aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--checks/common.h4
-rw-r--r--checks/cvc_tests.cpp30
-rw-r--r--checks/dolook.cpp10
-rw-r--r--checks/ec_tests.cpp118
-rw-r--r--checks/ecdh.cpp4
-rw-r--r--checks/ecdsa.cpp36
-rw-r--r--checks/pk.cpp58
-rw-r--r--checks/pk_bench.cpp8
-rw-r--r--checks/validate.cpp8
-rw-r--r--checks/x509.cpp2
-rw-r--r--doc/examples/GNUmakefile4
-rw-r--r--doc/examples/asn1.cpp10
-rw-r--r--doc/examples/bzip.cpp15
-rw-r--r--doc/examples/credentials.h2
-rw-r--r--doc/examples/decrypt.cpp6
-rw-r--r--doc/examples/dh.cpp4
-rw-r--r--doc/examples/dsa_ver.cpp4
-rw-r--r--doc/examples/ecdsa.cpp2
-rw-r--r--doc/examples/encrypt.cpp6
-rw-r--r--doc/examples/encrypt2.cpp10
-rw-r--r--doc/examples/fpe.cpp6
-rw-r--r--doc/examples/keywrap.cpp4
-rw-r--r--doc/examples/new_engine.cpp2
-rw-r--r--doc/examples/pqg_gen.cpp6
-rw-r--r--doc/examples/read_ssh.cpp2
-rw-r--r--doc/examples/rng_test.cpp8
-rw-r--r--doc/examples/row_encryptor.cpp20
-rw-r--r--doc/examples/rsa_dec.cpp8
-rw-r--r--doc/examples/rsa_enc.cpp14
-rw-r--r--doc/examples/tls_client.cpp2
-rw-r--r--doc/examples/tss.cpp2
-rw-r--r--src/algo_base/buf_comp.h31
-rw-r--r--src/algo_base/symkey.cpp11
-rw-r--r--src/algo_base/symkey.h14
-rw-r--r--src/alloc/alloc_mmap/info.txt28
-rw-r--r--src/alloc/alloc_mmap/mmap_mem.cpp145
-rw-r--r--src/alloc/alloc_mmap/mmap_mem.h32
-rw-r--r--src/alloc/allocate.h65
-rw-r--r--src/alloc/info.txt1
-rw-r--r--src/alloc/mem_pool/info.txt8
-rw-r--r--src/alloc/mem_pool/mem_pool.cpp251
-rw-r--r--src/alloc/mem_pool/mem_pool.h74
-rw-r--r--src/alloc/secmem.h411
-rw-r--r--src/alloc/system_alloc/defalloc.cpp103
-rw-r--r--src/alloc/system_alloc/defalloc.h41
-rw-r--r--src/alloc/system_alloc/info.txt13
-rw-r--r--src/asn1/alg_id.cpp4
-rw-r--r--src/asn1/alg_id.h6
-rw-r--r--src/asn1/asn1_att.cpp4
-rw-r--r--src/asn1/asn1_int.cpp4
-rw-r--r--src/asn1/asn1_int.h4
-rw-r--r--src/asn1/asn1_obj.h6
-rw-r--r--src/asn1/asn1_oid.cpp2
-rw-r--r--src/asn1/ber_dec.cpp85
-rw-r--r--src/asn1/ber_dec.h26
-rw-r--r--src/asn1/der_enc.cpp69
-rw-r--r--src/asn1/der_enc.h37
-rw-r--r--src/asn1/x509_dn.cpp4
-rw-r--r--src/asn1/x509_dn.h4
-rw-r--r--src/block/aes/aes.cpp18
-rw-r--r--src/block/aes/aes.h12
-rw-r--r--src/block/aes_ni/aes_ni.h6
-rw-r--r--src/block/aes_ssse3/aes_ssse3.h6
-rw-r--r--src/block/block_cipher.h44
-rw-r--r--src/block/blowfish/blowfish.cpp2
-rw-r--r--src/block/blowfish/blowfish.h6
-rw-r--r--src/block/camellia/camellia.cpp6
-rw-r--r--src/block/camellia/camellia.h6
-rw-r--r--src/block/cast/cast128.cpp8
-rw-r--r--src/block/cast/cast128.h6
-rw-r--r--src/block/cast/cast256.cpp2
-rw-r--r--src/block/cast/cast256.h4
-rw-r--r--src/block/des/des.h4
-rw-r--r--src/block/des/desx.h2
-rw-r--r--src/block/gost_28147/gost_28147.h6
-rw-r--r--src/block/idea/idea.h6
-rw-r--r--src/block/kasumi/kasumi.cpp2
-rw-r--r--src/block/kasumi/kasumi.h2
-rw-r--r--src/block/lion/lion.cpp4
-rw-r--r--src/block/lion/lion.h2
-rw-r--r--src/block/lubyrack/lubyrack.cpp4
-rw-r--r--src/block/lubyrack/lubyrack.h2
-rw-r--r--src/block/mars/mars.cpp2
-rw-r--r--src/block/mars/mars.h2
-rw-r--r--src/block/misty1/misty1.cpp2
-rw-r--r--src/block/misty1/misty1.h2
-rw-r--r--src/block/noekeon/noekeon.h6
-rw-r--r--src/block/noekeon_simd/noekeon_simd.cpp4
-rw-r--r--src/block/rc2/rc2.cpp2
-rw-r--r--src/block/rc2/rc2.h2
-rw-r--r--src/block/rc5/rc5.cpp2
-rw-r--r--src/block/rc5/rc5.h2
-rw-r--r--src/block/rc6/rc6.cpp2
-rw-r--r--src/block/rc6/rc6.h2
-rw-r--r--src/block/safer/safer_sk.cpp2
-rw-r--r--src/block/safer/safer_sk.h2
-rw-r--r--src/block/seed/seed.cpp2
-rw-r--r--src/block/seed/seed.h2
-rw-r--r--src/block/serpent/serpent.cpp2
-rw-r--r--src/block/serpent/serpent.h4
-rw-r--r--src/block/serpent_x86_32/serp_x86_32.cpp2
-rw-r--r--src/block/skipjack/skipjack.h2
-rw-r--r--src/block/square/square.cpp2
-rw-r--r--src/block/square/square.h4
-rw-r--r--src/block/tea/tea.h2
-rw-r--r--src/block/twofish/twofish.cpp2
-rw-r--r--src/block/twofish/twofish.h2
-rw-r--r--src/block/xtea/xtea.cpp2
-rw-r--r--src/block/xtea/xtea.h4
-rw-r--r--src/build-data/cc/gcc.txt2
-rw-r--r--src/cert/certstore/certstor.cpp8
-rw-r--r--src/cert/certstore/certstor.h8
-rw-r--r--src/cert/cvc/asn1_eac_tm.cpp8
-rw-r--r--src/cert/cvc/cvc_ado.cpp22
-rw-r--r--src/cert/cvc/cvc_ado.h8
-rw-r--r--src/cert/cvc/cvc_cert.cpp16
-rw-r--r--src/cert/cvc/cvc_cert.h4
-rw-r--r--src/cert/cvc/cvc_gen_cert.h28
-rw-r--r--src/cert/cvc/cvc_req.cpp2
-rw-r--r--src/cert/cvc/cvc_self.cpp20
-rw-r--r--src/cert/cvc/eac_asn_obj.h2
-rw-r--r--src/cert/cvc/eac_obj.h2
-rw-r--r--src/cert/cvc/ecdsa_sig.cpp14
-rw-r--r--src/cert/cvc/ecdsa_sig.h8
-rw-r--r--src/cert/cvc/signed_obj.cpp6
-rw-r--r--src/cert/cvc/signed_obj.h10
-rw-r--r--src/cert/pkcs10/pkcs10.cpp15
-rw-r--r--src/cert/pkcs10/pkcs10.h8
-rw-r--r--src/cert/x509ca/x509_ca.cpp92
-rw-r--r--src/cert/x509ca/x509_ca.h2
-rw-r--r--src/cert/x509cert/x509_ext.cpp60
-rw-r--r--src/cert/x509cert/x509_ext.h52
-rw-r--r--src/cert/x509cert/x509_obj.cpp25
-rw-r--r--src/cert/x509cert/x509_obj.h18
-rw-r--r--src/cert/x509cert/x509cert.cpp20
-rw-r--r--src/cert/x509cert/x509cert.h9
-rw-r--r--src/cert/x509crl/crl_ent.h4
-rw-r--r--src/cert/x509crl/x509_crl.cpp8
-rw-r--r--src/cert/x509crl/x509_crl.h12
-rw-r--r--src/cert/x509self/x509self.cpp19
-rw-r--r--src/cert/x509store/x509stor.cpp16
-rw-r--r--src/cert/x509store/x509stor.h4
-rw-r--r--src/cms/cms_algo.cpp14
-rw-r--r--src/cms/cms_comp.cpp4
-rw-r--r--src/cms/cms_dalg.cpp10
-rw-r--r--src/cms/cms_dec.h2
-rw-r--r--src/cms/cms_ealg.cpp14
-rw-r--r--src/cms/cms_enc.cpp4
-rw-r--r--src/cms/cms_enc.h12
-rw-r--r--src/codec/base64/base64.cpp11
-rw-r--r--src/codec/base64/base64.h10
-rw-r--r--src/codec/hex/hex.cpp12
-rw-r--r--src/codec/hex/hex.h14
-rw-r--r--src/codec/openpgp/openpgp.cpp4
-rw-r--r--src/codec/openpgp/openpgp.h4
-rw-r--r--src/codec/pem/pem.cpp21
-rw-r--r--src/codec/pem/pem.h31
-rw-r--r--src/constructs/aont/package.cpp16
-rw-r--r--src/constructs/cryptobox/cryptobox.cpp12
-rw-r--r--src/constructs/fpe_fe1/fpe_fe1.cpp18
-rw-r--r--src/constructs/fpe_fe1/fpe_fe1.h4
-rw-r--r--src/constructs/rfc3394/rfc3394.cpp20
-rw-r--r--src/constructs/rfc3394/rfc3394.h4
-rw-r--r--src/constructs/srp6/srp6.cpp10
-rw-r--r--src/constructs/srp6/srp6.h4
-rw-r--r--src/constructs/srp6/srp6_files.cpp4
-rw-r--r--src/constructs/srp6/srp6_files.h6
-rw-r--r--src/constructs/tss/tss.cpp10
-rw-r--r--src/constructs/tss/tss.h4
-rw-r--r--src/credentials/credentials_manager.cpp2
-rw-r--r--src/credentials/credentials_manager.h2
-rw-r--r--src/engine/gnump/gmp_wrap.h2
-rw-r--r--src/engine/gnump/gnump_pk.cpp16
-rw-r--r--src/engine/openssl/bn_wrap.cpp4
-rw-r--r--src/engine/openssl/bn_wrap.h2
-rw-r--r--src/engine/openssl/ossl_bc.cpp2
-rw-r--r--src/engine/openssl/ossl_pk.cpp16
-rw-r--r--src/entropy/cryptoapi_rng/es_capi.cpp2
-rw-r--r--src/entropy/dev_random/dev_random.cpp2
-rw-r--r--src/entropy/egd/es_egd.cpp2
-rw-r--r--src/entropy/entropy_src.h4
-rw-r--r--src/entropy/proc_walk/es_ftw.cpp2
-rw-r--r--src/entropy/unix_procs/es_unix.cpp2
-rw-r--r--src/filters/algo_filt.cpp4
-rw-r--r--src/filters/buf_filt.h8
-rw-r--r--src/filters/bzip2/bzip2.h4
-rw-r--r--src/filters/codec_filt/b64_filt.h4
-rw-r--r--src/filters/codec_filt/hex_filt.h4
-rw-r--r--src/filters/data_src.cpp24
-rw-r--r--src/filters/data_src.h17
-rw-r--r--src/filters/fd_unix/fd_unix.cpp4
-rw-r--r--src/filters/filter.h20
-rw-r--r--src/filters/filters.h2
-rw-r--r--src/filters/modes/cbc/cbc.cpp18
-rw-r--r--src/filters/modes/cbc/cbc.h4
-rw-r--r--src/filters/modes/cfb/cfb.cpp2
-rw-r--r--src/filters/modes/cfb/cfb.h4
-rw-r--r--src/filters/modes/cts/cts.cpp16
-rw-r--r--src/filters/modes/cts/cts.h4
-rw-r--r--src/filters/modes/eax/eax.cpp4
-rw-r--r--src/filters/modes/eax/eax.h8
-rw-r--r--src/filters/modes/eax/eax_dec.cpp4
-rw-r--r--src/filters/modes/ecb/ecb.cpp8
-rw-r--r--src/filters/modes/ecb/ecb.h4
-rw-r--r--src/filters/modes/xts/xts.cpp10
-rw-r--r--src/filters/modes/xts/xts.h4
-rw-r--r--src/filters/pipe.cpp7
-rw-r--r--src/filters/pipe.h26
-rw-r--r--src/filters/pipe_io.cpp4
-rw-r--r--src/filters/pipe_rw.cpp16
-rw-r--r--src/filters/pk_filts/pk_filts.cpp9
-rw-r--r--src/filters/pk_filts/pk_filts.h10
-rw-r--r--src/filters/secqueue.cpp2
-rw-r--r--src/filters/zlib/zlib.h4
-rw-r--r--src/hash/bmw_512/bmw_512.h2
-rw-r--r--src/hash/comb4p/comb4p.cpp10
-rw-r--r--src/hash/gost_3411/gost_3411.cpp4
-rw-r--r--src/hash/gost_3411/gost_3411.h2
-rw-r--r--src/hash/has160/has160.h2
-rw-r--r--src/hash/keccak/keccak.cpp4
-rw-r--r--src/hash/keccak/keccak.h2
-rw-r--r--src/hash/md2/md2.h2
-rw-r--r--src/hash/md4/md4.h4
-rw-r--r--src/hash/md5/md5.h4
-rw-r--r--src/hash/mdx_hash/mdx_hash.h2
-rw-r--r--src/hash/rmd128/rmd128.h2
-rw-r--r--src/hash/rmd160/rmd160.h2
-rw-r--r--src/hash/sha1/sha160.h4
-rw-r--r--src/hash/sha2_32/sha2_32.cpp2
-rw-r--r--src/hash/sha2_32/sha2_32.h4
-rw-r--r--src/hash/sha2_64/sha2_64.cpp2
-rw-r--r--src/hash/sha2_64/sha2_64.h4
-rw-r--r--src/hash/skein/skein_512.cpp12
-rw-r--r--src/hash/skein/skein_512.h6
-rw-r--r--src/hash/tiger/tiger.cpp4
-rw-r--r--src/hash/tiger/tiger.h4
-rw-r--r--src/hash/whirlpool/whrlpool.h2
-rw-r--r--src/kdf/kdf.cpp23
-rw-r--r--src/kdf/kdf.h26
-rw-r--r--src/kdf/kdf1/kdf1.cpp2
-rw-r--r--src/kdf/kdf1/kdf1.h2
-rw-r--r--src/kdf/kdf2/kdf2.cpp6
-rw-r--r--src/kdf/kdf2/kdf2.h2
-rw-r--r--src/kdf/mgf1/mgf1.cpp2
-rw-r--r--src/kdf/prf_ssl3/prf_ssl3.cpp6
-rw-r--r--src/kdf/prf_ssl3/prf_ssl3.h2
-rw-r--r--src/kdf/prf_tls/prf_tls.cpp14
-rw-r--r--src/kdf/prf_tls/prf_tls.h4
-rw-r--r--src/kdf/prf_x942/prf_x942.cpp10
-rw-r--r--src/kdf/prf_x942/prf_x942.h2
-rw-r--r--src/libstate/info.txt1
-rw-r--r--src/libstate/libstate.cpp72
-rw-r--r--src/libstate/libstate.h19
-rw-r--r--src/mac/cbc_mac/cbc_mac.h2
-rw-r--r--src/mac/cmac/cmac.cpp4
-rw-r--r--src/mac/cmac/cmac.h4
-rw-r--r--src/mac/hmac/hmac.cpp2
-rw-r--r--src/mac/hmac/hmac.h2
-rw-r--r--src/mac/mac.cpp2
-rw-r--r--src/mac/ssl3mac/ssl3_mac.h2
-rw-r--r--src/mac/x919_mac/x919_mac.cpp2
-rw-r--r--src/mac/x919_mac/x919_mac.h2
-rw-r--r--src/math/bigint/big_code.cpp34
-rw-r--r--src/math/bigint/big_io.cpp2
-rw-r--r--src/math/bigint/big_ops2.cpp40
-rw-r--r--src/math/bigint/big_ops3.cpp28
-rw-r--r--src/math/bigint/big_rand.cpp2
-rw-r--r--src/math/bigint/bigint.cpp8
-rw-r--r--src/math/bigint/bigint.h64
-rw-r--r--src/math/ec_gfp/point_gfp.cpp18
-rw-r--r--src/math/ec_gfp/point_gfp.h7
-rw-r--r--src/math/numbertheory/dsa_gen.cpp21
-rw-r--r--src/math/numbertheory/make_prm.cpp2
-rw-r--r--src/math/numbertheory/mp_numth.cpp10
-rw-r--r--src/math/numbertheory/numthry.h4
-rw-r--r--src/math/numbertheory/powm_mnt.cpp8
-rw-r--r--src/passhash/bcrypt/bcrypt.cpp14
-rw-r--r--src/passhash/passhash9/passhash9.cpp8
-rw-r--r--src/pbe/pbe.h2
-rw-r--r--src/pbe/pbes1/pbes1.cpp8
-rw-r--r--src/pbe/pbes1/pbes1.h4
-rw-r--r--src/pbe/pbes2/pbes2.cpp10
-rw-r--r--src/pbe/pbes2/pbes2.h4
-rw-r--r--src/pbkdf/pbkdf1/pbkdf1.cpp2
-rw-r--r--src/pbkdf/pbkdf2/pbkdf2.cpp8
-rw-r--r--src/pbkdf/pgps2k/pgp_s2k.cpp2
-rw-r--r--src/pk_pad/eme.cpp8
-rw-r--r--src/pk_pad/eme.h12
-rw-r--r--src/pk_pad/eme1/eme1.cpp11
-rw-r--r--src/pk_pad/eme1/eme1.h6
-rw-r--r--src/pk_pad/eme_pkcs/eme_pkcs.cpp8
-rw-r--r--src/pk_pad/eme_pkcs/eme_pkcs.h4
-rw-r--r--src/pk_pad/emsa.h8
-rw-r--r--src/pk_pad/emsa1/emsa1.cpp14
-rw-r--r--src/pk_pad/emsa1/emsa1.h6
-rw-r--r--src/pk_pad/emsa1_bsi/emsa1_bsi.cpp2
-rw-r--r--src/pk_pad/emsa1_bsi/emsa1_bsi.h2
-rw-r--r--src/pk_pad/emsa2/emsa2.cpp14
-rw-r--r--src/pk_pad/emsa2/emsa2.h8
-rw-r--r--src/pk_pad/emsa3/emsa3.cpp22
-rw-r--r--src/pk_pad/emsa3/emsa3.h16
-rw-r--r--src/pk_pad/emsa4/emsa4.cpp41
-rw-r--r--src/pk_pad/emsa4/emsa4.h6
-rw-r--r--src/pk_pad/emsa_raw/emsa_raw.cpp10
-rw-r--r--src/pk_pad/emsa_raw/emsa_raw.h8
-rw-r--r--src/pk_pad/hash_id/hash_id.cpp43
-rw-r--r--src/pk_pad/hash_id/hash_id.h2
-rw-r--r--src/pubkey/dh/dh.cpp10
-rw-r--r--src/pubkey/dh/dh.h10
-rw-r--r--src/pubkey/dl_algo/dl_algo.cpp10
-rw-r--r--src/pubkey/dl_algo/dl_algo.h8
-rw-r--r--src/pubkey/dl_group/dl_group.cpp14
-rw-r--r--src/pubkey/dl_group/dl_group.h5
-rw-r--r--src/pubkey/dlies/dlies.cpp27
-rw-r--r--src/pubkey/dlies/dlies.h13
-rw-r--r--src/pubkey/dsa/dsa.cpp6
-rw-r--r--src/pubkey/dsa/dsa.h6
-rw-r--r--src/pubkey/ec_group/ec_group.cpp18
-rw-r--r--src/pubkey/ec_group/ec_group.h4
-rw-r--r--src/pubkey/ecc_key/ecc_key.cpp10
-rw-r--r--src/pubkey/ecc_key/ecc_key.h10
-rw-r--r--src/pubkey/ecdh/ecdh.cpp2
-rw-r--r--src/pubkey/ecdh/ecdh.h12
-rw-r--r--src/pubkey/ecdsa/ecdsa.cpp4
-rw-r--r--src/pubkey/ecdsa/ecdsa.h6
-rw-r--r--src/pubkey/elgamal/elgamal.cpp10
-rw-r--r--src/pubkey/elgamal/elgamal.h8
-rw-r--r--src/pubkey/gost_3410/gost_3410.cpp20
-rw-r--r--src/pubkey/gost_3410/gost_3410.h8
-rw-r--r--src/pubkey/if_algo/if_algo.cpp10
-rw-r--r--src/pubkey/if_algo/if_algo.h8
-rw-r--r--src/pubkey/keypair/keypair.cpp12
-rw-r--r--src/pubkey/nr/nr.cpp12
-rw-r--r--src/pubkey/nr/nr.h8
-rw-r--r--src/pubkey/pk_algs.cpp4
-rw-r--r--src/pubkey/pk_algs.h4
-rw-r--r--src/pubkey/pk_keys.h6
-rw-r--r--src/pubkey/pk_ops.h10
-rw-r--r--src/pubkey/pkcs8.cpp18
-rw-r--r--src/pubkey/pkcs8.h4
-rw-r--r--src/pubkey/pubkey.cpp46
-rw-r--r--src/pubkey/pubkey.h54
-rw-r--r--src/pubkey/rsa/rsa.cpp6
-rw-r--r--src/pubkey/rsa/rsa.h14
-rw-r--r--src/pubkey/rw/rw.cpp12
-rw-r--r--src/pubkey/rw/rw.h8
-rw-r--r--src/pubkey/x509_key.cpp8
-rw-r--r--src/pubkey/x509_key.h4
-rw-r--r--src/rng/hmac_rng/hmac_rng.cpp4
-rw-r--r--src/rng/hmac_rng/hmac_rng.h2
-rw-r--r--src/rng/randpool/randpool.cpp6
-rw-r--r--src/rng/randpool/randpool.h2
-rw-r--r--src/rng/rng.h4
-rw-r--r--src/rng/x931_rng/x931_rng.cpp2
-rw-r--r--src/rng/x931_rng/x931_rng.h2
-rw-r--r--src/stream/arc4/arc4.h4
-rw-r--r--src/stream/ctr/ctr.h2
-rw-r--r--src/stream/ofb/ofb.h2
-rw-r--r--src/stream/salsa20/salsa20.cpp2
-rw-r--r--src/stream/salsa20/salsa20.h4
-rw-r--r--src/stream/turing/turing.cpp4
-rw-r--r--src/stream/turing/turing.h8
-rw-r--r--src/stream/wid_wake/wid_wake.h8
-rw-r--r--src/tls/c_hello.cpp26
-rw-r--r--src/tls/c_kex.cpp26
-rw-r--r--src/tls/cert_req.cpp22
-rw-r--r--src/tls/cert_ver.cpp10
-rw-r--r--src/tls/finished.cpp14
-rw-r--r--src/tls/hello_verify.cpp10
-rw-r--r--src/tls/next_protocol.cpp6
-rw-r--r--src/tls/rec_read.cpp4
-rw-r--r--src/tls/rec_wri.cpp6
-rw-r--r--src/tls/s_hello.cpp16
-rw-r--r--src/tls/s_kex.cpp12
-rw-r--r--src/tls/session_ticket.cpp8
-rw-r--r--src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp10
-rw-r--r--src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h4
-rw-r--r--src/tls/tls_alert.cpp2
-rw-r--r--src/tls/tls_alert.h2
-rw-r--r--src/tls/tls_channel.cpp16
-rw-r--r--src/tls/tls_channel.h12
-rw-r--r--src/tls/tls_client.cpp6
-rw-r--r--src/tls/tls_client.h2
-rw-r--r--src/tls/tls_extensions.cpp34
-rw-r--r--src/tls/tls_extensions.h36
-rw-r--r--src/tls/tls_handshake_hash.cpp10
-rw-r--r--src/tls/tls_handshake_hash.h15
-rw-r--r--src/tls/tls_handshake_reader.cpp4
-rw-r--r--src/tls/tls_handshake_reader.h4
-rw-r--r--src/tls/tls_handshake_state.cpp2
-rw-r--r--src/tls/tls_handshake_state.h4
-rw-r--r--src/tls/tls_heartbeats.cpp12
-rw-r--r--src/tls/tls_heartbeats.h8
-rw-r--r--src/tls/tls_messages.h121
-rw-r--r--src/tls/tls_reader.h35
-rw-r--r--src/tls/tls_record.h12
-rw-r--r--src/tls/tls_server.cpp12
-rw-r--r--src/tls/tls_server.h4
-rw-r--r--src/tls/tls_session.cpp26
-rw-r--r--src/tls/tls_session.h24
-rw-r--r--src/tls/tls_session_key.cpp6
-rw-r--r--src/tls/tls_session_key.h6
-rw-r--r--src/tls/tls_session_manager.cpp4
-rw-r--r--src/tls/tls_session_manager.h8
-rw-r--r--src/utils/datastor/datastor.cpp15
-rw-r--r--src/utils/datastor/datastor.h5
-rw-r--r--src/utils/xor_buf.h26
-rw-r--r--src/wrap/python/python_botan.h2
-rw-r--r--src/wrap/python/rsa.cpp4
-rw-r--r--src/wrap/python/x509.cpp2
410 files changed, 2250 insertions, 3046 deletions
diff --git a/checks/common.h b/checks/common.h
index 33499a99d..05a6fb974 100644
--- a/checks/common.h
+++ b/checks/common.h
@@ -55,13 +55,13 @@ class Fixed_Output_RNG : public Botan::RandomNumberGenerator
void clear() throw() {}
- Fixed_Output_RNG(const Botan::SecureVector<byte>& in)
+ Fixed_Output_RNG(const Botan::secure_vector<byte>& in)
{
buf.insert(buf.end(), in.begin(), in.end());
}
Fixed_Output_RNG(const std::string& in_str)
{
- Botan::SecureVector<byte> in = Botan::hex_decode(in_str);
+ Botan::secure_vector<byte> in = Botan::hex_decode(in_str);
buf.insert(buf.end(), in.begin(), in.end());
}
diff --git a/checks/cvc_tests.cpp b/checks/cvc_tests.cpp
index ccda22cfc..9dc56610c 100644
--- a/checks/cvc_tests.cpp
+++ b/checks/cvc_tests.cpp
@@ -40,7 +40,7 @@ namespace {
// helper functions
void helper_write_file(EAC_Signed_Object const& to_write, std::string const& file_path)
{
- SecureVector<byte> sv = to_write.BER_encode();
+ std::vector<byte> sv = to_write.BER_encode();
std::ofstream cert_file(file_path.c_str(), std::ios::binary);
cert_file.write((char*)&sv[0], sv.size());
cert_file.close();
@@ -50,8 +50,8 @@ bool helper_files_equal(std::string const& file_path1, std::string const& file_p
{
std::ifstream cert_1_in(file_path1.c_str());
std::ifstream cert_2_in(file_path2.c_str());
- SecureVector<byte> sv1;
- SecureVector<byte> sv2;
+ std::vector<byte> sv1;
+ std::vector<byte> sv2;
if (!cert_1_in || !cert_2_in)
{
return false;
@@ -94,7 +94,7 @@ void test_enc_gen_selfsigned(RandomNumberGenerator& rng)
key.set_parameter_encoding(EC_DOMPAR_ENC_IMPLICITCA);
EAC1_1_CVC cert = CVC_EAC::create_self_signed_cert(key, opts, rng);
- SecureVector<byte> der(cert.BER_encode());
+ std::vector<byte> der(cert.BER_encode());
std::ofstream cert_file;
cert_file.open(TEST_DATA_DIR "/my_cv_cert.ber", std::ios::binary);
//cert_file << der; // this is bad !!!
@@ -104,15 +104,15 @@ void test_enc_gen_selfsigned(RandomNumberGenerator& rng)
EAC1_1_CVC cert_in(TEST_DATA_DIR "/my_cv_cert.ber");
CHECK(cert == cert_in);
// encoding it again while it has no dp
- SecureVector<byte> der2(cert_in.BER_encode());
+ std::vector<byte> der2(cert_in.BER_encode());
std::ofstream cert_file2(TEST_DATA_DIR "/my_cv_cert2.ber", std::ios::binary);
cert_file2.write((char*)&der2[0], der2.size());
cert_file2.close();
// read both and compare them
std::ifstream cert_1_in(TEST_DATA_DIR "/my_cv_cert.ber");
std::ifstream cert_2_in(TEST_DATA_DIR "/my_cv_cert2.ber");
- SecureVector<byte> sv1;
- SecureVector<byte> sv2;
+ std::vector<byte> sv1;
+ std::vector<byte> sv2;
if (!cert_1_in || !cert_2_in)
{
CHECK_MESSAGE(false, "could not read certificate files");
@@ -203,7 +203,7 @@ void test_enc_gen_req(RandomNumberGenerator& rng)
ECDSA_PrivateKey key(rng, dom_pars);
key.set_parameter_encoding(EC_DOMPAR_ENC_IMPLICITCA);
EAC1_1_Req req = CVC_EAC::create_cvc_req(key, opts.chr, opts.hash_alg, rng);
- SecureVector<byte> der(req.BER_encode());
+ std::vector<byte> der(req.BER_encode());
std::ofstream req_file(TEST_DATA_DIR "/my_cv_req.ber", std::ios::binary);
req_file.write((char*)&der[0], der.size());
req_file.close();
@@ -260,7 +260,7 @@ void test_cvc_ado_creation(RandomNumberGenerator& rng)
req_key.set_parameter_encoding(EC_DOMPAR_ENC_IMPLICITCA);
//EAC1_1_Req req = CVC_EAC::create_cvc_req(req_key, opts);
EAC1_1_Req req = CVC_EAC::create_cvc_req(req_key, opts.chr, opts.hash_alg, rng);
- SecureVector<byte> der(req.BER_encode());
+ std::vector<byte> der(req.BER_encode());
std::ofstream req_file(TEST_DATA_DIR "/my_cv_req.ber", std::ios::binary);
req_file.write((char*)&der[0], der.size());
req_file.close();
@@ -276,7 +276,7 @@ void test_cvc_ado_creation(RandomNumberGenerator& rng)
CHECK_MESSAGE(ado.check_signature(ado_key), "failure of ado verification after creation");
std::ofstream ado_file(TEST_DATA_DIR "/ado", std::ios::binary);
- SecureVector<byte> ado_der(ado.BER_encode());
+ std::vector<byte> ado_der(ado.BER_encode());
ado_file.write((char*)&ado_der[0], ado_der.size());
ado_file.close();
// read it again and check the signature
@@ -332,7 +332,7 @@ void test_cvc_ado_comparison(RandomNumberGenerator& rng)
CHECK_MESSAGE(ado != ado2, "ado's found to be equal where they are not");
// std::ofstream ado_file(TEST_DATA_DIR "/ado");
- // SecureVector<byte> ado_der(ado.BER_encode());
+ // std::vector<byte> ado_der(ado.BER_encode());
// ado_file.write((char*)&ado_der[0], ado_der.size());
// ado_file.close();
// read it again and check the signature
@@ -490,7 +490,7 @@ void test_cvc_chain(RandomNumberGenerator& rng)
ASN1_Car car("DECVCA00001");
EAC1_1_CVC cvca_cert = DE_EAC::create_cvca(cvca_privk, hash, car, true, true, 12, rng);
std::ofstream cvca_file(TEST_DATA_DIR "/cvc_chain_cvca.cer", std::ios::binary);
- SecureVector<byte> cvca_sv = cvca_cert.BER_encode();
+ std::vector<byte> cvca_sv = cvca_cert.BER_encode();
cvca_file.write((char*)&cvca_sv[0], cvca_sv.size());
cvca_file.close();
@@ -498,7 +498,7 @@ void test_cvc_chain(RandomNumberGenerator& rng)
ASN1_Car car2("DECVCA00002");
EAC1_1_CVC cvca_cert2 = DE_EAC::create_cvca(cvca_privk2, hash, car2, true, true, 12, rng);
EAC1_1_CVC link12 = DE_EAC::link_cvca(cvca_cert, cvca_privk, cvca_cert2, rng);
- SecureVector<byte> link12_sv = link12.BER_encode();
+ std::vector<byte> link12_sv = link12.BER_encode();
std::ofstream link12_file(TEST_DATA_DIR "/cvc_chain_link12.cer", std::ios::binary);
link12_file.write((char*)&link12_sv[0], link12_sv.size());
link12_file.close();
@@ -514,7 +514,7 @@ void test_cvc_chain(RandomNumberGenerator& rng)
ECDSA_PrivateKey dvca_priv_key(rng, dom_pars);
EAC1_1_Req dvca_req = DE_EAC::create_cvc_req(dvca_priv_key, ASN1_Chr("DEDVCAEPASS"), hash, rng);
std::ofstream dvca_file(TEST_DATA_DIR "/cvc_chain_dvca_req.cer", std::ios::binary);
- SecureVector<byte> dvca_sv = dvca_req.BER_encode();
+ std::vector<byte> dvca_sv = dvca_req.BER_encode();
dvca_file.write((char*)&dvca_sv[0], dvca_sv.size());
dvca_file.close();
@@ -528,7 +528,7 @@ void test_cvc_chain(RandomNumberGenerator& rng)
ECDSA_PrivateKey dvca_priv_key2(rng, dom_pars);
EAC1_1_Req dvca_req2 = DE_EAC::create_cvc_req(dvca_priv_key2, ASN1_Chr("DEDVCAEPASS"), hash, rng);
std::ofstream dvca_file2(TEST_DATA_DIR "/cvc_chain_dvca_req2.cer", std::ios::binary);
- SecureVector<byte> dvca_sv2 = dvca_req2.BER_encode();
+ std::vector<byte> dvca_sv2 = dvca_req2.BER_encode();
dvca_file2.write((char*)&dvca_sv2[0], dvca_sv2.size());
dvca_file2.close();
EAC1_1_ADO dvca_ado2 = CVC_EAC::create_ado_req(dvca_priv_key, dvca_req2,
diff --git a/checks/dolook.cpp b/checks/dolook.cpp
index a8e08a96b..20e260f64 100644
--- a/checks/dolook.cpp
+++ b/checks/dolook.cpp
@@ -83,14 +83,14 @@ class PBKDF_Filter : public Filter
pbkdf = algo;
outlen = o;
iterations = i;
- salt = s.bits_of();
+ salt = unlock(s.bits_of());
}
~PBKDF_Filter() { delete pbkdf; }
private:
std::string passphrase;
PBKDF* pbkdf;
- SecureVector<byte> salt;
+ std::vector<byte> salt;
u32bit outlen, iterations;
};
@@ -126,12 +126,12 @@ class KDF_Filter : public Filter
{
kdf = algo;
outlen = o;
- salt = s.bits_of();
+ salt = unlock(s.bits_of());
}
~KDF_Filter() { delete kdf; }
private:
- SecureVector<byte> secret;
- SecureVector<byte> salt;
+ std::vector<byte> secret;
+ std::vector<byte> salt;
KDF* kdf;
u32bit outlen;
};
diff --git a/checks/ec_tests.cpp b/checks/ec_tests.cpp
index e308a5291..39c32de37 100644
--- a/checks/ec_tests.cpp
+++ b/checks/ec_tests.cpp
@@ -76,10 +76,10 @@ void test_point_turn_on_sp_red_mul()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode(p_secp);
- SecureVector<byte> sv_a_secp = hex_decode(a_secp);
- SecureVector<byte> sv_b_secp = hex_decode(b_secp);
- SecureVector<byte> sv_G_secp_comp = hex_decode(G_secp_comp);
+ secure_vector<byte> sv_p_secp = hex_decode(p_secp);
+ secure_vector<byte> sv_a_secp = hex_decode(a_secp);
+ secure_vector<byte> sv_b_secp = hex_decode(b_secp);
+ secure_vector<byte> sv_G_secp_comp = hex_decode(G_secp_comp);
BigInt bi_p_secp = BigInt::decode(&sv_p_secp[0], sv_p_secp.size());
BigInt bi_a_secp = BigInt::decode(&sv_a_secp[0], sv_a_secp.size());
BigInt bi_b_secp = BigInt::decode(&sv_b_secp[0], sv_b_secp.size());
@@ -139,10 +139,10 @@ void test_coordinates()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -196,7 +196,7 @@ void test_point_mult ()
const CurveGFp& curve = secp160r1.get_curve();
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_G_secp_comp = hex_decode(G_secp_comp);
+ secure_vector<byte> sv_G_secp_comp = hex_decode(G_secp_comp);
PointGFp p_G = OS2ECP(sv_G_secp_comp, curve);
BigInt d_U("0xaa374ffc3ce144e6b073307972cb6d57b2a4e982");
@@ -215,10 +215,10 @@ void test_point_negative()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
BigInt bi_b_secp = BigInt::decode ( &sv_b_secp[0], sv_b_secp.size() );
@@ -242,7 +242,7 @@ void test_zeropoint()
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp("0xffffffffffffffffffffffffffffffff7fffffff");
BigInt bi_a_secp("0xffffffffffffffffffffffffffffffff7ffffffc");
BigInt bi_b_secp("0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45");
@@ -273,7 +273,7 @@ void test_zeropoint_enc_dec()
CHECK_MESSAGE( p.is_zero(), "by constructor created zeropoint is no zeropoint!");
- SecureVector<byte> sv_p = EC2OSP(p, PointGFp::UNCOMPRESSED);
+ secure_vector<byte> sv_p = EC2OSP(p, PointGFp::UNCOMPRESSED);
PointGFp p_encdec = OS2ECP(sv_p, curve);
CHECK_MESSAGE( p == p_encdec, "encoded-decoded (uncompressed) point is not equal the original!");
@@ -291,7 +291,7 @@ void test_calc_with_zeropoint()
std::cout << "." << std::flush;
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp("0xffffffffffffffffffffffffffffffff7fffffff");
BigInt bi_a_secp("0xffffffffffffffffffffffffffffffff7ffffffc");
BigInt bi_b_secp("0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45");
@@ -327,10 +327,10 @@ void test_add_point()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
BigInt bi_b_secp = BigInt::decode ( &sv_b_secp[0], sv_b_secp.size() );
@@ -363,10 +363,10 @@ void test_sub_point()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
BigInt bi_b_secp = BigInt::decode ( &sv_b_secp[0], sv_b_secp.size() );
@@ -398,10 +398,10 @@ void test_mult_point()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
BigInt bi_b_secp = BigInt::decode ( &sv_b_secp[0], sv_b_secp.size() );
@@ -427,10 +427,10 @@ void test_basic_operations()
std::string a_secp = "ffffffffffffffffffffffffffffffff7ffffffc";
std::string b_secp = "1c97befc54bd7a8b65acf89f81d4d4adc565fa45";
std::string G_secp_comp = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
BigInt bi_b_secp = BigInt::decode ( &sv_b_secp[0], sv_b_secp.size() );
@@ -490,10 +490,10 @@ void test_enc_dec_compressed_160()
std::string G_secp_comp = "024A96B5688EF573284664698968C38BB913CBFC82";
std::string G_order_secp_comp = "0100000000000000000001F4C8F927AED3CA752257";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -502,7 +502,7 @@ void test_enc_dec_compressed_160()
CurveGFp secp160r1(bi_p_secp, bi_a_secp, bi_b_secp);
PointGFp p_G = OS2ECP ( sv_G_secp_comp, secp160r1 );
- SecureVector<byte> sv_result = EC2OSP(p_G, PointGFp::COMPRESSED);
+ secure_vector<byte> sv_result = EC2OSP(p_G, PointGFp::COMPRESSED);
CHECK( sv_result == sv_G_secp_comp);
}
@@ -519,10 +519,10 @@ void test_enc_dec_compressed_256()
std::string G_secp_comp = "036B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296";
std::string G_order_secp_comp = "ffffffff00000000ffffffffffffffffBCE6FAADA7179E84F3B9CAC2FC632551";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -531,7 +531,7 @@ void test_enc_dec_compressed_256()
CurveGFp secp160r1(bi_p_secp, bi_a_secp, bi_b_secp);
PointGFp p_G = OS2ECP ( sv_G_secp_comp, secp160r1 );
- SecureVector<byte> sv_result = EC2OSP(p_G, PointGFp::COMPRESSED);
+ secure_vector<byte> sv_result = EC2OSP(p_G, PointGFp::COMPRESSED);
CHECK( sv_result == sv_G_secp_comp);
}
@@ -550,10 +550,10 @@ void test_enc_dec_uncompressed_112()
std::string G_secp_uncomp = "044BA30AB5E892B4E1649DD0928643ADCD46F5882E3747DEF36E956E97";
std::string G_order_secp_uncomp = "36DF0AAFD8B8D7597CA10520D04B";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -562,7 +562,7 @@ void test_enc_dec_uncompressed_112()
CurveGFp secp160r1(bi_p_secp, bi_a_secp, bi_b_secp);
PointGFp p_G = OS2ECP ( sv_G_secp_uncomp, secp160r1 );
- SecureVector<byte> sv_result = EC2OSP(p_G, PointGFp::UNCOMPRESSED);
+ secure_vector<byte> sv_result = EC2OSP(p_G, PointGFp::UNCOMPRESSED);
CHECK( sv_result == sv_G_secp_uncomp);
}
@@ -579,10 +579,10 @@ void test_enc_dec_uncompressed_521()
std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650";
std::string G_order_secp_uncomp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -592,7 +592,7 @@ void test_enc_dec_uncompressed_521()
PointGFp p_G = OS2ECP ( sv_G_secp_uncomp, secp160r1 );
- SecureVector<byte> sv_result = EC2OSP(p_G, PointGFp::UNCOMPRESSED);
+ secure_vector<byte> sv_result = EC2OSP(p_G, PointGFp::UNCOMPRESSED);
std::string result = hex_encode(&sv_result[0], sv_result.size());
std::string exp_result = hex_encode(&sv_G_secp_uncomp[0], sv_G_secp_uncomp.size());
@@ -611,10 +611,10 @@ void test_enc_dec_uncompressed_521_prime_too_large()
std::string G_secp_uncomp = "0400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2ffA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650";
std::string G_order_secp_uncomp = "01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409";
- SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
+ secure_vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_uncomp = hex_decode ( G_secp_uncomp );
BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_a_secp = BigInt::decode ( &sv_a_secp[0], sv_a_secp.size() );
@@ -648,7 +648,7 @@ void test_gfp_store_restore()
PointGFp p = dom_pars.get_base_point();
//store point (to std::string)
- SecureVector<byte> sv_mes = EC2OSP(p, PointGFp::COMPRESSED);
+ secure_vector<byte> sv_mes = EC2OSP(p, PointGFp::COMPRESSED);
PointGFp new_p = OS2ECP(sv_mes, dom_pars.get_curve());
CHECK_MESSAGE( p == new_p, "original and restored point are different!");
@@ -662,7 +662,7 @@ void test_cdc_curve_33()
std::string G_secp_uncomp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7";
- SecureVector<byte> sv_G_uncomp = hex_decode ( G_secp_uncomp );
+ secure_vector<byte> sv_G_uncomp = hex_decode ( G_secp_uncomp );
BigInt bi_p_secp = BigInt("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809");
BigInt bi_a_secp("0xa377dede6b523333d36c78e9b0eaa3bf48ce93041f6d4fc34014d08f6833807498deedd4290101c5866e8dfb589485d13357b9e78c2d7fbe9fe");
@@ -689,7 +689,7 @@ void test_more_zeropoint()
// by Falko
std::string G = "024a96b5688ef573284664698968c38bb913cbfc82";
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G );
BigInt bi_p("0xffffffffffffffffffffffffffffffff7fffffff");
BigInt bi_a("0xffffffffffffffffffffffffffffffff7ffffffc");
BigInt bi_b("0x1c97befc54bd7a8b65acf89f81d4d4adc565fa45");
diff --git a/checks/ecdh.cpp b/checks/ecdh.cpp
index c641796d6..841bce55b 100644
--- a/checks/ecdh.cpp
+++ b/checks/ecdh.cpp
@@ -96,8 +96,8 @@ void test_ecdh_der_derivation(RandomNumberGenerator& rng)
ECDH_PrivateKey private_a(rng, dom_pars);
ECDH_PrivateKey private_b(rng, dom_pars);
- MemoryVector<byte> key_a = private_a.public_value();
- MemoryVector<byte> key_b = private_b.public_value();
+ std::vector<byte> key_a = private_a.public_value();
+ std::vector<byte> key_b = private_b.public_value();
PK_Key_Agreement ka(private_a, "KDF2(SHA-1)");
PK_Key_Agreement kb(private_b, "KDF2(SHA-1)");
diff --git a/checks/ecdsa.cpp b/checks/ecdsa.cpp
index 3110bf0fe..554f72dd7 100644
--- a/checks/ecdsa.cpp
+++ b/checks/ecdsa.cpp
@@ -32,7 +32,7 @@ using namespace Botan;
namespace {
-std::string to_hex(const SecureVector<byte>& bin)
+std::string to_hex(const std::vector<byte>& bin)
{
return hex_encode(&bin[0], bin.size());
}
@@ -54,7 +54,7 @@ void test_hash_larger_than_n(RandomNumberGenerator& rng)
ECDSA_PrivateKey priv_key(rng, dom_pars);
- SecureVector<byte> message(20);
+ std::vector<byte> message(20);
for(size_t i = 0; i != message.size(); ++i)
message[i] = i;
@@ -64,14 +64,14 @@ void test_hash_larger_than_n(RandomNumberGenerator& rng)
PK_Signer pk_signer_224(priv_key, "EMSA1_BSI(SHA-224)");
// Verify we can sign and verify with SHA-160
- SecureVector<byte> signature_160 = pk_signer_160.sign_message(message, rng);
+ std::vector<byte> signature_160 = pk_signer_160.sign_message(message, rng);
CHECK(pk_verifier_160.verify_message(message, signature_160));
bool signature_failed = false;
try
{
- SecureVector<byte> signature_224 = pk_signer_224.sign_message(message, rng);
+ std::vector<byte> signature_224 = pk_signer_224.sign_message(message, rng);
}
catch(Encoding_Error)
{
@@ -84,7 +84,7 @@ void test_hash_larger_than_n(RandomNumberGenerator& rng)
// sign it with the normal EMSA1
PK_Signer pk_signer(priv_key, "EMSA1(SHA-224)");
- SecureVector<byte> signature = pk_signer.sign_message(message, rng);
+ std::vector<byte> signature = pk_signer.sign_message(message, rng);
PK_Verifier pk_verifier(priv_key, "EMSA1_BSI(SHA-224)");
@@ -142,8 +142,8 @@ void test_sign_then_ver(RandomNumberGenerator& rng)
PK_Signer signer(ecdsa, "EMSA1(SHA-1)");
- SecureVector<byte> msg = hex_decode("12345678901234567890abcdef12");
- SecureVector<byte> sig = signer.sign_message(msg, rng);
+ secure_vector<byte> msg = hex_decode("12345678901234567890abcdef12");
+ std::vector<byte> sig = signer.sign_message(msg, rng);
PK_Verifier verifier(ecdsa, "EMSA1(SHA-1)");
@@ -174,7 +174,7 @@ bool test_ec_sign(RandomNumberGenerator& rng)
for(size_t i = 0; i != 256; ++i)
signer.update(static_cast<byte>(i));
- SecureVector<byte> sig = signer.signature(rng);
+ std::vector<byte> sig = signer.signature(rng);
for(u32bit i = 0; i != 256; ++i)
verifier.update(static_cast<byte>(i));
@@ -267,11 +267,11 @@ void test_create_and_verify(RandomNumberGenerator& rng)
std::string G_secp_comp = "04081523d03d4f12cd02879dea4bf6a4f3a7df26ed888f10c5b2235a1274c386a2f218300dee6ed217841164533bcdc903f07a096f9fbf4ee95bac098a111f296f5830fe5c35b3e344d5df3a2256985f64fbe6d0edcc4c61d18bef681dd399df3d0194c5a4315e012e0245ecea56365baa9e8be1f7";
std::string order_g = "0e1a16196e6000000000bc7f1618d867b15bb86474418f";
- // ::SecureVector<byte> sv_p_secp = hex_decode ( p_secp );
- SecureVector<byte> sv_a_secp = hex_decode ( a_secp );
- SecureVector<byte> sv_b_secp = hex_decode ( b_secp );
- SecureVector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
- SecureVector<byte> sv_order_g = hex_decode ( order_g );
+ // ::std::vector<byte> sv_p_secp = hex_decode ( p_secp );
+ secure_vector<byte> sv_a_secp = hex_decode ( a_secp );
+ secure_vector<byte> sv_b_secp = hex_decode ( b_secp );
+ secure_vector<byte> sv_G_secp_comp = hex_decode ( G_secp_comp );
+ secure_vector<byte> sv_order_g = hex_decode ( order_g );
// BigInt bi_p_secp = BigInt::decode ( &sv_p_secp[0], sv_p_secp.size() );
BigInt bi_p_secp("2117607112719756483104013348936480976596328609518055062007450442679169492999007105354629105748524349829824407773719892437896937279095106809");
@@ -343,8 +343,8 @@ void test_curve_registry(RandomNumberGenerator& rng)
PK_Signer signer(ecdsa, "EMSA1(SHA-1)");
PK_Verifier verifier(ecdsa, "EMSA1(SHA-1)");
- SecureVector<byte> msg = hex_decode("12345678901234567890abcdef12");
- SecureVector<byte> sig = signer.sign_message(msg, rng);
+ secure_vector<byte> msg = hex_decode("12345678901234567890abcdef12");
+ std::vector<byte> sig = signer.sign_message(msg, rng);
if(!verifier.verify_message(msg, sig))
std::cout << "Failed testing ECDSA sig for curve " << oids[i] << "\n";
@@ -361,7 +361,7 @@ void test_read_pkcs8(RandomNumberGenerator& rng)
{
std::cout << "." << std::flush;
- SecureVector<byte> msg = hex_decode("12345678901234567890abcdef12");
+ secure_vector<byte> msg = hex_decode("12345678901234567890abcdef12");
try
{
@@ -371,7 +371,7 @@ void test_read_pkcs8(RandomNumberGenerator& rng)
PK_Signer signer(*ecdsa, "EMSA1(SHA-1)");
- SecureVector<byte> sig = signer.sign_message(msg, rng);
+ std::vector<byte> sig = signer.sign_message(msg, rng);
PK_Verifier verifier(*ecdsa, "EMSA1(SHA-1)");
@@ -393,7 +393,7 @@ void test_read_pkcs8(RandomNumberGenerator& rng)
PK_Signer signer(*ecdsa_nodp, "EMSA1(SHA-1)");
PK_Verifier verifier(*ecdsa_nodp, "EMSA1(SHA-1)");
- SecureVector<byte> signature_nodp = signer.sign_message(msg, rng);
+ std::vector<byte> signature_nodp = signer.sign_message(msg, rng);
CHECK_MESSAGE(verifier.verify_message(msg, signature_nodp),
"generated signature could not be verified positively (no_dom)");
diff --git a/checks/pk.cpp b/checks/pk.cpp
index e06efb3ea..261c5f78c 100644
--- a/checks/pk.cpp
+++ b/checks/pk.cpp
@@ -85,8 +85,8 @@ BigInt to_bigint(std::string input)
input.length(), BigInt::Hexadecimal);
}
-void dump_data(const SecureVector<byte>& out,
- const SecureVector<byte>& expected)
+void dump_data(const std::vector<byte>& out,
+ const std::vector<byte>& expected)
{
Pipe pipe(new Hex_Encoder);
@@ -142,11 +142,11 @@ void validate_save_and_load(const Private_Key* priv_key,
}
void validate_decryption(PK_Decryptor& d, const std::string& algo,
- const SecureVector<byte> ctext,
- const SecureVector<byte> ptext,
+ const std::vector<byte> ctext,
+ const std::vector<byte> ptext,
bool& failure)
{
- SecureVector<byte> decrypted = d.decrypt(ctext);
+ std::vector<byte> decrypted = unlock(d.decrypt(ctext));
if(decrypted != ptext)
{
std::cout << "FAILED (decrypt): " << algo << std::endl;
@@ -160,11 +160,11 @@ void validate_encryption(PK_Encryptor& e, PK_Decryptor& d,
const std::string& random, const std::string& exp,
bool& failure)
{
- SecureVector<byte> message = hex_decode(input);
- SecureVector<byte> expected = hex_decode(exp);
+ std::vector<byte> message = unlock(hex_decode(input));
+ std::vector<byte> expected = unlock(hex_decode(exp));
Fixed_Output_RNG rng(hex_decode(random));
- SecureVector<byte> out = e.encrypt(message, rng);
+ std::vector<byte> out = e.encrypt(message, rng);
if(out != expected)
{
std::cout << "FAILED (encrypt): " << algo << std::endl;
@@ -180,11 +180,11 @@ void validate_signature(PK_Verifier& v, PK_Signer& s, const std::string& algo,
RandomNumberGenerator& rng,
const std::string& exp, bool& failure)
{
- SecureVector<byte> message = hex_decode(input);
+ std::vector<byte> message = unlock(hex_decode(input));
- SecureVector<byte> expected = hex_decode(exp);
+ std::vector<byte> expected = unlock(hex_decode(exp));
- SecureVector<byte> sig = s.sign_message(message, rng);
+ std::vector<byte> sig = s.sign_message(message, rng);
if(sig != expected)
{
@@ -220,18 +220,18 @@ void validate_signature(PK_Verifier& v, PK_Signer& s, const std::string& algo,
}
void validate_kas(PK_Key_Agreement& kas, const std::string& algo,
- const SecureVector<byte>& pubkey, const std::string& output,
+ const std::vector<byte>& pubkey, const std::string& output,
u32bit keylen, bool& failure)
{
- SecureVector<byte> expected = hex_decode(output);
+ secure_vector<byte> expected = hex_decode(output);
- SecureVector<byte> got = kas.derive_key(keylen,
- pubkey).bits_of();
+ secure_vector<byte> got = kas.derive_key(keylen,
+ pubkey).bits_of();
if(got != expected)
{
std::cout << "FAILED: " << algo << std::endl;
- dump_data(got, expected);
+ dump_data(unlock(got), unlock(expected));
failure = true;
}
}
@@ -325,8 +325,8 @@ u32bit validate_elg_enc(const std::string& algo,
validate_encryption(e, d, algo, str[4], str[5], str[6], failure);
}
else
- validate_decryption(d, algo, hex_decode(str[5]),
- hex_decode(str[4]), failure);
+ validate_decryption(d, algo, unlock(hex_decode(str[5])),
+ unlock(hex_decode(str[4])), failure);
return (failure ? 1 : 0);
#endif
@@ -373,8 +373,8 @@ u32bit validate_rsa_ver(const std::string& algo,
PK_Verifier v(key, emsa);
- SecureVector<byte> msg = hex_decode(str[2]);
- SecureVector<byte> sig = hex_decode(str[3]);
+ std::vector<byte> msg = unlock(hex_decode(str[2]));
+ std::vector<byte> sig = unlock(hex_decode(str[3]));
bool passed = true;
passed = v.verify_message(msg, sig);
@@ -405,8 +405,8 @@ u32bit validate_rsa_ver_x509(const std::string& algo,
PK_Verifier v(*rsakey, emsa);
- SecureVector<byte> msg = hex_decode(str[1]);
- SecureVector<byte> sig = hex_decode(str[2]);
+ std::vector<byte> msg = unlock(hex_decode(str[1]));
+ std::vector<byte> sig = unlock(hex_decode(str[2]));
bool passed = v.verify_message(msg, sig);
return (passed ? 0 : 1);
@@ -429,8 +429,8 @@ u32bit validate_rw_ver(const std::string& algo,
PK_Verifier v(key, emsa);
- SecureVector<byte> msg = hex_decode(str[2]);
- SecureVector<byte> sig = hex_decode(str[3]);
+ std::vector<byte> msg = unlock(hex_decode(str[2]));
+ std::vector<byte> sig = unlock(hex_decode(str[3]));
bool passed = true;
passed = v.verify_message(msg, sig);
@@ -538,7 +538,7 @@ u32bit validate_gost_ver(const std::string& algo,
EC_Group group(OIDS::lookup(str[0]));
- PointGFp public_point = OS2ECP(hex_decode(str[1]), group.get_curve());
+ PointGFp public_point = OS2ECP(unlock(hex_decode(str[1])), group.get_curve());
GOST_3410_PublicKey gost(group, public_point);
@@ -546,8 +546,8 @@ u32bit validate_gost_ver(const std::string& algo,
PK_Verifier v(gost, emsa);
- SecureVector<byte> msg = hex_decode(str[2]);
- SecureVector<byte> sig = hex_decode(str[3]);
+ std::vector<byte> msg = unlock(hex_decode(str[2]));
+ std::vector<byte> sig = unlock(hex_decode(str[3]));
bool passed = v.verify_message(msg, sig);
return (passed ? 0 : 1);
@@ -578,8 +578,8 @@ u32bit validate_dsa_ver(const std::string& algo,
PK_Verifier v(*dsakey, emsa);
- SecureVector<byte> msg = hex_decode(str[1]);
- SecureVector<byte> sig = hex_decode(str[2]);
+ std::vector<byte> msg = unlock(hex_decode(str[1]));
+ std::vector<byte> sig = unlock(hex_decode(str[2]));
v.set_input_format(DER_SEQUENCE);
bool passed = v.verify_message(msg, sig);
diff --git a/checks/pk_bench.cpp b/checks/pk_bench.cpp
index ab4702dba..8241ee5d1 100644
--- a/checks/pk_bench.cpp
+++ b/checks/pk_bench.cpp
@@ -104,7 +104,7 @@ void benchmark_enc_dec(PK_Encryptor& enc, PK_Decryptor& dec,
RandomNumberGenerator& rng,
u32bit runs, double seconds)
{
- SecureVector<byte> plaintext, ciphertext;
+ std::vector<byte> plaintext, ciphertext;
for(u32bit i = 0; i != runs; ++i)
{
@@ -127,7 +127,7 @@ void benchmark_enc_dec(PK_Encryptor& enc, PK_Decryptor& dec,
if(dec_timer.seconds() < seconds)
{
dec_timer.start();
- SecureVector<byte> plaintext_out = dec.decrypt(ciphertext);
+ std::vector<byte> plaintext_out = unlock(dec.decrypt(ciphertext));
dec_timer.stop();
if(plaintext_out != plaintext)
@@ -143,7 +143,7 @@ void benchmark_sig_ver(PK_Verifier& ver, PK_Signer& sig,
RandomNumberGenerator& rng,
u32bit runs, double seconds)
{
- SecureVector<byte> message, signature, sig_random;
+ std::vector<byte> message, signature, sig_random;
for(u32bit i = 0; i != runs; ++i)
{
@@ -171,7 +171,7 @@ void benchmark_sig_ver(PK_Verifier& ver, PK_Signer& sig,
if((i % 100) == 0)
{
- sig_random = rng.random_vec(signature.size());
+ sig_random = unlock(rng.random_vec(signature.size()));
verify_timer.start();
const bool verified_bad = ver.verify_message(message, sig_random);
diff --git a/checks/validate.cpp b/checks/validate.cpp
index 2bb099030..c6a4a29d0 100644
--- a/checks/validate.cpp
+++ b/checks/validate.cpp
@@ -119,7 +119,7 @@ bool keywrap_test(const char* key_str,
Algorithm_Factory& af = global_state().algorithm_factory();
- SecureVector<byte> enc = rfc3394_keywrap(key.bits_of(), kek, af);
+ secure_vector<byte> enc = rfc3394_keywrap(key.bits_of(), kek, af);
if(enc != expected.bits_of())
{
@@ -128,7 +128,7 @@ bool keywrap_test(const char* key_str,
ok = false;
}
- SecureVector<byte> dec = rfc3394_keyunwrap(expected.bits_of(), kek, af);
+ secure_vector<byte> dec = rfc3394_keyunwrap(expected.bits_of(), kek, af);
if(dec != key.bits_of())
{
@@ -490,7 +490,7 @@ bool failed_test(const std::string& algo,
pipe.append(test);
pipe.append(new Botan::Hex_Encoder);
- Botan::SecureVector<byte> data = Botan::hex_decode(in);
+ secure_vector<byte> data = Botan::hex_decode(in);
const byte* data_ptr = &data[0];
// this can help catch errors with buffering, etc
@@ -538,7 +538,7 @@ bool failed_test(const std::string& algo,
size_t offset = random_word(rng, pipe.remaining() - 1);
size_t length = random_word(rng, pipe.remaining() - offset);
- Botan::SecureVector<byte> peekbuf(length);
+ std::vector<byte> peekbuf(length);
pipe.peek(&peekbuf[0], peekbuf.size(), offset);
output = pipe.read_all_as_string();
diff --git a/checks/x509.cpp b/checks/x509.cpp
index 8c6cd8187..c3bf2353e 100644
--- a/checks/x509.cpp
+++ b/checks/x509.cpp
@@ -49,7 +49,7 @@ u64bit key_id(const Public_Key* key)
pipe.write(key->x509_subject_public_key());
pipe.end_msg();
- SecureVector<byte> output = pipe.read_all();
+ secure_vector<byte> output = pipe.read_all();
if(output.size() != 8)
throw Internal_Error("Public_Key::key_id: Incorrect output size");
diff --git a/doc/examples/GNUmakefile b/doc/examples/GNUmakefile
index fb2788218..b034cac78 100644
--- a/doc/examples/GNUmakefile
+++ b/doc/examples/GNUmakefile
@@ -1,7 +1,7 @@
BOTAN_CONFIG = botan-config
-CXX = g++-4.6.0
+CXX = g++-4.8.0-r187608
CFLAGS = -O2 -ansi -std=c++0x -W -Wall -I../../build/include
LIBS = -L../.. -lbotan-1.99
@@ -18,7 +18,7 @@ clean:
$(CXX) $(CFLAGS) $? $(LIBS) -o $@
eax_test: eax_test.cpp
- echo $(CXX) $(CFLAGS) $? $(LIBS) -lboost_regex -o $@
+ $(CXX) $(CFLAGS) $? $(LIBS) -lboost_regex -o $@
asio_tls_server: asio_tls_server.cpp credentials.h
$(CXX) $(CFLAGS) $< $(LIBS) -lboost_thread -lboost_system -o $@
diff --git a/doc/examples/asn1.cpp b/doc/examples/asn1.cpp
index 866e57d75..d12ee1eec 100644
--- a/doc/examples/asn1.cpp
+++ b/doc/examples/asn1.cpp
@@ -72,8 +72,8 @@ void decode(BER_Decoder& decoder, size_t level)
/* hack to insert the tag+length back in front of the stuff now
that we've gotten the type info */
DER_Encoder encoder;
- encoder.add_object(type_tag, class_tag, obj.value, obj.value.size());
- SecureVector<byte> bits = encoder.get_contents();
+ encoder.add_object(type_tag, class_tag, obj.value);
+ secure_vector<byte> bits = encoder.get_contents();
BER_Decoder data(bits);
@@ -143,7 +143,7 @@ void decode(BER_Decoder& decoder, size_t level)
BigInt number;
data.decode(number);
- SecureVector<byte> rep;
+ std::vector<byte> rep;
/* If it's small, it's probably a number, not a hash */
if(number.bits() <= 16)
@@ -170,7 +170,7 @@ void decode(BER_Decoder& decoder, size_t level)
}
else if(type_tag == OCTET_STRING)
{
- SecureVector<byte> bits;
+ secure_vector<byte> bits;
data.decode(bits, type_tag);
bool not_text = false;
@@ -184,7 +184,7 @@ void decode(BER_Decoder& decoder, size_t level)
}
else if(type_tag == BIT_STRING)
{
- SecureVector<byte> bits;
+ secure_vector<byte> bits;
data.decode(bits, type_tag);
std::vector<bool> bit_set;
diff --git a/doc/examples/bzip.cpp b/doc/examples/bzip.cpp
index 6137bb6af..74ba431ed 100644
--- a/doc/examples/bzip.cpp
+++ b/doc/examples/bzip.cpp
@@ -37,6 +37,7 @@ int main(int argc, char* argv[])
Botan::LibraryInitializer init;
+#ifdef BOTAN_HAS_COMPRESSOR_BZIP2
std::vector<std::string> files;
bool decompress = false, small = false;
int level = 9;
@@ -60,18 +61,10 @@ int main(int argc, char* argv[])
try {
Botan::Filter* bzip = 0;
-#ifdef BOTAN_HAS_COMPRESSOR_BZIP2
if(decompress)
bzip = new Botan::Bzip_Decompression(small);
else
bzip = new Botan::Bzip_Compression(level);
-#endif
-
- if(!bzip)
- {
- std::cout << "Sorry, support for bzip2 not compiled into Botan\n";
- return 1;
- }
Botan::Pipe pipe(bzip);
@@ -112,5 +105,11 @@ int main(int argc, char* argv[])
std::cout << "Exception caught: " << e.what() << std::endl;
return 1;
}
+#else
+
+ std::cout << "Sorry, support for bzip2 not compiled into Botan\n";
+
+#endif
+
return 0;
}
diff --git a/doc/examples/credentials.h b/doc/examples/credentials.h
index 4e4427585..2734b1649 100644
--- a/doc/examples/credentials.h
+++ b/doc/examples/credentials.h
@@ -97,7 +97,7 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
const std::string& identifier,
std::string& group_id,
Botan::BigInt& verifier,
- Botan::MemoryRegion<Botan::byte>& salt,
+ std::vector<Botan::byte>& salt,
bool generate_fake_on_unknown)
{
diff --git a/doc/examples/decrypt.cpp b/doc/examples/decrypt.cpp
index ea510c5e9..42c4071c7 100644
--- a/doc/examples/decrypt.cpp
+++ b/doc/examples/decrypt.cpp
@@ -27,7 +27,7 @@ stderr so there is no confusion.
using namespace Botan;
-SecureVector<byte> b64_decode(const std::string&);
+secure_vector<byte> b64_decode(const std::string&);
int main(int argc, char* argv[])
{
@@ -111,7 +111,7 @@ int main(int argc, char* argv[])
const u32bit PBKDF2_ITERATIONS = 8192;
- SecureVector<byte> salt = b64_decode(salt_str);
+ secure_vector<byte> salt = b64_decode(salt_str);
SymmetricKey bc_key = pbkdf->derive_key(key_len, "BLK" + passphrase,
&salt[0], salt.size(),
@@ -165,7 +165,7 @@ int main(int argc, char* argv[])
return 0;
}
-SecureVector<byte> b64_decode(const std::string& in)
+secure_vector<byte> b64_decode(const std::string& in)
{
Pipe pipe(new Base64_Decoder);
pipe.process_msg(in);
diff --git a/doc/examples/dh.cpp b/doc/examples/dh.cpp
index 8d163303a..d62d49f65 100644
--- a/doc/examples/dh.cpp
+++ b/doc/examples/dh.cpp
@@ -24,12 +24,12 @@ int main()
DH_PrivateKey private_b(rng, shared_domain);
// Alice sends to Bob her public key and a session parameter
- MemoryVector<byte> public_a = private_a.public_value();
+ std::vector<byte> public_a = private_a.public_value();
const std::string session_param =
"Alice and Bob's shared session parameter";
// Bob sends his public key to Alice
- MemoryVector<byte> public_b = private_b.public_value();
+ std::vector<byte> public_b = private_b.public_value();
// Now Alice performs the key agreement operation
PK_Key_Agreement ka_alice(private_a, "KDF2(SHA-256)");
diff --git a/doc/examples/dsa_ver.cpp b/doc/examples/dsa_ver.cpp
index 9cb85740e..e6910a4e1 100644
--- a/doc/examples/dsa_ver.cpp
+++ b/doc/examples/dsa_ver.cpp
@@ -12,7 +12,7 @@ using namespace Botan;
namespace {
-SecureVector<byte> b64_decode(const std::string& in)
+secure_vector<byte> b64_decode(const std::string& in)
{
Pipe pipe(new Base64_Decoder);
pipe.process_msg(in);
@@ -60,7 +60,7 @@ int main(int argc, char* argv[])
return 1;
}
- SecureVector<byte> sig = b64_decode(sigstr);
+ secure_vector<byte> sig = b64_decode(sigstr);
PK_Verifier ver(*dsakey, "EMSA1(SHA-1)");
diff --git a/doc/examples/ecdsa.cpp b/doc/examples/ecdsa.cpp
index 1607107eb..b0a66a888 100644
--- a/doc/examples/ecdsa.cpp
+++ b/doc/examples/ecdsa.cpp
@@ -40,7 +40,7 @@ int main()
signer.update((const byte*)message, strlen(message));
- SecureVector<byte> sig = signer.signature(rng);
+ std::vector<byte> sig = signer.signature(rng);
std::cout << sig.size() << "\n";
diff --git a/doc/examples/encrypt.cpp b/doc/examples/encrypt.cpp
index 28017d875..158806936 100644
--- a/doc/examples/encrypt.cpp
+++ b/doc/examples/encrypt.cpp
@@ -33,7 +33,7 @@ you're encrypting is 1 Gb... you better have a lot of RAM.
using namespace Botan;
-std::string b64_encode(const SecureVector<byte>&);
+std::string b64_encode(const secure_vector<byte>&);
int main(int argc, char* argv[])
{
@@ -128,7 +128,7 @@ int main(int argc, char* argv[])
std::auto_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(SHA-1)"));
- SecureVector<byte> salt(8);
+ secure_vector<byte> salt(8);
rng.randomize(&salt[0], salt.size());
const u32bit PBKDF2_ITERATIONS = 8192;
@@ -185,7 +185,7 @@ int main(int argc, char* argv[])
return 0;
}
-std::string b64_encode(const SecureVector<byte>& in)
+std::string b64_encode(const secure_vector<byte>& in)
{
Pipe pipe(new Base64_Encoder);
pipe.process_msg(in);
diff --git a/doc/examples/encrypt2.cpp b/doc/examples/encrypt2.cpp
index 41f4fb478..c6c735af9 100644
--- a/doc/examples/encrypt2.cpp
+++ b/doc/examples/encrypt2.cpp
@@ -28,10 +28,10 @@ int main()
const u32bit PBKDF2_ITERATIONS = 8192;
- SecureVector<byte> salt(8);
+ secure_vector<byte> salt(8);
rng.randomize(&salt[0], salt.size());
- SecureVector<byte> master_key = pbkdf2.derive_key(48, passphrase,
+ secure_vector<byte> master_key = pbkdf2.derive_key(48, passphrase,
&salt[0], salt.size(),
PBKDF2_ITERATIONS).bits_of();
@@ -55,12 +55,12 @@ int main()
)
);
- outfile.write((const char*)salt.begin(), salt.size());
+ outfile.write((const char*)&salt[0], salt.size());
pipe.start_msg();
infile >> pipe;
pipe.end_msg();
- SecureVector<byte> hmac = pipe.read_all(1);
- outfile.write((const char*)hmac.begin(), hmac.size());
+ secure_vector<byte> hmac = pipe.read_all(1);
+ outfile.write((const char*)&hmac[0], hmac.size());
}
diff --git a/doc/examples/fpe.cpp b/doc/examples/fpe.cpp
index 029a761e7..8f5eaca9f 100644
--- a/doc/examples/fpe.cpp
+++ b/doc/examples/fpe.cpp
@@ -55,11 +55,11 @@ u64bit cc_derank(u64bit cc_number)
/*
* Use the SHA-1 hash of the account name or ID as a tweak
*/
-SecureVector<byte> sha1(const std::string& acct_name)
+std::vector<byte> sha1(const std::string& acct_name)
{
SHA_160 hash;
hash.update(acct_name);
- return hash.final();
+ return unlock(hash.final());
}
u64bit encrypt_cc_number(u64bit cc_number,
@@ -123,7 +123,7 @@ int main(int argc, char* argv[])
* In practice something like PBKDF2 with a salt and high iteration
* count would be a good idea.
