aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-09-17 22:45:46 +0000
committerlloyd <[email protected]>2010-09-17 22:45:46 +0000
commit1e085faeb6d2288941de6adf7ccbacf4452875f6 (patch)
tree805d3cfd4f5b14fff877fe23e8ccba79651d8ee6
parentf69375f3a137af835bd6e74dd5c5a1e94c882d8c (diff)
Don't use SecureVector to store certificate data; mlock'ed memory in
particular is precious. Really these could probably just as easily be std::vectors since even zeroizing the memory isn't relevant here.
-rw-r--r--src/cert/x509cert/x509_ext.cpp2
-rw-r--r--src/cert/x509cert/x509_obj.cpp6
-rw-r--r--src/cert/x509cert/x509_obj.h8
3 files changed, 8 insertions, 8 deletions
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index bb4bc1775..8c3f66de8 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
const u32bit unused_bits = low_bit(constraints) - 1;
- SecureVector<byte> der;
+ MemoryVector<byte> der;
der.push_back(BIT_STRING);
der.push_back(2 + ((unused_bits < 8) ? 1 : 0));
der.push_back(unused_bits % 8);
diff --git a/src/cert/x509cert/x509_obj.cpp b/src/cert/x509cert/x509_obj.cpp
index 27aaea3bf..41bbbef6b 100644
--- a/src/cert/x509cert/x509_obj.cpp
+++ b/src/cert/x509cert/x509_obj.cpp
@@ -97,7 +97,7 @@ void X509_Object::encode(Pipe& out, X509_Encoding encoding) const
/*
* Return a BER encoded X.509 object
*/
-SecureVector<byte> X509_Object::BER_encode() const
+MemoryVector<byte> X509_Object::BER_encode() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -121,7 +121,7 @@ std::string X509_Object::PEM_encode() const
/*
* Return the TBS data
*/
-SecureVector<byte> X509_Object::tbs_data() const
+MemoryVector<byte> X509_Object::tbs_data() const
{
return ASN1::put_in_sequence(tbs_bits);
}
@@ -129,7 +129,7 @@ SecureVector<byte> X509_Object::tbs_data() const
/*
* Return the signature of this object
*/
-SecureVector<byte> X509_Object::signature() const
+MemoryVector<byte> X509_Object::signature() const
{
return sig;
}
diff --git a/src/cert/x509cert/x509_obj.h b/src/cert/x509cert/x509_obj.h
index 9451582c7..86c1d6ce7 100644
--- a/src/cert/x509cert/x509_obj.h
+++ b/src/cert/x509cert/x509_obj.h
@@ -27,12 +27,12 @@ class BOTAN_DLL X509_Object
* The underlying data that is to be or was signed
* @return data that is or was signed
*/
- SecureVector<byte> tbs_data() const;
+ MemoryVector<byte> tbs_data() const;
/**
* @return signature on tbs_data()
*/
- SecureVector<byte> signature() const;
+ MemoryVector<byte> signature() const;
/**
* @return signature algorithm that was used to generate signature
@@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object
/**
* @return BER encoding of this
*/
- SecureVector<byte> BER_encode() const;
+ MemoryVector<byte> BER_encode() const;
/**
* @return PEM encoding of this
@@ -93,7 +93,7 @@ class BOTAN_DLL X509_Object
void do_decode();
X509_Object() {}
AlgorithmIdentifier sig_algo;
- SecureVector<byte> tbs_bits, sig;
+ MemoryVector<byte> tbs_bits, sig;
private:
virtual void force_decode() = 0;
void init(DataSource&, const std::string&);