diff options
author | lloyd <[email protected]> | 2010-09-17 22:45:46 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2010-09-17 22:45:46 +0000 |
commit | 1e085faeb6d2288941de6adf7ccbacf4452875f6 (patch) | |
tree | 805d3cfd4f5b14fff877fe23e8ccba79651d8ee6 | |
parent | f69375f3a137af835bd6e74dd5c5a1e94c882d8c (diff) |
Don't use SecureVector to store certificate data; mlock'ed memory in
particular is precious. Really these could probably just as easily be
std::vectors since even zeroizing the memory isn't relevant here.
-rw-r--r-- | src/cert/x509cert/x509_ext.cpp | 2 | ||||
-rw-r--r-- | src/cert/x509cert/x509_obj.cpp | 6 | ||||
-rw-r--r-- | src/cert/x509cert/x509_obj.h | 8 |
3 files changed, 8 insertions, 8 deletions
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp index bb4bc1775..8c3f66de8 100644 --- a/src/cert/x509cert/x509_ext.cpp +++ b/src/cert/x509cert/x509_ext.cpp @@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const const u32bit unused_bits = low_bit(constraints) - 1; - SecureVector<byte> der; + MemoryVector<byte> der; der.push_back(BIT_STRING); der.push_back(2 + ((unused_bits < 8) ? 1 : 0)); der.push_back(unused_bits % 8); diff --git a/src/cert/x509cert/x509_obj.cpp b/src/cert/x509cert/x509_obj.cpp index 27aaea3bf..41bbbef6b 100644 --- a/src/cert/x509cert/x509_obj.cpp +++ b/src/cert/x509cert/x509_obj.cpp @@ -97,7 +97,7 @@ void X509_Object::encode(Pipe& out, X509_Encoding encoding) const /* * Return a BER encoded X.509 object */ -SecureVector<byte> X509_Object::BER_encode() const +MemoryVector<byte> X509_Object::BER_encode() const { return DER_Encoder() .start_cons(SEQUENCE) @@ -121,7 +121,7 @@ std::string X509_Object::PEM_encode() const /* * Return the TBS data */ -SecureVector<byte> X509_Object::tbs_data() const +MemoryVector<byte> X509_Object::tbs_data() const { return ASN1::put_in_sequence(tbs_bits); } @@ -129,7 +129,7 @@ SecureVector<byte> X509_Object::tbs_data() const /* * Return the signature of this object */ -SecureVector<byte> X509_Object::signature() const +MemoryVector<byte> X509_Object::signature() const { return sig; } diff --git a/src/cert/x509cert/x509_obj.h b/src/cert/x509cert/x509_obj.h index 9451582c7..86c1d6ce7 100644 --- a/src/cert/x509cert/x509_obj.h +++ b/src/cert/x509cert/x509_obj.h @@ -27,12 +27,12 @@ class BOTAN_DLL X509_Object * The underlying data that is to be or was signed * @return data that is or was signed */ - SecureVector<byte> tbs_data() const; + MemoryVector<byte> tbs_data() const; /** * @return signature on tbs_data() */ - SecureVector<byte> signature() const; + MemoryVector<byte> signature() const; /** * @return signature algorithm that was used to generate signature @@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object /** * @return BER encoding of this */ - SecureVector<byte> BER_encode() const; + MemoryVector<byte> BER_encode() const; /** * @return PEM encoding of this @@ -93,7 +93,7 @@ class BOTAN_DLL X509_Object void do_decode(); X509_Object() {} AlgorithmIdentifier sig_algo; - SecureVector<byte> tbs_bits, sig; + MemoryVector<byte> tbs_bits, sig; private: virtual void force_decode() = 0; void init(DataSource&, const std::string&); |