diff options
Diffstat (limited to 'src/kdf')
| -rw-r--r-- | src/kdf/kdf.cpp | 23 | ||||
| -rw-r--r-- | src/kdf/kdf.h | 26 | ||||
| -rw-r--r-- | src/kdf/kdf1/kdf1.cpp | 2 | ||||
| -rw-r--r-- | src/kdf/kdf1/kdf1.h | 2 | ||||
| -rw-r--r-- | src/kdf/kdf2/kdf2.cpp | 6 | ||||
| -rw-r--r-- | src/kdf/kdf2/kdf2.h | 2 | ||||
| -rw-r--r-- | src/kdf/mgf1/mgf1.cpp | 2 | ||||
| -rw-r--r-- | src/kdf/prf_ssl3/prf_ssl3.cpp | 6 | ||||
| -rw-r--r-- | src/kdf/prf_ssl3/prf_ssl3.h | 2 | ||||
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.cpp | 14 | ||||
| -rw-r--r-- | src/kdf/prf_tls/prf_tls.h | 4 | ||||
| -rw-r--r-- | src/kdf/prf_x942/prf_x942.cpp | 10 | ||||
| -rw-r--r-- | src/kdf/prf_x942/prf_x942.h | 2 |
13 files changed, 48 insertions, 53 deletions
diff --git a/src/kdf/kdf.cpp b/src/kdf/kdf.cpp index 6281f753c..88cbd5b99 100644 --- a/src/kdf/kdf.cpp +++ b/src/kdf/kdf.cpp @@ -12,8 +12,8 @@ namespace Botan { /* * Derive a key */ -SecureVector<byte> KDF::derive_key(size_t key_len, - const MemoryRegion<byte>& secret, +secure_vector<byte> KDF::derive_key(size_t key_len, + const secure_vector<byte>& secret, const std::string& salt) const { return derive_key(key_len, &secret[0], secret.size(), @@ -24,8 +24,8 @@ SecureVector<byte> KDF::derive_key(size_t key_len, /* * Derive a key */ -SecureVector<byte> KDF::derive_key(size_t key_len, - const MemoryRegion<byte>& secret, +secure_vector<byte> KDF::derive_key(size_t key_len, + const secure_vector<byte>& secret, const byte salt[], size_t salt_len) const { return derive_key(key_len, &secret[0], secret.size(), @@ -35,18 +35,7 @@ SecureVector<byte> KDF::derive_key(size_t key_len, /* * Derive a key */ -SecureVector<byte> KDF::derive_key(size_t key_len, - const MemoryRegion<byte>& secret, - const MemoryRegion<byte>& salt) const - { - return derive_key(key_len, &secret[0], secret.size(), - &salt[0], salt.size()); - } - -/* -* Derive a key -*/ -SecureVector<byte> KDF::derive_key(size_t key_len, +secure_vector<byte> KDF::derive_key(size_t key_len, const byte secret[], size_t secret_len, const std::string& salt) const { @@ -58,7 +47,7 @@ SecureVector<byte> KDF::derive_key(size_t key_len, /* * Derive a key */ -SecureVector<byte> KDF::derive_key(size_t key_len, +secure_vector<byte> KDF::derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len) const { diff --git a/src/kdf/kdf.h b/src/kdf/kdf.h index 3ec912cfe..e158df0ae 100644 --- a/src/kdf/kdf.h +++ b/src/kdf/kdf.h @@ -26,8 +26,8 @@ class BOTAN_DLL KDF : public Algorithm * @param secret the secret input * @param salt a diversifier */ - SecureVector<byte> derive_key(size_t key_len, - const MemoryRegion<byte>& secret, + secure_vector<byte> derive_key(size_t key_len, + const secure_vector<byte>& secret, const std::string& salt = "") const; /** @@ -36,9 +36,15 @@ class BOTAN_DLL KDF : public Algorithm * @param secret the secret input * @param salt a diversifier */ - SecureVector<byte> derive_key(size_t key_len, - const MemoryRegion<byte>& secret, - const MemoryRegion<byte>& salt) const; + template<typename Alloc, typename