aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-06-07 23:58:28 +0000
committerlloyd <[email protected]>2012-06-07 23:58:28 +0000
commit1ca43e0c8caba8b2517122b46e83bf4ca5d79005 (patch)
treea1365d38c763cfd66844f7ad29f1f19ce05d15cd /src
parent8a7eb1f73c503b289a6f4bc56f5ebef806c9d4e6 (diff)
Update cms, cvc, zlib, bzip2, openssl, and gnump modules for the new
allocator interface. The compression filters now just use malloc/free with a memset. Add a new info.txt field <warning>, like comment but warns. Use for CMS which is pretty broken (doesn't even compile anymore), and for TLS.
Diffstat (limited to 'src')
-rw-r--r--src/cert/cvc/asn1_eac_tm.cpp8
-rw-r--r--src/cert/cvc/cvc_ado.cpp27
-rw-r--r--src/cert/cvc/cvc_ado.h6
-rw-r--r--src/cert/cvc/cvc_cert.cpp10
-rw-r--r--src/cert/cvc/cvc_cert.h4
-rw-r--r--src/cert/cvc/cvc_gen_cert.h30
-rw-r--r--src/cert/cvc/cvc_req.cpp2
-rw-r--r--src/cert/cvc/cvc_self.cpp6
-rw-r--r--src/cert/cvc/eac_asn_obj.h2
-rw-r--r--src/cert/cvc/eac_obj.h2
-rw-r--r--src/cert/cvc/ecdsa_sig.cpp12
-rw-r--r--src/cert/cvc/ecdsa_sig.h4
-rw-r--r--src/cert/cvc/signed_obj.cpp8
-rw-r--r--src/cert/cvc/signed_obj.h11
-rw-r--r--src/cms/cms_dec.h2
-rw-r--r--src/cms/cms_enc.h1
-rw-r--r--src/cms/info.txt4
-rw-r--r--src/engine/gnump/gmp_mem.cpp49
-rw-r--r--src/engine/gnump/gmp_wrap.cpp5
-rw-r--r--src/engine/gnump/gmp_wrap.h2
-rw-r--r--src/engine/gnump/gnump_pk.cpp8
-rw-r--r--src/engine/openssl/bn_powm.cpp4
-rw-r--r--src/engine/openssl/bn_wrap.cpp30
-rw-r--r--src/engine/openssl/bn_wrap.h14
-rw-r--r--src/engine/openssl/ossl_bc.cpp6
-rw-r--r--src/engine/openssl/ossl_pk.cpp58
-rw-r--r--src/filters/bzip2/bzip2.cpp24
-rw-r--r--src/filters/zlib/zlib.cpp34
-rw-r--r--src/tls/info.txt4
29 files changed, 199 insertions, 178 deletions
diff --git a/src/cert/cvc/asn1_eac_tm.cpp b/src/cert/cvc/asn1_eac_tm.cpp
index a3a4d043d..e40f555b3 100644
--- a/src/cert/cvc/asn1_eac_tm.cpp
+++ b/src/cert/cvc/asn1_eac_tm.cpp
@@ -18,9 +18,9 @@ namespace Botan {
namespace {
-secure_vector<byte> enc_two_digit(u32bit in)
+std::vector<byte> enc_two_digit(u32bit in)
{
- secure_vector<byte> result;
+ std::vector<byte> result;
in %= 100;
if(in < 10)
result.push_back(0x00);
@@ -281,9 +281,9 @@ void EAC_Time::decode_from(BER_Decoder& source)
/*
* make the value an octet string for encoding
*/
-secure_vector<byte> EAC_Time::encoded_eac_time() const
+std::vector<byte> EAC_Time::encoded_eac_time() const
{
- secure_vector<byte> result;
+ std::vector<byte> result;
result += enc_two_digit(year);
result += enc_two_digit(month);
result += enc_two_digit(day);
diff --git a/src/cert/cvc/cvc_ado.cpp b/src/cert/cvc/cvc_ado.cpp
index f224d15b9..54bc9facd 100644
--- a/src/cert/cvc/cvc_ado.cpp
+++ b/src/cert/cvc/cvc_ado.cpp
@@ -26,7 +26,7 @@ EAC1_1_ADO::EAC1_1_ADO(const std::string& in)
void EAC1_1_ADO::force_decode()
{
- secure_vector<byte> inner_cert;
+ std::vector<byte> inner_cert;
BER_Decoder(tbs_bits)
.start_cons(ASN1_Tag(33))
.raw_bytes(inner_cert)
@@ -34,11 +34,11 @@ void EAC1_1_ADO::force_decode()
.decode(m_car)
.verify_end();
- secure_vector<byte> req_bits = DER_Encoder()
+ std::vector<byte> req_bits = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.raw_bytes(inner_cert)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
DataSource_Memory req_source(req_bits);
m_req = EAC1_1_Req(req_source);
@@ -46,17 +46,17 @@ void EAC1_1_ADO::force_decode()
}
std::vector<byte> EAC1_1_ADO::make_signed(PK_Signer& signer,
- const secure_vector<byte>& tbs_bits,
+ const std::vector<byte>& tbs_bits,
RandomNumberGenerator& rng)
{
- secure_vector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
+ const std::vector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
return DER_Encoder()
.start_cons(ASN1_Tag(7), APPLICATION)
.raw_bytes(tbs_bits)
.encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
ASN1_Car EAC1_1_ADO::get_car() const
@@ -65,11 +65,11 @@ ASN1_Car EAC1_1_ADO::get_car() const
}
void EAC1_1_ADO::decode_info(DataSource& source,
- secure_vector<byte> & res_tbs_bits,
+ std::vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig)
{
- secure_vector<byte> concat_sig;
- secure_vector<byte> cert_inner_bits;
+ std::vector<byte> concat_sig;
+ std::vector<byte> cert_inner_bits;
ASN1_Car car;
BER_Decoder(source)
@@ -81,11 +81,11 @@ void EAC1_1_ADO::decode_info(DataSource& source,
.decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons();
- secure_vector<byte> enc_cert = DER_Encoder()
+ std::vector<byte> enc_cert = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.raw_bytes(cert_inner_bits)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
res_tbs_bits = enc_cert;
res_tbs_bits += DER_Encoder().encode(car).get_contents();
@@ -97,8 +97,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
if(encoding == PEM)
throw Invalid_Argument("EAC1_1_ADO::encode() cannot PEM encode an EAC object");
- secure_vector<byte> concat_sig(
- EAC1_1_obj<EAC1_1_ADO>::m_sig.get_concatenation());
+ auto concat_sig = EAC1_1_obj<EAC1_1_ADO>::m_sig.get_concatenation();
out.write(DER_Encoder()
.start_cons(ASN1_Tag(7), APPLICATION)
@@ -108,7 +107,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
.get_contents());
}
-secure_vector<byte> EAC1_1_ADO::tbs_data() const
+std::vector<byte> EAC1_1_ADO::tbs_data() const
{
return tbs_bits;
}
diff --git a/src/cert/cvc/cvc_ado.h b/src/cert/cvc/cvc_ado.h
index 81b89ea00..6f5b1d527 100644
--- a/src/cert/cvc/cvc_ado.h
+++ b/src/cert/cvc/cvc_ado.h
@@ -45,7 +45,7 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
*/
static std::vector<byte> make_signed(
PK_Signer& signer,
- const secure_vector<byte>& tbs_bits,
+ const std::vector<byte>& tbs_bits,
RandomNumberGenerator& rng);
/**
@@ -73,7 +73,7 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
* Get the TBS data of this CVC ADO request.
