aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--doc/examples/row_encryptor.cpp2
-rw-r--r--src/alloc/secmem.h46
-rw-r--r--src/asn1/ber_dec.cpp6
-rw-r--r--src/block/aes/aes.cpp8
-rw-r--r--src/block/aes_intel/aes_intel.cpp12
-rw-r--r--src/block/aes_ssse3/aes_ssse3.h6
-rw-r--r--src/block/cast/cast128.h2
-rw-r--r--src/block/cast/cast256.h2
-rw-r--r--src/block/des/des.h4
-rw-r--r--src/block/des/desx.h2
-rw-r--r--src/block/gost_28147/gost_28147.h2
-rw-r--r--src/block/idea/idea.h2
-rw-r--r--src/block/kasumi/kasumi.h2
-rw-r--r--src/block/lion/lion.cpp4
-rw-r--r--src/block/lubyrack/lubyrack.cpp4
-rw-r--r--src/block/mars/mars.h2
-rw-r--r--src/block/misty1/misty1.h2
-rw-r--r--src/block/noekeon/noekeon.cpp4
-rw-r--r--src/block/rc2/rc2.h2
-rw-r--r--src/block/rc5/rc5.h2
-rw-r--r--src/block/rc6/rc6.h2
-rw-r--r--src/block/safer/safer_sk.h2
-rw-r--r--src/block/seed/seed.h2
-rw-r--r--src/block/serpent/serpent.h2
-rw-r--r--src/block/skipjack/skipjack.cpp2
-rw-r--r--src/block/square/square.cpp8
-rw-r--r--src/block/tea/tea.h2
-rw-r--r--src/block/twofish/twofish.cpp10
-rw-r--r--src/block/xtea/xtea.h2
-rw-r--r--src/cms/cms_enc.cpp2
-rw-r--r--src/constructs/aont/package.cpp4
-rw-r--r--src/filters/modes/cfb/cfb.cpp4
-rw-r--r--src/filters/modes/cts/cts.cpp4
-rw-r--r--src/hash/bmw/bmw_512.cpp4
-rw-r--r--src/hash/gost_3411/gost_3411.cpp4
-rw-r--r--src/hash/has160/has160.cpp2
-rw-r--r--src/hash/md2/md2.cpp6
-rw-r--r--src/hash/md4/md4.cpp2
-rw-r--r--src/hash/md5/md5.cpp2
-rw-r--r--src/hash/mdx_hash/mdx_hash.cpp4
-rw-r--r--src/hash/rmd128/rmd128.cpp2
-rw-r--r--src/hash/rmd160/rmd160.cpp2
-rw-r--r--src/hash/sha1/sha160.cpp2
-rw-r--r--src/hash/sha2/sha2_32.cpp4
-rw-r--r--src/hash/sha2/sha2_64.cpp4
-rw-r--r--src/hash/skein/skein_512.cpp6
-rw-r--r--src/hash/tiger/tiger.cpp2
-rw-r--r--src/hash/whirlpool/whrlpool.cpp4
-rw-r--r--src/mac/cbc_mac/cbc_mac.cpp4
-rw-r--r--src/mac/cmac/cmac.cpp12
-rw-r--r--src/mac/hmac/hmac.cpp4
-rw-r--r--src/mac/ssl3mac/ssl3_mac.cpp4
-rw-r--r--src/mac/x919_mac/x919_mac.cpp4
-rw-r--r--src/math/bigint/big_ops2.cpp6
-rw-r--r--src/math/bigint/bigint.cpp2
-rw-r--r--src/math/bigint/bigint.h2
-rw-r--r--src/math/numbertheory/point_gfp.cpp4
-rw-r--r--src/math/numbertheory/powm_mnt.cpp8
-rw-r--r--src/pk_pad/eme1/eme1.cpp2
-rw-r--r--src/pk_pad/emsa3/emsa3.cpp4
-rw-r--r--src/rng/hmac_rng/hmac_rng.cpp4
-rw-r--r--src/rng/randpool/randpool.cpp6
-rw-r--r--src/rng/x931_rng/x931_rng.cpp2
-rw-r--r--src/ssl/rec_read.cpp4
-rw-r--r--src/ssl/rec_wri.cpp2
-rw-r--r--src/stream/arc4/arc4.cpp4
-rw-r--r--src/stream/ctr/ctr.cpp6
-rw-r--r--src/stream/ofb/ofb.cpp4
-rw-r--r--src/stream/salsa20/salsa20.cpp4
-rw-r--r--src/stream/turing/turing.cpp10
-rw-r--r--src/stream/wid_wake/wid_wake.cpp8
-rw-r--r--src/sym_algo/symkey.cpp2
72 files changed, 166 insertions, 158 deletions
diff --git a/doc/examples/row_encryptor.cpp b/doc/examples/row_encryptor.cpp
index 8c1df66a0..685850945 100644
--- a/doc/examples/row_encryptor.cpp
+++ b/doc/examples/row_encryptor.cpp
@@ -162,7 +162,7 @@ int main()
Row_Encryptor test_pbkdf_salt_copy(secret_passphrase,
encryptor.get_pbkdf_salt());
- salt.clear(); // all-0
+ zeroise(salt);
std::string test = test_pbkdf_salt_copy.decrypt(encrypted_values[0], salt);
if(test != original_inputs[0])
std::cout << "PBKDF salt copy failed to decrypt properly\n";
diff --git a/src/alloc/secmem.h b/src/alloc/secmem.h
index aae1634d3..37930b963 100644
--- a/src/alloc/secmem.h
+++ b/src/alloc/secmem.h
@@ -126,21 +126,6 @@ class MemoryRegion
{ copy_mem(buf + off, in, (n > size() - off) ? (size() - off) : n); }
/**
- * Set the contents of this according to the argument. The size of
- * *this is increased if necessary.
- * @param in the array of objects of type T to copy the contents from
- * @param n the size of array in
- */
- void set(const T in[], u32bit n) { resize(n); copy(in, n); }
-
- /**
- * Set the contents of this according to the argument. The size of
- * *this is increased if necessary.
- * @param in the buffer to copy the contents from
- */
- void set(const MemoryRegion<T>& in) { set(in.begin(), in.size()); }
-
- /**
* Append data to the end of this buffer.
* @param data the array containing the data to append
* @param n the size of the array data
@@ -162,11 +147,6 @@ class MemoryRegion
{ append(other.begin(), other.size()); }
/**
- * Zeroise the bytes of this buffer. The length remains unchanged.
- */
- void clear() { clear_mem(buf, allocated); }
-
- /**
* Reset this buffer to an empty buffer with size zero.
