aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/asn1/alg_id.cpp22
-rw-r--r--src/lib/asn1/alg_id.h5
-rw-r--r--src/lib/asn1/asn1_alt_name.cpp30
-rw-r--r--src/lib/asn1/asn1_alt_name.h6
-rw-r--r--src/lib/asn1/asn1_attribute.cpp14
-rw-r--r--src/lib/asn1/asn1_attribute.h5
-rw-r--r--src/lib/asn1/asn1_obj.h5
-rw-r--r--src/lib/asn1/asn1_oid.cpp46
-rw-r--r--src/lib/asn1/asn1_oid.h8
-rw-r--r--src/lib/asn1/asn1_str.cpp42
-rw-r--r--src/lib/asn1/asn1_str.h8
-rw-r--r--src/lib/asn1/asn1_time.cpp4
-rw-r--r--src/lib/asn1/asn1_time.h4
-rw-r--r--src/lib/asn1/ber_dec.cpp98
-rw-r--r--src/lib/asn1/ber_dec.h14
-rw-r--r--src/lib/asn1/der_enc.cpp50
-rw-r--r--src/lib/asn1/der_enc.h10
-rw-r--r--src/lib/asn1/oid_lookup/default.cpp2
-rw-r--r--src/lib/asn1/oid_lookup/oids.cpp8
-rw-r--r--src/lib/asn1/x509_dn.cpp22
-rw-r--r--src/lib/asn1/x509_dn.h10
-rw-r--r--src/lib/base/algo_registry.h60
-rw-r--r--src/lib/base/init.h2
-rw-r--r--src/lib/base/key_spec.h34
-rw-r--r--src/lib/base/scan_name.cpp18
-rw-r--r--src/lib/base/scan_name.h22
-rw-r--r--src/lib/base/symkey.cpp4
-rw-r--r--src/lib/base/symkey.h2
-rw-r--r--src/lib/block/aes/aes.cpp48
-rw-r--r--src/lib/block/aes/aes.h18
-rw-r--r--src/lib/block/aes_ni/aes_ni.cpp52
-rw-r--r--src/lib/block/aes_ni/aes_ni.h12
-rw-r--r--src/lib/block/aes_ssse3/aes_ssse3.cpp83
-rw-r--r--src/lib/block/aes_ssse3/aes_ssse3.h12
-rw-r--r--src/lib/block/block_cipher.cpp2
-rw-r--r--src/lib/block/blowfish/blowfish.cpp68
-rw-r--r--src/lib/block/blowfish/blowfish.h4
-rw-r--r--src/lib/block/camellia/camellia.cpp24
-rw-r--r--src/lib/block/camellia/camellia.h12
-rw-r--r--src/lib/block/cascade/cascade.h2
-rw-r--r--src/lib/block/cast/cast128.cpp82
-rw-r--r--src/lib/block/cast/cast128.h6
-rw-r--r--src/lib/block/cast/cast256.cpp120
-rw-r--r--src/lib/block/cast/cast256.h6
-rw-r--r--src/lib/block/des/des.cpp34
-rw-r--r--src/lib/block/des/des.h8
-rw-r--r--src/lib/block/des/desx.cpp24
-rw-r--r--src/lib/block/des/desx.h6
-rw-r--r--src/lib/block/gost_28147/gost_28147.cpp48
-rw-r--r--src/lib/block/gost_28147/gost_28147.h20
-rw-r--r--src/lib/block/idea/idea.cpp58
-rw-r--r--src/lib/block/idea/idea.h6
-rw-r--r--src/lib/block/idea_sse2/idea_sse2.h2
-rw-r--r--src/lib/block/kasumi/kasumi.cpp24
-rw-r--r--src/lib/block/kasumi/kasumi.h4
-rw-r--r--src/lib/block/lion/lion.cpp4
-rw-r--r--src/lib/block/lion/lion.h2
-rw-r--r--src/lib/block/mars/mars.cpp120
-rw-r--r--src/lib/block/mars/mars.h4
-rw-r--r--src/lib/block/misty1/misty1.cpp32
-rw-r--r--src/lib/block/misty1/misty1.h4
-rw-r--r--src/lib/block/noekeon/noekeon.cpp32
-rw-r--r--src/lib/block/noekeon/noekeon.h6
-rw-r--r--src/lib/block/noekeon_simd/noekeon_simd.h2
-rw-r--r--src/lib/block/rc2/rc2.cpp38
-rw-r--r--src/lib/block/rc2/rc2.h4
-rw-r--r--src/lib/block/rc5/rc5.cpp64
-rw-r--r--src/lib/block/rc5/rc5.h10
-rw-r--r--src/lib/block/rc6/rc6.cpp56
-rw-r--r--src/lib/block/rc6/rc6.h4
-rw-r--r--src/lib/block/safer/safer_sk.cpp60
-rw-r--r--src/lib/block/safer/safer_sk.h8
-rw-r--r--src/lib/block/seed/seed.cpp240
-rw-r--r--src/lib/block/seed/seed.h12
-rw-r--r--src/lib/block/seed/seed_tab.cpp192
-rw-r--r--src/lib/block/serpent/serpent.cpp12
-rw-r--r--src/lib/block/serpent/serpent.h6
-rw-r--r--src/lib/block/serpent_simd/serp_simd.h2
-rw-r--r--src/lib/block/tea/tea.cpp14
-rw-r--r--src/lib/block/tea/tea.h4
-rw-r--r--src/lib/block/threefish_avx2/threefish_avx2.h2
-rw-r--r--src/lib/block/twofish/twofish.cpp124
-rw-r--r--src/lib/block/twofish/twofish.h4
-rw-r--r--src/lib/block/xtea/xtea.cpp20
-rw-r--r--src/lib/block/xtea/xtea.h4
-rw-r--r--src/lib/block/xtea_simd/xtea_simd.h2
-rw-r--r--src/lib/cert/cvc/asn1_eac_str.cpp20
-rw-r--r--src/lib/cert/cvc/asn1_eac_tm.cpp76
-rw-r--r--src/lib/cert/cvc/cvc_ado.cpp8
-rw-r--r--src/lib/cert/cvc/cvc_cert.cpp10
-rw-r--r--src/lib/cert/cvc/cvc_gen_cert.h8
-rw-r--r--src/lib/cert/cvc/cvc_req.cpp8
-rw-r--r--src/lib/cert/cvc/cvc_self.h11
-rw-r--r--src/lib/cert/cvc/eac_asn_obj.h14
-rw-r--r--src/lib/cert/cvc/eac_obj.h4
-rw-r--r--src/lib/cert/cvc/signed_obj.cpp8
-rw-r--r--src/lib/cert/cvc/signed_obj.h8
-rw-r--r--src/lib/cert/x509/certstor.cpp2
-rw-r--r--src/lib/cert/x509/certstor.h6
-rw-r--r--src/lib/cert/x509/crl_ent.cpp28
-rw-r--r--src/lib/cert/x509/crl_ent.h18
-rw-r--r--src/lib/cert/x509/ocsp.cpp2
-rw-r--r--src/lib/cert/x509/ocsp_types.h4
-rw-r--r--src/lib/cert/x509/pkcs10.cpp30
-rw-r--r--src/lib/cert/x509/pkcs10.h10
-rw-r--r--src/lib/cert/x509/x509_ca.cpp24
-rw-r--r--src/lib/cert/x509/x509_ca.h6
-rw-r--r--src/lib/cert/x509/x509_crl.cpp42
-rw-r--r--src/lib/cert/x509/x509_crl.h10
-rw-r--r--src/lib/cert/x509/x509_ext.cpp171
-rw-r--r--src/lib/cert/x509/x509_ext.h132
-rw-r--r--src/lib/cert/x509/x509_obj.cpp50
-rw-r--r--src/lib/cert/x509/x509_obj.h8
-rw-r--r--src/lib/cert/x509/x509cert.cpp114
-rw-r--r--src/lib/cert/x509/x509cert.h21
-rw-r--r--src/lib/cert/x509/x509opt.cpp4
-rw-r--r--src/lib/cert/x509/x509path.cpp4
-rw-r--r--src/lib/cert/x509/x509path.h2
-rw-r--r--src/lib/cert/x509/x509self.cpp2
-rw-r--r--src/lib/compression/bzip2/bzip2.cpp2
-rw-r--r--src/lib/compression/bzip2/bzip2.h4
-rw-r--r--src/lib/compression/compression.cpp26
-rw-r--r--src/lib/compression/compression.h18
-rw-r--r--src/lib/compression/lzma/lzma.cpp2
-rw-r--r--src/lib/compression/lzma/lzma.h4
-rw-r--r--src/lib/compression/zlib/zlib.cpp4
-rw-r--r--src/lib/compression/zlib/zlib.h12
-rw-r--r--src/lib/entropy/beos_stats/es_beos.h2
-rw-r--r--src/lib/entropy/cryptoapi_rng/es_capi.cpp36
-rw-r--r--src/lib/entropy/cryptoapi_rng/es_capi.h6
-rw-r--r--src/lib/entropy/darwin_secrandom/darwin_secrandom.h2
-rw-r--r--src/lib/entropy/dev_random/dev_random.h2
-rw-r--r--src/lib/entropy/egd/es_egd.cpp16
-rw-r--r--src/lib/entropy/egd/es_egd.h6
-rw-r--r--src/lib/entropy/entropy_src.h10
-rw-r--r--src/lib/entropy/hres_timer/hres_timer.cpp74
-rw-r--r--src/lib/entropy/hres_timer/hres_timer.h2
-rw-r--r--src/lib/entropy/proc_walk/proc_walk.cpp2
-rw-r--r--src/lib/entropy/proc_walk/proc_walk.h2
-rw-r--r--src/lib/entropy/rdrand/rdrand.h2
-rw-r--r--src/lib/entropy/rdseed/rdseed.h2
-rw-r--r--src/lib/entropy/unix_procs/unix_procs.h4
-rw-r--r--src/lib/entropy/win32_stats/es_win32.cpp12
-rw-r--r--src/lib/entropy/win32_stats/es_win32.h2
-rw-r--r--src/lib/ffi/ffi.cpp147
-rw-r--r--src/lib/filters/basefilt.h2
-rw-r--r--src/lib/filters/buf_filt.cpp58
-rw-r--r--src/lib/filters/buf_filt.h12
-rw-r--r--src/lib/filters/codec_filt/b64_filt.cpp102
-rw-r--r--src/lib/filters/codec_filt/b64_filt.h20
-rw-r--r--src/lib/filters/codec_filt/hex_filt.cpp110
-rw-r--r--src/lib/filters/codec_filt/hex_filt.h22
-rw-r--r--src/lib/filters/data_snk.cpp24
-rw-r--r--src/lib/filters/data_snk.h8
-rw-r--r--src/lib/filters/filter.cpp47
-rw-r--r--src/lib/filters/filter.h18
-rw-r--r--src/lib/filters/filters.h4
-rw-r--r--src/lib/filters/out_buf.cpp30
-rw-r--r--src/lib/filters/out_buf.h4
-rw-r--r--src/lib/filters/pipe.cpp100
-rw-r--r--src/lib/filters/pipe.h14
-rw-r--r--src/lib/filters/pipe_rw.cpp15
-rw-r--r--src/lib/filters/secqueue.cpp53
-rw-r--r--src/lib/filters/threaded_fork.cpp14
-rw-r--r--src/lib/filters/transform_filter.h4
-rw-r--r--src/lib/hash/blake2/blake2b.cpp224
-rw-r--r--src/lib/hash/blake2/blake2b.h63
-rw-r--r--src/lib/hash/blake2/info.txt1
-rw-r--r--src/lib/hash/checksum/adler32/adler32.cpp6
-rw-r--r--src/lib/hash/checksum/adler32/adler32.h6
-rw-r--r--src/lib/hash/checksum/crc24/crc24.cpp6
-rw-r--r--src/lib/hash/checksum/crc24/crc24.h6
-rw-r--r--src/lib/hash/checksum/crc32/crc32.cpp8
-rw-r--r--src/lib/hash/checksum/crc32/crc32.h6
-rw-r--r--src/lib/hash/comb4p/comb4p.h2
-rw-r--r--src/lib/hash/gost_3411/gost_3411.cpp68
-rw-r--r--src/lib/hash/gost_3411/gost_3411.h10
-rw-r--r--src/lib/hash/has160/has160.cpp152
-rw-r--r--src/lib/hash/has160/has160.h6
-rw-r--r--src/lib/hash/hash.cpp10
-rw-r--r--src/lib/hash/keccak/keccak.cpp78
-rw-r--r--src/lib/hash/keccak/keccak.h14
-rw-r--r--src/lib/hash/md2/md2.cpp50
-rw-r--r--src/lib/hash/md2/md2.h8
-rw-r--r--src/lib/hash/md4/md4.cpp80
-rw-r--r--src/lib/hash/md4/md4.h13
-rw-r--r--src/lib/hash/md5/md5.cpp98
-rw-r--r--src/lib/hash/md5/md5.h13
-rw-r--r--src/lib/hash/mdx_hash/mdx_hash.cpp50
-rw-r--r--src/lib/hash/mdx_hash/mdx_hash.h8
-rw-r--r--src/lib/hash/par_hash/par_hash.cpp20
-rw-r--r--src/lib/hash/par_hash/par_hash.h6
-rw-r--r--src/lib/hash/rmd128/rmd128.cpp168
-rw-r--r--src/lib/hash/rmd128/rmd128.h6
-rw-r--r--src/lib/hash/rmd160/rmd160.cpp208
-rw-r--r--src/lib/hash/rmd160/rmd160.h6
-rw-r--r--src/lib/hash/sha1/sha160.cpp134
-rw-r--r--src/lib/hash/sha1/sha160.h10
-rw-r--r--src/lib/hash/sha1_sse2/sha1_sse2.cpp20
-rw-r--r--src/lib/hash/sha1_sse2/sha1_sse2.h2
-rw-r--r--src/lib/hash/sha2_32/sha2_32.cpp40
-rw-r--r--src/lib/hash/sha2_32/sha2_32.h12
-rw-r--r--src/lib/hash/sha2_64/sha2_64.h6
-rw-r--r--src/lib/hash/skein/skein_512.cpp76
-rw-r--r--src/lib/hash/skein/skein_512.h16
-rw-r--r--src/lib/hash/tiger/tiger.cpp42
-rw-r--r--src/lib/hash/tiger/tiger.h10
-rw-r--r--src/lib/hash/whirlpool/whirlpool.cpp32
-rw-r--r--src/lib/hash/whirlpool/whrlpool.h6
-rw-r--r--src/lib/kdf/hkdf/hkdf.h4
-rw-r--r--src/lib/kdf/kdf.cpp2
-rw-r--r--src/lib/kdf/kdf1/kdf1.h4
-rw-r--r--src/lib/kdf/kdf2/kdf2.h4
-rw-r--r--src/lib/kdf/prf_tls/prf_tls.h6
-rw-r--r--src/lib/kdf/prf_x942/prf_x942.h4
-rw-r--r--src/lib/mac/cbc_mac/cbc_mac.h4
-rw-r--r--src/lib/mac/cmac/cmac.h4
-rw-r--r--src/lib/mac/hmac/hmac.h4
-rw-r--r--src/lib/mac/mac.cpp2
-rw-r--r--src/lib/mac/poly1305/poly1305.h2
-rw-r--r--src/lib/mac/siphash/siphash.h2
-rw-r--r--src/lib/mac/x919_mac/x919_mac.h2
-rw-r--r--src/lib/math/ec_gfp/curve_gfp.cpp24
-rw-r--r--src/lib/math/ec_gfp/curve_nistp.cpp10
-rw-r--r--src/lib/math/ec_gfp/point_gfp.cpp27
-rw-r--r--src/lib/math/ec_gfp/point_gfp.h6
-rw-r--r--src/lib/math/mp/info.txt3
-rw-r--r--src/lib/math/mp/mp_asm.cpp75
-rw-r--r--src/lib/math/mp/mp_comba.cpp89
-rw-r--r--src/lib/math/mp/mp_core.h39
-rw-r--r--src/lib/math/mp/mp_karat.cpp50
-rw-r--r--src/lib/math/mp/mp_mulop.cpp73
-rw-r--r--src/lib/math/numbertheory/def_powm.h10
-rw-r--r--src/lib/math/numbertheory/dsa_gen.cpp10
-rw-r--r--src/lib/math/numbertheory/numthry.cpp214
-rw-r--r--src/lib/math/numbertheory/numthry.h24
-rw-r--r--src/lib/math/numbertheory/pow_mod.cpp13
-rw-r--r--src/lib/math/numbertheory/powm_fw.cpp31
-rw-r--r--src/lib/math/numbertheory/reducer.cpp38
-rw-r--r--src/lib/math/numbertheory/reducer.h12
-rw-r--r--src/lib/math/numbertheory/ressol.cpp20
-rw-r--r--src/lib/misc/fpe_fe1/fpe_fe1.cpp28
-rw-r--r--src/lib/misc/openpgp/openpgp.cpp2
-rw-r--r--src/lib/misc/srp6/srp6_files.cpp6
-rw-r--r--src/lib/misc/srp6/srp6_files.h17
-rw-r--r--src/lib/misc/tss/tss.cpp34
-rw-r--r--src/lib/misc/tss/tss.h8
-rw-r--r--src/lib/modes/aead/ccm/ccm.h4
-rw-r--r--src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h4
-rw-r--r--src/lib/modes/aead/eax/eax.h4
-rw-r--r--src/lib/modes/aead/gcm/gcm.cpp12
-rw-r--r--src/lib/modes/aead/gcm/gcm.h6
-rw-r--r--src/lib/modes/aead/ocb/ocb.cpp2
-rw-r--r--src/lib/modes/aead/ocb/ocb.h4
-rw-r--r--src/lib/modes/aead/siv/siv.h10
-rw-r--r--src/lib/modes/cbc/cbc.h8
-rw-r--r--src/lib/modes/cfb/cfb.h4
-rw-r--r--src/lib/modes/ecb/ecb.h4
-rw-r--r--src/lib/modes/mode_pad/mode_pad.h8
-rw-r--r--src/lib/modes/stream_mode.h2
-rw-r--r--src/lib/modes/xts/xts.h10
-rw-r--r--src/lib/pbkdf/pbkdf.cpp2
-rw-r--r--src/lib/pbkdf/pbkdf1/pbkdf1.h4
-rw-r--r--src/lib/pbkdf/pbkdf2/pbkdf2.cpp4
-rw-r--r--src/lib/pbkdf/pbkdf2/pbkdf2.h10
-rw-r--r--src/lib/pk_pad/eme.cpp2
-rw-r--r--src/lib/pk_pad/eme_oaep/oaep.h2
-rw-r--r--src/lib/pk_pad/eme_pkcs1/eme_pkcs.h2
-rw-r--r--src/lib/pk_pad/eme_raw/eme_raw.h2
-rw-r--r--src/lib/pk_pad/emsa.cpp2
-rw-r--r--src/lib/pk_pad/emsa1/emsa1.h2
-rw-r--r--src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h4
-rw-r--r--src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp4
-rw-r--r--src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h8
-rw-r--r--src/lib/pk_pad/emsa_pssr/pssr.cpp40
-rw-r--r--src/lib/pk_pad/emsa_pssr/pssr.h8
-rw-r--r--src/lib/pk_pad/emsa_raw/emsa_raw.cpp4
-rw-r--r--src/lib/pk_pad/emsa_raw/emsa_raw.h4
-rw-r--r--src/lib/pk_pad/emsa_x931/emsa_x931.h4
-rw-r--r--src/lib/pk_pad/mgf1/mgf1.h6
-rw-r--r--src/lib/prov/openssl/openssl.h1
-rw-r--r--src/lib/prov/openssl/openssl_block.cpp122
-rw-r--r--src/lib/prov/openssl/openssl_ec.cpp (renamed from src/lib/prov/openssl/openssl_ecdsa.cpp)127
-rw-r--r--src/lib/prov/openssl/openssl_hash.cpp16
-rw-r--r--src/lib/prov/openssl/openssl_rc4.cpp14
-rw-r--r--src/lib/prov/tpm/tpm.h5
-rw-r--r--src/lib/prov/tpm/uuid.h5
-rw-r--r--src/lib/pubkey/blinding.cpp5
-rw-r--r--src/lib/pubkey/curve25519/curve25519.h6
-rw-r--r--src/lib/pubkey/curve25519/donna.cpp6
-rw-r--r--src/lib/pubkey/dh/dh.cpp24
-rw-r--r--src/lib/pubkey/dl_algo/dl_algo.cpp26
-rw-r--r--src/lib/pubkey/dl_algo/dl_algo.h18
-rw-r--r--src/lib/pubkey/dl_group/dl_group.cpp72
-rw-r--r--src/lib/pubkey/dl_group/dl_group.h4
-rw-r--r--src/lib/pubkey/dlies/dlies.cpp80
-rw-r--r--src/lib/pubkey/dlies/dlies.h20
-rw-r--r--src/lib/pubkey/dsa/dsa.cpp93
-rw-r--r--src/lib/pubkey/ec_group/ec_group.cpp24
-rw-r--r--src/lib/pubkey/ec_group/ec_group.h34
-rw-r--r--src/lib/pubkey/ecc_key/ecc_key.cpp47
-rw-r--r--src/lib/pubkey/ecc_key/ecc_key.h17
-rw-r--r--src/lib/pubkey/ecdh/ecdh.cpp18
-rw-r--r--src/lib/pubkey/elgamal/elgamal.cpp58
-rw-r--r--src/lib/pubkey/gost_3410/gost_3410.cpp38
-rw-r--r--src/lib/pubkey/if_algo/if_algo.cpp73
-rw-r--r--src/lib/pubkey/if_algo/if_algo.h24
-rw-r--r--src/lib/pubkey/keypair/keypair.cpp2
-rw-r--r--src/lib/pubkey/mce/gf2m_rootfind_dcmp.cpp18
-rw-r--r--src/lib/pubkey/mce/gf2m_small_m.h2
-rw-r--r--src/lib/pubkey/mce/goppa_code.cpp5
-rw-r--r--src/lib/pubkey/mce/info.txt1
-rw-r--r--src/lib/pubkey/mce/mce_kem.cpp51
-rw-r--r--src/lib/pubkey/mce/mce_kem.h55
-rw-r--r--src/lib/pubkey/mce/mceliece.h6
-rw-r--r--src/lib/pubkey/mce/mceliece_key.cpp65
-rw-r--r--src/lib/pubkey/mce/polyn_gf2m.cpp35
-rw-r--r--src/lib/pubkey/mce/polyn_gf2m.h7
-rw-r--r--src/lib/pubkey/mceies/info.txt1
-rw-r--r--src/lib/pubkey/mceies/mceies.cpp15
-rw-r--r--src/lib/pubkey/nr/nr.cpp83
-rw-r--r--src/lib/pubkey/pk_keys.cpp2
-rw-r--r--src/lib/pubkey/pk_ops.cpp43
-rw-r--r--src/lib/pubkey/pk_ops.h40
-rw-r--r--src/lib/pubkey/pk_ops_impl.h50
-rw-r--r--src/lib/pubkey/pk_utils.h3
-rw-r--r--src/lib/pubkey/pkcs8.cpp88
-rw-r--r--src/lib/pubkey/pkcs8.h50
-rw-r--r--src/lib/pubkey/pubkey.cpp50
-rw-r--r--src/lib/pubkey/pubkey.h86
-rw-r--r--src/lib/pubkey/rsa/rsa.cpp122
-rw-r--r--src/lib/pubkey/rw/rw.cpp88
-rw-r--r--src/lib/rng/hmac_rng/hmac_rng.cpp12
-rw-r--r--src/lib/rng/hmac_rng/hmac_rng.h1
-rw-r--r--src/lib/rng/rng.h14
-rw-r--r--src/lib/stream/chacha/chacha.h2
-rw-r--r--src/lib/stream/ctr/ctr.h4
-rw-r--r--src/lib/stream/ofb/ofb.h4
-rw-r--r--src/lib/stream/rc4/rc4.cpp80
-rw-r--r--src/lib/stream/rc4/rc4.h19
-rw-r--r--src/lib/stream/salsa20/salsa20.h2
-rw-r--r--src/lib/stream/stream_cipher.cpp2
-rw-r--r--src/lib/tls/info.txt2
-rw-r--r--src/lib/tls/msg_cert_req.cpp2
-rw-r--r--src/lib/tls/msg_cert_verify.cpp8
-rw-r--r--src/lib/tls/msg_certificate.cpp6
-rw-r--r--src/lib/tls/msg_client_hello.cpp40
-rw-r--r--src/lib/tls/msg_client_kex.cpp17
-rw-r--r--src/lib/tls/msg_finished.cpp9
-rw-r--r--src/lib/tls/msg_server_hello.cpp26
-rw-r--r--src/lib/tls/msg_server_kex.cpp26
-rw-r--r--src/lib/tls/sessions_sql/tls_session_manager_sql.cpp1
-rw-r--r--src/lib/tls/tls_alert.cpp3
-rw-r--r--src/lib/tls/tls_alert.h5
-rw-r--r--src/lib/tls/tls_blocking.cpp4
-rw-r--r--src/lib/tls/tls_blocking.h4
-rw-r--r--src/lib/tls/tls_channel.cpp78
-rw-r--r--src/lib/tls/tls_channel.h24
-rw-r--r--src/lib/tls/tls_ciphersuite.cpp6
-rw-r--r--src/lib/tls/tls_ciphersuite.h4
-rw-r--r--src/lib/tls/tls_client.cpp10
-rw-r--r--src/lib/tls/tls_client.h6
-rw-r--r--src/lib/tls/tls_exceptn.h2
-rw-r--r--src/lib/tls/tls_extensions.cpp122
-rw-r--r--src/lib/tls/tls_extensions.h138
-rw-r--r--src/lib/tls/tls_handshake_hash.cpp2
-rw-r--r--src/lib/tls/tls_handshake_hash.h10
-rw-r--r--src/lib/tls/tls_handshake_io.h6
-rw-r--r--src/lib/tls/tls_handshake_state.cpp111
-rw-r--r--src/lib/tls/tls_handshake_state.h8
-rw-r--r--src/lib/tls/tls_heartbeats.cpp90
-rw-r--r--src/lib/tls/tls_heartbeats.h44
-rw-r--r--src/lib/tls/tls_magic.h1
-rw-r--r--src/lib/tls/tls_messages.h111
-rw-r--r--src/lib/tls/tls_policy.cpp24
-rw-r--r--src/lib/tls/tls_policy.h24
-rw-r--r--src/lib/tls/tls_record.cpp15
-rw-r--r--src/lib/tls/tls_seq_numbers.h4
-rw-r--r--src/lib/tls/tls_server.cpp28
-rw-r--r--src/lib/tls/tls_server.h2
-rw-r--r--src/lib/tls/tls_session.cpp21
-rw-r--r--src/lib/tls/tls_session.h18
-rw-r--r--src/lib/tls/tls_session_key.cpp44
-rw-r--r--src/lib/tls/tls_session_key.h20
-rw-r--r--src/lib/tls/tls_session_manager.h2
-rw-r--r--src/lib/tls/tls_suite_info.cpp744
-rw-r--r--src/lib/utils/assert.h2
-rw-r--r--src/lib/utils/ct_utils.h47
-rw-r--r--src/lib/utils/data_src.cpp80
-rw-r--r--src/lib/utils/data_src.h28
-rw-r--r--src/lib/utils/database.h2
-rw-r--r--src/lib/utils/datastor/datastor.cpp12
-rw-r--r--src/lib/utils/datastor/datastor.h2
-rw-r--r--src/lib/utils/donna128.h4
-rw-r--r--src/lib/utils/dyn_load/dyn_load.cpp28
-rw-r--r--src/lib/utils/dyn_load/dyn_load.h4
-rw-r--r--src/lib/utils/exceptn.h43
-rw-r--r--src/lib/utils/http_util/http_util.cpp5
-rw-r--r--src/lib/utils/info.txt4
-rw-r--r--src/lib/utils/loadstor.h100
-rw-r--r--src/lib/utils/mem_ops.h81
-rw-r--r--src/lib/utils/os_utils.cpp84
-rw-r--r--src/lib/utils/os_utils.h28
-rw-r--r--src/lib/utils/parsing.cpp14
-rw-r--r--src/lib/utils/read_cfg.cpp4
-rw-r--r--src/lib/utils/semaphore.h2
-rw-r--r--src/lib/utils/simd/simd_sse2/simd_sse2.h70
407 files changed, 6435 insertions, 5430 deletions
diff --git a/src/lib/asn1/alg_id.cpp b/src/lib/asn1/alg_id.cpp
index 7d476a225..75ea78c18 100644
--- a/src/lib/asn1/alg_id.cpp
+++ b/src/lib/asn1/alg_id.cpp
@@ -16,32 +16,24 @@ namespace Botan {
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
- const std::vector<byte>& param)
- {
- oid = alg_id;
- parameters = param;
- }
+ const std::vector<byte>& param) : oid(alg_id), parameters(param)
+ {}
/*
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const std::string& alg_id,
- const std::vector<byte>& param)
- {
- oid = OIDS::lookup(alg_id);
- parameters = param;
- }
+ const std::vector<byte>& param) : oid(OIDS::lookup(alg_id)), parameters(param)
+ {}
/*
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
- Encoding_Option option)
+ Encoding_Option option) : oid(alg_id), parameters()
{
const byte DER_NULL[] = { 0x05, 0x00 };
- oid = alg_id;
-
if(option == USE_NULL_PARAM)
parameters += std::pair<const byte*, size_t>(DER_NULL, sizeof(DER_NULL));
}
@@ -50,12 +42,10 @@ AlgorithmIdentifier::AlgorithmIdentifier(const OID& alg_id,
* Create an AlgorithmIdentifier
*/
AlgorithmIdentifier::AlgorithmIdentifier(const std::string& alg_id,
- Encoding_Option option)
+ Encoding_Option option) : oid(OIDS::lookup(alg_id)), parameters()
{
const byte DER_NULL[] = { 0x05, 0x00 };
- oid = OIDS::lookup(alg_id);
-
if(option == USE_NULL_PARAM)
parameters += std::pair<const byte*, size_t>(DER_NULL, sizeof(DER_NULL));
}
diff --git a/src/lib/asn1/alg_id.h b/src/lib/asn1/alg_id.h
index 9e36fd120..3b6c3f7ec 100644
--- a/src/lib/asn1/alg_id.h
+++ b/src/lib/asn1/alg_id.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* Algorithm Identifier
*/
-class BOTAN_DLL AlgorithmIdentifier : public ASN1_Object
+class BOTAN_DLL AlgorithmIdentifier final : public ASN1_Object
{
public:
enum Encoding_Option { USE_NULL_PARAM };
@@ -32,7 +32,10 @@ class BOTAN_DLL AlgorithmIdentifier : public ASN1_Object
AlgorithmIdentifier(const OID&, const std::vector<byte>&);
AlgorithmIdentifier(const std::string&, const std::vector<byte>&);
+ // public member variable:
OID oid;
+
+ // public member variable:
std::vector<byte> parameters;
};
diff --git a/src/lib/asn1/asn1_alt_name.cpp b/src/lib/asn1/asn1_alt_name.cpp
index 9e59321f7..bd23bdff1 100644
--- a/src/lib/asn1/asn1_alt_name.cpp
+++ b/src/lib/asn1/asn1_alt_name.cpp
@@ -55,15 +55,15 @@ AlternativeName::AlternativeName(const std::string& email_addr,
void AlternativeName::add_attribute(const std::string& type,
const std::string& str)
{
- if(type == "" || str == "")
+ if(type.empty() || str.empty())
return;
- auto range = alt_info.equal_range(type);
+ auto range = m_alt_info.equal_range(type);
for(auto j = range.first; j != range.second; ++j)
if(j->second == str)
return;
- multimap_insert(alt_info, type, str);
+ multimap_insert(m_alt_info, type, str);
}
/*
@@ -72,9 +72,9 @@ void AlternativeName::add_attribute(const std::string& type,
void AlternativeName::add_othername(const OID& oid, const std::string& value,
ASN1_Tag type)
{
- if(value == "")
+ if(value.empty())
return;
- multimap_insert(othernames, oid, ASN1_String(value, type));
+ multimap_insert(m_othernames, oid, ASN1_String(value, type));
}
/*
@@ -82,7 +82,7 @@ void AlternativeName::add_othername(const OID& oid, const std::string& value,
*/
std::multimap<std::string, std::string> AlternativeName::get_attributes() const
{
- return alt_info;
+ return m_alt_info;
}
/*
@@ -90,7 +90,7 @@ std::multimap<std::string, std::string> AlternativeName::get_attributes() const
*/
std::multimap<OID, ASN1_String> AlternativeName::get_othernames() const
{
- return othernames;
+ return m_othernames;
}
/*
@@ -100,10 +100,10 @@ std::multimap<std::string, std::string> AlternativeName::contents() const
{
std::multimap<std::string, std::string> names;
- for(auto i = alt_info.begin(); i != alt_info.end(); ++i)
+ for(auto i = m_alt_info.begin(); i != m_alt_info.end(); ++i)
multimap_insert(names, i->first, i->second);
- for(auto i = othernames.begin(); i != othernames.end(); ++i)
+ for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
multimap_insert(names, OIDS::lookup(i->first), i->second.value());
return names;
@@ -114,7 +114,7 @@ std::multimap<std::string, std::string> AlternativeName::contents() const
*/
bool AlternativeName::has_items() const
{
- return (alt_info.size() > 0 || othernames.size() > 0);
+ return (m_alt_info.size() > 0 || m_othernames.size() > 0);
}
namespace {
@@ -154,12 +154,12 @@ void AlternativeName::encode_into(DER_Encoder& der) const
{
der.start_cons(SEQUENCE);
- encode_entries(der, alt_info, "RFC822", ASN1_Tag(1));
- encode_entries(der, alt_info, "DNS", ASN1_Tag(2));
- encode_entries(der, alt_info, "URI", ASN1_Tag(6));
- encode_entries(der, alt_info, "IP", ASN1_Tag(7));
+ encode_entries(der, m_alt_info, "RFC822", ASN1_Tag(1));
+ encode_entries(der, m_alt_info, "DNS", ASN1_Tag(2));
+ encode_entries(der, m_alt_info, "URI", ASN1_Tag(6));
+ encode_entries(der, m_alt_info, "IP", ASN1_Tag(7));
- for(auto i = othernames.begin(); i != othernames.end(); ++i)
+ for(auto i = m_othernames.begin(); i != m_othernames.end(); ++i)
{
der.start_explicit(0)
.encode(i->first)
diff --git a/src/lib/asn1/asn1_alt_name.h b/src/lib/asn1/asn1_alt_name.h
index 91ba2bcf1..5ea7cfb14 100644
--- a/src/lib/asn1/asn1_alt_name.h
+++ b/src/lib/asn1/asn1_alt_name.h
@@ -19,7 +19,7 @@ namespace Botan {
/**
* Alternative Name
*/
-class BOTAN_DLL AlternativeName : public ASN1_Object
+class BOTAN_DLL AlternativeName final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -38,8 +38,8 @@ class BOTAN_DLL AlternativeName : public ASN1_Object
AlternativeName(const std::string& = "", const std::string& = "",
const std::string& = "", const std::string& = "");
private:
- std::multimap<std::string, std::string> alt_info;
- std::multimap<OID, ASN1_String> othernames;
+ std::multimap<std::string, std::string> m_alt_info;
+ std::multimap<OID, ASN1_String> m_othernames;
};
}
diff --git a/src/lib/asn1/asn1_attribute.cpp b/src/lib/asn1/asn1_attribute.cpp
index 406a57d9a..bd7e5bf11 100644
--- a/src/lib/asn1/asn1_attribute.cpp
+++ b/src/lib/asn1/asn1_attribute.cpp
@@ -15,21 +15,15 @@ namespace Botan {
/*
* Create an Attribute
*/
-Attribute::Attribute(const OID& attr_oid, const std::vector<byte>& attr_value)
- {
- oid = attr_oid;
- parameters = attr_value;
- }
+Attribute::Attribute(const OID& attr_oid, const std::vector<byte>& attr_value) : oid(attr_oid), parameters(attr_value)
+ {}
/*
* Create an Attribute
*/
Attribute::Attribute(const std::string& attr_oid,
- const std::vector<byte>& attr_value)
- {
- oid = OIDS::lookup(attr_oid);
- parameters = attr_value;
- }
+ const std::vector<byte>& attr_value) : oid(OIDS::lookup(attr_oid)), parameters(attr_value)
+ {}
/*
* DER encode a Attribute
diff --git a/src/lib/asn1/asn1_attribute.h b/src/lib/asn1/asn1_attribute.h
index 371b0f99a..737d84b81 100644
--- a/src/lib/asn1/asn1_attribute.h
+++ b/src/lib/asn1/asn1_attribute.h
@@ -17,13 +17,16 @@ namespace Botan {
/**
* Attribute
*/
-class BOTAN_DLL Attribute : public ASN1_Object
+class BOTAN_DLL Attribute final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder& to) const override;
void decode_from(class BER_Decoder& from) override;
+ // public member variable:
OID oid;
+
+ // public member variable:
std::vector<byte> parameters;
Attribute() {}
diff --git a/src/lib/asn1/asn1_obj.h b/src/lib/asn1/asn1_obj.h
index f68ef675e..3e119dc01 100644
--- a/src/lib/asn1/asn1_obj.h
+++ b/src/lib/asn1/asn1_obj.h
@@ -84,7 +84,10 @@ class BOTAN_DLL BER_Object
public:
void assert_is_a(ASN1_Tag, ASN1_Tag);
+ // public member variable:
ASN1_Tag type_tag, class_tag;
+
+ // public member variable:
secure_vector<byte> value;
};
@@ -111,7 +114,7 @@ bool maybe_BER(DataSource& src);
*/
struct BOTAN_DLL BER_Decoding_Error : public Decoding_Error
{
- BER_Decoding_Error(const std::string&);
+ explicit BER_Decoding_Error(const std::string&);
};
/**
diff --git a/src/lib/asn1/asn1_oid.cpp b/src/lib/asn1/asn1_oid.cpp
index 2fbc4b27c..5b0a557d2 100644
--- a/src/lib/asn1/asn1_oid.cpp
+++ b/src/lib/asn1/asn1_oid.cpp
@@ -18,20 +18,20 @@ namespace Botan {
*/
OID::OID(const std::string& oid_str)
{
- if(oid_str != "")
+ if(!oid_str.empty())
{
try
{
- id = parse_asn1_oid(oid_str);
+ m_id = parse_asn1_oid(oid_str);
}
catch(...)
{
throw Invalid_OID(oid_str);
}
- if(id.size() < 2 || id[0] > 2)
+ if(m_id.size() < 2 || m_id[0] > 2)
throw Invalid_OID(oid_str);
- if((id[0] == 0 || id[0] == 1) && id[1] > 39)
+ if((m_id[0] == 0 || m_id[0] == 1) && m_id[1] > 39)
throw Invalid_OID(oid_str);
}
}
@@ -41,7 +41,7 @@ OID::OID(const std::string& oid_str)
*/
void OID::clear()
{
- id.clear();
+ m_id.clear();
}
/*
@@ -50,10 +50,10 @@ void OID::clear()
std::string OID::as_string() const
{
std::string oid_str;
- for(size_t i = 0; i != id.size(); ++i)
+ for(size_t i = 0; i != m_id.size(); ++i)
{
- oid_str += std::to_string(id[i]);
- if(i != id.size() - 1)
+ oid_str += std::to_string(m_id[i]);
+ if(i != m_id.size() - 1)
oid_str += ".";
}
return oid_str;
@@ -64,10 +64,10 @@ std::string OID::as_string() const
*/
bool OID::operator==(const OID& oid) const
{
- if(id.size() != oid.id.size())
+ if(m_id.size() != oid.m_id.size())
return false;
- for(size_t i = 0; i != id.size(); ++i)
- if(id[i] != oid.id[i])
+ for(size_t i = 0; i != m_id.size(); ++i)
+ if(m_id[i] != oid.m_id[i])
return false;
return true;
}
@@ -77,7 +77,7 @@ bool OID::operator==(const OID& oid) const
*/
OID& OID::operator+=(u32bit component)
{
- id.push_back(component);
+ m_id.push_back(component);
return (*this);
}
@@ -126,24 +126,26 @@ bool operator<(const OID& a, const OID& b)
*/
void OID::encode_into(DER_Encoder& der) const
{
- if(id.size() < 2)
+ if(m_id.size() < 2)
throw Invalid_Argument("OID::encode_into: OID is invalid");
std::vector<byte> encoding;
- encoding.push_back(40 * id[0] + id[1]);
+ encoding.push_back(40 * m_id[0] + m_id[1]);
- for(size_t i = 2; i != id.size(); ++i)
+ for(size_t i = 2; i != m_id.size(); ++i)
{
- if(id[i] == 0)
+ if(m_id[i] == 0)
encoding.push_back(0);
else
{
- size_t blocks = high_bit(id[i]) + 6;
+ size_t blocks = high_bit(m_id[i]) + 6;
blocks = (blocks - (blocks % 7)) / 7;
+ BOTAN_ASSERT(blocks > 0, "Math works");
+
for(size_t j = 0; j != blocks - 1; ++j)
- encoding.push_back(0x80 | ((id[i] >> 7*(blocks-j-1)) & 0x7F));
- encoding.push_back(id[i] & 0x7F);
+ encoding.push_back(0x80 | ((m_id[i] >> 7*(blocks-j-1)) & 0x7F));
+ encoding.push_back(m_id[i] & 0x7F);
}
}
der.add_object(OBJECT_ID, UNIVERSAL, encoding);
@@ -163,8 +165,8 @@ void OID::decode_from(BER_Decoder& decoder)
clear();
- id.push_back(obj.value[0] / 40);
- id.push_back(obj.value[0] % 40);
+ m_id.push_back(obj.value[0] / 40);
+ m_id.push_back(obj.value[0] % 40);
size_t i = 0;
while(i != obj.value.size() - 1)
@@ -182,7 +184,7 @@ void OID::decode_from(BER_Decoder& decoder)
if(!(obj.value[i] & 0x80))
break;
}
- id.push_back(component);
+ m_id.push_back(component);
}
}
diff --git a/src/lib/asn1/asn1_oid.h b/src/lib/asn1/asn1_oid.h
index 7cdb9f58f..6fbd876ec 100644
--- a/src/lib/asn1/asn1_oid.h
+++ b/src/lib/asn1/asn1_oid.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* This class represents ASN.1 object identifiers.
*/
-class BOTAN_DLL OID : public ASN1_Object
+class BOTAN_DLL OID final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -27,13 +27,13 @@ class BOTAN_DLL OID : public ASN1_Object
* Find out whether this OID is empty
* @return true is no OID value is set
*/
- bool empty() const { return id.size() == 0; }
+ bool empty() const { return m_id.size() == 0; }
/**
* Get this OID as list (vector) of its components.
