diff options
| author | lloyd <[email protected]> | 2012-12-07 13:42:43 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-12-07 13:42:43 +0000 |
| commit | 0011d342f3e1c589bd226c3637c10c15b2b7cf73 (patch) | |
| tree | 59298c58a3f9555344d6920fcc268b61504f2af6 | |
| parent | 990b962b8f91717db6654c209c9a91e2440d1442 (diff) | |
| parent | 12c128c1fbb483ae9042b47fc544adf0e55d0693 (diff) | |
merge of '89aeac10a9f26bde460f79731880bb728caf6312'
and 'e13b86dad266d168e462d0f0fe87e9e5f94e36a6'
56 files changed, 229 insertions, 88 deletions
diff --git a/checks/tls.cpp b/checks/tls.cpp index 7fd2b3993..f39316c7d 100644 --- a/checks/tls.cpp +++ b/checks/tls.cpp @@ -25,15 +25,15 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager m_ca_cert(ca_cert), m_key(server_key) { + m_stores.push_back(new Certificate_Store_In_Memory); + m_stores[0]->add_certificate(m_ca_cert); } - std::vector<X509_Certificate> + std::vector<Certificate_Store*> trusted_certificate_authorities(const std::string&, const std::string&) override { - std::vector<X509_Certificate> certs; - certs.push_back(m_ca_cert); - return certs; + return m_stores; } std::vector<X509_Certificate> cert_chain( @@ -86,6 +86,7 @@ class Credentials_Manager_Test : public Botan::Credentials_Manager public: X509_Certificate m_server_cert, m_ca_cert; Private_Key* m_key; + std::vector<Certificate_Store*> m_stores; }; Credentials_Manager* create_creds(RandomNumberGenerator& rng) diff --git a/src/alloc/secmem.h b/src/alloc/secmem.h index 537f0ef44..2f4d65f33 100644 --- a/src/alloc/secmem.h +++ b/src/alloc/secmem.h @@ -168,6 +168,18 @@ void zeroise(std::vector<T, Alloc>& vec) clear_mem(&vec[0], vec.size()); } +/** +* Zeroise the values then free the memory +* @param vec the vector to zeroise and free +*/ +template<typename T, typename Alloc> +void zap(std::vector<T, Alloc>& vec) + { + zeroise(vec); + vec.clear(); + vec.shrink_to_fit(); + } + } #endif diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp index 6a706fd24..232d0dc0a 100644 --- a/src/block/aes/aes.cpp +++ b/src/block/aes/aes.cpp @@ -693,10 +693,10 @@ void AES_128::key_schedule(const byte key[], size_t length) void AES_128::clear() { - zeroise(EK); - zeroise(DK); - zeroise(ME); - zeroise(MD); + zap(EK); + zap(DK); + zap(ME); + zap(MD); } void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const @@ -716,10 +716,10 @@ void AES_192::key_schedule(const byte key[], size_t length) void AES_192::clear() { - zeroise(EK); - zeroise(DK); - zeroise(ME); - zeroise(MD); + zap(EK); + zap(DK); + zap(ME); + zap(MD); } void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const @@ -739,10 +739,10 @@ void AES_256::key_schedule(const byte key[], size_t length) void AES_256::clear() { - zeroise(EK); - zeroise(DK); - zeroise(ME); - zeroise(MD); + zap(EK); + zap(DK); + zap(ME); + zap(MD); } } diff --git a/src/block/aes_ni/aes_ni.cpp b/src/block/aes_ni/aes_ni.cpp index 4dca6c7f2..c6567518e 100644 --- a/src/block/aes_ni/aes_ni.cpp +++ b/src/block/aes_ni/aes_ni.cpp @@ -257,6 +257,9 @@ void AES_128_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const */ void AES_128_NI::key_schedule(const byte key[], size_t) { + EK.resize(44); + DK.resize(44); + #define AES_128_key_exp(K, RCON) \ aes_128_key_expansion(K, _mm_aeskeygenassist_si128(K, RCON)) @@ -306,8 +309,8 @@ void AES_128_NI::key_schedule(const byte key[], size_t) */ void AES_128_NI::clear() { - zeroise(EK); - zeroise(DK); + zap(EK); + zap(DK); } /* @@ -479,6 +482,9 @@ void AES_192_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const */ void AES_192_NI::key_schedule(const byte key[], size_t) { + EK.resize(52); + DK.resize(52); + __m128i