*/
void destroy() { resize(0); }
@@ -206,6 +186,22 @@ class MemoryRegion
*/
void init(bool locking, u32bit length = 0)
{ alloc = Allocator::get(locking); resize(length); }
+
+ /**
+ * Set the contents of this according to the argument. The size of
+ * *this is increased if necessary.
+ * @param in the array of objects of type T to copy the contents from
+ * @param n the size of array in
+ */
+ void set(const T in[], u32bit n) { resize(n); copy(in, n); }
+
+ /**
+ * Set the contents of this according to the argument. The size of
+ * *this is increased if necessary.
+ * @param in the buffer to copy the contents from
+ */
+ void set(const MemoryRegion<T>& in) { set(in.begin(), in.size()); }
+
private:
T* allocate(u32bit n)
{
@@ -393,6 +389,16 @@ class SecureVector : public MemoryRegion<T>
{ init(true); set(in1); append(in2); }
};
+/**
+* Zeroise the values; length remains unchanged
+* @param vec the vector to zeroise
+*/
+template<typename T>
+void zeroise(MemoryRegion<T>& vec)
+ {
+ clear_mem(&vec[0], vec.size());
+ }
+
}
#endif
diff --git a/src/asn1/ber_dec.cpp b/src/asn1/ber_dec.cpp
index ea0334202..1c0d218ca 100644
--- a/src/asn1/ber_dec.cpp
+++ b/src/asn1/ber_dec.cpp
@@ -451,7 +451,9 @@ BER_Decoder& BER_Decoder::decode(MemoryRegion<byte>& buffer,
{
if(obj.value[0] >= 8)
throw BER_Decoding_Error("Bad number of unused bits in BIT STRING");
- buffer.set(obj.value + 1, obj.value.size() - 1);
+
+ buffer.resize(obj.value.size() - 1);
+ copy_mem(&buffer[0], &obj.value[1], obj.value.size() - 1);
}
return (*this);
}
@@ -467,7 +469,7 @@ BER_Decoder& BER_Decoder::decode_optional_string(MemoryRegion<byte>& out,
ASN1_Tag type_tag = static_cast<ASN1_Tag>(type_no);
- out.clear();
+ out.destroy();
push_back(obj);
if(obj.type_tag == type_tag && obj.class_tag == CONTEXT_SPECIFIC)
diff --git a/src/block/aes/aes.cpp b/src/block/aes/aes.cpp
index 8783f13a0..2485fc1a1 100644
--- a/src/block/aes/aes.cpp
+++ b/src/block/aes/aes.cpp
@@ -693,10 +693,10 @@ AES::AES(u32bit key_size) : BlockCipher(16, key_size)
*/
void AES::clear()
{
- EK.clear();
- DK.clear();
- ME.clear();
- MD.clear();
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
}
}
diff --git a/src/block/aes_intel/aes_intel.cpp b/src/block/aes_intel/aes_intel.cpp
index 211bb3b47..c52f3fcd3 100644
--- a/src/block/aes_intel/aes_intel.cpp
+++ b/src/block/aes_intel/aes_intel.cpp
@@ -306,8 +306,8 @@ void AES_128_Intel::key_schedule(const byte key[], u32bit)
*/
void AES_128_Intel::clear()
{
- EK.clear();
- DK.clear();
+ zeroise(EK);
+ zeroise(DK);
}
/*
@@ -522,8 +522,8 @@ void AES_192_Intel::key_schedule(const byte key[], u32bit)
*/
void AES_192_Intel::clear()
{
- EK.clear();
- DK.clear();
+ zeroise(EK);
+ zeroise(DK);
}
/*
@@ -772,8 +772,8 @@ void AES_256_Intel::key_schedule(const byte key[], u32bit)
*/
void AES_256_Intel::clear()
{
- EK.clear();
- DK.clear();
+ zeroise(EK);
+ zeroise(DK);
}
}
diff --git a/src/block/aes_ssse3/aes_ssse3.h b/src/block/aes_ssse3/aes_ssse3.h
index 8087b58a0..babd30509 100644
--- a/src/block/aes_ssse3/aes_ssse3.h
+++ b/src/block/aes_ssse3/aes_ssse3.h
@@ -21,7 +21,7 @@ class BOTAN_DLL AES_128_SSSE3 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); DK.clear(); }
+ void clear() { zeroise(EK); zeroise(DK); }
std::string name() const { return "AES-128"; }
BlockCipher* clone() const { return new AES_128_SSSE3; }
@@ -41,7 +41,7 @@ class BOTAN_DLL AES_192_SSSE3 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); DK.clear(); }
+ void clear() { zeroise(EK); zeroise(DK); }
std::string name() const { return "AES-192"; }
BlockCipher* clone() const { return new AES_192_SSSE3; }
@@ -61,7 +61,7 @@ class BOTAN_DLL AES_256_SSSE3 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); DK.clear(); }
+ void clear() { zeroise(EK); zeroise(DK); }
std::string name() const { return "AES-256"; }
BlockCipher* clone() const { return new AES_256_SSSE3; }
diff --git a/src/block/cast/cast128.h b/src/block/cast/cast128.h
index 967e91938..e5d4a884b 100644
--- a/src/block/cast/cast128.h
+++ b/src/block/cast/cast128.h
@@ -21,7 +21,7 @@ class BOTAN_DLL CAST_128 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { MK.clear(); RK.clear(); }
+ void clear() { zeroise(MK); zeroise(RK); }
std::string name() const { return "CAST-128"; }
BlockCipher* clone() const { return new CAST_128; }
diff --git a/src/block/cast/cast256.h b/src/block/cast/cast256.h
index c4a305671..c9820c1ab 100644
--- a/src/block/cast/cast256.h
+++ b/src/block/cast/cast256.h
@@ -21,7 +21,7 @@ class BOTAN_DLL CAST_256 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { MK.clear(); RK.clear(); }
+ void clear() { zeroise(MK); zeroise(RK); }
std::string name() const { return "CAST-256"; }
BlockCipher* clone() const { return new CAST_256; }
