aboutsummaryrefslogtreecommitdiffstats
path: root/src/pubkey
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-05-18 20:32:36 +0000
committerlloyd <[email protected]>2012-05-18 20:32:36 +0000
commitc691561f3198f481c13457433efbccc1c9fcd898 (patch)
treea45ea2c5a30e0cb009fbcb68a61ef39332ff790c /src/pubkey
parentd76700f01c7ecac5633edf75f8d7408b46c5dbac (diff)
Fairly huge update that replaces the old secmem types with std::vector
using a custom allocator. Currently our allocator just does new/delete with a memset before deletion, and the mmap and mlock allocators have been removed.
Diffstat (limited to 'src/pubkey')
-rw-r--r--src/pubkey/dh/dh.cpp10
-rw-r--r--src/pubkey/dh/dh.h10
-rw-r--r--src/pubkey/dl_algo/dl_algo.cpp10
-rw-r--r--src/pubkey/dl_algo/dl_algo.h8
-rw-r--r--src/pubkey/dl_group/dl_group.cpp14
-rw-r--r--src/pubkey/dl_group/dl_group.h5
-rw-r--r--src/pubkey/dlies/dlies.cpp27
-rw-r--r--src/pubkey/dlies/dlies.h13
-rw-r--r--src/pubkey/dsa/dsa.cpp6
-rw-r--r--src/pubkey/dsa/dsa.h6
-rw-r--r--src/pubkey/ec_group/ec_group.cpp18
-rw-r--r--src/pubkey/ec_group/ec_group.h4
-rw-r--r--src/pubkey/ecc_key/ecc_key.cpp10
-rw-r--r--src/pubkey/ecc_key/ecc_key.h10
-rw-r--r--src/pubkey/ecdh/ecdh.cpp2
-rw-r--r--src/pubkey/ecdh/ecdh.h12
-rw-r--r--src/pubkey/ecdsa/ecdsa.cpp4
-rw-r--r--src/pubkey/ecdsa/ecdsa.h6
-rw-r--r--src/pubkey/elgamal/elgamal.cpp10
-rw-r--r--src/pubkey/elgamal/elgamal.h8
-rw-r--r--src/pubkey/gost_3410/gost_3410.cpp20
-rw-r--r--src/pubkey/gost_3410/gost_3410.h8
-rw-r--r--src/pubkey/if_algo/if_algo.cpp10
-rw-r--r--src/pubkey/if_algo/if_algo.h8
-rw-r--r--src/pubkey/keypair/keypair.cpp12
-rw-r--r--src/pubkey/nr/nr.cpp12
-rw-r--r--src/pubkey/nr/nr.h8
-rw-r--r--src/pubkey/pk_algs.cpp4
-rw-r--r--src/pubkey/pk_algs.h4
-rw-r--r--src/pubkey/pk_keys.h6
-rw-r--r--src/pubkey/pk_ops.h10
-rw-r--r--src/pubkey/pkcs8.cpp18
-rw-r--r--src/pubkey/pkcs8.h4
-rw-r--r--src/pubkey/pubkey.cpp46
-rw-r--r--src/pubkey/pubkey.h54
-rw-r--r--src/pubkey/rsa/rsa.cpp6
-rw-r--r--src/pubkey/rsa/rsa.h14
-rw-r--r--src/pubkey/rw/rw.cpp12
-rw-r--r--src/pubkey/rw/rw.h8
-rw-r--r--src/pubkey/x509_key.cpp8
-rw-r--r--src/pubkey/x509_key.h4
41 files changed, 242 insertions, 227 deletions
diff --git a/src/pubkey/dh/dh.cpp b/src/pubkey/dh/dh.cpp
index d58fece12..04941af73 100644
--- a/src/pubkey/dh/dh.cpp
+++ b/src/pubkey/dh/dh.cpp
@@ -24,9 +24,9 @@ DH_PublicKey::DH_PublicKey(const DL_Group& grp, const BigInt& y1)
/*
* Return the public value for key agreement
*/
-MemoryVector<byte> DH_PublicKey::public_value() const
+std::vector<byte> DH_PublicKey::public_value() const
{
- return BigInt::encode_1363(y, group_p().bytes());
+ return unlock(BigInt::encode_1363(y, group_p().bytes()));
}
/*
@@ -58,7 +58,7 @@ DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng,
* Load a DH private key
*/
DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
@@ -71,7 +71,7 @@ DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id,
/*
* Return the public value for key agreement
*/
-MemoryVector<byte> DH_PrivateKey::public_value() const
+std::vector<byte> DH_PrivateKey::public_value() const
{
return DH_PublicKey::public_value();
}
@@ -83,7 +83,7 @@ DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh) :
blinder = Blinder(k, powermod_x_p(inverse_mod(k, p)), p);
}
-SecureVector<byte> DH_KA_Operation::agree(const byte w[], size_t w_len)
+secure_vector<byte> DH_KA_Operation::agree(const byte w[], size_t w_len)
{
BigInt input = BigInt::decode(w, w_len);
diff --git a/src/pubkey/dh/dh.h b/src/pubkey/dh/dh.h
index 497238417..bf02ffdb9 100644
--- a/src/pubkey/dh/dh.h
+++ b/src/pubkey/dh/dh.h
@@ -23,13 +23,13 @@ class BOTAN_DLL DH_PublicKey : public virtual DL_Scheme_PublicKey
public:
std::string algo_name() const { return "DH"; }
- MemoryVector<byte> public_value() const;
+ std::vector<byte> public_value() const;
size_t max_input_bits() const { return group_p().bits(); }
DL_Group::Format group_format() const { return DL_Group::ANSI_X9_42; }
DH_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_42) {}
/**
@@ -50,7 +50,7 @@ class BOTAN_DLL DH_PrivateKey : public DH_PublicKey,
public virtual DL_Scheme_PrivateKey
{
public:
- MemoryVector<byte> public_value() const;
+ std::vector<byte> public_value() const;
/**
* Load a DH private key
@@ -59,7 +59,7 @@ class BOTAN_DLL DH_PrivateKey : public DH_PublicKey,
* @param rng a random number generator
*/
DH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
/**
@@ -80,7 +80,7 @@ class BOTAN_DLL DH_KA_Operation : public PK_Ops::Key_Agreement
public:
DH_KA_Operation(const DH_PrivateKey& key);
- SecureVector<byte> agree(const byte w[], size_t w_len);
+ secure_vector<byte> agree(const byte w[], size_t w_len);
private:
const BigInt& p;
diff --git a/src/pubkey/dl_algo/dl_algo.cpp b/src/pubkey/dl_algo/dl_algo.cpp
index 8e326ef6a..1034a3252 100644
--- a/src/pubkey/dl_algo/dl_algo.cpp
+++ b/src/pubkey/dl_algo/dl_algo.cpp
@@ -18,13 +18,13 @@ AlgorithmIdentifier DL_Scheme_PublicKey::algorithm_identifier() const
group.DER_encode(group_format()));
}
-MemoryVector<byte> DL_Scheme_PublicKey::x509_subject_public_key() const
+std::vector<byte> DL_Scheme_PublicKey::x509_subject_public_key() const
{
- return DER_Encoder().encode(y).get_contents();
+ return DER_Encoder().encode(y).get_contents_unlocked();
}
DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
DataSource_Memory source(alg_id.parameters);
@@ -33,13 +33,13 @@ DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
BER_Decoder(key_bits).decode(y);
}
-MemoryVector<byte> DL_Scheme_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> DL_Scheme_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder().encode(x).get_contents();
}
DL_Scheme_PrivateKey::DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
DataSource_Memory source(alg_id.parameters);
diff --git a/src/pubkey/dl_algo/dl_algo.h b/src/pubkey/dl_algo/dl_algo.h
index 2cc632caa..af2806b02 100644
--- a/src/pubkey/dl_algo/dl_algo.h
+++ b/src/pubkey/dl_algo/dl_algo.h
@@ -24,7 +24,7 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* Get the DL domain parameters of this key.
