aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2010-10-28 20:05:21 +0000
committerlloyd <[email protected]>2010-10-28 20:05:21 +0000
commit7c2ac02f29fd4b5d629e187381baa783b53bd2e4 (patch)
tree9d07a452f0a7bd44a2b9d3aaac16f9d9e692fde5 /src
parentb502cefaf0f9396354d58c4c18a78ac7870f6168 (diff)
parent7e4c62045c8216138dbed1c586139a1de7cd7f27 (diff)
propagate from branch 'net.randombit.botan' (head 2841fb518e20d2fe0a374e4f6b08bdbb14d5d158)
to branch 'net.randombit.botan.c++0x' (head 0b9275139d6346bd3aa28d63bf8b8a03851d853d)
Diffstat (limited to 'src')
-rw-r--r--src/block/aes/aes.cpp126
-rw-r--r--src/block/aes/aes.h69
-rw-r--r--src/block/aes_intel/aes_intel.h18
-rw-r--r--src/block/aes_ssse3/aes_ssse3.h15
-rw-r--r--src/block/block_cipher.h16
-rw-r--r--src/block/blowfish/blowfish.h4
-rw-r--r--src/block/cast/cast128.h4
-rw-r--r--src/block/cast/cast256.h4
-rw-r--r--src/block/des/des.h8
-rw-r--r--src/block/des/desx.h4
-rw-r--r--src/block/gost_28147/gost_28147.cpp2
-rw-r--r--src/block/gost_28147/gost_28147.h4
-rw-r--r--src/block/idea/idea.h4
-rw-r--r--src/block/kasumi/kasumi.h4
-rw-r--r--src/block/mars/mars.h4
-rw-r--r--src/block/misty1/misty1.cpp4
-rw-r--r--src/block/misty1/misty1.h2
-rw-r--r--src/block/noekeon/noekeon.h4
-rw-r--r--src/block/rc2/rc2.h4
-rw-r--r--src/block/rc5/rc5.cpp2
-rw-r--r--src/block/rc5/rc5.h2
-rw-r--r--src/block/rc6/rc6.h4
-rw-r--r--src/block/safer/safer_sk.cpp3
-rw-r--r--src/block/safer/safer_sk.h2
-rw-r--r--src/block/seed/seed.h4
-rw-r--r--src/block/serpent/serpent.h5
-rw-r--r--src/block/skipjack/skipjack.h4
-rw-r--r--src/block/square/square.h6
-rw-r--r--src/block/tea/tea.h4
-rw-r--r--src/block/twofish/twofish.h6
-rw-r--r--src/block/xtea/xtea.h4
-rw-r--r--src/cert/x509ca/x509_ca.cpp2
-rw-r--r--src/cert/x509cert/x509_ext.cpp20
-rw-r--r--src/cert/x509store/x509stor.cpp46
-rw-r--r--src/cert/x509store/x509stor.h9
-rw-r--r--src/codec/base64/base64.cpp103
-rw-r--r--src/codec/base64/base64.h55
-rw-r--r--src/codec/base64/info.txt1
-rw-r--r--src/constructs/aont/package.cpp24
-rw-r--r--src/constructs/aont/package.h4
-rw-r--r--src/constructs/cryptobox/cryptobox.cpp28
-rw-r--r--src/constructs/cryptobox/cryptobox.h4
-rw-r--r--src/constructs/fpe/fpe.cpp22
-rw-r--r--src/constructs/passhash/passhash9.cpp20
-rw-r--r--src/constructs/tss/tss.cpp2
-rw-r--r--src/constructs/tss/tss.h2
-rw-r--r--src/engine/core_engine/lookup_block.cpp2
-rw-r--r--src/entropy/beos_stats/es_beos.h2
-rw-r--r--src/entropy/cryptoapi_rng/es_capi.h2
-rw-r--r--src/entropy/win32_stats/es_win32.h2
-rw-r--r--src/filters/base64/b64_char.cpp47
-rw-r--r--src/filters/base64/info.txt5
-rw-r--r--src/filters/codec_filt/b64_filt.cpp (renamed from src/filters/base64/base64.cpp)111
-rw-r--r--src/filters/codec_filt/b64_filt.h (renamed from src/filters/base64/base64.h)26
-rw-r--r--src/filters/codec_filt/hex_filt.cpp (renamed from src/filters/hex_filt/hex_filt.cpp)0
-rw-r--r--src/filters/codec_filt/hex_filt.h (renamed from src/filters/hex_filt/hex_filt.h)0
-rw-r--r--src/filters/codec_filt/info.txt (renamed from src/filters/hex_filt/info.txt)2
-rw-r--r--src/filters/filters.h7
-rw-r--r--src/libstate/policy.cpp1
-rw-r--r--src/math/bigint/bigint.cpp4
-rw-r--r--src/math/bigint/bigint.h4
-rw-r--r--src/math/numbertheory/point_gfp.cpp6
-rw-r--r--src/math/numbertheory/powm_fw.cpp3
-rw-r--r--src/math/numbertheory/powm_mnt.cpp3
-rw-r--r--src/ssl/cert_req.cpp31
-rw-r--r--src/ssl/cert_ver.cpp2
-rw-r--r--src/ssl/hello.cpp50
-rw-r--r--src/ssl/info.txt2
-rw-r--r--src/ssl/rec_read.cpp51
-rw-r--r--src/ssl/rec_wri.cpp76
-rw-r--r--src/ssl/s_kex.cpp14
-rw-r--r--src/ssl/tls_client.cpp58
-rw-r--r--src/ssl/tls_client.h35
-rw-r--r--src/ssl/tls_connection.h6
-rw-r--r--src/ssl/tls_handshake_hash.cpp12
-rw-r--r--src/ssl/tls_handshake_hash.h2
-rw-r--r--src/ssl/tls_policy.cpp30
-rw-r--r--src/ssl/tls_policy.h2
-rw-r--r--src/ssl/tls_reader.h64
-rw-r--r--src/ssl/tls_record.h45
-rw-r--r--src/ssl/tls_server.cpp60
-rw-r--r--src/ssl/tls_server.h4
-rw-r--r--src/ssl/tls_session_key.cpp12
-rw-r--r--src/ssl/tls_session_key.h4
-rw-r--r--src/ssl/tls_suites.cpp4
-rw-r--r--src/ssl/tls_suites.h4
-rw-r--r--src/stream/stream_cipher.h6
-rw-r--r--src/utils/loadstor.h48
-rw-r--r--src/utils/parsing.cpp2
-rw-r--r--src/wrap/perl-xs/Botan.xs4
90 files changed, 846 insertions, 697 deletions
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index b317fa735..f149a0ac0 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -1,6 +1,6 @@
/*
* AES
-* (C) 1999-2009 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -410,13 +410,16 @@ const u32bit TD[1024] = {
0x3C498B28, 0x0D9541FF, 0xA8017139, 0x0CB3DE08, 0xB4E49CD8, 0x56C19064,
0xCB84617B, 0x32B670D5, 0x6C5C7448, 0xB85742D0 };
-}
-
/*
* AES Encryption
*/
-void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const
+void aes_encrypt_n(const byte in[], byte out[],
+ size_t blocks,
+ const MemoryRegion<u32bit>& EK,
+ const MemoryRegion<byte>& ME)
{
+ const size_t BLOCK_SIZE = 16;
+
const u32bit* TE0 = TE;
const u32bit* TE1 = TE + 256;
const u32bit* TE2 = TE + 512;
@@ -522,8 +525,12 @@ void AES::encrypt_n(const byte in[], byte out[], size_t blocks) const
/*
* AES Decryption
*/
-void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const
+void aes_decrypt_n(const byte in[], byte out[], size_t blocks,
+ const MemoryRegion<u32bit>& DK,
+ const MemoryRegion<byte>& MD)
{
+ const size_t BLOCK_SIZE = 16;
+
const u32bit* TD0 = TD;
const u32bit* TD1 = TD + 256;
const u32bit* TD2 = TD + 512;
@@ -599,18 +606,19 @@ void AES::decrypt_n(const byte in[], byte out[], size_t blocks) const
}
}
-/*
-* AES Key Schedule
-*/
-void AES::key_schedule(const byte key[], size_t length)
+void aes_key_schedule(const byte key[], size_t length,
+ MemoryRegion<u32bit>& EK,
+ MemoryRegion<u32bit>& DK,
+ MemoryRegion<byte>& ME,
+ MemoryRegion<byte>& MD)
{
static const u32bit RC[10] = {
- 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000,
- 0x40000000, 0x80000000, 0x1B000000, 0x36000000 };
+ 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
+ 0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000 };
const u32bit rounds = (length / 4) + 6;
- SecureVector<u32bit> XEK(64), XDK(64);
+ SecureVector<u32bit> XEK(length + 32), XDK(length + 32);
const size_t X = length / 4;
for(size_t i = 0; i != X; ++i)
@@ -618,13 +626,23 @@ void AES::key_schedule(const byte key[], size_t length)
for(size_t i = X; i < 4*(rounds+1); i += X)
{
- XEK[i] = XEK[i-X] ^ S(rotate_left(XEK[i-1], 8)) ^ RC[(i-X)/X];
+ XEK[i] = XEK[i-X] ^ RC[(i-X)/X] ^
+ make_u32bit(SE[get_byte(1, XEK[i-1])],
+ SE[get_byte(2, XEK[i-1])],
+ SE[get_byte(3, XEK[i-1])],
+ SE[get_byte(0, XEK[i-1])]);
+
for(size_t j = 1; j != X; ++j)
{
+ XEK[i+j] = XEK[i+j-X];
+
if(X == 8 && j == 4)
- XEK[i+j] = XEK[i+j-X] ^ S(XEK[i+j-1]);
+ XEK[i+j] ^= make_u32bit(SE[get_byte(0, XEK[i+j-1])],
+ SE[get_byte(1, XEK[i+j-1])],
+ SE[get_byte(2, XEK[i+j-1])],
+ SE[get_byte(3, XEK[i+j-1])]);
else
- XEK[i+j] = XEK[i+j-X] ^ XEK[i+j-1];
+ XEK[i+j] ^= XEK[i+j-1];
}
}
@@ -652,38 +670,70 @@ void AES::key_schedule(const byte key[], size_t length)
DK.set(&XDK[0], length + 24);
}
-/*
-* AES Byte Substitution
-*/
-u32bit AES::S(u32bit input)
+}
+
+void AES_128::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- return make_u32bit(SE[get_byte(0, input)], SE[get_byte(1, input)],
- SE[get_byte(2, input)], SE[get_byte(3, input)]);
+ aes_encrypt_n(in, out, blocks, EK, ME);
}
-/*
-* AES Constructor
-*/
-AES::AES() : BlockCipher_Fixed_Block_Size(16, 32, 8),
- EK(0), ME(16), DK(0), MD(16)
+void AES_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
+ aes_decrypt_n(in, out, blocks, DK, MD);
}
-/*
-* AES Constructor
-*/
-AES::AES(size_t key_size) : BlockCipher_Fixed_Block_Size(key_size),
- EK(key_size+24), ME(16),
- DK(key_size+24), MD(16)
+void AES_128::key_schedule(const byte key[], size_t length)
{
- if(key_size != 16 && key_size != 24 && key_size != 32)
- throw Invalid_Key_Length(name(), key_size);
+ aes_key_schedule(key, length, EK, DK, ME, MD);
}
-/*
-* Clear memory of sensitive data
-*/
-void AES::clear()
+void AES_128::clear()
+ {
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
+ }
+
+void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_encrypt_n(in, out, blocks, EK, ME);
+ }
+
+void AES_192::decrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_decrypt_n(in, out, blocks, DK, MD);
+ }
+
+void AES_192::key_schedule(const byte key[], size_t length)
+ {
+ aes_key_schedule(key, length, EK, DK, ME, MD);
+ }
+
+void AES_192::clear()
+ {
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
+ }
+
+void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_encrypt_n(in, out, blocks, EK, ME);
+ }
+
+void AES_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
+ {
+ aes_decrypt_n(in, out, blocks, DK, MD);
+ }
+
+void AES_256::key_schedule(const byte key[], size_t length)
+ {
+ aes_key_schedule(key, length, EK, DK, ME, MD);
+ }
+
+void AES_256::clear()
{
zeroise(EK);
zeroise(DK);
diff --git a/src/block/aes/aes.h b/src/block/aes/aes.h
index d2e051f83..a165f83b5 100644
--- a/src/block/aes/aes.h
+++ b/src/block/aes/aes.h
@@ -1,6 +1,6 @@
/*
* AES
-* (C) 1999-2009 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -13,68 +13,69 @@
namespace Botan {
/**
-* Rijndael aka AES
+* AES-128
*/
-class BOTAN_DLL AES : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL AES_128 : public Block_Cipher_Fixed_Params<16, 16>
{
public:
- std::string name() const { return "AES"; }
+ AES_128() : EK(40), DK(40), ME(16), MD(16) {}
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
void decrypt_n(const byte in[], byte out[], size_t blocks) const;
void clear();
- BlockCipher* clone() const { return new AES; }
-
- AES();
-
- /**
- * AES fixed to a particular key_size (16, 24, or 32 bytes)
- * @param key_size the chosen fixed key size
- */
- AES(size_t key_size);
- private:
- void key_schedule(const byte[], size_t);
- static u32bit S(u32bit);
- SecureVector<u32bit> EK;
- SecureVector<byte> ME;
-
- SecureVector<u32bit > DK;
- SecureVector<byte> MD;
- };
-
-/**
-* AES-128
-*/
-class BOTAN_DLL AES_128 : public AES
- {
- public:
std::string name() const { return "AES-128"; }
BlockCipher* clone() const { return new AES_128; }
- AES_128() : AES(16) {}
+ private:
+ void key_schedule(const byte key[], size_t length);
+
+ SecureVector<u32bit> EK, DK;
+ SecureVector<byte> ME, MD;
};
/**
* AES-192
*/
-class BOTAN_DLL AES_192 : public AES
+class BOTAN_DLL AES_192 : public Block_Cipher_Fixed_Params<16, 24>
{
public:
+ AES_192() : EK(48), DK(48), ME(16), MD(16) {}
+
+ void encrypt_n(const byte in[], byte out[], size_t blocks) const;
+ void decrypt_n(const byte in[], byte out[], size_t blocks) const;
+
+ void clear();
+
std::string name() const { return "AES-192"; }
BlockCipher* clone() const { return new AES_192; }
- AES_192() : AES(24) {}
+ private:
+ void key_schedule(const byte key[], size_t length);
+
+ SecureVector<u32bit> EK, DK;
+ SecureVector<byte> ME, MD;
};
/**
* AES-256
*/
-class BOTAN_DLL AES_256 : public AES
+class BOTAN_DLL AES_256 : public Block_Cipher_Fixed_Params<16, 32>
{
public:
+ AES_256() : EK(56), DK(56), ME(16), MD(16) {}
+
+ void encrypt_n(const byte in[], byte out[], size_t blocks) const;
+ void decrypt_n(const byte in[], byte out[], size_t blocks) const;
+
+ void clear();
+
std::string name() const { return "AES-256"; }
BlockCipher* clone() const { return new AES_256; }
- AES_256() : AES(32) {}
+ private:
+ void key_schedule(const byte key[], size_t length);
+
+ SecureVector<u32bit> EK, DK;
+ SecureVector<byte> ME, MD;
};
}
diff --git a/src/block/aes_intel/aes_intel.h b/src/block/aes_intel/aes_intel.h
index 1d8a68389..a8e6b53e8 100644
--- a/src/block/aes_intel/aes_intel.h
+++ b/src/block/aes_intel/aes_intel.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* AES-128 using AES-NI
*/
-class BOTAN_DLL AES_128_Intel : public BlockCipher
+class BOTAN_DLL AES_128_Intel : public Block_Cipher_Fixed_Params<16, 16>
{
public:
size_t parallelism() const { return 4; }
@@ -27,17 +27,17 @@ class BOTAN_DLL AES_128_Intel : public BlockCipher
std::string name() const { return "AES-128"; }
BlockCipher* clone() const { return new AES_128_Intel; }
- AES_128_Intel() : BlockCipher(16, 16) { }
+ AES_128_Intel() : EK(44), DK(44) { }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit, 44> EK, DK;
+ SecureVector<u32bit> EK, DK;
};
/**
* AES-192 using AES-NI
*/
-class BOTAN_DLL AES_192_Intel : public BlockCipher
+class BOTAN_DLL AES_192_Intel : public Block_Cipher_Fixed_Params<16, 24>
{
public:
size_t parallelism() const { return 4; }
@@ -49,17 +49,17 @@ class BOTAN_DLL AES_192_Intel : public BlockCipher
std::string name() const { return "AES-192"; }
BlockCipher* clone() const { return new AES_192_Intel; }
- AES_192_Intel() : BlockCipher(16, 24) { }
+ AES_192_Intel() : EK(52), DK(52) { }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit, 52> EK, DK;
+ SecureVector<u32bit> EK, DK;
};
/**
* AES-256 using AES-NI
*/
-class BOTAN_DLL AES_256_Intel : public BlockCipher
+class BOTAN_DLL AES_256_Intel : public Block_Cipher_Fixed_Params<16, 32>
{
public:
size_t parallelism() const { return 4; }
@@ -71,11 +71,11 @@ class BOTAN_DLL AES_256_Intel : public BlockCipher
std::string name() const { return "AES-256"; }
BlockCipher* clone() const { return new AES_256_Intel; }
- AES_256_Intel() : BlockCipher(16, 32) { }
+ AES_256_Intel() : EK(60), DK(60) { }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit, 60> EK, DK;
+ SecureVector<u32bit> EK, DK;
};
}
diff --git a/src/block/aes_ssse3/aes_ssse3.h b/src/block/aes_ssse3/aes_ssse3.h
index 59bb85f12..686b7999f 100644
--- a/src/block/aes_ssse3/aes_ssse3.h
+++ b/src/block/aes_ssse3/aes_ssse3.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* AES-128 using SSSE3
*/
-class BOTAN_DLL AES_128_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,8 +25,7 @@ class BOTAN_DLL AES_128_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "AES-128"; }
BlockCipher* clone() const { return new AES_128_SSSE3; }
- AES_128_SSSE3() : BlockCipher_Fixed_Block_Size(16),
- EK(44), DK(44) {}
+ AES_128_SSSE3() : EK(44), DK(44) {}
private:
void key_schedule(const byte[], size_t);
@@ -36,7 +35,7 @@ class BOTAN_DLL AES_128_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
/**
* AES-192 using SSSE3
*/
-class BOTAN_DLL AES_192_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -46,8 +45,7 @@ class BOTAN_DLL AES_192_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "AES-192"; }
BlockCipher* clone() const { return new AES_192_SSSE3; }
- AES_192_SSSE3() : BlockCipher_Fixed_Block_Size(24),
- EK(52), DK(52) {}
+ AES_192_SSSE3() : EK(52), DK(52) {}
private:
void key_schedule(const byte[], size_t);
@@ -57,7 +55,7 @@ class BOTAN_DLL AES_192_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
/**
* AES-256 using SSSE3
*/
-class BOTAN_DLL AES_256_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -67,8 +65,7 @@ class BOTAN_DLL AES_256_SSSE3 : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "AES-256"; }
BlockCipher* clone() const { return new AES_256_SSSE3; }
- AES_256_SSSE3() : BlockCipher_Fixed_Block_Size(32),
- EK(60), DK(60) {}
+ AES_256_SSSE3() : EK(60), DK(60) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h
index 3e14e0739..b5a3c8439 100644
--- a/src/block/block_cipher.h
+++ b/src/block/block_cipher.h
@@ -115,17 +115,17 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
virtual void clear() = 0;
};
-template<size_t N>
-class BlockCipher_Fixed_Block_Size : public BlockCipher
+/**
+* Represents a block cipher with a single fixed block size
+*/
+template<size_t BS, size_t KMIN, size_t KMAX = 0, size_t KMOD = 1>
+class Block_Cipher_Fixed_Params : public BlockCipher
{
public:
- BlockCipher_Fixed_Block_Size(size_t kmin,
- size_t kmax = 0,
- size_t kmod = 1) :
- BlockCipher(kmin, kmax, kmod) {}
+ Block_Cipher_Fixed_Params() : BlockCipher(KMIN, KMAX, KMOD) {}
- enum { BLOCK_SIZE = N };
- size_t block_size() const { return N; }
+ enum { BLOCK_SIZE = BS };
+ size_t block_size() const { return BS; }
};
}
diff --git a/src/block/blowfish/blowfish.h b/src/block/blowfish/blowfish.h
index c9bf8b2e0..b89ffcaaa 100644
--- a/src/block/blowfish/blowfish.h
+++ b/src/block/blowfish/blowfish.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Blowfish
*/
-class BOTAN_DLL Blowfish : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL Blowfish : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "Blowfish"; }
BlockCipher* clone() const { return new Blowfish; }
- Blowfish() : BlockCipher_Fixed_Block_Size(1, 56), S(1024), P(18) {}
+ Blowfish() : S(1024), P(18) {}
private:
void key_schedule(const byte[], size_t);
void generate_sbox(MemoryRegion<u32bit>& box,
diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 3ecbcaa5a..10c646c94 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* CAST-128
*/
-class BOTAN_DLL CAST_128 : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL CAST_128 : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "CAST-128"; }
BlockCipher* clone() const { return new CAST_128; }
- CAST_128() : BlockCipher_Fixed_Block_Size(11, 16), MK(16), RK(16) {}
+ CAST_128() : MK(16), RK(16) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h
