propagate from branch 'net.randombit.botan' (head fc8daa606ab7954eab48778d7236986747b719e4)

to branch 'net.randombit.botan.c++0x' (head 2bf71b0a2e0e468d7eb3631e4ca284234f554729)
author: lloyd <[email protected]> 2010-11-29 22:52:17 +0000
committer: lloyd <[email protected]> 2010-11-29 22:52:17 +0000
commit: 0e41e0e8d441ff907f092c718db650cda06e2e1a (patch)
tree: 8c0df20500bdf601d4378a6000923501a48ad1f3 /src
parent: 5d4621b745ac529c7df6c4d91e4d2b68bd0325e4 (diff)
parent: 65ab36776317f73ddf0f2d3bd6c1c7e35608962f (diff)
20 files changed, 295 insertions, 197 deletions
diff --git a/src/algo_base/algo_base.h b/src/algo_base/algo_base.h
index c27ea1809..813216a36 100644
--- a/src/algo_base/algo_base.h
+++ b/src/algo_base/algo_base.h
@@ -1,6 +1,6 @@
 /*
-* Symmetric Algorithm Base Class
-* (C) 1999-2007 Jack Lloyd
+* Algorithm Base Class
+* (C) 2010 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
@@ -14,18 +14,13 @@
 namespace Botan {
 
 /**
-* This class represents a symmetric algorithm object.
+* This class represents an algorithm of some kind
 */
 class BOTAN_DLL Algorithm
    {
    public:
 
       /**
-      * Make a new object representing the same algorithm as *this
-      */
-      virtual Algorithm* clone() const = 0;
-
-      /**
       * Zeroize internal state
       */
       virtual void clear() = 0;
diff --git a/src/asn1/x509_dn.cpp b/src/asn1/x509_dn.cpp
index 0deed1a70..984645cfe 100644
--- a/src/asn1/x509_dn.cpp
+++ b/src/asn1/x509_dn.cpp
@@ -104,35 +104,6 @@ std::vector<std::string> X509_DN::get_attribute(const std::string& attr) const
    }
 
 /*
-* Handle the decoding operation of a DN
-*/
-void X509_DN::do_decode(const MemoryRegion<byte>& bits)
-   {
-   BER_Decoder sequence(bits);
-
-   while(sequence.more_items())
-      {
-      BER_Decoder rdn = sequence.start_cons(SET);
-
-      while(rdn.more_items())
-         {
-         OID oid;
-         ASN1_String str;
-
-         rdn.start_cons(SEQUENCE)
-            .decode(oid)
-            .decode(str)
-            .verify_end()
-        .end_cons();
-
-         add_attribute(oid, str.value());
-         }
-      }
-
-   dn_bits = bits;
-   }
-
-/*
 * Return the BER encoded data, if any
 */
 MemoryVector<byte> X509_DN::get_bits() const
@@ -259,12 +230,12 @@ void X509_DN::encode_into(DER_Encoder& der) const
       der.raw_bytes(dn_bits);
    else
       {
-      do_ava(der, dn_info, PRINTABLE_STRING, "X520.Country", true);
+      do_ava(der, dn_info, PRINTABLE_STRING, "X520.Country");
       do_ava(der, dn_info, DIRECTORY_STRING, "X520.State");
       do_ava(der, dn_info, DIRECTORY_STRING, "X520.Locality");
       do_ava(der, dn_info, DIRECTORY_STRING, "X520.Organization");
       do_ava(der, dn_info, DIRECTORY_STRING, "X520.OrganizationalUnit");
-      do_ava(der, dn_info, DIRECTORY_STRING, "X520.CommonName", true);
+      do_ava(der, dn_info, DIRECTORY_STRING, "X520.CommonName");
       do_ava(der, dn_info, PRINTABLE_STRING, "X520.SerialNumber");
       }
 
@@ -276,13 +247,34 @@ void X509_DN::encode_into(DER_Encoder& der) const
 */
 void X509_DN::decode_from(BER_Decoder& source)
    {
-   dn_info.clear();
+   MemoryVector<byte> bits;
 
    source.start_cons(SEQUENCE)
-      .raw_bytes(dn_bits)
+      .raw_bytes(bits)
    .end_cons();
 
-   do_decode(dn_bits);
+   BER_Decoder sequence(bits);
+
+   while(sequence.more_items())
+      {
+      BER_Decoder rdn = sequence.start_cons(SET);
+
+      while(rdn.more_items())
+         {
+         OID oid;
+         ASN1_String str;
+
+         rdn.start_cons(SEQUENCE)
+            .decode(oid)
+            .decode(str)
+            .verify_end()
+        .end_cons();
+
+         add_attribute(oid, str.value());
+         }
+      }
+
+   dn_bits = bits;
    }
 
 }
diff --git a/src/asn1/x509_dn.h b/src/asn1/x509_dn.h
index c4fc2d17b..3f63eb49c 100644
--- a/src/asn1/x509_dn.h
+++ b/src/asn1/x509_dn.h
@@ -34,7 +34,6 @@ class BOTAN_DLL X509_DN : public ASN1_Object
 
       static std::string deref_info_field(const std::string&);
 
-      void do_decode(const MemoryRegion<byte>&);
       MemoryVector<byte> get_bits() const;
 
