Resize key arrays in HMAC and SSL3_MAC when the key is set.

Plus a few minor cleanups.

5 files changed, 19 insertions, 18 deletions

diff --git a/src/mac/cmac/cmac.h b/src/mac/cmac/cmac.h
index 3e75d3951..b398f2563 100644
--- a/src/mac/cmac/cmac.h
+++ b/src/mac/cmac/cmac.h
@@ -36,7 +36,7 @@ class BOTAN_DLL CMAC : public MessageAuthenticationCode
       * @param polynomial the byte value of the polynomial
       */
       static secure_vector<byte> poly_double(const secure_vector<byte>& in,
-                                            byte polynomial);
+                                             byte polynomial);
 
       /**
       * @param cipher the underlying block cipher to use
diff --git a/src/mac/hmac/hmac.cpp b/src/mac/hmac/hmac.cpp
index 61cb262d0..4b4ed2f70 100644
--- a/src/mac/hmac/hmac.cpp
+++ b/src/mac/hmac/hmac.cpp
@@ -37,6 +37,10 @@ void HMAC::final_result(byte mac[])
 void HMAC::key_schedule(const byte key[], size_t length)
    {
    hash->clear();
+
+   i_key.resize(hash->hash_block_size());
+   o_key.resize(hash->hash_block_size());
+
    std::fill(i_key.begin(), i_key.end(), 0x36);
    std::fill(o_key.begin(), o_key.end(), 0x5C);
 
@@ -61,8 +65,8 @@ void HMAC::key_schedule(const byte key[], size_t length)
 void HMAC::clear()
    {
    hash->clear();
-   zeroise(i_key);
-   zeroise(o_key);
+   i_key.clear();
+   o_key.clear();
    }
 
 /*
@@ -88,9 +92,6 @@ HMAC::HMAC(HashFunction* hash_in) : hash(hash_in)
    {
    if(hash->hash_block_size() == 0)
       throw Invalid_Argument("HMAC cannot be used with " + hash->name());
-
-   i_key.resize(hash->hash_block_size());
-   o_key.resize(hash->hash_block_size());
    }
 
 }
diff --git a/src/mac/ssl3mac/ssl3_mac.cpp b/src/mac/ssl3mac/ssl3_mac.cpp
index 8799c96a5..8979d1291 100644
--- a/src/mac/ssl3mac/ssl3_mac.cpp
+++ b/src/mac/ssl3mac/ssl3_mac.cpp
@@ -35,6 +35,14 @@ void SSL3_MAC::final_result(byte mac[])
 void SSL3_MAC::key_schedule(const byte key[], size_t length)
    {
    hash->clear();
+
+   // Quirk to deal with specification bug
+   const size_t inner_hash_length =
+      (hash->name() == "SHA-160") ? 60 : hash->hash_block_size();
+
+   i_key.resize(inner_hash_length);
+   o_key.resize(inner_hash_length);
+
    std::fill(i_key.begin(), i_key.end(), 0x36);
    std::fill(o_key.begin(), o_key.end(), 0x5C);
 
@@ -50,8 +58,8 @@ void SSL3_MAC::key_schedule(const byte key[], size_t length)
 void SSL3_MAC::clear()
    {
    hash->clear();
-   zeroise(i_key);
-   zeroise(o_key);
+   i_key.clear();
+   o_key.clear();
    }
 
 /*
@@ -77,13 +85,6 @@ SSL3_MAC::SSL3_MAC(HashFunction* hash_in) : hash(hash_in)
    {
    if(hash->hash_block_size() == 0)
       throw Invalid_Argument("SSL3-MAC cannot be used with " + hash->name());
-
-   // Quirk to deal with specification bug
-   const size_t INNER_HASH_LENGTH =
-      (hash->name() == "SHA-160") ? 60 : hash->hash_block_size();
-
-   i_key.resize(INNER_HASH_LENGTH);
-   o_key.resize(INNER_HASH_LENGTH);
    }
 
 }
diff --git a/src/stream/turing/turing.cpp b/src/stream/turing/turing.cpp
index 5dc1a5680..bdc53cff1 100644
--- a/src/stream/turing/turing.cpp
+++ b/src/stream/turing/turing.cpp
@@ -252,7 +252,7 @@ void Turing::key_schedule(const byte key[], size_t length)
    S1.resize(256);
    S2.resize(256);
    S3.resize(256);
-   buffer.resize(340);
+   buffer.resize(17*20);
 
    for(u32bit i = 0; i != 256; ++i)
       {
diff --git a/src/stream/turing/turing.h b/src/stream/turing/turing.h
index 48fb013e7..f2453127a 100644
--- a/src/stream/turing/turing.h
+++ b/src/stream/turing/turing.h
@@ -43,8 +43,7 @@ class BOTAN_DLL Turing : public StreamCipher
       static const byte SBOX[256];
 
       secure_vector<u32bit> S0, S1, S2, S3;
-      secure_vector<u32bit> R;
-      secure_vector<u32bit> K;
+      secure_vector<u32bit> R, K;
       secure_vector<byte> buffer;
       size_t position;
    };