diff options
| -rw-r--r-- | doc/manual/bigint.rst | 6 | ||||
| -rw-r--r-- | doc/manual/compression.rst | 8 | ||||
| -rw-r--r-- | doc/manual/credentials_manager.rst | 2 | ||||
| -rw-r--r-- | doc/manual/cryptobox.rst | 4 | ||||
| -rw-r--r-- | doc/manual/ffi.rst | 2 | ||||
| -rw-r--r-- | doc/manual/filters.rst | 24 | ||||
| -rw-r--r-- | doc/manual/fpe.rst | 4 | ||||
| -rw-r--r-- | doc/manual/hash.rst | 8 | ||||
| -rw-r--r-- | doc/manual/kdf.rst | 20 | ||||
| -rw-r--r-- | doc/manual/lowlevel.rst | 2 | ||||
| -rw-r--r-- | doc/manual/mceliece.rst | 12 | ||||
| -rw-r--r-- | doc/manual/passhash.rst | 4 | ||||
| -rw-r--r-- | doc/manual/pbkdf.rst | 4 | ||||
| -rw-r--r-- | doc/manual/pkcs11.rst | 24 | ||||
| -rw-r--r-- | doc/manual/pubkey.rst | 60 | ||||
| -rw-r--r-- | doc/manual/rng.rst | 12 | ||||
| -rw-r--r-- | doc/manual/srp.rst | 4 | ||||
| -rw-r--r-- | doc/manual/symmetric_crypto.rst | 98 | ||||
| -rw-r--r-- | doc/manual/tls.rst | 30 | ||||
| -rw-r--r-- | doc/manual/versions.rst | 8 | ||||
| -rw-r--r-- | doc/manual/x509.rst | 10 |
21 files changed, 174 insertions, 172 deletions
diff --git a/doc/manual/bigint.rst b/doc/manual/bigint.rst index 04af0c6db..421ed27c5 100644 --- a/doc/manual/bigint.rst +++ b/doc/manual/bigint.rst @@ -13,13 +13,13 @@ Encoding Functions These transform the normal representation of a ``BigInt`` into some other form, such as a decimal string: -.. cpp:function:: secure_vector<byte> BigInt::encode(const BigInt& n, Encoding enc = Binary) +.. cpp:function:: secure_vector<uint8_t> BigInt::encode(const BigInt& n, Encoding enc = Binary) This function encodes the BigInt n into a memory vector. ``Encoding`` is an enum that has values ``Binary``, ``Decimal``, and ``Hexadecimal``. -.. cpp:function:: BigInt BigInt::decode(const std::vector<byte>& vec, Encoding enc) +.. cpp:function:: BigInt BigInt::decode(const std::vector<uint8_t>& vec, Encoding enc) Decode the integer from ``vec`` using the encoding specified. @@ -27,7 +27,7 @@ These functions are static member functions, so they would be called like this:: BigInt n1 = ...; // some number - secure_vector<byte> n1_encoded = BigInt::encode(n1); + secure_vector<uint8_t> n1_encoded = BigInt::encode(n1); BigInt n2 = BigInt::decode(n1_encoded); assert(n1 == n2); diff --git a/doc/manual/compression.rst b/doc/manual/compression.rst index 2d1f4c142..4a40b24c7 100644 --- a/doc/manual/compression.rst +++ b/doc/manual/compression.rst @@ -29,7 +29,7 @@ finally completing processing the stream (``finish``). CPU time consumed by the compression process. The decompressor can always handle input from any compressor. - .. cpp:function:: void update(secure_vector<byte>& buf, \ + .. cpp:function:: void update(secure_vector<uint8_t>& buf, \ size_t offset = 0, bool flush = false) Compress the material in the in/out parameter ``buf``. The leading @@ -39,7 +39,7 @@ finally completing processing the stream (``finish``). entire message up to this point without having the see the rest of the compressed stream. - .. cpp::function:: void finish(secure_vector<byte>& buf, size_t offset = 0) + .. cpp::function:: void finish(secure_vector<uint8_t>& buf, size_t offset = 0) Finish compressing a message. The ``buf`` and ``offset`` parameters are treated as in ``update``. It is acceptable to call ``start`` followed by @@ -54,7 +54,7 @@ finally completing processing the stream (``finish``). ``update`` or ``finish``. No level is provided here; the decompressor can accept input generated by any compression parameters. - .. cpp:function:: void update(secure_vector<byte>& buf, \ + .. cpp:function:: void update(secure_vector<uint8_t>& buf, \ size_t offset = 0) Decompress the material in the in/out parameter ``buf``. The leading @@ -63,7 +63,7 @@ finally completing processing the stream (``finish``). This function may throw if the data seems to be invalid. - .. cpp::function:: void finish(secure_vector<byte>& buf, size_t offset = 0) + .. cpp::function:: void finish(secure_vector<uint8_t>& buf, size_t offset = 0) Finish decompressing a message. The ``buf`` and ``offset`` parameters are treated as in ``update``. It is acceptable to call ``start`` followed by diff --git a/doc/manual/credentials_manager.rst b/doc/manual/credentials_manager.rst index 006d47343..e694f7efd 100644 --- a/doc/manual/credentials_manager.rst +++ b/doc/manual/credentials_manager.rst @@ -89,7 +89,7 @@ servers for SRP authentication. const std::string& identifier, \ std::string& group_name, \ BigInt& verifier, \ - std::vector<byte>& salt, \ + std::vector<uint8_t>& salt, \ bool generate_fake_on_unknown) Returns the SRP verifier information for *identifier* (used by server) diff --git a/doc/manual/cryptobox.rst b/doc/manual/cryptobox.rst index a3a0d02b0..dbade88af 100644 --- a/doc/manual/cryptobox.rst +++ b/doc/manual/cryptobox.rst @@ -15,13 +15,13 @@ It generates cipher and MAC keys using 8192 iterations of PBKDF2 with HMAC(SHA-512), then encrypts using Serpent in CTR mode and authenticates using a HMAC(SHA-512) mac of the ciphertext, truncated to 160 bits. - .. cpp:function:: std::string encrypt(const byte input[], size_t input_len, \ + .. cpp:function:: std::string encrypt(const uint8_t input[], size_t input_len, \ const std::string& passphrase, \ RandomNumberGenerator& rng) Encrypt the contents using *passphrase*. - .. cpp:function:: std::string decrypt(const byte input[], size_t input_len, \ + .. cpp:function:: std::string decrypt(const uint8_t input[], size_t input_len, \ const std::string& passphrase) Decrypts something encrypted with encrypt. diff --git a/doc/manual/ffi.rst b/doc/manual/ffi.rst index db3bd8d53..e0643974b 100644 --- a/doc/manual/ffi.rst +++ b/doc/manual/ffi.rst @@ -323,7 +323,7 @@ Multiple Precision Integers Return the size of ``n`` in bits. -.. cpp:function:: int botan_mp_num_bytes(botan_mp_t n, size_t* bytes) +.. cpp:function:: int botan_mp_num_bytes(botan_mp_t n, size_t* uint8_ts) Return the size of ``n`` in bytes. diff --git a/doc/manual/filters.rst b/doc/manual/filters.rst index a28db1153..cae50cc33 100644 --- a/doc/manual/filters.rst +++ b/doc/manual/filters.rst @@ -74,9 +74,9 @@ Here's code that uses one of them to encrypt a string with AES:: pipe.process_msg("secrets"); pipe.process_msg("more secrets"); - secure_vector<byte> c1 = pipe.read_all(0); + secure_vector<uint8_t> c1 = pipe.read_all(0); - byte c2[4096] = { 0 }; + uint8_t c2[4096] = { 0 }; size_t