diff --git a/src/block/des/des.h b/src/block/des/des.h
index 1ae806850..f631986f0 100644
--- a/src/block/des/des.h
+++ b/src/block/des/des.h
@@ -21,7 +21,7 @@ class BOTAN_DLL DES : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { round_key.clear(); }
+ void clear() { zeroise(round_key); }
std::string name() const { return "DES"; }
BlockCipher* clone() const { return new DES; }
@@ -41,7 +41,7 @@ class BOTAN_DLL TripleDES : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { round_key.clear(); }
+ void clear() { zeroise(round_key); }
std::string name() const { return "TripleDES"; }
BlockCipher* clone() const { return new TripleDES; }
diff --git a/src/block/des/desx.h b/src/block/des/desx.h
index 45a9d8479..007948ba7 100644
--- a/src/block/des/desx.h
+++ b/src/block/des/desx.h
@@ -21,7 +21,7 @@ class BOTAN_DLL DESX : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { des.clear(); K1.clear(); K2.clear(); }
+ void clear() { des.clear(); zeroise(K1); zeroise(K2); }
std::string name() const { return "DESX"; }
BlockCipher* clone() const { return new DESX; }
diff --git a/src/block/gost_28147/gost_28147.h b/src/block/gost_28147/gost_28147.h
index ec23466f4..9d845ae72 100644
--- a/src/block/gost_28147/gost_28147.h
+++ b/src/block/gost_28147/gost_28147.h
@@ -55,7 +55,7 @@ class BOTAN_DLL GOST_28147_89 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); }
+ void clear() { zeroise(EK); }
std::string name() const { return "GOST-28147-89"; }
BlockCipher* clone() const { return new GOST_28147_89(SBOX); }
diff --git a/src/block/idea/idea.h b/src/block/idea/idea.h
index aed3be3ea..737970b29 100644
--- a/src/block/idea/idea.h
+++ b/src/block/idea/idea.h
@@ -21,7 +21,7 @@ class BOTAN_DLL IDEA : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); DK.clear(); }
+ void clear() { zeroise(EK); zeroise(DK); }
std::string name() const { return "IDEA"; }
BlockCipher* clone() const { return new IDEA; }
diff --git a/src/block/kasumi/kasumi.h b/src/block/kasumi/kasumi.h
index fda348ef3..f8575c2d2 100644
--- a/src/block/kasumi/kasumi.h
+++ b/src/block/kasumi/kasumi.h
@@ -21,7 +21,7 @@ class BOTAN_DLL KASUMI : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); }
+ void clear() { zeroise(EK); }
std::string name() const { return "KASUMI"; }
BlockCipher* clone() const { return new KASUMI; }
diff --git a/src/block/lion/lion.cpp b/src/block/lion/lion.cpp
index d8dfd1fcb..45e051ada 100644
--- a/src/block/lion/lion.cpp
+++ b/src/block/lion/lion.cpp
@@ -99,8 +99,8 @@ void Lion::clear()
{
hash->clear();
cipher->clear();
- key1.clear();
- key2.clear();
+ zeroise(key1);
+ zeroise(key2);
}
/*
diff --git a/src/block/lubyrack/lubyrack.cpp b/src/block/lubyrack/lubyrack.cpp
index bdb26837e..4dd0d5c8a 100644
--- a/src/block/lubyrack/lubyrack.cpp
+++ b/src/block/lubyrack/lubyrack.cpp
@@ -94,8 +94,8 @@ void LubyRackoff::key_schedule(const byte key[], u32bit length)
*/
void LubyRackoff::clear()
{
- K1.clear();
- K2.clear();
+ zeroise(K1);
+ zeroise(K2);
hash->clear();
}
diff --git a/src/block/mars/mars.h b/src/block/mars/mars.h
index f455ec5ca..37501fff1 100644
--- a/src/block/mars/mars.h
+++ b/src/block/mars/mars.h
@@ -21,7 +21,7 @@ class BOTAN_DLL MARS : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); }
+ void clear() { zeroise(EK); }
std::string name() const { return "MARS"; }
BlockCipher* clone() const { return new MARS; }
diff --git a/src/block/misty1/misty1.h b/src/block/misty1/misty1.h
index a9bc12c7b..dbb8e2c45 100644
--- a/src/block/misty1/misty1.h
+++ b/src/block/misty1/misty1.h
@@ -21,7 +21,7 @@ class BOTAN_DLL MISTY1 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); DK.clear(); }
+ void clear() { zeroise(EK); zeroise(DK); }
std::string name() const { return "MISTY1"; }
BlockCipher* clone() const { return new MISTY1; }
diff --git a/src/block/noekeon/noekeon.cpp b/src/block/noekeon/noekeon.cpp
index 0bfce1882..95178a62b 100644
--- a/src/block/noekeon/noekeon.cpp
+++ b/src/block/noekeon/noekeon.cpp
@@ -203,8 +203,8 @@ void Noekeon::key_schedule(const byte key[], u32bit)
*/
void Noekeon::clear()
{
- EK.clear();
- DK.clear();
+ zeroise(EK);
+ zeroise(DK);
}
}
diff --git a/src/block/rc2/rc2.h b/src/block/rc2/rc2.h
index c16680347..e6c900056 100644
--- a/src/block/rc2/rc2.h
+++ b/src/block/rc2/rc2.h
@@ -28,7 +28,7 @@ class BOTAN_DLL RC2 : public BlockCipher
*/
static byte EKB_code(u32bit bits);
- void clear() { K.clear(); }
+ void clear() { zeroise(K); }
std::string name() const { return "RC2"; }
BlockCipher* clone() const { return new RC2; }
diff --git a/src/block/rc5/rc5.h b/src/block/rc5/rc5.h
index 385c6b2b1..9a794d248 100644
--- a/src/block/rc5/rc5.h
+++ b/src/block/rc5/rc5.h
