From 221f9bd1469de9248b0233d366cdc2f0613fc182 Mon Sep 17 00:00:00 2001
From: lloyd <lloyd@randombit.net>
Date: Tue, 19 Oct 2010 04:39:26 +0000
Subject: Run MAC as standalone object instead of running it through a Pipe at
 record layer.

---
 src/ssl/rec_wri.cpp | 48 ++++++++++++++++++++++--------------------------
 1 file changed, 22 insertions(+), 26 deletions(-)

(limited to 'src/ssl/rec_wri.cpp')

diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
index 57eb62f6e..f3525a7d1 100644
--- a/src/ssl/rec_wri.cpp
+++ b/src/ssl/rec_wri.cpp
@@ -19,6 +19,7 @@ namespace Botan {
 Record_Writer::Record_Writer(Socket& sock) :
    socket(sock), buffer(DEFAULT_BUFFERSIZE)
    {
+   mac = 0;
    reset();
    }
 
@@ -28,7 +29,9 @@ Record_Writer::Record_Writer(Socket& sock) :
 void Record_Writer::reset()
    {
    cipher.reset();
-   mac.reset();
+
+   delete mac;
+   mac = 0;
 
    zeroise(buffer);
    buf_pos = 0;
@@ -60,7 +63,8 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
                              Connection_Side side)
    {
    cipher.reset();
-   mac.reset();
+   delete mac;
+   mac = 0;
 
    SymmetricKey mac_key, cipher_key;
    InitializationVector iv;
@@ -105,25 +109,20 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
 
    if(have_hash(mac_algo))
       {
+      Algorithm_Factory& af = global_state().algorithm_factory();
+
       if(major == 3 && minor == 0)
-         mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key));
+         mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
       else
-         mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key));
+         mac = af.make_mac("HMAC(" + mac_algo + ")");
 
-      mac_size = output_length_of(mac_algo);
+      mac->set_key(mac_key);
+      mac_size = mac->output_length();
       }
    else
       throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
    }
 
-/**
-* Send one or more records to the other side
-*/
-void Record_Writer::send(byte type, byte input)
-   {
-   send(type, &input, 1);
-   }
-
 /**
 * Send one or more records to the other side
 */
@@ -189,26 +188,23 @@ void Record_Writer::send_record(byte type, const byte buf[], size_t length)
       send_record(type, major, minor, buf, length);
    else
       {
-      mac.start_msg();
-      for(size_t i = 0; i != 8; ++i)
-         mac.write(get_byte(i, seq_no));
-      mac.write(type);
+
+      mac->update_be(seq_no);
+      mac->update(type);
 
       if(major > 3 || (major == 3 && minor != 0))
          {
-         mac.write(major);
-         mac.write(minor);
+         mac->update(major);
+         mac->update(minor);
          }
 
-      mac.write(get_byte<u16bit>(0, length));
-      mac.write(get_byte<u16bit>(1, length));
-      mac.write(buf, length);
-      mac.end_msg();
+      mac->update(get_byte<u16bit>(0, length));
+      mac->update(get_byte<u16bit>(1, length));
+      mac->update(buf, length);
 
-      // TODO: This could all use a single buffer
-
-      SecureVector<byte> buf_mac = mac.read_all(Pipe::LAST_MESSAGE);
+      SecureVector<byte> buf_mac = mac->final();
 
+      // TODO: This could all use a single buffer
       cipher.start_msg();
 
       if(iv_size)
-- 
cgit v1.2.3