index 0dda7f0d7..2f2beef47 100644
--- a/src/block/cast/cast256.h
+++ b/src/block/cast/cast256.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* CAST-256
*/
-class BOTAN_DLL CAST_256 : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL CAST_256 : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "CAST-256"; }
BlockCipher* clone() const { return new CAST_256; }
- CAST_256() : BlockCipher_Fixed_Block_Size(4, 32, 4), MK(48), RK(48) {}
+ CAST_256() : MK(48), RK(48) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/des/des.h b/src/block/des/des.h
index d758cc4c1..db5a375e0 100644
--- a/src/block/des/des.h
+++ b/src/block/des/des.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DES
*/
-class BOTAN_DLL DES : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL DES : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "DES"; }
BlockCipher* clone() const { return new DES; }
- DES() : BlockCipher_Fixed_Block_Size(8), round_key(32) {}
+ DES() : round_key(32) {}
private:
void key_schedule(const byte[], size_t);
@@ -35,7 +35,7 @@ class BOTAN_DLL DES : public BlockCipher_Fixed_Block_Size<8>
/**
* Triple DES
*/
-class BOTAN_DLL TripleDES : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -45,7 +45,7 @@ class BOTAN_DLL TripleDES : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "TripleDES"; }
BlockCipher* clone() const { return new TripleDES; }
- TripleDES() : BlockCipher_Fixed_Block_Size(16, 24, 8), round_key(96) {}
+ TripleDES() : round_key(96) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/des/desx.h b/src/block/des/desx.h
index 962575529..993eca86b 100644
--- a/src/block/des/desx.h
+++ b/src/block/des/desx.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DESX
*/
-class BOTAN_DLL DESX : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL DESX : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "DESX"; }
BlockCipher* clone() const { return new DESX; }
- DESX() : BlockCipher_Fixed_Block_Size(24), K1(8), K2(8) {}
+ DESX() : K1(8), K2(8) {}
private:
void key_schedule(const byte[], size_t);
SecureVector<byte> K1, K2;
diff --git a/src/block/gost_28147/gost_28147.cpp b/src/block/gost_28147/gost_28147.cpp
index 9adc0d568..07f3359cd 100644
--- a/src/block/gost_28147/gost_28147.cpp
+++ b/src/block/gost_28147/gost_28147.cpp
@@ -52,7 +52,7 @@ GOST_28147_89_Params::GOST_28147_89_Params(const std::string& n) : name(n)
* GOST Constructor
*/
GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) :
- BlockCipher_Fixed_Block_Size(32), SBOX(1024), EK(8)
+ SBOX(1024), EK(8)
{
// Convert the parallel 4x4 sboxes into larger word-based sboxes
for(size_t i = 0; i != 4; ++i)
diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h
index adf542bbe..75ba74c44 100644
--- a/src/block/gost_28147/gost_28147.h
+++ b/src/block/gost_28147/gost_28147.h
@@ -49,7 +49,7 @@ class BOTAN_DLL GOST_28147_89_Params
/**
* GOST 28147-89
*/
-class BOTAN_DLL GOST_28147_89 : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -66,7 +66,7 @@ class BOTAN_DLL GOST_28147_89 : public BlockCipher_Fixed_Block_Size<8>
GOST_28147_89(const GOST_28147_89_Params& params);
private:
GOST_28147_89(const SecureVector<u32bit>& other_SBOX) :
- BlockCipher_Fixed_Block_Size(32), SBOX(other_SBOX), EK(8) {}
+ SBOX(other_SBOX), EK(8) {}
void key_schedule(const byte[], size_t);
diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h
index 3552d282f..42fa60c47 100644
--- a/src/block/idea/idea.h
+++ b/src/block/idea/idea.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* IDEA
*/
-class BOTAN_DLL IDEA : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL IDEA : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL IDEA : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "IDEA"; }
BlockCipher* clone() const { return new IDEA; }
- IDEA() : BlockCipher_Fixed_Block_Size(16), EK(52), DK(52) {}
+ IDEA() : EK(52), DK(52) {}
protected:
/**
* @return const reference to encryption subkeys
diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h
index 7b416f193..7871aa170 100644
--- a/src/block/kasumi/kasumi.h
+++ b/src/block/kasumi/kasumi.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* KASUMI, the block cipher used in 3G telephony
*/
-class BOTAN_DLL KASUMI : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL KASUMI : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "KASUMI"; }
BlockCipher* clone() const { return new KASUMI; }
- KASUMI() : BlockCipher_Fixed_Block_Size(16), EK(64) {}
+ KASUMI() : EK(64) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h
index 7a53d116b..5ca05f886 100644
--- a/src/block/mars/mars.h
+++ b/src/block/mars/mars.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MARS, IBM's candidate for AES
*/
-class BOTAN_DLL MARS : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL MARS : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "MARS"; }
BlockCipher* clone() const { return new MARS; }
- MARS() : BlockCipher_Fixed_Block_Size(16, 32, 4), EK(40) {}
+ MARS() : EK(40) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/misty1/misty1.cpp b/src/block/misty1/misty1.cpp
index 9ad30502c..77d1047b1 100644
--- a/src/block/misty1/misty1.cpp
+++ b/src/block/misty1/misty1.cpp
@@ -251,9 +251,7 @@ void MISTY1::key_schedule(const byte key[], size_t length)
/*
* MISTY1 Constructor
*/
-MISTY1::MISTY1(size_t rounds) :
- BlockCipher_Fixed_Block_Size(16),
- EK(100), DK(100)
+MISTY1::MISTY1(size_t rounds) : EK(100), DK(100)
{
if(rounds != 8)
throw Invalid_Argument("MISTY1: Invalid number of rounds: "
diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h
index 3bd05b4c6..14d8a2958 100644
--- a/src/block/misty1/misty1.h
+++ b/src/block/misty1/misty1.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MISTY1
*/
-class BOTAN_DLL MISTY1 : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
diff --git a/src/block/noekeon/noekeon.h b/src/block/noekeon/noekeon.h
index 79c627579..7c5c73dcb 100644
--- a/src/block/noekeon/noekeon.h
+++ b/src/block/noekeon/noekeon.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Noekeon
*/
-class BOTAN_DLL Noekeon : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL Noekeon : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL Noekeon : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "Noekeon"; }
BlockCipher* clone() const { return new Noekeon; }
- Noekeon() : BlockCipher_Fixed_Block_Size(16), EK(4), DK(4) {}
+ Noekeon() : EK(4), DK(4) {}
protected:
/**
* The Noekeon round constants
diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h
index ad4b1a308..1ebad1e73 100644
--- a/src/block/rc2/rc2.h
+++ b/src/block/rc2/rc2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC2
*/
-class BOTAN_DLL RC2 : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -32,7 +32,7 @@ class BOTAN_DLL RC2 : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "RC2"; }
BlockCipher* clone() const { return new RC2; }
- RC2() : BlockCipher_Fixed_Block_Size(1, 32), K(64) {}
+ RC2() : K(64) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp
index d08b44425..981f73564 100644
--- a/src/block/rc5/rc5.cpp
+++ b/src/block/rc5/rc5.cpp
@@ -122,7 +122,7 @@ std::string RC5::name() const
/*
* RC5 Constructor
*/
-RC5::RC5(size_t rounds) : BlockCipher_Fixed_Block_Size(1, 32)
+RC5::RC5(size_t rounds)
{
if(rounds < 8 || rounds > 32 || (rounds % 4 != 0))
throw Invalid_Argument("RC5: Invalid number of rounds " +
diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h
index cb282af4e..c69705471 100644
--- a/src/block/rc5/rc5.h
+++ b/src/block/rc5/rc5.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC5
*/
-class BOTAN_DLL RC5 : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h
index 8446138e0..af7b62316 100644
--- a/src/block/rc6/rc6.h
+++ b/src/block/rc6/rc6.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC6, Ron Rivest's AES candidate
*/
-class BOTAN_DLL RC6 : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL RC6 : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "RC6"; }
BlockCipher* clone() const { return new RC6; }
- RC6() : BlockCipher_Fixed_Block_Size(1, 32), S(44) {}
+ RC6() : S(44) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp
index a91e5f687..1d103040d 100644
--- a/src/block/safer/safer_sk.cpp
+++ b/src/block/safer/safer_sk.cpp
@@ -131,8 +131,7 @@ BlockCipher* SAFER_SK::clone() const
/*
* SAFER-SK Constructor
*/
-SAFER_SK::SAFER_SK(size_t rounds) :
- BlockCipher_Fixed_Block_Size(16)
+SAFER_SK::SAFER_SK(size_t rounds)
{
if(rounds > 13 || rounds == 0)
throw Invalid_Argument(name() + ": Invalid number of rounds");
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index 2fde757bd..803afffa0 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SAFER-SK
*/
-class BOTAN_DLL SAFER_SK : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h
index 649e28a68..979312930 100644
--- a/src/block/seed/seed.h
+++ b/src/block/seed/seed.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SEED, a Korean block cipher
*/
-class BOTAN_DLL SEED : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL SEED : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "SEED"; }
BlockCipher* clone() const { return new SEED; }
- SEED() : BlockCipher_Fixed_Block_Size(16), K(32) {}
+ SEED() : K(32) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h
index fccdcf214..33bd747cd 100644
--- a/src/block/serpent/serpent.h
+++ b/src/block/serpent/serpent.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Serpent, an AES finalist
*/
-class BOTAN_DLL Serpent : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,8 +25,7 @@ class BOTAN_DLL Serpent : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "Serpent"; }
BlockCipher* clone() const { return new Serpent; }
- Serpent() : BlockCipher_Fixed_Block_Size(16, 32, 8),
- round_key(132) {}
+ Serpent() : round_key(132) {}
protected:
/**
* For use by subclasses using SIMD, asm, etc
diff --git a/src/block/skipjack/skipjack.h b/src/block/skipjack/skipjack.h
index 73ae28de2..051d35351 100644
--- a/src/block/skipjack/skipjack.h
+++ b/src/block/skipjack/skipjack.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Skipjack, a NSA designed cipher used in Fortezza
*/
-class BOTAN_DLL Skipjack : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL Skipjack : public Block_Cipher_Fixed_Params<8, 10>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL Skipjack : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "Skipjack"; }
BlockCipher* clone() const { return new Skipjack; }
- Skipjack() : BlockCipher_Fixed_Block_Size(10), FTAB(2560) {}
+ Skipjack() : FTAB(2560) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/square/square.h b/src/block/square/square.h
index d6df63131..5147c0383 100644
--- a/src/block/square/square.h
+++ b/src/block/square/square.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Square
*/
-class BOTAN_DLL Square : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL Square : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,9 +25,7 @@ class BOTAN_DLL Square : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "Square"; }
BlockCipher* clone() const { return new Square; }
- Square() : BlockCipher_Fixed_Block_Size(16),
- EK(28), DK(28), ME(32), MD(32) {}
-
+ Square() : EK(28), DK(28), ME(32), MD(32) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h
index a7318ba5c..0290b112f 100644
--- a/src/block/tea/tea.h
+++ b/src/block/tea/tea.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* TEA
*/
-class BOTAN_DLL TEA : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL TEA : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "TEA"; }
BlockCipher* clone() const { return new TEA; }
- TEA() : BlockCipher_Fixed_Block_Size(16), K(4) {}
+ TEA() : K(4) {}
private:
void key_schedule(const byte[], size_t);
SecureVector<u32bit> K;
diff --git a/src/block/twofish/twofish.h b/src/block/twofish/twofish.h
index a212bd285..7594bdcfd 100644
--- a/src/block/twofish/twofish.h
+++ b/src/block/twofish/twofish.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Twofish, an AES finalist
*/
-class BOTAN_DLL Twofish : public BlockCipher_Fixed_Block_Size<16>
+class BOTAN_DLL Twofish : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,9 +25,7 @@ class BOTAN_DLL Twofish : public BlockCipher_Fixed_Block_Size<16>
std::string name() const { return "Twofish"; }
BlockCipher* clone() const { return new Twofish; }
- Twofish() : BlockCipher_Fixed_Block_Size(16, 32, 8),
- SB(1024), RK(40) {}
-
+ Twofish() : SB(1024), RK(40) {}
private:
void key_schedule(const byte[], size_t);
diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h
index 539725be8..985e9d6d1 100644
--- a/src/block/xtea/xtea.h
+++ b/src/block/xtea/xtea.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* XTEA
*/
-class BOTAN_DLL XTEA : public BlockCipher_Fixed_Block_Size<8>
+class BOTAN_DLL XTEA : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const;
@@ -25,7 +25,7 @@ class BOTAN_DLL XTEA : public BlockCipher_Fixed_Block_Size<8>
std::string name() const { return "XTEA"; }
BlockCipher* clone() const { return new XTEA; }
- XTEA() : BlockCipher_Fixed_Block_Size(16), EK(64) {}
+ XTEA() : EK(64) {}
protected:
/**
* @return const reference to the key schedule
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp
index be49ec46a..7c0e103d1 100644
--- a/src/cert/x509ca/x509_ca.cpp
+++ b/src/cert/x509ca/x509_ca.cpp
@@ -94,7 +94,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
const Extensions& extensions)
{
const u32bit X509_CERT_VERSION = 3;
- const u32bit SERIAL_BITS = 128;
+ const size_t SERIAL_BITS = 128;
BigInt serial_no(rng, SERIAL_BITS);
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index 616644e5c..88cab96c5 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -52,11 +52,11 @@ Extensions::Extensions(const Extensions& extensions) : ASN1_Object()
*/
Extensions& Extensions::operator=(const Extensions& other)
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
extensions.clear();
- for(u32bit i = 0; i != other.extensions.size(); ++i)
+ for(size_t i = 0; i != other.extensions.size(); ++i)
extensions.push_back(
std::make_pair(other.extensions[i].first->copy(),
other.extensions[i].second));
@@ -82,7 +82,7 @@ void Extensions::add(Certificate_Extension* extn, bool critical)
*/
void Extensions::encode_into(DER_Encoder& to_object) const
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
{
const Certificate_Extension* ext = extensions[i].first;
const bool is_critical = extensions[i].second;
@@ -105,7 +105,7 @@ void Extensions::encode_into(DER_Encoder& to_object) const
*/
void Extensions::decode_from(BER_Decoder& from_source)
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
extensions.clear();
@@ -148,7 +148,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
void Extensions::contents_to(Data_Store& subject_info,
Data_Store& issuer_info) const
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
extensions[i].first->contents_to(subject_info, issuer_info);
}
@@ -157,7 +157,7 @@ void Extensions::contents_to(Data_Store& subject_info,
*/
Extensions::~Extensions()
{
- for(u32bit i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != extensions.size(); ++i)
delete extensions[i].first;
}
@@ -222,7 +222,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
if(constraints == NO_CONSTRAINTS)
throw Encoding_Error("Cannot encode zero usage constraints");
- const u32bit unused_bits = low_bit(constraints) - 1;
+ const size_t unused_bits = low_bit(constraints) - 1;
MemoryVector<byte> der;
der.push_back(BIT_STRING);
@@ -257,7 +257,7 @@ void Key_Usage::decode_inner(const MemoryRegion<byte>& in)
obj.value[obj.value.size()-1] &= (0xFF << obj.value[0]);
u16bit usage = 0;
- for(u32bit i = 1; i != obj.value.size(); ++i)
+ for(size_t i = 1; i != obj.value.size(); ++i)
usage = (obj.value[i] << 8) | usage;
constraints = Key_Constraints(usage);
@@ -429,7 +429,7 @@ void Extended_Key_Usage::decode_inner(const MemoryRegion<byte>& in)
*/
void Extended_Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
{
- for(u32bit i = 0; i != oids.size(); ++i)
+ for(size_t i = 0; i != oids.size(); ++i)
subject.add("X509v3.ExtendedKeyUsage", oids[i].as_string());
}
@@ -498,7 +498,7 @@ void Certificate_Policies::decode_inner(const MemoryRegion<byte>& in)
*/
void Certificate_Policies::contents_to(Data_Store& info, Data_Store&) const
{
- for(u32bit i = 0; i != oids.size(); ++i)
+ for(size_t i = 0; i != oids.size(); ++i)
info.add("X509v3.ExtendedKeyUsage", oids[i].as_string());
}
diff --git a/src/cert/x509store/x509stor.cpp b/src/cert/x509store/x509stor.cpp
index a06cad0ba..a635b3930 100644
--- a/src/cert/x509store/x509stor.cpp
+++ b/src/cert/x509store/x509stor.cpp
@@ -186,7 +186,7 @@ X509_Store::X509_Store(const X509_Store& other)
certs = other.certs;
revoked = other.revoked;
revoked_info_valid = other.revoked_info_valid;
- for(u32bit j = 0; j != other.stores.size(); ++j)
+ for(size_t j = 0; j != other.stores.size(); ++j)
stores[j] = other.stores[j]->clone();
time_slack = other.time_slack;
}
@@ -196,7 +196,7 @@ X509_Store::X509_Store(const X509_Store& other)
*/
X509_Store::~X509_Store()
{
- for(u32bit j = 0; j != stores.size(); ++j)
+ for(size_t j = 0; j != stores.size(); ++j)
delete stores[j];
}