@@ -21,7 +21,7 @@ class BOTAN_DLL RC5 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { S.clear(); }
+ void clear() { zeroise(S); }
std::string name() const;
BlockCipher* clone() const { return new RC5(ROUNDS); }
diff --git a/src/block/rc6/rc6.h b/src/block/rc6/rc6.h
index 9b2d587fa..02c464c5c 100644
--- a/src/block/rc6/rc6.h
+++ b/src/block/rc6/rc6.h
@@ -21,7 +21,7 @@ class BOTAN_DLL RC6 : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { S.clear(); }
+ void clear() { zeroise(S); }
std::string name() const { return "RC6"; }
BlockCipher* clone() const { return new RC6; }
diff --git a/src/block/safer/safer_sk.h b/src/block/safer/safer_sk.h
index c93797602..26875c97b 100644
--- a/src/block/safer/safer_sk.h
+++ b/src/block/safer/safer_sk.h
@@ -21,7 +21,7 @@ class BOTAN_DLL SAFER_SK : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); }
+ void clear() { zeroise(EK); }
std::string name() const;
BlockCipher* clone() const;
diff --git a/src/block/seed/seed.h b/src/block/seed/seed.h
index 0c80199ad..bfc9c7fa1 100644
--- a/src/block/seed/seed.h
+++ b/src/block/seed/seed.h
@@ -21,7 +21,7 @@ class BOTAN_DLL SEED : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { K.clear(); }
+ void clear() { zeroise(K); }
std::string name() const { return "SEED"; }
BlockCipher* clone() const { return new SEED; }
diff --git a/src/block/serpent/serpent.h b/src/block/serpent/serpent.h
index dc81d4178..56afd3330 100644
--- a/src/block/serpent/serpent.h
+++ b/src/block/serpent/serpent.h
@@ -21,7 +21,7 @@ class BOTAN_DLL Serpent : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { round_key.clear(); }
+ void clear() { zeroise(round_key); }
std::string name() const { return "Serpent"; }
BlockCipher* clone() const { return new Serpent; }
Serpent() : BlockCipher(16, 16, 32, 8) {}
diff --git a/src/block/skipjack/skipjack.cpp b/src/block/skipjack/skipjack.cpp
index b23d1e160..dda984e4c 100644
--- a/src/block/skipjack/skipjack.cpp
+++ b/src/block/skipjack/skipjack.cpp
@@ -189,7 +189,7 @@ void Skipjack::key_schedule(const byte key[], u32bit)
*/
void Skipjack::clear()
{
- FTAB.clear();
+ zeroise(FTAB);
}
}
diff --git a/src/block/square/square.cpp b/src/block/square/square.cpp
index adcf18611..f96162c37 100644
--- a/src/block/square/square.cpp
+++ b/src/block/square/square.cpp
@@ -206,10 +206,10 @@ void Square::transform(u32bit round_key[4])
*/
void Square::clear()
{
- EK.clear();
- DK.clear();
- ME.clear();
- MD.clear();
+ zeroise(EK);
+ zeroise(DK);
+ zeroise(ME);
+ zeroise(MD);
}
}
diff --git a/src/block/tea/tea.h b/src/block/tea/tea.h
index 128f42080..6e1c4fafb 100644
--- a/src/block/tea/tea.h
+++ b/src/block/tea/tea.h
@@ -21,7 +21,7 @@ class BOTAN_DLL TEA : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { K.clear(); }
+ void clear() { zeroise(K); }
std::string name() const { return "TEA"; }
BlockCipher* clone() const { return new TEA; }
diff --git a/src/block/twofish/twofish.cpp b/src/block/twofish/twofish.cpp
index a183821b2..375590af1 100644
--- a/src/block/twofish/twofish.cpp
+++ b/src/block/twofish/twofish.cpp
@@ -220,11 +220,11 @@ void Twofish::rs_mul(byte S[4], byte key, u32bit offset)
*/
void Twofish::clear()
{
- SBox0.clear();
- SBox1.clear();
- SBox2.clear();
- SBox3.clear();
- round_key.clear();
+ zeroise(SBox0);
+ zeroise(SBox1);
+ zeroise(SBox2);
+ zeroise(SBox3);
+ zeroise(round_key);
}
}
diff --git a/src/block/xtea/xtea.h b/src/block/xtea/xtea.h
index d15108939..d328bf2f0 100644
--- a/src/block/xtea/xtea.h
+++ b/src/block/xtea/xtea.h
@@ -21,7 +21,7 @@ class BOTAN_DLL XTEA : public BlockCipher
void encrypt_n(const byte in[], byte out[], u32bit blocks) const;
void decrypt_n(const byte in[], byte out[], u32bit blocks) const;
- void clear() { EK.clear(); }
+ void clear() { zeroise(EK); }
std::string name() const { return "XTEA"; }
BlockCipher* clone() const { return new XTEA; }
diff --git a/src/cms/cms_enc.cpp b/src/cms/cms_enc.cpp
index 3437c15e3..ebb89df60 100644
--- a/src/cms/cms_enc.cpp
+++ b/src/cms/cms_enc.cpp
@@ -46,7 +46,7 @@ SecureVector<byte> CMS_Encoder::get_contents()
end_explicit().
end_cons();
- data.clear();
+ data.destroy();
return encoder.get_contents();
}
diff --git a/src/constructs/aont/package.cpp b/src/constructs/aont/package.cpp
index e10087060..1e25a3b24 100644
--- a/src/constructs/aont/package.cpp
+++ b/src/constructs/aont/package.cpp
@@ -49,7 +49,7 @@ void aont_package(RandomNumberGenerator& rng,
u32bit left = std::min<u32bit>(cipher->BLOCK_SIZE,
input_len - cipher->BLOCK_SIZE * i);
- buf.clear();
+ zeroise(buf);
copy_mem(&buf[0], output + cipher->BLOCK_SIZE * i, left);
for(u32bit j = 0; j != 4; ++j)
@@ -95,7 +95,7 @@ void aont_unpackage(BlockCipher* cipher,
u32bit left = std::min<u32bit>(cipher->BLOCK_SIZE,
input_len - cipher->BLOCK_SIZE * (i+1));