@@ -62,7 +62,7 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
virtual DL_Group::Format group_format() const = 0;
DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format group_format);
protected:
@@ -94,10 +94,10 @@ class BOTAN_DLL DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey,
*/
const BigInt& get_x() const { return x; }
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format group_format);
protected:
diff --git a/src/pubkey/dl_group/dl_group.cpp b/src/pubkey/dl_group/dl_group.cpp
index 3904841ba..93bbcbb2d 100644
--- a/src/pubkey/dl_group/dl_group.cpp
+++ b/src/pubkey/dl_group/dl_group.cpp
@@ -90,7 +90,8 @@ DL_Group::DL_Group(RandomNumberGenerator& rng,
* DL_Group Constructor
*/
DL_Group::DL_Group(RandomNumberGenerator& rng,
- const MemoryRegion<byte>& seed, size_t pbits, size_t qbits)
+ const std::vector<byte>& seed,
+ size_t pbits, size_t qbits)
{
if(!generate_dsa_primes(rng,
global_state().algorithm_factory(),
@@ -202,7 +203,7 @@ const BigInt& DL_Group::get_q() const
/*
* DER encode the parameters
*/
-SecureVector<byte> DL_Group::DER_encode(Format format) const
+std::vector<byte> DL_Group::DER_encode(Format format) const
{
init_check();
@@ -217,7 +218,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(q)
.encode(g)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(format == ANSI_X9_42)
{
@@ -227,7 +228,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(g)
.encode(q)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(format == PKCS_3)
{
@@ -236,7 +237,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(p)
.encode(g)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
@@ -247,7 +248,8 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
*/
std::string DL_Group::PEM_encode(Format format) const
{
- SecureVector<byte> encoding = DER_encode(format);
+ const std::vector<byte> encoding = DER_encode(format);
+
if(format == PKCS_3)
return PEM_Code::encode(encoding, "DH PARAMETERS");
else if(format == ANSI_X9_57)
diff --git a/src/pubkey/dl_group/dl_group.h b/src/pubkey/dl_group/dl_group.h
index bfc2c04e5..aa90388ae 100644
--- a/src/pubkey/dl_group/dl_group.h
+++ b/src/pubkey/dl_group/dl_group.h
@@ -77,7 +77,7 @@ class BOTAN_DLL DL_Group
* @param format the encoding format
* @return string holding the DER encoded group
*/
- SecureVector<byte> DER_encode(Format format) const;
+ std::vector<byte> DER_encode(Format format) const;
/**
* Decode a DER/BER encoded group into this instance.
@@ -131,7 +131,8 @@ class BOTAN_DLL DL_Group
* @param pbits the desired bit size of the prime p
* @param qbits the desired bit size of the prime q.
*/
- DL_Group(RandomNumberGenerator& rng, const MemoryRegion<byte>& seed,
+ DL_Group(RandomNumberGenerator& rng,
+ const std::vector<byte>& seed,
size_t pbits = 1024, size_t qbits = 0);
/**
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp
index 80dde048b..715b55a36 100644
--- a/src/pubkey/dlies/dlies.cpp
+++ b/src/pubkey/dlies/dlies.cpp
@@ -34,19 +34,19 @@ DLIES_Encryptor::~DLIES_Encryptor()
/*
* DLIES Encryption
*/
-SecureVector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
- RandomNumberGenerator&) const
+std::vector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
+ RandomNumberGenerator&) const
{
if(length > maximum_input_size())
throw Invalid_Argument("DLIES: Plaintext too large");
if(other_key.empty())
throw Invalid_State("DLIES: The other key was never set");
- SecureVector<byte> out(my_key.size() + length + mac->output_length());
+ secure_vector<byte> out(my_key.size() + length + mac->output_length());
buffer_insert(out, 0, my_key);
buffer_insert(out, my_key.size(), in, length);
- SecureVector<byte> vz = my_key;
+ secure_vector<byte> vz(my_key.begin(), my_key.end());
vz += ka.derive_key(0, other_key).bits_of();
const size_t K_LENGTH = length + mac_keylen;
@@ -65,13 +65,13 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
mac->final(C + length);
- return out;
+ return unlock(out);
}
/*
* Set the other parties public key
*/
-void DLIES_Encryptor::set_other_key(const MemoryRegion<byte>& ok)
+void DLIES_Encryptor::set_other_key(const std::vector<byte>& ok)
{
other_key = ok;
}
@@ -108,18 +108,21 @@ DLIES_Decryptor::~DLIES_Decryptor()
/*
* DLIES Decryption
*/
-SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
+secure_vector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
{
if(length < my_key.size() + mac->output_length())
throw Decoding_Error("DLIES decryption: ciphertext is too short");
const size_t CIPHER_LEN = length - my_key.size() - mac->output_length();
- SecureVector<byte> v(msg, my_key.size());
- SecureVector<byte> C(msg + my_key.size(), CIPHER_LEN);
- SecureVector<byte> T(msg + my_key.size() + CIPHER_LEN, mac->output_length());
+ std::vector<byte> v(msg, msg + my_key.size());
- SecureVector<byte> vz(msg, my_key.size());
+ secure_vector<byte> C(msg + my_key.size(), msg + my_key.size() + CIPHER_LEN);
+
+ secure_vector<byte> T(msg + my_key.size() + CIPHER_LEN,
+ msg + my_key.size() + CIPHER_LEN + mac->output_length());
+
+ secure_vector<byte> vz(msg, msg + my_key.size());
vz += ka.derive_key(0, v).bits_of();
const size_t K_LENGTH = C.size() + mac_keylen;
@@ -131,7 +134,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
mac->update(C);
for(size_t j = 0; j != 8; ++j)
mac->update(0);
- SecureVector<byte> T2 = mac->final();
+ secure_vector<byte> T2 = mac->final();
if(T != T2)
throw Decoding_Error("DLIES: message authentication failed");
diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h
index 8e5c05852..9739afeb2 100644
--- a/src/pubkey/dlies/dlies.h
+++ b/src/pubkey/dlies/dlies.h
@@ -27,13 +27,14 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
~DLIES_Encryptor();
- void set_other_key(const MemoryRegion<byte>&);
+ void set_other_key(const std::vector<byte>&);
private:
- SecureVector<byte> enc(const byte[], size_t,
- RandomNumberGenerator&) const;
+ std::vector<byte> enc(const byte[], size_t,
+ RandomNumberGenerator&) const;
+
size_t maximum_input_size() const;
- SecureVector<byte> other_key, my_key;
+ std::vector<byte> other_key, my_key;
PK_Key_Agreement ka;
KDF* kdf;
@@ -55,9 +56,9 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
~DLIES_Decryptor();
private:
- SecureVector<byte> dec(const byte[], size_t) const;
+ secure_vector<byte> dec(const byte[], size_t) const;
- SecureVector<byte> my_key;
+ std::vector<byte> my_key;
PK_Key_Agreement ka;
KDF* kdf;
diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp
index c3b4f260b..5d56d6b89 100644