Alloc2> + secure_vector<byte> derive_key(size_t key_len, + const std::vector<byte, Alloc>& secret, + const std::vector<byte, Alloc2>& salt) const + { + return derive_key(key_len, &secret[0], secret.size(), + &salt[0], salt.size()); + + } /** * Derive a key @@ -47,8 +53,8 @@ class BOTAN_DLL KDF : public Algorithm * @param salt a diversifier * @param salt_len size of salt in bytes */ - SecureVector<byte> derive_key(size_t key_len, - const MemoryRegion<byte>& secret, + secure_vector<byte> derive_key(size_t key_len, + const secure_vector<byte>& secret, const byte salt[], size_t salt_len) const; @@ -59,7 +65,7 @@ class BOTAN_DLL KDF : public Algorithm * @param secret_len size of secret in bytes * @param salt a diversifier */ - SecureVector<byte> derive_key(size_t key_len, + secure_vector<byte> derive_key(size_t key_len, const byte secret[], size_t secret_len, const std::string& salt = "") const; @@ -72,7 +78,7 @@ class BOTAN_DLL KDF : public Algorithm * @param salt a diversifier * @param salt_len size of salt in bytes */ - SecureVector<byte> derive_key(size_t key_len, + secure_vector<byte> derive_key(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], @@ -82,7 +88,7 @@ class BOTAN_DLL KDF : public Algorithm virtual KDF* clone() const = 0; private: - virtual SecureVector<byte> + virtual secure_vector<byte> derive(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len) const = 0; diff --git a/src/kdf/kdf1/kdf1.cpp b/src/kdf/kdf1/kdf1.cpp index f3e4e208f..f00f71010 100644 --- a/src/kdf/kdf1/kdf1.cpp +++ b/src/kdf/kdf1/kdf1.cpp @@ -12,7 +12,7 @@ namespace Botan { /* * KDF1 Key Derivation Mechanism */ -SecureVector<byte> KDF1::derive(size_t, +secure_vector<byte> KDF1::derive(size_t, const byte secret[], size_t secret_len, const byte P[], size_t P_len) const { diff --git a/src/kdf/kdf1/kdf1.h b/src/kdf/kdf1/kdf1.h index f627235be..6a14d2995 100644 --- a/src/kdf/kdf1/kdf1.h +++ b/src/kdf/kdf1/kdf1.h @@ -19,7 +19,7 @@ namespace Botan { class BOTAN_DLL KDF1 : public KDF { public: - SecureVector<byte> derive(size_t, + secure_vector<byte> derive(size_t, const byte secret[], size_t secret_len, const byte P[], size_t P_len) const; diff --git a/src/kdf/kdf2/kdf2.cpp b/src/kdf/kdf2/kdf2.cpp index 51b9e41ea..39a929b58 100644 --- a/src/kdf/kdf2/kdf2.cpp +++ b/src/kdf/kdf2/kdf2.cpp @@ -12,11 +12,11 @@ namespace Botan { /* * KDF2 Key Derivation Mechanism */ -SecureVector<byte> KDF2::derive(size_t out_len, +secure_vector<byte> KDF2::derive(size_t out_len, const byte secret[], size_t secret_len, const byte P[], size_t P_len) const { - SecureVector<byte> output; + secure_vector<byte> output; u32bit counter = 1; while(out_len && counter) @@ -25,7 +25,7 @@ SecureVector<byte> KDF2::derive(size_t out_len, hash->update_be(counter); hash->update(P, P_len); - SecureVector<byte> hash_result = hash->final(); + secure_vector<byte> hash_result = hash->final(); size_t added = std::min(hash_result.size(), out_len); output += std::make_pair(&hash_result[0], added); diff --git a/src/kdf/kdf2/kdf2.h b/src/kdf/kdf2/kdf2.h index e85fe6d1c..e33939df9 