- buf.clear();
+ zeroise(buf);
copy_mem(&buf[0], input + cipher->BLOCK_SIZE * i, left);
for(u32bit j = 0; j != 4; ++j)
diff --git a/src/filters/modes/cfb/cfb.cpp b/src/filters/modes/cfb/cfb.cpp
index 239b03254..9ec4c5de3 100644
--- a/src/filters/modes/cfb/cfb.cpp
+++ b/src/filters/modes/cfb/cfb.cpp
@@ -58,7 +58,7 @@ void CFB_Encryption::set_iv(const InitializationVector& iv)
throw Invalid_IV_Length(name(), iv.length());
state = iv.bits_of();
- buffer.clear();
+ zeroise(buffer);
position = 0;
cipher->encrypt(state, buffer);
@@ -135,7 +135,7 @@ void CFB_Decryption::set_iv(const InitializationVector& iv)
throw Invalid_IV_Length(name(), iv.length());
state = iv.bits_of();
- buffer.clear();
+ zeroise(buffer);
position = 0;
cipher->encrypt(state, buffer);
diff --git a/src/filters/modes/cts/cts.cpp b/src/filters/modes/cts/cts.cpp
index 61df8897b..c404d8f33 100644
--- a/src/filters/modes/cts/cts.cpp
+++ b/src/filters/modes/cts/cts.cpp
@@ -47,7 +47,7 @@ void CTS_Encryption::set_iv(const InitializationVector& iv)
throw Invalid_IV_Length(name(), iv.length());
state = iv.bits_of();
- buffer.clear();
+ zeroise(buffer);
position = 0;
}
@@ -149,7 +149,7 @@ void CTS_Decryption::set_iv(const InitializationVector& iv)
throw Invalid_IV_Length(name(), iv.length());
state = iv.bits_of();
- buffer.clear();
+ zeroise(buffer);
position = 0;
}
diff --git a/src/hash/bmw/bmw_512.cpp b/src/hash/bmw/bmw_512.cpp
index 5ccb09579..a9b580ca6 100644
--- a/src/hash/bmw/bmw_512.cpp
+++ b/src/hash/bmw/bmw_512.cpp
@@ -178,8 +178,8 @@ void BMW_512::copy_out(byte output[])
void BMW_512::clear()
{
MDx_HashFunction::clear();
- M.clear();
- Q.clear();
+ zeroise(M);
+ zeroise(Q);
H[ 0] = 0x8081828384858687;
H[ 1] = 0x88898A8B8C8D8E8F;
diff --git a/src/hash/gost_3411/gost_3411.cpp b/src/hash/gost_3411/gost_3411.cpp
index f09b0fc60..7e6fd8fac 100644
--- a/src/hash/gost_3411/gost_3411.cpp
+++ b/src/hash/gost_3411/gost_3411.cpp
@@ -26,8 +26,8 @@ GOST_34_11::GOST_34_11() :
void GOST_34_11::clear()
{
cipher.clear();
- sum.clear();
- hash.clear();
+ zeroise(sum);
+ zeroise(hash);
count = 0;
position = 0;
}
diff --git a/src/hash/has160/has160.cpp b/src/hash/has160/has160.cpp
index d245a0249..fd39e7ea0 100644
--- a/src/hash/has160/has160.cpp
+++ b/src/hash/has160/has160.cpp
@@ -154,7 +154,7 @@ void HAS_160::copy_out(byte output[])
void HAS_160::clear()
{
MDx_HashFunction::clear();
- X.clear();
+ zeroise(X);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/md2/md2.cpp b/src/hash/md2/md2.cpp
index 7d0ab0ab0..b3ccae6df 100644
--- a/src/hash/md2/md2.cpp
+++ b/src/hash/md2/md2.cpp
@@ -99,9 +99,9 @@ void MD2::final_result(byte output[])
*/
void MD2::clear()
{
- X.clear();
- checksum.clear();
- buffer.clear();
+ zeroise(X);
+ zeroise(checksum);
+ zeroise(buffer);
position = 0;
}
diff --git a/src/hash/md4/md4.cpp b/src/hash/md4/md4.cpp
index f573dae25..edba1d08a 100644
--- a/src/hash/md4/md4.cpp
+++ b/src/hash/md4/md4.cpp
@@ -104,7 +104,7 @@ void MD4::copy_out(byte output[])
void MD4::clear()
{
MDx_HashFunction::clear();
- M.clear();
+ zeroise(M);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/md5/md5.cpp b/src/hash/md5/md5.cpp
index 8c1e5a8e1..104155e9d 100644
--- a/src/hash/md5/md5.cpp
+++ b/src/hash/md5/md5.cpp
@@ -126,7 +126,7 @@ void MD5::copy_out(byte output[])
void MD5::clear()
{
MDx_HashFunction::clear();
- M.clear();
+ zeroise(M);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/mdx_hash/mdx_hash.cpp b/src/hash/mdx_hash/mdx_hash.cpp
index bf571076e..ffca0d93b 100644
--- a/src/hash/mdx_hash/mdx_hash.cpp
+++ b/src/hash/mdx_hash/mdx_hash.cpp
@@ -30,7 +30,7 @@ MDx_HashFunction::MDx_HashFunction(u32bit hash_len, u32bit block_len,
*/
void MDx_HashFunction::clear()
{
- buffer.clear();
+ zeroise(buffer);
count = position = 0;
}
@@ -76,7 +76,7 @@ void MDx_HashFunction::final_result(byte output[])
if(position >= HASH_BLOCK_SIZE - COUNT_SIZE)
{
compress_n(buffer, 1);
- buffer.clear();
+ zeroise(buffer);
}
write_count(buffer + HASH_BLOCK_SIZE - COUNT_SIZE);
diff --git a/src/hash/rmd128/rmd128.cpp b/src/hash/rmd128/rmd128.cpp
index 51e416eb1..9e0f6701e 100644
--- a/src/hash/rmd128/rmd128.cpp
+++ b/src/hash/rmd128/rmd128.cpp
@@ -166,7 +166,7 @@ void RIPEMD_128::copy_out(byte output[])
void RIPEMD_128::clear()
{
MDx_HashFunction::clear();
- M.clear();
+ zeroise(M);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/rmd160/rmd160.cpp b/src/hash/rmd160/rmd160.cpp
index 5237f1e12..4975814f4 100644
--- a/src/hash/rmd160/rmd160.cpp
+++ b/src/hash/rmd160/rmd160.cpp
@@ -199,7 +199,7 @@ void RIPEMD_160::copy_out(byte output[])
void RIPEMD_160::clear()
{
MDx_HashFunction::clear();
- M.clear();
+ zeroise(M);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/sha1/sha160.cpp b/src/hash/sha1/sha160.cpp