K0 = _mm_loadu_si128((const __m128i*)(key)); __m128i K1 = _mm_loadu_si128((const __m128i*)(key + 8)); K1 = _mm_srli_si128(K1, 8); @@ -525,8 +531,8 @@ void AES_192_NI::key_schedule(const byte key[], size_t) */ void AES_192_NI::clear() { - zeroise(EK); - zeroise(DK); + zap(EK); + zap(DK); } /* @@ -710,6 +716,9 @@ void AES_256_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const */ void AES_256_NI::key_schedule(const byte key[], size_t) { + EK.resize(60); + DK.resize(60); + __m128i K0 = _mm_loadu_si128((const __m128i*)(key)); __m128i K1 = _mm_loadu_si128((const __m128i*)(key + 16)); @@ -751,7 +760,6 @@ void AES_256_NI::key_schedule(const byte key[], size_t) _mm_storeu_si128(EK_mm + 14, K14); // Now generate decryption keys - __m128i* DK_mm = (__m128i*)&DK[0]; _mm_storeu_si128(DK_mm , K14); _mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(K13)); @@ -775,8 +783,8 @@ void AES_256_NI::key_schedule(const byte key[], size_t) */ void AES_256_NI::clear() { - zeroise(EK); - zeroise(DK); + zap(EK); + zap(DK); } #undef AES_ENC_4_ROUNDS diff --git a/src/block/aes_ni/aes_ni.h b/src/block/aes_ni/aes_ni.h index 4844b7fe8..aac6b0808 100644 --- a/src/block/aes_ni/aes_ni.h +++ b/src/block/aes_ni/aes_ni.h @@ -26,8 +26,6 @@ class BOTAN_DLL AES_128_NI : public Block_Cipher_Fixed_Params<16, 16> void clear(); std::string name() const { return "AES-128"; } BlockCipher* clone() const { return new AES_128_NI; } - - AES_128_NI() : EK(44), DK(44) { } private: void key_schedule(const byte[], size_t); @@ -48,8 +46,6 @@ class BOTAN_DLL AES_192_NI : public Block_Cipher_Fixed_Params<16, 24> void clear(); std::string name() const { return "AES-192"; } BlockCipher* clone() const { return new AES_192_NI; } - - AES_192_NI() : EK(52), DK(52) { } private: void key_schedule(const byte[], size_t); @@ -70,8 +66,6 @@ class BOTAN_DLL AES_256_NI : public Block_Cipher_Fixed_Params<16, 32> void clear(); std::string name() const { return "AES-256"; } BlockCipher* clone() const { return new AES_256_NI; } - - AES_256_NI() : EK(60), DK(60) { } private: void key_schedule(const byte[], size_t); diff --git a/src/block/aes_ssse3/aes_ssse3.cpp b/src/block/aes_ssse3/aes_ssse3.cpp index 648f96d67..476b004bb 100644 --- a/src/block/aes_ssse3/aes_ssse3.cpp +++ b/src/block/aes_ssse3/aes_ssse3.cpp @@ -406,6 +406,12 @@ void AES_128_SSSE3::key_schedule(const byte keyb[], size_t) _mm_storeu_si128(DK_mm, aes_schedule_mangle_last_dec(key)); } +void AES_128_SSSE3::clear() + { + zap(EK); + zap(DK); + } + /* * AES-192 Encryption */ @@ -507,6 +513,11 @@ void AES_192_SSSE3::key_schedule(const byte keyb[], size_t) } } +void AES_192_SSSE3::clear() + { + zap(EK); + zap(DK); + } /* * AES-256 Encryption @@ -588,4 +599,10 @@ void AES_256_SSSE3::key_schedule(const byte keyb[], size_t) _mm_storeu_si128(DK_mm + 0, aes_schedule_mangle_last_dec(key2)); } +void AES_256_SSSE3::clear() + { + zap(EK); + zap(DK); + } + } diff --git a/src/block/aes_ssse3/aes_ssse3.h b/src/block/aes_ssse3/aes_ssse3.h index 46bae1450..938abeae3 100644 --- a/src/block/aes_ssse3/aes_ssse3.h +++ b/src/block/aes_ssse3/aes_ssse3.h @@ -21,7 +21,7 @@ class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { zeroise(EK); zeroise(DK); } + void clear(); std::string name() const { return "AES-128"; } BlockCipher* clone() const { return new AES_128_SSSE3; } private: @@ -39,7 +39,7 @@ class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { zeroise(EK); zeroise(DK); } + void clear(); std::string name() const { return "AES-192"; } BlockCipher* clone() const { return new AES_192_SSSE3; } private: @@ -57,7 +57,7 @@ class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { zeroise(EK); zeroise(DK); } + void clear(); std::string name() const { return "AES-256"; } BlockCipher* clone() const { return new AES_256_SSSE3; } private: diff --git a/src/block/blowfish/blowfish.cpp b/src/block/blowfish/blowfish.cpp index 5e882b16a..c758a6a31 100644 --- a/src/block/blowfish/blowfish.cpp +++ b/src/block/blowfish/blowfish.cpp @@ -187,8 +187,8 @@ void Blowfish::generate_sbox(secure_vector<u32bit>& box, */ void Blowfish::clear() { - P.clear(); - S.clear(); + zap(P); + zap(S); } } diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp index bea5d4c51..a5d70d736 100644 --- a/src/block/camellia/camellia.cpp +++ b/src/block/camellia/camellia.cpp @@ -376,4 +376,19 @@ void Camellia_256::key_schedule(const byte key[], size_t length) Camellia_F::key_schedule(SK, key, length); } +void Camellia_128::clear() + { + zap(SK); + } + +void Camellia_192::clear() + { + zap(SK); + } + +void Camellia_256::clear() + { + zap(SK); + } + } diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h index 4db115f2c..09f420765 100644 --- a/src/block/camellia/camellia.h +++ b/src/block/camellia/camellia.h @@ -21,7 +21,7 @@ class BOTAN_DLL Camellia_128 : public Block_Cipher_Fixed_Params<16, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { SK.clear(); } + void clear(); std::string name() const { return "Camellia-128"; } BlockCipher* clone() const { return new Camellia_128; } private: @@ -39,7 +39,7 @@ class BOTAN_DLL Camellia_192 : public Block_Cipher_Fixed_Params<16, 24> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { SK.clear(); } + void clear(); std::string name() const { return "Camellia-192"; } BlockCipher* clone() const { return new Camellia_192; } private: @@ -57,7 +57,7 @@ class BOTAN_DLL Camellia_256 : public Block_Cipher_Fixed_Params<16, 32> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { SK.clear(); } + void clear(); std::string name() const { return "Camellia-256"; } BlockCipher* clone() const { return new Camellia_256; } private: diff --git a/src/block/cast/cast128.cpp b/src/block/cast/cast128.cpp index d64523c8b..348f51220 100644 --- a/src/block/cast/cast128.cpp +++ b/src/block/cast/cast128.cpp @@ -134,6 +134,12 @@ void CAST_128::key_schedule(const byte key[], size_t length) RK[i] = RK32[i] % 32; } +void CAST_128::clear() + { + zap(MK); + zap(RK); + } + /* * S-Box Based Key Expansion */ diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h index f3f23b14a..a5dd0ba5d 100644 --- a/src/block/cast/cast128.h +++ b/src/block/cast/cast128.h @@ -21,7 +21,7 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { MK.clear(); RK.clear(); } + void clear(); std::string name() const { return "CAST-128"; } BlockCipher* clone() const { return new CAST_128; } diff --git a/src/block/cast/cast256.cpp b/src/block/cast/cast256.cpp index 9476d3faf..1a854ffa9 100644 --- a/src/block/cast/cast256.cpp +++ b/src/block/cast/cast256.cpp @@ -178,4 +178,10 @@ void CAST_256::key_schedule(const byte key[], size_t length) } } +void CAST_256::clear() + { + zap(MK); + zap(RK); + } + } diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h index 4f31f187d..51af48cfe 100644 --- a/src/block/cast/cast256.h +++ b/src/block/cast/cast256.h @@ -21,7 +21,7 @@ class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { MK.clear(); RK.clear(); } + void clear(); std::string name() const { return "CAST-256"; } BlockCipher* clone() const { return new CAST_256; } private: diff --git a/src/block/des/des.cpp b/src/block/des/des.cpp index 2f0a3635d..a87b4d6bc 100644 --- a/src/block/des/des.cpp +++ b/src/block/des/des.cpp @@ -210,6 +210,11 @@ void DES::key_schedule(const byte key[], size_t) des_key_schedule(&round_key[0], key); } +void