* @result the TBS data
*/
- secure_vector<byte> tbs_data() const;
+ std::vector<byte> tbs_data() const;
virtual ~EAC1_1_ADO() {}
private:
@@ -82,7 +82,7 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
void force_decode();
static void decode_info(DataSource& source,
- secure_vector<byte> & res_tbs_bits,
+ std::vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig);
};
diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp
index 12558bb80..3ab78b7d4 100644
--- a/src/cert/cvc/cvc_cert.cpp
+++ b/src/cert/cvc/cvc_cert.cpp
@@ -33,8 +33,8 @@ u32bit EAC1_1_CVC::get_chat_value() const
*/
void EAC1_1_CVC::force_decode()
{
- secure_vector<byte> enc_pk;
- secure_vector<byte> enc_chat_val;
+ std::vector<byte> enc_pk;
+ std::vector<byte> enc_chat_val;
size_t cpi;
BER_Decoder tbs_cert(tbs_bits);
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
@@ -88,7 +88,7 @@ bool EAC1_1_CVC::operator==(EAC1_1_CVC const& rhs) const
&& get_concat_sig() == rhs.get_concat_sig());
}
-ECDSA_PublicKey* decode_eac1_1_key(const secure_vector<byte>&,
+ECDSA_PublicKey* decode_eac1_1_key(const std::vector<byte>&,
AlgorithmIdentifier&)
{
throw Internal_Error("decode_eac1_1_key: Unimplemented");
@@ -96,7 +96,7 @@ ECDSA_PublicKey* decode_eac1_1_key(const secure_vector<byte>&,
}
EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
- secure_vector<byte> const& public_key,
+ const std::vector<byte>& public_key,
ASN1_Car const& car,
ASN1_Chr const& chr,
byte holder_auth_templ,
@@ -121,7 +121,7 @@ EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
.end_cons()
.encode(ced)
.encode(cex)
- .get_contents();
+ .get_contents_unlocked();
std::vector<byte> signed_cert =
EAC1_1_CVC::make_signed(signer,
diff --git a/src/cert/cvc/cvc_cert.h b/src/cert/cvc/cvc_cert.h
index 20370e64b..7c084379f 100644
--- a/src/cert/cvc/cvc_cert.h
+++ b/src/cert/cvc/cvc_cert.h
@@ -96,7 +96,7 @@ inline bool operator!=(EAC1_1_CVC const& lhs, EAC1_1_CVC const& rhs)
* @param rng a random number generator
*/
EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer,
- const secure_vector<byte>& public_key,
+ const std::vector<byte>& public_key,
ASN1_Car const& car,
ASN1_Chr const& chr,
byte holder_auth_templ,
@@ -107,7 +107,7 @@ EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer,
/**
* Decode an EAC encoding ECDSA key
*/
-BOTAN_DLL ECDSA_PublicKey* decode_eac1_1_key(const secure_vector<byte>& enc_key,
+BOTAN_DLL ECDSA_PublicKey* decode_eac1_1_key(const std::vector<byte>& enc_key,
AlgorithmIdentifier& sig_algo);
}
diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h
index a272e316f..7fa4eba29 100644
--- a/src/cert/cvc/cvc_gen_cert.h
+++ b/src/cert/cvc/cvc_gen_cert.h
@@ -56,14 +56,14 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
* Get the to-be-signed (TBS) data of this object.
* @result the TBS data of this object
*/
- secure_vector<byte> tbs_data() const;
+ std::vector<byte> tbs_data() const;
/**
* Build the DER encoded certifcate body of an object
* @param tbs the data to be signed
* @result the correctly encoded body of the object
*/
- static secure_vector<byte> build_cert_body(secure_vector<byte> const& tbs);
+ static std::vector<byte> build_cert_body(const std::vector<byte>& tbs);
/**
* Create a signed generalized CVC object.