*/
- SymmetricKey key = sha1(passwd);
+ SymmetricKey key(sha1(passwd));
u64bit enc_cc = encrypt_cc_number(cc_number, key, acct_name);
diff --git a/doc/examples/keywrap.cpp b/doc/examples/keywrap.cpp
index 730bcb6c9..93cdbfb84 100644
--- a/doc/examples/keywrap.cpp
+++ b/doc/examples/keywrap.cpp
@@ -28,11 +28,11 @@ int main()
Algorithm_Factory& af = global_state().algorithm_factory();
- SecureVector<byte> enc = rfc3394_keywrap(key.bits_of(), kek, af);
+ secure_vector<byte> enc = rfc3394_keywrap(key.bits_of(), kek, af);
std::cout << "Encrypted: " << hex_encode(enc) << "\n";
- SecureVector<byte> dec = rfc3394_keyunwrap(enc, kek, af);
+ secure_vector<byte> dec = rfc3394_keyunwrap(enc, kek, af);
std::cout << "Decrypted: " << hex_encode(dec) << "\n";
}
diff --git a/doc/examples/new_engine.cpp b/doc/examples/new_engine.cpp
index 42e5dbe33..7e51df2e2 100644
--- a/doc/examples/new_engine.cpp
+++ b/doc/examples/new_engine.cpp
@@ -43,7 +43,7 @@ class XOR_Cipher : public StreamCipher
copy_mem(&mask[0], key, length);
}
- SecureVector<byte> mask;
+ secure_vector<byte> mask;
u32bit mask_pos;
};
diff --git a/doc/examples/pqg_gen.cpp b/doc/examples/pqg_gen.cpp
index c033dac3b..b24c30844 100644
--- a/doc/examples/pqg_gen.cpp
+++ b/doc/examples/pqg_gen.cpp
@@ -13,7 +13,7 @@
#include <botan/botan.h>
#include <botan/auto_rng.h>
-#include <botan/dsa.h>
+#include <botan/hex.h>
#include <botan/numthry.h>
#include <botan/dl_group.h>
using namespace Botan;
@@ -94,9 +94,7 @@ bool check(RandomNumberGenerator& rng,
//u32bit c = to_u32bit(inputs["c"]);
- Pipe pipe(new Hex_Decoder);
- pipe.process_msg(inputs["Seed"]);
- SecureVector<byte> seed = pipe.read_all();
+ std::vector<byte> seed = unlock(hex_decode(inputs["Seed"]));
BigInt our_p, our_q;
diff --git a/doc/examples/read_ssh.cpp b/doc/examples/read_ssh.cpp
index f6299a29d..0392786a5 100644
--- a/doc/examples/read_ssh.cpp
+++ b/doc/examples/read_ssh.cpp
@@ -42,7 +42,7 @@ BigInt read_bigint(Pipe& pipe)
{
u32bit len = read_u32bit(pipe);
- SecureVector<byte> buf(len);
+ secure_vector<byte> buf(len);
pipe.read(&buf[0], len);
return BigInt::decode(buf);
}
diff --git a/doc/examples/rng_test.cpp b/doc/examples/rng_test.cpp
index c0d24fd80..385ac57f3 100644
--- a/doc/examples/rng_test.cpp
+++ b/doc/examples/rng_test.cpp
@@ -68,11 +68,11 @@ void x931_tests(std::vector<std::pair<std::string, std::string> > vecs,
ANSI_X931_RNG prng(get_block_cipher(cipher),
new Fixed_Output_RNG);
- SecureVector<byte> x = hex_decode(input);
- prng.add_entropy(x.begin(), x.size());
+ secure_vector<byte> x = hex_decode(input);
+ prng.add_entropy(&x[0], x.size());
- SecureVector<byte> output(result.size() / 2);
- prng.randomize(output, output.size());
+ secure_vector<byte> output(result.size() / 2);
+ prng.randomize(&output[0], output.size());
if(hex_decode(result) != output)
std::cout << "FAIL";
diff --git a/doc/examples/row_encryptor.cpp b/doc/examples/row_encryptor.cpp
index 685850945..b512025b6 100644
--- a/doc/examples/row_encryptor.cpp
+++ b/doc/examples/row_encryptor.cpp
@@ -26,22 +26,22 @@ class Row_Encryptor
RandomNumberGenerator& rng);
Row_Encryptor(const std::string& passphrase,
- const MemoryRegion<byte>& salt);
+ const std::vector<byte>& salt);
std::string encrypt(const std::string& input,
- const MemoryRegion<byte>& salt);
+ const std::vector<byte>& salt);
std::string decrypt(const std::string& input,
- const MemoryRegion<byte>& salt);
+ const std::vector<byte>& salt);
- SecureVector<byte> get_pbkdf_salt() const { return pbkdf_salt; }
+ std::vector<byte> get_pbkdf_salt() const { return pbkdf_salt; }
private:
void init(const std::string& passphrase);
Row_Encryptor(const Row_Encryptor&) {}
Row_Encryptor& operator=(const Row_Encryptor&) { return (*this); }
- SecureVector<byte> pbkdf_salt;
+ std::vector<byte> pbkdf_salt;
Pipe enc_pipe, dec_pipe;
EAX_Encryption* eax_enc; // owned by enc_pipe
EAX_Decryption* eax_dec; // owned by dec_pipe;
@@ -56,7 +56,7 @@ Row_Encryptor::Row_Encryptor(const std::string& passphrase,
}
Row_Encryptor::Row_Encryptor(const std::string& passphrase,
- const MemoryRegion<byte>& salt)
+ const std::vector<byte>& salt)
{
pbkdf_salt = salt;
init(passphrase);
@@ -66,7 +66,7 @@ void Row_Encryptor::init(const std::string& passphrase)
{
std::auto_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(SHA-160)"));
- SecureVector<byte> key = pbkdf->derive_key(32, passphrase,
+ secure_vector<byte> key = pbkdf->derive_key(32, passphrase,
&pbkdf_salt[0], pbkdf_salt.size(),
10000).bits_of();
@@ -89,7 +89,7 @@ void Row_Encryptor::init(const std::string& passphrase)
}
std::string Row_Encryptor::encrypt(const std::string& input,
- const MemoryRegion<byte>& salt)
+ const std::vector<byte>& salt)
{
eax_enc->set_iv(salt);
enc_pipe.process_msg(input);
@@ -97,7 +97,7 @@ std::string Row_Encryptor::encrypt(const std::string& input,
}
std::string Row_Encryptor::decrypt(const std::string& input,
- const MemoryRegion<byte>& salt)
+ const std::vector<byte>& salt)
{
eax_dec->set_iv(salt);
dec_pipe.process_msg(input);
@@ -133,7 +133,7 @@ int main()
}
std::vector<std::string> encrypted_values;
- MemoryVector<byte> salt(4); // keep out of loop to avoid excessive dynamic allocation
+ std::vector<byte> salt(4);
for(u32bit i = 0; i != original_inputs.size(); ++i)
{
diff --git a/doc/examples/rsa_dec.cpp b/doc/examples/rsa_dec.cpp
index 9c470b8e9..98768cda7 100644
--- a/doc/examples/rsa_dec.cpp
+++ b/doc/examples/rsa_dec.cpp
@@ -20,7 +20,7 @@ same key format as that generated by rsa_kgen.
#include <botan/rsa.h>
using namespace Botan;
-SecureVector<byte> b64_decode(const std::string&);
+secure_vector<byte> b64_decode(const std::string&);
SymmetricKey derive_key(const std::string&, const SymmetricKey&, u32bit);
const std::string SUFFIX = ".enc";
@@ -73,11 +73,11 @@ int main(int argc, char* argv[])
std::string mac_str;
std::getline(message, mac_str);
- SecureVector<byte> enc_masterkey = b64_decode(enc_masterkey_str);
+ secure_vector<byte> enc_masterkey = b64_decode(enc_masterkey_str);
PK_Decryptor_EME decryptor(*rsakey, "EME1(SHA-1)");
- SecureVector<byte> masterkey = decryptor.decrypt(enc_masterkey);
+ secure_vector<byte> masterkey = decryptor.decrypt(enc_masterkey);
SymmetricKey cast_key = derive_key("CAST", masterkey, 16);
InitializationVector iv = derive_key("IV", masterkey, 8);
@@ -113,7 +113,7 @@ int main(int argc, char* argv[])
return 0;
}
-SecureVector<byte> b64_decode(const std::string& in)
+secure_vector<byte> b64_decode(const std::string& in)
{
Pipe pipe(new Base64_Decoder);
pipe.process_msg(in);
diff --git a/doc/examples/rsa_enc.cpp b/doc/examples/rsa_enc.cpp
index ac609c4b3..b8e5d874b 100644
--- a/doc/examples/rsa_enc.cpp
+++ b/doc/examples/rsa_enc.cpp
@@ -34,9 +34,10 @@
#include <botan/botan.h>
#include <botan/pubkey.h>
#include <botan/rsa.h>
+#include <botan/base64.h>
+
using namespace Botan;
-std::string b64_encode(const SecureVector<byte>&);
SymmetricKey derive_key(const std::string&, const SymmetricKey&, u32bit);
int main(int argc, char* argv[])
@@ -98,10 +99,10 @@ int main(int argc, char* argv[])
SymmetricKey mac_key = derive_key("MAC", masterkey, 16);
SymmetricKey iv = derive_key("IV", masterkey, 8);
- SecureVector<byte> encrypted_key =
+ std::vector<byte> encrypted_key =
encryptor.encrypt(masterkey.bits_of(), rng);
- ciphertext << b64_encode(encrypted_key) << std::endl;
+ ciphertext << base64_encode(encrypted_key) << std::endl;
Pipe pipe(new Fork(
new Chain(
@@ -135,13 +136,6 @@ int main(int argc, char* argv[])
return 0;
}
-std::string b64_encode(const SecureVector<byte>& in)
- {
- Pipe pipe(new Base64_Encoder);
- pipe.process_msg(in);
- return pipe.read_all_as_string();
- }
-
SymmetricKey derive_key(const std::string& param,
const SymmetricKey& masterkey,
u32bit outputlength)
diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp
index 5de8a59ce..deb0ff460 100644
--- a/doc/examples/tls_client.cpp
+++ b/doc/examples/tls_client.cpp
@@ -168,7 +168,7 @@ void doit(RandomNumberGenerator& rng,
continue;
}
- const size_t needed = client.received_data(buf, got);
+ client.received_data(buf, got);
//std::cout << "Socket - got " << got << " bytes, need " << needed << "\n";
}
else if(FD_ISSET(STDIN_FILENO, &readfds))
diff --git a/doc/examples/tss.cpp b/doc/examples/tss.cpp
index 03d7699bf..aecf95796 100644
--- a/doc/examples/tss.cpp
+++ b/doc/examples/tss.cpp
@@ -11,7 +11,7 @@
namespace {
-void print(const Botan::SecureVector<Botan::byte>& r)
+void print(const Botan::secure_vector<Botan::byte>& r)
{
for(Botan::u32bit i = 0; i != r.size(); ++i)
printf("%02X", r[i]);
diff --git a/src/algo_base/buf_comp.h b/src/algo_base/buf_comp.h
index 7838571e9..87b57d252 100644
--- a/src/algo_base/buf_comp.h
+++ b/src/algo_base/buf_comp.h
@@ -34,9 +34,18 @@ class BOTAN_DLL Buffered_Computation
/**
* Add new input to process.
- * @param in the input to process as a MemoryRegion
+ * @param in the input to process as a secure_vector
*/
- void update(const MemoryRegion<byte>& in)
+ void update(const secure_vector<byte>& in)
+ {
+ add_data(&in[0], in.size());
+ }
+
+ /**
+ * Add new input to process.
+ * @param in the input to process as a std::vector
+ */
+ void update(const std::vector<byte>& in)
{
add_data(&in[0], in.size());
}
@@ -82,11 +91,11 @@ class BOTAN_DLL Buffered_Computation
/**
* Complete the computation and retrieve the
* final result.
- * @return SecureVector holding the result
+ * @return secure_vector holding the result
*/
- SecureVector<byte> final()
+ secure_vector<byte> final()
{
- SecureVector<byte> output(output_length());
+ secure_vector<byte> output(output_length());
final_result(&output[0]);
return output;
}
@@ -98,7 +107,7 @@ class BOTAN_DLL Buffered_Computation
* @param length the length of the byte array
* @result the result of the call to final()
*/
- SecureVector<byte> process(const byte in[], size_t length)
+ secure_vector<byte> process(const byte in[], size_t length)
{
add_data(in, length);
return final();
@@ -110,7 +119,13 @@ class BOTAN_DLL Buffered_Computation
* @param in the input to process
* @result the result of the call to final()
*/
- SecureVector<byte> process(const MemoryRegion<byte>& in)
+ secure_vector<byte> process(const secure_vector<byte>& in)
+ {
+ add_data(&in[0], in.size());
+ return final();
+ }
+
+ secure_vector<byte> process(const std::vector<byte>& in)
{
add_data(&in[0], in.size());
return final();
@@ -122,7 +137,7 @@ class BOTAN_DLL Buffered_Computation
* @param in the input to process as a string
* @result the result of the call to final()
*/
- SecureVector<byte> process(const std::string& in)
+ secure_vector<byte> process(const std::string& in)
{
update(in);
return final();
diff --git a/src/algo_base/symkey.cpp b/src/algo_base/symkey.cpp
index 5509b83bc..52b216361 100644
--- a/src/algo_base/symkey.cpp
+++ b/src/algo_base/symkey.cpp
@@ -40,10 +40,6 @@ OctetString::OctetString(const byte in[], size_t n)
bits.assign(in, in + n);
}
-OctetString::OctetString(const MemoryRegion<byte>& b) : bits(b)
- {
- }
-
/*
* Set the parity of each key byte to odd
*/
@@ -116,7 +112,7 @@ bool operator!=(const OctetString& s1, const OctetString& s2)
*/
OctetString operator+(const OctetString& k1, const OctetString& k2)
{
- SecureVector<byte> out;
+ secure_vector<byte> out;
out += k1.bits_of();
out += k2.bits_of();
return OctetString(out);
@@ -127,9 +123,10 @@ OctetString operator+(const OctetString& k1, const OctetString& k2)
*/
OctetString operator^(const OctetString& k1, const OctetString& k2)
{
- SecureVector<byte> ret(std::max(k1.length(), k2.length()));
+ secure_vector<byte> ret(std::max(k1.length(), k2.length()));
+
copy_mem(&ret[0], k1.begin(), k1.length());
- xor_buf(ret, k2.begin(), k2.length());
+ xor_buf(&ret[0], k2.begin(), k2.length());
return OctetString(ret);
}
diff --git a/src/algo_base/symkey.h b/src/algo_base/symkey.h
index 2ccc0b883..b47da8a69 100644
--- a/src/algo_base/symkey.h
+++ b/src/algo_base/symkey.h
@@ -25,9 +25,9 @@ class BOTAN_DLL OctetString
size_t length() const { return bits.size(); }
/**
- * @return this object as a SecureVector<byte>
+ * @return this object as a secure_vector<byte>
*/
- SecureVector<byte> bits_of() const { return bits; }
+ secure_vector<byte> bits_of() const { return bits; }
/**
* @return start of this string
@@ -80,9 +80,15 @@ class BOTAN_DLL OctetString
* Create a new OctetString
* @param in a bytestring
*/
- OctetString(const MemoryRegion<byte>& in);
+ OctetString(const secure_vector<byte>& in) : bits(in) {}
+
+ /**
+ * Create a new OctetString
+ * @param in a bytestring
+ */
+ OctetString(const std::vector<byte>& in) : bits(&in[0], &in[in.size()]) {}
private:
- SecureVector<byte> bits;
+ secure_vector<byte> bits;
};
/**
diff --git a/src/alloc/alloc_mmap/info.txt b/src/alloc/alloc_mmap/info.txt
deleted file mode 100644
index 562277a37..000000000
--- a/src/alloc/alloc_mmap/info.txt
+++ /dev/null
@@ -1,28 +0,0 @@
-define ALLOC_MMAP
-
-<source>
-mmap_mem.cpp
-</source>
-
-<header:internal>
-mmap_mem.h
-</header:internal>
-
-<os>
-linux
-freebsd
-dragonfly
-openbsd
-netbsd
-solaris
-qnx
-darwin
-tru64
-
-# Only without -ansi, otherwise can't get mkstemp
-#cygwin
-</os>
-
-<requires>
-mem_pool
-</requires>
diff --git a/src/alloc/alloc_mmap/mmap_mem.cpp b/src/alloc/alloc_mmap/mmap_mem.cpp
deleted file mode 100644
index b90b6d5f7..000000000
--- a/src/alloc/alloc_mmap/mmap_mem.cpp
+++ /dev/null
@@ -1,145 +0,0 @@
-/*
-* Memory Mapping Allocator
-* (C) 1999-2010 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/mmap_mem.h>
-#include <vector>
-#include <cstring>
-
-#include <sys/types.h>
-#include <sys/mman.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <stdlib.h>
-#include <fcntl.h>
-#include <errno.h>
-
-#ifndef MAP_FAILED
- #define MAP_FAILED -1
-#endif
-
-namespace Botan {
-
-namespace {
-
-/*
-* MemoryMapping_Allocator Exception
-*/
-class BOTAN_DLL MemoryMapping_Failed : public Exception
- {
- public:
- MemoryMapping_Failed(const std::string& msg) :
- Exception("MemoryMapping_Allocator: " + msg) {}
- };
-
-}
-
-/*
-* Memory Map a File into Memory
-*/
-void* MemoryMapping_Allocator::alloc_block(size_t n)
- {
- class TemporaryFile
- {
- public:
- int get_fd() const { return fd; }
-
- TemporaryFile(const std::string& base)
- {
- const std::string mkstemp_template = base + "XXXXXX";
-
- std::vector<char> filepath(mkstemp_template.begin(),
- mkstemp_template.end());
- filepath.push_back(0); // add terminating NULL
-
- mode_t old_umask = ::umask(077);
- fd = ::mkstemp(&filepath[0]);
- ::umask(old_umask);
-
- if(fd == -1)
- throw MemoryMapping_Failed("Temporary file allocation failed");
-
- if(::unlink(&filepath[0]) != 0)
- throw MemoryMapping_Failed("Could not unlink temporary file");
- }
-
- ~TemporaryFile()
- {
- /*
- * We can safely close here, because post-mmap the file
- * will continue to exist until the mmap is unmapped from
- * our address space upon deallocation (or process exit).
- */
- if(fd != -1 && ::close(fd) == -1)
- throw MemoryMapping_Failed("Could not close file");
- }
- private:
- int fd;
- };
-
- TemporaryFile file("/tmp/botan_");
-
- if(file.get_fd() == -1)
- throw MemoryMapping_Failed("Could not create file");
-
- std::vector<byte> zeros(4096);
-
- size_t remaining = n;
-
- while(remaining)
- {
- const size_t write_try = std::min(zeros.size(), remaining);
-
- ssize_t wrote_got = ::write(file.get_fd(),
- &zeros[0],
- write_try);
-
- if(wrote_got == -1 && errno != EINTR)
- throw MemoryMapping_Failed("Could not write to file");
-
- remaining -= wrote_got;
- }
-
-#ifndef MAP_NOSYNC
- #define MAP_NOSYNC 0
-#endif
-
- void* ptr = ::mmap(0, n,
- PROT_READ | PROT_WRITE,
- MAP_SHARED | MAP_NOSYNC,
- file.get_fd(), 0);
-
- if(ptr == static_cast<void*>(MAP_FAILED))
- throw MemoryMapping_Failed("Could not map file");
-
- return ptr;
- }
-
-/*
-* Remove a Memory Mapping
-*/
-void MemoryMapping_Allocator::dealloc_block(void* ptr, size_t n)
- {
- if(ptr == nullptr)
- return;
-
- const byte PATTERNS[] = { 0x00, 0xF5, 0x5A, 0xAF, 0x00 };
-
- // The char* casts are for Solaris, args are void* on most other systems
-
- for(size_t i = 0; i != sizeof(PATTERNS); ++i)
- {
- std::memset(ptr, PATTERNS[i], n);
-
- if(::msync(static_cast<char*>(ptr), n, MS_SYNC))
- throw MemoryMapping_Failed("Sync operation failed");
- }
-
- if(::munmap(static_cast<char*>(ptr), n))
- throw MemoryMapping_Failed("Could not unmap file");
- }
-
-}
diff --git a/src/alloc/alloc_mmap/mmap_mem.h b/src/alloc/alloc_mmap/mmap_mem.h
deleted file mode 100644
index c9983ed23..000000000
--- a/src/alloc/alloc_mmap/mmap_mem.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
-* Memory Mapping Allocator
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_MMAP_ALLOCATOR_H__
-#define BOTAN_MMAP_ALLOCATOR_H__
-
-#include <botan/internal/mem_pool.h>
-
-namespace Botan {
-
-/**
-* Allocator that uses memory maps backed by disk. We zeroize the map
-* upon deallocation. If swap occurs, the VM will swap to the shared
-* file backing rather than to a swap device, which means we know where
-* it is and can zap it later.
-*/
-class MemoryMapping_Allocator : public Pooling_Allocator
- {
- public:
- std::string type() const { return "mmap"; }
- private:
- void* alloc_block(size_t);
- void dealloc_block(void*, size_t);
- };
-
-}
-
-#endif
diff --git a/src/alloc/allocate.h b/src/alloc/allocate.h
deleted file mode 100644
index b8574be1e..000000000
--- a/src/alloc/allocate.h
+++ /dev/null
@@ -1,65 +0,0 @@
-/*
-* Allocator
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_ALLOCATOR_H__
-#define BOTAN_ALLOCATOR_H__
-
-#include <botan/types.h>
-#include <string>
-
-namespace Botan {
-
-/**
-* Allocator Interface
-*/
-class BOTAN_DLL Allocator
- {
- public:
- /**
- * Acquire a pointer to an allocator
- * @param locking is true if the allocator should attempt to
- * secure the memory (eg for using to store keys)
- * @return pointer to an allocator; ownership remains with library,
- * so do not delete
- */
- static Allocator* get(bool locking);
-
- /**
- * Allocate a block of memory
- * @param n how many bytes to allocate
- * @return pointer to n bytes of memory
- */
- virtual void* allocate(size_t n) = 0;
-
- /**
- * Deallocate memory allocated with allocate()
- * @param ptr the pointer returned by allocate()
- * @param n the size of the block pointed to by ptr
- */
- virtual void deallocate(void* ptr, size_t n) = 0;
-
- /**
- * @return name of this allocator type
- */
- virtual std::string type() const = 0;
-
- /**
- * Initialize the allocator
- */
- virtual void init() {}
-
- /**
- * Shutdown the allocator
- */
- virtual void destroy() {}
-
- virtual ~Allocator() {}
- };
-
-}
-
-#endif
diff --git a/src/alloc/info.txt b/src/alloc/info.txt
index 40e7bacdf..0ab7fa768 100644
--- a/src/alloc/info.txt
+++ b/src/alloc/info.txt
@@ -1,4 +1,3 @@
<header:public>
-allocate.h
secmem.h
</header:public>
diff --git a/src/alloc/mem_pool/info.txt b/src/alloc/mem_pool/info.txt
deleted file mode 100644
index f87ea4c4c..000000000
--- a/src/alloc/mem_pool/info.txt
+++ /dev/null
@@ -1,8 +0,0 @@
-
-<source>
-mem_pool.cpp
-</source>
-
-<header:internal>
-mem_pool.h
-</header:internal>
diff --git a/src/alloc/mem_pool/mem_pool.cpp b/src/alloc/mem_pool/mem_pool.cpp
deleted file mode 100644
index 770622149..000000000
--- a/src/alloc/mem_pool/mem_pool.cpp
+++ /dev/null
@@ -1,251 +0,0 @@
-/*
-* Pooling Allocator
-* (C) 1999-2008 Jack Lloyd
-* 2005 Matthew Gregan
-* 2005-2006 Matt Johnston
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/mem_pool.h>
-#include <botan/internal/rounding.h>
-#include <botan/mem_ops.h>
-#include <algorithm>
-#include <exception>
-
-namespace Botan {
-
-/*
-* Memory_Block Constructor
-*/
-Pooling_Allocator::Memory_Block::Memory_Block(void* buf)
- {
- buffer = static_cast<byte*>(buf);
- bitmap = 0;
- buffer_end = buffer + (BLOCK_SIZE * BITMAP_SIZE);
- }
-
-/*
-* See if ptr is contained by this block
-*/
-bool Pooling_Allocator::Memory_Block::contains(void* ptr,
- size_t length) const
- {
- return ((buffer <= ptr) &&
- (buffer_end >= static_cast<byte*>(ptr) + length * BLOCK_SIZE));
- }
-
-/*
-* Allocate some memory, if possible
-*/
-byte* Pooling_Allocator::Memory_Block::alloc(size_t n)
- {
- if(n == 0 || n > BITMAP_SIZE)
- return 0;
-
- if(n == BITMAP_SIZE)
- {
- if(bitmap)
- return nullptr;
- else
- {
- bitmap = ~bitmap;
- return buffer;
- }
- }
-
- bitmap_type mask = (static_cast<bitmap_type>(1) << n) - 1;
- size_t offset = 0;
-
- while(bitmap & mask)
- {
- mask <<= 1;
- ++offset;
-
- if((bitmap & mask) == 0)
- break;
- if(mask >> 63)
- break;
- }
-
- if(bitmap & mask)
- return nullptr;
-
- bitmap |= mask;
- return buffer + offset * BLOCK_SIZE;
- }
-
-/*
-* Mark this memory as free, if we own it
-*/
-void Pooling_Allocator::Memory_Block::free(void* ptr, size_t blocks)
- {
- clear_mem(static_cast<byte*>(ptr), blocks * BLOCK_SIZE);
-
- const size_t offset = (static_cast<byte*>(ptr) - buffer) / BLOCK_SIZE;
-
- if(offset == 0 && blocks == BITMAP_SIZE)
- bitmap = ~bitmap;
- else
- {
- for(size_t j = 0; j != blocks; ++j)
- bitmap &= ~(static_cast<bitmap_type>(1) << (j+offset));
- }
- }
-
-/*
-* Pooling_Allocator Constructor
-*/
-Pooling_Allocator::Pooling_Allocator()
- {
- last_used = blocks.begin();
- }
-
-/*
-* Pooling_Allocator Destructor
-*/
-Pooling_Allocator::~Pooling_Allocator()
- {
- if(blocks.size())
- throw Invalid_State("Pooling_Allocator: Never released memory");
- }
-
-/*
-* Free all remaining memory
-*/
-void Pooling_Allocator::destroy()
- {
- std::lock_guard<std::mutex> lock(mutex);
-
- blocks.clear();
-
- for(size_t j = 0; j != allocated.size(); ++j)
- dealloc_block(allocated[j].first, allocated[j].second);
- allocated.clear();
- }
-
-/*
-* Allocation
-*/
-void* Pooling_Allocator::allocate(size_t n)
- {
- const size_t BITMAP_SIZE = Memory_Block::bitmap_size();
- const size_t BLOCK_SIZE = Memory_Block::block_size();
-
- std::lock_guard<std::mutex> lock(mutex);
-
- if(n <= BITMAP_SIZE * BLOCK_SIZE)
- {
- const size_t block_no = round_up(n, BLOCK_SIZE) / BLOCK_SIZE;
-
- byte* mem = allocate_blocks(block_no);
- if(mem)
- return mem;
-
- get_more_core(BOTAN_MEM_POOL_CHUNK_SIZE);
-
- mem = allocate_blocks(block_no);
- if(mem)
- return mem;
-
- throw Memory_Exhaustion();
- }
-
- void* new_buf = alloc_block(n);
- if(new_buf)
- return new_buf;
-
- throw Memory_Exhaustion();
- }
-
-/*
-* Deallocation
-*/
-void Pooling_Allocator::deallocate(void* ptr, size_t n)
- {
- const size_t BITMAP_SIZE = Memory_Block::bitmap_size();
- const size_t BLOCK_SIZE = Memory_Block::block_size();
-
- if(ptr == nullptr && n == 0)
- return;
-
- std::lock_guard<std::mutex> lock(mutex);
-
- if(n > BITMAP_SIZE * BLOCK_SIZE)
- dealloc_block(ptr, n);
- else
- {
- const size_t block_no = round_up(n, BLOCK_SIZE) / BLOCK_SIZE;
-
- auto i = std::lower_bound(blocks.begin(), blocks.end(),
- Memory_Block(ptr));
-
- if(i == blocks.end() || !i->contains(ptr, block_no))
- throw Invalid_State("Pointer released to the wrong allocator");
-
- i->free(ptr, block_no);
- }
- }
-
-/*
-* Try to get some memory from an existing block
-*/
-byte* Pooling_Allocator::allocate_blocks(size_t n)
- {
- if(blocks.empty())
- return nullptr;
-
- auto i = last_used;
-
- do
- {
- byte* mem = i->alloc(n);
- if(mem)
- {
- last_used = i;
- return mem;
- }
-
- ++i;
- if(i == blocks.end())
- i = blocks.begin();
- }
- while(i != last_used);
-
- return nullptr;
- }
-
-/*
-* Allocate more memory for the pool
-*/
-void Pooling_Allocator::get_more_core(size_t in_bytes)
- {
- const size_t BITMAP_SIZE = Memory_Block::bitmap_size();
- const size_t BLOCK_SIZE = Memory_Block::block_size();
-
- const size_t TOTAL_BLOCK_SIZE = BLOCK_SIZE * BITMAP_SIZE;
-
- // upper bound on allocation is 1 MiB
- in_bytes = std::min<size_t>(in_bytes, 1024 * 1024);
-
- const size_t in_blocks = round_up(in_bytes, BLOCK_SIZE) / TOTAL_BLOCK_SIZE;
- const size_t to_allocate = in_blocks * TOTAL_BLOCK_SIZE;
-
- void* ptr = alloc_block(to_allocate);
- if(ptr == nullptr)
- throw Memory_Exhaustion();
-
- allocated.push_back(std::make_pair(ptr, to_allocate));
-
- for(size_t j = 0; j != in_blocks; ++j)
- {
- byte* byte_ptr = static_cast<byte*>(ptr);
- blocks.push_back(Memory_Block(byte_ptr + j * TOTAL_BLOCK_SIZE));
- }
-
- std::sort(blocks.begin(), blocks.end());
- last_used = std::lower_bound(blocks.begin(), blocks.end(),
- Memory_Block(ptr));
- }
-
-}
diff --git a/src/alloc/mem_pool/mem_pool.h b/src/alloc/mem_pool/mem_pool.h
deleted file mode 100644
index f2225e573..000000000
--- a/src/alloc/mem_pool/mem_pool.h
+++ /dev/null
@@ -1,74 +0,0 @@
-/*
-* Pooling Allocator
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_POOLING_ALLOCATOR_H__
-#define BOTAN_POOLING_ALLOCATOR_H__
-
-#include <botan/allocate.h>
-#include <botan/exceptn.h>
-#include <mutex>
-#include <utility>
-#include <vector>
-
-namespace Botan {
-
-/**
-* Pooling Allocator
-*/
-class Pooling_Allocator : public Allocator
- {
- public:
- void* allocate(size_t);
- void deallocate(void*, size_t);
-
- void destroy();
-
- Pooling_Allocator();
- ~Pooling_Allocator();
- private:
- void get_more_core(size_t);
- byte* allocate_blocks(size_t);
-
- virtual void* alloc_block(size_t) = 0;
- virtual void dealloc_block(void*, size_t) = 0;
-
- class Memory_Block
- {
- public:
- Memory_Block(void*);
-
- static size_t bitmap_size() { return BITMAP_SIZE; }
- static size_t block_size() { return BLOCK_SIZE; }
-
- bool contains(void*, size_t) const;
- byte* alloc(size_t);
- void free(void*, size_t);
-
- bool operator<(const Memory_Block& other) const
- {
- if(buffer < other.buffer && other.buffer < buffer_end)
- return false;
- return (buffer < other.buffer);
- }
- private:
- typedef u64bit bitmap_type;
- static const size_t BITMAP_SIZE = 8 * sizeof(bitmap_type);
- static const size_t BLOCK_SIZE = 64;
-
- bitmap_type bitmap;
- byte* buffer, *buffer_end;
- };
-
- std::vector<Memory_Block> blocks;
- std::vector<Memory_Block>::iterator last_used;
- std::vector<std::pair<void*, size_t> > allocated;
- std::mutex mutex;
- };
-
-}
-
-#endif
diff --git a/src/alloc/secmem.h b/src/alloc/secmem.h
index e6b2b71ec..7c27c8d3b 100644
--- a/src/alloc/secmem.h
+++ b/src/alloc/secmem.h
@@ -1,6 +1,6 @@
/*
* Secure Memory Buffers
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2007,2012 Jack Lloyd
*
* Distributed under the terms of the Botan license
*/
@@ -8,362 +8,87 @@
#ifndef BOTAN_SECURE_MEMORY_BUFFERS_H__
#define BOTAN_SECURE_MEMORY_BUFFERS_H__
-#include <botan/allocate.h>
#include <botan/mem_ops.h>
#include <algorithm>
+extern void note_alloc(int n);
+
namespace Botan {
-/**
-* This class represents variable length memory buffers.
-*/
template<typename T>
-class MemoryRegion
+class secure_allocator
{
public:
- /**
- * Find out the size of the buffer, i.e. how many objects of type T it
- * contains.
- * @return size of the buffer
- */
- size_t size() const { return used; }
-
- /**
- * Find out whether this buffer is empty.
- * @return true if the buffer is empty, false otherwise
- */
- bool empty() const { return (used == 0); }
-
- /**
- * Get a pointer to the first element in the buffer.
- * @return pointer to the first element in the buffer
- */
- operator T* () { return buf; }
+ typedef T value_type;
- /**
- * Get a constant pointer to the first element in the buffer.
- * @return constant pointer to the first element in the buffer
- */
- operator const T* () const { return buf; }
+ typedef T* pointer;
+ typedef const T* const_pointer;
- /**
- * Get a pointer to the first element in the buffer.
- * @return pointer to the first element in the buffer
- */
- T* begin() { return buf; }
-
- /**
- * Get a constant pointer to the first element in the buffer.
- * @return constant pointer to the first element in the buffer
- */
- const T* begin() const { return buf; }
-
- /**
- * Get a pointer to one past the last element in the buffer.
- * @return pointer to one past the last element in the buffer
- */
- T* end() { return (buf + size()); }
-
- /**
- * Get a const pointer to one past the last element in the buffer.
- * @return const pointer to one past the last element in the buffer
- */
- const T* end() const { return (buf + size()); }
-
- /**
- * Check two buffers for equality.
- * @return true iff the content of both buffers is byte-wise equal
- */
- bool operator==(const MemoryRegion<T>& other) const
- {
- return (size() == other.size() &&
- same_mem(buf, other.buf, size()));
- }
+ typedef T& reference;
+ typedef const T& const_reference;
- /**
- * Compare two buffers
- * @return true iff this is ordered before other
- */
- bool operator<(const MemoryRegion<T>& other) const;
+ typedef std::size_t size_type;
+ typedef std::ptrdiff_t difference_type;
- /**
- * Check two buffers for inequality.
- * @return false if the content of both buffers is byte-wise equal, true
- * otherwise.
- */
- bool operator!=(const MemoryRegion<T>& other) const
- { return (!(*this == other)); }
+ secure_allocator() noexcept {}
- /**
- * Copy the contents of another buffer into this buffer.
- * The former contents of *this are discarded.
- * @param other the buffer to copy the contents from.
- * @return reference to *this
- */
- MemoryRegion<T>& operator=(const MemoryRegion<T>& other)
- {
- if(this != &other)
- {
- this->resize(other.size());
- this->copy(&other[0], other.size());
- }
- return (*this);
- }
+ ~secure_allocator() noexcept {}
- /**
- * Copy the contents of an array of objects of type T into this buffer.
- * The former contents of *this are discarded.
- * The length of *this must be at least n, otherwise memory errors occur.
- * @param in the array to copy the contents from
- * @param n the length of in
- */
+ pointer address(reference x) const noexcept
+ { return std::addressof(x); }
- void copy(const T in[], size_t n)
- {
- copy_mem(buf, in, std::min(n, size()));
- }
+ const_pointer address(const_reference x) const noexcept
+ { return std::addressof(x); }
- void assign(const T* start, const T* end)
+ pointer allocate(size_type n, const void* = 0)
{
- resize(end - start);
- copy_mem(buf, start, (end - start));
+ pointer p = new T[n];
+ clear_mem(p, n);
+ note_alloc(sizeof(T)*n);
+ return p;
}
- /**
- * Append a single element.
- * @param x the element to append
- */
- void push_back(T x)
+ void deallocate(pointer p, size_type n)
{
- resize(size() + 1);
- buf[size()-1] = x;
+ clear_mem(p, n);
+ delete [] p;
+ note_alloc(-(int(n)*sizeof(T)));
}
- /**
- * Reset this buffer to an empty buffer with size zero.
- */
- void clear() { resize(0); }
-
- /**
- * Inserts or erases elements at the end such that the size
- * becomes n, leaving elements in the range 0...n unmodified if
- * set or otherwise zero-initialized
- * @param n length of the new buffer
- */
- void resize(size_t n);
-
- /**
- * Swap this buffer with another object.
- */
- void swap(MemoryRegion<T>& other);
-
- virtual ~MemoryRegion() { deallocate(buf, allocated); }
- protected:
- MemoryRegion() : buf(0), used(0), allocated(0), alloc(0) {}
-
- /**
- * Copy constructor
- * @param other the other region to copy
- */
- MemoryRegion(const MemoryRegion<T>& other) :
- buf(0),
- used(0),
- allocated(0),
- alloc(other.alloc)
+ size_type max_size() const noexcept
{
- resize(other.size());
- copy(&other[0], other.size());
+ return static_cast<size_type>(-1) / sizeof(T);
}
- /**
- * @param locking should we use a locking allocator
- * @param length the initial length to use
- */
- void init(bool locking, size_t length = 0)
- { alloc = Allocator::get(locking); resize(length); }
-
- private:
- T* allocate(size_t n)
- {
- return static_cast<T*>(alloc->allocate(sizeof(T)*n));
- }
+ template<typename U, typename... Args>
+ void
+ construct(U* p, Args&&... args)
+ { ::new((void *)p) U(std::forward<Args>(args)...); }
- void deallocate(T* p, size_t n)
- { if(alloc && p && n) alloc->deallocate(p, sizeof(T)*n); }
+ template<typename U> void destroy(U* p) { p->~U(); }
- T* buf;
- size_t used;
- size_t allocated;
- Allocator* alloc;
};
-/*
-* Change the size of the buffer
-*/
-template<typename T>
-void MemoryRegion<T>::resize(size_t n)
- {
- if(n <= allocated)
- {
- size_t zap = std::min(used, n);
- clear_mem(buf + zap, allocated - zap);
- used = n;
- }
- else
- {
- T* new_buf = allocate(n);
- copy_mem(new_buf, buf, used);
- deallocate(buf, allocated);
- buf = new_buf;
- allocated = used = n;
- }
- }
-
-/*
-* Compare this buffer with another one
-*/
-template<typename T>
-bool MemoryRegion<T>::operator<(const MemoryRegion<T>& other) const
- {
- const size_t min_size = std::min(size(), other.size());
+template<typename T> inline bool
+operator==(const secure_allocator<T>&, const secure_allocator<T>&)
+ { return true; }
- // This should probably be rewritten to run in constant time
- for(size_t i = 0; i != min_size; ++i)
- {
- if(buf[i] < other[i])
- return true;
- if(buf[i] > other[i])
- return false;
- }
+template<typename T> inline bool
+operator!=(const secure_allocator<T>&, const secure_allocator<T>&)
+ { return false; }
- // First min_size bytes are equal, shorter is first
- return (size() < other.size());
- }
+template<typename T> using secure_vector = std::vector<T, secure_allocator<T>>;
-/*
-* Swap this buffer with another one
-*/
template<typename T>
-void MemoryRegion<T>::swap(MemoryRegion<T>& x)
+std::vector<T> unlock(const secure_vector<T>& in)
{
- std::swap(buf, x.buf);
- std::swap(used, x.used);
- std::swap(allocated, x.allocated);
- std::swap(alloc, x.alloc);
+ std::vector<T> out(in.size());
+ copy_mem(&out[0], &in[0], in.size());
+ return out;
}
-/**
-* This class represents variable length buffers that do not
-* make use of memory locking.
-*/
-template<typename T>
-class MemoryVector : public MemoryRegion<T>
- {
- public:
- /**
- * Copy the contents of another buffer into this buffer.
- * @param in the buffer to copy the contents from
- * @return reference to *this
- */
- MemoryVector<T>& operator=(const MemoryRegion<T>& in)
- {
- if(this != &in)
- {
- this->resize(in.size());
- this->copy(&in[0], in.size());
- }
- return (*this);
- }
-
- /**
- * Create a buffer of the specified length.
- * @param n the length of the buffer to create.
- */
- MemoryVector(size_t n = 0) { this->init(false, n); }
-
- /**
- * Create a buffer with the specified contents.
- * @param in the array containing the data to be initially copied
- * into the newly created buffer
- * @param n the size of the arry in
- */
- MemoryVector(const T in[], size_t n)
- {
- this->init(false);
- this->resize(n);
- this->copy(in, n);
- }
-
- /**
- * Copy constructor.
- */
- MemoryVector(const MemoryRegion<T>& in)
- {
- this->init(false);
- this->resize(in.size());
- this->copy(&in[0], in.size());
- }
- };
-
-/**
-* This class represents variable length buffers using the operating
-* systems capability to lock memory, i.e. keeping it from being
-* swapped out to disk. In this way, a security hole allowing attackers
-* to find swapped out secret keys is closed.
-*/
-template<typename T>
-class SecureVector : public MemoryRegion<T>
- {
- public:
- /**
- * Copy the contents of another buffer into this buffer.
- * @param other the buffer to copy the contents from
- * @return reference to *this
- */
- SecureVector<T>& operator=(const MemoryRegion<T>& other)
- {
- if(this != &other)
- {
- this->resize(other.size());
- this->copy(&other[0], other.size());
- }
- return (*this);
- }
-
- /**
- * Create a buffer of the specified length.
- * @param n the length of the buffer to create.
- */
- SecureVector(size_t n = 0) { this->init(true, n); }
-
- /**
- * Create a buffer with the specified contents.
- * @param in the array containing the data to be initially copied
- * into the newly created buffer
- * @param n the size of the array in
- */
- SecureVector(const T in[], size_t n)
- {
- this->init(true);
- this->resize(n);
- this->copy(&in[0], n);
- }
-
- /**
- * Create a buffer with contents specified contents.
- * @param in the buffer holding the contents that will be
- * copied into the newly created buffer.
- */
- SecureVector(const MemoryRegion<T>& in)
- {
- this->init(true);
- this->resize(in.size());
- this->copy(&in[0], in.size());
- }
- };
-
-template<typename T>
-size_t buffer_insert(MemoryRegion<T>& buf,
+template<typename T, typename Alloc>
+size_t buffer_insert(std::vector<T, Alloc>& buf,
size_t buf_offset,
const T input[],
size_t input_length)
@@ -373,19 +98,20 @@ size_t buffer_insert(MemoryRegion<T>& buf,
return to_copy;
}
-template<typename T>
-size_t buffer_insert(MemoryRegion<T>& buf,
+template<typename T, typename Alloc, typename Alloc2>
+size_t buffer_insert(std::vector<T, Alloc>& buf,
size_t buf_offset,
- const MemoryRegion<T>& input)
+ const std::vector<T, Alloc2>& input)
{
const size_t to_copy = std::min(input.size(), buf.size() - buf_offset);
copy_mem(&buf[buf_offset], &input[0], to_copy);
return to_copy;
}
-template<typename T>
-MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
- const MemoryRegion<T>& in)
+template<typename T, typename Alloc, typename Alloc2>
+std::vector<T, Alloc>&
+operator+=(std::vector<T, Alloc>& out,
+ const std::vector<T, Alloc2>& in)
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.size());
@@ -393,17 +119,16 @@ MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
return out;
}
-template<typename T>
-MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
- T in)
+template<typename T, typename Alloc>
+std::vector<T, Alloc>& operator+=(std::vector<T, Alloc>& out, T in)
{
out.push_back(in);
return out;
}
-template<typename T, typename L>
-MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
- const std::pair<const T*, L>& in)
+template<typename T, typename Alloc, typename L>
+std::vector<T, Alloc>& operator+=(std::vector<T, Alloc>& out,
+ const std::pair<const T*, L>& in)
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.second);
@@ -411,9 +136,9 @@ MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
return out;
}
-template<typename T, typename L>
-MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
- const std::pair<T*, L>& in)
+template<typename T, typename Alloc, typename L>
+std::vector<T, Alloc>& operator+=(std::vector<T, Alloc>& out,
+ const std::pair<T*, L>& in)
{
const size_t copy_offset = out.size();
out.resize(out.size() + in.second);
@@ -425,22 +150,12 @@ MemoryRegion<T>& operator+=(MemoryRegion<T>& out,
* Zeroise the values; length remains unchanged
* @param vec the vector to zeroise
*/
-template<typename T>
-void zeroise(MemoryRegion<T>& vec)
+template<typename T, typename Alloc>
+void zeroise(std::vector<T, Alloc>& vec)
{
clear_mem(&vec[0], vec.size());
}
}
-namespace std {
-
-template<typename T>
-inline void swap(Botan::MemoryRegion<T>& x, Botan::MemoryRegion<T>& y)
- {
- x.swap(y);
- }
-
-}
-
#endif
diff --git a/src/alloc/system_alloc/defalloc.cpp b/src/alloc/system_alloc/defalloc.cpp
deleted file mode 100644
index 8e178bb14..000000000
--- a/src/alloc/system_alloc/defalloc.cpp
+++ /dev/null
@@ -1,103 +0,0 @@
-/*
-* Basic Allocators
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/internal/defalloc.h>
-#include <botan/internal/mlock.h>
-#include <botan/libstate.h>
-#include <cstdlib>
-#include <cstring>
-
-namespace Botan {
-
-namespace {
-
-/*
-* Perform Memory Allocation
-*/
-void* do_malloc(size_t n, bool do_lock)
- {
- void* ptr = std::malloc(n);
-
- if(!ptr)
- return 0;
-
- if(do_lock)
- lock_mem(ptr, n);
-
- std::memset(ptr, 0, n);
- return ptr;
- }
-
-/*
-* Perform Memory Deallocation
-*/
-void do_free(void* ptr, size_t n, bool do_lock)
- {
- if(!ptr)
- return;
-
- std::memset(ptr, 0, n);
- if(do_lock)
- unlock_mem(ptr, n);
-
- std::free(ptr);
- }
-
-}
-
-/*
-* Malloc_Allocator's Allocation
-*/
-void* Malloc_Allocator::allocate(size_t n)
- {
- void* ptr = do_malloc(n, false);
- if(!ptr)
- throw Memory_Exhaustion();
- return ptr;
- }
-
-/*
-* Malloc_Allocator's Deallocation
-*/
-void Malloc_Allocator::deallocate(void* ptr, size_t n)
- {
- do_free(ptr, n, false);
- }
-
-/*
-* Locking_Allocator's Allocation
-*/
-void* Locking_Allocator::alloc_block(size_t n)
- {
- return do_malloc(n, true);
- }
-
-/*
-* Locking_Allocator's Deallocation
-*/
-void Locking_Allocator::dealloc_block(void* ptr, size_t n)
- {
- do_free(ptr, n, true);
- }
-
-/*
-* Get an allocator
-*/
-Allocator* Allocator::get(bool locking)
- {
- std::string type = "";
- if(!locking)
- type = "malloc";
-
- Allocator* alloc = global_state().get_allocator(type);
- if(alloc)
- return alloc;
-
- throw Internal_Error("Couldn't find an allocator to use in get_allocator");
- }
-
-}
diff --git a/src/alloc/system_alloc/defalloc.h b/src/alloc/system_alloc/defalloc.h
deleted file mode 100644
index c4b90d081..000000000
--- a/src/alloc/system_alloc/defalloc.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
-* Basic Allocators
-* (C) 1999-2007 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#ifndef BOTAN_BASIC_ALLOC_H__
-#define BOTAN_BASIC_ALLOC_H__
-
-#include <botan/internal/mem_pool.h>
-
-namespace Botan {
-
-/**
-* Allocator using malloc
-*/
-class Malloc_Allocator : public Allocator
- {
- public:
- void* allocate(size_t);
- void deallocate(void*, size_t);
-
- std::string type() const { return "malloc"; }
- };
-
-/**
-* Allocator using malloc plus locking
-*/
-class Locking_Allocator : public Pooling_Allocator
- {
- public:
- std::string type() const { return "locking"; }
- private:
- void* alloc_block(size_t);
- void dealloc_block(void*, size_t);
- };
-
-}
-
-#endif
diff --git a/src/alloc/system_alloc/info.txt b/src/alloc/system_alloc/info.txt
deleted file mode 100644
index 87de0cb67..000000000
--- a/src/alloc/system_alloc/info.txt
+++ /dev/null
@@ -1,13 +0,0 @@
-
-<source>
-defalloc.cpp
-</source>
-
-<header:internal>
-defalloc.h
-</header:internal>
-
-<requires>
-libstate
-mem_pool
-</requires>
diff --git a/src/asn1/alg_id.cpp b/src/asn1/alg_id.cpp
index 665e42fb3..c4c6b6e24 100644
--- a/src/asn1/alg_id.cpp
+++ b/src/asn1/alg_id.cpp
@@ -16,7 +16,7 @@ namespace Botan {
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
- const MemoryRegion<byte>& param)
+ const std::vector<byte>& param)
{
oid = alg_id;
parameters = param;
@@ -26,7 +26,7 @@ AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const std::string& alg_id,
- const MemoryRegion<byte>& param)
+ const std::vector<byte>& param)
{
oid = OIDS::lookup(alg_id);
parameters = param;
diff --git a/src/asn1/alg_id.h b/src/asn1/alg_id.h
index 417a71b30..1ec6b62d3 100644
--- a/src/asn1/alg_id.h
+++ b/src/asn1/alg_id.h
@@ -29,11 +29,11 @@ class BOTAN_DLL AlgorithmIdentifier : public ASN1_Object
AlgorithmIdentifier(const OID&, Encoding_Option);
AlgorithmIdentifier(const std::string&, Encoding_Option);
- AlgorithmIdentifier(const OID&, const MemoryRegion<byte>&);
- AlgorithmIdentifier(const std::string&, const MemoryRegion<byte>&);
+ AlgorithmIdentifier(const OID&, const std::vector<byte>&);
+ AlgorithmIdentifier(const std::string&, const std::vector<byte>&);
OID oid;
- SecureVector<byte> parameters;
+ std::vector<byte> parameters;
};
/*
diff --git a/src/asn1/asn1_att.cpp b/src/asn1/asn1_att.cpp
index c8d771e25..c0adae643 100644
--- a/src/asn1/asn1_att.cpp
+++ b/src/asn1/asn1_att.cpp
@@ -15,7 +15,7 @@ namespace Botan {
/*
* Create an Attribute
*/
-Attribute::Attribute(const OID& attr_oid, const MemoryRegion<byte>& attr_value)
+Attribute::Attribute(const OID& attr_oid, const std::vector<byte>& attr_value)
{
oid = attr_oid;
parameters = attr_value;
@@ -25,7 +25,7 @@ Attribute::Attribute(const OID& attr_oid, const MemoryRegion<byte>& attr_value)
* Create an Attribute
*/
Attribute::Attribute(const std::string& attr_oid,
- const MemoryRegion<byte>& attr_value)
+ const std::vector<byte>& attr_value)
{
oid = OIDS::lookup(attr_oid);
parameters = attr_value;
diff --git a/src/asn1/asn1_int.cpp b/src/asn1/asn1_int.cpp
index bb4a3ecf7..ff8eba54e 100644
--- a/src/asn1/asn1_int.cpp
+++ b/src/asn1/asn1_int.cpp
@@ -31,13 +31,13 @@ namespace ASN1 {
/*
* Put some arbitrary bytes into a SEQUENCE
*/
-SecureVector<byte> put_in_sequence(const MemoryRegion<byte>& contents)
+std::vector<byte> put_in_sequence(const std::vector<byte>& contents)
{
return DER_Encoder()
.start_cons(SEQUENCE)
.raw_bytes(contents)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
diff --git a/src/asn1/asn1_int.h b/src/asn1/asn1_int.h
index 25b3cf100..37edc4e3c 100644
--- a/src/asn1/asn1_int.h
+++ b/src/asn1/asn1_int.h
@@ -80,7 +80,7 @@ class BOTAN_DLL BER_Object
void assert_is_a(ASN1_Tag, ASN1_Tag);
ASN1_Tag type_tag, class_tag;
- SecureVector<byte> value;
+ secure_vector<byte> value;
};
/*
@@ -90,7 +90,7 @@ class DataSource;
namespace ASN1 {
-SecureVector<byte> put_in_sequence(const MemoryRegion<byte>& val);
+std::vector<byte> put_in_sequence(const std::vector<byte>& val);
std::string to_string(const BER_Object& obj);
/**
diff --git a/src/asn1/asn1_obj.h b/src/asn1/asn1_obj.h
index 3cd8422e6..cee5a18ed 100644
--- a/src/asn1/asn1_obj.h
+++ b/src/asn1/asn1_obj.h
@@ -29,11 +29,11 @@ class BOTAN_DLL Attribute : public ASN1_Object
void decode_from(class BER_Decoder& from);
OID oid;
- MemoryVector<byte> parameters;
+ std::vector<byte> parameters;
Attribute() {}
- Attribute(const OID&, const MemoryRegion<byte>&);
- Attribute(const std::string&, const MemoryRegion<byte>&);
+ Attribute(const OID&, const std::vector<byte>&);
+ Attribute(const std::string&, const std::vector<byte>&);
};
/**
diff --git a/src/asn1/asn1_oid.cpp b/src/asn1/asn1_oid.cpp
index 750eb90f7..009b1c2fc 100644
--- a/src/asn1/asn1_oid.cpp
+++ b/src/asn1/asn1_oid.cpp
@@ -129,7 +129,7 @@ void OID::encode_into(DER_Encoder& der) const
if(id.size() < 2)
throw Invalid_Argument("OID::encode_into: OID is invalid");
- MemoryVector<byte> encoding;
+ std::vector<byte> encoding;
encoding.push_back(40 * id[0] + id[1]);
for(size_t i = 2; i != id.size(); ++i)
diff --git a/src/asn1/ber_dec.cpp b/src/asn1/ber_dec.cpp
index 3754bb158..ea0a380d4 100644
--- a/src/asn1/ber_dec.cpp
+++ b/src/asn1/ber_dec.cpp
@@ -99,7 +99,7 @@ size_t decode_length(DataSource* ber)
*/
size_t find_eoc(DataSource* ber)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE), data;
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE), data;
while(true)
{
@@ -171,7 +171,16 @@ BER_Decoder& BER_Decoder::verify_end()
/*
* Save all the bytes remaining in the source
*/
-BER_Decoder& BER_Decoder::raw_bytes(MemoryRegion<byte>& out)
+BER_Decoder& BER_Decoder::raw_bytes(secure_vector<byte>& out)
+ {
+ out.clear();
+ byte buf;
+ while(source->read_byte(buf))
+ out.push_back(buf);
+ return (*this);
+ }
+
+BER_Decoder& BER_Decoder::raw_bytes(std::vector<byte>& out)
{
out.clear();
byte buf;
@@ -212,7 +221,10 @@ BER_Object BER_Decoder::get_next_object()
size_t length = decode_length(source);
next.value.resize(length);
if(source->read(&next.value[0], length) != length)
+ {
+ abort();
throw BER_Decoding_Error("Value truncated");
+ }
if(next.type_tag == EOC && next.class_tag == UNIVERSAL)
return get_next_object();
@@ -281,7 +293,7 @@ BER_Decoder::BER_Decoder(const byte data[], size_t length)
/*
* BER_Decoder Constructor
*/
-BER_Decoder::BER_Decoder(const MemoryRegion<byte>& data)
+BER_Decoder::BER_Decoder(const secure_vector<byte>& data)
{
source = new DataSource_Memory(data);
owns = true;
@@ -290,6 +302,17 @@ BER_Decoder::BER_Decoder(const MemoryRegion<byte>& data)
}
/*
+* BER_Decoder Constructor
+*/
+BER_Decoder::BER_Decoder(const std::vector<byte>& data)
+ {
+ source = new DataSource_Memory(&data[0], data.size());
+ owns = true;
+ pushed.type_tag = pushed.class_tag = NO_OBJECT;
+ parent = 0;
+ }
+
+/*
* BER_Decoder Copy Constructor
*/
BER_Decoder::BER_Decoder(const BER_Decoder& other)
@@ -362,7 +385,7 @@ BER_Decoder& BER_Decoder::decode(BigInt& out)
BER_Decoder& BER_Decoder::decode_octet_string_bigint(BigInt& out)
{
- SecureVector<byte> out_vec;
+ secure_vector<byte> out_vec;
decode(out_vec, OCTET_STRING);
out = BigInt::decode(&out_vec[0], out_vec.size());
return (*this);
@@ -462,7 +485,15 @@ BER_Decoder& BER_Decoder::decode(BigInt& out,
/*
* BER decode a BIT STRING or OCTET STRING
*/
-BER_Decoder& BER_Decoder::decode(MemoryRegion<byte>& out, ASN1_Tag real_type)
+BER_Decoder& BER_Decoder::decode(secure_vector<byte>& out, ASN1_Tag real_type)
+ {
+ return decode(out, real_type, real_type, UNIVERSAL);
+ }
+
+/*
+* BER decode a BIT STRING or OCTET STRING
+*/
+BER_Decoder& BER_Decoder::decode(std::vector<byte>& out, ASN1_Tag real_type)
{
return decode(out, real_type, real_type, UNIVERSAL);
}
@@ -470,7 +501,7 @@ BER_Decoder& BER_Decoder::decode(MemoryRegion<byte>& out, ASN1_Tag real_type)
/*
* BER decode a BIT STRING or OCTET STRING
*/
-BER_Decoder& BER_Decoder::decode(MemoryRegion<byte>& buffer,
+BER_Decoder& BER_Decoder::decode(secure_vector<byte>& buffer,
ASN1_Tag real_type,
ASN1_Tag type_tag, ASN1_Tag class_tag)
{
@@ -493,10 +524,50 @@ BER_Decoder& BER_Decoder::decode(MemoryRegion<byte>& buffer,
return (*this);
}
+BER_Decoder& BER_Decoder::decode(std::vector<byte>& buffer,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag, ASN1_Tag class_tag)
+ {
+ if(real_type != OCTET_STRING && real_type != BIT_STRING)
+ throw BER_Bad_Tag("Bad tag for {BIT,OCTET} STRING", real_type);
+
+ BER_Object obj = get_next_object();
+ obj.assert_is_a(type_tag, class_tag);
+
+ if(real_type == OCTET_STRING)
+ buffer = unlock(obj.value);
+ else
+ {
+ if(obj.value[0] >= 8)
+ throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
+
+ buffer.resize(obj.value.size() - 1);
+ copy_mem(&buffer[0], &obj.value[1], obj.value.size() - 1);
+ }
+ return (*this);
+ }
+
/*
* Decode an OPTIONAL string type
*/
-BER_Decoder& BER_Decoder::decode_optional_string(MemoryRegion<byte>& out,
+BER_Decoder& BER_Decoder::decode_optional_string(secure_vector<byte>& out,
+ ASN1_Tag real_type,
+ u16bit type_no)
+ {
+ BER_Object obj = get_next_object();
+
+ ASN1_Tag type_tag = static_cast<ASN1_Tag>(type_no);
+
+ out.clear();
+ push_back(obj);
+
+ if(obj.type_tag == type_tag && obj.class_tag == CONTEXT_SPECIFIC)
+ decode(out, real_type, type_tag, CONTEXT_SPECIFIC);
+
+ return (*this);
+ }
+
+BER_Decoder& BER_Decoder::decode_optional_string(std::vector<byte>& out,
ASN1_Tag real_type,
u16bit type_no)
{
diff --git a/src/asn1/ber_dec.h b/src/asn1/ber_dec.h
index 87039ed93..6b010fcc4 100644
--- a/src/asn1/ber_dec.h
+++ b/src/asn1/ber_dec.h
@@ -29,13 +29,15 @@ class BOTAN_DLL BER_Decoder
BER_Decoder start_cons(ASN1_Tag type_tag, ASN1_Tag class_tag = UNIVERSAL);
BER_Decoder& end_cons();
- BER_Decoder& raw_bytes(MemoryRegion<byte>& v);
+ BER_Decoder& raw_bytes(secure_vector<byte>& v);
+ BER_Decoder& raw_bytes(std::vector<byte>& v);
BER_Decoder& decode_null();
BER_Decoder& decode(bool& v);
BER_Decoder& decode(size_t& v);
BER_Decoder& decode(class BigInt& v);
- BER_Decoder& decode(MemoryRegion<byte>& v, ASN1_Tag type_tag);
+ BER_Decoder& decode(std::vector<byte>& v, ASN1_Tag type_tag);
+ BER_Decoder& decode(secure_vector<byte>& v, ASN1_Tag type_tag);
BER_Decoder& decode(bool& v,
ASN1_Tag type_tag,
@@ -49,7 +51,12 @@ class BOTAN_DLL BER_Decoder
ASN1_Tag type_tag,
ASN1_Tag class_tag = CONTEXT_SPECIFIC);
- BER_Decoder& decode(MemoryRegion<byte>& v,
+ BER_Decoder& decode(std::vector<byte>& v,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag = CONTEXT_SPECIFIC);
+
+ BER_Decoder& decode(secure_vector<byte>& v,
ASN1_Tag real_type,
ASN1_Tag type_tag,
ASN1_Tag class_tag = CONTEXT_SPECIFIC);
@@ -99,15 +106,24 @@ class BOTAN_DLL BER_Decoder
return (*this);
}
- BER_Decoder& decode_optional_string(MemoryRegion<byte>& out,
+ BER_Decoder& decode_optional_string(std::vector<byte>& out,
+ ASN1_Tag real_type,
+ u16bit type_no);
+
+ BER_Decoder& decode_optional_string(secure_vector<byte>& out,
ASN1_Tag real_type,
u16bit type_no);
BER_Decoder& operator=(const BER_Decoder&) = delete;
BER_Decoder(DataSource&);
+
BER_Decoder(const byte[], size_t);
- BER_Decoder(const MemoryRegion<byte>&);
+
+ BER_Decoder(const secure_vector<byte>&);
+
+ BER_Decoder(const std::vector<byte>& vec);
+
BER_Decoder(const BER_Decoder&);
~BER_Decoder();
private:
diff --git a/src/asn1/der_enc.cpp b/src/asn1/der_enc.cpp
index d19e434f0..ea9dfe9f8 100644
--- a/src/asn1/der_enc.cpp
+++ b/src/asn1/der_enc.cpp
@@ -20,13 +20,13 @@ namespace {
/*
* DER encode an ASN.1 type tag
*/
-SecureVector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
+secure_vector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
{
if((class_tag | 0xE0) != 0xE0)
throw Encoding_Error("DER_Encoder: Invalid class tag " +
std::to_string(class_tag));
- SecureVector<byte> encoded_tag;
+ secure_vector<byte> encoded_tag;
if(type_tag <= 30)
encoded_tag.push_back(static_cast<byte>(type_tag | class_tag));
else
@@ -46,9 +46,9 @@ SecureVector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
/*
* DER encode an ASN.1 length field
*/
-SecureVector<byte> encode_length(size_t length)
+secure_vector<byte> encode_length(size_t length)
{
- SecureVector<byte> encoded_length;
+ secure_vector<byte> encoded_length;
if(length <= 127)
encoded_length.push_back(static_cast<byte>(length));
else
@@ -68,7 +68,7 @@ SecureVector<byte> encode_length(size_t length)
/*
* Return the encoded SEQUENCE/SET
*/
-SecureVector<byte> DER_Encoder::DER_Sequence::get_contents()
+secure_vector<byte> DER_Encoder::DER_Sequence::get_contents()
{
const ASN1_Tag real_class_tag = ASN1_Tag(class_tag | CONSTRUCTED);
@@ -80,7 +80,7 @@ SecureVector<byte> DER_Encoder::DER_Sequence::get_contents()
set_contents.clear();
}
- SecureVector<byte> result;
+ secure_vector<byte> result;
result += encode_tag(type_tag, real_class_tag);
result += encode_length(contents.size());
result += contents;
@@ -95,7 +95,7 @@ SecureVector<byte> DER_Encoder::DER_Sequence::get_contents()
void DER_Encoder::DER_Sequence::add_bytes(const byte data[], size_t length)
{
if(type_tag == SET)
- set_contents.push_back(SecureVector<byte>(data, length));
+ set_contents.push_back(secure_vector<byte>(data, data + length));
else
contents += std::make_pair(data, length);
}
@@ -119,12 +119,12 @@ DER_Encoder::DER_Sequence::DER_Sequence(ASN1_Tag t1, ASN1_Tag t2) :
/*
* Return the encoded contents
*/
-SecureVector<byte> DER_Encoder::get_contents()
+secure_vector<byte> DER_Encoder::get_contents()
{
if(subsequences.size() != 0)
throw Invalid_State("DER_Encoder: Sequence hasn't been marked done");
- SecureVector<byte> output;
+ secure_vector<byte> output;
std::swap(output, contents);
return output;
}
@@ -147,7 +147,7 @@ DER_Encoder& DER_Encoder::end_cons()
if(subsequences.empty())
throw Invalid_State("DER_Encoder::end_cons: No such sequence");
- SecureVector<byte> seq = subsequences[subsequences.size()-1].get_contents();
+ secure_vector<byte> seq = subsequences[subsequences.size()-1].get_contents();
subsequences.pop_back();
raw_bytes(seq);
return (*this);
@@ -177,7 +177,12 @@ DER_Encoder& DER_Encoder::end_explicit()
/*
* Write raw bytes into the stream
*/
-DER_Encoder& DER_Encoder::raw_bytes(const MemoryRegion<byte>& val)
+DER_Encoder& DER_Encoder::raw_bytes(const secure_vector<byte>& val)
+ {
+ return raw_bytes(&val[0], val.size());
+ }
+
+DER_Encoder& DER_Encoder::raw_bytes(const std::vector<byte>& val)
{
return raw_bytes(&val[0], val.size());
}
@@ -230,7 +235,17 @@ DER_Encoder& DER_Encoder::encode(const BigInt& n)
/*
* DER encode an OCTET STRING or BIT STRING
*/
-DER_Encoder& DER_Encoder::encode(const MemoryRegion<byte>& bytes,
+DER_Encoder& DER_Encoder::encode(const secure_vector<byte>& bytes,
+ ASN1_Tag real_type)
+ {
+ return encode(&bytes[0], bytes.size(),
+ real_type, real_type, UNIVERSAL);
+ }
+
+/*
+* DER encode an OCTET STRING or BIT STRING
+*/
+DER_Encoder& DER_Encoder::encode(const std::vector<byte>& bytes,
ASN1_Tag real_type)
{
return encode(&bytes[0], bytes.size(),
@@ -275,7 +290,7 @@ DER_Encoder& DER_Encoder::encode(const BigInt& n,
return add_object(type_tag, class_tag, 0);
bool extra_zero = (n.bits() % 8 == 0);
- SecureVector<byte> contents(extra_zero + n.bytes());
+ secure_vector<byte> contents(extra_zero + n.bytes());
BigInt::encode(&contents[extra_zero], n);
if(n < 0)
{
@@ -292,7 +307,18 @@ DER_Encoder& DER_Encoder::encode(const BigInt& n,
/*
* DER encode an OCTET STRING or BIT STRING
*/
-DER_Encoder& DER_Encoder::encode(const MemoryRegion<byte>& bytes,
+DER_Encoder& DER_Encoder::encode(const secure_vector<byte>& bytes,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag, ASN1_Tag class_tag)
+ {
+ return encode(&bytes[0], bytes.size(),
+ real_type, type_tag, class_tag);
+ }
+
+/*
+* DER encode an OCTET STRING or BIT STRING
+*/
+DER_Encoder& DER_Encoder::encode(const std::vector<byte>& bytes,
ASN1_Tag real_type,
ASN1_Tag type_tag, ASN1_Tag class_tag)
{
@@ -312,7 +338,7 @@ DER_Encoder& DER_Encoder::encode(const byte bytes[], size_t length,
if(real_type == BIT_STRING)
{
- SecureVector<byte> encoded;
+ secure_vector<byte> encoded;
encoded.push_back(0);
encoded += std::make_pair(bytes, length);
return add_object(type_tag, class_tag, encoded);
@@ -346,7 +372,7 @@ DER_Encoder& DER_Encoder::encode(const ASN1_Object& obj)
DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
const byte rep[], size_t length)
{
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
buffer += encode_tag(type_tag, class_tag);
buffer += encode_length(length);
buffer += std::make_pair(rep, length);
@@ -358,17 +384,6 @@ DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
* Write the encoding of the byte(s)
*/
DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
- const MemoryRegion<byte>& rep_buf)
- {
- const byte* rep = &rep_buf[0];
- const size_t rep_len = rep_buf.size();
- return add_object(type_tag, class_tag, rep, rep_len);
- }
-
-/*
-* Write the encoding of the byte(s)
-*/
-DER_Encoder& DER_Encoder::add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
const std::string& rep_str)
{
const byte* rep = reinterpret_cast<const byte*>(rep_str.data());
diff --git a/src/asn1/der_enc.h b/src/asn1/der_enc.h
index 183e43b80..adab02247 100644
--- a/src/asn1/der_enc.h
+++ b/src/asn1/der_enc.h
@@ -22,7 +22,10 @@ class ASN1_Object;
class BOTAN_DLL DER_Encoder
{
public:
- SecureVector<byte> get_contents();
+ secure_vector<byte> get_contents();
+
+ std::vector<byte> get_contents_unlocked()
+ { return unlock(get_contents()); }
DER_Encoder& start_cons(ASN1_Tag type_tag,
ASN1_Tag class_tag = UNIVERSAL);
@@ -32,13 +35,15 @@ class BOTAN_DLL DER_Encoder
DER_Encoder& end_explicit();
DER_Encoder& raw_bytes(const byte val[], size_t len);
- DER_Encoder& raw_bytes(const MemoryRegion<byte>& val);
+ DER_Encoder& raw_bytes(const secure_vector<byte>& val);
+ DER_Encoder& raw_bytes(const std::vector<byte>& val);
DER_Encoder& encode_null();
DER_Encoder& encode(bool b);
DER_Encoder& encode(size_t s);
DER_Encoder& encode(const BigInt& n);
- DER_Encoder& encode(const MemoryRegion<byte>& v, ASN1_Tag real_type);
+ DER_Encoder& encode(const secure_vector<byte>& v, ASN1_Tag real_type);
+ DER_Encoder& encode(const std::vector<byte>& v, ASN1_Tag real_type);
DER_Encoder& encode(const byte val[], size_t len, ASN1_Tag real_type);
DER_Encoder& encode(bool b,
@@ -53,7 +58,12 @@ class BOTAN_DLL DER_Encoder
ASN1_Tag type_tag,
ASN1_Tag class_tag = CONTEXT_SPECIFIC);
- DER_Encoder& encode(const MemoryRegion<byte>& v,
+ DER_Encoder& encode(const std::vector<byte>& v,
+ ASN1_Tag real_type,
+ ASN1_Tag type_tag,
+ ASN1_Tag class_tag = CONTEXT_SPECIFIC);
+
+ DER_Encoder& encode(const secure_vector<byte>& v,
ASN1_Tag real_type,
ASN1_Tag type_tag,
ASN1_Tag class_tag = CONTEXT_SPECIFIC);
@@ -86,7 +96,16 @@ class BOTAN_DLL DER_Encoder
const byte rep[], size_t length);
DER_Encoder& add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
- const MemoryRegion<byte>& rep);
+ const std::vector<byte>& rep)
+ {
+ return add_object(type_tag, class_tag, &rep[0], rep.size());
+ }
+
+ DER_Encoder& add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
+ const secure_vector<byte>& rep)
+ {
+ return add_object(type_tag, class_tag, &rep[0], rep.size());
+ }
DER_Encoder& add_object(ASN1_Tag type_tag, ASN1_Tag class_tag,
const std::string& str);
@@ -99,16 +118,16 @@ class BOTAN_DLL DER_Encoder
{
public:
ASN1_Tag tag_of() const;
- SecureVector<byte> get_contents();
+ secure_vector<byte> get_contents();
void add_bytes(const byte[], size_t);
DER_Sequence(ASN1_Tag, ASN1_Tag);
private:
ASN1_Tag type_tag, class_tag;
- SecureVector<byte> contents;
- std::vector< SecureVector<byte> > set_contents;
+ secure_vector<byte> contents;
+ std::vector< secure_vector<byte> > set_contents;
};
- SecureVector<byte> contents;
+ secure_vector<byte> contents;
std::vector<DER_Sequence> subsequences;
};
diff --git a/src/asn1/x509_dn.cpp b/src/asn1/x509_dn.cpp
index 984645cfe..8504bed16 100644
--- a/src/asn1/x509_dn.cpp
+++ b/src/asn1/x509_dn.cpp
@@ -106,7 +106,7 @@ std::vector<std::string> X509_DN::get_attribute(const std::string& attr) const
/*
* Return the BER encoded data, if any
*/
-MemoryVector<byte> X509_DN::get_bits() const
+std::vector<byte> X509_DN::get_bits() const
{
return dn_bits;
}
@@ -247,7 +247,7 @@ void X509_DN::encode_into(DER_Encoder& der) const
*/
void X509_DN::decode_from(BER_Decoder& source)
{
- MemoryVector<byte> bits;
+ std::vector<byte> bits;
source.start_cons(SEQUENCE)
.raw_bytes(bits)
diff --git a/src/asn1/x509_dn.h b/src/asn1/x509_dn.h
index 3f63eb49c..a7b2b24d3 100644
--- a/src/asn1/x509_dn.h
+++ b/src/asn1/x509_dn.h
@@ -34,14 +34,14 @@ class BOTAN_DLL X509_DN : public ASN1_Object
static std::string deref_info_field(const std::string&);
- MemoryVector<byte> get_bits() const;
+ std::vector<byte> get_bits() const;
X509_DN();
X509_DN(const std::multimap<OID, std::string>&);
X509_DN(const std::multimap<std::string, std::string>&);
private:
std::multimap<OID, ASN1_String> dn_info;
- MemoryVector<byte> dn_bits;
+ std::vector<byte> dn_bits;
};
bool BOTAN_DLL operator==(const X509_DN&, const X509_DN&);
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index 5f47762a8..42db7abae 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -414,8 +414,8 @@ const u32bit TD[1024] = {
*/
void aes_encrypt_n(const byte in[], byte out[],
size_t blocks,
- const MemoryRegion<u32bit>& EK,
- const MemoryRegion<byte>& ME)
+ const secure_vector<u32bit>& EK,
+ const secure_vector<byte>& ME)
{
const size_t BLOCK_SIZE = 16;
@@ -525,8 +525,8 @@ void aes_encrypt_n(const byte in[], byte out[],
* AES Decryption
*/
void aes_decrypt_n(const byte in[], byte out[], size_t blocks,
- const MemoryRegion<u32bit>& DK,
- const MemoryRegion<byte>& MD)
+ const secure_vector<u32bit>& DK,
+ const secure_vector<byte>& MD)
{
const size_t BLOCK_SIZE = 16;
@@ -606,10 +606,10 @@ void aes_decrypt_n(const byte in[], byte out[], size_t blocks,
}
void aes_key_schedule(const byte key[], size_t length,
- MemoryRegion<u32bit>& EK,
- MemoryRegion<u32bit>& DK,
- MemoryRegion<byte>& ME,
- MemoryRegion<byte>& MD)
+ secure_vector<u32bit>& EK,
+ secure_vector<u32bit>& DK,
+ secure_vector<byte>& ME,
+ secure_vector<byte>& MD)
{
static const u32bit RC[10] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
@@ -617,7 +617,7 @@ void aes_key_schedule(const byte key[], size_t length,
const size_t rounds = (length / 4) + 6;
- SecureVector<u32bit> XEK(length + 32), XDK(length + 32);
+ secure_vector<u32bit> XEK(length + 32), XDK(length + 32);
const size_t X = length / 4;
for(size_t i = 0; i != X; ++i)
diff --git a/src/block/aes/aes.h b/src/block/aes/aes.h
index a165f83b5..f6f683bf9 100644
--- a/src/block/aes/aes.h
+++ b/src/block/aes/aes.h
@@ -30,8 +30,8 @@ class BOTAN_DLL AES_128 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u32bit> EK, DK;
- SecureVector<byte> ME, MD;
+ secure_vector<u32bit> EK, DK;
+ secure_vector<byte> ME, MD;
};
/**
@@ -52,8 +52,8 @@ class BOTAN_DLL AES_192 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u32bit> EK, DK;
- SecureVector<byte> ME, MD;
+ secure_vector<u32bit> EK, DK;
+ secure_vector<byte> ME, MD;
};
/**
@@ -74,8 +74,8 @@ class BOTAN_DLL AES_256 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u32bit> EK, DK;
- SecureVector<byte> ME, MD;
+ secure_vector<u32bit> EK, DK;
+ secure_vector<byte> ME, MD;
};
}
diff --git a/src/block/aes_ni/aes_ni.h b/src/block/aes_ni/aes_ni.h
index ae9e5b3f4..4844b7fe8 100644
--- a/src/block/aes_ni/aes_ni.h
+++ b/src/block/aes_ni/aes_ni.h
@@ -31,7 +31,7 @@ class BOTAN_DLL AES_128_NI : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
/**
@@ -53,7 +53,7 @@ class BOTAN_DLL AES_192_NI : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
/**
@@ -75,7 +75,7 @@ class BOTAN_DLL AES_256_NI : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
}
diff --git a/src/block/aes_ssse3/aes_ssse3.h b/src/block/aes_ssse3/aes_ssse3.h
index 686b7999f..3d7c16f42 100644
--- a/src/block/aes_ssse3/aes_ssse3.h
+++ b/src/block/aes_ssse3/aes_ssse3.h
@@ -29,7 +29,7 @@ class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
/**
@@ -49,7 +49,7 @@ class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
/**
@@ -69,7 +69,7 @@ class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
}
diff --git a/src/block/block_cipher.h b/src/block/block_cipher.h
index 8e820fc5a..4a07bb048 100644
--- a/src/block/block_cipher.h
+++ b/src/block/block_cipher.h
@@ -75,6 +75,50 @@ class BOTAN_DLL BlockCipher : public SymmetricAlgorithm
/**
* Encrypt one or more blocks
+ * @param block the input/output buffer (multiple of block_size())
+ */
+ template<typename Alloc>
+ void encrypt(std::vector<byte, Alloc>& block) const
+ {
+ return encrypt_n(&block[0], &block[0], block.size() / block_size());
+ }
+
+ /**
+ * Decrypt one or more blocks
+ * @param block the input/output buffer (multiple of block_size())
+ */
+ template<typename Alloc>
+ void decrypt(std::vector<byte, Alloc>& block) const
+ {
+ return decrypt_n(&block[0], &block[0], block.size() / block_size());
+ }
+
+ /**
+ * Encrypt one or more blocks
+ * @param in the input buffer (multiple of block_size())
+ * @param out the output buffer (same size as in)
+ */
+ template<typename Alloc, typename Alloc2>
+ void encrypt(const std::vector<byte, Alloc>& in,
+ std::vector<byte, Alloc2>& out) const
+ {
+ return encrypt_n(&in[0], &out[0], in.size() / block_size());
+ }
+
+ /**
+ * Decrypt one or more blocks
+ * @param in the input buffer (multiple of block_size())
+ * @param out the output buffer (same size as in)
+ */
+ template<typename Alloc, typename Alloc2>
+ void decrypt(const std::vector<byte, Alloc>& in,
+ std::vector<byte, Alloc2>& out) const
+ {
+ return decrypt_n(&in[0], &out[0], in.size() / block_size());
+ }
+
+ /**
+ * Encrypt one or more blocks
* @param in the input buffer (multiple of block_size())
* @param out the output buffer (same size as in)
* @param blocks the number of blocks to process
diff --git a/src/block/blowfish/blowfish.cpp b/src/block/blowfish/blowfish.cpp
index b6319eec0..9f5ac1724 100644