got_out = pipe.read(c2, sizeof(c2), 1); // use c2[0...got_out] @@ -150,7 +150,7 @@ allows you to bound the amount of memory that is in use at any one time. A common idiom for this is:: pipe.start_msg(); - SecureBuffer<byte, 4096> buffer; + std::vector<uint8_t> buffer(4096); // arbitrary size while(infile.good()) { infile.read((char*)&buffer[0], buffer.size()); @@ -231,7 +231,7 @@ a case where that is useful:: pipe.process_msg(ciphertext); std::string plaintext = pipe.read_all_as_string(0); - secure_vector<byte> mac = pipe.read_all(1); + secure_vector<uint8_t> mac = pipe.read_all(1); if(mac != auth_code) error(); @@ -393,15 +393,15 @@ another message, without either read affecting any other messages). Starts a new message; if a message was already running, an exception is thrown. After this function returns, you can call ``write``. -.. cpp:function:: void Pipe::write(const byte* input, size_t length) +.. cpp:function:: void Pipe::write(const uint8_t* input, size_t length) -.. cpp:function:: void Pipe::write(const std::vector<byte>& input) +.. cpp:function:: void Pipe::write(const std::vector<uint8_t>& input) .. cpp:function:: void Pipe::write(const std::string& input) .. cpp:function:: void Pipe::write(DataSource& input) -.. cpp:function:: void Pipe::write(byte input) +.. cpp:function:: void Pipe::write(uint8_t input) All versions of ``write`` write the input into the filter sequence. If a message is not currently active, an exception is thrown. @@ -434,17 +434,17 @@ specifies what message to read from. If this parameter is set to Functions in ``Pipe`` related to reading include: -.. cpp:function:: size_t Pipe::read(byte* out, size_t len) +.. cpp:function:: size_t Pipe::read(uint8_t* out, size_t len) Reads up to ``len`` bytes into ``out``, and returns the number of bytes actually read. -.. cpp:function:: size_t Pipe::peek(byte* out, size_t len) +.. cpp:function:: size_t Pipe::peek(uint8_t* out, size_t len) Acts exactly like `read`, except the data is not actually read; the next read will return the same data. -.. cpp:function:: secure_vector<byte> Pipe::read_all() +.. cpp:function:: secure_vector<uint8_t> Pipe::read_all() Reads the entire message into a buffer and returns it @@ -686,7 +686,7 @@ as simple as possible to write new filter types. There are four functions that need to be implemented by a class deriving from ``Filter``: -.. cpp:function:: void Filter::write(const byte* input, size_t length) +.. cpp:function:: void Filter::write(const uint8_t* input, size_t length) This function is what is called when a filter receives input for it to process. The filter is not required to process the data right @@ -694,7 +694,7 @@ functions that need to be implemented by a class deriving from filter will usually have ``write`` called many times during its lifetime. -.. cpp:function:: void Filter::send(byte* output, size_t length) +.. cpp:function:: void Filter::send(uint8_t* output, size_t length) Eventually, a filter will want to produce some output to send along to the next filter in the pipeline. It does so by calling ``send`` diff --git a/doc/manual/fpe.rst b/doc/manual/fpe.rst index 3ce541558..283d6c1a7 100644 --- a/doc/manual/fpe.rst +++ b/doc/manual/fpe.rst @@ -21,7 +21,7 @@ included in the future. To use FE1, use these functions, from ``fpe_fe1.h``: .. cpp:function:: BigInt FPE::fe1_encrypt(const BigInt& n, const BigInt& X, \ - const SymmetricKey& key, const std::vector<byte>& tweak) + const SymmetricKey& key, const std::vector<uint8_t>& tweak) Encrypts the value *X* modulo the value *n* using the *key* and *tweak* specified. Returns an integer less than *n*. The *tweak* is @@ -39,7 +39,7 @@ To use FE1, use these functions, from ``fpe_fe1.h``: checksum is for the new (ciphertext) number. .. cpp:function:: BigInt FPE::fe1_decrypt(const BigInt& n, const BigInt& X, \ - const SymmetricKey& key, const std::vector<byte>& tweak) + const SymmetricKey& key, const std::vector<uint8_t>& tweak) Decrypts an FE1 ciphertext produced by :cpp:func:`fe1_encrypt`; the *n*, *key* and *tweak* should be the same as that provided to the diff --git a/doc/manual/hash.rst b/doc/manual/hash.rst index fb711fa8d..80eefbe21 100644 --- a/doc/manual/hash.rst +++ b/doc/manual/hash.rst @@ -15,17 +15,17 @@ A Botan :cpp:class:`BufferedComputation` is split into three stages: Return the size of the output of this function. - .. cpp:function:: void update(const byte* input, size_t length) + .. cpp:function:: void update(const uint8_t* input, size_t length) - .. cpp:function:: void update(byte input) + .. cpp:function:: void update(uint8_t input) .. cpp:function:: void update(const std::string& input) Updates the computation with *input*. - .. cpp:function:: void final(byte* out) + .. cpp:function:: void final(uint8_t* out) - .. cpp:function:: secure_vector<byte> final() + .. cpp:function:: secure_vector<uint8_t> final() Finalize the calculation and place the result into ``out``. For the argument taking an array, exactly ``output_length`` bytes will diff --git a/doc/manual/kdf.rst b/doc/manual/kdf.rst index 4ab2fd5dc..e5d6a99d7 100644 --- a/doc/manual/kdf.rst +++ b/doc/manual/kdf.rst @@ -11,20 +11,20 @@ shared secret created using Diffie-Hellman key agreement. .. cpp:class:: KDF - .. cpp:function:: secure_vector<byte> derive_key( \ - size_t key_len, const std::vector<byte>& secret, \ + .. cpp:function:: secure_vector<uint8_t> derive_key( \ + size_t key_len, const std::vector<uint8_t>& secret, \ const std::string& salt = "") const - .. cpp:function:: secure_vector<byte> derive_key( \ - size_t key_len, const std::vector<byte>& secret, \ - const std::vector<byte>& salt) const + .. cpp:function:: secure_vector<uint8_t> derive_key( \ + size_t key_len, const std::vector<uint8_t>& secret, \ + const std::vector<uint8_t>& salt) const - .. cpp:function:: secure_vector<byte> derive_key( \ - size_t key_len, const std::vector<byte>& secret, \ - const byte* salt, size_t salt_len) const + .. cpp:function:: secure_vector<uint8_t> derive_key( \ + size_t key_len, const std::vector<uint8_t>& secret, \ + const uint8_t* salt, size_t salt_len) const - .. cpp:function:: secure_vector<byte> derive_key( \ - size_t key_len, const byte* secret, size_t secret_len, \ + .. cpp:function:: secure_vector<uint8_t> derive_key( \ + size_t key_len, const uint8_t* secret, size_t secret_len, \ const std::string& salt) const All variations on the same