@@ -74,7 +74,7 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
*/
static std::vector<byte> make_signed(
PK_Signer& signer,
- const secure_vector<byte>& tbs_bits,
+ const std::vector<byte>& tbs_bits,
RandomNumberGenerator& rng);
EAC1_1_gen_CVC() { m_pk = 0; }
@@ -88,7 +88,7 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
bool self_signed;
static void decode_info(DataSource& source,
- secure_vector<byte> & res_tbs_bits,
+ std::vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig);
};
@@ -106,17 +106,17 @@ template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
template<typename Derived>
std::vector<byte> EAC1_1_gen_CVC<Derived>::make_signed(
PK_Signer& signer,
- const secure_vector<byte>& tbs_bits,
+ const std::vector<byte>& tbs_bits,
RandomNumberGenerator& rng) // static
{
- secure_vector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
+ const auto concat_sig = signer.sign_message(tbs_bits, rng);
return DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.raw_bytes(tbs_bits)
.encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
template<typename Derived>
@@ -125,30 +125,30 @@ Public_Key* EAC1_1_gen_CVC<Derived>::subject_public_key() const
return new ECDSA_PublicKey(*m_pk);
}
-template<typename Derived> secure_vector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(secure_vector<byte> const& tbs)
+template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(const std::vector<byte>& tbs)
{
return DER_Encoder()
.start_cons(ASN1_Tag(78), APPLICATION)
.raw_bytes(tbs)
- .end_cons().get_contents();
+ .end_cons().get_contents_unlocked();
}
-template<typename Derived> secure_vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
+template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
{
return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
}
template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
{
- secure_vector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
- secure_vector<byte> der = DER_Encoder()
+ std::vector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
+ std::vector<byte> der = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.start_cons(ASN1_Tag(78), APPLICATION)
.raw_bytes(EAC1_1_obj<Derived>::tbs_bits)
.end_cons()
.encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
if (encoding == PEM)
throw Invalid_Argument("EAC1_1_gen_CVC::encode() cannot PEM encode an EAC object");
@@ -159,10 +159,10 @@ template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_
template<typename Derived>
void EAC1_1_gen_CVC<Derived>::decode_info(
DataSource& source,
- secure_vector<byte> & res_tbs_bits,
+ std::vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig)
{
- secure_vector<byte> concat_sig;
+ std::vector<byte> concat_sig;
BER_Decoder(source)
.start_cons(ASN1_Tag(33))
.start_cons(ASN1_Tag(78))
diff --git a/src/cert/cvc/cvc_req.cpp b/src/cert/cvc/cvc_req.cpp
index bd7dee3fa..6c013f755 100644
--- a/src/cert/cvc/cvc_req.cpp
+++ b/src/cert/cvc/cvc_req.cpp
@@ -19,7 +19,7 @@ bool EAC1_1_Req::operator==(EAC1_1_Req const& rhs) const
void EAC1_1_Req::force_decode()
{
- secure_vector<byte> enc_pk;
+ std::vector<byte> enc_pk;
BER_Decoder tbs_cert(tbs_bits);
size_t cpi;
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index e692bc9b8..46e4960e1 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -68,7 +68,7 @@ std::vector<byte> eac_1_1_encoding(const EC_PublicKey* key,
enc.end_cons();
- return enc.get_contents();
+ return enc.get_contents_unlocked();
}
std::string padding_and_hash_from_oid(OID const& oid)
@@ -141,7 +141,7 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
.encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION)
.raw_bytes(enc_public_key)
.encode(chr)
- .get_contents();
+ .get_contents_unlocked();
std::vector<byte> signed_cert =
EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(signer,
@@ -166,7 +166,7 @@ EAC1_1_ADO create_ado_req(Private_Key const& key,
std::string padding_and_hash = padding_and_hash_from_oid(req.signature_algorithm().oid);
PK_Signer signer(*priv_key, padding_and_hash);
- secure_vector<byte> tbs_bits = req.BER_encode();
+ std::vector<byte> tbs_bits = req.BER_encode();
tbs_bits += DER_Encoder().encode(car).get_contents();
std::vector<byte> signed_cert =
diff --git a/src/cert/cvc/eac_asn_obj.h b/src/cert/cvc/eac_asn_obj.h
index 9937abb01..ab8536e45 100644
--- a/src/cert/cvc/eac_asn_obj.h
+++ b/src/cert/cvc/eac_asn_obj.h
@@ -98,7 +98,7 @@ class BOTAN_DLL EAC_Time : public ASN1_Object
virtual ~EAC_Time() {}
private:
- secure_vector<byte> encoded_eac_time() const;
+ std::vector<byte> encoded_eac_time() const;
bool passes_sanity_check() const;
u32bit year, month, day;
ASN1_Tag tag;
diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h
index 39f34b874..42274446c 100644
--- a/src/cert/cvc/eac_obj.h
+++ b/src/cert/cvc/eac_obj.h
@@ -24,7 +24,7 @@ class EAC1_1_obj : public EAC_Signed_Object
* Return the signature as a concatenation of the encoded parts.
* @result the concatenated signature
*/
- secure_vector<byte> get_concat_sig() const
+ std::vector<byte> get_concat_sig() const
{ return m_sig.get_concatenation(); }
bool check_signature(class Public_Key& key) const
diff --git a/src/cert/cvc/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp
index 91166ad79..690244d50 100644
--- a/src/cert/cvc/ecdsa_sig.cpp
+++ b/src/cert/cvc/ecdsa_sig.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-ECDSA_Signature::ECDSA_Signature(const secure_vector<byte>& ber)
+ECDSA_Signature::ECDSA_Signature(const std::vector<byte>& ber)
{
BER_Decoder(ber)
.start_cons(SEQUENCE)
@@ -27,7 +27,7 @@ std::vector<byte> ECDSA_Signature::DER_encode() const
.encode(get_r())
.encode(get_s())
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
std::vector<byte> ECDSA_Signature::get_concatenation() const
@@ -35,15 +35,15 @@ std::vector<byte> ECDSA_Signature::get_concatenation() const
// use the larger
const size_t enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes();
- secure_vector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
- secure_vector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
+ const auto sv_r = BigInt::encode_1363(m_r, enc_len);
+ const auto sv_s = BigInt::encode_1363(m_s, enc_len);
secure_vector<byte> result(sv_r);
result += sv_s;
- return result;
+ return unlock(result);
}
-ECDSA_Signature decode_concatenation(const secure_vector<byte>& concat)
+ECDSA_Signature decode_concatenation(const std::vector<byte>& concat)
{
if(concat.size() % 2 != 0)
throw Invalid_Argument("Erroneous length of signature");
diff --git a/src/cert/cvc/ecdsa_sig.h b/src/cert/cvc/ecdsa_sig.h
index a92d5078c..1c3b506cb 100644
--- a/src/cert/cvc/ecdsa_sig.h
+++ b/src/cert/cvc/ecdsa_sig.h
@@ -27,7 +27,7 @@ class BOTAN_DLL ECDSA_Signature
ECDSA_Signature(const BigInt& r, const BigInt& s) :
m_r(r), m_s(s) {}
- ECDSA_Signature(const secure_vector<byte>& ber);
+ ECDSA_Signature(const std::vector<byte>& ber);
const BigInt& get_r() const { return m_r; }
const BigInt& get_s() const { return m_s; }
@@ -54,7 +54,7 @@ inline bool operator!=(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
return !(lhs == rhs);
}
-ECDSA_Signature decode_concatenation(const secure_vector<byte>& concatenation);
+ECDSA_Signature decode_concatenation(const std::vector<byte>& concatenation);
}
diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp
index 4f04cd72e..20226fbe7 100644
--- a/src/cert/cvc/signed_obj.cpp
+++ b/src/cert/cvc/signed_obj.cpp
@@ -16,13 +16,13 @@ namespace Botan {
/*
* Return a BER encoded X.509 object
*/
-secure_vector<byte> EAC_Signed_Object::BER_encode() const
+std::vector<byte> EAC_Signed_Object::BER_encode() const
{
Pipe ber;
ber.start_msg();
encode(ber, RAW_BER);
ber.end_msg();
- return ber.read_all();
+ return unlock(ber.read_all());
}
/*
@@ -46,7 +46,7 @@ AlgorithmIdentifier EAC_Signed_Object::signature_algorithm() const
}
bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
- const secure_vector<byte>& sig) const
+ const std::vector<byte>& sig) const
{
try
{
@@ -62,7 +62,7 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
- secure_vector<byte> to_sign = tbs_data();
+ std::vector<byte> to_sign = tbs_data();
PK_Verifier verifier(pub_key, padding, format);
return verifier.verify_message(to_sign, sig);
diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h
index 45bd2858e..ce2bd4dd7 100644
--- a/src/cert/cvc/signed_obj.h
+++ b/src/cert/cvc/signed_obj.h
@@ -11,6 +11,7 @@
#include <botan/asn1_obj.h>
#include <botan/key_constraint.h>
+#include <botan/x509_key.h>
#include <botan/pipe.h>
#include <vector>
@@ -26,7 +27,7 @@ class BOTAN_DLL EAC_Signed_Object
* Get the TBS (to-be-signed) data in this object.