--- a/src/block/blowfish/blowfish.cpp
+++ b/src/block/blowfish/blowfish.cpp
@@ -143,7 +143,7 @@ void Blowfish::eks_key_schedule(const byte key[], size_t length,
/*
* Generate one of the Sboxes
*/
-void Blowfish::generate_sbox(MemoryRegion<u32bit>& box,
+void Blowfish::generate_sbox(secure_vector<u32bit>& box,
u32bit& L, u32bit& R,
const byte salt[16],
size_t salt_off) const
diff --git a/src/block/blowfish/blowfish.h b/src/block/blowfish/blowfish.h
index 13706d21e..5bec4b231 100644
--- a/src/block/blowfish/blowfish.h
+++ b/src/block/blowfish/blowfish.h
@@ -39,7 +39,7 @@ class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56>
size_t key_length,
const byte salt[16]);
- void generate_sbox(MemoryRegion<u32bit>& box,
+ void generate_sbox(secure_vector<u32bit>& box,
u32bit& L, u32bit& R,
const byte salt[16],
size_t salt_off) const;
@@ -47,8 +47,8 @@ class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56>
static const u32bit P_INIT[18];
static const u32bit S_INIT[1024];
- SecureVector<u32bit> S;
- SecureVector<u32bit> P;
+ secure_vector<u32bit> S;
+ secure_vector<u32bit> P;
};
}
diff --git a/src/block/camellia/camellia.cpp b/src/block/camellia/camellia.cpp
index 7b85b1aca..bea5d4c51 100644
--- a/src/block/camellia/camellia.cpp
+++ b/src/block/camellia/camellia.cpp
@@ -116,7 +116,7 @@ inline u64bit FLINV(u64bit v, u64bit K)
* Camellia Encryption
*/
void encrypt(const byte in[], byte out[], size_t blocks,
- const SecureVector<u64bit>& SK, const size_t rounds)
+ const secure_vector<u64bit>& SK, const size_t rounds)
{
for(size_t i = 0; i != blocks; ++i)
{
@@ -160,7 +160,7 @@ void encrypt(const byte in[], byte out[], size_t blocks,
* Camellia Decryption
*/
void decrypt(const byte in[], byte out[], size_t blocks,
- const SecureVector<u64bit>& SK, const size_t rounds)
+ const secure_vector<u64bit>& SK, const size_t rounds)
{
for(size_t i = 0; i != blocks; ++i)
{
@@ -213,7 +213,7 @@ u64bit left_rot_lo(u64bit h, u64bit l, size_t shift)
/*
* Camellia Key Schedule
*/
-void key_schedule(SecureVector<u64bit>& SK, const byte key[], size_t length)
+void key_schedule(secure_vector<u64bit>& SK, const byte key[], size_t length)
{
const u64bit Sigma1 = 0xA09E667F3BCC908B;
const u64bit Sigma2 = 0xB67AE8584CAA73B2;
diff --git a/src/block/camellia/camellia.h b/src/block/camellia/camellia.h
index 9ce305983..4db115f2c 100644
--- a/src/block/camellia/camellia.h
+++ b/src/block/camellia/camellia.h
@@ -27,7 +27,7 @@ class BOTAN_DLL Camellia_128 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u64bit> SK;
+ secure_vector<u64bit> SK;
};
/**
@@ -45,7 +45,7 @@ class BOTAN_DLL Camellia_192 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u64bit> SK;
+ secure_vector<u64bit> SK;
};
/**
@@ -63,7 +63,7 @@ class BOTAN_DLL Camellia_256 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u64bit> SK;
+ secure_vector<u64bit> SK;
};
}
diff --git a/src/block/cast/cast128.cpp b/src/block/cast/cast128.cpp
index 24469e025..8fae4040d 100644
--- a/src/block/cast/cast128.cpp
+++ b/src/block/cast/cast128.cpp
@@ -119,7 +119,7 @@ void CAST_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
void CAST_128::key_schedule(const byte key[], size_t length)
{
clear();
- SecureVector<u32bit> X(4);
+ secure_vector<u32bit> X(4);
for(size_t j = 0; j != length; ++j)
X[j/4] = (X[j/4] << 8) + key[j];
@@ -133,8 +133,8 @@ void CAST_128::key_schedule(const byte key[], size_t length)
/*
* S-Box Based Key Expansion
*/
-void CAST_128::cast_ks(MemoryRegion<u32bit>& K,
- MemoryRegion<u32bit>& X)
+void CAST_128::cast_ks(secure_vector<u32bit>& K,
+ secure_vector<u32bit>& X)
{
class ByteReader
{
@@ -145,7 +145,7 @@ void CAST_128::cast_ks(MemoryRegion<u32bit>& K,
const u32bit* X;
};
- SecureVector<u32bit> Z(4);
+ secure_vector<u32bit> Z(4);
ByteReader x(&X[0]), z(&Z[0]);
Z[0] = X[0] ^ S5[x(13)] ^ S6[x(15)] ^ S7[x(12)] ^ S8[x(14)] ^ S7[x( 8)];
diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 10c646c94..15efc8132 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -29,15 +29,15 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
private:
void key_schedule(const byte[], size_t);
- static void cast_ks(MemoryRegion<u32bit>& ks,
- MemoryRegion<u32bit>& user_key);
+ static void cast_ks(secure_vector<u32bit>& ks,
+ secure_vector<u32bit>& user_key);
static const u32bit S5[256];
static const u32bit S6[256];
static const u32bit S7[256];
static const u32bit S8[256];
- SecureVector<u32bit> MK, RK;
+ secure_vector<u32bit> MK, RK;
};
extern const u32bit CAST_SBOX1[256];
diff --git a/src/block/cast/cast256.cpp b/src/block/cast/cast256.cpp
index 8be0a8dd6..00e0fbd30 100644
--- a/src/block/cast/cast256.cpp
+++ b/src/block/cast/cast256.cpp
@@ -138,7 +138,7 @@ void CAST_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void CAST_256::key_schedule(const byte key[], size_t length)
{
- SecureVector<u32bit> K(8);
+ secure_vector<u32bit> K(8);
for(size_t j = 0; j != length; ++j)
K[j/4] = (K[j/4] << 8) + key[j];
diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h
index 2f2beef47..11c5117a3 100644
--- a/src/block/cast/cast256.h
+++ b/src/block/cast/cast256.h
@@ -32,8 +32,8 @@ class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
static const u32bit KEY_MASK[192];
static const byte KEY_ROT[32];
- SecureVector<u32bit> MK;
- SecureVector<byte> RK;
+ secure_vector<u32bit> MK;
+ secure_vector<byte> RK;
};
extern const u32bit CAST_SBOX1[256];
diff --git a/src/block/des/des.h b/src/block/des/des.h
index db5a375e0..711efb16d 100644
--- a/src/block/des/des.h
+++ b/src/block/des/des.h
@@ -29,7 +29,7 @@ class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> round_key;
+ secure_vector<u32bit> round_key;
};
/**
@@ -49,7 +49,7 @@ class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> round_key;
+ secure_vector<u32bit> round_key;
};
/*
diff --git a/src/block/des/desx.h b/src/block/des/desx.h
index 993eca86b..1fe8b000c 100644
--- a/src/block/des/desx.h
+++ b/src/block/des/desx.h
@@ -28,7 +28,7 @@ class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24>
DESX() : K1(8), K2(8) {}
private:
void key_schedule(const byte[], size_t);
- SecureVector<byte> K1, K2;
+ secure_vector<byte> K1, K2;
DES des;
};
diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h
index bc26da774..a4a13b827 100644
--- a/src/block/gost_28147/gost_28147.h
+++ b/src/block/gost_28147/gost_28147.h
@@ -65,13 +65,13 @@ class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32>
*/
GOST_28147_89(const GOST_28147_89_Params& params);
private:
- GOST_28147_89(const SecureVector<u32bit>& other_SBOX) :
+ GOST_28147_89(const secure_vector<u32bit>& other_SBOX) :
SBOX(other_SBOX), EK(8) {}
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> SBOX;
- SecureVector<u32bit> EK;
+ secure_vector<u32bit> SBOX;
+ secure_vector<u32bit> EK;
};
}
diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h
index 42fa60c47..f3f0ce1bc 100644
--- a/src/block/idea/idea.h
+++ b/src/block/idea/idea.h
@@ -30,16 +30,16 @@ class BOTAN_DLL IDEA : public Block_Cipher_Fixed_Params<8, 16>
/**
* @return const reference to encryption subkeys
*/
- const SecureVector<u16bit>& get_EK() const { return EK; }
+ const secure_vector<u16bit>& get_EK() const { return EK; }
/**
* @return const reference to decryption subkeys
*/
- const SecureVector<u16bit>& get_DK() const { return DK; }
+ const secure_vector<u16bit>& get_DK() const { return DK; }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u16bit> EK, DK;
+ secure_vector<u16bit> EK, DK;
};
}
diff --git a/src/block/kasumi/kasumi.cpp b/src/block/kasumi/kasumi.cpp
index a57c0396a..d3894789d 100644
--- a/src/block/kasumi/kasumi.cpp
+++ b/src/block/kasumi/kasumi.cpp
@@ -204,7 +204,7 @@ void KASUMI::key_schedule(const byte key[], size_t)
static const u16bit RC[] = { 0x0123, 0x4567, 0x89AB, 0xCDEF,
0xFEDC, 0xBA98, 0x7654, 0x3210 };
- SecureVector<u16bit> K(16);
+ secure_vector<u16bit> K(16);
for(size_t i = 0; i != 8; ++i)
{
K[i] = load_be<u16bit>(key, i);
diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h
index 7871aa170..f3dd7e0c7 100644
--- a/src/block/kasumi/kasumi.h
+++ b/src/block/kasumi/kasumi.h
@@ -29,7 +29,7 @@ class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u16bit> EK;
+ secure_vector<u16bit> EK;
};
}
diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp
index 4a9e8b901..778b55be0 100644
--- a/src/block/lion/lion.cpp
+++ b/src/block/lion/lion.cpp
@@ -16,7 +16,7 @@ namespace Botan {
*/
void Lion::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- SecureVector<byte> buffer_vec(LEFT_SIZE);
+ secure_vector<byte> buffer_vec(LEFT_SIZE);
byte* buffer = &buffer_vec[0];
for(size_t i = 0; i != blocks; ++i)
@@ -43,7 +43,7 @@ void Lion::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Lion::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- SecureVector<byte> buffer_vec(LEFT_SIZE);
+ secure_vector<byte> buffer_vec(LEFT_SIZE);
byte* buffer = &buffer_vec[0];
for(size_t i = 0; i != blocks; ++i)
diff --git a/src/block/lion/lion.h b/src/block/lion/lion.h
index 5076f4461..d016c0e82 100644
--- a/src/block/lion/lion.h
+++ b/src/block/lion/lion.h
@@ -56,7 +56,7 @@ class BOTAN_DLL Lion : public BlockCipher
HashFunction* hash;
StreamCipher* cipher;
- SecureVector<byte> key1, key2;
+ secure_vector<byte> key1, key2;
};
}
diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp
index ef4a11e9d..2fe4c87bf 100644
--- a/src/block/lubyrack/lubyrack.cpp
+++ b/src/block/lubyrack/lubyrack.cpp
@@ -17,7 +17,7 @@ void LubyRackoff::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
const size_t len = hash->output_length();
- SecureVector<byte> buffer_vec(len);
+ secure_vector<byte> buffer_vec(len);
byte* buffer = &buffer_vec[0];
for(size_t i = 0; i != blocks; ++i)
@@ -54,7 +54,7 @@ void LubyRackoff::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
const size_t len = hash->output_length();
- SecureVector<byte> buffer_vec(len);
+ secure_vector<byte> buffer_vec(len);
byte* buffer = &buffer_vec[0];
for(size_t i = 0; i != blocks; ++i)
diff --git a/src/block/lubyrack/lubyrack.h b/src/block/lubyrack/lubyrack.h
index 81dddf579..e28c60be7 100644
--- a/src/block/lubyrack/lubyrack.h
+++ b/src/block/lubyrack/lubyrack.h
@@ -42,7 +42,7 @@ class BOTAN_DLL LubyRackoff : public BlockCipher
void key_schedule(const byte[], size_t);
HashFunction* hash;
- SecureVector<byte> K1, K2;
+ secure_vector<byte> K1, K2;
};
}
diff --git a/src/block/mars/mars.cpp b/src/block/mars/mars.cpp
index 171ce2945..64ece83ab 100644
--- a/src/block/mars/mars.cpp
+++ b/src/block/mars/mars.cpp
@@ -320,7 +320,7 @@ void MARS::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void MARS::key_schedule(const byte key[], size_t length)
{
- SecureVector<u32bit> T(15);
+ secure_vector<u32bit> T(15);
for(size_t i = 0; i != length / 4; ++i)
T[i] = load_le<u32bit>(key, i);
diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h
index 5ca05f886..fc732ae10 100644
--- a/src/block/mars/mars.h
+++ b/src/block/mars/mars.h
@@ -29,7 +29,7 @@ class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK;
+ secure_vector<u32bit> EK;
};
}
diff --git a/src/block/misty1/misty1.cpp b/src/block/misty1/misty1.cpp
index 77d1047b1..64298ee92 100644
--- a/src/block/misty1/misty1.cpp
+++ b/src/block/misty1/misty1.cpp
@@ -204,7 +204,7 @@ void MISTY1::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void MISTY1::key_schedule(const byte key[], size_t length)
{
- SecureVector<u16bit> KS(32);
+ secure_vector<u16bit> KS(32);
for(size_t i = 0; i != length / 2; ++i)
KS[i] = load_be<u16bit>(key, i);
diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h
index 14d8a2958..a4bfa14b3 100644
--- a/src/block/misty1/misty1.h
+++ b/src/block/misty1/misty1.h
@@ -33,7 +33,7 @@ class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u16bit> EK, DK;
+ secure_vector<u16bit> EK, DK;
};
}
diff --git a/src/block/noekeon/noekeon.h b/src/block/noekeon/noekeon.h
index 7c5c73dcb..8bcff64c9 100644
--- a/src/block/noekeon/noekeon.h
+++ b/src/block/noekeon/noekeon.h
@@ -35,16 +35,16 @@ class BOTAN_DLL Noekeon : public Block_Cipher_Fixed_Params<16, 16>
/**
* @return const reference to encryption subkeys
*/
- const SecureVector<u32bit>& get_EK() const { return EK; }
+ const secure_vector<u32bit>& get_EK() const { return EK; }
/**
* @return const reference to decryption subkeys
*/
- const SecureVector<u32bit>& get_DK() const { return DK; }
+ const secure_vector<u32bit>& get_DK() const { return DK; }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK, DK;
+ secure_vector<u32bit> EK, DK;
};
}
diff --git a/src/block/noekeon_simd/noekeon_simd.cpp b/src/block/noekeon_simd/noekeon_simd.cpp
index b2beafc82..2a4c1fd74 100644
--- a/src/block/noekeon_simd/noekeon_simd.cpp
+++ b/src/block/noekeon_simd/noekeon_simd.cpp
@@ -65,7 +65,7 @@ namespace Botan {
*/
void Noekeon_SIMD::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- const SecureVector<u32bit>& EK = this->get_EK();
+ const secure_vector<u32bit>& EK = this->get_EK();
SIMD_32 K0 = SIMD_32(EK[0]);
SIMD_32 K1 = SIMD_32(EK[1]);
@@ -122,7 +122,7 @@ void Noekeon_SIMD::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Noekeon_SIMD::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- const SecureVector<u32bit>& DK = this->get_DK();
+ const secure_vector<u32bit>& DK = this->get_DK();
SIMD_32 K0 = SIMD_32(DK[0]);
SIMD_32 K1 = SIMD_32(DK[1]);
diff --git a/src/block/rc2/rc2.cpp b/src/block/rc2/rc2.cpp
index 071e4e209..98e76ecfc 100644
--- a/src/block/rc2/rc2.cpp
+++ b/src/block/rc2/rc2.cpp
@@ -124,7 +124,7 @@ void RC2::key_schedule(const byte key[], size_t length)
0xC5, 0xF3, 0xDB, 0x47, 0xE5, 0xA5, 0x9C, 0x77, 0x0A, 0xA6, 0x20, 0x68,
0xFE, 0x7F, 0xC1, 0xAD };
- SecureVector<byte> L(128);
+ secure_vector<byte> L(128);
copy_mem(&L[0], key, length);
for(size_t i = length; i != 128; ++i)
diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h
index 1ebad1e73..dc78b06fc 100644
--- a/src/block/rc2/rc2.h
+++ b/src/block/rc2/rc2.h
@@ -36,7 +36,7 @@ class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u16bit> K;
+ secure_vector<u16bit> K;
};
}
diff --git a/src/block/rc5/rc5.cpp b/src/block/rc5/rc5.cpp
index 981f73564..1ac421996 100644
--- a/src/block/rc5/rc5.cpp
+++ b/src/block/rc5/rc5.cpp
@@ -95,7 +95,7 @@ void RC5::key_schedule(const byte key[], size_t length)
for(size_t i = 1; i != S.size(); ++i)
S[i] = S[i-1] + 0x9E3779B9;
- SecureVector<u32bit> K(8);
+ secure_vector<u32bit> K(8);
for(s32bit i = length-1; i >= 0; --i)
K[i/4] = (K[i/4] << 8) + key[i];
diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h
index c69705471..bf059a996 100644
--- a/src/block/rc5/rc5.h
+++ b/src/block/rc5/rc5.h
@@ -35,7 +35,7 @@ class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32>
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> S;
+ secure_vector<u32bit> S;
};
}
diff --git a/src/block/rc6/rc6.cpp b/src/block/rc6/rc6.cpp
index 53ca5a7a2..42d00878f 100644
--- a/src/block/rc6/rc6.cpp
+++ b/src/block/rc6/rc6.cpp
@@ -120,7 +120,7 @@ void RC6::key_schedule(const byte key[], size_t length)
for(size_t i = 1; i != S.size(); ++i)
S[i] = S[i-1] + 0x9E3779B9;
- SecureVector<u32bit> K(8);
+ secure_vector<u32bit> K(8);
for(s32bit i = length-1; i >= 0; --i)
K[i/4] = (K[i/4] << 8) + key[i];
diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h
index af7b62316..d3270daf7 100644
--- a/src/block/rc6/rc6.h
+++ b/src/block/rc6/rc6.h
@@ -29,7 +29,7 @@ class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32>
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> S;
+ secure_vector<u32bit> S;
};
}
diff --git a/src/block/safer/safer_sk.cpp b/src/block/safer/safer_sk.cpp
index 5275a0781..f5fe4edd7 100644
--- a/src/block/safer/safer_sk.cpp
+++ b/src/block/safer/safer_sk.cpp
@@ -208,7 +208,7 @@ void SAFER_SK::key_schedule(const byte key[], size_t)
0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
0x0C, 0x0D, 0x0E, 0x0F };
- SecureVector<byte> KB(18);
+ secure_vector<byte> KB(18);
for(size_t i = 0; i != 8; ++i)
{
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index 564ea5c50..cf8ad90f7 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -34,7 +34,7 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16>
size_t get_rounds() const { return (EK.size() - 8) / 16; }
void key_schedule(const byte[], size_t);
- SecureVector<byte> EK;
+ secure_vector<byte> EK;
};
}
diff --git a/src/block/seed/seed.cpp b/src/block/seed/seed.cpp
index 408220013..40deb18bc 100644
--- a/src/block/seed/seed.cpp
+++ b/src/block/seed/seed.cpp
@@ -111,7 +111,7 @@ void SEED::key_schedule(const byte key[], size_t)
0x779B99E3, 0xEF3733C6, 0xDE6E678D, 0xBCDCCF1B
};
- SecureVector<u32bit> WK(4);
+ secure_vector<u32bit> WK(4);
for(size_t i = 0; i != 4; ++i)
WK[i] = load_be<u32bit>(key, i);
diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h
index 979312930..d5476de82 100644
--- a/src/block/seed/seed.h
+++ b/src/block/seed/seed.h
@@ -37,7 +37,7 @@ class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16>
static const u32bit S0[256], S1[256], S2[256], S3[256];
};
- SecureVector<u32bit> K;
+ secure_vector<u32bit> K;
};
}
diff --git a/src/block/serpent/serpent.cpp b/src/block/serpent/serpent.cpp
index b1e632c29..0f0a4fd63 100644
--- a/src/block/serpent/serpent.cpp
+++ b/src/block/serpent/serpent.cpp
@@ -358,7 +358,7 @@ void Serpent::key_schedule(const byte key[], size_t length)
{
const u32bit PHI = 0x9E3779B9;
- SecureVector<u32bit> W(140);
+ secure_vector<u32bit> W(140);
for(size_t i = 0; i != length / 4; ++i)
W[i] = load_le<u32bit>(key, i);
diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h
index df3f039aa..6191e50d7 100644
--- a/src/block/serpent/serpent.h
+++ b/src/block/serpent/serpent.h
@@ -31,7 +31,7 @@ class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
* For use by subclasses using SIMD, asm, etc
* @return const reference to the key schedule
*/
- const SecureVector<u32bit>& get_round_keys() const
+ const secure_vector<u32bit>& get_round_keys() const
{ return round_key; }
/**
@@ -45,7 +45,7 @@ class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
private:
void key_schedule(const byte key[], size_t length);
- SecureVector<u32bit> round_key;
+ secure_vector<u32bit> round_key;
};
}
diff --git a/src/block/serpent_x86_32/serp_x86_32.cpp b/src/block/serpent_x86_32/serp_x86_32.cpp
index 4cefe1d65..9566ed8a6 100644
--- a/src/block/serpent_x86_32/serp_x86_32.cpp
+++ b/src/block/serpent_x86_32/serp_x86_32.cpp
@@ -72,7 +72,7 @@ void Serpent_X86_32::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Serpent_X86_32::key_schedule(const byte key[], size_t length)
{
- SecureVector<u32bit> W(140);
+ secure_vector<u32bit> W(140);
for(size_t i = 0; i != length / 4; ++i)
W[i] = load_le<u32bit>(key, i);
W[length / 4] |= u32bit(1) << ((length%4)*8);
diff --git a/src/block/skipjack/skipjack.h b/src/block/skipjack/skipjack.h
index 051d35351..9abd10d47 100644
--- a/src/block/skipjack/skipjack.h
+++ b/src/block/skipjack/skipjack.h
@@ -29,7 +29,7 @@ class BOTAN_DLL Skipjack : public Block_Cipher_Fixed_Params<8, 10>
private:
void key_schedule(const byte[], size_t);
- SecureVector<byte> FTAB;
+ secure_vector<byte> FTAB;
};
}
diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp
index ff98c040e..bb9132e10 100644
--- a/src/block/square/square.cpp
+++ b/src/block/square/square.cpp
@@ -142,7 +142,7 @@ void Square::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Square::key_schedule(const byte key[], size_t)
{
- SecureVector<u32bit> XEK(36), XDK(36);
+ secure_vector<u32bit> XEK(36), XDK(36);
for(size_t i = 0; i != 4; ++i)
XEK[i] = load_be<u32bit>(key, i);
diff --git a/src/block/square/square.h b/src/block/square/square.h
index 5147c0383..f40ad0e31 100644
--- a/src/block/square/square.h
+++ b/src/block/square/square.h
@@ -45,8 +45,8 @@ class BOTAN_DLL Square : public Block_Cipher_Fixed_Params<16, 16>
static const u32bit TD2[256];
static const u32bit TD3[256];
- SecureVector<u32bit> EK, DK;
- SecureVector<byte> ME, MD;
+ secure_vector<u32bit> EK, DK;
+ secure_vector<byte> ME, MD;
};
}
diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h
index 0290b112f..5d418e084 100644
--- a/src/block/tea/tea.h
+++ b/src/block/tea/tea.h
@@ -28,7 +28,7 @@ class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16>
TEA() : K(4) {}
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> K;
+ secure_vector<u32bit> K;
};
}
diff --git a/src/block/twofish/twofish.cpp b/src/block/twofish/twofish.cpp
index c0735e202..d0a4213fb 100644
--- a/src/block/twofish/twofish.cpp
+++ b/src/block/twofish/twofish.cpp
@@ -121,7 +121,7 @@ void Twofish::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Twofish::key_schedule(const byte key[], size_t length)
{
- SecureVector<byte> S(16);
+ secure_vector<byte> S(16);
for(size_t i = 0; i != length; ++i)
rs_mul(&S[4*(i/8)], key[i], i);
diff --git a/src/block/twofish/twofish.h b/src/block/twofish/twofish.h
index 7594bdcfd..cd84c6fe0 100644
--- a/src/block/twofish/twofish.h
+++ b/src/block/twofish/twofish.h
@@ -41,7 +41,7 @@ class BOTAN_DLL Twofish : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
static const byte EXP_TO_POLY[255];
static const byte POLY_TO_EXP[255];
- SecureVector<u32bit> SB, RK;
+ secure_vector<u32bit> SB, RK;
};
}
diff --git a/src/block/xtea/xtea.cpp b/src/block/xtea/xtea.cpp
index 597eedd07..29287e5a0 100644
--- a/src/block/xtea/xtea.cpp
+++ b/src/block/xtea/xtea.cpp
@@ -123,7 +123,7 @@ void XTEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void XTEA::key_schedule(const byte key[], size_t)
{
- SecureVector<u32bit> UK(4);
+ secure_vector<u32bit> UK(4);
for(size_t i = 0; i != 4; ++i)
UK[i] = load_be<u32bit>(key, i);
diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h
index 985e9d6d1..2bf544696 100644
--- a/src/block/xtea/xtea.h
+++ b/src/block/xtea/xtea.h
@@ -30,11 +30,11 @@ class BOTAN_DLL XTEA : public Block_Cipher_Fixed_Params<8, 16>
/**
* @return const reference to the key schedule
*/
- const SecureVector<u32bit>& get_EK() const { return EK; }
+ const secure_vector<u32bit>& get_EK() const { return EK; }
private:
void key_schedule(const byte[], size_t);
- SecureVector<u32bit> EK;
+ secure_vector<u32bit> EK;
};
}
diff --git a/src/build-data/cc/gcc.txt b/src/build-data/cc/gcc.txt
index d22ae6202..f3babb394 100644
--- a/src/build-data/cc/gcc.txt
+++ b/src/build-data/cc/gcc.txt
@@ -1,6 +1,6 @@
macro_name GCC
-binary_name g++-4.6.0
+binary_name g++-4.8.0-r187608
compile_option "-c "
output_to_option "-o "
diff --git a/src/cert/certstore/certstor.cpp b/src/cert/certstore/certstor.cpp
index 3cba2f39e..9c383d9e8 100644
--- a/src/cert/certstore/certstor.cpp
+++ b/src/cert/certstore/certstor.cpp
@@ -28,7 +28,7 @@ void Certificate_Store_Memory::add_certificate(const X509_Certificate& cert)
std::vector<X509_Certificate>
Certificate_Store_Memory::find_cert_by_subject_and_key_id(
const X509_DN& subject_dn,
- const MemoryRegion<byte>& key_id) const
+ const std::vector<byte>& key_id) const
{
std::vector<X509_Certificate> result;
@@ -37,7 +37,7 @@ Certificate_Store_Memory::find_cert_by_subject_and_key_id(
// Only compare key ids if set in both call and in the cert
if(key_id.size())
{
- MemoryVector<byte> skid = certs[i].subject_key_id();
+ std::vector<byte> skid = certs[i].subject_key_id();
if(skid.size() && skid != key_id) // no match
continue;
@@ -74,7 +74,7 @@ void Certificate_Store_Memory::add_crl(const X509_CRL& crl)
std::vector<X509_CRL>
Certificate_Store_Memory::find_crl_by_subject_and_key_id(
const X509_DN& issuer_dn,
- const MemoryRegion<byte>& key_id) const
+ const std::vector<byte>& key_id) const
{
std::vector<X509_CRL> result;
@@ -83,7 +83,7 @@ Certificate_Store_Memory::find_crl_by_subject_and_key_id(
// Only compare key ids if set in both call and in the CRL
if(key_id.size())
{
- MemoryVector<byte> akid = crls[i].authority_key_id();
+ std::vector<byte> akid = crls[i].authority_key_id();
if(akid.size() && akid != key_id) // no match
continue;
diff --git a/src/cert/certstore/certstor.h b/src/cert/certstore/certstor.h
index 374013984..a0526e1a6 100644
--- a/src/cert/certstore/certstor.h
+++ b/src/cert/certstore/certstor.h
@@ -39,7 +39,7 @@ class BOTAN_DLL Certificate_Store
virtual std::vector<X509_Certificate>
find_cert_by_subject_and_key_id(
const X509_DN& subject_dn,
- const MemoryRegion<byte>& key_id) const = 0;
+ const std::vector<byte>& key_id) const = 0;
/**
* Find CRLs by the DN and key id of the issuer
@@ -47,7 +47,7 @@ class BOTAN_DLL Certificate_Store
virtual std::vector<X509_CRL>
find_crl_by_subject_and_key_id(
const X509_DN& issuer_dn,
- const MemoryRegion<byte>& key_id) const = 0;
+ const std::vector<byte>& key_id) const = 0;
};
/**
@@ -64,11 +64,11 @@ class BOTAN_DLL Certificate_Store_Memory : public Certificate_Store
std::vector<X509_Certificate> find_cert_by_subject_and_key_id(
const X509_DN& subject_dn,
- const MemoryRegion<byte>& key_id) const;
+ const std::vector<byte>& key_id) const;
std::vector<X509_CRL> find_crl_by_subject_and_key_id(
const X509_DN& issuer_dn,
- const MemoryRegion<byte>& key_id) const;
+ const std::vector<byte>& key_id) const;
Certificate_Store_Memory() {}
private:
diff --git a/src/cert/cvc/asn1_eac_tm.cpp b/src/cert/cvc/asn1_eac_tm.cpp
index 12221b582..a3a4d043d 100644
--- a/src/cert/cvc/asn1_eac_tm.cpp
+++ b/src/cert/cvc/asn1_eac_tm.cpp
@@ -18,9 +18,9 @@ namespace Botan {
namespace {
-SecureVector<byte> enc_two_digit(u32bit in)
+secure_vector<byte> enc_two_digit(u32bit in)
{
- SecureVector<byte> result;
+ secure_vector<byte> result;
in %= 100;
if(in < 10)
result.push_back(0x00);
@@ -281,9 +281,9 @@ void EAC_Time::decode_from(BER_Decoder& source)
/*
* make the value an octet string for encoding
*/
-SecureVector<byte> EAC_Time::encoded_eac_time() const
+secure_vector<byte> EAC_Time::encoded_eac_time() const
{
- SecureVector<byte> result;
+ secure_vector<byte> result;
result += enc_two_digit(year);
result += enc_two_digit(month);
result += enc_two_digit(day);
diff --git a/src/cert/cvc/cvc_ado.cpp b/src/cert/cvc/cvc_ado.cpp
index 38f51e8dc..f224d15b9 100644
--- a/src/cert/cvc/cvc_ado.cpp
+++ b/src/cert/cvc/cvc_ado.cpp
@@ -26,7 +26,7 @@ EAC1_1_ADO::EAC1_1_ADO(const std::string& in)
void EAC1_1_ADO::force_decode()
{
- SecureVector<byte> inner_cert;
+ secure_vector<byte> inner_cert;
BER_Decoder(tbs_bits)
.start_cons(ASN1_Tag(33))
.raw_bytes(inner_cert)
@@ -34,7 +34,7 @@ void EAC1_1_ADO::force_decode()
.decode(m_car)
.verify_end();
- SecureVector<byte> req_bits = DER_Encoder()
+ secure_vector<byte> req_bits = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.raw_bytes(inner_cert)
.end_cons()
@@ -45,11 +45,11 @@ void EAC1_1_ADO::force_decode()
sig_algo = m_req.sig_algo;
}
-MemoryVector<byte> EAC1_1_ADO::make_signed(PK_Signer& signer,
- const MemoryRegion<byte>& tbs_bits,
+std::vector<byte> EAC1_1_ADO::make_signed(PK_Signer& signer,
+ const secure_vector<byte>& tbs_bits,
RandomNumberGenerator& rng)
{
- SecureVector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
+ secure_vector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
return DER_Encoder()
.start_cons(ASN1_Tag(7), APPLICATION)
@@ -65,11 +65,11 @@ ASN1_Car EAC1_1_ADO::get_car() const
}
void EAC1_1_ADO::decode_info(DataSource& source,
- SecureVector<byte> & res_tbs_bits,
+ secure_vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig)
{
- SecureVector<byte> concat_sig;
- SecureVector<byte> cert_inner_bits;
+ secure_vector<byte> concat_sig;
+ secure_vector<byte> cert_inner_bits;
ASN1_Car car;
BER_Decoder(source)
@@ -81,7 +81,7 @@ void EAC1_1_ADO::decode_info(DataSource& source,
.decode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons();
- SecureVector<byte> enc_cert = DER_Encoder()
+ secure_vector<byte> enc_cert = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.raw_bytes(cert_inner_bits)
.end_cons()
@@ -97,7 +97,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
if(encoding == PEM)
throw Invalid_Argument("EAC1_1_ADO::encode() cannot PEM encode an EAC object");
- SecureVector<byte> concat_sig(
+ secure_vector<byte> concat_sig(
EAC1_1_obj<EAC1_1_ADO>::m_sig.get_concatenation());
out.write(DER_Encoder()
@@ -108,7 +108,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
.get_contents());
}
-SecureVector<byte> EAC1_1_ADO::tbs_data() const
+secure_vector<byte> EAC1_1_ADO::tbs_data() const
{
return tbs_bits;
}
diff --git a/src/cert/cvc/cvc_ado.h b/src/cert/cvc/cvc_ado.h
index 65a39fd91..81b89ea00 100644
--- a/src/cert/cvc/cvc_ado.h
+++ b/src/cert/cvc/cvc_ado.h
@@ -43,9 +43,9 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
* @param tbs_bits the TBS data to sign
* @param rng a random number generator
*/
- static MemoryVector<byte> make_signed(
+ static std::vector<byte> make_signed(
PK_Signer& signer,
- const MemoryRegion<byte>& tbs_bits,
+ const secure_vector<byte>& tbs_bits,
RandomNumberGenerator& rng);
/**
@@ -73,7 +73,7 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
* Get the TBS data of this CVC ADO request.
* @result the TBS data
*/
- SecureVector<byte> tbs_data() const;
+ secure_vector<byte> tbs_data() const;
virtual ~EAC1_1_ADO() {}
private:
@@ -82,7 +82,7 @@ class BOTAN_DLL EAC1_1_ADO : public EAC1_1_obj<EAC1_1_ADO>
void force_decode();
static void decode_info(DataSource& source,
- SecureVector<byte> & res_tbs_bits,
+ secure_vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig);
};
diff --git a/src/cert/cvc/cvc_cert.cpp b/src/cert/cvc/cvc_cert.cpp
index 54f72ecfc..12558bb80 100644
--- a/src/cert/cvc/cvc_cert.cpp
+++ b/src/cert/cvc/cvc_cert.cpp
@@ -33,8 +33,8 @@ u32bit EAC1_1_CVC::get_chat_value() const
*/
void EAC1_1_CVC::force_decode()
{
- SecureVector<byte> enc_pk;
- SecureVector<byte> enc_chat_val;
+ secure_vector<byte> enc_pk;
+ secure_vector<byte> enc_chat_val;
size_t cpi;
BER_Decoder tbs_cert(tbs_bits);
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
@@ -88,7 +88,7 @@ bool EAC1_1_CVC::operator==(EAC1_1_CVC const& rhs) const
&& get_concat_sig() == rhs.get_concat_sig());
}
-ECDSA_PublicKey* decode_eac1_1_key(const MemoryRegion<byte>&,
+ECDSA_PublicKey* decode_eac1_1_key(const secure_vector<byte>&,
AlgorithmIdentifier&)
{
throw Internal_Error("decode_eac1_1_key: Unimplemented");
@@ -96,7 +96,7 @@ ECDSA_PublicKey* decode_eac1_1_key(const MemoryRegion<byte>&,
}
EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
- MemoryRegion<byte> const& public_key,
+ secure_vector<byte> const& public_key,
ASN1_Car const& car,
ASN1_Chr const& chr,
byte holder_auth_templ,
@@ -105,12 +105,12 @@ EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
RandomNumberGenerator& rng)
{
OID chat_oid(OIDS::lookup("CertificateHolderAuthorizationTemplate"));
- MemoryVector<byte> enc_chat_val;
+ std::vector<byte> enc_chat_val;
enc_chat_val.push_back(holder_auth_templ);
- MemoryVector<byte> enc_cpi;
+ std::vector<byte> enc_cpi;
enc_cpi.push_back(0x00);
- MemoryVector<byte> tbs = DER_Encoder()
+ std::vector<byte> tbs = DER_Encoder()
.encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION) // cpi
.encode(car)
.raw_bytes(public_key)
@@ -123,7 +123,7 @@ EAC1_1_CVC make_cvc_cert(PK_Signer& signer,
.encode(cex)
.get_contents();
- MemoryVector<byte> signed_cert =
+ std::vector<byte> signed_cert =
EAC1_1_CVC::make_signed(signer,
EAC1_1_CVC::build_cert_body(tbs),
rng);
diff --git a/src/cert/cvc/cvc_cert.h b/src/cert/cvc/cvc_cert.h
index 69d0d824a..20370e64b 100644
--- a/src/cert/cvc/cvc_cert.h
+++ b/src/cert/cvc/cvc_cert.h
@@ -96,7 +96,7 @@ inline bool operator!=(EAC1_1_CVC const& lhs, EAC1_1_CVC const& rhs)
* @param rng a random number generator
*/
EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer,
- const MemoryRegion<byte>& public_key,
+ const secure_vector<byte>& public_key,
ASN1_Car const& car,
ASN1_Chr const& chr,
byte holder_auth_templ,
@@ -107,7 +107,7 @@ EAC1_1_CVC BOTAN_DLL make_cvc_cert(PK_Signer& signer,
/**
* Decode an EAC encoding ECDSA key
*/
-BOTAN_DLL ECDSA_PublicKey* decode_eac1_1_key(const MemoryRegion<byte>& enc_key,
+BOTAN_DLL ECDSA_PublicKey* decode_eac1_1_key(const secure_vector<byte>& enc_key,
AlgorithmIdentifier& sig_algo);
}
diff --git a/src/cert/cvc/cvc_gen_cert.h b/src/cert/cvc/cvc_gen_cert.h
index ad61b85bf..a272e316f 100644
--- a/src/cert/cvc/cvc_gen_cert.h
+++ b/src/cert/cvc/cvc_gen_cert.h
@@ -56,14 +56,14 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
* Get the to-be-signed (TBS) data of this object.
* @result the TBS data of this object
*/
- SecureVector<byte> tbs_data() const;
+ secure_vector<byte> tbs_data() const;
/**
* Build the DER encoded certifcate body of an object
* @param tbs the data to be signed
* @result the correctly encoded body of the object
*/
- static SecureVector<byte> build_cert_body(MemoryRegion<byte> const& tbs);
+ static secure_vector<byte> build_cert_body(secure_vector<byte> const& tbs);
/**
* Create a signed generalized CVC object.
@@ -72,9 +72,9 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
* @param rng a random number generator
* @result the DER encoded signed generalized CVC object
*/
- static MemoryVector<byte> make_signed(
+ static std::vector<byte> make_signed(
PK_Signer& signer,
- const MemoryRegion<byte>& tbs_bits,
+ const secure_vector<byte>& tbs_bits,
RandomNumberGenerator& rng);
EAC1_1_gen_CVC() { m_pk = 0; }
@@ -88,7 +88,7 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
bool self_signed;
static void decode_info(DataSource& source,
- SecureVector<byte> & res_tbs_bits,
+ secure_vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig);
};
@@ -104,12 +104,12 @@ template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
}
template<typename Derived>
-MemoryVector<byte> EAC1_1_gen_CVC<Derived>::make_signed(
+std::vector<byte> EAC1_1_gen_CVC<Derived>::make_signed(
PK_Signer& signer,
- const MemoryRegion<byte>& tbs_bits,
+ const secure_vector<byte>& tbs_bits,
RandomNumberGenerator& rng) // static
{
- SecureVector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
+ secure_vector<byte> concat_sig = signer.sign_message(tbs_bits, rng);
return DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
@@ -125,7 +125,7 @@ Public_Key* EAC1_1_gen_CVC<Derived>::subject_public_key() const
return new ECDSA_PublicKey(*m_pk);
}
-template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(MemoryRegion<byte> const& tbs)
+template<typename Derived> secure_vector<byte> EAC1_1_gen_CVC<Derived>::build_cert_body(secure_vector<byte> const& tbs)
{
return DER_Encoder()
.start_cons(ASN1_Tag(78), APPLICATION)
@@ -133,15 +133,15 @@ template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::build_cer
.end_cons().get_contents();
}
-template<typename Derived> SecureVector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
+template<typename Derived> secure_vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
{
return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
}
template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
{
- SecureVector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
- SecureVector<byte> der = DER_Encoder()
+ secure_vector<byte> concat_sig(EAC1_1_obj<Derived>::m_sig.get_concatenation());
+ secure_vector<byte> der = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.start_cons(ASN1_Tag(78), APPLICATION)
.raw_bytes(EAC1_1_obj<Derived>::tbs_bits)
@@ -159,10 +159,10 @@ template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_
template<typename Derived>
void EAC1_1_gen_CVC<Derived>::decode_info(
DataSource& source,
- SecureVector<byte> & res_tbs_bits,
+ secure_vector<byte> & res_tbs_bits,
ECDSA_Signature & res_sig)
{
- SecureVector<byte> concat_sig;
+ secure_vector<byte> concat_sig;
BER_Decoder(source)
.start_cons(ASN1_Tag(33))
.start_cons(ASN1_Tag(78))
diff --git a/src/cert/cvc/cvc_req.cpp b/src/cert/cvc/cvc_req.cpp
index ad9e2f4ca..bd7dee3fa 100644
--- a/src/cert/cvc/cvc_req.cpp
+++ b/src/cert/cvc/cvc_req.cpp
@@ -19,7 +19,7 @@ bool EAC1_1_Req::operator==(EAC1_1_Req const& rhs) const
void EAC1_1_Req::force_decode()
{
- SecureVector<byte> enc_pk;
+ secure_vector<byte> enc_pk;
BER_Decoder tbs_cert(tbs_bits);
size_t cpi;
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
diff --git a/src/cert/cvc/cvc_self.cpp b/src/cert/cvc/cvc_self.cpp
index 61a1e7b64..e692bc9b8 100644
--- a/src/cert/cvc/cvc_self.cpp
+++ b/src/cert/cvc/cvc_self.cpp
@@ -34,7 +34,7 @@ void encode_eac_bigint(DER_Encoder& der, const BigInt& x, ASN1_Tag tag)
der.encode(BigInt::encode_1363(x, x.bytes()), OCTET_STRING, tag);
}
-MemoryVector<byte> eac_1_1_encoding(const EC_PublicKey* key,
+std::vector<byte> eac_1_1_encoding(const EC_PublicKey* key,
const OID& sig_algo)
{
if(key->domain_format() == EC_DOMPAR_ENC_OID)
@@ -106,7 +106,7 @@ EAC1_1_CVC create_self_signed_cert(Private_Key const& key,
PK_Signer signer(*priv_key, padding_and_hash);
- MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
+ std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
return make_cvc_cert(signer,
enc_public_key,
@@ -133,17 +133,17 @@ EAC1_1_Req create_cvc_req(Private_Key const& key,
PK_Signer signer(*priv_key, padding_and_hash);
- MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
+ std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
- MemoryVector<byte> enc_cpi;
+ std::vector<byte> enc_cpi;
enc_cpi.push_back(0x00);
- MemoryVector<byte> tbs = DER_Encoder()
+ std::vector<byte> tbs = DER_Encoder()
.encode(enc_cpi, OCTET_STRING, ASN1_Tag(41), APPLICATION)
.raw_bytes(enc_public_key)
.encode(chr)
.get_contents();
- MemoryVector<byte> signed_cert =
+ std::vector<byte> signed_cert =
EAC1_1_gen_CVC<EAC1_1_Req>::make_signed(signer,
EAC1_1_gen_CVC<EAC1_1_Req>::build_cert_body(tbs),
rng);
@@ -166,10 +166,10 @@ EAC1_1_ADO create_ado_req(Private_Key const& key,
std::string padding_and_hash = padding_and_hash_from_oid(req.signature_algorithm().oid);
PK_Signer signer(*priv_key, padding_and_hash);
- SecureVector<byte> tbs_bits = req.BER_encode();
+ secure_vector<byte> tbs_bits = req.BER_encode();
tbs_bits += DER_Encoder().encode(car).get_contents();
- MemoryVector<byte> signed_cert =
+ std::vector<byte> signed_cert =
EAC1_1_ADO::make_signed(signer, tbs_bits, rng);
DataSource_Memory source(signed_cert);
@@ -235,7 +235,7 @@ EAC1_1_CVC link_cvca(EAC1_1_CVC const& signer,
ECDSA_PublicKey* subj_pk = dynamic_cast<ECDSA_PublicKey*>(pk.get());
subj_pk->set_parameter_encoding(EC_DOMPAR_ENC_EXPLICIT);
- MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
+ std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
return make_cvc_cert(pk_signer, enc_public_key,
signer.get_car(),
@@ -309,7 +309,7 @@ EAC1_1_CVC sign_request(EAC1_1_CVC const& signer_cert,
// (IS cannot sign certificates)
}
- MemoryVector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
+ std::vector<byte> enc_public_key = eac_1_1_encoding(priv_key, sig_algo.oid);
return make_cvc_cert(pk_signer, enc_public_key,
ASN1_Car(signer_cert.get_chr().iso_8859()),
diff --git a/src/cert/cvc/eac_asn_obj.h b/src/cert/cvc/eac_asn_obj.h
index 54a9f1517..9937abb01 100644
--- a/src/cert/cvc/eac_asn_obj.h
+++ b/src/cert/cvc/eac_asn_obj.h
@@ -98,7 +98,7 @@ class BOTAN_DLL EAC_Time : public ASN1_Object
virtual ~EAC_Time() {}
private:
- SecureVector<byte> encoded_eac_time() const;
+ secure_vector<byte> encoded_eac_time() const;
bool passes_sanity_check() const;
u32bit year, month, day;
ASN1_Tag tag;
diff --git a/src/cert/cvc/eac_obj.h b/src/cert/cvc/eac_obj.h
index eb6db3369..39f34b874 100644
--- a/src/cert/cvc/eac_obj.h
+++ b/src/cert/cvc/eac_obj.h
@@ -24,7 +24,7 @@ class EAC1_1_obj : public EAC_Signed_Object
* Return the signature as a concatenation of the encoded parts.
* @result the concatenated signature
*/
- SecureVector<byte> get_concat_sig() const
+ secure_vector<byte> get_concat_sig() const
{ return m_sig.get_concatenation(); }
bool check_signature(class Public_Key& key) const
diff --git a/src/cert/cvc/ecdsa_sig.cpp b/src/cert/cvc/ecdsa_sig.cpp
index e8fd7f051..91166ad79 100644
--- a/src/cert/cvc/ecdsa_sig.cpp
+++ b/src/cert/cvc/ecdsa_sig.cpp
@@ -10,7 +10,7 @@
namespace Botan {
-ECDSA_Signature::ECDSA_Signature(const MemoryRegion<byte>& ber)
+ECDSA_Signature::ECDSA_Signature(const secure_vector<byte>& ber)
{
BER_Decoder(ber)
.start_cons(SEQUENCE)
@@ -20,7 +20,7 @@ ECDSA_Signature::ECDSA_Signature(const MemoryRegion<byte>& ber)
.verify_end();
}
-MemoryVector<byte> ECDSA_Signature::DER_encode() const
+std::vector<byte> ECDSA_Signature::DER_encode() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -30,20 +30,20 @@ MemoryVector<byte> ECDSA_Signature::DER_encode() const
.get_contents();
}
-MemoryVector<byte> ECDSA_Signature::get_concatenation() const
+std::vector<byte> ECDSA_Signature::get_concatenation() const
{
// use the larger
const size_t enc_len = m_r > m_s ? m_r.bytes() : m_s.bytes();
- SecureVector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
- SecureVector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
+ secure_vector<byte> sv_r = BigInt::encode_1363(m_r, enc_len);
+ secure_vector<byte> sv_s = BigInt::encode_1363(m_s, enc_len);
- SecureVector<byte> result(sv_r);
+ secure_vector<byte> result(sv_r);
result += sv_s;
return result;
}
-ECDSA_Signature decode_concatenation(const MemoryRegion<byte>& concat)
+ECDSA_Signature decode_concatenation(const secure_vector<byte>& concat)
{
if(concat.size() % 2 != 0)
throw Invalid_Argument("Erroneous length of signature");
diff --git a/src/cert/cvc/ecdsa_sig.h b/src/cert/cvc/ecdsa_sig.h
index a92052470..a92d5078c 100644
--- a/src/cert/cvc/ecdsa_sig.h
+++ b/src/cert/cvc/ecdsa_sig.h
@@ -27,7 +27,7 @@ class BOTAN_DLL ECDSA_Signature
ECDSA_Signature(const BigInt& r, const BigInt& s) :
m_r(r), m_s(s) {}
- ECDSA_Signature(const MemoryRegion<byte>& ber);
+ ECDSA_Signature(const secure_vector<byte>& ber);
const BigInt& get_r() const { return m_r; }
const BigInt& get_s() const { return m_s; }
@@ -35,9 +35,9 @@ class BOTAN_DLL ECDSA_Signature
/**
* return the r||s
*/
- MemoryVector<byte> get_concatenation() const;
+ std::vector<byte> get_concatenation() const;
- MemoryVector<byte> DER_encode() const;
+ std::vector<byte> DER_encode() const;
bool operator==(const ECDSA_Signature& other) const
{
@@ -54,7 +54,7 @@ inline bool operator!=(const ECDSA_Signature& lhs, const ECDSA_Signature& rhs)
return !(lhs == rhs);
}
-ECDSA_Signature decode_concatenation(const MemoryRegion<byte>& concatenation);
+ECDSA_Signature decode_concatenation(const secure_vector<byte>& concatenation);
}
diff --git a/src/cert/cvc/signed_obj.cpp b/src/cert/cvc/signed_obj.cpp
index d6aa2f02b..4f04cd72e 100644
--- a/src/cert/cvc/signed_obj.cpp
+++ b/src/cert/cvc/signed_obj.cpp
@@ -16,7 +16,7 @@ namespace Botan {
/*
* Return a BER encoded X.509 object
*/
-SecureVector<byte> EAC_Signed_Object::BER_encode() const
+secure_vector<byte> EAC_Signed_Object::BER_encode() const
{
Pipe ber;
ber.start_msg();
@@ -46,7 +46,7 @@ AlgorithmIdentifier EAC_Signed_Object::signature_algorithm() const
}
bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
- const MemoryRegion<byte>& sig) const
+ const secure_vector<byte>& sig) const
{
try
{
@@ -62,7 +62,7 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
Signature_Format format =
(pub_key.message_parts() >= 2) ? DER_SEQUENCE : IEEE_1363;
- SecureVector<byte> to_sign = tbs_data();
+ secure_vector<byte> to_sign = tbs_data();
PK_Verifier verifier(pub_key, padding, format);
return verifier.verify_message(to_sign, sig);
diff --git a/src/cert/cvc/signed_obj.h b/src/cert/cvc/signed_obj.h
index 0c0fb30af..eb0e11848 100644
--- a/src/cert/cvc/signed_obj.h
+++ b/src/cert/cvc/signed_obj.h
@@ -26,7 +26,7 @@ class BOTAN_DLL EAC_Signed_Object
* Get the TBS (to-be-signed) data in this object.
* @return DER encoded TBS data of this object
*/
- virtual SecureVector<byte> tbs_data() const = 0;
+ virtual secure_vector<byte> tbs_data() const = 0;
/**
* Get the signature of this object as a concatenation, i.e. if the
@@ -39,7 +39,7 @@ class BOTAN_DLL EAC_Signed_Object
NOTE: this is here only because abstract signature objects have
not yet been introduced
*/
- virtual SecureVector<byte> get_concat_sig() const = 0;
+ virtual secure_vector<byte> get_concat_sig() const = 0;
/**
* Get the signature algorithm identifier used to sign this object.
@@ -55,7 +55,7 @@ class BOTAN_DLL EAC_Signed_Object
* associated with this public key
*/
bool check_signature(class Public_Key& key,
- const MemoryRegion<byte>& sig) const;
+ const secure_vector<byte>& sig) const;
/**
* Write this object DER encoded into a specified pipe.
@@ -69,7 +69,7 @@ class BOTAN_DLL EAC_Signed_Object
* BER encode this object.
* @return result containing the BER representation of this object.
*/
- SecureVector<byte> BER_encode() const;
+ secure_vector<byte> BER_encode() const;
/**
* PEM encode this object.
@@ -83,7 +83,7 @@ class BOTAN_DLL EAC_Signed_Object
EAC_Signed_Object() {}
AlgorithmIdentifier sig_algo;
- SecureVector<byte> tbs_bits;
+ secure_vector<byte> tbs_bits;
std::string PEM_label_pref;
std::vector<std::string> PEM_labels_allowed;
private:
diff --git a/src/cert/pkcs10/pkcs10.cpp b/src/cert/pkcs10/pkcs10.cpp
index 870a4d3a1..c67f74142 100644
--- a/src/cert/pkcs10/pkcs10.cpp
+++ b/src/cert/pkcs10/pkcs10.cpp
@@ -35,6 +35,15 @@ PKCS10_Request::PKCS10_Request(const std::string& in) :
}
/*
+* PKCS10_Request Constructor
+*/
+PKCS10_Request::PKCS10_Request(const std::vector<byte>& in) :
+ X509_Object(in, "CERTIFICATE REQUEST/NEW CERTIFICATE REQUEST")
+ {
+ do_decode();
+ }
+
+/*
* Deocde the CertificateRequestInfo
*/
void PKCS10_Request::force_decode()
@@ -59,7 +68,7 @@ void PKCS10_Request::force_decode()
info.add("X509.Certificate.public_key",
PEM_Code::encode(
- ASN1::put_in_sequence(public_key.value),
+ ASN1::put_in_sequence(unlock(public_key.value)),
"PUBLIC KEY"
)
);
@@ -136,10 +145,10 @@ X509_DN PKCS10_Request::subject_dn() const
/*
* Return the public key of the requestor
*/
-MemoryVector<byte> PKCS10_Request::raw_public_key() const
+std::vector<byte> PKCS10_Request::raw_public_key() const
{
DataSource_Memory source(info.get1("X509.Certificate.public_key"));
- return PEM_Code::decode_check_label(source, "PUBLIC KEY");
+ return unlock(PEM_Code::decode_check_label(source, "PUBLIC KEY"));
}
/*
diff --git a/src/cert/pkcs10/pkcs10.h b/src/cert/pkcs10/pkcs10.h
index bd01fb6b5..1ab0af7c7 100644
--- a/src/cert/pkcs10/pkcs10.h
+++ b/src/cert/pkcs10/pkcs10.h
@@ -32,7 +32,7 @@ class BOTAN_DLL PKCS10_Request : public X509_Object
* Get the raw DER encoded public key.
* @return raw DER encoded public key
*/
- MemoryVector<byte> raw_public_key() const;
+ std::vector<byte> raw_public_key() const;
/**
* Get the subject DN.
@@ -90,6 +90,12 @@ class BOTAN_DLL PKCS10_Request : public X509_Object
* encoded request file
*/
PKCS10_Request(const std::string& filename);
+
+ /**
+ * Create a PKCS#10 Request from binary data.
+ * @param vec a std::vector containing the DER value
+ */
+ PKCS10_Request(const std::vector<byte>& vec);
private:
void force_decode();
void handle_attribute(const Attribute&);
diff --git a/src/cert/x509ca/x509_ca.cpp b/src/cert/x509ca/x509_ca.cpp
index 37b4f44b4..4012a873b 100644
--- a/src/cert/x509ca/x509_ca.cpp
+++ b/src/cert/x509ca/x509_ca.cpp
@@ -86,7 +86,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
X509_Certificate X509_CA::make_cert(PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& sig_algo,
- const MemoryRegion<byte>& pub_key,
+ const std::vector<byte>& pub_key,
const X509_Time& not_before,
const X509_Time& not_after,
const X509_DN& issuer_dn,
@@ -98,35 +98,35 @@ X509_Certificate X509_CA::make_cert(PK_Signer* signer,
BigInt serial_no(rng, SERIAL_BITS);
- DataSource_Memory source(X509_Object::make_signed(signer, rng, sig_algo,
- DER_Encoder().start_cons(SEQUENCE)
- .start_explicit(0)
- .encode(X509_CERT_VERSION-1)
- .end_explicit()
+ const std::vector<byte> cert = X509_Object::make_signed(
+ signer, rng, sig_algo,
+ DER_Encoder().start_cons(SEQUENCE)
+ .start_explicit(0)
+ .encode(X509_CERT_VERSION-1)
+ .end_explicit()
- .encode(serial_no)
+ .encode(serial_no)
- .encode(sig_algo)
- .encode(issuer_dn)
+ .encode(sig_algo)
+ .encode(issuer_dn)
- .start_cons(SEQUENCE)
- .encode(not_before)
- .encode(not_after)
- .end_cons()
+ .start_cons(SEQUENCE)
+ .encode(not_before)
+ .encode(not_after)
+ .end_cons()
- .encode(subject_dn)
- .raw_bytes(pub_key)
+ .encode(subject_dn)
+ .raw_bytes(pub_key)
- .start_explicit(3)
- .start_cons(SEQUENCE)
- .encode(extensions)
- .end_cons()
- .end_explicit()
- .end_cons()
- .get_contents()
- ));
+ .start_explicit(3)
+ .start_cons(SEQUENCE)
+ .encode(extensions)
+ .end_cons()
+ .end_explicit()
+ .end_cons()
+ .get_contents());
- return X509_Certificate(source);
+ return X509_Certificate(cert);
}
/*
@@ -176,29 +176,29 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
extensions.add(new Cert_Extension::CRL_Number(crl_number));
- DataSource_Memory source(X509_Object::make_signed(signer, rng, ca_sig_algo,
- DER_Encoder().start_cons(SEQUENCE)
- .encode(X509_CRL_VERSION-1)
- .encode(ca_sig_algo)
- .encode(cert.issuer_dn())
- .encode(X509_Time(current_time))
- .encode(X509_Time(expire_time))
- .encode_if(revoked.size() > 0,
- DER_Encoder()
- .start_cons(SEQUENCE)
- .encode_list(revoked)
- .end_cons()
- )
- .start_explicit(0)
- .start_cons(SEQUENCE)
- .encode(extensions)
- .end_cons()
- .end_explicit()
- .end_cons()
- .get_contents()
- ));
+ const std::vector<byte> crl = X509_Object::make_signed(
+ signer, rng, ca_sig_algo,
+ DER_Encoder().start_cons(SEQUENCE)
+ .encode(X509_CRL_VERSION-1)
+ .encode(ca_sig_algo)
+ .encode(cert.issuer_dn())
+ .encode(X509_Time(current_time))
+ .encode(X509_Time(expire_time))
+ .encode_if(revoked.size() > 0,
+ DER_Encoder()
+ .start_cons(SEQUENCE)
+ .encode_list(revoked)
+ .end_cons()
+ )
+ .start_explicit(0)
+ .start_cons(SEQUENCE)
+ .encode(extensions)
+ .end_cons()
+ .end_explicit()
+ .end_cons()
+ .get_contents());
- return X509_CRL(source);
+ return X509_CRL(crl);
}
/*
diff --git a/src/cert/x509ca/x509_ca.h b/src/cert/x509ca/x509_ca.h
index 7aca26d03..d37b02eaf 100644
--- a/src/cert/x509ca/x509_ca.h
+++ b/src/cert/x509ca/x509_ca.h
@@ -82,7 +82,7 @@ class BOTAN_DLL X509_CA
static X509_Certificate make_cert(PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& sig_algo,
- const MemoryRegion<byte>& pub_key,
+ const std::vector<byte>& pub_key,
const X509_Time& not_before,
const X509_Time& not_after,
const X509_DN& issuer_dn,
diff --git a/src/cert/x509cert/x509_ext.cpp b/src/cert/x509cert/x509_ext.cpp
index 6e0befaf3..873de4264 100644
--- a/src/cert/x509cert/x509_ext.cpp
+++ b/src/cert/x509cert/x509_ext.cpp
@@ -114,7 +114,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
while(sequence.more_items())
{
OID oid;
- MemoryVector<byte> value;
+ std::vector<byte> value;
bool critical;
sequence.start_cons(SEQUENCE)
@@ -176,7 +176,7 @@ size_t Basic_Constraints::get_path_limit() const
/*
* Encode the extension
*/
-MemoryVector<byte> Basic_Constraints::encode_inner() const
+std::vector<byte> Basic_Constraints::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -186,13 +186,13 @@ MemoryVector<byte> Basic_Constraints::encode_inner() const
.encode_optional(path_limit, NO_CERT_PATH_LIMIT)
)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Basic_Constraints::decode_inner(const MemoryRegion<byte>& in)
+void Basic_Constraints::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -217,14 +217,14 @@ void Basic_Constraints::contents_to(Data_Store& subject, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> Key_Usage::encode_inner() const
+std::vector<byte> Key_Usage::encode_inner() const
{
if(constraints == NO_CONSTRAINTS)
throw Encoding_Error("Cannot encode zero usage constraints");
const size_t unused_bits = low_bit(constraints) - 1;
- MemoryVector<byte> der;
+ std::vector<byte> der;
der.push_back(BIT_STRING);
der.push_back(2 + ((unused_bits < 8) ? 1 : 0));
der.push_back(unused_bits % 8);
@@ -238,7 +238,7 @@ MemoryVector<byte> Key_Usage::encode_inner() const
/*
* Decode the extension
*/
-void Key_Usage::decode_inner(const MemoryRegion<byte>& in)
+void Key_Usage::decode_inner(const std::vector<byte>& in)
{
BER_Decoder ber(in);
@@ -274,15 +274,15 @@ void Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> Subject_Key_ID::encode_inner() const
+std::vector<byte> Subject_Key_ID::encode_inner() const
{
- return DER_Encoder().encode(key_id, OCTET_STRING).get_contents();
+ return DER_Encoder().encode(key_id, OCTET_STRING).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Subject_Key_ID::decode_inner(const MemoryRegion<byte>& in)
+void Subject_Key_ID::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(key_id, OCTET_STRING).verify_end();
}
@@ -298,28 +298,28 @@ void Subject_Key_ID::contents_to(Data_Store& subject, Data_Store&) const
/*
* Subject_Key_ID Constructor
*/
-Subject_Key_ID::Subject_Key_ID(const MemoryRegion<byte>& pub_key)
+Subject_Key_ID::Subject_Key_ID(const std::vector<byte>& pub_key)
{
SHA_160 hash;
- key_id = hash.process(pub_key);
+ key_id = unlock(hash.process(pub_key));
}
/*
* Encode the extension
*/
-MemoryVector<byte> Authority_Key_ID::encode_inner() const
+std::vector<byte> Authority_Key_ID::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(key_id, OCTET_STRING, ASN1_Tag(0), CONTEXT_SPECIFIC)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Authority_Key_ID::decode_inner(const MemoryRegion<byte>& in)
+void Authority_Key_ID::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -338,15 +338,15 @@ void Authority_Key_ID::contents_to(Data_Store&, Data_Store& issuer) const
/*
* Encode the extension
*/
-MemoryVector<byte> Alternative_Name::encode_inner() const
+std::vector<byte> Alternative_Name::encode_inner() const
{
- return DER_Encoder().encode(alt_name).get_contents();
+ return DER_Encoder().encode(alt_name).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Alternative_Name::decode_inner(const MemoryRegion<byte>& in)
+void Alternative_Name::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(alt_name);
}
@@ -404,19 +404,19 @@ Issuer_Alternative_Name::Issuer_Alternative_Name(const AlternativeName& name) :
/*
* Encode the extension
*/
-MemoryVector<byte> Extended_Key_Usage::encode_inner() const
+std::vector<byte> Extended_Key_Usage::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode_list(oids)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Extended_Key_Usage::decode_inner(const MemoryRegion<byte>& in)
+void Extended_Key_Usage::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
@@ -467,7 +467,7 @@ class Policy_Information : public ASN1_Object
/*
* Encode the extension
*/
-MemoryVector<byte> Certificate_Policies::encode_inner() const
+std::vector<byte> Certificate_Policies::encode_inner() const
{
std::vector<Policy_Information> policies;
@@ -478,13 +478,13 @@ MemoryVector<byte> Certificate_Policies::encode_inner() const
.start_cons(SEQUENCE)
.encode_list(policies)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void Certificate_Policies::decode_inner(const MemoryRegion<byte>& in)
+void Certificate_Policies::decode_inner(const std::vector<byte>& in)
{
std::vector<Policy_Information> policies;
@@ -530,15 +530,15 @@ CRL_Number* CRL_Number::copy() const
/*
* Encode the extension
*/
-MemoryVector<byte> CRL_Number::encode_inner() const
+std::vector<byte> CRL_Number::encode_inner() const
{
- return DER_Encoder().encode(crl_number).get_contents();
+ return DER_Encoder().encode(crl_number).get_contents_unlocked();
}
/*
* Decode the extension
*/
-void CRL_Number::decode_inner(const MemoryRegion<byte>& in)
+void CRL_Number::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in).decode(crl_number);
}
@@ -554,17 +554,17 @@ void CRL_Number::contents_to(Data_Store& info, Data_Store&) const
/*
* Encode the extension
*/
-MemoryVector<byte> CRL_ReasonCode::encode_inner() const
+std::vector<byte> CRL_ReasonCode::encode_inner() const
{
return DER_Encoder()
.encode(static_cast<size_t>(reason), ENUMERATED, UNIVERSAL)
- .get_contents();
+ .get_contents_unlocked();
}
/*
* Decode the extension
*/
-void CRL_ReasonCode::decode_inner(const MemoryRegion<byte>& in)
+void CRL_ReasonCode::decode_inner(const std::vector<byte>& in)
{
size_t reason_code = 0;
BER_Decoder(in).decode(reason_code, ENUMERATED, UNIVERSAL);
diff --git a/src/cert/x509cert/x509_ext.h b/src/cert/x509cert/x509_ext.h
index 8799c5921..ee0e66959 100644
--- a/src/cert/x509cert/x509_ext.h
+++ b/src/cert/x509cert/x509_ext.h
@@ -56,8 +56,8 @@ class BOTAN_DLL Certificate_Extension
protected:
friend class Extensions;
virtual bool should_encode() const { return true; }
- virtual MemoryVector<byte> encode_inner() const = 0;
- virtual void decode_inner(const MemoryRegion<byte>&) = 0;
+ virtual std::vector<byte> encode_inner() const = 0;
+ virtual void decode_inner(const std::vector<byte>&) = 0;
};
/**
@@ -107,8 +107,8 @@ class BOTAN_DLL Basic_Constraints : public Certificate_Extension
std::string config_id() const { return "basic_constraints"; }
std::string oid_name() const { return "X509v3.BasicConstraints"; }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
bool is_ca;
@@ -131,8 +131,8 @@ class BOTAN_DLL Key_Usage : public Certificate_Extension
std::string oid_name() const { return "X509v3.KeyUsage"; }
bool should_encode() const { return (constraints != NO_CONSTRAINTS); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
Key_Constraints constraints;
@@ -147,19 +147,19 @@ class BOTAN_DLL Subject_Key_ID : public Certificate_Extension
Subject_Key_ID* copy() const { return new Subject_Key_ID(key_id); }
Subject_Key_ID() {}
- Subject_Key_ID(const MemoryRegion<byte>&);
+ Subject_Key_ID(const std::vector<byte>&);
- MemoryVector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return key_id; }
private:
std::string config_id() const { return "subject_key_id"; }
std::string oid_name() const { return "X509v3.SubjectKeyIdentifier"; }
bool should_encode() const { return (key_id.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
- MemoryVector<byte> key_id;
+ std::vector<byte> key_id;
};
/**
@@ -171,19 +171,19 @@ class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
Authority_Key_ID* copy() const { return new Authority_Key_ID(key_id); }
Authority_Key_ID() {}
- Authority_Key_ID(const MemoryRegion<byte>& k) : key_id(k) {}
+ Authority_Key_ID(const std::vector<byte>& k) : key_id(k) {}
- MemoryVector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return key_id; }
private:
std::string config_id() const { return "authority_key_id"; }
std::string oid_name() const { return "X509v3.AuthorityKeyIdentifier"; }
bool should_encode() const { return (key_id.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
- MemoryVector<byte> key_id;
+ std::vector<byte> key_id;
};
/**
@@ -204,8 +204,8 @@ class BOTAN_DLL Alternative_Name : public Certificate_Extension
std::string oid_name() const { return oid_name_str; }
bool should_encode() const { return alt_name.has_items(); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::string config_name_str, oid_name_str;
@@ -253,8 +253,8 @@ class BOTAN_DLL Extended_Key_Usage : public Certificate_Extension
std::string oid_name() const { return "X509v3.ExtendedKeyUsage"; }
bool should_encode() const { return (oids.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
@@ -278,8 +278,8 @@ class BOTAN_DLL Certificate_Policies : public Certificate_Extension
std::string oid_name() const { return "X509v3.CertificatePolicies"; }
bool should_encode() const { return (oids.size() > 0); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
std::vector<OID> oids;
@@ -302,8 +302,8 @@ class BOTAN_DLL CRL_Number : public Certificate_Extension
std::string oid_name() const { return "X509v3.CRLNumber"; }
bool should_encode() const { return has_value; }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
bool has_value;
@@ -326,8 +326,8 @@ class BOTAN_DLL CRL_ReasonCode : public Certificate_Extension
std::string oid_name() const { return "X509v3.ReasonCode"; }
bool should_encode() const { return (reason != UNSPECIFIED); }
- MemoryVector<byte> encode_inner() const;
- void decode_inner(const MemoryRegion<byte>&);
+ std::vector<byte> encode_inner() const;
+ void decode_inner(const std::vector<byte>&);
void contents_to(Data_Store&, Data_Store&) const;
CRL_Code reason;
diff --git a/src/cert/x509cert/x509_obj.cpp b/src/cert/x509cert/x509_obj.cpp
index eff8e2543..5de4049ba 100644
--- a/src/cert/x509cert/x509_obj.cpp
+++ b/src/cert/x509cert/x509_obj.cpp
@@ -27,7 +27,7 @@ X509_Object::X509_Object(DataSource& stream, const std::string& labels)
}
/*
-* Createa a generic X.509 object
+* Create a generic X.509 object
*/
X509_Object::X509_Object(const std::string& file, const std::string& labels)
{
@@ -36,6 +36,15 @@ X509_Object::X509_Object(const std::string& file, const std::string& labels)
}
/*
+* Create a generic X.509 object
+*/
+X509_Object::X509_Object(const std::vector<byte>& vec, const std::string& labels)
+ {
+ DataSource_Memory stream(&vec[0], vec.size());
+ init(stream, labels);
+ }
+
+/*
* Read a PEM or BER X.509 object
*/
void X509_Object::init(DataSource& in, const std::string& labels)
@@ -97,7 +106,7 @@ void X509_Object::encode(Pipe& out, X509_Encoding encoding) const
/*
* Return a BER encoded X.509 object
*/
-MemoryVector<byte> X509_Object::BER_encode() const
+std::vector<byte> X509_Object::BER_encode() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -107,7 +116,7 @@ MemoryVector<byte> X509_Object::BER_encode() const
.encode(sig_algo)
.encode(sig, BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
@@ -121,7 +130,7 @@ std::string X509_Object::PEM_encode() const
/*
* Return the TBS data
*/
-MemoryVector<byte> X509_Object::tbs_data() const
+std::vector<byte> X509_Object::tbs_data() const
{
return ASN1::put_in_sequence(tbs_bits);
}
@@ -129,7 +138,7 @@ MemoryVector<byte> X509_Object::tbs_data() const
/*
* Return the signature of this object
*/
-MemoryVector<byte> X509_Object::signature() const
+std::vector<byte> X509_Object::signature() const
{
return sig;
}
@@ -201,10 +210,10 @@ bool X509_Object::check_signature(Public_Key& pub_key) const
/*
* Apply the X.509 SIGNED macro
*/
-MemoryVector<byte> X509_Object::make_signed(PK_Signer* signer,
+std::vector<byte> X509_Object::make_signed(PK_Signer* signer,
RandomNumberGenerator& rng,
const AlgorithmIdentifier& algo,
- const MemoryRegion<byte>& tbs_bits)
+ const secure_vector<byte>& tbs_bits)
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -212,7 +221,7 @@ MemoryVector<byte> X509_Object::make_signed(PK_Signer* signer,
.encode(algo)
.encode(signer->sign_message(tbs_bits, rng), BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
diff --git a/src/cert/x509cert/x509_obj.h b/src/cert/x509cert/x509_obj.h
index 570b00f51..26c9e22bf 100644
--- a/src/cert/x509cert/x509_obj.h
+++ b/src/cert/x509cert/x509_obj.h
@@ -27,12 +27,12 @@ class BOTAN_DLL X509_Object
* The underlying data that is to be or was signed
* @return data that is or was signed
*/
- MemoryVector<byte> tbs_data() const;
+ std::vector<byte> tbs_data() const;
/**
* @return signature on tbs_data()
*/
- MemoryVector<byte> signature() const;
+ std::vector<byte> signature() const;
/**
* @return signature algorithm that was used to generate signature
@@ -52,10 +52,10 @@ class BOTAN_DLL X509_Object
* @param tbs the tbs bits to be signed
* @return signed X509 object
*/
- static MemoryVector<byte> make_signed(class PK_Signer* signer,
- RandomNumberGenerator& rng,
- const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& tbs);
+ static std::vector<byte> make_signed(class PK_Signer* signer,
+ RandomNumberGenerator& rng,
+ const AlgorithmIdentifier& alg_id,
+ const secure_vector<byte>& tbs);
/**
* Check the signature on this data
@@ -75,7 +75,7 @@ class BOTAN_DLL X509_Object
/**
* @return BER encoding of this
*/
- MemoryVector<byte> BER_encode() const;
+ std::vector<byte> BER_encode() const;
/**
* @return PEM encoding of this
@@ -95,15 +95,17 @@ class BOTAN_DLL X509_Object
protected:
X509_Object(DataSource& src, const std::string& pem_labels);
X509_Object(const std::string& file, const std::string& pem_labels);
+ X509_Object(const std::vector<byte>& vec, const std::string& labels);
void do_decode();
X509_Object() {}
AlgorithmIdentifier sig_algo;
- MemoryVector<byte> tbs_bits, sig;
+ std::vector<byte> tbs_bits, sig;
private:
virtual void force_decode() = 0;
void init(DataSource&, const std::string&);
void decode_info(DataSource&);
+
std::vector<std::string> PEM_labels_allowed;
std::string PEM_label_pref;
};
diff --git a/src/cert/x509cert/x509cert.cpp b/src/cert/x509cert/x509cert.cpp
index 4cff28c39..8dc4b8b0c 100644
--- a/src/cert/x509cert/x509cert.cpp
+++ b/src/cert/x509cert/x509cert.cpp
@@ -58,6 +58,16 @@ X509_Certificate::X509_Certificate(const std::string& in) :
}
/*
+* X509_Certificate Constructor
+*/
+X509_Certificate::X509_Certificate(const std::vector<byte>& in) :
+ X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
+ {
+ self_signed = false;
+ do_decode();
+ }
+
+/*
* Decode the TBSCertificate data
*/
void X509_Certificate::force_decode()
@@ -97,7 +107,7 @@ void X509_Certificate::force_decode()
throw BER_Bad_Tag("X509_Certificate: Unexpected tag for public key",
public_key.type_tag, public_key.class_tag);
- MemoryVector<byte> v2_issuer_key_id, v2_subject_key_id;
+ std::vector<byte> v2_issuer_key_id, v2_subject_key_id;
tbs_cert.decode_optional_string(v2_issuer_key_id, BIT_STRING, 1);
tbs_cert.decode_optional_string(v2_subject_key_id, BIT_STRING, 2);
@@ -129,7 +139,7 @@ void X509_Certificate::force_decode()
subject.add("X509.Certificate.public_key",
PEM_Code::encode(
- ASN1::put_in_sequence(public_key.value),
+ ASN1::put_in_sequence(unlock(public_key.value)),
"PUBLIC KEY"
)
);
@@ -243,7 +253,7 @@ std::vector<std::string> X509_Certificate::policies() const
/*
* Return the authority key id
*/
-MemoryVector<byte> X509_Certificate::authority_key_id() const
+std::vector<byte> X509_Certificate::authority_key_id() const
{
return issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
@@ -251,7 +261,7 @@ MemoryVector<byte> X509_Certificate::authority_key_id() const
/*
* Return the subject key id
*/
-MemoryVector<byte> X509_Certificate::subject_key_id() const
+std::vector<byte> X509_Certificate::subject_key_id() const
{
return subject.get1_memvec("X509v3.SubjectKeyIdentifier");
}
@@ -259,7 +269,7 @@ MemoryVector<byte> X509_Certificate::subject_key_id() const
/*
* Return the certificate serial number
*/
-MemoryVector<byte> X509_Certificate::serial_number() const
+std::vector<byte> X509_Certificate::serial_number() const
{
return subject.get1_memvec("X509.Certificate.serial");
}
diff --git a/src/cert/x509cert/x509cert.h b/src/cert/x509cert/x509cert.h
index 26c57e524..87a8069d6 100644
--- a/src/cert/x509cert/x509cert.h
+++ b/src/cert/x509cert/x509cert.h
@@ -85,19 +85,19 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* Get the serial number of this certificate.