--- a/src/pubkey/dsa/dsa.cpp
+++ b/src/pubkey/dsa/dsa.cpp
@@ -42,7 +42,7 @@ DSA_PrivateKey::DSA_PrivateKey(RandomNumberGenerator& rng,
}
DSA_PrivateKey::DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
@@ -73,7 +73,7 @@ DSA_Signature_Operation::DSA_Signature_Operation(const DSA_PrivateKey& dsa) :
{
}
-SecureVector<byte>
+secure_vector<byte>
DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -97,7 +97,7 @@ DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
s = mod_q.multiply(s, mul_add(x, r, i));
}
- SecureVector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*q.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
diff --git a/src/pubkey/dsa/dsa.h b/src/pubkey/dsa/dsa.h
index a41a8432c..7d51cfdd0 100644
--- a/src/pubkey/dsa/dsa.h
+++ b/src/pubkey/dsa/dsa.h
@@ -29,7 +29,7 @@ class BOTAN_DLL DSA_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return group_q().bits(); }
DSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
}
@@ -47,7 +47,7 @@ class BOTAN_DLL DSA_PrivateKey : public DSA_PublicKey,
{
public:
DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
DSA_PrivateKey(RandomNumberGenerator& rng,
@@ -69,7 +69,7 @@ class BOTAN_DLL DSA_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return q.bytes(); }
size_t max_input_bits() const { return q.bits(); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& q;
diff --git a/src/pubkey/ec_group/ec_group.cpp b/src/pubkey/ec_group/ec_group.cpp
index fe4fae885..88c4616a4 100644
--- a/src/pubkey/ec_group/ec_group.cpp
+++ b/src/pubkey/ec_group/ec_group.cpp
@@ -37,8 +37,8 @@ EC_Group::EC_Group(const std::string& str)
{
DataSource_Memory input(str);
- SecureVector<byte> ber =
- PEM_Code::decode_check_label(input, "EC PARAMETERS");
+ std::vector<byte> ber =
+ unlock(PEM_Code::decode_check_label(input, "EC PARAMETERS"));
*this = EC_Group(ber);
}
@@ -48,7 +48,7 @@ EC_Group::EC_Group(const std::string& str)
}
}
-EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
+EC_Group::EC_Group(const std::vector<byte>& ber_data)
{
BER_Decoder ber(ber_data);
BER_Object obj = ber.get_next_object();
@@ -64,7 +64,7 @@ EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
else if(obj.type_tag == SEQUENCE)
{
BigInt p, a, b;
- SecureVector<byte> sv_base_point;
+ std::vector<byte> sv_base_point;
BER_Decoder(ber_data)
.start_cons(SEQUENCE)
@@ -91,7 +91,7 @@ EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
throw Decoding_Error("Unexpected tag while decoding ECC domain params");
}
-SecureVector<byte>
+std::vector<byte>
EC_Group::DER_encode(EC_Group_Encoding form) const
{
if(form == EC_DOMPAR_ENC_EXPLICIT)
@@ -118,19 +118,19 @@ EC_Group::DER_encode(EC_Group_Encoding form) const
.encode(order)
.encode(cofactor)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(form == EC_DOMPAR_ENC_OID)
- return DER_Encoder().encode(get_oid()).get_contents();
+ return DER_Encoder().encode(get_oid()).get_contents_unlocked();
else if(form == EC_DOMPAR_ENC_IMPLICITCA)
- return DER_Encoder().encode_null().get_contents();
+ return DER_Encoder().encode_null().get_contents_unlocked();
else
throw Internal_Error("EC_Group::DER_encode: Unknown encoding");
}
std::string EC_Group::PEM_encode() const
{
- SecureVector<byte> der = DER_encode(EC_DOMPAR_ENC_EXPLICIT);
+ const std::vector<byte> der = DER_encode(EC_DOMPAR_ENC_EXPLICIT);
return PEM_Code::encode(der, "EC PARAMETERS");
}
diff --git a/src/pubkey/ec_group/ec_group.h b/src/pubkey/ec_group/ec_group.h
index dadc9fba3..756c158dc 100644
--- a/src/pubkey/ec_group/ec_group.h
+++ b/src/pubkey/ec_group/ec_group.h
@@ -54,7 +54,7 @@ class BOTAN_DLL EC_Group
* Decode a BER encoded ECC domain parameter set
* @param ber_encoding the bytes of the BER encoding
*/
- EC_Group(const MemoryRegion<byte>& ber_encoding);
+ EC_Group(const std::vector<byte>& ber_encoding);
/**
* Create an EC domain by OID (or throw if unknown)
@@ -74,7 +74,7 @@ class BOTAN_DLL EC_Group
* @param form of encoding to use
* @returns bytes encododed as DER
*/
- SecureVector<byte> DER_encode(EC_Group_Encoding form) const;
+ std::vector<byte> DER_encode(EC_Group_Encoding form) const;
/**
* Return the PEM encoding (always in explicit form)
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index 991446f07..ead129ec6 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -28,7 +28,7 @@ EC_PublicKey::EC_PublicKey(const EC_Group& dom_par,
}
EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
domain_params = EC_Group(alg_id.parameters);
domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
@@ -47,9 +47,9 @@ AlgorithmIdentifier EC_PublicKey::algorithm_identifier() const
return AlgorithmIdentifier(get_oid(), DER_domain());
}
-MemoryVector<byte> EC_PublicKey::x509_subject_public_key() const
+std::vector<byte> EC_PublicKey::x509_subject_public_key() const
{
- return EC2OSP(public_point(), PointGFp::COMPRESSED);
+ return unlock(EC2OSP(public_point(), PointGFp::COMPRESSED));
}
void EC_PublicKey::set_parameter_encoding(EC_Group_Encoding form)
@@ -96,7 +96,7 @@ EC_PrivateKey::EC_PrivateKey(RandomNumberGenerator& rng,
"ECC private key was not on the curve");
}
-MemoryVector<byte> EC_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> EC_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -108,7 +108,7 @@ MemoryVector<byte> EC_PrivateKey::pkcs8_private_key() const
}
EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
domain_params = EC_Group(alg_id.parameters);
domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
diff --git a/src/pubkey/ecc_key/ecc_key.h b/src/pubkey/ecc_key/ecc_key.h
index cccc8d53c..76a63a7e4 100644
--- a/src/pubkey/ecc_key/ecc_key.h
+++ b/src/pubkey/ecc_key/ecc_key.h
@@ -34,7 +34,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
const PointGFp& pub_point);
EC_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
/**
* Get the public point of this key.
@@ -46,7 +46,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
bool check_key(RandomNumberGenerator& rng,
bool strong) const;
@@ -69,7 +69,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* Return the DER encoding of this keys domain in whatever format
* is preset for this particular key
*/
- MemoryVector<byte> DER_domain() const
+ std::vector<byte> DER_domain() const
{ return domain().DER_encode(domain_format()); }
/**
@@ -98,9 +98,9 @@ class BOTAN_DLL EC_PrivateKey : public virtual EC_PublicKey,
const BigInt& private_key);
EC_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
/**
* Get the private key value of this key object.