index 1ad08d483..1e57f0cf4 100644
--- a/src/hash/sha1/sha160.cpp
+++ b/src/hash/sha1/sha160.cpp
@@ -144,7 +144,7 @@ void SHA_160::copy_out(byte output[])
void SHA_160::clear()
{
MDx_HashFunction::clear();
- W.clear();
+ zeroise(W);
digest[0] = 0x67452301;
digest[1] = 0xEFCDAB89;
digest[2] = 0x98BADCFE;
diff --git a/src/hash/sha2/sha2_32.cpp b/src/hash/sha2/sha2_32.cpp
index 4315e10d6..a18a4d8c4 100644
--- a/src/hash/sha2/sha2_32.cpp
+++ b/src/hash/sha2/sha2_32.cpp
@@ -181,7 +181,7 @@ void SHA_224::copy_out(byte output[])
void SHA_224::clear()
{
MDx_HashFunction::clear();
- W.clear();
+ zeroise(W);
digest[0] = 0xC1059ED8;
digest[1] = 0x367CD507;
digest[2] = 0x3070DD17;
@@ -215,7 +215,7 @@ void SHA_256::copy_out(byte output[])
void SHA_256::clear()
{
MDx_HashFunction::clear();
- W.clear();
+ zeroise(W);
digest[0] = 0x6A09E667;
digest[1] = 0xBB67AE85;
digest[2] = 0x3C6EF372;
diff --git a/src/hash/sha2/sha2_64.cpp b/src/hash/sha2/sha2_64.cpp
index 10fe81a5e..aecf9a0db 100644
--- a/src/hash/sha2/sha2_64.cpp
+++ b/src/hash/sha2/sha2_64.cpp
@@ -188,7 +188,7 @@ void SHA_384::copy_out(byte output[])
void SHA_384::clear()
{
MDx_HashFunction::clear();
- W.clear();
+ zeroise(W);
digest[0] = 0xCBBB9D5DC1059ED8;
digest[1] = 0x629A292A367CD507;
digest[2] = 0x9159015A3070DD17;
@@ -222,7 +222,7 @@ void SHA_512::copy_out(byte output[])
void SHA_512::clear()
{
MDx_HashFunction::clear();
- W.clear();
+ zeroise(W);
digest[0] = 0x6A09E667F3BCC908;
digest[1] = 0xBB67AE8584CAA73B;
digest[2] = 0x3C6EF372FE94F82B;
diff --git a/src/hash/skein/skein_512.cpp b/src/hash/skein/skein_512.cpp
index 4d7717ef4..1fdd9fbf6 100644
--- a/src/hash/skein/skein_512.cpp
+++ b/src/hash/skein/skein_512.cpp
@@ -186,9 +186,9 @@ HashFunction* Skein_512::clone() const
void Skein_512::clear()
{
- H.clear();
- T.clear();
- buffer.clear();
+ zeroise(H);
+ zeroise(T);
+ zeroise(buffer);
buf_pos = 0;
}
diff --git a/src/hash/tiger/tiger.cpp b/src/hash/tiger/tiger.cpp
index 3013ab38e..1812abf12 100644
--- a/src/hash/tiger/tiger.cpp
+++ b/src/hash/tiger/tiger.cpp
@@ -136,7 +136,7 @@ void Tiger::pass(u64bit& A, u64bit& B, u64bit& C, u64bit X[8], byte mul)
void Tiger::clear()
{
MDx_HashFunction::clear();
- X.clear();
+ zeroise(X);
digest[0] = 0x0123456789ABCDEF;
digest[1] = 0xFEDCBA9876543210;
digest[2] = 0xF096A5B4C3B2E187;
diff --git a/src/hash/whirlpool/whrlpool.cpp b/src/hash/whirlpool/whrlpool.cpp
index 06755fe77..6f62695c8 100644
--- a/src/hash/whirlpool/whrlpool.cpp
+++ b/src/hash/whirlpool/whrlpool.cpp
@@ -139,8 +139,8 @@ void Whirlpool::copy_out(byte output[])
void Whirlpool::clear()
{
MDx_HashFunction::clear();
- M.clear();
- digest.clear();
+ zeroise(M);
+ zeroise(digest);
}
}
diff --git a/src/mac/cbc_mac/cbc_mac.cpp b/src/mac/cbc_mac/cbc_mac.cpp
index 6a0692580..206bce55c 100644
--- a/src/mac/cbc_mac/cbc_mac.cpp
+++ b/src/mac/cbc_mac/cbc_mac.cpp
@@ -47,7 +47,7 @@ void CBC_MAC::final_result(byte mac[])
e->encrypt(state);
copy_mem(mac, state.begin(), state.size());
- state.clear();
+ zeroise(state);
position = 0;
}
@@ -65,7 +65,7 @@ void CBC_MAC::key_schedule(const byte key[], u32bit length)
void CBC_MAC::clear()
{
e->clear();
- state.clear();
+ zeroise(state);
position = 0;
}
diff --git a/src/mac/cmac/cmac.cpp b/src/mac/cmac/cmac.cpp
index 05c5f4a88..38b62c6cb 100644
--- a/src/mac/cmac/cmac.cpp
+++ b/src/mac/cmac/cmac.cpp
@@ -81,8 +81,8 @@ void CMAC::final_result(byte mac[])
for(u32bit j = 0; j != OUTPUT_LENGTH; ++j)
mac[j] = state[j];
- state.clear();
- buffer.clear();
+ zeroise(state);
+ zeroise(buffer);
position = 0;
}
@@ -104,10 +104,10 @@ void CMAC::key_schedule(const byte key[], u32bit length)
void CMAC::clear()
{
e->clear();
- state.clear();
- buffer.clear();
- B.clear();
- P.clear();
+ zeroise(state);
+ zeroise(buffer);
+ zeroise(B);
+ zeroise(P);
position = 0;
}
diff --git a/src/mac/hmac/hmac.cpp b/src/mac/hmac/hmac.cpp
index 0d5c99702..1ad9487b4 100644
--- a/src/mac/hmac/hmac.cpp
+++ b/src/mac/hmac/hmac.cpp
@@ -61,8 +61,8 @@ void HMAC::key_schedule(const byte key[], u32bit length)
void HMAC::clear()
{
hash->clear();
- i_key.clear();
- o_key.clear();
+ zeroise(i_key);
+ zeroise(o_key);
}
/*
diff --git a/src/mac/ssl3mac/ssl3_mac.cpp b/src/mac/ssl3mac/ssl3_mac.cpp
index a4c0c635e..781cb7f27 100644
--- a/src/mac/ssl3mac/ssl3_mac.cpp
+++ b/src/mac/ssl3mac/ssl3_mac.cpp
@@ -49,8 +49,8 @@ void SSL3_MAC::key_schedule(const byte key[], u32bit length)
void SSL3_MAC::clear()
{
hash->clear();
- i_key.clear();
- o_key.clear();
+ zeroise(i_key);
+ zeroise(o_key);
}
/*
diff --git a/src/mac/x919_mac/x919_mac.cpp b/src/mac/x919_mac/x919_mac.cpp
index 42e039d60..f0c2419fa 100644
--- a/src/mac/x919_mac/x919_mac.cpp
+++ b/src/mac/x919_mac/x919_mac.cpp