* @return certificates serial number
*/
- MemoryVector<byte> serial_number() const;
+ std::vector<byte> serial_number() const;
/**
* Get the DER encoded AuthorityKeyIdentifier of this certificate.
* @return DER encoded AuthorityKeyIdentifier
*/
- MemoryVector<byte> authority_key_id() const;
+ std::vector<byte> authority_key_id() const;
/**
* Get the DER encoded SubjectKeyIdentifier of this certificate.
* @return DER encoded SubjectKeyIdentifier
*/
- MemoryVector<byte> subject_key_id() const;
+ std::vector<byte> subject_key_id() const;
/**
* Check whether this certificate is self signed.
@@ -176,6 +176,9 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* @param filename the name of the certificate file
*/
X509_Certificate(const std::string& filename);
+
+ X509_Certificate(const std::vector<byte>& in);
+
private:
void force_decode();
friend class X509_CA;
diff --git a/src/cert/x509crl/crl_ent.h b/src/cert/x509crl/crl_ent.h
index b3e696a86..f80fbb862 100644
--- a/src/cert/x509crl/crl_ent.h
+++ b/src/cert/x509crl/crl_ent.h
@@ -25,7 +25,7 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
* Get the serial number of the certificate associated with this entry.
* @return certificate's serial number
*/
- MemoryVector<byte> serial_number() const { return serial; }
+ std::vector<byte> serial_number() const { return serial; }
/**
* Get the revocation date of the certificate associated with this entry
@@ -54,7 +54,7 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
private:
bool throw_on_unknown_critical;
- MemoryVector<byte> serial;
+ std::vector<byte> serial;
X509_Time time;
CRL_Code reason;
};
diff --git a/src/cert/x509crl/x509_crl.cpp b/src/cert/x509crl/x509_crl.cpp
index 72da81fce..7b0d03453 100644
--- a/src/cert/x509crl/x509_crl.cpp
+++ b/src/cert/x509crl/x509_crl.cpp
@@ -32,6 +32,12 @@ X509_CRL::X509_CRL(const std::string& in, bool touc) :
do_decode();
}
+X509_CRL::X509_CRL(const std::vector<byte>& in, bool touc) :
+ X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
+ {
+ do_decode();
+ }
+
/*
* Decode the TBSCertList data
*/
@@ -115,7 +121,7 @@ X509_DN X509_CRL::issuer_dn() const
/*
* Return the key identifier of the issuer
*/
-MemoryVector<byte> X509_CRL::authority_key_id() const
+std::vector<byte> X509_CRL::authority_key_id() const
{
return info.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
diff --git a/src/cert/x509crl/x509_crl.h b/src/cert/x509crl/x509_crl.h
index c2b3c4f5c..37076169e 100644
--- a/src/cert/x509crl/x509_crl.h
+++ b/src/cert/x509crl/x509_crl.h
@@ -45,7 +45,7 @@ class BOTAN_DLL X509_CRL : public X509_Object
* Get the AuthorityKeyIdentifier of this CRL.
* @return this CRLs AuthorityKeyIdentifier
*/
- MemoryVector<byte> authority_key_id() const;
+ std::vector<byte> authority_key_id() const;
/**
* Get the serial number of this CRL.
@@ -81,6 +81,16 @@ class BOTAN_DLL X509_CRL : public X509_Object
*/
X509_CRL(const std::string& filename,
bool throw_on_unknown_critical = false);
+
+ /**
+ * Construct a CRL from a binary vector
+ * @param vec the binary (DER) representation of the CRL
+ * @param throw_on_unknown_critical should we throw an exception
+ * if an unknown CRL extension marked as critical is encountered.
+ */
+ X509_CRL(const std::vector<byte>& vec,
+ bool throw_on_unknown_critical = false);
+
private:
void force_decode();
diff --git a/src/cert/x509self/x509self.cpp b/src/cert/x509self/x509self.cpp
index c100ee825..c13772382 100644
--- a/src/cert/x509self/x509self.cpp
+++ b/src/cert/x509self/x509self.cpp
@@ -53,7 +53,7 @@ X509_Certificate create_self_signed_cert(const X509_Cert_Options& opts,
opts.sanity_check();
- MemoryVector<byte> pub_key = X509::BER_encode(key);
+ std::vector<byte> pub_key = X509::BER_encode(key);
std::unique_ptr<PK_Signer> signer(choose_sig_format(key, hash_fn, sig_algo));
load_info(opts, subject_dn, subject_alt);
@@ -99,7 +99,7 @@ PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
opts.sanity_check();
- MemoryVector<byte> pub_key = X509::BER_encode(key);
+ std::vector<byte> pub_key = X509::BER_encode(key);
std::unique_ptr<PK_Signer> signer(choose_sig_format(key, hash_fn, sig_algo));
load_info(opts, subject_dn, subject_alt);
@@ -134,7 +134,7 @@ PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
tbs_req.encode(
Attribute("PKCS9.ChallengePassword",
- DER_Encoder().encode(challenge).get_contents()
+ DER_Encoder().encode(challenge).get_contents_unlocked()
)
);
}
@@ -145,20 +145,17 @@ PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
.start_cons(SEQUENCE)
.encode(extensions)
.end_cons()
- .get_contents()
+ .get_contents_unlocked()
)
)
.end_explicit()
.end_cons();
- DataSource_Memory source(
- X509_Object::make_signed(signer.get(),
- rng,
- sig_algo,
- tbs_req.get_contents())
- );
+ const std::vector<byte> req =
+ X509_Object::make_signed(signer.get(), rng, sig_algo,
+ tbs_req.get_contents());
- return PKCS10_Request(source);
+ return PKCS10_Request(req);
}
}
diff --git a/src/cert/x509store/x509stor.cpp b/src/cert/x509store/x509stor.cpp
index a635b3930..ccce9abce 100644
--- a/src/cert/x509store/x509stor.cpp
+++ b/src/cert/x509store/x509stor.cpp
@@ -36,8 +36,8 @@ s32bit validity_check(const X509_Time& start, const X509_Time& end,
/*
* Compare the value of unique ID fields
*/
-bool compare_ids(const MemoryVector<byte>& id1,
- const MemoryVector<byte>& id2)
+bool compare_ids(const std::vector<byte>& id1,
+ const std::vector<byte>& id2)
{
if(!id1.size() || !id2.size())
return true;
@@ -136,10 +136,10 @@ bool X509_Store::CRL_Data::operator<(const X509_Store::CRL_Data& other) const
if(*this == other)
return false;
- const MemoryVector<byte>& serial1 = serial;
- const MemoryVector<byte>& key_id1 = auth_key_id;
- const MemoryVector<byte>& serial2 = other.serial;
- const MemoryVector<byte>& key_id2 = other.auth_key_id;
+ const std::vector<byte>& serial1 = serial;
+ const std::vector<byte>& key_id1 = auth_key_id;
+ const std::vector<byte>& serial2 = other.serial;
+ const std::vector<byte>& key_id2 = other.auth_key_id;
if(compare_ids(key_id1, key_id2) == false)
{
@@ -252,7 +252,7 @@ X509_Code X509_Store::validate_cert(const X509_Certificate& cert,
* Find this certificate
*/
size_t X509_Store::find_cert(const X509_DN& subject_dn,
- const MemoryRegion<byte>& subject_key_id) const
+ const std::vector<byte>& subject_key_id) const
{
for(size_t j = 0; j != certs.size(); ++j)
{
@@ -270,7 +270,7 @@ size_t X509_Store::find_cert(const X509_DN& subject_dn,
size_t X509_Store::find_parent_of(const X509_Certificate& cert)
{
const X509_DN issuer_dn = cert.issuer_dn();
- const MemoryVector<byte> auth_key_id = cert.authority_key_id();
+ const std::vector<byte> auth_key_id = cert.authority_key_id();
size_t index = find_cert(issuer_dn, auth_key_id);
diff --git a/src/cert/x509store/x509stor.h b/src/cert/x509store/x509stor.h
index 532db6190..3945f9fd3 100644
--- a/src/cert/x509store/x509stor.h
+++ b/src/cert/x509store/x509stor.h
@@ -87,7 +87,7 @@ class BOTAN_DLL X509_Store
{
public:
X509_DN issuer;
- MemoryVector<byte> serial, auth_key_id;
+ std::vector<byte> serial, auth_key_id;
bool operator==(const CRL_Data&) const;
bool operator!=(const CRL_Data&) const;
bool operator<(const CRL_Data&) const;
@@ -112,7 +112,7 @@ class BOTAN_DLL X509_Store
static X509_Code check_sig(const X509_Object&, Public_Key*);
- size_t find_cert(const X509_DN&, const MemoryRegion<byte>&) const;
+ size_t find_cert(const X509_DN&, const std::vector<byte>&) const;
X509_Code check_sig(const Cert_Info&, const Cert_Info&) const;
void recompute_revoked_info() const;
diff --git a/src/cms/cms_algo.cpp b/src/cms/cms_algo.cpp
index 3c245cc6f..6d768306b 100644
--- a/src/cms/cms_algo.cpp
+++ b/src/cms/cms_algo.cpp
@@ -23,10 +23,10 @@ namespace {
/*
* Wrap a key as specified in RFC 3217
*/
-SecureVector<byte> do_rfc3217_wrap(RandomNumberGenerator& rng,
+secure_vector<byte> do_rfc3217_wrap(RandomNumberGenerator& rng,
const std::string& cipher_name,
const SymmetricKey& kek,
- const SecureVector<byte>& input)
+ const secure_vector<byte>& input)
{
class Flip_Bytes : public Filter
{
@@ -44,9 +44,9 @@ SecureVector<byte> do_rfc3217_wrap(RandomNumberGenerator& rng,
buf.clear();
}
- Flip_Bytes(const SecureVector<byte>& prefix) : buf(prefix) {}
+ Flip_Bytes(const secure_vector<byte>& prefix) : buf(prefix) {}
private:
- SecureVector<byte> buf;
+ secure_vector<byte> buf;
};
Algorithm_Factory& af = global_state().algorithm_factory();
@@ -78,7 +78,7 @@ SecureVector<byte> do_rfc3217_wrap(RandomNumberGenerator& rng,
/*
* Wrap a CEK with a KEK
*/
-SecureVector<byte> CMS_Encoder::wrap_key(RandomNumberGenerator& rng,
+secure_vector<byte> CMS_Encoder::wrap_key(RandomNumberGenerator& rng,
const std::string& cipher,
const SymmetricKey& cek,
const SymmetricKey& kek)
@@ -98,7 +98,7 @@ SecureVector<byte> CMS_Encoder::wrap_key(RandomNumberGenerator& rng,
if(kek.length() != 16)
throw Encoding_Error("CMS: 128-bit KEKs must be used with " + cipher);
- SecureVector<byte> lcekpad;
+ secure_vector<byte> lcekpad;
lcekpad.push_back(static_cast<byte>(cek.length()));
lcekpad += cek.bits_of();
while(lcekpad.size() % 8)
@@ -113,7 +113,7 @@ SecureVector<byte> CMS_Encoder::wrap_key(RandomNumberGenerator& rng,
/*
* Encode the parameters for an encryption algo
*/
-SecureVector<byte> CMS_Encoder::encode_params(const std::string& cipher,
+secure_vector<byte> CMS_Encoder::encode_params(const std::string& cipher,
const SymmetricKey& key,
const InitializationVector& iv)
{
diff --git a/src/cms/cms_comp.cpp b/src/cms/cms_comp.cpp
index 3d9108e13..8ff46acea 100644
--- a/src/cms/cms_comp.cpp
+++ b/src/cms/cms_comp.cpp
@@ -37,13 +37,13 @@ void CMS_Encoder::compress(const std::string& algo)
Pipe pipe(compressor);
pipe.process_msg(data);
- SecureVector<byte> compressed = pipe.read_all();
+ secure_vector<byte> compressed = pipe.read_all();
DER_Encoder encoder;
encoder.start_cons(SEQUENCE).
encode(static_cast<size_t>(0)).
encode(AlgorithmIdentifier("Compression." + algo,
- MemoryVector<byte>())).
+ std::vector<byte>())).
raw_bytes(make_econtent(compressed, type)).
end_cons();
diff --git a/src/cms/cms_dalg.cpp b/src/cms/cms_dalg.cpp
index 9fb5a29f2..96bdd5be3 100644
--- a/src/cms/cms_dalg.cpp
+++ b/src/cms/cms_dalg.cpp
@@ -20,7 +20,7 @@ namespace {
/*
* Compute the hash of some content
*/
-SecureVector<byte> hash_of(const SecureVector<byte>& content,
+secure_vector<byte> hash_of(const secure_vector<byte>& content,
const AlgorithmIdentifier& hash_algo,
std::string& hash_name)
{
@@ -106,11 +106,11 @@ void read_orig_info(BER_Decoder& info, X509_Store& store)
/*
* Decode any Attributes, and check type
*/
-SecureVector<byte> decode_attributes(BER_Decoder& ber, const OID& type,
+secure_vector<byte> decode_attributes(BER_Decoder& ber, const OID& type,
bool& bad_attributes)
{
BER_Object obj = ber.get_next_object();
- SecureVector<byte> digest;
+ secure_vector<byte> digest;
bool got_digest = false;
bool got_content_type = false;
@@ -178,7 +178,7 @@ void CMS_Decoder::decode_layer()
{
size_t version;
AlgorithmIdentifier hash_algo;
- SecureVector<byte> digest;
+ secure_vector<byte> digest;
BER_Decoder hash_info = decoder.start_cons(SEQUENCE);
@@ -213,7 +213,7 @@ void CMS_Decoder::decode_layer()
while(signer_infos.more_items())
{
AlgorithmIdentifier sig_algo, hash_algo;
- SecureVector<byte> signature, digest;
+ secure_vector<byte> signature, digest;
size_t version;
BER_Decoder signer_info = BER::get_subsequence(signer_infos);
diff --git a/src/cms/cms_dec.h b/src/cms/cms_dec.h
index 8aa5c0edb..8c2057c2a 100644
--- a/src/cms/cms_dec.h
+++ b/src/cms/cms_dec.h
@@ -52,7 +52,7 @@ class BOTAN_DLL CMS_Decoder
std::vector<Private_Key*> keys;
OID type, next_type;
- SecureVector<byte> data;
+ secure_vector<byte> data;
Status status;
std::string info;
};
diff --git a/src/cms/cms_ealg.cpp b/src/cms/cms_ealg.cpp
index 2acffa5f7..4c3fd98fc 100644
--- a/src/cms/cms_ealg.cpp
+++ b/src/cms/cms_ealg.cpp
@@ -53,7 +53,7 @@ DER_Encoder& encode_si(DER_Encoder& der, const X509_Certificate& cert,
/*
* Compute the hash of some content
*/
-SecureVector<byte> hash_of(const SecureVector<byte>& content,
+secure_vector<byte> hash_of(const secure_vector<byte>& content,
const std::string& hash_name)
{
Algorithm_Factory& af = global_state().algorithm_factory();
@@ -64,11 +64,11 @@ SecureVector<byte> hash_of(const SecureVector<byte>& content,
/*
* Encode Attributes containing info on content
*/
-SecureVector<byte> encode_attr(const SecureVector<byte>& data,
+secure_vector<byte> encode_attr(const secure_vector<byte>& data,
const std::string& type,
const std::string& hash)
{
- SecureVector<byte> digest = hash_of(data, hash);
+ secure_vector<byte> digest = hash_of(data, hash);
DER_Encoder encoder;
encoder.encode(OIDS::lookup(type));
@@ -198,7 +198,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator& rng,
const std::string cipher = choose_algo(user_cipher, "TripleDES");
SymmetricKey cek = setup_key(rng, cipher);
- SecureVector<byte> kek_id; // FIXME: ?
+ secure_vector<byte> kek_id; // FIXME: ?
DER_Encoder encoder;
@@ -244,7 +244,7 @@ void CMS_Encoder::encrypt(RandomNumberGenerator&,
/*
* Encrypt the content with the chosen key/cipher
*/
-SecureVector<byte> CMS_Encoder::do_encrypt(RandomNumberGenerator& rng,
+secure_vector<byte> CMS_Encoder::do_encrypt(RandomNumberGenerator& rng,
const SymmetricKey& key,
const std::string& cipher_name)
{
@@ -297,9 +297,9 @@ void CMS_Encoder::sign(const X509_Certificate& cert,
AlgorithmIdentifier sig_algo(OIDS::lookup(key.algo_name() + "/" + padding),
AlgorithmIdentifier::USE_NULL_PARAM);
- SecureVector<byte> signed_attr = encode_attr(data, type, hash);
+ secure_vector<byte> signed_attr = encode_attr(data, type, hash);
signer.update(signed_attr);
- SecureVector<byte> signature = signer.signature(rng);
+ secure_vector<byte> signature = signer.signature(rng);
signed_attr[0] = 0xA0;
const size_t SI_VERSION = cert.subject_key_id().size() ? 3 : 1;
diff --git a/src/cms/cms_enc.cpp b/src/cms/cms_enc.cpp
index 1a45a6a46..58d7cabb6 100644
--- a/src/cms/cms_enc.cpp
+++ b/src/cms/cms_enc.cpp
@@ -36,7 +36,7 @@ void CMS_Encoder::set_data(const std::string& str)
/*
* Finalize and return the CMS encoded data
*/
-SecureVector<byte> CMS_Encoder::get_contents()
+secure_vector<byte> CMS_Encoder::get_contents()
{
DER_Encoder encoder;
@@ -72,7 +72,7 @@ std::string CMS_Encoder::PEM_contents()
/*
* Make an EncapsulatedContentInfo
*/
-SecureVector<byte> CMS_Encoder::make_econtent(const SecureVector<byte>& data,
+secure_vector<byte> CMS_Encoder::make_econtent(const secure_vector<byte>& data,
const std::string& type)
{
return DER_Encoder().start_cons(SEQUENCE).
diff --git a/src/cms/cms_enc.h b/src/cms/cms_enc.h
index 5dca838dd..c86dbe58e 100644
--- a/src/cms/cms_enc.h
+++ b/src/cms/cms_enc.h
@@ -47,7 +47,7 @@ class BOTAN_DLL CMS_Encoder
void compress(const std::string&);
static bool can_compress_with(const std::string&);
- SecureVector<byte> get_contents();
+ secure_vector<byte> get_contents();
std::string PEM_contents();
void set_data(const std::string&);
@@ -65,25 +65,25 @@ class BOTAN_DLL CMS_Encoder
const X509_Certificate&, Public_Key*,
const std::string&);
- SecureVector<byte> do_encrypt(RandomNumberGenerator& rng,
+ secure_vector<byte> do_encrypt(RandomNumberGenerator& rng,
const SymmetricKey&, const std::string&);
- static SecureVector<byte> make_econtent(const SecureVector<byte>&,
+ static secure_vector<byte> make_econtent(const secure_vector<byte>&,
const std::string&);
static SymmetricKey setup_key(RandomNumberGenerator& rng,
const std::string&);
- static SecureVector<byte> wrap_key(RandomNumberGenerator& rng,
+ static secure_vector<byte> wrap_key(RandomNumberGenerator& rng,
const std::string&,
const SymmetricKey&,
const SymmetricKey&);
- static SecureVector<byte> encode_params(const std::string&,
+ static secure_vector<byte> encode_params(const std::string&,
const SymmetricKey&,
const InitializationVector&);
- SecureVector<byte> data;
+ secure_vector<byte> data;
std::string type;
};
diff --git a/src/codec/base64/base64.cpp b/src/codec/base64/base64.cpp
index 6a53a7a9a..719a3e8fa 100644
--- a/src/codec/base64/base64.cpp
+++ b/src/codec/base64/base64.cpp
@@ -92,11 +92,6 @@ std::string base64_encode(const byte input[],
return output;
}
-std::string base64_encode(const MemoryRegion<byte>& input)
- {
- return base64_encode(&input[0], input.size());
- }
-
size_t base64_decode(byte output[],
const char input[],
size_t input_length,
@@ -226,11 +221,11 @@ size_t base64_decode(byte output[],
return base64_decode(output, &input[0], input.length(), ignore_ws);
}
-SecureVector<byte> base64_decode(const char input[],
+secure_vector<byte> base64_decode(const char input[],
size_t input_length,
bool ignore_ws)
{
- SecureVector<byte> bin((round_up<size_t>(input_length, 4) * 3) / 4);
+ secure_vector<byte> bin((round_up<size_t>(input_length, 4) * 3) / 4);
size_t written = base64_decode(&bin[0],
input,
@@ -241,7 +236,7 @@ SecureVector<byte> base64_decode(const char input[],
return bin;
}
-SecureVector<byte> base64_decode(const std::string& input,
+secure_vector<byte> base64_decode(const std::string& input,
bool ignore_ws)
{
return base64_decode(&input[0], input.size(), ignore_ws);
diff --git a/src/codec/base64/base64.h b/src/codec/base64/base64.h
index 23a2558bd..9ea4143b7 100644
--- a/src/codec/base64/base64.h
+++ b/src/codec/base64/base64.h
@@ -46,7 +46,11 @@ std::string BOTAN_DLL base64_encode(const byte input[],
* @param input some input
* @return base64adecimal representation of input
*/
-std::string BOTAN_DLL base64_encode(const MemoryRegion<byte>& input);
+template<typename Alloc>
+std::string base64_encode(const std::vector<byte, Alloc>& input)
+ {
+ return base64_encode(&input[0], input.size());
+ }
/**
* Perform base64 decoding
@@ -104,7 +108,7 @@ size_t BOTAN_DLL base64_decode(byte output[],
exception if whitespace is encountered
* @return decoded base64 output
*/
-SecureVector<byte> BOTAN_DLL base64_decode(const char input[],
+secure_vector<byte> BOTAN_DLL base64_decode(const char input[],
size_t input_length,
bool ignore_ws = true);
@@ -115,7 +119,7 @@ SecureVector<byte> BOTAN_DLL base64_decode(const char input[],
exception if whitespace is encountered
* @return decoded base64 output
*/
-SecureVector<byte> BOTAN_DLL base64_decode(const std::string& input,
+secure_vector<byte> BOTAN_DLL base64_decode(const std::string& input,
bool ignore_ws = true);
}
diff --git a/src/codec/hex/hex.cpp b/src/codec/hex/hex.cpp
index 41ba1298d..1fd32e2ed 100644
--- a/src/codec/hex/hex.cpp
+++ b/src/codec/hex/hex.cpp
@@ -34,12 +34,6 @@ void hex_encode(char output[],
}
}
-std::string hex_encode(const MemoryRegion<byte>& input,
- bool uppercase)
- {
- return hex_encode(&input[0], input.size(), uppercase);
- }
-
std::string hex_encode(const byte input[],
size_t input_length,
bool uppercase)
@@ -165,11 +159,11 @@ size_t hex_decode(byte output[],
return hex_decode(output, &input[0], input.length(), ignore_ws);
}
-SecureVector<byte> hex_decode(const char input[],
+secure_vector<byte> hex_decode(const char input[],
size_t input_length,
bool ignore_ws)
{
- SecureVector<byte> bin(1 + input_length / 2);
+ secure_vector<byte> bin(1 + input_length / 2);
size_t written = hex_decode(&bin[0],
input,
@@ -180,7 +174,7 @@ SecureVector<byte> hex_decode(const char input[],
return bin;
}
-SecureVector<byte> hex_decode(const std::string& input,
+secure_vector<byte> hex_decode(const std::string& input,
bool ignore_ws)
{
return hex_decode(&input[0], input.size(), ignore_ws);
diff --git a/src/codec/hex/hex.h b/src/codec/hex/hex.h
index 40930e808..bdb5e5365 100644
--- a/src/codec/hex/hex.h
+++ b/src/codec/hex/hex.h
@@ -42,8 +42,12 @@ std::string BOTAN_DLL hex_encode(const byte input[],
* @param uppercase should output be upper or lower case?
* @return hexadecimal representation of input
*/
-std::string BOTAN_DLL hex_encode(const MemoryRegion<byte>& input,
- bool uppercase = true);
+template<typename Alloc>
+std::string hex_encode(const std::vector<byte, Alloc>& input,
+ bool uppercase = true)
+ {
+ return hex_encode(&input[0], input.size(), uppercase);
+ }
/**
* Perform hex decoding
@@ -98,7 +102,7 @@ size_t BOTAN_DLL hex_decode(byte output[],
exception if whitespace is encountered
* @return decoded hex output
*/
-SecureVector<byte> BOTAN_DLL hex_decode(const char input[],
+secure_vector<byte> BOTAN_DLL hex_decode(const char input[],
size_t input_length,
bool ignore_ws = true);
@@ -109,8 +113,8 @@ SecureVector<byte> BOTAN_DLL hex_decode(const char input[],
exception if whitespace is encountered
* @return decoded hex output
*/
-SecureVector<byte> BOTAN_DLL hex_decode(const std::string& input,
- bool ignore_ws = true);
+secure_vector<byte> BOTAN_DLL hex_decode(const std::string& input,
+ bool ignore_ws = true);
}
diff --git a/src/codec/openpgp/openpgp.cpp b/src/codec/openpgp/openpgp.cpp
index ab9673689..fe6ac6edf 100644
--- a/src/codec/openpgp/openpgp.cpp
+++ b/src/codec/openpgp/openpgp.cpp
@@ -67,7 +67,7 @@ std::string PGP_encode(const byte input[], size_t length,
/*
* OpenPGP Base64 decoding
*/
-SecureVector<byte> PGP_decode(DataSource& source,
+secure_vector<byte> PGP_decode(DataSource& source,
std::string& label,
std::map<std::string, std::string>& headers)
{
@@ -186,7 +186,7 @@ SecureVector<byte> PGP_decode(DataSource& source,
/*
* OpenPGP Base64 decoding
*/
-SecureVector<byte> PGP_decode(DataSource& source, std::string& label)
+secure_vector<byte> PGP_decode(DataSource& source, std::string& label)
{
std::map<std::string, std::string> ignored;
return PGP_decode(source, label, ignored);
diff --git a/src/codec/openpgp/openpgp.h b/src/codec/openpgp/openpgp.h
index 0cd77d53a..de56155f2 100644
--- a/src/codec/openpgp/openpgp.h
+++ b/src/codec/openpgp/openpgp.h
@@ -42,7 +42,7 @@ BOTAN_DLL std::string PGP_encode(
* @param headers is set to any headers
* @return decoded output as raw binary
*/
-BOTAN_DLL SecureVector<byte> PGP_decode(
+BOTAN_DLL secure_vector<byte> PGP_decode(
DataSource& source,
std::string& label,
std::map<std::string, std::string>& headers);
@@ -52,7 +52,7 @@ BOTAN_DLL SecureVector<byte> PGP_decode(
* @param label is set to the human-readable label
* @return decoded output as raw binary
*/
-BOTAN_DLL SecureVector<byte> PGP_decode(
+BOTAN_DLL secure_vector<byte> PGP_decode(
DataSource& source,
std::string& label);
diff --git a/src/codec/pem/pem.cpp b/src/codec/pem/pem.cpp
index 52a22d8ef..03ec33440 100644
--- a/src/codec/pem/pem.cpp
+++ b/src/codec/pem/pem.cpp
@@ -28,22 +28,13 @@ std::string encode(const byte der[], size_t length, const std::string& label,
}
/*
-* PEM encode BER/DER-encoded objects
-*/
-std::string encode(const MemoryRegion<byte>& data, const std::string& label,
- size_t width)
- {
- return encode(&data[0], data.size(), label, width);
- }
-
-/*
* Decode PEM down to raw BER/DER
*/
-SecureVector<byte> decode_check_label(DataSource& source,
+secure_vector<byte> decode_check_label(DataSource& source,
const std::string& label_want)
{
std::string label_got;
- SecureVector<byte> ber = decode(source, label_got);
+ secure_vector<byte> ber = decode(source, label_got);
if(label_got != label_want)
throw Decoding_Error("PEM: Label mismatch, wanted " + label_want +
", got " + label_got);
@@ -53,7 +44,7 @@ SecureVector<byte> decode_check_label(DataSource& source,
/*
* Decode PEM down to raw BER/DER
*/
-SecureVector<byte> decode(DataSource& source, std::string& label)
+secure_vector<byte> decode(DataSource& source, std::string& label)
{
const size_t RANDOM_CHAR_LIMIT = 8;
@@ -110,14 +101,14 @@ SecureVector<byte> decode(DataSource& source, std::string& label)
return base64.read_all();
}
-SecureVector<byte> decode_check_label(const std::string& pem,
+secure_vector<byte> decode_check_label(const std::string& pem,
const std::string& label_want)
{
DataSource_Memory src(pem);
return decode_check_label(src, label_want);
}
-SecureVector<byte> decode(const std::string& pem, std::string& label)
+secure_vector<byte> decode(const std::string& pem, std::string& label)
{
DataSource_Memory src(pem);
return decode(src, label);
@@ -131,7 +122,7 @@ bool matches(DataSource& source, const std::string& extra,
{
const std::string PEM_HEADER = "-----BEGIN " + extra;
- SecureVector<byte> search_buf(search_range);
+ secure_vector<byte> search_buf(search_range);
size_t got = source.peek(&search_buf[0], search_buf.size(), 0);
if(got < PEM_HEADER.length())
diff --git a/src/codec/pem/pem.h b/src/codec/pem/pem.h
index 10267f029..6c33c642d 100644
--- a/src/codec/pem/pem.h
+++ b/src/codec/pem/pem.h
@@ -17,37 +17,50 @@ namespace PEM_Code {
/**
* Encode some binary data in PEM format
*/
-BOTAN_DLL std::string encode(const byte der[],
- size_t der_len,
+BOTAN_DLL std::string encode(const byte data[],
+ size_t data_len,
const std::string& label,
size_t line_width = 64);
/**
* Encode some binary data in PEM format
*/
-BOTAN_DLL std::string encode(const MemoryRegion<byte>& der,
- const std::string& label,
- size_t line_width = 64);
+inline std::string encode(const std::vector<byte>& data,
+ const std::string& label,
+ size_t line_width = 64)
+ {
+ return encode(&data[0], data.size(), label, line_width);
+ }
+
+/**
+* Encode some binary data in PEM format
+*/
+inline std::string encode(const secure_vector<byte>& data,
+ const std::string& label,
+ size_t line_width = 64)
+ {
+ return encode(&data[0], data.size(), label, line_width);
+ }
/**
* Decode PEM data
* @param label is set to the PEM label found for later inspection
*/
-BOTAN_DLL SecureVector<byte> decode(DataSource& pem,
+BOTAN_DLL secure_vector<byte> decode(DataSource& pem,
std::string& label);
/**
* Decode PEM data
* @param label is set to the PEM label found for later inspection
*/
-BOTAN_DLL SecureVector<byte> decode(const std::string& pem,
+BOTAN_DLL secure_vector<byte> decode(const std::string& pem,
std::string& label);
/**
* Decode PEM data
* @param label is what we expect the label to be
*/
-BOTAN_DLL SecureVector<byte> decode_check_label(
+BOTAN_DLL secure_vector<byte> decode_check_label(
DataSource& pem,
const std::string& label);
@@ -55,7 +68,7 @@ BOTAN_DLL SecureVector<byte> decode_check_label(
* Decode PEM data
* @param label is what we expect the label to be
*/
-BOTAN_DLL SecureVector<byte> decode_check_label(
+BOTAN_DLL secure_vector<byte> decode_check_label(
const std::string& pem,
const std::string& label);
diff --git a/src/constructs/aont/package.cpp b/src/constructs/aont/package.cpp
index 4d46f6b61..1adee90e8 100644
--- a/src/constructs/aont/package.cpp
+++ b/src/constructs/aont/package.cpp
@@ -37,7 +37,7 @@ void aont_package(RandomNumberGenerator& rng,
// Set K0 (the all zero key)
cipher->set_key(SymmetricKey(all_zeros));
- SecureVector<byte> buf(BLOCK_SIZE);
+ secure_vector<byte> buf(BLOCK_SIZE);
const size_t blocks =
(input_len + BLOCK_SIZE - 1) / BLOCK_SIZE;
@@ -57,13 +57,13 @@ void aont_package(RandomNumberGenerator& rng,
for(size_t j = 0; j != sizeof(i); ++j)
buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
- cipher->encrypt(buf);
+ cipher->encrypt(&buf[0]);
- xor_buf(final_block, buf, BLOCK_SIZE);
+ xor_buf(&final_block[0], &buf[0], BLOCK_SIZE);
}
// XOR the random package key into the final block
- xor_buf(final_block, package_key.begin(), BLOCK_SIZE);
+ xor_buf(&final_block[0], package_key.begin(), BLOCK_SIZE);
}
void aont_unpackage(BlockCipher* cipher,
@@ -83,8 +83,8 @@ void aont_unpackage(BlockCipher* cipher,
cipher->set_key(SymmetricKey(all_zeros));
- SecureVector<byte> package_key(BLOCK_SIZE);
- SecureVector<byte> buf(BLOCK_SIZE);
+ secure_vector<byte> package_key(BLOCK_SIZE);
+ secure_vector<byte> buf(BLOCK_SIZE);
// Copy the package key (masked with the block hashes)
copy_mem(&package_key[0],
@@ -105,9 +105,9 @@ void aont_unpackage(BlockCipher* cipher,
for(size_t j = 0; j != sizeof(i); ++j)
buf[BLOCK_SIZE - 1 - j] ^= get_byte(sizeof(i)-1-j, i);
- cipher->encrypt(buf);
+ cipher->encrypt(&buf[0]);
- xor_buf(&package_key[0], buf, BLOCK_SIZE);
+ xor_buf(&package_key[0], &buf[0], BLOCK_SIZE);
}
Pipe pipe(new StreamCipher_Filter(new CTR_BE(cipher), package_key));
diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp
index ab263c3e9..bb7bf353c 100644
--- a/src/constructs/cryptobox/cryptobox.cpp
+++ b/src/constructs/cryptobox/cryptobox.cpp
@@ -44,7 +44,7 @@ std::string encrypt(const byte input[], size_t input_len,
const std::string& passphrase,
RandomNumberGenerator& rng)
{
- SecureVector<byte> pbkdf_salt(PBKDF_SALT_LEN);
+ secure_vector<byte> pbkdf_salt(PBKDF_SALT_LEN);
rng.randomize(&pbkdf_salt[0], pbkdf_salt.size());
PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
@@ -79,10 +79,10 @@ std::string encrypt(const byte input[], size_t input_len,
*/
const size_t ciphertext_len = pipe.remaining(0);
- SecureVector<byte> out_buf(VERSION_CODE_LEN +
- PBKDF_SALT_LEN +
- MAC_OUTPUT_LEN +
- ciphertext_len);
+ std::vector<byte> out_buf(VERSION_CODE_LEN +
+ PBKDF_SALT_LEN +
+ MAC_OUTPUT_LEN +
+ ciphertext_len);
for(size_t i = 0; i != VERSION_CODE_LEN; ++i)
out_buf[i] = get_byte(i, CRYPTOBOX_VERSION_CODE);
@@ -100,7 +100,7 @@ std::string decrypt(const byte input[], size_t input_len,
const std::string& passphrase)
{
DataSource_Memory input_src(input, input_len);
- SecureVector<byte> ciphertext =
+ secure_vector<byte> ciphertext =
PEM_Code::decode_check_label(input_src,
"BOTAN CRYPTOBOX MESSAGE");
diff --git a/src/constructs/fpe_fe1/fpe_fe1.cpp b/src/constructs/fpe_fe1/fpe_fe1.cpp
index 91d328c17..b22d3a8df 100644
--- a/src/constructs/fpe_fe1/fpe_fe1.cpp
+++ b/src/constructs/fpe_fe1/fpe_fe1.cpp
@@ -84,7 +84,7 @@ class FPE_Encryptor
public:
FPE_Encryptor(const SymmetricKey& key,
const BigInt& n,
- const MemoryRegion<byte>& tweak);
+ const std::vector<byte>& tweak);
~FPE_Encryptor() { delete mac; }
@@ -92,17 +92,17 @@ class FPE_Encryptor
private:
MessageAuthenticationCode* mac;
- SecureVector<byte> mac_n_t;
+ std::vector<byte> mac_n_t;
};
FPE_Encryptor::FPE_Encryptor(const SymmetricKey& key,
const BigInt& n,
- const MemoryRegion<byte>& tweak)
+ const std::vector<byte>& tweak)
{
mac = new HMAC(new SHA_256);
mac->set_key(key);
- SecureVector<byte> n_bin = BigInt::encode(n);
+ std::vector<byte> n_bin = BigInt::encode(n);
if(n_bin.size() > MAX_N_BYTES)
throw std::runtime_error("N is too large for FPE encryption");
@@ -113,12 +113,12 @@ FPE_Encryptor::FPE_Encryptor(const SymmetricKey& key,
mac->update_be(static_cast<u32bit>(tweak.size()));
mac->update(&tweak[0], tweak.size());
- mac_n_t = mac->final();
+ mac_n_t = unlock(mac->final());
}
BigInt FPE_Encryptor::operator()(size_t round_no, const BigInt& R)
{
- SecureVector<byte> r_bin = BigInt::encode(R);
+ secure_vector<byte> r_bin = BigInt::encode_locked(R);
mac->update(mac_n_t);
mac->update_be(static_cast<u32bit>(round_no));
@@ -126,7 +126,7 @@ BigInt FPE_Encryptor::operator()(size_t round_no, const BigInt& R)
mac->update_be(static_cast<u32bit>(r_bin.size()));
mac->update(&r_bin[0], r_bin.size());
- SecureVector<byte> X = mac->final();
+ secure_vector<byte> X = mac->final();
return BigInt(&X[0], X.size());
}
@@ -137,7 +137,7 @@ BigInt FPE_Encryptor::operator()(size_t round_no, const BigInt& R)
*/
BigInt fe1_encrypt(const BigInt& n, const BigInt& X0,
const SymmetricKey& key,
- const MemoryRegion<byte>& tweak)
+ const std::vector<byte>& tweak)
{
FPE_Encryptor F(key, n, tweak);
@@ -165,7 +165,7 @@ BigInt fe1_encrypt(const BigInt& n, const BigInt& X0,
*/
BigInt fe1_decrypt(const BigInt& n, const BigInt& X0,
const SymmetricKey& key,
- const MemoryRegion<byte>& tweak)
+ const std::vector<byte>& tweak)
{
FPE_Encryptor F(key, n, tweak);
diff --git a/src/constructs/fpe_fe1/fpe_fe1.h b/src/constructs/fpe_fe1/fpe_fe1.h
index da9a6bcb6..66e7f1cfa 100644
--- a/src/constructs/fpe_fe1/fpe_fe1.h
+++ b/src/constructs/fpe_fe1/fpe_fe1.h
@@ -24,7 +24,7 @@ namespace FPE {
*/
BigInt BOTAN_DLL fe1_encrypt(const BigInt& n, const BigInt& X,
const SymmetricKey& key,
- const MemoryRegion<byte>& tweak);
+ const std::vector<byte>& tweak);
/**
* Decrypt X from and onto the group Z_n using key and tweak
@@ -35,7 +35,7 @@ BigInt BOTAN_DLL fe1_encrypt(const BigInt& n, const BigInt& X,
*/
BigInt BOTAN_DLL fe1_decrypt(const BigInt& n, const BigInt& X,
const SymmetricKey& key,
- const MemoryRegion<byte>& tweak);
+ const std::vector<byte>& tweak);
}
diff --git a/src/constructs/rfc3394/rfc3394.cpp b/src/constructs/rfc3394/rfc3394.cpp
index db6420ff3..cfe95f40b 100644
--- a/src/constructs/rfc3394/rfc3394.cpp
+++ b/src/constructs/rfc3394/rfc3394.cpp
@@ -32,9 +32,9 @@ BlockCipher* make_aes(size_t keylength,
}
-SecureVector<byte> rfc3394_keywrap(const MemoryRegion<byte>& key,
- const SymmetricKey& kek,
- Algorithm_Factory& af)
+secure_vector<byte> rfc3394_keywrap(const secure_vector<byte>& key,
+ const SymmetricKey& kek,
+ Algorithm_Factory& af)
{
if(key.size() % 8 != 0)
throw std::invalid_argument("Bad input key size for NIST key wrap");
@@ -44,13 +44,13 @@ SecureVector<byte> rfc3394_keywrap(const MemoryRegion<byte>& key,
const size_t n = key.size() / 8;
- SecureVector<byte> R((n + 1) * 8);
- SecureVector<byte> A(16);
+ secure_vector<byte> R((n + 1) * 8);
+ secure_vector<byte> A(16);
for(size_t i = 0; i != 8; ++i)
A[i] = 0xA6;
- copy_mem(&R[8], key.begin(), key.size());
+ copy_mem(&R[8], &key[0], key.size());
for(size_t j = 0; j <= 5; ++j)
{
@@ -74,7 +74,7 @@ SecureVector<byte> rfc3394_keywrap(const MemoryRegion<byte>& key,
return R;
}
-SecureVector<byte> rfc3394_keyunwrap(const MemoryRegion<byte>& key,
+secure_vector<byte> rfc3394_keyunwrap(const secure_vector<byte>& key,
const SymmetricKey& kek,
Algorithm_Factory& af)
{
@@ -86,13 +86,13 @@ SecureVector<byte> rfc3394_keyunwrap(const MemoryRegion<byte>& key,
const size_t n = (key.size() - 8) / 8;
- SecureVector<byte> R(n * 8);
- SecureVector<byte> A(16);
+ secure_vector<byte> R(n * 8);
+ secure_vector<byte> A(16);
for(size_t i = 0; i != 8; ++i)
A[i] = key[i];
- copy_mem(&R[0], key.begin() + 8, key.size() - 8);
+ copy_mem(&R[0], &key[8], key.size() - 8);
for(size_t j = 0; j <= 5; ++j)
{
diff --git a/src/constructs/rfc3394/rfc3394.h b/src/constructs/rfc3394/rfc3394.h
index 645586ee2..febd5207e 100644
--- a/src/constructs/rfc3394/rfc3394.h
+++ b/src/constructs/rfc3394/rfc3394.h
@@ -23,7 +23,7 @@ class Algorithm_Factory;
* @param af an algorithm factory
* @return key encrypted under kek
*/
-SecureVector<byte> BOTAN_DLL rfc3394_keywrap(const MemoryRegion<byte>& key,
+secure_vector<byte> BOTAN_DLL rfc3394_keywrap(const secure_vector<byte>& key,
const SymmetricKey& kek,
Algorithm_Factory& af);
@@ -36,7 +36,7 @@ SecureVector<byte> BOTAN_DLL rfc3394_keywrap(const MemoryRegion<byte>& key,
* @param af an algorithm factory
* @return key decrypted under kek
*/
-SecureVector<byte> BOTAN_DLL rfc3394_keyunwrap(const MemoryRegion<byte>& key,
+secure_vector<byte> BOTAN_DLL rfc3394_keyunwrap(const secure_vector<byte>& key,
const SymmetricKey& kek,
Algorithm_Factory& af);
diff --git a/src/constructs/srp6/srp6.cpp b/src/constructs/srp6/srp6.cpp
index 0eccdc154..569454350 100644
--- a/src/constructs/srp6/srp6.cpp
+++ b/src/constructs/srp6/srp6.cpp
@@ -48,7 +48,7 @@ BigInt hash_seq(const std::string& hash_id,
BigInt compute_x(const std::string& hash_id,
const std::string& identifier,
const std::string& password,
- const MemoryRegion<byte>& salt)
+ const std::vector<byte>& salt)
{
std::unique_ptr<HashFunction> hash_fn(
global_state().algorithm_factory().make_hash_function(hash_id));
@@ -57,12 +57,12 @@ BigInt compute_x(const std::string& hash_id,
hash_fn->update(":");
hash_fn->update(password);
- SecureVector<byte> inner_h = hash_fn->final();
+ secure_vector<byte> inner_h = hash_fn->final();
hash_fn->update(salt);
hash_fn->update(inner_h);
- SecureVector<byte> outer_h = hash_fn->final();
+ secure_vector<byte> outer_h = hash_fn->final();
return BigInt::decode(outer_h);
}
@@ -97,7 +97,7 @@ srp6_client_agree(const std::string& identifier,
const std::string& password,
const std::string& group_id,
const std::string& hash_id,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
const BigInt& B,
RandomNumberGenerator& rng)
{
@@ -129,7 +129,7 @@ srp6_client_agree(const std::string& identifier,
BigInt generate_srp6_verifier(const std::string& identifier,
const std::string& password,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
const std::string& group_id,
const std::string& hash_id)
{
diff --git a/src/constructs/srp6/srp6.h b/src/constructs/srp6/srp6.h
index 4fd127c70..b34253d7a 100644
--- a/src/constructs/srp6/srp6.h
+++ b/src/constructs/srp6/srp6.h
@@ -33,7 +33,7 @@ BOTAN_DLL srp6_client_agree(const std::string& username,
const std::string& password,
const std::string& group_id,
const std::string& hash_id,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
const BigInt& B,
RandomNumberGenerator& rng);
@@ -45,7 +45,7 @@ BOTAN_DLL srp6_client_agree(const std::string& username,
*/
BigInt BOTAN_DLL generate_srp6_verifier(const std::string& identifier,
const std::string& password,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
const std::string& group_id,
const std::string& hash_id);
diff --git a/src/constructs/srp6/srp6_files.cpp b/src/constructs/srp6/srp6_files.cpp
index bc321745f..4df2986f3 100644
--- a/src/constructs/srp6/srp6_files.cpp
+++ b/src/constructs/srp6/srp6_files.cpp
@@ -31,7 +31,7 @@ SRP6_Authenticator_File::SRP6_Authenticator_File(const std::string& filename)
std::string username = parts[0];
BigInt v = BigInt::decode(base64_decode(parts[1]));
- MemoryVector<byte> salt = base64_decode(parts[2]);
+ std::vector<byte> salt = unlock(base64_decode(parts[2]));
BigInt group_id_idx = BigInt::decode(base64_decode(parts[3]));
std::string group_id;
@@ -51,7 +51,7 @@ SRP6_Authenticator_File::SRP6_Authenticator_File(const std::string& filename)
bool SRP6_Authenticator_File::lookup_user(const std::string& username,
BigInt& v,
- MemoryRegion<byte>& salt,
+ std::vector<byte>& salt,
std::string& group_id) const
{
std::map<std::string, SRP6_Data>::const_iterator i = entries.find(username);
diff --git a/src/constructs/srp6/srp6_files.h b/src/constructs/srp6/srp6_files.h
index 4e3293423..4e0d3ff02 100644
--- a/src/constructs/srp6/srp6_files.h
+++ b/src/constructs/srp6/srp6_files.h
@@ -28,7 +28,7 @@ class BOTAN_DLL SRP6_Authenticator_File
bool lookup_user(const std::string& username,
BigInt& v,
- MemoryRegion<byte>& salt,
+ std::vector<byte>& salt,
std::string& group_id) const;
private:
struct SRP6_Data
@@ -36,12 +36,12 @@ class BOTAN_DLL SRP6_Authenticator_File
SRP6_Data() {}
SRP6_Data(const BigInt& v,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
const std::string& group_id) :
v(v), salt(salt), group_id(group_id) {}
BigInt v;
- MemoryVector<byte> salt;
+ std::vector<byte> salt;
std::string group_id;
};
diff --git a/src/constructs/tss/tss.cpp b/src/constructs/tss/tss.cpp
index cc34216f3..e002084a1 100644
--- a/src/constructs/tss/tss.cpp
+++ b/src/constructs/tss/tss.cpp
@@ -150,7 +150,7 @@ RTSS_Share::split(byte M, byte N,
shares[i].contents.push_back(i+1);
// secret = S || H(S)
- SecureVector<byte> secret(S, S_len);
+ secure_vector<byte> secret(S, S + S_len);
secret += hash.process(S, S_len);
for(size_t i = 0; i != secret.size(); ++i)
@@ -178,7 +178,7 @@ RTSS_Share::split(byte M, byte N,
return shares;
}
-SecureVector<byte>
+secure_vector<byte>
RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
{
const size_t RTSS_HEADER_SIZE = 20;
@@ -211,7 +211,7 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
throw Decoding_Error("Bad RTSS length field in header");
std::vector<byte> V(shares.size());
- SecureVector<byte> secret;
+ secure_vector<byte> secret;
for(size_t i = RTSS_HEADER_SIZE + 1; i != shares[0].size(); ++i)
{
@@ -250,13 +250,13 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
throw Decoding_Error("Bad length in RTSS output");
hash->update(&secret[0], secret_len);
- SecureVector<byte> hash_check = hash->final();
+ secure_vector<byte> hash_check = hash->final();
if(!same_mem(&hash_check[0],
&secret[secret_len], hash->output_length()))
throw Decoding_Error("RTSS hash check failed");
- return SecureVector<byte>(&secret[0], secret_len);
+ return secure_vector<byte>(&secret[0], &secret[secret_len]);
}
}
diff --git a/src/constructs/tss/tss.h b/src/constructs/tss/tss.h
index 297c65971..4664af317 100644
--- a/src/constructs/tss/tss.h
+++ b/src/constructs/tss/tss.h
@@ -38,7 +38,7 @@ class BOTAN_DLL RTSS_Share
/**
* @param shares the list of shares
*/
- static SecureVector<byte>
+ static secure_vector<byte>
reconstruct(const std::vector<RTSS_Share>& shares);
RTSS_Share() {}
@@ -68,7 +68,7 @@ class BOTAN_DLL RTSS_Share
*/
bool initialized() const { return (contents.size() > 0); }
private:
- SecureVector<byte> contents;
+ secure_vector<byte> contents;
};
}
diff --git a/src/credentials/credentials_manager.cpp b/src/credentials/credentials_manager.cpp
index 07d2979f9..6013fe4ea 100644
--- a/src/credentials/credentials_manager.cpp
+++ b/src/credentials/credentials_manager.cpp
@@ -54,7 +54,7 @@ bool Credentials_Manager::srp_verifier(const std::string&,
const std::string&,
std::string&,
BigInt&,
- MemoryRegion<byte>&,
+ std::vector<byte>&,
bool)
{
return false;
diff --git a/src/credentials/credentials_manager.h b/src/credentials/credentials_manager.h
index 67da07eec..57ebd8b38 100644
--- a/src/credentials/credentials_manager.h
+++ b/src/credentials/credentials_manager.h
@@ -81,7 +81,7 @@ class BOTAN_DLL Credentials_Manager
const std::string& identifier,
std::string& group_name,
BigInt& verifier,
- MemoryRegion<byte>& salt,
+ std::vector<byte>& salt,
bool generate_fake_on_unknown);
/**
diff --git a/src/engine/gnump/gmp_wrap.h b/src/engine/gnump/gmp_wrap.h
index fc7aa856e..0a786f3ee 100644
--- a/src/engine/gnump/gmp_wrap.h
+++ b/src/engine/gnump/gmp_wrap.h
@@ -25,7 +25,7 @@ class GMP_MPZ
void encode(byte[], size_t) const;
size_t bytes() const;
- SecureVector<byte> to_bytes() const
+ secure_vector<byte> to_bytes() const
{ return BigInt::encode(to_bigint()); }
GMP_MPZ& operator=(const GMP_MPZ&);
diff --git a/src/engine/gnump/gnump_pk.cpp b/src/engine/gnump/gnump_pk.cpp
index 25735fe55..b2a2f9352 100644
--- a/src/engine/gnump/gnump_pk.cpp
+++ b/src/engine/gnump/gnump_pk.cpp
@@ -38,7 +38,7 @@ class GMP_DH_KA_Operation : public PK_Ops::Key_Agreement
GMP_DH_KA_Operation(const DH_PrivateKey& dh) :
x(dh.get_x()), p(dh.group_p()) {}
- SecureVector<byte> agree(const byte w[], size_t w_len)
+ secure_vector<byte> agree(const byte w[], size_t w_len)
{
GMP_MPZ z(w, w_len);
mpz_powm(z.value, z.value, x.value, p.value);
@@ -66,14 +66,14 @@ class GMP_DSA_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return (q_bits + 7) / 8; }
size_t max_input_bits() const { return q_bits; }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const GMP_MPZ x, p, q, g;
size_t q_bits;
};
-SecureVector<byte>
+secure_vector<byte>
GMP_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -104,7 +104,7 @@ GMP_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
if(mpz_cmp_ui(r.value, 0) == 0 || mpz_cmp_ui(s.value, 0) == 0)
throw Internal_Error("GMP_DSA_Op::sign: r or s was zero");
- SecureVector<byte> output(2*q_bytes);
+ secure_vector<byte> output(2*q_bytes);
r.encode(output, q_bytes);
s.encode(output + q_bytes, q_bytes);
return output;
@@ -192,7 +192,7 @@ class GMP_RSA_Private_Operation : public PK_Ops::Signature,
size_t max_input_bits() const { return (n_bits - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
@@ -200,7 +200,7 @@ class GMP_RSA_Private_Operation : public PK_Ops::Signature,
return BigInt::encode_1363(x, (n_bits + 7) / 8);
}
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len)
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(private_op(m));
@@ -238,14 +238,14 @@ class GMP_RSA_Public_Operation : public PK_Ops::Verification,
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
return BigInt::encode_1363(public_op(m), n.bytes());
}
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len)
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(public_op(m));
diff --git a/src/engine/openssl/bn_wrap.cpp b/src/engine/openssl/bn_wrap.cpp
index 779956824..0ac31f61b 100644
--- a/src/engine/openssl/bn_wrap.cpp
+++ b/src/engine/openssl/bn_wrap.cpp
@@ -15,7 +15,7 @@ namespace Botan {
OSSL_BN::OSSL_BN(const BigInt& in)
{
value = BN_new();
- SecureVector<byte> encoding = BigInt::encode(in);
+ secure_vector<byte> encoding = BigInt::encode(in);
if(in != 0)
BN_bin2bn(encoding, encoding.size(), value);
}
@@ -75,7 +75,7 @@ size_t OSSL_BN::bytes() const
*/
BigInt OSSL_BN::to_bigint() const
{
- SecureVector<byte> out(bytes());
+ secure_vector<byte> out(bytes());
BN_bn2bin(value, out);
return BigInt::decode(out);
}
diff --git a/src/engine/openssl/bn_wrap.h b/src/engine/openssl/bn_wrap.h
index c5c07a35c..177dbd8c7 100644
--- a/src/engine/openssl/bn_wrap.h
+++ b/src/engine/openssl/bn_wrap.h
@@ -25,7 +25,7 @@ class OSSL_BN
void encode(byte[], size_t) const;
size_t bytes() const;
- SecureVector<byte> to_bytes() const
+ secure_vector<byte> to_bytes() const
{ return BigInt::encode(to_bigint()); }
OSSL_BN& operator=(const OSSL_BN&);
diff --git a/src/engine/openssl/ossl_bc.cpp b/src/engine/openssl/ossl_bc.cpp
index 36f78205f..d419f56be 100644
--- a/src/engine/openssl/ossl_bc.cpp
+++ b/src/engine/openssl/ossl_bc.cpp
@@ -123,7 +123,7 @@ void EVP_BlockCipher::decrypt_n(const byte in[], byte out[],
*/
void EVP_BlockCipher::key_schedule(const byte key[], size_t length)
{
- SecureVector<byte> full_key(key, length);
+ secure_vector<byte> full_key(key, length);
if(cipher_name == "TripleDES" && length == 16)
{
diff --git a/src/engine/openssl/ossl_pk.cpp b/src/engine/openssl/ossl_pk.cpp
index 23ae6b25d..2557ec297 100644
--- a/src/engine/openssl/ossl_pk.cpp
+++ b/src/engine/openssl/ossl_pk.cpp
@@ -36,7 +36,7 @@ class OSSL_DH_KA_Operation : public PK_Ops::Key_Agreement
OSSL_DH_KA_Operation(const DH_PrivateKey& dh) :
x(dh.get_x()), p(dh.group_p()) {}
- SecureVector<byte> agree(const byte w[], size_t w_len)
+ secure_vector<byte> agree(const byte w[], size_t w_len)
{
OSSL_BN i(w, w_len), r;
BN_mod_exp(r.value, i.value, x.value, p.value, ctx.value);
@@ -65,7 +65,7 @@ class OSSL_DSA_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return (q_bits + 7) / 8; }
size_t max_input_bits() const { return q_bits; }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const OSSL_BN x, p, q, g;
@@ -73,7 +73,7 @@ class OSSL_DSA_Signature_Operation : public PK_Ops::Signature
size_t q_bits;
};
-SecureVector<byte>
+secure_vector<byte>
OSSL_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -103,7 +103,7 @@ OSSL_DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
if(BN_is_zero(r.value) || BN_is_zero(s.value))
throw Internal_Error("OpenSSL_DSA_Op::sign: r or s was zero");
- SecureVector<byte> output(2*q_bytes);
+ secure_vector<byte> output(2*q_bytes);
r.encode(output, q_bytes);
s.encode(output + q_bytes, q_bytes);
return output;
@@ -191,7 +191,7 @@ class OSSL_RSA_Private_Operation : public PK_Ops::Signature,
size_t max_input_bits() const { return (n_bits - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
@@ -199,7 +199,7 @@ class OSSL_RSA_Private_Operation : public PK_Ops::Signature,
return BigInt::encode_1363(x, (n_bits + 7) / 8);
}
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len)
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(private_op(m));
@@ -237,14 +237,14 @@ class OSSL_RSA_Public_Operation : public PK_Ops::Verification,
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
return BigInt::encode_1363(public_op(m), n.bytes());
}
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len)
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
return BigInt::encode(public_op(m));
diff --git a/src/entropy/cryptoapi_rng/es_capi.cpp b/src/entropy/cryptoapi_rng/es_capi.cpp
index c9069ce65..a706b4d5c 100644
--- a/src/entropy/cryptoapi_rng/es_capi.cpp
+++ b/src/entropy/cryptoapi_rng/es_capi.cpp
@@ -55,7 +55,7 @@ class CSP_Handle
*/
void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum)
{
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(32);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(32);
for(size_t i = 0; i != prov_types.size(); ++i)
{
diff --git a/src/entropy/dev_random/dev_random.cpp b/src/entropy/dev_random/dev_random.cpp
index 9e4f0b373..d92176ce9 100644
--- a/src/entropy/dev_random/dev_random.cpp
+++ b/src/entropy/dev_random/dev_random.cpp
@@ -111,7 +111,7 @@ void Device_EntropySource::poll(Entropy_Accumulator& accum)
accum.desired_remaining_bits() / ENTROPY_BITS_PER_BYTE, 32);
const size_t read_wait_ms = std::max<size_t>(go_get, 100);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(go_get);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(go_get);
for(size_t i = 0; i != devices.size(); ++i)
{
diff --git a/src/entropy/egd/es_egd.cpp b/src/entropy/egd/es_egd.cpp
index e0ebf9509..d8dbecd44 100644
--- a/src/entropy/egd/es_egd.cpp
+++ b/src/entropy/egd/es_egd.cpp
@@ -139,7 +139,7 @@ void EGD_EntropySource::poll(Entropy_Accumulator& accum)
{
size_t go_get = std::min<size_t>(accum.desired_remaining_bits() / 8, 32);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(go_get);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(go_get);
for(size_t i = 0; i != sockets.size(); ++i)
{
diff --git a/src/entropy/entropy_src.h b/src/entropy/entropy_src.h
index 3f15b5907..e130574f4 100644
--- a/src/entropy/entropy_src.h
+++ b/src/entropy/entropy_src.h
@@ -35,7 +35,7 @@ class BOTAN_DLL Entropy_Accumulator
* @param size requested size for the I/O buffer
* @return cached I/O buffer for repeated polls
*/
- MemoryRegion<byte>& get_io_buffer(size_t size)
+ secure_vector<byte>& get_io_buffer(size_t size)
{ io_buffer.resize(size); return io_buffer; }
/**
@@ -87,7 +87,7 @@ class BOTAN_DLL Entropy_Accumulator
private:
virtual void add_bytes(const byte bytes[], size_t length) = 0;
- SecureVector<byte> io_buffer;
+ secure_vector<byte> io_buffer;
size_t entropy_goal;
double collected_bits;
};
diff --git a/src/entropy/proc_walk/es_ftw.cpp b/src/entropy/proc_walk/es_ftw.cpp
index 407034891..d65aadfb1 100644
--- a/src/entropy/proc_walk/es_ftw.cpp
+++ b/src/entropy/proc_walk/es_ftw.cpp
@@ -151,7 +151,7 @@ void FTW_EntropySource::poll(Entropy_Accumulator& accum)
if(!dir)
dir = new Directory_Walker(path);
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(4096);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(4096);
for(size_t i = 0; i != MAX_FILES_READ_PER_POLL; ++i)
{
diff --git a/src/entropy/unix_procs/es_unix.cpp b/src/entropy/unix_procs/es_unix.cpp
index b989e0213..9ec5f7148 100644
--- a/src/entropy/unix_procs/es_unix.cpp
+++ b/src/entropy/unix_procs/es_unix.cpp
@@ -93,7 +93,7 @@ void Unix_EntropySource::poll(Entropy_Accumulator& accum)
const size_t MINIMAL_WORKING = 16;
- MemoryRegion<byte>& io_buffer = accum.get_io_buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte>& io_buffer = accum.get_io_buffer(DEFAULT_BUFFERSIZE);
for(size_t i = 0; i != sources.size(); i++)
{
diff --git a/src/filters/algo_filt.cpp b/src/filters/algo_filt.cpp
index 337733b5f..dbc46c7e6 100644
--- a/src/filters/algo_filt.cpp
+++ b/src/filters/algo_filt.cpp
@@ -92,7 +92,7 @@ Hash_Filter::Hash_Filter(const std::string& algo_spec,
*/
void Hash_Filter::end_msg()
{
- SecureVector<byte> output = hash->final();
+ secure_vector<byte> output = hash->final();
if(OUTPUT_LENGTH)
send(output, std::min<size_t>(OUTPUT_LENGTH, output.size()));
else
@@ -125,7 +125,7 @@ MAC_Filter::MAC_Filter(const std::string& mac_name, const SymmetricKey& key,
*/
void MAC_Filter::end_msg()
{
- SecureVector<byte> output = mac->final();
+ secure_vector<byte> output = mac->final();
if(OUTPUT_LENGTH)
send(output, std::min<size_t>(OUTPUT_LENGTH, output.size()));
else
diff --git a/src/filters/buf_filt.h b/src/filters/buf_filt.h
index 87180e3e1..9a3fc9a2b 100644
--- a/src/filters/buf_filt.h
+++ b/src/filters/buf_filt.h
@@ -27,6 +27,12 @@ class BOTAN_DLL Buffered_Filter
*/
void write(const byte in[], size_t length);
+ template<typename Alloc>
+ void write(const std::vector<byte, Alloc>& in, size_t length)
+ {
+ write(&in[0], length);
+ }
+
/**
* Finish a message, emitting to buffered_block and buffered_final
* Will throw an exception if less than final_minimum bytes were
@@ -78,7 +84,7 @@ class BOTAN_DLL Buffered_Filter
private:
size_t main_block_mod, final_minimum;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
size_t buffer_pos;
};
diff --git a/src/filters/bzip2/bzip2.h b/src/filters/bzip2/bzip2.h
index b3b222eb2..2505cf54e 100644
--- a/src/filters/bzip2/bzip2.h
+++ b/src/filters/bzip2/bzip2.h
@@ -33,7 +33,7 @@ class BOTAN_DLL Bzip_Compression : public Filter
void clear();
const size_t level;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
class Bzip_Stream* bz;
};
@@ -55,7 +55,7 @@ class BOTAN_DLL Bzip_Decompression : public Filter
void clear();
const bool small_mem;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
class Bzip_Stream* bz;
bool no_writes;
};
diff --git a/src/filters/codec_filt/b64_filt.h b/src/filters/codec_filt/b64_filt.h
index afff53f30..dcb3cdbd5 100644
--- a/src/filters/codec_filt/b64_filt.h
+++ b/src/filters/codec_filt/b64_filt.h
@@ -47,7 +47,7 @@ class BOTAN_DLL Base64_Encoder : public Filter
const size_t line_length;
const bool trailing_newline;
- MemoryVector<byte> in, out;
+ std::vector<byte> in, out;
size_t position, out_position;
};
@@ -79,7 +79,7 @@ class BOTAN_DLL Base64_Decoder : public Filter
Base64_Decoder(Decoder_Checking checking = NONE);
private:
const Decoder_Checking checking;
- MemoryVector<byte> in, out;
+ std::vector<byte> in, out;
size_t position;
};
diff --git a/src/filters/codec_filt/hex_filt.h b/src/filters/codec_filt/hex_filt.h
index 0dc38c804..dbe6b9bae 100644
--- a/src/filters/codec_filt/hex_filt.h
+++ b/src/filters/codec_filt/hex_filt.h
@@ -49,7 +49,7 @@ class BOTAN_DLL Hex_Encoder : public Filter
const Case casing;
const size_t line_length;
- MemoryVector<byte> in, out;
+ std::vector<byte> in, out;
size_t position, counter;
};
@@ -72,7 +72,7 @@ class BOTAN_DLL Hex_Decoder : public Filter
Hex_Decoder(Decoder_Checking checking = NONE);
private:
const Decoder_Checking checking;
- MemoryVector<byte> in, out;
+ std::vector<byte> in, out;
size_t position;
};
diff --git a/src/filters/data_src.cpp b/src/filters/data_src.cpp
index da67baa98..4980507ca 100644
--- a/src/filters/data_src.cpp
+++ b/src/filters/data_src.cpp
@@ -77,26 +77,10 @@ bool DataSource_Memory::end_of_data() const
/*
* DataSource_Memory Constructor
*/
-DataSource_Memory::DataSource_Memory(const byte in[], size_t length) :
- source(in, length)
- {
- offset = 0;
- }
-
-/*
-* DataSource_Memory Constructor
-*/
-DataSource_Memory::DataSource_Memory(const MemoryRegion<byte>& in) :
- source(in)
- {
- offset = 0;
- }
-
-/*
-* DataSource_Memory Constructor
-*/
DataSource_Memory::DataSource_Memory(const std::string& in) :
- source(reinterpret_cast<const byte*>(in.data()), in.length())
+ source(reinterpret_cast<const byte*>(in.data()),
+ reinterpret_cast<const byte*>(in.data()) + in.length()),
+ offset(0)
{
offset = 0;
}
@@ -127,7 +111,7 @@ size_t DataSource_Stream::peek(byte out[], size_t length, size_t offset) const
if(offset)
{
- SecureVector<byte> buf(offset);
+ secure_vector<byte> buf(offset);
source.read(reinterpret_cast<char*>(&buf[0]), buf.size());
if(source.bad())
throw Stream_IO_Error("DataSource_Stream::peek: Source failure");
diff --git a/src/filters/data_src.h b/src/filters/data_src.h
index d2d51fe23..62bdacd33 100644
--- a/src/filters/data_src.h
+++ b/src/filters/data_src.h
@@ -106,15 +106,24 @@ class BOTAN_DLL DataSource_Memory : public DataSource
* @param in the byte array to read from
* @param length the length of the byte array
*/
- DataSource_Memory(const byte in[], size_t length);
+ DataSource_Memory(const byte in[], size_t length) :
+ source(in, in + length), offset(0) {}
/**
- * Construct a memory source that reads from a MemoryRegion
+ * Construct a memory source that reads from a secure_vector
* @param in the MemoryRegion to read from
*/
- DataSource_Memory(const MemoryRegion<byte>& in);
+ DataSource_Memory(const secure_vector<byte>& in) :
+ source(in), offset(0) {}
+
+ /**
+ * Construct a memory source that reads from a std::vector
+ * @param in the MemoryRegion to read from
+ */
+ DataSource_Memory(const std::vector<byte>& in) :
+ source(&in[0], &in[in.size()]), offset(0) {}
private:
- SecureVector<byte> source;
+ secure_vector<byte> source;
size_t offset;
};
diff --git a/src/filters/fd_unix/fd_unix.cpp b/src/filters/fd_unix/fd_unix.cpp
index 3a9253b5e..dc6fbe696 100644
--- a/src/filters/fd_unix/fd_unix.cpp
+++ b/src/filters/fd_unix/fd_unix.cpp
@@ -16,7 +16,7 @@ namespace Botan {
*/
int operator<<(int fd, Pipe& pipe)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(pipe.remaining())
{
size_t got = pipe.read(&buffer[0], buffer.size());
@@ -38,7 +38,7 @@ int operator<<(int fd, Pipe& pipe)
*/
int operator>>(int fd, Pipe& pipe)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(true)
{
ssize_t ret = read(fd, &buffer[0], buffer.size());
diff --git a/src/filters/filter.h b/src/filters/filter.h
index b62846075..f59677528 100644
--- a/src/filters/filter.h
+++ b/src/filters/filter.h
@@ -65,13 +65,27 @@ class BOTAN_DLL Filter
/**
* @param in some input for the filter
*/
- void send(const MemoryRegion<byte>& in) { send(&in[0], in.size()); }
+ void send(const secure_vector<byte>& in) { send(&in[0], in.size()); }
+
+ /**
+ * @param in some input for the filter
+ */
+ void send(const std::vector<byte>& in) { send(&in[0], in.size()); }
+
+ /**
+ * @param in some input for the filter
+ * @param length the number of bytes of in to send
+ */
+ void send(const secure_vector<byte>& in, size_t length)
+ {
+ send(&in[0], length);
+ }
/**
* @param in some input for the filter
* @param length the number of bytes of in to send
*/
- void send(const MemoryRegion<byte>& in, size_t length)
+ void send(const std::vector<byte>& in, size_t length)
{
send(&in[0], length);
}
@@ -120,7 +134,7 @@ class BOTAN_DLL Filter
void set_next(Filter* filters[], size_t count);
Filter* get_next() const;
- SecureVector<byte> write_queue;
+ secure_vector<byte> write_queue;
std::vector<Filter*> next;
size_t port_num, filter_owns;
diff --git a/src/filters/filters.h b/src/filters/filters.h
index b409e78f5..08b505bc0 100644
--- a/src/filters/filters.h
+++ b/src/filters/filters.h
@@ -94,7 +94,7 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter
~StreamCipher_Filter() { delete cipher; }
private:
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
StreamCipher* cipher;
};
diff --git a/src/filters/modes/cbc/cbc.cpp b/src/filters/modes/cbc/cbc.cpp
index b464d075f..00518fc86 100644
--- a/src/filters/modes/cbc/cbc.cpp
+++ b/src/filters/modes/cbc/cbc.cpp
@@ -65,9 +65,9 @@ void CBC_Encryption::buffered_block(const byte input[], size_t length)
for(size_t i = 0; i != blocks; ++i)
{
- xor_buf(state, input + i * cipher->block_size(), state.size());
+ xor_buf(&state[0], input + i * cipher->block_size(), state.size());
cipher->encrypt(state);
- send(state, state.size());
+ send(state);
}
}
@@ -91,13 +91,13 @@ void CBC_Encryption::end_msg()
{
size_t last_block = current_position() % cipher->block_size();
- SecureVector<byte> padding(cipher->block_size());
- padder->pad(padding, padding.size(), last_block);
+ std::vector<byte> padding(cipher->block_size());
+ padder->pad(&padding[0], padding.size(), last_block);
size_t pad_bytes = padder->pad_bytes(cipher->block_size(), last_block);
if(pad_bytes)
- Buffered_Filter::write(padding, pad_bytes);
+ Buffered_Filter::write(&padding[0], pad_bytes);
Buffered_Filter::end_msg();
}
@@ -170,7 +170,7 @@ void CBC_Decryption::buffered_block(const byte input[], size_t length)
cipher->decrypt_n(input, &temp[0], to_proc);
- xor_buf(temp, state, cipher->block_size());
+ xor_buf(&temp[0], &state[0], cipher->block_size());
for(size_t i = 1; i < to_proc; ++i)
xor_buf(&temp[i * cipher->block_size()],
@@ -202,9 +202,9 @@ void CBC_Decryption::buffered_final(const byte input[], size_t length)
input += extra_blocks * cipher->block_size();
- cipher->decrypt(input, temp);
- xor_buf(temp, state, cipher->block_size());
- send(temp, padder->unpad(temp, cipher->block_size()));
+ cipher->decrypt(&input[0], &temp[0]);
+ xor_buf(&temp[0], &state[0], cipher->block_size());
+ send(&temp[0], padder->unpad(&temp[0], cipher->block_size()));
copy_mem(&state[0], input, state.size()); // save for IV chaining
}
diff --git a/src/filters/modes/cbc/cbc.h b/src/filters/modes/cbc/cbc.h
index d828f53a6..4fd0f7d66 100644
--- a/src/filters/modes/cbc/cbc.h
+++ b/src/filters/modes/cbc/cbc.h
@@ -52,7 +52,7 @@ class BOTAN_DLL CBC_Encryption : public Keyed_Filter,
BlockCipher* cipher;
const BlockCipherModePaddingMethod* padder;
- SecureVector<byte> state;
+ secure_vector<byte> state;
};
/**
@@ -92,7 +92,7 @@ class BOTAN_DLL CBC_Decryption : public Keyed_Filter,
BlockCipher* cipher;
const BlockCipherModePaddingMethod* padder;
- SecureVector<byte> state, temp;
+ secure_vector<byte> state, temp;
};
}
diff --git a/src/filters/modes/cfb/cfb.cpp b/src/filters/modes/cfb/cfb.cpp
index 9aa6f6159..2b7cca84a 100644
--- a/src/filters/modes/cfb/cfb.cpp
+++ b/src/filters/modes/cfb/cfb.cpp
@@ -61,7 +61,7 @@ void CFB_Encryption::set_iv(const InitializationVector& iv)
zeroise(buffer);
position = 0;
- cipher->encrypt(state, buffer);
+ cipher->encrypt(&state[0], &buffer[0]);
}
/*
diff --git a/src/filters/modes/cfb/cfb.h b/src/filters/modes/cfb/cfb.h
index 64eb1e832..212ac76da 100644
--- a/src/filters/modes/cfb/cfb.h
+++ b/src/filters/modes/cfb/cfb.h
@@ -43,7 +43,7 @@ class BOTAN_DLL CFB_Encryption : public Keyed_Filter
void write(const byte[], size_t);
BlockCipher* cipher;
- SecureVector<byte> buffer, state;
+ secure_vector<byte> buffer, state;
size_t position, feedback;
};
@@ -77,7 +77,7 @@ class BOTAN_DLL CFB_Decryption : public Keyed_Filter
void write(const byte[], size_t);
BlockCipher* cipher;
- SecureVector<byte> buffer, state;
+ secure_vector<byte> buffer, state;
size_t position, feedback;
};
diff --git a/src/filters/modes/cts/cts.cpp b/src/filters/modes/cts/cts.cpp
index 694d7d524..f77a28dd5 100644
--- a/src/filters/modes/cts/cts.cpp
+++ b/src/filters/modes/cts/cts.cpp
@@ -56,7 +56,7 @@ void CTS_Encryption::set_iv(const InitializationVector& iv)
*/
void CTS_Encryption::encrypt(const byte block[])
{
- xor_buf(state, block, cipher->block_size());
+ xor_buf(&state[0], &block[0], cipher->block_size());
cipher->encrypt(state);
send(state, cipher->block_size());
}
@@ -105,7 +105,7 @@ void CTS_Encryption::end_msg()
xor_buf(state, buffer, cipher->block_size());
cipher->encrypt(state);
- SecureVector<byte> cn = state;
+ secure_vector<byte> cn = state;
clear_mem(&buffer[position], buffer.size() - position);
encrypt(&buffer[cipher->block_size()]);
send(cn, position - cipher->block_size());
@@ -177,7 +177,7 @@ void CTS_Decryption::write(const byte input[], size_t length)
if(length == 0) return;
- decrypt(buffer);
+ decrypt(&buffer[0]);
if(length > cipher->block_size())
{
decrypt(&buffer[cipher->block_size()]);
@@ -203,17 +203,17 @@ void CTS_Decryption::write(const byte input[], size_t length)
*/
void CTS_Decryption::end_msg()
{
- cipher->decrypt(buffer, temp);
- xor_buf(temp, &buffer[cipher->block_size()], position - cipher->block_size());
+ cipher->decrypt(&buffer[0], &temp[0]);
+ xor_buf(&temp[0], &buffer[cipher->block_size()], position - cipher->block_size());
- SecureVector<byte> xn = temp;
+ secure_vector<byte> xn = temp;
copy_mem(&buffer[position],
&xn[position - cipher->block_size()],
buffer.size() - position);
- cipher->decrypt(&buffer[cipher->block_size()], temp);
- xor_buf(temp, state, cipher->block_size());
+ cipher->decrypt(&buffer[cipher->block_size()], &temp[0]);
+ xor_buf(&temp[0], &state[0], cipher->block_size());
send(temp, cipher->block_size());
send(xn, position - cipher->block_size());
}
diff --git a/src/filters/modes/cts/cts.h b/src/filters/modes/cts/cts.h
index 8e19073f4..ac296316f 100644
--- a/src/filters/modes/cts/cts.h
+++ b/src/filters/modes/cts/cts.h
@@ -44,7 +44,7 @@ class BOTAN_DLL CTS_Encryption : public Keyed_Filter
void encrypt(const byte[]);
BlockCipher* cipher;
- SecureVector<byte> buffer, state;
+ secure_vector<byte> buffer, state;
size_t position;
};
@@ -79,7 +79,7 @@ class BOTAN_DLL CTS_Decryption : public Keyed_Filter
void decrypt(const byte[]);
BlockCipher* cipher;
- SecureVector<byte> buffer, state, temp;
+ secure_vector<byte> buffer, state, temp;
size_t position;
};
diff --git a/src/filters/modes/eax/eax.cpp b/src/filters/modes/eax/eax.cpp
index 791286cc6..fb75d73fd 100644
--- a/src/filters/modes/eax/eax.cpp
+++ b/src/filters/modes/eax/eax.cpp
@@ -19,7 +19,7 @@ namespace {
/*
* EAX MAC-based PRF
*/
-SecureVector<byte> eax_prf(byte tag, size_t BLOCK_SIZE,
+secure_vector<byte> eax_prf(byte tag, size_t BLOCK_SIZE,
MessageAuthenticationCode* mac,
const byte in[], size_t length)
{
@@ -131,7 +131,7 @@ void EAX_Encryption::write(const byte input[], size_t length)
*/
void EAX_Encryption::end_msg()
{
- SecureVector<byte> data_mac = cmac->final();
+ secure_vector<byte> data_mac = cmac->final();
xor_buf(data_mac, nonce_mac, data_mac.size());
xor_buf(data_mac, header_mac, data_mac.size());
diff --git a/src/filters/modes/eax/eax.h b/src/filters/modes/eax/eax.h
index e8efb9398..d78287521 100644
--- a/src/filters/modes/eax/eax.h
+++ b/src/filters/modes/eax/eax.h
@@ -81,17 +81,17 @@ class BOTAN_DLL EAX_Base : public Keyed_Filter
/**
* The MAC of the nonce
*/
- SecureVector<byte> nonce_mac;
+ secure_vector<byte> nonce_mac;
/**
* The MAC of the header
*/
- SecureVector<byte> header_mac;
+ secure_vector<byte> header_mac;
/**
* A buffer for CTR mode encryption
*/
- SecureVector<byte> ctr_buf;
+ secure_vector<byte> ctr_buf;
};
/**
@@ -151,7 +151,7 @@ class BOTAN_DLL EAX_Decryption : public EAX_Base
void do_write(const byte[], size_t);
void end_msg();
- SecureVector<byte> queue;
+ secure_vector<byte> queue;
size_t queue_start, queue_end;
};
diff --git a/src/filters/modes/eax/eax_dec.cpp b/src/filters/modes/eax/eax_dec.cpp
index d14ba5e70..a2675cac0 100644
--- a/src/filters/modes/eax/eax_dec.cpp
+++ b/src/filters/modes/eax/eax_dec.cpp
@@ -62,7 +62,7 @@ void EAX_Decryption::write(const byte input[], size_t length)
if(queue_start + TAG_SIZE == queue_end &&
queue_start >= queue.size() / 2)
{
- SecureVector<byte> queue_data(TAG_SIZE);
+ secure_vector<byte> queue_data(TAG_SIZE);
copy_mem(&queue_data[0], &queue[queue_start], TAG_SIZE);
copy_mem(&queue[0], &queue_data[0], TAG_SIZE);
queue_start = 0;
@@ -100,7 +100,7 @@ void EAX_Decryption::end_msg()
if((queue_end - queue_start) != TAG_SIZE)
throw Decoding_Error(name() + ": Message authentication failure");
- SecureVector<byte> data_mac = cmac->final();
+ secure_vector<byte> data_mac = cmac->final();
for(size_t j = 0; j != TAG_SIZE; ++j)
if(queue[queue_start+j] != (data_mac[j] ^ nonce_mac[j] ^ header_mac[j]))
diff --git a/src/filters/modes/ecb/ecb.cpp b/src/filters/modes/ecb/ecb.cpp
index 9115d6362..d36d2350b 100644
--- a/src/filters/modes/ecb/ecb.cpp
+++ b/src/filters/modes/ecb/ecb.cpp
@@ -70,8 +70,8 @@ void ECB_Encryption::end_msg()
{
size_t last_block = current_position() % cipher->block_size();
- SecureVector<byte> padding(cipher->block_size());
- padder->pad(padding, padding.size(), last_block);
+ secure_vector<byte> padding(cipher->block_size());
+ padder->pad(&padding[0], padding.size(), last_block);
size_t pad_bytes = padder->pad_bytes(cipher->block_size(), last_block);
@@ -203,8 +203,8 @@ void ECB_Decryption::buffered_final(const byte input[], size_t length)
input += extra_blocks * cipher->block_size();
- cipher->decrypt(input, temp);
- send(temp, padder->unpad(temp, cipher->block_size()));
+ cipher->decrypt(input, &temp[0]);
+ send(&temp[0], padder->unpad(&temp[0], cipher->block_size()));
}
}
diff --git a/src/filters/modes/ecb/ecb.h b/src/filters/modes/ecb/ecb.h
index 94cff1f52..e6476ab5d 100644
--- a/src/filters/modes/ecb/ecb.h
+++ b/src/filters/modes/ecb/ecb.h
@@ -46,7 +46,7 @@ class BOTAN_DLL ECB_Encryption : public Keyed_Filter,
BlockCipher* cipher;
BlockCipherModePaddingMethod* padder;
- SecureVector<byte> temp;
+ secure_vector<byte> temp;
};
/**
@@ -80,7 +80,7 @@ class BOTAN_DLL ECB_Decryption : public Keyed_Filter,
BlockCipher* cipher;
BlockCipherModePaddingMethod* padder;
- SecureVector<byte> temp;
+ secure_vector<byte> temp;
};
}
diff --git a/src/filters/modes/xts/xts.cpp b/src/filters/modes/xts/xts.cpp
index 42b1f2bf0..e29ef6b98 100644
--- a/src/filters/modes/xts/xts.cpp
+++ b/src/filters/modes/xts/xts.cpp
@@ -136,7 +136,7 @@ void XTS_Encryption::buffered_block(const byte input[], size_t length)
const size_t blocks_in_tweak = tweak.size() / cipher->block_size();
size_t blocks = length / cipher->block_size();
- SecureVector<byte> temp(tweak.size());
+ secure_vector<byte> temp(tweak.size());
while(blocks)
{
@@ -194,7 +194,7 @@ void XTS_Encryption::buffered_final(const byte input[], size_t length)
input += leftover_blocks;
length -= leftover_blocks;
- SecureVector<byte> temp(input, length);
+ secure_vector<byte> temp(input, input + length);
xor_buf(temp, tweak, cipher->block_size());
cipher->encrypt(temp);
@@ -311,7 +311,7 @@ void XTS_Decryption::buffered_block(const byte input[], size_t input_length)
const size_t blocks_in_tweak = tweak.size() / cipher->block_size();
size_t blocks = input_length / cipher->block_size();
- SecureVector<byte> temp(tweak.size());
+ secure_vector<byte> temp(tweak.size());
while(blocks)
{
@@ -365,8 +365,8 @@ void XTS_Decryption::buffered_final(const byte input[], size_t length)
input += leftover_blocks;
length -= leftover_blocks;
- SecureVector<byte> temp(input, length);
- SecureVector<byte> tweak_copy(&tweak[0], cipher->block_size());
+ secure_vector<byte> temp(input, input + length);
+ secure_vector<byte> tweak_copy(&tweak[0], &tweak[cipher->block_size()]);
poly_double(&tweak_copy[0], cipher->block_size());
diff --git a/src/filters/modes/xts/xts.h b/src/filters/modes/xts/xts.h
index 52db9bcfc..d4801cd37 100644
--- a/src/filters/modes/xts/xts.h
+++ b/src/filters/modes/xts/xts.h
@@ -48,7 +48,7 @@ class BOTAN_DLL XTS_Encryption : public Keyed_Filter,
BlockCipher* cipher;
BlockCipher* cipher2;
- SecureVector<byte> tweak;
+ secure_vector<byte> tweak;
};
/**
@@ -85,7 +85,7 @@ class BOTAN_DLL XTS_Decryption : public Keyed_Filter,
BlockCipher* cipher;
BlockCipher* cipher2;
- SecureVector<byte> tweak;
+ secure_vector<byte> tweak;
};
}
diff --git a/src/filters/pipe.cpp b/src/filters/pipe.cpp
index 2c5e07589..6664098b3 100644
--- a/src/filters/pipe.cpp
+++ b/src/filters/pipe.cpp
@@ -124,7 +124,12 @@ void Pipe::process_msg(const byte input[], size_t length)
/*
* Process a full message at once
*/
-void Pipe::process_msg(const MemoryRegion<byte>& input)
+void Pipe::process_msg(const secure_vector<byte>& input)
+ {
+ process_msg(&input[0], input.size());
+ }
+
+void Pipe::process_msg(const std::vector<byte>& input)
{
process_msg(&input[0], input.size());
}
diff --git a/src/filters/pipe.h b/src/filters/pipe.h
index 6df518d3e..e53f0d508 100644
--- a/src/filters/pipe.h
+++ b/src/filters/pipe.h
@@ -66,9 +66,17 @@ class BOTAN_DLL Pipe : public DataSource
/**
* Write input to the pipe, i.e. to its first filter.