diff --git a/src/pubkey/ecdh/ecdh.cpp b/src/pubkey/ecdh/ecdh.cpp
index 656644370..511dd0678 100644
--- a/src/pubkey/ecdh/ecdh.cpp
+++ b/src/pubkey/ecdh/ecdh.cpp
@@ -20,7 +20,7 @@ ECDH_KA_Operation::ECDH_KA_Operation(const ECDH_PrivateKey& key) :
key.private_value();
}
-SecureVector<byte> ECDH_KA_Operation::agree(const byte w[], size_t w_len)
+secure_vector<byte> ECDH_KA_Operation::agree(const byte w[], size_t w_len)
{
PointGFp point = OS2ECP(w, w_len, curve);
diff --git a/src/pubkey/ecdh/ecdh.h b/src/pubkey/ecdh/ecdh.h
index 6fe0697bf..0c5d4e010 100644
--- a/src/pubkey/ecdh/ecdh.h
+++ b/src/pubkey/ecdh/ecdh.h
@@ -23,7 +23,7 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
public:
ECDH_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
/**
@@ -52,8 +52,8 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
/**
* @return public point value
*/
- MemoryVector<byte> public_value() const
- { return EC2OSP(public_point(), PointGFp::UNCOMPRESSED); }
+ std::vector<byte> public_value() const
+ { return unlock(EC2OSP(public_point(), PointGFp::UNCOMPRESSED)); }
protected:
ECDH_PublicKey() {}
@@ -69,7 +69,7 @@ class BOTAN_DLL ECDH_PrivateKey : public ECDH_PublicKey,
public:
ECDH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -83,7 +83,7 @@ class BOTAN_DLL ECDH_PrivateKey : public ECDH_PublicKey,
const BigInt& x = 0) :
EC_PrivateKey(rng, domain, x) {}
- MemoryVector<byte> public_value() const
+ std::vector<byte> public_value() const
{ return ECDH_PublicKey::public_value(); }
};
@@ -95,7 +95,7 @@ class BOTAN_DLL ECDH_KA_Operation : public PK_Ops::Key_Agreement
public:
ECDH_KA_Operation(const ECDH_PrivateKey& key);
- SecureVector<byte> agree(const byte w[], size_t w_len);
+ secure_vector<byte> agree(const byte w[], size_t w_len);
private:
const CurveGFp& curve;
const BigInt& cofactor;
diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp
index 5c45c5ed3..6ff082649 100644
--- a/src/pubkey/ecdsa/ecdsa.cpp
+++ b/src/pubkey/ecdsa/ecdsa.cpp
@@ -32,7 +32,7 @@ ECDSA_Signature_Operation::ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecd
{
}
-SecureVector<byte>
+secure_vector<byte>
ECDSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -56,7 +56,7 @@ ECDSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
s = mod_order.multiply(inverse_mod(k, order), mul_add(x, r, m));
}
- SecureVector<byte> output(2*order.bytes());
+ secure_vector<byte> output(2*order.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
diff --git a/src/pubkey/ecdsa/ecdsa.h b/src/pubkey/ecdsa/ecdsa.h
index f0834abd8..e37fa1562 100644
--- a/src/pubkey/ecdsa/ecdsa.h
+++ b/src/pubkey/ecdsa/ecdsa.h
@@ -33,7 +33,7 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey
EC_PublicKey(dom_par, public_point) {}
ECDSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
/**
@@ -72,7 +72,7 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
* @param key_bits PKCS #8 structure
*/
ECDSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -97,7 +97,7 @@ class BOTAN_DLL ECDSA_Signature_Operation : public PK_Ops::Signature
public:
ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa);
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
size_t message_parts() const { return 2; }
diff --git a/src/pubkey/elgamal/elgamal.cpp b/src/pubkey/elgamal/elgamal.cpp
index 6d15aed79..3988f3155 100644
--- a/src/pubkey/elgamal/elgamal.cpp
+++ b/src/pubkey/elgamal/elgamal.cpp
@@ -44,7 +44,7 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(RandomNumberGenerator& rng,
}
ElGamal_PrivateKey::ElGamal_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
@@ -76,7 +76,7 @@ ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicK
mod_p = Modular_Reducer(p);
}
-SecureVector<byte>
+secure_vector<byte>
ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -92,7 +92,7 @@ ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len,
BigInt a = powermod_g_p(k);
BigInt b = mod_p.multiply(m, powermod_y_p(k));
- SecureVector<byte> output(2*p.bytes());
+ secure_vector<byte> output(2*p.bytes());
a.binary_encode(&output[p.bytes() - a.bytes()]);
b.binary_encode(&output[output.size() / 2 + (p.bytes() - b.bytes())]);
return output;
@@ -109,7 +109,7 @@ ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_Private
blinder = Blinder(k, powermod_x_p(k), p);
}
-SecureVector<byte>
+secure_vector<byte>
ElGamal_Decryption_Operation::decrypt(const byte msg[], size_t msg_len)
{
const BigInt& p = mod_p.get_modulus();
@@ -129,7 +129,7 @@ ElGamal_Decryption_Operation::decrypt(const byte msg[], size_t msg_len)
BigInt r = mod_p.multiply(b, inverse_mod(powermod_x_p(a), p));
- return BigInt::encode(blinder.unblind(r));
+ return BigInt::encode_locked(blinder.unblind(r));
}
}
diff --git a/src/pubkey/elgamal/elgamal.h b/src/pubkey/elgamal/elgamal.h
index 383a4160b..957aa4656 100644
--- a/src/pubkey/elgamal/elgamal.h
+++ b/src/pubkey/elgamal/elgamal.h
@@ -28,7 +28,7 @@ class BOTAN_DLL ElGamal_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return (group_p().bits() - 1); }
ElGamal_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{}
@@ -47,7 +47,7 @@ class BOTAN_DLL ElGamal_PrivateKey : public ElGamal_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool) const;
ElGamal_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
ElGamal_PrivateKey(RandomNumberGenerator& rng,
@@ -65,7 +65,7 @@ class BOTAN_DLL ElGamal_Encryption_Operation : public PK_Ops::Encryption
ElGamal_Encryption_Operation(const ElGamal_PublicKey& key);
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
@@ -83,7 +83,7 @@ class BOTAN_DLL ElGamal_Decryption_Operation : public PK_Ops::Decryption
ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key);
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len);
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len);
private:
Fixed_Exponent_Power_Mod powermod_x_p;
Modular_Reducer mod_p;
diff --git a/src/pubkey/gost_3410/gost_3410.cpp b/src/pubkey/gost_3410/gost_3410.cpp
index f97f83aa0..289cdcac4 100644
--- a/src/pubkey/gost_3410/gost_3410.cpp
+++ b/src/pubkey/gost_3410/gost_3410.cpp
@@ -14,7 +14,7 @@
namespace Botan {
-MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
+std::vector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
{
// Trust CryptoPro to come up with something obnoxious
const BigInt x = public_point().get_affine_x();
@@ -22,7 +22,7 @@ MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
size_t part_size = std::max(x.bytes(), y.bytes());
- MemoryVector<byte> bits(2*part_size);
+ std::vector<byte> bits(2*part_size);
x.binary_encode(&bits[part_size - x.bytes()]);
y.binary_encode(&bits[2*part_size - y.bytes()]);
@@ -34,22 +34,22 @@ MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
std::swap(bits[part_size+i], bits[2*part_size-1-i]);
}
- return DER_Encoder().encode(bits, OCTET_STRING).get_contents();
+ return DER_Encoder().encode(bits, OCTET_STRING).get_contents_unlocked();
}
AlgorithmIdentifier GOST_3410_PublicKey::algorithm_identifier() const
{
- MemoryVector<byte> params =
+ std::vector<byte> params =
DER_Encoder().start_cons(SEQUENCE)
.encode(OID(domain().get_oid()))
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
return AlgorithmIdentifier(get_oid(), params);
}
GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
OID ecc_param_id;
@@ -58,7 +58,7 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
domain_params = EC_Group(ecc_param_id);
- SecureVector<byte> bits;
+ secure_vector<byte> bits;
BER_Decoder(key_bits).decode(bits, OCTET_STRING);
const size_t part_size = bits.size() / 2;
@@ -83,7 +83,7 @@ namespace {
BigInt decode_le(const byte msg[], size_t msg_len)
{
- SecureVector<byte> msg_le(msg, msg_len);
+ secure_vector<byte> msg_le(msg, msg + msg_len);
for(size_t i = 0; i != msg_le.size() / 2; ++i)
std::swap(msg_le[i], msg_le[msg_le.size()-1-i]);
@@ -102,7 +102,7 @@ GOST_3410_Signature_Operation::GOST_3410_Signature_Operation(
{
}
-SecureVector<byte>
+secure_vector<byte>
GOST_3410_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -129,7 +129,7 @@ GOST_3410_Signature_Operation::sign(const byte msg[], size_t msg_len,
if(r == 0 || s == 0)
throw Invalid_State("GOST 34.10: r == 0 || s == 0");
- SecureVector<byte> output(2*order.bytes());
+ secure_vector<byte> output(2*order.bytes());
s.binary_encode(&output[output.size() / 2 - s.bytes()]);
r.binary_encode(&output[output.size() - r.bytes()]);
return output;
diff --git a/src/pubkey/gost_3410/gost_3410.h b/src/pubkey/gost_3410/gost_3410.h
index 7b638d7b5..6b1506b10 100644
--- a/src/pubkey/gost_3410/gost_3410.h
+++ b/src/pubkey/gost_3410/gost_3410.h
@@ -35,7 +35,7 @@ class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey
* Construct from X.509 algorithm id and subject public key bits
*/
GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
/**
* Get this keys algorithm name.
@@ -45,7 +45,7 @@ class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* Get the maximum number of bits allowed to be fed to this key.