@@ -208,7 +208,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
{
recompute_revoked_info();
- std::vector<u32bit> indexes;
+ std::vector<size_t> indexes;
X509_Code chaining_result = construct_cert_chain(cert, indexes);
if(chaining_result != VERIFIED)
return chaining_result;
@@ -228,7 +228,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
if(is_revoked(cert))
return CERT_IS_REVOKED;
- for(u32bit j = 0; j != indexes.size() - 1; ++j)
+ for(size_t j = 0; j != indexes.size() - 1; ++j)
{
const X509_Certificate& current_cert = certs[indexes[j]].cert;
@@ -251,10 +251,10 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
/*
* Find this certificate
*/
-u32bit X509_Store::find_cert(const X509_DN& subject_dn,
+size_t X509_Store::find_cert(const X509_DN& subject_dn,
const MemoryRegion<byte>& subject_key_id) const
{
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(compare_ids(this_cert.subject_key_id(), subject_key_id) &&
@@ -267,22 +267,22 @@ u32bit X509_Store::find_cert(const X509_DN& subject_dn,
/*
* Find the parent of this certificate
*/
-u32bit X509_Store::find_parent_of(const X509_Certificate& cert)
+size_t X509_Store::find_parent_of(const X509_Certificate& cert)
{
const X509_DN issuer_dn = cert.issuer_dn();
const MemoryVector<byte> auth_key_id = cert.authority_key_id();
- u32bit index = find_cert(issuer_dn, auth_key_id);
+ size_t index = find_cert(issuer_dn, auth_key_id);
if(index != NO_CERT_FOUND)
return index;
- for(u32bit j = 0; j != stores.size(); ++j)
+ for(size_t j = 0; j != stores.size(); ++j)
{
std::vector<X509_Certificate> got =
stores[j]->find_cert_by_subject_and_key_id(issuer_dn, auth_key_id);
- for(u32bit k = 0; k != got.size(); ++k)
+ for(size_t k = 0; k != got.size(); ++k)
add_cert(got[k]);
}
@@ -293,10 +293,10 @@ u32bit X509_Store::find_parent_of(const X509_Certificate& cert)
* Construct a chain of certificate relationships
*/
X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
- std::vector<u32bit>& indexes,
+ std::vector<size_t>& indexes,
bool need_full_chain)
{
- u32bit parent = find_parent_of(end_cert);
+ size_t parent = find_parent_of(end_cert);
while(true)
{
@@ -331,7 +331,7 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
if(indexes.size() < 2)
break;
- const u32bit cert = indexes.back();
+ const size_t cert = indexes.back();
if(certs[cert].is_verified(validation_cache_timeout))
{
@@ -343,8 +343,8 @@ X509_Code X509_Store::construct_cert_chain(const X509_Certificate& end_cert,
break;
}
- const u32bit last_cert = indexes.back();
- const u32bit parent_of_last_cert = find_parent_of(certs[last_cert].cert);
+ const size_t last_cert = indexes.back();
+ const size_t parent_of_last_cert = find_parent_of(certs[last_cert].cert);
if(parent_of_last_cert == NO_CERT_FOUND)
return CERT_ISSUER_NOT_FOUND;
indexes.push_back(parent_of_last_cert);
@@ -415,7 +415,7 @@ void X509_Store::recompute_revoked_info() const
if(revoked_info_valid)
return;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
if((certs[j].is_verified(validation_cache_timeout)) &&
(certs[j].verify_result() != VERIFIED))
@@ -450,13 +450,13 @@ std::vector<X509_Certificate>
X509_Store::get_cert_chain(const X509_Certificate& cert)
{
std::vector<X509_Certificate> result;
- std::vector<u32bit> indexes;
+ std::vector<size_t> indexes;
X509_Code chaining_result = construct_cert_chain(cert, indexes, true);
if(chaining_result != VERIFIED)
throw Invalid_State("X509_Store::get_cert_chain: Can't construct chain");
- for(u32bit j = 0; j != indexes.size(); ++j)
+ for(size_t j = 0; j != indexes.size(); ++j)
result.push_back(certs[indexes[j]].cert);
return result;
}
@@ -485,7 +485,7 @@ void X509_Store::add_cert(const X509_Certificate& cert, bool trusted)
}
else if(trusted)
{
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(this_cert == cert)
@@ -539,9 +539,9 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
if(time_check < 0) return CRL_NOT_YET_VALID;
else if(time_check > 0) return CRL_HAS_EXPIRED;
- u32bit cert_index = NO_CERT_FOUND;
+ size_t cert_index = NO_CERT_FOUND;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
{
const X509_Certificate& this_cert = certs[j].cert;
if(compare_ids(this_cert.subject_key_id(), crl.authority_key_id()))
@@ -566,7 +566,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
std::vector<CRL_Entry> revoked_certs = crl.get_revoked();
- for(u32bit j = 0; j != revoked_certs.size(); ++j)
+ for(size_t j = 0; j != revoked_certs.size(); ++j)
{
CRL_Data revoked_info;
revoked_info.issuer = crl.issuer_dn();
@@ -599,7 +599,7 @@ X509_Code X509_Store::add_crl(const X509_CRL& crl)
std::string X509_Store::PEM_encode() const
{
std::string cert_store;
- for(u32bit j = 0; j != certs.size(); ++j)
+ for(size_t j = 0; j != certs.size(); ++j)
cert_store += certs[j].cert.PEM_encode();
return cert_store;
}
diff --git a/src/cert/x509store/x509stor.h b/src/cert/x509store/x509stor.h
index 90e83988b..532db6190 100644
--- a/src/cert/x509store/x509stor.h
+++ b/src/cert/x509store/x509stor.h
@@ -112,19 +112,18 @@ class BOTAN_DLL X509_Store
static X509_Code check_sig(const X509_Object&, Public_Key*);
- u32bit find_cert(const X509_DN&, const MemoryRegion<byte>&) const;
+ size_t find_cert(const X509_DN&, const MemoryRegion<byte>&) const;
X509_Code check_sig(const Cert_Info&, const Cert_Info&) const;
void recompute_revoked_info() const;
void do_add_certs(DataSource&, bool);
X509_Code construct_cert_chain(const X509_Certificate&,
- std::vector<u32bit>&, bool = false);
+ std::vector<size_t>&, bool = false);
- u32bit find_parent_of(const X509_Certificate&);
+ size_t find_parent_of(const X509_Certificate&);
bool is_revoked(const X509_Certificate&) const;
- static const u32bit NO_CERT_FOUND = 0xFFFFFFFF;
-
+ static const size_t NO_CERT_FOUND = 0xFFFFFFFF;
std::vector<Cert_Info> certs;
std::vector<CRL_Data> revoked;
std::vector<Certificate_Store*> stores;
diff --git a/src/codec/base64/base64.cpp b/src/codec/base64/base64.cpp
new file mode 100644
index 000000000..96a686e38
--- /dev/null
+++ b/src/codec/base64/base64.cpp
@@ -0,0 +1,103 @@
+/*
+* Base64 Encoding and Decoding
+* (C) 2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/base64.h>
+#include <botan/mem_ops.h>
+#include <botan/internal/rounding.h>
+#include <stdexcept>
+
+#include <stdio.h>
+#include <assert.h>
+
+namespace Botan {
+
+namespace {
+
+static const byte BIN_TO_BASE64[64] = {
+ 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M',
+ 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z',
+ 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm',
+ 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z',
+ '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', '/'
+};
+
+void do_base64_encode(char out[4], const byte in[3])
+ {
+ out[0] = BIN_TO_BASE64[((in[0] & 0xFC) >> 2)];
+ out[1] = BIN_TO_BASE64[((in[0] & 0x03) << 4) | (in[1] >> 4)];
+ out[2] = BIN_TO_BASE64[((in[1] & 0x0F) << 2) | (in[2] >> 6)];
+ out[3] = BIN_TO_BASE64[((in[2] & 0x3F) )];
+ }
+
+}
+
+size_t base64_encode(char out[],
+ const byte in[],
+ size_t input_length,
+ size_t& input_consumed,
+ bool final_inputs)
+ {
+ input_consumed = 0;
+
+ size_t input_remaining = input_length;
+ size_t output_produced = 0;
+
+ while(input_remaining >= 3)
+ {
+ do_base64_encode(out + output_produced, in + input_consumed);
+
+ input_consumed += 3;
+ output_produced += 4;
+ input_remaining -= 3;
+ }
+
+ if(final_inputs && input_remaining)
+ {
+ byte remainder[3] = { 0 };
+ for(size_t i = 0; i != input_remaining; ++i)
+ remainder[i] = in[input_consumed + i];
+
+ do_base64_encode(out + output_produced, remainder);
+
+ size_t empty_bits = 8 * (3 - input_remaining);
+ size_t index = output_produced + 4 - 1;
+ while(empty_bits >= 8)
+ {
+ out[index--] = '=';
+ empty_bits -= 6;
+ }
+
+ input_consumed += input_remaining;
+ output_produced += 4;
+ }
+
+ return output_produced;
+ }
+
+std::string base64_encode(const byte input[],
+ size_t input_length)
+ {
+ std::string output((round_up<size_t>(input_length, 3) / 3) * 4, 0);
+
+ size_t consumed = 0;
+ size_t produced = base64_encode(&output[0],
+ input, input_length,
+ consumed, true);
+
+ assert(consumed == input_length);
+ assert(produced == output.size());
+
+ return output;
+ }
+
+std::string base64_encode(const MemoryRegion<byte>& input)
+ {
+ return base64_encode(&input[0], input.size());
+ }
+
+
+}
diff --git a/src/codec/base64/base64.h b/src/codec/base64/base64.h
new file mode 100644
index 000000000..551f3daf8
--- /dev/null
+++ b/src/codec/base64/base64.h
@@ -0,0 +1,55 @@
+/*
+* Base64 Encoding and Decoding
+* (C) 2010 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_BASE64_CODEC_H__
+#define BOTAN_BASE64_CODEC_H__
+
+#include <botan/secmem.h>
+#include <string>
+
+namespace Botan {
+
+/**
+* Perform base64 encoding
+* @param output an array of at least input_length*4/3 bytes
+* @param input is some binary data
+* @param input_length length of input in bytes
+* @param input_consumed is an output parameter which says how many
+* bytes of input were actually consumed. If less than
+* input_length, then the range input[consumed:length]
+* should be passed in later along with more input.
+* @param final_inputs true iff this is the last input, in which case
+ padding chars will be applied if needed
+* @return number of bytes written to output
+*/
+size_t BOTAN_DLL base64_encode(char output[],
+ const byte input[],
+ size_t input_length,
+ size_t& input_consumed,
+ bool final_inputs);
+
+/**
+* Perform base64 encoding
+* @param input some input
+* @param input_length length of input in bytes
+* @param uppercase should output be upper or lower case?
+* @return base64adecimal representation of input
+*/
+std::string BOTAN_DLL base64_encode(const byte input[],
+ size_t input_length);
+
+/**
+* Perform base64 encoding
+* @param input some input
+* @param uppercase should output be upper or lower case?
+* @return base64adecimal representation of input
+*/
+std::string BOTAN_DLL base64_encode(const MemoryRegion<byte>& input);
+
+}
+
+#endif
diff --git a/src/codec/base64/info.txt b/src/codec/base64/info.txt
new file mode 100644
index 000000000..aed5db3b6
--- /dev/null
+++ b/src/codec/base64/info.txt
@@ -0,0 +1 @@
+define BASE64_CODEC
diff --git a/src/constructs/aont/package.cpp b/src/constructs/aont/package.cpp
index a773d6558..4d92a789c 100644
--- a/src/constructs/aont/package.cpp
+++ b/src/constructs/aont/package.cpp
@@ -16,7 +16,7 @@ namespace Botan {
void aont_package(RandomNumberGenerator& rng,
BlockCipher* cipher,
- const byte input[], u32bit input_len,
+ const byte input[], size_t input_len,
byte output[])
{
const size_t BLOCK_SIZE = cipher->block_size();
@@ -39,7 +39,7 @@ void aont_package(RandomNumberGenerator& rng,
SecureVector<byte> buf(BLOCK_SIZE);
- const u32bit blocks =
+ const size_t blocks =
(input_len + BLOCK_SIZE - 1) / BLOCK_SIZE;
byte* final_block = output + input_len;
@@ -48,14 +48,14 @@ void aont_package(RandomNumberGenerator& rng,
// XOR the hash blocks into the final block
for(u32bit i = 0; i != blocks; ++i)
{
- u32bit left = std::min<u32bit>(BLOCK_SIZE,
- input_len - BLOCK_SIZE * i);
+ const size_t left = std::min<size_t>(BLOCK_SIZE,
+ input_len - BLOCK_SIZE * i);
zeroise(buf);
copy_mem(&buf[0], output + BLOCK_SIZE * i, left);
- for(u32bit j = 0; j != 4; ++j)
- buf[BLOCK_SIZE - 1 - j] ^= get_byte(3-j, i);
+ for(size_t j = 0; j != sizeof(i); ++j)
+ buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
cipher->encrypt(buf);
@@ -67,7 +67,7 @@ void aont_package(RandomNumberGenerator& rng,
}
void aont_unpackage(BlockCipher* cipher,
- const byte input[], u32bit input_len,
+ const byte input[], size_t input_len,
byte output[])
{
const size_t BLOCK_SIZE = cipher->block_size();
@@ -91,19 +91,19 @@ void aont_unpackage(BlockCipher* cipher,
input + (input_len - BLOCK_SIZE),
BLOCK_SIZE);
- const u32bit blocks = ((input_len - 1) / BLOCK_SIZE);
+ const size_t blocks = ((input_len - 1) / BLOCK_SIZE);
// XOR the blocks into the package key bits
for(u32bit i = 0; i != blocks; ++i)
{
- u32bit left = std::min<u32bit>(BLOCK_SIZE,
- input_len - BLOCK_SIZE * (i+1));
+ const size_t left = std::min<size_t>(BLOCK_SIZE,
+ input_len - BLOCK_SIZE * (i+1));
zeroise(buf);
copy_mem(&buf[0], input + BLOCK_SIZE * i, left);
- for(u32bit j = 0; j != 4; ++j)
- buf[BLOCK_SIZE - 1 - j] ^= get_byte(3-j, i);
+ for(size_t j = 0; j != sizeof(i); ++j)
+ buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
cipher->encrypt(buf);
diff --git a/src/constructs/aont/package.h b/src/constructs/aont/package.h
index 34e0f35d5..52d1c2190 100644
--- a/src/constructs/aont/package.h
+++ b/src/constructs/aont/package.h
@@ -24,7 +24,7 @@ namespace Botan {
*/
void BOTAN_DLL aont_package(RandomNumberGenerator& rng,
BlockCipher* cipher,
- const byte input[], u32bit input_len,
+ const byte input[], size_t input_len,
byte output[]);
/**
@@ -36,7 +36,7 @@ void BOTAN_DLL aont_package(RandomNumberGenerator& rng,
* input_len - cipher->BLOCK_SIZE bytes long)
*/
void BOTAN_DLL aont_unpackage(BlockCipher* cipher,
- const byte input[], u32bit input_len,
+ const byte input[], size_t input_len,
byte output[]);
}
diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp
index 6e393ecb4..ab263c3e9 100644
--- a/src/constructs/cryptobox/cryptobox.cpp
+++ b/src/constructs/cryptobox/cryptobox.cpp
@@ -28,19 +28,19 @@ for later use as flags, etc if needed
*/
const u32bit CRYPTOBOX_VERSION_CODE = 0xEFC22400;
-const u32bit VERSION_CODE_LEN = 4;
-const u32bit CIPHER_KEY_LEN = 32;
-const u32bit CIPHER_IV_LEN = 16;
-const u32bit MAC_KEY_LEN = 32;
-const u32bit MAC_OUTPUT_LEN = 20;
-const u32bit PBKDF_SALT_LEN = 10;
-const u32bit PBKDF_ITERATIONS = 8 * 1024;
+const size_t VERSION_CODE_LEN = 4;
+const size_t CIPHER_KEY_LEN = 32;
+const size_t CIPHER_IV_LEN = 16;
+const size_t MAC_KEY_LEN = 32;
+const size_t MAC_OUTPUT_LEN = 20;
+const size_t PBKDF_SALT_LEN = 10;
+const size_t PBKDF_ITERATIONS = 8 * 1024;
-const u32bit PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN;
+const size_t PBKDF_OUTPUT_LEN = CIPHER_KEY_LEN + CIPHER_IV_LEN + MAC_KEY_LEN;
}
-std::string encrypt(const byte input[], u32bit input_len,
+std::string encrypt(const byte input[], size_t input_len,
const std::string& passphrase,
RandomNumberGenerator& rng)
{
@@ -77,14 +77,14 @@ std::string encrypt(const byte input[], u32bit input_len,
mac (20 bytes)
ciphertext
*/
- const u32bit ciphertext_len = pipe.remaining(0);
+ const size_t ciphertext_len = pipe.remaining(0);
SecureVector<byte> out_buf(VERSION_CODE_LEN +
PBKDF_SALT_LEN +
MAC_OUTPUT_LEN +
ciphertext_len);
- for(u32bit i = 0; i != VERSION_CODE_LEN; ++i)
+ for(size_t i = 0; i != VERSION_CODE_LEN; ++i)
out_buf[i] = get_byte(i, CRYPTOBOX_VERSION_CODE);
copy_mem(&out_buf[VERSION_CODE_LEN], &pbkdf_salt[0], PBKDF_SALT_LEN);
@@ -96,7 +96,7 @@ std::string encrypt(const byte input[], u32bit input_len,
return PEM_Code::encode(out_buf, "BOTAN CRYPTOBOX MESSAGE");
}
-std::string decrypt(const byte input[], u32bit input_len,
+std::string decrypt(const byte input[], size_t input_len,
const std::string& passphrase)
{
DataSource_Memory input_src(input, input_len);
@@ -107,7 +107,7 @@ std::string decrypt(const byte input[], u32bit input_len,
if(ciphertext.size() < (VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN))
throw Decoding_Error("Invalid CryptoBox input");
- for(u32bit i = 0; i != VERSION_CODE_LEN; ++i)
+ for(size_t i = 0; i != VERSION_CODE_LEN; ++i)
if(ciphertext[i] != get_byte(i, CRYPTOBOX_VERSION_CODE))
throw Decoding_Error("Bad CryptoBox version");
@@ -133,7 +133,7 @@ std::string decrypt(const byte input[], u32bit input_len,
new MAC_Filter(new HMAC(new SHA_512),
mac_key, MAC_OUTPUT_LEN)));
- const u32bit ciphertext_offset =
+ const size_t ciphertext_offset =
VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN;
pipe.process_msg(&ciphertext[ciphertext_offset],
diff --git a/src/constructs/cryptobox/cryptobox.h b/src/constructs/cryptobox/cryptobox.h
index 12f054eff..ce1bb9ab0 100644
--- a/src/constructs/cryptobox/cryptobox.h
+++ b/src/constructs/cryptobox/cryptobox.h
@@ -25,7 +25,7 @@ namespace CryptoBox {
* @param passphrase the passphrase used to encrypt the message
* @param rng a ref to a random number generator, such as AutoSeeded_RNG
*/
-BOTAN_DLL std::string encrypt(const byte input[], u32bit input_len,
+BOTAN_DLL std::string encrypt(const byte input[], size_t input_len,
const std::string& passphrase,
RandomNumberGenerator& rng);
@@ -35,7 +35,7 @@ BOTAN_DLL std::string encrypt(const byte input[], u32bit input_len,
* @param input_len the length of input in bytes
* @param passphrase the passphrase used to encrypt the message
*/
-BOTAN_DLL std::string decrypt(const byte input[], u32bit input_len,
+BOTAN_DLL std::string decrypt(const byte input[], size_t input_len,
const std::string& passphrase);
/**
diff --git a/src/constructs/fpe/fpe.cpp b/src/constructs/fpe/fpe.cpp
index 3747171c2..1023b067c 100644
--- a/src/constructs/fpe/fpe.cpp
+++ b/src/constructs/fpe/fpe.cpp
@@ -19,7 +19,7 @@ namespace Botan {
namespace {
// Normally FPE is for SSNs, CC#s, etc, nothing too big
-const u32bit MAX_N_BYTES = 128/8;
+const size_t MAX_N_BYTES = 128/8;
/*
* Factor n into a and b which are as close together as possible.