* @return DER encoded TBS data of this object
*/
- virtual secure_vector<byte> tbs_data() const = 0;
+ virtual std::vector<byte> tbs_data() const = 0;
/**
* Get the signature of this object as a concatenation, i.e. if the
@@ -39,7 +40,7 @@ class BOTAN_DLL EAC_Signed_Object
NOTE: this is here only because abstract signature objects have
not yet been introduced
*/
- virtual secure_vector<byte> get_concat_sig() const = 0;
+ virtual std::vector<byte> get_concat_sig() const = 0;
/**
* Get the signature algorithm identifier used to sign this object.
@@ -55,7 +56,7 @@ class BOTAN_DLL EAC_Signed_Object
* associated with this public key
*/
bool check_signature(class Public_Key& key,
- const secure_vector<byte>& sig) const;
+ const std::vector<byte>& sig) const;
/**
* Write this object DER encoded into a specified pipe.
@@ -69,7 +70,7 @@ class BOTAN_DLL EAC_Signed_Object
* BER encode this object.
* @return result containing the BER representation of this object.
*/
- secure_vector<byte> BER_encode() const;
+ std::vector<byte> BER_encode() const;
/**
* PEM encode this object.
@@ -83,7 +84,7 @@ class BOTAN_DLL EAC_Signed_Object
EAC_Signed_Object() {}
AlgorithmIdentifier sig_algo;
- secure_vector<byte> tbs_bits;
+ std::vector<byte> tbs_bits;
std::string PEM_label_pref;
std::vector<std::string> PEM_labels_allowed;
private:
diff --git a/src/cms/cms_dec.h b/src/cms/cms_dec.h
index 8c2057c2a..96a5d7c8e 100644
--- a/src/cms/cms_dec.h
+++ b/src/cms/cms_dec.h
@@ -9,7 +9,7 @@
#define BOTAN_CMS_DECODER_H__
#include <botan/x509cert.h>
-#include <botan/x509stor.h>
+#include <botan/x509_crl.h>
#include <botan/pkcs8.h>
#include <botan/ber_dec.h>
diff --git a/src/cms/cms_enc.h b/src/cms/cms_enc.h
index c86dbe58e..fc501c691 100644
--- a/src/cms/cms_enc.h
+++ b/src/cms/cms_enc.h
@@ -9,7 +9,6 @@
#define BOTAN_CMS_ENCODER_H__
#include <botan/x509cert.h>
-#include <botan/x509stor.h>
#include <botan/pkcs8.h>
#include <botan/symkey.h>
diff --git a/src/cms/info.txt b/src/cms/info.txt
index 0e74caa49..4d50d7112 100644
--- a/src/cms/info.txt
+++ b/src/cms/info.txt
@@ -2,6 +2,10 @@ define CMS
load_on never
+<warning>
+Currently broken, needs much love and updating before useful
+</warning>
+
<requires>
asn1
bigint
diff --git a/src/engine/gnump/gmp_mem.cpp b/src/engine/gnump/gmp_mem.cpp
index 7cf11654d..b5a5a303e 100644
--- a/src/engine/gnump/gmp_mem.cpp
+++ b/src/engine/gnump/gmp_mem.cpp
@@ -7,6 +7,7 @@
#include <botan/internal/gnump_engine.h>
#include <cstring>
+#include <atomic>
#include <gmp.h>
namespace Botan {
@@ -14,36 +15,44 @@ namespace Botan {
namespace {
/*
-* Allocator used by GNU MP
+* For keeping track of existing GMP_Engines and only
+* resetting the memory when none are in use.
*/
-Allocator* gmp_alloc = 0;
-size_t gmp_alloc_refcnt = 0;
+std::atomic<size_t> gmp_alloc_refcnt(0);
/*
* Allocation Function for GNU MP
*/
void* gmp_malloc(size_t n)
{
- return gmp_alloc->allocate(n);
+ // Maintain alignment, mlock goes for sizeof(T) alignment
+ if(n % 8 == 0)
+ return secure_allocator<u64bit>().allocate(n / 8);
+ else if(n % 4 == 0)
+ return secure_allocator<u32bit>().allocate(n / 4);
+ else if(n % 2 == 0)
+ return secure_allocator<u16bit>().allocate(n / 2);
+
+ return secure_allocator<byte>().allocate(n);
}
/*
-* Reallocation Function for GNU MP
+* Deallocation Function for GNU MP
*/
-void* gmp_realloc(void* ptr, size_t old_n, size_t new_n)
+void gmp_free(void* ptr, size_t n)
{
- void* new_buf = gmp_alloc->allocate(new_n);
- std::memcpy(new_buf, ptr, std::min(old_n, new_n));
- gmp_alloc->deallocate(ptr, old_n);
- return new_buf;
+ secure_allocator<byte>().deallocate(static_cast<byte*>(ptr), n);
}
/*
-* Deallocation Function for GNU MP
+* Reallocation Function for GNU MP
*/
-void gmp_free(void* ptr, size_t n)
+void* gmp_realloc(void* ptr, size_t old_n, size_t new_n)
{
- gmp_alloc->deallocate(ptr, n);
+ void* new_buf = gmp_malloc(new_n);
+ std::memcpy(new_buf, ptr, std::min(old_n, new_n));
+ gmp_free(ptr, old_n);
+ return new_buf;
}
}
@@ -53,24 +62,22 @@ void gmp_free(void* ptr, size_t n)
*/
GMP_Engine::GMP_Engine()
{
- if(gmp_alloc == 0)
- {
- gmp_alloc = Allocator::get(true);
+ /*
+ if(gmp_alloc_refcnt == 0)
mp_set_memory_functions(gmp_malloc, gmp_realloc, gmp_free);
- }
- ++gmp_alloc_refcnt;
+ gmp_alloc_refcnt++;
+ */
}
GMP_Engine::~GMP_Engine()
{
+ /*
--gmp_alloc_refcnt;
if(gmp_alloc_refcnt == 0)
- {
mp_set_memory_functions(NULL, NULL, NULL);
- gmp_alloc = 0;
- }
+ */
}
}
diff --git a/src/engine/gnump/gmp_wrap.cpp b/src/engine/gnump/gmp_wrap.cpp