@@ -73,7 +73,7 @@ class BOTAN_DLL GOST_3410_PrivateKey : public GOST_3410_PublicKey,
public:
GOST_3410_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -103,7 +103,7 @@ class BOTAN_DLL GOST_3410_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return order.bytes(); }
size_t max_input_bits() const { return order.bits(); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
diff --git a/src/pubkey/if_algo/if_algo.cpp b/src/pubkey/if_algo/if_algo.cpp
index 6e75bc276..f044afd03 100644
--- a/src/pubkey/if_algo/if_algo.cpp
+++ b/src/pubkey/if_algo/if_algo.cpp
@@ -18,18 +18,18 @@ AlgorithmIdentifier IF_Scheme_PublicKey::algorithm_identifier() const
AlgorithmIdentifier::USE_NULL_PARAM);
}
-MemoryVector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const
+std::vector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(n)
.encode(e)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
IF_Scheme_PublicKey::IF_Scheme_PublicKey(const AlgorithmIdentifier&,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
@@ -49,7 +49,7 @@ bool IF_Scheme_PublicKey::check_key(RandomNumberGenerator&, bool) const
return true;
}
-MemoryVector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -68,7 +68,7 @@ MemoryVector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
const AlgorithmIdentifier&,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
diff --git a/src/pubkey/if_algo/if_algo.h b/src/pubkey/if_algo/if_algo.h
index b6683d30e..5c95aecd1 100644
--- a/src/pubkey/if_algo/if_algo.h
+++ b/src/pubkey/if_algo/if_algo.h
@@ -22,7 +22,7 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
{
public:
IF_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
IF_Scheme_PublicKey(const BigInt& n, const BigInt& e) :
n(n), e(e) {}
@@ -31,7 +31,7 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* @return public modulus
@@ -67,7 +67,7 @@ class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey,
IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
bool check_key(RandomNumberGenerator& rng, bool) const;
@@ -93,7 +93,7 @@ class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey,
const BigInt& get_d1() const { return d1; }
const BigInt& get_d2() const { return d2; }
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
protected:
IF_Scheme_PrivateKey() {}
diff --git a/src/pubkey/keypair/keypair.cpp b/src/pubkey/keypair/keypair.cpp
index 857a5328a..a8631062d 100644
--- a/src/pubkey/keypair/keypair.cpp
+++ b/src/pubkey/keypair/keypair.cpp
@@ -29,14 +29,14 @@ bool encryption_consistency_check(RandomNumberGenerator& rng,
if(encryptor.maximum_input_size() == 0)
return true;
- SecureVector<byte> plaintext =
- rng.random_vec(encryptor.maximum_input_size() - 1);
+ std::vector<byte> plaintext =
+ unlock(rng.random_vec(encryptor.maximum_input_size() - 1));
- SecureVector<byte> ciphertext = encryptor.encrypt(plaintext, rng);
+ std::vector<byte> ciphertext = encryptor.encrypt(plaintext, rng);
if(ciphertext == plaintext)
return false;
- SecureVector<byte> decrypted = decryptor.decrypt(ciphertext);
+ std::vector<byte> decrypted = unlock(decryptor.decrypt(ciphertext));
return (plaintext == decrypted);
}
@@ -51,9 +51,9 @@ bool signature_consistency_check(RandomNumberGenerator& rng,
PK_Signer signer(key, padding);
PK_Verifier verifier(key, padding);
- SecureVector<byte> message = rng.random_vec(16);
+ std::vector<byte> message = unlock(rng.random_vec(16));
- SecureVector<byte> signature;
+ std::vector<byte> signature;
try
{
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index 7490e1b64..87cf3d038 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -13,7 +13,7 @@
namespace Botan {
NR_PublicKey::NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
}
@@ -49,7 +49,7 @@ NR_PrivateKey::NR_PrivateKey(RandomNumberGenerator& rng,
}
NR_PrivateKey::NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
@@ -80,7 +80,7 @@ NR_Signature_Operation::NR_Signature_Operation(const NR_PrivateKey& nr) :
{
}
-SecureVector<byte>
+secure_vector<byte>
NR_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -104,7 +104,7 @@ NR_Signature_Operation::sign(const byte msg[], size_t msg_len,
d = mod_q.reduce(k - x * c);
}
- SecureVector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*q.bytes());
c.binary_encode(&output[output.size() / 2 - c.bytes()]);
d.binary_encode(&output[output.size() - d.bytes()]);
return output;
@@ -119,7 +119,7 @@ NR_Verification_Operation::NR_Verification_Operation(const NR_PublicKey& nr) :
mod_q = Modular_Reducer(nr.group_q());
}
-SecureVector<byte>
+secure_vector<byte>
NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
const BigInt& q = mod_q.get_modulus();
@@ -137,7 +137,7 @@ NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
BigInt g_d = powermod_g_p(d);
BigInt i = mod_p.multiply(g_d, future_y_c.get());
- return BigInt::encode(mod_q.reduce(c - i));
+ return BigInt::encode_locked(mod_q.reduce(c - i));
}
}
diff --git a/src/pubkey/nr/nr.h b/src/pubkey/nr/nr.h
index 0d426fb3a..5be336a21 100644
--- a/src/pubkey/nr/nr.h
+++ b/src/pubkey/nr/nr.h
@@ -30,7 +30,7 @@ class BOTAN_DLL NR_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return (group_q().bits() - 1); }
NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
NR_PublicKey(const DL_Group& group, const BigInt& pub_key);
protected:
@@ -47,7 +47,7 @@ class BOTAN_DLL NR_PrivateKey : public NR_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool strong) const;
NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
NR_PrivateKey(RandomNumberGenerator& rng,
@@ -67,7 +67,7 @@ class BOTAN_DLL NR_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return q.bytes(); }
size_t max_input_bits() const { return (q.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& q;
@@ -90,7 +90,7 @@ class BOTAN_DLL NR_Verification_Operation : public PK_Ops::Verification
bool with_recovery() const { return true; }
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len);
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len);
private:
const BigInt& q;
const BigInt& y;
diff --git a/src/pubkey/pk_algs.cpp b/src/pubkey/pk_algs.cpp
index 9b3218ac4..863eb57e4 100644
--- a/src/pubkey/pk_algs.cpp
+++ b/src/pubkey/pk_algs.cpp
@@ -47,7 +47,7 @@
namespace Botan {
Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
const std::string alg_name = OIDS::lookup(alg_id.oid);
if(alg_name == "")
@@ -102,7 +102,7 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
}
Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng)
{
const std::string alg_name = OIDS::lookup(alg_id.oid);
diff --git a/src/pubkey/pk_algs.h b/src/pubkey/pk_algs.h
index a1e65cb3d..d8f24a1b8 100644
--- a/src/pubkey/pk_algs.h
+++ b/src/pubkey/pk_algs.h
@@ -13,10 +13,10 @@
namespace Botan {
Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
}
diff --git a/src/pubkey/pk_keys.h b/src/pubkey/pk_keys.h
index 770949b59..a3b693956 100644
--- a/src/pubkey/pk_keys.h
+++ b/src/pubkey/pk_keys.h
@@ -69,7 +69,7 @@ class BOTAN_DLL Public_Key
/**
* @return X.509 subject key encoding for this key object
*/