- * @param in the MemoryRegion containing the data to write
+ * @param in the secure_vector containing the data to write
*/
- void write(const MemoryRegion<byte>& in);
+ void write(const secure_vector<byte>& in)
+ { write(&in[0], in.size()); }
+
+ /**
+ * Write input to the pipe, i.e. to its first filter.
+ * @param in the std::vector containing the data to write
+ */
+ void write(const std::vector<byte>& in)
+ { write(&in[0], in.size()); }
/**
* Write input to the pipe, i.e. to its first filter.
@@ -97,9 +105,15 @@ class BOTAN_DLL Pipe : public DataSource
/**
* Perform start_msg(), write() and end_msg() sequentially.
- * @param in the MemoryRegion containing the data to write
+ * @param in the secure_vector containing the data to write
+ */
+ void process_msg(const secure_vector<byte>& in);
+
+ /**
+ * Perform start_msg(), write() and end_msg() sequentially.
+ * @param in the secure_vector containing the data to write
*/
- void process_msg(const MemoryRegion<byte>& in);
+ void process_msg(const std::vector<byte>& in);
/**
* Perform start_msg(), write() and end_msg() sequentially.
@@ -157,9 +171,9 @@ class BOTAN_DLL Pipe : public DataSource
/**
* Read the full contents of the pipe.
* @param msg the number identifying the message to read from
- * @return SecureVector holding the contents of the pipe
+ * @return secure_vector holding the contents of the pipe
*/
- SecureVector<byte> read_all(message_id msg = DEFAULT_MESSAGE);
+ secure_vector<byte> read_all(message_id msg = DEFAULT_MESSAGE);
/**
* Read the full contents of the pipe.
diff --git a/src/filters/pipe_io.cpp b/src/filters/pipe_io.cpp
index 9dd0ad0bb..a549eaee8 100644
--- a/src/filters/pipe_io.cpp
+++ b/src/filters/pipe_io.cpp
@@ -15,7 +15,7 @@ namespace Botan {
*/
std::ostream& operator<<(std::ostream& stream, Pipe& pipe)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(stream.good() && pipe.remaining())
{
size_t got = pipe.read(&buffer[0], buffer.size());
@@ -31,7 +31,7 @@ std::ostream& operator<<(std::ostream& stream, Pipe& pipe)
*/
std::istream& operator>>(std::istream& stream, Pipe& pipe)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(stream.good())
{
stream.read(reinterpret_cast<char*>(&buffer[0]), buffer.size());
diff --git a/src/filters/pipe_rw.cpp b/src/filters/pipe_rw.cpp
index 90af9ed34..8a713ea8d 100644
--- a/src/filters/pipe_rw.cpp
+++ b/src/filters/pipe_rw.cpp
@@ -39,14 +39,6 @@ void Pipe::write(const byte input[], size_t length)
}
/*
-* Write into a Pipe
-*/
-void Pipe::write(const MemoryRegion<byte>& input)
- {
- write(&input[0], input.size());
- }
-
-/*
* Write a string into a Pipe
*/
void Pipe::write(const std::string& str)
@@ -67,7 +59,7 @@ void Pipe::write(byte input)
*/
void Pipe::write(DataSource& source)
{
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(!source.end_of_data())
{
size_t got = source.read(&buffer[0], buffer.size());
@@ -102,10 +94,10 @@ size_t Pipe::read(byte& out, message_id msg)
/*
* Return all data in the pipe
*/
-SecureVector<byte> Pipe::read_all(message_id msg)
+secure_vector<byte> Pipe::read_all(message_id msg)
{
msg = ((msg != DEFAULT_MESSAGE) ? msg : default_msg());
- SecureVector<byte> buffer(remaining(msg));
+ secure_vector<byte> buffer(remaining(msg));
size_t got = read(&buffer[0], buffer.size(), msg);
buffer.resize(got);
return buffer;
@@ -117,7 +109,7 @@ SecureVector<byte> Pipe::read_all(message_id msg)
std::string Pipe::read_all_as_string(message_id msg)
{
msg = ((msg != DEFAULT_MESSAGE) ? msg : default_msg());
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
std::string str;
str.reserve(remaining(msg));
diff --git a/src/filters/pk_filts/pk_filts.cpp b/src/filters/pk_filts/pk_filts.cpp
index d843d711c..45fcc18b8 100644
--- a/src/filters/pk_filts/pk_filts.cpp
+++ b/src/filters/pk_filts/pk_filts.cpp
@@ -83,14 +83,13 @@ void PK_Verifier_Filter::end_msg()
*/
void PK_Verifier_Filter::set_signature(const byte sig[], size_t length)
{
- signature.resize(length);
- copy_mem(&signature[0], sig, length);
+ signature.assign(sig, sig + length);
}
/*
* Set the signature to check
*/
-void PK_Verifier_Filter::set_signature(const MemoryRegion<byte>& sig)
+void PK_Verifier_Filter::set_signature(const secure_vector<byte>& sig)
{
signature = sig;
}
@@ -100,7 +99,7 @@ void PK_Verifier_Filter::set_signature(const MemoryRegion<byte>& sig)
*/
PK_Verifier_Filter::PK_Verifier_Filter(PK_Verifier* v, const byte sig[],
size_t length) :
- verifier(v), signature(sig, length)
+ verifier(v), signature(sig, sig + length)
{
}
@@ -108,7 +107,7 @@ PK_Verifier_Filter::PK_Verifier_Filter(PK_Verifier* v, const byte sig[],
* PK_Verifier_Filter Constructor
*/
PK_Verifier_Filter::PK_Verifier_Filter(PK_Verifier* v,
- const MemoryRegion<byte>& sig) :
+ const secure_vector<byte>& sig) :
verifier(v), signature(sig)
{
}
diff --git a/src/filters/pk_filts/pk_filts.h b/src/filters/pk_filts/pk_filts.h
index dd67e389b..cc1c2220d 100644
--- a/src/filters/pk_filts/pk_filts.h
+++ b/src/filters/pk_filts/pk_filts.h
@@ -28,7 +28,7 @@ class BOTAN_DLL PK_Encryptor_Filter : public Filter
private:
PK_Encryptor* cipher;
RandomNumberGenerator& rng;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
};
/**
@@ -43,7 +43,7 @@ class BOTAN_DLL PK_Decryptor_Filter : public Filter
~PK_Decryptor_Filter() { delete cipher; }
private:
PK_Decryptor* cipher;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
};
/**
@@ -75,15 +75,15 @@ class BOTAN_DLL PK_Verifier_Filter : public Filter
void end_msg();
void set_signature(const byte[], size_t);
- void set_signature(const MemoryRegion<byte>&);
+ void set_signature(const secure_vector<byte>&);
PK_Verifier_Filter(PK_Verifier* v) : verifier(v) {}
PK_Verifier_Filter(PK_Verifier*, const byte[], size_t);
- PK_Verifier_Filter(PK_Verifier*, const MemoryRegion<byte>&);
+ PK_Verifier_Filter(PK_Verifier*, const secure_vector<byte>&);
~PK_Verifier_Filter() { delete verifier; }
private:
PK_Verifier* verifier;
- SecureVector<byte> signature;
+ secure_vector<byte> signature;
};
}
diff --git a/src/filters/secqueue.cpp b/src/filters/secqueue.cpp
index f65aff2a9..63d4f88d3 100644
--- a/src/filters/secqueue.cpp
+++ b/src/filters/secqueue.cpp
@@ -50,7 +50,7 @@ class SecureQueueNode
private:
friend class SecureQueue;
SecureQueueNode* next;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
size_t start, end;
};
diff --git a/src/filters/zlib/zlib.h b/src/filters/zlib/zlib.h
index 60117f2bc..c4d21a250 100644
--- a/src/filters/zlib/zlib.h
+++ b/src/filters/zlib/zlib.h
@@ -45,7 +45,7 @@ class BOTAN_DLL Zlib_Compression : public Filter
const size_t level;
const bool raw_deflate;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
class Zlib_Stream* zlib;
};
@@ -68,7 +68,7 @@ class BOTAN_DLL Zlib_Decompression : public Filter
const bool raw_deflate;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
class Zlib_Stream* zlib;
bool no_writes;
};
diff --git a/src/hash/bmw_512/bmw_512.h b/src/hash/bmw_512/bmw_512.h
index 474b607bb..b9ea63578 100644
--- a/src/hash/bmw_512/bmw_512.h
+++ b/src/hash/bmw_512/bmw_512.h
@@ -30,7 +30,7 @@ class BOTAN_DLL BMW_512 : public MDx_HashFunction
void compress_n(const byte input[], size_t blocks);
void copy_out(byte output[]);
- SecureVector<u64bit> H, M, Q;
+ secure_vector<u64bit> H, M, Q;
};
}
diff --git a/src/hash/comb4p/comb4p.cpp b/src/hash/comb4p/comb4p.cpp
index 1ea64a5cb..7aec5972e 100644
--- a/src/hash/comb4p/comb4p.cpp
+++ b/src/hash/comb4p/comb4p.cpp
@@ -13,8 +13,8 @@ namespace Botan {
namespace {
-void comb4p_round(MemoryRegion<byte>& out,
- const MemoryRegion<byte>& in,
+void comb4p_round(secure_vector<byte>& out,
+ const secure_vector<byte>& in,
byte round_no,
HashFunction* h1,
HashFunction* h2)
@@ -25,7 +25,7 @@ void comb4p_round(MemoryRegion<byte>& out,
h1->update(&in[0], in.size());
h2->update(&in[0], in.size());
- SecureVector<byte> h_buf = h1->final();
+ secure_vector<byte> h_buf = h1->final();
xor_buf(&out[0], &h_buf[0], std::min(out.size(), h_buf.size()));
h_buf = h2->final();
@@ -78,8 +78,8 @@ void Comb4P::add_data(const byte input[], size_t length)
void Comb4P::final_result(byte out[])
{
- SecureVector<byte> h1 = hash1->final();
- SecureVector<byte> h2 = hash2->final();
+ secure_vector<byte> h1 = hash1->final();
+ secure_vector<byte> h2 = hash2->final();
// First round
xor_buf(&h1[0], &h2[0], std::min(h1.size(), h2.size()));
diff --git a/src/hash/gost_3411/gost_3411.cpp b/src/hash/gost_3411/gost_3411.cpp
index 6e56c2b97..eb889c0a5 100644
--- a/src/hash/gost_3411/gost_3411.cpp
+++ b/src/hash/gost_3411/gost_3411.cpp
@@ -225,11 +225,11 @@ void GOST_34_11::final_result(byte out[])
compress_n(&buffer[0], 1);
}
- SecureVector<byte> length_buf(32);
+ secure_vector<byte> length_buf(32);
const u64bit bit_count = count * 8;
store_le(bit_count, &length_buf[0]);
- SecureVector<byte> sum_buf = sum;
+ secure_vector<byte> sum_buf = sum;
compress_n(&length_buf[0], 1);
compress_n(&sum_buf[0], 1);
diff --git a/src/hash/gost_3411/gost_3411.h b/src/hash/gost_3411/gost_3411.h
index fbbcb7a89..5437ca4d8 100644
--- a/src/hash/gost_3411/gost_3411.h
+++ b/src/hash/gost_3411/gost_3411.h
@@ -34,7 +34,7 @@ class BOTAN_DLL GOST_34_11 : public HashFunction
void final_result(byte[]);
GOST_28147_89 cipher;
- SecureVector<byte> buffer, sum, hash;
+ secure_vector<byte> buffer, sum, hash;
size_t position;
u64bit count;
};
diff --git a/src/hash/has160/has160.h b/src/hash/has160/has160.h
index d32361601..9947d9580 100644
--- a/src/hash/has160/has160.h
+++ b/src/hash/has160/has160.h
@@ -31,7 +31,7 @@ class BOTAN_DLL HAS_160 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u32bit> X, digest;
+ secure_vector<u32bit> X, digest;
};
}
diff --git a/src/hash/keccak/keccak.cpp b/src/hash/keccak/keccak.cpp
index 107055509..e34c0fd43 100644
--- a/src/hash/keccak/keccak.cpp
+++ b/src/hash/keccak/keccak.cpp
@@ -178,12 +178,12 @@ void Keccak_1600::add_data(const byte input[], size_t length)
void Keccak_1600::final_result(byte output[])
{
- MemoryVector<byte> padding(bitrate / 8 - S_pos);
+ std::vector<byte> padding(bitrate / 8 - S_pos);
padding[0] = 0x01;
padding[padding.size()-1] |= 0x80;
- add_data(padding, padding.size());
+ add_data(&padding[0], padding.size());
/*
* We never have to run the permutation again because we only support
diff --git a/src/hash/keccak/keccak.h b/src/hash/keccak/keccak.h
index 17ae632ba..e91a04d32 100644
--- a/src/hash/keccak/keccak.h
+++ b/src/hash/keccak/keccak.h
@@ -38,7 +38,7 @@ class BOTAN_DLL Keccak_1600 : public HashFunction
void final_result(byte out[]);
size_t output_bits, bitrate;
- SecureVector<u64bit> S;
+ secure_vector<u64bit> S;
size_t S_pos;
};
diff --git a/src/hash/md2/md2.h b/src/hash/md2/md2.h
index 84e0323f7..032d8a8e0 100644
--- a/src/hash/md2/md2.h
+++ b/src/hash/md2/md2.h
@@ -32,7 +32,7 @@ class BOTAN_DLL MD2 : public HashFunction
void hash(const byte[]);
void final_result(byte[]);
- SecureVector<byte> X, checksum, buffer;
+ secure_vector<byte> X, checksum, buffer;
size_t position;
};
diff --git a/src/hash/md4/md4.h b/src/hash/md4/md4.h
index d37dbe3b2..750be0fe7 100644
--- a/src/hash/md4/md4.h
+++ b/src/hash/md4/md4.h
@@ -33,12 +33,12 @@ class BOTAN_DLL MD4 : public MDx_HashFunction
/**
* The message buffer, exposed for use by subclasses (x86 asm)
*/
- SecureVector<u32bit> M;
+ secure_vector<u32bit> M;
/**
* The digest value, exposed for use by subclasses (x86 asm)
*/
- SecureVector<u32bit> digest;
+ secure_vector<u32bit> digest;
};
}
diff --git a/src/hash/md5/md5.h b/src/hash/md5/md5.h
index 92c023c92..bc90df0af 100644
--- a/src/hash/md5/md5.h
+++ b/src/hash/md5/md5.h
@@ -33,12 +33,12 @@ class BOTAN_DLL MD5 : public MDx_HashFunction
/**
* The message buffer, exposed for use by subclasses (x86 asm)
*/
- SecureVector<u32bit> M;
+ secure_vector<u32bit> M;
/**
* The digest value, exposed for use by subclasses (x86 asm)
*/
- SecureVector<u32bit> digest;
+ secure_vector<u32bit> digest;
};
}
diff --git a/src/hash/mdx_hash/mdx_hash.h b/src/hash/mdx_hash/mdx_hash.h
index ed3381605..14d3c27a0 100644
--- a/src/hash/mdx_hash/mdx_hash.h
+++ b/src/hash/mdx_hash/mdx_hash.h
@@ -55,7 +55,7 @@ class BOTAN_DLL MDx_HashFunction : public HashFunction
*/
virtual void write_count(byte out[]);
private:
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
u64bit count;
size_t position;
diff --git a/src/hash/rmd128/rmd128.h b/src/hash/rmd128/rmd128.h
index d64cf3c84..e37666a27 100644
--- a/src/hash/rmd128/rmd128.h
+++ b/src/hash/rmd128/rmd128.h
@@ -30,7 +30,7 @@ class BOTAN_DLL RIPEMD_128 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u32bit> M, digest;
+ secure_vector<u32bit> M, digest;
};
}
diff --git a/src/hash/rmd160/rmd160.h b/src/hash/rmd160/rmd160.h
index 5df4ad490..0e43fed9a 100644
--- a/src/hash/rmd160/rmd160.h
+++ b/src/hash/rmd160/rmd160.h
@@ -30,7 +30,7 @@ class BOTAN_DLL RIPEMD_160 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u32bit> M, digest;
+ secure_vector<u32bit> M, digest;
};
}
diff --git a/src/hash/sha1/sha160.h b/src/hash/sha1/sha160.h
index c3b264861..e2a81808d 100644
--- a/src/hash/sha1/sha160.h
+++ b/src/hash/sha1/sha160.h
@@ -47,12 +47,12 @@ class BOTAN_DLL SHA_160 : public MDx_HashFunction
/**
* The digest value, exposed for use by subclasses (asm, SSE2)
*/
- SecureVector<u32bit> digest;
+ secure_vector<u32bit> digest;
/**
* The message buffer, exposed for use by subclasses (asm, SSE2)
*/
- SecureVector<u32bit> W;
+ secure_vector<u32bit> W;
};
}
diff --git a/src/hash/sha2_32/sha2_32.cpp b/src/hash/sha2_32/sha2_32.cpp
index 6dd780e64..cffc8bd2a 100644
--- a/src/hash/sha2_32/sha2_32.cpp
+++ b/src/hash/sha2_32/sha2_32.cpp
@@ -50,7 +50,7 @@ inline u32bit sigma(u32bit X, u32bit rot1, u32bit rot2, u32bit shift)
/*
* SHA-224 / SHA-256 compression function
*/
-void compress(MemoryRegion<u32bit>& digest,
+void compress(secure_vector<u32bit>& digest,
const byte input[], size_t blocks)
{
u32bit A = digest[0], B = digest[1], C = digest[2],
diff --git a/src/hash/sha2_32/sha2_32.h b/src/hash/sha2_32/sha2_32.h
index 807b979d1..ccb8e07f2 100644
--- a/src/hash/sha2_32/sha2_32.h
+++ b/src/hash/sha2_32/sha2_32.h
@@ -31,7 +31,7 @@ class BOTAN_DLL SHA_224 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u32bit> digest;
+ secure_vector<u32bit> digest;
};
/**
@@ -52,7 +52,7 @@ class BOTAN_DLL SHA_256 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u32bit> digest;
+ secure_vector<u32bit> digest;
};
}
diff --git a/src/hash/sha2_64/sha2_64.cpp b/src/hash/sha2_64/sha2_64.cpp
index 3026c3a39..8dcb4684e 100644
--- a/src/hash/sha2_64/sha2_64.cpp
+++ b/src/hash/sha2_64/sha2_64.cpp
@@ -49,7 +49,7 @@ inline u64bit sigma(u64bit X, u32bit rot1, u32bit rot2, u32bit shift)
/*
* SHA-{384,512} Compression Function
*/
-void compress(MemoryRegion<u64bit>& digest,
+void compress(secure_vector<u64bit>& digest,
const byte input[], size_t blocks)
{
u64bit A = digest[0], B = digest[1], C = digest[2],
diff --git a/src/hash/sha2_64/sha2_64.h b/src/hash/sha2_64/sha2_64.h
index 124d4bbfb..58b154170 100644
--- a/src/hash/sha2_64/sha2_64.h
+++ b/src/hash/sha2_64/sha2_64.h
@@ -30,7 +30,7 @@ class BOTAN_DLL SHA_384 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u64bit> digest;
+ secure_vector<u64bit> digest;
};
/**
@@ -51,7 +51,7 @@ class BOTAN_DLL SHA_512 : public MDx_HashFunction
void compress_n(const byte[], size_t blocks);
void copy_out(byte[]);
- SecureVector<u64bit> digest;
+ secure_vector<u64bit> digest;
};
}
diff --git a/src/hash/skein/skein_512.cpp b/src/hash/skein/skein_512.cpp
index 2458bf5f0..28c2aa38b 100644
--- a/src/hash/skein/skein_512.cpp
+++ b/src/hash/skein/skein_512.cpp
@@ -27,8 +27,8 @@ enum type_code {
SKEIN_OUTPUT = 63
};
-void ubi_512(MemoryRegion<u64bit>& H,
- MemoryRegion<u64bit>& T,
+void ubi_512(secure_vector<u64bit>& H,
+ secure_vector<u64bit>& T,
const byte msg[], size_t msg_len)
{
do
@@ -125,7 +125,7 @@ void ubi_512(MemoryRegion<u64bit>& H,
} while(msg_len);
}
-void reset_tweak(MemoryRegion<u64bit>& T,
+void reset_tweak(secure_vector<u64bit>& T,
type_code type, bool final)
{
T[0] = 0;
@@ -135,8 +135,8 @@ void reset_tweak(MemoryRegion<u64bit>& T,
(static_cast<u64bit>(final) << 63);
}
-void initial_block(MemoryRegion<u64bit>& H,
- MemoryRegion<u64bit>& T,
+void initial_block(secure_vector<u64bit>& H,
+ secure_vector<u64bit>& T,
size_t output_bits,
const std::string& personalization)
{
@@ -245,7 +245,7 @@ void Skein_512::final_result(byte out[])
size_t out_bytes = output_bits / 8;
- SecureVector<u64bit> H_out(9);
+ secure_vector<u64bit> H_out(9);
while(out_bytes)
{
diff --git a/src/hash/skein/skein_512.h b/src/hash/skein/skein_512.h
index 8605e5991..e0abc06ae 100644
--- a/src/hash/skein/skein_512.h
+++ b/src/hash/skein/skein_512.h
@@ -41,9 +41,9 @@ class BOTAN_DLL Skein_512 : public HashFunction
std::string personalization;
size_t output_bits;
- SecureVector<u64bit> H;
- SecureVector<u64bit> T;
- SecureVector<byte> buffer;
+ secure_vector<u64bit> H;
+ secure_vector<u64bit> T;
+ secure_vector<byte> buffer;
size_t buf_pos;
};
diff --git a/src/hash/tiger/tiger.cpp b/src/hash/tiger/tiger.cpp
index daa0939b9..57250d6f5 100644
--- a/src/hash/tiger/tiger.cpp
+++ b/src/hash/tiger/tiger.cpp
@@ -17,7 +17,7 @@ namespace {
/*
* Tiger Mixing Function
*/
-inline void mix(MemoryRegion<u64bit>& X)
+inline void mix(secure_vector<u64bit>& X)
{
X[0] -= X[7] ^ 0xA5A5A5A5A5A5A5A5;
X[1] ^= X[0];
@@ -83,7 +83,7 @@ void Tiger::copy_out(byte output[])
* Tiger Pass
*/
void Tiger::pass(u64bit& A, u64bit& B, u64bit& C,
- const MemoryRegion<u64bit>& X,
+ const secure_vector<u64bit>& X,
byte mul)
{
C ^= X[0];
diff --git a/src/hash/tiger/tiger.h b/src/hash/tiger/tiger.h
index 09c9947fb..70c70958b 100644
--- a/src/hash/tiger/tiger.h
+++ b/src/hash/tiger/tiger.h
@@ -38,7 +38,7 @@ class BOTAN_DLL Tiger : public MDx_HashFunction
void copy_out(byte[]);
static void pass(u64bit& A, u64bit& B, u64bit& C,
- const MemoryRegion<u64bit>& M,
+ const secure_vector<u64bit>& M,
byte mul);
static const u64bit SBOX1[256];
@@ -46,7 +46,7 @@ class BOTAN_DLL Tiger : public MDx_HashFunction
static const u64bit SBOX3[256];
static const u64bit SBOX4[256];
- SecureVector<u64bit> X, digest;
+ secure_vector<u64bit> X, digest;
const size_t hash_len, passes;
};
diff --git a/src/hash/whirlpool/whrlpool.h b/src/hash/whirlpool/whrlpool.h
index ab7a78bc8..d4ad805e1 100644
--- a/src/hash/whirlpool/whrlpool.h
+++ b/src/hash/whirlpool/whrlpool.h
@@ -39,7 +39,7 @@ class BOTAN_DLL Whirlpool : public MDx_HashFunction
static const u64bit C6[256];
static const u64bit C7[256];
- SecureVector<u64bit> M, digest;
+ secure_vector<u64bit> M, digest;
};
}
diff --git a/src/kdf/kdf.cpp b/src/kdf/kdf.cpp
index 6281f753c..88cbd5b99 100644
--- a/src/kdf/kdf.cpp
+++ b/src/kdf/kdf.cpp
@@ -12,8 +12,8 @@ namespace Botan {
/*
* Derive a key
*/
-SecureVector<byte> KDF::derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
+secure_vector<byte> KDF::derive_key(size_t key_len,
+ const secure_vector<byte>& secret,
const std::string& salt) const
{
return derive_key(key_len, &secret[0], secret.size(),
@@ -24,8 +24,8 @@ SecureVector<byte> KDF::derive_key(size_t key_len,
/*
* Derive a key
*/
-SecureVector<byte> KDF::derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
+secure_vector<byte> KDF::derive_key(size_t key_len,
+ const secure_vector<byte>& secret,
const byte salt[], size_t salt_len) const
{
return derive_key(key_len, &secret[0], secret.size(),
@@ -35,18 +35,7 @@ SecureVector<byte> KDF::derive_key(size_t key_len,
/*
* Derive a key
*/
-SecureVector<byte> KDF::derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
- const MemoryRegion<byte>& salt) const
- {
- return derive_key(key_len, &secret[0], secret.size(),
- &salt[0], salt.size());
- }
-
-/*
-* Derive a key
-*/
-SecureVector<byte> KDF::derive_key(size_t key_len,
+secure_vector<byte> KDF::derive_key(size_t key_len,
const byte secret[], size_t secret_len,
const std::string& salt) const
{
@@ -58,7 +47,7 @@ SecureVector<byte> KDF::derive_key(size_t key_len,
/*
* Derive a key
*/
-SecureVector<byte> KDF::derive_key(size_t key_len,
+secure_vector<byte> KDF::derive_key(size_t key_len,
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const
{
diff --git a/src/kdf/kdf.h b/src/kdf/kdf.h
index 3ec912cfe..e158df0ae 100644
--- a/src/kdf/kdf.h
+++ b/src/kdf/kdf.h
@@ -26,8 +26,8 @@ class BOTAN_DLL KDF : public Algorithm
* @param secret the secret input
* @param salt a diversifier
*/
- SecureVector<byte> derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
+ secure_vector<byte> derive_key(size_t key_len,
+ const secure_vector<byte>& secret,
const std::string& salt = "") const;
/**
@@ -36,9 +36,15 @@ class BOTAN_DLL KDF : public Algorithm
* @param secret the secret input
* @param salt a diversifier
*/
- SecureVector<byte> derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
- const MemoryRegion<byte>& salt) const;
+ template<typename Alloc, typename Alloc2>
+ secure_vector<byte> derive_key(size_t key_len,
+ const std::vector<byte, Alloc>& secret,
+ const std::vector<byte, Alloc2>& salt) const
+ {
+ return derive_key(key_len, &secret[0], secret.size(),
+ &salt[0], salt.size());
+
+ }
/**
* Derive a key
@@ -47,8 +53,8 @@ class BOTAN_DLL KDF : public Algorithm
* @param salt a diversifier
* @param salt_len size of salt in bytes
*/
- SecureVector<byte> derive_key(size_t key_len,
- const MemoryRegion<byte>& secret,
+ secure_vector<byte> derive_key(size_t key_len,
+ const secure_vector<byte>& secret,
const byte salt[],
size_t salt_len) const;
@@ -59,7 +65,7 @@ class BOTAN_DLL KDF : public Algorithm
* @param secret_len size of secret in bytes
* @param salt a diversifier
*/
- SecureVector<byte> derive_key(size_t key_len,
+ secure_vector<byte> derive_key(size_t key_len,
const byte secret[],
size_t secret_len,
const std::string& salt = "") const;
@@ -72,7 +78,7 @@ class BOTAN_DLL KDF : public Algorithm
* @param salt a diversifier
* @param salt_len size of salt in bytes
*/
- SecureVector<byte> derive_key(size_t key_len,
+ secure_vector<byte> derive_key(size_t key_len,
const byte secret[],
size_t secret_len,
const byte salt[],
@@ -82,7 +88,7 @@ class BOTAN_DLL KDF : public Algorithm
virtual KDF* clone() const = 0;
private:
- virtual SecureVector<byte>
+ virtual secure_vector<byte>
derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const = 0;
diff --git a/src/kdf/kdf1/kdf1.cpp b/src/kdf/kdf1/kdf1.cpp
index f3e4e208f..f00f71010 100644
--- a/src/kdf/kdf1/kdf1.cpp
+++ b/src/kdf/kdf1/kdf1.cpp
@@ -12,7 +12,7 @@ namespace Botan {
/*
* KDF1 Key Derivation Mechanism
*/
-SecureVector<byte> KDF1::derive(size_t,
+secure_vector<byte> KDF1::derive(size_t,
const byte secret[], size_t secret_len,
const byte P[], size_t P_len) const
{
diff --git a/src/kdf/kdf1/kdf1.h b/src/kdf/kdf1/kdf1.h
index f627235be..6a14d2995 100644
--- a/src/kdf/kdf1/kdf1.h
+++ b/src/kdf/kdf1/kdf1.h
@@ -19,7 +19,7 @@ namespace Botan {
class BOTAN_DLL KDF1 : public KDF
{
public:
- SecureVector<byte> derive(size_t,
+ secure_vector<byte> derive(size_t,
const byte secret[], size_t secret_len,
const byte P[], size_t P_len) const;
diff --git a/src/kdf/kdf2/kdf2.cpp b/src/kdf/kdf2/kdf2.cpp
index 51b9e41ea..39a929b58 100644
--- a/src/kdf/kdf2/kdf2.cpp
+++ b/src/kdf/kdf2/kdf2.cpp
@@ -12,11 +12,11 @@ namespace Botan {
/*
* KDF2 Key Derivation Mechanism
*/
-SecureVector<byte> KDF2::derive(size_t out_len,
+secure_vector<byte> KDF2::derive(size_t out_len,
const byte secret[], size_t secret_len,
const byte P[], size_t P_len) const
{
- SecureVector<byte> output;
+ secure_vector<byte> output;
u32bit counter = 1;
while(out_len && counter)
@@ -25,7 +25,7 @@ SecureVector<byte> KDF2::derive(size_t out_len,
hash->update_be(counter);
hash->update(P, P_len);
- SecureVector<byte> hash_result = hash->final();
+ secure_vector<byte> hash_result = hash->final();
size_t added = std::min(hash_result.size(), out_len);
output += std::make_pair(&hash_result[0], added);
diff --git a/src/kdf/kdf2/kdf2.h b/src/kdf/kdf2/kdf2.h
index e85fe6d1c..e33939df9 100644
--- a/src/kdf/kdf2/kdf2.h
+++ b/src/kdf/kdf2/kdf2.h
@@ -19,7 +19,7 @@ namespace Botan {
class BOTAN_DLL KDF2 : public KDF
{
public:
- SecureVector<byte> derive(size_t, const byte[], size_t,
+ secure_vector<byte> derive(size_t, const byte[], size_t,
const byte[], size_t) const;
std::string name() const { return "KDF2(" + hash->name() + ")"; }
diff --git a/src/kdf/mgf1/mgf1.cpp b/src/kdf/mgf1/mgf1.cpp
index 7d949c2b8..e0433a02f 100644
--- a/src/kdf/mgf1/mgf1.cpp
+++ b/src/kdf/mgf1/mgf1.cpp
@@ -25,7 +25,7 @@ void MGF1::mask(const byte in[], size_t in_len, byte out[],
{
hash->update(in, in_len);
hash->update_be(counter);
- SecureVector<byte> buffer = hash->final();
+ secure_vector<byte> buffer = hash->final();
size_t xored = std::min<size_t>(buffer.size(), out_len);
xor_buf(out, &buffer[0], xored);
diff --git a/src/kdf/prf_ssl3/prf_ssl3.cpp b/src/kdf/prf_ssl3/prf_ssl3.cpp
index 72cf023e2..8475bf40a 100644
--- a/src/kdf/prf_ssl3/prf_ssl3.cpp
+++ b/src/kdf/prf_ssl3/prf_ssl3.cpp
@@ -33,11 +33,11 @@ OctetString next_hash(size_t where, size_t want,
sha1.update(static_cast<byte>(ASCII_A_CHAR + where));
sha1.update(secret, secret_len);
sha1.update(seed, seed_len);
- SecureVector<byte> sha1_hash = sha1.final();
+ secure_vector<byte> sha1_hash = sha1.final();
md5.update(secret, secret_len);
md5.update(sha1_hash);
- SecureVector<byte> md5_hash = md5.final();
+ secure_vector<byte> md5_hash = md5.final();
return OctetString(&md5_hash[0], want);
}
@@ -47,7 +47,7 @@ OctetString next_hash(size_t where, size_t want,
/*
* SSL3 PRF
*/
-SecureVector<byte> SSL3_PRF::derive(size_t key_len,
+secure_vector<byte> SSL3_PRF::derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len) const
{
diff --git a/src/kdf/prf_ssl3/prf_ssl3.h b/src/kdf/prf_ssl3/prf_ssl3.h
index b07454be2..bae8badb8 100644
--- a/src/kdf/prf_ssl3/prf_ssl3.h
+++ b/src/kdf/prf_ssl3/prf_ssl3.h
@@ -18,7 +18,7 @@ namespace Botan {
class BOTAN_DLL SSL3_PRF : public KDF
{
public:
- SecureVector<byte> derive(size_t, const byte[], size_t,
+ secure_vector<byte> derive(size_t, const byte[], size_t,
const byte[], size_t) const;
std::string name() const { return "SSL3-PRF"; }
diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp
index 1236e13c7..006b418c9 100644
--- a/src/kdf/prf_tls/prf_tls.cpp
+++ b/src/kdf/prf_tls/prf_tls.cpp
@@ -18,7 +18,7 @@ namespace {
/*
* TLS PRF P_hash function
*/
-void P_hash(MemoryRegion<byte>& output,
+void P_hash(secure_vector<byte>& output,
MessageAuthenticationCode* mac,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len)
@@ -34,7 +34,7 @@ void P_hash(MemoryRegion<byte>& output,
" bytes is too long for the PRF");
}
- SecureVector<byte> A(seed, seed_len);
+ secure_vector<byte> A(seed, seed + seed_len);
size_t offset = 0;
@@ -47,7 +47,7 @@ void P_hash(MemoryRegion<byte>& output,
mac->update(A);
mac->update(seed, seed_len);
- SecureVector<byte> block = mac->final();
+ secure_vector<byte> block = mac->final();
xor_buf(&output[offset], &block[0], this_block_len);
offset += this_block_len;
@@ -74,11 +74,11 @@ TLS_PRF::~TLS_PRF()
/*
* TLS PRF
*/
-SecureVector<byte> TLS_PRF::derive(size_t key_len,
+secure_vector<byte> TLS_PRF::derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len) const
{
- SecureVector<byte> output(key_len);
+ secure_vector<byte> output(key_len);
size_t S1_len = (secret_len + 1) / 2,
S2_len = (secret_len + 1) / 2;
@@ -103,11 +103,11 @@ TLS_12_PRF::~TLS_12_PRF()
delete hmac;
}
-SecureVector<byte> TLS_12_PRF::derive(size_t key_len,
+secure_vector<byte> TLS_12_PRF::derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len) const
{
- SecureVector<byte> output(key_len);
+ secure_vector<byte> output(key_len);
P_hash(output, hmac, secret, secret_len, seed, seed_len);
diff --git a/src/kdf/prf_tls/prf_tls.h b/src/kdf/prf_tls/prf_tls.h
index 5237f17c0..fce11eae0 100644
--- a/src/kdf/prf_tls/prf_tls.h
+++ b/src/kdf/prf_tls/prf_tls.h
@@ -20,7 +20,7 @@ namespace Botan {
class BOTAN_DLL TLS_PRF : public KDF
{
public:
- SecureVector<byte> derive(size_t key_len,
+ secure_vector<byte> derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len) const;
@@ -40,7 +40,7 @@ class BOTAN_DLL TLS_PRF : public KDF
class BOTAN_DLL TLS_12_PRF : public KDF
{
public:
- SecureVector<byte> derive(size_t key_len,
+ secure_vector<byte> derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte seed[], size_t seed_len) const;
diff --git a/src/kdf/prf_x942/prf_x942.cpp b/src/kdf/prf_x942/prf_x942.cpp
index fc31effe4..149be163f 100644
--- a/src/kdf/prf_x942/prf_x942.cpp
+++ b/src/kdf/prf_x942/prf_x942.cpp
@@ -20,11 +20,11 @@ namespace {
/*
* Encode an integer as an OCTET STRING
*/
-MemoryVector<byte> encode_x942_int(u32bit n)
+std::vector<byte> encode_x942_int(u32bit n)
{
byte n_buf[4] = { 0 };
store_be(n, n_buf);
- return DER_Encoder().encode(n_buf, 4, OCTET_STRING).get_contents();
+ return DER_Encoder().encode(n_buf, 4, OCTET_STRING).get_contents_unlocked();
}
}
@@ -32,14 +32,14 @@ MemoryVector<byte> encode_x942_int(u32bit n)
/*
* X9.42 PRF
*/
-SecureVector<byte> X942_PRF::derive(size_t key_len,
+secure_vector<byte> X942_PRF::derive(size_t key_len,
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const
{
SHA_160 hash;
const OID kek_algo(key_wrap_oid);
- SecureVector<byte> key;
+ secure_vector<byte> key;
u32bit counter = 1;
while(key.size() != key_len && counter)
@@ -68,7 +68,7 @@ SecureVector<byte> X942_PRF::derive(size_t key_len,
.end_cons().get_contents()
);
- SecureVector<byte> digest = hash.final();
+ secure_vector<byte> digest = hash.final();
const size_t needed = std::min(digest.size(), key_len - key.size());
key += std::make_pair(&digest[0], needed);
diff --git a/src/kdf/prf_x942/prf_x942.h b/src/kdf/prf_x942/prf_x942.h
index e6093eda6..f86b1bdd5 100644
--- a/src/kdf/prf_x942/prf_x942.h
+++ b/src/kdf/prf_x942/prf_x942.h
@@ -18,7 +18,7 @@ namespace Botan {
class BOTAN_DLL X942_PRF : public KDF
{
public:
- SecureVector<byte> derive(size_t, const byte[], size_t,
+ secure_vector<byte> derive(size_t, const byte[], size_t,
const byte[], size_t) const;
std::string name() const { return "X942_PRF(" + key_wrap_oid + ")"; }
diff --git a/src/libstate/info.txt b/src/libstate/info.txt
index ef0c9a47e..0e523e601 100644
--- a/src/libstate/info.txt
+++ b/src/libstate/info.txt
@@ -45,5 +45,4 @@ rng
sha2_32
sha2_64
stream
-system_alloc
</requires>
diff --git a/src/libstate/libstate.cpp b/src/libstate/libstate.cpp
index 588c5db1b..eafa6dbb0 100644
--- a/src/libstate/libstate.cpp
+++ b/src/libstate/libstate.cpp
@@ -9,7 +9,6 @@
#include <botan/charset.h>
#include <botan/engine.h>
#include <botan/cpuid.h>
-#include <botan/internal/defalloc.h>
#include <botan/internal/core_engine.h>
#include <botan/internal/stl_util.h>
#include <botan/internal/mlock.h>
@@ -19,10 +18,6 @@
#include <botan/selftest.h>
#endif
-#if defined(BOTAN_HAS_ALLOC_MMAP)
- #include <botan/internal/mmap_mem.h>
-#endif
-
#if defined(BOTAN_HAS_ENGINE_ASSEMBLER)
#include <botan/internal/asm_engine.h>
#endif
@@ -46,53 +41,6 @@
namespace Botan {
/*
-* Get an allocator by its name
-*/
-Allocator* Library_State::get_allocator(const std::string& type)
- {
- std::lock_guard<std::mutex> lock(allocator_lock);
-
- if(type != "")
- return search_map<std::string, Allocator*>(alloc_factory, type, 0);
-
- if(!cached_default_allocator)
- {
- cached_default_allocator =
- search_map<std::string, Allocator*>(alloc_factory,
- default_allocator_name, 0);
- }
-
- return cached_default_allocator;
- }
-
-/*
-* Create a new name to object mapping
-*/
-void Library_State::add_allocator(Allocator* allocator)
- {
- std::lock_guard<std::mutex> lock(allocator_lock);
-
- allocator->init();
-
- allocators.push_back(allocator);
- alloc_factory[allocator->type()] = allocator;
- }
-
-/*
-* Set the default allocator type
-*/
-void Library_State::set_default_allocator(const std::string& type)
- {
- if(type == "")
- return;
-
- std::lock_guard<std::mutex> lock(allocator_lock);
-
- default_allocator_name = type;
- cached_default_allocator = 0;
- }
-
-/*
* Get a configuration value
*/
std::string Library_State::get(const std::string& section,
@@ -184,16 +132,6 @@ void Library_State::initialize()
if(m_algorithm_factory)
throw Invalid_State("Library_State has already been initialized");
- cached_default_allocator = 0;
- default_allocator_name = has_mlock() ? "locking" : "malloc";
-
- add_allocator(new Malloc_Allocator);
- add_allocator(new Locking_Allocator);
-
-#if defined(BOTAN_HAS_ALLOC_MMAP)
- add_allocator(new MemoryMapping_Allocator);
-#endif
-
load_default_config();
m_algorithm_factory = new Algorithm_Factory();
@@ -230,7 +168,6 @@ void Library_State::initialize()
*/
Library_State::Library_State()
{
- cached_default_allocator = 0;
m_algorithm_factory = 0;
global_rng_ptr = 0;
@@ -246,15 +183,6 @@ Library_State::~Library_State()
delete global_rng_ptr;
global_rng_ptr = 0;
-
-
- cached_default_allocator = 0;
-
- for(size_t i = 0; i != allocators.size(); ++i)
- {
- allocators[i]->destroy();
- delete allocators[i];
- }
}
}
diff --git a/src/libstate/libstate.h b/src/libstate/libstate.h
index 49908a1e3..b260a5bb9 100644
--- a/src/libstate/libstate.h
+++ b/src/libstate/libstate.h
@@ -9,7 +9,6 @@
#define BOTAN_LIB_STATE_H__
#include <botan/global_state.h>
-#include <botan/allocate.h>
#include <botan/algo_factory.h>
#include <botan/rng.h>
@@ -45,18 +44,6 @@ class BOTAN_DLL Library_State
RandomNumberGenerator& global_rng();
/**
- * @param name the name of the allocator
- * @return allocator matching this name, or NULL
- */
- Allocator* get_allocator(const std::string& name = "");
-
- /**
- * Add a new allocator to the list of available ones
- * @param alloc the allocator to add
- */
- void add_allocator(Allocator* alloc);
-
- /**
* Set the default allocator
* @param name the name of the allocator to use as the default
*/
@@ -121,12 +108,6 @@ class BOTAN_DLL Library_State
std::mutex config_lock;
std::map<std::string, std::string> config;
- std::mutex allocator_lock;
- std::string default_allocator_name;
- std::map<std::string, Allocator*> alloc_factory;
- mutable Allocator* cached_default_allocator;
- std::vector<Allocator*> allocators;
-
Algorithm_Factory* m_algorithm_factory;
};
diff --git a/src/mac/cbc_mac/cbc_mac.h b/src/mac/cbc_mac/cbc_mac.h
index 5cc8adc67..be25718d9 100644
--- a/src/mac/cbc_mac/cbc_mac.h
+++ b/src/mac/cbc_mac/cbc_mac.h
@@ -40,7 +40,7 @@ class BOTAN_DLL CBC_MAC : public MessageAuthenticationCode
void key_schedule(const byte[], size_t);
BlockCipher* e;
- SecureVector<byte> state;
+ secure_vector<byte> state;
size_t position;
};
diff --git a/src/mac/cmac/cmac.cpp b/src/mac/cmac/cmac.cpp
index 7cd53f578..00120cf14 100644
--- a/src/mac/cmac/cmac.cpp
+++ b/src/mac/cmac/cmac.cpp
@@ -13,12 +13,12 @@ namespace Botan {
/*
* Perform CMAC's multiplication in GF(2^n)
*/
-SecureVector<byte> CMAC::poly_double(const MemoryRegion<byte>& in,
+secure_vector<byte> CMAC::poly_double(const secure_vector<byte>& in,
byte polynomial)
{
const byte poly_xor = (in[0] & 0x80) ? polynomial : 0;
- SecureVector<byte> out = in;
+ secure_vector<byte> out = in;
byte carry = 0;
for(size_t i = out.size(); i != 0; --i)
diff --git a/src/mac/cmac/cmac.h b/src/mac/cmac/cmac.h
index 98634bdb7..3e75d3951 100644
--- a/src/mac/cmac/cmac.h
+++ b/src/mac/cmac/cmac.h
@@ -35,7 +35,7 @@ class BOTAN_DLL CMAC : public MessageAuthenticationCode
* @param in the input
* @param polynomial the byte value of the polynomial
*/
- static SecureVector<byte> poly_double(const MemoryRegion<byte>& in,
+ static secure_vector<byte> poly_double(const secure_vector<byte>& in,
byte polynomial);
/**
@@ -49,7 +49,7 @@ class BOTAN_DLL CMAC : public MessageAuthenticationCode
void key_schedule(const byte[], size_t);
BlockCipher* e;
- SecureVector<byte> buffer, state, B, P;
+ secure_vector<byte> buffer, state, B, P;
size_t position;
byte polynomial;
};
diff --git a/src/mac/hmac/hmac.cpp b/src/mac/hmac/hmac.cpp
index fc35e26ea..61cb262d0 100644
--- a/src/mac/hmac/hmac.cpp
+++ b/src/mac/hmac/hmac.cpp
@@ -42,7 +42,7 @@ void HMAC::key_schedule(const byte key[], size_t length)
if(length > hash->hash_block_size())
{
- SecureVector<byte> hmac_key = hash->process(key, length);
+ secure_vector<byte> hmac_key = hash->process(key, length);
xor_buf(i_key, hmac_key, hmac_key.size());
xor_buf(o_key, hmac_key, hmac_key.size());
}
diff --git a/src/mac/hmac/hmac.h b/src/mac/hmac/hmac.h
index 9de1bc7b5..cb5bd6917 100644
--- a/src/mac/hmac/hmac.h
+++ b/src/mac/hmac/hmac.h
@@ -41,7 +41,7 @@ class BOTAN_DLL HMAC : public MessageAuthenticationCode
void key_schedule(const byte[], size_t);
HashFunction* hash;
- SecureVector<byte> i_key, o_key;
+ secure_vector<byte> i_key, o_key;
};
}
diff --git a/src/mac/mac.cpp b/src/mac/mac.cpp
index 2ef4ab64c..094aa1b4a 100644
--- a/src/mac/mac.cpp
+++ b/src/mac/mac.cpp
@@ -15,7 +15,7 @@ namespace Botan {
*/
bool MessageAuthenticationCode::verify_mac(const byte mac[], size_t length)
{
- SecureVector<byte> our_mac = final();
+ secure_vector<byte> our_mac = final();
if(our_mac.size() != length)
return false;
diff --git a/src/mac/ssl3mac/ssl3_mac.h b/src/mac/ssl3mac/ssl3_mac.h
index a85a78263..d23ac023c 100644
--- a/src/mac/ssl3mac/ssl3_mac.h
+++ b/src/mac/ssl3mac/ssl3_mac.h
@@ -41,7 +41,7 @@ class BOTAN_DLL SSL3_MAC : public MessageAuthenticationCode
void key_schedule(const byte[], size_t);
HashFunction* hash;
- SecureVector<byte> i_key, o_key;
+ secure_vector<byte> i_key, o_key;
};
}
diff --git a/src/mac/x919_mac/x919_mac.cpp b/src/mac/x919_mac/x919_mac.cpp
index fcbe77537..faf6138ef 100644
--- a/src/mac/x919_mac/x919_mac.cpp
+++ b/src/mac/x919_mac/x919_mac.cpp
@@ -44,7 +44,7 @@ void ANSI_X919_MAC::final_result(byte mac[])
{
if(position)
e->encrypt(state);
- d->decrypt(state, mac);
+ d->decrypt(&state[0], mac);
e->encrypt(mac);
zeroise(state);
position = 0;
diff --git a/src/mac/x919_mac/x919_mac.h b/src/mac/x919_mac/x919_mac.h
index 58a005e0b..4b5e63b33 100644
--- a/src/mac/x919_mac/x919_mac.h
+++ b/src/mac/x919_mac/x919_mac.h
@@ -41,7 +41,7 @@ class BOTAN_DLL ANSI_X919_MAC : public MessageAuthenticationCode
BlockCipher* e;
BlockCipher* d;
- SecureVector<byte> state;
+ secure_vector<byte> state;
size_t position;
};
diff --git a/src/math/bigint/big_code.cpp b/src/math/bigint/big_code.cpp
index 28614c9f1..a55ec662e 100644
--- a/src/math/bigint/big_code.cpp
+++ b/src/math/bigint/big_code.cpp
@@ -21,7 +21,7 @@ void BigInt::encode(byte output[], const BigInt& n, Base base)
n.binary_encode(output);
else if(base == Hexadecimal)
{
- SecureVector<byte> binary(n.encoded_size(Binary));
+ secure_vector<byte> binary(n.encoded_size(Binary));
n.binary_encode(&binary[0]);
hex_encode(reinterpret_cast<char*>(output),
@@ -61,9 +61,23 @@ void BigInt::encode(byte output[], const BigInt& n, Base base)
/*
* Encode a BigInt
*/
-SecureVector<byte> BigInt::encode(const BigInt& n, Base base)
+std::vector<byte> BigInt::encode(const BigInt& n, Base base)
{
- SecureVector<byte> output(n.encoded_size(base));
+ std::vector<byte> output(n.encoded_size(base));
+ encode(&output[0], n, base);
+ if(base != Binary)
+ for(size_t j = 0; j != output.size(); ++j)
+ if(output[j] == 0)
+ output[j] = '0';
+ return output;
+ }
+
+/*
+* Encode a BigInt
+*/
+secure_vector<byte> BigInt::encode_locked(const BigInt& n, Base base)
+ {
+ secure_vector<byte> output(n.encoded_size(base));
encode(&output[0], n, base);
if(base != Binary)
for(size_t j = 0; j != output.size(); ++j)
@@ -75,7 +89,7 @@ SecureVector<byte> BigInt::encode(const BigInt& n, Base base)
/*
* Encode a BigInt, with leading 0s if needed
*/
-SecureVector<byte> BigInt::encode_1363(const BigInt& n, size_t bytes)
+secure_vector<byte> BigInt::encode_1363(const BigInt& n, size_t bytes)
{
const size_t n_bytes = n.bytes();
if(n_bytes > bytes)
@@ -83,7 +97,7 @@ SecureVector<byte> BigInt::encode_1363(const BigInt& n, size_t bytes)
const size_t leading_0s = bytes - n_bytes;
- SecureVector<byte> output(bytes);
+ secure_vector<byte> output(bytes);
encode(&output[leading_0s], n, Binary);
return output;
}
@@ -91,14 +105,6 @@ SecureVector<byte> BigInt::encode_1363(const BigInt& n, size_t bytes)
/*
* Decode a BigInt
*/
-BigInt BigInt::decode(const MemoryRegion<byte>& buf, Base base)
- {
- return BigInt::decode(&buf[0], buf.size(), base);
- }
-
-/*
-* Decode a BigInt
-*/
BigInt BigInt::decode(const byte buf[], size_t length, Base base)
{
BigInt r;
@@ -106,7 +112,7 @@ BigInt BigInt::decode(const byte buf[], size_t length, Base base)
r.binary_decode(buf, length);
else if(base == Hexadecimal)
{
- SecureVector<byte> binary;
+ secure_vector<byte> binary;
if(length % 2)
{
diff --git a/src/math/bigint/big_io.cpp b/src/math/bigint/big_io.cpp
index 70e4a464a..130a98a3b 100644
--- a/src/math/bigint/big_io.cpp
+++ b/src/math/bigint/big_io.cpp
@@ -27,7 +27,7 @@ std::ostream& operator<<(std::ostream& stream, const BigInt& n)
{
if(n < 0)
stream.write("-", 1);
- SecureVector<byte> buffer = BigInt::encode(n, base);
+ const std::vector<byte> buffer = BigInt::encode(n, base);
size_t skip = 0;
while(buffer[skip] == '0' && skip < buffer.size())
++skip;
diff --git a/src/math/bigint/big_ops2.cpp b/src/math/bigint/big_ops2.cpp
index ff5cc7922..ea2bdc961 100644
--- a/src/math/bigint/big_ops2.cpp
+++ b/src/math/bigint/big_ops2.cpp
@@ -23,15 +23,15 @@ BigInt& BigInt::operator+=(const BigInt& y)
grow_to(reg_size);
if(sign() == y.sign())
- bigint_add2(get_reg(), reg_size - 1, y.data(), y_sw);
+ bigint_add2(data(), reg_size - 1, y.data(), y_sw);
else
{
s32bit relative_size = bigint_cmp(data(), x_sw, y.data(), y_sw);
if(relative_size < 0)
{
- SecureVector<word> z(reg_size - 1);
- bigint_sub3(z, y.data(), reg_size - 1, data(), x_sw);
+ secure_vector<word> z(reg_size - 1);
+ bigint_sub3(&z[0], y.data(), reg_size - 1, data(), x_sw);
copy_mem(&reg[0], &z[0], z.size());
set_sign(y.sign());
}
@@ -41,7 +41,7 @@ BigInt& BigInt::operator+=(const BigInt& y)
set_sign(Positive);
}
else if(relative_size > 0)
- bigint_sub2(get_reg(), x_sw, y.data(), y_sw);
+ bigint_sub2(data(), x_sw, y.data(), y_sw);
}
return (*this);
@@ -62,9 +62,9 @@ BigInt& BigInt::operator-=(const BigInt& y)
if(relative_size < 0)
{
if(sign() == y.sign())
- bigint_sub2_rev(get_reg(), y.data(), y_sw);
+ bigint_sub2_rev(data(), y.data(), y_sw);
else
- bigint_add2(get_reg(), reg_size - 1, y.data(), y_sw);
+ bigint_add2(data(), reg_size - 1, y.data(), y_sw);
set_sign(y.reverse_sign());
}
@@ -76,14 +76,14 @@ BigInt& BigInt::operator-=(const BigInt& y)
set_sign(Positive);
}
else
- bigint_shl1(get_reg(), x_sw, 0, 1);
+ bigint_shl1(data(), x_sw, 0, 1);
}
else if(relative_size > 0)
{
if(sign() == y.sign())
- bigint_sub2(get_reg(), x_sw, y.data(), y_sw);
+ bigint_sub2(data(), x_sw, y.data(), y_sw);
else
- bigint_add2(get_reg(), reg_size - 1, y.data(), y_sw);
+ bigint_add2(data(), reg_size - 1, y.data(), y_sw);
}
return (*this);
@@ -105,22 +105,22 @@ BigInt& BigInt::operator*=(const BigInt& y)
else if(x_sw == 1 && y_sw)
{
grow_to(y_sw + 2);
- bigint_linmul3(get_reg(), y.data(), y_sw, word_at(0));
+ bigint_linmul3(data(), y.data(), y_sw, word_at(0));
}
else if(y_sw == 1 && x_sw)
{
grow_to(x_sw + 2);
- bigint_linmul2(get_reg(), x_sw, y.word_at(0));
+ bigint_linmul2(data(), x_sw, y.word_at(0));
}
else
{
grow_to(size() + y.size());
- SecureVector<word> z(data(), x_sw);
- SecureVector<word> workspace(size());
+ secure_vector<word> z(data(), data() + x_sw);
+ secure_vector<word> workspace(size());
- bigint_mul(get_reg(), size(), workspace,
- z, z.size(), x_sw,
+ bigint_mul(data(), size(), &workspace[0],
+ &z[0], z.size(), x_sw,
y.data(), y.size(), y_sw);
}
@@ -159,7 +159,7 @@ word BigInt::operator%=(word mod)
word result = (word_at(0) & (mod - 1));
clear();
grow_to(2);
- get_reg()[0] = result;
+ reg[0] = result;
return result;
}
@@ -171,9 +171,9 @@ word BigInt::operator%=(word mod)
grow_to(2);
if(remainder && sign() == BigInt::Negative)
- get_reg()[0] = mod - remainder;
+ reg[0] = mod - remainder;
else
- get_reg()[0] = remainder;
+ reg[0] = remainder;
set_sign(BigInt::Positive);
@@ -192,7 +192,7 @@ BigInt& BigInt::operator<<=(size_t shift)
words = sig_words();
grow_to(words + shift_words + (shift_bits ? 1 : 0));
- bigint_shl1(get_reg(), words, shift_words, shift_bits);
+ bigint_shl1(data(), words, shift_words, shift_bits);
}
return (*this);
@@ -208,7 +208,7 @@ BigInt& BigInt::operator>>=(size_t shift)
const size_t shift_words = shift / MP_WORD_BITS,
shift_bits = shift % MP_WORD_BITS;
- bigint_shr1(get_reg(), sig_words(), shift_words, shift_bits);
+ bigint_shr1(data(), sig_words(), shift_words, shift_bits);
if(is_zero())
set_sign(Positive);
diff --git a/src/math/bigint/big_ops3.cpp b/src/math/bigint/big_ops3.cpp
index 52472bc52..a33b32bb7 100644
--- a/src/math/bigint/big_ops3.cpp
+++ b/src/math/bigint/big_ops3.cpp
@@ -23,20 +23,20 @@ BigInt operator+(const BigInt& x, const BigInt& y)
BigInt z(x.sign(), std::max(x_sw, y_sw) + 1);
if((x.sign() == y.sign()))
- bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
+ bigint_add3(z.data(), x.data(), x_sw, y.data(), y_sw);
else
{
s32bit relative_size = bigint_cmp(x.data(), x_sw, y.data(), y_sw);
if(relative_size < 0)
{
- bigint_sub3(z.get_reg(), y.data(), y_sw, x.data(), x_sw);
+ bigint_sub3(z.data(), y.data(), y_sw, x.data(), x_sw);
z.set_sign(y.sign());
}
else if(relative_size == 0)
z.set_sign(BigInt::Positive);
else if(relative_size > 0)
- bigint_sub3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
+ bigint_sub3(z.data(), x.data(), x_sw, y.data(), y_sw);
}
return z;
@@ -56,22 +56,22 @@ BigInt operator-(const BigInt& x, const BigInt& y)
if(relative_size < 0)
{
if(x.sign() == y.sign())
- bigint_sub3(z.get_reg(), y.data(), y_sw, x.data(), x_sw);
+ bigint_sub3(z.data(), y.data(), y_sw, x.data(), x_sw);
else
- bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
+ bigint_add3(z.data(), x.data(), x_sw, y.data(), y_sw);
z.set_sign(y.reverse_sign());
}
else if(relative_size == 0)
{
if(x.sign() != y.sign())
- bigint_shl2(z.get_reg(), x.data(), x_sw, 0, 1);
+ bigint_shl2(z.data(), x.data(), x_sw, 0, 1);
}
else if(relative_size > 0)
{
if(x.sign() == y.sign())
- bigint_sub3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
+ bigint_sub3(z.data(), x.data(), x_sw, y.data(), y_sw);
else
- bigint_add3(z.get_reg(), x.data(), x_sw, y.data(), y_sw);
+ bigint_add3(z.data(), x.data(), x_sw, y.data(), y_sw);
z.set_sign(x.sign());
}
return z;
@@ -87,13 +87,13 @@ BigInt operator*(const BigInt& x, const BigInt& y)
BigInt z(BigInt::Positive, x.size() + y.size());
if(x_sw == 1 && y_sw)
- bigint_linmul3(z.get_reg(), y.data(), y_sw, x.word_at(0));
+ bigint_linmul3(z.data(), y.data(), y_sw, x.word_at(0));
else if(y_sw == 1 && x_sw)
- bigint_linmul3(z.get_reg(), x.data(), x_sw, y.word_at(0));
+ bigint_linmul3(z.data(), x.data(), x_sw, y.word_at(0));
else if(x_sw && y_sw)
{
- SecureVector<word> workspace(z.size());
- bigint_mul(z.get_reg(), z.size(), workspace,
+ secure_vector<word> workspace(z.size());
+ bigint_mul(z.data(), z.size(), &workspace[0],
x.data(), x.size(), x_sw,
y.data(), y.size(), y_sw);
}
@@ -164,7 +164,7 @@ BigInt operator<<(const BigInt& x, size_t shift)
const size_t x_sw = x.sig_words();
BigInt y(x.sign(), x_sw + shift_words + (shift_bits ? 1 : 0));
- bigint_shl2(y.get_reg(), x.data(), x_sw, shift_words, shift_bits);
+ bigint_shl2(y.data(), x.data(), x_sw, shift_words, shift_bits);
return y;
}
@@ -183,7 +183,7 @@ BigInt operator>>(const BigInt& x, size_t shift)
x_sw = x.sig_words();
BigInt y(x.sign(), x_sw - shift_words);
- bigint_shr2(y.get_reg(), x.data(), x_sw, shift_words, shift_bits);
+ bigint_shr2(y.data(), x.data(), x_sw, shift_words, shift_bits);
return y;
}
diff --git a/src/math/bigint/big_rand.cpp b/src/math/bigint/big_rand.cpp
index 7cddb2de0..a6776a296 100644
--- a/src/math/bigint/big_rand.cpp
+++ b/src/math/bigint/big_rand.cpp
@@ -35,7 +35,7 @@ void BigInt::randomize(RandomNumberGenerator& rng,
clear();
else
{
- SecureVector<byte> array = rng.random_vec((bitsize + 7) / 8);
+ secure_vector<byte> array = rng.random_vec((bitsize + 7) / 8);
if(bitsize % 8)
array[0] &= 0xFF >> (8 - (bitsize % 8));
diff --git a/src/math/bigint/bigint.cpp b/src/math/bigint/bigint.cpp
index df4414aba..5029c01f8 100644
--- a/src/math/bigint/bigint.cpp
+++ b/src/math/bigint/bigint.cpp
@@ -345,12 +345,4 @@ void BigInt::binary_decode(const byte buf[], size_t length)
reg[length / WORD_BYTES] = (reg[length / WORD_BYTES] << 8) | buf[i];
}
-/*
-* Set this number to the value in buf
-*/
-void BigInt::binary_decode(const MemoryRegion<byte>& buf)
- {
- binary_decode(buf, buf.size());
- }
-
}
diff --git a/src/math/bigint/bigint.h b/src/math/bigint/bigint.h
index 57aa84528..98b98bd6f 100644
--- a/src/math/bigint/bigint.h
+++ b/src/math/bigint/bigint.h
@@ -314,22 +314,29 @@ class BOTAN_DLL BigInt
* @result a pointer to the start of the internal register of
* the integer value
*/
+ word* data() { return &reg[0]; }
+
+ /**
+ * Return a pointer to the big integer word register
+ * @result a pointer to the start of the internal register of
+ * the integer value
+ */
const word* data() const { return &reg[0]; }
/**
* return a reference to the internal register containing the value
- * @result a reference to the word-array (SecureVector<word>)
+ * @result a reference to the word-array (secure_vector<word>)
* with the internal register value (containing the integer
* value)
*/
- SecureVector<word>& get_reg() { return reg; }
+ secure_vector<word>& get_reg() { return reg; }
/**
* return a const reference to the internal register containing the value
- * @result a const reference to the word-array (SecureVector<word>)
+ * @result a const reference to the word-array (secure_vector<word>)
* with the internal register value (containing the integer value)
*/
- const SecureVector<word>& get_reg() const { return reg; }
+ const secure_vector<word>& get_reg() const { return reg; }
/**
* Assign using a plain word array
@@ -369,10 +376,13 @@ class BOTAN_DLL BigInt
void binary_decode(const byte buf[], size_t length);
/**
- * Read integer value from a byte array (MemoryRegion<byte>)
+ * Read integer value from a byte array (secure_vector<byte>)
* @param buf the array to load from
*/
- void binary_decode(const MemoryRegion<byte>& buf);
+ void binary_decode(const secure_vector<byte>& buf)
+ {
+ binary_decode(&buf[0], buf.size());
+ }
/**
* @param base the base to measure the size for
@@ -391,12 +401,21 @@ class BOTAN_DLL BigInt
const BigInt& max);
/**
- * Encode the integer value from a BigInt to a SecureVector of bytes
+ * Encode the integer value from a BigInt to a std::vector of bytes
+ * @param n the BigInt to use as integer source