* @return vector representing this OID
*/
- const std::vector<u32bit>& get_id() const { return id; }
+ const std::vector<u32bit>& get_id() const { return m_id; }
/**
* Get this OID as a string
@@ -65,7 +65,7 @@ class BOTAN_DLL OID : public ASN1_Object
*/
OID(const std::string& str = "");
private:
- std::vector<u32bit> id;
+ std::vector<u32bit> m_id;
};
/**
diff --git a/src/lib/asn1/asn1_str.cpp b/src/lib/asn1/asn1_str.cpp
index 05be90e3d..c378d5dfe 100644
--- a/src/lib/asn1/asn1_str.cpp
+++ b/src/lib/asn1/asn1_str.cpp
@@ -62,39 +62,35 @@ ASN1_Tag choose_encoding(const std::string& str,
/*
* Create an ASN1_String
*/
-ASN1_String::ASN1_String(const std::string& str, ASN1_Tag t) : tag(t)
+ASN1_String::ASN1_String(const std::string& str, ASN1_Tag t) : m_iso_8859_str(Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET)), m_tag(t)
{
- iso_8859_str = Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET);
-
- if(tag == DIRECTORY_STRING)
- tag = choose_encoding(iso_8859_str, "latin1");
-
- if(tag != NUMERIC_STRING &&
- tag != PRINTABLE_STRING &&
- tag != VISIBLE_STRING &&
- tag != T61_STRING &&
- tag != IA5_STRING &&
- tag != UTF8_STRING &&
- tag != BMP_STRING)
+
+ if(m_tag == DIRECTORY_STRING)
+ m_tag = choose_encoding(m_iso_8859_str, "latin1");
+
+ if(m_tag != NUMERIC_STRING &&
+ m_tag != PRINTABLE_STRING &&
+ m_tag != VISIBLE_STRING &&
+ m_tag != T61_STRING &&
+ m_tag != IA5_STRING &&
+ m_tag != UTF8_STRING &&
+ m_tag != BMP_STRING)
throw Invalid_Argument("ASN1_String: Unknown string type " +
- std::to_string(tag));
+ std::to_string(m_tag));
}
/*
* Create an ASN1_String
*/
-ASN1_String::ASN1_String(const std::string& str)
- {
- iso_8859_str = Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET);
- tag = choose_encoding(iso_8859_str, "latin1");
- }
+ASN1_String::ASN1_String(const std::string& str) : m_iso_8859_str(Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET)), m_tag(choose_encoding(m_iso_8859_str, "latin1"))
+ {}
/*
* Return this string in ISO 8859-1 encoding
*/
std::string ASN1_String::iso_8859() const
{
- return iso_8859_str;
+ return m_iso_8859_str;
}
/*
@@ -102,7 +98,7 @@ std::string ASN1_String::iso_8859() const
*/
std::string ASN1_String::value() const
{
- return Charset::transcode(iso_8859_str, LATIN1_CHARSET, LOCAL_CHARSET);
+ return Charset::transcode(m_iso_8859_str, LATIN1_CHARSET, LOCAL_CHARSET);
}
/*
@@ -110,7 +106,7 @@ std::string ASN1_String::value() const
*/
ASN1_Tag ASN1_String::tagging() const
{
- return tag;
+ return m_tag;
}
/*
@@ -141,7 +137,7 @@ void ASN1_String::decode_from(BER_Decoder& source)
charset_is = LATIN1_CHARSET;
*this = ASN1_String(
- Charset::transcode(ASN1::to_string(obj), charset_is, LOCAL_CHARSET),
+ Charset::transcode(ASN1::to_string(obj), LOCAL_CHARSET, charset_is),
obj.type_tag);
}
diff --git a/src/lib/asn1/asn1_str.h b/src/lib/asn1/asn1_str.h
index 84458e517..1d75ec519 100644
--- a/src/lib/asn1/asn1_str.h
+++ b/src/lib/asn1/asn1_str.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Simple String
*/
-class BOTAN_DLL ASN1_String : public ASN1_Object
+class BOTAN_DLL ASN1_String final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -26,11 +26,11 @@ class BOTAN_DLL ASN1_String : public ASN1_Object
ASN1_Tag tagging() const;
- ASN1_String(const std::string& = "");
+ explicit ASN1_String(const std::string& = "");
ASN1_String(const std::string&, ASN1_Tag);
private:
- std::string iso_8859_str;
- ASN1_Tag tag;
+ std::string m_iso_8859_str;
+ ASN1_Tag m_tag;
};
}
diff --git a/src/lib/asn1/asn1_time.cpp b/src/lib/asn1/asn1_time.cpp
index a9dffa95c..67fc8b5ac 100644
--- a/src/lib/asn1/asn1_time.cpp
+++ b/src/lib/asn1/asn1_time.cpp
@@ -149,14 +149,14 @@ void X509_Time::set_to(const std::string& t_spec, ASN1_Tag spec_tag)
set_to(t_spec, GENERALIZED_TIME);
return;
}
- catch(Invalid_Argument) {} // Not a generalized time. Continue
+ catch(Invalid_Argument&) {} // Not a generalized time. Continue
try
{
set_to(t_spec, UTC_TIME);
return;
}
- catch(Invalid_Argument) {} // Not a UTC time. Continue
+ catch(Invalid_Argument&) {} // Not a UTC time. Continue
throw Invalid_Argument("Time string could not be parsed as GeneralizedTime or UTCTime.");
}
diff --git a/src/lib/asn1/asn1_time.h b/src/lib/asn1/asn1_time.h
index 313b26b06..ba5b84838 100644
--- a/src/lib/asn1/asn1_time.h
+++ b/src/lib/asn1/asn1_time.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* X.509 Time
*/
-class BOTAN_DLL X509_Time : public ASN1_Object
+class BOTAN_DLL X509_Time final : public ASN1_Object
{
public:
/// DER encode a X509_Time
@@ -41,7 +41,7 @@ class BOTAN_DLL X509_Time : public ASN1_Object
X509_Time() {}
/// Create a X509_Time from a time point
- X509_Time(const std::chrono::system_clock::time_point& time);
+ explicit X509_Time(const std::chrono::system_clock::time_point& time);
/// Create an X509_Time from string
X509_Time(const std::string& t_spec, ASN1_Tag tag);
diff --git a/src/lib/asn1/ber_dec.cpp b/src/lib/asn1/ber_dec.cpp
index 80dfba3bb..ac676cd08 100644
--- a/src/lib/asn1/ber_dec.cpp
+++ b/src/lib/asn1/ber_dec.cpp
@@ -139,14 +139,14 @@ size_t find_eoc(DataSource* ber)
/*
* Check a type invariant on BER data
*/
-void BER_Object::assert_is_a(ASN1_Tag type_tag, ASN1_Tag class_tag)
+void BER_Object::assert_is_a(ASN1_Tag type_tag_, ASN1_Tag class_tag_)
{
- if(this->type_tag != type_tag || this->class_tag != class_tag)
+ if(type_tag != type_tag_ || class_tag != class_tag_)
throw BER_Decoding_Error("Tag mismatch when decoding got " +
- std::to_string(this->type_tag) + "/" +
- std::to_string(this->class_tag) + " expected " +
std::to_string(type_tag) + "/" +
- std::to_string(class_tag));
+ std::to_string(class_tag) + " expected " +
+ std::to_string(type_tag_) + "/" +
+ std::to_string(class_tag_));
}
/*
@@ -154,7 +154,7 @@ void BER_Object::assert_is_a(ASN1_Tag type_tag, ASN1_Tag class_tag)
*/
bool BER_Decoder::more_items() const
{
- if(source->end_of_data() && (pushed.type_tag == NO_OBJECT))
+ if(m_source->end_of_data() && (m_pushed.type_tag == NO_OBJECT))
return false;
return true;
}
@@ -164,7 +164,7 @@ bool BER_Decoder::more_items() const
*/
BER_Decoder& BER_Decoder::verify_end()
{
- if(!source->end_of_data() || (pushed.type_tag != NO_OBJECT))
+ if(!m_source->end_of_data() || (m_pushed.type_tag != NO_OBJECT))
throw Invalid_State("BER_Decoder::verify_end called, but data remains");
return (*this);
}
@@ -176,7 +176,7 @@ BER_Decoder& BER_Decoder::raw_bytes(secure_vector<byte>& out)
{
out.clear();
byte buf;
- while(source->read_byte(buf))
+ while(m_source->read_byte(buf))
out.push_back(buf);
return (*this);
}
@@ -185,7 +185,7 @@ BER_Decoder& BER_Decoder::raw_bytes(std::vector<byte>& out)
{
out.clear();
byte buf;
- while(source->read_byte(buf))
+ while(m_source->read_byte(buf))
out.push_back(buf);
return (*this);
}
@@ -196,7 +196,7 @@ BER_Decoder& BER_Decoder::raw_bytes(std::vector<byte>& out)
BER_Decoder& BER_Decoder::discard_remaining()
{
byte buf;
- while(source->read_byte(buf))
+ while(m_source->read_byte(buf))
;
return (*this);
}
@@ -208,23 +208,23 @@ BER_Object BER_Decoder::get_next_object()
{
BER_Object next;
- if(pushed.type_tag != NO_OBJECT)
+ if(m_pushed.type_tag != NO_OBJECT)
{
- next = pushed;
- pushed.class_tag = pushed.type_tag = NO_OBJECT;
+ next = m_pushed;
+ m_pushed.class_tag = m_pushed.type_tag = NO_OBJECT;
return next;
}
- decode_tag(source, next.type_tag, next.class_tag);
+ decode_tag(m_source, next.type_tag, next.class_tag);
if(next.type_tag == NO_OBJECT)
return next;
- const size_t length = decode_length(source);
- if(!source->check_available(length))
+ const size_t length = decode_length(m_source);
+ if(!m_source->check_available(length))
throw BER_Decoding_Error("Value truncated");
next.value.resize(length);
- if(source->read(next.value.data(), length) != length)
+ if(m_source->read(next.value.data(), length) != length)
throw BER_Decoding_Error("Value truncated");
if(next.type_tag == EOC && next.class_tag == UNIVERSAL)
@@ -244,9 +244,9 @@ BER_Decoder& BER_Decoder::get_next(BER_Object& ber)
*/
void BER_Decoder::push_back(const BER_Object& obj)
{
- if(pushed.type_tag != NO_OBJECT)
+ if(m_pushed.type_tag != NO_OBJECT)
throw Invalid_State("BER_Decoder: Only one push back is allowed");
- pushed = obj;
+ m_pushed = obj;
}
/*
@@ -259,7 +259,7 @@ BER_Decoder BER_Decoder::start_cons(ASN1_Tag type_tag,
obj.assert_is_a(type_tag, ASN1_Tag(class_tag | CONSTRUCTED));
BER_Decoder result(obj.value.data(), obj.value.size());
- result.parent = this;
+ result.m_parent = this;
return result;
}
@@ -268,11 +268,11 @@ BER_Decoder BER_Decoder::start_cons(ASN1_Tag type_tag,
*/
BER_Decoder& BER_Decoder::end_cons()
{
- if(!parent)
+ if(!m_parent)
throw Invalid_State("BER_Decoder::end_cons called with NULL parent");
- if(!source->end_of_data())
+ if(!m_source->end_of_data())
throw Decoding_Error("BER_Decoder::end_cons called with data left");
- return (*parent);
+ return (*m_parent);
}
/*
@@ -280,10 +280,10 @@ BER_Decoder& BER_Decoder::end_cons()
*/
BER_Decoder::BER_Decoder(DataSource& src)
{
- source = &src;
- owns = false;
- pushed.type_tag = pushed.class_tag = NO_OBJECT;
- parent = nullptr;
+ m_source = &src;
+ m_owns = false;
+ m_pushed.type_tag = m_pushed.class_tag = NO_OBJECT;
+ m_parent = nullptr;
}
/*
@@ -291,10 +291,10 @@ BER_Decoder::BER_Decoder(DataSource& src)
*/
BER_Decoder::BER_Decoder(const byte data[], size_t length)
{
- source = new DataSource_Memory(data, length);
- owns = true;
- pushed.type_tag = pushed.class_tag = NO_OBJECT;
- parent = nullptr;
+ m_source = new DataSource_Memory(data, length);
+ m_owns = true;
+ m_pushed.type_tag = m_pushed.class_tag = NO_OBJECT;
+ m_parent = nullptr;
}
/*
@@ -302,10 +302,10 @@ BER_Decoder::BER_Decoder(const byte data[], size_t length)
*/
BER_Decoder::BER_Decoder(const secure_vector<byte>& data)
{
- source = new DataSource_Memory(data);
- owns = true;
- pushed.type_tag = pushed.class_tag = NO_OBJECT;
- parent = nullptr;
+ m_source = new DataSource_Memory(data);
+ m_owns = true;
+ m_pushed.type_tag = m_pushed.class_tag = NO_OBJECT;
+ m_parent = nullptr;
}
/*
@@ -313,10 +313,10 @@ BER_Decoder::BER_Decoder(const secure_vector<byte>& data)
*/
BER_Decoder::BER_Decoder(const std::vector<byte>& data)
{
- source = new DataSource_Memory(data.data(), data.size());
- owns = true;
- pushed.type_tag = pushed.class_tag = NO_OBJECT;
- parent = nullptr;
+ m_source = new DataSource_Memory(data.data(), data.size());
+ m_owns = true;
+ m_pushed.type_tag = m_pushed.class_tag = NO_OBJECT;
+ m_parent = nullptr;
}
/*
@@ -324,15 +324,15 @@ BER_Decoder::BER_Decoder(const std::vector<byte>& data)
*/
BER_Decoder::BER_Decoder(const BER_Decoder& other)
{
- source = other.source;
- owns = false;
- if(other.owns)
+ m_source = other.m_source;
+ m_owns = false;
+ if(other.m_owns)
{
- other.owns = false;
- owns = true;
+ other.m_owns = false;
+ m_owns = true;
}
- pushed.type_tag = pushed.class_tag = NO_OBJECT;
- parent = other.parent;
+ m_pushed.type_tag = m_pushed.class_tag = NO_OBJECT;
+ m_parent = other.m_parent;
}
/*
@@ -340,9 +340,9 @@ BER_Decoder::BER_Decoder(const BER_Decoder& other)
*/
BER_Decoder::~BER_Decoder()
{
- if(owns)
- delete source;
- source = nullptr;
+ if(m_owns)
+ delete m_source;
+ m_source = nullptr;
}
/*
diff --git a/src/lib/asn1/ber_dec.h b/src/lib/asn1/ber_dec.h
index 98cfcb10f..8a5c9ca45 100644
--- a/src/lib/asn1/ber_dec.h
+++ b/src/lib/asn1/ber_dec.h
@@ -157,21 +157,21 @@ class BOTAN_DLL BER_Decoder
BER_Decoder& operator=(const BER_Decoder&) = delete;
- BER_Decoder(DataSource&);
+ explicit BER_Decoder(DataSource&);
BER_Decoder(const byte[], size_t);
- BER_Decoder(const secure_vector<byte>&);
+ explicit BER_Decoder(const secure_vector<byte>&);
- BER_Decoder(const std::vector<byte>& vec);
+ explicit BER_Decoder(const std::vector<byte>& vec);
BER_Decoder(const BER_Decoder&);
~BER_Decoder();
private:
- BER_Decoder* parent;
- DataSource* source;
- BER_Object pushed;
- mutable bool owns;
+ BER_Decoder* m_parent;
+ DataSource* m_source;
+ BER_Object m_pushed;
+ mutable bool m_owns;
};
/*
diff --git a/src/lib/asn1/der_enc.cpp b/src/lib/asn1/der_enc.cpp
index f1bcf634e..c5c2b4803 100644
--- a/src/lib/asn1/der_enc.cpp
+++ b/src/lib/asn1/der_enc.cpp
@@ -34,6 +34,8 @@ secure_vector<byte> encode_tag(ASN1_Tag type_tag, ASN1_Tag class_tag)
size_t blocks = high_bit(type_tag) + 6;
blocks = (blocks - (blocks % 7)) / 7;
+ BOTAN_ASSERT(blocks > 0, "Math works");
+
encoded_tag.push_back(class_tag | 0x1F);
for(size_t i = 0; i != blocks - 1; ++i)
encoded_tag.push_back(0x80 | ((type_tag >> 7*(blocks-i-1)) & 0x7F));
@@ -70,21 +72,21 @@ secure_vector<byte> encode_length(size_t length)
*/
secure_vector<byte> DER_Encoder::DER_Sequence::get_contents()
{
- const ASN1_Tag real_class_tag = ASN1_Tag(class_tag | CONSTRUCTED);
+ const ASN1_Tag real_class_tag = ASN1_Tag(m_class_tag | CONSTRUCTED);
- if(type_tag == SET)
+ if(m_type_tag == SET)
{
- std::sort(set_contents.begin(), set_contents.end());
- for(size_t i = 0; i != set_contents.size(); ++i)
- contents += set_contents[i];
- set_contents.clear();
+ std::sort(m_set_contents.begin(), m_set_contents.end());
+ for(size_t i = 0; i != m_set_contents.size(); ++i)
+ m_contents += m_set_contents[i];
+ m_set_contents.clear();
}
secure_vector<byte> result;
- result += encode_tag(type_tag, real_class_tag);
- result += encode_length(contents.size());
- result += contents;
- contents.clear();
+ result += encode_tag(m_type_tag, real_class_tag);
+ result += encode_length(m_contents.size());
+ result += m_contents;
+ m_contents.clear();
return result;
}
@@ -94,10 +96,10 @@ secure_vector<byte> DER_Encoder::DER_Sequence::get_contents()
*/
void DER_Encoder::DER_Sequence::add_bytes(const byte data[], size_t length)
{
- if(type_tag == SET)
- set_contents.push_back(secure_vector<byte>(data, data + length));
+ if(m_type_tag == SET)
+ m_set_contents.push_back(secure_vector<byte>(data, data + length));
else
- contents += std::make_pair(data, length);
+ m_contents += std::make_pair(data, length);
}
/*
@@ -105,14 +107,14 @@ void DER_Encoder::DER_Sequence::add_bytes(const byte data[], size_t length)
*/
ASN1_Tag DER_Encoder::DER_Sequence::tag_of() const
{
- return ASN1_Tag(type_tag | class_tag);
+ return ASN1_Tag(m_type_tag | m_class_tag);
}
/*
* DER_Sequence Constructor
*/
DER_Encoder::DER_Sequence::DER_Sequence(ASN1_Tag t1, ASN1_Tag t2) :
- type_tag(t1), class_tag(t2)
+ m_type_tag(t1), m_class_tag(t2)
{
}
@@ -121,11 +123,11 @@ DER_Encoder::DER_Sequence::DER_Sequence(ASN1_Tag t1, ASN1_Tag t2) :
*/
secure_vector<byte> DER_Encoder::get_contents()
{
- if(subsequences.size() != 0)
+ if(m_subsequences.size() != 0)
throw Invalid_State("DER_Encoder: Sequence hasn't been marked done");
secure_vector<byte> output;
- std::swap(output, contents);
+ std::swap(output, m_contents);
return output;
}
@@ -135,7 +137,7 @@ secure_vector<byte> DER_Encoder::get_contents()
DER_Encoder& DER_Encoder::start_cons(ASN1_Tag type_tag,
ASN1_Tag class_tag)
{
- subsequences.push_back(DER_Sequence(type_tag, class_tag));
+ m_subsequences.push_back(DER_Sequence(type_tag, class_tag));
return (*this);
}
@@ -144,11 +146,11 @@ DER_Encoder& DER_Encoder::start_cons(ASN1_Tag type_tag,
*/
DER_Encoder& DER_Encoder::end_cons()
{
- if(subsequences.empty())
+ if(m_subsequences.empty())
throw Invalid_State("DER_Encoder::end_cons: No such sequence");
- secure_vector<byte> seq = subsequences[subsequences.size()-1].get_contents();
- subsequences.pop_back();
+ secure_vector<byte> seq = m_subsequences[m_subsequences.size()-1].get_contents();
+ m_subsequences.pop_back();
raw_bytes(seq);
return (*this);
}
@@ -192,10 +194,10 @@ DER_Encoder& DER_Encoder::raw_bytes(const std::vector<byte>& val)
*/
DER_Encoder& DER_Encoder::raw_bytes(const byte bytes[], size_t length)
{
- if(subsequences.size())
- subsequences[subsequences.size()-1].add_bytes(bytes, length);
+ if(m_subsequences.size())
+ m_subsequences[m_subsequences.size()-1].add_bytes(bytes, length);
else
- contents += std::make_pair(bytes, length);
+ m_contents += std::make_pair(bytes, length);
return (*this);
}
diff --git a/src/lib/asn1/der_enc.h b/src/lib/asn1/der_enc.h
index dbb97d1aa..78cb4c38d 100644
--- a/src/lib/asn1/der_enc.h
+++ b/src/lib/asn1/der_enc.h
@@ -123,13 +123,13 @@ class BOTAN_DLL DER_Encoder
void add_bytes(const byte[], size_t);
DER_Sequence(ASN1_Tag, ASN1_Tag);
private:
- ASN1_Tag type_tag, class_tag;
- secure_vector<byte> contents;
- std::vector< secure_vector<byte> > set_contents;
+ ASN1_Tag m_type_tag, m_class_tag;
+ secure_vector<byte> m_contents;
+ std::vector< secure_vector<byte> > m_set_contents;
};
- secure_vector<byte> contents;
- std::vector<DER_Sequence> subsequences;
+ secure_vector<byte> m_contents;
+ std::vector<DER_Sequence> m_subsequences;
};
}
diff --git a/src/lib/asn1/oid_lookup/default.cpp b/src/lib/asn1/oid_lookup/default.cpp
index 2034ab25c..5bd268e5b 100644
--- a/src/lib/asn1/oid_lookup/default.cpp
+++ b/src/lib/asn1/oid_lookup/default.cpp
@@ -201,6 +201,8 @@ const char* default_oid_list()
"1.3.6.1.5.5.7.48.1 = PKIX.OCSP" "\n"
"1.3.6.1.5.5.7.48.1.1 = PKIX.OCSP.BasicResponse" "\n"
+ "1.3.6.1.4.1.311.20.2.2 = Microsoft SmartcardLogon" "\n"
+
// ECC param sets
"1.3.132.0.8 = secp160r1" "\n"
"1.3.132.0.9 = secp160k1" "\n"
diff --git a/src/lib/asn1/oid_lookup/oids.cpp b/src/lib/asn1/oid_lookup/oids.cpp
index 8ce0ec644..cdb863494 100644
--- a/src/lib/asn1/oid_lookup/oids.cpp
+++ b/src/lib/asn1/oid_lookup/oids.cpp
@@ -109,12 +109,12 @@ void OID_Map::read_cfg(std::istream& cfg, const std::string& source)
std::getline(cfg, s);
++line;
- if(s == "" || s[0] == '#')
+ if(s.empty() || s[0] == '#')
continue;
s = clean_ws(s.substr(0, s.find('#')));
- if(s == "")
+ if(s.empty())
continue;
auto eq = s.find("=");
@@ -125,8 +125,8 @@ void OID_Map::read_cfg(std::istream& cfg, const std::string& source)
const std::string oid = clean_ws(s.substr(0, eq));
const std::string name = clean_ws(s.substr(eq + 1, std::string::npos));
- m_str2oid.insert(std::make_pair(name, oid));
- m_oid2str.insert(std::make_pair(oid, name));
+ m_str2oid.insert(std::make_pair(name, OID(oid)));
+ m_oid2str.insert(std::make_pair(OID(oid), name));
}
}
diff --git a/src/lib/asn1/x509_dn.cpp b/src/lib/asn1/x509_dn.cpp
index ff4a73ebb..9c36cd695 100644
--- a/src/lib/asn1/x509_dn.cpp
+++ b/src/lib/asn1/x509_dn.cpp
@@ -55,16 +55,16 @@ void X509_DN::add_attribute(const std::string& type,
*/
void X509_DN::add_attribute(const OID& oid, const std::string& str)
{
- if(str == "")
+ if(str.empty())
return;
- auto range = dn_info.equal_range(oid);
+ auto range = m_dn_info.equal_range(oid);
for(auto i = range.first; i != range.second; ++i)
if(i->second.value() == str)
return;
- multimap_insert(dn_info, oid, ASN1_String(str));
- dn_bits.clear();
+ multimap_insert(m_dn_info, oid, ASN1_String(str));
+ m_dn_bits.clear();
}
/*
@@ -73,7 +73,7 @@ void X509_DN::add_attribute(const OID& oid, const std::string& str)
std::multimap<OID, std::string> X509_DN::get_attributes() const
{
std::multimap<OID, std::string> retval;
- for(auto i = dn_info.begin(); i != dn_info.end(); ++i)
+ for(auto i = m_dn_info.begin(); i != m_dn_info.end(); ++i)
multimap_insert(retval, i->first, i->second.value());
return retval;
}
@@ -84,7 +84,7 @@ std::multimap<OID, std::string> X509_DN::get_attributes() const
std::multimap<std::string, std::string> X509_DN::contents() const
{
std::multimap<std::string, std::string> retval;
- for(auto i = dn_info.begin(); i != dn_info.end(); ++i)
+ for(auto i = m_dn_info.begin(); i != m_dn_info.end(); ++i)
multimap_insert(retval, OIDS::lookup(i->first), i->second.value());
return retval;
}
@@ -96,7 +96,7 @@ std::vector<std::string> X509_DN::get_attribute(const std::string& attr) const
{
const OID oid = OIDS::lookup(deref_info_field(attr));
- auto range = dn_info.equal_range(oid);
+ auto range = m_dn_info.equal_range(oid);
std::vector<std::string> values;
for(auto i = range.first; i != range.second; ++i)
@@ -109,7 +109,7 @@ std::vector<std::string> X509_DN::get_attribute(const std::string& attr) const
*/
std::vector<byte> X509_DN::get_bits() const
{
- return dn_bits;
+ return m_dn_bits;
}
/*
@@ -227,8 +227,8 @@ void X509_DN::encode_into(DER_Encoder& der) const
der.start_cons(SEQUENCE);
- if(!dn_bits.empty())
- der.raw_bytes(dn_bits);
+ if(!m_dn_bits.empty())
+ der.raw_bytes(m_dn_bits);
else
{
do_ava(der, dn_info, PRINTABLE_STRING, "X520.Country");
@@ -275,7 +275,7 @@ void X509_DN::decode_from(BER_Decoder& source)
}
}
- dn_bits = bits;
+ m_dn_bits = bits;
}
namespace {
diff --git a/src/lib/asn1/x509_dn.h b/src/lib/asn1/x509_dn.h
index cf1fbc03b..12553a1a0 100644
--- a/src/lib/asn1/x509_dn.h
+++ b/src/lib/asn1/x509_dn.h
@@ -19,7 +19,7 @@ namespace Botan {
/**
* Distinguished Name
*/
-class BOTAN_DLL X509_DN : public ASN1_Object
+class BOTAN_DLL X509_DN final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -38,11 +38,11 @@ class BOTAN_DLL X509_DN : public ASN1_Object
std::vector<byte> get_bits() const;
X509_DN();
- X509_DN(const std::multimap<OID, std::string>&);
- X509_DN(const std::multimap<std::string, std::string>&);
+ explicit X509_DN(const std::multimap<OID, std::string>&);
+ explicit X509_DN(const std::multimap<std::string, std::string>&);
private:
- std::multimap<OID, ASN1_String> dn_info;
- std::vector<byte> dn_bits;
+ std::multimap<OID, ASN1_String> m_dn_info;
+ std::vector<byte> m_dn_bits;
};
bool BOTAN_DLL operator==(const X509_DN&, const X509_DN&);
diff --git a/src/lib/base/algo_registry.h b/src/lib/base/algo_registry.h
index 3b1a72d88..ebc23bfca 100644
--- a/src/lib/base/algo_registry.h
+++ b/src/lib/base/algo_registry.h
@@ -8,8 +8,10 @@
#ifndef BOTAN_ALGO_REGISTRY_H__
#define BOTAN_ALGO_REGISTRY_H__
+#include <botan/build.h>
#include <botan/types.h>
#include <botan/exceptn.h>
+#include <botan/scan_name.h>
#include <functional>
#include <mutex>
#include <vector>
@@ -22,7 +24,7 @@
#define BOTAN_WORKAROUND_GH_321
#define NOMINMAX 1
#define WIN32_LEAN_AND_MEAN 1
- #include <Windows.h>
+ #include <windows.h>
#endif
@@ -33,28 +35,28 @@ namespace Botan {
class WinCS_Mutex
{
public:
- WinCS_Mutex()
- {
- InitializeCriticalSection(&m_cs);
- }
-
- ~WinCS_Mutex()
- {
- DeleteCriticalSection(&m_cs);
- }
-
- void lock()
- {
- EnterCriticalSection(&m_cs);
- }
-
- void unlock()
- {
- LeaveCriticalSection(&m_cs);
- }
-
- private:
- CRITICAL_SECTION m_cs;
+ WinCS_Mutex()
+ {
+ ::InitializeCriticalSection(&m_cs);
+ }
+
+ ~WinCS_Mutex()
+ {
+ ::DeleteCriticalSection(&m_cs);
+ }
+
+ void lock()
+ {
+ ::EnterCriticalSection(&m_cs);
+ }
+
+ void unlock()
+ {
+ ::LeaveCriticalSection(&m_cs);
+ }
+
+ private:
+ CRITICAL_SECTION m_cs;
};
#endif
@@ -111,7 +113,7 @@ class Algo_Registry
}
catch(std::exception& e)
{
- throw Exception("Creating '" + spec.as_string() + "' failed: " + e.what());
+ throw Lookup_Error("Creating '" + spec.as_string() + "' failed: " + e.what());
}
return nullptr;
@@ -186,7 +188,7 @@ class Algo_Registry
{
std::vector<maker_fn> r;
- if(req_provider != "")
+ if(!req_provider.empty())
{
// find one explicit provider requested by user or fail
auto i = m_maker_fns.find(req_provider);
@@ -211,7 +213,7 @@ class Algo_Registry
};
template<typename T> T*
-make_a(const typename T::Spec& spec, const std::string provider = "")
+make_a(const typename T::Spec& spec, const std::string& provider = "")
{
return Algo_Registry<T>::global_registry().make(spec, provider);
}
@@ -256,16 +258,12 @@ make_new_T_1str_req(const typename Algo_Registry<T>::Spec& spec)
template<typename T, typename X> T*
make_new_T_1X(const typename Algo_Registry<T>::Spec& spec)
{
- std::unique_ptr<X> x(Algo_Registry<X>::global_registry().make(spec.arg(0)));
+ std::unique_ptr<X> x(Algo_Registry<X>::global_registry().make(Botan::SCAN_Name(spec.arg(0))));
if(!x)
throw Exception(spec.arg(0));
return new T(x.release());
}
-// Append to macros living outside of functions, so that invocations must end with a semicolon.
-// The struct is only declared to force the semicolon, it is never defined.
-#define BOTAN_FORCE_SEMICOLON struct BOTAN_DUMMY_STRUCT
-
#define BOTAN_REGISTER_TYPE(T, type, name, maker, provider, pref) \
namespace { Algo_Registry<T>::Add g_ ## type ## _reg(name, maker, provider, pref); } \
BOTAN_FORCE_SEMICOLON
diff --git a/src/lib/base/init.h b/src/lib/base/init.h
index 0c61eba6f..7709883af 100644
--- a/src/lib/base/init.h
+++ b/src/lib/base/init.h
@@ -22,7 +22,7 @@ namespace Botan {
class BOTAN_DLL LibraryInitializer
{
public:
- LibraryInitializer(const std::string& s = "") { initialize(s); }
+ explicit LibraryInitializer(const std::string& s = "") { initialize(s); }
~LibraryInitializer() { deinitialize(); }
static void initialize(const std::string& = "");
diff --git a/src/lib/base/key_spec.h b/src/lib/base/key_spec.h
index 78b6b8a23..82e0e7e6f 100644
--- a/src/lib/base/key_spec.h
+++ b/src/lib/base/key_spec.h
@@ -22,10 +22,10 @@ class BOTAN_DLL Key_Length_Specification
* Constructor for fixed length keys
* @param keylen the supported key length
*/
- Key_Length_Specification(size_t keylen) :
- min_keylen(keylen),
- max_keylen(keylen),
- keylen_mod(1)
+ explicit Key_Length_Specification(size_t keylen) :
+ m_min_keylen(keylen),
+ m_max_keylen(keylen),
+ m_keylen_mod(1)
{
}
@@ -38,9 +38,9 @@ class BOTAN_DLL Key_Length_Specification
Key_Length_Specification(size_t min_k,
size_t max_k,
size_t k_mod = 1) :
- min_keylen(min_k),
- max_keylen(max_k ? max_k : min_k),
- keylen_mod(k_mod)
+ m_min_keylen(min_k),
+ m_max_keylen(max_k ? max_k : min_k),
+ m_keylen_mod(k_mod)
{
}
@@ -50,9 +50,9 @@ class BOTAN_DLL Key_Length_Specification
*/
bool valid_keylength(size_t length) const
{
- return ((length >= min_keylen) &&
- (length <= max_keylen) &&
- (length % keylen_mod == 0));
+ return ((length >= m_min_keylen) &&
+ (length <= m_max_keylen) &&
+ (length % m_keylen_mod == 0));
}
/**
@@ -60,7 +60,7 @@ class BOTAN_DLL Key_Length_Specification
*/
size_t minimum_keylength() const
{
- return min_keylen;
+ return m_min_keylen;
}
/**
@@ -68,7 +68,7 @@ class BOTAN_DLL Key_Length_Specification
*/
size_t maximum_keylength() const
{
- return max_keylen;
+ return m_max_keylen;
}
/**
@@ -76,18 +76,18 @@ class BOTAN_DLL Key_Length_Specification
*/
size_t keylength_multiple() const
{
- return keylen_mod;
+ return m_keylen_mod;
}
Key_Length_Specification multiple(size_t n) const
{
- return Key_Length_Specification(n * min_keylen,
- n * max_keylen,
- n * keylen_mod);
+ return Key_Length_Specification(n * m_min_keylen,
+ n * m_max_keylen,
+ n * m_keylen_mod);
}
private:
- size_t min_keylen, max_keylen, keylen_mod;
+ size_t m_min_keylen, m_max_keylen, m_keylen_mod;
};
}
diff --git a/src/lib/base/scan_name.cpp b/src/lib/base/scan_name.cpp
index 2b32dc7d3..08f5e8702 100644
--- a/src/lib/base/scan_name.cpp
+++ b/src/lib/base/scan_name.cpp
@@ -63,17 +63,15 @@ deref_aliases(const std::pair<size_t, std::string>& in)
SCAN_Name::SCAN_Name(std::string algo_spec, const std::string& extra) : SCAN_Name(algo_spec)
{
- alg_name += extra;
+ m_alg_name += extra;
}
SCAN_Name::SCAN_Name(const char* algo_spec) : SCAN_Name(std::string(algo_spec))
{
}
-SCAN_Name::SCAN_Name(std::string algo_spec)
+SCAN_Name::SCAN_Name(std::string algo_spec) : m_orig_algo_spec(algo_spec), m_alg_name(), m_args(), m_mode_info()
{
- orig_algo_spec = algo_spec;
-
std::vector<std::pair<size_t, std::string> > name;
size_t level = 0;
std::pair<size_t, std::string> accum = std::make_pair(level, "");
@@ -119,7 +117,7 @@ SCAN_Name::SCAN_Name(std::string algo_spec)
if(name.size() == 0)
throw Decoding_Error(decoding_error + "Empty name");
- alg_name = name[0].second;
+ m_alg_name = name[0].second;
bool in_modes = false;
@@ -127,11 +125,11 @@ SCAN_Name::SCAN_Name(std::string algo_spec)
{
if(name[i].first == 0)
{
- mode_info.push_back(make_arg(name, i));
+ m_mode_info.push_back(make_arg(name, i));
in_modes = true;
}
else if(name[i].first == 1 && !in_modes)
- args.push_back(make_arg(name, i));
+ m_args.push_back(make_arg(name, i));
}
}
@@ -157,21 +155,21 @@ std::string SCAN_Name::arg(size_t i) const
if(i >= arg_count())
throw Invalid_Argument("SCAN_Name::arg " + std::to_string(i) +
" out of range for '" + as_string() + "'");
- return args[i];
+ return m_args[i];
}
std::string SCAN_Name::arg(size_t i, const std::string& def_value) const
{
if(i >= arg_count())
return def_value;
- return args[i];
+ return m_args[i];
}
size_t SCAN_Name::arg_as_integer(size_t i, size_t def_value) const
{
if(i >= arg_count())
return def_value;
- return to_u32bit(args[i]);
+ return to_u32bit(m_args[i]);
}
std::mutex SCAN_Name::g_alias_map_mutex;
diff --git a/src/lib/base/scan_name.h b/src/lib/base/scan_name.h
index cc89bf998..d59d5889e 100644
--- a/src/lib/base/scan_name.h
+++ b/src/lib/base/scan_name.h
@@ -26,12 +26,12 @@ class BOTAN_DLL SCAN_Name
/**
* @param algo_spec A SCAN-format name
*/
- SCAN_Name(const char* algo_spec);
+ explicit SCAN_Name(const char* algo_spec);
/**
* @param algo_spec A SCAN-format name
*/
- SCAN_Name(std::string algo_spec);
+ explicit SCAN_Name(std::string algo_spec);
/**
* @param algo_spec A SCAN-format name
@@ -41,12 +41,12 @@ class BOTAN_DLL SCAN_Name
/**
* @return original input string
*/
- const std::string& as_string() const { return orig_algo_spec; }
+ const std::string& as_string() const { return m_orig_algo_spec; }
/**
* @return algorithm name
*/
- const std::string& algo_name() const { return alg_name; }
+ const std::string& algo_name() const { return m_alg_name; }
/**
* @return algorithm name plus any arguments
@@ -61,7 +61,7 @@ class BOTAN_DLL SCAN_Name
/**
* @return number of arguments
*/
- size_t arg_count() const { return args.size(); }
+ size_t arg_count() const { return m_args.size(); }
/**
* @param lower is the lower bound
@@ -95,13 +95,13 @@ class BOTAN_DLL SCAN_Name
* @return cipher mode (if any)
*/
std::string cipher_mode() const
- { return (mode_info.size() >= 1) ? mode_info[0] : ""; }
+ { return (m_mode_info.size() >= 1) ? m_mode_info[0] : ""; }
/**
* @return cipher mode padding (if any)
*/
std::string cipher_mode_pad() const
- { return (mode_info.size() >= 2) ? mode_info[1] : ""; }
+ { return (m_mode_info.size() >= 2) ? m_mode_info[1] : ""; }
static void add_alias(const std::string& alias, const std::string& basename);
@@ -110,10 +110,10 @@ class BOTAN_DLL SCAN_Name
static std::mutex g_alias_map_mutex;
static std::map<std::string, std::string> g_alias_map;
- std::string orig_algo_spec;
- std::string alg_name;
- std::vector<std::string> args;
- std::vector<std::string> mode_info;
+ std::string m_orig_algo_spec;
+ std::string m_alg_name;
+ std::vector<std::string> m_args;
+ std::vector<std::string> m_mode_info;
};
}
diff --git a/src/lib/base/symkey.cpp b/src/lib/base/symkey.cpp
index 2f739998f..d5a02a45d 100644
--- a/src/lib/base/symkey.cpp
+++ b/src/lib/base/symkey.cpp
@@ -16,9 +16,9 @@ namespace Botan {
* Create an OctetString from RNG output
*/
OctetString::OctetString(RandomNumberGenerator& rng,
- size_t length)
+ size_t len)
{
- m_data = rng.random_vec(length);
+ m_data = rng.random_vec(len);
}
/*
diff --git a/src/lib/base/symkey.h b/src/lib/base/symkey.h
index 3b0208e51..c780e5239 100644
--- a/src/lib/base/symkey.h
+++ b/src/lib/base/symkey.h
@@ -61,7 +61,7 @@ class BOTAN_DLL OctetString
* Create a new OctetString
* @param str is a hex encoded string
*/
- OctetString(const std::string& str = "");
+ explicit OctetString(const std::string& str = "");
/**
* Create a new random OctetString
diff --git a/src/lib/block/aes/aes.cpp b/src/lib/block/aes/aes.cpp
index 0da4ff0a0..aac277b4f 100644
--- a/src/lib/block/aes/aes.cpp
+++ b/src/lib/block/aes/aes.cpp
@@ -345,6 +345,12 @@ void aes_key_schedule(const byte key[], size_t length,
secure_vector<byte>& ME,
secure_vector<byte>& MD)
{
+
+ // if length is < 4, X = 0, the first for loop is not entered and in
+ // the second for loop "RC[(i-X)/X]" = division by zero
+ // But obviously valid aes length values are only 16, 24 and 32
+ BOTAN_ASSERT( length >= 4, "aes key length has valid size" );
+
static const u32bit RC[10] = {
0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000,
0x20000000, 0x40000000, 0x80000000, 0x1B000000, 0x36000000 };
@@ -414,71 +420,71 @@ void aes_key_schedule(const byte key[], size_t length,
void AES_128::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_encrypt_n(in, out, blocks, EK, ME);
+ aes_encrypt_n(in, out, blocks, m_EK, m_ME);
}
void AES_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_decrypt_n(in, out, blocks, DK, MD);
+ aes_decrypt_n(in, out, blocks, m_DK, m_MD);
}
void AES_128::key_schedule(const byte key[], size_t length)
{
- aes_key_schedule(key, length, EK, DK, ME, MD);
+ aes_key_schedule(key, length, m_EK, m_DK, m_ME, m_MD);
}
void AES_128::clear()
{
- zap(EK);
- zap(DK);
- zap(ME);
- zap(MD);
+ zap(m_EK);
+ zap(m_DK);
+ zap(m_ME);
+ zap(m_MD);
}
void AES_192::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_encrypt_n(in, out, blocks, EK, ME);
+ aes_encrypt_n(in, out, blocks, m_EK, m_ME);
}
void AES_192::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_decrypt_n(in, out, blocks, DK, MD);
+ aes_decrypt_n(in, out, blocks, m_DK, m_MD);
}
void AES_192::key_schedule(const byte key[], size_t length)
{
- aes_key_schedule(key, length, EK, DK, ME, MD);
+ aes_key_schedule(key, length, m_EK, m_DK, m_ME, m_MD);
}
void AES_192::clear()
{
- zap(EK);
- zap(DK);
- zap(ME);
- zap(MD);
+ zap(m_EK);
+ zap(m_DK);
+ zap(m_ME);
+ zap(m_MD);
}
void AES_256::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_encrypt_n(in, out, blocks, EK, ME);
+ aes_encrypt_n(in, out, blocks, m_EK, m_ME);
}
void AES_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- aes_decrypt_n(in, out, blocks, DK, MD);
+ aes_decrypt_n(in, out, blocks, m_DK, m_MD);
}
void AES_256::key_schedule(const byte key[], size_t length)
{
- aes_key_schedule(key, length, EK, DK, ME, MD);
+ aes_key_schedule(key, length, m_EK, m_DK, m_ME, m_MD);
}
void AES_256::clear()
{
- zap(EK);
- zap(DK);
- zap(ME);
- zap(MD);
+ zap(m_EK);
+ zap(m_DK);
+ zap(m_ME);
+ zap(m_MD);
}
}
diff --git a/src/lib/block/aes/aes.h b/src/lib/block/aes/aes.h
index f8b8d2938..a058adcf1 100644
--- a/src/lib/block/aes/aes.h
+++ b/src/lib/block/aes/aes.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* AES-128
*/
-class BOTAN_DLL AES_128 : public Block_Cipher_Fixed_Params<16, 16>
+class BOTAN_DLL AES_128 final : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -28,14 +28,14 @@ class BOTAN_DLL AES_128 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u32bit> EK, DK;
- secure_vector<byte> ME, MD;
+ secure_vector<u32bit> m_EK, m_DK;
+ secure_vector<byte> m_ME, m_MD;
};
/**
* AES-192
*/
-class BOTAN_DLL AES_192 : public Block_Cipher_Fixed_Params<16, 24>
+class BOTAN_DLL AES_192 final : public Block_Cipher_Fixed_Params<16, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -48,14 +48,14 @@ class BOTAN_DLL AES_192 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u32bit> EK, DK;
- secure_vector<byte> ME, MD;
+ secure_vector<u32bit> m_EK, m_DK;
+ secure_vector<byte> m_ME, m_MD;
};
/**
* AES-256
*/
-class BOTAN_DLL AES_256 : public Block_Cipher_Fixed_Params<16, 32>
+class BOTAN_DLL AES_256 final : public Block_Cipher_Fixed_Params<16, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -68,8 +68,8 @@ class BOTAN_DLL AES_256 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u32bit> EK, DK;
- secure_vector<byte> ME, MD;
+ secure_vector<u32bit> m_EK, m_DK;
+ secure_vector<byte> m_ME, m_MD;
};
}
diff --git a/src/lib/block/aes_ni/aes_ni.cpp b/src/lib/block/aes_ni/aes_ni.cpp
index d359ec772..51b30881f 100644
--- a/src/lib/block/aes_ni/aes_ni.cpp
+++ b/src/lib/block/aes_ni/aes_ni.cpp
@@ -109,7 +109,7 @@ void AES_128_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_EK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -185,7 +185,7 @@ void AES_128_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_DK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -258,8 +258,8 @@ void AES_128_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void AES_128_NI::key_schedule(const byte key[], size_t)
{
- EK.resize(44);
- DK.resize(44);
+ m_EK.resize(44);
+ m_DK.resize(44);
#define AES_128_key_exp(K, RCON) \
aes_128_key_expansion(K, _mm_aeskeygenassist_si128(K, RCON))
@@ -276,7 +276,7 @@ void AES_128_NI::key_schedule(const byte key[], size_t)
__m128i K9 = AES_128_key_exp(K8, 0x1B);
__m128i K10 = AES_128_key_exp(K9, 0x36);
- __m128i* EK_mm = reinterpret_cast<__m128i*>(EK.data());
+ __m128i* EK_mm = reinterpret_cast<__m128i*>(m_EK.data());
_mm_storeu_si128(EK_mm , K0);
_mm_storeu_si128(EK_mm + 1, K1);
_mm_storeu_si128(EK_mm + 2, K2);
@@ -291,7 +291,7 @@ void AES_128_NI::key_schedule(const byte key[], size_t)
// Now generate decryption keys
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
_mm_storeu_si128(DK_mm , K10);
_mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(K9));
_mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(K8));
@@ -310,8 +310,8 @@ void AES_128_NI::key_schedule(const byte key[], size_t)
*/
void AES_128_NI::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
/*
@@ -322,7 +322,7 @@ void AES_192_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_EK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -404,7 +404,7 @@ void AES_192_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_DK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -483,19 +483,19 @@ void AES_192_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void AES_192_NI::key_schedule(const byte key[], size_t)
{
- EK.resize(52);
- DK.resize(52);
+ m_EK.resize(52);
+ m_DK.resize(52);
__m128i K0 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key));
__m128i K1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key + 8));
K1 = _mm_srli_si128(K1, 8);
- load_le(EK.data(), key, 6);
+ load_le(m_EK.data(), key, 6);
#define AES_192_key_exp(RCON, EK_OFF) \
aes_192_key_expansion(&K0, &K1, \
_mm_aeskeygenassist_si128(K1, RCON), \
- &EK[EK_OFF], EK_OFF == 48)
+ &m_EK[EK_OFF], EK_OFF == 48)
AES_192_key_exp(0x01, 6);
AES_192_key_exp(0x02, 12);
@@ -509,9 +509,9 @@ void AES_192_NI::key_schedule(const byte key[], size_t)
#undef AES_192_key_exp
// Now generate decryption keys
- const __m128i* EK_mm = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* EK_mm = reinterpret_cast<const __m128i*>(m_EK.data());
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
_mm_storeu_si128(DK_mm , _mm_loadu_si128(EK_mm + 12));
_mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 11)));
_mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(_mm_loadu_si128(EK_mm + 10)));
@@ -532,8 +532,8 @@ void AES_192_NI::key_schedule(const byte key[], size_t)
*/
void AES_192_NI::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