DES::clear() + { + zap(round_key); + } + /* * TripleDES Encryption */ @@ -291,4 +296,9 @@ void TripleDES::key_schedule(const byte key[], size_t length) copy_mem(&round_key[64], &round_key[0], 32); } +void TripleDES::clear() + { + zap(round_key); + } + } diff --git a/src/block/des/des.h b/src/block/des/des.h index fc42cfee5..4f3811bcf 100644 --- a/src/block/des/des.h +++ b/src/block/des/des.h @@ -21,7 +21,7 @@ class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { round_key.clear(); } + void clear(); std::string name() const { return "DES"; } BlockCipher* clone() const { return new DES; } private: @@ -39,11 +39,9 @@ class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { round_key.clear(); } + void clear(); std::string name() const { return "TripleDES"; } BlockCipher* clone() const { return new TripleDES; } - - TripleDES() : round_key(96) {} private: void key_schedule(const byte[], size_t); diff --git a/src/block/des/desx.cpp b/src/block/des/desx.cpp index 7f68e406a..879e73ee9 100644 --- a/src/block/des/desx.cpp +++ b/src/block/des/desx.cpp @@ -52,4 +52,11 @@ void DESX::key_schedule(const byte key[], size_t) K2.assign(key + 16, key + 24); } +void DESX::clear() + { + des.clear(); + zap(K1); + zap(K2); + } + } diff --git a/src/block/des/desx.h b/src/block/des/desx.h index 4ff41328f..aeda3f3c4 100644 --- a/src/block/des/desx.h +++ b/src/block/des/desx.h @@ -21,7 +21,7 @@ class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { des.clear(); K1.clear(); K2.clear(); } + void clear(); std::string name() const { return "DESX"; } BlockCipher* clone() const { return new DESX; } private: diff --git a/src/block/gost_28147/gost_28147.cpp b/src/block/gost_28147/gost_28147.cpp index db144a81f..09ca9a57e 100644 --- a/src/block/gost_28147/gost_28147.cpp +++ b/src/block/gost_28147/gost_28147.cpp @@ -169,4 +169,9 @@ void GOST_28147_89::key_schedule(const byte key[], size_t) EK[i] = load_le<u32bit>(key, i); } +void GOST_28147_89::clear() + { + zap(EK); + } + } diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h index 7c77fea06..34b99197e 100644 --- a/src/block/gost_28147/gost_28147.h +++ b/src/block/gost_28147/gost_28147.h @@ -55,7 +55,7 @@ class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); } + void clear(); std::string name() const; BlockCipher* clone() const { return new GOST_28147_89(SBOX); } diff --git a/src/block/idea/idea.cpp b/src/block/idea/idea.cpp index 15062abdf..61a938c57 100644 --- a/src/block/idea/idea.cpp +++ b/src/block/idea/idea.cpp @@ -160,4 +160,10 @@ void IDEA::key_schedule(const byte key[], size_t) DK[0] = mul_inv(EK[48]); } +void IDEA::clear() + { + zap(EK); + zap(DK); + } + } diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h index 03ecb1f03..da5dc4cb6 100644 --- a/src/block/idea/idea.h +++ b/src/block/idea/idea.h @@ -21,7 +21,7 @@ class BOTAN_DLL IDEA : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); DK.clear(); } + void clear(); std::string name() const { return "IDEA"; } BlockCipher* clone() const { return new IDEA; } protected: diff --git a/src/block/kasumi/kasumi.cpp b/src/block/kasumi/kasumi.cpp index ae21338c6..69f146ebb 100644 --- a/src/block/kasumi/kasumi.cpp +++ b/src/block/kasumi/kasumi.cpp @@ -226,4 +226,9 @@ void KASUMI::key_schedule(const byte key[], size_t) } } +void KASUMI::clear() + { + zap(EK); + } + } diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h index 571085612..b91a2eb77 100644 --- a/src/block/kasumi/kasumi.h +++ b/src/block/kasumi/kasumi.h @@ -21,7 +21,7 @@ class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); } + void clear(); std::string name() const { return "KASUMI"; } BlockCipher* clone() const { return new KASUMI; } private: diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp index 9026f194a..bba48c89f 100644 --- a/src/block/lion/lion.cpp +++ b/src/block/lion/lion.cpp @@ -99,8 +99,8 @@ BlockCipher* Lion::clone() const */ void Lion::clear() { - key1.clear(); - key2.clear(); + zap(key1); + zap(key2); hash->clear(); cipher->clear(); } diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp index 77f2a7542..9be079003 100644 --- a/src/block/lubyrack/lubyrack.cpp +++ b/src/block/lubyrack/lubyrack.cpp @@ -98,8 +98,8 @@ void LubyRackoff::key_schedule(const byte key[], size_t length) */ void LubyRackoff::clear() { - K1.clear(); - K2.clear(); + zap(K1); + zap(K2); hash->clear(); } diff --git a/src/block/mars/mars.cpp b/src/block/mars/mars.cpp index 5badc40cc..ca4e6f5c7 100644 --- a/src/block/mars/mars.cpp +++ b/src/block/mars/mars.cpp @@ -385,4 +385,9 @@ void MARS::key_schedule(const byte key[], size_t length) } } +void MARS::clear() + { + zap(EK); + } + } diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h index 488ea1b83..90f6480e6 100644 --- a/src/block/mars/mars.h +++ b/src/block/mars/mars.h @@ -21,7 +21,7 @@ class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); } + void clear(); std::string name() const { return "MARS"; } BlockCipher* clone() const { return new MARS; } private: diff --git a/src/block/misty1/misty1.cpp b/src/block/misty1/misty1.cpp index 97f1e0341..98f20eee8 100644 --- a/src/block/misty1/misty1.cpp +++ b/src/block/misty1/misty1.cpp @@ -251,6 +251,12 @@ void MISTY1::key_schedule(const byte key[], size_t length) } } +void MISTY1::clear() + { + zap(EK); + zap(DK); + } + /* * MISTY1 Constructor */ diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h index 81324a0b2..40917b08b 100644 --- a/src/block/misty1/misty1.h +++ b/src/block/misty1/misty1.h @@ -21,7 +21,7 @@ class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); DK.clear(); } + void clear(); std::string name() const { return "MISTY1"; } BlockCipher* clone() const { return new MISTY1; } diff --git a/src/block/noekeon/noekeon.cpp b/src/block/noekeon/noekeon.cpp index 3929d57d1..53e67e5e6 100644 --- a/src/block/noekeon/noekeon.cpp +++ b/src/block/noekeon/noekeon.cpp @@ -205,8 +205,8 @@ void Noekeon::key_schedule(const byte key[], size_t) */ void Noekeon::clear() { - EK.clear(); - DK.clear(); + zap(EK); + zap(DK); } } diff --git a/src/block/rc2/rc2.cpp b/src/block/rc2/rc2.cpp index 548c2f095..d7c76a7a6 100644 --- a/src/block/rc2/rc2.cpp +++ b/src/block/rc2/rc2.cpp @@ -139,6 +139,11 @@ void RC2::key_schedule(const byte key[], size_t length) load_le<u16bit>(&K[0], &L[0], 64); } +void RC2::clear() + { + zap(K); + } + /* * Return the code of the effective key bits */ diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h index 223c48792..ae41c9ce2 100644 --- a/src/block/rc2/rc2.h +++ b/src/block/rc2/rc2.h @@ -28,7 +28,7 @@ class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32> */ static byte EKB_code(size_t bits); - void clear() { K.clear(); } + void clear(); std::string name() const { return "RC2"; } BlockCipher* clone() const { return new RC2; } private: diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp index fe558076a..f370e6cfb 100644 --- a/src/block/rc5/rc5.cpp +++ b/src/block/rc5/rc5.cpp @@ -109,6 +109,11 @@ void RC5::key_schedule(const byte key[], size_t length) } } +void RC5::clear() + { + zap(S); + } + /* * Return the name of this type */ diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h index 2279260a3..9055974e5 100644 --- a/src/block/rc5/rc5.h +++ b/src/block/rc5/rc5.h @@ -21,7 +21,7 @@ class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { S.clear(); } + void clear(); std::string name() const; BlockCipher* clone() const { return new RC5(rounds); } diff --git a/src/block/rc6/rc6.cpp b/src/block/rc6/rc6.cpp index 5a6c1091d..01255954d 100644 --- a/src/block/rc6/rc6.cpp +++ b/src/block/rc6/rc6.cpp @@ -137,4 +137,9 @@ void RC6::key_schedule(const byte key[], size_t length) } } +void RC6::clear() + { + zap(S); + } + } diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h index e30a267e6..4331c3e0f 100644 --- a/src/block/rc6/rc6.h +++ b/src/block/rc6/rc6.h @@ -21,7 +21,7 @@ class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { S.clear(); } + void clear(); std::string name() const { return "RC6"; } BlockCipher* clone() const { return new RC6; } private: diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp index 1b79b3c2c..3e93ab8cf 100644 --- a/src/block/safer/safer_sk.cpp +++ b/src/block/safer/safer_sk.cpp @@ -223,6 +223,11 @@ void SAFER_SK::key_schedule(const byte key[], size_t) } } +void SAFER_SK::clear() + { + zap(EK); + } + /* * Return the name of this type */ diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h index dfe226652..043ecb456 100644 --- a/src/block/safer/safer_sk.h +++ b/src/block/safer/safer_sk.h @@ -21,7 +21,7 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); } + void clear(); std::string name() const; BlockCipher* clone() const; diff --git a/src/block/seed/seed.cpp b/src/block/seed/seed.cpp index fb8708214..d133e4153 100644 --- a/src/block/seed/seed.cpp +++ b/src/block/seed/seed.cpp @@ -138,4 +138,9 @@ void SEED::key_schedule(const byte key[], size_t) } } +void SEED::clear() + { + zap(K); + } + } diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h index 95dab758d..25138a700 100644 --- a/src/block/seed/seed.h +++ b/src/block/seed/seed.h @@ -21,7 +21,7 @@ class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { K.clear(); } + void clear(); std::string name() const { return "SEED"; } BlockCipher* clone() const { return new SEED; } private: diff --git a/src/block/serpent/serpent.cpp b/src/block/serpent/serpent.cpp index 0f0a4fd63..8c83b69de 100644 --- a/src/block/serpent/serpent.cpp +++ b/src/block/serpent/serpent.cpp @@ -391,4 +391,9 @@ void Serpent::key_schedule(const byte key[], size_t length) round_key.assign(&W[8], &W[140]); } +void Serpent::clear() + { + zap(round_key); + } + } diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h index 9266ccef8..dc539c9f3 100644 --- a/src/block/serpent/serpent.h +++ b/src/block/serpent/serpent.h @@ -21,7 +21,7 @@ class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { round_key.clear(); } + void clear(); std::string name() const { return "Serpent"; } BlockCipher* clone() const { return new Serpent; } protected: diff --git a/src/block/skipjack/skipjack.cpp b/src/block/skipjack/skipjack.cpp index fb9916092..be4024ad4 100644 --- a/src/block/skipjack/skipjack.cpp +++ b/src/block/skipjack/skipjack.cpp @@ -194,7 +194,7 @@ void Skipjack::key_schedule(const byte key[], size_t) */ void Skipjack::clear() { - FTAB.clear(); + zap(FTAB); } } diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp index c319dab16..544f809fc 100644 --- a/src/block/square/square.cpp +++ b/src/block/square/square.cpp @@ -212,10 +212,10 @@ void Square::transform(u32bit round_key[4]) */ void Square::clear() { - EK.clear(); - DK.clear(); - ME.clear(); - MD.clear(); + zap(EK); + zap(DK); + zap(ME); + zap(MD); } } diff --git a/src/block/tea/tea.cpp b/src/block/tea/tea.cpp index e45f7cb48..2accab700 100644 --- a/src/block/tea/tea.cpp +++ b/src/block/tea/tea.cpp @@ -70,4 +70,9 @@ void TEA::key_schedule(const byte key[], size_t) K[i] = load_be<u32bit>(key, i); } +void