- virtual MemoryVector<byte> x509_subject_public_key() const = 0;
+ virtual std::vector<byte> x509_subject_public_key() const = 0;
virtual ~Public_Key() {}
protected:
@@ -89,7 +89,7 @@ class BOTAN_DLL Private_Key : public virtual Public_Key
/**
* @return PKCS #8 private key encoding for this key object
*/
- virtual MemoryVector<byte> pkcs8_private_key() const = 0;
+ virtual secure_vector<byte> pkcs8_private_key() const = 0;
/**
* @return PKCS #8 AlgorithmIdentifier for this key
@@ -121,7 +121,7 @@ class BOTAN_DLL PK_Key_Agreement_Key : public virtual Private_Key
/*
* @return public component of this key
*/
- virtual MemoryVector<byte> public_value() const = 0;
+ virtual std::vector<byte> public_value() const = 0;
virtual ~PK_Key_Agreement_Key() {}
};
diff --git a/src/pubkey/pk_ops.h b/src/pubkey/pk_ops.h
index 51543cd33..8a08ef430 100644
--- a/src/pubkey/pk_ops.h
+++ b/src/pubkey/pk_ops.h
@@ -23,7 +23,7 @@ class BOTAN_DLL Encryption
public:
virtual size_t max_input_bits() const = 0;
- virtual SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ virtual secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) = 0;
virtual ~Encryption() {}
@@ -37,7 +37,7 @@ class BOTAN_DLL Decryption
public:
virtual size_t max_input_bits() const = 0;
- virtual SecureVector<byte> decrypt(const byte msg[],
+ virtual secure_vector<byte> decrypt(const byte msg[],
size_t msg_len) = 0;
virtual ~Decryption() {}
@@ -73,7 +73,7 @@ class BOTAN_DLL Signature
* @param msg_len the length of msg in bytes
* @param rng a random number generator
*/
- virtual SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ virtual secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) = 0;
virtual ~Signature() {}
@@ -130,7 +130,7 @@ class BOTAN_DLL Verification
* @param msg_len the length of msg in bytes
* @returns recovered message
*/
- virtual SecureVector<byte> verify_mr(const byte[],
+ virtual secure_vector<byte> verify_mr(const byte[],
size_t)
{
throw Invalid_State("Message recovery not supported");
@@ -151,7 +151,7 @@ class BOTAN_DLL Key_Agreement
* @param w_len the length of w in bytes
* @returns the agreed key
*/
- virtual SecureVector<byte> agree(const byte w[], size_t w_len) = 0;
+ virtual secure_vector<byte> agree(const byte w[], size_t w_len) = 0;
virtual ~Key_Agreement() {}
};
diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp
index 57bb5c1e2..baf6d1250 100644
--- a/src/pubkey/pkcs8.cpp
+++ b/src/pubkey/pkcs8.cpp
@@ -24,10 +24,10 @@ namespace {
/*
* Get info from an EncryptedPrivateKeyInfo
*/
-SecureVector<byte> PKCS8_extract(DataSource& source,
+secure_vector<byte> PKCS8_extract(DataSource& source,
AlgorithmIdentifier& pbe_alg_id)
{
- SecureVector<byte> key_data;
+ secure_vector<byte> key_data;
BER_Decoder(source)
.start_cons(SEQUENCE)
@@ -41,13 +41,13 @@ SecureVector<byte> PKCS8_extract(DataSource& source,
/*
* PEM decode and/or decrypt a private key
*/
-SecureVector<byte> PKCS8_decode(
+secure_vector<byte> PKCS8_decode(
DataSource& source,
std::function<std::pair<bool,std::string> ()> get_passphrase,
AlgorithmIdentifier& pk_alg_id)
{
AlgorithmIdentifier pbe_alg_id;
- SecureVector<byte> key_data, key;
+ secure_vector<byte> key_data, key;
bool is_encrypted = true;
try {
@@ -71,9 +71,9 @@ SecureVector<byte> PKCS8_decode(
if(key_data.empty())
throw PKCS8_Exception("No key data found");
}
- catch(Decoding_Error)
+ catch(Decoding_Error& e)
{
- throw Decoding_Error("PKCS #8 private key decoding failed");
+ throw Decoding_Error("PKCS #8 private key decoding failed: " + std::string(e.what()));
}
if(!is_encrypted)
@@ -131,7 +131,7 @@ SecureVector<byte> PKCS8_decode(
/*
* BER encode a PKCS #8 private key, unencrypted
*/
-SecureVector<byte> BER_encode(const Private_Key& key)
+secure_vector<byte> BER_encode(const Private_Key& key)
{
const size_t PKCS8_VERSION = 0;
@@ -155,7 +155,7 @@ std::string PEM_encode(const Private_Key& key)
/*
* BER encode a PKCS #8 private key, encrypted
*/
-SecureVector<byte> BER_encode(const Private_Key& key,
+secure_vector<byte> BER_encode(const Private_Key& key,
RandomNumberGenerator& rng,
const std::string& pass,
const std::string& pbe_algo)
@@ -203,7 +203,7 @@ Private_Key* load_key(DataSource& source,
std::function<std::pair<bool, std::string> ()> get_pass)
{
AlgorithmIdentifier alg_id;
- SecureVector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
+ secure_vector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
const std::string alg_name = OIDS::lookup(alg_id.oid);
if(alg_name == "" || alg_name == alg_id.oid.as_string())
diff --git a/src/pubkey/pkcs8.h b/src/pubkey/pkcs8.h
index d573fb460..fae1633a8 100644
--- a/src/pubkey/pkcs8.h
+++ b/src/pubkey/pkcs8.h
@@ -32,7 +32,7 @@ namespace PKCS8 {
* @param key the private key to encode
* @return BER encoded key
*/
-BOTAN_DLL SecureVector<byte> BER_encode(const Private_Key& key);
+BOTAN_DLL secure_vector<byte> BER_encode(const Private_Key& key);
/**
* Get a string containing a PEM encoded private key.
@@ -51,7 +51,7 @@ BOTAN_DLL std::string PEM_encode(const Private_Key& key);
default will be chosen.
* @return encrypted key in binary BER form
*/
-BOTAN_DLL SecureVector<byte> BER_encode(const Private_Key& key,
+BOTAN_DLL secure_vector<byte> BER_encode(const Private_Key& key,
RandomNumberGenerator& rng,
const std::string& pass,
const std::string& pbe_algo = "");
diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp
index d0b74071c..370eeddbf 100644
--- a/src/pubkey/pubkey.cpp
+++ b/src/pubkey/pubkey.cpp
@@ -44,27 +44,27 @@ PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key,
/*
* Encrypt a message
*/
-SecureVector<byte>
+std::vector<byte>
PK_Encryptor_EME::enc(const byte in[],
size_t length,
RandomNumberGenerator& rng) const
{
if(eme)
{
- SecureVector<byte> encoded =
+ secure_vector<byte> encoded =
eme->encode(in, length, op->max_input_bits(), rng);
if(8*(encoded.size() - 1) + high_bit(encoded[0]) > op->max_input_bits())
throw Invalid_Argument("PK_Encryptor_EME: Input is too large");
- return op->encrypt(&encoded[0], encoded.size(), rng);
+ return unlock(op->encrypt(&encoded[0], encoded.size(), rng));
}
else
{
if(8*(length - 1) + high_bit(in[0]) > op->max_input_bits())
throw Invalid_Argument("PK_Encryptor_EME: Input is too large");
- return op->encrypt(&in[0], length, rng);
+ return unlock(op->encrypt(&in[0], length, rng));
}
}
@@ -104,11 +104,11 @@ PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key,
/*
* Decrypt a message
*/
-SecureVector<byte> PK_Decryptor_EME::dec(const byte msg[],
- size_t length) const
+secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[],
+ size_t length) const
{
try {
- SecureVector<byte> decrypted = op->decrypt(msg, length);
+ secure_vector<byte> decrypted = op->decrypt(msg, length);
if(eme)
return eme->decode(decrypted, op->max_input_bits());
else
@@ -156,7 +156,7 @@ PK_Signer::PK_Signer(const Private_Key& key,
/*
* Sign a message
*/
-SecureVector<byte> PK_Signer::sign_message(const byte msg[], size_t length,
+std::vector<byte> PK_Signer::sign_message(const byte msg[], size_t length,