@@ -34,13 +34,13 @@ void factor(BigInt n, BigInt& a, BigInt& b)
a = 1;
b = 1;
- u32bit n_low_zero = low_zero_bits(n);
+ size_t n_low_zero = low_zero_bits(n);
a <<= (n_low_zero / 2);
b <<= n_low_zero - (n_low_zero / 2);
n >>= n_low_zero;
- for(u32bit i = 0; i != PRIME_TABLE_SIZE; ++i)
+ for(size_t i = 0; i != PRIME_TABLE_SIZE; ++i)
{
while(n % PRIMES[i] == 0)
{
@@ -67,7 +67,7 @@ void factor(BigInt n, BigInt& a, BigInt& b)
* so 3 rounds is safe. The FPE factorization routine should always
* return a >= b, so just confirm that and return 3.
*/
-u32bit rounds(const BigInt& a, const BigInt& b)
+size_t rounds(const BigInt& a, const BigInt& b)
{
if(a < b)
throw std::logic_error("FPE rounds: a < b");
@@ -86,7 +86,7 @@ class FPE_Encryptor
~FPE_Encryptor() { delete mac; }
- BigInt operator()(u32bit i, const BigInt& R);
+ BigInt operator()(size_t i, const BigInt& R);
private:
MessageAuthenticationCode* mac;
@@ -114,12 +114,12 @@ FPE_Encryptor::FPE_Encryptor(const SymmetricKey& key,
mac_n_t = mac->final();
}
-BigInt FPE_Encryptor::operator()(u32bit round_no, const BigInt& R)
+BigInt FPE_Encryptor::operator()(size_t round_no, const BigInt& R)
{
SecureVector<byte> r_bin = BigInt::encode(R);
mac->update(mac_n_t);
- mac->update_be(round_no);
+ mac->update_be((u32bit)round_no);
mac->update_be((u32bit)r_bin.size());
mac->update(&r_bin[0], r_bin.size());
@@ -142,11 +142,11 @@ BigInt fpe_encrypt(const BigInt& n, const BigInt& X0,
BigInt a, b;
factor(n, a, b);
- const u32bit r = rounds(a, b);
+ const size_t r = rounds(a, b);
BigInt X = X0;
- for(u32bit i = 0; i != r; ++i)
+ for(size_t i = 0; i != r; ++i)
{
BigInt L = X / b;
BigInt R = X % b;
@@ -170,11 +170,11 @@ BigInt fpe_decrypt(const BigInt& n, const BigInt& X0,
BigInt a, b;
factor(n, a, b);
- const u32bit r = rounds(a, b);
+ const size_t r = rounds(a, b);
BigInt X = X0;
- for(u32bit i = 0; i != r; ++i)
+ for(size_t i = 0; i != r; ++i)
{
BigInt W = X % a;
BigInt R = X / a;
diff --git a/src/constructs/passhash/passhash9.cpp b/src/constructs/passhash/passhash9.cpp
index 1834ed949..367583a0a 100644
--- a/src/constructs/passhash/passhash9.cpp
+++ b/src/constructs/passhash/passhash9.cpp
@@ -9,7 +9,7 @@
#include <botan/loadstor.h>
#include <botan/libstate.h>
#include <botan/pbkdf2.h>
-#include <botan/base64.h>
+#include <botan/b64_filt.h>
#include <botan/pipe.h>
namespace Botan {
@@ -18,14 +18,14 @@ namespace {
const std::string MAGIC_PREFIX = "$9$";
-const u32bit WORKFACTOR_BYTES = 2;
-const u32bit ALGID_BYTES = 1;
-const u32bit SALT_BYTES = 12; // 96 bits of salt
-const u32bit PASSHASH9_PBKDF_OUTPUT_LEN = 24; // 192 bits output
+const size_t WORKFACTOR_BYTES = 2;
+const size_t ALGID_BYTES = 1;
+const size_t SALT_BYTES = 12; // 96 bits of salt
+const size_t PASSHASH9_PBKDF_OUTPUT_LEN = 24; // 192 bits output
const byte PASSHASH9_DEFAULT_ALGO = 0; // HMAC(SHA-1)
-const u32bit WORK_FACTOR_SCALE = 10000;
+const size_t WORK_FACTOR_SCALE = 10000;
MessageAuthenticationCode* get_pbkdf_prf(byte alg_id)
{
@@ -71,7 +71,7 @@ std::string generate_passhash9(const std::string& pass,
SecureVector<byte> salt(SALT_BYTES);
rng.randomize(&salt[0], salt.size());
- u32bit kdf_iterations = WORK_FACTOR_SCALE * work_factor;
+ const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
SecureVector<byte> pbkdf2_output =
kdf.derive_key(PASSHASH9_PBKDF_OUTPUT_LEN,
@@ -93,13 +93,13 @@ std::string generate_passhash9(const std::string& pass,
bool check_passhash9(const std::string& pass, const std::string& hash)
{
- const u32bit BINARY_LENGTH =
+ const size_t BINARY_LENGTH =
ALGID_BYTES +
WORKFACTOR_BYTES +
PASSHASH9_PBKDF_OUTPUT_LEN +
SALT_BYTES;
- const u32bit BASE64_LENGTH =
+ const size_t BASE64_LENGTH =
MAGIC_PREFIX.size() + (BINARY_LENGTH * 8) / 6;
if(hash.size() != BASE64_LENGTH)
@@ -121,7 +121,7 @@ bool check_passhash9(const std::string& pass, const std::string& hash)
byte alg_id = bin[0];
- u32bit kdf_iterations =
+ const size_t kdf_iterations =
WORK_FACTOR_SCALE * load_be<u16bit>(&bin[ALGID_BYTES], 0);
if(kdf_iterations == 0)
diff --git a/src/constructs/tss/tss.cpp b/src/constructs/tss/tss.cpp
index 055bc79ad..2bd4ec016 100644
--- a/src/constructs/tss/tss.cpp
+++ b/src/constructs/tss/tss.cpp
@@ -181,7 +181,7 @@ RTSS_Share::split(byte M, byte N,
SecureVector<byte>
RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
{
- const u32bit RTSS_HEADER_SIZE = 20;
+ const size_t RTSS_HEADER_SIZE = 20;
for(size_t i = 0; i != shares.size(); ++i)
{
diff --git a/src/constructs/tss/tss.h b/src/constructs/tss/tss.h
index 485e42c53..297c65971 100644
--- a/src/constructs/tss/tss.h
+++ b/src/constructs/tss/tss.h
@@ -61,7 +61,7 @@ class BOTAN_DLL RTSS_Share
/**
* @return size of this share in bytes
*/
- u32bit size() const { return contents.size(); }
+ size_t size() const { return contents.size(); }
/**
* @return if this TSS share was initialized or not
diff --git a/src/engine/core_engine/lookup_block.cpp b/src/engine/core_engine/lookup_block.cpp
index 77436c8c1..cc5239dd1 100644
--- a/src/engine/core_engine/lookup_block.cpp
+++ b/src/engine/core_engine/lookup_block.cpp
@@ -117,8 +117,6 @@ BlockCipher* Core_Engine::find_block_cipher(const SCAN_Name& request,
{
#if defined(BOTAN_HAS_AES)
- if(request.algo_name() == "AES")
- return new AES;
if(request.algo_name() == "AES-128")
return new AES_128;
if(request.algo_name() == "AES-192")
diff --git a/src/entropy/beos_stats/es_beos.h b/src/entropy/beos_stats/es_beos.h
index 31029a88c..5ccb430a5 100644
--- a/src/entropy/beos_stats/es_beos.h
+++ b/src/entropy/beos_stats/es_beos.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* BeOS Entropy Source
*/
-class BOTAN_DLL BeOS_EntropySource : public EntropySource
+class BeOS_EntropySource : public EntropySource
{
private:
std::string name() const { return "BeOS Statistics"; }
diff --git a/src/entropy/cryptoapi_rng/es_capi.h b/src/entropy/cryptoapi_rng/es_capi.h
index 55966d793..f55713e92 100644
--- a/src/entropy/cryptoapi_rng/es_capi.h
+++ b/src/entropy/cryptoapi_rng/es_capi.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Win32 CAPI Entropy Source
*/
-class BOTAN_DLL Win32_CAPI_EntropySource : public EntropySource
+class Win32_CAPI_EntropySource : public EntropySource
{
public:
std::string name() const { return "Win32 CryptoGenRandom"; }
diff --git a/src/entropy/win32_stats/es_win32.h b/src/entropy/win32_stats/es_win32.h
index 2e46c773d..6c7c9ee09 100644
--- a/src/entropy/win32_stats/es_win32.h
+++ b/src/entropy/win32_stats/es_win32.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Win32 Entropy Source
*/
-class BOTAN_DLL Win32_EntropySource : public EntropySource
+class Win32_EntropySource : public EntropySource
{
public:
std::string name() const { return "Win32 Statistics"; }
diff --git a/src/filters/base64/b64_char.cpp b/src/filters/base64/b64_char.cpp
deleted file mode 100644
index e5722a0fd..000000000
--- a/src/filters/base64/b64_char.cpp
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
-* Base64 Codec Character Tables
-* (C) 1999-2008 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/base64.h>
-
-namespace Botan {
-
-/*
-* Base64 Encoder Lookup Table
-*/
-const byte Base64_Encoder::BIN_TO_BASE64[64] = {
-0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, 0x48, 0x49, 0x4A, 0x4B, 0x4C, 0x4D,
-0x4E, 0x4F, 0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57, 0x58, 0x59, 0x5A,
-0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, 0x68, 0x69, 0x6A, 0x6B, 0x6C, 0x6D,
-0x6E, 0x6F, 0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77, 0x78, 0x79, 0x7A,
-0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x2B, 0x2F };
-
-/*
-* Base64 Decoder Lookup Table
-*/
-const byte Base64_Decoder::BASE64_TO_BIN[256] = {
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x3E, 0x80, 0x80, 0x80, 0x3F, 0x34, 0x35, 0x36, 0x37,
-0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
-0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
-0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
-0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
-0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80 };
-
-}
diff --git a/src/filters/base64/info.txt b/src/filters/base64/info.txt
deleted file mode 100644
index 93671739d..000000000
--- a/src/filters/base64/info.txt
+++ /dev/null
@@ -1,5 +0,0 @@
-define BASE64_CODEC
-
-<requires>
-filters
-</requires>
diff --git a/src/filters/base64/base64.cpp b/src/filters/codec_filt/b64_filt.cpp
index 04883ed79..8a90f8b5f 100644
--- a/src/filters/base64/base64.cpp
+++ b/src/filters/codec_filt/b64_filt.cpp
@@ -1,10 +1,11 @@
/*
* Base64 Encoder/Decoder
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
+#include <botan/b64_filt.h>
#include <botan/base64.h>
#include <botan/charset.h>
#include <botan/exceptn.h>
@@ -13,37 +14,62 @@
namespace Botan {
/*
-* Base64_Encoder Constructor
+* Base64 Decoder Lookup Table
+* Warning: assumes ASCII encodings
*/
-Base64_Encoder::Base64_Encoder(bool breaks, size_t length, bool t_n) :
- line_length(breaks ? length : 0), trailing_newline(t_n)
- {
- in.resize(48);
- out.resize(4);
-
- counter = position = 0;
- }
+static const byte BASE64_TO_BIN[256] = {
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x3E, 0x80, 0x80, 0x80, 0x3F, 0x34, 0x35, 0x36, 0x37,
+0x38, 0x39, 0x3A, 0x3B, 0x3C, 0x3D, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0A, 0x0B, 0x0C,
+0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, 0x19,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, 0x20,
+0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2A, 0x2B, 0x2C, 0x2D,
+0x2E, 0x2F, 0x30, 0x31, 0x32, 0x33, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
+0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80 };
/*
-* Base64 Encoding Operation
+* Base64_Encoder Constructor
*/
-void Base64_Encoder::encode(const byte in[3], byte out[4])
+Base64_Encoder::Base64_Encoder(bool breaks, size_t length, bool t_n) :
+ line_length(breaks ? length : 0),
+ trailing_newline(t_n && breaks),
+ in(48),
+ out(64),
+ position(0),
+ out_position(0)
{
- out[0] = BIN_TO_BASE64[((in[0] & 0xFC) >> 2)];
- out[1] = BIN_TO_BASE64[((in[0] & 0x03) << 4) | (in[1] >> 4)];
- out[2] = BIN_TO_BASE64[((in[1] & 0x0F) << 2) | (in[2] >> 6)];
- out[3] = BIN_TO_BASE64[((in[2] & 0x3F) )];
}
/*
* Encode and send a block
*/
-void Base64_Encoder::encode_and_send(const byte block[], size_t length)
+void Base64_Encoder::encode_and_send(const byte input[], size_t length,
+ bool final_inputs)
{
- for(size_t j = 0; j != length; j += 3)
+ while(length)
{
- encode(block + j, &out[0]);
- do_output(&out[0], 4);
+ const size_t proc = std::min(length, in.size());
+
+ size_t consumed = 0;
+ size_t produced = base64_encode(reinterpret_cast<char*>(&out[0]), input,
+ proc, consumed, final_inputs);
+
+ do_output(&out[0], produced);
+
+ input += proc;
+ length -= proc;
}
}
@@ -59,15 +85,15 @@ void Base64_Encoder::do_output(const byte input[], size_t length)
size_t remaining = length, offset = 0;
while(remaining)
{
- size_t sent = std::min(line_length - counter, remaining);
+ size_t sent = std::min(line_length - out_position, remaining);
send(input + offset, sent);
- counter += sent;
+ out_position += sent;
remaining -= sent;
offset += sent;
- if(counter == line_length)
+ if(out_position == line_length)
{
send('\n');
- counter = 0;
+ out_position = 0;
}
}
}
@@ -101,31 +127,12 @@ void Base64_Encoder::write(const byte input[], size_t length)
*/
void Base64_Encoder::end_msg()
{
- size_t start_of_last_block = 3 * (position / 3),
- left_over = position % 3;
- encode_and_send(&in[0], start_of_last_block);
-
- if(left_over)
- {
- SecureVector<byte> remainder(3);
- copy_mem(&remainder[0], &in[start_of_last_block], left_over);
-
- encode(&remainder[0], &out[0]);
-
- size_t empty_bits = 8 * (3 - left_over), index = 4 - 1;
- while(empty_bits >= 8)
- {
- out[index--] = '=';
- empty_bits -= 6;
- }
-
- do_output(&out[0], 4);
- }
+ encode_and_send(&in[0], position, true);
- if(trailing_newline || (counter && line_length))
+ if(trailing_newline || (out_position && line_length))
send('\n');
- counter = position = 0;
+ out_position = position = 0;
}
/*
@@ -161,9 +168,9 @@ void Base64_Decoder::decode(const byte in[4], byte out[3])
*/
void Base64_Decoder::decode_and_send(const byte block[], size_t length)
{
- for(size_t j = 0; j != length; j += 4)
+ for(size_t i = 0; i != length; i += 4)
{
- decode(block + j, &out[0]);
+ decode(block + i, &out[0]);
send(out, 3);
}
}
@@ -190,12 +197,12 @@ void Base64_Decoder::handle_bad_char(byte c)
*/
void Base64_Decoder::write(const byte input[], size_t length)
{
- for(size_t j = 0; j != length; ++j)
+ for(size_t i = 0; i != length; ++i)
{
- if(is_valid(input[j]))
- in[position++] = input[j];
+ if(is_valid(input[i]))
+ in[position++] = input[i];
else
- handle_bad_char(input[j]);
+ handle_bad_char(input[i]);
if(position == in.size())
{
diff --git a/src/filters/base64/base64.h b/src/filters/codec_filt/b64_filt.h
index ae5fa26ce..e7cbfae1d 100644
--- a/src/filters/base64/base64.h
+++ b/src/filters/codec_filt/b64_filt.h
@@ -1,12 +1,12 @@
/*
* Base64 Encoder/Decoder
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
-#ifndef BOTAN_BASE64_H__
-#define BOTAN_BASE64_H__
+#ifndef BOTAN_BASE64_FILTER_H__
+#define BOTAN_BASE64_FILTER_H__
#include <botan/filter.h>
@@ -18,8 +18,6 @@ namespace Botan {
class BOTAN_DLL Base64_Encoder : public Filter
{
public:
- static void encode(const byte in[3], byte out[4]);
-
std::string name() const { return "Base64_Encoder"; }
/**
@@ -36,21 +34,21 @@ class BOTAN_DLL Base64_Encoder : public Filter
/**
* Create a base64 encoder.