@@ -46,7 +46,7 @@ void ANSI_X919_MAC::final_result(byte mac[])
e->encrypt(state);
d->decrypt(state, mac);
e->encrypt(mac);
- state.clear();
+ zeroise(state);
position = 0;
}
@@ -67,7 +67,7 @@ void ANSI_X919_MAC::clear()
{
e->clear();
d->clear();
- state.clear();
+ zeroise(state);
position = 0;
}
diff --git a/src/math/bigint/big_ops2.cpp b/src/math/bigint/big_ops2.cpp
index cc50c26e5..193c00e32 100644
--- a/src/math/bigint/big_ops2.cpp
+++ b/src/math/bigint/big_ops2.cpp
@@ -37,7 +37,7 @@ BigInt& BigInt::operator+=(const BigInt& y)
}
else if(relative_size == 0)
{
- get_reg().clear();
+ zeroise(reg);
set_sign(Positive);
}
else if(relative_size > 0)
@@ -72,7 +72,7 @@ BigInt& BigInt::operator-=(const BigInt& y)
{
if(sign() == y.sign())
{
- get_reg().clear();
+ clear();
set_sign(Positive);
}
else
@@ -99,7 +99,7 @@ BigInt& BigInt::operator*=(const BigInt& y)
if(x_sw == 0 || y_sw == 0)
{
- get_reg().clear();
+ clear();
set_sign(Positive);
}
else if(x_sw == 1 && y_sw)
diff --git a/src/math/bigint/bigint.cpp b/src/math/bigint/bigint.cpp
index 1ae8be130..2ac387a97 100644
--- a/src/math/bigint/bigint.cpp
+++ b/src/math/bigint/bigint.cpp
@@ -348,7 +348,7 @@ void BigInt::binary_decode(const byte buf[], u32bit length)
{
const u32bit WORD_BYTES = sizeof(word);
- reg.clear();
+ clear();
reg.resize(round_up<u32bit>((length / WORD_BYTES) + 1, 8));
for(u32bit j = 0; j != length / WORD_BYTES; ++j)
diff --git a/src/math/bigint/bigint.h b/src/math/bigint/bigint.h
index 64bf20068..9ce71aeca 100644
--- a/src/math/bigint/bigint.h
+++ b/src/math/bigint/bigint.h
@@ -140,7 +140,7 @@ class BOTAN_DLL BigInt
/**
* Zeroize the BigInt
*/
- void clear() { get_reg().clear(); }
+ void clear() { zeroise(reg); }
/**
* Compare this to another BigInt
diff --git a/src/math/numbertheory/point_gfp.cpp b/src/math/numbertheory/point_gfp.cpp
index 6e62a9a13..93e3392ea 100644
--- a/src/math/numbertheory/point_gfp.cpp
+++ b/src/math/numbertheory/point_gfp.cpp
@@ -46,7 +46,7 @@ void PointGFp::monty_mult(BigInt& z,
const u32bit p_size = curve.get_p_words();
const word p_dash = curve.get_p_dash();
- workspace.clear();
+ zeroise(workspace);
bigint_mul(workspace, workspace.size(), 0,
x.data(), x.size(), x.sig_words(),
@@ -73,7 +73,7 @@ void PointGFp::monty_sqr(BigInt& z, const BigInt& x,
const u32bit p_size = curve.get_p_words();
const word p_dash = curve.get_p_dash();
- workspace.clear();
+ zeroise(workspace);
bigint_sqr(workspace, workspace.size(), 0,
x.data(), x.size(), x.sig_words());
diff --git a/src/math/numbertheory/powm_mnt.cpp b/src/math/numbertheory/powm_mnt.cpp
index cce142020..80582eaa8 100644
--- a/src/math/numbertheory/powm_mnt.cpp
+++ b/src/math/numbertheory/powm_mnt.cpp
@@ -66,7 +66,7 @@ void Montgomery_Exponentiator::set_base(const BigInt& base)
const BigInt& y = g[j-1];
const u32bit y_sig = y.sig_words();
- z.clear();
+ zeroise(z);
bigint_mul(z.begin(), z.size(), workspace,
x.data(), x.size(), x_sig,
y.data(), y.size(), y_sig);
@@ -90,7 +90,7 @@ BigInt Montgomery_Exponentiator::execute() const
{
for(u32bit k = 0; k != window_bits; ++k)
{
- z.clear();
+ zeroise(z);
bigint_sqr(z.begin(), z.size(), workspace,
x.data(), x.size(), x.sig_words());
@@ -102,7 +102,7 @@ BigInt Montgomery_Exponentiator::execute() const
{
const BigInt& y = g[nibble-1];
- z.clear();
+ zeroise(z);
bigint_mul(z.begin(), z.size(), workspace,
x.data(), x.size(), x.sig_words(),
y.data(), y.size(), y.sig_words());
@@ -111,7 +111,7 @@ BigInt Montgomery_Exponentiator::execute() const
}
}
- z.clear();
+ zeroise(z);
z.copy(x.data(), x.size());
montgomery_reduce(x, z, modulus, mod_words, mod_prime);
diff --git a/src/pk_pad/eme1/eme1.cpp b/src/pk_pad/eme1/eme1.cpp
index 9eab16d6c..84fcf4b83 100644
--- a/src/pk_pad/eme1/eme1.cpp
+++ b/src/pk_pad/eme1/eme1.cpp
@@ -26,8 +26,6 @@ SecureVector<byte> EME1::pad(const byte in[], u32bit in_length,
SecureVector<byte> out(key_length);
- out.clear();
-
rng.randomize(out, HASH_LENGTH);
out.copy(HASH_LENGTH, Phash, Phash.size());
diff --git a/src/pk_pad/emsa3/emsa3.cpp b/src/pk_pad/emsa3/emsa3.cpp
index 82981d38c..aa1b85f05 100644
--- a/src/pk_pad/emsa3/emsa3.cpp
+++ b/src/pk_pad/emsa3/emsa3.cpp
@@ -117,8 +117,8 @@ void EMSA3_Raw::update(const byte input[], u32bit length)
*/
SecureVector<byte> EMSA3_Raw::raw_data()
{
- SecureVector<byte> ret = message;
- message.clear();
+ SecureVector<byte> ret;
+ std::swap(ret, message);
return ret;
}
diff --git a/src/rng/hmac_rng/hmac_rng.cpp b/src/rng/hmac_rng/hmac_rng.cpp
index fbfa87f70..b9bd65ae1 100644
--- a/src/rng/hmac_rng/hmac_rng.cpp
+++ b/src/rng/hmac_rng/hmac_rng.cpp
@@ -107,7 +107,7 @@ void HMAC_RNG::reseed(u32bit poll_bits)
extractor->set_key(K, K.size());
// Reset state
- K.clear();
+ zeroise(K);
counter = 0;