+ * @param base number-base of resulting byte array representation
+ * @result secure_vector of bytes containing the integer with given base
+ */
+ static std::vector<byte> encode(const BigInt& n, Base base = Binary);
+
+ /**
+ * Encode the integer value from a BigInt to a secure_vector of bytes
* @param n the BigInt to use as integer source
* @param base number-base of resulting byte array representation
- * @result SecureVector of bytes containing the integer with given base
+ * @result secure_vector of bytes containing the integer with given base
*/
- static SecureVector<byte> encode(const BigInt& n, Base base = Binary);
+ static secure_vector<byte> encode_locked(const BigInt& n,
+ Base base = Binary);
/**
* Encode the integer value from a BigInt to a byte array
@@ -423,16 +442,31 @@ class BOTAN_DLL BigInt
* @param base number-base of the integer in buf
* @result BigInt representing the integer in the byte array
*/
- static BigInt decode(const MemoryRegion<byte>& buf,
- Base base = Binary);
+ static BigInt decode(const secure_vector<byte>& buf,
+ Base base = Binary)
+ {
+ return BigInt::decode(&buf[0], buf.size(), base);
+ }
+
+ /**
+ * Create a BigInt from an integer in a byte array
+ * @param buf the binary value to load
+ * @param base number-base of the integer in buf
+ * @result BigInt representing the integer in the byte array
+ */
+ static BigInt decode(const std::vector<byte>& buf,
+ Base base = Binary)
+ {
+ return BigInt::decode(&buf[0], buf.size(), base);
+ }
/**
* Encode a BigInt to a byte array according to IEEE 1363
* @param n the BigInt to encode
- * @param bytes the length of the resulting SecureVector<byte>
- * @result a SecureVector<byte> containing the encoded BigInt
+ * @param bytes the length of the resulting secure_vector<byte>
+ * @result a secure_vector<byte> containing the encoded BigInt
*/
- static SecureVector<byte> encode_1363(const BigInt& n, size_t bytes);
+ static secure_vector<byte> encode_1363(const BigInt& n, size_t bytes);
/**
* Swap this value with another
@@ -528,7 +562,7 @@ class BOTAN_DLL BigInt
*/
BigInt& operator=(const BigInt&) = default;
private:
- SecureVector<word> reg;
+ secure_vector<word> reg;
Sign signedness;
};
diff --git a/src/math/ec_gfp/point_gfp.cpp b/src/math/ec_gfp/point_gfp.cpp
index 7ac6b4141..ec6fed4a1 100644
--- a/src/math/ec_gfp/point_gfp.cpp
+++ b/src/math/ec_gfp/point_gfp.cpp
@@ -45,7 +45,7 @@ void PointGFp::monty_mult(BigInt& z, const BigInt& x, const BigInt& y) const
const size_t p_size = curve.get_p_words();
const word p_dash = curve.get_p_dash();
- SecureVector<word>& z_reg = z.get_reg();
+ secure_vector<word>& z_reg = z.get_reg();
z_reg.resize(2*p_size+1);
zeroise(z_reg);
@@ -71,7 +71,7 @@ void PointGFp::monty_sqr(BigInt& z, const BigInt& x) const
const size_t p_size = curve.get_p_words();
const word p_dash = curve.get_p_dash();
- SecureVector<word>& z_reg = z.get_reg();
+ secure_vector<word>& z_reg = z.get_reg();
z_reg.resize(2*p_size+1);
zeroise(z_reg);
@@ -479,22 +479,22 @@ bool PointGFp::operator==(const PointGFp& other) const
}
// encoding and decoding
-SecureVector<byte> EC2OSP(const PointGFp& point, byte format)
+secure_vector<byte> EC2OSP(const PointGFp& point, byte format)
{
if(point.is_zero())
- return SecureVector<byte>(1); // single 0 byte
+ return secure_vector<byte>(1); // single 0 byte
const size_t p_bytes = point.get_curve().get_p().bytes();
BigInt x = point.get_affine_x();
BigInt y = point.get_affine_y();
- SecureVector<byte> bX = BigInt::encode_1363(x, p_bytes);
- SecureVector<byte> bY = BigInt::encode_1363(y, p_bytes);
+ secure_vector<byte> bX = BigInt::encode_1363(x, p_bytes);
+ secure_vector<byte> bY = BigInt::encode_1363(y, p_bytes);
if(format == PointGFp::UNCOMPRESSED)
{
- SecureVector<byte> result;
+ secure_vector<byte> result;
result.push_back(0x04);
result += bX;
@@ -504,7 +504,7 @@ SecureVector<byte> EC2OSP(const PointGFp& point, byte format)
}
else if(format == PointGFp::COMPRESSED)
{
- SecureVector<byte> result;
+ secure_vector<byte> result;
result.push_back(0x02 | static_cast<byte>(y.get_bit(0)));
result += bX;
@@ -513,7 +513,7 @@ SecureVector<byte> EC2OSP(const PointGFp& point, byte format)
}
else if(format == PointGFp::HYBRID)
{
- SecureVector<byte> result;
+ secure_vector<byte> result;
result.push_back(0x06 | static_cast<byte>(y.get_bit(0)));
result += bX;
diff --git a/src/math/ec_gfp/point_gfp.h b/src/math/ec_gfp/point_gfp.h
index 546a8dd6f..017f66e1c 100644
--- a/src/math/ec_gfp/point_gfp.h
+++ b/src/math/ec_gfp/point_gfp.h
@@ -245,7 +245,7 @@ class BOTAN_DLL PointGFp
CurveGFp curve;
BigInt coord_x, coord_y, coord_z;
- mutable SecureVector<word> ws; // workspace for Montgomery
+ mutable secure_vector<word> ws; // workspace for Montgomery
};
// relational operators
@@ -278,12 +278,13 @@ inline PointGFp operator*(const PointGFp& point, const BigInt& scalar)
}
// encoding and decoding
-SecureVector<byte> BOTAN_DLL EC2OSP(const PointGFp& point, byte format);
+secure_vector<byte> BOTAN_DLL EC2OSP(const PointGFp& point, byte format);
PointGFp BOTAN_DLL OS2ECP(const byte data[], size_t data_len,
const CurveGFp& curve);
-inline PointGFp OS2ECP(const MemoryRegion<byte>& data, const CurveGFp& curve)
+template<typename Alloc>
+PointGFp OS2ECP(const std::vector<byte, Alloc>& data, const CurveGFp& curve)
{ return OS2ECP(&data[0], data.size(), curve); }
}
diff --git a/src/math/numbertheory/dsa_gen.cpp b/src/math/numbertheory/dsa_gen.cpp
index 612370804..d30a08f1a 100644
--- a/src/math/numbertheory/dsa_gen.cpp
+++ b/src/math/numbertheory/dsa_gen.cpp
@@ -42,7 +42,7 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
Algorithm_Factory& af,
BigInt& p, BigInt& q,
size_t pbits, size_t qbits,
- const MemoryRegion<byte>& seed_c)
+ const std::vector<byte>& seed_c)
{
if(!fips186_3_valid_size(pbits, qbits))
throw Invalid_Argument(
@@ -62,9 +62,9 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
class Seed
{
public:
- Seed(const MemoryRegion<byte>& s) : seed(s) {}
+ Seed(const std::vector<byte>& s) : seed(s) {}
- operator MemoryRegion<byte>& () { return seed; }
+ operator std::vector<byte>& () { return seed; }
Seed& operator++()
{
@@ -74,7 +74,7 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
return (*this);
}
private:
- SecureVector<byte> seed;
+ std::vector<byte> seed;
};
Seed seed(seed_c);
@@ -90,7 +90,7 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
b = (pbits-1) % (HASH_SIZE * 8);
BigInt X;
- SecureVector<byte> V(HASH_SIZE * (n+1));
+ std::vector<byte> V(HASH_SIZE * (n+1));
for(size_t j = 0; j != 4096; ++j)
{
@@ -116,14 +116,15 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
/*
* Generate DSA Primes
*/
-SecureVector<byte> generate_dsa_primes(RandomNumberGenerator& rng,
- Algorithm_Factory& af,
- BigInt& p, BigInt& q,
- size_t pbits, size_t qbits)
+std::vector<byte> generate_dsa_primes(RandomNumberGenerator& rng,
+ Algorithm_Factory& af,
+ BigInt& p, BigInt& q,
+ size_t pbits, size_t qbits)
{
while(true)
{
- SecureVector<byte> seed = rng.random_vec(qbits / 8);
+ std::vector<byte> seed(qbits / 8);
+ rng.randomize(&seed[0], seed.size());
if(generate_dsa_primes(rng, af, p, q, pbits, qbits, seed))
return seed;
diff --git a/src/math/numbertheory/make_prm.cpp b/src/math/numbertheory/make_prm.cpp
index 1e8d11000..dc94420ab 100644
--- a/src/math/numbertheory/make_prm.cpp
+++ b/src/math/numbertheory/make_prm.cpp
@@ -48,7 +48,7 @@ BigInt random_prime(RandomNumberGenerator& rng,
p += (modulo - p % modulo) + equiv;
const size_t sieve_size = std::min(bits / 2, PRIME_TABLE_SIZE);
- SecureVector<size_t> sieve(sieve_size);
+ secure_vector<u16bit> sieve(sieve_size);
for(size_t j = 0; j != sieve.size(); ++j)
sieve[j] = p % PRIMES[j];
diff --git a/src/math/numbertheory/mp_numth.cpp b/src/math/numbertheory/mp_numth.cpp
index 23623b5f0..b10fe2639 100644
--- a/src/math/numbertheory/mp_numth.cpp
+++ b/src/math/numbertheory/mp_numth.cpp
@@ -20,9 +20,9 @@ BigInt square(const BigInt& x)
const size_t x_sw = x.sig_words();
BigInt z(BigInt::Positive, round_up<size_t>(2*x_sw, 16));
- SecureVector<word> workspace(z.size());
+ secure_vector<word> workspace(z.size());
- bigint_sqr(z.get_reg(), z.size(), workspace,
+ bigint_sqr(z.data(), z.size(), &workspace[0],
x.data(), x.size(), x_sw);
return z;
}
@@ -44,13 +44,13 @@ BigInt mul_add(const BigInt& a, const BigInt& b, const BigInt& c)
const size_t c_sw = c.sig_words();
BigInt r(sign, std::max(a.size() + b.size(), c_sw) + 1);
- SecureVector<word> workspace(r.size());
+ secure_vector<word> workspace(r.size());
- bigint_mul(r.get_reg(), r.size(), workspace,
+ bigint_mul(r.data(), r.size(), &workspace[0],
a.data(), a.size(), a_sw,
b.data(), b.size(), b_sw);
const size_t r_size = std::max(r.sig_words(), c_sw);
- bigint_add2(r.get_reg(), r_size, c.data(), c_sw);
+ bigint_add2(r.data(), r_size, c.data(), c_sw);
return r;
}
diff --git a/src/math/numbertheory/numthry.h b/src/math/numbertheory/numthry.h
index 750fbc78e..d21635f34 100644
--- a/src/math/numbertheory/numthry.h
+++ b/src/math/numbertheory/numthry.h
@@ -189,7 +189,7 @@ class Algorithm_Factory;
* @param qbits how long q will be in bits
* @return random seed used to generate this parameter set
*/
-SecureVector<byte> BOTAN_DLL
+std::vector<byte> BOTAN_DLL
generate_dsa_primes(RandomNumberGenerator& rng,
Algorithm_Factory& af,
BigInt& p_out, BigInt& q_out,
@@ -212,7 +212,7 @@ generate_dsa_primes(RandomNumberGenerator& rng,
Algorithm_Factory& af,
BigInt& p_out, BigInt& q_out,
size_t pbits, size_t qbits,
- const MemoryRegion<byte>& seed);
+ const std::vector<byte>& seed);
/**
* The size of the PRIMES[] array
diff --git a/src/math/numbertheory/powm_mnt.cpp b/src/math/numbertheory/powm_mnt.cpp
index 8993f4ba9..0db5455a7 100644
--- a/src/math/numbertheory/powm_mnt.cpp
+++ b/src/math/numbertheory/powm_mnt.cpp
@@ -29,8 +29,8 @@ void Montgomery_Exponentiator::set_base(const BigInt& base)
g.resize((1 << window_bits) - 1);
- SecureVector<word> z(2 * (mod_words + 1));
- SecureVector<word> workspace(z.size());
+ secure_vector<word> z(2 * (mod_words + 1));
+ secure_vector<word> workspace(z.size());
g[0] = (base >= modulus) ? (base % modulus) : base;
@@ -69,8 +69,8 @@ BigInt Montgomery_Exponentiator::execute() const
const size_t exp_nibbles = (exp_bits + window_bits - 1) / window_bits;
BigInt x = R_mod;
- SecureVector<word> z(2 * (mod_words + 1));
- SecureVector<word> workspace(2 * (mod_words + 1));
+ secure_vector<word> z(2 * (mod_words + 1));
+ secure_vector<word> workspace(2 * (mod_words + 1));
for(size_t i = exp_nibbles; i > 0; --i)
{
diff --git a/src/passhash/bcrypt/bcrypt.cpp b/src/passhash/bcrypt/bcrypt.cpp
index b0d654717..eeb99399f 100644
--- a/src/passhash/bcrypt/bcrypt.cpp
+++ b/src/passhash/bcrypt/bcrypt.cpp
@@ -54,7 +54,7 @@ std::string bcrypt_base64_encode(const byte input[], size_t length)
return b64;
}
-MemoryVector<byte> bcrypt_base64_decode(std::string input)
+std::vector<byte> bcrypt_base64_decode(std::string input)
{
const byte OPENBSD_BASE64_SUB[256] = {
0x00, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80,
@@ -84,11 +84,11 @@ MemoryVector<byte> bcrypt_base64_decode(std::string input)
for(size_t i = 0; i != input.size(); ++i)
input[i] = OPENBSD_BASE64_SUB[static_cast<byte>(input[i])];
- return base64_decode(input);
+ return unlock(base64_decode(input));
}
std::string make_bcrypt(const std::string& pass,
- const MemoryRegion<byte>& salt,
+ const std::vector<byte>& salt,
u16bit work_factor)
{
const byte magic[24] = {
@@ -97,14 +97,14 @@ std::string make_bcrypt(const std::string& pass,
0x63, 0x72, 0x79, 0x44, 0x6F, 0x75, 0x62, 0x74
};
- MemoryVector<byte> ctext(magic, 24);
+ std::vector<byte> ctext(magic, magic + sizeof(magic));
Blowfish blowfish;
// Include the trailing NULL byte
blowfish.eks_key_schedule(reinterpret_cast<const byte*>(pass.c_str()),
pass.length() + 1,
- salt,
+ &salt[0],
work_factor);
for(size_t i = 0; i != 64; ++i)
@@ -127,7 +127,7 @@ std::string generate_bcrypt(const std::string& pass,
RandomNumberGenerator& rng,
u16bit work_factor)
{
- return make_bcrypt(pass, rng.random_vec(16), work_factor);
+ return make_bcrypt(pass, unlock(rng.random_vec(16)), work_factor);
}
bool check_bcrypt(const std::string& pass, const std::string& hash)
@@ -141,7 +141,7 @@ bool check_bcrypt(const std::string& pass, const std::string& hash)
const u16bit workfactor = to_u32bit(hash.substr(4, 2));
- MemoryVector<byte> salt = bcrypt_base64_decode(hash.substr(7, 22));
+ std::vector<byte> salt = bcrypt_base64_decode(hash.substr(7, 22));
const std::string compare = make_bcrypt(pass, salt, workfactor);
diff --git a/src/passhash/passhash9/passhash9.cpp b/src/passhash/passhash9/passhash9.cpp
index 43bfdd36e..cbfe668f1 100644
--- a/src/passhash/passhash9/passhash9.cpp
+++ b/src/passhash/passhash9/passhash9.cpp
@@ -59,12 +59,12 @@ std::string generate_passhash9(const std::string& pass,
PKCS5_PBKDF2 kdf(prf); // takes ownership of pointer
- SecureVector<byte> salt(SALT_BYTES);
+ secure_vector<byte> salt(SALT_BYTES);
rng.randomize(&salt[0], salt.size());
const size_t kdf_iterations = WORK_FACTOR_SCALE * work_factor;
- SecureVector<byte> pbkdf2_output =
+ secure_vector<byte> pbkdf2_output =
kdf.derive_key(PASSHASH9_PBKDF_OUTPUT_LEN,
pass,
&salt[0], salt.size(),
@@ -105,7 +105,7 @@ bool check_passhash9(const std::string& pass, const std::string& hash)
pipe.write(hash.c_str() + MAGIC_PREFIX.size());
pipe.end_msg();
- SecureVector<byte> bin = pipe.read_all();
+ secure_vector<byte> bin = pipe.read_all();
if(bin.size() != BINARY_LENGTH)
return false;
@@ -125,7 +125,7 @@ bool check_passhash9(const std::string& pass, const std::string& hash)
PKCS5_PBKDF2 kdf(pbkdf_prf); // takes ownership of pointer
- SecureVector<byte> cmp = kdf.derive_key(
+ secure_vector<byte> cmp = kdf.derive_key(
PASSHASH9_PBKDF_OUTPUT_LEN,
pass,
&bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES,
diff --git a/src/pbe/pbe.h b/src/pbe/pbe.h
index 9add98872..975f3e6c7 100644
--- a/src/pbe/pbe.h
+++ b/src/pbe/pbe.h
@@ -37,7 +37,7 @@ class BOTAN_DLL PBE : public Filter
* DER encode the params (the number of iterations and the salt value)
* @return encoded params
*/
- virtual MemoryVector<byte> encode_params() const = 0;
+ virtual std::vector<byte> encode_params() const = 0;
/**
* Decode params and use them inside this Filter.
diff --git a/src/pbe/pbes1/pbes1.cpp b/src/pbe/pbes1/pbes1.cpp
index ec5ebb253..0e5e8284c 100644
--- a/src/pbe/pbes1/pbes1.cpp
+++ b/src/pbe/pbes1/pbes1.cpp
@@ -65,7 +65,7 @@ void PBE_PKCS5v15::flush_pipe(bool safe_to_skip)
if(safe_to_skip && pipe.remaining() < 64)
return;
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(pipe.remaining())
{
size_t got = pipe.read(&buffer[0], buffer.size());
@@ -80,7 +80,7 @@ void PBE_PKCS5v15::set_key(const std::string& passphrase)
{
PKCS5_PBKDF1 pbkdf(hash_function->clone());
- SecureVector<byte> key_and_iv = pbkdf.derive_key(16, passphrase,
+ secure_vector<byte> key_and_iv = pbkdf.derive_key(16, passphrase,
&salt[0], salt.size(),
iterations).bits_of();
@@ -102,14 +102,14 @@ void PBE_PKCS5v15::new_params(RandomNumberGenerator& rng)
/*
* Encode PKCS#5 PBES1 parameters
*/
-MemoryVector<byte> PBE_PKCS5v15::encode_params() const
+std::vector<byte> PBE_PKCS5v15::encode_params() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(salt, OCTET_STRING)
.encode(iterations)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
diff --git a/src/pbe/pbes1/pbes1.h b/src/pbe/pbes1/pbes1.h
index e10cbbb53..bbdbd5b9d 100644
--- a/src/pbe/pbes1/pbes1.h
+++ b/src/pbe/pbes1/pbes1.h
@@ -40,7 +40,7 @@ class BOTAN_DLL PBE_PKCS5v15 : public PBE
private:
void set_key(const std::string&);
void new_params(RandomNumberGenerator& rng);
- MemoryVector<byte> encode_params() const;
+ std::vector<byte> encode_params() const;
void decode_params(DataSource&);
OID get_oid() const;
@@ -50,7 +50,7 @@ class BOTAN_DLL PBE_PKCS5v15 : public PBE
BlockCipher* block_cipher;
HashFunction* hash_function;
- SecureVector<byte> salt, key, iv;
+ secure_vector<byte> salt, key, iv;
size_t iterations;
Pipe pipe;
};
diff --git a/src/pbe/pbes2/pbes2.cpp b/src/pbe/pbes2/pbes2.cpp
index 85afe6ffe..384fc3d90 100644
--- a/src/pbe/pbes2/pbes2.cpp
+++ b/src/pbe/pbes2/pbes2.cpp
@@ -72,7 +72,7 @@ void PBE_PKCS5v20::flush_pipe(bool safe_to_skip)
if(safe_to_skip && pipe.remaining() < 64)
return;
- SecureVector<byte> buffer(DEFAULT_BUFFERSIZE);
+ secure_vector<byte> buffer(DEFAULT_BUFFERSIZE);
while(pipe.remaining())
{
size_t got = pipe.read(&buffer[0], buffer.size());
@@ -107,7 +107,7 @@ void PBE_PKCS5v20::new_params(RandomNumberGenerator& rng)
/*
* Encode PKCS#5 PBES2 parameters
*/
-MemoryVector<byte> PBE_PKCS5v20::encode_params() const
+std::vector<byte> PBE_PKCS5v20::encode_params() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -119,18 +119,18 @@ MemoryVector<byte> PBE_PKCS5v20::encode_params() const
.encode(iterations)
.encode(key_length)
.end_cons()
- .get_contents()
+ .get_contents_unlocked()
)
)
.encode(
AlgorithmIdentifier(block_cipher->name() + "/CBC",
DER_Encoder()
.encode(iv, OCTET_STRING)
- .get_contents()
+ .get_contents_unlocked()
)
)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
diff --git a/src/pbe/pbes2/pbes2.h b/src/pbe/pbes2/pbes2.h
index 7b82980e5..5593c9091 100644
--- a/src/pbe/pbes2/pbes2.h
+++ b/src/pbe/pbes2/pbes2.h
@@ -49,7 +49,7 @@ class BOTAN_DLL PBE_PKCS5v20 : public PBE
private:
void set_key(const std::string&);
void new_params(RandomNumberGenerator& rng);
- MemoryVector<byte> encode_params() const;
+ std::vector<byte> encode_params() const;
void decode_params(DataSource&);
OID get_oid() const;
@@ -58,7 +58,7 @@ class BOTAN_DLL PBE_PKCS5v20 : public PBE
Cipher_Dir direction;
BlockCipher* block_cipher;
HashFunction* hash_function;
- SecureVector<byte> salt, key, iv;
+ secure_vector<byte> salt, key, iv;
size_t iterations, key_length;
Pipe pipe;
};
diff --git a/src/pbkdf/pbkdf1/pbkdf1.cpp b/src/pbkdf/pbkdf1/pbkdf1.cpp
index 16de435e9..7f0939b8f 100644
--- a/src/pbkdf/pbkdf1/pbkdf1.cpp
+++ b/src/pbkdf/pbkdf1/pbkdf1.cpp
@@ -26,7 +26,7 @@ OctetString PKCS5_PBKDF1::derive_key(size_t key_len,
hash->update(passphrase);
hash->update(salt, salt_size);
- SecureVector<byte> key = hash->final();
+ secure_vector<byte> key = hash->final();
for(size_t j = 1; j != iterations; ++j)
{
diff --git a/src/pbkdf/pbkdf2/pbkdf2.cpp b/src/pbkdf/pbkdf2/pbkdf2.cpp
index 39d53d417..699ce7c6b 100644
--- a/src/pbkdf/pbkdf2/pbkdf2.cpp
+++ b/src/pbkdf/pbkdf2/pbkdf2.cpp
@@ -33,11 +33,11 @@ OctetString PKCS5_PBKDF2::derive_key(size_t key_len,
std::to_string(passphrase.length()));
}
- SecureVector<byte> key(key_len);
+ secure_vector<byte> key(key_len);
byte* T = &key[0];
- SecureVector<byte> U(mac->output_length());
+ secure_vector<byte> U(mac->output_length());
u32bit counter = 1;
while(key_len)
@@ -48,13 +48,13 @@ OctetString PKCS5_PBKDF2::derive_key(size_t key_len,
mac->update_be(counter);
mac->final(&U[0]);
- xor_buf(T, U, T_size);
+ xor_buf(T, &U[0], T_size);
for(size_t j = 1; j != iterations; ++j)
{
mac->update(U);
mac->final(&U[0]);
- xor_buf(T, U, T_size);
+ xor_buf(T, &U[0], T_size);
}
key_len -= T_size;
diff --git a/src/pbkdf/pgps2k/pgp_s2k.cpp b/src/pbkdf/pgps2k/pgp_s2k.cpp
index 4ee4c6bd9..6f6de58e2 100644
--- a/src/pbkdf/pgps2k/pgp_s2k.cpp
+++ b/src/pbkdf/pgps2k/pgp_s2k.cpp
@@ -17,7 +17,7 @@ OctetString OpenPGP_S2K::derive_key(size_t key_len,
const byte salt_buf[], size_t salt_size,
size_t iterations) const
{
- SecureVector<byte> key(key_len), hash_buf;
+ secure_vector<byte> key(key_len), hash_buf;
size_t pass = 0, generated = 0,
total_size = passphrase.size() + salt_size;
diff --git a/src/pk_pad/eme.cpp b/src/pk_pad/eme.cpp
index cfdaa240d..f90239d8c 100644
--- a/src/pk_pad/eme.cpp
+++ b/src/pk_pad/eme.cpp
@@ -12,7 +12,7 @@ namespace Botan {
/*
* Encode a message
*/
-SecureVector<byte> EME::encode(const byte msg[], size_t msg_len,
+secure_vector<byte> EME::encode(const byte msg[], size_t msg_len,
size_t key_bits,
RandomNumberGenerator& rng) const
{
@@ -22,7 +22,7 @@ SecureVector<byte> EME::encode(const byte msg[], size_t msg_len,
/*
* Encode a message
*/
-SecureVector<byte> EME::encode(const MemoryRegion<byte>& msg,
+secure_vector<byte> EME::encode(const secure_vector<byte>& msg,
size_t key_bits,
RandomNumberGenerator& rng) const
{
@@ -32,7 +32,7 @@ SecureVector<byte> EME::encode(const MemoryRegion<byte>& msg,
/*
* Decode a message
*/
-SecureVector<byte> EME::decode(const byte msg[], size_t msg_len,
+secure_vector<byte> EME::decode(const byte msg[], size_t msg_len,
size_t key_bits) const
{
return unpad(msg, msg_len, key_bits);
@@ -41,7 +41,7 @@ SecureVector<byte> EME::decode(const byte msg[], size_t msg_len,
/*
* Decode a message
*/
-SecureVector<byte> EME::decode(const MemoryRegion<byte>& msg,
+secure_vector<byte> EME::decode(const secure_vector<byte>& msg,
size_t key_bits) const
{
return unpad(&msg[0], msg.size(), key_bits);
diff --git a/src/pk_pad/eme.h b/src/pk_pad/eme.h
index 4e89ef9d3..6f8acaa23 100644
--- a/src/pk_pad/eme.h
+++ b/src/pk_pad/eme.h
@@ -34,7 +34,7 @@ class BOTAN_DLL EME
* @param rng a random number generator
* @return encoded plaintext
*/
- SecureVector<byte> encode(const byte in[],
+ secure_vector<byte> encode(const byte in[],
size_t in_length,
size_t key_length,
RandomNumberGenerator& rng) const;
@@ -46,7 +46,7 @@ class BOTAN_DLL EME
* @param rng a random number generator
* @return encoded plaintext
*/
- SecureVector<byte> encode(const MemoryRegion<byte>& in,
+ secure_vector<byte> encode(const secure_vector<byte>& in,
size_t key_length,
RandomNumberGenerator& rng) const;
@@ -57,7 +57,7 @@ class BOTAN_DLL EME
* @param key_length length of the key in bits
* @return plaintext
*/
- SecureVector<byte> decode(const byte in[],
+ secure_vector<byte> decode(const byte in[],
size_t in_length,
size_t key_length) const;
@@ -67,7 +67,7 @@ class BOTAN_DLL EME
* @param key_length length of the key in bits
* @return plaintext
*/
- SecureVector<byte> decode(const MemoryRegion<byte>& in,
+ secure_vector<byte> decode(const secure_vector<byte>& in,
size_t key_length) const;
virtual ~EME() {}
@@ -80,7 +80,7 @@ class BOTAN_DLL EME
* @param rng a random number generator
* @return encoded plaintext
*/
- virtual SecureVector<byte> pad(const byte in[],
+ virtual secure_vector<byte> pad(const byte in[],
size_t in_length,
size_t key_length,
RandomNumberGenerator& rng) const = 0;
@@ -92,7 +92,7 @@ class BOTAN_DLL EME
* @param key_length length of the key in bits
* @return plaintext
*/
- virtual SecureVector<byte> unpad(const byte in[],
+ virtual secure_vector<byte> unpad(const byte in[],
size_t in_length,
size_t key_length) const = 0;
};
diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp
index 69251605f..57275d4f9 100644
--- a/src/pk_pad/eme1/eme1.cpp
+++ b/src/pk_pad/eme1/eme1.cpp
@@ -15,7 +15,7 @@ namespace Botan {
/*
* EME1 Pad Operation
*/
-SecureVector<byte> EME1::pad(const byte in[], size_t in_length,
+secure_vector<byte> EME1::pad(const byte in[], size_t in_length,
size_t key_length,
RandomNumberGenerator& rng) const
{
@@ -24,7 +24,7 @@ SecureVector<byte> EME1::pad(const byte in[], size_t in_length,
if(in_length > key_length - 2*Phash.size() - 1)
throw Invalid_Argument("EME1: Input is too large");
- SecureVector<byte> out(key_length);
+ secure_vector<byte> out(key_length);
rng.randomize(&out[0], Phash.size());
@@ -44,7 +44,7 @@ SecureVector<byte> EME1::pad(const byte in[], size_t in_length,
/*
* EME1 Unpad Operation
*/
-SecureVector<byte> EME1::unpad(const byte in[], size_t in_length,
+secure_vector<byte> EME1::unpad(const byte in[], size_t in_length,
size_t key_length) const
{
/*
@@ -65,7 +65,7 @@ SecureVector<byte> EME1::unpad(const byte in[], size_t in_length,
if(in_length > key_length)
in_length = 0;
- SecureVector<byte> input(key_length);
+ secure_vector<byte> input(key_length);
buffer_insert(input, key_length - in_length, in, in_length);
mgf->mask(&input[Phash.size()], input.size() - Phash.size(),
@@ -104,8 +104,7 @@ SecureVector<byte> EME1::unpad(const byte in[], size_t in_length,
if(bad_input)
throw Decoding_Error("Invalid EME1 encoding");
- return SecureVector<byte>(input + delim_idx + 1,
- input.size() - delim_idx - 1);
+ return secure_vector<byte>(&input[delim_idx + 1], &input[input.size()]);
}
/*
diff --git a/src/pk_pad/eme1/eme1.h b/src/pk_pad/eme1/eme1.h
index 0d0223de0..eb6fc6bf5 100644
--- a/src/pk_pad/eme1/eme1.h
+++ b/src/pk_pad/eme1/eme1.h
@@ -30,11 +30,11 @@ class BOTAN_DLL EME1 : public EME
~EME1() { delete mgf; }
private:
- SecureVector<byte> pad(const byte[], size_t, size_t,
+ secure_vector<byte> pad(const byte[], size_t, size_t,
RandomNumberGenerator&) const;
- SecureVector<byte> unpad(const byte[], size_t, size_t) const;
+ secure_vector<byte> unpad(const byte[], size_t, size_t) const;
- SecureVector<byte> Phash;
+ secure_vector<byte> Phash;
MGF* mgf;
};
diff --git a/src/pk_pad/eme_pkcs/eme_pkcs.cpp b/src/pk_pad/eme_pkcs/eme_pkcs.cpp
index a217d6d03..0e7d1fc30 100644
--- a/src/pk_pad/eme_pkcs/eme_pkcs.cpp
+++ b/src/pk_pad/eme_pkcs/eme_pkcs.cpp
@@ -12,7 +12,7 @@ namespace Botan {
/*
* PKCS1 Pad Operation
*/
-SecureVector<byte> EME_PKCS1v15::pad(const byte in[], size_t inlen,
+secure_vector<byte> EME_PKCS1v15::pad(const byte in[], size_t inlen,
size_t olen,
RandomNumberGenerator& rng) const
{
@@ -23,7 +23,7 @@ SecureVector<byte> EME_PKCS1v15::pad(const byte in[], size_t inlen,
if(inlen > olen - 10)
throw Encoding_Error("PKCS1: Input is too large");
- SecureVector<byte> out(olen);
+ secure_vector<byte> out(olen);
out[0] = 0x02;
for(size_t j = 1; j != olen - inlen - 1; ++j)
@@ -37,7 +37,7 @@ SecureVector<byte> EME_PKCS1v15::pad(const byte in[], size_t inlen,
/*
* PKCS1 Unpad Operation
*/
-SecureVector<byte> EME_PKCS1v15::unpad(const byte in[], size_t inlen,
+secure_vector<byte> EME_PKCS1v15::unpad(const byte in[], size_t inlen,
size_t key_len) const
{
if(inlen != key_len / 8 || inlen < 10 || in[0] != 0x02)
@@ -53,7 +53,7 @@ SecureVector<byte> EME_PKCS1v15::unpad(const byte in[], size_t inlen,
if(seperator < 9)
throw Decoding_Error("PKCS1::unpad");
- return SecureVector<byte>(in + seperator + 1, inlen - seperator - 1);
+ return secure_vector<byte>(&in[seperator + 1], &in[inlen]);
}
/*
diff --git a/src/pk_pad/eme_pkcs/eme_pkcs.h b/src/pk_pad/eme_pkcs/eme_pkcs.h
index 4c4614bda..2808e18d6 100644
--- a/src/pk_pad/eme_pkcs/eme_pkcs.h
+++ b/src/pk_pad/eme_pkcs/eme_pkcs.h
@@ -20,9 +20,9 @@ class BOTAN_DLL EME_PKCS1v15 : public EME
public:
size_t maximum_input_size(size_t) const;
private:
- SecureVector<byte> pad(const byte[], size_t, size_t,
+ secure_vector<byte> pad(const byte[], size_t, size_t,
RandomNumberGenerator&) const;
- SecureVector<byte> unpad(const byte[], size_t, size_t) const;
+ secure_vector<byte> unpad(const byte[], size_t, size_t) const;
};
}
diff --git a/src/pk_pad/emsa.h b/src/pk_pad/emsa.h
index e943fc5eb..821ca782f 100644
--- a/src/pk_pad/emsa.h
+++ b/src/pk_pad/emsa.h
@@ -29,7 +29,7 @@ class BOTAN_DLL EMSA
/**
* @return raw hash
*/
- virtual SecureVector<byte> raw_data() = 0;
+ virtual secure_vector<byte> raw_data() = 0;
/**
* Return the encoding of a message
@@ -38,7 +38,7 @@ class BOTAN_DLL EMSA
* @param rng a random number generator
* @return encoded signature
*/
- virtual SecureVector<byte> encoding_of(const MemoryRegion<byte>& msg,
+ virtual secure_vector<byte> encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator& rng) = 0;
@@ -49,8 +49,8 @@ class BOTAN_DLL EMSA
* @param key_bits the size of the key in bits
* @return true if coded is a valid encoding of raw, otherwise false
*/
- virtual bool verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw,
+ virtual bool verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
size_t key_bits) = 0;
virtual ~EMSA() {}
};
diff --git a/src/pk_pad/emsa1/emsa1.cpp b/src/pk_pad/emsa1/emsa1.cpp
index ba861898a..7f9a1885f 100644
--- a/src/pk_pad/emsa1/emsa1.cpp
+++ b/src/pk_pad/emsa1/emsa1.cpp
@@ -11,7 +11,7 @@ namespace Botan {
namespace {
-SecureVector<byte> emsa1_encoding(const MemoryRegion<byte>& msg,
+secure_vector<byte> emsa1_encoding(const secure_vector<byte>& msg,
size_t output_bits)
{
if(8*msg.size() <= output_bits)
@@ -20,7 +20,7 @@ SecureVector<byte> emsa1_encoding(const MemoryRegion<byte>& msg,
size_t shift = 8*msg.size() - output_bits;
size_t byte_shift = shift / 8, bit_shift = shift % 8;
- SecureVector<byte> digest(msg.size() - byte_shift);
+ secure_vector<byte> digest(msg.size() - byte_shift);
for(size_t j = 0; j != msg.size() - byte_shift; ++j)
digest[j] = msg[j];
@@ -51,7 +51,7 @@ void EMSA1::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA1::raw_data()
+secure_vector<byte> EMSA1::raw_data()
{
return hash->final();
}
@@ -59,7 +59,7 @@ SecureVector<byte> EMSA1::raw_data()
/*
* EMSA1 Encode Operation
*/
-SecureVector<byte> EMSA1::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA1::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator&)
{
@@ -71,14 +71,14 @@ SecureVector<byte> EMSA1::encoding_of(const MemoryRegion<byte>& msg,
/*
* EMSA1 Decode/Verify Operation
*/
-bool EMSA1::verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw, size_t key_bits)
+bool EMSA1::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw, size_t key_bits)
{
try {
if(raw.size() != hash->output_length())
throw Encoding_Error("EMSA1::encoding_of: Invalid size for input");
- SecureVector<byte> our_coding = emsa1_encoding(raw, key_bits);
+ secure_vector<byte> our_coding = emsa1_encoding(raw, key_bits);
if(our_coding == coded) return true;
if(our_coding[0] != 0) return false;
diff --git a/src/pk_pad/emsa1/emsa1.h b/src/pk_pad/emsa1/emsa1.h
index 120cb0cd3..f84ca5ae7 100644
--- a/src/pk_pad/emsa1/emsa1.h
+++ b/src/pk_pad/emsa1/emsa1.h
@@ -32,12 +32,12 @@ class BOTAN_DLL EMSA1 : public EMSA
const HashFunction* hash_ptr() const { return hash; }
private:
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
HashFunction* hash;
diff --git a/src/pk_pad/emsa1_bsi/emsa1_bsi.cpp b/src/pk_pad/emsa1_bsi/emsa1_bsi.cpp
index bbcc5aae7..9096edfbf 100644
--- a/src/pk_pad/emsa1_bsi/emsa1_bsi.cpp
+++ b/src/pk_pad/emsa1_bsi/emsa1_bsi.cpp
@@ -13,7 +13,7 @@ namespace Botan {
/*
* EMSA1 BSI Encode Operation
*/
-SecureVector<byte> EMSA1_BSI::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA1_BSI::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator&)
{
diff --git a/src/pk_pad/emsa1_bsi/emsa1_bsi.h b/src/pk_pad/emsa1_bsi/emsa1_bsi.h
index 51ed6bc00..1b90f48df 100644
--- a/src/pk_pad/emsa1_bsi/emsa1_bsi.h
+++ b/src/pk_pad/emsa1_bsi/emsa1_bsi.h
@@ -26,7 +26,7 @@ class BOTAN_DLL EMSA1_BSI : public EMSA1
*/
EMSA1_BSI(HashFunction* hash) : EMSA1(hash) {}
private:
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
};
diff --git a/src/pk_pad/emsa2/emsa2.cpp b/src/pk_pad/emsa2/emsa2.cpp
index 50ea7dbe3..d299ddacd 100644
--- a/src/pk_pad/emsa2/emsa2.cpp
+++ b/src/pk_pad/emsa2/emsa2.cpp
@@ -15,9 +15,9 @@ namespace {
/*
* EMSA2 Encode Operation
*/
-SecureVector<byte> emsa2_encoding(const MemoryRegion<byte>& msg,
+secure_vector<byte> emsa2_encoding(const secure_vector<byte>& msg,
size_t output_bits,
- const MemoryRegion<byte>& empty_hash,
+ const secure_vector<byte>& empty_hash,
byte hash_id)
{
const size_t HASH_SIZE = empty_hash.size();
@@ -34,7 +34,7 @@ SecureVector<byte> emsa2_encoding(const MemoryRegion<byte>& msg,
if(empty_hash[j] != msg[j])
empty = false;
- SecureVector<byte> output(output_length);
+ secure_vector<byte> output(output_length);
output[0] = (empty ? 0x4B : 0x6B);
output[output_length - 3 - HASH_SIZE] = 0xBA;
@@ -59,7 +59,7 @@ void EMSA2::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA2::raw_data()
+secure_vector<byte> EMSA2::raw_data()
{
return hash->final();
}
@@ -67,7 +67,7 @@ SecureVector<byte> EMSA2::raw_data()
/*
* EMSA2 Encode Operation
*/
-SecureVector<byte> EMSA2::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA2::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator&)
{
@@ -77,8 +77,8 @@ SecureVector<byte> EMSA2::encoding_of(const MemoryRegion<byte>& msg,
/*
* EMSA2 Verify Operation
*/
-bool EMSA2::verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw,
+bool EMSA2::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
size_t key_bits)
{
try
diff --git a/src/pk_pad/emsa2/emsa2.h b/src/pk_pad/emsa2/emsa2.h
index 9e0fa6a95..fb0cecb21 100644
--- a/src/pk_pad/emsa2/emsa2.h
+++ b/src/pk_pad/emsa2/emsa2.h
@@ -27,15 +27,15 @@ class BOTAN_DLL EMSA2 : public EMSA
~EMSA2() { delete hash; }
private:
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
- SecureVector<byte> empty_hash;
+ secure_vector<byte> empty_hash;
HashFunction* hash;
byte hash_id;
};
diff --git a/src/pk_pad/emsa3/emsa3.cpp b/src/pk_pad/emsa3/emsa3.cpp
index 6532bafd4..493140a63 100644
--- a/src/pk_pad/emsa3/emsa3.cpp
+++ b/src/pk_pad/emsa3/emsa3.cpp
@@ -15,7 +15,7 @@ namespace {
/*
* EMSA3 Encode Operation
*/
-SecureVector<byte> emsa3_encoding(const MemoryRegion<byte>& msg,
+secure_vector<byte> emsa3_encoding(const secure_vector<byte>& msg,
size_t output_bits,
const byte hash_id[],
size_t hash_id_length)
@@ -24,7 +24,7 @@ SecureVector<byte> emsa3_encoding(const MemoryRegion<byte>& msg,
if(output_length < hash_id_length + msg.size() + 10)
throw Encoding_Error("emsa3_encoding: Output length is too small");
- SecureVector<byte> T(output_length);
+ secure_vector<byte> T(output_length);
const size_t P_LENGTH = output_length - msg.size() - hash_id_length - 2;
T[0] = 0x01;
@@ -48,7 +48,7 @@ void EMSA3::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA3::raw_data()
+secure_vector<byte> EMSA3::raw_data()
{
return hash->final();
}
@@ -56,7 +56,7 @@ SecureVector<byte> EMSA3::raw_data()
/*
* EMSA3 Encode Operation
*/
-SecureVector<byte> EMSA3::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA3::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator&)
{
@@ -70,8 +70,8 @@ SecureVector<byte> EMSA3::encoding_of(const MemoryRegion<byte>& msg,
/*
* Default signature decoding
*/
-bool EMSA3::verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw,
+bool EMSA3::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
size_t key_bits)
{
if(raw.size() != hash->output_length())
@@ -115,9 +115,9 @@ void EMSA3_Raw::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA3_Raw::raw_data()
+secure_vector<byte> EMSA3_Raw::raw_data()
{
- SecureVector<byte> ret;
+ secure_vector<byte> ret;
std::swap(ret, message);
return ret;
}
@@ -125,7 +125,7 @@ SecureVector<byte> EMSA3_Raw::raw_data()
/*
* EMSA3_Raw Encode Operation
*/
-SecureVector<byte> EMSA3_Raw::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA3_Raw::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator&)
{
@@ -135,8 +135,8 @@ SecureVector<byte> EMSA3_Raw::encoding_of(const MemoryRegion<byte>& msg,
/*
* Default signature decoding
*/
-bool EMSA3_Raw::verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw,
+bool EMSA3_Raw::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
size_t key_bits)
{
try
diff --git a/src/pk_pad/emsa3/emsa3.h b/src/pk_pad/emsa3/emsa3.h
index 5faf9d7e5..9fbda67ee 100644
--- a/src/pk_pad/emsa3/emsa3.h
+++ b/src/pk_pad/emsa3/emsa3.h
@@ -29,16 +29,16 @@ class BOTAN_DLL EMSA3 : public EMSA
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
private:
HashFunction* hash;
- SecureVector<byte> hash_id;
+ std::vector<byte> hash_id;
};
/**
@@ -51,16 +51,16 @@ class BOTAN_DLL EMSA3_Raw : public EMSA
public:
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
private:
- SecureVector<byte> message;
+ secure_vector<byte> message;
};
}
diff --git a/src/pk_pad/emsa4/emsa4.cpp b/src/pk_pad/emsa4/emsa4.cpp
index d05e4a5b5..c8b8cbc6a 100644
--- a/src/pk_pad/emsa4/emsa4.cpp
+++ b/src/pk_pad/emsa4/emsa4.cpp
@@ -22,7 +22,7 @@ void EMSA4::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA4::raw_data()
+secure_vector<byte> EMSA4::raw_data()
{
return hash->final();
}
@@ -30,7 +30,7 @@ SecureVector<byte> EMSA4::raw_data()
/*
* EMSA4 Encode Operation
*/
-SecureVector<byte> EMSA4::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA4::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator& rng)
{
@@ -43,19 +43,19 @@ SecureVector<byte> EMSA4::encoding_of(const MemoryRegion<byte>& msg,
const size_t output_length = (output_bits + 7) / 8;
- SecureVector<byte> salt = rng.random_vec(SALT_SIZE);
+ secure_vector<byte> salt = rng.random_vec(SALT_SIZE);
for(size_t j = 0; j != 8; ++j)
hash->update(0);
hash->update(msg);
- hash->update(salt, SALT_SIZE);
- SecureVector<byte> H = hash->final();
+ hash->update(salt);
+ secure_vector<byte> H = hash->final();
- SecureVector<byte> EM(output_length);
+ secure_vector<byte> EM(output_length);
EM[output_length - HASH_SIZE - SALT_SIZE - 2] = 0x01;
buffer_insert(EM, output_length - 1 - HASH_SIZE - SALT_SIZE, salt);
- mgf->mask(H, HASH_SIZE, EM, output_length - HASH_SIZE - 1);
+ mgf->mask(&H[0], HASH_SIZE, &EM[0], output_length - HASH_SIZE - 1);
EM[0] &= 0xFF >> (8 * ((output_bits + 7) / 8) - output_bits);
buffer_insert(EM, output_length - 1 - HASH_SIZE, H);
EM[output_length-1] = 0xBC;
@@ -66,8 +66,8 @@ SecureVector<byte> EMSA4::encoding_of(const MemoryRegion<byte>& msg,
/*
* EMSA4 Decode/Verify Operation
*/
-bool EMSA4::verify(const MemoryRegion<byte>& const_coded,
- const MemoryRegion<byte>& raw, size_t key_bits)
+bool EMSA4::verify(const secure_vector<byte>& const_coded,
+ const secure_vector<byte>& raw, size_t key_bits)
{
const size_t HASH_SIZE = hash->output_length();
const size_t KEY_BYTES = (key_bits + 7) / 8;
@@ -84,10 +84,10 @@ bool EMSA4::verify(const MemoryRegion<byte>& const_coded,
if(const_coded[const_coded.size()-1] != 0xBC)
return false;
- SecureVector<byte> coded = const_coded;
+ secure_vector<byte> coded = const_coded;
if(coded.size() < KEY_BYTES)
{
- SecureVector<byte> temp(KEY_BYTES);
+ secure_vector<byte> temp(KEY_BYTES);
buffer_insert(temp, KEY_BYTES - coded.size(), coded);
coded = temp;
}
@@ -96,14 +96,17 @@ bool EMSA4::verify(const MemoryRegion<byte>& const_coded,
if(TOP_BITS > 8 - high_bit(coded[0]))
return false;
- SecureVector<byte> DB(&coded[0], coded.size() - HASH_SIZE - 1);
- SecureVector<byte> H(&coded[coded.size() - HASH_SIZE - 1], HASH_SIZE);
+ byte* DB = &coded[0];
+ const size_t DB_size = coded.size() - HASH_SIZE - 1;
+
+ const byte* H = &coded[DB_size];
+ const size_t H_size = HASH_SIZE;
- mgf->mask(H, H.size(), DB, coded.size() - H.size() - 1);
+ mgf->mask(&H[0], H_size, &DB[0], DB_size);
DB[0] &= 0xFF >> TOP_BITS;
size_t salt_offset = 0;
- for(size_t j = 0; j != DB.size(); ++j)
+ for(size_t j = 0; j != DB_size; ++j)
{
if(DB[j] == 0x01)
{ salt_offset = j + 1; break; }
@@ -113,15 +116,13 @@ bool EMSA4::verify(const MemoryRegion<byte>& const_coded,
if(salt_offset == 0)
return false;
- SecureVector<byte> salt(&DB[salt_offset], DB.size() - salt_offset);
-
for(size_t j = 0; j != 8; ++j)
hash->update(0);
hash->update(raw);
- hash->update(salt);
- SecureVector<byte> H2 = hash->final();
+ hash->update(&DB[salt_offset], DB_size - salt_offset);
+ secure_vector<byte> H2 = hash->final();
- return (H == H2);
+ return same_mem(&H[0], &H2[0], HASH_SIZE);
}
/*
diff --git a/src/pk_pad/emsa4/emsa4.h b/src/pk_pad/emsa4/emsa4.h
index bd8b32ca1..44bf5a429 100644
--- a/src/pk_pad/emsa4/emsa4.h
+++ b/src/pk_pad/emsa4/emsa4.h
@@ -34,11 +34,11 @@ class BOTAN_DLL EMSA4 : public EMSA
~EMSA4() { delete hash; delete mgf; }
private:
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
size_t SALT_SIZE;
diff --git a/src/pk_pad/emsa_raw/emsa_raw.cpp b/src/pk_pad/emsa_raw/emsa_raw.cpp
index d0f3918dd..cb0f99e9c 100644
--- a/src/pk_pad/emsa_raw/emsa_raw.cpp
+++ b/src/pk_pad/emsa_raw/emsa_raw.cpp
@@ -20,9 +20,9 @@ void EMSA_Raw::update(const byte input[], size_t length)
/*
* Return the raw (unencoded) data
*/
-SecureVector<byte> EMSA_Raw::raw_data()
+secure_vector<byte> EMSA_Raw::raw_data()
{
- SecureVector<byte> output;
+ secure_vector<byte> output;
std::swap(message, output);
return output;
}
@@ -30,7 +30,7 @@ SecureVector<byte> EMSA_Raw::raw_data()
/*
* EMSA-Raw Encode Operation
*/
-SecureVector<byte> EMSA_Raw::encoding_of(const MemoryRegion<byte>& msg,
+secure_vector<byte> EMSA_Raw::encoding_of(const secure_vector<byte>& msg,
size_t,
RandomNumberGenerator&)
{
@@ -40,8 +40,8 @@ SecureVector<byte> EMSA_Raw::encoding_of(const MemoryRegion<byte>& msg,
/*
* EMSA-Raw Verify Operation
*/
-bool EMSA_Raw::verify(const MemoryRegion<byte>& coded,
- const MemoryRegion<byte>& raw,
+bool EMSA_Raw::verify(const secure_vector<byte>& coded,
+ const secure_vector<byte>& raw,
size_t)
{
if(coded.size() == raw.size())
diff --git a/src/pk_pad/emsa_raw/emsa_raw.h b/src/pk_pad/emsa_raw/emsa_raw.h
index 2ccd076f2..8ab763575 100644
--- a/src/pk_pad/emsa_raw/emsa_raw.h
+++ b/src/pk_pad/emsa_raw/emsa_raw.h
@@ -20,14 +20,14 @@ class BOTAN_DLL EMSA_Raw : public EMSA
{
private:
void update(const byte[], size_t);
- SecureVector<byte> raw_data();
+ secure_vector<byte> raw_data();
- SecureVector<byte> encoding_of(const MemoryRegion<byte>&, size_t,
+ secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator&);
- bool verify(const MemoryRegion<byte>&, const MemoryRegion<byte>&,
+ bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t);
- SecureVector<byte> message;
+ secure_vector<byte> message;
};
}
diff --git a/src/pk_pad/hash_id/hash_id.cpp b/src/pk_pad/hash_id/hash_id.cpp
index 74653cb83..a60e53352 100644
--- a/src/pk_pad/hash_id/hash_id.cpp
+++ b/src/pk_pad/hash_id/hash_id.cpp
@@ -57,32 +57,51 @@ const byte TIGER_PKCS_ID[] = {
/*
* HashID as specified by PKCS
*/
-MemoryVector<byte> pkcs_hash_id(const std::string& name)
+std::vector<byte> pkcs_hash_id(const std::string& name)
{
// Special case for SSL/TLS RSA signatures
if(name == "Parallel(MD5,SHA-160)")
- return MemoryVector<byte>();
+ return std::vector<byte>();
if(name == "MD2")
- return MemoryVector<byte>(MD2_PKCS_ID, sizeof(MD2_PKCS_ID));
+ return std::vector<byte>(MD2_PKCS_ID,
+ MD2_PKCS_ID + sizeof(MD2_PKCS_ID));
+
if(name == "MD5")
- return MemoryVector<byte>(MD5_PKCS_ID, sizeof(MD5_PKCS_ID));
+ return std::vector<byte>(MD5_PKCS_ID,
+ MD5_PKCS_ID + sizeof(MD5_PKCS_ID));
+
if(name == "RIPEMD-128")
- return MemoryVector<byte>(RIPEMD_128_PKCS_ID, sizeof(RIPEMD_128_PKCS_ID));
+ return std::vector<byte>(RIPEMD_128_PKCS_ID,
+ RIPEMD_128_PKCS_ID + sizeof(RIPEMD_128_PKCS_ID));
+
if(name == "RIPEMD-160")
- return MemoryVector<byte>(RIPEMD_160_PKCS_ID, sizeof(RIPEMD_160_PKCS_ID));
+ return std::vector<byte>(RIPEMD_160_PKCS_ID,
+ RIPEMD_160_PKCS_ID + sizeof(RIPEMD_160_PKCS_ID));
+
if(name == "SHA-160")
- return MemoryVector<byte>(SHA_160_PKCS_ID, sizeof(SHA_160_PKCS_ID));
+ return std::vector<byte>(SHA_160_PKCS_ID,
+ SHA_160_PKCS_ID + sizeof(SHA_160_PKCS_ID));
+
if(name == "SHA-224")
- return MemoryVector<byte>(SHA_224_PKCS_ID, sizeof(SHA_224_PKCS_ID));
+ return std::vector<byte>(SHA_224_PKCS_ID,
+ SHA_224_PKCS_ID + sizeof(SHA_224_PKCS_ID));
+
if(name == "SHA-256")
- return MemoryVector<byte>(SHA_256_PKCS_ID, sizeof(SHA_256_PKCS_ID));
+ return std::vector<byte>(SHA_256_PKCS_ID,
+ SHA_256_PKCS_ID + sizeof(SHA_256_PKCS_ID));
+
if(name == "SHA-384")
- return MemoryVector<byte>(SHA_384_PKCS_ID, sizeof(SHA_384_PKCS_ID));
+ return std::vector<byte>(SHA_384_PKCS_ID,
+ SHA_384_PKCS_ID + sizeof(SHA_384_PKCS_ID));
+
if(name == "SHA-512")
- return MemoryVector<byte>(SHA_512_PKCS_ID, sizeof(SHA_512_PKCS_ID));
+ return std::vector<byte>(SHA_512_PKCS_ID,
+ SHA_512_PKCS_ID + sizeof(SHA_512_PKCS_ID));
+
if(name == "Tiger(24,3)")
- return MemoryVector<byte>(TIGER_PKCS_ID, sizeof(TIGER_PKCS_ID));
+ return std::vector<byte>(TIGER_PKCS_ID,
+ TIGER_PKCS_ID + sizeof(TIGER_PKCS_ID));
throw Invalid_Argument("No PKCS #1 identifier for " + name);
}
diff --git a/src/pk_pad/hash_id/hash_id.h b/src/pk_pad/hash_id/hash_id.h
index 909cc6b19..070e7ddb9 100644
--- a/src/pk_pad/hash_id/hash_id.h
+++ b/src/pk_pad/hash_id/hash_id.h
@@ -20,7 +20,7 @@ namespace Botan {
* @return byte sequence identifying the hash
* @throw Invalid_Argument if the hash has no known PKCS #1 hash id
*/
-BOTAN_DLL MemoryVector<byte> pkcs_hash_id(const std::string& hash_name);
+BOTAN_DLL std::vector<byte> pkcs_hash_id(const std::string& hash_name);
/**
* Return the IEEE 1363 hash identifier
diff --git a/src/pubkey/dh/dh.cpp b/src/pubkey/dh/dh.cpp
index d58fece12..04941af73 100644
--- a/src/pubkey/dh/dh.cpp
+++ b/src/pubkey/dh/dh.cpp
@@ -24,9 +24,9 @@ DH_PublicKey::DH_PublicKey(const DL_Group& grp, const BigInt& y1)
/*
* Return the public value for key agreement
*/
-MemoryVector<byte> DH_PublicKey::public_value() const
+std::vector<byte> DH_PublicKey::public_value() const
{
- return BigInt::encode_1363(y, group_p().bytes());
+ return unlock(BigInt::encode_1363(y, group_p().bytes()));
}
/*
@@ -58,7 +58,7 @@ DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng,
* Load a DH private key
*/
DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
@@ -71,7 +71,7 @@ DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id,
/*
* Return the public value for key agreement
*/
-MemoryVector<byte> DH_PrivateKey::public_value() const
+std::vector<byte> DH_PrivateKey::public_value() const
{
return DH_PublicKey::public_value();
}
@@ -83,7 +83,7 @@ DH_KA_Operation::DH_KA_Operation(const DH_PrivateKey& dh) :
blinder = Blinder(k, powermod_x_p(inverse_mod(k, p)), p);
}
-SecureVector<byte> DH_KA_Operation::agree(const byte w[], size_t w_len)
+secure_vector<byte> DH_KA_Operation::agree(const byte w[], size_t w_len)
{
BigInt input = BigInt::decode(w, w_len);
diff --git a/src/pubkey/dh/dh.h b/src/pubkey/dh/dh.h
index 497238417..bf02ffdb9 100644
--- a/src/pubkey/dh/dh.h
+++ b/src/pubkey/dh/dh.h
@@ -23,13 +23,13 @@ class BOTAN_DLL DH_PublicKey : public virtual DL_Scheme_PublicKey
public:
std::string algo_name() const { return "DH"; }
- MemoryVector<byte> public_value() const;
+ std::vector<byte> public_value() const;
size_t max_input_bits() const { return group_p().bits(); }
DL_Group::Format group_format() const { return DL_Group::ANSI_X9_42; }
DH_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_42) {}
/**
@@ -50,7 +50,7 @@ class BOTAN_DLL DH_PrivateKey : public DH_PublicKey,
public virtual DL_Scheme_PrivateKey
{
public:
- MemoryVector<byte> public_value() const;
+ std::vector<byte> public_value() const;
/**
* Load a DH private key
@@ -59,7 +59,7 @@ class BOTAN_DLL DH_PrivateKey : public DH_PublicKey,
* @param rng a random number generator
*/
DH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
/**
@@ -80,7 +80,7 @@ class BOTAN_DLL DH_KA_Operation : public PK_Ops::Key_Agreement
public:
DH_KA_Operation(const DH_PrivateKey& key);
- SecureVector<byte> agree(const byte w[], size_t w_len);
+ secure_vector<byte> agree(const byte w[], size_t w_len);
private:
const BigInt& p;
diff --git a/src/pubkey/dl_algo/dl_algo.cpp b/src/pubkey/dl_algo/dl_algo.cpp
index 8e326ef6a..1034a3252 100644
--- a/src/pubkey/dl_algo/dl_algo.cpp
+++ b/src/pubkey/dl_algo/dl_algo.cpp
@@ -18,13 +18,13 @@ AlgorithmIdentifier DL_Scheme_PublicKey::algorithm_identifier() const
group.DER_encode(group_format()));
}
-MemoryVector<byte> DL_Scheme_PublicKey::x509_subject_public_key() const
+std::vector<byte> DL_Scheme_PublicKey::x509_subject_public_key() const
{
- return DER_Encoder().encode(y).get_contents();
+ return DER_Encoder().encode(y).get_contents_unlocked();
}
DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
DataSource_Memory source(alg_id.parameters);
@@ -33,13 +33,13 @@ DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
BER_Decoder(key_bits).decode(y);
}
-MemoryVector<byte> DL_Scheme_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> DL_Scheme_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder().encode(x).get_contents();
}
DL_Scheme_PrivateKey::DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
DataSource_Memory source(alg_id.parameters);
diff --git a/src/pubkey/dl_algo/dl_algo.h b/src/pubkey/dl_algo/dl_algo.h
index 2cc632caa..af2806b02 100644
--- a/src/pubkey/dl_algo/dl_algo.h
+++ b/src/pubkey/dl_algo/dl_algo.h
@@ -24,7 +24,7 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* Get the DL domain parameters of this key.
@@ -62,7 +62,7 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
virtual DL_Group::Format group_format() const = 0;
DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format group_format);
protected:
@@ -94,10 +94,10 @@ class BOTAN_DLL DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey,
*/
const BigInt& get_x() const { return x; }
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
DL_Group::Format group_format);
protected:
diff --git a/src/pubkey/dl_group/dl_group.cpp b/src/pubkey/dl_group/dl_group.cpp
index 3904841ba..93bbcbb2d 100644
--- a/src/pubkey/dl_group/dl_group.cpp
+++ b/src/pubkey/dl_group/dl_group.cpp
@@ -90,7 +90,8 @@ DL_Group::DL_Group(RandomNumberGenerator& rng,
* DL_Group Constructor
*/
DL_Group::DL_Group(RandomNumberGenerator& rng,
- const MemoryRegion<byte>& seed, size_t pbits, size_t qbits)
+ const std::vector<byte>& seed,
+ size_t pbits, size_t qbits)
{
if(!generate_dsa_primes(rng,
global_state().algorithm_factory(),
@@ -202,7 +203,7 @@ const BigInt& DL_Group::get_q() const
/*
* DER encode the parameters
*/
-SecureVector<byte> DL_Group::DER_encode(Format format) const
+std::vector<byte> DL_Group::DER_encode(Format format) const
{
init_check();
@@ -217,7 +218,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(q)
.encode(g)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(format == ANSI_X9_42)
{
@@ -227,7 +228,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(g)
.encode(q)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(format == PKCS_3)
{
@@ -236,7 +237,7 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
.encode(p)
.encode(g)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
throw Invalid_Argument("Unknown DL_Group encoding " + std::to_string(format));
@@ -247,7 +248,8 @@ SecureVector<byte> DL_Group::DER_encode(Format format) const
*/
std::string DL_Group::PEM_encode(Format format) const
{
- SecureVector<byte> encoding = DER_encode(format);
+ const std::vector<byte> encoding = DER_encode(format);
+
if(format == PKCS_3)
return PEM_Code::encode(encoding, "DH PARAMETERS");
else if(format == ANSI_X9_57)
diff --git a/src/pubkey/dl_group/dl_group.h b/src/pubkey/dl_group/dl_group.h
index bfc2c04e5..aa90388ae 100644
--- a/src/pubkey/dl_group/dl_group.h
+++ b/src/pubkey/dl_group/dl_group.h
@@ -77,7 +77,7 @@ class BOTAN_DLL DL_Group
* @param format the encoding format
* @return string holding the DER encoded group
*/
- SecureVector<byte> DER_encode(Format format) const;
+ std::vector<byte> DER_encode(Format format) const;
/**
* Decode a DER/BER encoded group into this instance.