- * @param breaks whether to use line breaks in the Streamcipheroutput
+ * @param breaks whether to use line breaks in the output
* @param length the length of the lines of the output
* @param t_n whether to use a trailing newline
*/
Base64_Encoder(bool breaks = false, size_t length = 72,
bool t_n = false);
private:
- void encode_and_send(const byte[], size_t);
- void do_output(const byte[], size_t);
- static const byte BIN_TO_BASE64[64];
+ void encode_and_send(const byte input[], size_t length,
+ bool final_inputs = false);
+ void do_output(const byte output[], size_t length);
const size_t line_length;
const bool trailing_newline;
SecureVector<byte> in, out;
- size_t position, counter;
+ size_t position, out_position;
};
/**
@@ -59,10 +57,6 @@ class BOTAN_DLL Base64_Encoder : public Filter
class BOTAN_DLL Base64_Decoder : public Filter
{
public:
- static void decode(const byte input[4], byte output[3]);
-
- static bool is_valid(byte);
-
std::string name() const { return "Base64_Decoder"; }
/**
@@ -84,9 +78,11 @@ class BOTAN_DLL Base64_Decoder : public Filter
*/
Base64_Decoder(Decoder_Checking checking = NONE);
private:
+ static void decode(const byte input[4], byte output[3]);
+ static bool is_valid(byte);
+
void decode_and_send(const byte[], size_t);
void handle_bad_char(byte);
- static const byte BASE64_TO_BIN[256];
const Decoder_Checking checking;
SecureVector<byte> in, out;
diff --git a/src/filters/hex_filt/hex_filt.cpp b/src/filters/codec_filt/hex_filt.cpp
index 3d56beec4..3d56beec4 100644
--- a/src/filters/hex_filt/hex_filt.cpp
+++ b/src/filters/codec_filt/hex_filt.cpp
diff --git a/src/filters/hex_filt/hex_filt.h b/src/filters/codec_filt/hex_filt.h
index cfbb818d3..cfbb818d3 100644
--- a/src/filters/hex_filt/hex_filt.h
+++ b/src/filters/codec_filt/hex_filt.h
diff --git a/src/filters/hex_filt/info.txt b/src/filters/codec_filt/info.txt
index 7f5f47fa1..080cc8f44 100644
--- a/src/filters/hex_filt/info.txt
+++ b/src/filters/codec_filt/info.txt
@@ -1,4 +1,4 @@
-define HEX_FILTER
+define CODEC_FILTERS
<requires>
filters
diff --git a/src/filters/filters.h b/src/filters/filters.h
index 060b1d6d0..b409e78f5 100644
--- a/src/filters/filters.h
+++ b/src/filters/filters.h
@@ -20,11 +20,8 @@
#include <botan/scan_name.h>
-#if defined(BOTAN_HAS_BASE64_CODEC)
- #include <botan/base64.h>
-#endif
-
-#if defined(BOTAN_HAS_HEX_FILTER)
+#if defined(BOTAN_HAS_CODEC_FILTERS)
+ #include <botan/b64_filt.h>
#include <botan/hex_filt.h>
#endif
diff --git a/src/libstate/policy.cpp b/src/libstate/policy.cpp
index 803ca518e..05ca6f807 100644
--- a/src/libstate/policy.cpp
+++ b/src/libstate/policy.cpp
@@ -268,7 +268,6 @@ void set_default_aliases(Library_State& config)
config.add_alias("PSS-MGF1", "EMSA4");
config.add_alias("EMSA-PSS", "EMSA4");
- config.add_alias("Rijndael", "AES");
config.add_alias("3DES", "TripleDES");
config.add_alias("DES-EDE", "TripleDES");
config.add_alias("CAST5", "CAST-128");
diff --git a/src/math/bigint/bigint.cpp b/src/math/bigint/bigint.cpp
index a13c4f234..a49335e75 100644
--- a/src/math/bigint/bigint.cpp
+++ b/src/math/bigint/bigint.cpp
@@ -184,7 +184,7 @@ bool BigInt::get_bit(size_t n) const
/*
* Return bits {offset...offset+length}
*/
-size_t BigInt::get_substring(size_t offset, size_t length) const
+u32bit BigInt::get_substring(size_t offset, size_t length) const
{
if(length > 32)
throw Invalid_Argument("BigInt::get_substring: Substring size too big");
@@ -196,7 +196,7 @@ size_t BigInt::get_substring(size_t offset, size_t length) const
u64bit mask = (1 << length) - 1;
size_t shift = (offset % 8);
- return static_cast<size_t>((piece >> shift) & mask);
+ return static_cast<u32bit>((piece >> shift) & mask);
}
/*
diff --git a/src/math/bigint/bigint.h b/src/math/bigint/bigint.h
index 0c01d56c1..fc2e58073 100644
--- a/src/math/bigint/bigint.h
+++ b/src/math/bigint/bigint.h
@@ -135,7 +135,7 @@ class BOTAN_DLL BigInt
* @param i a word index
* @return the word at index i
*/
- word operator[](size_t i) const { return reg[i]; }
+ const word& operator[](size_t i) const { return reg[i]; }
/**
* Zeroize the BigInt
@@ -215,7 +215,7 @@ class BOTAN_DLL BigInt
* @result the integer extracted from the register starting at
* offset with specified length
*/
- size_t get_substring(size_t offset, size_t length) const;
+ u32bit get_substring(size_t offset, size_t length) const;
/**
* @param n the offset to get a byte from
diff --git a/src/math/numbertheory/point_gfp.cpp b/src/math/numbertheory/point_gfp.cpp
index 5da1959bc..8cb40270c 100644
--- a/src/math/numbertheory/point_gfp.cpp
+++ b/src/math/numbertheory/point_gfp.cpp
@@ -324,12 +324,12 @@ PointGFp operator*(const BigInt& scalar, const PointGFp& point)
while(bits_left >= window_size)
{
- size_t nibble = scalar.get_substring(bits_left - window_size,
- window_size);
-
for(size_t i = 0; i != window_size; ++i)
H.mult2(ws);
+ const u32bit nibble = scalar.get_substring(bits_left - window_size,
+ window_size);
+
if(nibble)
H.add(Ps[nibble-1], ws);
diff --git a/src/math/numbertheory/powm_fw.cpp b/src/math/numbertheory/powm_fw.cpp
index afc53f233..3348e55cd 100644
--- a/src/math/numbertheory/powm_fw.cpp
+++ b/src/math/numbertheory/powm_fw.cpp
@@ -45,8 +45,7 @@ BigInt Fixed_Window_Exponentiator::execute() const
for(size_t k = 0; k != window_bits; ++k)
x = reducer.square(x);
- size_t nibble = exp.get_substring(window_bits*(j-1), window_bits);
- if(nibble)
+ if(u32bit nibble = exp.get_substring(window_bits*(j-1), window_bits))
x = reducer.multiply(x, g[nibble-1]);
}
return x;
diff --git a/src/math/numbertheory/powm_mnt.cpp b/src/math/numbertheory/powm_mnt.cpp
index 038ce14da..4f626ac9d 100644
--- a/src/math/numbertheory/powm_mnt.cpp
+++ b/src/math/numbertheory/powm_mnt.cpp
@@ -90,8 +90,7 @@ BigInt Montgomery_Exponentiator::execute() const
x.get_reg().set(&z[0], mod_words + 1);
}
- size_t nibble = exp.get_substring(window_bits*(i-1), window_bits);
- if(nibble)
+ if(u32bit nibble = exp.get_substring(window_bits*(i-1), window_bits))
{
const BigInt& y = g[nibble-1];
diff --git a/src/ssl/cert_req.cpp b/src/ssl/cert_req.cpp
index e72ffe735..b8b2624bf 100644
--- a/src/ssl/cert_req.cpp
+++ b/src/ssl/cert_req.cpp
@@ -21,7 +21,7 @@ Certificate_Req::Certificate_Req(Record_Writer& writer,
HandshakeHash& hash,
const std::vector<X509_Certificate>& certs)
{
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
names.push_back(certs[i].subject_dn());
// FIXME: should be able to choose what to ask for
@@ -41,7 +41,7 @@ SecureVector<byte> Certificate_Req::serialize() const
append_tls_length_value(buf, types, 1);
DER_Encoder encoder;
- for(u32bit i = 0; i != names.size(); i++)
+ for(size_t i = 0; i != names.size(); ++i)
encoder.encode(names[i]);
append_tls_length_value(buf, encoder.get_contents(), 2);
@@ -57,15 +57,15 @@ void Certificate_Req::deserialize(const MemoryRegion<byte>& buf)
if(buf.size() < 4)
throw Decoding_Error("Certificate_Req: Bad certificate request");
- u32bit types_size = buf[0];
+ size_t types_size = buf[0];
if(buf.size() < types_size + 3)
throw Decoding_Error("Certificate_Req: Bad certificate request");
- for(u32bit i = 0; i != types_size; i++)
+ for(size_t i = 0; i != types_size; ++i)
types.push_back(static_cast<Certificate_Type>(buf[i+1]));
- u32bit names_size = make_u16bit(buf[types_size+2], buf[types_size+3]);
+ size_t names_size = make_u16bit(buf[types_size+2], buf[types_size+3]);
if(buf.size() != names_size + types_size + 3)
throw Decoding_Error("Certificate_Req: Bad certificate request");
@@ -98,18 +98,18 @@ SecureVector<byte> Certificate::serialize() const
{
SecureVector<byte> buf(3);
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
{
SecureVector<byte> raw_cert = certs[i].BER_encode();
- u32bit cert_size = raw_cert.size();
- for(u32bit j = 0; j != 3; j++)
- buf.push_back(get_byte(j+1, cert_size));
+ const size_t cert_size = raw_cert.size();
+ for(size_t i = 0; i != 3; ++i)
+ buf.push_back(get_byte<u32bit>(i+1, cert_size));
buf += raw_cert;
}
- u32bit buf_size = buf.size() - 3;
- for(u32bit i = 0; i != 3; i++)
- buf[i] = get_byte(i+1, buf_size);
+ const size_t buf_size = buf.size() - 3;
+ for(size_t i = 0; i != 3; ++i)
+ buf[i] = get_byte<u32bit>(i+1, buf_size);
return buf;
}
@@ -122,7 +122,7 @@ void Certificate::deserialize(const MemoryRegion<byte>& buf)
if(buf.size() < 3)
throw Decoding_Error("Certificate: Message malformed");
- u32bit total_size = make_u32bit(0, buf[0], buf[1], buf[2]);
+ const size_t total_size = make_u32bit(0, buf[0], buf[1], buf[2]);
SecureQueue queue;
queue.write(&buf[3], buf.size() - 3);
@@ -137,9 +137,10 @@ void Certificate::deserialize(const MemoryRegion<byte>& buf)
byte len[3];
queue.read(len, 3);
- u32bit cert_size = make_u32bit(0, len[0], len[1], len[2]);
- u32bit original_size = queue.size();
+ const size_t cert_size = make_u32bit(0, len[0], len[1], len[2]);
+ const size_t original_size = queue.size();
+
X509_Certificate cert(queue);
if(queue.size() + cert_size != original_size)
throw Decoding_Error("Certificate: Message malformed");
diff --git a/src/ssl/cert_ver.cpp b/src/ssl/cert_ver.cpp
index 2b27cd6d2..3dcd38141 100644
--- a/src/ssl/cert_ver.cpp
+++ b/src/ssl/cert_ver.cpp
@@ -50,7 +50,7 @@ SecureVector<byte> Certificate_Verify::serialize() const
{
SecureVector<byte> buf;
- u16bit sig_len = signature.size();
+ const u16bit sig_len = signature.size();
buf.push_back(get_byte(0, sig_len));
buf.push_back(get_byte(1, sig_len));
buf += signature;
diff --git a/src/ssl/hello.cpp b/src/ssl/hello.cpp
index a06fd75b4..1efef9213 100644
--- a/src/ssl/hello.cpp
+++ b/src/ssl/hello.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-/**
+/*
* Encode and send a Handshake message
*/
void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
@@ -18,12 +18,12 @@ void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
SecureVector<byte> buf = serialize();
SecureVector<byte> send_buf(4);
- u32bit buf_size = buf.size();
+ const size_t buf_size = buf.size();
send_buf[0] = type();
- send_buf[1] = get_byte(1, buf_size);
- send_buf[2] = get_byte(2, buf_size);
- send_buf[3] = get_byte(3, buf_size);
+
+ for(size_t i = 1; i != 4; ++i)
+ send_buf[i] = get_byte<u32bit>(i, buf_size);
send_buf += buf;
@@ -33,7 +33,7 @@ void HandshakeMessage::send(Record_Writer& writer, HandshakeHash& hash) const
writer.flush();
}
-/**
+/*
* Create a new Hello Request message
*/
Hello_Request::Hello_Request(Record_Writer& writer)
@@ -42,7 +42,7 @@ Hello_Request::Hello_Request(Record_Writer& writer)
send(writer, dummy);
}
-/**
+/*
* Serialize a Hello Request message
*/
SecureVector<byte> Hello_Request::serialize() const
@@ -50,7 +50,7 @@ SecureVector<byte> Hello_Request::serialize() const
return SecureVector<byte>();
}
-/**
+/*
* Deserialize a Hello Request message
*/
void Hello_Request::deserialize(const MemoryRegion<byte>& buf)
@@ -59,7 +59,7 @@ void Hello_Request::deserialize(const MemoryRegion<byte>& buf)
throw Decoding_Error("Hello_Request: Must be empty, and is not");
}
-/**
+/*
* Create a new Client Hello message
*/
Client_Hello::Client_Hello(RandomNumberGenerator& rng,
@@ -76,7 +76,7 @@ Client_Hello::Client_Hello(RandomNumberGenerator& rng,
send(writer, hash);
}
-/**
+/*
* Serialize a Client Hello message
*/
SecureVector<byte> Client_Hello::serialize() const
@@ -99,11 +99,11 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
if(buf.size() < 12 || buf[0] != 1)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
- const u32bit cipher_spec_len = make_u16bit(buf[3], buf[4]);
- const u32bit sess_id_len = make_u16bit(buf[5], buf[6]);
- const u32bit challenge_len = make_u16bit(buf[7], buf[8]);
+ const size_t cipher_spec_len = make_u16bit(buf[3], buf[4]);
+ const size_t sess_id_len = make_u16bit(buf[5], buf[6]);
+ const size_t challenge_len = make_u16bit(buf[7], buf[8]);
- const u32bit expected_size =
+ const size_t expected_size =
(9 + sess_id_len + cipher_spec_len + challenge_len);
if(buf.size() != expected_size)
@@ -115,7 +115,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
}
- for(u32bit i = 9; i != 9 + cipher_spec_len; i += 3)
+ for(size_t i = 9; i != 9 + cipher_spec_len; i += 3)
{
if(buf[i] != 0) // a SSLv2 cipherspec; ignore it
continue;
@@ -128,7 +128,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
c_random.set(&buf[9+cipher_spec_len+sess_id_len], challenge_len);
}
-/**
+/*
* Deserialize a Client Hello message
*/
void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
@@ -196,18 +196,18 @@ void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
}
}
-/**
+/*
* Check if we offered this ciphersuite
*/
bool Client_Hello::offered_suite(u16bit ciphersuite) const
{
- for(u32bit i = 0; i != suites.size(); i++)
+ for(size_t i = 0; i != suites.size(); ++i)
if(suites[i] == ciphersuite)
return true;
return false;
}
-/**
+/*
* Create a new Server Hello message
*/
Server_Hello::Server_Hello(RandomNumberGenerator& rng,
@@ -220,7 +220,7 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng,
{
bool have_rsa = false, have_dsa = false;
- for(u32bit i = 0; i != certs.size(); i++)
+ for(size_t i = 0; i != certs.size(); ++i)
{
Public_Key* key = certs[i].subject_public_key();
if(key->algo_name() == "RSA")
@@ -244,7 +244,7 @@ Server_Hello::Server_Hello(RandomNumberGenerator& rng,
send(writer, hash);
}
-/**
+/*
* Serialize a Server Hello message
*/
SecureVector<byte> Server_Hello::serialize() const
@@ -265,7 +265,7 @@ SecureVector<byte> Server_Hello::serialize() const
return buf;
}
-/**
+/*
* Deserialize a Server Hello message
*/
void Server_Hello::deserialize(const MemoryRegion<byte>& buf)
@@ -292,7 +292,7 @@ void Server_Hello::deserialize(const MemoryRegion<byte>& buf)
comp_algo = reader.get_byte();
}
-/**
+/*
* Create a new Server Hello Done message
*/
Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
@@ -301,7 +301,7 @@ Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
send(writer, hash);
}
-/**
+/*
* Serialize a Server Hello Done message
*/
SecureVector<byte> Server_Hello_Done::serialize() const
@@ -309,7 +309,7 @@ SecureVector<byte> Server_Hello_Done::serialize() const
return SecureVector<byte>();
}
-/**
+/*
* Deserialize a Server Hello Done message
*/
void Server_Hello_Done::deserialize(const MemoryRegion<byte>& buf)
diff --git a/src/ssl/info.txt b/src/ssl/info.txt
index 8f1eda497..8b566ae60 100644
--- a/src/ssl/info.txt
+++ b/src/ssl/info.txt
@@ -1,5 +1,7 @@
define SSL_TLS
+uses_tr1 yes
+
<header:public>
socket.h
tls_client.h
diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp
index 29e2ca4c7..042aae0c9 100644
--- a/src/ssl/rec_read.cpp
+++ b/src/ssl/rec_read.cpp
@@ -17,7 +17,10 @@ namespace Botan {
void Record_Reader::reset()
{
cipher.reset();
- mac.reset();
+
+ delete mac;
+ mac = 0;
+
mac_size = 0;
block_size = 0;
iv_size = 0;
@@ -44,7 +47,8 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys,
Connection_Side side)
{
cipher.reset();
- mac.reset();
+ delete mac;
+ mac = 0;
SymmetricKey mac_key, cipher_key;
InitializationVector iv;
@@ -89,18 +93,21 @@ void Record_Reader::set_keys(const CipherSuite& suite, const SessionKeys& keys,
if(have_hash(mac_algo))
{
+ Algorithm_Factory& af = global_state().algorithm_factory();
+
if(major == 3 && minor == 0)
- mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
else
- mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("HMAC(" + mac_algo + ")");
- mac_size = output_length_of(mac_algo);
+ mac->set_key(mac_key);
+ mac_size = mac->output_length();
}
else
throw Invalid_Argument("Record_Reader: Unknown hash " + mac_algo);
}
-void Record_Reader::add_input(const byte input[], u32bit input_size)
+void Record_Reader::add_input(const byte input[], size_t input_size)
{
input_queue.write(input, input_size);
}
@@ -108,12 +115,12 @@ void Record_Reader::add_input(const byte input[], u32bit input_size)
/*
* Retrieve the next record
*/
-u32bit Record_Reader::get_record(byte& msg_type,
+size_t Record_Reader::get_record(byte& msg_type,
MemoryRegion<byte>& output)
{
byte header[5] = { 0 };
- const u32bit have_in_queue = input_queue.size();
+ const size_t have_in_queue = input_queue.size();
if(have_in_queue < sizeof(header))
return (sizeof(header) - have_in_queue);
@@ -126,7 +133,7 @@ u32bit Record_Reader::get_record(byte& msg_type,
// SSLv2-format client hello?