       X509_DN();
diff --git a/src/block/idea_sse2/idea_sse2.cpp b/src/block/idea_sse2/idea_sse2.cpp
index 469a33943..f2c770103 100644
--- a/src/block/idea_sse2/idea_sse2.cpp
+++ b/src/block/idea_sse2/idea_sse2.cpp
@@ -16,7 +16,7 @@ inline __m128i mul(__m128i X, u16bit K_16)
    {
    const __m128i zeros = _mm_set1_epi16(0);
    const __m128i ones = _mm_set1_epi16(1);
-   const __m128i high_bit = _mm_set1_epi16(0x8000);
+   const __m128i high_bit = _mm_set1_epi16(-32767); // 0x8000
 
    const __m128i K = _mm_set1_epi16(K_16);
 
diff --git a/src/block/safer/safe_tab.cpp b/src/block/safer/safe_tab.cpp
deleted file mode 100644
index e265a40eb..000000000
--- a/src/block/safer/safe_tab.cpp
+++ /dev/null
@@ -1,121 +0,0 @@
-/*
-* S-Box Tables for SAFER-SK
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/safer_sk.h>
-
-namespace Botan {
-
-const byte SAFER_SK::EXP[256] = {
-   0x01, 0x2D, 0xE2, 0x93, 0xBE, 0x45, 0x15, 0xAE, 0x78, 0x03, 0x87, 0xA4,
-   0xB8, 0x38, 0xCF, 0x3F, 0x08, 0x67, 0x09, 0x94, 0xEB, 0x26, 0xA8, 0x6B,
-   0xBD, 0x18, 0x34, 0x1B, 0xBB, 0xBF, 0x72, 0xF7, 0x40, 0x35, 0x48, 0x9C,
-   0x51, 0x2F, 0x3B, 0x55, 0xE3, 0xC0, 0x9F, 0xD8, 0xD3, 0xF3, 0x8D, 0xB1,
-   0xFF, 0xA7, 0x3E, 0xDC, 0x86, 0x77, 0xD7, 0xA6, 0x11, 0xFB, 0xF4, 0xBA,
-   0x92, 0x91, 0x64, 0x83, 0xF1, 0x33, 0xEF, 0xDA, 0x2C, 0xB5, 0xB2, 0x2B,
-   0x88, 0xD1, 0x99, 0xCB, 0x8C, 0x84, 0x1D, 0x14, 0x81, 0x97, 0x71, 0xCA,
-   0x5F, 0xA3, 0x8B, 0x57, 0x3C, 0x82, 0xC4, 0x52, 0x5C, 0x1C, 0xE8, 0xA0,
-   0x04, 0xB4, 0x85, 0x4A, 0xF6, 0x13, 0x54, 0xB6, 0xDF, 0x0C, 0x1A, 0x8E,
-   0xDE, 0xE0, 0x39, 0xFC, 0x20, 0x9B, 0x24, 0x4E, 0xA9, 0x98, 0x9E, 0xAB,
-   0xF2, 0x60, 0xD0, 0x6C, 0xEA, 0xFA, 0xC7, 0xD9, 0x00, 0xD4, 0x1F, 0x6E,
-   0x43, 0xBC, 0xEC, 0x53, 0x89, 0xFE, 0x7A, 0x5D, 0x49, 0xC9, 0x32, 0xC2,
-   0xF9, 0x9A, 0xF8, 0x6D, 0x16, 0xDB, 0x59, 0x96, 0x44, 0xE9, 0xCD, 0xE6,
-   0x46, 0x42, 0x8F, 0x0A, 0xC1, 0xCC, 0xB9, 0x65, 0xB0, 0xD2, 0xC6, 0xAC,
-   0x1E, 0x41, 0x62, 0x29, 0x2E, 0x0E, 0x74, 0x50, 0x02, 0x5A, 0xC3, 0x25,
-   0x7B, 0x8A, 0x2A, 0x5B, 0xF0, 0x06, 0x0D, 0x47, 0x6F, 0x70, 0x9D, 0x7E,
-   0x10, 0xCE, 0x12, 0x27, 0xD5, 0x4C, 0x4F, 0xD6, 0x79, 0x30, 0x68, 0x36,
-   0x75, 0x7D, 0xE4, 0xED, 0x80, 0x6A, 0x90, 0x37, 0xA2, 0x5E, 0x76, 0xAA,
-   0xC5, 0x7F, 0x3D, 0xAF, 0xA5, 0xE5, 0x19, 0x61, 0xFD, 0x4D, 0x7C, 0xB7,
-   0x0B, 0xEE, 0xAD, 0x4B, 0x22, 0xF5, 0xE7, 0x73, 0x23, 0x21, 0xC8, 0x05,
-   0xE1, 0x66, 0xDD, 0xB3, 0x58, 0x69, 0x63, 0x56, 0x0F, 0xA1, 0x31, 0x95,
-   0x17, 0x07, 0x3A, 0x28 };
-
-const byte SAFER_SK::LOG[512] = {
-   0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, 0x10, 0x12, 0x9F, 0xE4,
-   0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, 0x4F, 0x06, 0x94, 0xFC,
-   0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, 0x70, 0xED, 0xE8, 0xEC,
-   0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, 0x44, 0x01, 0xAC, 0x25,
-   0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, 0x0D, 0x6E, 0xFE, 0x26,
-   0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, 0x98, 0x05, 0x9C, 0xBB,
-   0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, 0xAF, 0x24, 0x5B, 0x87,
-   0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, 0x5C, 0x8B, 0xD5, 0x54,
-   0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, 0xCA, 0xF5, 0xD1, 0x17,
-   0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, 0xAE, 0xCC, 0xD6, 0x35,
-   0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, 0xD0, 0x50, 0x59, 0x3F,
-   0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, 0x4C, 0x2E, 0x6B, 0x9E,
-   0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, 0x75, 0x4A, 0x91, 0x71,
-   0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, 0x0B, 0xDC, 0x37, 0x31,
-   0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, 0xA4, 0x2F, 0x46, 0xF3,
-   0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, 0x85, 0x18, 0x04, 0x1D,
-   0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, 0xEE, 0x8D, 0x53, 0x4B,
-   0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, 0x81, 0xC4, 0xC7, 0x36,
-   0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, 0x6D, 0xF0, 0x02, 0x28,
-   0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, 0x86, 0xCF, 0xE5, 0x42,
-   0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, 0x92, 0x90, 0x7D, 0x39,
-   0x6F, 0xE0, 0x89, 0x30, 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD,
-   0x10, 0x12, 0x9F, 0xE4, 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65,
