diff options
| author | lloyd <[email protected]> | 2012-05-25 02:11:10 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-05-25 02:11:10 +0000 |
| commit | 113f4035f41cf3152832e1753d28b79a7ea811a4 (patch) | |
| tree | 1e2071c1f7786972d268b727f52ee33225ad68d4 /src/block/blowfish | |
| parent | ee42784fee56c48f72ecf03d7b93765dac35edf5 (diff) | |
For block and stream ciphers, don't set the size of the key vectors
until we are actually setting a key. This avoids the problem of
prototype objects consuming not just memory but the precious few bytes
of mlock'able memory that we're given by Linux.
Use clear_mem instead of a loop in BigInt::mask_bits
If OS2ECP encounters an invalid format type, include what type it was
in the exception message.
Diffstat (limited to 'src/block/blowfish')
| -rw-r--r-- | src/block/blowfish/blowfish.cpp | 17 | ||||
| -rw-r--r-- | src/block/blowfish/blowfish.h | 5 |
2 files changed, 13 insertions, 9 deletions
diff --git a/src/block/blowfish/blowfish.cpp b/src/block/blowfish/blowfish.cpp index 9f5ac1724..c224f479b 100644 --- a/src/block/blowfish/blowfish.cpp +++ b/src/block/blowfish/blowfish.cpp @@ -85,7 +85,11 @@ void Blowfish::decrypt_n(const byte in[], byte out[], size_t blocks) const */ void Blowfish::key_schedule(const byte key[], size_t length) { - clear(); + P.resize(18); + std::copy(P_INIT, P_INIT + 18, P.begin()); + + S.resize(1024); + std::copy(S_INIT, S_INIT + 1024, S.begin()); const byte null_salt[16] = { 0 }; @@ -125,12 +129,15 @@ void Blowfish::eks_key_schedule(const byte key[], size_t length, if(workfactor > 18) throw std::invalid_argument("Requested Bcrypt work factor too large"); - clear(); + P.resize(18); + std::copy(P_INIT, P_INIT + 18, P.begin()); - const byte null_salt[16] = { 0 }; + S.resize(1024); + std::copy(S_INIT, S_INIT + 1024, S.begin()); key_expansion(key, length, salt); + const byte null_salt[16] = { 0 }; const size_t rounds = 1 << workfactor; for(size_t r = 0; r != rounds; ++r) @@ -180,8 +187,8 @@ void Blowfish::generate_sbox(secure_vector<u32bit>& box, */ void Blowfish::clear() { - std::copy(P_INIT, P_INIT + 18, P.begin()); - std::copy(S_INIT, S_INIT + 1024, S.begin()); + P.clear(); + S.clear(); } } diff --git a/src/block/blowfish/blowfish.h b/src/block/blowfish/blowfish.h index 5bec4b231..cdf65f285 100644 --- a/src/block/blowfish/blowfish.h +++ b/src/block/blowfish/blowfish.h @@ -30,8 +30,6 @@ class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56> void clear(); std::string name() const { return "Blowfish"; } BlockCipher* clone() const { return new Blowfish; } - - Blowfish() : S(1024), P(18) {} private: void key_schedule(const byte key[], size_t length); @@ -47,8 +45,7 @@ class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56> static const u32bit P_INIT[18]; static const u32bit S_INIT[1024]; - secure_vector<u32bit> S; - secure_vector<u32bit> P; + secure_vector<u32bit> S, P; }; } |