if(header[0] & 0x80 && header[2] == 1 && header[3] == 3)
{
- u32bit record_len = make_u16bit(header[0], header[1]) & 0x7FFF;
+ size_t record_len = make_u16bit(header[0], header[1]) & 0x7FFF;
if(have_in_queue < record_len + 2)
return (record_len + 2 - have_in_queue);
@@ -184,7 +191,7 @@ u32bit Record_Reader::get_record(byte& msg_type,
cipher.process_msg(buffer);
SecureVector<byte> plaintext = cipher.read_all(Pipe::LAST_MESSAGE);
- u32bit pad_size = 0;
+ size_t pad_size = 0;
if(block_size)
{
@@ -206,8 +213,8 @@ u32bit Record_Reader::get_record(byte& msg_type,
}
else
{
- for(u32bit j = 0; j != pad_size; j++)
- if(plaintext[plaintext.size()-j-1] != pad_value)
+ for(size_t i = 0; i != pad_size; ++i)
+ if(plaintext[plaintext.size()-i-1] != pad_value)
pad_size = 0;
}
}
@@ -215,29 +222,25 @@ u32bit Record_Reader::get_record(byte& msg_type,
if(plaintext.size() < mac_size + pad_size + iv_size)
throw Decoding_Error("Record_Reader: Record truncated");
- const u32bit mac_offset = plaintext.size() - (mac_size + pad_size);
+ const size_t mac_offset = plaintext.size() - (mac_size + pad_size);
SecureVector<byte> recieved_mac(&plaintext[mac_offset],
mac_size);
const u16bit plain_length = plaintext.size() - (mac_size + pad_size + iv_size);
- mac.start_msg();
- for(u32bit j = 0; j != 8; j++)
- mac.write(get_byte(j, seq_no));
- mac.write(header[0]); // msg_type
+ mac->update_be(seq_no);
+ mac->update(header[0]); // msg_type
if(version != SSL_V3)
- for(u32bit j = 0; j != 2; j++)
- mac.write(get_byte(j, version));
+ for(size_t i = 0; i != 2; ++i)
+ mac->update(get_byte(i, version));
- for(u32bit j = 0; j != 2; j++)
- mac.write(get_byte(j, plain_length));
- mac.write(&plaintext[iv_size], plain_length);
- mac.end_msg();
+ mac->update_be(plain_length);
+ mac->update(&plaintext[iv_size], plain_length);
++seq_no;
- SecureVector<byte> computed_mac = mac.read_all(Pipe::LAST_MESSAGE);
+ SecureVector<byte> computed_mac = mac->final();
if(recieved_mac != computed_mac)
throw TLS_Exception(BAD_RECORD_MAC, "Record_Reader: MAC failure");
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
index 02bbf3d56..0be275c20 100644
--- a/src/ssl/rec_wri.cpp
+++ b/src/ssl/rec_wri.cpp
@@ -16,9 +16,11 @@ namespace Botan {
/**
* Record_Writer Constructor
*/
-Record_Writer::Record_Writer(Socket& sock) :
- socket(sock), buffer(DEFAULT_BUFFERSIZE)
+Record_Writer::Record_Writer(std::tr1::function<void (const byte[], size_t)> out) :
+ output_fn(out),
+ buffer(DEFAULT_BUFFERSIZE)
{
+ mac = 0;
reset();
}
@@ -28,7 +30,9 @@ Record_Writer::Record_Writer(Socket& sock) :
void Record_Writer::reset()
{
cipher.reset();
- mac.reset();
+
+ delete mac;
+ mac = 0;
zeroise(buffer);
buf_pos = 0;
@@ -60,7 +64,8 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
Connection_Side side)
{
cipher.reset();
- mac.reset();
+ delete mac;
+ mac = 0;
SymmetricKey mac_key, cipher_key;
InitializationVector iv;
@@ -105,12 +110,15 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
if(have_hash(mac_algo))
{
+ Algorithm_Factory& af = global_state().algorithm_factory();
+
if(major == 3 && minor == 0)
- mac.append(new MAC_Filter("SSL3-MAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("SSL3-MAC(" + mac_algo + ")");
else
- mac.append(new MAC_Filter("HMAC(" + mac_algo + ")", mac_key));
+ mac = af.make_mac("HMAC(" + mac_algo + ")");
- mac_size = output_length_of(mac_algo);
+ mac->set_key(mac_key);
+ mac_size = mac->output_length();
}
else
throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
@@ -119,20 +127,12 @@ void Record_Writer::set_keys(const CipherSuite& suite, const SessionKeys& keys,
/**
* Send one or more records to the other side
*/
-void Record_Writer::send(byte type, byte input)
- {
- send(type, &input, 1);
- }
-
-/**
-* Send one or more records to the other side
-*/
-void Record_Writer::send(byte type, const byte input[], u32bit length)
+void Record_Writer::send(byte type, const byte input[], size_t length)
{
if(type != buf_type)
flush();
- const u32bit BUFFER_SIZE = buffer.size();
+ const size_t BUFFER_SIZE = buffer.size();
buf_type = type;
// FIXME: compression right here
@@ -161,11 +161,11 @@ void Record_Writer::send(byte type, const byte input[], u32bit length)
void Record_Writer::flush()
{
const byte* buf_ptr = &buffer[0];
- u32bit offset = 0;
+ size_t offset = 0;
while(offset != buf_pos)
{
- u32bit record_size = buf_pos - offset;
+ size_t record_size = buf_pos - offset;
if(record_size > MAX_PLAINTEXT_SIZE)
record_size = MAX_PLAINTEXT_SIZE;
@@ -179,7 +179,7 @@ void Record_Writer::flush()
/**
* Encrypt and send the record
*/
-void Record_Writer::send_record(byte type, const byte buf[], u32bit length)
+void Record_Writer::send_record(byte type, const byte buf[], size_t length)
{
if(length >= MAX_COMPRESSED_SIZE)
throw TLS_Exception(INTERNAL_ERROR,
@@ -189,26 +189,22 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length)
send_record(type, major, minor, buf, length);
else
{
- mac.start_msg();
- for(u32bit j = 0; j != 8; j++)
- mac.write(get_byte(j, seq_no));
- mac.write(type);
+ mac->update_be(seq_no);
+ mac->update(type);
if(major > 3 || (major == 3 && minor != 0))
{
- mac.write(major);
- mac.write(minor);
+ mac->update(major);
+ mac->update(minor);
}
- mac.write(get_byte(2, length));
- mac.write(get_byte(3, length));
- mac.write(buf, length);
- mac.end_msg();
+ mac->update(get_byte<u16bit>(0, length));
+ mac->update(get_byte<u16bit>(1, length));
+ mac->update(buf, length);
- // TODO: This could all use a single buffer
-
- SecureVector<byte> buf_mac = mac.read_all(Pipe::LAST_MESSAGE);
+ SecureVector<byte> buf_mac = mac->final();
+ // TODO: This could all use a single buffer
cipher.start_msg();
if(iv_size)
@@ -227,10 +223,10 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length)
if(block_size)
{
- u32bit pad_val =
+ size_t pad_val =
(block_size - (1 + length + buf_mac.size())) % block_size;
- for(u32bit j = 0; j != pad_val + 1; j++)
+ for(size_t i = 0; i != pad_val + 1; ++i)
cipher.write(pad_val);
}
cipher.end_msg();
@@ -247,18 +243,18 @@ void Record_Writer::send_record(byte type, const byte buf[], u32bit length)
* Send a final record packet
*/
void Record_Writer::send_record(byte type, byte major, byte minor,
- const byte out[], u32bit length)
+ const byte out[], size_t length)
{
if(length >= MAX_CIPHERTEXT_SIZE)
throw TLS_Exception(INTERNAL_ERROR,
"Record_Writer: Record is too big");
byte header[5] = { type, major, minor, 0 };
- for(u32bit j = 0; j != 2; j++)
- header[j+3] = get_byte<u16bit>(j, length);
+ for(size_t i = 0; i != 2; ++i)
+ header[i+3] = get_byte<u16bit>(i, length);
- socket.write(header, 5);
- socket.write(out, length);
+ output_fn(header, 5);
+ output_fn(out, length);
}
/**
diff --git a/src/ssl/s_kex.cpp b/src/ssl/s_kex.cpp
index d74609152..f2df58b8b 100644
--- a/src/ssl/s_kex.cpp
+++ b/src/ssl/s_kex.cpp
@@ -86,8 +86,8 @@ SecureVector<byte> Server_Key_Exchange::serialize_params() const
{
SecureVector<byte> buf;
- for(u32bit j = 0; j != params.size(); j++)
- append_tls_length_value(buf, BigInt::encode(params[j]), 2);
+ for(size_t i = 0; i != params.size(); ++i)
+ append_tls_length_value(buf, BigInt::encode(params[i]), 2);
return buf;
}
@@ -101,20 +101,20 @@ void Server_Key_Exchange::deserialize(const MemoryRegion<byte>& buf)
throw Decoding_Error("Server_Key_Exchange: Packet corrupted");
SecureVector<byte> values[4];
- u32bit so_far = 0;
+ size_t so_far = 0;
- for(u32bit j = 0; j != 4; j++)
+ for(size_t i = 0; i != 4; ++i)
{
- u16bit len = make_u16bit(buf[so_far], buf[so_far+1]);
+ const u16bit len = make_u16bit(buf[so_far], buf[so_far+1]);
so_far += 2;
if(len + so_far > buf.size())
throw Decoding_Error("Server_Key_Exchange: Packet corrupted");
- values[j].set(&buf[so_far], len);
+ values[i].set(&buf[so_far], len);
so_far += len;
- if(j == 2 && so_far == buf.size())
+ if(i == 2 && so_far == buf.size())
break;
}
diff --git a/src/ssl/tls_client.cpp b/src/ssl/tls_client.cpp
index d6d62d59a..505b2c22a 100644
--- a/src/ssl/tls_client.cpp
+++ b/src/ssl/tls_client.cpp
@@ -81,34 +81,22 @@ void client_check_state(Handshake_Type new_msg, Handshake_State* state)
/**
* TLS Client Constructor
*/
-TLS_Client::TLS_Client(const TLS_Policy& pol,
- RandomNumberGenerator& r,
- Socket& sock) :
- policy(pol),
- rng(r),
- peer(sock),
- writer(sock)
+TLS_Client::TLS_Client(std::tr1::function<size_t (byte[], size_t)> input_fn,
+ std::tr1::function<void (const byte[], size_t)> output_fn,
+ const TLS_Policy& policy,
+ RandomNumberGenerator& rng) :
+ input_fn(input_fn),
+ policy(policy),
+ rng(rng),
+ writer(output_fn)
{
initialize();
}
-/**
-* TLS Client Constructor
-*/
-TLS_Client::TLS_Client(const TLS_Policy& pol,
- RandomNumberGenerator& r,
- Socket& sock,
- const X509_Certificate& cert,
- const Private_Key& key) :
- policy(pol),
- rng(r),
- peer(sock),
- writer(sock)
+void TLS_Client::add_client_cert(const X509_Certificate& cert,
+ Private_Key* cert_key)
{
- certs.push_back(cert);
- keys.push_back(PKCS8::copy_key(key, rng));
-
- initialize();
+ certs.push_back(std::make_pair(cert, cert_key));
}
/**
@@ -117,8 +105,8 @@ TLS_Client::TLS_Client(const TLS_Policy& pol,
TLS_Client::~TLS_Client()
{
close();
- for(u32bit j = 0; j != keys.size(); j++)
- delete keys[j];
+ for(size_t i = 0; i != certs.size(); i++)
+ delete certs[i].second;
delete state;
}
@@ -179,7 +167,7 @@ std::vector<X509_Certificate> TLS_Client::peer_cert_chain() const
/**
* Write to a TLS connection
*/
-void TLS_Client::write(const byte buf[], u32bit length)
+void TLS_Client::write(const byte buf[], size_t length)
{
if(!active)
throw TLS_Exception(INTERNAL_ERROR,
@@ -191,7 +179,7 @@ void TLS_Client::write(const byte buf[], u32bit length)
/**
* Read from a TLS connection
*/
-u32bit TLS_Client::read(byte out[], u32bit length)
+size_t TLS_Client::read(byte out[], size_t length)
{
if(!active)
return 0;
@@ -205,7 +193,7 @@ u32bit TLS_Client::read(byte out[], u32bit length)
break;
}
- u32bit got = std::min<size_t>(read_buf.size(), length);
+ size_t got = std::min<size_t>(read_buf.size(), length);
read_buf.read(out, got);
return got;
}
@@ -253,12 +241,12 @@ void TLS_Client::state_machine()
byte rec_type = CONNECTION_CLOSED;
SecureVector<byte> record(1024);
- u32bit bytes_needed = reader.get_record(rec_type, record);
+ size_t bytes_needed = reader.get_record(rec_type, record);
while(bytes_needed)
{
- u32bit to_get = std::min<u32bit>(record.size(), bytes_needed);
- u32bit got = peer.read(&record[0], to_get);
+ size_t to_get = std::min<size_t>(record.size(), bytes_needed);
+ size_t got = input_fn(&record[0], to_get);
if(got == 0)
{
@@ -330,7 +318,7 @@ void TLS_Client::read_handshake(byte rec_type,
byte head[4] = { 0 };
state->queue.peek(head, 4);
- const u32bit length = make_u32bit(0, head[1], head[2], head[3]);
+ const size_t length = make_u32bit(0, head[1], head[2], head[3]);
if(state->queue.size() >= length + 4)
{
@@ -383,9 +371,9 @@ void TLS_Client::process_handshake_msg(Handshake_Type type,
if(type != HANDSHAKE_CCS && type != HELLO_REQUEST && type != FINISHED)
{
state->hash.update(static_cast<byte>(type));
- const u32bit record_length = contents.size();
- for(u32bit j = 0; j != 3; j++)
- state->hash.update(get_byte(j+1, record_length));
+ const size_t record_length = contents.size();
+ for(size_t i = 0; i != 3; i++)
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
state->hash.update(contents);
}
diff --git a/src/ssl/tls_client.h b/src/ssl/tls_client.h
index e59218892..913a87e50 100644
--- a/src/ssl/tls_client.h
+++ b/src/ssl/tls_client.h
@@ -11,7 +11,6 @@
#include <botan/tls_connection.h>
#include <botan/tls_policy.h>
#include <botan/tls_record.h>
-#include <botan/socket.h>
#include <vector>
#include <string>
@@ -20,34 +19,31 @@ namespace Botan {
/**
* TLS Client
*/
-
-// FIXME: much of this can probably be moved up to TLS_Connection
class BOTAN_DLL TLS_Client : public TLS_Connection
{
public:
- u32bit read(byte buf[], u32bit buf_len);
- void write(const byte buf[], u32bit buf_len);
-
- std::vector<X509_Certificate> peer_cert_chain() const;
+ size_t read(byte buf[], size_t buf_len);
+ void write(const byte buf[], size_t buf_len);
void close();
bool is_closed() const;
- TLS_Client(const TLS_Policy& policy,
- RandomNumberGenerator& rng,
- Socket& peer);
+ std::vector<X509_Certificate> peer_cert_chain() const;
- // FIXME: support multiple/arbitrary # of cert/key pairs
- TLS_Client(const TLS_Policy& policy,
- RandomNumberGenerator& rng,
- Socket& peer,
- const X509_Certificate& cert,
- const Private_Key& cert_key);
+ void add_client_cert(const X509_Certificate& cert,
+ Private_Key* cert_key);
+
+ TLS_Client(std::tr1::function<size_t (byte[], size_t)> input_fn,
+ std::tr1::function<void (const byte[], size_t)> output_fn,
+ const TLS_Policy& policy,
+ RandomNumberGenerator& rng);
~TLS_Client();
private:
void close(Alert_Level, Alert_Type);
+ size_t get_pending_socket_input(byte output[], size_t length);
+
void initialize();
void do_handshake();
@@ -55,15 +51,16 @@ class BOTAN_DLL TLS_Client : public TLS_Connection
void read_handshake(byte, const MemoryRegion<byte>&);
void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&);
+ std::tr1::function<size_t (byte[], size_t)> input_fn;
+
const TLS_Policy& policy;
RandomNumberGenerator& rng;
- Socket& peer;
Record_Writer writer;
Record_Reader reader;
- std::vector<X509_Certificate> certs, peer_certs;
- std::vector<Private_Key*> keys;
+ std::vector<X509_Certificate> peer_certs;
+ std::vector<std::pair<X509_Certificate, Private_Key*> > certs;
class Handshake_State* state;
SecureVector<byte> session_id;
diff --git a/src/ssl/tls_connection.h b/src/ssl/tls_connection.h
index a6de659c4..bbefa2114 100644
--- a/src/ssl/tls_connection.h