/*
@@ -544,7 +544,7 @@ void AES_256_NI::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_EK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -632,7 +632,7 @@ void AES_256_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* key_mm = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* key_mm = reinterpret_cast<const __m128i*>(m_DK.data());
__m128i K0 = _mm_loadu_si128(key_mm);
__m128i K1 = _mm_loadu_si128(key_mm + 1);
@@ -717,8 +717,8 @@ void AES_256_NI::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void AES_256_NI::key_schedule(const byte key[], size_t)
{
- EK.resize(60);
- DK.resize(60);
+ m_EK.resize(60);
+ m_DK.resize(60);
__m128i K0 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key));
__m128i K1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(key + 16));
@@ -743,7 +743,7 @@ void AES_256_NI::key_schedule(const byte key[], size_t)
__m128i K14 = aes_128_key_expansion(K12, _mm_aeskeygenassist_si128(K13, 0x40));
- __m128i* EK_mm = reinterpret_cast<__m128i*>(EK.data());
+ __m128i* EK_mm = reinterpret_cast<__m128i*>(m_EK.data());
_mm_storeu_si128(EK_mm , K0);
_mm_storeu_si128(EK_mm + 1, K1);
_mm_storeu_si128(EK_mm + 2, K2);
@@ -761,7 +761,7 @@ void AES_256_NI::key_schedule(const byte key[], size_t)
_mm_storeu_si128(EK_mm + 14, K14);
// Now generate decryption keys
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
_mm_storeu_si128(DK_mm , K14);
_mm_storeu_si128(DK_mm + 1, _mm_aesimc_si128(K13));
_mm_storeu_si128(DK_mm + 2, _mm_aesimc_si128(K12));
@@ -784,8 +784,8 @@ void AES_256_NI::key_schedule(const byte key[], size_t)
*/
void AES_256_NI::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
#undef AES_ENC_4_ROUNDS
diff --git a/src/lib/block/aes_ni/aes_ni.h b/src/lib/block/aes_ni/aes_ni.h
index 0f85c3482..296fd7fcc 100644
--- a/src/lib/block/aes_ni/aes_ni.h
+++ b/src/lib/block/aes_ni/aes_ni.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* AES-128 using AES-NI
*/
-class BOTAN_DLL AES_128_NI : public Block_Cipher_Fixed_Params<16, 16>
+class BOTAN_DLL AES_128_NI final : public Block_Cipher_Fixed_Params<16, 16>
{
public:
size_t parallelism() const override { return 4; }
@@ -29,13 +29,13 @@ class BOTAN_DLL AES_128_NI : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
/**
* AES-192 using AES-NI
*/
-class BOTAN_DLL AES_192_NI : public Block_Cipher_Fixed_Params<16, 24>
+class BOTAN_DLL AES_192_NI final : public Block_Cipher_Fixed_Params<16, 24>
{
public:
size_t parallelism() const override { return 4; }
@@ -49,13 +49,13 @@ class BOTAN_DLL AES_192_NI : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
/**
* AES-256 using AES-NI
*/
-class BOTAN_DLL AES_256_NI : public Block_Cipher_Fixed_Params<16, 32>
+class BOTAN_DLL AES_256_NI final : public Block_Cipher_Fixed_Params<16, 32>
{
public:
size_t parallelism() const override { return 4; }
@@ -69,7 +69,7 @@ class BOTAN_DLL AES_256_NI : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
}
diff --git a/src/lib/block/aes_ssse3/aes_ssse3.cpp b/src/lib/block/aes_ssse3/aes_ssse3.cpp
index bfc76ecee..54e8fcbd8 100644
--- a/src/lib/block/aes_ssse3/aes_ssse3.cpp
+++ b/src/lib/block/aes_ssse3/aes_ssse3.cpp
@@ -1,6 +1,6 @@
/*
* AES using SSSE3
-* (C) 2010 Jack Lloyd
+* (C) 2010,2016 Jack Lloyd
*
* This is more or less a direct translation of public domain x86-64
* assembly written by Mike Hamburg, described in "Accelerating AES
@@ -12,6 +12,7 @@
#include <botan/aes_ssse3.h>
#include <botan/cpuid.h>
+#include <botan/internal/ct_utils.h>
#include <tmmintrin.h>
namespace Botan {
@@ -58,8 +59,6 @@ __m128i aes_schedule_transform(__m128i input,
__m128i i_1 = _mm_and_si128(low_nibs, input);
__m128i i_2 = _mm_srli_epi32(_mm_andnot_si128(low_nibs, input), 4);
- input = _mm_and_si128(low_nibs, input);
-
return _mm_xor_si128(
_mm_shuffle_epi8(table_1, i_1),
_mm_shuffle_epi8(table_2, i_2));
@@ -343,13 +342,18 @@ void AES_128_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_EK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 10));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -360,13 +364,18 @@ void AES_128_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_DK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 10));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -379,11 +388,11 @@ void AES_128_SSSE3::key_schedule(const byte keyb[], size_t)
__m128i key = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb));
- EK.resize(11*4);
- DK.resize(11*4);
+ m_EK.resize(11*4);
+ m_DK.resize(11*4);
- __m128i* EK_mm = reinterpret_cast<__m128i*>(EK.data());
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* EK_mm = reinterpret_cast<__m128i*>(m_EK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
_mm_storeu_si128(DK_mm + 10, _mm_shuffle_epi8(key, sr[2]));
@@ -409,8 +418,8 @@ void AES_128_SSSE3::key_schedule(const byte keyb[], size_t)
void AES_128_SSSE3::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
/*
@@ -421,13 +430,18 @@ void AES_192_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_EK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 12));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -438,13 +452,18 @@ void AES_192_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_DK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 12));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -455,11 +474,11 @@ void AES_192_SSSE3::key_schedule(const byte keyb[], size_t)
__m128i rcon = _mm_set_epi32(0x702A9808, 0x4D7C7D81,
0x1F8391B9, 0xAF9DEEB6);
- EK.resize(13*4);
- DK.resize(13*4);
+ m_EK.resize(13*4);
+ m_DK.resize(13*4);
- __m128i* EK_mm = reinterpret_cast<__m128i*>(EK.data());
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* EK_mm = reinterpret_cast<__m128i*>(m_EK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
__m128i key1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb));
__m128i key2 = _mm_loadu_si128(reinterpret_cast<const __m128i*>((keyb + 8)));
@@ -516,8 +535,8 @@ void AES_192_SSSE3::key_schedule(const byte keyb[], size_t)
void AES_192_SSSE3::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
/*
@@ -528,13 +547,18 @@ void AES_256_SSSE3::encrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(EK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_EK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_encrypt(B, keys, 14));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -545,13 +569,18 @@ void AES_256_SSSE3::decrypt_n(const byte in[], byte out[], size_t blocks) const
const __m128i* in_mm = reinterpret_cast<const __m128i*>(in);
__m128i* out_mm = reinterpret_cast<__m128i*>(out);
- const __m128i* keys = reinterpret_cast<const __m128i*>(DK.data());
+ const __m128i* keys = reinterpret_cast<const __m128i*>(m_DK.data());
+
+ CT::poison(in, blocks * block_size());
for(size_t i = 0; i != blocks; ++i)
{
__m128i B = _mm_loadu_si128(in_mm + i);
_mm_storeu_si128(out_mm + i, aes_ssse3_decrypt(B, keys, 14));
}
+
+ CT::unpoison(in, blocks * block_size());
+ CT::unpoison(out, blocks * block_size());
}
/*
@@ -562,11 +591,11 @@ void AES_256_SSSE3::key_schedule(const byte keyb[], size_t)
__m128i rcon = _mm_set_epi32(0x702A9808, 0x4D7C7D81,
0x1F8391B9, 0xAF9DEEB6);
- EK.resize(15*4);
- DK.resize(15*4);
+ m_EK.resize(15*4);
+ m_DK.resize(15*4);
- __m128i* EK_mm = reinterpret_cast<__m128i*>(EK.data());
- __m128i* DK_mm = reinterpret_cast<__m128i*>(DK.data());
+ __m128i* EK_mm = reinterpret_cast<__m128i*>(m_EK.data());
+ __m128i* DK_mm = reinterpret_cast<__m128i*>(m_DK.data());
__m128i key1 = _mm_loadu_si128(reinterpret_cast<const __m128i*>(keyb));
__m128i key2 = _mm_loadu_si128(reinterpret_cast<const __m128i*>((keyb + 16)));
@@ -602,8 +631,8 @@ void AES_256_SSSE3::key_schedule(const byte keyb[], size_t)
void AES_256_SSSE3::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
}
diff --git a/src/lib/block/aes_ssse3/aes_ssse3.h b/src/lib/block/aes_ssse3/aes_ssse3.h
index 49e0346e4..8e6c40dcd 100644
--- a/src/lib/block/aes_ssse3/aes_ssse3.h
+++ b/src/lib/block/aes_ssse3/aes_ssse3.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* AES-128 using SSSE3
*/
-class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16>
+class BOTAN_DLL AES_128_SSSE3 final : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,13 +27,13 @@ class BOTAN_DLL AES_128_SSSE3 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
/**
* AES-192 using SSSE3
*/
-class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24>
+class BOTAN_DLL AES_192_SSSE3 final : public Block_Cipher_Fixed_Params<16, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -45,13 +45,13 @@ class BOTAN_DLL AES_192_SSSE3 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
/**
* AES-256 using SSSE3
*/
-class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32>
+class BOTAN_DLL AES_256_SSSE3 final : public Block_Cipher_Fixed_Params<16, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -63,7 +63,7 @@ class BOTAN_DLL AES_256_SSSE3 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
}
diff --git a/src/lib/block/block_cipher.cpp b/src/lib/block/block_cipher.cpp
index 7b52f8716..c70ba229d 100644
--- a/src/lib/block/block_cipher.cpp
+++ b/src/lib/block/block_cipher.cpp
@@ -150,7 +150,7 @@ BlockCipher::~BlockCipher() {}
std::unique_ptr<BlockCipher> BlockCipher::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<BlockCipher>(make_a<BlockCipher>(algo_spec, provider));
+ return std::unique_ptr<BlockCipher>(make_a<BlockCipher>(Botan::BlockCipher::Spec(algo_spec), provider));
}
std::vector<std::string> BlockCipher::providers(const std::string& algo_spec)
diff --git a/src/lib/block/blowfish/blowfish.cpp b/src/lib/block/blowfish/blowfish.cpp
index 0b0e685a8..e38668934 100644
--- a/src/lib/block/blowfish/blowfish.cpp
+++ b/src/lib/block/blowfish/blowfish.cpp
@@ -15,10 +15,10 @@ namespace Botan {
*/
void Blowfish::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- const u32bit* S1 = &S[0];
- const u32bit* S2 = &S[256];
- const u32bit* S3 = &S[512];
- const u32bit* S4 = &S[768];
+ const u32bit* S1 = &m_S[0];
+ const u32bit* S2 = &m_S[256];
+ const u32bit* S3 = &m_S[512];
+ const u32bit* S4 = &m_S[768];
for(size_t i = 0; i != blocks; ++i)
{
@@ -27,16 +27,16 @@ void Blowfish::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 16; j += 2)
{
- L ^= P[j];
+ L ^= m_P[j];
R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
S3[get_byte(2, L)]) + S4[get_byte(3, L)];
- R ^= P[j+1];
+ R ^= m_P[j+1];
L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
S3[get_byte(2, R)]) + S4[get_byte(3, R)];
}
- L ^= P[16]; R ^= P[17];
+ L ^= m_P[16]; R ^= m_P[17];
store_be(out, R, L);
@@ -50,10 +50,10 @@ void Blowfish::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Blowfish::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- const u32bit* S1 = &S[0];
- const u32bit* S2 = &S[256];
- const u32bit* S3 = &S[512];
- const u32bit* S4 = &S[768];
+ const u32bit* S1 = &m_S[0];
+ const u32bit* S2 = &m_S[256];
+ const u32bit* S3 = &m_S[512];
+ const u32bit* S4 = &m_S[768];
for(size_t i = 0; i != blocks; ++i)
{
@@ -62,16 +62,16 @@ void Blowfish::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 17; j != 1; j -= 2)
{
- L ^= P[j];
+ L ^= m_P[j];
R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
S3[get_byte(2, L)]) + S4[get_byte(3, L)];
- R ^= P[j-1];
+ R ^= m_P[j-1];
L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
S3[get_byte(2, R)]) + S4[get_byte(3, R)];
}
- L ^= P[1]; R ^= P[0];
+ L ^= m_P[1]; R ^= m_P[0];
store_be(out, R, L);
@@ -85,11 +85,11 @@ void Blowfish::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Blowfish::key_schedule(const byte key[], size_t length)
{
- P.resize(18);
- copy_mem(P.data(), P_INIT, 18);
+ m_P.resize(18);
+ copy_mem(m_P.data(), P_INIT, 18);
- S.resize(1024);
- copy_mem(S.data(), S_INIT, 1024);
+ m_S.resize(1024);
+ copy_mem(m_S.data(), S_INIT, 1024);
const byte null_salt[16] = { 0 };
@@ -101,12 +101,12 @@ void Blowfish::key_expansion(const byte key[],
const byte salt[16])
{
for(size_t i = 0, j = 0; i != 18; ++i, j += 4)
- P[i] ^= make_u32bit(key[(j ) % length], key[(j+1) % length],
+ m_P[i] ^= make_u32bit(key[(j ) % length], key[(j+1) % length],
key[(j+2) % length], key[(j+3) % length]);
u32bit L = 0, R = 0;
- generate_sbox(P, L, R, salt, 0);
- generate_sbox(S, L, R, salt, 2);
+ generate_sbox(m_P, L, R, salt, 0);
+ generate_sbox(m_S, L, R, salt, 2);
}
/*
@@ -130,11 +130,11 @@ void Blowfish::eks_key_schedule(const byte key[], size_t length,
throw Invalid_Argument("Requested Bcrypt work factor " +
std::to_string(workfactor) + " too large");
- P.resize(18);
- copy_mem(P.data(), P_INIT, 18);
+ m_P.resize(18);
+ copy_mem(m_P.data(), P_INIT, 18);
- S.resize(1024);
- copy_mem(S.data(), S_INIT, 1024);
+ m_S.resize(1024);
+ copy_mem(m_S.data(), S_INIT, 1024);
key_expansion(key, length, salt);
@@ -156,10 +156,10 @@ void Blowfish::generate_sbox(secure_vector<u32bit>& box,
const byte salt[16],
size_t salt_off) const
{
- const u32bit* S1 = &S[0];
- const u32bit* S2 = &S[256];
- const u32bit* S3 = &S[512];
- const u32bit* S4 = &S[768];
+ const u32bit* S1 = &m_S[0];
+ const u32bit* S2 = &m_S[256];
+ const u32bit* S3 = &m_S[512];
+ const u32bit* S4 = &m_S[768];
for(size_t i = 0; i != box.size(); i += 2)
{
@@ -168,16 +168,16 @@ void Blowfish::generate_sbox(secure_vector<u32bit>& box,
for(size_t j = 0; j != 16; j += 2)
{
- L ^= P[j];
+ L ^= m_P[j];
R ^= ((S1[get_byte(0, L)] + S2[get_byte(1, L)]) ^
S3[get_byte(2, L)]) + S4[get_byte(3, L)];
- R ^= P[j+1];
+ R ^= m_P[j+1];
L ^= ((S1[get_byte(0, R)] + S2[get_byte(1, R)]) ^
S3[get_byte(2, R)]) + S4[get_byte(3, R)];
}
- u32bit T = R; R = L ^ P[16]; L = T ^ P[17];
+ u32bit T = R; R = L ^ m_P[16]; L = T ^ m_P[17];
box[i] = L;
box[i+1] = R;
}
@@ -188,8 +188,8 @@ void Blowfish::generate_sbox(secure_vector<u32bit>& box,
*/
void Blowfish::clear()
{
- zap(P);
- zap(S);
+ zap(m_P);
+ zap(m_S);
}
}
diff --git a/src/lib/block/blowfish/blowfish.h b/src/lib/block/blowfish/blowfish.h
index e1042465f..b7deeab96 100644
--- a/src/lib/block/blowfish/blowfish.h
+++ b/src/lib/block/blowfish/blowfish.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Blowfish
*/
-class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56>
+class BOTAN_DLL Blowfish final : public Block_Cipher_Fixed_Params<8, 1, 56>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -45,7 +45,7 @@ class BOTAN_DLL Blowfish : public Block_Cipher_Fixed_Params<8, 1, 56>
static const u32bit P_INIT[18];
static const u32bit S_INIT[1024];
- secure_vector<u32bit> S, P;
+ secure_vector<u32bit> m_S, m_P;
};
}
diff --git a/src/lib/block/camellia/camellia.cpp b/src/lib/block/camellia/camellia.cpp
index e9b10c528..ac5d57d4e 100644
--- a/src/lib/block/camellia/camellia.cpp
+++ b/src/lib/block/camellia/camellia.cpp
@@ -860,62 +860,62 @@ void key_schedule(secure_vector<u64bit>& SK, const byte key[], size_t length)
void Camellia_128::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::encrypt(in, out, blocks, SK, 9);
+ Camellia_F::encrypt(in, out, blocks, m_SK, 9);
}
void Camellia_192::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::encrypt(in, out, blocks, SK, 12);
+ Camellia_F::encrypt(in, out, blocks, m_SK, 12);
}
void Camellia_256::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::encrypt(in, out, blocks, SK, 12);
+ Camellia_F::encrypt(in, out, blocks, m_SK, 12);
}
void Camellia_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::decrypt(in, out, blocks, SK, 9);
+ Camellia_F::decrypt(in, out, blocks, m_SK, 9);
}
void Camellia_192::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::decrypt(in, out, blocks, SK, 12);
+ Camellia_F::decrypt(in, out, blocks, m_SK, 12);
}
void Camellia_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- Camellia_F::decrypt(in, out, blocks, SK, 12);
+ Camellia_F::decrypt(in, out, blocks, m_SK, 12);
}
void Camellia_128::key_schedule(const byte key[], size_t length)
{
- Camellia_F::key_schedule(SK, key, length);
+ Camellia_F::key_schedule(m_SK, key, length);
}
void Camellia_192::key_schedule(const byte key[], size_t length)
{
- Camellia_F::key_schedule(SK, key, length);
+ Camellia_F::key_schedule(m_SK, key, length);
}
void Camellia_256::key_schedule(const byte key[], size_t length)
{
- Camellia_F::key_schedule(SK, key, length);
+ Camellia_F::key_schedule(m_SK, key, length);
}
void Camellia_128::clear()
{
- zap(SK);
+ zap(m_SK);
}
void Camellia_192::clear()
{
- zap(SK);
+ zap(m_SK);
}
void Camellia_256::clear()
{
- zap(SK);
+ zap(m_SK);
}
}
diff --git a/src/lib/block/camellia/camellia.h b/src/lib/block/camellia/camellia.h
index 884cb2bd7..71aa95ac6 100644
--- a/src/lib/block/camellia/camellia.h
+++ b/src/lib/block/camellia/camellia.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Camellia-128
*/
-class BOTAN_DLL Camellia_128 : public Block_Cipher_Fixed_Params<16, 16>
+class BOTAN_DLL Camellia_128 final : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,13 +27,13 @@ class BOTAN_DLL Camellia_128 : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u64bit> SK;
+ secure_vector<u64bit> m_SK;
};
/**
* Camellia-192
*/
-class BOTAN_DLL Camellia_192 : public Block_Cipher_Fixed_Params<16, 24>
+class BOTAN_DLL Camellia_192 final : public Block_Cipher_Fixed_Params<16, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -45,13 +45,13 @@ class BOTAN_DLL Camellia_192 : public Block_Cipher_Fixed_Params<16, 24>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u64bit> SK;
+ secure_vector<u64bit> m_SK;
};
/**
* Camellia-256
*/
-class BOTAN_DLL Camellia_256 : public Block_Cipher_Fixed_Params<16, 32>
+class BOTAN_DLL Camellia_256 final : public Block_Cipher_Fixed_Params<16, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -63,7 +63,7 @@ class BOTAN_DLL Camellia_256 : public Block_Cipher_Fixed_Params<16, 32>
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u64bit> SK;
+ secure_vector<u64bit> m_SK;
};
}
diff --git a/src/lib/block/cascade/cascade.h b/src/lib/block/cascade/cascade.h
index 386f1bd21..21af5bea4 100644
--- a/src/lib/block/cascade/cascade.h
+++ b/src/lib/block/cascade/cascade.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Block Cipher Cascade
*/
-class BOTAN_DLL Cascade_Cipher : public BlockCipher
+class BOTAN_DLL Cascade_Cipher final : public BlockCipher
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
diff --git a/src/lib/block/cast/cast128.cpp b/src/lib/block/cast/cast128.cpp
index 3973418a3..53f7d4611 100644
--- a/src/lib/block/cast/cast128.cpp
+++ b/src/lib/block/cast/cast128.cpp
@@ -55,22 +55,22 @@ void CAST_128::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = load_be<u32bit>(in, 0);
u32bit R = load_be<u32bit>(in, 1);
- R1(L, R, MK[ 0], RK[ 0]);
- R2(R, L, MK[ 1], RK[ 1]);
- R3(L, R, MK[ 2], RK[ 2]);
- R1(R, L, MK[ 3], RK[ 3]);
- R2(L, R, MK[ 4], RK[ 4]);
- R3(R, L, MK[ 5], RK[ 5]);
- R1(L, R, MK[ 6], RK[ 6]);
- R2(R, L, MK[ 7], RK[ 7]);
- R3(L, R, MK[ 8], RK[ 8]);
- R1(R, L, MK[ 9], RK[ 9]);
- R2(L, R, MK[10], RK[10]);
- R3(R, L, MK[11], RK[11]);
- R1(L, R, MK[12], RK[12]);
- R2(R, L, MK[13], RK[13]);
- R3(L, R, MK[14], RK[14]);
- R1(R, L, MK[15], RK[15]);
+ R1(L, R, m_MK[ 0], m_RK[ 0]);
+ R2(R, L, m_MK[ 1], m_RK[ 1]);
+ R3(L, R, m_MK[ 2], m_RK[ 2]);
+ R1(R, L, m_MK[ 3], m_RK[ 3]);
+ R2(L, R, m_MK[ 4], m_RK[ 4]);
+ R3(R, L, m_MK[ 5], m_RK[ 5]);
+ R1(L, R, m_MK[ 6], m_RK[ 6]);
+ R2(R, L, m_MK[ 7], m_RK[ 7]);
+ R3(L, R, m_MK[ 8], m_RK[ 8]);
+ R1(R, L, m_MK[ 9], m_RK[ 9]);
+ R2(L, R, m_MK[10], m_RK[10]);
+ R3(R, L, m_MK[11], m_RK[11]);
+ R1(L, R, m_MK[12], m_RK[12]);
+ R2(R, L, m_MK[13], m_RK[13]);
+ R3(L, R, m_MK[14], m_RK[14]);
+ R1(R, L, m_MK[15], m_RK[15]);
store_be(out, R, L);
@@ -89,22 +89,22 @@ void CAST_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = load_be<u32bit>(in, 0);
u32bit R = load_be<u32bit>(in, 1);
- R1(L, R, MK[15], RK[15]);
- R3(R, L, MK[14], RK[14]);
- R2(L, R, MK[13], RK[13]);
- R1(R, L, MK[12], RK[12]);
- R3(L, R, MK[11], RK[11]);
- R2(R, L, MK[10], RK[10]);
- R1(L, R, MK[ 9], RK[ 9]);
- R3(R, L, MK[ 8], RK[ 8]);
- R2(L, R, MK[ 7], RK[ 7]);
- R1(R, L, MK[ 6], RK[ 6]);
- R3(L, R, MK[ 5], RK[ 5]);
- R2(R, L, MK[ 4], RK[ 4]);
- R1(L, R, MK[ 3], RK[ 3]);
- R3(R, L, MK[ 2], RK[ 2]);
- R2(L, R, MK[ 1], RK[ 1]);
- R1(R, L, MK[ 0], RK[ 0]);
+ R1(L, R, m_MK[15], m_RK[15]);
+ R3(R, L, m_MK[14], m_RK[14]);
+ R2(L, R, m_MK[13], m_RK[13]);
+ R1(R, L, m_MK[12], m_RK[12]);
+ R3(L, R, m_MK[11], m_RK[11]);
+ R2(R, L, m_MK[10], m_RK[10]);
+ R1(L, R, m_MK[ 9], m_RK[ 9]);
+ R3(R, L, m_MK[ 8], m_RK[ 8]);
+ R2(L, R, m_MK[ 7], m_RK[ 7]);
+ R1(R, L, m_MK[ 6], m_RK[ 6]);
+ R3(L, R, m_MK[ 5], m_RK[ 5]);
+ R2(R, L, m_MK[ 4], m_RK[ 4]);
+ R1(L, R, m_MK[ 3], m_RK[ 3]);
+ R3(R, L, m_MK[ 2], m_RK[ 2]);
+ R2(L, R, m_MK[ 1], m_RK[ 1]);
+ R1(R, L, m_MK[ 0], m_RK[ 0]);
store_be(out, R, L);
@@ -118,26 +118,26 @@ void CAST_128::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void CAST_128::key_schedule(const byte key[], size_t length)
{
- MK.resize(48);
- RK.resize(48);
+ m_MK.resize(48);
+ m_RK.resize(48);
secure_vector<u32bit> X(4);
for(size_t i = 0; i != length; ++i)
X[i/4] = (X[i/4] << 8) + key[i];
- cast_ks(MK, X);
+ cast_ks(m_MK, X);
secure_vector<u32bit> RK32(48);
cast_ks(RK32, X);
for(size_t i = 0; i != 16; ++i)
- RK[i] = RK32[i] % 32;
+ m_RK[i] = RK32[i] % 32;
}
void CAST_128::clear()
{
- zap(MK);
- zap(RK);
+ zap(m_MK);
+ zap(m_RK);
}
/*
@@ -329,10 +329,10 @@ void CAST_128::cast_ks(secure_vector<u32bit>& K,
class ByteReader
{
public:
- byte operator()(size_t i) { return (X[i/4] >> (8*(3 - (i%4)))); }
- ByteReader(const u32bit* x) : X(x) {}
+ byte operator()(size_t i) { return (m_X[i/4] >> (8*(3 - (i%4)))); }
+ explicit ByteReader(const u32bit* x) : m_X(x) {}
private:
- const u32bit* X;
+ const u32bit* m_X;
};
secure_vector<u32bit> Z(4);
diff --git a/src/lib/block/cast/cast128.h b/src/lib/block/cast/cast128.h
index 2a0f4462a..2782e96b9 100644
--- a/src/lib/block/cast/cast128.h
+++ b/src/lib/block/cast/cast128.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* CAST-128
*/
-class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
+class BOTAN_DLL CAST_128 final : public Block_Cipher_Fixed_Params<8, 11, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -31,8 +31,8 @@ class BOTAN_DLL CAST_128 : public Block_Cipher_Fixed_Params<8, 11, 16>
static void cast_ks(secure_vector<u32bit>& ks,
secure_vector<u32bit>& user_key);
- secure_vector<u32bit> MK;
- secure_vector<byte> RK;
+ secure_vector<u32bit> m_MK;
+ secure_vector<byte> m_RK;
};
}
diff --git a/src/lib/block/cast/cast256.cpp b/src/lib/block/cast/cast256.cpp
index 7178dc5c1..637fdfee2 100644
--- a/src/lib/block/cast/cast256.cpp
+++ b/src/lib/block/cast/cast256.cpp
@@ -57,30 +57,30 @@ void CAST_256::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit C = load_be<u32bit>(in, 2);
u32bit D = load_be<u32bit>(in, 3);
- round1(C, D, MK[ 0], RK[ 0]); round2(B, C, MK[ 1], RK[ 1]);
- round3(A, B, MK[ 2], RK[ 2]); round1(D, A, MK[ 3], RK[ 3]);
- round1(C, D, MK[ 4], RK[ 4]); round2(B, C, MK[ 5], RK[ 5]);
- round3(A, B, MK[ 6], RK[ 6]); round1(D, A, MK[ 7], RK[ 7]);
- round1(C, D, MK[ 8], RK[ 8]); round2(B, C, MK[ 9], RK[ 9]);
- round3(A, B, MK[10], RK[10]); round1(D, A, MK[11], RK[11]);
- round1(C, D, MK[12], RK[12]); round2(B, C, MK[13], RK[13]);
- round3(A, B, MK[14], RK[14]); round1(D, A, MK[15], RK[15]);
- round1(C, D, MK[16], RK[16]); round2(B, C, MK[17], RK[17]);
- round3(A, B, MK[18], RK[18]); round1(D, A, MK[19], RK[19]);
- round1(C, D, MK[20], RK[20]); round2(B, C, MK[21], RK[21]);
- round3(A, B, MK[22], RK[22]); round1(D, A, MK[23], RK[23]);
- round1(D, A, MK[27], RK[27]); round3(A, B, MK[26], RK[26]);
- round2(B, C, MK[25], RK[25]); round1(C, D, MK[24], RK[24]);
- round1(D, A, MK[31], RK[31]); round3(A, B, MK[30], RK[30]);
- round2(B, C, MK[29], RK[29]); round1(C, D, MK[28], RK[28]);
- round1(D, A, MK[35], RK[35]); round3(A, B, MK[34], RK[34]);
- round2(B, C, MK[33], RK[33]); round1(C, D, MK[32], RK[32]);
- round1(D, A, MK[39], RK[39]); round3(A, B, MK[38], RK[38]);
- round2(B, C, MK[37], RK[37]); round1(C, D, MK[36], RK[36]);
- round1(D, A, MK[43], RK[43]); round3(A, B, MK[42], RK[42]);
- round2(B, C, MK[41], RK[41]); round1(C, D, MK[40], RK[40]);
- round1(D, A, MK[47], RK[47]); round3(A, B, MK[46], RK[46]);
- round2(B, C, MK[45], RK[45]); round1(C, D, MK[44], RK[44]);
+ round1(C, D, m_MK[ 0], m_RK[ 0]); round2(B, C, m_MK[ 1], m_RK[ 1]);
+ round3(A, B, m_MK[ 2], m_RK[ 2]); round1(D, A, m_MK[ 3], m_RK[ 3]);
+ round1(C, D, m_MK[ 4], m_RK[ 4]); round2(B, C, m_MK[ 5], m_RK[ 5]);
+ round3(A, B, m_MK[ 6], m_RK[ 6]); round1(D, A, m_MK[ 7], m_RK[ 7]);
+ round1(C, D, m_MK[ 8], m_RK[ 8]); round2(B, C, m_MK[ 9], m_RK[ 9]);
+ round3(A, B, m_MK[10], m_RK[10]); round1(D, A, m_MK[11], m_RK[11]);
+ round1(C, D, m_MK[12], m_RK[12]); round2(B, C, m_MK[13], m_RK[13]);
+ round3(A, B, m_MK[14], m_RK[14]); round1(D, A, m_MK[15], m_RK[15]);
+ round1(C, D, m_MK[16], m_RK[16]); round2(B, C, m_MK[17], m_RK[17]);
+ round3(A, B, m_MK[18], m_RK[18]); round1(D, A, m_MK[19], m_RK[19]);
+ round1(C, D, m_MK[20], m_RK[20]); round2(B, C, m_MK[21], m_RK[21]);
+ round3(A, B, m_MK[22], m_RK[22]); round1(D, A, m_MK[23], m_RK[23]);
+ round1(D, A, m_MK[27], m_RK[27]); round3(A, B, m_MK[26], m_RK[26]);
+ round2(B, C, m_MK[25], m_RK[25]); round1(C, D, m_MK[24], m_RK[24]);
+ round1(D, A, m_MK[31], m_RK[31]); round3(A, B, m_MK[30], m_RK[30]);
+ round2(B, C, m_MK[29], m_RK[29]); round1(C, D, m_MK[28], m_RK[28]);
+ round1(D, A, m_MK[35], m_RK[35]); round3(A, B, m_MK[34], m_RK[34]);
+ round2(B, C, m_MK[33], m_RK[33]); round1(C, D, m_MK[32], m_RK[32]);
+ round1(D, A, m_MK[39], m_RK[39]); round3(A, B, m_MK[38], m_RK[38]);
+ round2(B, C, m_MK[37], m_RK[37]); round1(C, D, m_MK[36], m_RK[36]);
+ round1(D, A, m_MK[43], m_RK[43]); round3(A, B, m_MK[42], m_RK[42]);
+ round2(B, C, m_MK[41], m_RK[41]); round1(C, D, m_MK[40], m_RK[40]);
+ round1(D, A, m_MK[47], m_RK[47]); round3(A, B, m_MK[46], m_RK[46]);
+ round2(B, C, m_MK[45], m_RK[45]); round1(C, D, m_MK[44], m_RK[44]);
store_be(out, A, B, C, D);
@@ -101,30 +101,30 @@ void CAST_256::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit C = load_be<u32bit>(in, 2);
u32bit D = load_be<u32bit>(in, 3);
- round1(C, D, MK[44], RK[44]); round2(B, C, MK[45], RK[45]);
- round3(A, B, MK[46], RK[46]); round1(D, A, MK[47], RK[47]);
- round1(C, D, MK[40], RK[40]); round2(B, C, MK[41], RK[41]);
- round3(A, B, MK[42], RK[42]); round1(D, A, MK[43], RK[43]);
- round1(C, D, MK[36], RK[36]); round2(B, C, MK[37], RK[37]);
- round3(A, B, MK[38], RK[38]); round1(D, A, MK[39], RK[39]);
- round1(C, D, MK[32], RK[32]); round2(B, C, MK[33], RK[33]);
- round3(A, B, MK[34], RK[34]); round1(D, A, MK[35], RK[35]);
- round1(C, D, MK[28], RK[28]); round2(B, C, MK[29], RK[29]);
- round3(A, B, MK[30], RK[30]); round1(D, A, MK[31], RK[31]);
- round1(C, D, MK[24], RK[24]); round2(B, C, MK[25], RK[25]);
- round3(A, B, MK[26], RK[26]); round1(D, A, MK[27], RK[27]);
- round1(D, A, MK[23], RK[23]); round3(A, B, MK[22], RK[22]);
- round2(B, C, MK[21], RK[21]); round1(C, D, MK[20], RK[20]);
- round1(D, A, MK[19], RK[19]); round3(A, B, MK[18], RK[18]);
- round2(B, C, MK[17], RK[17]); round1(C, D, MK[16], RK[16]);
- round1(D, A, MK[15], RK[15]); round3(A, B, MK[14], RK[14]);
- round2(B, C, MK[13], RK[13]); round1(C, D, MK[12], RK[12]);
- round1(D, A, MK[11], RK[11]); round3(A, B, MK[10], RK[10]);
- round2(B, C, MK[ 9], RK[ 9]); round1(C, D, MK[ 8], RK[ 8]);
- round1(D, A, MK[ 7], RK[ 7]); round3(A, B, MK[ 6], RK[ 6]);
- round2(B, C, MK[ 5], RK[ 5]); round1(C, D, MK[ 4], RK[ 4]);
- round1(D, A, MK[ 3], RK[ 3]); round3(A, B, MK[ 2], RK[ 2]);
- round2(B, C, MK[ 1], RK[ 1]); round1(C, D, MK[ 0], RK[ 0]);
+ round1(C, D, m_MK[44], m_RK[44]); round2(B, C, m_MK[45], m_RK[45]);
+ round3(A, B, m_MK[46], m_RK[46]); round1(D, A, m_MK[47], m_RK[47]);
+ round1(C, D, m_MK[40], m_RK[40]); round2(B, C, m_MK[41], m_RK[41]);
+ round3(A, B, m_MK[42], m_RK[42]); round1(D, A, m_MK[43], m_RK[43]);
+ round1(C, D, m_MK[36], m_RK[36]); round2(B, C, m_MK[37], m_RK[37]);
+ round3(A, B, m_MK[38], m_RK[38]); round1(D, A, m_MK[39], m_RK[39]);
+ round1(C, D, m_MK[32], m_RK[32]); round2(B, C, m_MK[33], m_RK[33]);
+ round3(A, B, m_MK[34], m_RK[34]); round1(D, A, m_MK[35], m_RK[35]);
+ round1(C, D, m_MK[28], m_RK[28]); round2(B, C, m_MK[29], m_RK[29]);
+ round3(A, B, m_MK[30], m_RK[30]); round1(D, A, m_MK[31], m_RK[31]);
+ round1(C, D, m_MK[24], m_RK[24]); round2(B, C, m_MK[25], m_RK[25]);
+ round3(A, B, m_MK[26], m_RK[26]); round1(D, A, m_MK[27], m_RK[27]);
+ round1(D, A, m_MK[23], m_RK[23]); round3(A, B, m_MK[22], m_RK[22]);
+ round2(B, C, m_MK[21], m_RK[21]); round1(C, D, m_MK[20], m_RK[20]);
+ round1(D, A, m_MK[19], m_RK[19]); round3(A, B, m_MK[18], m_RK[18]);
+ round2(B, C, m_MK[17], m_RK[17]); round1(C, D, m_MK[16], m_RK[16]);
+ round1(D, A, m_MK[15], m_RK[15]); round3(A, B, m_MK[14], m_RK[14]);
+ round2(B, C, m_MK[13], m_RK[13]); round1(C, D, m_MK[12], m_RK[12]);
+ round1(D, A, m_MK[11], m_RK[11]); round3(A, B, m_MK[10], m_RK[10]);
+ round2(B, C, m_MK[ 9], m_RK[ 9]); round1(C, D, m_MK[ 8], m_RK[ 8]);
+ round1(D, A, m_MK[ 7], m_RK[ 7]); round3(A, B, m_MK[ 6], m_RK[ 6]);
+ round2(B, C, m_MK[ 5], m_RK[ 5]); round1(C, D, m_MK[ 4], m_RK[ 4]);
+ round1(D, A, m_MK[ 3], m_RK[ 3]); round3(A, B, m_MK[ 2], m_RK[ 2]);
+ round2(B, C, m_MK[ 1], m_RK[ 1]); round1(C, D, m_MK[ 0], m_RK[ 0]);
store_be(out, A, B, C, D);
@@ -178,8 +178,8 @@ void CAST_256::key_schedule(const byte key[], size_t length)
0x07, 0x18, 0x09, 0x1A, 0x0B, 0x1C, 0x0D, 0x1E, 0x0F, 0x00,
0x11, 0x02 };
- MK.resize(48);
- RK.resize(48);
+ m_MK.resize(48);
+ m_RK.resize(48);
secure_vector<u32bit> K(8);
for(size_t i = 0; i != length; ++i)
@@ -207,21 +207,21 @@ void CAST_256::key_schedule(const byte key[], size_t length)
round1(A, B, KEY_MASK[4*i+14], KEY_ROT[(4*i+14) % 32]);
round2(H, A, KEY_MASK[4*i+15], KEY_ROT[(4*i+15) % 32]);
- RK[i ] = (A % 32);
- RK[i+1] = (C % 32);
- RK[i+2] = (E % 32);
- RK[i+3] = (G % 32);
- MK[i ] = H;
- MK[i+1] = F;
- MK[i+2] = D;
- MK[i+3] = B;
+ m_RK[i ] = (A % 32);
+ m_RK[i+1] = (C % 32);
+ m_RK[i+2] = (E % 32);
+ m_RK[i+3] = (G % 32);
+ m_MK[i ] = H;
+ m_MK[i+1] = F;
+ m_MK[i+2] = D;
+ m_MK[i+3] = B;
}
}
void CAST_256::clear()
{
- zap(MK);
- zap(RK);
+ zap(m_MK);
+ zap(m_RK);
}
}
diff --git a/src/lib/block/cast/cast256.h b/src/lib/block/cast/cast256.h
index 9f7546711..086c94331 100644
--- a/src/lib/block/cast/cast256.h
+++ b/src/lib/block/cast/cast256.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* CAST-256
*/
-class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
+class BOTAN_DLL CAST_256 final : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,8 +27,8 @@ class BOTAN_DLL CAST_256 : public Block_Cipher_Fixed_Params<16, 4, 32, 4>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> MK;
- secure_vector<byte> RK;
+ secure_vector<u32bit> m_MK;
+ secure_vector<byte> m_RK;
};
}
diff --git a/src/lib/block/des/des.cpp b/src/lib/block/des/des.cpp
index 6d2bcfe1e..88671df8d 100644
--- a/src/lib/block/des/des.cpp
+++ b/src/lib/block/des/des.cpp
@@ -154,7 +154,7 @@ void DES::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = static_cast<u32bit>(T >> 32);
u32bit R = static_cast<u32bit>(T);
- des_encrypt(L, R, round_key.data());
+ des_encrypt(L, R, m_round_key.data());
T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
(DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
@@ -184,7 +184,7 @@ void DES::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = static_cast<u32bit>(T >> 32);
u32bit R = static_cast<u32bit>(T);
- des_decrypt(L, R, round_key.data());
+ des_decrypt(L, R, m_round_key.data());
T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
(DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
@@ -205,13 +205,13 @@ void DES::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void DES::key_schedule(const byte key[], size_t)
{
- round_key.resize(32);
- des_key_schedule(round_key.data(), key);
+ m_round_key.resize(32);
+ des_key_schedule(m_round_key.data(), key);
}
void DES::clear()
{
- zap(round_key);
+ zap(m_round_key);
}
/*
@@ -229,9 +229,9 @@ void TripleDES::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = static_cast<u32bit>(T >> 32);
u32bit R = static_cast<u32bit>(T);
- des_encrypt(L, R, &round_key[0]);
- des_decrypt(R, L, &round_key[32]);
- des_encrypt(L, R, &round_key[64]);
+ des_encrypt(L, R, &m_round_key[0]);
+ des_decrypt(R, L, &m_round_key[32]);
+ des_encrypt(L, R, &m_round_key[64]);
T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
(DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
@@ -262,9 +262,9 @@ void TripleDES::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit L = static_cast<u32bit>(T >> 32);
u32bit R = static_cast<u32bit>(T);
- des_decrypt(L, R, &round_key[64]);
- des_encrypt(R, L, &round_key[32]);
- des_decrypt(L, R, &round_key[0]);
+ des_decrypt(L, R, &m_round_key[64]);
+ des_encrypt(R, L, &m_round_key[32]);
+ des_decrypt(L, R, &m_round_key[0]);
T = (DES_FPTAB1[get_byte(0, L)] << 5) | (DES_FPTAB1[get_byte(1, L)] << 3) |
(DES_FPTAB1[get_byte(2, L)] << 1) | (DES_FPTAB2[get_byte(3, L)] << 1) |
@@ -285,19 +285,19 @@ void TripleDES::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void TripleDES::key_schedule(const byte key[], size_t length)
{
- round_key.resize(3*32);
- des_key_schedule(&round_key[0], key);
- des_key_schedule(&round_key[32], key + 8);
+ m_round_key.resize(3*32);
+ des_key_schedule(&m_round_key[0], key);
+ des_key_schedule(&m_round_key[32], key + 8);
if(length == 24)
- des_key_schedule(&round_key[64], key + 16);
+ des_key_schedule(&m_round_key[64], key + 16);
else
- copy_mem(&round_key[64], &round_key[0], 32);
+ copy_mem(&m_round_key[64], &m_round_key[0], 32);
}
void TripleDES::clear()
{
- zap(round_key);
+ zap(m_round_key);
}
}
diff --git a/src/lib/block/des/des.h b/src/lib/block/des/des.h
index 1a2fdc5c9..ff31421d2 100644
--- a/src/lib/block/des/des.h
+++ b/src/lib/block/des/des.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DES
*/
-class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8>
+class BOTAN_DLL DES final : public Block_Cipher_Fixed_Params<8, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,13 +27,13 @@ class BOTAN_DLL DES : public Block_Cipher_Fixed_Params<8, 8>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> round_key;
+ secure_vector<u32bit> m_round_key;
};
/**
* Triple DES
*/
-class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8>
+class BOTAN_DLL TripleDES final : public Block_Cipher_Fixed_Params<8, 16, 24, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -45,7 +45,7 @@ class BOTAN_DLL TripleDES : public Block_Cipher_Fixed_Params<8, 16, 24, 8>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> round_key;
+ secure_vector<u32bit> m_round_key;
};
/*
diff --git a/src/lib/block/des/desx.cpp b/src/lib/block/des/desx.cpp
index f6538748c..76a50f9a2 100644
--- a/src/lib/block/des/desx.cpp
+++ b/src/lib/block/des/desx.cpp
@@ -16,9 +16,9 @@ void DESX::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- xor_buf(out, in, K1.data(), BLOCK_SIZE);
- des.encrypt(out);
- xor_buf(out, K2.data(), BLOCK_SIZE);
+ xor_buf(out, in, m_K1.data(), BLOCK_SIZE);
+ m_des.encrypt(out);
+ xor_buf(out, m_K2.data(), BLOCK_SIZE);
in += BLOCK_SIZE;
out += BLOCK_SIZE;
@@ -32,9 +32,9 @@ void DESX::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- xor_buf(out, in, K2.data(), BLOCK_SIZE);
- des.decrypt(out);
- xor_buf(out, K1.data(), BLOCK_SIZE);
+ xor_buf(out, in, m_K2.data(), BLOCK_SIZE);
+ m_des.decrypt(out);
+ xor_buf(out, m_K1.data(), BLOCK_SIZE);
in += BLOCK_SIZE;
out += BLOCK_SIZE;
@@ -46,16 +46,16 @@ void DESX::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void DESX::key_schedule(const byte key[], size_t)
{
- K1.assign(key, key + 8);
- des.set_key(key + 8, 8);
- K2.assign(key + 16, key + 24);
+ m_K1.assign(key, key + 8);
+ m_des.set_key(key + 8, 8);
+ m_K2.assign(key + 16, key + 24);
}
void DESX::clear()
{
- des.clear();
- zap(K1);
- zap(K2);
+ m_des.clear();
+ zap(m_K1);
+ zap(m_K2);
}
}
diff --git a/src/lib/block/des/desx.h b/src/lib/block/des/desx.h
index 0f155b241..f3c9ac99a 100644
--- a/src/lib/block/des/desx.h
+++ b/src/lib/block/des/desx.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DESX
*/
-class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24>
+class BOTAN_DLL DESX final : public Block_Cipher_Fixed_Params<8, 24>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -26,8 +26,8 @@ class BOTAN_DLL DESX : public Block_Cipher_Fixed_Params<8, 24>
BlockCipher* clone() const override { return new DESX; }
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<byte> K1, K2;
- DES des;
+ secure_vector<byte> m_K1, m_K2;
+ DES m_des;
};
}
diff --git a/src/lib/block/gost_28147/gost_28147.cpp b/src/lib/block/gost_28147/gost_28147.cpp
index b8c3b7280..5fa232478 100644
--- a/src/lib/block/gost_28147/gost_28147.cpp
+++ b/src/lib/block/gost_28147/gost_28147.cpp
@@ -12,12 +12,12 @@ namespace Botan {
byte GOST_28147_89_Params::sbox_entry(size_t row, size_t col) const
{
- byte x = sboxes[4 * col + (row / 2)];
+ byte x = m_sboxes[4 * col + (row / 2)];
return (row % 2 == 0) ? (x >> 4) : (x & 0x0F);
}
-GOST_28147_89_Params::GOST_28147_89_Params(const std::string& n) : name(n)
+GOST_28147_89_Params::GOST_28147_89_Params(const std::string& n) : m_name(n)
{
// Encoded in the packed fromat from RFC 4357
@@ -39,18 +39,18 @@ GOST_28147_89_Params::GOST_28147_89_Params(const std::string& n) : name(n)
0x03, 0x25, 0xEB, 0xFE, 0x9C, 0x6D, 0xF8, 0x6D, 0x2E, 0xAB, 0xDE,
0x20, 0xBA, 0x89, 0x3C, 0x92, 0xF8, 0xD3, 0x53, 0xBC };
- if(name == "R3411_94_TestParam")
- sboxes = GOST_R_3411_TEST_PARAMS;
- else if(name == "R3411_CryptoPro")
- sboxes = GOST_R_3411_CRYPTOPRO_PARAMS;
+ if(m_name == "R3411_94_TestParam")
+ m_sboxes = GOST_R_3411_TEST_PARAMS;
+ else if(m_name == "R3411_CryptoPro")
+ m_sboxes = GOST_R_3411_CRYPTOPRO_PARAMS;
else
- throw Invalid_Argument("GOST_28147_89_Params: Unknown " + name);
+ throw Invalid_Argument("GOST_28147_89_Params: Unknown " + m_name);
}
/*
* GOST Constructor
*/
-GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) : SBOX(1024)
+GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) : m_SBOX(1024)
{
// Convert the parallel 4x4 sboxes into larger word-based sboxes
for(size_t i = 0; i != 4; ++i)
@@ -58,7 +58,7 @@ GOST_28147_89::GOST_28147_89(const GOST_28147_89_Params& param) : SBOX(1024)
{
const u32bit T = (param.sbox_entry(2*i , j % 16)) |
(param.sbox_entry(2*i+1, j / 16) << 4);
- SBOX[256*i+j] = rotate_left(T, (11+8*i) % 32);
+ m_SBOX[256*i+j] = rotate_left(T, (11+8*i) % 32);
}
}
@@ -71,9 +71,9 @@ std::string GOST_28147_89::name() const
constructor, but can't break binary compat.
