 +302,7 @@ static public_key_t *find_public_key(private_tls_peer_t *this) * Process a Key Exchange message using MODP Diffie Hellman */ static status_t process_modp_key_exchange(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { chunk_t prime, generator, pub, chunk; public_key_t *public; @@ -379,7 +379,7 @@ static diffie_hellman_group_t curve_to_ec_group(private_tls_peer_t *this, * Process a Key Exchange message using EC Diffie Hellman */ static status_t process_ec_key_exchange(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { diffie_hellman_group_t group; public_key_t *public; @@ -466,7 +466,7 @@ static status_t process_ec_key_exchange(private_tls_peer_t *this, * Process a Server Key Exchange */ static status_t process_key_exchange(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { diffie_hellman_group_t group; @@ -491,10 +491,10 @@ static status_t process_key_exchange(private_tls_peer_t *this, /** * Process a Certificate Request message */ -static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader) +static status_t process_certreq(private_tls_peer_t *this, bio_reader_t *reader) { chunk_t types, hashsig, data; - tls_reader_t *authorities; + bio_reader_t *authorities; identification_t *id; certificate_t *cert; @@ -529,7 +529,7 @@ static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader) this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR); return NEED_MORE; } - authorities = tls_reader_create(data); + authorities = bio_reader_create(data); while (authorities->remaining(authorities)) { if (!authorities->read_data16(authorities, &data)) @@ -565,7 +565,7 @@ static status_t process_certreq(private_tls_peer_t *this, tls_reader_t *reader) * Process Hello Done message */ static status_t process_hello_done(private_tls_peer_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { this->crypto->append_handshake(this->crypto, TLS_SERVER_HELLO_DONE, reader->peek(reader)); @@ -576,7 +576,7 @@ static status_t process_hello_done(private_tls_peer_t *this, /** * Process finished message */ -static status_t process_finished(private_tls_peer_t *this, tls_reader_t *reader) +static status_t process_finished(private_tls_peer_t *this, bio_reader_t *reader) { chunk_t received; char buf[12]; @@ -607,7 +607,7 @@ static status_t process_finished(private_tls_peer_t *this, tls_reader_t *reader) } METHOD(tls_handshake_t, process, status_t, - private_tls_peer_t *this, tls_handshake_type_t type, tls_reader_t *reader) + private_tls_peer_t *this, tls_handshake_type_t type, bio_reader_t *reader) { tls_handshake_type_t expected; @@ -670,10 +670,10 @@ METHOD(tls_handshake_t, process, status_t, * Send a client hello */ static status_t send_client_hello(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { tls_cipher_suite_t *suites; - tls_writer_t *extensions, *curves = NULL; + bio_writer_t *extensions, *curves = NULL; tls_version_t version; tls_named_curve_t curve; enumerator_t *enumerator; @@ -711,7 +711,7 @@ static status_t send_client_hello(private_tls_peer_t *this, writer->write_uint8(writer, 1); writer->write_uint8(writer, 0); - extensions = tls_writer_create(32); + extensions = bio_writer_create(32); extensions->write_uint16(extensions, TLS_EXT_SIGNATURE_ALGORITHMS); this->crypto->get_signature_algorithms(this->crypto, extensions); @@ -723,7 +723,7 @@ static status_t send_client_hello(private_tls_peer_t *this, if (!curves) { extensions->write_uint16(extensions, TLS_EXT_ELLIPTIC_CURVES); - curves = tls_writer_create(16); + curves = bio_writer_create(16); } curves->write_uint16(curves, curve); } @@ -741,11 +741,11 @@ static status_t send_client_hello(private_tls_peer_t *this, } if (this->server->get_type(this->server) == ID_FQDN) { - tls_writer_t *names; + bio_writer_t *names; DBG2(DBG_TLS, "sending Server Name Indication for '%Y'", this->server); - names = tls_writer_create(8); + names = bio_writer_create(8); names->write_uint8(names, TLS_NAME_TYPE_HOST_NAME); names->write_data16(names, this->server->get_encoding(this->server)); names->wrap16(names); @@ -769,7 +769,7 @@ static status_t send_client_hello(private_tls_peer_t *this, static private_key_t *find_private_key(private_tls_peer_t *this) { private_key_t *key = NULL; - tls_reader_t *reader; + bio_reader_t *reader; key_type_t type; u_int8_t cert; @@ -777,7 +777,7 @@ static private_key_t *find_private_key(private_tls_peer_t *this) { return NULL; } - reader = tls_reader_create(this->cert_types); + reader = bio_reader_create(this->cert_types); while (reader->remaining(reader) && reader->read_uint8(reader, &cert)) { switch (cert) @@ -806,12 +806,12 @@ static private_key_t *find_private_key(private_tls_peer_t *this) * Send Certificate */ static status_t send_certificate(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { enumerator_t *enumerator; certificate_t *cert; auth_rule_t rule; - tls_writer_t *certs; + bio_writer_t *certs; chunk_t data; this->private = find_private_key(this); @@ -823,7 +823,7 @@ static status_t send_certificate(private_tls_peer_t *this, } /* generate certificate payload */ - certs = tls_writer_create(256); + certs = bio_writer_create(256); if (this->peer) { cert = this->peer_auth->get(this->peer_auth, AUTH_RULE_SUBJECT_CERT); @@ -867,7 +867,7 @@ static status_t send_certificate(private_tls_peer_t *this, * Send client key exchange, using premaster encryption */ static status_t send_key_exchange_encrypt(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { public_key_t *public; rng_t *rng; @@ -919,7 +919,7 @@ static status_t send_key_exchange_encrypt(private_tls_peer_t *this, * Send client key exchange, using DHE exchange */ static status_t send_key_exchange_dhe(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { chunk_t premaster, pub; @@ -957,7 +957,7 @@ static status_t send_key_exchange_dhe(private_tls_peer_t *this, * Send client key exchange, depending on suite */ static status_t send_key_exchange(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { if (this->dh) { @@ -970,7 +970,7 @@ static status_t send_key_exchange(private_tls_peer_t *this, * Send certificate verify */ static status_t send_certificate_verify(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { if (!this->private || !this->crypto->sign_handshake(this->crypto, this->private, @@ -991,7 +991,7 @@ static status_t send_certificate_verify(private_tls_peer_t *this, * Send Finished */ static status_t send_finished(private_tls_peer_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { char buf[12]; @@ -1011,7 +1011,7 @@ static status_t send_finished(private_tls_peer_t *this, } METHOD(tls_handshake_t, build, status_t, - private_tls_peer_t *this, tls_handshake_type_t *type, tls_writer_t *writer) + private_tls_peer_t *this, tls_handshake_type_t *type, bio_writer_t *writer) { switch (this->state) { diff --git a/src/libtls/tls_server.c b/src/libtls/tls_server.c index b0417f6cb..b8b67adf4 100644 --- a/src/libtls/tls_server.c +++ b/src/libtls/tls_server.c @@ -192,11 +192,11 @@ static bool select_suite_and_key(private_tls_server_t *this, * Process client hello message */ static status_t process_client_hello(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { u_int16_t version, extension; chunk_t random, session, ciphers, compression, ext = chunk_empty; - tls_reader_t *extensions; + bio_reader_t *extensions; tls_cipher_suite_t *suites; int count, i; @@ -217,7 +217,7 @@ static status_t process_client_hello(private_tls_server_t *this, if (ext.len) { - extensions = tls_reader_create(ext); + extensions = bio_reader_create(ext); while (extensions->remaining(extensions)) { if (!extensions->read_uint16(extensions, &extension) || @@ -282,10 +282,10 @@ static status_t process_client_hello(private_tls_server_t *this, * Process certificate */ static status_t process_certificate(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { certificate_t *cert; - tls_reader_t *certs; + bio_reader_t *certs; chunk_t data; bool first = TRUE; @@ -298,7 +298,7 @@ static status_t process_certificate(private_tls_server_t *this, this->alert->add(this->alert, TLS_FATAL, TLS_DECODE_ERROR); return NEED_MORE; } - certs = tls_reader_create(data); + certs = bio_reader_create(data); while (certs->remaining(certs)) { if (!certs->read_data24(certs, &data)) @@ -342,7 +342,7 @@ static status_t process_certificate(private_tls_server_t *this, * Process Client Key Exchange, using premaster encryption */ static status_t process_key_exchange_encrypted(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { chunk_t encrypted, decrypted; char premaster[48]; @@ -402,7 +402,7 @@ static status_t process_key_exchange_encrypted(private_tls_server_t *this, * Process client key exchange, using DHE exchange */ static status_t process_key_exchange_dhe(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { chunk_t premaster, pub; bool ec; @@ -451,7 +451,7 @@ static status_t process_key_exchange_dhe(private_tls_server_t *this, * Process Client Key Exchange */ static status_t process_key_exchange(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { if (this->dh) { @@ -464,19 +464,19 @@ static status_t process_key_exchange(private_tls_server_t *this, * Process Certificate verify */ static status_t process_cert_verify(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { bool verified = FALSE; enumerator_t *enumerator; public_key_t *public; auth_cfg_t *auth; - tls_reader_t *sig; + bio_reader_t *sig; enumerator = lib->credmgr->create_public_enumerator(lib->credmgr, KEY_ANY, this->peer, this->peer_auth); while (enumerator->enumerate(enumerator, &public, &auth)) { - sig = tls_reader_create(reader->peek(reader)); + sig = bio_reader_create(reader->peek(reader)); verified = this->crypto->verify_handshake(this->crypto, public, sig); sig->destroy(sig); if (verified) @@ -505,7 +505,7 @@ static status_t process_cert_verify(private_tls_server_t *this, * Process finished message */ static status_t process_finished(private_tls_server_t *this, - tls_reader_t *reader) + bio_reader_t *reader) { chunk_t received; char buf[12]; @@ -535,7 +535,7 @@ static status_t process_finished(private_tls_server_t *this, } METHOD(tls_handshake_t, process, status_t, - private_tls_server_t *this, tls_handshake_type_t type, tls_reader_t *reader) + private_tls_server_t *this, tls_handshake_type_t type, bio_reader_t *reader) { tls_handshake_type_t expected; @@ -603,7 +603,7 @@ METHOD(tls_handshake_t, process, status_t, * Send ServerHello message */ static status_t send_server_hello(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { tls_version_t version; rng_t *rng; @@ -643,16 +643,16 @@ static status_t send_server_hello(private_tls_server_t *this, * Send Certificate */ static status_t send_certificate(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { enumerator_t *enumerator; certificate_t *cert; auth_rule_t rule; - tls_writer_t *certs; + bio_writer_t *certs; chunk_t data; /* generate certificate payload */ - certs = tls_writer_create(256); + certs = bio_writer_create(256); cert = this->server_auth->get(this->server_auth, AUTH_RULE_SUBJECT_CERT); if (cert) { @@ -693,15 +693,15 @@ static status_t send_certificate(private_tls_server_t *this, * Send Certificate Request */ static status_t send_certificate_request(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { - tls_writer_t *authorities, *supported; + bio_writer_t *authorities, *supported; enumerator_t *enumerator; certificate_t *cert; x509_t *x509; identification_t *id; - supported = tls_writer_create(4); + supported = bio_writer_create(4); /* we propose both RSA and ECDSA */ supported->write_uint8(supported, TLS_RSA_SIGN); supported->write_uint8(supported, TLS_ECDSA_SIGN); @@ -712,7 +712,7 @@ static status_t send_certificate_request(private_tls_server_t *this, this->crypto->get_signature_algorithms(this->crypto, writer); } - authorities = tls_writer_create(64); + authorities = bio_writer_create(64); enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr, CERT_X509, KEY_RSA, NULL, TRUE); while (enumerator->enumerate(enumerator, &cert)) @@ -763,14 +763,14 @@ static tls_named_curve_t ec_group_to_curve(private_tls_server_t *this, */ bool peer_supports_curve(private_tls_server_t *this, tls_named_curve_t curve) { - tls_reader_t *reader; + bio_reader_t *reader; u_int16_t current; if (!this->curves_received) { /* none received, assume yes */ return TRUE; } - reader = tls_reader_create(this->curves); + reader = bio_reader_create(this->curves); while (reader->remaining(reader) && reader->read_uint16(reader, ¤t)) { if (current == curve) @@ -810,7 +810,7 @@ static bool find_supported_curve(private_tls_server_t *this, * Send Server key Exchange */ static status_t send_server_key_exchange(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer, + tls_handshake_type_t *type, bio_writer_t *writer, diffie_hellman_group_t group) { diffie_hellman_params_t *params = NULL; @@ -887,7 +887,7 @@ static status_t send_server_key_exchange(private_tls_server_t *this, * Send Hello Done */ static status_t send_hello_done(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { *type = TLS_SERVER_HELLO_DONE; this->state = STATE_HELLO_DONE; @@ -899,7 +899,7 @@ static status_t send_hello_done(private_tls_server_t *this, * Send Finished */ static status_t send_finished(private_tls_server_t *this, - tls_handshake_type_t *type, tls_writer_t *writer) + tls_handshake_type_t *type, bio_writer_t *writer) { char buf[12]; @@ -921,7 +921,7 @@ static status_t send_finished(private_tls_server_t *this, } METHOD(tls_handshake_t, build, status_t, - private_tls_server_t *this, tls_handshake_type_t *type, tls_writer_t *writer) + private_tls_server_t *this, tls_handshake_type_t *type, bio_writer_t *writer) { diffie_hellman_group_t group; diff --git a/src/libtls/tls_socket.c b/src/libtls/tls_socket.c index e0c440a4c..691a8e79f 100644 --- a/src/libtls/tls_socket.c +++ b/src/libtls/tls_socket.c @@ -67,7 +67,7 @@ struct private_tls_socket_t { }; METHOD(tls_application_t, process, status_t, - private_tls_application_t *this, tls_reader_t *reader) + private_tls_application_t *this, bio_reader_t *reader) { chunk_t data; @@ -80,7 +80,7 @@ METHOD(tls_application_t, process, status_t, } METHOD(tls_application_t, build, status_t, - private_tls_application_t *this, tls_writer_t *writer) + private_tls_application_t *this, bio_writer_t *writer) { if (this->out.len) { |