+++ b/src/ssl/tls_connection.h
@@ -19,9 +19,9 @@ namespace Botan {
class BOTAN_DLL TLS_Connection
{
public:
- virtual u32bit read(byte[], u32bit) = 0;
- virtual void write(const byte[], u32bit) = 0;
- u32bit read(byte& in) { return read(&in, 1); }
+ virtual size_t read(byte[], size_t) = 0;
+ virtual void write(const byte[], size_t) = 0;
+ size_t read(byte& in) { return read(&in, 1); }
void write(byte out) { write(&out, 1); }
virtual std::vector<X509_Certificate> peer_cert_chain() const = 0;
diff --git a/src/ssl/tls_handshake_hash.cpp b/src/ssl/tls_handshake_hash.cpp
index 93442cad1..7c1e2e385 100644
--- a/src/ssl/tls_handshake_hash.cpp
+++ b/src/ssl/tls_handshake_hash.cpp
@@ -45,15 +45,19 @@ SecureVector<byte> HandshakeHash::final_ssl3(const MemoryRegion<byte>& secret)
md5.update(secret);
sha1.update(secret);
- for(u32bit j = 0; j != 48; j++) md5.update(PAD_INNER);
- for(u32bit j = 0; j != 40; j++) sha1.update(PAD_INNER);
+ for(size_t i = 0; i != 48; ++i)
+ md5.update(PAD_INNER);
+ for(size_t i = 0; i != 40; ++i)
+ sha1.update(PAD_INNER);
SecureVector<byte> inner_md5 = md5.final(), inner_sha1 = sha1.final();
md5.update(secret);
sha1.update(secret);
- for(u32bit j = 0; j != 48; j++) md5.update(PAD_OUTER);
- for(u32bit j = 0; j != 40; j++) sha1.update(PAD_OUTER);
+ for(size_t i = 0; i != 48; ++i)
+ md5.update(PAD_OUTER);
+ for(size_t i = 0; i != 40; ++i)
+ sha1.update(PAD_OUTER);
md5.update(inner_md5);
sha1.update(inner_sha1);
diff --git a/src/ssl/tls_handshake_hash.h b/src/ssl/tls_handshake_hash.h
index 4c145c6c6..ceaa55584 100644
--- a/src/ssl/tls_handshake_hash.h
+++ b/src/ssl/tls_handshake_hash.h
@@ -20,7 +20,7 @@ using namespace Botan;
class BOTAN_DLL HandshakeHash
{
public:
- void update(const byte in[], u32bit length)
+ void update(const byte in[], size_t length)
{ data += std::make_pair(in, length); }
void update(const MemoryRegion<byte>& in)
diff --git a/src/ssl/tls_policy.cpp b/src/ssl/tls_policy.cpp
index e7e25a877..38fcf58cc 100644
--- a/src/ssl/tls_policy.cpp
+++ b/src/ssl/tls_policy.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-/**
+/*
* Return allowed ciphersuites
*/
std::vector<u16bit> TLS_Policy::ciphersuites() const
@@ -18,7 +18,7 @@ std::vector<u16bit> TLS_Policy::ciphersuites() const
return suite_list(allow_static_rsa(), allow_edh_rsa(), allow_edh_dsa());
}
-/**
+/*
* Return allowed ciphersuites
*/
std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa,
@@ -60,7 +60,7 @@ std::vector<u16bit> TLS_Policy::suite_list(bool use_rsa,
return suites;
}
-/**
+/*
* Return allowed compression algorithms
*/
std::vector<byte> TLS_Policy::compression() const
@@ -70,7 +70,7 @@ std::vector<byte> TLS_Policy::compression() const
return algs;
}
-/**
+/*
* Choose which ciphersuite to use
*/
u16bit TLS_Policy::choose_suite(const std::vector<u16bit>& c_suites,
@@ -84,30 +84,30 @@ u16bit TLS_Policy::choose_suite(const std::vector<u16bit>& c_suites,
std::vector<u16bit> s_suites = suite_list(use_static_rsa, use_edh_rsa,
use_edh_dsa);
- for(u32bit j = 0; j != s_suites.size(); j++)
- for(u32bit k = 0; k != c_suites.size(); k++)
- if(s_suites[j] == c_suites[k])
- return s_suites[j];
+ for(size_t i = 0; i != s_suites.size(); ++i)
+ for(size_t j = 0; j != c_suites.size(); ++j)
+ if(s_suites[i] == c_suites[j])
+ return s_suites[i];
return 0;
}
-/**
+/*
* Choose which compression algorithm to use
*/
byte TLS_Policy::choose_compression(const std::vector<byte>& c_comp) const
{
std::vector<byte> s_comp = compression();
- for(u32bit j = 0; j != s_comp.size(); j++)
- for(u32bit k = 0; k != c_comp.size(); k++)
- if(s_comp[j] == c_comp[k])
- return s_comp[j];
+ for(size_t i = 0; i != s_comp.size(); ++i)
+ for(size_t j = 0; j != c_comp.size(); ++j)
+ if(s_comp[i] == c_comp[j])
+ return s_comp[i];
return NO_COMPRESSION;
}
-/**
+/*
* Return the group to use for empheral DH
*/
DL_Group TLS_Policy::dh_group() const
@@ -115,7 +115,7 @@ DL_Group TLS_Policy::dh_group() const
return DL_Group("modp/ietf/1024");
}
-/**
+/*
* Default certificate check
*/
bool TLS_Policy::check_cert(const std::vector<X509_Certificate>& certs) const
diff --git a/src/ssl/tls_policy.h b/src/ssl/tls_policy.h
index 022eed4ec..c5944f0f7 100644
--- a/src/ssl/tls_policy.h
+++ b/src/ssl/tls_policy.h
@@ -37,7 +37,7 @@ class BOTAN_DLL TLS_Policy
virtual bool require_client_auth() const { return false; }
virtual DL_Group dh_group() const;
- virtual u32bit rsa_export_keysize() const { return 512; }
+ virtual size_t rsa_export_keysize() const { return 512; }
virtual Version_Code min_version() const { return SSL_V3; }
virtual Version_Code pref_version() const { return TLS_V11; }
diff --git a/src/ssl/tls_reader.h b/src/ssl/tls_reader.h
index 733e9bdc9..3a45235b5 100644
--- a/src/ssl/tls_reader.h
+++ b/src/ssl/tls_reader.h
@@ -22,7 +22,7 @@ class TLS_Data_Reader
TLS_Data_Reader(const MemoryRegion<byte>& buf_in) :
buf(buf_in), offset(0) {}
- u32bit remaining_bytes() const
+ size_t remaining_bytes() const
{
return buf.size() - offset;
}
@@ -32,7 +32,7 @@ class TLS_Data_Reader
return (remaining_bytes() > 0);
}
- void discard_next(u32bit bytes)
+ void discard_next(size_t bytes)
{
assert_at_least(bytes);
offset += bytes;
@@ -55,13 +55,13 @@ class TLS_Data_Reader
}
template<typename T, typename Container>
- Container get_elem(u32bit num_elems)
+ Container get_elem(size_t num_elems)
{
assert_at_least(num_elems * sizeof(T));
Container result(num_elems);
- for(u32bit i = 0; i != num_elems; ++i)
+ for(size_t i = 0; i != num_elems; ++i)
result[i] = load_be<T>(&buf[offset], i);
offset += num_elems * sizeof(T);
@@ -70,35 +70,35 @@ class TLS_Data_Reader
}
template<typename T>
- SecureVector<T> get_range(u32bit len_bytes,
- u32bit min_elems,
- u32bit max_elems)
+ SecureVector<T> get_range(size_t len_bytes,
+ size_t min_elems,
+ size_t max_elems)
{
- const u32bit num_elems =
+ const size_t num_elems =
get_num_elems(len_bytes, sizeof(T), min_elems, max_elems);
return get_elem<T, SecureVector<T> >(num_elems);
}
template<typename T>
- std::vector<T> get_range_vector(u32bit len_bytes,
- u32bit min_elems,
- u32bit max_elems)
+ std::vector<T> get_range_vector(size_t len_bytes,
+ size_t min_elems,
+ size_t max_elems)
{
- const u32bit num_elems =
+ const size_t num_elems =
get_num_elems(len_bytes, sizeof(T), min_elems, max_elems);
return get_elem<T, std::vector<T> >(num_elems);
}
template<typename T>
- SecureVector<T> get_fixed(u32bit size)
+ SecureVector<T> get_fixed(size_t size)
{
return get_elem<T, SecureVector<T> >(size);
}
private:
- u32bit get_length_field(u32bit len_bytes)
+ size_t get_length_field(size_t len_bytes)
{
assert_at_least(len_bytes);
@@ -110,17 +110,17 @@ class TLS_Data_Reader
throw Decoding_Error("TLS_Data_Reader: Bad length size");
}
- u32bit get_num_elems(u32bit len_bytes,
- u32bit T_size,
- u32bit min_elems,
- u32bit max_elems)
+ size_t get_num_elems(size_t len_bytes,
+ size_t T_size,
+ size_t min_elems,
+ size_t max_elems)
{
- const u32bit byte_length = get_length_field(len_bytes);
+ const size_t byte_length = get_length_field(len_bytes);
if(byte_length % T_size != 0)
throw Decoding_Error("TLS_Data_Reader: Size isn't multiple of T");
- const u32bit num_elems = byte_length / T_size;
+ const size_t num_elems = byte_length / T_size;
if(num_elems < min_elems || num_elems > max_elems)
throw Decoding_Error("TLS_Data_Reader: Range outside paramaters");
@@ -128,14 +128,14 @@ class TLS_Data_Reader
return num_elems;
}
- void assert_at_least(u32bit n) const
+ void assert_at_least(size_t n) const
{
if(buf.size() - offset < n)
throw Decoding_Error("TLS_Data_Reader: Corrupt packet");
}
const MemoryRegion<byte>& buf;
- u32bit offset;
+ size_t offset;
};
/**
@@ -144,11 +144,11 @@ class TLS_Data_Reader
template<typename T>
void append_tls_length_value(MemoryRegion<byte>& buf,
const T* vals,
- u32bit vals_size,
- u32bit tag_size)
+ size_t vals_size,
+ size_t tag_size)
{
- const u32bit T_size = sizeof(T);
- const u32bit val_bytes = T_size * vals_size;
+ const size_t T_size = sizeof(T);
+ const size_t val_bytes = T_size * vals_size;
if(tag_size != 1 && tag_size != 2)
throw std::invalid_argument("append_tls_length_value: invalid tag size");
@@ -157,18 +157,18 @@ void append_tls_length_value(MemoryRegion<byte>& buf,
(tag_size == 2 && val_bytes > 65535))
throw std::invalid_argument("append_tls_length_value: value too large");
- for(u32bit i = 0; i != tag_size; ++i)
- buf.push_back(get_byte(4-tag_size+i, val_bytes));
+ for(size_t i = 0; i != tag_size; ++i)
+ buf.push_back(get_byte(sizeof(val_bytes)-tag_size+i, val_bytes));
- for(u32bit i = 0; i != vals_size; ++i)
- for(u32bit j = 0; j != T_size; ++j)
+ for(size_t i = 0; i != vals_size; ++i)
+ for(size_t j = 0; j != T_size; ++j)
buf.push_back(get_byte(j, vals[i]));
}
template<typename T>
void append_tls_length_value(MemoryRegion<byte>& buf,
const MemoryRegion<T>& vals,
- u32bit tag_size)
+ size_t tag_size)
{
append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
}
@@ -176,7 +176,7 @@ void append_tls_length_value(MemoryRegion<byte>& buf,
template<typename T>
void append_tls_length_value(MemoryRegion<byte>& buf,
const std::vector<T>& vals,
- u32bit tag_size)
+ size_t tag_size)
{
append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
}
diff --git a/src/ssl/tls_record.h b/src/ssl/tls_record.h
index 7ea7f3cc8..84929b0ff 100644
--- a/src/ssl/tls_record.h
+++ b/src/ssl/tls_record.h
@@ -12,9 +12,18 @@
#include <botan/tls_suites.h>
#include <botan/socket.h>
#include <botan/pipe.h>
+#include <botan/mac.h>
#include <botan/secqueue.h>
#include <vector>
+#if defined(BOTAN_USE_STD_TR1)
+ #include <tr1/functional>
+#elif defined(BOTAN_USE_BOOST_TR1)
+ #include <boost/tr1/functional.hpp>
+#endif
+
+using namespace std::tr1::placeholders;
+
namespace Botan {
/**
@@ -23,8 +32,9 @@ namespace Botan {
class BOTAN_DLL Record_Writer
{
public:
- void send(byte, const byte[], u32bit);
- void send(byte, byte);
+ void send(byte type, const byte input[], size_t length);
+ void send(byte type, byte val) { send(type, &val, 1); }
+
void flush();
void alert(Alert_Level, Alert_Type);
@@ -35,18 +45,22 @@ class BOTAN_DLL Record_Writer
void reset();
- Record_Writer(Socket& socket);
+ Record_Writer(std::tr1::function<void (const byte[], size_t)> output_fn);
+ ~Record_Writer() { delete mac; }
private:
- void send_record(byte, const byte[], u32bit);
- void send_record(byte, byte, byte, const byte[], u32bit);
+ void send_record(byte type, const byte input[], size_t length);
+ void send_record(byte type, byte major, byte minor,
+ const byte input[], size_t length);
+
+ std::tr1::function<void (const byte[], size_t)> output_fn;
+ Pipe cipher;
+ MessageAuthenticationCode* mac;
- Socket& socket;
- Pipe cipher, mac;
SecureVector<byte> buffer;
- u32bit buf_pos;
+ size_t buf_pos;
- u32bit block_size, mac_size, iv_size;
+ size_t block_size, mac_size, iv_size;
u64bit seq_no;
byte major, minor, buf_type;
@@ -58,14 +72,14 @@ class BOTAN_DLL Record_Writer
class BOTAN_DLL Record_Reader
{
public:
- void add_input(const byte input[], u32bit input_size);
+ void add_input(const byte input[], size_t input_size);
/**
* @param msg_type (output variable)
* @param buffer (output variable)
* @return Number of bytes still needed (minimum), or 0 if success
*/
- u32bit get_record(byte& msg_type,
+ size_t get_record(byte& msg_type,
MemoryRegion<byte>& buffer);
SecureVector<byte> get_record(byte& msg_type);
@@ -78,12 +92,15 @@ class BOTAN_DLL Record_Reader
void reset();
- Record_Reader() { reset(); }
+ Record_Reader() { mac = 0; reset(); }
+
+ ~Record_Reader() { delete mac; }
private:
SecureQueue input_queue;
- Pipe cipher, mac;
- u32bit block_size, mac_size, iv_size;
+ Pipe cipher;
+ MessageAuthenticationCode* mac;
+ size_t block_size, mac_size, iv_size;
u64bit seq_no;
byte major, minor;
};
diff --git a/src/ssl/tls_server.cpp b/src/ssl/tls_server.cpp
index 1503912d0..6f79fe0fb 100644
--- a/src/ssl/tls_server.cpp
+++ b/src/ssl/tls_server.cpp
@@ -16,7 +16,7 @@ namespace Botan {
namespace {
-/**
+/*
* Choose what version to respond with
*/
Version_Code choose_version(Version_Code client, Version_Code minimum)
@@ -31,7 +31,7 @@ Version_Code choose_version(Version_Code client, Version_Code minimum)
}
// FIXME: checks are wrong for session reuse (add a flag for that)
-/**
+/*
* Verify the state transition is allowed
*/
void server_check_state(Handshake_Type new_msg, Handshake_State* state)
@@ -82,7 +82,7 @@ void server_check_state(Handshake_Type new_msg, Handshake_State* state)
}
-/**
+/*
* TLS Server Constructor
*/
TLS_Server::TLS_Server(const TLS_Policy& pol,
@@ -93,7 +93,7 @@ TLS_Server::TLS_Server(const TLS_Policy& pol,
policy(pol),
rng(r),
peer(sock),
- writer(sock)
+ writer(std::tr1::bind(&Socket::write, std::tr1::ref(peer), _1, _2))
{
state = 0;
@@ -120,7 +120,7 @@ TLS_Server::TLS_Server(const TLS_Policy& pol,
}
}
-/**
+/*
* TLS Server Destructor
*/
TLS_Server::~TLS_Server()
@@ -130,7 +130,7 @@ TLS_Server::~TLS_Server()
delete state;
}
-/**
+/*
* Return the peer's certificate chain
*/
std::vector<X509_Certificate> TLS_Server::peer_cert_chain() const
@@ -138,10 +138,10 @@ std::vector<X509_Certificate> TLS_Server::peer_cert_chain() const
return peer_certs;
}
-/**
+/*
* Write to a TLS connection
*/
-void TLS_Server::write(const byte buf[], u32bit length)
+void TLS_Server::write(const byte buf[], size_t length)
{
if(!active)
throw Internal_Error("TLS_Server::write called while closed");
@@ -149,10 +149,10 @@ void TLS_Server::write(const byte buf[], u32bit length)
writer.send(APPLICATION_DATA, buf, length);
}
-/**
+/*
* Read from a TLS connection
*/
-u32bit TLS_Server::read(byte out[], u32bit length)
+size_t TLS_Server::read(byte out[], size_t length)