*/
std::string sbox_name = "";
- if(SBOX[0] == 0x00072000)
+ if(m_SBOX[0] == 0x00072000)
sbox_name = "R3411_94_TestParam";
- else if(SBOX[0] == 0x0002D000)
+ else if(m_SBOX[0] == 0x0002D000)
sbox_name = "R3411_CryptoPro";
else
throw Internal_Error("GOST-28147 unrecognized sbox value");
@@ -86,17 +86,17 @@ std::string GOST_28147_89::name() const
*/
#define GOST_2ROUND(N1, N2, R1, R2) \
do { \
- u32bit T0 = N1 + EK[R1]; \
- N2 ^= SBOX[get_byte(3, T0)] | \
- SBOX[get_byte(2, T0)+256] | \
- SBOX[get_byte(1, T0)+512] | \
- SBOX[get_byte(0, T0)+768]; \
+ u32bit T0 = N1 + m_EK[R1]; \
+ N2 ^= m_SBOX[get_byte(3, T0)] | \
+ m_SBOX[get_byte(2, T0)+256] | \
+ m_SBOX[get_byte(1, T0)+512] | \
+ m_SBOX[get_byte(0, T0)+768]; \
\
- u32bit T1 = N2 + EK[R2]; \
- N1 ^= SBOX[get_byte(3, T1)] | \
- SBOX[get_byte(2, T1)+256] | \
- SBOX[get_byte(1, T1)+512] | \
- SBOX[get_byte(0, T1)+768]; \
+ u32bit T1 = N2 + m_EK[R2]; \
+ N1 ^= m_SBOX[get_byte(3, T1)] | \
+ m_SBOX[get_byte(2, T1)+256] | \
+ m_SBOX[get_byte(1, T1)+512] | \
+ m_SBOX[get_byte(0, T1)+768]; \
} while(0)
/*
@@ -163,14 +163,14 @@ void GOST_28147_89::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void GOST_28147_89::key_schedule(const byte key[], size_t)
{
- EK.resize(8);
+ m_EK.resize(8);
for(size_t i = 0; i != 8; ++i)
- EK[i] = load_le<u32bit>(key, i);
+ m_EK[i] = load_le<u32bit>(key, i);
}
void GOST_28147_89::clear()
{
- zap(EK);
+ zap(m_EK);
}
}
diff --git a/src/lib/block/gost_28147/gost_28147.h b/src/lib/block/gost_28147/gost_28147.h
index 3cf1c4578..4105154e3 100644
--- a/src/lib/block/gost_28147/gost_28147.h
+++ b/src/lib/block/gost_28147/gost_28147.h
@@ -31,7 +31,7 @@ class BOTAN_DLL GOST_28147_89_Params
/**
* @return name of this parameter set
*/
- std::string param_name() const { return name; }
+ std::string param_name() const { return m_name; }
/**
* Default GOST parameters are the ones given in GOST R 34.11 for
@@ -42,14 +42,14 @@ class BOTAN_DLL GOST_28147_89_Params
*/
GOST_28147_89_Params(const std::string& name = "R3411_94_TestParam");
private:
- const byte* sboxes;
- std::string name;
+ const byte* m_sboxes;
+ std::string m_name;
};
/**
* GOST 28147-89
*/
-class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32>
+class BOTAN_DLL GOST_28147_89 final : public Block_Cipher_Fixed_Params<8, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -58,15 +58,15 @@ class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32>
void clear() override;
std::string name() const override;
- BlockCipher* clone() const override { return new GOST_28147_89(SBOX); }
+ BlockCipher* clone() const override { return new GOST_28147_89(m_SBOX); }
/**
* @param params the sbox parameters to use
*/
- GOST_28147_89(const GOST_28147_89_Params& params);
+ explicit GOST_28147_89(const GOST_28147_89_Params& params);
private:
- GOST_28147_89(const std::vector<u32bit>& other_SBOX) :
- SBOX(other_SBOX), EK(8) {}
+ explicit GOST_28147_89(const std::vector<u32bit>& other_SBOX) :
+ m_SBOX(other_SBOX), m_EK(8) {}
void key_schedule(const byte[], size_t) override;
@@ -74,9 +74,9 @@ class BOTAN_DLL GOST_28147_89 : public Block_Cipher_Fixed_Params<8, 32>
* The sbox is not secret, this is just a larger expansion of it
* which we generate at runtime for faster execution
*/
- std::vector<u32bit> SBOX;
+ std::vector<u32bit> m_SBOX;
- secure_vector<u32bit> EK;
+ secure_vector<u32bit> m_EK;
};
}
diff --git a/src/lib/block/idea/idea.cpp b/src/lib/block/idea/idea.cpp
index 8069e16f7..4182c59a7 100644
--- a/src/lib/block/idea/idea.cpp
+++ b/src/lib/block/idea/idea.cpp
@@ -113,7 +113,7 @@ void idea_op(const byte in[], byte out[], size_t blocks, const u16bit K[52])
*/
void IDEA::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
- idea_op(in, out, blocks, EK.data());
+ idea_op(in, out, blocks, m_EK.data());
}
/*
@@ -121,7 +121,7 @@ void IDEA::encrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void IDEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
- idea_op(in, out, blocks, DK.data());
+ idea_op(in, out, blocks, m_DK.data());
}
/*
@@ -129,54 +129,54 @@ void IDEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void IDEA::key_schedule(const byte key[], size_t)
{
- EK.resize(52);
- DK.resize(52);
+ m_EK.resize(52);
+ m_DK.resize(52);
CT::poison(key, 16);
- CT::poison(EK.data(), 52);
- CT::poison(DK.data(), 52);
+ CT::poison(m_EK.data(), 52);
+ CT::poison(m_DK.data(), 52);
for(size_t i = 0; i != 8; ++i)
- EK[i] = load_be<u16bit>(key, i);
+ m_EK[i] = load_be<u16bit>(key, i);
for(size_t i = 1, j = 8, offset = 0; j != 52; i %= 8, ++i, ++j)
{
- EK[i+7+offset] = static_cast<u16bit>((EK[(i % 8) + offset] << 9) |
- (EK[((i+1) % 8) + offset] >> 7));
+ m_EK[i+7+offset] = static_cast<u16bit>((m_EK[(i % 8) + offset] << 9) |
+ (m_EK[((i+1) % 8) + offset] >> 7));
offset += (i == 8) ? 8 : 0;
}
- DK[51] = mul_inv(EK[3]);
- DK[50] = -EK[2];
- DK[49] = -EK[1];
- DK[48] = mul_inv(EK[0]);
+ m_DK[51] = mul_inv(m_EK[3]);
+ m_DK[50] = -m_EK[2];
+ m_DK[49] = -m_EK[1];
+ m_DK[48] = mul_inv(m_EK[0]);
for(size_t i = 1, j = 4, counter = 47; i != 8; ++i, j += 6)
{
- DK[counter--] = EK[j+1];
- DK[counter--] = EK[j];
- DK[counter--] = mul_inv(EK[j+5]);
- DK[counter--] = -EK[j+3];
- DK[counter--] = -EK[j+4];
- DK[counter--] = mul_inv(EK[j+2]);
+ m_DK[counter--] = m_EK[j+1];
+ m_DK[counter--] = m_EK[j];
+ m_DK[counter--] = mul_inv(m_EK[j+5]);
+ m_DK[counter--] = -m_EK[j+3];
+ m_DK[counter--] = -m_EK[j+4];
+ m_DK[counter--] = mul_inv(m_EK[j+2]);
}
- DK[5] = EK[47];
- DK[4] = EK[46];
- DK[3] = mul_inv(EK[51]);
- DK[2] = -EK[50];
- DK[1] = -EK[49];
- DK[0] = mul_inv(EK[48]);
+ m_DK[5] = m_EK[47];
+ m_DK[4] = m_EK[46];
+ m_DK[3] = mul_inv(m_EK[51]);
+ m_DK[2] = -m_EK[50];
+ m_DK[1] = -m_EK[49];
+ m_DK[0] = mul_inv(m_EK[48]);
CT::unpoison(key, 16);
- CT::unpoison(EK.data(), 52);
- CT::unpoison(DK.data(), 52);
+ CT::unpoison(m_EK.data(), 52);
+ CT::unpoison(m_DK.data(), 52);
}
void IDEA::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
}
diff --git a/src/lib/block/idea/idea.h b/src/lib/block/idea/idea.h
index 68d4d61b0..59f98da9e 100644
--- a/src/lib/block/idea/idea.h
+++ b/src/lib/block/idea/idea.h
@@ -28,17 +28,17 @@ class BOTAN_DLL IDEA : public Block_Cipher_Fixed_Params<8, 16>
/**
* @return const reference to encryption subkeys
*/
- const secure_vector<u16bit>& get_EK() const { return EK; }
+ const secure_vector<u16bit>& get_EK() const { return m_EK; }
/**
* @return const reference to decryption subkeys
*/
- const secure_vector<u16bit>& get_DK() const { return DK; }
+ const secure_vector<u16bit>& get_DK() const { return m_DK; }
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u16bit> EK, DK;
+ secure_vector<u16bit> m_EK, m_DK;
};
}
diff --git a/src/lib/block/idea_sse2/idea_sse2.h b/src/lib/block/idea_sse2/idea_sse2.h
index 18ea7c74d..9e0df9925 100644
--- a/src/lib/block/idea_sse2/idea_sse2.h
+++ b/src/lib/block/idea_sse2/idea_sse2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* IDEA in SSE2
*/
-class BOTAN_DLL IDEA_SSE2 : public IDEA
+class BOTAN_DLL IDEA_SSE2 final : public IDEA
{
public:
size_t parallelism() const override { return 8; }
diff --git a/src/lib/block/kasumi/kasumi.cpp b/src/lib/block/kasumi/kasumi.cpp
index 604d2d21a..014987bc6 100644
--- a/src/lib/block/kasumi/kasumi.cpp
+++ b/src/lib/block/kasumi/kasumi.cpp
@@ -119,7 +119,7 @@ void KASUMI::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 8; j += 2)
{
- const u16bit* K = &EK[8*j];
+ const u16bit* K = &m_EK[8*j];
u16bit R = B1 ^ (rotate_left(B0, 1) & K[0]);
u16bit L = B0 ^ (rotate_left(R, 1) | K[1]);
@@ -163,7 +163,7 @@ void KASUMI::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 8; j += 2)
{
- const u16bit* K = &EK[8*(6-j)];
+ const u16bit* K = &m_EK[8*(6-j)];
u16bit L = B2, R = B3;
@@ -210,24 +210,24 @@ void KASUMI::key_schedule(const byte key[], size_t)
K[i+8] = K[i] ^ RC[i];
}
- EK.resize(64);
+ m_EK.resize(64);
for(size_t i = 0; i != 8; ++i)
{
- EK[8*i ] = rotate_left(K[(i+0) % 8 ], 2);
- EK[8*i+1] = rotate_left(K[(i+2) % 8 + 8], 1);
- EK[8*i+2] = rotate_left(K[(i+1) % 8 ], 5);
- EK[8*i+3] = K[(i+4) % 8 + 8];
- EK[8*i+4] = rotate_left(K[(i+5) % 8 ], 8);
- EK[8*i+5] = K[(i+3) % 8 + 8];
- EK[8*i+6] = rotate_left(K[(i+6) % 8 ], 13);
- EK[8*i+7] = K[(i+7) % 8 + 8];
+ m_EK[8*i ] = rotate_left(K[(i+0) % 8 ], 2);
+ m_EK[8*i+1] = rotate_left(K[(i+2) % 8 + 8], 1);
+ m_EK[8*i+2] = rotate_left(K[(i+1) % 8 ], 5);
+ m_EK[8*i+3] = K[(i+4) % 8 + 8];
+ m_EK[8*i+4] = rotate_left(K[(i+5) % 8 ], 8);
+ m_EK[8*i+5] = K[(i+3) % 8 + 8];
+ m_EK[8*i+6] = rotate_left(K[(i+6) % 8 ], 13);
+ m_EK[8*i+7] = K[(i+7) % 8 + 8];
}
}
void KASUMI::clear()
{
- zap(EK);
+ zap(m_EK);
}
}
diff --git a/src/lib/block/kasumi/kasumi.h b/src/lib/block/kasumi/kasumi.h
index 9f86279af..24fd83050 100644
--- a/src/lib/block/kasumi/kasumi.h
+++ b/src/lib/block/kasumi/kasumi.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* KASUMI, the block cipher used in 3G telephony
*/
-class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16>
+class BOTAN_DLL KASUMI final : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,7 +27,7 @@ class BOTAN_DLL KASUMI : public Block_Cipher_Fixed_Params<8, 16>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u16bit> EK;
+ secure_vector<u16bit> m_EK;
};
}
diff --git a/src/lib/block/lion/lion.cpp b/src/lib/block/lion/lion.cpp
index 559816aea..7ae620504 100644
--- a/src/lib/block/lion/lion.cpp
+++ b/src/lib/block/lion/lion.cpp
@@ -130,8 +130,8 @@ void Lion::clear()
/*
* Lion Constructor
*/
-Lion::Lion(HashFunction* hash, StreamCipher* cipher, size_t block_size) :
- m_block_size(std::max<size_t>(2*hash->output_length() + 1, block_size)),
+Lion::Lion(HashFunction* hash, StreamCipher* cipher, size_t bs) :
+ m_block_size(std::max<size_t>(2*hash->output_length() + 1, bs)),
m_hash(hash),
m_cipher(cipher)
{
diff --git a/src/lib/block/lion/lion.h b/src/lib/block/lion/lion.h
index 116fa911b..f22f0f8a8 100644
--- a/src/lib/block/lion/lion.h
+++ b/src/lib/block/lion/lion.h
@@ -22,7 +22,7 @@ namespace Botan {
* http://www.cl.cam.ac.uk/~rja14/Papers/bear-lion.pdf
*/
-class BOTAN_DLL Lion : public BlockCipher
+class BOTAN_DLL Lion final : public BlockCipher
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
diff --git a/src/lib/block/mars/mars.cpp b/src/lib/block/mars/mars.cpp
index becbbf2db..4605be415 100644
--- a/src/lib/block/mars/mars.cpp
+++ b/src/lib/block/mars/mars.cpp
@@ -216,7 +216,7 @@ u32bit gen_mask(u32bit input)
if(value == 0 || value == 0x3FF)
{
- mask |= 1 << j;
+ mask |= static_cast<u32bit>(1) << j;
break;
}
}
@@ -235,34 +235,34 @@ void MARS::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- u32bit A = load_le<u32bit>(in, 0) + EK[0];
- u32bit B = load_le<u32bit>(in, 1) + EK[1];
- u32bit C = load_le<u32bit>(in, 2) + EK[2];
- u32bit D = load_le<u32bit>(in, 3) + EK[3];
+ u32bit A = load_le<u32bit>(in, 0) + m_EK[0];
+ u32bit B = load_le<u32bit>(in, 1) + m_EK[1];
+ u32bit C = load_le<u32bit>(in, 2) + m_EK[2];
+ u32bit D = load_le<u32bit>(in, 3) + m_EK[3];
forward_mix(A, B, C, D);
- encrypt_round(A, B, C, D, EK[ 4], EK[ 5]);
- encrypt_round(B, C, D, A, EK[ 6], EK[ 7]);
- encrypt_round(C, D, A, B, EK[ 8], EK[ 9]);
- encrypt_round(D, A, B, C, EK[10], EK[11]);
- encrypt_round(A, B, C, D, EK[12], EK[13]);
- encrypt_round(B, C, D, A, EK[14], EK[15]);
- encrypt_round(C, D, A, B, EK[16], EK[17]);
- encrypt_round(D, A, B, C, EK[18], EK[19]);
-
- encrypt_round(A, D, C, B, EK[20], EK[21]);
- encrypt_round(B, A, D, C, EK[22], EK[23]);
- encrypt_round(C, B, A, D, EK[24], EK[25]);
- encrypt_round(D, C, B, A, EK[26], EK[27]);
- encrypt_round(A, D, C, B, EK[28], EK[29]);
- encrypt_round(B, A, D, C, EK[30], EK[31]);
- encrypt_round(C, B, A, D, EK[32], EK[33]);
- encrypt_round(D, C, B, A, EK[34], EK[35]);
+ encrypt_round(A, B, C, D, m_EK[ 4], m_EK[ 5]);
+ encrypt_round(B, C, D, A, m_EK[ 6], m_EK[ 7]);
+ encrypt_round(C, D, A, B, m_EK[ 8], m_EK[ 9]);
+ encrypt_round(D, A, B, C, m_EK[10], m_EK[11]);
+ encrypt_round(A, B, C, D, m_EK[12], m_EK[13]);
+ encrypt_round(B, C, D, A, m_EK[14], m_EK[15]);
+ encrypt_round(C, D, A, B, m_EK[16], m_EK[17]);
+ encrypt_round(D, A, B, C, m_EK[18], m_EK[19]);
+
+ encrypt_round(A, D, C, B, m_EK[20], m_EK[21]);
+ encrypt_round(B, A, D, C, m_EK[22], m_EK[23]);
+ encrypt_round(C, B, A, D, m_EK[24], m_EK[25]);
+ encrypt_round(D, C, B, A, m_EK[26], m_EK[27]);
+ encrypt_round(A, D, C, B, m_EK[28], m_EK[29]);
+ encrypt_round(B, A, D, C, m_EK[30], m_EK[31]);
+ encrypt_round(C, B, A, D, m_EK[32], m_EK[33]);
+ encrypt_round(D, C, B, A, m_EK[34], m_EK[35]);
reverse_mix(A, B, C, D);
- A -= EK[36]; B -= EK[37]; C -= EK[38]; D -= EK[39];
+ A -= m_EK[36]; B -= m_EK[37]; C -= m_EK[38]; D -= m_EK[39];
store_le(out, A, B, C, D);
@@ -278,34 +278,34 @@ void MARS::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- u32bit A = load_le<u32bit>(in, 3) + EK[39];
- u32bit B = load_le<u32bit>(in, 2) + EK[38];
- u32bit C = load_le<u32bit>(in, 1) + EK[37];
- u32bit D = load_le<u32bit>(in, 0) + EK[36];
+ u32bit A = load_le<u32bit>(in, 3) + m_EK[39];
+ u32bit B = load_le<u32bit>(in, 2) + m_EK[38];
+ u32bit C = load_le<u32bit>(in, 1) + m_EK[37];
+ u32bit D = load_le<u32bit>(in, 0) + m_EK[36];
forward_mix(A, B, C, D);
- decrypt_round(A, B, C, D, EK[35], EK[34]);
- decrypt_round(B, C, D, A, EK[33], EK[32]);
- decrypt_round(C, D, A, B, EK[31], EK[30]);
- decrypt_round(D, A, B, C, EK[29], EK[28]);
- decrypt_round(A, B, C, D, EK[27], EK[26]);
- decrypt_round(B, C, D, A, EK[25], EK[24]);
- decrypt_round(C, D, A, B, EK[23], EK[22]);
- decrypt_round(D, A, B, C, EK[21], EK[20]);
-
- decrypt_round(A, D, C, B, EK[19], EK[18]);
- decrypt_round(B, A, D, C, EK[17], EK[16]);
- decrypt_round(C, B, A, D, EK[15], EK[14]);
- decrypt_round(D, C, B, A, EK[13], EK[12]);
- decrypt_round(A, D, C, B, EK[11], EK[10]);
- decrypt_round(B, A, D, C, EK[ 9], EK[ 8]);
- decrypt_round(C, B, A, D, EK[ 7], EK[ 6]);
- decrypt_round(D, C, B, A, EK[ 5], EK[ 4]);
+ decrypt_round(A, B, C, D, m_EK[35], m_EK[34]);
+ decrypt_round(B, C, D, A, m_EK[33], m_EK[32]);
+ decrypt_round(C, D, A, B, m_EK[31], m_EK[30]);
+ decrypt_round(D, A, B, C, m_EK[29], m_EK[28]);
+ decrypt_round(A, B, C, D, m_EK[27], m_EK[26]);
+ decrypt_round(B, C, D, A, m_EK[25], m_EK[24]);
+ decrypt_round(C, D, A, B, m_EK[23], m_EK[22]);
+ decrypt_round(D, A, B, C, m_EK[21], m_EK[20]);
+
+ decrypt_round(A, D, C, B, m_EK[19], m_EK[18]);
+ decrypt_round(B, A, D, C, m_EK[17], m_EK[16]);
+ decrypt_round(C, B, A, D, m_EK[15], m_EK[14]);
+ decrypt_round(D, C, B, A, m_EK[13], m_EK[12]);
+ decrypt_round(A, D, C, B, m_EK[11], m_EK[10]);
+ decrypt_round(B, A, D, C, m_EK[ 9], m_EK[ 8]);
+ decrypt_round(C, B, A, D, m_EK[ 7], m_EK[ 6]);
+ decrypt_round(D, C, B, A, m_EK[ 5], m_EK[ 4]);
reverse_mix(A, B, C, D);
- A -= EK[3]; B -= EK[2]; C -= EK[1]; D -= EK[0];
+ A -= m_EK[3]; B -= m_EK[2]; C -= m_EK[1]; D -= m_EK[0];
store_le(out, D, C, B, A);
@@ -325,7 +325,7 @@ void MARS::key_schedule(const byte key[], size_t length)
T[length / 4] = static_cast<u32bit>(length) / 4;
- EK.resize(40);
+ m_EK.resize(40);
for(u32bit i = 0; i != 4; ++i)
{
@@ -364,29 +364,29 @@ void MARS::key_schedule(const byte key[], size_t length)
T[14] = rotate_left(T[14] + SBOX[T[13] % 512], 9);
}
- EK[10*i + 0] = T[ 0];
- EK[10*i + 1] = T[ 4];
- EK[10*i + 2] = T[ 8];
- EK[10*i + 3] = T[12];
- EK[10*i + 4] = T[ 1];
- EK[10*i + 5] = T[ 5];
- EK[10*i + 6] = T[ 9];
- EK[10*i + 7] = T[13];
- EK[10*i + 8] = T[ 2];
- EK[10*i + 9] = T[ 6];
+ m_EK[10*i + 0] = T[ 0];
+ m_EK[10*i + 1] = T[ 4];
+ m_EK[10*i + 2] = T[ 8];
+ m_EK[10*i + 3] = T[12];
+ m_EK[10*i + 4] = T[ 1];
+ m_EK[10*i + 5] = T[ 5];
+ m_EK[10*i + 6] = T[ 9];
+ m_EK[10*i + 7] = T[13];
+ m_EK[10*i + 8] = T[ 2];
+ m_EK[10*i + 9] = T[ 6];
}
for(size_t i = 5; i != 37; i += 2)
{
- const u32bit key3 = EK[i] & 3;
- EK[i] |= 3;
- EK[i] ^= rotate_left(SBOX[265 + key3], EK[i-1] % 32) & gen_mask(EK[i]);
+ const u32bit key3 = m_EK[i] & 3;
+ m_EK[i] |= 3;
+ m_EK[i] ^= rotate_left(SBOX[265 + key3], m_EK[i-1] % 32) & gen_mask(m_EK[i]);
}
}
void MARS::clear()
{
- zap(EK);
+ zap(m_EK);
}
}
diff --git a/src/lib/block/mars/mars.h b/src/lib/block/mars/mars.h
index 250fd2731..a4d7a07d6 100644
--- a/src/lib/block/mars/mars.h
+++ b/src/lib/block/mars/mars.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MARS, IBM's candidate for AES
*/
-class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4>
+class BOTAN_DLL MARS final : public Block_Cipher_Fixed_Params<16, 16, 32, 4>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,7 +27,7 @@ class BOTAN_DLL MARS : public Block_Cipher_Fixed_Params<16, 16, 32, 4>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK;
+ secure_vector<u32bit> m_EK;
};
}
diff --git a/src/lib/block/misty1/misty1.cpp b/src/lib/block/misty1/misty1.cpp
index 490eec826..7f8ac7c76 100644
--- a/src/lib/block/misty1/misty1.cpp
+++ b/src/lib/block/misty1/misty1.cpp
@@ -113,7 +113,7 @@ void MISTY1::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 12; j += 3)
{
- const u16bit* RK = &EK[8 * j];
+ const u16bit* RK = &m_EK[8 * j];
B1 ^= B0 & RK[0];
B0 ^= B1 | RK[1];
@@ -137,10 +137,10 @@ void MISTY1::encrypt_n(const byte in[], byte out[], size_t blocks) const
B1 ^= T0;
}
- B1 ^= B0 & EK[96];
- B0 ^= B1 | EK[97];
- B3 ^= B2 & EK[98];
- B2 ^= B3 | EK[99];
+ B1 ^= B0 & m_EK[96];
+ B0 ^= B1 | m_EK[97];
+ B3 ^= B2 & m_EK[98];
+ B2 ^= B3 | m_EK[99];
store_be(out, B2, B3, B0, B1);
@@ -163,7 +163,7 @@ void MISTY1::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 12; j += 3)
{
- const u16bit* RK = &DK[8 * j];
+ const u16bit* RK = &m_DK[8 * j];
B2 ^= B3 | RK[0];
B3 ^= B2 & RK[1];
@@ -187,10 +187,10 @@ void MISTY1::decrypt_n(const byte in[], byte out[], size_t blocks) const
B3 ^= T0;
}
- B2 ^= B3 | DK[96];
- B3 ^= B2 & DK[97];
- B0 ^= B1 | DK[98];
- B1 ^= B0 & DK[99];
+ B2 ^= B3 | m_DK[96];
+ B3 ^= B2 & m_DK[97];
+ B0 ^= B1 | m_DK[98];
+ B1 ^= B0 & m_DK[99];
store_be(out, B0, B1, B2, B3);
@@ -241,20 +241,20 @@ void MISTY1::key_schedule(const byte key[], size_t length)
0x1C, 0x05, 0x00, 0x15, 0x1D, 0x02, 0x11, 0x19, 0x07, 0x13, 0x1B, 0x04,
0x04, 0x0A, 0x0E, 0x00 };
- EK.resize(100);
- DK.resize(100);
+ m_EK.resize(100);
+ m_DK.resize(100);
for(size_t i = 0; i != 100; ++i)
{
- EK[i] = KS[EK_ORDER[i]];
- DK[i] = KS[DK_ORDER[i]];
+ m_EK[i] = KS[EK_ORDER[i]];
+ m_DK[i] = KS[DK_ORDER[i]];
}
}
void MISTY1::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
}
diff --git a/src/lib/block/misty1/misty1.h b/src/lib/block/misty1/misty1.h
index 56153f929..791ace6aa 100644
--- a/src/lib/block/misty1/misty1.h
+++ b/src/lib/block/misty1/misty1.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MISTY1 with 8 rounds
*/
-class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16>
+class BOTAN_DLL MISTY1 final : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,7 +27,7 @@ class BOTAN_DLL MISTY1 : public Block_Cipher_Fixed_Params<8, 16>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u16bit> EK, DK;
+ secure_vector<u16bit> m_EK, m_DK;
};
}
diff --git a/src/lib/block/noekeon/noekeon.cpp b/src/lib/block/noekeon/noekeon.cpp
index d63ec3129..01f7491f3 100644
--- a/src/lib/block/noekeon/noekeon.cpp
+++ b/src/lib/block/noekeon/noekeon.cpp
@@ -95,7 +95,7 @@ void Noekeon::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 16; ++j)
{
A0 ^= RC[j];
- theta(A0, A1, A2, A3, EK.data());
+ theta(A0, A1, A2, A3, m_EK.data());
A1 = rotate_left(A1, 1);
A2 = rotate_left(A2, 5);
@@ -109,7 +109,7 @@ void Noekeon::encrypt_n(const byte in[], byte out[], size_t blocks) const
}
A0 ^= RC[16];
- theta(A0, A1, A2, A3, EK.data());
+ theta(A0, A1, A2, A3, m_EK.data());
store_be(out, A0, A1, A2, A3);
@@ -132,7 +132,7 @@ void Noekeon::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 16; j != 0; --j)
{
- theta(A0, A1, A2, A3, DK.data());
+ theta(A0, A1, A2, A3, m_DK.data());
A0 ^= RC[j];
A1 = rotate_left(A1, 1);
@@ -146,7 +146,7 @@ void Noekeon::decrypt_n(const byte in[], byte out[], size_t blocks) const
A3 = rotate_right(A3, 2);
}
- theta(A0, A1, A2, A3, DK.data());
+ theta(A0, A1, A2, A3, m_DK.data());
A0 ^= RC[0];
store_be(out, A0, A1, A2, A3);
@@ -184,19 +184,19 @@ void Noekeon::key_schedule(const byte key[], size_t)
A0 ^= RC[16];
- DK.resize(4);
- DK[0] = A0;
- DK[1] = A1;
- DK[2] = A2;
- DK[3] = A3;
+ m_DK.resize(4);
+ m_DK[0] = A0;
+ m_DK[1] = A1;
+ m_DK[2] = A2;
+ m_DK[3] = A3;
theta(A0, A1, A2, A3);
- EK.resize(4);
- EK[0] = A0;
- EK[1] = A1;
- EK[2] = A2;
- EK[3] = A3;
+ m_EK.resize(4);
+ m_EK[0] = A0;
+ m_EK[1] = A1;
+ m_EK[2] = A2;
+ m_EK[3] = A3;
}
/*
@@ -204,8 +204,8 @@ void Noekeon::key_schedule(const byte key[], size_t)
*/
void Noekeon::clear()
{
- zap(EK);
- zap(DK);
+ zap(m_EK);
+ zap(m_DK);
}
}
diff --git a/src/lib/block/noekeon/noekeon.h b/src/lib/block/noekeon/noekeon.h
index 7b5b6d11b..4a3b9de0c 100644
--- a/src/lib/block/noekeon/noekeon.h
+++ b/src/lib/block/noekeon/noekeon.h
@@ -33,16 +33,16 @@ class BOTAN_DLL Noekeon : public Block_Cipher_Fixed_Params<16, 16>
/**
* @return const reference to encryption subkeys
*/
- const secure_vector<u32bit>& get_EK() const { return EK; }
+ const secure_vector<u32bit>& get_EK() const { return m_EK; }
/**
* @return const reference to decryption subkeys
*/
- const secure_vector<u32bit>& get_DK() const { return DK; }
+ const secure_vector<u32bit>& get_DK() const { return m_DK; }
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK, DK;
+ secure_vector<u32bit> m_EK, m_DK;
};
}
diff --git a/src/lib/block/noekeon_simd/noekeon_simd.h b/src/lib/block/noekeon_simd/noekeon_simd.h
index 8d40d13dd..7907fc4ca 100644
--- a/src/lib/block/noekeon_simd/noekeon_simd.h
+++ b/src/lib/block/noekeon_simd/noekeon_simd.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Noekeon implementation using SIMD operations
*/
-class BOTAN_DLL Noekeon_SIMD : public Noekeon
+class BOTAN_DLL Noekeon_SIMD final : public Noekeon
{
public:
size_t parallelism() const override { return 4; }
diff --git a/src/lib/block/rc2/rc2.cpp b/src/lib/block/rc2/rc2.cpp
index bcd8475e3..112c6561d 100644
--- a/src/lib/block/rc2/rc2.cpp
+++ b/src/lib/block/rc2/rc2.cpp
@@ -24,24 +24,24 @@ void RC2::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 16; ++j)
{
- R0 += (R1 & ~R3) + (R2 & R3) + K[4*j];
+ R0 += (R1 & ~R3) + (R2 & R3) + m_K[4*j];
R0 = rotate_left(R0, 1);
- R1 += (R2 & ~R0) + (R3 & R0) + K[4*j + 1];
+ R1 += (R2 & ~R0) + (R3 & R0) + m_K[4*j + 1];
R1 = rotate_left(R1, 2);
- R2 += (R3 & ~R1) + (R0 & R1) + K[4*j + 2];
+ R2 += (R3 & ~R1) + (R0 & R1) + m_K[4*j + 2];
R2 = rotate_left(R2, 3);
- R3 += (R0 & ~R2) + (R1 & R2) + K[4*j + 3];
+ R3 += (R0 & ~R2) + (R1 & R2) + m_K[4*j + 3];
R3 = rotate_left(R3, 5);
if(j == 4 || j == 10)
{
- R0 += K[R3 % 64];
- R1 += K[R0 % 64];
- R2 += K[R1 % 64];
- R3 += K[R2 % 64];
+ R0 += m_K[R3 % 64];
+ R1 += m_K[R0 % 64];
+ R2 += m_K[R1 % 64];
+ R3 += m_K[R2 % 64];
}
}
@@ -67,23 +67,23 @@ void RC2::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 16; ++j)
{
R3 = rotate_right(R3, 5);
- R3 -= (R0 & ~R2) + (R1 & R2) + K[63 - (4*j + 0)];
+ R3 -= (R0 & ~R2) + (R1 & R2) + m_K[63 - (4*j + 0)];
R2 = rotate_right(R2, 3);
- R2 -= (R3 & ~R1) + (R0 & R1) + K[63 - (4*j + 1)];
+ R2 -= (R3 & ~R1) + (R0 & R1) + m_K[63 - (4*j + 1)];
R1 = rotate_right(R1, 2);
- R1 -= (R2 & ~R0) + (R3 & R0) + K[63 - (4*j + 2)];
+ R1 -= (R2 & ~R0) + (R3 & R0) + m_K[63 - (4*j + 2)];
R0 = rotate_right(R0, 1);
- R0 -= (R1 & ~R3) + (R2 & R3) + K[63 - (4*j + 3)];
+ R0 -= (R1 & ~R3) + (R2 & R3) + m_K[63 - (4*j + 3)];
if(j == 4 || j == 10)
{
- R3 -= K[R2 % 64];
- R2 -= K[R1 % 64];
- R1 -= K[R0 % 64];
- R0 -= K[R3 % 64];
+ R3 -= m_K[R2 % 64];
+ R2 -= m_K[R1 % 64];
+ R1 -= m_K[R0 % 64];
+ R0 -= m_K[R3 % 64];
}
}
@@ -134,13 +134,13 @@ void RC2::key_schedule(const byte key[], size_t length)
for(s32bit i = 127-length; i >= 0; --i)
L[i] = TABLE[L[i+1] ^ L[i+length]];
- K.resize(64);
- load_le<u16bit>(K.data(), L.data(), 64);
+ m_K.resize(64);
+ load_le<u16bit>(m_K.data(), L.data(), 64);
}
void RC2::clear()
{
- zap(K);
+ zap(m_K);
}
/*
diff --git a/src/lib/block/rc2/rc2.h b/src/lib/block/rc2/rc2.h
index 11956f408..9ec9b9557 100644
--- a/src/lib/block/rc2/rc2.h
+++ b/src/lib/block/rc2/rc2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC2
*/
-class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32>
+class BOTAN_DLL RC2 final : public Block_Cipher_Fixed_Params<8, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -34,7 +34,7 @@ class BOTAN_DLL RC2 : public Block_Cipher_Fixed_Params<8, 1, 32>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u16bit> K;
+ secure_vector<u16bit> m_K;
};
}
diff --git a/src/lib/block/rc5/rc5.cpp b/src/lib/block/rc5/rc5.cpp
index a32efd775..a02a45e9f 100644
--- a/src/lib/block/rc5/rc5.cpp
+++ b/src/lib/block/rc5/rc5.cpp
@@ -21,20 +21,20 @@ void RC5::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit A = load_le<u32bit>(in, 0);
u32bit B = load_le<u32bit>(in, 1);
- A += S[0]; B += S[1];
- for(size_t j = 0; j != rounds; j += 4)
+ A += m_S[0]; B += m_S[1];
+ for(size_t j = 0; j != m_rounds; j += 4)
{
- A = rotate_left(A ^ B, B % 32) + S[2*j+2];
- B = rotate_left(B ^ A, A % 32) + S[2*j+3];
+ A = rotate_left(A ^ B, B % 32) + m_S[2*j+2];
+ B = rotate_left(B ^ A, A % 32) + m_S[2*j+3];
- A = rotate_left(A ^ B, B % 32) + S[2*j+4];
- B = rotate_left(B ^ A, A % 32) + S[2*j+5];
+ A = rotate_left(A ^ B, B % 32) + m_S[2*j+4];
+ B = rotate_left(B ^ A, A % 32) + m_S[2*j+5];
- A = rotate_left(A ^ B, B % 32) + S[2*j+6];
- B = rotate_left(B ^ A, A % 32) + S[2*j+7];
+ A = rotate_left(A ^ B, B % 32) + m_S[2*j+6];
+ B = rotate_left(B ^ A, A % 32) + m_S[2*j+7];
- A = rotate_left(A ^ B, B % 32) + S[2*j+8];
- B = rotate_left(B ^ A, A % 32) + S[2*j+9];
+ A = rotate_left(A ^ B, B % 32) + m_S[2*j+8];
+ B = rotate_left(B ^ A, A % 32) + m_S[2*j+9];
}
store_le(out, A, B);
@@ -54,21 +54,21 @@ void RC5::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit A = load_le<u32bit>(in, 0);
u32bit B = load_le<u32bit>(in, 1);
- for(size_t j = rounds; j != 0; j -= 4)
+ for(size_t j = m_rounds; j != 0; j -= 4)
{
- B = rotate_right(B - S[2*j+1], A % 32) ^ A;
- A = rotate_right(A - S[2*j ], B % 32) ^ B;
+ B = rotate_right(B - m_S[2*j+1], A % 32) ^ A;
+ A = rotate_right(A - m_S[2*j ], B % 32) ^ B;
- B = rotate_right(B - S[2*j-1], A % 32) ^ A;
- A = rotate_right(A - S[2*j-2], B % 32) ^ B;
+ B = rotate_right(B - m_S[2*j-1], A % 32) ^ A;
+ A = rotate_right(A - m_S[2*j-2], B % 32) ^ B;
- B = rotate_right(B - S[2*j-3], A % 32) ^ A;
- A = rotate_right(A - S[2*j-4], B % 32) ^ B;
+ B = rotate_right(B - m_S[2*j-3], A % 32) ^ A;
+ A = rotate_right(A - m_S[2*j-4], B % 32) ^ B;
- B = rotate_right(B - S[2*j-5], A % 32) ^ A;
- A = rotate_right(A - S[2*j-6], B % 32) ^ B;
+ B = rotate_right(B - m_S[2*j-5], A % 32) ^ A;
+ A = rotate_right(A - m_S[2*j-6], B % 32) ^ B;
}
- B -= S[1]; A -= S[0];
+ B -= m_S[1]; A -= m_S[0];
store_le(out, A, B);
@@ -82,14 +82,14 @@ void RC5::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void RC5::key_schedule(const byte key[], size_t length)
{
- S.resize(2*rounds + 2);
+ m_S.resize(2*m_rounds + 2);
const size_t WORD_KEYLENGTH = (((length - 1) / 4) + 1);
- const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, S.size());
+ const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, m_S.size());
- S[0] = 0xB7E15163;
- for(size_t i = 1; i != S.size(); ++i)
- S[i] = S[i-1] + 0x9E3779B9;
+ m_S[0] = 0xB7E15163;
+ for(size_t i = 1; i != m_S.size(); ++i)
+ m_S[i] = m_S[i-1] + 0x9E3779B9;
secure_vector<u32bit> K(8);
@@ -100,16 +100,16 @@ void RC5::key_schedule(const byte key[], size_t length)
for(size_t i = 0; i != MIX_ROUNDS; ++i)
{
- A = rotate_left(S[i % S.size()] + A + B, 3);
+ A = rotate_left(m_S[i % m_S.size()] + A + B, 3);
B = rotate_left(K[i % WORD_KEYLENGTH] + A + B, (A + B) % 32);
- S[i % S.size()] = A;
+ m_S[i % m_S.size()] = A;
K[i % WORD_KEYLENGTH] = B;
}
}
void RC5::clear()
{
- zap(S);
+ zap(m_S);
}
/*
@@ -117,17 +117,17 @@ void RC5::clear()
*/
std::string RC5::name() const
{
- return "RC5(" + std::to_string(rounds) + ")";
+ return "RC5(" + std::to_string(m_rounds) + ")";
}
/*
* RC5 Constructor
*/
-RC5::RC5(size_t r) : rounds(r)
+RC5::RC5(size_t r) : m_rounds(r)
{
- if(rounds < 8 || rounds > 32 || (rounds % 4 != 0))
+ if(m_rounds < 8 || m_rounds > 32 || (m_rounds % 4 != 0))
throw Invalid_Argument("RC5: Invalid number of rounds " +
- std::to_string(rounds));
+ std::to_string(m_rounds));
}
}
diff --git a/src/lib/block/rc5/rc5.h b/src/lib/block/rc5/rc5.h
index b8ff1c3f7..4d9232326 100644
--- a/src/lib/block/rc5/rc5.h
+++ b/src/lib/block/rc5/rc5.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC5
*/
-class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32>
+class BOTAN_DLL RC5 final : public Block_Cipher_Fixed_Params<8, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -23,18 +23,18 @@ class BOTAN_DLL RC5 : public Block_Cipher_Fixed_Params<8, 1, 32>
void clear() override;
std::string name() const override;
- BlockCipher* clone() const override { return new RC5(rounds); }
+ BlockCipher* clone() const override { return new RC5(m_rounds); }
/**
* @param rounds the number of RC5 rounds to run. Must be between
* 8 and 32 and a multiple of 4.