-   0x4F, 0x06, 0x94, 0xFC, 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82,
-   0x70, 0xED, 0xE8, 0xEC, 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47,
-   0x44, 0x01, 0xAC, 0x25, 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3,
-   0x0D, 0x6E, 0xFE, 0x26, 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84,
-   0x98, 0x05, 0x9C, 0xBB, 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6,
-   0xAF, 0x24, 0x5B, 0x87, 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7,
-   0x5C, 0x8B, 0xD5, 0x54, 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11,
-   0xCA, 0xF5, 0xD1, 0x17, 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB,
-   0xAE, 0xCC, 0xD6, 0x35, 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9,
-   0xD0, 0x50, 0x59, 0x3F, 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56,
-   0x4C, 0x2E, 0x6B, 0x9E, 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51,
-   0x75, 0x4A, 0x91, 0x71, 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55,
-   0x0B, 0xDC, 0x37, 0x31, 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB,
-   0xA4, 0x2F, 0x46, 0xF3, 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C,
-   0x85, 0x18, 0x04, 0x1D, 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E,
-   0xEE, 0x8D, 0x53, 0x4B, 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C,
-   0x81, 0xC4, 0xC7, 0x36, 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68,
-   0x6D, 0xF0, 0x02, 0x28, 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14,
-   0x86, 0xCF, 0xE5, 0x42, 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F,
-   0x92, 0x90, 0x7D, 0x39, 0x6F, 0xE0, 0x89, 0x30 };
-
-const byte SAFER_SK::BIAS[208] = {
-   0x16, 0x73, 0x3B, 0x1E, 0x8E, 0x70, 0xBD, 0x86, 0x47, 0x7E, 0x24, 0x56,
-   0xF1, 0x77, 0x88, 0x46, 0xB1, 0xBA, 0xA3, 0xB7, 0x10, 0x0A, 0xC5, 0x37,
-   0xC9, 0x5A, 0x28, 0xAC, 0x64, 0xA5, 0xEC, 0xAB, 0xC6, 0x67, 0x95, 0x58,
-   0x0D, 0xF8, 0x9A, 0xF6, 0x66, 0xDC, 0x05, 0x3D, 0xD3, 0x8A, 0xC3, 0xD8,
-   0x6A, 0xE9, 0x36, 0x49, 0x43, 0xBF, 0xEB, 0xD4, 0x9B, 0x68, 0xA0, 0x65,
-   0x5D, 0x57, 0x92, 0x1F, 0x71, 0x5C, 0xBB, 0x22, 0xC1, 0xBE, 0x7B, 0xBC,
-   0x63, 0x94, 0x5F, 0x2A, 0x61, 0xB8, 0x34, 0x32, 0xFD, 0xFB, 0x17, 0x40,
-   0xE6, 0x51, 0x1D, 0x41, 0x8F, 0x29, 0xDD, 0x04, 0x80, 0xDE, 0xE7, 0x31,
-   0x7F, 0x01, 0xA2, 0xF7, 0x39, 0xDA, 0x6F, 0x23, 0xFE, 0x3A, 0xD0, 0x1C,
-   0xD1, 0x30, 0x3E, 0x12, 0xCD, 0x0F, 0xE0, 0xA8, 0xAF, 0x82, 0x59, 0x2C,
-   0x7D, 0xAD, 0xB2, 0xEF, 0xC2, 0x87, 0xCE, 0x75, 0x13, 0x02, 0x90, 0x4F,
-   0x2E, 0x72, 0x33, 0x85, 0x8D, 0xCF, 0xA9, 0x81, 0xE2, 0xC4, 0x27, 0x2F,
-   0x7A, 0x9F, 0x52, 0xE1, 0x15, 0x38, 0x2B, 0xFC, 0x42, 0xC7, 0x08, 0xE4,
-   0x09, 0x55, 0x5E, 0x8C, 0x76, 0x60, 0xFF, 0xDF, 0xD7, 0x98, 0xFA, 0x0B,
-   0x00, 0x1A, 0xF9, 0xA6, 0xB9, 0xE8, 0x9E, 0x62, 0xD9, 0x91, 0x50, 0xD2,
-   0xEE, 0x18, 0xB4, 0x07, 0xEA, 0x5B, 0xA4, 0xC8, 0x0E, 0xCB, 0x48, 0x69,
-   0x4E, 0x9C, 0x35, 0x79, 0x45, 0x4D, 0x54, 0xE5, 0x3C, 0x0C, 0x4A, 0x8B,
-   0x3F, 0xCC, 0xA7, 0xDB };
-
-const byte SAFER_SK::KEY_INDEX[208] = {
-   0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E,
-   0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01,
-   0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08,
-   0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D,
-   0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
-   0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
-   0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x02, 0x03, 0x04, 0x05,
-   0x06, 0x07, 0x08, 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A,
-   0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x0E, 0x0F, 0x10, 0x11,
-   0x09, 0x0A, 0x0B, 0x0C, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04,
-   0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x08, 0x00, 0x01, 0x02,
-   0x03, 0x04, 0x05, 0x06, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
-   0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E,
-   0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01,
-   0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08,
-   0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D,
-   0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
-   0x0C, 0x0D, 0x0E, 0x0F };
-
-}
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp
index 1d103040d..5275a0781 100644
--- a/src/block/safer/safer_sk.cpp
+++ b/src/block/safer/safer_sk.cpp
@@ -12,6 +12,79 @@
 