theme. Deterministically creates a diff --git a/doc/manual/lowlevel.rst b/doc/manual/lowlevel.rst index 5d5fbea7b..bcffcd632 100644 --- a/doc/manual/lowlevel.rst +++ b/doc/manual/lowlevel.rst @@ -63,7 +63,7 @@ Both symmetric keys and initialization values can be considered byte The argument *str* is assumed to be a hex string; it is converted to binary and stored. Whitespace is ignored. - .. cpp:function:: OctetString(const byte* input, size_t length) + .. cpp:function:: OctetString(const uint8_t* input, size_t length) This constructor copies its input. diff --git a/doc/manual/mceliece.rst b/doc/manual/mceliece.rst index 92873dd58..204e0726f 100644 --- a/doc/manual/mceliece.rst +++ b/doc/manual/mceliece.rst @@ -39,15 +39,15 @@ data), CCA2 security is provided. In ``mcies.h`` there are functions for this combination: -.. cpp:function:: secure_vector<byte> mceies_encrypt(const McEliece_PublicKey& pubkey, \ - const secure_vector<byte>& pt, \ - byte ad[], size_t ad_len, \ +.. cpp:function:: secure_vector<uint8_t> mceies_encrypt(const McEliece_PublicKey& pubkey, \ + const secure_vector<uint8_t>& pt, \ + uint8_t ad[], size_t ad_len, \ RandomNumberGenerator& rng, \ const std::string& aead = "AES-256/OCB") -.. cpp:function:: secure_vector<byte> mceies_decrypt(const McEliece_PrivateKey& privkey, \ - const secure_vector<byte>& ct, \ - byte ad[], size_t ad_len, \ +.. cpp:function:: secure_vector<uint8_t> mceies_decrypt(const McEliece_PrivateKey& privkey, \ + const secure_vector<uint8_t>& ct, \ + uint8_t ad[], size_t ad_len, \ const std::string& aead = "AES-256/OCB") For a given security level (SL) a McEliece key would use diff --git a/doc/manual/passhash.rst b/doc/manual/passhash.rst index 725fc5535..99af4a7ea 100644 --- a/doc/manual/passhash.rst +++ b/doc/manual/passhash.rst @@ -88,7 +88,7 @@ Bcrypt provides outputs that look like this:: Currently only the `2a` bcrypt format is supported. .. cpp:function:: std::string generate_bcrypt(const std::string& password, \ - RandomNumberGenerator& rng, u16bit work_factor = 10) + RandomNumberGenerator& rng, uint16_t work_factor = 10) Takes the password to hash, a rng, and a work factor. Higher work factors increase the amount of time the algorithm runs, increasing @@ -131,7 +131,7 @@ being a widely used password hash. Prefer bcrypt. for scrypt password hashes on Cisco systems. .. cpp:function:: std::string generate_passhash9(const std::string& password, \ - RandomNumberGenerator& rng, u16bit work_factor = 10, byte alg_id = 1) + RandomNumberGenerator& rng, uint16_t work_factor = 10, uint8_t alg_id = 1) Functions much like ``generate_bcrypt``. The last parameter, ``alg_id``, specifies which PRF to use. Currently defined values are diff --git a/doc/manual/pbkdf.rst b/doc/manual/pbkdf.rst index 079a598ff..d22f6872c 100644 --- a/doc/manual/pbkdf.rst +++ b/doc/manual/pbkdf.rst @@ -26,7 +26,7 @@ is recommend for new applications. .. cpp:function:: OctetString PBKDF::derive_key( \ size_t output_len, const std::string& passphrase, \ - const byte* salt, size_t salt_len, \ + const uint8_t* salt, size_t salt_len, \ size_t iterations) const Computes a key from *passphrase* and the *salt* (of length @@ -46,7 +46,7 @@ is recommend for new applications. PBKDF* pbkdf = get_pbkdf("PBKDF2(SHA-256)"); AutoSeeded_RNG rng; - secure_vector<byte> salt = rng.random_vec(16); + secure_vector<uint8_t> salt = rng.random_vec(16); OctetString aes256_key = pbkdf->derive_key(32, "password", &salt[0], salt.size(), 10000); diff --git a/doc/manual/pkcs11.rst b/doc/manual/pkcs11.rst index a95e126bf..ef62d771f 100644 --- a/doc/manual/pkcs11.rst +++ b/doc/manual/pkcs11.rst @@ -90,9 +90,9 @@ to call the method twice in order to determine the number of elements first. Another example is the :cpp:func:`C_InitPIN` overload: - .. cpp:function:: template<typename Talloc> bool C_InitPIN( SessionHandle session, const std::vector<byte, TAlloc>& pin, ReturnValue* return_value = ThrowException ) const + .. cpp:function:: template<typename Talloc> bool C_InitPIN( SessionHandle session, const std::vector<uint8_t, TAlloc>& pin, ReturnValue* return_value = ThrowException ) const -The templated ``pin`` parameter allows to pass the PIN as a ``std::vector<byte>`` or a ``secure_vector<byte>``. +The templated ``pin`` parameter allows to pass the PIN as a ``std::vector<uint8_t>`` or a ``secure_vector<uint8_t>``. If used with a ``secure_vector`` it is assured that the memory is securely erased when the ``pin`` object is no longer needed. Error Handling @@ -434,11 +434,11 @@ Attributes can be set in an :cpp:class:`AttributeContainer` by various ``add_`` Add a string attribute (e.g. :c:macro:`CKA_LABEL` / :cpp:enumerator:`AttributeType::Label`). - .. cpp:function:: void AttributeContainer::add_binary(AttributeType attribute, const byte* value, size_t length) + .. cpp:function:: void AttributeContainer::add_binary(AttributeType attribute, const uint8_t* value, size_t length) Add a binary attribute (e.g. :c:macro:`CKA_ID` / :cpp:enumerator:`AttributeType::Id`). - .. cpp:function:: template<typename TAlloc> void AttributeContainer::add_binary(AttributeType attribute, const std::vector<byte, TAlloc>& binary) + .. cpp:function:: template<typename TAlloc> void AttributeContainer::add_binary(AttributeType attribute, const std::vector<uint8_t, TAlloc>& binary) Add a binary attribute by passing a ``vector``/``secure_vector`` (e.g. :c:macro:`CKA_ID` / :cpp:enumerator:`AttributeType::Id`). @@ -510,11 +510,11 @@ Following constructors are defined: The other methods are: - .. cpp:function:: secure_vector<byte> get_attribute_value(AttributeType attribute) const + .. cpp:function:: secure_vector<uint8_t> get_attribute_value(AttributeType attribute) const Returns the value of the given attribute (using :cpp:func:`C_GetAttributeValue`) - .. cpp:function:: void set_attribute_value(AttributeType attribute, const secure_vector<byte>& value) const + .. cpp:function:: void set_attribute_value(AttributeType attribute, const secure_vector<uint8_t>& value) const Sets the given value for the attribute (using :cpp:func:`C_SetAttributeValue`) @@ -536,11 +536,11 @@ And static methods to search for objects: Searches for all objects of the given type using the label (:c:macro:`CKA_LABEL`). - .. cpp:function:: template<typename T> static std::vector<T> search(Session& session, const std::vector<byte>& id) + .. cpp:function:: template<typename