*/
- RC5(size_t rounds);
+ explicit RC5(size_t rounds);
private:
void key_schedule(const byte[], size_t) override;
- size_t rounds;
- secure_vector<u32bit> S;
+ size_t m_rounds;
+ secure_vector<u32bit> m_S;
};
}
diff --git a/src/lib/block/rc6/rc6.cpp b/src/lib/block/rc6/rc6.cpp
index 48fb1c32e..426b86ebd 100644
--- a/src/lib/block/rc6/rc6.cpp
+++ b/src/lib/block/rc6/rc6.cpp
@@ -22,7 +22,7 @@ void RC6::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit C = load_le<u32bit>(in, 2);
u32bit D = load_le<u32bit>(in, 3);
- B += S[0]; D += S[1];
+ B += m_S[0]; D += m_S[1];
for(size_t j = 0; j != 20; j += 4)
{
@@ -30,26 +30,26 @@ void RC6::encrypt_n(const byte in[], byte out[], size_t blocks) const
T1 = rotate_left(B*(2*B+1), 5);
T2 = rotate_left(D*(2*D+1), 5);
- A = rotate_left(A ^ T1, T2 % 32) + S[2*j+2];
- C = rotate_left(C ^ T2, T1 % 32) + S[2*j+3];
+ A = rotate_left(A ^ T1, T2 % 32) + m_S[2*j+2];
+ C = rotate_left(C ^ T2, T1 % 32) + m_S[2*j+3];
T1 = rotate_left(C*(2*C+1), 5);
T2 = rotate_left(A*(2*A+1), 5);
- B = rotate_left(B ^ T1, T2 % 32) + S[2*j+4];
- D = rotate_left(D ^ T2, T1 % 32) + S[2*j+5];
+ B = rotate_left(B ^ T1, T2 % 32) + m_S[2*j+4];
+ D = rotate_left(D ^ T2, T1 % 32) + m_S[2*j+5];
T1 = rotate_left(D*(2*D+1), 5);
T2 = rotate_left(B*(2*B+1), 5);
- C = rotate_left(C ^ T1, T2 % 32) + S[2*j+6];
- A = rotate_left(A ^ T2, T1 % 32) + S[2*j+7];
+ C = rotate_left(C ^ T1, T2 % 32) + m_S[2*j+6];
+ A = rotate_left(A ^ T2, T1 % 32) + m_S[2*j+7];
T1 = rotate_left(A*(2*A+1), 5);
T2 = rotate_left(C*(2*C+1), 5);
- D = rotate_left(D ^ T1, T2 % 32) + S[2*j+8];
- B = rotate_left(B ^ T2, T1 % 32) + S[2*j+9];
+ D = rotate_left(D ^ T1, T2 % 32) + m_S[2*j+8];
+ B = rotate_left(B ^ T2, T1 % 32) + m_S[2*j+9];
}
- A += S[42]; C += S[43];
+ A += m_S[42]; C += m_S[43];
store_le(out, A, B, C, D);
@@ -70,7 +70,7 @@ void RC6::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit C = load_le<u32bit>(in, 2);
u32bit D = load_le<u32bit>(in, 3);
- C -= S[43]; A -= S[42];
+ C -= m_S[43]; A -= m_S[42];
for(size_t j = 0; j != 20; j += 4)
{
@@ -78,26 +78,26 @@ void RC6::decrypt_n(const byte in[], byte out[], size_t blocks) const
T1 = rotate_left(A*(2*A+1), 5);
T2 = rotate_left(C*(2*C+1), 5);
- B = rotate_right(B - S[41 - 2*j], T1 % 32) ^ T2;
- D = rotate_right(D - S[40 - 2*j], T2 % 32) ^ T1;
+ B = rotate_right(B - m_S[41 - 2*j], T1 % 32) ^ T2;
+ D = rotate_right(D - m_S[40 - 2*j], T2 % 32) ^ T1;
T1 = rotate_left(D*(2*D+1), 5);
T2 = rotate_left(B*(2*B+1), 5);
- A = rotate_right(A - S[39 - 2*j], T1 % 32) ^ T2;
- C = rotate_right(C - S[38 - 2*j], T2 % 32) ^ T1;
+ A = rotate_right(A - m_S[39 - 2*j], T1 % 32) ^ T2;
+ C = rotate_right(C - m_S[38 - 2*j], T2 % 32) ^ T1;
T1 = rotate_left(C*(2*C+1), 5);
T2 = rotate_left(A*(2*A+1), 5);
- D = rotate_right(D - S[37 - 2*j], T1 % 32) ^ T2;
- B = rotate_right(B - S[36 - 2*j], T2 % 32) ^ T1;
+ D = rotate_right(D - m_S[37 - 2*j], T1 % 32) ^ T2;
+ B = rotate_right(B - m_S[36 - 2*j], T2 % 32) ^ T1;
T1 = rotate_left(B*(2*B+1), 5);
T2 = rotate_left(D*(2*D+1), 5);
- C = rotate_right(C - S[35 - 2*j], T1 % 32) ^ T2;
- A = rotate_right(A - S[34 - 2*j], T2 % 32) ^ T1;
+ C = rotate_right(C - m_S[35 - 2*j], T1 % 32) ^ T2;
+ A = rotate_right(A - m_S[34 - 2*j], T2 % 32) ^ T1;
}
- D -= S[1]; B -= S[0];
+ D -= m_S[1]; B -= m_S[0];
store_le(out, A, B, C, D);
@@ -111,14 +111,14 @@ void RC6::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void RC6::key_schedule(const byte key[], size_t length)
{
- S.resize(44);
+ m_S.resize(44);
const size_t WORD_KEYLENGTH = (((length - 1) / 4) + 1);
- const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, S.size());
+ const size_t MIX_ROUNDS = 3 * std::max(WORD_KEYLENGTH, m_S.size());
- S[0] = 0xB7E15163;
- for(size_t i = 1; i != S.size(); ++i)
- S[i] = S[i-1] + 0x9E3779B9;
+ m_S[0] = 0xB7E15163;
+ for(size_t i = 1; i != m_S.size(); ++i)
+ m_S[i] = m_S[i-1] + 0x9E3779B9;
secure_vector<u32bit> K(8);
@@ -128,16 +128,16 @@ void RC6::key_schedule(const byte key[], size_t length)
u32bit A = 0, B = 0;
for(size_t i = 0; i != MIX_ROUNDS; ++i)
{
- A = rotate_left(S[i % S.size()] + A + B, 3);
+ A = rotate_left(m_S[i % m_S.size()] + A + B, 3);
B = rotate_left(K[i % WORD_KEYLENGTH] + A + B, (A + B) % 32);
- S[i % S.size()] = A;
+ m_S[i % m_S.size()] = A;
K[i % WORD_KEYLENGTH] = B;
}
}
void RC6::clear()
{
- zap(S);
+ zap(m_S);
}
}
diff --git a/src/lib/block/rc6/rc6.h b/src/lib/block/rc6/rc6.h
index 1ff7304ed..3f9bb0af1 100644
--- a/src/lib/block/rc6/rc6.h
+++ b/src/lib/block/rc6/rc6.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RC6, Ron Rivest's AES candidate
*/
-class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32>
+class BOTAN_DLL RC6 final : public Block_Cipher_Fixed_Params<16, 1, 32>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,7 +27,7 @@ class BOTAN_DLL RC6 : public Block_Cipher_Fixed_Params<16, 1, 32>
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> S;
+ secure_vector<u32bit> m_S;
};
}
diff --git a/src/lib/block/safer/safer_sk.cpp b/src/lib/block/safer/safer_sk.cpp
index a8781697d..8dec0b897 100644
--- a/src/lib/block/safer/safer_sk.cpp
+++ b/src/lib/block/safer/safer_sk.cpp
@@ -94,15 +94,15 @@ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const
byte A = in[0], B = in[1], C = in[2], D = in[3],
E = in[4], F = in[5], G = in[6], H = in[7], X, Y;
- for(size_t j = 0; j != 16*rounds; j += 16)
+ for(size_t j = 0; j != 16*m_rounds; j += 16)
{
- A = EXP[A ^ EK[j ]]; B = LOG[B + EK[j+1]];
- C = LOG[C + EK[j+2]]; D = EXP[D ^ EK[j+3]];
- E = EXP[E ^ EK[j+4]]; F = LOG[F + EK[j+5]];
- G = LOG[G + EK[j+6]]; H = EXP[H ^ EK[j+7]];
+ A = EXP[A ^ m_EK[j ]]; B = LOG[B + m_EK[j+1]];
+ C = LOG[C + m_EK[j+2]]; D = EXP[D ^ m_EK[j+3]];
+ E = EXP[E ^ m_EK[j+4]]; F = LOG[F + m_EK[j+5]];
+ G = LOG[G + m_EK[j+6]]; H = EXP[H ^ m_EK[j+7]];
- A += EK[j+ 8]; B ^= EK[j+ 9]; C ^= EK[j+10]; D += EK[j+11];
- E += EK[j+12]; F ^= EK[j+13]; G ^= EK[j+14]; H += EK[j+15];
+ A += m_EK[j+ 8]; B ^= m_EK[j+ 9]; C ^= m_EK[j+10]; D += m_EK[j+11];
+ E += m_EK[j+12]; F ^= m_EK[j+13]; G ^= m_EK[j+14]; H += m_EK[j+15];
B += A; D += C; F += E; H += G; A += B; C += D; E += F; G += H;
C += A; G += E; D += B; H += F; A += C; E += G; B += D; F += H;
@@ -110,10 +110,10 @@ void SAFER_SK::encrypt_n(const byte in[], byte out[], size_t blocks) const
A += B; F = C + G; E = C + F; C = X; G = Y;
}
- out[0] = A ^ EK[16*rounds+0]; out[1] = B + EK[16*rounds+1];
- out[2] = C + EK[16*rounds+2]; out[3] = D ^ EK[16*rounds+3];
- out[4] = E ^ EK[16*rounds+4]; out[5] = F + EK[16*rounds+5];
- out[6] = G + EK[16*rounds+6]; out[7] = H ^ EK[16*rounds+7];
+ out[0] = A ^ m_EK[16*m_rounds+0]; out[1] = B + m_EK[16*m_rounds+1];
+ out[2] = C + m_EK[16*m_rounds+2]; out[3] = D ^ m_EK[16*m_rounds+3];
+ out[4] = E ^ m_EK[16*m_rounds+4]; out[5] = F + m_EK[16*m_rounds+5];
+ out[6] = G + m_EK[16*m_rounds+6]; out[7] = H ^ m_EK[16*m_rounds+7];
in += BLOCK_SIZE;
out += BLOCK_SIZE;
@@ -130,24 +130,24 @@ void SAFER_SK::decrypt_n(const byte in[], byte out[], size_t blocks) const
byte A = in[0], B = in[1], C = in[2], D = in[3],
E = in[4], F = in[5], G = in[6], H = in[7];
- A ^= EK[16*rounds+0]; B -= EK[16*rounds+1]; C -= EK[16*rounds+2];
- D ^= EK[16*rounds+3]; E ^= EK[16*rounds+4]; F -= EK[16*rounds+5];
- G -= EK[16*rounds+6]; H ^= EK[16*rounds+7];
+ A ^= m_EK[16*m_rounds+0]; B -= m_EK[16*m_rounds+1]; C -= m_EK[16*m_rounds+2];
+ D ^= m_EK[16*m_rounds+3]; E ^= m_EK[16*m_rounds+4]; F -= m_EK[16*m_rounds+5];
+ G -= m_EK[16*m_rounds+6]; H ^= m_EK[16*m_rounds+7];
- for(s32bit j = 16*(rounds-1); j >= 0; j -= 16)
+ for(s32bit j = 16*(m_rounds-1); j >= 0; j -= 16)
{
byte T = E; E = B; B = C; C = T; T = F; F = D; D = G; G = T;
A -= E; B -= F; C -= G; D -= H; E -= A; F -= B; G -= C; H -= D;
A -= C; E -= G; B -= D; F -= H; C -= A; G -= E; D -= B; H -= F;
A -= B; C -= D; E -= F; G -= H; B -= A; D -= C; F -= E; H -= G;
- A = LOG[A - EK[j+8 ] + 256]; B = EXP[B ^ EK[j+9 ]];
- C = EXP[C ^ EK[j+10]]; D = LOG[D - EK[j+11] + 256];
- E = LOG[E - EK[j+12] + 256]; F = EXP[F ^ EK[j+13]];
- G = EXP[G ^ EK[j+14]]; H = LOG[H - EK[j+15] + 256];
+ A = LOG[A - m_EK[j+8 ] + 256]; B = EXP[B ^ m_EK[j+9 ]];
+ C = EXP[C ^ m_EK[j+10]]; D = LOG[D - m_EK[j+11] + 256];
+ E = LOG[E - m_EK[j+12] + 256]; F = EXP[F ^ m_EK[j+13]];
+ G = EXP[G ^ m_EK[j+14]]; H = LOG[H - m_EK[j+15] + 256];
- A ^= EK[j+0]; B -= EK[j+1]; C -= EK[j+2]; D ^= EK[j+3];
- E ^= EK[j+4]; F -= EK[j+5]; G -= EK[j+6]; H ^= EK[j+7];
+ A ^= m_EK[j+0]; B -= m_EK[j+1]; C -= m_EK[j+2]; D ^= m_EK[j+3];
+ E ^= m_EK[j+4]; F -= m_EK[j+5]; G -= m_EK[j+6]; H ^= m_EK[j+7];
}
out[0] = A; out[1] = B; out[2] = C; out[3] = D;
@@ -203,28 +203,28 @@ void SAFER_SK::key_schedule(const byte key[], size_t)
0x07, 0x08, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x11, 0x09, 0x0A, 0x0B,
0x0C, 0x0D, 0x0E, 0x0F };
- EK.resize(16 * rounds + 8);
+ m_EK.resize(16 * m_rounds + 8);
secure_vector<byte> KB(18);
for(size_t i = 0; i != 8; ++i)
{
KB[ 8] ^= KB[i] = rotate_left(key[i], 5);
- KB[17] ^= KB[i+9] = EK[i] = key[i+8];
+ KB[17] ^= KB[i+9] = m_EK[i] = key[i+8];
}
- for(size_t i = 0; i != rounds; ++i)
+ for(size_t i = 0; i != m_rounds; ++i)
{
for(size_t j = 0; j != 18; ++j)
KB[j] = rotate_left(KB[j], 6);
for(size_t j = 0; j != 16; ++j)
- EK[16*i+j+8] = KB[KEY_INDEX[16*i+j]] + BIAS[16*i+j];
+ m_EK[16*i+j+8] = KB[KEY_INDEX[16*i+j]] + BIAS[16*i+j];
}
}
void SAFER_SK::clear()
{
- zap(EK);
+ zap(m_EK);
}
/*
@@ -232,7 +232,7 @@ void SAFER_SK::clear()
*/
std::string SAFER_SK::name() const
{
- return "SAFER-SK(" + std::to_string(rounds) + ")";
+ return "SAFER-SK(" + std::to_string(m_rounds) + ")";
}
/*
@@ -240,15 +240,15 @@ std::string SAFER_SK::name() const
*/
BlockCipher* SAFER_SK::clone() const
{
- return new SAFER_SK(rounds);
+ return new SAFER_SK(m_rounds);
}
/*
* SAFER-SK Constructor
*/
-SAFER_SK::SAFER_SK(size_t r) : rounds(r)
+SAFER_SK::SAFER_SK(size_t r) : m_rounds(r)
{
- if(rounds > 13 || rounds == 0)
+ if(m_rounds > 13 || m_rounds == 0)
throw Invalid_Argument(name() + ": Invalid number of rounds");
}
diff --git a/src/lib/block/safer/safer_sk.h b/src/lib/block/safer/safer_sk.h
index 74241d4e6..af944b36c 100644
--- a/src/lib/block/safer/safer_sk.h
+++ b/src/lib/block/safer/safer_sk.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SAFER-SK
*/
-class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16>
+class BOTAN_DLL SAFER_SK final : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -29,12 +29,12 @@ class BOTAN_DLL SAFER_SK : public Block_Cipher_Fixed_Params<8, 16>
* @param rounds the number of rounds to use - must be between 1
* and 13
*/
- SAFER_SK(size_t rounds);
+ explicit SAFER_SK(size_t rounds);
private:
void key_schedule(const byte[], size_t) override;
- size_t rounds;
- secure_vector<byte> EK;
+ size_t m_rounds;
+ secure_vector<byte> m_EK;
};
}
diff --git a/src/lib/block/seed/seed.cpp b/src/lib/block/seed/seed.cpp
index 833f9943f..6e0aaa41f 100644
--- a/src/lib/block/seed/seed.cpp
+++ b/src/lib/block/seed/seed.cpp
@@ -10,15 +10,199 @@
namespace Botan {
+namespace {
+
+const u32bit SEED_S0[256] = {
+ 0x2989A1A8, 0x05858184, 0x16C6D2D4, 0x13C3D3D0, 0x14445054, 0x1D0D111C,
+ 0x2C8CA0AC, 0x25052124, 0x1D4D515C, 0x03434340, 0x18081018, 0x1E0E121C,
+ 0x11415150, 0x3CCCF0FC, 0x0ACAC2C8, 0x23436360, 0x28082028, 0x04444044,
+ 0x20002020, 0x1D8D919C, 0x20C0E0E0, 0x22C2E2E0, 0x08C8C0C8, 0x17071314,
+ 0x2585A1A4, 0x0F8F838C, 0x03030300, 0x3B4B7378, 0x3B8BB3B8, 0x13031310,
+ 0x12C2D2D0, 0x2ECEE2EC, 0x30407070, 0x0C8C808C, 0x3F0F333C, 0x2888A0A8,
+ 0x32023230, 0x1DCDD1DC, 0x36C6F2F4, 0x34447074, 0x2CCCE0EC, 0x15859194,
+ 0x0B0B0308, 0x17475354, 0x1C4C505C, 0x1B4B5358, 0x3D8DB1BC, 0x01010100,
+ 0x24042024, 0x1C0C101C, 0x33437370, 0x18889098, 0x10001010, 0x0CCCC0CC,
+ 0x32C2F2F0, 0x19C9D1D8, 0x2C0C202C, 0x27C7E3E4, 0x32427270, 0x03838380,
+ 0x1B8B9398, 0x11C1D1D0, 0x06868284, 0x09C9C1C8, 0x20406060, 0x10405050,
+ 0x2383A3A0, 0x2BCBE3E8, 0x0D0D010C, 0x3686B2B4, 0x1E8E929C, 0x0F4F434C,
+ 0x3787B3B4, 0x1A4A5258, 0x06C6C2C4, 0x38487078, 0x2686A2A4, 0x12021210,
+ 0x2F8FA3AC, 0x15C5D1D4, 0x21416160, 0x03C3C3C0, 0x3484B0B4, 0x01414140,
+ 0x12425250, 0x3D4D717C, 0x0D8D818C, 0x08080008, 0x1F0F131C, 0x19899198,
+ 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37C7F3F4, 0x21C1E1E0,
+ 0x3DCDF1FC, 0x36467274, 0x2F0F232C, 0x27072324, 0x3080B0B0, 0x0B8B8388,
+ 0x0E0E020C, 0x2B8BA3A8, 0x2282A2A0, 0x2E4E626C, 0x13839390, 0x0D4D414C,
+ 0x29496168, 0x3C4C707C, 0x09090108, 0x0A0A0208, 0x3F8FB3BC, 0x2FCFE3EC,
+ 0x33C3F3F0, 0x05C5C1C4, 0x07878384, 0x14041014, 0x3ECEF2FC, 0x24446064,
+ 0x1ECED2DC, 0x2E0E222C, 0x0B4B4348, 0x1A0A1218, 0x06060204, 0x21012120,
+ 0x2B4B6368, 0x26466264, 0x02020200, 0x35C5F1F4, 0x12829290, 0x0A8A8288,
+ 0x0C0C000C, 0x3383B3B0, 0x3E4E727C, 0x10C0D0D0, 0x3A4A7278, 0x07474344,
+ 0x16869294, 0x25C5E1E4, 0x26062224, 0x00808080, 0x2D8DA1AC, 0x1FCFD3DC,
+ 0x2181A1A0, 0x30003030, 0x37073334, 0x2E8EA2AC, 0x36063234, 0x15051114,
+ 0x22022220, 0x38083038, 0x34C4F0F4, 0x2787A3A4, 0x05454144, 0x0C4C404C,
+ 0x01818180, 0x29C9E1E8, 0x04848084, 0x17879394, 0x35053134, 0x0BCBC3C8,
+ 0x0ECEC2CC, 0x3C0C303C, 0x31417170, 0x11011110, 0x07C7C3C4, 0x09898188,
+ 0x35457174, 0x3BCBF3F8, 0x1ACAD2D8, 0x38C8F0F8, 0x14849094, 0x19495158,
+ 0x02828280, 0x04C4C0C4, 0x3FCFF3FC, 0x09494148, 0x39093138, 0x27476364,
+ 0x00C0C0C0, 0x0FCFC3CC, 0x17C7D3D4, 0x3888B0B8, 0x0F0F030C, 0x0E8E828C,
+ 0x02424240, 0x23032320, 0x11819190, 0x2C4C606C, 0x1BCBD3D8, 0x2484A0A4,
+ 0x34043034, 0x31C1F1F0, 0x08484048, 0x02C2C2C0, 0x2F4F636C, 0x3D0D313C,
+ 0x2D0D212C, 0x00404040, 0x3E8EB2BC, 0x3E0E323C, 0x3C8CB0BC, 0x01C1C1C0,
+ 0x2A8AA2A8, 0x3A8AB2B8, 0x0E4E424C, 0x15455154, 0x3B0B3338, 0x1CCCD0DC,
+ 0x28486068, 0x3F4F737C, 0x1C8C909C, 0x18C8D0D8, 0x0A4A4248, 0x16465254,
+ 0x37477374, 0x2080A0A0, 0x2DCDE1EC, 0x06464244, 0x3585B1B4, 0x2B0B2328,
+ 0x25456164, 0x3ACAF2F8, 0x23C3E3E0, 0x3989B1B8, 0x3181B1B0, 0x1F8F939C,
+ 0x1E4E525C, 0x39C9F1F8, 0x26C6E2E4, 0x3282B2B0, 0x31013130, 0x2ACAE2E8,
+ 0x2D4D616C, 0x1F4F535C, 0x24C4E0E4, 0x30C0F0F0, 0x0DCDC1CC, 0x08888088,
+ 0x16061214, 0x3A0A3238, 0x18485058, 0x14C4D0D4, 0x22426260, 0x29092128,
+ 0x07070304, 0x33033330, 0x28C8E0E8, 0x1B0B1318, 0x05050104, 0x39497178,
+ 0x10809090, 0x2A4A6268, 0x2A0A2228, 0x1A8A9298 };
+
+const u32bit SEED_S1[256] = {
+ 0x38380830, 0xE828C8E0, 0x2C2D0D21, 0xA42686A2, 0xCC0FCFC3, 0xDC1ECED2,
+ 0xB03383B3, 0xB83888B0, 0xAC2F8FA3, 0x60204060, 0x54154551, 0xC407C7C3,
+ 0x44044440, 0x6C2F4F63, 0x682B4B63, 0x581B4B53, 0xC003C3C3, 0x60224262,
+ 0x30330333, 0xB43585B1, 0x28290921, 0xA02080A0, 0xE022C2E2, 0xA42787A3,
+ 0xD013C3D3, 0x90118191, 0x10110111, 0x04060602, 0x1C1C0C10, 0xBC3C8CB0,
+ 0x34360632, 0x480B4B43, 0xEC2FCFE3, 0x88088880, 0x6C2C4C60, 0xA82888A0,
+ 0x14170713, 0xC404C4C0, 0x14160612, 0xF434C4F0, 0xC002C2C2, 0x44054541,
+ 0xE021C1E1, 0xD416C6D2, 0x3C3F0F33, 0x3C3D0D31, 0x8C0E8E82, 0x98188890,
+ 0x28280820, 0x4C0E4E42, 0xF436C6F2, 0x3C3E0E32, 0xA42585A1, 0xF839C9F1,
+ 0x0C0D0D01, 0xDC1FCFD3, 0xD818C8D0, 0x282B0B23, 0x64264662, 0x783A4A72,
+ 0x24270723, 0x2C2F0F23, 0xF031C1F1, 0x70324272, 0x40024242, 0xD414C4D0,
+ 0x40014141, 0xC000C0C0, 0x70334373, 0x64274763, 0xAC2C8CA0, 0x880B8B83,
+ 0xF437C7F3, 0xAC2D8DA1, 0x80008080, 0x1C1F0F13, 0xC80ACAC2, 0x2C2C0C20,
+ 0xA82A8AA2, 0x34340430, 0xD012C2D2, 0x080B0B03, 0xEC2ECEE2, 0xE829C9E1,
+ 0x5C1D4D51, 0x94148490, 0x18180810, 0xF838C8F0, 0x54174753, 0xAC2E8EA2,
+ 0x08080800, 0xC405C5C1, 0x10130313, 0xCC0DCDC1, 0x84068682, 0xB83989B1,
+ 0xFC3FCFF3, 0x7C3D4D71, 0xC001C1C1, 0x30310131, 0xF435C5F1, 0x880A8A82,
+ 0x682A4A62, 0xB03181B1, 0xD011C1D1, 0x20200020, 0xD417C7D3, 0x00020202,
+ 0x20220222, 0x04040400, 0x68284860, 0x70314171, 0x04070703, 0xD81BCBD3,
+ 0x9C1D8D91, 0x98198991, 0x60214161, 0xBC3E8EB2, 0xE426C6E2, 0x58194951,
+ 0xDC1DCDD1, 0x50114151, 0x90108090, 0xDC1CCCD0, 0x981A8A92, 0xA02383A3,
+ 0xA82B8BA3, 0xD010C0D0, 0x80018181, 0x0C0F0F03, 0x44074743, 0x181A0A12,
+ 0xE023C3E3, 0xEC2CCCE0, 0x8C0D8D81, 0xBC3F8FB3, 0x94168692, 0x783B4B73,
+ 0x5C1C4C50, 0xA02282A2, 0xA02181A1, 0x60234363, 0x20230323, 0x4C0D4D41,
+ 0xC808C8C0, 0x9C1E8E92, 0x9C1C8C90, 0x383A0A32, 0x0C0C0C00, 0x2C2E0E22,
+ 0xB83A8AB2, 0x6C2E4E62, 0x9C1F8F93, 0x581A4A52, 0xF032C2F2, 0x90128292,
+ 0xF033C3F3, 0x48094941, 0x78384870, 0xCC0CCCC0, 0x14150511, 0xF83BCBF3,
+ 0x70304070, 0x74354571, 0x7C3F4F73, 0x34350531, 0x10100010, 0x00030303,
+ 0x64244460, 0x6C2D4D61, 0xC406C6C2, 0x74344470, 0xD415C5D1, 0xB43484B0,
+ 0xE82ACAE2, 0x08090901, 0x74364672, 0x18190911, 0xFC3ECEF2, 0x40004040,
+ 0x10120212, 0xE020C0E0, 0xBC3D8DB1, 0x04050501, 0xF83ACAF2, 0x00010101,
+ 0xF030C0F0, 0x282A0A22, 0x5C1E4E52, 0xA82989A1, 0x54164652, 0x40034343,
+ 0x84058581, 0x14140410, 0x88098981, 0x981B8B93, 0xB03080B0, 0xE425C5E1,
+ 0x48084840, 0x78394971, 0x94178793, 0xFC3CCCF0, 0x1C1E0E12, 0x80028282,
+ 0x20210121, 0x8C0C8C80, 0x181B0B13, 0x5C1F4F53, 0x74374773, 0x54144450,
+ 0xB03282B2, 0x1C1D0D11, 0x24250521, 0x4C0F4F43, 0x00000000, 0x44064642,
+ 0xEC2DCDE1, 0x58184850, 0x50124252, 0xE82BCBE3, 0x7C3E4E72, 0xD81ACAD2,
+ 0xC809C9C1, 0xFC3DCDF1, 0x30300030, 0x94158591, 0x64254561, 0x3C3C0C30,
+ 0xB43686B2, 0xE424C4E0, 0xB83B8BB3, 0x7C3C4C70, 0x0C0E0E02, 0x50104050,
+ 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
+ 0x34370733, 0xE427C7E3, 0x24240420, 0xA42484A0, 0xC80BCBC3, 0x50134353,
+ 0x080A0A02, 0x84078783, 0xD819C9D1, 0x4C0C4C40, 0x80038383, 0x8C0F8F83,
+ 0xCC0ECEC2, 0x383B0B33, 0x480A4A42, 0xB43787B3 };
+
+const u32bit SEED_S2[256] = {
+ 0xA1A82989, 0x81840585, 0xD2D416C6, 0xD3D013C3, 0x50541444, 0x111C1D0D,
+ 0xA0AC2C8C, 0x21242505, 0x515C1D4D, 0x43400343, 0x10181808, 0x121C1E0E,
+ 0x51501141, 0xF0FC3CCC, 0xC2C80ACA, 0x63602343, 0x20282808, 0x40440444,
+ 0x20202000, 0x919C1D8D, 0xE0E020C0, 0xE2E022C2, 0xC0C808C8, 0x13141707,
+ 0xA1A42585, 0x838C0F8F, 0x03000303, 0x73783B4B, 0xB3B83B8B, 0x13101303,
+ 0xD2D012C2, 0xE2EC2ECE, 0x70703040, 0x808C0C8C, 0x333C3F0F, 0xA0A82888,
+ 0x32303202, 0xD1DC1DCD, 0xF2F436C6, 0x70743444, 0xE0EC2CCC, 0x91941585,
+ 0x03080B0B, 0x53541747, 0x505C1C4C, 0x53581B4B, 0xB1BC3D8D, 0x01000101,
+ 0x20242404, 0x101C1C0C, 0x73703343, 0x90981888, 0x10101000, 0xC0CC0CCC,
+ 0xF2F032C2, 0xD1D819C9, 0x202C2C0C, 0xE3E427C7, 0x72703242, 0x83800383,
+ 0x93981B8B, 0xD1D011C1, 0x82840686, 0xC1C809C9, 0x60602040, 0x50501040,
+ 0xA3A02383, 0xE3E82BCB, 0x010C0D0D, 0xB2B43686, 0x929C1E8E, 0x434C0F4F,
+ 0xB3B43787, 0x52581A4A, 0xC2C406C6, 0x70783848, 0xA2A42686, 0x12101202,
+ 0xA3AC2F8F, 0xD1D415C5, 0x61602141, 0xC3C003C3, 0xB0B43484, 0x41400141,
+ 0x52501242, 0x717C3D4D, 0x818C0D8D, 0x00080808, 0x131C1F0F, 0x91981989,
+ 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xF3F437C7, 0xE1E021C1,
+ 0xF1FC3DCD, 0x72743646, 0x232C2F0F, 0x23242707, 0xB0B03080, 0x83880B8B,
+ 0x020C0E0E, 0xA3A82B8B, 0xA2A02282, 0x626C2E4E, 0x93901383, 0x414C0D4D,
+ 0x61682949, 0x707C3C4C, 0x01080909, 0x02080A0A, 0xB3BC3F8F, 0xE3EC2FCF,
+ 0xF3F033C3, 0xC1C405C5, 0x83840787, 0x10141404, 0xF2FC3ECE, 0x60642444,
+ 0xD2DC1ECE, 0x222C2E0E, 0x43480B4B, 0x12181A0A, 0x02040606, 0x21202101,
+ 0x63682B4B, 0x62642646, 0x02000202, 0xF1F435C5, 0x92901282, 0x82880A8A,
+ 0x000C0C0C, 0xB3B03383, 0x727C3E4E, 0xD0D010C0, 0x72783A4A, 0x43440747,
+ 0x92941686, 0xE1E425C5, 0x22242606, 0x80800080, 0xA1AC2D8D, 0xD3DC1FCF,
+ 0xA1A02181, 0x30303000, 0x33343707, 0xA2AC2E8E, 0x32343606, 0x11141505,
+ 0x22202202, 0x30383808, 0xF0F434C4, 0xA3A42787, 0x41440545, 0x404C0C4C,
+ 0x81800181, 0xE1E829C9, 0x80840484, 0x93941787, 0x31343505, 0xC3C80BCB,
+ 0xC2CC0ECE, 0x303C3C0C, 0x71703141, 0x11101101, 0xC3C407C7, 0x81880989,
+ 0x71743545, 0xF3F83BCB, 0xD2D81ACA, 0xF0F838C8, 0x90941484, 0x51581949,
+ 0x82800282, 0xC0C404C4, 0xF3FC3FCF, 0x41480949, 0x31383909, 0x63642747,
+ 0xC0C000C0, 0xC3CC0FCF, 0xD3D417C7, 0xB0B83888, 0x030C0F0F, 0x828C0E8E,
+ 0x42400242, 0x23202303, 0x91901181, 0x606C2C4C, 0xD3D81BCB, 0xA0A42484,
+ 0x30343404, 0xF1F031C1, 0x40480848, 0xC2C002C2, 0x636C2F4F, 0x313C3D0D,
+ 0x212C2D0D, 0x40400040, 0xB2BC3E8E, 0x323C3E0E, 0xB0BC3C8C, 0xC1C001C1,
+ 0xA2A82A8A, 0xB2B83A8A, 0x424C0E4E, 0x51541545, 0x33383B0B, 0xD0DC1CCC,
+ 0x60682848, 0x737C3F4F, 0x909C1C8C, 0xD0D818C8, 0x42480A4A, 0x52541646,
+ 0x73743747, 0xA0A02080, 0xE1EC2DCD, 0x42440646, 0xB1B43585, 0x23282B0B,
+ 0x61642545, 0xF2F83ACA, 0xE3E023C3, 0xB1B83989, 0xB1B03181, 0x939C1F8F,
+ 0x525C1E4E, 0xF1F839C9, 0xE2E426C6, 0xB2B03282, 0x31303101, 0xE2E82ACA,
+ 0x616C2D4D, 0x535C1F4F, 0xE0E424C4, 0xF0F030C0, 0xC1CC0DCD, 0x80880888,
+ 0x12141606, 0x32383A0A, 0x50581848, 0xD0D414C4, 0x62602242, 0x21282909,
+ 0x03040707, 0x33303303, 0xE0E828C8, 0x13181B0B, 0x01040505, 0x71783949,
+ 0x90901080, 0x62682A4A, 0x22282A0A, 0x92981A8A };
+
+const u32bit SEED_S3[256] = {
+ 0x08303838, 0xC8E0E828, 0x0D212C2D, 0x86A2A426, 0xCFC3CC0F, 0xCED2DC1E,
+ 0x83B3B033, 0x88B0B838, 0x8FA3AC2F, 0x40606020, 0x45515415, 0xC7C3C407,
+ 0x44404404, 0x4F636C2F, 0x4B63682B, 0x4B53581B, 0xC3C3C003, 0x42626022,
+ 0x03333033, 0x85B1B435, 0x09212829, 0x80A0A020, 0xC2E2E022, 0x87A3A427,
+ 0xC3D3D013, 0x81919011, 0x01111011, 0x06020406, 0x0C101C1C, 0x8CB0BC3C,
+ 0x06323436, 0x4B43480B, 0xCFE3EC2F, 0x88808808, 0x4C606C2C, 0x88A0A828,
+ 0x07131417, 0xC4C0C404, 0x06121416, 0xC4F0F434, 0xC2C2C002, 0x45414405,
+ 0xC1E1E021, 0xC6D2D416, 0x0F333C3F, 0x0D313C3D, 0x8E828C0E, 0x88909818,
+ 0x08202828, 0x4E424C0E, 0xC6F2F436, 0x0E323C3E, 0x85A1A425, 0xC9F1F839,
+ 0x0D010C0D, 0xCFD3DC1F, 0xC8D0D818, 0x0B23282B, 0x46626426, 0x4A72783A,
+ 0x07232427, 0x0F232C2F, 0xC1F1F031, 0x42727032, 0x42424002, 0xC4D0D414,
+ 0x41414001, 0xC0C0C000, 0x43737033, 0x47636427, 0x8CA0AC2C, 0x8B83880B,
+ 0xC7F3F437, 0x8DA1AC2D, 0x80808000, 0x0F131C1F, 0xCAC2C80A, 0x0C202C2C,
+ 0x8AA2A82A, 0x04303434, 0xC2D2D012, 0x0B03080B, 0xCEE2EC2E, 0xC9E1E829,
+ 0x4D515C1D, 0x84909414, 0x08101818, 0xC8F0F838, 0x47535417, 0x8EA2AC2E,
+ 0x08000808, 0xC5C1C405, 0x03131013, 0xCDC1CC0D, 0x86828406, 0x89B1B839,
+ 0xCFF3FC3F, 0x4D717C3D, 0xC1C1C001, 0x01313031, 0xC5F1F435, 0x8A82880A,
+ 0x4A62682A, 0x81B1B031, 0xC1D1D011, 0x00202020, 0xC7D3D417, 0x02020002,
+ 0x02222022, 0x04000404, 0x48606828, 0x41717031, 0x07030407, 0xCBD3D81B,
+ 0x8D919C1D, 0x89919819, 0x41616021, 0x8EB2BC3E, 0xC6E2E426, 0x49515819,
+ 0xCDD1DC1D, 0x41515011, 0x80909010, 0xCCD0DC1C, 0x8A92981A, 0x83A3A023,
+ 0x8BA3A82B, 0xC0D0D010, 0x81818001, 0x0F030C0F, 0x47434407, 0x0A12181A,
+ 0xC3E3E023, 0xCCE0EC2C, 0x8D818C0D, 0x8FB3BC3F, 0x86929416, 0x4B73783B,
+ 0x4C505C1C, 0x82A2A022, 0x81A1A021, 0x43636023, 0x03232023, 0x4D414C0D,
+ 0xC8C0C808, 0x8E929C1E, 0x8C909C1C, 0x0A32383A, 0x0C000C0C, 0x0E222C2E,
+ 0x8AB2B83A, 0x4E626C2E, 0x8F939C1F, 0x4A52581A, 0xC2F2F032, 0x82929012,
+ 0xC3F3F033, 0x49414809, 0x48707838, 0xCCC0CC0C, 0x05111415, 0xCBF3F83B,
+ 0x40707030, 0x45717435, 0x4F737C3F, 0x05313435, 0x00101010, 0x03030003,
+ 0x44606424, 0x4D616C2D, 0xC6C2C406, 0x44707434, 0xC5D1D415, 0x84B0B434,
+ 0xCAE2E82A, 0x09010809, 0x46727436, 0x09111819, 0xCEF2FC3E, 0x40404000,
+ 0x02121012, 0xC0E0E020, 0x8DB1BC3D, 0x05010405, 0xCAF2F83A, 0x01010001,
+ 0xC0F0F030, 0x0A22282A, 0x4E525C1E, 0x89A1A829, 0x46525416, 0x43434003,
+ 0x85818405, 0x04101414, 0x89818809, 0x8B93981B, 0x80B0B030, 0xC5E1E425,
+ 0x48404808, 0x49717839, 0x87939417, 0xCCF0FC3C, 0x0E121C1E, 0x82828002,
+ 0x01212021, 0x8C808C0C, 0x0B13181B, 0x4F535C1F, 0x47737437, 0x44505414,
+ 0x82B2B032, 0x0D111C1D, 0x05212425, 0x4F434C0F, 0x00000000, 0x46424406,
+ 0xCDE1EC2D, 0x48505818, 0x42525012, 0xCBE3E82B, 0x4E727C3E, 0xCAD2D81A,
+ 0xC9C1C809, 0xCDF1FC3D, 0x00303030, 0x85919415, 0x45616425, 0x0C303C3C,
+ 0x86B2B436, 0xC4E0E424, 0x8BB3B83B, 0x4C707C3C, 0x0E020C0E, 0x40505010,
+ 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
+ 0x07333437, 0xC7E3E427, 0x04202424, 0x84A0A424, 0xCBC3C80B, 0x43535013,
+ 0x0A02080A, 0x87838407, 0xC9D1D819, 0x4C404C0C, 0x83838003, 0x8F838C0F,
+ 0xCEC2CC0E, 0x0B33383B, 0x4A42480A, 0x87B3B437 };
+
/*
* SEED G Function
*/
-u32bit SEED::G_FUNC::operator()(u32bit X) const
+u32bit SEED_G(u32bit X)
{
- return (S0[get_byte(3, X)] ^ S1[get_byte(2, X)] ^
- S2[get_byte(1, X)] ^ S3[get_byte(0, X)]);
+ return (SEED_S0[get_byte(3, X)] ^ SEED_S1[get_byte(2, X)] ^
+ SEED_S2[get_byte(1, X)] ^ SEED_S3[get_byte(0, X)]);
}
+}
+
/*
* SEED Encryption
*/
@@ -31,23 +215,21 @@ void SEED::encrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit B2 = load_be<u32bit>(in, 2);
u32bit B3 = load_be<u32bit>(in, 3);
- G_FUNC G;
-
for(size_t j = 0; j != 16; j += 2)
{
u32bit T0, T1;
- T0 = B2 ^ K[2*j];
- T1 = G(B2 ^ B3 ^ K[2*j+1]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
+ T0 = B2 ^ m_K[2*j];
+ T1 = SEED_G(B2 ^ B3 ^ m_K[2*j+1]);
+ T0 = SEED_G(T1 + T0);
+ T1 = SEED_G(T1 + T0);
B1 ^= T1;
B0 ^= T0 + T1;
- T0 = B0 ^ K[2*j+2];
- T1 = G(B0 ^ B1 ^ K[2*j+3]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
+ T0 = B0 ^ m_K[2*j+2];
+ T1 = SEED_G(B0 ^ B1 ^ m_K[2*j+3]);
+ T0 = SEED_G(T1 + T0);
+ T1 = SEED_G(T1 + T0);
B3 ^= T1;
B2 ^= T0 + T1;
}
@@ -71,23 +253,21 @@ void SEED::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit B2 = load_be<u32bit>(in, 2);
u32bit B3 = load_be<u32bit>(in, 3);
- G_FUNC G;
-
for(size_t j = 0; j != 16; j += 2)
{
u32bit T0, T1;
- T0 = B2 ^ K[30-2*j];
- T1 = G(B2 ^ B3 ^ K[31-2*j]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
+ T0 = B2 ^ m_K[30-2*j];
+ T1 = SEED_G(B2 ^ B3 ^ m_K[31-2*j]);
+ T0 = SEED_G(T1 + T0);
+ T1 = SEED_G(T1 + T0);
B1 ^= T1;
B0 ^= T0 + T1;
- T0 = B0 ^ K[28-2*j];
- T1 = G(B0 ^ B1 ^ K[29-2*j]);
- T0 = G(T1 + T0);
- T1 = G(T1 + T0);
+ T0 = B0 ^ m_K[28-2*j];
+ T1 = SEED_G(B0 ^ B1 ^ m_K[29-2*j]);
+ T0 = SEED_G(T1 + T0);
+ T1 = SEED_G(T1 + T0);
B3 ^= T1;
B2 ^= T0 + T1;
}
@@ -116,21 +296,19 @@ void SEED::key_schedule(const byte key[], size_t)
for(size_t i = 0; i != 4; ++i)
WK[i] = load_be<u32bit>(key, i);
- G_FUNC G;
-
- K.resize(32);
+ m_K.resize(32);
for(size_t i = 0; i != 16; i += 2)
{
- K[2*i ] = G(WK[0] + WK[2] - RC[i]);
- K[2*i+1] = G(WK[1] - WK[3] + RC[i]) ^ K[2*i];
+ m_K[2*i ] = SEED_G(WK[0] + WK[2] - RC[i]);
+ m_K[2*i+1] = SEED_G(WK[1] - WK[3] + RC[i]) ^ m_K[2*i];
byte T = get_byte(3, WK[0]);
WK[0] = (WK[0] >> 8) | (get_byte(3, WK[1]) << 24);
WK[1] = (WK[1] >> 8) | (T << 24);
- K[2*i+2] = G(WK[0] + WK[2] - RC[i+1]);
- K[2*i+3] = G(WK[1] - WK[3] + RC[i+1]) ^ K[2*i+2];
+ m_K[2*i+2] = SEED_G(WK[0] + WK[2] - RC[i+1]);
+ m_K[2*i+3] = SEED_G(WK[1] - WK[3] + RC[i+1]) ^ m_K[2*i+2];
T = get_byte(0, WK[3]);
WK[3] = (WK[3] << 8) | get_byte(0, WK[2]);
@@ -140,7 +318,7 @@ void SEED::key_schedule(const byte key[], size_t)
void SEED::clear()
{
- zap(K);
+ zap(m_K);
}
}
diff --git a/src/lib/block/seed/seed.h b/src/lib/block/seed/seed.h
index 431af7309..45e691913 100644
--- a/src/lib/block/seed/seed.h
+++ b/src/lib/block/seed/seed.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SEED, a Korean block cipher
*/
-class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16>
+class BOTAN_DLL SEED final : public Block_Cipher_Fixed_Params<16, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -27,15 +27,7 @@ class BOTAN_DLL SEED : public Block_Cipher_Fixed_Params<16, 16>
private:
void key_schedule(const byte[], size_t) override;
- class G_FUNC
- {
- public:
- u32bit operator()(u32bit) const;
- private:
- static const u32bit S0[256], S1[256], S2[256], S3[256];
- };
-
- secure_vector<u32bit> K;
+ secure_vector<u32bit> m_K;
};
}
diff --git a/src/lib/block/seed/seed_tab.cpp b/src/lib/block/seed/seed_tab.cpp
deleted file mode 100644
index eb2a9a2fc..000000000
--- a/src/lib/block/seed/seed_tab.cpp
+++ /dev/null
@@ -1,192 +0,0 @@
-/*
-* S-Box Tables for SEED
-* (C) 1999-2007 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include <botan/seed.h>
-
-namespace Botan {
-
-const u32bit SEED::G_FUNC::S0[256] = {
- 0x2989A1A8, 0x05858184, 0x16C6D2D4, 0x13C3D3D0, 0x14445054, 0x1D0D111C,
- 0x2C8CA0AC, 0x25052124, 0x1D4D515C, 0x03434340, 0x18081018, 0x1E0E121C,
- 0x11415150, 0x3CCCF0FC, 0x0ACAC2C8, 0x23436360, 0x28082028, 0x04444044,
- 0x20002020, 0x1D8D919C, 0x20C0E0E0, 0x22C2E2E0, 0x08C8C0C8, 0x17071314,
- 0x2585A1A4, 0x0F8F838C, 0x03030300, 0x3B4B7378, 0x3B8BB3B8, 0x13031310,
- 0x12C2D2D0, 0x2ECEE2EC, 0x30407070, 0x0C8C808C, 0x3F0F333C, 0x2888A0A8,
- 0x32023230, 0x1DCDD1DC, 0x36C6F2F4, 0x34447074, 0x2CCCE0EC, 0x15859194,
- 0x0B0B0308, 0x17475354, 0x1C4C505C, 0x1B4B5358, 0x3D8DB1BC, 0x01010100,
- 0x24042024, 0x1C0C101C, 0x33437370, 0x18889098, 0x10001010, 0x0CCCC0CC,
- 0x32C2F2F0, 0x19C9D1D8, 0x2C0C202C, 0x27C7E3E4, 0x32427270, 0x03838380,
- 0x1B8B9398, 0x11C1D1D0, 0x06868284, 0x09C9C1C8, 0x20406060, 0x10405050,
- 0x2383A3A0, 0x2BCBE3E8, 0x0D0D010C, 0x3686B2B4, 0x1E8E929C, 0x0F4F434C,
- 0x3787B3B4, 0x1A4A5258, 0x06C6C2C4, 0x38487078, 0x2686A2A4, 0x12021210,
- 0x2F8FA3AC, 0x15C5D1D4, 0x21416160, 0x03C3C3C0, 0x3484B0B4, 0x01414140,
- 0x12425250, 0x3D4D717C, 0x0D8D818C, 0x08080008, 0x1F0F131C, 0x19899198,
- 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37C7F3F4, 0x21C1E1E0,
- 0x3DCDF1FC, 0x36467274, 0x2F0F232C, 0x27072324, 0x3080B0B0, 0x0B8B8388,
- 0x0E0E020C, 0x2B8BA3A8, 0x2282A2A0, 0x2E4E626C, 0x13839390, 0x0D4D414C,
- 0x29496168, 0x3C4C707C, 0x09090108, 0x0A0A0208, 0x3F8FB3BC, 0x2FCFE3EC,
- 0x33C3F3F0, 0x05C5C1C4, 0x07878384, 0x14041014, 0x3ECEF2FC, 0x24446064,
- 0x1ECED2DC, 0x2E0E222C, 0x0B4B4348, 0x1A0A1218, 0x06060204, 0x21012120,
- 0x2B4B6368, 0x26466264, 0x02020200, 0x35C5F1F4, 0x12829290, 0x0A8A8288,
- 0x0C0C000C, 0x3383B3B0, 0x3E4E727C, 0x10C0D0D0, 0x3A4A7278, 0x07474344,
- 0x16869294, 0x25C5E1E4, 0x26062224, 0x00808080, 0x2D8DA1AC, 0x1FCFD3DC,
- 0x2181A1A0, 0x30003030, 0x37073334, 0x2E8EA2AC, 0x36063234, 0x15051114,
- 0x22022220, 0x38083038, 0x34C4F0F4, 0x2787A3A4, 0x05454144, 0x0C4C404C,
- 0x01818180, 0x29C9E1E8, 0x04848084, 0x17879394, 0x35053134, 0x0BCBC3C8,
- 0x0ECEC2CC, 0x3C0C303C, 0x31417170, 0x11011110, 0x07C7C3C4, 0x09898188,
- 0x35457174, 0x3BCBF3F8, 0x1ACAD2D8, 0x38C8F0F8, 0x14849094, 0x19495158,
- 0x02828280, 0x04C4C0C4, 0x3FCFF3FC, 0x09494148, 0x39093138, 0x27476364,
- 0x00C0C0C0, 0x0FCFC3CC, 0x17C7D3D4, 0x3888B0B8, 0x0F0F030C, 0x0E8E828C,
- 0x02424240, 0x23032320, 0x11819190, 0x2C4C606C, 0x1BCBD3D8, 0x2484A0A4,
- 0x34043034, 0x31C1F1F0, 0x08484048, 0x02C2C2C0, 0x2F4F636C, 0x3D0D313C,
- 0x2D0D212C, 0x00404040, 0x3E8EB2BC, 0x3E0E323C, 0x3C8CB0BC, 0x01C1C1C0,
- 0x2A8AA2A8, 0x3A8AB2B8, 0x0E4E424C, 0x15455154, 0x3B0B3338, 0x1CCCD0DC,
- 0x28486068, 0x3F4F737C, 0x1C8C909C, 0x18C8D0D8, 0x0A4A4248, 0x16465254,