TEA::clear() + { + zap(K); + } + } diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h index d2f81da17..0d203975e 100644 --- a/src/block/tea/tea.h +++ b/src/block/tea/tea.h @@ -21,7 +21,7 @@ class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { K.clear(); } + void clear(); std::string name() const { return "TEA"; } BlockCipher* clone() const { return new TEA; } private: diff --git a/src/block/twofish/twofish.cpp b/src/block/twofish/twofish.cpp index eb5b279b9..4ea8a799e 100644 --- a/src/block/twofish/twofish.cpp +++ b/src/block/twofish/twofish.cpp @@ -238,8 +238,8 @@ void Twofish::rs_mul(byte S[4], byte key, size_t offset) */ void Twofish::clear() { - SB.clear(); - RK.clear(); + zap(SB); + zap(RK); } } diff --git a/src/block/xtea/xtea.cpp b/src/block/xtea/xtea.cpp index b0c976b36..165a6ea6a 100644 --- a/src/block/xtea/xtea.cpp +++ b/src/block/xtea/xtea.cpp @@ -138,4 +138,9 @@ void XTEA::key_schedule(const byte key[], size_t) } } +void XTEA::clear() + { + zap(EK); + } + } diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h index 1d86bf5ce..42acc35a5 100644 --- a/src/block/xtea/xtea.h +++ b/src/block/xtea/xtea.h @@ -21,7 +21,7 @@ class BOTAN_DLL XTEA : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { EK.clear(); } + void clear(); std::string name() const { return "XTEA"; } BlockCipher* clone() const { return new XTEA; } protected: diff --git a/src/mac/hmac/hmac.cpp b/src/mac/hmac/hmac.cpp index 4b4ed2f70..9e9a643db 100644 --- a/src/mac/hmac/hmac.cpp +++ b/src/mac/hmac/hmac.cpp @@ -65,8 +65,8 @@ void HMAC::key_schedule(const byte key[], size_t length) void HMAC::clear() { hash->clear(); - i_key.clear(); - o_key.clear(); + zap(i_key); + zap(o_key); } /* diff --git a/src/mac/ssl3mac/ssl3_mac.cpp b/src/mac/ssl3mac/ssl3_mac.cpp index 8979d1291..64f3103ef 100644 --- a/src/mac/ssl3mac/ssl3_mac.cpp +++ b/src/mac/ssl3mac/ssl3_mac.cpp @@ -58,8 +58,8 @@ void SSL3_MAC::key_schedule(const byte key[], size_t length) void SSL3_MAC::clear() { hash->clear(); - i_key.clear(); - o_key.clear(); + zap(i_key); + zap(o_key); } /* diff --git a/src/stream/arc4/arc4.cpp b/src/stream/arc4/arc4.cpp index 16c6058d2..da1694a96 100644 --- a/src/stream/arc4/arc4.cpp +++ b/src/stream/arc4/arc4.cpp @@ -96,8 +96,8 @@ std::string ARC4::name() const */ void ARC4::clear() { - state.clear(); - buffer.clear(); + zap(state); + zap(buffer); position = X = Y = 0; } diff --git a/src/stream/salsa20/salsa20.cpp b/src/stream/salsa20/salsa20.cpp index a7d1b2622..d8db69ae6 100644 --- a/src/stream/salsa20/salsa20.cpp +++ b/src/stream/salsa20/salsa20.cpp @@ -235,8 +235,8 @@ std::string Salsa20::name() const */ void Salsa20::clear() { - state.clear(); - buffer.clear(); + zap(state); + zap(buffer); position = 0; } diff --git a/src/stream/turing/turing.cpp b/src/stream/turing/turing.cpp index bdc53cff1..8d9b6f090 100644 --- a/src/stream/turing/turing.cpp +++ b/src/stream/turing/turing.cpp @@ -320,12 +320,12 @@ void Turing::set_iv(const byte iv[], size_t length) */ void Turing::clear() { - S0.clear(); - S1.clear(); - S2.clear(); - S3.clear(); - R.clear(); - K.clear(); + zap(S0); + zap(S1); + zap(S2); + zap(S3); + zap(R); + zap(K); buffer.clear(); position = 0; } diff --git a/src/stream/wid_wake/wid_wake.cpp b/src/stream/wid_wake/wid_wake.cpp index 0f56148a5..317613404 100644 --- a/src/stream/wid_wake/wid_wake.cpp +++ b/src/stream/wid_wake/wid_wake.cpp @@ -149,11 +149,11 @@ void WiderWake_41_BE::set_iv(const byte iv[], size_t length) */ void WiderWake_41_BE::clear() { + zap(t_key); + zap(state); + zap(T); + zap(buffer); position = 0; - t_key.clear(); - state.clear(); - T.clear(); - buffer.clear(); } } |