T> static std::vector<T> search(Session& session, const std::vector<uint8_t>& id) Searches for all objects of the given type using the id (:c:macro:`CKA_ID`). - .. cpp:function:: template<typename T> static std::vector<T> search(Session& session, const std::string& label, const std::vector<byte>& id) + .. cpp:function:: template<typename T> static std::vector<T> search(Session& session, const std::string& label, const std::vector<uint8_t>& id) Searches for all objects of the given type using the label (:c:macro:`CKA_LABEL`) and id (:c:macro:`CKA_ID`). @@ -814,7 +814,7 @@ and import: :cpp:class:`EC_PrivateKeyGenerationProperties` and :cpp:class:`EC_Pr This constructor can be used to import an existing ECDSA private key with the :cpp:class:`EC_PrivateKeyImportProperties` passed in ``props`` to the token. - .. cpp:function:: PKCS11_ECDSA_PrivateKey(Session& session, const std::vector<byte>& ec_params, const EC_PrivateKeyGenerationProperties& props) + .. cpp:function:: PKCS11_ECDSA_PrivateKey(Session& session, const std::vector<uint8_t>& ec_params, const EC_PrivateKeyGenerationProperties& props) This constructor can be used to generate a new ECDSA private key with the :cpp:class:`EC_PrivateKeyGenerationProperties` passed in ``props`` on the token. The ``ec_params`` parameter is the DER-encoding of an @@ -965,7 +965,7 @@ property classes. One for key generation and one for import: :cpp:class:`EC_Priv This constructor can be used to import an existing ECDH private key with the :cpp:class:`EC_PrivateKeyImportProperties` passed in ``props`` to the token. - .. cpp:function:: PKCS11_ECDH_PrivateKey(Session& session, const std::vector<byte>& ec_params, const EC_PrivateKeyGenerationProperties& props) + .. cpp:function:: PKCS11_ECDH_PrivateKey(Session& session, const std::vector<uint8_t>& ec_params, const EC_PrivateKeyGenerationProperties& props) This constructor can be used to generate a new ECDH private key with the :cpp:class:`EC_PrivateKeyGenerationProperties` passed in ``props`` on the token. The ``ec_params`` parameter is the DER-encoding of an @@ -1091,11 +1091,11 @@ implements the :cpp:class:`Hardware_RNG` interface. A PKCS#11 :cpp:class:`Session` must be passed to instantiate a ``PKCS11_RNG``. - .. cpp:function:: void randomize(Botan::byte output[], std::size_t length) override + .. cpp:function:: void randomize(uint8_t output[], std::size_t length) override Calls :cpp:func:`C_GenerateRandom` to generate random data. - .. cpp:function:: void add_entropy(const Botan::byte in[], std::size_t length) override + .. cpp:function:: void add_entropy(const uint8_t in[], std::size_t length) override Calls :cpp:func:`C_SeedRandom` to add entropy to the random generation function of the token/middleware. diff --git a/doc/manual/pubkey.rst b/doc/manual/pubkey.rst index 1e13cd1bc..c72793d89 100644 --- a/doc/manual/pubkey.rst +++ b/doc/manual/pubkey.rst @@ -94,7 +94,7 @@ The standard format for serializing a private key is PKCS #8, the operations for which are defined in ``pkcs8.h``. It supports both unencrypted and encrypted storage. -.. cpp:function:: secure_vector<byte> PKCS8::BER_encode(const Private_Key& key, \ +.. cpp:function:: secure_vector<uint8_t> PKCS8::BER_encode(const Private_Key& key, \ RandomNumberGenerator& rng, const std::string& password, const std::string& pbe_algo = "") Takes any private key object, serializes it, encrypts it using @@ -125,7 +125,7 @@ Unencrypted serialization is also supported. security requirements, always use the versions that encrypt the key based on a passphrase, described above. -.. cpp:function:: secure_vector<byte> PKCS8::BER_encode(const Private_Key& key) +.. cpp:function:: secure_vector<uint8_t> PKCS8::BER_encode(const Private_Key& key) Serializes the private key and returns the result. @@ -205,13 +205,13 @@ Serializing Public Keys To import and export public keys, use: -.. cpp:function:: std::vector<byte> X509::BER_encode(const Public_Key& key) +.. cpp:function:: std::vector<uint8_t> X509::BER_encode(const Public_Key& key) .. cpp:function:: std::string X509::PEM_encode(const Public_Key& key) .. cpp:function:: Public_Key* X509::load_key(DataSource& in) -.. cpp:function:: Public_Key* X509::load_key(const secure_vector<byte>& buffer) +.. cpp:function:: Public_Key* X509::load_key(const secure_vector<uint8_t>& buffer) .. cpp:function:: Public_Key* X509::load_key(const std::string& filename) @@ -264,7 +264,7 @@ You can generate a new random group using You can serialize a ``DL_Group`` using -.. cpp:function:: secure_vector<byte> DL_Group::DER_Encode(Format format) +.. cpp:function:: secure_vector<uint8_t> DL_Group::DER_Encode(Format format) or @@ -374,11 +374,11 @@ The primary interface for encryption is .. cpp:class:: PK_Encryptor - .. cpp:function:: secure_vector<byte> encrypt( \ - const byte* in, size_t length, RandomNumberGenerator& rng) const + .. cpp:function:: secure_vector<uint8_t> encrypt( \ + const uint8_t* in, size_t length, RandomNumberGenerator& rng) const - .. cpp:function:: secure_vector<byte> encrypt( \ - const std::vector<byte>& in, RandomNumberGenerator& rng) const + .. cpp:function:: secure_vector<uint8_t> encrypt( \ + const std::vector<uint8_t>& in, RandomNumberGenerator& rng) const These encrypt a message, returning the ciphertext. @@ -546,23 +546,23 @@ Signature generation is performed using ``DER_SEQUENCE``, which will format the signature as an ASN.1 SEQUENCE value. - .. cpp:function:: void update(const byte* in, size_t length) - .. cpp:function:: void update(const std::vector<byte>& in) - .. cpp:function:: void update(byte in) + .. cpp:function:: void update(const uint8_t* in, size_t length) + .. cpp:function:: void update(const std::vector<uint8_t>& in) + .. cpp:function:: void update(uint8_t in) These add more data to be included in the signature computation. Typically, the input will be provided directly to a hash function. - .. cpp:function:: secure_vector<byte> signature(RandomNumberGenerator& rng) + .. cpp:function:: secure_vector<uint8_t> signature(RandomNumberGenerator& rng) Creates the signature and returns it - .. cpp:function:: secure_vector<byte> sign_message( \ - const byte* in, size_t length, RandomNumberGenerator& rng) + .. cpp:function:: secure_vector<uint8_t> sign_message( \ + const uint8_t* in, size_t length, RandomNumberGenerator& rng) - .. cpp:function:: secure_vector<byte> sign_message( \ - const std::vector<byte>& in, RandomNumberGenerator& rng) + .. cpp:function:: secure_vector<uint8_t> sign_message( \ + const std::vector<uint8_t>& in, RandomNumberGenerator& rng) These functions are equivalent to calling :cpp:func:`PK_Signer::update` and then @@ -580,15 +580,15 @@ Signatures are verified using key *pub_key*. The *emsa* and *format* should be the same as that used by the signer. - .. cpp:function:: void update(const byte* in, size_t length) - .. cpp:function:: void update(const std::vector<byte>& in) - .. cpp:function:: void update(byte in) + .. cpp:function:: void update(const uint8_t* in, size_t length) + .. cpp:function:: void update(const std::vector<uint8_t>& in) + .. cpp:function:: void update(uint8_t in) Add further message data that is purportedly assocated with the signature that will be checked. - .. cpp:function:: bool check_signature(const byte* sig, size_t length) - .. cpp:function:: bool check_signature(const std::vector<byte>& sig) + .. cpp:function:: bool check_signature(const uint8_t* sig, size_t length) + .. cpp:function:: bool check_signature(const std::vector<uint8_t>& sig) Check to see if *sig* is a valid signature for the message data that was written in. Return true if so. This function clears the @@ -596,11 +596,11 @@ Signatures are verified using :cpp:func:`PK_Verifier::update` to start verifying another message. - .. cpp:function:: bool verify_message(const byte* msg, size_t msg_length, \ - const byte* sig, size_t sig_length) + .. cpp:function:: bool verify_message(const uint8_t* msg, size_t msg_length, \ + const uint8_t* sig, size_t sig_length) - .. cpp:function:: bool verify_message(const std::vector<byte>& msg, \ - const std::vector<byte>& sig) + .. cpp:function:: bool verify_message(const std::vector<uint8_t>& msg, \ + const std::vector<uint8_t>& sig) These are equivalent to calling :cpp:func:`PK_Verifier::update` on *msg* and then calling :cpp:func:`PK_Verifier::check_signature` @@ -674,7 +674,7 @@ other party, and then each of you runs a computation with the other's value and your key (this should return the same result to both parties). This computation can be called by using ``derive_key`` with either a byte array/length pair, or a -``secure_vector<byte>`` than holds the public value of the other +``secure_vector<uint8_t>`` than holds the public value of the other party. The last argument to either call is a number that specifies how long a key you want. @@ -689,7 +689,7 @@ symmetric algorithm. The public value that should be used can be obtained by calling ``public_data``, which exists for any key that is associated with a -key agreement algorithm. It returns a ``secure_vector<byte>``. +key agreement algorithm. It returns a ``secure_vector<uint8_t>``. "KDF2(SHA-256)" is by far the preferred algorithm for key derivation in new applications. The X9.42 algorithm may be useful in some @@ -798,9 +798,9 @@ public/private key pair and how to use these keys to create and verify a signatu private_key.create_signature_op(rng, "", ""); // create and sign a message using the signature operation. - Botan::secure_vector<byte> msg { 0x01, 0x02, 0x03, 0x04 }; + Botan::secure_vector<uint8_t> msg { 0x01, 0x02, 0x03, 0x04 }; sig_op->update(msg.data(), msg.size()); - Botan::secure_vector<byte> sig = sig_op->sign(rng); + Botan::secure_vector<uint8_t> sig = sig_op->sign(rng); // create verification operation using the public key std::unique_ptr<Botan::PK_Ops::Verification> ver_op = diff --git a/doc/manual/rng.rst b/doc/manual/rng.rst index 592f319fa..11094d832 100644 --- a/doc/manual/rng.rst +++ b/doc/manual/rng.rst @@ -7,29 +7,29 @@ The base class ``RandomNumberGenerator`` is in the header ``botan/rng.h``. The major interfaces are -.. cpp:function:: void RandomNumberGenerator::randomize(byte* output_array, size_t length) +.. cpp:function:: void RandomNumberGenerator::randomize(uint8_t* output_array, size_t length) Places *length* random bytes into the provided buffer. -.. cpp:function:: void RandomNumberGenerator::add_entropy(const byte* data, size_t length) +.. cpp:function:: void RandomNumberGenerator::add_entropy(const uint8_t* data, size_t length) Incorporates provided data into the state of the PRNG, if at all possible. This works for most RNG types, including the system and TPM RNGs. But if the RNG doesn't support this operation, the data is dropped, no error is indicated. -.. cpp:function:: void RandomNumberGenerator::randomize_with_input(byte* data, size_t length, \ - const byte* ad, size_t ad_len) +.. cpp:function:: void RandomNumberGenerator::randomize_with_input(uint8_t* data, size_t length, \ + const uint8_t* ad, size_t ad_len) Like randomize, but first incorporates the additional input field into the state of the RNG. The additional input could be anything which parameterizes this request. -.. cpp:function:: void RandomNumberGenerator::randomize_with_ts_input(byte* data, size_t length) +.. cpp:function:: void RandomNumberGenerator::randomize_with_ts_input(uint8_t* data, size_t length) Creates a buffer with some timestamp values and calls ``randomize_with_input`` -.. cpp:function:: byte RandomNumberGenerator::next_byte() +.. cpp:function:: uint8_t RandomNumberGenerator::next_byte() Generates a single random byte and returns it. Note that calling this function several times is much slower than calling ``randomize`` once diff --git a/doc/manual/srp.rst b/doc/manual/srp.rst index 071f3ea19..3419488a3 100644 --- a/doc/manual/srp.rst +++ b/doc/manual/srp.rst @@ -24,7 +24,7 @@ example "modp/srp/2048". .. cpp:function:: BigInt generate_srp6_verifier( \ const std::string& identifier, \ const std::string& password, \ - const std::vector<byte>& salt, \ + const std::vector<uint8_t>& salt, \ const std::string& group_id, \ const std::string& hash_id) @@ -54,7 +54,7 @@ example "modp/srp/2048". const std::string& password, \ const std::string& group_id, \ const std::string& hash_id, \ - const std::vector<byte>& salt, \ + const std::vector<uint8_t>& salt, \ const BigInt& B, \ RandomNumberGenerator& rng) diff --git a/doc/manual/symmetric_crypto.rst b/doc/manual/symmetric_crypto.rst index dd4c8f4e8..605d329fb 100644 --- a/doc/manual/symmetric_crypto.rst +++ b/doc/manual/symmetric_crypto.rst @@ -15,7 +15,7 @@ restrictions on the size of the key. .. cpp:class:: SymmetricAlgorithm - .. cpp:function:: void set_key(const byte* key, size_t