index 107823ab3..22c46c7ad 100644
--- a/src/engine/gnump/gmp_wrap.cpp
+++ b/src/engine/gnump/gmp_wrap.cpp
@@ -87,7 +87,10 @@ BigInt GMP_MPZ::to_bigint() const
{
BigInt out(BigInt::Positive, (bytes() + sizeof(word) - 1) / sizeof(word));
size_t dummy = 0;
- mpz_export(out.get_reg(), &dummy, -1, sizeof(word), 0, 0, value);
+
+ auto reg = out.get_reg();
+
+ mpz_export(&reg[0], &dummy, -1, sizeof(word), 0, 0, value);
if(mpz_sgn(value) < 0)
out.flip_sign();
diff --git a/src/engine/gnump/gmp_wrap.h b/src/engine/gnump/gmp_wrap.h
index 0a786f3ee..291d65a01 100644
--- a/src/engine/gnump/gmp_wrap.h
+++ b/src/engine/gnump/gmp_wrap.h
@@ -26,7 +26,7 @@ class GMP_MPZ
size_t bytes() const;
secure_vector<byte> to_bytes() const
- { return BigInt::encode(to_bigint()); }
+ { return BigInt::encode_locked(to_bigint()); }
GMP_MPZ& operator=(const GMP_MPZ&);
diff --git a/src/engine/gnump/gnump_pk.cpp b/src/engine/gnump/gnump_pk.cpp
index b2a2f9352..e9f5d29df 100644
--- a/src/engine/gnump/gnump_pk.cpp
+++ b/src/engine/gnump/gnump_pk.cpp
@@ -105,8 +105,8 @@ GMP_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
throw Internal_Error("GMP_DSA_Op::sign: r or s was zero");
secure_vector<byte> output(2*q_bytes);
- r.encode(output, q_bytes);
- s.encode(output + q_bytes, q_bytes);
+ r.encode(&output[0], q_bytes);
+ s.encode(&output[q_bytes], q_bytes);
return output;
}
@@ -203,7 +203,7 @@ class GMP_RSA_Private_Operation : public PK_Ops::Signature,
secure_vector<byte> decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(private_op(m));
+ return BigInt::encode_locked(private_op(m));
}
private:
@@ -248,7 +248,7 @@ class GMP_RSA_Public_Operation : public PK_Ops::Verification,
secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(public_op(m));
+ return BigInt::encode_locked(public_op(m));
}
private:
diff --git a/src/engine/openssl/bn_powm.cpp b/src/engine/openssl/bn_powm.cpp
index abf4f47c9..ac06fbe77 100644
--- a/src/engine/openssl/bn_powm.cpp
+++ b/src/engine/openssl/bn_powm.cpp
@@ -36,7 +36,7 @@ class OpenSSL_Modular_Exponentiator : public Modular_Exponentiator
BigInt OpenSSL_Modular_Exponentiator::execute() const
{
OSSL_BN r;
- BN_mod_exp(r.value, base.value, exp.value, mod.value, ctx.value);
+ BN_mod_exp(r.ptr(), base.ptr(), exp.ptr(), mod.ptr(), ctx.ptr());
return r.to_bigint();
}
@@ -46,7 +46,7 @@ BigInt OpenSSL_Modular_Exponentiator::execute() const
* Return the OpenSSL-based modular exponentiator
*/
Modular_Exponentiator* OpenSSL_Engine::mod_exp(const BigInt& n,
- Power_Mod::Usage_Hints) const
+ Power_Mod::Usage_Hints) const
{
return new OpenSSL_Modular_Exponentiator(n);
}
diff --git a/src/engine/openssl/bn_wrap.cpp b/src/engine/openssl/bn_wrap.cpp
index 0ac31f61b..0a7e42368 100644
--- a/src/engine/openssl/bn_wrap.cpp
+++ b/src/engine/openssl/bn_wrap.cpp
@@ -14,10 +14,10 @@ namespace Botan {
*/
OSSL_BN::OSSL_BN(const BigInt& in)
{
- value = BN_new();
- secure_vector<byte> encoding = BigInt::encode(in);
+ m_bn = BN_new();
+ secure_vector<byte> encoding = BigInt::encode_locked(in);
if(in != 0)
- BN_bin2bn(encoding, encoding.size(), value);
+ BN_bin2bn(&encoding[0], encoding.size(), m_bn);
}
/*
@@ -25,8 +25,8 @@ OSSL_BN::OSSL_BN(const BigInt& in)
*/
OSSL_BN::OSSL_BN(const byte in[], size_t length)
{
- value = BN_new();
- BN_bin2bn(in, length, value);
+ m_bn = BN_new();
+ BN_bin2bn(in, length, m_bn);
}
/*
@@ -34,7 +34,7 @@ OSSL_BN::OSSL_BN(const byte in[], size_t length)
*/
OSSL_BN::OSSL_BN(const OSSL_BN& other)
{
- value = BN_dup(other.value);
+ m_bn = BN_dup(other.m_bn);
}
/*
@@ -42,7 +42,7 @@ OSSL_BN::OSSL_BN(const OSSL_BN& other)
*/
OSSL_BN::~OSSL_BN()
{
- BN_clear_free(value);
+ BN_clear_free(m_bn);
}
/*
@@ -50,7 +50,7 @@ OSSL_BN::~OSSL_BN()
*/
OSSL_BN& OSSL_BN::operator=(const OSSL_BN& other)
{
- BN_copy(value, other.value);
+ BN_copy(m_bn, other.m_bn);
return (*this);
}
@@ -59,7 +59,7 @@ OSSL_BN& OSSL_BN::operator=(const OSSL_BN& other)
*/
void OSSL_BN::encode(byte out[], size_t length) const
{
- BN_bn2bin(value, out + (length - bytes()));
+ BN_bn2bin(m_bn, out + (length - bytes()));
}
/*
@@ -67,7 +67,7 @@ void OSSL_BN::encode(byte out[], size_t length) const
*/
size_t OSSL_BN::bytes() const
{
- return BN_num_bytes(value);
+ return BN_num_bytes(m_bn);
}
/*
@@ -76,7 +76,7 @@ size_t OSSL_BN::bytes() const
BigInt OSSL_BN::to_bigint() const
{
secure_vector<byte> out(bytes());
- BN_bn2bin(value, out);
+ BN_bn2bin(m_bn, &out[0]);
return BigInt::decode(out);
}
@@ -85,7 +85,7 @@ BigInt OSSL_BN::to_bigint() const
*/
OSSL_BN_CTX::OSSL_BN_CTX()
