For block and stream ciphers, don't set the size of the key vectors

until we are actually setting a key. This avoids the problem of
prototype objects consuming not just memory but the precious few bytes
of mlock'able memory that we're given by Linux.

Use clear_mem instead of a loop in BigInt::mask_bits

If OS2ECP encounters an invalid format type, include what type it was
in the exception message.

2 files changed, 9 insertions, 11 deletions

diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp
index bb9132e10..c319dab16 100644
--- a/src/block/square/square.cpp
+++ b/src/block/square/square.cpp
@@ -160,8 +160,11 @@ void Square::key_schedule(const byte key[], size_t)
       transform(&XEK[4*i]);
       }
 
-   ME.resize(16);
-   MD.resize(16);
+   EK.assign(&XEK[4], &XEK[36]);
+   DK.assign(&XDK[4], &XDK[36]);
+
+   ME.resize(32);
+   MD.resize(32);
 
    for(size_t i = 0; i != 4; ++i)
       for(size_t j = 0; j != 4; ++j)
@@ -171,9 +174,6 @@ void Square::key_schedule(const byte key[], size_t)
          MD[4*i+j   ] = get_byte(j, XDK[i   ]);
          MD[4*i+j+16] = get_byte(j, XEK[i   ]);
          }
-
-   EK.assign(&XEK[4], &XEK[36]);
-   DK.assign(&XDK[4], &XDK[36]);
    }
 
 /*
@@ -212,10 +212,10 @@ void Square::transform(u32bit round_key[4])
 */
 void Square::clear()
    {
-   zeroise(EK);
-   zeroise(DK);
-   zeroise(ME);
-   zeroise(MD);
+   EK.clear();
+   DK.clear();
+   ME.clear();
+   MD.clear();
    }
 
 }
diff --git a/src/block/square/square.h b/src/block/square/square.h
index f40ad0e31..618dbf6d9 100644
--- a/src/block/square/square.h
+++ b/src/block/square/square.h
@@ -24,8 +24,6 @@ class BOTAN_DLL Square : public Block_Cipher_Fixed_Params<16, 16>
       void clear();
       std::string name() const { return "Square"; }
       BlockCipher* clone() const { return new Square; }
-
-      Square() : EK(28), DK(28), ME(32), MD(32) {}
    private:
       void key_schedule(const byte[], size_t);