@@ -131,7 +131,8 @@ class BOTAN_DLL DL_Group
* @param pbits the desired bit size of the prime p
* @param qbits the desired bit size of the prime q.
*/
- DL_Group(RandomNumberGenerator& rng, const MemoryRegion<byte>& seed,
+ DL_Group(RandomNumberGenerator& rng,
+ const std::vector<byte>& seed,
size_t pbits = 1024, size_t qbits = 0);
/**
diff --git a/src/pubkey/dlies/dlies.cpp b/src/pubkey/dlies/dlies.cpp
index 80dde048b..715b55a36 100644
--- a/src/pubkey/dlies/dlies.cpp
+++ b/src/pubkey/dlies/dlies.cpp
@@ -34,19 +34,19 @@ DLIES_Encryptor::~DLIES_Encryptor()
/*
* DLIES Encryption
*/
-SecureVector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
- RandomNumberGenerator&) const
+std::vector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
+ RandomNumberGenerator&) const
{
if(length > maximum_input_size())
throw Invalid_Argument("DLIES: Plaintext too large");
if(other_key.empty())
throw Invalid_State("DLIES: The other key was never set");
- SecureVector<byte> out(my_key.size() + length + mac->output_length());
+ secure_vector<byte> out(my_key.size() + length + mac->output_length());
buffer_insert(out, 0, my_key);
buffer_insert(out, my_key.size(), in, length);
- SecureVector<byte> vz = my_key;
+ secure_vector<byte> vz(my_key.begin(), my_key.end());
vz += ka.derive_key(0, other_key).bits_of();
const size_t K_LENGTH = length + mac_keylen;
@@ -65,13 +65,13 @@ SecureVector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
mac->final(C + length);
- return out;
+ return unlock(out);
}
/*
* Set the other parties public key
*/
-void DLIES_Encryptor::set_other_key(const MemoryRegion<byte>& ok)
+void DLIES_Encryptor::set_other_key(const std::vector<byte>& ok)
{
other_key = ok;
}
@@ -108,18 +108,21 @@ DLIES_Decryptor::~DLIES_Decryptor()
/*
* DLIES Decryption
*/
-SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
+secure_vector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
{
if(length < my_key.size() + mac->output_length())
throw Decoding_Error("DLIES decryption: ciphertext is too short");
const size_t CIPHER_LEN = length - my_key.size() - mac->output_length();
- SecureVector<byte> v(msg, my_key.size());
- SecureVector<byte> C(msg + my_key.size(), CIPHER_LEN);
- SecureVector<byte> T(msg + my_key.size() + CIPHER_LEN, mac->output_length());
+ std::vector<byte> v(msg, msg + my_key.size());
- SecureVector<byte> vz(msg, my_key.size());
+ secure_vector<byte> C(msg + my_key.size(), msg + my_key.size() + CIPHER_LEN);
+
+ secure_vector<byte> T(msg + my_key.size() + CIPHER_LEN,
+ msg + my_key.size() + CIPHER_LEN + mac->output_length());
+
+ secure_vector<byte> vz(msg, msg + my_key.size());
vz += ka.derive_key(0, v).bits_of();
const size_t K_LENGTH = C.size() + mac_keylen;
@@ -131,7 +134,7 @@ SecureVector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
mac->update(C);
for(size_t j = 0; j != 8; ++j)
mac->update(0);
- SecureVector<byte> T2 = mac->final();
+ secure_vector<byte> T2 = mac->final();
if(T != T2)
throw Decoding_Error("DLIES: message authentication failed");
diff --git a/src/pubkey/dlies/dlies.h b/src/pubkey/dlies/dlies.h
index 8e5c05852..9739afeb2 100644
--- a/src/pubkey/dlies/dlies.h
+++ b/src/pubkey/dlies/dlies.h
@@ -27,13 +27,14 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
~DLIES_Encryptor();
- void set_other_key(const MemoryRegion<byte>&);
+ void set_other_key(const std::vector<byte>&);
private:
- SecureVector<byte> enc(const byte[], size_t,
- RandomNumberGenerator&) const;
+ std::vector<byte> enc(const byte[], size_t,
+ RandomNumberGenerator&) const;
+
size_t maximum_input_size() const;
- SecureVector<byte> other_key, my_key;
+ std::vector<byte> other_key, my_key;
PK_Key_Agreement ka;
KDF* kdf;
@@ -55,9 +56,9 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
~DLIES_Decryptor();
private:
- SecureVector<byte> dec(const byte[], size_t) const;
+ secure_vector<byte> dec(const byte[], size_t) const;
- SecureVector<byte> my_key;
+ std::vector<byte> my_key;
PK_Key_Agreement ka;
KDF* kdf;
diff --git a/src/pubkey/dsa/dsa.cpp b/src/pubkey/dsa/dsa.cpp
index c3b4f260b..5d56d6b89 100644
--- a/src/pubkey/dsa/dsa.cpp
+++ b/src/pubkey/dsa/dsa.cpp
@@ -42,7 +42,7 @@ DSA_PrivateKey::DSA_PrivateKey(RandomNumberGenerator& rng,
}
DSA_PrivateKey::DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
@@ -73,7 +73,7 @@ DSA_Signature_Operation::DSA_Signature_Operation(const DSA_PrivateKey& dsa) :
{
}
-SecureVector<byte>
+secure_vector<byte>
DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -97,7 +97,7 @@ DSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
s = mod_q.multiply(s, mul_add(x, r, i));
}
- SecureVector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*q.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
diff --git a/src/pubkey/dsa/dsa.h b/src/pubkey/dsa/dsa.h
index a41a8432c..7d51cfdd0 100644
--- a/src/pubkey/dsa/dsa.h
+++ b/src/pubkey/dsa/dsa.h
@@ -29,7 +29,7 @@ class BOTAN_DLL DSA_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return group_q().bits(); }
DSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
}
@@ -47,7 +47,7 @@ class BOTAN_DLL DSA_PrivateKey : public DSA_PublicKey,
{
public:
DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
DSA_PrivateKey(RandomNumberGenerator& rng,
@@ -69,7 +69,7 @@ class BOTAN_DLL DSA_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return q.bytes(); }
size_t max_input_bits() const { return q.bits(); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& q;
diff --git a/src/pubkey/ec_group/ec_group.cpp b/src/pubkey/ec_group/ec_group.cpp
index fe4fae885..88c4616a4 100644
--- a/src/pubkey/ec_group/ec_group.cpp
+++ b/src/pubkey/ec_group/ec_group.cpp
@@ -37,8 +37,8 @@ EC_Group::EC_Group(const std::string& str)
{
DataSource_Memory input(str);
- SecureVector<byte> ber =
- PEM_Code::decode_check_label(input, "EC PARAMETERS");
+ std::vector<byte> ber =
+ unlock(PEM_Code::decode_check_label(input, "EC PARAMETERS"));
*this = EC_Group(ber);
}
@@ -48,7 +48,7 @@ EC_Group::EC_Group(const std::string& str)
}
}
-EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
+EC_Group::EC_Group(const std::vector<byte>& ber_data)
{
BER_Decoder ber(ber_data);
BER_Object obj = ber.get_next_object();
@@ -64,7 +64,7 @@ EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
else if(obj.type_tag == SEQUENCE)
{
BigInt p, a, b;
- SecureVector<byte> sv_base_point;
+ std::vector<byte> sv_base_point;
BER_Decoder(ber_data)
.start_cons(SEQUENCE)
@@ -91,7 +91,7 @@ EC_Group::EC_Group(const MemoryRegion<byte>& ber_data)
throw Decoding_Error("Unexpected tag while decoding ECC domain params");
}
-SecureVector<byte>
+std::vector<byte>
EC_Group::DER_encode(EC_Group_Encoding form) const
{
if(form == EC_DOMPAR_ENC_EXPLICIT)
@@ -118,19 +118,19 @@ EC_Group::DER_encode(EC_Group_Encoding form) const
.encode(order)
.encode(cofactor)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else if(form == EC_DOMPAR_ENC_OID)
- return DER_Encoder().encode(get_oid()).get_contents();
+ return DER_Encoder().encode(get_oid()).get_contents_unlocked();
else if(form == EC_DOMPAR_ENC_IMPLICITCA)
- return DER_Encoder().encode_null().get_contents();
+ return DER_Encoder().encode_null().get_contents_unlocked();
else
throw Internal_Error("EC_Group::DER_encode: Unknown encoding");
}
std::string EC_Group::PEM_encode() const
{
- SecureVector<byte> der = DER_encode(EC_DOMPAR_ENC_EXPLICIT);
+ const std::vector<byte> der = DER_encode(EC_DOMPAR_ENC_EXPLICIT);
return PEM_Code::encode(der, "EC PARAMETERS");
}
diff --git a/src/pubkey/ec_group/ec_group.h b/src/pubkey/ec_group/ec_group.h
index dadc9fba3..756c158dc 100644
--- a/src/pubkey/ec_group/ec_group.h
+++ b/src/pubkey/ec_group/ec_group.h
@@ -54,7 +54,7 @@ class BOTAN_DLL EC_Group
* Decode a BER encoded ECC domain parameter set
* @param ber_encoding the bytes of the BER encoding
*/
- EC_Group(const MemoryRegion<byte>& ber_encoding);
+ EC_Group(const std::vector<byte>& ber_encoding);
/**
* Create an EC domain by OID (or throw if unknown)
@@ -74,7 +74,7 @@ class BOTAN_DLL EC_Group
* @param form of encoding to use
* @returns bytes encododed as DER
*/
- SecureVector<byte> DER_encode(EC_Group_Encoding form) const;
+ std::vector<byte> DER_encode(EC_Group_Encoding form) const;
/**
* Return the PEM encoding (always in explicit form)
diff --git a/src/pubkey/ecc_key/ecc_key.cpp b/src/pubkey/ecc_key/ecc_key.cpp
index 991446f07..ead129ec6 100644
--- a/src/pubkey/ecc_key/ecc_key.cpp
+++ b/src/pubkey/ecc_key/ecc_key.cpp
@@ -28,7 +28,7 @@ EC_PublicKey::EC_PublicKey(const EC_Group& dom_par,
}
EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
domain_params = EC_Group(alg_id.parameters);
domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
@@ -47,9 +47,9 @@ AlgorithmIdentifier EC_PublicKey::algorithm_identifier() const
return AlgorithmIdentifier(get_oid(), DER_domain());
}
-MemoryVector<byte> EC_PublicKey::x509_subject_public_key() const
+std::vector<byte> EC_PublicKey::x509_subject_public_key() const
{
- return EC2OSP(public_point(), PointGFp::COMPRESSED);
+ return unlock(EC2OSP(public_point(), PointGFp::COMPRESSED));
}
void EC_PublicKey::set_parameter_encoding(EC_Group_Encoding form)
@@ -96,7 +96,7 @@ EC_PrivateKey::EC_PrivateKey(RandomNumberGenerator& rng,
"ECC private key was not on the curve");
}
-MemoryVector<byte> EC_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> EC_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -108,7 +108,7 @@ MemoryVector<byte> EC_PrivateKey::pkcs8_private_key() const
}
EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
domain_params = EC_Group(alg_id.parameters);
domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
diff --git a/src/pubkey/ecc_key/ecc_key.h b/src/pubkey/ecc_key/ecc_key.h
index cccc8d53c..76a63a7e4 100644
--- a/src/pubkey/ecc_key/ecc_key.h
+++ b/src/pubkey/ecc_key/ecc_key.h
@@ -34,7 +34,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
const PointGFp& pub_point);
EC_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
/**
* Get the public point of this key.
@@ -46,7 +46,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
bool check_key(RandomNumberGenerator& rng,
bool strong) const;
@@ -69,7 +69,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* Return the DER encoding of this keys domain in whatever format
* is preset for this particular key
*/
- MemoryVector<byte> DER_domain() const
+ std::vector<byte> DER_domain() const
{ return domain().DER_encode(domain_format()); }
/**
@@ -98,9 +98,9 @@ class BOTAN_DLL EC_PrivateKey : public virtual EC_PublicKey,
const BigInt& private_key);
EC_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
/**
* Get the private key value of this key object.
diff --git a/src/pubkey/ecdh/ecdh.cpp b/src/pubkey/ecdh/ecdh.cpp
index 656644370..511dd0678 100644
--- a/src/pubkey/ecdh/ecdh.cpp
+++ b/src/pubkey/ecdh/ecdh.cpp
@@ -20,7 +20,7 @@ ECDH_KA_Operation::ECDH_KA_Operation(const ECDH_PrivateKey& key) :
key.private_value();
}
-SecureVector<byte> ECDH_KA_Operation::agree(const byte w[], size_t w_len)
+secure_vector<byte> ECDH_KA_Operation::agree(const byte w[], size_t w_len)
{
PointGFp point = OS2ECP(w, w_len, curve);
diff --git a/src/pubkey/ecdh/ecdh.h b/src/pubkey/ecdh/ecdh.h
index 6fe0697bf..0c5d4e010 100644
--- a/src/pubkey/ecdh/ecdh.h
+++ b/src/pubkey/ecdh/ecdh.h
@@ -23,7 +23,7 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
public:
ECDH_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
/**
@@ -52,8 +52,8 @@ class BOTAN_DLL ECDH_PublicKey : public virtual EC_PublicKey
/**
* @return public point value
*/
- MemoryVector<byte> public_value() const
- { return EC2OSP(public_point(), PointGFp::UNCOMPRESSED); }
+ std::vector<byte> public_value() const
+ { return unlock(EC2OSP(public_point(), PointGFp::UNCOMPRESSED)); }
protected:
ECDH_PublicKey() {}
@@ -69,7 +69,7 @@ class BOTAN_DLL ECDH_PrivateKey : public ECDH_PublicKey,
public:
ECDH_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -83,7 +83,7 @@ class BOTAN_DLL ECDH_PrivateKey : public ECDH_PublicKey,
const BigInt& x = 0) :
EC_PrivateKey(rng, domain, x) {}
- MemoryVector<byte> public_value() const
+ std::vector<byte> public_value() const
{ return ECDH_PublicKey::public_value(); }
};
@@ -95,7 +95,7 @@ class BOTAN_DLL ECDH_KA_Operation : public PK_Ops::Key_Agreement
public:
ECDH_KA_Operation(const ECDH_PrivateKey& key);
- SecureVector<byte> agree(const byte w[], size_t w_len);
+ secure_vector<byte> agree(const byte w[], size_t w_len);
private:
const CurveGFp& curve;
const BigInt& cofactor;
diff --git a/src/pubkey/ecdsa/ecdsa.cpp b/src/pubkey/ecdsa/ecdsa.cpp
index 5c45c5ed3..6ff082649 100644
--- a/src/pubkey/ecdsa/ecdsa.cpp
+++ b/src/pubkey/ecdsa/ecdsa.cpp
@@ -32,7 +32,7 @@ ECDSA_Signature_Operation::ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecd
{
}
-SecureVector<byte>
+secure_vector<byte>
ECDSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -56,7 +56,7 @@ ECDSA_Signature_Operation::sign(const byte msg[], size_t msg_len,
s = mod_order.multiply(inverse_mod(k, order), mul_add(x, r, m));
}
- SecureVector<byte> output(2*order.bytes());
+ secure_vector<byte> output(2*order.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
diff --git a/src/pubkey/ecdsa/ecdsa.h b/src/pubkey/ecdsa/ecdsa.h
index f0834abd8..e37fa1562 100644
--- a/src/pubkey/ecdsa/ecdsa.h
+++ b/src/pubkey/ecdsa/ecdsa.h
@@ -33,7 +33,7 @@ class BOTAN_DLL ECDSA_PublicKey : public virtual EC_PublicKey
EC_PublicKey(dom_par, public_point) {}
ECDSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PublicKey(alg_id, key_bits) {}
/**
@@ -72,7 +72,7 @@ class BOTAN_DLL ECDSA_PrivateKey : public ECDSA_PublicKey,
* @param key_bits PKCS #8 structure
*/
ECDSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -97,7 +97,7 @@ class BOTAN_DLL ECDSA_Signature_Operation : public PK_Ops::Signature
public:
ECDSA_Signature_Operation(const ECDSA_PrivateKey& ecdsa);
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
size_t message_parts() const { return 2; }
diff --git a/src/pubkey/elgamal/elgamal.cpp b/src/pubkey/elgamal/elgamal.cpp
index 6d15aed79..3988f3155 100644
--- a/src/pubkey/elgamal/elgamal.cpp
+++ b/src/pubkey/elgamal/elgamal.cpp
@@ -44,7 +44,7 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(RandomNumberGenerator& rng,
}
ElGamal_PrivateKey::ElGamal_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
@@ -76,7 +76,7 @@ ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicK
mod_p = Modular_Reducer(p);
}
-SecureVector<byte>
+secure_vector<byte>
ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -92,7 +92,7 @@ ElGamal_Encryption_Operation::encrypt(const byte msg[], size_t msg_len,
BigInt a = powermod_g_p(k);
BigInt b = mod_p.multiply(m, powermod_y_p(k));
- SecureVector<byte> output(2*p.bytes());
+ secure_vector<byte> output(2*p.bytes());
a.binary_encode(&output[p.bytes() - a.bytes()]);
b.binary_encode(&output[output.size() / 2 + (p.bytes() - b.bytes())]);
return output;
@@ -109,7 +109,7 @@ ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_Private
blinder = Blinder(k, powermod_x_p(k), p);
}
-SecureVector<byte>
+secure_vector<byte>
ElGamal_Decryption_Operation::decrypt(const byte msg[], size_t msg_len)
{
const BigInt& p = mod_p.get_modulus();
@@ -129,7 +129,7 @@ ElGamal_Decryption_Operation::decrypt(const byte msg[], size_t msg_len)
BigInt r = mod_p.multiply(b, inverse_mod(powermod_x_p(a), p));
- return BigInt::encode(blinder.unblind(r));
+ return BigInt::encode_locked(blinder.unblind(r));
}
}
diff --git a/src/pubkey/elgamal/elgamal.h b/src/pubkey/elgamal/elgamal.h
index 383a4160b..957aa4656 100644
--- a/src/pubkey/elgamal/elgamal.h
+++ b/src/pubkey/elgamal/elgamal.h
@@ -28,7 +28,7 @@ class BOTAN_DLL ElGamal_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return (group_p().bits() - 1); }
ElGamal_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{}
@@ -47,7 +47,7 @@ class BOTAN_DLL ElGamal_PrivateKey : public ElGamal_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool) const;
ElGamal_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
ElGamal_PrivateKey(RandomNumberGenerator& rng,
@@ -65,7 +65,7 @@ class BOTAN_DLL ElGamal_Encryption_Operation : public PK_Ops::Encryption
ElGamal_Encryption_Operation(const ElGamal_PublicKey& key);
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
@@ -83,7 +83,7 @@ class BOTAN_DLL ElGamal_Decryption_Operation : public PK_Ops::Decryption
ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key);
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len);
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len);
private:
Fixed_Exponent_Power_Mod powermod_x_p;
Modular_Reducer mod_p;
diff --git a/src/pubkey/gost_3410/gost_3410.cpp b/src/pubkey/gost_3410/gost_3410.cpp
index f97f83aa0..289cdcac4 100644
--- a/src/pubkey/gost_3410/gost_3410.cpp
+++ b/src/pubkey/gost_3410/gost_3410.cpp
@@ -14,7 +14,7 @@
namespace Botan {
-MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
+std::vector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
{
// Trust CryptoPro to come up with something obnoxious
const BigInt x = public_point().get_affine_x();
@@ -22,7 +22,7 @@ MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
size_t part_size = std::max(x.bytes(), y.bytes());
- MemoryVector<byte> bits(2*part_size);
+ std::vector<byte> bits(2*part_size);
x.binary_encode(&bits[part_size - x.bytes()]);
y.binary_encode(&bits[2*part_size - y.bytes()]);
@@ -34,22 +34,22 @@ MemoryVector<byte> GOST_3410_PublicKey::x509_subject_public_key() const
std::swap(bits[part_size+i], bits[2*part_size-1-i]);
}
- return DER_Encoder().encode(bits, OCTET_STRING).get_contents();
+ return DER_Encoder().encode(bits, OCTET_STRING).get_contents_unlocked();
}
AlgorithmIdentifier GOST_3410_PublicKey::algorithm_identifier() const
{
- MemoryVector<byte> params =
+ std::vector<byte> params =
DER_Encoder().start_cons(SEQUENCE)
.encode(OID(domain().get_oid()))
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
return AlgorithmIdentifier(get_oid(), params);
}
GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
OID ecc_param_id;
@@ -58,7 +58,7 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
domain_params = EC_Group(ecc_param_id);
- SecureVector<byte> bits;
+ secure_vector<byte> bits;
BER_Decoder(key_bits).decode(bits, OCTET_STRING);
const size_t part_size = bits.size() / 2;
@@ -83,7 +83,7 @@ namespace {
BigInt decode_le(const byte msg[], size_t msg_len)
{
- SecureVector<byte> msg_le(msg, msg_len);
+ secure_vector<byte> msg_le(msg, msg + msg_len);
for(size_t i = 0; i != msg_le.size() / 2; ++i)
std::swap(msg_le[i], msg_le[msg_le.size()-1-i]);
@@ -102,7 +102,7 @@ GOST_3410_Signature_Operation::GOST_3410_Signature_Operation(
{
}
-SecureVector<byte>
+secure_vector<byte>
GOST_3410_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -129,7 +129,7 @@ GOST_3410_Signature_Operation::sign(const byte msg[], size_t msg_len,
if(r == 0 || s == 0)
throw Invalid_State("GOST 34.10: r == 0 || s == 0");
- SecureVector<byte> output(2*order.bytes());
+ secure_vector<byte> output(2*order.bytes());
s.binary_encode(&output[output.size() / 2 - s.bytes()]);
r.binary_encode(&output[output.size() - r.bytes()]);
return output;
diff --git a/src/pubkey/gost_3410/gost_3410.h b/src/pubkey/gost_3410/gost_3410.h
index 7b638d7b5..6b1506b10 100644
--- a/src/pubkey/gost_3410/gost_3410.h
+++ b/src/pubkey/gost_3410/gost_3410.h
@@ -35,7 +35,7 @@ class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey
* Construct from X.509 algorithm id and subject public key bits
*/
GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
/**
* Get this keys algorithm name.
@@ -45,7 +45,7 @@ class BOTAN_DLL GOST_3410_PublicKey : public virtual EC_PublicKey
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* Get the maximum number of bits allowed to be fed to this key.
@@ -73,7 +73,7 @@ class BOTAN_DLL GOST_3410_PrivateKey : public GOST_3410_PublicKey,
public:
GOST_3410_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
EC_PrivateKey(alg_id, key_bits) {}
/**
@@ -103,7 +103,7 @@ class BOTAN_DLL GOST_3410_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return order.bytes(); }
size_t max_input_bits() const { return order.bits(); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
diff --git a/src/pubkey/if_algo/if_algo.cpp b/src/pubkey/if_algo/if_algo.cpp
index 6e75bc276..f044afd03 100644
--- a/src/pubkey/if_algo/if_algo.cpp
+++ b/src/pubkey/if_algo/if_algo.cpp
@@ -18,18 +18,18 @@ AlgorithmIdentifier IF_Scheme_PublicKey::algorithm_identifier() const
AlgorithmIdentifier::USE_NULL_PARAM);
}
-MemoryVector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const
+std::vector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(n)
.encode(e)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
IF_Scheme_PublicKey::IF_Scheme_PublicKey(const AlgorithmIdentifier&,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
@@ -49,7 +49,7 @@ bool IF_Scheme_PublicKey::check_key(RandomNumberGenerator&, bool) const
return true;
}
-MemoryVector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
+secure_vector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -68,7 +68,7 @@ MemoryVector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
const AlgorithmIdentifier&,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
diff --git a/src/pubkey/if_algo/if_algo.h b/src/pubkey/if_algo/if_algo.h
index b6683d30e..5c95aecd1 100644
--- a/src/pubkey/if_algo/if_algo.h
+++ b/src/pubkey/if_algo/if_algo.h
@@ -22,7 +22,7 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
{
public:
IF_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
IF_Scheme_PublicKey(const BigInt& n, const BigInt& e) :
n(n), e(e) {}
@@ -31,7 +31,7 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
AlgorithmIdentifier algorithm_identifier() const;
- MemoryVector<byte> x509_subject_public_key() const;
+ std::vector<byte> x509_subject_public_key() const;
/**
* @return public modulus
@@ -67,7 +67,7 @@ class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey,
IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
bool check_key(RandomNumberGenerator& rng, bool) const;
@@ -93,7 +93,7 @@ class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey,
const BigInt& get_d1() const { return d1; }
const BigInt& get_d2() const { return d2; }
- MemoryVector<byte> pkcs8_private_key() const;
+ secure_vector<byte> pkcs8_private_key() const;
protected:
IF_Scheme_PrivateKey() {}
diff --git a/src/pubkey/keypair/keypair.cpp b/src/pubkey/keypair/keypair.cpp
index 857a5328a..a8631062d 100644
--- a/src/pubkey/keypair/keypair.cpp
+++ b/src/pubkey/keypair/keypair.cpp
@@ -29,14 +29,14 @@ bool encryption_consistency_check(RandomNumberGenerator& rng,
if(encryptor.maximum_input_size() == 0)
return true;
- SecureVector<byte> plaintext =
- rng.random_vec(encryptor.maximum_input_size() - 1);
+ std::vector<byte> plaintext =
+ unlock(rng.random_vec(encryptor.maximum_input_size() - 1));
- SecureVector<byte> ciphertext = encryptor.encrypt(plaintext, rng);
+ std::vector<byte> ciphertext = encryptor.encrypt(plaintext, rng);
if(ciphertext == plaintext)
return false;
- SecureVector<byte> decrypted = decryptor.decrypt(ciphertext);
+ std::vector<byte> decrypted = unlock(decryptor.decrypt(ciphertext));
return (plaintext == decrypted);
}
@@ -51,9 +51,9 @@ bool signature_consistency_check(RandomNumberGenerator& rng,
PK_Signer signer(key, padding);
PK_Verifier verifier(key, padding);
- SecureVector<byte> message = rng.random_vec(16);
+ std::vector<byte> message = unlock(rng.random_vec(16));
- SecureVector<byte> signature;
+ std::vector<byte> signature;
try
{
diff --git a/src/pubkey/nr/nr.cpp b/src/pubkey/nr/nr.cpp
index 7490e1b64..87cf3d038 100644
--- a/src/pubkey/nr/nr.cpp
+++ b/src/pubkey/nr/nr.cpp
@@ -13,7 +13,7 @@
namespace Botan {
NR_PublicKey::NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
DL_Scheme_PublicKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
}
@@ -49,7 +49,7 @@ NR_PrivateKey::NR_PrivateKey(RandomNumberGenerator& rng,
}
NR_PrivateKey::NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
@@ -80,7 +80,7 @@ NR_Signature_Operation::NR_Signature_Operation(const NR_PrivateKey& nr) :
{
}
-SecureVector<byte>
+secure_vector<byte>
NR_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -104,7 +104,7 @@ NR_Signature_Operation::sign(const byte msg[], size_t msg_len,
d = mod_q.reduce(k - x * c);
}
- SecureVector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*q.bytes());
c.binary_encode(&output[output.size() / 2 - c.bytes()]);
d.binary_encode(&output[output.size() - d.bytes()]);
return output;
@@ -119,7 +119,7 @@ NR_Verification_Operation::NR_Verification_Operation(const NR_PublicKey& nr) :
mod_q = Modular_Reducer(nr.group_q());
}
-SecureVector<byte>
+secure_vector<byte>
NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
const BigInt& q = mod_q.get_modulus();
@@ -137,7 +137,7 @@ NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
BigInt g_d = powermod_g_p(d);
BigInt i = mod_p.multiply(g_d, future_y_c.get());
- return BigInt::encode(mod_q.reduce(c - i));
+ return BigInt::encode_locked(mod_q.reduce(c - i));
}
}
diff --git a/src/pubkey/nr/nr.h b/src/pubkey/nr/nr.h
index 0d426fb3a..5be336a21 100644
--- a/src/pubkey/nr/nr.h
+++ b/src/pubkey/nr/nr.h
@@ -30,7 +30,7 @@ class BOTAN_DLL NR_PublicKey : public virtual DL_Scheme_PublicKey
size_t max_input_bits() const { return (group_q().bits() - 1); }
NR_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
NR_PublicKey(const DL_Group& group, const BigInt& pub_key);
protected:
@@ -47,7 +47,7 @@ class BOTAN_DLL NR_PrivateKey : public NR_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool strong) const;
NR_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
NR_PrivateKey(RandomNumberGenerator& rng,
@@ -67,7 +67,7 @@ class BOTAN_DLL NR_Signature_Operation : public PK_Ops::Signature
size_t message_part_size() const { return q.bytes(); }
size_t max_input_bits() const { return (q.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& q;
@@ -90,7 +90,7 @@ class BOTAN_DLL NR_Verification_Operation : public PK_Ops::Verification
bool with_recovery() const { return true; }
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len);
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len);
private:
const BigInt& q;
const BigInt& y;
diff --git a/src/pubkey/pk_algs.cpp b/src/pubkey/pk_algs.cpp
index 9b3218ac4..863eb57e4 100644
--- a/src/pubkey/pk_algs.cpp
+++ b/src/pubkey/pk_algs.cpp
@@ -47,7 +47,7 @@
namespace Botan {
Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits)
+ const secure_vector<byte>& key_bits)
{
const std::string alg_name = OIDS::lookup(alg_id.oid);
if(alg_name == "")
@@ -102,7 +102,7 @@ Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
}
Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng)
{
const std::string alg_name = OIDS::lookup(alg_id.oid);
diff --git a/src/pubkey/pk_algs.h b/src/pubkey/pk_algs.h
index a1e65cb3d..d8f24a1b8 100644
--- a/src/pubkey/pk_algs.h
+++ b/src/pubkey/pk_algs.h
@@ -13,10 +13,10 @@
namespace Botan {
Public_Key* make_public_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits);
+ const secure_vector<byte>& key_bits);
Private_Key* make_private_key(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
}
diff --git a/src/pubkey/pk_keys.h b/src/pubkey/pk_keys.h
index 770949b59..a3b693956 100644
--- a/src/pubkey/pk_keys.h
+++ b/src/pubkey/pk_keys.h
@@ -69,7 +69,7 @@ class BOTAN_DLL Public_Key
/**
* @return X.509 subject key encoding for this key object
*/
- virtual MemoryVector<byte> x509_subject_public_key() const = 0;
+ virtual std::vector<byte> x509_subject_public_key() const = 0;
virtual ~Public_Key() {}
protected:
@@ -89,7 +89,7 @@ class BOTAN_DLL Private_Key : public virtual Public_Key
/**
* @return PKCS #8 private key encoding for this key object
*/
- virtual MemoryVector<byte> pkcs8_private_key() const = 0;
+ virtual secure_vector<byte> pkcs8_private_key() const = 0;
/**
* @return PKCS #8 AlgorithmIdentifier for this key
@@ -121,7 +121,7 @@ class BOTAN_DLL PK_Key_Agreement_Key : public virtual Private_Key
/*
* @return public component of this key
*/
- virtual MemoryVector<byte> public_value() const = 0;
+ virtual std::vector<byte> public_value() const = 0;
virtual ~PK_Key_Agreement_Key() {}
};
diff --git a/src/pubkey/pk_ops.h b/src/pubkey/pk_ops.h
index 51543cd33..8a08ef430 100644
--- a/src/pubkey/pk_ops.h
+++ b/src/pubkey/pk_ops.h
@@ -23,7 +23,7 @@ class BOTAN_DLL Encryption
public:
virtual size_t max_input_bits() const = 0;
- virtual SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ virtual secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) = 0;
virtual ~Encryption() {}
@@ -37,7 +37,7 @@ class BOTAN_DLL Decryption
public:
virtual size_t max_input_bits() const = 0;
- virtual SecureVector<byte> decrypt(const byte msg[],
+ virtual secure_vector<byte> decrypt(const byte msg[],
size_t msg_len) = 0;
virtual ~Decryption() {}
@@ -73,7 +73,7 @@ class BOTAN_DLL Signature
* @param msg_len the length of msg in bytes
* @param rng a random number generator
*/
- virtual SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ virtual secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) = 0;
virtual ~Signature() {}
@@ -130,7 +130,7 @@ class BOTAN_DLL Verification
* @param msg_len the length of msg in bytes
* @returns recovered message
*/
- virtual SecureVector<byte> verify_mr(const byte[],
+ virtual secure_vector<byte> verify_mr(const byte[],
size_t)
{
throw Invalid_State("Message recovery not supported");
@@ -151,7 +151,7 @@ class BOTAN_DLL Key_Agreement
* @param w_len the length of w in bytes
* @returns the agreed key
*/
- virtual SecureVector<byte> agree(const byte w[], size_t w_len) = 0;
+ virtual secure_vector<byte> agree(const byte w[], size_t w_len) = 0;
virtual ~Key_Agreement() {}
};
diff --git a/src/pubkey/pkcs8.cpp b/src/pubkey/pkcs8.cpp
index 57bb5c1e2..baf6d1250 100644
--- a/src/pubkey/pkcs8.cpp
+++ b/src/pubkey/pkcs8.cpp
@@ -24,10 +24,10 @@ namespace {
/*
* Get info from an EncryptedPrivateKeyInfo
*/
-SecureVector<byte> PKCS8_extract(DataSource& source,
+secure_vector<byte> PKCS8_extract(DataSource& source,
AlgorithmIdentifier& pbe_alg_id)
{
- SecureVector<byte> key_data;
+ secure_vector<byte> key_data;
BER_Decoder(source)
.start_cons(SEQUENCE)
@@ -41,13 +41,13 @@ SecureVector<byte> PKCS8_extract(DataSource& source,
/*
* PEM decode and/or decrypt a private key
*/
-SecureVector<byte> PKCS8_decode(
+secure_vector<byte> PKCS8_decode(
DataSource& source,
std::function<std::pair<bool,std::string> ()> get_passphrase,
AlgorithmIdentifier& pk_alg_id)
{
AlgorithmIdentifier pbe_alg_id;
- SecureVector<byte> key_data, key;
+ secure_vector<byte> key_data, key;
bool is_encrypted = true;
try {
@@ -71,9 +71,9 @@ SecureVector<byte> PKCS8_decode(
if(key_data.empty())
throw PKCS8_Exception("No key data found");
}
- catch(Decoding_Error)
+ catch(Decoding_Error& e)
{
- throw Decoding_Error("PKCS #8 private key decoding failed");
+ throw Decoding_Error("PKCS #8 private key decoding failed: " + std::string(e.what()));
}
if(!is_encrypted)
@@ -131,7 +131,7 @@ SecureVector<byte> PKCS8_decode(
/*
* BER encode a PKCS #8 private key, unencrypted
*/
-SecureVector<byte> BER_encode(const Private_Key& key)
+secure_vector<byte> BER_encode(const Private_Key& key)
{
const size_t PKCS8_VERSION = 0;
@@ -155,7 +155,7 @@ std::string PEM_encode(const Private_Key& key)
/*
* BER encode a PKCS #8 private key, encrypted
*/
-SecureVector<byte> BER_encode(const Private_Key& key,
+secure_vector<byte> BER_encode(const Private_Key& key,
RandomNumberGenerator& rng,
const std::string& pass,
const std::string& pbe_algo)
@@ -203,7 +203,7 @@ Private_Key* load_key(DataSource& source,
std::function<std::pair<bool, std::string> ()> get_pass)
{
AlgorithmIdentifier alg_id;
- SecureVector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
+ secure_vector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
const std::string alg_name = OIDS::lookup(alg_id.oid);
if(alg_name == "" || alg_name == alg_id.oid.as_string())
diff --git a/src/pubkey/pkcs8.h b/src/pubkey/pkcs8.h
index d573fb460..fae1633a8 100644
--- a/src/pubkey/pkcs8.h
+++ b/src/pubkey/pkcs8.h
@@ -32,7 +32,7 @@ namespace PKCS8 {
* @param key the private key to encode
* @return BER encoded key
*/
-BOTAN_DLL SecureVector<byte> BER_encode(const Private_Key& key);
+BOTAN_DLL secure_vector<byte> BER_encode(const Private_Key& key);
/**
* Get a string containing a PEM encoded private key.
@@ -51,7 +51,7 @@ BOTAN_DLL std::string PEM_encode(const Private_Key& key);
default will be chosen.
* @return encrypted key in binary BER form
*/
-BOTAN_DLL SecureVector<byte> BER_encode(const Private_Key& key,
+BOTAN_DLL secure_vector<byte> BER_encode(const Private_Key& key,
RandomNumberGenerator& rng,
const std::string& pass,
const std::string& pbe_algo = "");
diff --git a/src/pubkey/pubkey.cpp b/src/pubkey/pubkey.cpp
index d0b74071c..370eeddbf 100644
--- a/src/pubkey/pubkey.cpp
+++ b/src/pubkey/pubkey.cpp
@@ -44,27 +44,27 @@ PK_Encryptor_EME::PK_Encryptor_EME(const Public_Key& key,
/*
* Encrypt a message
*/
-SecureVector<byte>
+std::vector<byte>
PK_Encryptor_EME::enc(const byte in[],
size_t length,
RandomNumberGenerator& rng) const
{
if(eme)
{
- SecureVector<byte> encoded =
+ secure_vector<byte> encoded =
eme->encode(in, length, op->max_input_bits(), rng);
if(8*(encoded.size() - 1) + high_bit(encoded[0]) > op->max_input_bits())
throw Invalid_Argument("PK_Encryptor_EME: Input is too large");
- return op->encrypt(&encoded[0], encoded.size(), rng);
+ return unlock(op->encrypt(&encoded[0], encoded.size(), rng));
}
else
{
if(8*(length - 1) + high_bit(in[0]) > op->max_input_bits())
throw Invalid_Argument("PK_Encryptor_EME: Input is too large");
- return op->encrypt(&in[0], length, rng);
+ return unlock(op->encrypt(&in[0], length, rng));
}
}
@@ -104,11 +104,11 @@ PK_Decryptor_EME::PK_Decryptor_EME(const Private_Key& key,
/*
* Decrypt a message
*/
-SecureVector<byte> PK_Decryptor_EME::dec(const byte msg[],
- size_t length) const
+secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[],
+ size_t length) const
{
try {
- SecureVector<byte> decrypted = op->decrypt(msg, length);
+ secure_vector<byte> decrypted = op->decrypt(msg, length);
if(eme)
return eme->decode(decrypted, op->max_input_bits());
else
@@ -156,7 +156,7 @@ PK_Signer::PK_Signer(const Private_Key& key,
/*
* Sign a message
*/
-SecureVector<byte> PK_Signer::sign_message(const byte msg[], size_t length,
+std::vector<byte> PK_Signer::sign_message(const byte msg[], size_t length,
RandomNumberGenerator& rng)
{
update(msg, length);
@@ -174,16 +174,16 @@ void PK_Signer::update(const byte in[], size_t length)
/*
* Check the signature we just created, to help prevent fault attacks
*/
-bool PK_Signer::self_test_signature(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig) const
+bool PK_Signer::self_test_signature(const std::vector<byte>& msg,
+ const std::vector<byte>& sig) const
{
if(!verify_op)
return true; // checking disabled, assume ok
if(verify_op->with_recovery())
{
- SecureVector<byte> recovered =
- verify_op->verify_mr(&sig[0], sig.size());
+ std::vector<byte> recovered =
+ unlock(verify_op->verify_mr(&sig[0], sig.size()));
if(msg.size() > recovered.size())
{
@@ -206,13 +206,13 @@ bool PK_Signer::self_test_signature(const MemoryRegion<byte>& msg,
/*
* Create a signature
*/
-SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
+std::vector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
{
- SecureVector<byte> encoded = emsa->encoding_of(emsa->raw_data(),
- op->max_input_bits(),
- rng);
+ std::vector<byte> encoded = unlock(emsa->encoding_of(emsa->raw_data(),
+ op->max_input_bits(),
+ rng));
- SecureVector<byte> plain_sig = op->sign(&encoded[0], encoded.size(), rng);
+ std::vector<byte> plain_sig = unlock(op->sign(&encoded[0], encoded.size(), rng));
BOTAN_ASSERT(self_test_signature(encoded, plain_sig),
"PK_Signer consistency check failed");
@@ -234,7 +234,7 @@ SecureVector<byte> PK_Signer::signature(RandomNumberGenerator& rng)
.start_cons(SEQUENCE)
.encode_list(sig_parts)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
else
throw Encoding_Error("PK_Signer: Unknown signature format " +
@@ -307,7 +307,7 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
BER_Decoder ber_sig = decoder.start_cons(SEQUENCE);
size_t count = 0;
- SecureVector<byte> real_sig;
+ std::vector<byte> real_sig;
while(ber_sig.more_items())
{
BigInt sig_part;
@@ -332,19 +332,19 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
/*
* Verify a signature
*/
-bool PK_Verifier::validate_signature(const MemoryRegion<byte>& msg,
+bool PK_Verifier::validate_signature(const secure_vector<byte>& msg,
const byte sig[], size_t sig_len)
{
if(op->with_recovery())
{
- SecureVector<byte> output_of_key = op->verify_mr(sig, sig_len);
+ secure_vector<byte> output_of_key = op->verify_mr(sig, sig_len);
return emsa->verify(output_of_key, msg, op->max_input_bits());
}
else
{
Null_RNG rng;
- SecureVector<byte> encoded =
+ secure_vector<byte> encoded =
emsa->encoding_of(msg, op->max_input_bits(), rng);
return op->verify(&encoded[0], encoded.size(), sig, sig_len);
@@ -377,7 +377,7 @@ SymmetricKey PK_Key_Agreement::derive_key(size_t key_len, const byte in[],
size_t in_len, const byte params[],
size_t params_len) const
{
- SecureVector<byte> z = op->agree(in, in_len);
+ secure_vector<byte> z = op->agree(in, in_len);
if(!kdf)
return z;
diff --git a/src/pubkey/pubkey.h b/src/pubkey/pubkey.h
index cd813dc65..5013a1ed1 100644
--- a/src/pubkey/pubkey.h
+++ b/src/pubkey/pubkey.h
@@ -45,7 +45,7 @@ class BOTAN_DLL PK_Encryptor
* @param rng the random number source to use
* @return encrypted message
*/
- SecureVector<byte> encrypt(const byte in[], size_t length,
+ std::vector<byte> encrypt(const byte in[], size_t length,
RandomNumberGenerator& rng) const
{
return enc(in, length, rng);
@@ -57,8 +57,9 @@ class BOTAN_DLL PK_Encryptor
* @param rng the random number source to use
* @return encrypted message
*/
- SecureVector<byte> encrypt(const MemoryRegion<byte>& in,
- RandomNumberGenerator& rng) const
+ template<typename Alloc>
+ std::vector<byte> encrypt(const std::vector<byte, Alloc>& in,
+ RandomNumberGenerator& rng) const
{
return enc(&in[0], in.size(), rng);
}
@@ -75,7 +76,7 @@ class BOTAN_DLL PK_Encryptor
PK_Encryptor(const PK_Encryptor&) {}
PK_Encryptor& operator=(const PK_Encryptor&) { return *this; }
- virtual SecureVector<byte> enc(const byte[], size_t,
+ virtual std::vector<byte> enc(const byte[], size_t,
RandomNumberGenerator&) const = 0;
};
@@ -91,7 +92,7 @@ class BOTAN_DLL PK_Decryptor
* @param length the length of the above byte array
* @return decrypted message
*/
- SecureVector<byte> decrypt(const byte in[], size_t length) const
+ secure_vector<byte> decrypt(const byte in[], size_t length) const
{
return dec(in, length);
}
@@ -101,7 +102,8 @@ class BOTAN_DLL PK_Decryptor
* @param in the ciphertext
* @return decrypted message
*/
- SecureVector<byte> decrypt(const MemoryRegion<byte>& in) const
+ template<typename Alloc>
+ secure_vector<byte> decrypt(const std::vector<byte, Alloc>& in) const
{
return dec(&in[0], in.size());
}
@@ -112,7 +114,7 @@ class BOTAN_DLL PK_Decryptor
PK_Decryptor(const PK_Decryptor&) {}
PK_Decryptor& operator=(const PK_Decryptor&) { return *this; }
- virtual SecureVector<byte> dec(const byte[], size_t) const = 0;
+ virtual secure_vector<byte> dec(const byte[], size_t) const = 0;
};
/**
@@ -130,7 +132,7 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature
*/
- SecureVector<byte> sign_message(const byte in[], size_t length,
+ std::vector<byte> sign_message(const byte in[], size_t length,
RandomNumberGenerator& rng);
/**
@@ -139,8 +141,12 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature
*/
- SecureVector<byte> sign_message(const MemoryRegion<byte>& in,
- RandomNumberGenerator& rng)
+ std::vector<byte> sign_message(const std::vector<byte>& in,
+ RandomNumberGenerator& rng)
+ { return sign_message(&in[0], in.size(), rng); }
+
+ std::vector<byte> sign_message(const secure_vector<byte>& in,
+ RandomNumberGenerator& rng)
{ return sign_message(&in[0], in.size(), rng); }
/**
@@ -160,7 +166,7 @@ class BOTAN_DLL PK_Signer
* Add a message part.
* @param in the message part to add
*/
- void update(const MemoryRegion<byte>& in) { update(&in[0], in.size()); }
+ void update(const std::vector<byte>& in) { update(&in[0], in.size()); }
/**
* Get the signature of the so far processed message (provided by the
@@ -168,7 +174,7 @@ class BOTAN_DLL PK_Signer
* @param rng the rng to use
* @return signature of the total message
*/
- SecureVector<byte> signature(RandomNumberGenerator& rng);
+ std::vector<byte> signature(RandomNumberGenerator& rng);
/**
* Set the output format of the signature.
@@ -191,8 +197,8 @@ class BOTAN_DLL PK_Signer
~PK_Signer() { delete op; delete verify_op; delete emsa; }
private:
- bool self_test_signature(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig) const;
+ bool self_test_signature(const std::vector<byte>& msg,
+ const std::vector<byte>& sig) const;
PK_Signer(const PK_Signer&) {}
PK_Signer& operator=(const PK_Signer&) { return *this; }
@@ -227,8 +233,9 @@ class BOTAN_DLL PK_Verifier
* @param sig the signature
* @return true if the signature is valid
*/
- bool verify_message(const MemoryRegion<byte>& msg,
- const MemoryRegion<byte>& sig)
+ template<typename Alloc, typename Alloc2>
+ bool verify_message(const std::vector<byte, Alloc>& msg,
+ const std::vector<byte, Alloc2>& sig)
{
return verify_message(&msg[0], msg.size(),
&sig[0], sig.size());
@@ -254,7 +261,7 @@ class BOTAN_DLL PK_Verifier
* signature to be verified.
* @param in the new message part
*/
- void update(const MemoryRegion<byte>& in)
+ void update(const std::vector<byte>& in)
{ update(&in[0], in.size()); }
/**
@@ -272,7 +279,8 @@ class BOTAN_DLL PK_Verifier
* @param sig the signature to be verified
* @return true if the signature is valid, false otherwise
*/
- bool check_signature(const MemoryRegion<byte>& sig)
+ template<typename Alloc>
+ bool check_signature(const std::vector<byte, Alloc>& sig)
{
return check_signature(&sig[0], sig.size());
}
@@ -298,7 +306,7 @@ class BOTAN_DLL PK_Verifier
PK_Verifier(const PK_Verifier&) {}
PK_Verifier& operator=(const PK_Verifier&) { return *this; }
- bool validate_signature(const MemoryRegion<byte>& msg,
+ bool validate_signature(const secure_vector<byte>& msg,
const byte sig[], size_t sig_len);
PK_Ops::Verification* op;
@@ -336,7 +344,7 @@ class BOTAN_DLL PK_Key_Agreement
* @param params_len the length of params in bytes
*/
SymmetricKey derive_key(size_t key_len,
- const MemoryRegion<byte>& in,
+ const std::vector<byte>& in,
const byte params[],
size_t params_len) const
{
@@ -367,7 +375,7 @@ class BOTAN_DLL PK_Key_Agreement
* @param params extra derivation params
*/
SymmetricKey derive_key(size_t key_len,
- const MemoryRegion<byte>& in,
+ const std::vector<byte>& in,
const std::string& params = "") const
{
return derive_key(key_len, &in[0], in.size(),
@@ -410,7 +418,7 @@ class BOTAN_DLL PK_Encryptor_EME : public PK_Encryptor
~PK_Encryptor_EME() { delete op; delete eme; }
private:
- SecureVector<byte> enc(const byte[], size_t,
+ std::vector<byte> enc(const byte[], size_t,
RandomNumberGenerator& rng) const;
PK_Ops::Encryption* op;
@@ -433,7 +441,7 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor
~PK_Decryptor_EME() { delete op; delete eme; }
private:
- SecureVector<byte> dec(const byte[], size_t) const;
+ secure_vector<byte> dec(const byte[], size_t) const;
PK_Ops::Decryption* op;
const EME* eme;
diff --git a/src/pubkey/rsa/rsa.cpp b/src/pubkey/rsa/rsa.cpp
index 2da366699..22474d7d5 100644
--- a/src/pubkey/rsa/rsa.cpp
+++ b/src/pubkey/rsa/rsa.cpp
@@ -88,7 +88,7 @@ BigInt RSA_Private_Operation::private_op(const BigInt& m) const
return mul_add(j1, q, j2);
}
-SecureVector<byte>
+secure_vector<byte>
RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
@@ -105,7 +105,7 @@ RSA_Private_Operation::sign(const byte msg[], size_t msg_len,
/*
* RSA Decryption Operation
*/
-SecureVector<byte>
+secure_vector<byte>
RSA_Private_Operation::decrypt(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
@@ -114,7 +114,7 @@ RSA_Private_Operation::decrypt(const byte msg[], size_t msg_len)
BOTAN_ASSERT(m == powermod_e_n(x),
"RSA private op failed consistency check");
- return BigInt::encode(x);
+ return BigInt::encode_locked(x);
}
}
diff --git a/src/pubkey/rsa/rsa.h b/src/pubkey/rsa/rsa.h
index dddecdbed..0942d92ad 100644
--- a/src/pubkey/rsa/rsa.h
+++ b/src/pubkey/rsa/rsa.h
@@ -24,7 +24,7 @@ class BOTAN_DLL RSA_PublicKey : public virtual IF_Scheme_PublicKey
std::string algo_name() const { return "RSA"; }
RSA_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
IF_Scheme_PublicKey(alg_id, key_bits)
{}
@@ -51,7 +51,7 @@ class BOTAN_DLL RSA_PrivateKey : public RSA_PublicKey,
bool check_key(RandomNumberGenerator& rng, bool) const;
RSA_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
IF_Scheme_PrivateKey(rng, alg_id, key_bits) {}
@@ -94,10 +94,10 @@ class BOTAN_DLL RSA_Private_Operation : public PK_Ops::Signature,
size_t max_input_bits() const { return (n.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
- SecureVector<byte> decrypt(const byte msg[], size_t msg_len);
+ secure_vector<byte> decrypt(const byte msg[], size_t msg_len);
private:
BigInt private_op(const BigInt& m) const;
@@ -124,17 +124,17 @@ class BOTAN_DLL RSA_Public_Operation : public PK_Ops::Verification,
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> encrypt(const byte msg[], size_t msg_len,
+ secure_vector<byte> encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator&)
{
BigInt m(msg, msg_len);
return BigInt::encode_1363(public_op(m), n.bytes());
}
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len)
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- return BigInt::encode(public_op(m));
+ return BigInt::encode_locked(public_op(m));
}
private:
diff --git a/src/pubkey/rw/rw.cpp b/src/pubkey/rw/rw.cpp
index dab84b59f..c41b18101 100644
--- a/src/pubkey/rw/rw.cpp
+++ b/src/pubkey/rw/rw.cpp
@@ -70,7 +70,7 @@ RW_Signature_Operation::RW_Signature_Operation(const RW_PrivateKey& rw) :
{
}
-SecureVector<byte>
+secure_vector<byte>
RW_Signature_Operation::sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
@@ -101,7 +101,7 @@ RW_Signature_Operation::sign(const byte msg[], size_t msg_len,
return BigInt::encode_1363(r, n.bytes());
}
-SecureVector<byte>
+secure_vector<byte>
RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
@@ -111,15 +111,15 @@ RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
BigInt r = powermod_e_n(m);
if(r % 16 == 12)
- return BigInt::encode(r);
+ return BigInt::encode_locked(r);
if(r % 8 == 6)
- return BigInt::encode(2*r);
+ return BigInt::encode_locked(2*r);
r = n - r;
if(r % 16 == 12)
- return BigInt::encode(r);
+ return BigInt::encode_locked(r);
if(r % 8 == 6)
- return BigInt::encode(2*r);
+ return BigInt::encode_locked(2*r);
throw Invalid_Argument("RW signature verification: Invalid signature");
}
diff --git a/src/pubkey/rw/rw.h b/src/pubkey/rw/rw.h
index b8d92eb3a..1e918e70c 100644
--- a/src/pubkey/rw/rw.h
+++ b/src/pubkey/rw/rw.h
@@ -24,7 +24,7 @@ class BOTAN_DLL RW_PublicKey : public virtual IF_Scheme_PublicKey
std::string algo_name() const { return "RW"; }
RW_PublicKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits) :
+ const secure_vector<byte>& key_bits) :
IF_Scheme_PublicKey(alg_id, key_bits)
{}
@@ -44,7 +44,7 @@ class BOTAN_DLL RW_PrivateKey : public RW_PublicKey,
{
public:
RW_PrivateKey(const AlgorithmIdentifier& alg_id,
- const MemoryRegion<byte>& key_bits,
+ const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng) :
IF_Scheme_PrivateKey(rng, alg_id, key_bits) {}
@@ -69,7 +69,7 @@ class BOTAN_DLL RW_Signature_Operation : public PK_Ops::Signature
size_t max_input_bits() const { return (n.bits() - 1); }
- SecureVector<byte> sign(const byte msg[], size_t msg_len,
+ secure_vector<byte> sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng);
private:
const BigInt& n;
@@ -95,7 +95,7 @@ class BOTAN_DLL RW_Verification_Operation : public PK_Ops::Verification
size_t max_input_bits() const { return (n.bits() - 1); }
bool with_recovery() const { return true; }
- SecureVector<byte> verify_mr(const byte msg[], size_t msg_len);
+ secure_vector<byte> verify_mr(const byte msg[], size_t msg_len);
private:
const BigInt& n;
diff --git a/src/pubkey/x509_key.cpp b/src/pubkey/x509_key.cpp
index 4714b1285..1b0ce46b3 100644
--- a/src/pubkey/x509_key.cpp
+++ b/src/pubkey/x509_key.cpp
@@ -18,14 +18,14 @@ namespace Botan {
namespace X509 {
-MemoryVector<byte> BER_encode(const Public_Key& key)
+std::vector<byte> BER_encode(const Public_Key& key)
{
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(key.algorithm_identifier())
.encode(key.x509_subject_public_key(), BIT_STRING)
.end_cons()
- .get_contents();
+ .get_contents_unlocked();
}
/*
@@ -44,7 +44,7 @@ Public_Key* load_key(DataSource& source)
{
try {
AlgorithmIdentifier alg_id;
- MemoryVector<byte> key_bits;
+ secure_vector<byte> key_bits;
if(ASN1::maybe_BER(source) && !PEM_Code::matches(source))
{
@@ -92,7 +92,7 @@ Public_Key* load_key(const std::string& fsname)
/*
* Extract a public key and return it
*/
-Public_Key* load_key(const MemoryRegion<byte>& mem)
+Public_Key* load_key(const secure_vector<byte>& mem)
{
DataSource_Memory source(mem);
return X509::load_key(source);
diff --git a/src/pubkey/x509_key.h b/src/pubkey/x509_key.h
index 3fdee8cde..9d4c883a1 100644
--- a/src/pubkey/x509_key.h
+++ b/src/pubkey/x509_key.h
@@ -26,7 +26,7 @@ namespace X509 {
* @param key the public key to encode
* @return BER encoding of this key
*/
-BOTAN_DLL MemoryVector<byte> BER_encode(const Public_Key& key);
+BOTAN_DLL std::vector<byte> BER_encode(const Public_Key& key);
/**
* PEM encode a public key into a string.
@@ -54,7 +54,7 @@ BOTAN_DLL Public_Key* load_key(const std::string& filename);
* @param enc the memory region containing the DER or PEM encoded key
* @return new public key object
*/
-BOTAN_DLL Public_Key* load_key(const MemoryRegion<byte>& enc);
+BOTAN_DLL Public_Key* load_key(const secure_vector<byte>& enc);
/**
* Copy a key.
diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp
index 311942c19..da7535b18 100644
--- a/src/rng/hmac_rng/hmac_rng.cpp
+++ b/src/rng/hmac_rng/hmac_rng.cpp
@@ -15,7 +15,7 @@ namespace Botan {
namespace {
void hmac_prf(MessageAuthenticationCode* prf,
- MemoryRegion<byte>& K,
+ secure_vector<byte>& K,
u32bit& counter,
const std::string& label)
{
@@ -200,7 +200,7 @@ HMAC_RNG::HMAC_RNG(MessageAuthenticationCode* extractor_mac,
the estimated entropy counter is high enough. That variable is only
set when a reseeding is performed.