{
- value = BN_CTX_new();
+ m_ctx = BN_CTX_new();
}
/*
@@ -93,7 +93,7 @@ OSSL_BN_CTX::OSSL_BN_CTX()
*/
OSSL_BN_CTX::OSSL_BN_CTX(const OSSL_BN_CTX&)
{
- value = BN_CTX_new();
+ m_ctx = BN_CTX_new();
}
/*
@@ -101,7 +101,7 @@ OSSL_BN_CTX::OSSL_BN_CTX(const OSSL_BN_CTX&)
*/
OSSL_BN_CTX::~OSSL_BN_CTX()
{
- BN_CTX_free(value);
+ BN_CTX_free(m_ctx);
}
/*
@@ -109,7 +109,7 @@ OSSL_BN_CTX::~OSSL_BN_CTX()
*/
OSSL_BN_CTX& OSSL_BN_CTX::operator=(const OSSL_BN_CTX&)
{
- value = BN_CTX_new();
+ m_ctx = BN_CTX_new();
return (*this);
}
diff --git a/src/engine/openssl/bn_wrap.h b/src/engine/openssl/bn_wrap.h
index 177dbd8c7..12bcec152 100644
--- a/src/engine/openssl/bn_wrap.h
+++ b/src/engine/openssl/bn_wrap.h
@@ -19,14 +19,12 @@ namespace Botan {
class OSSL_BN
{
public:
- BIGNUM* value;
-
BigInt to_bigint() const;
void encode(byte[], size_t) const;
size_t bytes() const;
secure_vector<byte> to_bytes() const
- { return BigInt::encode(to_bigint()); }
+ { return BigInt::encode_locked(to_bigint()); }
OSSL_BN& operator=(const OSSL_BN&);
@@ -34,6 +32,10 @@ class OSSL_BN
OSSL_BN(const BigInt& = 0);
OSSL_BN(const byte[], size_t);
~OSSL_BN();
+
+ BIGNUM* ptr() const { return m_bn; }
+ private:
+ BIGNUM* m_bn;
};
/**
@@ -42,13 +44,15 @@ class OSSL_BN
class OSSL_BN_CTX
{
public:
- BN_CTX* value;
-
OSSL_BN_CTX& operator=(const OSSL_BN_CTX&);
OSSL_BN_CTX();
OSSL_BN_CTX(const OSSL_BN_CTX&);
~OSSL_BN_CTX();
+
+ BN_CTX* ptr() const { return m_ctx; }
+ private:
+ BN_CTX* m_ctx;
};
}
diff --git a/src/engine/openssl/ossl_bc.cpp b/src/engine/openssl/ossl_bc.cpp
index d419f56be..b3b509c36 100644
--- a/src/engine/openssl/ossl_bc.cpp
+++ b/src/engine/openssl/ossl_bc.cpp
@@ -123,7 +123,7 @@ void EVP_BlockCipher::decrypt_n(const byte in[], byte out[],
*/
void EVP_BlockCipher::key_schedule(const byte key[], size_t length)
{
- secure_vector<byte> full_key(key, length);
+ secure_vector<byte> full_key(key, key + length);
if(cipher_name == "TripleDES" && length == 16)
{
@@ -141,8 +141,8 @@ void EVP_BlockCipher::key_schedule(const byte key[], size_t length)
EVP_CIPHER_CTX_ctrl(&decrypt, EVP_CTRL_SET_RC2_KEY_BITS, length*8, 0);
}
- EVP_EncryptInit_ex(&encrypt, 0, 0, full_key.begin(), 0);
- EVP_DecryptInit_ex(&decrypt, 0, 0, full_key.begin(), 0);
+ EVP_EncryptInit_ex(&encrypt, 0, 0, &full_key[0], 0);
+ EVP_DecryptInit_ex(&decrypt, 0, 0, &full_key[0], 0);
}
/*
diff --git a/src/engine/openssl/ossl_pk.cpp b/src/engine/openssl/ossl_pk.cpp
index 2557ec297..943204375 100644
--- a/src/engine/openssl/ossl_pk.cpp
+++ b/src/engine/openssl/ossl_pk.cpp
@@ -39,7 +39,7 @@ class OSSL_DH_KA_Operation : public PK_Ops::Key_Agreement
secure_vector<byte> agree(const byte w[], size_t w_len)
{
OSSL_BN i(w, w_len), r;
- BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value);
+ BN_mod_exp(r.ptr(), i.ptr(), x.ptr(), p.ptr(), ctx.ptr());
return r.to_bytes();
}
@@ -90,22 +90,22 @@ OSSL_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
OSSL_BN k(k_bn);
OSSL_BN r;
- BN_mod_exp(r.value, g.value, k.value, p.value, ctx.value);
- BN_nnmod(r.value, r.value, q.value, ctx.value);
+ BN_mod_exp(r.ptr(), g.ptr(), k.ptr(), p.ptr(), ctx.ptr());
+ BN_nnmod(r.ptr(), r.ptr(), q.ptr(), ctx.ptr());
- BN_mod_inverse(k.value, k.value, q.value, ctx.value);
+ BN_mod_inverse(k.ptr(), k.ptr(), q.ptr(), ctx.ptr());
OSSL_BN s;
- BN_mul(s.value, x.value, r.value, ctx.value);
- BN_add(s.value, s.value, i.value);
- BN_mod_mul(s.value, s.value, k.value, q.value, ctx.value);
+ BN_mul(s.ptr(), x.ptr(), r.ptr(), ctx.ptr());
+ BN_add(s.ptr(), s.ptr(), i.ptr());
+ BN_mod_mul(s.ptr(), s.ptr(), k.ptr(), q.ptr(), ctx.ptr());
- if(BN_is_zero(r.value) || BN_is_zero(s.value))
+ if(BN_is_zero(r.ptr()) || BN_is_zero(s.ptr()))
throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero");
secure_vector<byte> output(2*q_bytes);
- r.encode(output, q_bytes);
- s.encode(output + q_bytes, q_bytes);
+ r.encode(&output[0], q_bytes);
+ s.encode(&output[q_bytes], q_bytes);
return output;
}
@@ -145,26 +145,26 @@ bool OSSL_DSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
OSSL_BN s(sig + q_bytes, q_bytes);
OSSL_BN i(msg, msg_len);
- if(BN_is_zero(r.value) || BN_cmp(r.value, q.value) >= 0)
+ if(BN_is_zero(r.ptr()) || BN_cmp(r.ptr(), q.ptr()) >= 0)
return false;
- if(BN_is_zero(s.value) || BN_cmp(s.value, q.value) >= 0)
+ if(BN_is_zero(s.ptr()) || BN_cmp(s.ptr(), q.ptr()) >= 0)
return false;
- if(BN_mod_inverse(s.value, s.value, q.value, ctx.value) == 0)
+ if(BN_mod_inverse(s.ptr(), s.ptr(), q.ptr(), ctx.ptr()) == 0)
return false;