 namespace Botan {
 
+namespace {
+
+const byte EXP[256] = {
+   0x01, 0x2D, 0xE2, 0x93, 0xBE, 0x45, 0x15, 0xAE, 0x78, 0x03, 0x87, 0xA4,
+   0xB8, 0x38, 0xCF, 0x3F, 0x08, 0x67, 0x09, 0x94, 0xEB, 0x26, 0xA8, 0x6B,
+   0xBD, 0x18, 0x34, 0x1B, 0xBB, 0xBF, 0x72, 0xF7, 0x40, 0x35, 0x48, 0x9C,
+   0x51, 0x2F, 0x3B, 0x55, 0xE3, 0xC0, 0x9F, 0xD8, 0xD3, 0xF3, 0x8D, 0xB1,
+   0xFF, 0xA7, 0x3E, 0xDC, 0x86, 0x77, 0xD7, 0xA6, 0x11, 0xFB, 0xF4, 0xBA,
+   0x92, 0x91, 0x64, 0x83, 0xF1, 0x33, 0xEF, 0xDA, 0x2C, 0xB5, 0xB2, 0x2B,
+   0x88, 0xD1, 0x99, 0xCB, 0x8C, 0x84, 0x1D, 0x14, 0x81, 0x97, 0x71, 0xCA,
+   0x5F, 0xA3, 0x8B, 0x57, 0x3C, 0x82, 0xC4, 0x52, 0x5C, 0x1C, 0xE8, 0xA0,
+   0x04, 0xB4, 0x85, 0x4A, 0xF6, 0x13, 0x54, 0xB6, 0xDF, 0x0C, 0x1A, 0x8E,
+   0xDE, 0xE0, 0x39, 0xFC, 0x20, 0x9B, 0x24, 0x4E, 0xA9, 0x98, 0x9E, 0xAB,
+   0xF2, 0x60, 0xD0, 0x6C, 0xEA, 0xFA, 0xC7, 0xD9, 0x00, 0xD4, 0x1F, 0x6E,
+   0x43, 0xBC, 0xEC, 0x53, 0x89, 0xFE, 0x7A, 0x5D, 0x49, 0xC9, 0x32, 0xC2,
+   0xF9, 0x9A, 0xF8, 0x6D, 0x16, 0xDB, 0x59, 0x96, 0x44, 0xE9, 0xCD, 0xE6,
+   0x46, 0x42, 0x8F, 0x0A, 0xC1, 0xCC, 0xB9, 0x65, 0xB0, 0xD2, 0xC6, 0xAC,
+   0x1E, 0x41, 0x62, 0x29, 0x2E, 0x0E, 0x74, 0x50, 0x02, 0x5A, 0xC3, 0x25,
+   0x7B, 0x8A, 0x2A, 0x5B, 0xF0, 0x06, 0x0D, 0x47, 0x6F, 0x70, 0x9D, 0x7E,
+   0x10, 0xCE, 0x12, 0x27, 0xD5, 0x4C, 0x4F, 0xD6, 0x79, 0x30, 0x68, 0x36,
+   0x75, 0x7D, 0xE4, 0xED, 0x80, 0x6A, 0x90, 0x37, 0xA2, 0x5E, 0x76, 0xAA,
+   0xC5, 0x7F, 0x3D, 0xAF, 0xA5, 0xE5, 0x19, 0x61, 0xFD, 0x4D, 0x7C, 0xB7,
+   0x0B, 0xEE, 0xAD, 0x4B, 0x22, 0xF5, 0xE7, 0x73, 0x23, 0x21, 0xC8, 0x05,
+   0xE1, 0x66, 0xDD, 0xB3, 0x58, 0x69, 0x63, 0x56, 0x0F, 0xA1, 0x31, 0x95,
+   0x17, 0x07, 0x3A, 0x28 };
+
+const byte LOG[512] = {
+   0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD, 0x10, 0x12, 0x9F, 0xE4,
+   0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65, 0x4F, 0x06, 0x94, 0xFC,
+   0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82, 0x70, 0xED, 0xE8, 0xEC,
+   0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47, 0x44, 0x01, 0xAC, 0x25,
+   0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3, 0x0D, 0x6E, 0xFE, 0x26,
+   0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84, 0x98, 0x05, 0x9C, 0xBB,
+   0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6, 0xAF, 0x24, 0x5B, 0x87,
+   0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7, 0x5C, 0x8B, 0xD5, 0x54,
+   0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11, 0xCA, 0xF5, 0xD1, 0x17,
+   0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB, 0xAE, 0xCC, 0xD6, 0x35,
+   0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9, 0xD0, 0x50, 0x59, 0x3F,
+   0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56, 0x4C, 0x2E, 0x6B, 0x9E,
+   0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51, 0x75, 0x4A, 0x91, 0x71,
+   0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55, 0x0B, 0xDC, 0x37, 0x31,
+   0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB, 0xA4, 0x2F, 0x46, 0xF3,
+   0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C, 0x85, 0x18, 0x04, 0x1D,
+   0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E, 0xEE, 0x8D, 0x53, 0x4B,
+   0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C, 0x81, 0xC4, 0xC7, 0x36,
+   0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68, 0x6D, 0xF0, 0x02, 0x28,
+   0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14, 0x86, 0xCF, 0xE5, 0x42,
+   0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F, 0x92, 0x90, 0x7D, 0x39,
+   0x6F, 0xE0, 0x89, 0x30, 0x80, 0x00, 0xB0, 0x09, 0x60, 0xEF, 0xB9, 0xFD,
+   0x10, 0x12, 0x9F, 0xE4, 0x69, 0xBA, 0xAD, 0xF8, 0xC0, 0x38, 0xC2, 0x65,
+   0x4F, 0x06, 0x94, 0xFC, 0x19, 0xDE, 0x6A, 0x1B, 0x5D, 0x4E, 0xA8, 0x82,
+   0x70, 0xED, 0xE8, 0xEC, 0x72, 0xB3, 0x15, 0xC3, 0xFF, 0xAB, 0xB6, 0x47,
+   0x44, 0x01, 0xAC, 0x25, 0xC9, 0xFA, 0x8E, 0x41, 0x1A, 0x21, 0xCB, 0xD3,
+   0x0D, 0x6E, 0xFE, 0x26, 0x58, 0xDA, 0x32, 0x0F, 0x20, 0xA9, 0x9D, 0x84,
+   0x98, 0x05, 0x9C, 0xBB, 0x22, 0x8C, 0x63, 0xE7, 0xC5, 0xE1, 0x73, 0xC6,
+   0xAF, 0x24, 0x5B, 0x87, 0x66, 0x27, 0xF7, 0x57, 0xF4, 0x96, 0xB1, 0xB7,
