diff options
| author | lloyd <[email protected]> | 2012-05-25 02:11:10 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2012-05-25 02:11:10 +0000 |
| commit | 113f4035f41cf3152832e1753d28b79a7ea811a4 (patch) | |
| tree | 1e2071c1f7786972d268b727f52ee33225ad68d4 /src/block/safer | |
| parent | ee42784fee56c48f72ecf03d7b93765dac35edf5 (diff) | |
For block and stream ciphers, don't set the size of the key vectors
until we are actually setting a key. This avoids the problem of
prototype objects consuming not just memory but the precious few bytes
of mlock'able memory that we're given by Linux.
Use clear_mem instead of a loop in BigInt::mask_bits
If OS2ECP encounters an invalid format type, include what type it was
in the exception message.
Diffstat (limited to 'src/block/safer')
| -rw-r--r-- | src/block/safer/safer_sk.cpp | 16 | ||||
| -rw-r--r-- | src/block/safer/safer_sk.h | 4 |
2 files changed, 8 insertions, 12 deletions
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp index f5fe4edd7..1b79b3c2c 100644 --- a/src/block/safer/safer_sk.cpp +++ b/src/block/safer/safer_sk.cpp @@ -90,8 +90,6 @@ const byte LOG[512] = { */ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const { - const size_t rounds = get_rounds(); - for(size_t i = 0; i != blocks; ++i) { byte A = in[0], B = in[1], C = in[2], D = in[3], @@ -128,8 +126,6 @@ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const */ void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const { - const size_t rounds = get_rounds(); - for(size_t i = 0; i != blocks; ++i) { byte A = in[0], B = in[1], C = in[2], D = in[3], @@ -208,6 +204,8 @@ void SAFER_SK::key_schedule(const byte key[], size_t) 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F }; + EK.resize(16 * rounds + 8); + secure_vector<byte> KB(18); for(size_t i = 0; i != 8; ++i) @@ -216,7 +214,7 @@ void SAFER_SK::key_schedule(const byte key[], size_t) KB[17] ^= KB[i+9] = EK[i] = key[i+8]; } - for(size_t i = 0; i != get_rounds(); ++i) + for(size_t i = 0; i != rounds; ++i) { for(size_t j = 0; j != 18; ++j) KB[j] = rotate_left(KB[j], 6); @@ -230,7 +228,7 @@ void SAFER_SK::key_schedule(const byte key[], size_t) */ std::string SAFER_SK::name() const { - return "SAFER-SK(" + std::to_string(get_rounds()) + ")"; + return "SAFER-SK(" + std::to_string(rounds) + ")"; } /* @@ -238,18 +236,16 @@ std::string SAFER_SK::name() const */ BlockCipher* SAFER_SK::clone() const { - return new SAFER_SK(get_rounds()); + return new SAFER_SK(rounds); } /* * SAFER-SK Constructor */ -SAFER_SK::SAFER_SK(size_t rounds) +SAFER_SK::SAFER_SK(size_t r) : rounds(r) { if(rounds > 13 || rounds == 0) throw Invalid_Argument(name() + ": Invalid number of rounds"); - - EK.resize(16 * rounds + 8); } } diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h index cf8ad90f7..dfe226652 100644 --- a/src/block/safer/safer_sk.h +++ b/src/block/safer/safer_sk.h @@ -21,7 +21,7 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16> void encrypt_n(const byte in[], byte out[], size_t blocks) const; void decrypt_n(const byte in[], byte out[], size_t blocks) const; - void clear() { zeroise(EK); } + void clear() { EK.clear(); } std::string name() const; BlockCipher* clone() const; @@ -31,9 +31,9 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16> */ SAFER_SK(size_t rounds); private: - size_t get_rounds() const { return (EK.size() - 8) / 16; } void key_schedule(const byte[], size_t); + size_t rounds; secure_vector<byte> EK; }; |