OSSL_BN si;
- BN_mod_mul(si.value, s.value, i.value, q.value, ctx.value);
- BN_mod_exp(si.value, g.value, si.value, p.value, ctx.value);
+ BN_mod_mul(si.ptr(), s.ptr(), i.ptr(), q.ptr(), ctx.ptr());
+ BN_mod_exp(si.ptr(), g.ptr(), si.ptr(), p.ptr(), ctx.ptr());
OSSL_BN sr;
- BN_mod_mul(sr.value, s.value, r.value, q.value, ctx.value);
- BN_mod_exp(sr.value, y.value, sr.value, p.value, ctx.value);
+ BN_mod_mul(sr.ptr(), s.ptr(), r.ptr(), q.ptr(), ctx.ptr());
+ BN_mod_exp(sr.ptr(), y.ptr(), sr.ptr(), p.ptr(), ctx.ptr());
- BN_mod_mul(si.value, si.value, sr.value, p.value, ctx.value);
- BN_nnmod(si.value, si.value, q.value, ctx.value);
+ BN_mod_mul(si.ptr(), si.ptr(), sr.ptr(), p.ptr(), ctx.ptr());
+ BN_nnmod(si.ptr(), si.ptr(), q.ptr(), ctx.ptr());
- if(BN_cmp(si.value, r.value) == 0)
+ if(BN_cmp(si.ptr(), r.ptr()) == 0)
return true;
return false;
@@ -202,7 +202,7 @@ class OSSL_RSA_Private_Operation : public PK_Ops::Signature,
secure_vector<byte> decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(private_op(m));
+ return BigInt::encode_locked(private_op(m));
}
private:
@@ -217,12 +217,12 @@ BigInt OSSL_RSA_Private_Operation::private_op(const BigInt& m) const
{
OSSL_BN j1, j2, h(m);
- BN_mod_exp(j1.value, h.value, d1.value, p.value, ctx.value);
- BN_mod_exp(j2.value, h.value, d2.value, q.value, ctx.value);
- BN_sub(h.value, j1.value, j2.value);
- BN_mod_mul(h.value, h.value, c.value, p.value, ctx.value);
- BN_mul(h.value, h.value, q.value, ctx.value);
- BN_add(h.value, h.value, j2.value);
+ BN_mod_exp(j1.ptr(), h.ptr(), d1.ptr(), p.ptr(), ctx.ptr());
+ BN_mod_exp(j2.ptr(), h.ptr(), d2.ptr(), q.ptr(), ctx.ptr());
+ BN_sub(h.ptr(), j1.ptr(), j2.ptr());
+ BN_mod_mul(h.ptr(), h.ptr(), c.ptr(), p.ptr(), ctx.ptr());
+ BN_mul(h.ptr(), h.ptr(), q.ptr(), ctx.ptr());
+ BN_add(h.ptr(), h.ptr(), j2.ptr());
return h.to_bigint();
}
@@ -247,7 +247,7 @@ class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(public_op(m));
+ return BigInt::encode_locked(public_op(m));
}
private:
@@ -257,7 +257,7 @@ class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
throw Invalid_Argument("RSA public op - input is too large");
OSSL_BN m_bn(m), r;
- BN_mod_exp(r.value, m_bn.value, e.value, mod.value, ctx.value);
+ BN_mod_exp(r.ptr(), m_bn.ptr(), e.ptr(), mod.ptr(), ctx.ptr());
return r.to_bigint();
}
diff --git a/src/filters/bzip2/bzip2.cpp b/src/filters/bzip2/bzip2.cpp
index 18a53558c..b5d48b0ed 100644
--- a/src/filters/bzip2/bzip2.cpp
+++ b/src/filters/bzip2/bzip2.cpp
@@ -26,9 +26,6 @@ class Bzip_Alloc_Info
{
public:
std::map<void*, size_t> current_allocs;
- Allocator* alloc;
-
- Bzip_Alloc_Info() { alloc = Allocator::get(false); }
};
/*
@@ -37,8 +34,11 @@ class Bzip_Alloc_Info
void* bzip_malloc(void* info_ptr, int n, int size)
{
Bzip_Alloc_Info* info = static_cast<Bzip_Alloc_Info*>(info_ptr);
- void* ptr = info->alloc->allocate(n * size);
- info->current_allocs[ptr] = n * size;
+
+ const size_t total_sz = n * size;
+
+ void* ptr = std::malloc(total_sz);
+ info->current_allocs[ptr] = total_sz;
return ptr;
}
@@ -51,7 +51,9 @@ void bzip_free(void* info_ptr, void* ptr)
auto i = info->current_allocs.find(ptr);
if(i == info->current_allocs.end())
throw Invalid_Argument("bzip_free: Got pointer not allocated by us");
- info->alloc->deallocate(ptr, i->second);
+
+ std::memset(ptr, 0, i->second);
+ std::free(ptr);
}
}
@@ -119,7 +121,7 @@ void Bzip_Compression::write(const byte input[], size_t length)
while(bz->stream.avail_in != 0)
{
- bz->stream.next_out = reinterpret_cast<char*>(buffer.begin());
+ bz->stream.next_out = reinterpret_cast<char*>(&buffer[0]);
bz->stream.avail_out = buffer.size();
BZ2_bzCompress(&(bz->stream), BZ_RUN);
send(buffer, buffer.size() - bz->stream.avail_out);
@@ -137,7 +139,7 @@ void Bzip_Compression::end_msg()
int rc = BZ_OK;
while(rc != BZ_STREAM_END)
{
- bz->stream.next_out = reinterpret_cast<char*>(buffer.begin());
+ bz->stream.next_out = reinterpret_cast<char*>(&buffer[0]);
bz->stream.avail_out = buffer.size();
rc = BZ2_bzCompress(&(bz->stream), BZ_FINISH);
send(buffer, buffer.size() - bz->stream.avail_out);
@@ -156,7 +158,7 @@ void Bzip_Compression::flush()
int rc = BZ_OK;
while(rc != BZ_RUN_OK)
{
- bz->stream.next_out = reinterpret_cast<char*>(buffer.begin());
+ bz->stream.next_out = reinterpret_cast<char*>(&buffer[0]);
bz->stream.avail_out = buffer.size();
rc = BZ2_bzCompress(&(bz->stream), BZ_FLUSH);
send(buffer, buffer.size() - bz->stream.avail_out);
@@ -202,7 +204,7 @@ void Bzip_Decompression::write(const byte input_arr[], size_t length)