length) + .. cpp:function:: void set_key(const uint8_t* key, size_t length) .. cpp:function:: void set_key(const SymmetricKey& key) @@ -58,54 +58,54 @@ When processing data larger than a single block, a block cipher mode should be u Returns the block size of the cipher in bytes. - .. cpp:function:: void encrypt_n(const byte* in, \ - byte* out, size_t n) const + .. cpp:function:: void encrypt_n(const uint8_t* in, \ + uint8_t* out, size_t n) const Encrypt *n* blocks of data, taking the input from the array *in* and placing the ciphertext into *out*. The two pointers may be identical, but should not overlap ranges. - .. cpp:function:: void encrypt(const byte* in, byte* out) const + .. cpp:function:: void encrypt(const uint8_t* in, uint8_t* out) const Encrypt a single block, taking the input from *in* and placing it in *out*. Acts like :cpp:func:`encrypt_n`\ (in, out, 1). - .. cpp:function:: void encrypt(const std::vector<byte> in, std::vector<byte> out) const + .. cpp:function:: void encrypt(const std::vector<uint8_t> in, std::vector<uint8_t> out) const Encrypt a single or multiple full blocks, taking the input from *in* and placing it in *out*. Acts like :cpp:func:`encrypt_n`\ (in.data(), out.data(), in.size()/ block_size()). - .. cpp:function:: void encrypt(std::vector<byte> inout) const + .. cpp:function:: void encrypt(std::vector<uint8_t> inout) const Encrypt a single or multiple full blocks in place. Acts like :cpp:func:`encrypt_n`\ (inout.data(), inout.data(), inout.size()/ block_size()). - .. cpp:function:: void encrypt(byte* block) const + .. cpp:function:: void encrypt(uint8_t* block) const Identical to :cpp:func:`encrypt`\ (block, block) - .. cpp:function:: void decrypt_n(const byte* in, byte out, size_t n) const + .. cpp:function:: void decrypt_n(const uint8_t* in, uint8_t out, size_t n) const Decrypt *n* blocks of data, taking the input from *in* and placing the plaintext in *out*. The two pointers may be identical, but should not overlap ranges. - .. cpp:function:: void decrypt(const byte* in, byte* out) const + .. cpp:function:: void decrypt(const uint8_t* in, uint8_t* out) const Decrypt a single block, taking the input from *in* and placing it in *out*. Acts like :cpp:func:`decrypt_n`\ (in, out, 1). - .. cpp:function:: void decrypt(const std::vector<byte> in, std::vector<byte> out) const + .. cpp:function:: void decrypt(const std::vector<uint8_t> in, std::vector<uint8_t> out) const Decrypt a single or multiple full blocks, taking the input from *in* and placing it in *out*. Acts like :cpp:func:`decrypt_n`\ (in.data(), out.data(), in.size()/ block_size()). - .. cpp:function:: void decrypt(std::vector<byte> inout) const + .. cpp:function:: void decrypt(std::vector<uint8_t> inout) const Decrypt a single or multiple full blocks in place. Acts like :cpp:func:`decrypt_n`\ (inout.data(), inout.data(), inout.size()/ block_size()). - .. cpp:function:: void decrypt(byte* block) const + .. cpp:function:: void decrypt(uint8_t* block) const Identical to :cpp:func:`decrypt`\ (block, block) @@ -118,24 +118,26 @@ When processing data larger than a single block, a block cipher mode should be u The following block ciphers are implemented in Botan: #. AES (AES-128, AES-192, AES-256) -#. Serpent -#. Twofish -#. Threefish-512 +#. ARIA #. Blowfish +#. CAST (CAST-128, CAST-256) #. Camellia (Camellia-128, Camellia-192, Camellia-256) -#. DES -#. 3DES +#. Cascade +#. DES/3DES #. DESX -#. Noekeon -#. CAST (CAST-128, CAST-256) +#. GOST-28147-89 #. IDEA #. Kasumi +#. Lion #. MISTY1 +#. Noekeon #. SEED +#. SHACAL2 +#. SM4 +#. Serpent +#. Threefish-512 +#. Twofish #. XTEA -#. GOST-28147-89 -#. Cascade -#. Lion Code Example """"""""""""""" @@ -195,19 +197,19 @@ are derived from the base class :cpp:class:`Cipher_Mode`, which is declared in ` .. cpp:class:: Cipher_Mode .. cpp:function:: void set_key(const SymmetricKey& key) - .. cpp:function:: void set_key(const byte* key, size_t length) + .. cpp:function:: void set_key(const uint8_t* key, size_t length) Set the symmetric key to be used. - .. cpp:function:: void start_msg(const byte* nonce, size_t nonce_len) + .. cpp:function:: void start_msg(const uint8_t* nonce, size_t nonce_len) Set the IV (unique per-message nonce) of the mode of operation and prepare for message processing. - .. cpp:function:: void start(const std::vector<byte> nonce) + .. cpp:function:: void start(const std::vector<uint8_t> nonce) Acts like :cpp:func:`start_msg`\ (nonce.data(), nonce.size()). - .. cpp:function:: void start(const byte* nonce, size_t nonce_len) + .. cpp:function:: void start(const uint8_t* nonce, size_t nonce_len) Acts like :cpp:func:`start_msg`\ (nonce, nonce_len). @@ -216,11 +218,11 @@ are derived from the base class :cpp:class:`Cipher_Mode`, which is declared in ` The :cpp:class:`Cipher_Mode` interface requires message processing in multiples of the block size. Returns size of required blocks to update and 1, if the mode can process messages of any length. - .. cpp:function:: virtual size_t process(byte* msg, size_t msg_len) + .. cpp:function:: virtual size_t process(uint8_t* msg, size_t msg_len) Process msg in place and returns bytes written. msg must be a multiple of :cpp:func:`update_granularity`. - .. cpp:function:: void update(secure_vector<byte>& buffer, size_t offset = 0) + .. cpp:function:: void update(secure_vector<uint8_t>& buffer, size_t offset = 0) Continue processing a message in the buffer in place. The passed buffer's size must be a multiple of :cpp:func:`update_granularity`. The first *offset* bytes of the buffer will be ignored. @@ -229,7 +231,7 @@ are derived from the base class :cpp:class:`Cipher_Mode`, which is declared in ` Returns the minimum size needed for :cpp:func:`finish`. - .. cpp:function:: void finish(secure_vector<byte>& final_block, size_t offset = 0) + .. cpp:function:: void finish(secure_vector<uint8_t>& final_block, size_t offset = 0) Finalize the message processing with a final block of at least :cpp:func:`minimum_final_size` size. The first *offset* bytes of the passed final block will be ignored. @@ -297,7 +299,7 @@ support a 128-bit block cipher such as AES. EAX and OCB also support Return the key length specification - .. cpp:function:: void set_associated_data(const byte ad[], size_t ad_len) + .. cpp:function:: void set_associated_data(const uint8_t ad[], size_t ad_len) Set any associated data for this message. For maximum