100644 --- a/src/kdf/kdf2/kdf2.h +++ b/src/kdf/kdf2/kdf2.h @@ -19,7 +19,7 @@ namespace Botan { class BOTAN_DLL KDF2 : public KDF { public: - SecureVector<byte> derive(size_t, const byte[], size_t, + secure_vector<byte> derive(size_t, const byte[], size_t, const byte[], size_t) const; std::string name() const { return "KDF2(" + hash->name() + ")"; } diff --git a/src/kdf/mgf1/mgf1.cpp b/src/kdf/mgf1/mgf1.cpp index 7d949c2b8..e0433a02f 100644 --- a/src/kdf/mgf1/mgf1.cpp +++ b/src/kdf/mgf1/mgf1.cpp @@ -25,7 +25,7 @@ void MGF1::mask(const byte in[], size_t in_len, byte out[], { hash->update(in, in_len); hash->update_be(counter); - SecureVector<byte> buffer = hash->final(); + secure_vector<byte> buffer = hash->final(); size_t xored = std::min<size_t>(buffer.size(), out_len); xor_buf(out, &buffer[0], xored); diff --git a/src/kdf/prf_ssl3/prf_ssl3.cpp b/src/kdf/prf_ssl3/prf_ssl3.cpp index 72cf023e2..8475bf40a 100644 --- a/src/kdf/prf_ssl3/prf_ssl3.cpp +++ b/src/kdf/prf_ssl3/prf_ssl3.cpp @@ -33,11 +33,11 @@ OctetString next_hash(size_t where, size_t want, sha1.update(static_cast<byte>(ASCII_A_CHAR + where)); sha1.update(secret, secret_len); sha1.update(seed, seed_len); - SecureVector<byte> sha1_hash = sha1.final(); + secure_vector<byte> sha1_hash = sha1.final(); md5.update(secret, secret_len); md5.update(sha1_hash); - SecureVector<byte> md5_hash = md5.final(); + secure_vector<byte> md5_hash = md5.final(); return OctetString(&md5_hash[0], want); } @@ -47,7 +47,7 @@ OctetString next_hash(size_t where, size_t want, /* * SSL3 PRF */ -SecureVector<byte> SSL3_PRF::derive(size_t key_len, +secure_vector<byte> SSL3_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { diff --git a/src/kdf/prf_ssl3/prf_ssl3.h b/src/kdf/prf_ssl3/prf_ssl3.h index b07454be2..bae8badb8 100644 --- a/src/kdf/prf_ssl3/prf_ssl3.h +++ b/src/kdf/prf_ssl3/prf_ssl3.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL SSL3_PRF : public KDF { public: - SecureVector<byte> derive(size_t, const byte[], size_t, + secure_vector<byte> derive(size_t, const byte[], size_t, const byte[], size_t) const; std::string name() const { return "SSL3-PRF"; } diff --git a/src/kdf/prf_tls/prf_tls.cpp b/src/kdf/prf_tls/prf_tls.cpp index 1236e13c7..006b418c9 100644 --- a/src/kdf/prf_tls/prf_tls.cpp +++ b/src/kdf/prf_tls/prf_tls.cpp @@ -18,7 +18,7 @@ namespace { /* * TLS PRF P_hash function */ -void P_hash(MemoryRegion<byte>& output, +void P_hash(secure_vector<byte>& output, MessageAuthenticationCode* mac, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) @@ -34,7 +34,7 @@ void P_hash(MemoryRegion<byte>& output, " bytes is too long for the PRF"); } - SecureVector<byte> A(seed, seed_len); + secure_vector<byte> A(seed, seed + seed_len); size_t offset = 0; @@ -47,7 +47,7 @@ void P_hash(MemoryRegion<byte>& output, mac->update(A); mac->update(seed, seed_len); - SecureVector<byte> block = mac->final(); + secure_vector<byte> block = mac->final(); xor_buf(&output[offset], &block[0], this_block_len); offset += this_block_len; @@ -74,11 +74,11 @@ TLS_PRF::~TLS_PRF() /* * TLS