+   0x5C, 0x8B, 0xD5, 0x54, 0x79, 0xDF, 0xAA, 0xF6, 0x3E, 0xA3, 0xF1, 0x11,
+   0xCA, 0xF5, 0xD1, 0x17, 0x7B, 0x93, 0x83, 0xBC, 0xBD, 0x52, 0x1E, 0xEB,
+   0xAE, 0xCC, 0xD6, 0x35, 0x08, 0xC8, 0x8A, 0xB4, 0xE2, 0xCD, 0xBF, 0xD9,
+   0xD0, 0x50, 0x59, 0x3F, 0x4D, 0x62, 0x34, 0x0A, 0x48, 0x88, 0xB5, 0x56,
+   0x4C, 0x2E, 0x6B, 0x9E, 0xD2, 0x3D, 0x3C, 0x03, 0x13, 0xFB, 0x97, 0x51,
+   0x75, 0x4A, 0x91, 0x71, 0x23, 0xBE, 0x76, 0x2A, 0x5F, 0xF9, 0xD4, 0x55,
+   0x0B, 0xDC, 0x37, 0x31, 0x16, 0x74, 0xD7, 0x77, 0xA7, 0xE6, 0x07, 0xDB,
+   0xA4, 0x2F, 0x46, 0xF3, 0x61, 0x45, 0x67, 0xE3, 0x0C, 0xA2, 0x3B, 0x1C,
+   0x85, 0x18, 0x04, 0x1D, 0x29, 0xA0, 0x8F, 0xB2, 0x5A, 0xD8, 0xA6, 0x7E,
+   0xEE, 0x8D, 0x53, 0x4B, 0xA1, 0x9A, 0xC1, 0x0E, 0x7A, 0x49, 0xA5, 0x2C,
+   0x81, 0xC4, 0xC7, 0x36, 0x2B, 0x7F, 0x43, 0x95, 0x33, 0xF2, 0x6C, 0x68,
+   0x6D, 0xF0, 0x02, 0x28, 0xCE, 0xDD, 0x9B, 0xEA, 0x5E, 0x99, 0x7C, 0x14,
+   0x86, 0xCF, 0xE5, 0x42, 0xB8, 0x40, 0x78, 0x2D, 0x3A, 0xE9, 0x64, 0x1F,
+   0x92, 0x90, 0x7D, 0x39, 0x6F, 0xE0, 0x89, 0x30 };
+
+}
+
 /*
 * SAFER-SK Encryption
 */
@@ -95,6 +168,46 @@ void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const
 */
 void SAFER_SK::key_schedule(const byte key[], size_t)
    {
+   const byte BIAS[208] = {
+      0x16, 0x73, 0x3B, 0x1E, 0x8E, 0x70, 0xBD, 0x86, 0x47, 0x7E, 0x24, 0x56,
+      0xF1, 0x77, 0x88, 0x46, 0xB1, 0xBA, 0xA3, 0xB7, 0x10, 0x0A, 0xC5, 0x37,
+      0xC9, 0x5A, 0x28, 0xAC, 0x64, 0xA5, 0xEC, 0xAB, 0xC6, 0x67, 0x95, 0x58,
+      0x0D, 0xF8, 0x9A, 0xF6, 0x66, 0xDC, 0x05, 0x3D, 0xD3, 0x8A, 0xC3, 0xD8,
+      0x6A, 0xE9, 0x36, 0x49, 0x43, 0xBF, 0xEB, 0xD4, 0x9B, 0x68, 0xA0, 0x65,
+      0x5D, 0x57, 0x92, 0x1F, 0x71, 0x5C, 0xBB, 0x22, 0xC1, 0xBE, 0x7B, 0xBC,
+      0x63, 0x94, 0x5F, 0x2A, 0x61, 0xB8, 0x34, 0x32, 0xFD, 0xFB, 0x17, 0x40,
+      0xE6, 0x51, 0x1D, 0x41, 0x8F, 0x29, 0xDD, 0x04, 0x80, 0xDE, 0xE7, 0x31,
+      0x7F, 0x01, 0xA2, 0xF7, 0x39, 0xDA, 0x6F, 0x23, 0xFE, 0x3A, 0xD0, 0x1C,
+      0xD1, 0x30, 0x3E, 0x12, 0xCD, 0x0F, 0xE0, 0xA8, 0xAF, 0x82, 0x59, 0x2C,
+      0x7D, 0xAD, 0xB2, 0xEF, 0xC2, 0x87, 0xCE, 0x75, 0x13, 0x02, 0x90, 0x4F,
+      0x2E, 0x72, 0x33, 0x85, 0x8D, 0xCF, 0xA9, 0x81, 0xE2, 0xC4, 0x27, 0x2F,
+      0x7A, 0x9F, 0x52, 0xE1, 0x15, 0x38, 0x2B, 0xFC, 0x42, 0xC7, 0x08, 0xE4,
+      0x09, 0x55, 0x5E, 0x8C, 0x76, 0x60, 0xFF, 0xDF, 0xD7, 0x98, 0xFA, 0x0B,
+      0x00, 0x1A, 0xF9, 0xA6, 0xB9, 0xE8, 0x9E, 0x62, 0xD9, 0x91, 0x50, 0xD2,
+      0xEE, 0x18, 0xB4, 0x07, 0xEA, 0x5B, 0xA4, 0xC8, 0x0E, 0xCB, 0x48, 0x69,
+      0x4E, 0x9C, 0x35, 0x79, 0x45, 0x4D, 0x54, 0xE5, 0x3C, 0x0C, 0x4A, 0x8B,
+      0x3F, 0xCC, 0xA7, 0xDB };
+
+   const byte KEY_INDEX[208] = {
+      0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E,
+      0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01,
+      0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08,
+      0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D,
+      0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
+      0x0C, 0x0D, 0x0E, 0x0F, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+      0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x02, 0x03, 0x04, 0x05,
+      0x06, 0x07, 0x08, 0x00, 0x0C, 0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A,
+      0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x0E, 0x0F, 0x10, 0x11,
+      0x09, 0x0A, 0x0B, 0x0C, 0x06, 0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04,
+      0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x08, 0x00, 0x01, 0x02,
+      0x03, 0x04, 0x05, 0x06, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, 0x10,
+      0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x0B, 0x0C, 0x0D, 0x0E,
+      0x0F, 0x10, 0x11, 0x09, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x00, 0x01,
+      0x0D, 0x0E, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x05, 0x06, 0x07, 0x08,
+      0x00, 0x01, 0x02, 0x03, 0x0F, 0x10, 0x11, 0x09, 0x0A, 0x0B, 0x0C, 0x0D,
+      0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
+      0x0C, 0x0D, 0x0E, 0x0F };
+
    SecureVector<byte> KB(18);
 