portability between different modes, this must be called after :cpp:func:`set_key` and before @@ -307,12 +309,12 @@ support a 128-bit block cipher such as AES. EAX and OCB also support function more than once, even across multiple calls to :cpp:func:`start` and :cpp:func:`finish`. - .. cpp:function:: void start(const byte nonce[], size_t nonce_len) + .. cpp:function:: void start(const uint8_t nonce[], size_t nonce_len) Start processing a message, using *nonce* as the unique per-message value. - .. cpp:function:: void update(secure_vector<byte>& buffer, size_t offset = 0) + .. cpp:function:: void update(secure_vector<uint8_t>& buffer, size_t offset = 0) Continue processing a message. The *buffer* is an in/out parameter and may be resized. In particular, some modes require that all input be @@ -326,7 +328,7 @@ support a 128-bit block cipher such as AES. EAX and OCB also support The first *offset* bytes of *buffer* will be ignored (this allows in place processing of a buffer that contains an initial plaintext header) - .. cpp:function:: void finish(secure_vector<byte>& buffer, size_t offset = 0) + .. cpp:function:: void finish(secure_vector<uint8_t>& buffer, size_t offset = 0) Complete processing a message with a final input of *buffer*, which is treated the same as with :cpp:func:`update`. It must contain at least @@ -384,27 +386,27 @@ stream ciphers require a fresh initialisation vector. This function returns true if and only if *length* is a valid IV length for the stream cipher. - .. cpp:function:: void set_iv(const byte*, size_t len) + .. cpp:function:: void set_iv(const uint8_t*, size_t len) Load IV into the stream cipher state. This should happen after the key is set and before any operation (encrypt/decrypt/seek) is called. - .. cpp:function:: void seek(u64bit offset) + .. cpp:function:: void seek(uint64_t offset) Sets the state of the stream cipher and keystream according to the passed *offset*. Therefore the key and the IV (if required) have to be set beforehand. - .. cpp:function:: void cipher(const byte* in, byte* out, size_t n) + .. cpp:function:: void cipher(const uint8_t* in, uint8_t* out, size_t n) Processes *n* bytes plain/ciphertext from *in* and writes the result to *out*. - .. cpp:function:: void cipher1(byte* inout, size_t n) + .. cpp:function:: void cipher1(uint8_t* inout, size_t n) Processes *n* bytes plain/ciphertext in place. Acts like :cpp:func:`cipher`\ (inout, inout, n). - .. cpp:function:: void encipher(std::vector<byte> inout) - .. cpp:function:: void encrypt(std::vector<byte> inout) - .. cpp:function:: void decrypt(std::vector<byte> inout) + .. cpp:function:: void encipher(std::vector<uint8_t> inout) + .. cpp:function:: void encrypt(std::vector<uint8_t> inout) + .. cpp:function:: void decrypt(std::vector<uint8_t> inout) Processes plain/ciphertext *inout* in place. Acts like :cpp:func:`cipher`\ (inout.data(), inout.data(), inout.size()). @@ -483,33 +485,33 @@ The Botan MAC computation is split into five stages. .. cpp:class:: MessageAuthenticationCode - .. cpp:function:: void set_key(const byte* key, size_t length) + .. cpp:function:: void set_key(const uint8_t* key, size_t length) Set the shared MAC key for the calculation. This function has to be called before the data is processed. - .. cpp:function:: void start(const byte* nonce, size_t nonce_len) + .. cpp:function:: void start(const uint8_t* nonce, size_t nonce_len) Set the IV for the MAC calculation. Note that not all MAC algorithms require an IV. If an IV is required, the function has to be called before the data is processed. - .. cpp:function:: void update(const byte* input, size_t length) - .. cpp:function:: void update(const secure_vector<byte>& in) + .. cpp:function:: void update(const uint8_t* input, size_t length) + .. cpp:function:: void update(const secure_vector<uint8_t>& in) Process the passed data. - .. cpp:function:: void update(byte in) + .. cpp:function:: void update(uint8_t in) Process a single byte. - .. cpp:function:: void final(byte* out) + .. cpp:function:: void final(uint8_t* out) Complete the MAC computation and write the calculated tag to the passed byte array. - .. cpp:function:: secure_vector<byte> final() + .. cpp:function:: secure_vector<uint8_t> final() Complete the MAC computation and return the calculated tag. - .. cpp:function:: bool verify_mac(const byte* mac, size_t length) + .. cpp:function:: bool verify_mac(const uint8_t* mac, size_t length) Finalize the current MAC computation and compare the result to the passed ``mac``. Returns ``true``, if the verification is successfull and false otherwise. diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst index aa075141d..32f6c5fb2 100644 --- a/doc/manual/tls.rst +++ b/doc/manual/tls.rst @@ -36,7 +36,7 @@ Starting in 1.11.31, the application callbacks are encapsulated as the class mandatory for using TLS, all others are optional and provide additional information about the connection. - .. cpp:function:: void tls_emit_data(const byte data[], size_t data_len) + .. cpp:function:: void tls_emit_data(const uint8_t data[], size_t data_len) Mandatory. The TLS stack requests that all bytes of *data* be queued up to send to the counterparty. After this function returns, the buffer containing *data* will @@ -50,7 +50,7 @@ information about the connection. For TLS all writes must occur *in the order requested*. For DTLS this ordering is not strictly required, but is still recommended. - .. cpp:function:: void tls_record_received(uint64_t rec_no, const byte data[], size_t data_len) + .. cpp:function:: void tls_record_received(uint64_t rec_no, const uint8_t data[], size_t data_len) Mandatory. Called once for each application_data record which is received, with the matching (TLS level) record sequence number. @@ -165,8 +165,8 @@ available: .. cpp:class:: TLS::Channel - .. cpp:function:: size_t received_data(const byte buf[], size_t buf_size) - .. cpp:function:: size_t received_data(const std::vector<byte>& buf) + .. cpp:function:: size_t received_data(const uint8_t buf[], size_t buf_size) + .. cpp:function:: size_t received_data(const std::vector<uint8_t>& buf) This function is used to provide data sent by the counterparty (eg data that you read off the socket layer). Depending on the @@ -179,9 +179,9 @@ available: the data fell exactly on a message boundary, in which case it will return 0 instead. - .. cpp:function:: void