Don't use SecureVector to store certificate data; mlock'ed memory in

particular is precious. Really these could probably just as easily be
std::vectors since even zeroizing the memory isn't relevant here.

3 files changed, 8 insertions, 8 deletions

diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index bb4bc1775..8c3f66de8 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
 
    const u32bit unused_bits = low_bit(constraints) - 1;
 
-   SecureVector<byte> der;
+   MemoryVector<byte> der;
    der.push_back(BIT_STRING);
    der.push_back(2 + ((unused_bits < 8) ? 1 : 0));
    der.push_back(unused_bits % 8);
diff --git a/src/cert/x509cert/x509_obj.cpp b/src/cert/x509cert/x509_obj.cpp
index 27aaea3bf..41bbbef6b 100644
--- a/src/cert/x509cert/x509_obj.cpp
+++ b/src/cert/x509cert/x509_obj.cpp
@@ -97,7 +97,7 @@ void X509_Object::encode(Pipe& out, X509_Encoding encoding) const
 /*
 * Return a BER encoded X.509 object
 */
-SecureVector<byte> X509_Object::BER_encode() const
+MemoryVector<byte> X509_Object::BER_encode() const
    {
    return DER_Encoder()
       .start_cons(SEQUENCE)
@@ -121,7 +121,7 @@ std::string X509_Object::PEM_encode() const
 /*
 * Return the TBS data
 */
-SecureVector<byte> X509_Object::tbs_data() const
+MemoryVector<byte> X509_Object::tbs_data() const
    {
    return ASN1::put_in_sequence(tbs_bits);
    }
@@ -129,7 +129,7 @@ SecureVector<byte> X509_Object::tbs_data() const
 /*
 * Return the signature of this object
 */
-SecureVector<byte> X509_Object::signature() const
+MemoryVector<byte> X509_Object::signature() const
    {
    return sig;
    }
diff --git a/src/cert/x509cert/x509_obj.h b/src/cert/x509cert/x509_obj.h
index 9451582c7..86c1d6ce7 100644
--- a/src/cert/x509cert/x509_obj.h
+++ b/src/cert/x509cert/x509_obj.h
@@ -27,12 +27,12 @@ class BOTAN_DLL X509_Object
       * The underlying data that is to be or was signed
       * @return data that is or was signed
       */
-      SecureVector<byte> tbs_data() const;
+      MemoryVector<byte> tbs_data() const;
 
       /**
       * @return signature on tbs_data()
       */
-      SecureVector<byte> signature() const;
+      MemoryVector<byte> signature() const;
 
       /**
       * @return signature algorithm that was used to generate signature
@@ -70,7 +70,7 @@ class BOTAN_DLL X509_Object
       /**
       * @return BER encoding of this
       */
-      SecureVector<byte> BER_encode() const;
+      MemoryVector<byte> BER_encode() const;
 
       /**
       * @return PEM encoding of this
@@ -93,7 +93,7 @@ class BOTAN_DLL X509_Object
       void do_decode();
       X509_Object() {}
       AlgorithmIdentifier sig_algo;
-      SecureVector<byte> tbs_bits, sig;
+      MemoryVector<byte> tbs_bits, sig;
    private:
       virtual void force_decode() = 0;
       void init(DataSource&, const std::string&);