    for(size_t i = 0; i != 8; ++i)
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index 803afffa0..564ea5c50 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -34,11 +34,6 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16>
       size_t get_rounds() const { return (EK.size() - 8) / 16; }
       void key_schedule(const byte[], size_t);
 
-      static const byte EXP[256];
-      static const byte LOG[512];
-      static const byte BIAS[208];
-      static const byte KEY_INDEX[208];
-
       SecureVector<byte> EK;
    };
 
diff --git a/src/build-data/cc/clang.txt b/src/build-data/cc/clang.txt
index fde720d18..14c51349c 100644
--- a/src/build-data/cc/clang.txt
+++ b/src/build-data/cc/clang.txt
@@ -30,6 +30,7 @@ default -> "$(CXX) -shared -fPIC -Wl,-soname,$(SONAME)"
 
 <mach_opt>
 amd64     -> "-march=SUBMODEL"
+nehalem   -> "-march=core2 -mssse3 -msse4.1"
 </mach_opt>
 
 <mach_abi_linking>
diff --git a/src/cert/cvc/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp
index dba2ece8d..1b3940250 100644
--- a/src/cert/cvc/ecdsa_sig.cpp
+++ b/src/cert/cvc/ecdsa_sig.cpp
@@ -32,7 +32,8 @@ MemoryVector<byte> ECDSA_Signature::DER_encode() const
 
 MemoryVector<byte> ECDSA_Signature::get_concatenation() const
    {
-   u32bit enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes(); // use the larger
+   // use the larger
+   const size_t enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes();
 
    SecureVector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
    SecureVector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp
index 7c0e103d1..14b5240cf 100644
--- a/src/cert/x509ca/x509_ca.cpp
+++ b/src/cert/x509ca/x509_ca.cpp
@@ -94,7 +94,7 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
                                     const Extensions& extensions)
    {
    const u32bit X509_CERT_VERSION = 3;
-   const size_t SERIAL_BITS = 128;
+   const size_t SERIAL_BITS = 256;
 
    BigInt serial_no(rng, SERIAL_BITS);
 
diff --git a/src/cert/x509cert/x509cert.cpp b/src/cert/x509cert/x509cert.cpp
index e3844e8e9..05a459c1f 100644
--- a/src/cert/x509cert/x509cert.cpp
+++ b/src/cert/x509cert/x509cert.cpp
@@ -1,6 +1,6 @@
 /*
 * X.509 Certificates
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2010 Jack Lloyd
 *
 * Distributed under the terms of the Botan license
 */
@@ -14,7 +14,10 @@
 #include <botan/bigint.h>
 #include <botan/oids.h>
 #include <botan/pem.h>
+#include <botan/hex.h>
 #include <algorithm>
+#include <iterator>
+#include <sstream>
 
 namespace Botan {
 
@@ -295,6 +298,106 @@ bool operator!=(const X509_Certificate& cert1, const X509_Certificate& cert2)
    return !(cert1 == cert2);
    }
 