RandomNumberGenerator& rng)
{
update(msg, length);
@@ -174,16 +174,16 @@ void PK_Signer::update(const byte in[], size_t length)
/*
* Check the signature we just created, to help prevent fault attacks
*/
-bool PK_Signer::self_test_signature(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig) const
+bool PK_Signer::self_test_signature(const std::vector<byte>& msg,
+ const std::vector<byte>& sig) const
{
if(!verify_op)
return true; // checking disabled, assume ok
if(verify_op->with_recovery())
{
- SecureVector<byte> recovered =
- verify_op->verify_mr(&sig[0], sig.size());
+ std::vector<byte> recovered =
+ unlock(verify_op->verify_mr(&sig[0], sig.size()));
if(msg.size() > recovered.size())
{
@@ -206,13 +206,13 @@ bool PK_Signer::self_test_signature(const MemoryRegion<byte>& msg,
/*
* Create a signature
*/
-SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
+std::vector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
{
- SecureVector<byte> encoded = emsa->encoding_of(emsa->raw_data(),
- op->max_input_bits(),
- rng);
+ std::vector<byte> encoded = unlock(emsa->encoding_of(emsa->raw_data(),
+ op->max_input_bits(),
+ rng));
- SecureVector<byte> plain_sig = op->sign(&encoded[0], encoded.size(), rng);
+ std::vector<byte> plain_sig = unlock(op->sign(&encoded[0], encoded.size(), rng));
BOTAN_ASSERT(self_test_signature(encoded, plain_sig),
"PK_Signer consistency check failed");
@@ -234,7 +234,7 @@ SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
.start_cons(SEQUENCE)
.encode_list(sig_parts)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else
throw Encoding_Error("PK_Signer: Unknown signature format " +
@@ -307,7 +307,7 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);
size_t count = 0;
- SecureVector<byte> real_sig;
+ std::vector<byte> real_sig;
while(ber_sig.more_items())
{
BigInt sig_part;
@@ -332,19 +332,19 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
/*
* Verify a signature
*/
-bool PK_Verifier::validate_signature(const MemoryRegion<byte>& msg,
+bool PK_Verifier::validate_signature(const secure_vector<byte>& msg,
const byte sig[], size_t sig_len)
{
if(op->with_recovery())
{
- SecureVector<byte> output_of_key = op->verify_mr(sig, sig_len);
+ secure_vector<byte> output_of_key = op->verify_mr(sig, sig_len);
return emsa->verify(output_of_key, msg, op->max_input_bits());
}
else
{
Null_RNG rng;
- SecureVector<byte> encoded =
+ secure_vector<byte> encoded =
emsa->encoding_of(msg, op->max_input_bits(), rng);
return op->verify(&encoded[0], encoded.size(), sig, sig_len);
@@ -377,7 +377,7 @@ SymmetricKey PK_Key_Agreement::derive_key(size_t key_len, const byte in[],
size_t in_len, const byte params[],
size_t params_len) const
{
- SecureVector<byte> z = op->agree(in, in_len);
+ secure_vector<byte> z = op->agree(in, in_len);
if(!kdf)
return z;
diff --git a/src/pubkey/pubkey.h b/src/pubkey/pubkey.h
index cd813dc65..5013a1ed1 100644
--- a/src/pubkey/pubkey.h
+++ b/src/pubkey/pubkey.h
@@ -45,7 +45,7 @@ class BOTAN_DLL PK_Encryptor
* @param rng the random number source to use
* @return encrypted message
*/
- SecureVector<byte> encrypt(const byte in[], size_t length,
+ std::vector<byte> encrypt(const byte in[], size_t length,
RandomNumberGenerator& rng) const
{
return enc(in, length, rng);
@@ -57,8 +57,9 @@ class BOTAN_DLL PK_Encryptor
* @param rng the random number source to use
* @return encrypted message
*/
- SecureVector<byte> encrypt(const MemoryRegion<byte>& in,
- RandomNumberGenerator& rng) const
+ template<typename Alloc>
+ std::vector<byte> encrypt(const std::vector<byte, Alloc>& in,
+ RandomNumberGenerator& rng) const
{
return enc(&in[0], in.size(), rng);
}
@@ -75,7 +76,7 @@ class BOTAN_DLL PK_Encryptor
PK_Encryptor(const PK_Encryptor&) {}
PK_Encryptor& operator=(const PK_Encryptor&) { return *this; }
- virtual SecureVector<byte> enc(const byte[], size_t,
+ virtual std::vector<byte> enc(const byte[], size_t,
RandomNumberGenerator&) const = 0;
};
@@ -91,7 +92,7 @@ class BOTAN_DLL PK_Decryptor
* @param length the length of the above byte array
* @return decrypted message
*/
- SecureVector<byte> decrypt(const byte in[], size_t length) const
+ secure_vector<byte> decrypt(const byte in[], size_t length) const
{
return dec(in, length);
}
@@ -101,7 +102,8 @@ class BOTAN_DLL PK_Decryptor
* @param in the ciphertext
* @return decrypted message
*/
- SecureVector<byte> decrypt(const MemoryRegion<byte>& in) const
+ template<typename Alloc>
+ secure_vector<byte> decrypt(const std::vector<byte, Alloc>& in) const
{
return dec(&in[0], in.size());
}
@@ -112,7 +114,7 @@ class BOTAN_DLL PK_Decryptor
PK_Decryptor(const PK_Decryptor&) {}
PK_Decryptor& operator=(const PK_Decryptor&) { return *this; }
- virtual SecureVector<byte> dec(const byte[], size_t) const = 0;
+ virtual secure_vector<byte> dec(const byte[], size_t) const = 0;
};
/**
@@ -130,7 +132,7 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature
*/
- SecureVector<byte> sign_message(const byte in[], size_t length,
+ std::vector<byte> sign_message(const byte in[], size_t length,
RandomNumberGenerator& rng);
/**
@@ -139,8 +141,12 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature
*/
- SecureVector<byte> sign_message(const MemoryRegion<byte>& in,
- RandomNumberGenerator& rng)
+ std::vector<byte> sign_message(const std::vector<byte>& in,
+ RandomNumberGenerator& rng)
+ { return sign_message(&in[0], in.size(), rng); }
+
+ std::vector<byte> sign_message(const secure_vector<byte>& in,
+ RandomNumberGenerator& rng)
{ return sign_message(&in[0], in.size(), rng); }
/**
@@ -160,7 +166,7 @@ class BOTAN_DLL PK_Signer
* Add a message part.
* @param in the message part to add
*/
- void update(const MemoryRegion<byte>& in) { update(&in[0], in.size()); }
+ void update(const std::vector<byte>& in) { update(&in[0], in.size()); }
/**
* Get the signature of the so far processed message (provided by the
@@ -168,7 +174,7 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature of the total message
*/
- SecureVector<byte> signature(RandomNumberGenerator& rng);
+ std::vector<byte> signature(RandomNumberGenerator& rng);
/**
* Set the output format of the signature.
@@ -191,8 +197,8 @@ class BOTAN_DLL PK_Signer
~PK_Signer() { delete op; delete verify_op; delete emsa; }
private:
- bool self_test_signature(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig) const;
+ bool self_test_signature(const std::vector<byte>& msg,
+ const std::vector<byte>& sig) const;
PK_Signer(const PK_Signer&) {}
PK_Signer& operator=(const PK_Signer&) { return *this; }
@@ -227,8 +233,9 @@ class BOTAN_DLL PK_Verifier
* @param sig the signature
* @return true if the signature is valid
*/
- bool verify_message(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig)
+ template<typename Alloc, typename Alloc2>
+ bool verify_message(const std::vector<byte, Alloc>& msg,
+ const std::vector<byte, Alloc2>& sig)
{
return verify_message(&msg[0], msg.size(),
&sig[0], sig.size());
@@ -254,7 +261,7 @@ class BOTAN_DLL PK_Verifier
* signature to be verified.