- 0x37477374, 0x2080A0A0, 0x2DCDE1EC, 0x06464244, 0x3585B1B4, 0x2B0B2328,
- 0x25456164, 0x3ACAF2F8, 0x23C3E3E0, 0x3989B1B8, 0x3181B1B0, 0x1F8F939C,
- 0x1E4E525C, 0x39C9F1F8, 0x26C6E2E4, 0x3282B2B0, 0x31013130, 0x2ACAE2E8,
- 0x2D4D616C, 0x1F4F535C, 0x24C4E0E4, 0x30C0F0F0, 0x0DCDC1CC, 0x08888088,
- 0x16061214, 0x3A0A3238, 0x18485058, 0x14C4D0D4, 0x22426260, 0x29092128,
- 0x07070304, 0x33033330, 0x28C8E0E8, 0x1B0B1318, 0x05050104, 0x39497178,
- 0x10809090, 0x2A4A6268, 0x2A0A2228, 0x1A8A9298 };
-
-const u32bit SEED::G_FUNC::S1[256] = {
- 0x38380830, 0xE828C8E0, 0x2C2D0D21, 0xA42686A2, 0xCC0FCFC3, 0xDC1ECED2,
- 0xB03383B3, 0xB83888B0, 0xAC2F8FA3, 0x60204060, 0x54154551, 0xC407C7C3,
- 0x44044440, 0x6C2F4F63, 0x682B4B63, 0x581B4B53, 0xC003C3C3, 0x60224262,
- 0x30330333, 0xB43585B1, 0x28290921, 0xA02080A0, 0xE022C2E2, 0xA42787A3,
- 0xD013C3D3, 0x90118191, 0x10110111, 0x04060602, 0x1C1C0C10, 0xBC3C8CB0,
- 0x34360632, 0x480B4B43, 0xEC2FCFE3, 0x88088880, 0x6C2C4C60, 0xA82888A0,
- 0x14170713, 0xC404C4C0, 0x14160612, 0xF434C4F0, 0xC002C2C2, 0x44054541,
- 0xE021C1E1, 0xD416C6D2, 0x3C3F0F33, 0x3C3D0D31, 0x8C0E8E82, 0x98188890,
- 0x28280820, 0x4C0E4E42, 0xF436C6F2, 0x3C3E0E32, 0xA42585A1, 0xF839C9F1,
- 0x0C0D0D01, 0xDC1FCFD3, 0xD818C8D0, 0x282B0B23, 0x64264662, 0x783A4A72,
- 0x24270723, 0x2C2F0F23, 0xF031C1F1, 0x70324272, 0x40024242, 0xD414C4D0,
- 0x40014141, 0xC000C0C0, 0x70334373, 0x64274763, 0xAC2C8CA0, 0x880B8B83,
- 0xF437C7F3, 0xAC2D8DA1, 0x80008080, 0x1C1F0F13, 0xC80ACAC2, 0x2C2C0C20,
- 0xA82A8AA2, 0x34340430, 0xD012C2D2, 0x080B0B03, 0xEC2ECEE2, 0xE829C9E1,
- 0x5C1D4D51, 0x94148490, 0x18180810, 0xF838C8F0, 0x54174753, 0xAC2E8EA2,
- 0x08080800, 0xC405C5C1, 0x10130313, 0xCC0DCDC1, 0x84068682, 0xB83989B1,
- 0xFC3FCFF3, 0x7C3D4D71, 0xC001C1C1, 0x30310131, 0xF435C5F1, 0x880A8A82,
- 0x682A4A62, 0xB03181B1, 0xD011C1D1, 0x20200020, 0xD417C7D3, 0x00020202,
- 0x20220222, 0x04040400, 0x68284860, 0x70314171, 0x04070703, 0xD81BCBD3,
- 0x9C1D8D91, 0x98198991, 0x60214161, 0xBC3E8EB2, 0xE426C6E2, 0x58194951,
- 0xDC1DCDD1, 0x50114151, 0x90108090, 0xDC1CCCD0, 0x981A8A92, 0xA02383A3,
- 0xA82B8BA3, 0xD010C0D0, 0x80018181, 0x0C0F0F03, 0x44074743, 0x181A0A12,
- 0xE023C3E3, 0xEC2CCCE0, 0x8C0D8D81, 0xBC3F8FB3, 0x94168692, 0x783B4B73,
- 0x5C1C4C50, 0xA02282A2, 0xA02181A1, 0x60234363, 0x20230323, 0x4C0D4D41,
- 0xC808C8C0, 0x9C1E8E92, 0x9C1C8C90, 0x383A0A32, 0x0C0C0C00, 0x2C2E0E22,
- 0xB83A8AB2, 0x6C2E4E62, 0x9C1F8F93, 0x581A4A52, 0xF032C2F2, 0x90128292,
- 0xF033C3F3, 0x48094941, 0x78384870, 0xCC0CCCC0, 0x14150511, 0xF83BCBF3,
- 0x70304070, 0x74354571, 0x7C3F4F73, 0x34350531, 0x10100010, 0x00030303,
- 0x64244460, 0x6C2D4D61, 0xC406C6C2, 0x74344470, 0xD415C5D1, 0xB43484B0,
- 0xE82ACAE2, 0x08090901, 0x74364672, 0x18190911, 0xFC3ECEF2, 0x40004040,
- 0x10120212, 0xE020C0E0, 0xBC3D8DB1, 0x04050501, 0xF83ACAF2, 0x00010101,
- 0xF030C0F0, 0x282A0A22, 0x5C1E4E52, 0xA82989A1, 0x54164652, 0x40034343,
- 0x84058581, 0x14140410, 0x88098981, 0x981B8B93, 0xB03080B0, 0xE425C5E1,
- 0x48084840, 0x78394971, 0x94178793, 0xFC3CCCF0, 0x1C1E0E12, 0x80028282,
- 0x20210121, 0x8C0C8C80, 0x181B0B13, 0x5C1F4F53, 0x74374773, 0x54144450,
- 0xB03282B2, 0x1C1D0D11, 0x24250521, 0x4C0F4F43, 0x00000000, 0x44064642,
- 0xEC2DCDE1, 0x58184850, 0x50124252, 0xE82BCBE3, 0x7C3E4E72, 0xD81ACAD2,
- 0xC809C9C1, 0xFC3DCDF1, 0x30300030, 0x94158591, 0x64254561, 0x3C3C0C30,
- 0xB43686B2, 0xE424C4E0, 0xB83B8BB3, 0x7C3C4C70, 0x0C0E0E02, 0x50104050,
- 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
- 0x34370733, 0xE427C7E3, 0x24240420, 0xA42484A0, 0xC80BCBC3, 0x50134353,
- 0x080A0A02, 0x84078783, 0xD819C9D1, 0x4C0C4C40, 0x80038383, 0x8C0F8F83,
- 0xCC0ECEC2, 0x383B0B33, 0x480A4A42, 0xB43787B3 };
-
-const u32bit SEED::G_FUNC::S2[256] = {
- 0xA1A82989, 0x81840585, 0xD2D416C6, 0xD3D013C3, 0x50541444, 0x111C1D0D,
- 0xA0AC2C8C, 0x21242505, 0x515C1D4D, 0x43400343, 0x10181808, 0x121C1E0E,
- 0x51501141, 0xF0FC3CCC, 0xC2C80ACA, 0x63602343, 0x20282808, 0x40440444,
- 0x20202000, 0x919C1D8D, 0xE0E020C0, 0xE2E022C2, 0xC0C808C8, 0x13141707,
- 0xA1A42585, 0x838C0F8F, 0x03000303, 0x73783B4B, 0xB3B83B8B, 0x13101303,
- 0xD2D012C2, 0xE2EC2ECE, 0x70703040, 0x808C0C8C, 0x333C3F0F, 0xA0A82888,
- 0x32303202, 0xD1DC1DCD, 0xF2F436C6, 0x70743444, 0xE0EC2CCC, 0x91941585,
- 0x03080B0B, 0x53541747, 0x505C1C4C, 0x53581B4B, 0xB1BC3D8D, 0x01000101,
- 0x20242404, 0x101C1C0C, 0x73703343, 0x90981888, 0x10101000, 0xC0CC0CCC,
- 0xF2F032C2, 0xD1D819C9, 0x202C2C0C, 0xE3E427C7, 0x72703242, 0x83800383,
- 0x93981B8B, 0xD1D011C1, 0x82840686, 0xC1C809C9, 0x60602040, 0x50501040,
- 0xA3A02383, 0xE3E82BCB, 0x010C0D0D, 0xB2B43686, 0x929C1E8E, 0x434C0F4F,
- 0xB3B43787, 0x52581A4A, 0xC2C406C6, 0x70783848, 0xA2A42686, 0x12101202,
- 0xA3AC2F8F, 0xD1D415C5, 0x61602141, 0xC3C003C3, 0xB0B43484, 0x41400141,
- 0x52501242, 0x717C3D4D, 0x818C0D8D, 0x00080808, 0x131C1F0F, 0x91981989,
- 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xF3F437C7, 0xE1E021C1,
- 0xF1FC3DCD, 0x72743646, 0x232C2F0F, 0x23242707, 0xB0B03080, 0x83880B8B,
- 0x020C0E0E, 0xA3A82B8B, 0xA2A02282, 0x626C2E4E, 0x93901383, 0x414C0D4D,
- 0x61682949, 0x707C3C4C, 0x01080909, 0x02080A0A, 0xB3BC3F8F, 0xE3EC2FCF,
- 0xF3F033C3, 0xC1C405C5, 0x83840787, 0x10141404, 0xF2FC3ECE, 0x60642444,
- 0xD2DC1ECE, 0x222C2E0E, 0x43480B4B, 0x12181A0A, 0x02040606, 0x21202101,
- 0x63682B4B, 0x62642646, 0x02000202, 0xF1F435C5, 0x92901282, 0x82880A8A,
- 0x000C0C0C, 0xB3B03383, 0x727C3E4E, 0xD0D010C0, 0x72783A4A, 0x43440747,
- 0x92941686, 0xE1E425C5, 0x22242606, 0x80800080, 0xA1AC2D8D, 0xD3DC1FCF,
- 0xA1A02181, 0x30303000, 0x33343707, 0xA2AC2E8E, 0x32343606, 0x11141505,
- 0x22202202, 0x30383808, 0xF0F434C4, 0xA3A42787, 0x41440545, 0x404C0C4C,
- 0x81800181, 0xE1E829C9, 0x80840484, 0x93941787, 0x31343505, 0xC3C80BCB,
- 0xC2CC0ECE, 0x303C3C0C, 0x71703141, 0x11101101, 0xC3C407C7, 0x81880989,
- 0x71743545, 0xF3F83BCB, 0xD2D81ACA, 0xF0F838C8, 0x90941484, 0x51581949,
- 0x82800282, 0xC0C404C4, 0xF3FC3FCF, 0x41480949, 0x31383909, 0x63642747,
- 0xC0C000C0, 0xC3CC0FCF, 0xD3D417C7, 0xB0B83888, 0x030C0F0F, 0x828C0E8E,
- 0x42400242, 0x23202303, 0x91901181, 0x606C2C4C, 0xD3D81BCB, 0xA0A42484,
- 0x30343404, 0xF1F031C1, 0x40480848, 0xC2C002C2, 0x636C2F4F, 0x313C3D0D,
- 0x212C2D0D, 0x40400040, 0xB2BC3E8E, 0x323C3E0E, 0xB0BC3C8C, 0xC1C001C1,
- 0xA2A82A8A, 0xB2B83A8A, 0x424C0E4E, 0x51541545, 0x33383B0B, 0xD0DC1CCC,
- 0x60682848, 0x737C3F4F, 0x909C1C8C, 0xD0D818C8, 0x42480A4A, 0x52541646,
- 0x73743747, 0xA0A02080, 0xE1EC2DCD, 0x42440646, 0xB1B43585, 0x23282B0B,
- 0x61642545, 0xF2F83ACA, 0xE3E023C3, 0xB1B83989, 0xB1B03181, 0x939C1F8F,
- 0x525C1E4E, 0xF1F839C9, 0xE2E426C6, 0xB2B03282, 0x31303101, 0xE2E82ACA,
- 0x616C2D4D, 0x535C1F4F, 0xE0E424C4, 0xF0F030C0, 0xC1CC0DCD, 0x80880888,
- 0x12141606, 0x32383A0A, 0x50581848, 0xD0D414C4, 0x62602242, 0x21282909,
- 0x03040707, 0x33303303, 0xE0E828C8, 0x13181B0B, 0x01040505, 0x71783949,
- 0x90901080, 0x62682A4A, 0x22282A0A, 0x92981A8A };
-
-const u32bit SEED::G_FUNC::S3[256] = {
- 0x08303838, 0xC8E0E828, 0x0D212C2D, 0x86A2A426, 0xCFC3CC0F, 0xCED2DC1E,
- 0x83B3B033, 0x88B0B838, 0x8FA3AC2F, 0x40606020, 0x45515415, 0xC7C3C407,
- 0x44404404, 0x4F636C2F, 0x4B63682B, 0x4B53581B, 0xC3C3C003, 0x42626022,
- 0x03333033, 0x85B1B435, 0x09212829, 0x80A0A020, 0xC2E2E022, 0x87A3A427,
- 0xC3D3D013, 0x81919011, 0x01111011, 0x06020406, 0x0C101C1C, 0x8CB0BC3C,
- 0x06323436, 0x4B43480B, 0xCFE3EC2F, 0x88808808, 0x4C606C2C, 0x88A0A828,
- 0x07131417, 0xC4C0C404, 0x06121416, 0xC4F0F434, 0xC2C2C002, 0x45414405,
- 0xC1E1E021, 0xC6D2D416, 0x0F333C3F, 0x0D313C3D, 0x8E828C0E, 0x88909818,
- 0x08202828, 0x4E424C0E, 0xC6F2F436, 0x0E323C3E, 0x85A1A425, 0xC9F1F839,
- 0x0D010C0D, 0xCFD3DC1F, 0xC8D0D818, 0x0B23282B, 0x46626426, 0x4A72783A,
- 0x07232427, 0x0F232C2F, 0xC1F1F031, 0x42727032, 0x42424002, 0xC4D0D414,
- 0x41414001, 0xC0C0C000, 0x43737033, 0x47636427, 0x8CA0AC2C, 0x8B83880B,
- 0xC7F3F437, 0x8DA1AC2D, 0x80808000, 0x0F131C1F, 0xCAC2C80A, 0x0C202C2C,
- 0x8AA2A82A, 0x04303434, 0xC2D2D012, 0x0B03080B, 0xCEE2EC2E, 0xC9E1E829,
- 0x4D515C1D, 0x84909414, 0x08101818, 0xC8F0F838, 0x47535417, 0x8EA2AC2E,
- 0x08000808, 0xC5C1C405, 0x03131013, 0xCDC1CC0D, 0x86828406, 0x89B1B839,
- 0xCFF3FC3F, 0x4D717C3D, 0xC1C1C001, 0x01313031, 0xC5F1F435, 0x8A82880A,
- 0x4A62682A, 0x81B1B031, 0xC1D1D011, 0x00202020, 0xC7D3D417, 0x02020002,
- 0x02222022, 0x04000404, 0x48606828, 0x41717031, 0x07030407, 0xCBD3D81B,
- 0x8D919C1D, 0x89919819, 0x41616021, 0x8EB2BC3E, 0xC6E2E426, 0x49515819,
- 0xCDD1DC1D, 0x41515011, 0x80909010, 0xCCD0DC1C, 0x8A92981A, 0x83A3A023,
- 0x8BA3A82B, 0xC0D0D010, 0x81818001, 0x0F030C0F, 0x47434407, 0x0A12181A,
- 0xC3E3E023, 0xCCE0EC2C, 0x8D818C0D, 0x8FB3BC3F, 0x86929416, 0x4B73783B,
- 0x4C505C1C, 0x82A2A022, 0x81A1A021, 0x43636023, 0x03232023, 0x4D414C0D,
- 0xC8C0C808, 0x8E929C1E, 0x8C909C1C, 0x0A32383A, 0x0C000C0C, 0x0E222C2E,
- 0x8AB2B83A, 0x4E626C2E, 0x8F939C1F, 0x4A52581A, 0xC2F2F032, 0x82929012,
- 0xC3F3F033, 0x49414809, 0x48707838, 0xCCC0CC0C, 0x05111415, 0xCBF3F83B,
- 0x40707030, 0x45717435, 0x4F737C3F, 0x05313435, 0x00101010, 0x03030003,
- 0x44606424, 0x4D616C2D, 0xC6C2C406, 0x44707434, 0xC5D1D415, 0x84B0B434,
- 0xCAE2E82A, 0x09010809, 0x46727436, 0x09111819, 0xCEF2FC3E, 0x40404000,
- 0x02121012, 0xC0E0E020, 0x8DB1BC3D, 0x05010405, 0xCAF2F83A, 0x01010001,
- 0xC0F0F030, 0x0A22282A, 0x4E525C1E, 0x89A1A829, 0x46525416, 0x43434003,
- 0x85818405, 0x04101414, 0x89818809, 0x8B93981B, 0x80B0B030, 0xC5E1E425,
- 0x48404808, 0x49717839, 0x87939417, 0xCCF0FC3C, 0x0E121C1E, 0x82828002,
- 0x01212021, 0x8C808C0C, 0x0B13181B, 0x4F535C1F, 0x47737437, 0x44505414,
- 0x82B2B032, 0x0D111C1D, 0x05212425, 0x4F434C0F, 0x00000000, 0x46424406,
- 0xCDE1EC2D, 0x48505818, 0x42525012, 0xCBE3E82B, 0x4E727C3E, 0xCAD2D81A,
- 0xC9C1C809, 0xCDF1FC3D, 0x00303030, 0x85919415, 0x45616425, 0x0C303C3C,
- 0x86B2B436, 0xC4E0E424, 0x8BB3B83B, 0x4C707C3C, 0x0E020C0E, 0x40505010,
- 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
- 0x07333437, 0xC7E3E427, 0x04202424, 0x84A0A424, 0xCBC3C80B, 0x43535013,
- 0x0A02080A, 0x87838407, 0xC9D1D819, 0x4C404C0C, 0x83838003, 0x8F838C0F,
- 0xCEC2CC0E, 0x0B33383B, 0x4A42480A, 0x87B3B437 };
-
-}
diff --git a/src/lib/block/serpent/serpent.cpp b/src/lib/block/serpent/serpent.cpp
index c0a65ed33..c35e3e338 100644
--- a/src/lib/block/serpent/serpent.cpp
+++ b/src/lib/block/serpent/serpent.cpp
@@ -43,10 +43,10 @@ inline void i_transform(u32bit& B0, u32bit& B1, u32bit& B2, u32bit& B3)
* XOR a key block with a data block
*/
#define key_xor(round, B0, B1, B2, B3) \
- B0 ^= round_key[4*round ]; \
- B1 ^= round_key[4*round+1]; \
- B2 ^= round_key[4*round+2]; \
- B3 ^= round_key[4*round+3];
+ B0 ^= m_round_key[4*round ]; \
+ B1 ^= m_round_key[4*round+1]; \
+ B2 ^= m_round_key[4*round+2]; \
+ B3 ^= m_round_key[4*round+3];
/*
* Serpent Encryption
@@ -193,12 +193,12 @@ void Serpent::key_schedule(const byte key[], size_t length)
SBoxE6(W[128],W[129],W[130],W[131]); SBoxE5(W[132],W[133],W[134],W[135]);
SBoxE4(W[136],W[137],W[138],W[139]);
- round_key.assign(W.begin() + 8, W.end());
+ m_round_key.assign(W.begin() + 8, W.end());
}
void Serpent::clear()
{
- zap(round_key);
+ zap(m_round_key);
}
}
diff --git a/src/lib/block/serpent/serpent.h b/src/lib/block/serpent/serpent.h
index 7fdf4600d..b9864cf89 100644
--- a/src/lib/block/serpent/serpent.h
+++ b/src/lib/block/serpent/serpent.h
@@ -30,7 +30,7 @@ class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
* @return const reference to the key schedule
*/
const secure_vector<u32bit>& get_round_keys() const
- { return round_key; }
+ { return m_round_key; }
/**
* For use by subclasses that implement the key schedule
@@ -38,12 +38,12 @@ class BOTAN_DLL Serpent : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
*/
void set_round_keys(const u32bit ks[132])
{
- round_key.assign(&ks[0], &ks[132]);
+ m_round_key.assign(&ks[0], &ks[132]);
}
private:
void key_schedule(const byte key[], size_t length) override;
- secure_vector<u32bit> round_key;
+ secure_vector<u32bit> m_round_key;
};
}
diff --git a/src/lib/block/serpent_simd/serp_simd.h b/src/lib/block/serpent_simd/serp_simd.h
index 373d47fa1..e10d4cfe2 100644
--- a/src/lib/block/serpent_simd/serp_simd.h
+++ b/src/lib/block/serpent_simd/serp_simd.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Serpent implementation using SIMD
*/
-class BOTAN_DLL Serpent_SIMD : public Serpent
+class BOTAN_DLL Serpent_SIMD final : public Serpent
{
public:
size_t parallelism() const override { return 4; }
diff --git a/src/lib/block/tea/tea.cpp b/src/lib/block/tea/tea.cpp
index 01f342607..457171e1d 100644
--- a/src/lib/block/tea/tea.cpp
+++ b/src/lib/block/tea/tea.cpp
@@ -24,8 +24,8 @@ void TEA::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 32; ++j)
{
S += 0x9E3779B9;
- L += ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
- R += ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
+ L += ((R << 4) + m_K[0]) ^ (R + S) ^ ((R >> 5) + m_K[1]);
+ R += ((L << 4) + m_K[2]) ^ (L + S) ^ ((L >> 5) + m_K[3]);
}
store_be(out, L, R);
@@ -48,8 +48,8 @@ void TEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
u32bit S = 0xC6EF3720;
for(size_t j = 0; j != 32; ++j)
{
- R -= ((L << 4) + K[2]) ^ (L + S) ^ ((L >> 5) + K[3]);
- L -= ((R << 4) + K[0]) ^ (R + S) ^ ((R >> 5) + K[1]);
+ R -= ((L << 4) + m_K[2]) ^ (L + S) ^ ((L >> 5) + m_K[3]);
+ L -= ((R << 4) + m_K[0]) ^ (R + S) ^ ((R >> 5) + m_K[1]);
S -= 0x9E3779B9;
}
@@ -65,14 +65,14 @@ void TEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void TEA::key_schedule(const byte key[], size_t)
{
- K.resize(4);
+ m_K.resize(4);
for(size_t i = 0; i != 4; ++i)
- K[i] = load_be<u32bit>(key, i);
+ m_K[i] = load_be<u32bit>(key, i);
}
void TEA::clear()
{
- zap(K);
+ zap(m_K);
}
}
diff --git a/src/lib/block/tea/tea.h b/src/lib/block/tea/tea.h
index 3c5b4773e..6b6308381 100644
--- a/src/lib/block/tea/tea.h
+++ b/src/lib/block/tea/tea.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* TEA
*/
-class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16>
+class BOTAN_DLL TEA final : public Block_Cipher_Fixed_Params<8, 16>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -26,7 +26,7 @@ class BOTAN_DLL TEA : public Block_Cipher_Fixed_Params<8, 16>
BlockCipher* clone() const override { return new TEA; }
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> K;
+ secure_vector<u32bit> m_K;
};
}
diff --git a/src/lib/block/threefish_avx2/threefish_avx2.h b/src/lib/block/threefish_avx2/threefish_avx2.h
index d851ff0dc..fbf2f9d8a 100644
--- a/src/lib/block/threefish_avx2/threefish_avx2.h
+++ b/src/lib/block/threefish_avx2/threefish_avx2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Threefish-512
*/
-class BOTAN_DLL Threefish_512_AVX2 : public Threefish_512
+class BOTAN_DLL Threefish_512_AVX2 final : public Threefish_512
{
private:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
diff --git a/src/lib/block/twofish/twofish.cpp b/src/lib/block/twofish/twofish.cpp
index ffdf4b198..336d73a03 100644
--- a/src/lib/block/twofish/twofish.cpp
+++ b/src/lib/block/twofish/twofish.cpp
@@ -21,42 +21,42 @@ void Twofish::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- u32bit A = load_le<u32bit>(in, 0) ^ RK[0];
- u32bit B = load_le<u32bit>(in, 1) ^ RK[1];
- u32bit C = load_le<u32bit>(in, 2) ^ RK[2];
- u32bit D = load_le<u32bit>(in, 3) ^ RK[3];
+ u32bit A = load_le<u32bit>(in, 0) ^ m_RK[0];
+ u32bit B = load_le<u32bit>(in, 1) ^ m_RK[1];
+ u32bit C = load_le<u32bit>(in, 2) ^ m_RK[2];
+ u32bit D = load_le<u32bit>(in, 3) ^ m_RK[3];
for(size_t j = 0; j != 16; j += 2)
{
u32bit X, Y;
- X = SB[ get_byte(3, A)] ^ SB[256+get_byte(2, A)] ^
- SB[512+get_byte(1, A)] ^ SB[768+get_byte(0, A)];
- Y = SB[ get_byte(0, B)] ^ SB[256+get_byte(3, B)] ^
- SB[512+get_byte(2, B)] ^ SB[768+get_byte(1, B)];
+ X = m_SB[ get_byte(3, A)] ^ m_SB[256+get_byte(2, A)] ^
+ m_SB[512+get_byte(1, A)] ^ m_SB[768+get_byte(0, A)];
+ Y = m_SB[ get_byte(0, B)] ^ m_SB[256+get_byte(3, B)] ^
+ m_SB[512+get_byte(2, B)] ^ m_SB[768+get_byte(1, B)];
X += Y;
- Y += X + RK[2*j + 9];
- X += RK[2*j + 8];
+ Y += X + m_RK[2*j + 9];
+ X += m_RK[2*j + 8];
C = rotate_right(C ^ X, 1);
D = rotate_left(D, 1) ^ Y;
- X = SB[ get_byte(3, C)] ^ SB[256+get_byte(2, C)] ^
- SB[512+get_byte(1, C)] ^ SB[768+get_byte(0, C)];
- Y = SB[ get_byte(0, D)] ^ SB[256+get_byte(3, D)] ^
- SB[512+get_byte(2, D)] ^ SB[768+get_byte(1, D)];
+ X = m_SB[ get_byte(3, C)] ^ m_SB[256+get_byte(2, C)] ^
+ m_SB[512+get_byte(1, C)] ^ m_SB[768+get_byte(0, C)];
+ Y = m_SB[ get_byte(0, D)] ^ m_SB[256+get_byte(3, D)] ^
+ m_SB[512+get_byte(2, D)] ^ m_SB[768+get_byte(1, D)];
X += Y;
- Y += X + RK[2*j + 11];
- X += RK[2*j + 10];
+ Y += X + m_RK[2*j + 11];
+ X += m_RK[2*j + 10];
A = rotate_right(A ^ X, 1);
B = rotate_left(B, 1) ^ Y;
}
- C ^= RK[4];
- D ^= RK[5];
- A ^= RK[6];
- B ^= RK[7];
+ C ^= m_RK[4];
+ D ^= m_RK[5];
+ A ^= m_RK[6];
+ B ^= m_RK[7];
store_le(out, C, D, A, B);
@@ -72,42 +72,42 @@ void Twofish::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
for(size_t i = 0; i != blocks; ++i)
{
- u32bit A = load_le<u32bit>(in, 0) ^ RK[4];
- u32bit B = load_le<u32bit>(in, 1) ^ RK[5];
- u32bit C = load_le<u32bit>(in, 2) ^ RK[6];
- u32bit D = load_le<u32bit>(in, 3) ^ RK[7];
+ u32bit A = load_le<u32bit>(in, 0) ^ m_RK[4];
+ u32bit B = load_le<u32bit>(in, 1) ^ m_RK[5];
+ u32bit C = load_le<u32bit>(in, 2) ^ m_RK[6];
+ u32bit D = load_le<u32bit>(in, 3) ^ m_RK[7];
for(size_t j = 0; j != 16; j += 2)
{
u32bit X, Y;
- X = SB[ get_byte(3, A)] ^ SB[256+get_byte(2, A)] ^
- SB[512+get_byte(1, A)] ^ SB[768+get_byte(0, A)];
- Y = SB[ get_byte(0, B)] ^ SB[256+get_byte(3, B)] ^
- SB[512+get_byte(2, B)] ^ SB[768+get_byte(1, B)];
+ X = m_SB[ get_byte(3, A)] ^ m_SB[256+get_byte(2, A)] ^
+ m_SB[512+get_byte(1, A)] ^ m_SB[768+get_byte(0, A)];
+ Y = m_SB[ get_byte(0, B)] ^ m_SB[256+get_byte(3, B)] ^
+ m_SB[512+get_byte(2, B)] ^ m_SB[768+get_byte(1, B)];
X += Y;
- Y += X + RK[39 - 2*j];
- X += RK[38 - 2*j];
+ Y += X + m_RK[39 - 2*j];
+ X += m_RK[38 - 2*j];
C = rotate_left(C, 1) ^ X;
D = rotate_right(D ^ Y, 1);
- X = SB[ get_byte(3, C)] ^ SB[256+get_byte(2, C)] ^
- SB[512+get_byte(1, C)] ^ SB[768+get_byte(0, C)];
- Y = SB[ get_byte(0, D)] ^ SB[256+get_byte(3, D)] ^
- SB[512+get_byte(2, D)] ^ SB[768+get_byte(1, D)];
+ X = m_SB[ get_byte(3, C)] ^ m_SB[256+get_byte(2, C)] ^
+ m_SB[512+get_byte(1, C)] ^ m_SB[768+get_byte(0, C)];
+ Y = m_SB[ get_byte(0, D)] ^ m_SB[256+get_byte(3, D)] ^
+ m_SB[512+get_byte(2, D)] ^ m_SB[768+get_byte(1, D)];
X += Y;
- Y += X + RK[37 - 2*j];
- X += RK[36 - 2*j];
+ Y += X + m_RK[37 - 2*j];
+ X += m_RK[36 - 2*j];
A = rotate_left(A, 1) ^ X;
B = rotate_right(B ^ Y, 1);
}
- C ^= RK[0];
- D ^= RK[1];
- A ^= RK[2];
- B ^= RK[3];
+ C ^= m_RK[0];
+ D ^= m_RK[1];
+ A ^= m_RK[2];
+ B ^= m_RK[3];
store_le(out, C, D, A, B);
@@ -121,8 +121,8 @@ void Twofish::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void Twofish::key_schedule(const byte key[], size_t length)
{
- SB.resize(1024);
- RK.resize(40);
+ m_SB.resize(1024);
+ m_RK.resize(40);
secure_vector<byte> S(16);
@@ -133,10 +133,10 @@ void Twofish::key_schedule(const byte key[], size_t length)
{
for(size_t i = 0; i != 256; ++i)
{
- SB[ i] = MDS0[Q0[Q0[i]^S[ 0]]^S[ 4]];
- SB[256+i] = MDS1[Q0[Q1[i]^S[ 1]]^S[ 5]];
- SB[512+i] = MDS2[Q1[Q0[i]^S[ 2]]^S[ 6]];
- SB[768+i] = MDS3[Q1[Q1[i]^S[ 3]]^S[ 7]];
+ m_SB[ i] = MDS0[Q0[Q0[i]^S[ 0]]^S[ 4]];
+ m_SB[256+i] = MDS1[Q0[Q1[i]^S[ 1]]^S[ 5]];
+ m_SB[512+i] = MDS2[Q1[Q0[i]^S[ 2]]^S[ 6]];
+ m_SB[768+i] = MDS3[Q1[Q1[i]^S[ 3]]^S[ 7]];
}
for(size_t i = 0; i != 40; i += 2)
@@ -152,18 +152,18 @@ void Twofish::key_schedule(const byte key[], size_t length)
Y = rotate_left(Y, 8);
X += Y; Y += X;
- RK[i] = X;
- RK[i+1] = rotate_left(Y, 9);
+ m_RK[i] = X;
+ m_RK[i+1] = rotate_left(Y, 9);
}
}
else if(length == 24)
{
for(size_t i = 0; i != 256; ++i)
{
- SB[ i] = MDS0[Q0[Q0[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]];
- SB[256+i] = MDS1[Q0[Q1[Q1[i]^S[ 1]]^S[ 5]]^S[ 9]];
- SB[512+i] = MDS2[Q1[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]];
- SB[768+i] = MDS3[Q1[Q1[Q0[i]^S[ 3]]^S[ 7]]^S[11]];
+ m_SB[ i] = MDS0[Q0[Q0[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]];
+ m_SB[256+i] = MDS1[Q0[Q1[Q1[i]^S[ 1]]^S[ 5]]^S[ 9]];
+ m_SB[512+i] = MDS2[Q1[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]];
+ m_SB[768+i] = MDS3[Q1[Q1[Q0[i]^S[ 3]]^S[ 7]]^S[11]];
}
for(size_t i = 0; i != 40; i += 2)
@@ -179,18 +179,18 @@ void Twofish::key_schedule(const byte key[], size_t length)
Y = rotate_left(Y, 8);
X += Y; Y += X;
- RK[i] = X;
- RK[i+1] = rotate_left(Y, 9);
+ m_RK[i] = X;
+ m_RK[i+1] = rotate_left(Y, 9);
}
}
else if(length == 32)
{
for(size_t i = 0; i != 256; ++i)
{
- SB[ i] = MDS0[Q0[Q0[Q1[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]]^S[12]];
- SB[256+i] = MDS1[Q0[Q1[Q1[Q0[i]^S[ 1]]^S[ 5]]^S[ 9]]^S[13]];
- SB[512+i] = MDS2[Q1[Q0[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]]^S[14]];
- SB[768+i] = MDS3[Q1[Q1[Q0[Q1[i]^S[ 3]]^S[ 7]]^S[11]]^S[15]];
+ m_SB[ i] = MDS0[Q0[Q0[Q1[Q1[i]^S[ 0]]^S[ 4]]^S[ 8]]^S[12]];
+ m_SB[256+i] = MDS1[Q0[Q1[Q1[Q0[i]^S[ 1]]^S[ 5]]^S[ 9]]^S[13]];
+ m_SB[512+i] = MDS2[Q1[Q0[Q0[Q0[i]^S[ 2]]^S[ 6]]^S[10]]^S[14]];
+ m_SB[768+i] = MDS3[Q1[Q1[Q0[Q1[i]^S[ 3]]^S[ 7]]^S[11]]^S[15]];
}
for(size_t i = 0; i != 40; i += 2)
@@ -206,8 +206,8 @@ void Twofish::key_schedule(const byte key[], size_t length)
Y = rotate_left(Y, 8);
X += Y; Y += X;
- RK[i] = X;
- RK[i+1] = rotate_left(Y, 9);
+ m_RK[i] = X;
+ m_RK[i+1] = rotate_left(Y, 9);
}
}
}
@@ -238,8 +238,8 @@ void Twofish::rs_mul(byte S[4], byte key, size_t offset)
*/
void Twofish::clear()
{
- zap(SB);
- zap(RK);
+ zap(m_SB);
+ zap(m_RK);
}
}
diff --git a/src/lib/block/twofish/twofish.h b/src/lib/block/twofish/twofish.h
index c6af1a030..42991e354 100644
--- a/src/lib/block/twofish/twofish.h
+++ b/src/lib/block/twofish/twofish.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Twofish, an AES finalist
*/
-class BOTAN_DLL Twofish : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
+class BOTAN_DLL Twofish final : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
{
public:
void encrypt_n(const byte in[], byte out[], size_t blocks) const override;
@@ -39,7 +39,7 @@ class BOTAN_DLL Twofish : public Block_Cipher_Fixed_Params<16, 16, 32, 8>
static const byte EXP_TO_POLY[255];
static const byte POLY_TO_EXP[255];
- secure_vector<u32bit> SB, RK;
+ secure_vector<u32bit> m_SB, m_RK;
};
}
diff --git a/src/lib/block/xtea/xtea.cpp b/src/lib/block/xtea/xtea.cpp
index 59060dff7..333406d9b 100644
--- a/src/lib/block/xtea/xtea.cpp
+++ b/src/lib/block/xtea/xtea.cpp
@@ -63,7 +63,7 @@ void XTEA::encrypt_n(const byte in[], byte out[], size_t blocks) const
{
while(blocks >= 4)
{
- xtea_encrypt_4(in, out, &(this->EK[0]));
+ xtea_encrypt_4(in, out, &(this->m_EK[0]));
in += 4 * BLOCK_SIZE;
out += 4 * BLOCK_SIZE;
blocks -= 4;
@@ -76,8 +76,8 @@ void XTEA::encrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 32; ++j)
{
- L += (((R << 4) ^ (R >> 5)) + R) ^ EK[2*j];
- R += (((L << 4) ^ (L >> 5)) + L) ^ EK[2*j+1];
+ L += (((R << 4) ^ (R >> 5)) + R) ^ m_EK[2*j];
+ R += (((L << 4) ^ (L >> 5)) + L) ^ m_EK[2*j+1];
}
store_be(out, L, R);
@@ -94,7 +94,7 @@ void XTEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
{
while(blocks >= 4)
{
- xtea_decrypt_4(in, out, &(this->EK[0]));
+ xtea_decrypt_4(in, out, &(this->m_EK[0]));
in += 4 * BLOCK_SIZE;
out += 4 * BLOCK_SIZE;
blocks -= 4;
@@ -107,8 +107,8 @@ void XTEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
for(size_t j = 0; j != 32; ++j)
{
- R -= (((L << 4) ^ (L >> 5)) + L) ^ EK[63 - 2*j];
- L -= (((R << 4) ^ (R >> 5)) + R) ^ EK[62 - 2*j];
+ R -= (((L << 4) ^ (L >> 5)) + L) ^ m_EK[63 - 2*j];
+ L -= (((R << 4) ^ (R >> 5)) + R) ^ m_EK[62 - 2*j];
}
store_be(out, L, R);
@@ -123,7 +123,7 @@ void XTEA::decrypt_n(const byte in[], byte out[], size_t blocks) const
*/
void XTEA::key_schedule(const byte key[], size_t)
{
- EK.resize(64);
+ m_EK.resize(64);
secure_vector<u32bit> UK(4);
for(size_t i = 0; i != 4; ++i)
@@ -132,15 +132,15 @@ void XTEA::key_schedule(const byte key[], size_t)
u32bit D = 0;
for(size_t i = 0; i != 64; i += 2)
{
- EK[i ] = D + UK[D % 4];
+ m_EK[i ] = D + UK[D % 4];
D += 0x9E3779B9;
- EK[i+1] = D + UK[(D >> 11) % 4];
+ m_EK[i+1] = D + UK[(D >> 11) % 4];
}
}
void XTEA::clear()
{
- zap(EK);
+ zap(m_EK);
}
}
diff --git a/src/lib/block/xtea/xtea.h b/src/lib/block/xtea/xtea.h
index ea5c39418..3baccc866 100644
--- a/src/lib/block/xtea/xtea.h
+++ b/src/lib/block/xtea/xtea.h
@@ -28,11 +28,11 @@ class BOTAN_DLL XTEA : public Block_Cipher_Fixed_Params<8, 16>
/**
* @return const reference to the key schedule
*/
- const secure_vector<u32bit>& get_EK() const { return EK; }
+ const secure_vector<u32bit>& get_EK() const { return m_EK; }
private:
void key_schedule(const byte[], size_t) override;
- secure_vector<u32bit> EK;
+ secure_vector<u32bit> m_EK;
};
}
diff --git a/src/lib/block/xtea_simd/xtea_simd.h b/src/lib/block/xtea_simd/xtea_simd.h
index 04280f1ae..0b0558032 100644
--- a/src/lib/block/xtea_simd/xtea_simd.h
+++ b/src/lib/block/xtea_simd/xtea_simd.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* XTEA implemented using SIMD operations
*/
-class BOTAN_DLL XTEA_SIMD : public XTEA
+class BOTAN_DLL XTEA_SIMD final : public XTEA
{
public:
size_t parallelism() const override { return 8; }
diff --git a/src/lib/cert/cvc/asn1_eac_str.cpp b/src/lib/cert/cvc/asn1_eac_str.cpp
index 2472eee17..72ad24926 100644
--- a/src/lib/cert/cvc/asn1_eac_str.cpp
+++ b/src/lib/cert/cvc/asn1_eac_str.cpp
@@ -19,9 +19,9 @@ namespace Botan {
/*
* Create an ASN1_EAC_String
*/
-ASN1_EAC_String::ASN1_EAC_String(const std::string& str, ASN1_Tag t) : tag(t)
+ASN1_EAC_String::ASN1_EAC_String(const std::string& str, ASN1_Tag t) : m_tag(t)
{
- iso_8859_str = Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET);
+ m_iso_8859_str = Charset::transcode(str, LOCAL_CHARSET, LATIN1_CHARSET);
if(!sanity_check())
throw Invalid_Argument("ASN1_EAC_String contains illegal characters");
@@ -32,7 +32,7 @@ ASN1_EAC_String::ASN1_EAC_String(const std::string& str, ASN1_Tag t) : tag(t)
*/
std::string ASN1_EAC_String::iso_8859() const
{
- return iso_8859_str;
+ return m_iso_8859_str;
}
/*
@@ -40,7 +40,7 @@ std::string ASN1_EAC_String::iso_8859() const
*/
std::string ASN1_EAC_String::value() const
{
- return Charset::transcode(iso_8859_str, LATIN1_CHARSET, LOCAL_CHARSET);
+ return Charset::transcode(m_iso_8859_str, LATIN1_CHARSET, LOCAL_CHARSET);
}
/*
@@ -48,7 +48,7 @@ std::string ASN1_EAC_String::value() const
*/
ASN1_Tag ASN1_EAC_String::tagging() const
{
- return tag;
+ return m_tag;
}
/*
@@ -67,14 +67,14 @@ void ASN1_EAC_String::decode_from(BER_Decoder& source)
{
BER_Object obj = source.get_next_object();
- if(obj.type_tag != this->tag)
+ if(obj.type_tag != m_tag)
{
std::stringstream ss;
ss << "ASN1_EAC_String tag mismatch, tag was "
<< std::hex << obj.type_tag
<< " expected "
- << std::hex << this->tag;
+ << std::hex << m_tag;
throw Decoding_Error(ss.str());
}
@@ -85,7 +85,7 @@ void ASN1_EAC_String::decode_from(BER_Decoder& source)
try
{
*this = ASN1_EAC_String(
- Charset::transcode(ASN1::to_string(obj), charset_is, LOCAL_CHARSET),
+ Charset::transcode(ASN1::to_string(obj), LOCAL_CHARSET, charset_is),
obj.type_tag);
}
catch(Invalid_Argument& inv_arg)
@@ -99,8 +99,8 @@ void ASN1_EAC_String::decode_from(BER_Decoder& source)
// p. 43
bool ASN1_EAC_String::sanity_check() const
{
- const byte* rep = reinterpret_cast<const byte*>(iso_8859_str.data());
- const size_t rep_len = iso_8859_str.size();
+ const byte* rep = reinterpret_cast<const byte*>(m_iso_8859_str.data());
+ const size_t rep_len = m_iso_8859_str.size();
for(size_t i = 0; i != rep_len; ++i)
{
diff --git a/src/lib/cert/cvc/asn1_eac_tm.cpp b/src/lib/cert/cvc/asn1_eac_tm.cpp
index 83a6ef391..9c65fcf6a 100644
--- a/src/lib/cert/cvc/asn1_eac_tm.cpp
+++ b/src/lib/cert/cvc/asn1_eac_tm.cpp
@@ -54,19 +54,19 @@ u32bit dec_two_digit(byte b1, byte b2)
* Create an EAC_Time
*/
EAC_Time::EAC_Time(const std::chrono::system_clock::time_point& time,
- ASN1_Tag t) : tag(t)
+ ASN1_Tag t) : m_tag(t)
{
calendar_point cal = calendar_value(time);
- year = cal.year;
- month = cal.month;
- day = cal.day;
+ m_year = cal.year;
+ m_month = cal.month;
+ m_day = cal.day;
}
/*
* Create an EAC_Time
*/
-EAC_Time::EAC_Time(const std::string& t_spec, ASN1_Tag t) : tag(t)
+EAC_Time::EAC_Time(const std::string& t_spec, ASN1_Tag t) : m_tag(t)
{
set_to(t_spec);
}
@@ -75,7 +75,7 @@ EAC_Time::EAC_Time(const std::string& t_spec, ASN1_Tag t) : tag(t)
* Create an EAC_Time
*/
EAC_Time::EAC_Time(u32bit y, u32bit m, u32bit d, ASN1_Tag t) :
- year(y), month(m), day(d), tag(t)
+ m_year(y), m_month(m), m_day(d), m_tag(t)
{
}
@@ -86,7 +86,7 @@ void EAC_Time::set_to(const std::string& time_str)
{
if(time_str == "")
{
- year = month = day = 0;
+ m_year = m_month = m_day = 0;
return;
}
@@ -110,9 +110,9 @@ void EAC_Time::set_to(const std::string& time_str)
if(params.size() != 3)
throw Invalid_Argument("Invalid time specification " + time_str);
- year = to_u32bit(params[0]);
- month = to_u32bit(params[1]);
- day = to_u32bit(params[2]);
+ m_year = to_u32bit(params[0]);
+ m_month = to_u32bit(params[1]);
+ m_day = to_u32bit(params[2]);
if(!passes_sanity_check())
throw Invalid_Argument("Invalid time specification " + time_str);
@@ -124,7 +124,7 @@ void EAC_Time::set_to(const std::string& time_str)
*/
void EAC_Time::encode_into(DER_Encoder& der) const
{
- der.add_object(tag, APPLICATION,
+ der.add_object(m_tag, APPLICATION,
encoded_eac_time());
}
@@ -136,7 +136,7 @@ std::string EAC_Time::as_string() const
if(time_is_set() == false)
throw Invalid_State("EAC_Time::as_string: No time set");
- return std::to_string(year * 10000 + month * 100 + day);
+ return std::to_string(m_year * 10000 + m_month * 100 + m_day);
}
/*
@@ -144,7 +144,7 @@ std::string EAC_Time::as_string() const
*/
bool EAC_Time::time_is_set() const
{
- return (year != 0);
+ return (m_year != 0);
}
/*
@@ -158,9 +158,9 @@ std::string EAC_Time::readable_string() const
// desired format: "%04d/%02d/%02d"
std::stringstream output;
output << std::setfill('0')
- << std::setw(4) << year << "/"
- << std::setw(2) << month << "/"
- << std::setw(2) << day;
+ << std::setw(4) << m_year << "/"
+ << std::setw(2) << m_month << "/"
+ << std::setw(2) << m_day;
return output.str();
}