user_input_len = 0;
@@ -147,7 +147,7 @@ void HMAC_RNG::clear()
{
extractor->clear();
prf->clear();
- K.clear();
+ zeroise(K);
counter = 0;
user_input_len = 0;
seeded = false;
diff --git a/src/rng/randpool/randpool.cpp b/src/rng/randpool/randpool.cpp
index c3e496638..fb8dfcd09 100644
--- a/src/rng/randpool/randpool.cpp
+++ b/src/rng/randpool/randpool.cpp
@@ -149,9 +149,9 @@ void Randpool::clear()
{
cipher->clear();
mac->clear();
- pool.clear();
- buffer.clear();
- counter.clear();
+ zeroise(pool);
+ zeroise(buffer);
+ zeroise(counter);
seeded = false;
}
diff --git a/src/rng/x931_rng/x931_rng.cpp b/src/rng/x931_rng/x931_rng.cpp
index f812377ed..4a06fca39 100644
--- a/src/rng/x931_rng/x931_rng.cpp
+++ b/src/rng/x931_rng/x931_rng.cpp
@@ -112,7 +112,7 @@ void ANSI_X931_RNG::clear()
{
cipher->clear();
prng->clear();
- R.clear();
+ zeroise(R);
V.destroy();
position = 0;
diff --git a/src/ssl/rec_read.cpp b/src/ssl/rec_read.cpp
index 3c008641d..895026431 100644
--- a/src/ssl/rec_read.cpp
+++ b/src/ssl/rec_read.cpp
@@ -244,7 +244,9 @@ u32bit Record_Reader::get_record(byte& msg_type,
throw TLS_Exception(BAD_RECORD_MAC, "Record_Reader: MAC failure");
msg_type = header[0];
- output.set(&plaintext[iv_size], plain_length);
+
+ output.resize(plain_length);
+ copy_mem(&output[0], &plaintext[iv_size], plain_length);
return 0;
}
diff --git a/src/ssl/rec_wri.cpp b/src/ssl/rec_wri.cpp
index d5358f4c3..40dd45219 100644
--- a/src/ssl/rec_wri.cpp
+++ b/src/ssl/rec_wri.cpp
@@ -30,7 +30,7 @@ void Record_Writer::reset()
cipher.reset();
mac.reset();
- buffer.clear();
+ zeroise(buffer);
buf_pos = 0;
major = minor = buf_type = 0;
diff --git a/src/stream/arc4/arc4.cpp b/src/stream/arc4/arc4.cpp
index 1c89379ba..a3a2f9a65 100644
--- a/src/stream/arc4/arc4.cpp
+++ b/src/stream/arc4/arc4.cpp
@@ -89,8 +89,8 @@ std::string ARC4::name() const
*/
void ARC4::clear()
{
- state.clear();
- buffer.clear();
+ zeroise(state);
+ zeroise(buffer);
position = X = Y = 0;
}
diff --git a/src/stream/ctr/ctr.cpp b/src/stream/ctr/ctr.cpp
index 8a24cd4d0..cd1b1b7fb 100644
--- a/src/stream/ctr/ctr.cpp
+++ b/src/stream/ctr/ctr.cpp
@@ -40,8 +40,8 @@ CTR_BE::~CTR_BE()
void CTR_BE::clear()
{
permutation->clear();
- buffer.clear();
- counter.clear();
+ zeroise(buffer);
+ zeroise(counter);
position = 0;
}
@@ -91,7 +91,7 @@ void CTR_BE::set_iv(const byte iv[], u32bit iv_len)
const u32bit BLOCK_SIZE = permutation->BLOCK_SIZE;
- counter.clear();
+ zeroise(counter);
counter.copy(0, iv, iv_len);
diff --git a/src/stream/ofb/ofb.cpp b/src/stream/ofb/ofb.cpp
index cfa035a4f..332673153 100644
--- a/src/stream/ofb/ofb.cpp
+++ b/src/stream/ofb/ofb.cpp
@@ -38,7 +38,7 @@ OFB::~OFB()
void OFB::clear()
{
permutation->clear();
- buffer.clear();
+ zeroise(buffer);
position = 0;
}
@@ -87,7 +87,7 @@ void OFB::set_iv(const byte iv[], u32bit iv_len)
if(!valid_iv_length(iv_len))
throw Invalid_IV_Length(name(), iv_len);
- buffer.clear();
+ zeroise(buffer);
buffer.copy(0, iv, iv_len);
permutation->encrypt(buffer);
diff --git a/src/stream/salsa20/salsa20.cpp b/src/stream/salsa20/salsa20.cpp
index a38e6e305..c52e305d1 100644
--- a/src/stream/salsa20/salsa20.cpp
+++ b/src/stream/salsa20/salsa20.cpp
@@ -232,8 +232,8 @@ std::string Salsa20::name() const
*/
void Salsa20::clear()
{
- state.clear();
- buffer.clear();
+ zeroise(state);
+ zeroise(buffer);
position = 0;
}
diff --git a/src/stream/turing/turing.cpp b/src/stream/turing/turing.cpp
index 159c262fd..bfb2166d8 100644
--- a/src/stream/turing/turing.cpp
+++ b/src/stream/turing/turing.cpp
@@ -300,12 +300,12 @@ void Turing::set_iv(const byte iv[], u32bit length)
*/
void Turing::clear()
{
- S0.clear();
- S1.clear();
- S2.clear();
- S3.clear();
+ zeroise(S0);
+ zeroise(S1);
+ zeroise(S2);
+ zeroise(S3);
- buffer.clear();
+ zeroise(buffer);
position = 0;
}
diff --git a/src/stream/wid_wake/wid_wake.cpp b/src/stream/wid_wake/wid_wake.cpp
index 225ccf9a6..f5897f1cc 100644
--- a/src/stream/wid_wake/wid_wake.cpp
+++ b/src/stream/wid_wake/wid_wake.cpp
@@ -139,10 +139,10 @@ void WiderWake_41_BE::set_iv(const byte iv[], u32bit length)
void WiderWake_41_BE::clear()
{
position = 0;
- t_key.clear();
- state.clear();
- T.clear();
- buffer.clear();
+ zeroise(t_key);
+ zeroise(state);
+ zeroise(T);
+ zeroise(buffer);
}
}
diff --git a/src/sym_algo/symkey.cpp b/src/sym_algo/symkey.cpp
index bf2b705d3..a04f29181 100644
--- a/src/sym_algo/symkey.cpp
+++ b/src/sym_algo/symkey.cpp
@@ -91,7 +91,7 @@ std::string OctetString::as_string() const
*/
OctetString& OctetString::operator^=(const OctetString& k)
{
- if(&k == this) { bits.clear(); return (*this); }
+ if(&k == this) { zeroise(bits); return (*this); }
xor_buf(bits.begin(), k.begin(), std::min(length(), k.length()));
return (*this);
}