For block and stream ciphers, don't set the size of the key vectors

until we are actually setting a key. This avoids the problem of
prototype objects consuming not just memory but the precious few bytes
of mlock'able memory that we're given by Linux.

Use clear_mem instead of a loop in BigInt::mask_bits

If OS2ECP encounters an invalid format type, include what type it was
in the exception message.

1 files changed, 3 insertions, 3 deletions

diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 15efc8132..f3f23b14a 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -21,11 +21,10 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
       void encrypt_n(const byte in[], byte out[], size_t blocks) const;
       void decrypt_n(const byte in[], byte out[], size_t blocks) const;
 
-      void clear() { zeroise(MK); zeroise(RK); }
+      void clear() { MK.clear(); RK.clear(); }
       std::string name() const { return "CAST-128"; }
       BlockCipher* clone() const { return new CAST_128; }
 
-      CAST_128() : MK(16), RK(16) {}
    private:
       void key_schedule(const byte[], size_t);
 
@@ -37,7 +36,8 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
       static const u32bit S7[256];
       static const u32bit S8[256];
 
-      secure_vector<u32bit> MK, RK;
+      secure_vector<u32bit> MK;
+      secure_vector<byte> RK;
    };
 
 extern const u32bit CAST_SBOX1[256];