@@ -169,11 +169,11 @@ std::string EAC_Time::readable_string() const
*/
bool EAC_Time::passes_sanity_check() const
{
- if(year < 2000 || year > 2099)
+ if(m_year < 2000 || m_year > 2099)
return false;
- if(month == 0 || month > 12)
+ if(m_month == 0 || m_month > 12)
return false;
- if(day == 0 || day > 31)
+ if(m_day == 0 || m_day > 31)
return false;
return true;
@@ -184,17 +184,17 @@ bool EAC_Time::passes_sanity_check() const
*/
void EAC_Time::add_years(u32bit years)
{
- year += years;
+ m_year += years;
}
void EAC_Time::add_months(u32bit months)
{
- year += months/12;
- month += months % 12;
- if(month > 12)
+ m_year += months/12;
+ m_month += months % 12;
+ if(m_month > 12)
{
- year += 1;
- month -= 12;
+ m_year += 1;
+ m_month -= 12;
}
}
@@ -208,12 +208,12 @@ s32bit EAC_Time::cmp(const EAC_Time& other) const
const s32bit EARLIER = -1, LATER = 1, SAME_TIME = 0;
- if(year < other.year) return EARLIER;
- if(year > other.year) return LATER;
- if(month < other.month) return EARLIER;
- if(month > other.month) return LATER;
- if(day < other.day) return EARLIER;
- if(day > other.day) return LATER;
+ if(m_year < other.m_year) return EARLIER;
+ if(m_year > other.m_year) return LATER;
+ if(m_month < other.m_month) return EARLIER;
+ if(m_month > other.m_month) return LATER;
+ if(m_day < other.m_day) return EARLIER;
+ if(m_day > other.m_day) return LATER;
return SAME_TIME;
}
@@ -258,7 +258,7 @@ void EAC_Time::decode_from(BER_Decoder& source)
{
BER_Object obj = source.get_next_object();
- if(obj.type_tag != this->tag)
+ if(obj.type_tag != m_tag)
throw BER_Decoding_Error("Tag mismatch when decoding");
if(obj.value.size() != 6)
@@ -271,9 +271,9 @@ void EAC_Time::decode_from(BER_Decoder& source)
u32bit tmp_year = dec_two_digit(obj.value[0], obj.value[1]);
u32bit tmp_mon = dec_two_digit(obj.value[2], obj.value[3]);
u32bit tmp_day = dec_two_digit(obj.value[4], obj.value[5]);
- year = tmp_year + 2000;
- month = tmp_mon;
- day = tmp_day;
+ m_year = tmp_year + 2000;
+ m_month = tmp_mon;
+ m_day = tmp_day;
}
catch (Invalid_Argument)
{
@@ -288,9 +288,9 @@ void EAC_Time::decode_from(BER_Decoder& source)
std::vector<byte> EAC_Time::encoded_eac_time() const
{
std::vector<byte> result;
- result += enc_two_digit(year);
- result += enc_two_digit(month);
- result += enc_two_digit(day);
+ result += enc_two_digit(m_year);
+ result += enc_two_digit(m_month);
+ result += enc_two_digit(m_day);
return result;
}
diff --git a/src/lib/cert/cvc/cvc_ado.cpp b/src/lib/cert/cvc/cvc_ado.cpp
index 21a345808..f803c6bf3 100644
--- a/src/lib/cert/cvc/cvc_ado.cpp
+++ b/src/lib/cert/cvc/cvc_ado.cpp
@@ -27,7 +27,7 @@ EAC1_1_ADO::EAC1_1_ADO(const std::string& in)
void EAC1_1_ADO::force_decode()
{
std::vector<byte> inner_cert;
- BER_Decoder(tbs_bits)
+ BER_Decoder(m_tbs_bits)
.start_cons(ASN1_Tag(33))
.raw_bytes(inner_cert)
.end_cons()
@@ -42,7 +42,7 @@ void EAC1_1_ADO::force_decode()
DataSource_Memory req_source(req_bits);
m_req = EAC1_1_Req(req_source);
- sig_algo = m_req.sig_algo;
+ m_sig_algo = m_req.m_sig_algo;
}
std::vector<byte> EAC1_1_ADO::make_signed(PK_Signer& signer,
@@ -101,7 +101,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
out.write(DER_Encoder()
.start_cons(ASN1_Tag(7), APPLICATION)
- .raw_bytes(tbs_bits)
+ .raw_bytes(m_tbs_bits)
.encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons()
.get_contents());
@@ -109,7 +109,7 @@ void EAC1_1_ADO::encode(Pipe& out, X509_Encoding encoding) const
std::vector<byte> EAC1_1_ADO::tbs_data() const
{
- return tbs_bits;
+ return m_tbs_bits;
}
bool EAC1_1_ADO::operator==(EAC1_1_ADO const& rhs) const
diff --git a/src/lib/cert/cvc/cvc_cert.cpp b/src/lib/cert/cvc/cvc_cert.cpp
index cf6bc409a..280a8acda 100644
--- a/src/lib/cert/cvc/cvc_cert.cpp
+++ b/src/lib/cert/cvc/cvc_cert.cpp
@@ -36,7 +36,7 @@ void EAC1_1_CVC::force_decode()
std::vector<byte> enc_pk;
std::vector<byte> enc_chat_val;
size_t cpi;
- BER_Decoder tbs_cert(tbs_bits);
+ BER_Decoder tbs_cert(m_tbs_bits);
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
.decode(m_car)
.start_cons(ASN1_Tag(73))
@@ -57,11 +57,11 @@ void EAC1_1_CVC::force_decode()
if(cpi != 0)
throw Decoding_Error("EAC1_1 certificate's cpi was not 0");
- m_pk = decode_eac1_1_key(enc_pk, sig_algo);
+ m_pk = decode_eac1_1_key(enc_pk, m_sig_algo);
m_chat_val = enc_chat_val[0];
- self_signed = (m_car.iso_8859() == m_chr.iso_8859());
+ m_self_signed = (m_car.iso_8859() == m_chr.iso_8859());
}
/*
@@ -70,7 +70,7 @@ void EAC1_1_CVC::force_decode()
EAC1_1_CVC::EAC1_1_CVC(DataSource& in)
{
init(in);
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -78,7 +78,7 @@ EAC1_1_CVC::EAC1_1_CVC(const std::string& in)
{
DataSource_Stream stream(in, true);
init(stream);
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
diff --git a/src/lib/cert/cvc/cvc_gen_cert.h b/src/lib/cert/cvc/cvc_gen_cert.h
index 6bdf116f3..2c3bca73d 100644
--- a/src/lib/cert/cvc/cvc_gen_cert.h
+++ b/src/lib/cert/cvc/cvc_gen_cert.h
@@ -85,7 +85,7 @@ class EAC1_1_gen_CVC : public EAC1_1_obj<Derived> // CRTP continuation from EAC1
protected:
ECDSA_PublicKey* m_pk;
ASN1_Chr m_chr;
- bool self_signed;
+ bool m_self_signed;
static void decode_info(DataSource& source,
std::vector<byte> & res_tbs_bits,
@@ -100,7 +100,7 @@ template<typename Derived> ASN1_Chr EAC1_1_gen_CVC<Derived>::get_chr() const
template<typename Derived> bool EAC1_1_gen_CVC<Derived>::is_self_signed() const
{
- return self_signed;
+ return m_self_signed;
}
template<typename Derived>
@@ -135,7 +135,7 @@ template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::build_cert
template<typename Derived> std::vector<byte> EAC1_1_gen_CVC<Derived>::tbs_data() const
{
- return build_cert_body(EAC1_1_obj<Derived>::tbs_bits);
+ return build_cert_body(EAC1_1_obj<Derived>::m_tbs_bits);
}
template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_Encoding encoding) const
@@ -144,7 +144,7 @@ template<typename Derived> void EAC1_1_gen_CVC<Derived>::encode(Pipe& out, X509_
std::vector<byte> der = DER_Encoder()
.start_cons(ASN1_Tag(33), APPLICATION)
.start_cons(ASN1_Tag(78), APPLICATION)
- .raw_bytes(EAC1_1_obj<Derived>::tbs_bits)
+ .raw_bytes(EAC1_1_obj<Derived>::m_tbs_bits)
.end_cons()
.encode(concat_sig, OCTET_STRING, ASN1_Tag(55), APPLICATION)
.end_cons()
diff --git a/src/lib/cert/cvc/cvc_req.cpp b/src/lib/cert/cvc/cvc_req.cpp
index e142a5ac6..1cb6b50ac 100644
--- a/src/lib/cert/cvc/cvc_req.cpp
+++ b/src/lib/cert/cvc/cvc_req.cpp
@@ -20,7 +20,7 @@ bool EAC1_1_Req::operator==(EAC1_1_Req const& rhs) const
void EAC1_1_Req::force_decode()
{
std::vector<byte> enc_pk;
- BER_Decoder tbs_cert(tbs_bits);
+ BER_Decoder tbs_cert(m_tbs_bits);
size_t cpi;
tbs_cert.decode(cpi, ASN1_Tag(41), APPLICATION)
.start_cons(ASN1_Tag(73))
@@ -32,13 +32,13 @@ void EAC1_1_Req::force_decode()
if(cpi != 0)
throw Decoding_Error("EAC1_1 requests cpi was not 0");
- m_pk = decode_eac1_1_key(enc_pk, sig_algo);
+ m_pk = decode_eac1_1_key(enc_pk, m_sig_algo);
}
EAC1_1_Req::EAC1_1_Req(DataSource& in)
{
init(in);
- self_signed = true;
+ m_self_signed = true;
do_decode();
}
@@ -46,7 +46,7 @@ EAC1_1_Req::EAC1_1_Req(const std::string& in)
{
DataSource_Stream stream(in, true);
init(stream);
- self_signed = true;
+ m_self_signed = true;
do_decode();
}
diff --git a/src/lib/cert/cvc/cvc_self.h b/src/lib/cert/cvc/cvc_self.h
index 005703636..d56e96c40 100644
--- a/src/lib/cert/cvc/cvc_self.h
+++ b/src/lib/cert/cvc/cvc_self.h
@@ -24,11 +24,22 @@ class BOTAN_DLL EAC1_1_CVC_Options
{
public:
+ // public member variable:
ASN1_Car car;
+
+ // public member variable:
ASN1_Chr chr;
+
+ // public member variable:
byte holder_auth_templ;
+
+ // public member variable:
ASN1_Ced ced;
+
+ // public member variable:
ASN1_Cex cex;
+
+ // public member variable:
std::string hash_alg;
};
diff --git a/src/lib/cert/cvc/eac_asn_obj.h b/src/lib/cert/cvc/eac_asn_obj.h
index e102c65fb..b4dcb6342 100644
--- a/src/lib/cert/cvc/eac_asn_obj.h
+++ b/src/lib/cert/cvc/eac_asn_obj.h
@@ -74,19 +74,19 @@ class BOTAN_DLL EAC_Time : public ASN1_Object
* Get the year value of this objects.
* @return year value
*/
- u32bit get_year() const { return year; }
+ u32bit get_year() const { return m_year; }
/**
* Get the month value of this objects.
* @return month value
*/
- u32bit get_month() const { return month; }
+ u32bit get_month() const { return m_month; }
/**
* Get the day value of this objects.
* @return day value
*/
- u32bit get_day() const { return day; }
+ u32bit get_day() const { return m_day; }
EAC_Time(const std::chrono::system_clock::time_point& time,
ASN1_Tag tag = ASN1_Tag(0));
@@ -101,8 +101,8 @@ class BOTAN_DLL EAC_Time : public ASN1_Object
private:
std::vector<byte> encoded_eac_time() const;
bool passes_sanity_check() const;
- u32bit year, month, day;
- ASN1_Tag tag;
+ u32bit m_year, m_month, m_day;
+ ASN1_Tag m_tag;
};
/**
@@ -188,8 +188,8 @@ class BOTAN_DLL ASN1_EAC_String: public ASN1_Object
protected:
bool sanity_check() const;
private:
- std::string iso_8859_str;
- ASN1_Tag tag;
+ std::string m_iso_8859_str;
+ ASN1_Tag m_tag;
};
/**
diff --git a/src/lib/cert/cvc/eac_obj.h b/src/lib/cert/cvc/eac_obj.h
index b1e353ddf..a6e676076 100644
--- a/src/lib/cert/cvc/eac_obj.h
+++ b/src/lib/cert/cvc/eac_obj.h
@@ -39,11 +39,11 @@ class EAC1_1_obj : public EAC_Signed_Object
{
try
{
- Derived::decode_info(in, tbs_bits, m_sig);
+ Derived::decode_info(in, m_tbs_bits, m_sig);
}
catch(Decoding_Error)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed");
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed");
}
}
diff --git a/src/lib/cert/cvc/signed_obj.cpp b/src/lib/cert/cvc/signed_obj.cpp
index 4a0f12008..1e3849663 100644
--- a/src/lib/cert/cvc/signed_obj.cpp
+++ b/src/lib/cert/cvc/signed_obj.cpp
@@ -41,7 +41,7 @@ std::string EAC_Signed_Object::PEM_encode() const
*/
AlgorithmIdentifier EAC_Signed_Object::signature_algorithm() const
{
- return sig_algo;
+ return m_sig_algo;
}
bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
@@ -50,7 +50,7 @@ bool EAC_Signed_Object::check_signature(Public_Key& pub_key,
try
{
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
{
@@ -83,12 +83,12 @@ void EAC_Signed_Object::do_decode()
catch(Decoding_Error& e)
{
const std::string what = e.what();
- throw Decoding_Error(PEM_label_pref + " decoding failed (" + what + ")");
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" + what + ")");
}
catch(Invalid_Argument& e)
{
const std::string what = e.what();
- throw Decoding_Error(PEM_label_pref + " decoding failed (" + what + ")");
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" + what + ")");
}
}
diff --git a/src/lib/cert/cvc/signed_obj.h b/src/lib/cert/cvc/signed_obj.h
index aa6ace4b7..b3fe20f31 100644
--- a/src/lib/cert/cvc/signed_obj.h
+++ b/src/lib/cert/cvc/signed_obj.h
@@ -82,10 +82,10 @@ class BOTAN_DLL EAC_Signed_Object
void do_decode();
EAC_Signed_Object() {}
- AlgorithmIdentifier sig_algo;
- std::vector<byte> tbs_bits;
- std::string PEM_label_pref;
- std::vector<std::string> PEM_labels_allowed;
+ AlgorithmIdentifier m_sig_algo;
+ std::vector<byte> m_tbs_bits;
+ std::string m_PEM_label_pref;
+ std::vector<std::string> m_PEM_labels_allowed;
private:
virtual void force_decode() = 0;
};
diff --git a/src/lib/cert/x509/certstor.cpp b/src/lib/cert/x509/certstor.cpp
index e3498f602..26c9ce117 100644
--- a/src/lib/cert/x509/certstor.cpp
+++ b/src/lib/cert/x509/certstor.cpp
@@ -115,7 +115,7 @@ Certificate_Store_In_Memory::Certificate_Store_In_Memory(const X509_Certificate&
Certificate_Store_In_Memory::Certificate_Store_In_Memory(const std::string& dir)
{
- if(dir == "")
+ if(dir.empty())
return;
std::vector<std::string> maybe_certs = get_files_recursive(dir);
diff --git a/src/lib/cert/x509/certstor.h b/src/lib/cert/x509/certstor.h
index eb42c6a49..29948c709 100644
--- a/src/lib/cert/x509/certstor.h
+++ b/src/lib/cert/x509/certstor.h
@@ -48,9 +48,9 @@ class BOTAN_DLL Certificate_Store_In_Memory : public Certificate_Store
* Attempt to parse all files in dir (including subdirectories)
* as certificates. Ignores errors.
*/
- Certificate_Store_In_Memory(const std::string& dir);
+ explicit Certificate_Store_In_Memory(const std::string& dir);
- Certificate_Store_In_Memory(const X509_Certificate& cert);
+ explicit Certificate_Store_In_Memory(const X509_Certificate& cert);
Certificate_Store_In_Memory() {}
@@ -74,7 +74,7 @@ class BOTAN_DLL Certificate_Store_In_Memory : public Certificate_Store
class BOTAN_DLL Certificate_Store_Overlay : public Certificate_Store
{
public:
- Certificate_Store_Overlay(const std::vector<X509_Certificate>& certs) :
+ explicit Certificate_Store_Overlay(const std::vector<X509_Certificate>& certs) :
m_certs(certs) {}
std::vector<X509_DN> all_subjects() const override;
diff --git a/src/lib/cert/x509/crl_ent.cpp b/src/lib/cert/x509/crl_ent.cpp
index 1f2069baa..d6923f714 100644
--- a/src/lib/cert/x509/crl_ent.cpp
+++ b/src/lib/cert/x509/crl_ent.cpp
@@ -18,20 +18,20 @@ namespace Botan {
* Create a CRL_Entry
*/
CRL_Entry::CRL_Entry(bool t_on_unknown_crit) :
- throw_on_unknown_critical(t_on_unknown_crit)
+ m_throw_on_unknown_critical(t_on_unknown_crit)
{
- reason = UNSPECIFIED;
+ m_reason = UNSPECIFIED;
}
/*
* Create a CRL_Entry
*/
CRL_Entry::CRL_Entry(const X509_Certificate& cert, CRL_Code why) :
- throw_on_unknown_critical(false)
+ m_throw_on_unknown_critical(false)
{
- serial = cert.serial_number();
- time = X509_Time(std::chrono::system_clock::now());
- reason = why;
+ m_serial = cert.serial_number();
+ m_time = X509_Time(std::chrono::system_clock::now());
+ m_reason = why;
}
/*
@@ -63,11 +63,11 @@ void CRL_Entry::encode_into(DER_Encoder& der) const
{
Extensions extensions;
- extensions.add(new Cert_Extension::CRL_ReasonCode(reason));
+ extensions.add(new Cert_Extension::CRL_ReasonCode(m_reason));
der.start_cons(SEQUENCE)
- .encode(BigInt::decode(serial))
- .encode(time)
+ .encode(BigInt::decode(m_serial))
+ .encode(m_time)
.start_cons(SEQUENCE)
.encode(extensions)
.end_cons()
@@ -80,24 +80,24 @@ void CRL_Entry::encode_into(DER_Encoder& der) const
void CRL_Entry::decode_from(BER_Decoder& source)
{
BigInt serial_number_bn;
- reason = UNSPECIFIED;
+ m_reason = UNSPECIFIED;
BER_Decoder entry = source.start_cons(SEQUENCE);
- entry.decode(serial_number_bn).decode(time);
+ entry.decode(serial_number_bn).decode(m_time);
if(entry.more_items())
{
- Extensions extensions(throw_on_unknown_critical);
+ Extensions extensions(m_throw_on_unknown_critical);
entry.decode(extensions);
Data_Store info;
extensions.contents_to(info, info);
- reason = CRL_Code(info.get1_u32bit("X509v3.CRLReasonCode"));
+ m_reason = CRL_Code(info.get1_u32bit("X509v3.CRLReasonCode"));
}
entry.end_cons();
- serial = BigInt::encode(serial_number_bn);
+ m_serial = BigInt::encode(serial_number_bn);
}
}
diff --git a/src/lib/cert/x509/crl_ent.h b/src/lib/cert/x509/crl_ent.h
index 42cb25fe3..11ab34365 100644
--- a/src/lib/cert/x509/crl_ent.h
+++ b/src/lib/cert/x509/crl_ent.h
@@ -36,7 +36,7 @@ enum CRL_Code {
/**
* This class represents CRL entries
*/
-class BOTAN_DLL CRL_Entry : public ASN1_Object
+class BOTAN_DLL CRL_Entry final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -46,24 +46,24 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
* Get the serial number of the certificate associated with this entry.
* @return certificate's serial number
*/
- std::vector<byte> serial_number() const { return serial; }
+ std::vector<byte> serial_number() const { return m_serial; }
/**
* Get the revocation date of the certificate associated with this entry
* @return certificate's revocation date
*/
- X509_Time expire_time() const { return time; }
+ X509_Time expire_time() const { return m_time; }
/**
* Get the entries reason code
* @return reason code
*/
- CRL_Code reason_code() const { return reason; }
+ CRL_Code reason_code() const { return m_reason; }
/**
* Construct an empty CRL entry.
*/
- CRL_Entry(bool throw_on_unknown_critical_extension = false);
+ explicit CRL_Entry(bool throw_on_unknown_critical_extension = false);
/**
* Construct an CRL entry.
@@ -74,10 +74,10 @@ class BOTAN_DLL CRL_Entry : public ASN1_Object
CRL_Code reason = UNSPECIFIED);
private:
- bool throw_on_unknown_critical;
- std::vector<byte> serial;
- X509_Time time;
- CRL_Code reason;
+ bool m_throw_on_unknown_critical;
+ std::vector<byte> m_serial;
+ X509_Time m_time;
+ CRL_Code m_reason;
};
/**
diff --git a/src/lib/cert/x509/ocsp.cpp b/src/lib/cert/x509/ocsp.cpp
index 75475fe55..4f4a3aece 100644
--- a/src/lib/cert/x509/ocsp.cpp
+++ b/src/lib/cert/x509/ocsp.cpp
@@ -228,7 +228,7 @@ Response online_check(const X509_Certificate& issuer,
{
const std::string responder_url = subject.ocsp_responder();
- if(responder_url == "")
+ if(responder_url.empty())
throw Exception("No OCSP responder specified");
OCSP::Request req(issuer, subject);
diff --git a/src/lib/cert/x509/ocsp_types.h b/src/lib/cert/x509/ocsp_types.h
index 42a84c38b..6df8ac17f 100644
--- a/src/lib/cert/x509/ocsp_types.h
+++ b/src/lib/cert/x509/ocsp_types.h
@@ -16,7 +16,7 @@ namespace Botan {
namespace OCSP {
-class BOTAN_DLL CertID : public ASN1_Object
+class BOTAN_DLL CertID final : public ASN1_Object
{
public:
CertID() {}
@@ -39,7 +39,7 @@ class BOTAN_DLL CertID : public ASN1_Object
BigInt m_subject_serial;
};
-class BOTAN_DLL SingleResponse : public ASN1_Object
+class BOTAN_DLL SingleResponse final : public ASN1_Object
{
public:
const CertID& certid() const { return m_certid; }
diff --git a/src/lib/cert/x509/pkcs10.cpp b/src/lib/cert/x509/pkcs10.cpp
index cb4be6d5f..40a9894cc 100644
--- a/src/lib/cert/x509/pkcs10.cpp
+++ b/src/lib/cert/x509/pkcs10.cpp
@@ -48,7 +48,7 @@ PKCS10_Request::PKCS10_Request(const std::vector<byte>& in) :
*/
void PKCS10_Request::force_decode()
{
- BER_Decoder cert_req_info(tbs_bits);
+ BER_Decoder cert_req_info(m_tbs_bits);
size_t version;
cert_req_info.decode(version);
@@ -59,14 +59,14 @@ void PKCS10_Request::force_decode()
X509_DN dn_subject;
cert_req_info.decode(dn_subject);
- info.add(dn_subject.contents());
+ m_info.add(dn_subject.contents());
BER_Object public_key = cert_req_info.get_next_object();
if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED)
throw BER_Bad_Tag("PKCS10_Request: Unexpected tag for public key",
public_key.type_tag, public_key.class_tag);
- info.add("X509.Certificate.public_key",
+ m_info.add("X509.Certificate.public_key",
PEM_Code::encode(
ASN1::put_in_sequence(unlock(public_key.value)),
"PUBLIC KEY"
@@ -108,13 +108,13 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
{
ASN1_String email;
value.decode(email);
- info.add("RFC822", email.value());
+ m_info.add("RFC822", email.value());
}
else if(attr.oid == OIDS::lookup("PKCS9.ChallengePassword"))
{
ASN1_String challenge_password;
value.decode(challenge_password);
- info.add("PKCS9.ChallengePassword", challenge_password.value());
+ m_info.add("PKCS9.ChallengePassword", challenge_password.value());
}
else if(attr.oid == OIDS::lookup("PKCS9.ExtensionRequest"))
{
@@ -122,7 +122,7 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
value.decode(extensions).verify_end();
Data_Store issuer_info;
- extensions.contents_to(info, issuer_info);
+ extensions.contents_to(m_info, issuer_info);
}
}
@@ -131,7 +131,7 @@ void PKCS10_Request::handle_attribute(const Attribute& attr)
*/
std::string PKCS10_Request::challenge_password() const
{
- return info.get1("PKCS9.ChallengePassword");
+ return m_info.get1("PKCS9.ChallengePassword");
}
/*
@@ -139,7 +139,7 @@ std::string PKCS10_Request::challenge_password() const
*/
X509_DN PKCS10_Request::subject_dn() const
{
- return create_dn(info);
+ return create_dn(m_info);
}
/*
@@ -147,7 +147,7 @@ X509_DN PKCS10_Request::subject_dn() const
*/
std::vector<byte> PKCS10_Request::raw_public_key() const
{
- DataSource_Memory source(info.get1("X509.Certificate.public_key"));
+ DataSource_Memory source(m_info.get1("X509.Certificate.public_key"));
return unlock(PEM_Code::decode_check_label(source, "PUBLIC KEY"));
}
@@ -156,7 +156,7 @@ std::vector<byte> PKCS10_Request::raw_public_key() const
*/
Public_Key* PKCS10_Request::subject_public_key() const
{
- DataSource_Memory source(info.get1("X509.Certificate.public_key"));
+ DataSource_Memory source(m_info.get1("X509.Certificate.public_key"));
return X509::load_key(source);
}
@@ -165,7 +165,7 @@ Public_Key* PKCS10_Request::subject_public_key() const
*/
AlternativeName PKCS10_Request::subject_alt_name() const
{
- return create_alt_name(info);
+ return create_alt_name(m_info);
}
/*
@@ -173,7 +173,7 @@ AlternativeName PKCS10_Request::subject_alt_name() const
*/
Key_Constraints PKCS10_Request::constraints() const
{
- return Key_Constraints(info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
+ return Key_Constraints(m_info.get1_u32bit("X509v3.KeyUsage", NO_CONSTRAINTS));
}
/*
@@ -181,7 +181,7 @@ Key_Constraints PKCS10_Request::constraints() const
*/
std::vector<OID> PKCS10_Request::ex_constraints() const
{
- std::vector<std::string> oids = info.get("X509v3.ExtendedKeyUsage");
+ std::vector<std::string> oids = m_info.get("X509v3.ExtendedKeyUsage");
std::vector<OID> result;
for(size_t i = 0; i != oids.size(); ++i)
@@ -194,7 +194,7 @@ std::vector<OID> PKCS10_Request::ex_constraints() const
*/
bool PKCS10_Request::is_CA() const
{
- return (info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
+ return (m_info.get1_u32bit("X509v3.BasicConstraints.is_ca") > 0);
}
/*
@@ -202,7 +202,7 @@ bool PKCS10_Request::is_CA() const
*/
u32bit PKCS10_Request::path_limit() const
{
- return info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
+ return m_info.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
}
}
diff --git a/src/lib/cert/x509/pkcs10.h b/src/lib/cert/x509/pkcs10.h
index 6aa66fbfd..8c9f49d84 100644
--- a/src/lib/cert/x509/pkcs10.h
+++ b/src/lib/cert/x509/pkcs10.h
@@ -21,7 +21,7 @@ namespace Botan {
/**
* PKCS #10 Certificate Request.
*/
-class BOTAN_DLL PKCS10_Request : public X509_Object
+class BOTAN_DLL PKCS10_Request final : public X509_Object
{
public:
/**
@@ -84,25 +84,25 @@ class BOTAN_DLL PKCS10_Request : public X509_Object
* Create a PKCS#10 Request from a data source.
* @param source the data source providing the DER encoded request
*/
- PKCS10_Request(DataSource& source);
+ explicit PKCS10_Request(DataSource& source);
/**
* Create a PKCS#10 Request from a file.
* @param filename the name of the file containing the DER or PEM
* encoded request file
*/
- PKCS10_Request(const std::string& filename);
+ explicit PKCS10_Request(const std::string& filename);
/**
* Create a PKCS#10 Request from binary data.
* @param vec a std::vector containing the DER value
*/
- PKCS10_Request(const std::vector<byte>& vec);
+ explicit PKCS10_Request(const std::vector<byte>& vec);
private:
void force_decode() override;
void handle_attribute(const Attribute&);
- Data_Store info;
+ Data_Store m_info;
};
}
diff --git a/src/lib/cert/x509/x509_ca.cpp b/src/lib/cert/x509/x509_ca.cpp
index d329bfdd8..46c8c65f2 100644
--- a/src/lib/cert/x509/x509_ca.cpp
+++ b/src/lib/cert/x509/x509_ca.cpp
@@ -26,12 +26,12 @@ namespace Botan {
*/
X509_CA::X509_CA(const X509_Certificate& c,
const Private_Key& key,
- const std::string& hash_fn) : cert(c)
+ const std::string& hash_fn) : m_cert(c)
{
- if(!cert.is_CA_cert())
+ if(!m_cert.is_CA_cert())
throw Invalid_Argument("X509_CA: This certificate is not for a CA");
- signer = choose_sig_format(key, hash_fn, ca_sig_algo);
+ m_signer = choose_sig_format(key, hash_fn, m_ca_sig_algo);
}
/*
@@ -39,7 +39,7 @@ X509_CA::X509_CA(const X509_Certificate& c,
*/
X509_CA::~X509_CA()
{
- delete signer;
+ delete m_signer;
}
/*
@@ -67,7 +67,7 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
extensions.add(new Cert_Extension::Key_Usage(constraints), true);
- extensions.add(new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
+ extensions.add(new Cert_Extension::Authority_Key_ID(m_cert.subject_key_id()));
extensions.add(new Cert_Extension::Subject_Key_ID(req.raw_public_key()));
extensions.add(
@@ -76,10 +76,10 @@ X509_Certificate X509_CA::sign_request(const PKCS10_Request& req,
extensions.add(
new Cert_Extension::Extended_Key_Usage(req.ex_constraints()));
- return make_cert(signer, rng, ca_sig_algo,
+ return make_cert(m_signer, rng, m_ca_sig_algo,
req.raw_public_key(),
not_before, not_after,
- cert.subject_dn(), req.subject_dn(),
+ m_cert.subject_dn(), req.subject_dn(),
extensions);
}
@@ -177,16 +177,16 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
Extensions extensions;
extensions.add(
- new Cert_Extension::Authority_Key_ID(cert.subject_key_id()));
+ new Cert_Extension::Authority_Key_ID(m_cert.subject_key_id()));
extensions.add(new Cert_Extension::CRL_Number(crl_number));
// clang-format off
const std::vector<byte> crl = X509_Object::make_signed(
- signer, rng, ca_sig_algo,
+ m_signer, rng, m_ca_sig_algo,
DER_Encoder().start_cons(SEQUENCE)
.encode(X509_CRL_VERSION-1)
- .encode(ca_sig_algo)
- .encode(cert.issuer_dn())
+ .encode(m_ca_sig_algo)
+ .encode(m_cert.issuer_dn())
.encode(X509_Time(current_time))
.encode(X509_Time(expire_time))
.encode_if(revoked.size() > 0,
@@ -212,7 +212,7 @@ X509_CRL X509_CA::make_crl(const std::vector<CRL_Entry>& revoked,
*/
X509_Certificate X509_CA::ca_certificate() const
{
- return cert;
+ return m_cert;
}
/*
diff --git a/src/lib/cert/x509/x509_ca.h b/src/lib/cert/x509/x509_ca.h
index 2e05258e3..6ea51cd06 100644
--- a/src/lib/cert/x509/x509_ca.h
+++ b/src/lib/cert/x509/x509_ca.h
@@ -107,9 +107,9 @@ class BOTAN_DLL X509_CA
u32bit crl_number, u32bit next_update,
RandomNumberGenerator& rng) const;
- AlgorithmIdentifier ca_sig_algo;
- X509_Certificate cert;
- PK_Signer* signer;
+ AlgorithmIdentifier m_ca_sig_algo;
+ X509_Certificate m_cert;
+ PK_Signer* m_signer;
};
/**
diff --git a/src/lib/cert/x509/x509_crl.cpp b/src/lib/cert/x509/x509_crl.cpp
index 8b6d1522b..64cb1b308 100644
--- a/src/lib/cert/x509/x509_crl.cpp
+++ b/src/lib/cert/x509/x509_crl.cpp
@@ -19,7 +19,7 @@ namespace Botan {
* Load a X.509 CRL
*/
X509_CRL::X509_CRL(DataSource& in, bool touc) :
- X509_Object(in, "X509 CRL/CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "X509 CRL/CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
@@ -28,13 +28,13 @@ X509_CRL::X509_CRL(DataSource& in, bool touc) :
* Load a X.509 CRL
*/
X509_CRL::X509_CRL(const std::string& in, bool touc) :
- X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "CRL/X509 CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
X509_CRL::X509_CRL(const std::vector<byte>& in, bool touc) :
- X509_Object(in, "CRL/X509 CRL"), throw_on_unknown_critical(touc)
+ X509_Object(in, "CRL/X509 CRL"), m_throw_on_unknown_critical(touc)
{
do_decode();
}
@@ -62,11 +62,11 @@ bool X509_CRL::is_revoked(const X509_Certificate& cert) const
bool is_revoked = false;
- for(size_t i = 0; i != revoked.size(); ++i)
+ for(size_t i = 0; i != m_revoked.size(); ++i)
{
- if(cert_serial == revoked[i].serial_number())
+ if(cert_serial == m_revoked[i].serial_number())
{
- if(revoked[i].reason_code() == REMOVE_FROM_CRL)
+ if(m_revoked[i].reason_code() == REMOVE_FROM_CRL)
is_revoked = false;
else
is_revoked = true;
@@ -81,7 +81,7 @@ bool X509_CRL::is_revoked(const X509_Certificate& cert) const
*/
void X509_CRL::force_decode()
{
- BER_Decoder tbs_crl(tbs_bits);
+ BER_Decoder tbs_crl(m_tbs_bits);
size_t version;
tbs_crl.decode_optional(version, INTEGER, UNIVERSAL);
@@ -93,17 +93,17 @@ void X509_CRL::force_decode()
AlgorithmIdentifier sig_algo_inner;
tbs_crl.decode(sig_algo_inner);
- if(sig_algo != sig_algo_inner)
+ if(m_sig_algo != sig_algo_inner)
throw X509_CRL_Error("Algorithm identifier mismatch");
X509_DN dn_issuer;
tbs_crl.decode(dn_issuer);
- info.add(dn_issuer.contents());
+ m_info.add(dn_issuer.contents());
X509_Time start, end;
tbs_crl.decode(start).decode(end);
- info.add("X509.CRL.start", start.to_string());
- info.add("X509.CRL.end", end.to_string());
+ m_info.add("X509.CRL.start", start.to_string());
+ m_info.add("X509.CRL.end", end.to_string());
BER_Object next = tbs_crl.get_next_object();
@@ -113,9 +113,9 @@ void X509_CRL::force_decode()
while(cert_list.more_items())
{
- CRL_Entry entry(throw_on_unknown_critical);
+ CRL_Entry entry(m_throw_on_unknown_critical);
cert_list.decode(entry);
- revoked.push_back(entry);
+ m_revoked.push_back(entry);
}
next = tbs_crl.get_next_object();
}
@@ -125,11 +125,11 @@ void X509_CRL::force_decode()
{
BER_Decoder crl_options(next.value);
- Extensions extensions(throw_on_unknown_critical);
+ Extensions extensions(m_throw_on_unknown_critical);
crl_options.decode(extensions).verify_end();
- extensions.contents_to(info, info);
+ extensions.contents_to(m_info, m_info);
next = tbs_crl.get_next_object();
}
@@ -145,7 +145,7 @@ void X509_CRL::force_decode()
*/
std::vector<CRL_Entry> X509_CRL::get_revoked() const
{
- return revoked;
+ return m_revoked;
}
/*
@@ -153,7 +153,7 @@ std::vector<CRL_Entry> X509_CRL::get_revoked() const
*/
X509_DN X509_CRL::issuer_dn() const
{
- return create_dn(info);
+ return create_dn(m_info);
}
/*
@@ -161,7 +161,7 @@ X509_DN X509_CRL::issuer_dn() const
*/
std::vector<byte> X509_CRL::authority_key_id() const
{
- return info.get1_memvec("X509v3.AuthorityKeyIdentifier");
+ return m_info.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
/*
@@ -169,7 +169,7 @@ std::vector<byte> X509_CRL::authority_key_id() const
*/
u32bit X509_CRL::crl_number() const
{
- return info.get1_u32bit("X509v3.CRLNumber");
+ return m_info.get1_u32bit("X509v3.CRLNumber");
}
/*
@@ -177,7 +177,7 @@ u32bit X509_CRL::crl_number() const
*/
X509_Time X509_CRL::this_update() const
{
- return X509_Time(info.get1("X509.CRL.start"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
+ return X509_Time(m_info.get1("X509.CRL.start"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
}
/*
@@ -185,7 +185,7 @@ X509_Time X509_CRL::this_update() const
*/
X509_Time X509_CRL::next_update() const
{
- return X509_Time(info.get1("X509.CRL.end"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
+ return X509_Time(m_info.get1("X509.CRL.end"), ASN1_Tag::UTC_OR_GENERALIZED_TIME);
}
}
diff --git a/src/lib/cert/x509/x509_crl.h b/src/lib/cert/x509/x509_crl.h
index a9a8e80cf..29057e944 100644
--- a/src/lib/cert/x509/x509_crl.h
+++ b/src/lib/cert/x509/x509_crl.h
@@ -19,7 +19,7 @@ class X509_Certificate;
/**
* This class represents X.509 Certificate Revocation Lists (CRLs).