send(const byte buf[], size_t buf_size) + .. cpp:function:: void send(const uint8_t buf[], size_t buf_size) .. cpp:function:: void send(const std::string& str) - .. cpp:function:: void send(const std::vector<byte>& vec) + .. cpp:function:: void send(const std::vector<uint8_t>& vec) Create one or more new TLS application records containing the provided data and send them. This will eventually result in at @@ -650,7 +650,7 @@ information about that session: Returns ``true`` if the connection was negotiated with the correct extensions to prevent the renegotiation attack. - .. cpp:function:: std::vector<byte> encrypt(const SymmetricKey& key, \ + .. cpp:function:: std::vector<uint8_t> encrypt(const SymmetricKey& key, \ RandomNumberGenerator& rng) Encrypts a session using a symmetric key *key* and returns a raw @@ -660,14 +660,14 @@ information about that session: Currently the implementation encrypts the session using AES-256 in GCM mode with a random nonce. - .. cpp:function:: static Session decrypt(const byte ciphertext[], \ + .. cpp:function:: static Session decrypt(const uint8_t ciphertext[], \ size_t length, \ const SymmetricKey& key) Decrypts a session that was encrypted previously with ``encrypt`` and ``key``, or throws an exception if decryption fails. - .. cpp:function:: secure_vector<byte> DER_encode() const + .. cpp:function:: secure_vector<uint8_t> DER_encode() const Returns a serialized version of the session. @@ -693,12 +693,12 @@ implementation to the ``TLS::Client`` or ``TLS::Server`` constructor. ID will replicate a session ID already stored, in which case the new session information should overwrite the previous information. - .. cpp:function:: void remove_entry(const std::vector<byte>& session_id) + .. cpp:function:: void remove_entry(const std::vector<uint8_t>& session_id) Remove the session identified by *session_id*. Future attempts at resumption should fail for this session. - .. cpp:function:: bool load_from_session_id(const std::vector<byte>& session_id, \ + .. cpp:function:: bool load_from_session_id(const std::vector<uint8_t>& session_id, \ Session& session) Attempt to resume a session identified by *session_id*. If @@ -923,7 +923,7 @@ policy settings from a file. Default: false - .. cpp:function:: std::vector<byte> compression() const + .. cpp:function:: std::vector<uint8_t> compression() const Return the list of compression methods we are willing to use, in order of preference. Default is null compression only. @@ -1073,7 +1073,7 @@ TLS Ciphersuites .. cpp:class:: TLS::Ciphersuite - .. cpp:function:: u16bit ciphersuite_code() const + .. cpp:function:: uint16_t ciphersuite_code() const Return the numerical code for this ciphersuite @@ -1141,11 +1141,11 @@ The ``TLS::Protocol_Version`` class represents a specific version: Create a specific version - .. cpp:function:: byte major_version() const + .. cpp:function:: uint8_t major_version() const Returns major number of the protocol version - .. cpp:function:: byte minor_version() const + .. cpp:function:: uint8_t minor_version() const Returns minor number of the protocol version diff --git a/doc/manual/versions.rst b/doc/manual/versions.rst index 14a7dfec5..60fe58e9d 100644 --- a/doc/manual/versions.rst +++ b/doc/manual/versions.rst @@ -57,19 +57,19 @@ version checks, are included in `botan/version.h` Returns a single-line string containing relevant information about this build and version of the library in an unspecified format. -.. cpp:function:: u32bit version_major() +.. cpp:function:: uint32_t version_major() Returns the major part of the version. -.. cpp:function:: u32bit version_minor() +.. cpp:function:: uint32_t version_minor() Returns the minor part of the version. -.. cpp:function:: u32bit version_patch() +.. cpp:function:: uint32_t version_patch() Returns the patch part of the version. -.. cpp:function:: u32bit version_datestamp() +.. cpp:function:: uint32_t version_datestamp() Return the datestamp of the release (or 0 if the current version is not an official release). diff --git a/doc/manual/x509.rst b/doc/manual/x509.rst index 1fb6d90f5..d82dbccf2 100644 --- a/doc/manual/x509.rst +++ b/doc/manual/x509.rst @@ -172,7 +172,7 @@ functions are provided to search them. criticality flag. Only contains the supported extension types listed above. - .. cpp:function:: std::map<OID, std::pair<std::vector<byte>, bool>> extensions_raw() const + .. cpp:function:: std::map<OID, std::pair<std::vector<uint8_t>, bool>> extensions_raw() const Returns the list of extensions as raw, encoded bytes together with the corresponding criticality flag. @@ -246,7 +246,7 @@ The certificate lookup methods are ``find_cert`` (by Subject Distinguished Name and optional Subject Key Identifier) and ``find_cert_by_pubkey_sha1`` (by SHA-1 hash of the certificate's public key). The Subject Distinguished Name is given as a ``X509_DN``, -while the SKID parameter takes a ``std::vector<byte>`` containing +while the SKID parameter takes a ``std::vector<uint8_t>`` containing the subject key identifier in raw binary. Both lookup methods are mandatory to implement. @@ -545,7 +545,7 @@ The ``CRL_Entry`` type is a structure that contains, at a minimum, the serial number of the revoked certificate. As serial numbers are never repeated, the pairing of an issuer and a serial number (should) distinctly identify any certificate. In this case, we represent the serial number as a -``secure_vector<byte>`` called ``serial``. There are two additional (optional) +``secure_vector<uint8_t>`` called ``serial``. There are two additional (optional) values, an enumeration called ``CRL_Code`` that specifies the reason for revocation (``reason``), and an object that represents the time that the certificate became invalid (if this information is known). @@ -696,7 +696,7 @@ the subject's issuing certificate. Variant of the above, using serial number from ``subject_cert``. - .. cpp:function:: std::vector<byte> BER_encode() const + .. cpp:function:: std::vector<uint8_t> BER_encode() const Encode the current OCSP request as a binary string. @@ -767,7 +767,7 @@ for certificate status information. This field is optional in OCSP responses, and may not be set. - .. cpp:function:: const std::vector<byte>& raw_bits() const + .. cpp:function:: const std::vector<uint8_t>& raw_bits() const Return the entire raw ASN.1 blob (for debugging or specialized decoding needs) |