+std::string X509_Certificate::to_string() const
+   {
+   const char* dn_fields[] = { "Name",
+                               "Email",
+                               "Organization",
+                               "Organizational Unit",
+                               "Locality",
+                               "State",
+                               "Country",
+                               "IP",
+                               "DNS",
+                               "URI",
+                               "PKIX.XMPPAddr",
+                               0 };
+
+   std::ostringstream out;
+
+   for(size_t i = 0; dn_fields[i]; ++i)
+      {
+      const std::vector<std::string> vals = this->subject_info(dn_fields[i]);
+
+      if(vals.empty())
+         continue;
+
+      out << "Subject " << dn_fields[i] << ":";
+      for(size_t i = 0; i != vals.size(); ++i)
+         out << " " << vals[i];
+      out << "\n";
+      }
+
+   for(size_t i = 0; dn_fields[i]; ++i)
+      {
+      const std::vector<std::string> vals = this->issuer_info(dn_fields[i]);
+
+      if(vals.empty())
+         continue;
+
+      out << "Issuer " << dn_fields[i] << ":";
+      for(size_t i = 0; i != vals.size(); ++i)
+         out << " " << vals[i];
+      out << "\n";
+      }
+
+   out << "Version: " << this->x509_version() << "\n";
+
+   out << "Not valid before: " << this->start_time() << "\n";
+   out << "Not valid after: " << this->end_time() << "\n";
+
+   out << "Constraints:\n";
+   Key_Constraints constraints = this->constraints();
+   if(constraints == NO_CONSTRAINTS)
+      out << " None\n";
+   else
+      {
+      if(constraints & DIGITAL_SIGNATURE)
+         out << "   Digital Signature\n";
+      if(constraints & NON_REPUDIATION)
+         out << "   Non-Repuidation\n";
+      if(constraints & KEY_ENCIPHERMENT)
+         out << "   Key Encipherment\n";
+      if(constraints & DATA_ENCIPHERMENT)
+         out << "   Data Encipherment\n";
+      if(constraints & KEY_AGREEMENT)
+         out << "   Key Agreement\n";
+      if(constraints & KEY_CERT_SIGN)
+         out << "   Cert Sign\n";
+      if(constraints & CRL_SIGN)
+         out << "   CRL Sign\n";
+      }
+
+   std::vector<std::string> policies = this->policies();
+   if(policies.size())
+      {
+      out << "Policies: " << "\n";
+      for(u32bit j = 0; j != policies.size(); j++)
+         out << "   " << policies[j] << "\n";
+      }
+
+   std::vector<std::string> ex_constraints = this->ex_constraints();
+   if(ex_constraints.size())
+      {
+      out << "Extended Constraints:\n";
+      for(u32bit j = 0; j != ex_constraints.size(); j++)
+         out << "   " << ex_constraints[j] << "\n";
+      }
+
+   out << "Signature algorithm: " <<
+      OIDS::lookup(this->signature_algorithm().oid) << "\n";
+
+   out << "Serial number: " << hex_encode(this->serial_number()) << "\n";
+   out << "Authority keyid: " << hex_encode(this->authority_key_id()) << "\n";
+   out << "Subject keyid: " << hex_encode(this->subject_key_id()) << "\n";
+
+   X509_PublicKey* pubkey = this->subject_public_key();
+   out << "Public Key:\n" << X509::PEM_encode(*pubkey);
+   delete pubkey;
+
+   return out.str();
+   }
+
 /*
 * Create and populate a X509_DN
 */
diff --git a/src/cert/x509cert/x509cert.h b/src/cert/x509cert/x509cert.h
index 754553f3d..8798ef1c2 100644
--- a/src/cert/x509cert/x509cert.h
+++ b/src/cert/x509cert/x509cert.h
@@ -141,6 +141,11 @@ class BOTAN_DLL X509_Certificate : public X509_Object
       std::vector<std::string> policies() const;
 
       /**
+      * @return a string describing the certificate
+      */
+      std::string to_string() const;
+
+      /**
       * Check to certificates for equality.
       * @return true both certificates are (binary) equal
       */
diff --git a/src/engine/core_engine/core_modes.cpp b/src/engine/core_engine/core_modes.cpp
index 7cf7cf460..035cd41c7 100644
--- a/src/engine/core_engine/core_modes.cpp
+++ b/src/engine/core_engine/core_modes.cpp
@@ -217,8 +217,7 @@ Keyed_Filter* Core_Engine::get_cipher(const std::string& algo_spec,
    if(filt)
       return filt;
 
-   throw Algorithm_Not_Found("get_mode: " + cipher_name + "/" +
-                             mode + "/" + padding);
+   throw Algorithm_Not_Found(cipher_name + "/" + mode + "/" + padding);
    }
 
 }
diff --git a/src/filters/modes/mode_pad/mode_pad.cpp b/src/filters/modes/mode_pad/mode_pad.cpp
index 5d3a152d6..7809a122f 100644
--- a/src/filters/modes/mode_pad/mode_pad.cpp
+++ b/src/filters/modes/mode_pad/mode_pad.cpp
@@ -7,6 +7,7 @@
 
 #include <botan/mode_pad.h>
 #include <botan/exceptn.h>
+#include <botan/internal/assert.h>
 
 namespace Botan {
 
@@ -23,8 +24,14 @@ size_t BlockCipherModePaddingMethod::pad_bytes(size_t bs, size_t pos) const
 */
 void PKCS7_Padding::pad(byte block[], size_t size, size_t position) const
    {
+   const size_t bytes_remaining = size - position;
+   const byte pad_value = static_cast<byte>(bytes_remaining);
+
+   BOTAN_ASSERT_EQUAL(pad_value, bytes_remaining,
+                      "Overflow in PKCS7_Padding");
+
    for(size_t j = 0; j != size; ++j)
-      block[j] = (size-position);
+      block[j] = pad_value;
    }
 
