aboutsummaryrefslogtreecommitdiffstats
path: root/src/ssl
diff options
context:
space:
mode:
Diffstat (limited to 'src/ssl')
-rw-r--r--src/ssl/rec_read.cpp33
-rw-r--r--src/ssl/rec_wri.cpp48
-rw-r--r--src/ssl/tls_record.h23
3 files changed, 56 insertions, 48 deletions
diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp
index e34359862..042aae0c9 100644
--- a/src/ssl/rec_read.cpp
+++ b/src/ssl/rec_read.cpp
@@ -17,7 +17,10 @@ namespace Botan {
void Record_Reader::reset()
{
cipher.reset();
- mac.reset();
+
+ delete mac;
+ mac = 0;
+
mac_size = 0;
block_size = 0;
iv_size = 0;
@@ -44,7 +47,8 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys,
Connection_Side side)
{
cipher.reset();
- mac.reset();
+ delete mac;
+ mac = 0;
SymmetricKey mac_key, cipher_key;
InitializationVector iv;
@@ -89,12 +93,15 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys,
if(have_hash(mac_algo))
{
+ Algorithm_Factory& af = global_state().algorithm_factory();
+
if(major == 3 && minor == 0)
- mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
else
- mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("HMAC(" + mac_algo + ")");
- mac_size = output_length_of(mac_algo);
+ mac->set_key(mac_key);
+ mac_size = mac->output_length();
}
else
throw Invalid_Argument("Record_Reader: Unknown hash " + mac_algo);
@@ -221,23 +228,19 @@ size_t Record_Reader::get_record(byte& msg_type,
const u16bit plain_length = plaintext.size() - (mac_size + pad_size + iv_size);
- mac.start_msg();
- for(size_t i = 0; i != 8; ++i)
- mac.write(get_byte(i, seq_no));
- mac.write(header[0]); // msg_type
+ mac->update_be(seq_no);
+ mac->update(header[0]); // msg_type
if(version != SSL_V3)
for(size_t i = 0; i != 2; ++i)
- mac.write(get_byte(i, version));
+ mac->update(get_byte(i, version));
- for(size_t i = 0; i != 2; ++i)
- mac.write(get_byte(i, plain_length));
- mac.write(&plaintext[iv_size], plain_length);
- mac.end_msg();
+ mac->update_be(plain_length);
+ mac->update(&plaintext[iv_size], plain_length);
++seq_no;
- SecureVector<byte> computed_mac = mac.read_all(Pipe::LAST_MESSAGE);
+ SecureVector<byte> computed_mac = mac->final();
if(recieved_mac != computed_mac)
throw TLS_Exception(BAD_RECORD_MAC, "Record_Reader: MAC failure");
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
index 57eb62f6e..f3525a7d1 100644
--- a/src/ssl/rec_wri.cpp
+++ b/src/ssl/rec_wri.cpp
@@ -19,6 +19,7 @@ namespace Botan {
Record_Writer::Record_Writer(Socket& sock) :
socket(sock), buffer(DEFAULT_BUFFERSIZE)
{
+ mac = 0;
reset();
}
@@ -28,7 +29,9 @@ Record_Writer::Record_Writer(Socket& sock) :
void Record_Writer::reset()
{
cipher.reset();
- mac.reset();
+
+ delete mac;
+ mac = 0;
zeroise(buffer);
buf_pos = 0;
@@ -60,7 +63,8 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
Connection_Side side)
{
cipher.reset();
- mac.reset();
+ delete mac;
+ mac = 0;
SymmetricKey mac_key, cipher_key;
InitializationVector iv;
@@ -105,12 +109,15 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
if(have_hash(mac_algo))
{
+ Algorithm_Factory& af = global_state().algorithm_factory();
+
if(major == 3 && minor == 0)
- mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
else
- mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("HMAC(" + mac_algo + ")");
- mac_size = output_length_of(mac_algo);
+ mac->set_key(mac_key);
+ mac_size = mac->output_length();
}
else
throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
@@ -119,14 +126,6 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
/**
* Send one or more records to the other side
*/
-void Record_Writer::send(byte type, byte input)
- {
- send(type, &input, 1);
- }
-
-/**
-* Send one or more records to the other side
-*/
void Record_Writer::send(byte type, const byte input[], size_t length)
{
if(type != buf_type)
@@ -189,26 +188,23 @@ void Record_Writer::send_record(byte type, const byte buf[], size_t length)
send_record(type, major, minor, buf, length);
else
{
- mac.start_msg();
- for(size_t i = 0; i != 8; ++i)
- mac.write(get_byte(i, seq_no));
- mac.write(type);
+
+ mac->update_be(seq_no);
+ mac->update(type);
if(major > 3 || (major == 3 && minor != 0))
{
- mac.write(major);
- mac.write(minor);
+ mac->update(major);
+ mac->update(minor);
}
- mac.write(get_byte<u16bit>(0, length));
- mac.write(get_byte<u16bit>(1, length));
- mac.write(buf, length);
- mac.end_msg();
+ mac->update(get_byte<u16bit>(0, length));
+ mac->update(get_byte<u16bit>(1, length));
+ mac->update(buf, length);
- // TODO: This could all use a single buffer
-
- SecureVector<byte> buf_mac = mac.read_all(Pipe::LAST_MESSAGE);
+ SecureVector<byte> buf_mac = mac->final();
+ // TODO: This could all use a single buffer
cipher.start_msg();
if(iv_size)
diff --git a/src/ssl/tls_record.h b/src/ssl/tls_record.h
index d39f1b557..7ad866c6e 100644
--- a/src/ssl/tls_record.h
+++ b/src/ssl/tls_record.h
@@ -12,6 +12,7 @@
#include <botan/tls_suites.h>
#include <botan/socket.h>
#include <botan/pipe.h>
+#include <botan/mac.h>
#include <botan/secqueue.h>
#include <vector>
@@ -23,8 +24,9 @@ namespace Botan {
class BOTAN_DLL Record_Writer
{
public:
- void send(byte, const byte[], size_t);
- void send(byte, byte);
+ void send(byte type, const byte input[], size_t length);
+ void send(byte type, byte val) { send(type, &val, 1); }
+
void flush();
void alert(Alert_Level, Alert_Type);
@@ -37,12 +39,16 @@ class BOTAN_DLL Record_Writer
Record_Writer(Socket& socket);
+ ~Record_Writer() { delete mac; }
private:
- void send_record(byte, const byte[], size_t);
- void send_record(byte, byte, byte, const byte[], size_t);
+ void send_record(byte type, const byte input[], size_t length);
+ void send_record(byte type, byte major, byte minor,
+ const byte input[], size_t length);
Socket& socket;
- Pipe cipher, mac;
+ Pipe cipher;
+ MessageAuthenticationCode* mac;
+
SecureVector<byte> buffer;
size_t buf_pos;
@@ -78,11 +84,14 @@ class BOTAN_DLL Record_Reader
void reset();
- Record_Reader() { reset(); }
+ Record_Reader() { mac = 0; reset(); }
+
+ ~Record_Reader() { delete mac; }
private:
SecureQueue input_queue;
- Pipe cipher, mac;
+ Pipe cipher;
+ MessageAuthenticationCode* mac;
size_t block_size, mac_size, iv_size;
u64bit seq_no;
byte major, minor;