while(bz->stream.avail_in != 0)
{
- bz->stream.next_out = reinterpret_cast<char*>(buffer.begin());
+ bz->stream.next_out = reinterpret_cast<char*>(&buffer[0]);
bz->stream.avail_out = buffer.size();
int rc = BZ2_bzDecompress(&(bz->stream));
@@ -261,7 +263,7 @@ void Bzip_Decompression::end_msg()
int rc = BZ_OK;
while(rc != BZ_STREAM_END)
{
- bz->stream.next_out = reinterpret_cast<char*>(buffer.begin());
+ bz->stream.next_out = reinterpret_cast<char*>(&buffer[0]);
bz->stream.avail_out = buffer.size();
rc = BZ2_bzDecompress(&(bz->stream));
diff --git a/src/filters/zlib/zlib.cpp b/src/filters/zlib/zlib.cpp
index 169146826..0086a7828 100644
--- a/src/filters/zlib/zlib.cpp
+++ b/src/filters/zlib/zlib.cpp
@@ -25,9 +25,6 @@ class Zlib_Alloc_Info
{
public:
std::map<void*, size_t> current_allocs;
- Allocator* alloc;
-
- Zlib_Alloc_Info() { alloc = Allocator::get(false); }
};
/*
@@ -36,8 +33,11 @@ class Zlib_Alloc_Info
void* zlib_malloc(void* info_ptr, unsigned int n, unsigned int size)
{
Zlib_Alloc_Info* info = static_cast<Zlib_Alloc_Info*>(info_ptr);
- void* ptr = info->alloc->allocate(n * size);
- info->current_allocs[ptr] = n * size;
+
+ const size_t total_sz = n * size;
+
+ void* ptr = std::malloc(total_sz);
+ info->current_allocs[ptr] = total_sz;
return ptr;
}
@@ -50,7 +50,9 @@ void zlib_free(void* info_ptr, void* ptr)
auto i = info->current_allocs.find(ptr);
if(i == info->current_allocs.end())
throw Invalid_Argument("zlib_free: Got pointer not allocated by us");
- info->alloc->deallocate(ptr, i->second);
+
+ std::memset(ptr, 0, i->second);
+ std::free(ptr);
}
}
@@ -130,10 +132,10 @@ void Zlib_Compression::write(const byte input[], size_t length)
while(zlib->stream.avail_in != 0)
{
- zlib->stream.next_out = static_cast<Bytef*>(buffer.begin());
+ zlib->stream.next_out = static_cast<Bytef*>(&buffer[0]);
zlib->stream.avail_out = buffer.size();
deflate(&(zlib->stream), Z_NO_FLUSH);
- send(buffer.begin(), buffer.size() - zlib->stream.avail_out);
+ send(&buffer[0], buffer.size() - zlib->stream.avail_out);
}
}
@@ -148,11 +150,11 @@ void Zlib_Compression::end_msg()
int rc = Z_OK;
while(rc != Z_STREAM_END)
{
- zlib->stream.next_out = reinterpret_cast<Bytef*>(buffer.begin());
+ zlib->stream.next_out = reinterpret_cast<Bytef*>(&buffer[0]);
zlib->stream.avail_out = buffer.size();
rc = deflate(&(zlib->stream), Z_FINISH);
- send(buffer.begin(), buffer.size() - zlib->stream.avail_out);
+ send(&buffer[0], buffer.size() - zlib->stream.avail_out);
}
clear();
@@ -169,10 +171,10 @@ void Zlib_Compression::flush()
while(true)
{
zlib->stream.avail_out = buffer.size();
- zlib->stream.next_out = reinterpret_cast<Bytef*>(buffer.begin());
+ zlib->stream.next_out = reinterpret_cast<Bytef*>(&buffer[0]);
deflate(&(zlib->stream), Z_FULL_FLUSH);
- send(buffer.begin(), buffer.size() - zlib->stream.avail_out);
+ send(&buffer[0], buffer.size() - zlib->stream.avail_out);
if(zlib->stream.avail_out == buffer.size())
break;
@@ -232,7 +234,7 @@ void Zlib_Decompression::write(const byte input_arr[], size_t length)
while(zlib->stream.avail_in != 0)
{
- zlib->stream.next_out = reinterpret_cast<Bytef*>(buffer.begin());
+ zlib->stream.next_out = reinterpret_cast<Bytef*>(&buffer[0]);
zlib->stream.avail_out = buffer.size();
int rc = inflate(&(zlib->stream), Z_SYNC_FLUSH);
@@ -250,7 +252,7 @@ void Zlib_Decompression::write(const byte input_arr[], size_t length)
throw std::runtime_error("Zlib decompression: Unknown error");
}
- send(buffer.begin(), buffer.size() - zlib->stream.avail_out);
+ send(&buffer[0], buffer.size() - zlib->stream.avail_out);
if(rc == Z_STREAM_END)
{
@@ -279,7 +281,7 @@ void Zlib_Decompression::end_msg()
while(rc != Z_STREAM_END)
{
- zlib->stream.next_out = reinterpret_cast<Bytef*>(buffer.begin());
+ zlib->stream.next_out = reinterpret_cast<Bytef*>(&buffer[0]);
zlib->stream.avail_out = buffer.size();
rc = inflate(&(zlib->stream), Z_SYNC_FLUSH);
@@ -289,7 +291,7 @@ void Zlib_Decompression::end_msg()
throw Decoding_Error("Zlib_Decompression: Error finalizing");
}
- send(buffer.begin(), buffer.size() - zlib->stream.avail_out);
+ send(&buffer[0], buffer.size() - zlib->stream.avail_out);
}
clear();
diff --git a/src/tls/info.txt b/src/tls/info.txt
index 9c0051abd..1863be577 100644
--- a/src/tls/info.txt
+++ b/src/tls/info.txt
@@ -2,10 +2,10 @@ define TLS
load_on auto
-<comment>
+<warning>
The TLS code is complex, new, and not yet reviewed, there may be
serious bugs or security issues.
-</comment>
+</warning>
<header:public>
tls_alert.h