* @param in the new message part
*/
- void update(const MemoryRegion<byte>& in)
+ void update(const std::vector<byte>& in)
{ update(&in[0], in.size()); }
/**
@@ -272,7 +279,8 @@ class BOTAN_DLL PK_Verifier
* @param sig the signature to be verified
* @return true if the signature is valid, false otherwise
*/
- bool check_signature(const MemoryRegion<byte>& sig)
+ template<typename Alloc>
+ bool check_signature(const std::vector<byte, Alloc>& sig)
{
return check_signature(&sig[0], sig.size());
}
@@ -298,7 +306,7 @@ class BOTAN_DLL PK_Verifier
PK_Verifier(const PK_Verifier&) {}
PK_Verifier& operator=(const PK_Verifier&) { return *this; }
- bool validate_signature(const MemoryRegion<byte>& msg,
+ bool validate_signature(const secure_vector<byte>& msg,
const byte sig[], size_t sig_len);
PK_Ops::Verification* op;
@@ -336,7 +344,7 @@ class BOTAN_DLL PK_Key_Agreement
* @param params_len the length of params in bytes
*/
SymmetricKey derive_key(size_t key_len,
- const MemoryRegion<byte>& in,
+ const std::vector<byte>& in,
const byte params[],
size_t params_len) const
{
@@ -367,7 +375,7 @@ class BOTAN_DLL PK_Key_Agreement
* @param params extra derivation params
*/
SymmetricKey derive_key(size_t key_len,
- const MemoryRegion<byte>& in,
+ const std::vector<byte>& in,
const std::string& params = "") const
{
return derive_key(key_len, &in[0], in.size(),
@@ -410,7 +418,7 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor
~PK_Encryptor_EME() { delete op; delete eme; }
private:
- SecureVector<byte> enc(const byte[], size_t,
+ std::vector<byte> enc(const byte[], size_t,
RandomNumberGenerator& rng) const;
PK_Ops::Encryption* op;
@@ -433,7 +441,7 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor
~PK_Decryptor_EME() { delete op; delete eme; }
private:
- SecureVector<byte> dec(const byte[], size_t) const;
+ secure_vector<byte> dec(const byte[], size_t) const;
PK_Ops::Decryption* op;
const EME* eme;
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index 2da366699..22474d7d5 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -88,7 +88,7 @@ BigInt RSA_Private_Operation::private_op(const BigInt& m) const
return mul_add(j1, q, j2);
}
-SecureVector<byte>
+secure_vector<byte>
RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
@@ -105,7 +105,7 @@ RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
/*
* RSA Decryption Operation
*/
-SecureVector<byte>
+secure_vector<byte>
RSA_Private_Operation::decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
@@ -114,7 +114,7 @@ RSA_Private_Operation::decrypt(const byte msg[], size_t msg_len)
BOTAN_ASSERT(m == powermod_e_n(x),
"RSA private op failed consistency check");
- return BigInt::encode(x);
+ return BigInt::encode_locked(x);
}
}
diff --git a/src/pubkey/rsa/rsa.h b/src/pubkey/rsa/rsa.h
index dddecdbed..0942d92ad 100644
--- a/src/pubkey/rsa/rsa.h
+++ b/src/pubkey/rsa/rsa.h
@@ -24,7 +24,7 @@ class BOTAN_DLL RSA_PublicKey : public virtual IF_Scheme_PublicKey
std::string algo_name() const { return "RSA"; }
RSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
IF_Scheme_PublicKey(alg_id, key_bits)
{}
@@ -51,7 +51,7 @@ class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool) const;
RSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
IF_Scheme_PrivateKey(rng, alg_id, key_bits) {}
@@ -94,10 +94,10 @@ class BOTAN_DLL RSA_Private_Operation : public PK_Ops::Signature,
size_t max_input_bits() const { return (n.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len);
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len);
private:
BigInt private_op(const BigInt& m) const;
@@ -124,17 +124,17 @@ class BOTAN_DLL RSA_Public_Operation : public PK_Ops::Verification,
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
return BigInt::encode_1363(public_op(m), n.bytes());
}
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len)
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(public_op(m));
+ return BigInt::encode_locked(public_op(m));
}
private:
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index dab84b59f..c41b18101 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -70,7 +70,7 @@ RW_Signature_Operation::RW_Signature_Operation(const RW_PrivateKey& rw) :
{
}
-SecureVector<byte>
+secure_vector<byte>
RW_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -101,7 +101,7 @@ RW_Signature_Operation::sign(const byte msg[], size_t msg_len,
return BigInt::encode_1363(r, n.bytes());
}
-SecureVector<byte>
+secure_vector<byte>
RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
@@ -111,15 +111,15 @@ RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
BigInt r = powermod_e_n(m);
if(r % 16 == 12)
- return BigInt::encode(r);
+ return BigInt::encode_locked(r);
if(r % 8 == 6)
- return BigInt::encode(2*r);
+ return BigInt::encode_locked(2*r);
r = n - r;
if(r % 16 == 12)
- return BigInt::encode(r);
+ return BigInt::encode_locked(r);
if(r % 8 == 6)
- return BigInt::encode(2*r);
+ return BigInt::encode_locked(2*r);
throw Invalid_Argument("RW signature verification: Invalid signature");
}
diff --git a/src/pubkey/rw/rw.h b/src/pubkey/rw/rw.h
index b8d92eb3a..1e918e70c 100644
--- a/src/pubkey/rw/rw.h
+++ b/src/pubkey/rw/rw.h
@@ -24,7 +24,7 @@ class BOTAN_DLL RW_PublicKey : public virtual IF_Scheme_PublicKey
std::string algo_name() const { return "RW"; }
RW_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
IF_Scheme_PublicKey(alg_id, key_bits)
{}
@@ -44,7 +44,7 @@ class BOTAN_DLL RW_PrivateKey : public RW_PublicKey,
{
public:
RW_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
IF_Scheme_PrivateKey(rng, alg_id, key_bits) {}
@@ -69,7 +69,7 @@ class BOTAN_DLL RW_Signature_Operation : public PK_Ops::Signature
size_t max_input_bits() const { return (n.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& n;
@@ -95,7 +95,7 @@ class BOTAN_DLL RW_Verification_Operation : public PK_Ops::Verification
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len);
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len);
private:
const BigInt& n;
diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp
index 4714b1285..1b0ce46b3 100644
--- a/src/pubkey/x509_key.cpp
+++ b/src/pubkey/x509_key.cpp
@@ -18,14 +18,14 @@ namespace Botan {
namespace X509 {
-MemoryVector<byte> BER_encode(const Public_Key& key)
+std::vector<byte> BER_encode(const Public_Key& key)
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(key.algorithm_identifier())
.encode(key.x509_subject_public_key(), BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
@@ -44,7 +44,7 @@ Public_Key* load_key(DataSource& source)
{
try {
AlgorithmIdentifier alg_id;
- MemoryVector<byte> key_bits;
+ secure_vector<byte> key_bits;
if(ASN1::maybe_BER(source) && !PEM_Code::matches(source))
{
@@ -92,7 +92,7 @@ Public_Key* load_key(const std::string& fsname)
/*
* Extract a public key and return it
*/
-Public_Key* load_key(const MemoryRegion<byte>& mem)
+Public_Key* load_key(const secure_vector<byte>& mem)
{
DataSource_Memory source(mem);
return X509::load_key(source);
diff --git a/src/pubkey/x509_key.h b/src/pubkey/x509_key.h
index 3fdee8cde..9d4c883a1 100644
--- a/src/pubkey/x509_key.h
+++ b/src/pubkey/x509_key.h
@@ -26,7 +26,7 @@ namespace X509 {
* @param key the public key to encode
* @return BER encoding of this key
*/
-BOTAN_DLL MemoryVector<byte> BER_encode(const Public_Key& key);
+BOTAN_DLL std::vector<byte> BER_encode(const Public_Key& key);
/**
* PEM encode a public key into a string.
@@ -54,7 +54,7 @@ BOTAN_DLL Public_Key* load_key(const std::string& filename);
* @param enc the memory region containing the DER or PEM encoded key
* @return new public key object
*/
-BOTAN_DLL Public_Key* load_key(const MemoryRegion<byte>& enc);
+BOTAN_DLL Public_Key* load_key(const secure_vector<byte>& enc);
/**
* Copy a key.