*/
- MemoryVector<byte> prf_key(extractor->output_length());
+ secure_vector<byte> prf_key(extractor->output_length());
prf->set_key(prf_key);
/*
diff --git a/src/rng/hmac_rng/hmac_rng.h b/src/rng/hmac_rng/hmac_rng.h
index fc6a14f3a..1e70c00a7 100644
--- a/src/rng/hmac_rng/hmac_rng.h
+++ b/src/rng/hmac_rng/hmac_rng.h
@@ -51,7 +51,7 @@ class BOTAN_DLL HMAC_RNG : public RandomNumberGenerator
std::vector<EntropySource*> entropy_sources;
bool seeded;
- SecureVector<byte> K, io_buffer;
+ secure_vector<byte> K, io_buffer;
size_t user_input_len;
u32bit counter;
};
diff --git a/src/rng/randpool/randpool.cpp b/src/rng/randpool/randpool.cpp
index 51354db12..ef55f3975 100644
--- a/src/rng/randpool/randpool.cpp
+++ b/src/rng/randpool/randpool.cpp
@@ -56,7 +56,7 @@ void Randpool::update_buffer()
mac->update(static_cast<byte>(GEN_OUTPUT));
mac->update(counter);
- SecureVector<byte> mac_val = mac->final();
+ secure_vector<byte> mac_val = mac->final();
for(size_t i = 0; i != mac_val.size(); ++i)
buffer[i % buffer.size()] ^= mac_val[i];
@@ -112,7 +112,7 @@ void Randpool::reseed(size_t poll_bits)
}
}
- SecureVector<byte> mac_val = mac->final();
+ secure_vector<byte> mac_val = mac->final();
xor_buf(pool, mac_val, mac_val.size());
mix_pool();
@@ -126,7 +126,7 @@ void Randpool::reseed(size_t poll_bits)
*/
void Randpool::add_entropy(const byte input[], size_t length)
{
- SecureVector<byte> mac_val = mac->process(input, length);
+ secure_vector<byte> mac_val = mac->process(input, length);
xor_buf(pool, mac_val, mac_val.size());
mix_pool();
diff --git a/src/rng/randpool/randpool.h b/src/rng/randpool/randpool.h
index ed224221c..64572bcfb 100644
--- a/src/rng/randpool/randpool.h
+++ b/src/rng/randpool/randpool.h
@@ -52,7 +52,7 @@ class BOTAN_DLL Randpool : public RandomNumberGenerator
MessageAuthenticationCode* mac;
std::vector<EntropySource*> entropy_sources;
- SecureVector<byte> pool, buffer, counter;
+ secure_vector<byte> pool, buffer, counter;
bool seeded;
};
diff --git a/src/rng/rng.h b/src/rng/rng.h
index c078ef08f..12b423e7c 100644
--- a/src/rng/rng.h
+++ b/src/rng/rng.h
@@ -37,9 +37,9 @@ class BOTAN_DLL RandomNumberGenerator
* @param bytes number of bytes in the result
* @return randomized vector of length bytes
*/
- SecureVector<byte> random_vec(size_t bytes)
+ secure_vector<byte> random_vec(size_t bytes)
{
- SecureVector<byte> output(bytes);
+ secure_vector<byte> output(bytes);
randomize(&output[0], output.size());
return output;
}
diff --git a/src/rng/x931_rng/x931_rng.cpp b/src/rng/x931_rng/x931_rng.cpp
index ac77b4344..7562c7ad5 100644
--- a/src/rng/x931_rng/x931_rng.cpp
+++ b/src/rng/x931_rng/x931_rng.cpp
@@ -40,7 +40,7 @@ void ANSI_X931_RNG::update_buffer()
{
const size_t BLOCK_SIZE = cipher->block_size();
- SecureVector<byte> DT = prng->random_vec(BLOCK_SIZE);
+ secure_vector<byte> DT = prng->random_vec(BLOCK_SIZE);
cipher->encrypt(DT);
xor_buf(&R[0], &V[0], &DT[0], BLOCK_SIZE);
diff --git a/src/rng/x931_rng/x931_rng.h b/src/rng/x931_rng/x931_rng.h
index 41fa9328b..c8a1b8707 100644
--- a/src/rng/x931_rng/x931_rng.h
+++ b/src/rng/x931_rng/x931_rng.h
@@ -42,7 +42,7 @@ class BOTAN_DLL ANSI_X931_RNG : public RandomNumberGenerator
BlockCipher* cipher;
RandomNumberGenerator* prng;
- SecureVector<byte> V, R;
+ secure_vector<byte> V, R;
size_t position;
};
diff --git a/src/stream/arc4/arc4.h b/src/stream/arc4/arc4.h
index e3df97f83..8f8de87b6 100644
--- a/src/stream/arc4/arc4.h
+++ b/src/stream/arc4/arc4.h
@@ -44,9 +44,9 @@ class BOTAN_DLL ARC4 : public StreamCipher
const size_t SKIP;
byte X, Y;
- SecureVector<byte> state;
+ secure_vector<byte> state;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
size_t position;
};
diff --git a/src/stream/ctr/ctr.h b/src/stream/ctr/ctr.h
index 64b43b0f5..9f391da7e 100644
--- a/src/stream/ctr/ctr.h
+++ b/src/stream/ctr/ctr.h
@@ -48,7 +48,7 @@ class BOTAN_DLL CTR_BE : public StreamCipher
void increment_counter();
BlockCipher* permutation;
- SecureVector<byte> counter, buffer;
+ secure_vector<byte> counter, buffer;
size_t position;
};
diff --git a/src/stream/ofb/ofb.h b/src/stream/ofb/ofb.h
index c4d8b2601..9d4fd882f 100644
--- a/src/stream/ofb/ofb.h
+++ b/src/stream/ofb/ofb.h
@@ -47,7 +47,7 @@ class BOTAN_DLL OFB : public StreamCipher
void key_schedule(const byte key[], size_t key_len);
BlockCipher* permutation;
- SecureVector<byte> buffer;
+ secure_vector<byte> buffer;
size_t position;
};
diff --git a/src/stream/salsa20/salsa20.cpp b/src/stream/salsa20/salsa20.cpp
index 7d062befe..65ee3d758 100644
--- a/src/stream/salsa20/salsa20.cpp
+++ b/src/stream/salsa20/salsa20.cpp
@@ -193,7 +193,7 @@ void Salsa20::set_iv(const byte iv[], size_t length)
state[8] = load_le<u32bit>(iv, 2);
state[9] = load_le<u32bit>(iv, 3);
- SecureVector<u32bit> hsalsa(8);
+ secure_vector<u32bit> hsalsa(8);
hsalsa20(&hsalsa[0], &state[0]);
state[ 1] = hsalsa[0];
diff --git a/src/stream/salsa20/salsa20.h b/src/stream/salsa20/salsa20.h
index d9645015f..ac2a9b33a 100644
--- a/src/stream/salsa20/salsa20.h
+++ b/src/stream/salsa20/salsa20.h
@@ -38,8 +38,8 @@ class BOTAN_DLL Salsa20 : public StreamCipher
private:
void key_schedule(const byte key[], size_t key_len);
- SecureVector<u32bit> state;
- SecureVector<byte> buffer;
+ secure_vector<u32bit> state;
+ secure_vector<byte> buffer;
size_t position;
};
diff --git a/src/stream/turing/turing.cpp b/src/stream/turing/turing.cpp
index 697c660ed..c455185b0 100644
--- a/src/stream/turing/turing.cpp
+++ b/src/stream/turing/turing.cpp
@@ -17,7 +17,7 @@ namespace {
/*
* Perform an N-way PHT
*/
-inline void PHT(MemoryRegion<u32bit>& B)
+inline void PHT(secure_vector<u32bit>& B)
{
u32bit sum = 0;
for(size_t i = 0; i < B.size() - 1; ++i)
@@ -284,7 +284,7 @@ void Turing::set_iv(const byte iv[], size_t length)
if(!valid_iv_length(length))
throw Invalid_IV_Length(name(), length);
- SecureVector<u32bit> IV(length / 4);
+ secure_vector<u32bit> IV(length / 4);
for(size_t i = 0; i != length; ++i)
IV[i/4] = (IV[i/4] << 8) + iv[i];
diff --git a/src/stream/turing/turing.h b/src/stream/turing/turing.h
index aff314080..84bfbe9c0 100644
--- a/src/stream/turing/turing.h
+++ b/src/stream/turing/turing.h
@@ -45,10 +45,10 @@ class BOTAN_DLL Turing : public StreamCipher
static const u32bit Q_BOX[256];
static const byte SBOX[256];
- SecureVector<u32bit> S0, S1, S2, S3;
- SecureVector<u32bit> R;
- SecureVector<u32bit> K;
- SecureVector<byte> buffer;
+ secure_vector<u32bit> S0, S1, S2, S3;
+ secure_vector<u32bit> R;
+ secure_vector<u32bit> K;
+ secure_vector<byte> buffer;
size_t position;
};
diff --git a/src/stream/wid_wake/wid_wake.h b/src/stream/wid_wake/wid_wake.h
index 05842a574..ca8d9a316 100644
--- a/src/stream/wid_wake/wid_wake.h
+++ b/src/stream/wid_wake/wid_wake.h
@@ -45,10 +45,10 @@ class BOTAN_DLL WiderWake_41_BE : public StreamCipher
void generate(size_t);
- SecureVector<u32bit> T;
- SecureVector<u32bit> state;
- SecureVector<u32bit> t_key;
- SecureVector<byte> buffer;
+ secure_vector<u32bit> T;
+ secure_vector<u32bit> state;
+ secure_vector<u32bit> t_key;
+ secure_vector<byte> buffer;
size_t position;
};
diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp
index df3957a4b..e63dc91ba 100644
--- a/src/tls/c_hello.cpp
+++ b/src/tls/c_hello.cpp
@@ -21,14 +21,14 @@ enum {
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF
};
-MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng)
+std::vector<byte> make_hello_random(RandomNumberGenerator& rng)
{
- MemoryVector<byte> buf(32);
+ std::vector<byte> buf(32);
const u32bit time32 = static_cast<u32bit>(
std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
- store_be(time32, buf);
+ store_be(time32, &buf[0]);
rng.randomize(&buf[4], buf.size() - 4);
return buf;
}
@@ -44,7 +44,7 @@ Hello_Request::Hello_Request(Record_Writer& writer)
/*
* Deserialize a Hello Request message
*/
-Hello_Request::Hello_Request(const MemoryRegion<byte>& buf)
+Hello_Request::Hello_Request(const std::vector<byte>& buf)
{
if(buf.size())
throw Decoding_Error("Bad Hello_Request, has non-zero size");
@@ -53,9 +53,9 @@ Hello_Request::Hello_Request(const MemoryRegion<byte>& buf)
/*
* Serialize a Hello Request message
*/
-MemoryVector<byte> Hello_Request::serialize() const
+std::vector<byte> Hello_Request::serialize() const
{
- return MemoryVector<byte>();
+ return std::vector<byte>();
}
/*
@@ -65,7 +65,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool next_protocol,
const std::string& hostname,
const std::string& srp_identifier) :
@@ -101,7 +101,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
const Session& session,
bool next_protocol) :
m_version(session.version()),
@@ -140,7 +140,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
/*
* Read a counterparty client hello
*/
-Client_Hello::Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type)
+Client_Hello::Client_Hello(const std::vector<byte>& buf, Handshake_Type type)
{
m_next_protocol = false;
m_secure_renegotiation = false;
@@ -158,9 +158,9 @@ Client_Hello::Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type)
/*
* Serialize a Client Hello message
*/
-MemoryVector<byte> Client_Hello::serialize() const
+std::vector<byte> Client_Hello::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
buf.push_back(m_version.major_version());
buf.push_back(m_version.minor_version());
@@ -202,7 +202,7 @@ MemoryVector<byte> Client_Hello::serialize() const
return buf;
}
-void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
+void Client_Hello::deserialize_sslv2(const std::vector<byte>& buf)
{
if(buf.size() < 12 || buf[0] != 1)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
@@ -243,7 +243,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
/*
* Deserialize a Client Hello message
*/
-void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
+void Client_Hello::deserialize(const std::vector<byte>& buf)
{
if(buf.size() == 0)
throw Decoding_Error("Client_Hello: Packet corrupted");
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp
index f97081383..5ff9ec1ce 100644
--- a/src/tls/c_kex.cpp
+++ b/src/tls/c_kex.cpp
@@ -26,7 +26,7 @@ namespace TLS {
namespace {
-SecureVector<byte> strip_leading_zeros(const MemoryRegion<byte>& input)
+secure_vector<byte> strip_leading_zeros(const secure_vector<byte>& input)
{
size_t leading_zeros = 0;
@@ -37,8 +37,8 @@ SecureVector<byte> strip_leading_zeros(const MemoryRegion<byte>& input)
++leading_zeros;
}
- SecureVector<byte> output(&input[leading_zeros],
- input.size() - leading_zeros);
+ secure_vector<byte> output(&input[leading_zeros],
+ &input[input.size()-1]);
return output;
}
@@ -76,7 +76,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
SymmetricKey psk = creds.psk("tls-client", hostname, psk_identity);
- MemoryVector<byte> zeros(psk.length());
+ std::vector<byte> zeros(psk.length());
append_tls_length_value(pre_master, zeros, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
@@ -124,7 +124,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Key_Agreement ka(priv_key, "Raw");
- SecureVector<byte> dh_secret = strip_leading_zeros(
+ secure_vector<byte> dh_secret = strip_leading_zeros(
ka.derive_key(0, counterparty_key.public_value()).bits_of());
if(kex_algo == "DH")
@@ -153,7 +153,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
EC_Group group(name);
- MemoryVector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
ECDH_PublicKey counterparty_key(group, OS2ECP(ecdh_key, group.get_curve()));
@@ -161,7 +161,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Key_Agreement ka(priv_key, "Raw");
- SecureVector<byte> ecdh_secret = ka.derive_key(0, counterparty_key.public_value()).bits_of();
+ secure_vector<byte> ecdh_secret = ka.derive_key(0, counterparty_key.public_value()).bits_of();
if(kex_algo == "ECDH")
pre_master = ecdh_secret;
@@ -177,7 +177,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
{
const BigInt N = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
- MemoryVector<byte> salt = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> salt = reader.get_range<byte>(1, 1, 255);
const BigInt B = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const std::string srp_group = srp6_group_identifier(N, g);
@@ -228,7 +228,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Encryptor_EME encryptor(*rsa_pub, "PKCS1v15");
- MemoryVector<byte> encrypted_key = encryptor.encrypt(pre_master, rng);
+ std::vector<byte> encrypted_key = encryptor.encrypt(pre_master, rng);
if(state->version() == Protocol_Version::SSL_V3)
key_material = encrypted_key; // no length field
@@ -247,7 +247,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
/*
* Read a Client Key Exchange message
*/
-Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
+Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents,
const Handshake_State* state,
Credentials_Manager& creds,
const Policy& policy,
@@ -326,7 +326,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
if(kex_algo == "PSK")
{
- MemoryVector<byte> zeros(psk.length());
+ std::vector<byte> zeros(psk.length());
append_tls_length_value(pre_master, zeros, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
}
@@ -352,14 +352,14 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
{
PK_Key_Agreement ka(*ka_key, "Raw");
- MemoryVector<byte> client_pubkey;
+ std::vector<byte> client_pubkey;
if(ka_key->algo_name() == "DH")
client_pubkey = reader.get_range<byte>(2, 0, 65535);
else
client_pubkey = reader.get_range<byte>(1, 0, 255);
- SecureVector<byte> shared_secret = ka.derive_key(0, client_pubkey).bits_of();
+ secure_vector<byte> shared_secret = ka.derive_key(0, client_pubkey).bits_of();
if(ka_key->algo_name() == "DH")
shared_secret = strip_leading_zeros(shared_secret);
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index 1b686c1c4..6ec5339bb 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -80,7 +80,7 @@ Certificate_Req::Certificate_Req(Record_Writer& writer,
/**
* Deserialize a Certificate Request message
*/
-Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf,
+Certificate_Req::Certificate_Req(const std::vector<byte>& buf,
Protocol_Version version)
{
if(buf.size() < 4)
@@ -141,9 +141,9 @@ Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf,
/**
* Serialize a Certificate Request message
*/
-MemoryVector<byte> Certificate_Req::serialize() const
+std::vector<byte> Certificate_Req::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
std::vector<byte> cert_types;
@@ -155,7 +155,7 @@ MemoryVector<byte> Certificate_Req::serialize() const
if(!m_supported_algos.empty())
buf += Signature_Algorithms(m_supported_algos).serialize();
- MemoryVector<byte> encoded_names;
+ std::vector<byte> encoded_names;
for(size_t i = 0; i != names.size(); ++i)
{
@@ -184,7 +184,7 @@ Certificate::Certificate(Record_Writer& writer,
/**
* Deserialize a Certificate message
*/
-Certificate::Certificate(const MemoryRegion<byte>& buf)
+Certificate::Certificate(const std::vector<byte>& buf)
{
if(buf.size() < 3)
throw Decoding_Error("Certificate: Message malformed");
@@ -196,14 +196,14 @@ Certificate::Certificate(const MemoryRegion<byte>& buf)
const byte* certs = &buf[3];
- while(certs != buf.end())
+ while(size_t remaining_bytes = &buf[buf.size()] - certs)
{
- if(buf.end() - certs < 3)
+ if(remaining_bytes < 3)
throw Decoding_Error("Certificate: Message malformed");
const size_t cert_size = make_u32bit(0, certs[0], certs[1], certs[2]);
- if(buf.end() - certs < (3 + cert_size))
+ if(remaining_bytes < (3 + cert_size))
throw Decoding_Error("Certificate: Message malformed");
DataSource_Memory cert_buf(&certs[3], cert_size);
@@ -216,13 +216,13 @@ Certificate::Certificate(const MemoryRegion<byte>& buf)
/**
* Serialize a Certificate message
*/
-MemoryVector<byte> Certificate::serialize() const
+std::vector<byte> Certificate::serialize() const
{
- MemoryVector<byte> buf(3);
+ std::vector<byte> buf(3);
for(size_t i = 0; i != m_certs.size(); ++i)
{
- MemoryVector<byte> raw_cert = m_certs[i].BER_encode();
+ std::vector<byte> raw_cert = m_certs[i].BER_encode();
const size_t cert_size = raw_cert.size();
for(size_t i = 0; i != 3; ++i)
buf.push_back(get_byte<u32bit>(i+1, cert_size));
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp
index 0a377b35f..e6d90b060 100644
--- a/src/tls/cert_ver.cpp
+++ b/src/tls/cert_ver.cpp
@@ -33,7 +33,7 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
if(state->version() == Protocol_Version::SSL_V3)
{
- SecureVector<byte> md5_sha = state->hash.final_ssl3(
+ secure_vector<byte> md5_sha = state->hash.final_ssl3(
state->keys.master_secret());
if(priv_key->algo_name() == "DSA")
@@ -52,7 +52,7 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
/*
* Deserialize a Certificate Verify message
*/
-Certificate_Verify::Certificate_Verify(const MemoryRegion<byte>& buf,
+Certificate_Verify::Certificate_Verify(const std::vector<byte>& buf,
Protocol_Version version)
{
TLS_Data_Reader reader(buf);
@@ -69,9 +69,9 @@ Certificate_Verify::Certificate_Verify(const MemoryRegion<byte>& buf,
/*
* Serialize a Certificate Verify message
*/
-MemoryVector<byte> Certificate_Verify::serialize() const
+std::vector<byte> Certificate_Verify::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
if(hash_algo != "" && sig_algo != "")
{
@@ -102,7 +102,7 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
if(state->version() == Protocol_Version::SSL_V3)
{
- SecureVector<byte> md5_sha = state->hash.final_ssl3(
+ secure_vector<byte> md5_sha = state->hash.final_ssl3(
state->keys.master_secret());
return verifier.verify_message(&md5_sha[16], md5_sha.size()-16,
diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp
index bb6e8d20e..c8ae4a343 100644
--- a/src/tls/finished.cpp
+++ b/src/tls/finished.cpp
@@ -18,7 +18,7 @@ namespace {
/*
* Compute the verify_data
*/
-MemoryVector<byte> finished_compute_verify(Handshake_State* state,
+std::vector<byte> finished_compute_verify(Handshake_State* state,
Connection_Side side)
{
if(state->version() == Protocol_Version::SSL_V3)
@@ -28,14 +28,14 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
Handshake_Hash hash = state->hash; // don't modify state
- MemoryVector<byte> ssl3_finished;
+ std::vector<byte> ssl3_finished;
if(side == CLIENT)
hash.update(SSL_CLIENT_LABEL, sizeof(SSL_CLIENT_LABEL));
else
hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
- return hash.final_ssl3(state->keys.master_secret());
+ return unlock(hash.final_ssl3(state->keys.master_secret()));
}
else
{
@@ -49,7 +49,7 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
std::unique_ptr<KDF> prf(state->protocol_specific_prf());
- MemoryVector<byte> input;
+ std::vector<byte> input;
if(side == CLIENT)
input += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL));
else
@@ -57,7 +57,7 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
input += state->hash.final(state->version(), state->suite.mac_algo());
- return prf->derive_key(12, state->keys.master_secret(), input);
+ return unlock(prf->derive_key(12, state->keys.master_secret(), input));
}
}
@@ -77,7 +77,7 @@ Finished::Finished(Record_Writer& writer,
/*
* Serialize a Finished message
*/
-MemoryVector<byte> Finished::serialize() const
+std::vector<byte> Finished::serialize() const
{
return verification_data;
}
@@ -85,7 +85,7 @@ MemoryVector<byte> Finished::serialize() const
/*
* Deserialize a Finished message
*/
-Finished::Finished(const MemoryRegion<byte>& buf)
+Finished::Finished(const std::vector<byte>& buf)
{
verification_data = buf;
}
diff --git a/src/tls/hello_verify.cpp b/src/tls/hello_verify.cpp
index e844d7f72..c77076e4c 100644
--- a/src/tls/hello_verify.cpp
+++ b/src/tls/hello_verify.cpp
@@ -13,7 +13,7 @@ namespace Botan {
namespace TLS {
-Hello_Verify_Request::Hello_Verify_Request(const MemoryRegion<byte>& buf)
+Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& buf)
{
if(buf.size() < 3)
throw Decoding_Error("Hello verify request too small");
@@ -25,7 +25,7 @@ Hello_Verify_Request::Hello_Verify_Request(const MemoryRegion<byte>& buf)
copy_mem(&m_cookie[0], &buf[2], buf.size() - 2);
}
-Hello_Verify_Request::Hello_Verify_Request(const MemoryVector<byte>& client_hello_bits,
+Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
const SymmetricKey& secret_key)
{
@@ -37,10 +37,10 @@ Hello_Verify_Request::Hello_Verify_Request(const MemoryVector<byte>& client_hell
hmac->update_be(client_identity.size());
hmac->update(client_identity);
- m_cookie = hmac->final();
+ m_cookie = unlock(hmac->final());
}
-MemoryVector<byte> Hello_Verify_Request::serialize() const
+std::vector<byte> Hello_Verify_Request::serialize() const
{
/* DTLS 1.2 server implementations SHOULD use DTLS version 1.0
regardless of the version of TLS that is expected to be
@@ -49,7 +49,7 @@ MemoryVector<byte> Hello_Verify_Request::serialize() const
Protocol_Version format_version(Protocol_Version::TLS_V11);
- MemoryVector<byte> bits;
+ std::vector<byte> bits;
bits.push_back(format_version.major_version());
bits.push_back(format_version.minor_version());
bits += m_cookie;
diff --git a/src/tls/next_protocol.cpp b/src/tls/next_protocol.cpp
index 17b77fb6e..adf9acbe9 100644
--- a/src/tls/next_protocol.cpp
+++ b/src/tls/next_protocol.cpp
@@ -22,7 +22,7 @@ Next_Protocol::Next_Protocol(Record_Writer& writer,
hash.update(writer.send(*this));
}
-Next_Protocol::Next_Protocol(const MemoryRegion<byte>& buf)
+Next_Protocol::Next_Protocol(const std::vector<byte>& buf)
{
TLS_Data_Reader reader(buf);
@@ -31,9 +31,9 @@ Next_Protocol::Next_Protocol(const MemoryRegion<byte>& buf)
reader.get_range_vector<byte>(1, 0, 255); // padding, ignored
}
-MemoryVector<byte> Next_Protocol::serialize() const
+std::vector<byte> Next_Protocol::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
append_tls_length_value(buf,
reinterpret_cast<const byte*>(m_protocol.data()),
diff --git a/src/tls/rec_read.cpp b/src/tls/rec_read.cpp
index b240f4703..4a1d6aac1 100644
--- a/src/tls/rec_read.cpp
+++ b/src/tls/rec_read.cpp
@@ -165,7 +165,7 @@ size_t Record_Reader::fill_buffer_to(const byte*& input,
size_t Record_Reader::add_input(const byte input_array[], size_t input_sz,
size_t& consumed,
byte& msg_type,
- MemoryVector<byte>& msg)
+ std::vector<byte>& msg)
{
const byte* input = &input_array[0];
@@ -333,7 +333,7 @@ size_t Record_Reader::add_input(const byte input_array[], size_t input_sz,
++m_seq_no;
- m_mac->final(m_macbuf);
+ m_mac->final(&m_macbuf[0]);
const size_t mac_offset = record_len - (m_macbuf.size() + pad_size);
diff --git a/src/tls/rec_wri.cpp b/src/tls/rec_wri.cpp
index 3a54d7931..63383f85e 100644
--- a/src/tls/rec_wri.cpp
+++ b/src/tls/rec_wri.cpp
@@ -146,10 +146,10 @@ void Record_Writer::activate(Connection_Side side,
throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
}
-MemoryVector<byte> Record_Writer::send(Handshake_Message& msg)
+std::vector<byte> Record_Writer::send(Handshake_Message& msg)
{
- const MemoryVector<byte> buf = msg.serialize();
- MemoryVector<byte> send_buf(4);
+ const std::vector<byte> buf = msg.serialize();
+ std::vector<byte> send_buf(4);
const size_t buf_size = buf.size();
diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp
index 1244dd2d8..d4cc4a1ab 100644
--- a/src/tls/s_hello.cpp
+++ b/src/tls/s_hello.cpp
@@ -21,13 +21,13 @@ namespace TLS {
*/
Server_Hello::Server_Hello(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& session_id,
+ const std::vector<byte>& session_id,
Protocol_Version ver,
u16bit ciphersuite,
byte compression,
size_t max_fragment_size,
bool client_has_secure_renegotiation,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool offer_session_ticket,
bool client_has_npn,
const std::vector<std::string>& next_protocols,
@@ -53,7 +53,7 @@ Server_Hello::Server_Hello(Record_Writer& writer,
/*
* Deserialize a Server Hello message
*/
-Server_Hello::Server_Hello(const MemoryRegion<byte>& buf)
+Server_Hello::Server_Hello(const std::vector<byte>& buf)
{
m_secure_renegotiation = false;
m_supports_session_ticket = false;
@@ -118,9 +118,9 @@ Server_Hello::Server_Hello(const MemoryRegion<byte>& buf)
/*
* Serialize a Server Hello message
*/
-MemoryVector<byte> Server_Hello::serialize() const
+std::vector<byte> Server_Hello::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
buf.push_back(m_version.major_version());
buf.push_back(m_version.minor_version());
@@ -167,7 +167,7 @@ Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
/*
* Deserialize a Server Hello Done message
*/
-Server_Hello_Done::Server_Hello_Done(const MemoryRegion<byte>& buf)
+Server_Hello_Done::Server_Hello_Done(const std::vector<byte>& buf)
{
if(buf.size())
throw Decoding_Error("Server_Hello_Done: Must be empty, and is not");
@@ -176,9 +176,9 @@ Server_Hello_Done::Server_Hello_Done(const MemoryRegion<byte>& buf)
/*
* Serialize a Server Hello Done message
*/
-MemoryVector<byte> Server_Hello_Done::serialize() const
+std::vector<byte> Server_Hello_Done::serialize() const
{
- return MemoryVector<byte>();
+ return std::vector<byte>();
}
}
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp
index 34cd872ac..d28b44857 100644
--- a/src/tls/s_kex.cpp
+++ b/src/tls/s_kex.cpp
@@ -95,7 +95,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
std::string group_id;
BigInt v;
- MemoryVector<byte> salt;
+ std::vector<byte> salt;
const bool found = creds.srp_verifier("tls-server", hostname,
srp_identifier,
@@ -142,7 +142,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
/**
* Deserialize a Server Key Exchange message
*/
-Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
+Server_Key_Exchange::Server_Key_Exchange(const std::vector<byte>& buf,
const std::string& kex_algo,
const std::string& sig_algo,
Protocol_Version version) :
@@ -186,7 +186,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
const std::string name = Supported_Elliptic_Curves::curve_id_to_name(curve_id);
- MemoryVector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
if(name == "")
throw Decoding_Error("Server_Key_Exchange: Server sent unknown named curve " +
@@ -203,7 +203,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
const BigInt N = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
- MemoryVector<byte> salt = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> salt = reader.get_range<byte>(1, 1, 255);
const BigInt B = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
append_tls_length_value(m_params, BigInt::encode(N), 2);
@@ -236,9 +236,9 @@ Server_Key_Exchange::~Server_Key_Exchange()
/**
* Serialize a Server Key Exchange message
*/
-MemoryVector<byte> Server_Key_Exchange::serialize() const
+std::vector<byte> Server_Key_Exchange::serialize() const
{
- MemoryVector<byte> buf = params();
+ std::vector<byte> buf = params();
if(m_signature.size())
{
diff --git a/src/tls/session_ticket.cpp b/src/tls/session_ticket.cpp
index 273996a16..8cee2a454 100644
--- a/src/tls/session_ticket.cpp
+++ b/src/tls/session_ticket.cpp
@@ -17,7 +17,7 @@ namespace TLS {
New_Session_Ticket::New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
u32bit lifetime) :
m_ticket_lifetime_hint(lifetime),
m_ticket(ticket)
@@ -32,7 +32,7 @@ New_Session_Ticket::New_Session_Ticket(Record_Writer& writer,
hash.update(writer.send(*this));
}
-New_Session_Ticket::New_Session_Ticket(const MemoryRegion<byte>& buf) :
+New_Session_Ticket::New_Session_Ticket(const std::vector<byte>& buf) :
m_ticket_lifetime_hint(0)
{
if(buf.size() < 6)
@@ -44,9 +44,9 @@ New_Session_Ticket::New_Session_Ticket(const MemoryRegion<byte>& buf) :
m_ticket = reader.get_range<byte>(2, 0, 65535);
}
-MemoryVector<byte> New_Session_Ticket::serialize() const
+std::vector<byte> New_Session_Ticket::serialize() const
{
- MemoryVector<byte> buf(4);
+ std::vector<byte> buf(4);
store_be(m_ticket_lifetime_hint, &buf[0]);
append_tls_length_value(buf, m_ticket, 2);
return buf;
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
index f4d0e1034..b6aaa3498 100644
--- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
+++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
@@ -53,7 +53,7 @@ class sqlite3_statement
bind(column, timeval);
}
- void bind(int column, const MemoryRegion<byte>& val)
+ void bind(int column, const std::vector<byte>& val)
{
int rc = sqlite3_bind_blob(m_stmt, column, &val[0], val.size(), SQLITE_TRANSIENT);
if(rc != SQLITE_OK)
@@ -137,7 +137,7 @@ SymmetricKey derive_key(const std::string& passphrase,
{
std::unique_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(SHA-512)"));
- SecureVector<byte> x = pbkdf->derive_key(32 + 3,
+ std::vector<byte> x = pbkdf->derive_key(32 + 3,
passphrase,
salt, salt_len,
iterations).bits_of();
@@ -217,7 +217,7 @@ Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase,
// new database case
- MemoryVector<byte> salt = rng.random_vec(16);
+ std::vector<byte> salt = rng.random_vec(16);
const size_t iterations = 64 * 1024;
size_t check_val = 0;
@@ -240,7 +240,7 @@ Session_Manager_SQLite::~Session_Manager_SQLite()
sqlite3_close(m_db);
}
-bool Session_Manager_SQLite::load_from_session_id(const MemoryRegion<byte>& session_id,
+bool Session_Manager_SQLite::load_from_session_id(const std::vector<byte>& session_id,
Session& session)
{
sqlite3_statement stmt(m_db, "select session from tls_sessions where session_id = ?1");
@@ -300,7 +300,7 @@ bool Session_Manager_SQLite::load_from_host_info(const std::string& hostname,
return false;
}
-void Session_Manager_SQLite::remove_entry(const MemoryRegion<byte>& session_id)
+void Session_Manager_SQLite::remove_entry(const std::vector<byte>& session_id)
{
sqlite3_statement stmt(m_db, "delete from tls_sessions where session_id = ?1");
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
index cac7affd0..923915496 100644
--- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
+++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
@@ -40,13 +40,13 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager
~Session_Manager_SQLite();
- bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ bool load_from_session_id(const std::vector<byte>& session_id,
Session& session);
bool load_from_host_info(const std::string& hostname, u16bit port,
Session& session);
- void remove_entry(const MemoryRegion<byte>& session_id);
+ void remove_entry(const std::vector<byte>& session_id);
void save(const Session& session_data);
diff --git a/src/tls/tls_alert.cpp b/src/tls/tls_alert.cpp
index dee082bac..5bc2e7484 100644
--- a/src/tls/tls_alert.cpp
+++ b/src/tls/tls_alert.cpp
@@ -12,7 +12,7 @@ namespace Botan {
namespace TLS {
-Alert::Alert(const MemoryRegion<byte>& buf)
+Alert::Alert(const std::vector<byte>& buf)
{
if(buf.size() != 2)
throw Decoding_Error("Alert: Bad size " + std::to_string(buf.size()) +
diff --git a/src/tls/tls_alert.h b/src/tls/tls_alert.h
index 3dfff3d29..b3001f259 100644
--- a/src/tls/tls_alert.h
+++ b/src/tls/tls_alert.h
@@ -82,7 +82,7 @@ class BOTAN_DLL Alert
* Deserialize an Alert message
* @param buf the serialized alert
*/
- Alert(const MemoryRegion<byte>& buf);
+ Alert(const std::vector<byte>& buf);
Alert(Type alert_type, bool is_fatal = false) :
fatal(is_fatal), type_code(alert_type) {}
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 7a66eb946..ff6722b5e 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -43,7 +43,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
while(buf_size)
{
byte rec_type = CONNECTION_CLOSED;
- MemoryVector<byte> record;
+ std::vector<byte> record;
size_t consumed = 0;
const size_t needed = reader.add_input(buf, buf_size,
@@ -67,12 +67,12 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
{
Heartbeat_Message heartbeat(record);
- const MemoryRegion<byte>& payload = heartbeat.payload();
+ const std::vector<byte>& payload = heartbeat.payload();
if(heartbeat.is_request() && !state)
{
Heartbeat_Message response(Heartbeat_Message::RESPONSE,
- payload, payload.size());
+ &payload[0], payload.size());
writer.send(HEARTBEAT, response.contents());
}
@@ -159,7 +159,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
* Split up and process handshake messages
*/
void Channel::read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf)
+ const std::vector<byte>& rec_buf)
{
if(rec_type == HANDSHAKE)
{
@@ -178,7 +178,7 @@ void Channel::read_handshake(byte rec_type,
{
if(state->handshake_reader()->have_full_record())
{
- std::pair<Handshake_Type, MemoryVector<byte> > msg =
+ std::pair<Handshake_Type, std::vector<byte> > msg =
state->handshake_reader()->get_next_record();
process_handshake_msg(msg.first, msg.second);
}
@@ -188,7 +188,7 @@ void Channel::read_handshake(byte rec_type,
else if(rec_type == CHANGE_CIPHER_SPEC)
{
if(state->handshake_reader()->empty() && rec_buf.size() == 1 && rec_buf[0] == 1)
- process_handshake_msg(HANDSHAKE_CCS, MemoryVector<byte>());
+ process_handshake_msg(HANDSHAKE_CCS, std::vector<byte>());
else
throw Decoding_Error("Malformed ChangeCipherSpec message");
}
@@ -259,7 +259,7 @@ void Channel::Secure_Renegotiation_State::update(Client_Hello* client_hello)
if(client_hello->secure_renegotiation())
{
- const MemoryVector<byte>& data = client_hello->renegotiation_info();
+ const std::vector<byte>& data = client_hello->renegotiation_info();
if(initial_handshake)
{
@@ -294,7 +294,7 @@ void Channel::Secure_Renegotiation_State::update(Server_Hello* server_hello)
if(secure_renegotiation)
{
- const MemoryVector<byte>& data = server_hello->renegotiation_info();
+ const std::vector<byte>& data = server_hello->renegotiation_info();
if(initial_handshake)
{
diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h
index d1131460b..46dafc416 100644
--- a/src/tls/tls_channel.h
+++ b/src/tls/tls_channel.h
@@ -92,10 +92,10 @@ class BOTAN_DLL Channel
void send_alert(const Alert& alert);
virtual void read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf);
+ const std::vector<byte>& rec_buf);
virtual void process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents) = 0;
+ const std::vector<byte>& contents) = 0;
virtual void alert_notify(const Alert& alert) = 0;
@@ -122,12 +122,12 @@ class BOTAN_DLL Channel
void update(class Finished* client_finished,
class Finished* server_finished);
- const MemoryVector<byte>& for_client_hello() const
+ const std::vector<byte>& for_client_hello() const
{ return client_verify; }
- MemoryVector<byte> for_server_hello() const
+ std::vector<byte> for_server_hello() const
{
- MemoryVector<byte> buf = client_verify;
+ std::vector<byte> buf = client_verify;
buf += server_verify;
return buf;
}
@@ -137,7 +137,7 @@ class BOTAN_DLL Channel
private:
bool initial_handshake;
bool secure_renegotiation;
- MemoryVector<byte> client_verify, server_verify;
+ std::vector<byte> client_verify, server_verify;
};
Secure_Renegotiation_State secure_renegotiation;
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index dd17db2cf..feb9ef85f 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -141,7 +141,7 @@ void Client::alert_notify(const Alert& alert)
* Process a handshake message
*/
void Client::process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents)
+ const std::vector<byte>& contents)
{
if(state == 0)
throw Unexpected_Message("Unexpected handshake message from server");
@@ -446,9 +446,9 @@ void Client::process_handshake_msg(Handshake_Type type,
secure_renegotiation.update(state->client_finished, state->server_finished);
- MemoryVector<byte> session_id = state->server_hello->session_id();
+ std::vector<byte> session_id = state->server_hello->session_id();
- const MemoryRegion<byte>& session_ticket = state->session_ticket();
+ const std::vector<byte>& session_ticket = state->session_ticket();
if(session_id.empty() && !session_ticket.empty())
session_id = make_hello_random(rng);
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index 297c5f611..2844780bd 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -56,7 +56,7 @@ class BOTAN_DLL Client : public Channel
void renegotiate(bool force_full_renegotiation);
private:
void process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents);
+ const std::vector<byte>& contents) override;
void alert_notify(const Alert& alert);
diff --git a/src/tls/tls_extensions.cpp b/src/tls/tls_extensions.cpp
index 6d69bfb9b..0f4e3176e 100644
--- a/src/tls/tls_extensions.cpp
+++ b/src/tls/tls_extensions.cpp
@@ -81,9 +81,9 @@ Extensions::Extensions(TLS_Data_Reader& reader)
}
}
-MemoryVector<byte> Extensions::serialize() const
+std::vector<byte> Extensions::serialize() const
{
- MemoryVector<byte> buf(2); // 2 bytes for length field
+ std::vector<byte> buf(2); // 2 bytes for length field
for(std::map<Handshake_Extension_Type, Extension*>::const_iterator i = extensions.begin();
i != extensions.end(); ++i)
@@ -93,7 +93,7 @@ MemoryVector<byte> Extensions::serialize() const
const u16bit extn_code = i->second->type();
- MemoryVector<byte> extn_val = i->second->serialize();
+ std::vector<byte> extn_val = i->second->serialize();
buf.push_back(get_byte(0, extn_code));
buf.push_back(get_byte(1, extn_code));
@@ -111,7 +111,7 @@ MemoryVector<byte> Extensions::serialize() const
// avoid sending a completely empty extensions block
if(buf.size() == 2)
- return MemoryVector<byte>();
+ return std::vector<byte>();
return buf;
}
@@ -159,9 +159,9 @@ Server_Name_Indicator::Server_Name_Indicator(TLS_Data_Reader& reader,
}
}
-MemoryVector<byte> Server_Name_Indicator::serialize() const
+std::vector<byte> Server_Name_Indicator::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
size_t name_len = sni_host_name.size();
@@ -188,9 +188,9 @@ SRP_Identifier::SRP_Identifier(TLS_Data_Reader& reader,
throw Decoding_Error("Bad encoding for SRP identifier extension");
}
-MemoryVector<byte> SRP_Identifier::serialize() const
+std::vector<byte> SRP_Identifier::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
const byte* srp_bytes =
reinterpret_cast<const byte*>(srp_identifier.data());
@@ -209,9 +209,9 @@ Renegotation_Extension::Renegotation_Extension(TLS_Data_Reader& reader,
throw Decoding_Error("Bad encoding for secure renegotiation extn");
}
-MemoryVector<byte> Renegotation_Extension::serialize() const
+std::vector<byte> Renegotation_Extension::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
append_tls_length_value(buf, reneg_data, 1);
return buf;
}
@@ -279,9 +279,9 @@ Next_Protocol_Notification::Next_Protocol_Notification(TLS_Data_Reader& reader,
}
}
-MemoryVector<byte> Next_Protocol_Notification::serialize() const
+std::vector<byte> Next_Protocol_Notification::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
for(size_t i = 0; i != m_protocols.size(); ++i)
{
@@ -356,9 +356,9 @@ u16bit Supported_Elliptic_Curves::name_to_curve_id(const std::string& name)
throw Invalid_Argument("name_to_curve_id unknown name " + name);
}
-MemoryVector<byte> Supported_Elliptic_Curves::serialize() const
+std::vector<byte> Supported_Elliptic_Curves::serialize() const
{
- MemoryVector<byte> buf(2);
+ std::vector<byte> buf(2);
for(size_t i = 0; i != m_curves.size(); ++i)
{
@@ -466,9 +466,9 @@ byte Signature_Algorithms::sig_algo_code(const std::string& name)
throw Internal_Error("Unknown sig ID " + name + " for signature_algorithms");
}
-MemoryVector<byte> Signature_Algorithms::serialize() const
+std::vector<byte> Signature_Algorithms::serialize() const
{
- MemoryVector<byte> buf(2);
+ std::vector<byte> buf(2);
for(size_t i = 0; i != m_supported_algos.size(); ++i)
{
@@ -516,7 +516,7 @@ Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader,
Session_Ticket::Session_Ticket(TLS_Data_Reader& reader,
u16bit extension_size)
{
- m_ticket = reader.get_elem<byte, MemoryVector<byte> >(extension_size);
+ m_ticket = reader.get_elem<byte, std::vector<byte> >(extension_size);
}
}
diff --git a/src/tls/tls_extensions.h b/src/tls/tls_extensions.h
index 3fe3f7399..885851c95 100644
--- a/src/tls/tls_extensions.h
+++ b/src/tls/tls_extensions.h
@@ -49,7 +49,7 @@ class Extension
public:
virtual Handshake_Extension_Type type() const = 0;
- virtual MemoryVector<byte> serialize() const = 0;
+ virtual std::vector<byte> serialize() const = 0;
virtual bool empty() const = 0;
@@ -75,7 +75,7 @@ class Server_Name_Indicator : public Extension
std::string host_name() const { return sni_host_name; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return sni_host_name == ""; }
private:
@@ -101,7 +101,7 @@ class SRP_Identifier : public Extension
std::string identifier() const { return srp_identifier; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return srp_identifier == ""; }
private:
@@ -121,20 +121,20 @@ class Renegotation_Extension : public Extension
Renegotation_Extension() {}
- Renegotation_Extension(const MemoryRegion<byte>& bits) :
+ Renegotation_Extension(const std::vector<byte>& bits) :
reneg_data(bits) {}
Renegotation_Extension(TLS_Data_Reader& reader,
u16bit extension_size);
- const MemoryVector<byte>& renegotiation_info() const
+ const std::vector<byte>& renegotiation_info() const
{ return reneg_data; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; } // always send this
private:
- MemoryVector<byte> reneg_data;
+ std::vector<byte> reneg_data;
};
/**
@@ -152,9 +152,9 @@ class Maximum_Fragment_Length : public Extension
size_t fragment_size() const;
- MemoryVector<byte> serialize() const
+ std::vector<byte> serialize() const
{
- return MemoryVector<byte>(&val, 1);
+ return std::vector<byte>(1, val);
}
/**
@@ -204,7 +204,7 @@ class Next_Protocol_Notification : public Extension
Next_Protocol_Notification(TLS_Data_Reader& reader,
u16bit extension_size);
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
private:
@@ -219,7 +219,7 @@ class Session_Ticket : public Extension
Handshake_Extension_Type type() const { return static_type(); }
- const MemoryVector<byte>& contents() const { return m_ticket; }
+ const std::vector<byte>& contents() const { return m_ticket; }
/**
* Create empty extension, used by both client and server
@@ -229,7 +229,7 @@ class Session_Ticket : public Extension
/**
* Extension with ticket, used by client
*/
- Session_Ticket(const MemoryRegion<byte>& session_ticket) :
+ Session_Ticket(const std::vector<byte>& session_ticket) :
m_ticket(session_ticket) {}
/**
@@ -237,11 +237,11 @@ class Session_Ticket : public Extension
*/
Session_Ticket(TLS_Data_Reader& reader, u16bit extension_size);
- MemoryVector<byte> serialize() const { return m_ticket; }
+ std::vector<byte> serialize() const { return m_ticket; }
bool empty() const { return false; }
private:
- MemoryVector<byte> m_ticket;
+ std::vector<byte> m_ticket;
};
/**
@@ -260,7 +260,7 @@ class Supported_Elliptic_Curves : public Extension
const std::vector<std::string>& curves() const { return m_curves; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Supported_Elliptic_Curves(const std::vector<std::string>& curves) :
m_curves(curves) {}
@@ -296,7 +296,7 @@ class Signature_Algorithms : public Extension
return m_supported_algos;
}
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
@@ -322,7 +322,7 @@ class Heartbeat_Support_Indicator : public Extension
bool peer_allowed_to_send() const { return m_peer_allowed_to_send; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
@@ -360,7 +360,7 @@ class Extensions
extensions[extn->type()] = extn;
}
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Extensions() {}
diff --git a/src/tls/tls_handshake_hash.cpp b/src/tls/tls_handshake_hash.cpp
index 02516632e..df956e7bb 100644
--- a/src/tls/tls_handshake_hash.cpp
+++ b/src/tls/tls_handshake_hash.cpp
@@ -16,7 +16,7 @@ namespace Botan {
namespace TLS {
void Handshake_Hash::update(Handshake_Type handshake_type,
- const MemoryRegion<byte>& handshake_msg)
+ const std::vector<byte>& handshake_msg)
{
update(static_cast<byte>(handshake_type));
@@ -30,7 +30,7 @@ void Handshake_Hash::update(Handshake_Type handshake_type,
/**
* Return a TLS Handshake Hash
*/
-SecureVector<byte> Handshake_Hash::final(Protocol_Version version,
+secure_vector<byte> Handshake_Hash::final(Protocol_Version version,
const std::string& mac_algo)
{
Algorithm_Factory& af = global_state().algorithm_factory();
@@ -59,7 +59,7 @@ SecureVector<byte> Handshake_Hash::final(Protocol_Version version,
/**
* Return a SSLv3 Handshake Hash
*/
-SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
+secure_vector<byte> Handshake_Hash::final_ssl3(const secure_vector<byte>& secret)
{
const byte PAD_INNER = 0x36, PAD_OUTER = 0x5C;
@@ -79,7 +79,7 @@ SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
for(size_t i = 0; i != 40; ++i)
sha1->update(PAD_INNER);
- SecureVector<byte> inner_md5 = md5->final(), inner_sha1 = sha1->final();
+ secure_vector<byte> inner_md5 = md5->final(), inner_sha1 = sha1->final();
md5->update(secret);
sha1->update(secret);
@@ -92,7 +92,7 @@ SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
md5->update(inner_md5);
sha1->update(inner_sha1);
- SecureVector<byte> output;
+ secure_vector<byte> output;
output += md5->final();
output += sha1->final();
return output;
diff --git a/src/tls/tls_handshake_hash.h b/src/tls/tls_handshake_hash.h
index c13f97aa8..02943977f 100644
--- a/src/tls/tls_handshake_hash.h
+++ b/src/tls/tls_handshake_hash.h
@@ -27,25 +27,28 @@ class Handshake_Hash
void update(const byte in[], size_t length)
{ data += std::make_pair(in, length); }
- void update(const MemoryRegion<byte>& in)
+ void update(const secure_vector<byte>& in)
+ { data += in; }
+
+ void update(const std::vector<byte>& in)
{ data += in; }
void update(byte in)
{ data.push_back(in); }
void update(Handshake_Type handshake_type,
- const MemoryRegion<byte>& handshake_msg);
+ const std::vector<byte>& handshake_msg);
- SecureVector<byte> final(Protocol_Version version,
+ secure_vector<byte> final(Protocol_Version version,
const std::string& mac_algo);
- SecureVector<byte> final_ssl3(const MemoryRegion<byte>& master_secret);
+ secure_vector<byte> final_ssl3(const secure_vector<byte>& master_secret);
- const SecureVector<byte>& get_contents() const
+ const secure_vector<byte>& get_contents() const
{ return data; }
private:
- SecureVector<byte> data;
+ secure_vector<byte> data;
};
}
diff --git a/src/tls/tls_handshake_reader.cpp b/src/tls/tls_handshake_reader.cpp
index 8278a2296..a3fe48f71 100644
--- a/src/tls/tls_handshake_reader.cpp
+++ b/src/tls/tls_handshake_reader.cpp
@@ -38,7 +38,7 @@ bool Stream_Handshake_Reader::have_full_record() const
return false;
}
-std::pair<Handshake_Type, MemoryVector<byte> > Stream_Handshake_Reader::get_next_record()
+std::pair<Handshake_Type, std::vector<byte> > Stream_Handshake_Reader::get_next_record()
{
if(m_queue.size() >= 4)
{
@@ -50,7 +50,7 @@ std::pair<Handshake_Type, MemoryVector<byte> > Stream_Handshake_Reader::get_next
if(m_queue.size() >= length + 4)
{
Handshake_Type type = static_cast<Handshake_Type>(head[0]);
- MemoryVector<byte> contents(length);
+ std::vector<byte> contents(length);
m_queue.read(head, 4); // discard
m_queue.read(&contents[0], contents.size());
diff --git a/src/tls/tls_handshake_reader.h b/src/tls/tls_handshake_reader.h
index 06a273ced..618e1878a 100644
--- a/src/tls/tls_handshake_reader.h
+++ b/src/tls/tls_handshake_reader.h
@@ -29,7 +29,7 @@ class Handshake_Reader
virtual bool have_full_record() const = 0;
- virtual std::pair<Handshake_Type, MemoryVector<byte> > get_next_record() = 0;
+ virtual std::pair<Handshake_Type, std::vector<byte> > get_next_record() = 0;
virtual ~Handshake_Reader() {}
};
@@ -46,7 +46,7 @@ class Stream_Handshake_Reader : public Handshake_Reader
bool have_full_record() const;
- std::pair<Handshake_Type, MemoryVector<byte> > get_next_record();
+ std::pair<Handshake_Type, std::vector<byte> > get_next_record();
private:
SecureQueue m_queue;
};
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index f5a9f899c..b8f3125c8 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -154,7 +154,7 @@ std::string Handshake_State::srp_identifier() const
return "";
}
-const MemoryRegion<byte>& Handshake_State::session_ticket() const
+const std::vector<byte>& Handshake_State::session_ticket() const
{
if(new_session_ticket && !new_session_ticket->ticket().empty())
return new_session_ticket->ticket();
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 364c715f8..ef8b4ee8f 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -37,7 +37,7 @@ class Handshake_State
void confirm_transition_to(Handshake_Type handshake_msg);
void set_expected_next(Handshake_Type handshake_msg);
- const MemoryRegion<byte>& session_ticket() const;
+ const std::vector<byte>& session_ticket() const;
std::pair<std::string, Signature_Format>
understand_sig_format(const Public_Key* key,
@@ -86,7 +86,7 @@ class Handshake_State
/*
* Only used by clients for session resumption
*/
- SecureVector<byte> resume_master_secret;
+ secure_vector<byte> resume_master_secret;
/*
*
diff --git a/src/tls/tls_heartbeats.cpp b/src/tls/tls_heartbeats.cpp
index 059772d34..8c129858e 100644
--- a/src/tls/tls_heartbeats.cpp
+++ b/src/tls/tls_heartbeats.cpp
@@ -14,7 +14,7 @@ namespace Botan {
namespace TLS {
-Heartbeat_Message::Heartbeat_Message(const MemoryRegion<byte>& buf)
+Heartbeat_Message::Heartbeat_Message(const std::vector<byte>& buf)
{
TLS_Data_Reader reader(buf);
@@ -35,13 +35,13 @@ Heartbeat_Message::Heartbeat_Message(Type type,
const byte payload[],
size_t payload_len) :
m_type(type),
- m_payload(payload, payload_len)
+ m_payload(payload, payload + payload_len)
{
}
-MemoryVector<byte> Heartbeat_Message::contents() const
+std::vector<byte> Heartbeat_Message::contents() const
{
- MemoryVector<byte> send_buf(3 + m_payload.size() + 16);
+ std::vector<byte> send_buf(3 + m_payload.size() + 16);
send_buf[0] = m_type;
send_buf[1] = get_byte<u16bit>(0, m_payload.size());
send_buf[2] = get_byte<u16bit>(1, m_payload.size());
@@ -51,9 +51,9 @@ MemoryVector<byte> Heartbeat_Message::contents() const
return send_buf;
}
-MemoryVector<byte> Heartbeat_Support_Indicator::serialize() const
+std::vector<byte> Heartbeat_Support_Indicator::serialize() const
{
- MemoryVector<byte> heartbeat(1);
+ std::vector<byte> heartbeat(1);
heartbeat[0] = (m_peer_allowed_to_send ? 1 : 2);
return heartbeat;
}
diff --git a/src/tls/tls_heartbeats.h b/src/tls/tls_heartbeats.h
index 4fa49501b..f3cc9ec68 100644
--- a/src/tls/tls_heartbeats.h
+++ b/src/tls/tls_heartbeats.h
@@ -19,18 +19,18 @@ class Heartbeat_Message
public:
enum Type { REQUEST = 1, RESPONSE = 2 };
- MemoryVector<byte> contents() const;
+ std::vector<byte> contents() const;
- const MemoryRegion<byte>& payload() const { return m_payload; }
+ const std::vector<byte>& payload() const { return m_payload; }
bool is_request() const { return m_type == REQUEST; }
- Heartbeat_Message(const MemoryRegion<byte>& buf);
+ Heartbeat_Message(const std::vector<byte>& buf);
Heartbeat_Message(Type type, const byte payload[], size_t payload_len);
private:
Type m_type;
- MemoryVector<byte> m_payload;
+ std::vector<byte> m_payload;
};
}
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index d9146dda1..e3bdaa6a0 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -34,7 +34,7 @@ class Record_Reader;
class Handshake_Message
{
public:
- virtual MemoryVector<byte> serialize() const = 0;
+ virtual std::vector<byte> serialize() const = 0;
virtual Handshake_Type type() const = 0;
Handshake_Message() {}
@@ -44,7 +44,7 @@ class Handshake_Message
Handshake_Message& operator=(const Handshake_Message&) { return (*this); }
};
-MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng);
+std::vector<byte> make_hello_random(RandomNumberGenerator& rng);
/**
* DTLS Hello Verify Request
@@ -52,18 +52,18 @@ MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng);
class Hello_Verify_Request : public Handshake_Message
{
public:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Handshake_Type type() const { return HELLO_VERIFY_REQUEST; }
- MemoryVector<byte> cookie() const { return m_cookie; }
+ std::vector<byte> cookie() const { return m_cookie; }
- Hello_Verify_Request(const MemoryRegion<byte>& buf);
+ Hello_Verify_Request(const std::vector<byte>& buf);
- Hello_Verify_Request(const MemoryVector<byte>& client_hello_bits,
+ Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
const SymmetricKey& secret_key);
private:
- MemoryVector<byte> m_cookie;
+ std::vector<byte> m_cookie;
};
/**
@@ -76,7 +76,7 @@ class Client_Hello : public Handshake_Message
Protocol_Version version() const { return m_version; }
- const MemoryVector<byte>& session_id() const { return m_session_id; }
+ const std::vector<byte>& session_id() const { return m_session_id; }
const std::vector<std::pair<std::string, std::string> >& supported_algos() const
{ return m_supported_algos; }
@@ -87,7 +87,7 @@ class Client_Hello : public Handshake_Message
std::vector<u16bit> ciphersuites() const { return m_suites; }
std::vector<byte> compression_methods() const { return m_comp_methods; }
- const MemoryVector<byte>& random() const { return m_random; }
+ const std::vector<byte>& random() const { return m_random; }
std::string sni_hostname() const { return m_hostname; }
@@ -95,7 +95,7 @@ class Client_Hello : public Handshake_Message
bool secure_renegotiation() const { return m_secure_renegotiation; }
- const MemoryVector<byte>& renegotiation_info()
+ const std::vector<byte>& renegotiation_info()
{ return m_renegotiation_info; }
bool offered_suite(u16bit ciphersuite) const;
@@ -106,7 +106,7 @@ class Client_Hello : public Handshake_Message
bool supports_session_ticket() const { return m_supports_session_ticket; }
- const MemoryRegion<byte>& session_ticket() const
+ const std::vector<byte>& session_ticket() const
{ return m_session_ticket; }
bool supports_heartbeats() const { return m_supports_heartbeats; }
@@ -117,7 +117,7 @@ class Client_Hello : public Handshake_Message
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool next_protocol = false,
const std::string& hostname = "",
const std::string& srp_identifier = "");
@@ -126,20 +126,20 @@ class Client_Hello : public Handshake_Message
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
const Session& resumed_session,
bool next_protocol = false);
- Client_Hello(const MemoryRegion<byte>& buf,
+ Client_Hello(const std::vector<byte>& buf,
Handshake_Type type);
private:
- MemoryVector<byte> serialize() const;
- void deserialize(const MemoryRegion<byte>& buf);
- void deserialize_sslv2(const MemoryRegion<byte>& buf);
+ std::vector<byte> serialize() const;
+ void deserialize(const std::vector<byte>& buf);
+ void deserialize_sslv2(const std::vector<byte>& buf);
Protocol_Version m_version;
- MemoryVector<byte> m_session_id, m_random;
+ std::vector<byte> m_session_id, m_random;
std::vector<u16bit> m_suites;
std::vector<byte> m_comp_methods;
std::string m_hostname;
@@ -148,13 +148,13 @@ class Client_Hello : public Handshake_Message
size_t m_fragment_size;
bool m_secure_renegotiation;
- MemoryVector<byte> m_renegotiation_info;
+ std::vector<byte> m_renegotiation_info;
std::vector<std::pair<std::string, std::string> > m_supported_algos;
std::vector<std::string> m_supported_curves;
bool m_supports_session_ticket;
- MemoryVector<byte> m_session_ticket;
+ std::vector<byte> m_session_ticket;
bool m_supports_heartbeats;
bool m_peer_can_send_heartbeats;
@@ -170,9 +170,9 @@ class Server_Hello : public Handshake_Message
Protocol_Version version() { return m_version; }
- const MemoryVector<byte>& random() const { return m_random; }
+ const std::vector<byte>& random() const { return m_random; }
- const MemoryVector<byte>& session_id() const { return m_session_id; }
+ const std::vector<byte>& session_id() const { return m_session_id; }
u16bit ciphersuite() const { return m_ciphersuite; }
@@ -189,7 +189,7 @@ class Server_Hello : public Handshake_Message
size_t fragment_size() const { return m_fragment_size; }
- const MemoryVector<byte>& renegotiation_info()
+ const std::vector<byte>& renegotiation_info()
{ return m_renegotiation_info; }
bool supports_heartbeats() const { return m_supports_heartbeats; }
@@ -198,31 +198,31 @@ class Server_Hello : public Handshake_Message
Server_Hello(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& session_id,
+ const std::vector<byte>& session_id,
Protocol_Version ver,
u16bit ciphersuite,
byte compression,
size_t max_fragment_size,
bool client_has_secure_renegotiation,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool offer_session_ticket,
bool client_has_npn,
const std::vector<std::string>& next_protocols,
bool client_has_heartbeat,
RandomNumberGenerator& rng);
- Server_Hello(const MemoryRegion<byte>& buf);
+ Server_Hello(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Protocol_Version m_version;
- MemoryVector<byte> m_session_id, m_random;
+ std::vector<byte> m_session_id, m_random;
u16bit m_ciphersuite;
byte m_comp_method;
size_t m_fragment_size;
bool m_secure_renegotiation;
- MemoryVector<byte> m_renegotiation_info;
+ std::vector<byte> m_renegotiation_info;
bool m_next_protocol;
std::vector<std::string> m_next_protocols;
@@ -240,7 +240,7 @@ class Client_Key_Exchange : public Handshake_Message
public:
Handshake_Type type() const { return CLIENT_KEX; }
- const SecureVector<byte>& pre_master_secret() const
+ const secure_vector<byte>& pre_master_secret() const
{ return pre_master; }
Client_Key_Exchange(Record_Writer& output,
@@ -250,16 +250,17 @@ class Client_Key_Exchange : public Handshake_Message
const std::string& hostname,
RandomNumberGenerator& rng);
- Client_Key_Exchange(const MemoryRegion<byte>& buf,
+ Client_Key_Exchange(const std::vector<byte>& buf,
const Handshake_State* state,
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng);
private:
- MemoryVector<byte> serialize() const { return key_material; }
+ std::vector<byte> serialize() const { return key_material; }
- SecureVector<byte> key_material, pre_master;
+ std::vector<byte> key_material;
+ secure_vector<byte> pre_master;
};
/**
@@ -278,9 +279,9 @@ class Certificate : public Handshake_Message
Handshake_Hash& hash,
const std::vector<X509_Certificate>& certs);
- Certificate(const MemoryRegion<byte>& buf);
+ Certificate(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::vector<X509_Certificate> m_certs;
};
@@ -307,10 +308,10 @@ class Certificate_Req : public Handshake_Message
const std::vector<X509_Certificate>& allowed_cas,
Protocol_Version version);
- Certificate_Req(const MemoryRegion<byte>& buf,
+ Certificate_Req(const std::vector<byte>& buf,
Protocol_Version version);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::vector<X509_DN> names;
std::vector<std::string> cert_key_types;
@@ -339,14 +340,14 @@ class Certificate_Verify : public Handshake_Message
RandomNumberGenerator& rng,
const Private_Key* key);
- Certificate_Verify(const MemoryRegion<byte>& buf,
+ Certificate_Verify(const std::vector<byte>& buf,
Protocol_Version version);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::string sig_algo; // sig algo used to create signature
std::string hash_algo; // hash used to create signature
- MemoryVector<byte> signature;
+ std::vector<byte> signature;
};
/**
@@ -357,7 +358,7 @@ class Finished : public Handshake_Message
public:
Handshake_Type type() const { return FINISHED; }
- MemoryVector<byte> verify_data() const
+ std::vector<byte> verify_data() const
{ return verification_data; }
bool verify(Handshake_State* state,
@@ -367,12 +368,12 @@ class Finished : public Handshake_Message
Handshake_State* state,
Connection_Side side);
- Finished(const MemoryRegion<byte>& buf);
+ Finished(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Connection_Side side;
- MemoryVector<byte> verification_data;
+ std::vector<byte> verification_data;
};
/**
@@ -384,9 +385,9 @@ class Hello_Request : public Handshake_Message
Handshake_Type type() const { return HELLO_REQUEST; }
Hello_Request(Record_Writer& writer);
- Hello_Request(const MemoryRegion<byte>& buf);
+ Hello_Request(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
};
/**
@@ -397,7 +398,7 @@ class Server_Key_Exchange : public Handshake_Message
public:
Handshake_Type type() const { return SERVER_KEX; }
- const MemoryVector<byte>& params() const { return m_params; }
+ const std::vector<byte>& params() const { return m_params; }
bool verify(const X509_Certificate& cert,
Handshake_State* state) const;
@@ -415,23 +416,23 @@ class Server_Key_Exchange : public Handshake_Message
RandomNumberGenerator& rng,
const Private_Key* signing_key = 0);
- Server_Key_Exchange(const MemoryRegion<byte>& buf,
+ Server_Key_Exchange(const std::vector<byte>& buf,
const std::string& kex_alg,
const std::string& sig_alg,
Protocol_Version version);
~Server_Key_Exchange();
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Private_Key* m_kex_key;
SRP6_Server_Session* m_srp_params;
- MemoryVector<byte> m_params;
+ std::vector<byte> m_params;
std::string m_sig_algo; // sig algo used to create signature
std::string m_hash_algo; // hash used to create signature
- MemoryVector<byte> m_signature;
+ std::vector<byte> m_signature;
};
/**
@@ -443,9 +444,9 @@ class Server_Hello_Done : public Handshake_Message
Handshake_Type type() const { return SERVER_HELLO_DONE; }
Server_Hello_Done(Record_Writer& writer, Handshake_Hash& hash);
- Server_Hello_Done(const MemoryRegion<byte>& buf);
+ Server_Hello_Done(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
};
/**
@@ -462,9 +463,9 @@ class Next_Protocol : public Handshake_Message
Handshake_Hash& hash,
const std::string& protocol);
- Next_Protocol(const MemoryRegion<byte>& buf);
+ Next_Protocol(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::string m_protocol;
};
@@ -475,22 +476,22 @@ class New_Session_Ticket : public Handshake_Message
Handshake_Type type() const { return NEW_SESSION_TICKET; }
u32bit ticket_lifetime_hint() const { return m_ticket_lifetime_hint; }
- const MemoryVector<byte>& ticket() const { return m_ticket; }
+ const std::vector<byte>& ticket() const { return m_ticket; }
New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
u32bit lifetime);
New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash);
- New_Session_Ticket(const MemoryRegion<byte>& buf);
+ New_Session_Ticket(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
u32bit m_ticket_lifetime_hint;
- MemoryVector<byte> m_ticket;
+ std::vector<byte> m_ticket;
};
}
diff --git a/src/tls/tls_reader.h b/src/tls/tls_reader.h
index bf8098bed..7440e16b7 100644
--- a/src/tls/tls_reader.h
+++ b/src/tls/tls_reader.h
@@ -25,7 +25,7 @@ namespace TLS {
class TLS_Data_Reader
{
public:
- TLS_Data_Reader(const MemoryRegion<byte>& buf_in) :
+ TLS_Data_Reader(const std::vector<byte>& buf_in) :
buf(buf_in), offset(0) {}
void assert_done() const
@@ -91,14 +91,14 @@ class TLS_Data_Reader
}
template<typename T>
- SecureVector<T> get_range(size_t len_bytes,
+ std::vector<T> get_range(size_t len_bytes,
size_t min_elems,
size_t max_elems)
{
const size_t num_elems =
get_num_elems(len_bytes, sizeof(T), min_elems, max_elems);
- return get_elem<T, SecureVector<T> >(num_elems);
+ return get_elem<T, std::vector<T> >(num_elems);
}
template<typename T>
@@ -123,9 +123,9 @@ class TLS_Data_Reader
}
template<typename T>
- SecureVector<T> get_fixed(size_t size)
+ std::vector<T> get_fixed(size_t size)
{
- return get_elem<T, SecureVector<T> >(size);
+ return get_elem<T, std::vector<T> >(size);
}
private:
@@ -169,15 +169,15 @@ class TLS_Data_Reader
}
}
- const MemoryRegion<byte>& buf;
+ const std::vector<byte>& buf;
size_t offset;
};
/**
* Helper function for encoding length-tagged vectors
*/
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
+template<typename T, typename Alloc>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
const T* vals,
size_t vals_size,
size_t tag_size)
@@ -200,26 +200,19 @@ void append_tls_length_value(MemoryRegion<byte>& buf,
buf.push_back(get_byte(j, vals[i]));
}
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
- const MemoryRegion<T>& vals,
+template<typename T, typename Alloc, typename Alloc2>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
+ const std::vector<T, Alloc2>& vals,
size_t tag_size)
{
append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
}
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
- const std::vector<T>& vals,
+template<typename Alloc>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
+ const std::string& str,
size_t tag_size)
{
- append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
- }
-
-inline void append_tls_length_value(MemoryRegion<byte>& buf,
- const std::string& str,
- size_t tag_size)
- {
append_tls_length_value(buf,
reinterpret_cast<const byte*>(&str[0]),
str.size(),
diff --git a/src/tls/tls_record.h b/src/tls/tls_record.h
index 3b44ee1c6..a92dcbe9d 100644
--- a/src/tls/tls_record.h
+++ b/src/tls/tls_record.h
@@ -33,10 +33,10 @@ class BOTAN_DLL Record_Writer
void send(byte type, const byte input[], size_t length);
void send(byte type, byte val) { send(type, &val, 1); }
- void send(byte type, const MemoryRegion<byte>& input)
+ void send(byte type, const std::vector<byte>& input)
{ send(type, &input[0], input.size()); }
- MemoryVector<byte> send(class Handshake_Message& msg);
+ std::vector<byte> send(class Handshake_Message& msg);
void send_alert(const Alert& alert);
@@ -62,7 +62,7 @@ class BOTAN_DLL Record_Writer
std::function<void (const byte[], size_t)> m_output_fn;
- MemoryVector<byte> m_writebuf;
+ std::vector<byte> m_writebuf;
Pipe m_cipher;
MessageAuthenticationCode* m_mac;
@@ -93,7 +93,7 @@ class BOTAN_DLL Record_Reader
size_t add_input(const byte input[], size_t input_size,
size_t& input_consumed,
byte& msg_type,
- MemoryVector<byte>& msg);
+ std::vector<byte>& msg);
void activate(Connection_Side side,
const Ciphersuite& suite,
@@ -118,8 +118,8 @@ class BOTAN_DLL Record_Reader
size_t& input_consumed,
size_t desired);
- MemoryVector<byte> m_readbuf;
- MemoryVector<byte> m_macbuf;
+ std::vector<byte> m_readbuf;
+ std::vector<byte> m_macbuf;
size_t m_readbuf_pos;
Pipe m_cipher;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 1e8c73ec3..7c2c4d323 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -24,8 +24,8 @@ bool check_for_resume(Session& session_info,
Client_Hello* client_hello,
std::chrono::seconds session_ticket_lifetime)
{
- const MemoryVector<byte>& client_session_id = client_hello->session_id();
- const MemoryVector<byte>& session_ticket = client_hello->session_ticket();
+ const std::vector<byte>& client_session_id = client_hello->session_id();
+ const std::vector<byte>& session_ticket = client_hello->session_ticket();
if(session_ticket.empty())
{
@@ -232,7 +232,7 @@ void Server::alert_notify(const Alert& alert)
* Split up and process handshake messages
*/
void Server::read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf)
+ const std::vector<byte>& rec_buf)
{
if(rec_type == HANDSHAKE && !state)
{
@@ -247,7 +247,7 @@ void Server::read_handshake(byte rec_type,
* Process a handshake message
*/
void Server::process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents)
+ const std::vector<byte>& contents)
{
if(state == 0)
throw Unexpected_Message("Unexpected handshake message from client");
@@ -396,7 +396,7 @@ void Server::process_handshake_msg(Handshake_Type type,
state->server_hello = new Server_Hello(
writer,
state->hash,
- rng.random_vec(32), // new session ID
+ unlock(rng.random_vec(32)), // new session ID
state->version(),
choose_ciphersuite(policy, creds, cert_chains, state->client_hello),
choose_compression(policy, state->client_hello->compression_methods()),
@@ -569,7 +569,7 @@ void Server::process_handshake_msg(Handshake_Type type,
secure_renegotiation.supported(),
state->server_hello->fragment_size(),
peer_certs,
- MemoryVector<byte>(),
+ std::vector<byte>(),
m_hostname,
state->srp_identifier()
);
diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h
index 684021ebc..441e03eb2 100644
--- a/src/tls/tls_server.h
+++ b/src/tls/tls_server.h
@@ -51,9 +51,9 @@ class BOTAN_DLL Server : public Channel
{ return m_next_protocol; }
private:
- void read_handshake(byte, const MemoryRegion<byte>&);
+ void read_handshake(byte, const std::vector<byte>&);
- void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&);
+ void process_handshake_msg(Handshake_Type, const std::vector<byte>&);
void alert_notify(const Alert& alert);
diff --git a/src/tls/tls_session.cpp b/src/tls/tls_session.cpp
index dac38e67b..d2aae9a7e 100644
--- a/src/tls/tls_session.cpp
+++ b/src/tls/tls_session.cpp
@@ -18,8 +18,8 @@ namespace Botan {
namespace TLS {
-Session::Session(const MemoryRegion<byte>& session_identifier,
- const MemoryRegion<byte>& master_secret,
+Session::Session(const std::vector<byte>& session_identifier,
+ const secure_vector<byte>& master_secret,
Protocol_Version version,
u16bit ciphersuite,
byte compression_method,
@@ -27,7 +27,7 @@ Session::Session(const MemoryRegion<byte>& session_identifier,
bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& certs,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
const std::string& sni_hostname,
const std::string& srp_identifier) :
m_start_time(std::chrono::system_clock::now()),
@@ -48,7 +48,7 @@ Session::Session(const MemoryRegion<byte>& session_identifier,
Session::Session(const std::string& pem)
{
- SecureVector<byte> der = PEM_Code::decode_check_label(pem, "SSL SESSION");
+ secure_vector<byte> der = PEM_Code::decode_check_label(pem, "SSL SESSION");
*this = Session(&der[0], der.size());
}
@@ -61,7 +61,7 @@ Session::Session(const byte ber[], size_t ber_len)
byte major_version = 0, minor_version = 0;
- MemoryVector<byte> peer_cert_bits;
+ std::vector<byte> peer_cert_bits;
size_t start_time = 0;
@@ -94,16 +94,16 @@ Session::Session(const byte ber[], size_t ber_len)
if(!peer_cert_bits.empty())
{
- DataSource_Memory certs(peer_cert_bits);
+ DataSource_Memory certs(&peer_cert_bits[0], peer_cert_bits.size());
while(!certs.end_of_data())
m_peer_certs.push_back(X509_Certificate(certs));
}
}
-SecureVector<byte> Session::DER_encode() const
+secure_vector<byte> Session::DER_encode() const
{
- MemoryVector<byte> peer_cert_bits;
+ std::vector<byte> peer_cert_bits;
for(size_t i = 0; i != m_peer_certs.size(); ++i)
peer_cert_bits += m_peer_certs[i].BER_encode();
@@ -154,7 +154,7 @@ const size_t MAC_OUTPUT_LENGTH = 32;
}
-MemoryVector<byte>
+std::vector<byte>
Session::encrypt(const SymmetricKey& master_key,
RandomNumberGenerator& rng) const
{
@@ -177,9 +177,9 @@ Session::encrypt(const SymmetricKey& master_key,
Pipe pipe(get_cipher(SESSION_CRYPTO_CIPHER, cipher_key, cipher_iv, ENCRYPTION));
pipe.process_msg(this->DER_encode());
- MemoryVector<byte> ctext = pipe.read_all(0);
+ secure_vector<byte> ctext = pipe.read_all(0);
- MemoryVector<byte> out(MAGIC_LENGTH);
+ std::vector<byte> out(MAGIC_LENGTH);
store_be(SESSION_CRYPTO_MAGIC, &out[0]);
out += cipher_iv.bits_of();
out += ctext;
@@ -217,7 +217,7 @@ Session Session::decrypt(const byte buf[], size_t buf_len,
mac->set_key(mac_key);
mac->update(&buf[0], buf_len - MAC_OUTPUT_LENGTH);
- MemoryVector<byte> computed_mac = mac->final();
+ secure_vector<byte> computed_mac = mac->final();
if(!same_mem(&buf[buf_len - MAC_OUTPUT_LENGTH], &computed_mac[0], computed_mac.size()))
throw Decoding_Error("MAC verification failed for encrypted session");
@@ -234,7 +234,7 @@ Session Session::decrypt(const byte buf[], size_t buf_len,
Pipe pipe(get_cipher(SESSION_CRYPTO_CIPHER, cipher_key, cipher_iv, DECRYPTION));
pipe.process_msg(&buf[CTEXT_OFFSET],
buf_len - (MAC_OUTPUT_LENGTH + CTEXT_OFFSET));
- SecureVector<byte> ber = pipe.read_all();
+ secure_vector<byte> ber = pipe.read_all();
return Session(&ber[0], ber.size());
}
diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h
index a2b341a30..2c474bc6a 100644
--- a/src/tls/tls_session.h
+++ b/src/tls/tls_session.h
@@ -43,8 +43,8 @@ class BOTAN_DLL Session
/**
* New session (sets session start time)
*/
- Session(const MemoryRegion<byte>& session_id,
- const MemoryRegion<byte>& master_secret,
+ Session(const std::vector<byte>& session_id,
+ const secure_vector<byte>& master_secret,
Protocol_Version version,
u16bit ciphersuite,
byte compression_method,
@@ -52,7 +52,7 @@ class BOTAN_DLL Session
bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& peer_certs,
- const MemoryRegion<byte>& session_ticket,
+ const std::vector<byte>& session_ticket,
const std::string& sni_hostname = "",
const std::string& srp_identifier = "");
@@ -71,12 +71,12 @@ class BOTAN_DLL Session
* @warning if the master secret is compromised so is the
* session traffic
*/
- SecureVector<byte> DER_encode() const;
+ secure_vector<byte> DER_encode() const;
/**
* Encrypt a session (useful for serialization or session tickets)
*/
- MemoryVector<byte> encrypt(const SymmetricKey& key,
+ std::vector<byte> encrypt(const SymmetricKey& key,
RandomNumberGenerator& rng) const;
@@ -95,7 +95,7 @@ class BOTAN_DLL Session
* @param ctext the ciphertext returned by encrypt
* @param key the same key used by the encrypting side
*/
- static inline Session decrypt(const MemoryRegion<byte>& ctext,
+ static inline Session decrypt(const std::vector<byte>& ctext,
const SymmetricKey& key)
{
return Session::decrypt(&ctext[0], ctext.size(), key);
@@ -147,13 +147,13 @@ class BOTAN_DLL Session
/**
* Get the saved master secret
*/
- const SecureVector<byte>& master_secret() const
+ const secure_vector<byte>& master_secret() const
{ return m_master_secret; }
/**
* Get the session identifier
*/
- const MemoryVector<byte>& session_id() const
+ const std::vector<byte>& session_id() const
{ return m_identifier; }
/**
@@ -186,16 +186,16 @@ class BOTAN_DLL Session
/**
* Return the session ticket the server gave us
*/
- const MemoryVector<byte>& session_ticket() const { return m_session_ticket; }
+ const std::vector<byte>& session_ticket() const { return m_session_ticket; }
private:
enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e300 };
std::chrono::system_clock::time_point m_start_time;
- MemoryVector<byte> m_identifier;
- MemoryVector<byte> m_session_ticket; // only used by client side
- SecureVector<byte> m_master_secret;
+ std::vector<byte> m_identifier;
+ std::vector<byte> m_session_ticket; // only used by client side
+ secure_vector<byte> m_master_secret;
Protocol_Version m_version;
u16bit m_ciphersuite;
diff --git a/src/tls/tls_session_key.cpp b/src/tls/tls_session_key.cpp
index 4d7603ce1..0cd74a63a 100644
--- a/src/tls/tls_session_key.cpp
+++ b/src/tls/tls_session_key.cpp
@@ -19,7 +19,7 @@ namespace TLS {
* Session_Keys Constructor
*/
Session_Keys::Session_Keys(Handshake_State* state,
- const MemoryRegion<byte>& pre_master_secret,
+ const secure_vector<byte>& pre_master_secret,
bool resuming)
{
const size_t mac_keylen = output_length_of(state->suite.mac_algo());
@@ -45,7 +45,7 @@ Session_Keys::Session_Keys(Handshake_State* state,
}
else
{
- SecureVector<byte> salt;
+ secure_vector<byte> salt;
if(state->version() != Protocol_Version::SSL_V3)
salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
@@ -56,7 +56,7 @@ Session_Keys::Session_Keys(Handshake_State* state,
master_sec = prf->derive_key(48, pre_master_secret, salt);
}
- SecureVector<byte> salt;
+ secure_vector<byte> salt;
if(state->version() != Protocol_Version::SSL_V3)
salt += std::make_pair(KEY_GEN_MAGIC, sizeof(KEY_GEN_MAGIC));
salt += state->server_hello->random();
diff --git a/src/tls/tls_session_key.h b/src/tls/tls_session_key.h
index 25de56aea..0021694e3 100644
--- a/src/tls/tls_session_key.h
+++ b/src/tls/tls_session_key.h
@@ -31,16 +31,16 @@ class Session_Keys
InitializationVector client_iv() const { return c_iv; }
InitializationVector server_iv() const { return s_iv; }
- const SecureVector<byte>& master_secret() const { return master_sec; }
+ const secure_vector<byte>& master_secret() const { return master_sec; }
Session_Keys() {}
Session_Keys(class Handshake_State* state,
- const MemoryRegion<byte>& pre_master,
+ const secure_vector<byte>& pre_master,
bool resuming);
private:
- SecureVector<byte> master_sec;
+ secure_vector<byte> master_sec;
SymmetricKey c_cipher, s_cipher, c_mac, s_mac;
InitializationVector c_iv, s_iv;
};
diff --git a/src/tls/tls_session_manager.cpp b/src/tls/tls_session_manager.cpp
index d103df35f..72eb83c21 100644
--- a/src/tls/tls_session_manager.cpp
+++ b/src/tls/tls_session_manager.cpp
@@ -37,7 +37,7 @@ bool Session_Manager_In_Memory::load_from_session_str(
}
bool Session_Manager_In_Memory::load_from_session_id(
- const MemoryRegion<byte>& session_id, Session& session)
+ const std::vector<byte>& session_id, Session& session)
{
std::lock_guard<std::mutex> lock(m_mutex);
@@ -69,7 +69,7 @@ bool Session_Manager_In_Memory::load_from_host_info(
}
void Session_Manager_In_Memory::remove_entry(
- const MemoryRegion<byte>& session_id)
+ const std::vector<byte>& session_id)
{
std::lock_guard<std::mutex> lock(m_mutex);
diff --git a/src/tls/tls_session_manager.h b/src/tls/tls_session_manager.h
index 84d51406d..fa1ecae39 100644
--- a/src/tls/tls_session_manager.h
+++ b/src/tls/tls_session_manager.h
@@ -36,7 +36,7 @@ class BOTAN_DLL Session_Manager
or not modified if not found
* @return true if session was modified
*/
- virtual bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ virtual bool load_from_session_id(const std::vector<byte>& session_id,
Session& session) = 0;
/**
@@ -53,7 +53,7 @@ class BOTAN_DLL Session_Manager
/**
* Remove this session id from the cache, if it exists
*/
- virtual void remove_entry(const MemoryRegion<byte>& session_id) = 0;
+ virtual void remove_entry(const std::vector<byte>& session_id) = 0;
/**
* Save a session on a best effort basis; the manager may not in
@@ -94,13 +94,13 @@ class BOTAN_DLL Session_Manager_In_Memory : public Session_Manager
m_session_lifetime(session_lifetime)
{}
- bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ bool load_from_session_id(const std::vector<byte>& session_id,
Session& session);
bool load_from_host_info(const std::string& hostname, u16bit port,
Session& session);
- void remove_entry(const MemoryRegion<byte>& session_id);
+ void remove_entry(const std::vector<byte>& session_id);
void save(const Session& session_data);
diff --git a/src/utils/datastor/datastor.cpp b/src/utils/datastor/datastor.cpp
index 363136c69..d65b3f1ac 100644
--- a/src/utils/datastor/datastor.cpp
+++ b/src/utils/datastor/datastor.cpp
@@ -72,21 +72,21 @@ std::string Data_Store::get1(const std::string& key) const
}
/*
-* Get a single MemoryVector atom
+* Get a single std::vector atom
*/
-MemoryVector<byte>
+std::vector<byte>
Data_Store::get1_memvec(const std::string& key) const
{
std::vector<std::string> vals = get(key);
if(vals.empty())
- return MemoryVector<byte>();
+ return std::vector<byte>();
if(vals.size() > 1)
throw Invalid_State("Data_Store::get1_memvec: Multiple values for " +
key);
- return hex_decode(vals[0]);
+ return unlock(hex_decode(vals[0]));
}
/*
@@ -125,7 +125,12 @@ void Data_Store::add(const std::string& key, u32bit val)
/*
* Insert a single key and value
*/
-void Data_Store::add(const std::string& key, const MemoryRegion<byte>& val)
+void Data_Store::add(const std::string& key, const secure_vector<byte>& val)
+ {
+ add(key, hex_encode(&val[0], val.size()));
+ }
+
+void Data_Store::add(const std::string& key, const std::vector<byte>& val)
{
add(key, hex_encode(&val[0], val.size()));
}
diff --git a/src/utils/datastor/datastor.h b/src/utils/datastor/datastor.h
index 26a0d418c..b471f85e1 100644
--- a/src/utils/datastor/datastor.h
+++ b/src/utils/datastor/datastor.h
@@ -35,7 +35,7 @@ class BOTAN_DLL Data_Store
std::string get1(const std::string&) const;
- MemoryVector<byte> get1_memvec(const std::string&) const;
+ std::vector<byte> get1_memvec(const std::string&) const;
u32bit get1_u32bit(const std::string&, u32bit = 0) const;
bool has_value(const std::string&) const;
@@ -43,7 +43,8 @@ class BOTAN_DLL Data_Store
void add(const std::multimap<std::string, std::string>&);
void add(const std::string&, const std::string&);
void add(const std::string&, u32bit);
- void add(const std::string&, const MemoryRegion<byte>&);
+ void add(const std::string&, const secure_vector<byte>&);
+ void add(const std::string&, const std::vector<byte>&);
private:
std::multimap<std::string, std::string> contents;
};
diff --git a/src/utils/xor_buf.h b/src/utils/xor_buf.h
index 3c96dea70..b67d84c50 100644
--- a/src/utils/xor_buf.h
+++ b/src/utils/xor_buf.h
@@ -9,6 +9,7 @@
#define BOTAN_XOR_BUF_H__
#include <botan/types.h>
+#include <vector>
namespace Botan {
@@ -70,6 +71,31 @@ inline void xor_buf(byte out[],
out[i] = in[i] ^ in2[i];
}
+template<typename Alloc, typename Alloc2>
+void xor_buf(std::vector<byte, Alloc>& out,
+ const std::vector<byte, Alloc2>& in,
+ size_t n)
+ {
+ xor_buf(&out[0], &in[0], n);
+ }
+
+template<typename Alloc>
+void xor_buf(std::vector<byte, Alloc>& out,
+ const byte* in,
+ size_t n)
+ {
+ xor_buf(&out[0], in, n);
+ }
+
+template<typename Alloc, typename Alloc2>
+void xor_buf(std::vector<byte, Alloc>& out,
+ const byte* in,
+ const std::vector<byte, Alloc2>& in2,
+ size_t n)
+ {
+ xor_buf(&out[0], &in[0], &in2[0], n);
+ }
+
}
#endif
diff --git a/src/wrap/python/python_botan.h b/src/wrap/python/python_botan.h
index ac0a17d7f..03bdd9156 100644
--- a/src/wrap/python/python_botan.h
+++ b/src/wrap/python/python_botan.h
@@ -34,7 +34,7 @@ inline std::string make_string(const byte input[], u32bit length)
return std::string((const char*)input, length);
}
-inline std::string make_string(const MemoryRegion<byte>& in)
+inline std::string make_string(const secure_vector<byte>& in)
{
return make_string(in.begin(), in.size());
}
diff --git a/src/wrap/python/rsa.cpp b/src/wrap/python/rsa.cpp
index dc6053503..3ff1edb07 100644
--- a/src/wrap/python/rsa.cpp
+++ b/src/wrap/python/rsa.cpp
@@ -40,7 +40,7 @@ class Py_RSA_PrivateKey
std::string to_ber() const
{
- SecureVector<byte> bits = PKCS8::BER_encode(*rsa_key);
+ secure_vector<byte> bits = PKCS8::BER_encode(*rsa_key);
return std::string(reinterpret_cast<const char*>(&bits[0]),
bits.size());
@@ -140,7 +140,7 @@ class Py_RSA_PublicKey
std::string to_ber() const
{
- SecureVector<byte> bits = X509::BER_encode(*rsa_key);
+ secure_vector<byte> bits = X509::BER_encode(*rsa_key);
return std::string(reinterpret_cast<const char*>(&bits[0]),
bits.size());
diff --git a/src/wrap/python/x509.cpp b/src/wrap/python/x509.cpp
index 4c248890d..0a29ad83a 100644
--- a/src/wrap/python/x509.cpp
+++ b/src/wrap/python/x509.cpp
@@ -63,7 +63,7 @@ void export_x509()
{
vector_to_list<std::string>();
vector_to_list<X509_Certificate>();
- memvec_to_hexstr<MemoryVector<byte> >();
+ memvec_to_hexstr<std::vector<byte> >();
python::class_<X509_Certificate>
("X509_Certificate", python::init<std::string>())