PRF */ -SecureVector<byte> TLS_PRF::derive(size_t key_len, +secure_vector<byte> TLS_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { - SecureVector<byte> output(key_len); + secure_vector<byte> output(key_len); size_t S1_len = (secret_len + 1) / 2, S2_len = (secret_len + 1) / 2; @@ -103,11 +103,11 @@ TLS_12_PRF::~TLS_12_PRF() delete hmac; } -SecureVector<byte> TLS_12_PRF::derive(size_t key_len, +secure_vector<byte> TLS_12_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const { - SecureVector<byte> output(key_len); + secure_vector<byte> output(key_len); P_hash(output, hmac, secret, secret_len, seed, seed_len); diff --git a/src/kdf/prf_tls/prf_tls.h b/src/kdf/prf_tls/prf_tls.h index 5237f17c0..fce11eae0 100644 --- a/src/kdf/prf_tls/prf_tls.h +++ b/src/kdf/prf_tls/prf_tls.h @@ -20,7 +20,7 @@ namespace Botan { class BOTAN_DLL TLS_PRF : public KDF { public: - SecureVector<byte> derive(size_t key_len, + secure_vector<byte> derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const; @@ -40,7 +40,7 @@ class BOTAN_DLL TLS_PRF : public KDF class BOTAN_DLL TLS_12_PRF : public KDF { public: - SecureVector<byte> derive(size_t key_len, + secure_vector<byte> derive(size_t key_len, const byte secret[], size_t secret_len, const byte seed[], size_t seed_len) const; diff --git a/src/kdf/prf_x942/prf_x942.cpp b/src/kdf/prf_x942/prf_x942.cpp index fc31effe4..149be163f 100644 --- a/src/kdf/prf_x942/prf_x942.cpp +++ b/src/kdf/prf_x942/prf_x942.cpp @@ -20,11 +20,11 @@ namespace { /* * Encode an integer as an OCTET STRING */ -MemoryVector<byte> encode_x942_int(u32bit n) +std::vector<byte> encode_x942_int(u32bit n) { byte n_buf[4] = { 0 }; store_be(n, n_buf); - return DER_Encoder().encode(n_buf, 4, OCTET_STRING).get_contents(); + return DER_Encoder().encode(n_buf, 4, OCTET_STRING).get_contents_unlocked(); } } @@ -32,14 +32,14 @@ MemoryVector<byte> encode_x942_int(u32bit n) /* * X9.42 PRF */ -SecureVector<byte> X942_PRF::derive(size_t key_len, +secure_vector<byte> X942_PRF::derive(size_t key_len, const byte secret[], size_t secret_len, const byte salt[], size_t salt_len) const { SHA_160 hash; const OID kek_algo(key_wrap_oid); - SecureVector<byte> key; + secure_vector<byte> key; u32bit counter = 1; while(key.size() != key_len && counter) @@ -68,7 +68,7 @@ SecureVector<byte> X942_PRF::derive(size_t key_len, .end_cons().get_contents() ); - SecureVector<byte> digest = hash.final(); + secure_vector<byte> digest = hash.final(); const size_t needed = std::min(digest.size(), key_len - key.size()); key += std::make_pair(&digest[0], needed); diff --git a/src/kdf/prf_x942/prf_x942.h b/src/kdf/prf_x942/prf_x942.h index e6093eda6..f86b1bdd5 100644 --- a/src/kdf/prf_x942/prf_x942.h +++ b/src/kdf/prf_x942/prf_x942.h @@ -18,7 +18,7 @@ namespace Botan { class BOTAN_DLL X942_PRF : public KDF { public: - SecureVector<byte> derive(size_t, const byte[], size_t, + secure_vector<byte> derive(size_t, const byte[], size_t, const byte[], size_t) const; std::string name() const { return "X942_PRF(" + key_wrap_oid + ")"; } |