 /*
diff --git a/src/kdf/ssl_prf/prf_ssl3.cpp b/src/kdf/ssl_prf/prf_ssl3.cpp
index 4f7325bde..72cf023e2 100644
--- a/src/kdf/ssl_prf/prf_ssl3.cpp
+++ b/src/kdf/ssl_prf/prf_ssl3.cpp
@@ -30,7 +30,7 @@ OctetString next_hash(size_t where, size_t want,
    const byte ASCII_A_CHAR = 0x41;
 
    for(size_t j = 0; j != where + 1; j++)
-      sha1.update(ASCII_A_CHAR + where);
+     sha1.update(static_cast<byte>(ASCII_A_CHAR + where));
    sha1.update(secret, secret_len);
    sha1.update(seed, seed_len);
    SecureVector<byte> sha1_hash = sha1.final();
diff --git a/src/pubkey/workfactor.cpp b/src/pubkey/workfactor.cpp
index a4d670c82..f3d5d164a 100644
--- a/src/pubkey/workfactor.cpp
+++ b/src/pubkey/workfactor.cpp
@@ -34,14 +34,14 @@ size_t dl_work_factor(size_t bits)
       return 190;
    return 256;
 #else
-   const size_t MIN_ESTIMATE = 64;
+   const double MIN_ESTIMATE = 64;
 
    const double log_x = bits / 1.44;
 
    const double strength =
       2.76 * std::pow(log_x, 1.0/3.0) * std::pow(std::log(log_x), 2.0/3.0);
 
-   return std::max<size_t>(strength, MIN_ESTIMATE);
+   return static_cast<size_t>(std::max(strength, MIN_ESTIMATE));
 #endif
    }
 
diff --git a/src/ssl/tls_policy.cpp b/src/ssl/tls_policy.cpp
index 38fcf58cc..b73ff7850 100644
--- a/src/ssl/tls_policy.cpp
+++ b/src/ssl/tls_policy.cpp
@@ -115,12 +115,4 @@ DL_Group TLS_Policy::dh_group() const
    return DL_Group("modp/ietf/1024");
    }
 
-/*
-* Default certificate check
-*/
-bool TLS_Policy::check_cert(const std::vector<X509_Certificate>& certs) const
-   {
-   return true;
-   }
-
 }
diff --git a/src/ssl/tls_policy.h b/src/ssl/tls_policy.h
index c5944f0f7..461164d2f 100644
--- a/src/ssl/tls_policy.h
+++ b/src/ssl/tls_policy.h
@@ -39,10 +39,17 @@ class BOTAN_DLL TLS_Policy
       virtual DL_Group dh_group() const;
       virtual size_t rsa_export_keysize() const { return 512; }
 
+      /*
+      * @return the minimum version that we will negotiate
+      */
       virtual Version_Code min_version() const { return SSL_V3; }
+
+      /*
+      * @return the version we would prefer to negotiate
+      */
       virtual Version_Code pref_version() const { return TLS_V11; }
 
-      virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const;
+      virtual bool check_cert(const std::vector<X509_Certificate>& cert_chain) const = 0;
 
       virtual ~TLS_Policy() {}
    private:
diff --git a/src/utils/assert.h b/src/utils/assert.h
index d84f5c7ad..67ca665e3 100644
--- a/src/utils/assert.h
+++ b/src/utils/assert.h
@@ -16,14 +16,24 @@ void assertion_failure(const char* expr_str,
                        const char* file,
                        int line);
 
-#define BOTAN_ASSERT(expr, msg)                          \
-   do {                                                  \
-      if(!(expr))                                        \
-         Botan::assertion_failure(#expr,                 \
-                                  msg,                   \
-                                  BOTAN_ASSERT_FUNCTION, \
-                                  __FILE__,              \
-                                  __LINE__);             \
+#define BOTAN_ASSERT(expr, msg)                           \
+   do {                                                   \
+      if(!(expr))                                         \
+         Botan::assertion_failure(#expr,                  \
+                                  msg,                    \
+                                  BOTAN_ASSERT_FUNCTION,  \
+                                  __FILE__,               \
+                                  __LINE__);              \
+   } while(0)
+
+#define BOTAN_ASSERT_EQUAL(value1, value2, msg)           \
+   do {                                                   \
+     if(value1 != value2)                                 \
+         Botan::assertion_failure(#value1 " == " #value2, \
+                                  msg,                    \
+                                  BOTAN_ASSERT_FUNCTION,  \
+                                  __FILE__,               \
+                                  __LINE__);              \
    } while(0)
 
 /*
diff --git a/src/utils/cpuid.cpp b/src/utils/cpuid.cpp
index c34a99942..30f441bd0 100644
--- a/src/utils/cpuid.cpp
+++ b/src/utils/cpuid.cpp
@@ -26,7 +26,7 @@
   #include <ia32intrin.h>
   #define CALL_CPUID(type, out) do { __cpuid(out, type); } while(0);
 
-#elif BOTAN_GCC_VERSION >= 430
+#elif (BOTAN_GCC_VERSION >= 430) || defined(BOTAN_BUILD_COMPILER_IS_CLANG)
 
   // Only available starting in GCC 4.3
   #include <cpuid.h>
author	lloyd <[email protected]>	2010-11-29 22:52:17 +0000
committer	lloyd <[email protected]>	2010-11-29 22:52:17 +0000
commit	0e41e0e8d441ff907f092c718db650cda06e2e1a (patch)
tree	8c0df20500bdf601d4378a6000923501a48ad1f3 /src
parent	5d4621b745ac529c7df6c4d91e4d2b68bd0325e4 (diff)
parent	65ab36776317f73ddf0f2d3bd6c1c7e35608962f (diff)