diff options
| author | lloyd <[email protected]> | 2010-10-19 04:39:26 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2010-10-19 04:39:26 +0000 |
| commit | 221f9bd1469de9248b0233d366cdc2f0613fc182 (patch) | |
| tree | 5235110a35cabb937e35f2f6b3a3d96b736aed1d /src/ssl/rec_wri.cpp | |
| parent | 62de0178bcf2933be7c62af47490ea48dee8bc3e (diff) | |
Run MAC as standalone object instead of running it through a Pipe at
record layer.
Diffstat (limited to 'src/ssl/rec_wri.cpp')
| -rw-r--r-- | src/ssl/rec_wri.cpp | 48 |
1 files changed, 22 insertions, 26 deletions
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp index 57eb62f6e..f3525a7d1 100644 --- a/src/ssl/rec_wri.cpp +++ b/src/ssl/rec_wri.cpp @@ -19,6 +19,7 @@ namespace Botan { Record_Writer::Record_Writer(Socket& sock) : socket(sock), buffer(DEFAULT_BUFFERSIZE) { + mac = 0; reset(); } @@ -28,7 +29,9 @@ Record_Writer::Record_Writer(Socket& sock) : void Record_Writer::reset() { cipher.reset(); - mac.reset(); + + delete mac; + mac = 0; zeroise(buffer); buf_pos = 0; @@ -60,7 +63,8 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys, Connection_Side side) { cipher.reset(); - mac.reset(); + delete mac; + mac = 0; SymmetricKey mac_key, cipher_key; InitializationVector iv; @@ -105,12 +109,15 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys, if(have_hash(mac_algo)) { + Algorithm_Factory& af = global_state().algorithm_factory(); + if(major == 3 && minor == 0) - mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key)); + mac = af.make_mac("SSL3-MAC(" + mac_algo + ")"); else - mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key)); + mac = af.make_mac("HMAC(" + mac_algo + ")"); - mac_size = output_length_of(mac_algo); + mac->set_key(mac_key); + mac_size = mac->output_length(); } else throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo); @@ -119,14 +126,6 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys, /** * Send one or more records to the other side */ -void Record_Writer::send(byte type, byte input) - { - send(type, &input, 1); - } - -/** -* Send one or more records to the other side -*/ void Record_Writer::send(byte type, const byte input[], size_t length) { if(type != buf_type) @@ -189,26 +188,23 @@ void Record_Writer::send_record(byte type, const byte buf[], size_t length) send_record(type, major, minor, buf, length); else { - mac.start_msg(); - for(size_t i = 0; i != 8; ++i) - mac.write(get_byte(i, seq_no)); - mac.write(type); + + mac->update_be(seq_no); + mac->update(type); if(major > 3 || (major == 3 && minor != 0)) { - mac.write(major); - mac.write(minor); + mac->update(major); + mac->update(minor); } - mac.write(get_byte<u16bit>(0, length)); - mac.write(get_byte<u16bit>(1, length)); - mac.write(buf, length); - mac.end_msg(); + mac->update(get_byte<u16bit>(0, length)); + mac->update(get_byte<u16bit>(1, length)); + mac->update(buf, length); - // TODO: This could all use a single buffer - - SecureVector<byte> buf_mac = mac.read_all(Pipe::LAST_MESSAGE); + SecureVector<byte> buf_mac = mac->final(); + // TODO: This could all use a single buffer cipher.start_msg(); if(iv_size) |