{
if(!active)
throw Internal_Error("TLS_Server::read called while closed");
@@ -166,12 +166,12 @@ u32bit TLS_Server::read(byte out[], u32bit length)
break;
}
- u32bit got = std::min<size_t>(read_buf.size(), length);
+ size_t got = std::min<size_t>(read_buf.size(), length);
read_buf.read(out, got);
return got;
}
-/**
+/*
* Check connection status
*/
bool TLS_Server::is_closed() const
@@ -181,7 +181,7 @@ bool TLS_Server::is_closed() const
return false;
}
-/**
+/*
* Close a TLS connection
*/
void TLS_Server::close()
@@ -189,7 +189,7 @@ void TLS_Server::close()
close(WARNING, CLOSE_NOTIFY);
}
-/**
+/*
* Close a TLS connection
*/
void TLS_Server::close(Alert_Level level, Alert_Type alert_code)
@@ -205,7 +205,7 @@ void TLS_Server::close(Alert_Level level, Alert_Type alert_code)
}
}
-/**
+/*
* Iterate the TLS state machine
*/
void TLS_Server::state_machine()
@@ -213,12 +213,12 @@ void TLS_Server::state_machine()
byte rec_type = CONNECTION_CLOSED;
SecureVector<byte> record(1024);
- u32bit bytes_needed = reader.get_record(rec_type, record);
+ size_t bytes_needed = reader.get_record(rec_type, record);
while(bytes_needed)
{
- u32bit to_get = std::min<u32bit>(record.size(), bytes_needed);
- u32bit got = peer.read(&record[0], to_get);
+ size_t to_get = std::min<size_t>(record.size(), bytes_needed);
+ size_t got = peer.read(&record[0], to_get);
if(got == 0)
{
@@ -264,7 +264,7 @@ void TLS_Server::state_machine()
throw Unexpected_Message("Unknown message type recieved");
}
-/**
+/*
* Split up and process handshake messages
*/
void TLS_Server::read_handshake(byte rec_type,
@@ -289,7 +289,7 @@ void TLS_Server::read_handshake(byte rec_type,
byte head[4] = { 0 };
state->queue.peek(head, 4);
- const u32bit length = make_u32bit(0, head[1], head[2], head[3]);
+ const size_t length = make_u32bit(0, head[1], head[2], head[3]);
if(state->queue.size() >= length + 4)
{
@@ -320,7 +320,7 @@ void TLS_Server::read_handshake(byte rec_type,
}
}
-/**
+/*
* Process a handshake message
*/
void TLS_Server::process_handshake_msg(Handshake_Type type,
@@ -333,13 +333,13 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
if(type != HANDSHAKE_CCS && type != FINISHED)
{
-
if(type != CLIENT_HELLO_SSLV2)
{
state->hash.update(static_cast<byte>(type));
- u32bit record_length = contents.size();
- for(u32bit j = 0; j != 3; j++)
- state->hash.update(get_byte(j+1, record_length));
+
+ const size_t record_length = contents.size();
+ for(size_t i = 0; i != 3; i++)
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
}
state->hash.update(contents);
@@ -449,9 +449,11 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
"Finished message didn't verify");
state->hash.update(static_cast<byte>(type));
- u32bit record_length = contents.size();
- for(u32bit j = 0; j != 3; j++)
- state->hash.update(get_byte(j+1, record_length));
+
+ const size_t record_length = contents.size();
+ for(size_t i = 0; i != 3; i++)
+ state->hash.update(get_byte<u32bit>(i+1, record_length));
+
state->hash.update(contents);
writer.send(CHANGE_CIPHER_SPEC, 1);
@@ -471,7 +473,7 @@ void TLS_Server::process_handshake_msg(Handshake_Type type,
throw Unexpected_Message("Unknown handshake message recieved");
}
-/**
+/*
* Perform a server-side TLS handshake
*/
void TLS_Server::do_handshake()
diff --git a/src/ssl/tls_server.h b/src/ssl/tls_server.h
index fc6adc9ce..09a1ef40b 100644
--- a/src/ssl/tls_server.h
+++ b/src/ssl/tls_server.h
@@ -23,8 +23,8 @@ namespace Botan {
class BOTAN_DLL TLS_Server : public TLS_Connection
{
public:
- u32bit read(byte buf[], u32bit buf_len);
- void write(const byte buf[], u32bit buf_len);
+ size_t read(byte buf[], size_t buf_len);
+ void write(const byte buf[], size_t buf_len);
std::vector<X509_Certificate> peer_cert_chain() const;
diff --git a/src/ssl/tls_session_key.cpp b/src/ssl/tls_session_key.cpp
index 341ce7bb0..7c75d1758 100644
--- a/src/ssl/tls_session_key.cpp
+++ b/src/ssl/tls_session_key.cpp
@@ -71,7 +71,7 @@ SecureVector<byte> SessionKeys::master_secret() const
/**
* Generate SSLv3 session keys
*/
-SymmetricKey SessionKeys::ssl3_keygen(u32bit prf_gen,
+SymmetricKey SessionKeys::ssl3_keygen(size_t prf_gen,
const MemoryRegion<byte>& pre_master,
const MemoryRegion<byte>& client_random,
const MemoryRegion<byte>& server_random)
@@ -94,7 +94,7 @@ SymmetricKey SessionKeys::ssl3_keygen(u32bit prf_gen,
/**
* Generate TLS 1.0 session keys
*/
-SymmetricKey SessionKeys::tls1_keygen(u32bit prf_gen,
+SymmetricKey SessionKeys::tls1_keygen(size_t prf_gen,
const MemoryRegion<byte>& pre_master,
const MemoryRegion<byte>& client_random,
const MemoryRegion<byte>& server_random)
@@ -134,14 +134,14 @@ SessionKeys::SessionKeys(const CipherSuite& suite, Version_Code version,
if(version != SSL_V3 && version != TLS_V10 && version != TLS_V11)
throw Invalid_Argument("SessionKeys: Unknown version code");
- const u32bit mac_keylen = output_length_of(suite.mac_algo());
- u32bit cipher_keylen = suite.cipher_keylen();
+ const size_t mac_keylen = output_length_of(suite.mac_algo());
+ const size_t cipher_keylen = suite.cipher_keylen();
- u32bit cipher_ivlen = 0;
+ size_t cipher_ivlen = 0;
if(have_block_cipher(suite.cipher_algo()))
cipher_ivlen = block_size_of(suite.cipher_algo());
- const u32bit prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_ivlen);
+ const size_t prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_ivlen);
SymmetricKey keyblock = (version == SSL_V3) ?
ssl3_keygen(prf_gen, pre_master_secret, c_random, s_random) :
diff --git a/src/ssl/tls_session_key.h b/src/ssl/tls_session_key.h
index 98c1b92ff..51397984b 100644
--- a/src/ssl/tls_session_key.h
+++ b/src/ssl/tls_session_key.h
@@ -35,10 +35,10 @@ class BOTAN_DLL SessionKeys
SessionKeys(const CipherSuite&, Version_Code, const MemoryRegion<byte>&,
const MemoryRegion<byte>&, const MemoryRegion<byte>&);
private:
- SymmetricKey ssl3_keygen(u32bit, const MemoryRegion<byte>&,
+ SymmetricKey ssl3_keygen(size_t, const MemoryRegion<byte>&,
const MemoryRegion<byte>&,
const MemoryRegion<byte>&);
- SymmetricKey tls1_keygen(u32bit, const MemoryRegion<byte>&,
+ SymmetricKey tls1_keygen(size_t, const MemoryRegion<byte>&,
const MemoryRegion<byte>&,
const MemoryRegion<byte>&);
diff --git a/src/ssl/tls_suites.cpp b/src/ssl/tls_suites.cpp
index 12473d253..304d0b5db 100644
--- a/src/ssl/tls_suites.cpp
+++ b/src/ssl/tls_suites.cpp
@@ -212,7 +212,7 @@ TLS_Ciphersuite_Algos CipherSuite::lookup_ciphersuite(u16bit suite)
namespace {
-std::pair<std::string, u32bit> cipher_code_to_name(TLS_Ciphersuite_Algos algo)
+std::pair<std::string, size_t> cipher_code_to_name(TLS_Ciphersuite_Algos algo)
{
if((algo & TLS_ALGO_CIPHER_MASK) == TLS_ALGO_CIPHER_RC4_128)
return std::make_pair("ARC4", 16);
@@ -273,7 +273,7 @@ CipherSuite::CipherSuite(u16bit suite_code)
kex_algo = TLS_Ciphersuite_Algos(algos & TLS_ALGO_KEYEXCH_MASK);
- std::pair<std::string, u32bit> cipher_info = cipher_code_to_name(algos);
+ std::pair<std::string, size_t> cipher_info = cipher_code_to_name(algos);
cipher = cipher_info.first;
cipher_key_length = cipher_info.second;
diff --git a/src/ssl/tls_suites.h b/src/ssl/tls_suites.h
index 612c148e6..8d6db0e8b 100644
--- a/src/ssl/tls_suites.h
+++ b/src/ssl/tls_suites.h
@@ -25,7 +25,7 @@ class BOTAN_DLL CipherSuite
std::string cipher_algo() const { return cipher; }
std::string mac_algo() const { return mac; }
- u32bit cipher_keylen() const { return cipher_key_length; }
+ size_t cipher_keylen() const { return cipher_key_length; }
TLS_Ciphersuite_Algos kex_type() const { return kex_algo; }
TLS_Ciphersuite_Algos sig_type() const { return sig_algo; }
@@ -34,7 +34,7 @@ class BOTAN_DLL CipherSuite
private:
TLS_Ciphersuite_Algos kex_algo, sig_algo;
std::string cipher, mac;
- u32bit cipher_key_length;
+ size_t cipher_key_length;
};
}
diff --git a/src/stream/stream_cipher.h b/src/stream/stream_cipher.h
index 26bbfe160..680d57f70 100644
--- a/src/stream/stream_cipher.h
+++ b/src/stream/stream_cipher.h
@@ -63,9 +63,9 @@ class BOTAN_DLL StreamCipher : public SymmetricAlgorithm
* @param key_max the maximum key size
* @param key_mod the modulo restriction on the key size
*/
- StreamCipher(u32bit key_min,
- u32bit key_max = 0,
- u32bit key_mod = 1) :
+ StreamCipher(size_t key_min,
+ size_t key_max = 0,
+ size_t key_mod = 1) :
SymmetricAlgorithm(key_min, key_max, key_mod) {}
virtual ~StreamCipher() {}
diff --git a/src/utils/loadstor.h b/src/utils/loadstor.h
index e812fca4e..29e00592a 100644
--- a/src/utils/loadstor.h
+++ b/src/utils/loadstor.h
@@ -97,12 +97,12 @@ inline u64bit make_u64bit(byte i0, byte i1, byte i2, byte i3,
* @return off'th T of in, as a big-endian value
*/
template<typename T>
-inline T load_be(const byte in[], u32bit off)
+inline T load_be(const byte in[], size_t off)
{
in += off * sizeof(T);
T out = 0;
- for(u32bit j = 0; j != sizeof(T); j++)
- out = (out << 8) | in[j];
+ for(size_t i = 0; i != sizeof(T); ++i)
+ out = (out << 8) | in[i];
return out;
}
@@ -113,12 +113,12 @@ inline T load_be(const byte in[], u32bit off)
* @return off'th T of in, as a litte-endian value
*/
template<typename T>
-inline T load_le(const byte in[], u32bit off)
+inline T load_le(const byte in[], size_t off)
{
in += off * sizeof(T);
T out = 0;
- for(u32bit j = 0; j != sizeof(T); j++)
- out = (out << 8) | in[sizeof(T)-1-j];
+ for(size_t i = 0; i != sizeof(T); ++i)
+ out = (out << 8) | in[sizeof(T)-1-i];
return out;
}
@@ -129,7 +129,7 @@ inline T load_le(const byte in[], u32bit off)
* @return off'th u16bit of in, as a big-endian value
*/
template<>
-inline u16bit load_be<u16bit>(const byte in[], u32bit off)
+inline u16bit load_be<u16bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u16bit*>(in) + off));
@@ -146,7 +146,7 @@ inline u16bit load_be<u16bit>(const byte in[], u32bit off)
* @return off'th u16bit of in, as a little-endian value
*/
template<>
-inline u16bit load_le<u16bit>(const byte in[], u32bit off)
+inline u16bit load_le<u16bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u16bit*>(in) + off));
@@ -163,7 +163,7 @@ inline u16bit load_le<u16bit>(const byte in[], u32bit off)
* @return off'th u32bit of in, as a big-endian value
*/
template<>
-inline u32bit load_be<u32bit>(const byte in[], u32bit off)
+inline u32bit load_be<u32bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u32bit*>(in) + off));
@@ -180,7 +180,7 @@ inline u32bit load_be<u32bit>(const byte in[], u32bit off)
* @return off'th u32bit of in, as a little-endian value
*/
template<>
-inline u32bit load_le<u32bit>(const byte in[], u32bit off)
+inline u32bit load_le<u32bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u32bit*>(in) + off));
@@ -197,7 +197,7 @@ inline u32bit load_le<u32bit>(const byte in[], u32bit off)
* @return off'th u64bit of in, as a big-endian value
*/
template<>
-inline u64bit load_be<u64bit>(const byte in[], u32bit off)
+inline u64bit load_be<u64bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u64bit*>(in) + off));
@@ -215,7 +215,7 @@ inline u64bit load_be<u64bit>(const byte in[], u32bit off)
* @return off'th u64bit of in, as a little-endian value
*/
template<>
-inline u64bit load_le<u64bit>(const byte in[], u32bit off)
+inline u64bit load_le<u64bit>(const byte in[], size_t off)
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u64bit*>(in) + off));
@@ -293,24 +293,24 @@ inline void load_le(const byte in[],
template<typename T>
inline void load_le(T out[],
const byte in[],
- u32bit count)
+ size_t count)
{
#if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
std::memcpy(out, in, sizeof(T)*count);
#if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
- const u32bit blocks = count - (count % 4);
- const u32bit left = count - blocks;
+ const size_t blocks = count - (count % 4);
+ const size_t left = count - blocks;
- for(u32bit i = 0; i != blocks; i += 4)
+ for(size_t i = 0; i != blocks; i += 4)
bswap_4(out + i);
- for(u32bit i = 0; i != left; ++i)
+ for(size_t i = 0; i != left; ++i)
out[blocks+i] = reverse_bytes(out[blocks+i]);
#endif
#else
- for(u32bit i = 0; i != count; ++i)
+ for(size_t i = 0; i != count; ++i)
out[i] = load_le<T>(in, i);
#endif
}
@@ -382,24 +382,24 @@ inline void load_be(const byte in[],
template<typename T>
inline void load_be(T out[],
const byte in[],
- u32bit count)
+ size_t count)
{
#if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
std::memcpy(out, in, sizeof(T)*count);
#if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN)
- const u32bit blocks = count - (count % 4);
- const u32bit left = count - blocks;
+ const size_t blocks = count - (count % 4);
+ const size_t left = count - blocks;
- for(u32bit i = 0; i != blocks; i += 4)
+ for(size_t i = 0; i != blocks; i += 4)
bswap_4(out + i);
- for(u32bit i = 0; i != left; ++i)
+ for(size_t i = 0; i != left; ++i)
out[blocks+i] = reverse_bytes(out[blocks+i]);
#endif
#else
- for(u32bit i = 0; i != count; ++i)
+ for(size_t i = 0; i != count; ++i)
out[i] = load_be<T>(in, i);
#endif
}
diff --git a/src/utils/parsing.cpp b/src/utils/parsing.cpp
index 50696bbbf..ff0718bb0 100644
--- a/src/utils/parsing.cpp
+++ b/src/utils/parsing.cpp
@@ -231,7 +231,7 @@ std::string ipv4_to_string(u32bit ip)
{
std::string str;
- for(size_t i = 0; i != sizeof(ip); i++)
+ for(size_t i = 0; i != sizeof(ip); ++i)
{
if(i)
str += ".";
diff --git a/src/wrap/perl-xs/Botan.xs b/src/wrap/perl-xs/Botan.xs
index 5268a96d1..fc0c00ff5 100644
--- a/src/wrap/perl-xs/Botan.xs
+++ b/src/wrap/perl-xs/Botan.xs
@@ -12,9 +12,7 @@ extern "C" {
#include <botan/asn1_obj.h>
#include <botan/asn1_oid.h>
-#include <botan/base64.h>
-#include <botan/basefilt.h>
-#include <botan/hex_filt.h>
+#include <botan/filters.h>
#include <botan/init.h>
#include <botan/oids.h>
#include <botan/x509cert.h>