*/
-class BOTAN_DLL X509_CRL : public X509_Object
+class BOTAN_DLL X509_CRL final : public X509_Object
{
public:
/**
@@ -27,7 +27,7 @@ class BOTAN_DLL X509_CRL : public X509_Object
*/
struct BOTAN_DLL X509_CRL_Error : public Exception
{
- X509_CRL_Error(const std::string& error) :
+ explicit X509_CRL_Error(const std::string& error) :
Exception("X509_CRL: " + error) {}
};
@@ -101,9 +101,9 @@ class BOTAN_DLL X509_CRL : public X509_Object
private:
void force_decode() override;
- bool throw_on_unknown_critical;
- std::vector<CRL_Entry> revoked;
- Data_Store info;
+ bool m_throw_on_unknown_critical;
+ std::vector<CRL_Entry> m_revoked;
+ Data_Store m_info;
};
}
diff --git a/src/lib/cert/x509/x509_ext.cpp b/src/lib/cert/x509/x509_ext.cpp
index f752500c0..f8f9adb2b 100644
--- a/src/lib/cert/x509/x509_ext.cpp
+++ b/src/lib/cert/x509/x509_ext.cpp
@@ -53,15 +53,13 @@ Extensions::Extensions(const Extensions& extensions) : ASN1_Object()
* Extensions Assignment Operator
*/
Extensions& Extensions::operator=(const Extensions& other)
- {
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
- extensions.clear();
+ {
+ m_extensions.clear();
- for(size_t i = 0; i != other.extensions.size(); ++i)
- extensions.push_back(
- std::make_pair(other.extensions[i].first->copy(),
- other.extensions[i].second));
+ for(size_t i = 0; i != other.m_extensions.size(); ++i)
+ m_extensions.push_back(
+ std::make_pair(std::unique_ptr<Certificate_Extension>(other.m_extensions[i].first->copy()),
+ other.m_extensions[i].second));
m_throw_on_unknown_critical = other.m_throw_on_unknown_critical;
@@ -78,7 +76,14 @@ OID Certificate_Extension::oid_of() const
void Extensions::add(Certificate_Extension* extn, bool critical)
{
- extensions.push_back(std::make_pair(extn, critical));
+ m_extensions.push_back(std::make_pair(std::unique_ptr<Certificate_Extension>(extn), critical));
+ m_extensions_raw.emplace(extn->oid_of(), std::make_pair(extn->encode_inner(), critical));
+ }
+
+
+std::map<OID, std::pair<std::vector<byte>, bool>> Extensions::extensions_raw() const
+ {
+ return m_extensions_raw;
}
/*
@@ -86,10 +91,10 @@ void Extensions::add(Certificate_Extension* extn, bool critical)
*/
void Extensions::encode_into(DER_Encoder& to_object) const
{
- for(size_t i = 0; i != extensions.size(); ++i)
+ for(size_t i = 0; i != m_extensions.size(); ++i)
{
- const Certificate_Extension* ext = extensions[i].first;
- const bool is_critical = extensions[i].second;
+ const Certificate_Extension* ext = m_extensions[i].first.get();
+ const bool is_critical = m_extensions[i].second;
const bool should_encode = ext->should_encode();
@@ -109,9 +114,8 @@ void Extensions::encode_into(DER_Encoder& to_object) const
*/
void Extensions::decode_from(BER_Decoder& from_source)
{
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
- extensions.clear();
+ m_extensions.clear();
+ m_extensions_raw.clear();
BER_Decoder sequence = from_source.start_cons(SEQUENCE);
@@ -128,7 +132,9 @@ void Extensions::decode_from(BER_Decoder& from_source)
.verify_end()
.end_cons();
- Certificate_Extension* ext = get_extension(oid);
+ m_extensions_raw.emplace(oid, std::make_pair(value, critical));
+
+ std::unique_ptr<Certificate_Extension> ext(get_extension(oid));
if(!ext && critical && m_throw_on_unknown_critical)
throw Decoding_Error("Encountered unknown X.509 extension marked "
@@ -146,7 +152,7 @@ void Extensions::decode_from(BER_Decoder& from_source)
oid.as_string() + ": " + e.what());
}
- extensions.push_back(std::make_pair(ext, critical));
+ m_extensions.push_back(std::make_pair(std::move(ext), critical));
}
}
@@ -159,18 +165,10 @@ void Extensions::decode_from(BER_Decoder& from_source)
void Extensions::contents_to(Data_Store& subject_info,
Data_Store& issuer_info) const
{
- for(size_t i = 0; i != extensions.size(); ++i)
- extensions[i].first->contents_to(subject_info, issuer_info);
+ for(size_t i = 0; i != m_extensions.size(); ++i)
+ m_extensions[i].first->contents_to(subject_info, issuer_info);
}
-/*
-* Delete an Extensions list
-*/
-Extensions::~Extensions()
- {
- for(size_t i = 0; i != extensions.size(); ++i)
- delete extensions[i].first;
- }
namespace Cert_Extension {
@@ -179,9 +177,9 @@ namespace Cert_Extension {
*/
size_t Basic_Constraints::get_path_limit() const
{
- if(!is_ca)
+ if(!m_is_ca)
throw Invalid_State("Basic_Constraints::get_path_limit: Not a CA");
- return path_limit;
+ return m_path_limit;
}
/*
@@ -191,10 +189,10 @@ std::vector<byte> Basic_Constraints::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode_if(is_ca,
+ .encode_if(m_is_ca,
DER_Encoder()
- .encode(is_ca)
- .encode_optional(path_limit, NO_CERT_PATH_LIMIT)
+ .encode(m_is_ca)
+ .encode_optional(m_path_limit, NO_CERT_PATH_LIMIT)
)
.end_cons()
.get_contents_unlocked();
@@ -207,13 +205,13 @@ void Basic_Constraints::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
- .decode_optional(is_ca, BOOLEAN, UNIVERSAL, false)
- .decode_optional(path_limit, INTEGER, UNIVERSAL, NO_CERT_PATH_LIMIT)
+ .decode_optional(m_is_ca, BOOLEAN, UNIVERSAL, false)
+ .decode_optional(m_path_limit, INTEGER, UNIVERSAL, NO_CERT_PATH_LIMIT)
.verify_end()
.end_cons();
- if(is_ca == false)
- path_limit = 0;
+ if(m_is_ca == false)
+ m_path_limit = 0;
}
/*
@@ -221,8 +219,8 @@ void Basic_Constraints::decode_inner(const std::vector<byte>& in)
*/
void Basic_Constraints::contents_to(Data_Store& subject, Data_Store&) const
{
- subject.add("X509v3.BasicConstraints.is_ca", (is_ca ? 1 : 0));
- subject.add("X509v3.BasicConstraints.path_constraint", path_limit);
+ subject.add("X509v3.BasicConstraints.is_ca", (m_is_ca ? 1 : 0));
+ subject.add("X509v3.BasicConstraints.path_constraint", m_path_limit);
}
/*
@@ -230,18 +228,18 @@ void Basic_Constraints::contents_to(Data_Store& subject, Data_Store&) const
*/
std::vector<byte> Key_Usage::encode_inner() const
{
- if(constraints == NO_CONSTRAINTS)
+ if(m_constraints == NO_CONSTRAINTS)
throw Encoding_Error("Cannot encode zero usage constraints");
- const size_t unused_bits = low_bit(constraints) - 1;
+ const size_t unused_bits = low_bit(m_constraints) - 1;
std::vector<byte> der;
der.push_back(BIT_STRING);
der.push_back(2 + ((unused_bits < 8) ? 1 : 0));
der.push_back(unused_bits % 8);
- der.push_back((constraints >> 8) & 0xFF);
- if(constraints & 0xFF)
- der.push_back(constraints & 0xFF);
+ der.push_back((m_constraints >> 8) & 0xFF);
+ if(m_constraints & 0xFF)
+ der.push_back(m_constraints & 0xFF);
return der;
}
@@ -271,7 +269,7 @@ void Key_Usage::decode_inner(const std::vector<byte>& in)
for(size_t i = 1; i != obj.value.size(); ++i)
usage = (obj.value[i] << 8) | usage;
- constraints = Key_Constraints(usage);
+ m_constraints = Key_Constraints(usage);
}
/*
@@ -279,7 +277,7 @@ void Key_Usage::decode_inner(const std::vector<byte>& in)
*/
void Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
{
- subject.add("X509v3.KeyUsage", constraints);
+ subject.add("X509v3.KeyUsage", m_constraints);
}
/*
@@ -287,7 +285,7 @@ void Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
*/
std::vector<byte> Subject_Key_ID::encode_inner() const
{
- return DER_Encoder().encode(key_id, OCTET_STRING).get_contents_unlocked();
+ return DER_Encoder().encode(m_key_id, OCTET_STRING).get_contents_unlocked();
}
/*
@@ -295,7 +293,7 @@ std::vector<byte> Subject_Key_ID::encode_inner() const
*/
void Subject_Key_ID::decode_inner(const std::vector<byte>& in)
{
- BER_Decoder(in).decode(key_id, OCTET_STRING).verify_end();
+ BER_Decoder(in).decode(m_key_id, OCTET_STRING).verify_end();
}
/*
@@ -303,17 +301,14 @@ void Subject_Key_ID::decode_inner(const std::vector<byte>& in)
*/
void Subject_Key_ID::contents_to(Data_Store& subject, Data_Store&) const
{
- subject.add("X509v3.SubjectKeyIdentifier", key_id);
+ subject.add("X509v3.SubjectKeyIdentifier", m_key_id);
}
/*
* Subject_Key_ID Constructor
*/
-Subject_Key_ID::Subject_Key_ID(const std::vector<byte>& pub_key)
- {
- SHA_160 hash;
- key_id = unlock(hash.process(pub_key));
- }
+Subject_Key_ID::Subject_Key_ID(const std::vector<byte>& pub_key) : m_key_id(unlock(SHA_160().process(pub_key)))
+ {}
/*
* Encode the extension
@@ -322,7 +317,7 @@ std::vector<byte> Authority_Key_ID::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(key_id, OCTET_STRING, ASN1_Tag(0), CONTEXT_SPECIFIC)
+ .encode(m_key_id, OCTET_STRING, ASN1_Tag(0), CONTEXT_SPECIFIC)
.end_cons()
.get_contents_unlocked();
}
@@ -334,7 +329,7 @@ void Authority_Key_ID::decode_inner(const std::vector<byte>& in)
{
BER_Decoder(in)
.start_cons(SEQUENCE)
- .decode_optional_string(key_id, OCTET_STRING, 0);
+ .decode_optional_string(m_key_id, OCTET_STRING, 0);
}
/*
@@ -342,8 +337,8 @@ void Authority_Key_ID::decode_inner(const std::vector<byte>& in)
*/
void Authority_Key_ID::contents_to(Data_Store&, Data_Store& issuer) const
{
- if(key_id.size())
- issuer.add("X509v3.AuthorityKeyIdentifier", key_id);
+ if(m_key_id.size())
+ issuer.add("X509v3.AuthorityKeyIdentifier", m_key_id);
}
/*
@@ -351,7 +346,7 @@ void Authority_Key_ID::contents_to(Data_Store&, Data_Store& issuer) const
*/
std::vector<byte> Alternative_Name::encode_inner() const
{
- return DER_Encoder().encode(alt_name).get_contents_unlocked();
+ return DER_Encoder().encode(m_alt_name).get_contents_unlocked();
}
/*
@@ -359,7 +354,7 @@ std::vector<byte> Alternative_Name::encode_inner() const
*/
void Alternative_Name::decode_inner(const std::vector<byte>& in)
{
- BER_Decoder(in).decode(alt_name);
+ BER_Decoder(in).decode(m_alt_name);
}
/*
@@ -371,24 +366,21 @@ void Alternative_Name::contents_to(Data_Store& subject_info,
std::multimap<std::string, std::string> contents =
get_alt_name().contents();
- if(oid_name_str == "X509v3.SubjectAlternativeName")
+ if(m_oid_name_str == "X509v3.SubjectAlternativeName")
subject_info.add(contents);
- else if(oid_name_str == "X509v3.IssuerAlternativeName")
+ else if(m_oid_name_str == "X509v3.IssuerAlternativeName")
issuer_info.add(contents);
else
throw Internal_Error("In Alternative_Name, unknown type " +
- oid_name_str);
+ m_oid_name_str);
}
/*
* Alternative_Name Constructor
*/
Alternative_Name::Alternative_Name(const AlternativeName& alt_name,
- const std::string& oid_name_str)
- {
- this->alt_name = alt_name;
- this->oid_name_str = oid_name_str;
- }
+ const std::string& oid_name_str) : m_alt_name(alt_name), m_oid_name_str(oid_name_str)
+ {}
/*
* Subject_Alternative_Name Constructor
@@ -414,7 +406,7 @@ std::vector<byte> Extended_Key_Usage::encode_inner() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode_list(oids)
+ .encode_list(m_oids)
.end_cons()
.get_contents_unlocked();
}
@@ -424,7 +416,7 @@ std::vector<byte> Extended_Key_Usage::encode_inner() const
*/
void Extended_Key_Usage::decode_inner(const std::vector<byte>& in)
{
- BER_Decoder(in).decode_list(oids);
+ BER_Decoder(in).decode_list(m_oids);
}
/*
@@ -432,8 +424,8 @@ void Extended_Key_Usage::decode_inner(const std::vector<byte>& in)
*/
void Extended_Key_Usage::contents_to(Data_Store& subject, Data_Store&) const
{
- for(size_t i = 0; i != oids.size(); ++i)
- subject.add("X509v3.ExtendedKeyUsage", oids[i].as_string());
+ for(size_t i = 0; i != m_oids.size(); ++i)
+ subject.add("X509v3.ExtendedKeyUsage", m_oids[i].as_string());
}
namespace {
@@ -444,10 +436,11 @@ namespace {
class Policy_Information : public ASN1_Object
{
public:
+ // public member variable:
OID oid;
Policy_Information() {}
- Policy_Information(const OID& oid) : oid(oid) {}
+ explicit Policy_Information(const OID& oid) : oid(oid) {}
void encode_into(DER_Encoder& codec) const override
{
@@ -474,8 +467,8 @@ std::vector<byte> Certificate_Policies::encode_inner() const
{
std::vector<Policy_Information> policies;
- for(size_t i = 0; i != oids.size(); ++i)
- policies.push_back(oids[i]);
+ for(size_t i = 0; i != m_oids.size(); ++i)
+ policies.push_back(Policy_Information(m_oids[i]));
return DER_Encoder()
.start_cons(SEQUENCE)
@@ -493,9 +486,9 @@ void Certificate_Policies::decode_inner(const std::vector<byte>& in)
BER_Decoder(in).decode_list(policies);
- oids.clear();
+ m_oids.clear();
for(size_t i = 0; i != policies.size(); ++i)
- oids.push_back(policies[i].oid);
+ m_oids.push_back(policies[i].oid);
}
/*
@@ -503,8 +496,8 @@ void Certificate_Policies::decode_inner(const std::vector<byte>& in)
*/
void Certificate_Policies::contents_to(Data_Store& info, Data_Store&) const
{
- for(size_t i = 0; i != oids.size(); ++i)
- info.add("X509v3.CertificatePolicies", oids[i].as_string());
+ for(size_t i = 0; i != m_oids.size(); ++i)
+ info.add("X509v3.CertificatePolicies", m_oids[i].as_string());
}
std::vector<byte> Authority_Information_Access::encode_inner() const
@@ -549,7 +542,7 @@ void Authority_Information_Access::decode_inner(const std::vector<byte>& in)
void Authority_Information_Access::contents_to(Data_Store& subject, Data_Store&) const
{
- if(m_ocsp_responder != "")
+ if(!m_ocsp_responder.empty())
subject.add("OCSP.responder", m_ocsp_responder);
}
@@ -558,9 +551,9 @@ void Authority_Information_Access::contents_to(Data_Store& subject, Data_Store&)
*/
size_t CRL_Number::get_crl_number() const
{
- if(!has_value)
+ if(!m_has_value)
throw Invalid_State("CRL_Number::get_crl_number: Not set");
- return crl_number;
+ return m_crl_number;
}
/*
@@ -568,9 +561,9 @@ size_t CRL_Number::get_crl_number() const
*/
CRL_Number* CRL_Number::copy() const
{
- if(!has_value)
+ if(!m_has_value)
throw Invalid_State("CRL_Number::copy: Not set");
- return new CRL_Number(crl_number);
+ return new CRL_Number(m_crl_number);
}
/*
@@ -578,7 +571,7 @@ CRL_Number* CRL_Number::copy() const
*/
std::vector<byte> CRL_Number::encode_inner() const
{
- return DER_Encoder().encode(crl_number).get_contents_unlocked();
+ return DER_Encoder().encode(m_crl_number).get_contents_unlocked();
}
/*
@@ -586,7 +579,7 @@ std::vector<byte> CRL_Number::encode_inner() const
*/
void CRL_Number::decode_inner(const std::vector<byte>& in)
{
- BER_Decoder(in).decode(crl_number);
+ BER_Decoder(in).decode(m_crl_number);
}
/*
@@ -594,7 +587,7 @@ void CRL_Number::decode_inner(const std::vector<byte>& in)
*/
void CRL_Number::contents_to(Data_Store& info, Data_Store&) const
{
- info.add("X509v3.CRLNumber", crl_number);
+ info.add("X509v3.CRLNumber", m_crl_number);
}
/*
@@ -603,7 +596,7 @@ void CRL_Number::contents_to(Data_Store& info, Data_Store&) const
std::vector<byte> CRL_ReasonCode::encode_inner() const
{
return DER_Encoder()
- .encode(static_cast<size_t>(reason), ENUMERATED, UNIVERSAL)
+ .encode(static_cast<size_t>(m_reason), ENUMERATED, UNIVERSAL)
.get_contents_unlocked();
}
@@ -614,7 +607,7 @@ void CRL_ReasonCode::decode_inner(const std::vector<byte>& in)
{
size_t reason_code = 0;
BER_Decoder(in).decode(reason_code, ENUMERATED, UNIVERSAL);
- reason = static_cast<CRL_Code>(reason_code);
+ m_reason = static_cast<CRL_Code>(reason_code);
}
/*
@@ -622,7 +615,7 @@ void CRL_ReasonCode::decode_inner(const std::vector<byte>& in)
*/
void CRL_ReasonCode::contents_to(Data_Store& info, Data_Store&) const
{
- info.add("X509v3.CRLReasonCode", reason);
+ info.add("X509v3.CRLReasonCode", m_reason);
}
std::vector<byte> CRL_Distribution_Points::encode_inner() const
diff --git a/src/lib/cert/x509/x509_ext.h b/src/lib/cert/x509/x509_ext.h
index 2ed892055..8d2dcb52b 100644
--- a/src/lib/cert/x509/x509_ext.h
+++ b/src/lib/cert/x509/x509_ext.h
@@ -67,16 +67,20 @@ class BOTAN_DLL Extensions : public ASN1_Object
void add(Certificate_Extension* extn, bool critical = false);
+ std::map<OID, std::pair<std::vector<byte>, bool>> extensions_raw() const;
+
Extensions& operator=(const Extensions&);
Extensions(const Extensions&);
- Extensions(bool st = true) : m_throw_on_unknown_critical(st) {}
- ~Extensions();
+
+ explicit Extensions(bool st = true) : m_throw_on_unknown_critical(st) {}
+
private:
static Certificate_Extension* get_extension(const OID&);
- std::vector<std::pair<Certificate_Extension*, bool> > extensions;
+ std::vector<std::pair<std::unique_ptr<Certificate_Extension>, bool>> m_extensions;
bool m_throw_on_unknown_critical;
+ std::map<OID, std::pair<std::vector<byte>, bool>> m_extensions_raw;
};
namespace Cert_Extension {
@@ -86,16 +90,16 @@ static const size_t NO_CERT_PATH_LIMIT = 0xFFFFFFF0;
/**
* Basic Constraints Extension
*/
-class BOTAN_DLL Basic_Constraints : public Certificate_Extension
+class BOTAN_DLL Basic_Constraints final : public Certificate_Extension
{
public:
Basic_Constraints* copy() const override
- { return new Basic_Constraints(is_ca, path_limit); }
+ { return new Basic_Constraints(m_is_ca, m_path_limit); }
Basic_Constraints(bool ca = false, size_t limit = 0) :
- is_ca(ca), path_limit(limit) {}
+ m_is_ca(ca), m_path_limit(limit) {}
- bool get_is_ca() const { return is_ca; }
+ bool get_is_ca() const { return m_is_ca; }
size_t get_path_limit() const;
private:
std::string oid_name() const override
@@ -105,81 +109,81 @@ class BOTAN_DLL Basic_Constraints : public Certificate_Extension
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- bool is_ca;
- size_t path_limit;
+ bool m_is_ca;
+ size_t m_path_limit;
};
/**
* Key Usage Constraints Extension
*/
-class BOTAN_DLL Key_Usage : public Certificate_Extension
+class BOTAN_DLL Key_Usage final : public Certificate_Extension
{
public:
- Key_Usage* copy() const override { return new Key_Usage(constraints); }
+ Key_Usage* copy() const override { return new Key_Usage(m_constraints); }
- Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : constraints(c) {}
+ explicit Key_Usage(Key_Constraints c = NO_CONSTRAINTS) : m_constraints(c) {}
- Key_Constraints get_constraints() const { return constraints; }
+ Key_Constraints get_constraints() const { return m_constraints; }
private:
std::string oid_name() const override { return "X509v3.KeyUsage"; }
bool should_encode() const override
- { return (constraints != NO_CONSTRAINTS); }
+ { return (m_constraints != NO_CONSTRAINTS); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- Key_Constraints constraints;
+ Key_Constraints m_constraints;
};
/**
* Subject Key Identifier Extension
*/
-class BOTAN_DLL Subject_Key_ID : public Certificate_Extension
+class BOTAN_DLL Subject_Key_ID final : public Certificate_Extension
{
public:
Subject_Key_ID* copy() const override
- { return new Subject_Key_ID(key_id); }
+ { return new Subject_Key_ID(m_key_id); }
Subject_Key_ID() {}
- Subject_Key_ID(const std::vector<byte>&);
+ explicit Subject_Key_ID(const std::vector<byte>&);
- std::vector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return m_key_id; }
private:
std::string oid_name() const override
{ return "X509v3.SubjectKeyIdentifier"; }
- bool should_encode() const override { return (key_id.size() > 0); }
+ bool should_encode() const override { return (m_key_id.size() > 0); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::vector<byte> key_id;
+ std::vector<byte> m_key_id;
};
/**
* Authority Key Identifier Extension
*/
-class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
+class BOTAN_DLL Authority_Key_ID final : public Certificate_Extension
{
public:
Authority_Key_ID* copy() const override
- { return new Authority_Key_ID(key_id); }
+ { return new Authority_Key_ID(m_key_id); }
Authority_Key_ID() {}
- Authority_Key_ID(const std::vector<byte>& k) : key_id(k) {}
+ explicit Authority_Key_ID(const std::vector<byte>& k) : m_key_id(k) {}
- std::vector<byte> get_key_id() const { return key_id; }
+ std::vector<byte> get_key_id() const { return m_key_id; }
private:
std::string oid_name() const override
{ return "X509v3.AuthorityKeyIdentifier"; }
- bool should_encode() const override { return (key_id.size() > 0); }
+ bool should_encode() const override { return (m_key_id.size() > 0); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::vector<byte> key_id;
+ std::vector<byte> m_key_id;
};
/**
@@ -188,22 +192,22 @@ class BOTAN_DLL Authority_Key_ID : public Certificate_Extension
class BOTAN_DLL Alternative_Name : public Certificate_Extension
{
public:
- AlternativeName get_alt_name() const { return alt_name; }
+ AlternativeName get_alt_name() const { return m_alt_name; }
protected:
Alternative_Name(const AlternativeName&, const std::string& oid_name);
Alternative_Name(const std::string&, const std::string&);
private:
- std::string oid_name() const override { return oid_name_str; }
+ std::string oid_name() const override { return m_oid_name_str; }
- bool should_encode() const override { return alt_name.has_items(); }
+ bool should_encode() const override { return m_alt_name.has_items(); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::string oid_name_str;
- AlternativeName alt_name;
+ std::string m_oid_name_str;
+ AlternativeName m_alt_name;
};
/**
@@ -215,7 +219,7 @@ class BOTAN_DLL Subject_Alternative_Name : public Alternative_Name
Subject_Alternative_Name* copy() const override
{ return new Subject_Alternative_Name(get_alt_name()); }
- Subject_Alternative_Name(const AlternativeName& = AlternativeName());
+ explicit Subject_Alternative_Name(const AlternativeName& = AlternativeName());
};
/**
@@ -227,60 +231,60 @@ class BOTAN_DLL Issuer_Alternative_Name : public Alternative_Name
Issuer_Alternative_Name* copy() const override
{ return new Issuer_Alternative_Name(get_alt_name()); }
- Issuer_Alternative_Name(const AlternativeName& = AlternativeName());
+ explicit Issuer_Alternative_Name(const AlternativeName& = AlternativeName());
};
/**
* Extended Key Usage Extension
*/
-class BOTAN_DLL Extended_Key_Usage : public Certificate_Extension
+class BOTAN_DLL Extended_Key_Usage final : public Certificate_Extension
{
public:
Extended_Key_Usage* copy() const override
- { return new Extended_Key_Usage(oids); }
+ { return new Extended_Key_Usage(m_oids); }
Extended_Key_Usage() {}
- Extended_Key_Usage(const std::vector<OID>& o) : oids(o) {}
+ explicit Extended_Key_Usage(const std::vector<OID>& o) : m_oids(o) {}
- std::vector<OID> get_oids() const { return oids; }
+ std::vector<OID> get_oids() const { return m_oids; }
private:
std::string oid_name() const override
{ return "X509v3.ExtendedKeyUsage"; }
- bool should_encode() const override { return (oids.size() > 0); }
+ bool should_encode() const override { return (m_oids.size() > 0); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::vector<OID> oids;
+ std::vector<OID> m_oids;
};
/**
* Certificate Policies Extension
*/
-class BOTAN_DLL Certificate_Policies : public Certificate_Extension
+class BOTAN_DLL Certificate_Policies final : public Certificate_Extension
{
public:
Certificate_Policies* copy() const override
- { return new Certificate_Policies(oids); }
+ { return new Certificate_Policies(m_oids); }
Certificate_Policies() {}
- Certificate_Policies(const std::vector<OID>& o) : oids(o) {}
+ explicit Certificate_Policies(const std::vector<OID>& o) : m_oids(o) {}
- std::vector<OID> get_oids() const { return oids; }
+ std::vector<OID> get_oids() const { return m_oids; }
private:
std::string oid_name() const override
{ return "X509v3.CertificatePolicies"; }
- bool should_encode() const override { return (oids.size() > 0); }
+ bool should_encode() const override { return (m_oids.size() > 0); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- std::vector<OID> oids;
+ std::vector<OID> m_oids;
};
-class BOTAN_DLL Authority_Information_Access : public Certificate_Extension
+class BOTAN_DLL Authority_Information_Access final : public Certificate_Extension
{
public:
Authority_Information_Access* copy() const override
@@ -288,14 +292,14 @@ class BOTAN_DLL Authority_Information_Access : public Certificate_Extension
Authority_Information_Access() {}
- Authority_Information_Access(const std::string& ocsp) :
+ explicit Authority_Information_Access(const std::string& ocsp) :
m_ocsp_responder(ocsp) {}
private:
std::string oid_name() const override
{ return "PKIX.AuthorityInformationAccess"; }
- bool should_encode() const override { return (m_ocsp_responder != ""); }
+ bool should_encode() const override { return (!m_ocsp_responder.empty()); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
@@ -308,57 +312,57 @@ class BOTAN_DLL Authority_Information_Access : public Certificate_Extension
/**
* CRL Number Extension
*/
-class BOTAN_DLL CRL_Number : public Certificate_Extension
+class BOTAN_DLL CRL_Number final : public Certificate_Extension
{
public:
CRL_Number* copy() const override;
- CRL_Number() : has_value(false), crl_number(0) {}
- CRL_Number(size_t n) : has_value(true), crl_number(n) {}
+ CRL_Number() : m_has_value(false), m_crl_number(0) {}
+ CRL_Number(size_t n) : m_has_value(true), m_crl_number(n) {}
size_t get_crl_number() const;
private:
std::string oid_name() const override { return "X509v3.CRLNumber"; }
- bool should_encode() const override { return has_value; }
+ bool should_encode() const override { return m_has_value; }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- bool has_value;
- size_t crl_number;
+ bool m_has_value;
+ size_t m_crl_number;
};
/**
* CRL Entry Reason Code Extension
*/
-class BOTAN_DLL CRL_ReasonCode : public Certificate_Extension
+class BOTAN_DLL CRL_ReasonCode final : public Certificate_Extension
{
public:
CRL_ReasonCode* copy() const override
- { return new CRL_ReasonCode(reason); }
+ { return new CRL_ReasonCode(m_reason); }
- CRL_ReasonCode(CRL_Code r = UNSPECIFIED) : reason(r) {}
+ explicit CRL_ReasonCode(CRL_Code r = UNSPECIFIED) : m_reason(r) {}
- CRL_Code get_reason() const { return reason; }
+ CRL_Code get_reason() const { return m_reason; }
private:
std::string oid_name() const override { return "X509v3.ReasonCode"; }
- bool should_encode() const override { return (reason != UNSPECIFIED); }
+ bool should_encode() const override { return (m_reason != UNSPECIFIED); }
std::vector<byte> encode_inner() const override;
void decode_inner(const std::vector<byte>&) override;
void contents_to(Data_Store&, Data_Store&) const override;
- CRL_Code reason;
+ CRL_Code m_reason;
};
/**
* CRL Distribution Points Extension
*/
-class BOTAN_DLL CRL_Distribution_Points : public Certificate_Extension
+class BOTAN_DLL CRL_Distribution_Points final : public Certificate_Extension
{
public:
- class BOTAN_DLL Distribution_Point : public ASN1_Object
+ class BOTAN_DLL Distribution_Point final : public ASN1_Object
{
public:
void encode_into(class DER_Encoder&) const override;
@@ -374,7 +378,7 @@ class BOTAN_DLL CRL_Distribution_Points : public Certificate_Extension
CRL_Distribution_Points() {}
- CRL_Distribution_Points(const std::vector<Distribution_Point>& points) :
+ explicit CRL_Distribution_Points(const std::vector<Distribution_Point>& points) :
m_distribution_points(points) {}
std::vector<Distribution_Point> distribution_points() const
diff --git a/src/lib/cert/x509/x509_obj.cpp b/src/lib/cert/x509/x509_obj.cpp
index 4dae68607..983be40b2 100644
--- a/src/lib/cert/x509/x509_obj.cpp
+++ b/src/lib/cert/x509/x509_obj.cpp
@@ -48,12 +48,12 @@ X509_Object::X509_Object(const std::vector<byte>& vec, const std::string& labels
*/
void X509_Object::init(DataSource& in, const std::string& labels)
{
- PEM_labels_allowed = split_on(labels, '/');
- if(PEM_labels_allowed.size() < 1)
+ m_PEM_labels_allowed = split_on(labels, '/');
+ if(m_PEM_labels_allowed.size() < 1)
throw Invalid_Argument("Bad labels argument to X509_Object");
- PEM_label_pref = PEM_labels_allowed[0];
- std::sort(PEM_labels_allowed.begin(), PEM_labels_allowed.end());
+ m_PEM_label_pref = m_PEM_labels_allowed[0];
+ std::sort(m_PEM_labels_allowed.begin(), m_PEM_labels_allowed.end());
try {
if(ASN1::maybe_BER(in) && !PEM_Code::matches(in))
@@ -66,8 +66,8 @@ void X509_Object::init(DataSource& in, const std::string& labels)
std::string got_label;
DataSource_Memory ber(PEM_Code::decode(in, got_label));
- if(!std::binary_search(PEM_labels_allowed.begin(),
- PEM_labels_allowed.end(), got_label))
+ if(!std::binary_search(m_PEM_labels_allowed.begin(),
+ m_PEM_labels_allowed.end(), got_label))
throw Decoding_Error("Invalid PEM label: " + got_label);
BER_Decoder dec(ber);
@@ -76,7 +76,7 @@ void X509_Object::init(DataSource& in, const std::string& labels)
}
catch(Decoding_Error& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed: " + e.what());
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed: " + e.what());
}
}
@@ -85,10 +85,10 @@ void X509_Object::encode_into(DER_Encoder& to) const
{
to.start_cons(SEQUENCE)
.start_cons(SEQUENCE)
- .raw_bytes(tbs_bits)
+ .raw_bytes(m_tbs_bits)
.end_cons()
- .encode(sig_algo)
- .encode(sig, BIT_STRING)
+ .encode(m_sig_algo)
+ .encode(m_sig, BIT_STRING)
.end_cons();
}
@@ -99,10 +99,10 @@ void X509_Object::decode_from(BER_Decoder& from)
{
from.start_cons(SEQUENCE)
.start_cons(SEQUENCE)
- .raw_bytes(tbs_bits)
+ .raw_bytes(m_tbs_bits)
.end_cons()
- .decode(sig_algo)
- .decode(sig, BIT_STRING)
+ .decode(m_sig_algo)
+ .decode(m_sig, BIT_STRING)
.verify_end()
.end_cons();
}
@@ -122,7 +122,7 @@ std::vector<byte> X509_Object::BER_encode() const
*/
std::string X509_Object::PEM_encode() const
{
- return PEM_Code::encode(BER_encode(), PEM_label_pref);
+ return PEM_Code::encode(BER_encode(), m_PEM_label_pref);
}
/*
@@ -130,7 +130,7 @@ std::string X509_Object::PEM_encode() const
*/
std::vector<byte> X509_Object::tbs_data() const
{
- return ASN1::put_in_sequence(tbs_bits);
+ return ASN1::put_in_sequence(m_tbs_bits);
}
/*
@@ -138,7 +138,7 @@ std::vector<byte> X509_Object::tbs_data() const
*/
std::vector<byte> X509_Object::signature() const
{
- return sig;
+ return m_sig;
}
/*
@@ -146,7 +146,7 @@ std::vector<byte> X509_Object::signature() const
*/
AlgorithmIdentifier X509_Object::signature_algorithm() const
{
- return sig_algo;
+ return m_sig_algo;
}
/*
@@ -155,11 +155,11 @@ AlgorithmIdentifier X509_Object::signature_algorithm() const
std::string X509_Object::hash_used_for_signature() const
{
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2)
throw Internal_Error("Invalid name format found for " +
- sig_algo.oid.as_string());
+ m_sig_algo.oid.as_string());
std::vector<std::string> pad_and_hash =
parse_algorithm_name(sig_info[1]);
@@ -176,10 +176,10 @@ std::string X509_Object::hash_used_for_signature() const
bool X509_Object::check_signature(const Public_Key* pub_key) const
{
if(!pub_key)
- throw Exception("No key provided for " + PEM_label_pref + " signature check");
+ throw Exception("No key provided for " + m_PEM_label_pref + " signature check");
std::unique_ptr<const Public_Key> key(pub_key);
return check_signature(*key);
- }
+}
/*
* Check the signature on an object
@@ -188,7 +188,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
{
try {
std::vector<std::string> sig_info =
- split_on(OIDS::lookup(sig_algo.oid), '/');
+ split_on(OIDS::lookup(m_sig_algo.oid), '/');
if(sig_info.size() != 2 || sig_info[0] != pub_key.algo_name())
return false;
@@ -201,7 +201,7 @@ bool X509_Object::check_signature(const Public_Key& pub_key) const
return verifier.verify_message(tbs_data(), signature());
}
- catch(std::exception& e)
+ catch(std::exception&)
{
return false;
}
@@ -234,12 +234,12 @@ void X509_Object::do_decode()
}
catch(Decoding_Error& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed (" +
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
e.what() + ")");
}
catch(Invalid_Argument& e)
{
- throw Decoding_Error(PEM_label_pref + " decoding failed (" +
+ throw Decoding_Error(m_PEM_label_pref + " decoding failed (" +
e.what() + ")");
}
}
diff --git a/src/lib/cert/x509/x509_obj.h b/src/lib/cert/x509/x509_obj.h
index ec6bd530c..eb929451c 100644
--- a/src/lib/cert/x509/x509_obj.h
+++ b/src/lib/cert/x509/x509_obj.h
@@ -93,14 +93,14 @@ class BOTAN_DLL X509_Object : public ASN1_Object
void do_decode();
X509_Object() {}
- AlgorithmIdentifier sig_algo;
- std::vector<byte> tbs_bits, sig;
+ AlgorithmIdentifier m_sig_algo;
+ std::vector<byte> m_tbs_bits, m_sig;
private:
virtual void force_decode() = 0;
void init(DataSource&, const std::string&);
- std::vector<std::string> PEM_labels_allowed;
- std::string PEM_label_pref;
+ std::vector<std::string> m_PEM_labels_allowed;
+ std::string m_PEM_label_pref;
};
}
diff --git a/src/lib/cert/x509/x509cert.cpp b/src/lib/cert/x509/x509cert.cpp
index 3d1ebbbad..8d6d9a70a 100644
--- a/src/lib/cert/x509/x509cert.cpp
+++ b/src/lib/cert/x509/x509cert.cpp
@@ -44,7 +44,7 @@ std::vector<std::string> lookup_oids(const std::vector<std::string>& in)
X509_Certificate::X509_Certificate(DataSource& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -54,7 +54,7 @@ X509_Certificate::X509_Certificate(DataSource& in) :
X509_Certificate::X509_Certificate(const std::string& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -64,7 +64,7 @@ X509_Certificate::X509_Certificate(const std::string& in) :
X509_Certificate::X509_Certificate(const std::vector<byte>& in) :
X509_Object(in, "CERTIFICATE/X509 CERTIFICATE")
{
- self_signed = false;
+ m_self_signed = false;
do_decode();
}
@@ -79,7 +79,7 @@ void X509_Certificate::force_decode()
X509_DN dn_issuer, dn_subject;
X509_Time start, end;
- BER_Decoder tbs_cert(tbs_bits);
+ BER_Decoder tbs_cert(m_tbs_bits);
tbs_cert.decode_optional(version, ASN1_Tag(0),
ASN1_Tag(CONSTRUCTED | CONTEXT_SPECIFIC))
@@ -95,16 +95,16 @@ void X509_Certificate::force_decode()
if(version > 2)
throw Decoding_Error("Unknown X.509 cert version " + std::to_string(version));
- if(sig_algo != sig_algo_inner)
+ if(m_sig_algo != sig_algo_inner)
throw Decoding_Error("Algorithm identifier mismatch");
- self_signed = (dn_subject == dn_issuer);
+ m_self_signed = (dn_subject == dn_issuer);
- subject.add(dn_subject.contents());
- issuer.add(dn_issuer.contents());
+ m_subject.add(dn_subject.contents());
+ m_issuer.add(dn_issuer.contents());
- subject.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_subject.get_bits()));
- issuer.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_issuer.get_bits()));
+ m_subject.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_subject.get_bits()));
+ m_issuer.add("X509.Certificate.dn_bits", ASN1::put_in_sequence(dn_issuer.get_bits()));
BER_Object public_key = tbs_cert.get_next_object();
if(public_key.type_tag != SEQUENCE || public_key.class_tag != CONSTRUCTED)
@@ -124,7 +124,8 @@ void X509_Certificate::force_decode()
BER_Decoder(v3_exts_data.value).decode(extensions).verify_end();
- extensions.contents_to(subject, issuer);
+ m_v3_extensions = extensions.extensions_raw();
+ extensions.contents_to(m_subject, m_issuer);
}
else if(v3_exts_data.type_tag != NO_OBJECT)
throw BER_Bad_Tag("Unknown tag in X.509 cert",
@@ -133,30 +134,30 @@ void X509_Certificate::force_decode()
if(tbs_cert.more_items())
throw Decoding_Error("TBSCertificate has more items that expected");
- subject.add("X509.Certificate.version", version);
- subject.add("X509.Certificate.serial", BigInt::encode(serial_bn));
- subject.add("X509.Certificate.start", start.to_string());
- subject.add("X509.Certificate.end", end.to_string());
+ m_subject.add("X509.Certificate.version", version);
+ m_subject.add("X509.Certificate.serial", BigInt::encode(serial_bn));
+ m_subject.add("X509.Certificate.start", start.to_string());
+ m_subject.add("X509.Certificate.end", end.to_string());
- issuer.add("X509.Certificate.v2.key_id", v2_issuer_key_id);
- subject.add("X509.Certificate.v2.key_id", v2_subject_key_id);
+ m_issuer.add("X509.Certificate.v2.key_id", v2_issuer_key_id);
+ m_subject.add("X509.Certificate.v2.key_id", v2_subject_key_id);
- subject.add("X509.Certificate.public_key",
+ m_subject.add("X509.Certificate.public_key",
hex_encode(public_key.value));
- if(self_signed && version == 0)
+ if(m_self_signed && version == 0)
{
- subject.add("X509v3.BasicConstraints.is_ca", 1);
- subject.add("X509v3.BasicConstraints.path_constraint", Cert_Extension::NO_CERT_PATH_LIMIT);
+ m_subject.add("X509v3.BasicConstraints.is_ca", 1);
+ m_subject.add("X509v3.BasicConstraints.path_constraint", Cert_Extension::NO_CERT_PATH_LIMIT);
}
if(is_CA_cert() &&
- !subject.has_value("X509v3.BasicConstraints.path_constraint"))
+ !m_subject.has_value("X509v3.BasicConstraints.path_constraint"))
{
const size_t limit = (x509_version() < 3) ?
Cert_Extension::NO_CERT_PATH_LIMIT : 0;
- subject.add("X509v3.BasicConstraints.path_constraint", limit);
+ m_subject.add("X509v3.BasicConstraints.path_constraint", limit);
}
}
@@ -165,7 +166,7 @@ void X509_Certificate::force_decode()
*/
u32bit X509_Certificate::x509_version() const
{
- return (subject.get1_u32bit("X509.Certificate.version") + 1);
+ return (m_subject.get1_u32bit("X509.Certificate.version") + 1);
}
/*
@@ -173,7 +174,7 @@ u32bit X509_Certificate::x509_version() const
*/
std::string X509_Certificate::start_time() const
{
- return subject.get1("X509.Certificate.start");
+ return m_subject.get1("X509.Certificate.start");
}
/*
@@ -181,7 +182,7 @@ std::string X509_Certificate::start_time() const
*/
std::string X509_Certificate::end_time() const
{
- return subject.get1("X509.Certificate.end");
+ return m_subject.get1("X509.Certificate.end");
}
/*
@@ -190,7 +191,7 @@ std::string X509_Certificate::end_time() const
std::vector<std::string>
X509_Certificate::subject_info(const std::string& what) const
{
- return subject.get(X509_DN::deref_info_field(what));
+ return m_subject.get(X509_DN::deref_info_field(what));
}
/*
@@ -199,7 +200,7 @@ X509_Certificate::subject_info(const std::string& what) const
std::vector<std::string>
X509_Certificate::issuer_info(const std::string& what) const
{
- return issuer.get(X509_DN::deref_info_field(what));
+ return m_issuer.get(X509_DN::deref_info_field(what));
}
/*
@@ -213,7 +214,7 @@ Public_Key* X509_Certificate::subject_public_key() const
std::vector<byte> X509_Certificate::subject_public_key_bits() const
{
- return hex_decode(subject.get1("X509.Certificate.public_key"));
+ return hex_decode(m_subject.get1("X509.Certificate.public_key"));
}
/*
@@ -221,7 +222,7 @@ std::vector<byte> X509_Certificate::subject_public_key_bits() const
*/
bool X509_Certificate::is_CA_cert() const
{
- if(!subject.get1_u32bit("X509v3.BasicConstraints.is_ca"))
+ if(!m_subject.get1_u32bit("X509v3.BasicConstraints.is_ca"))
return false;
return allowed_usage(Key_Constraints(KEY_CERT_SIGN));
@@ -275,7 +276,7 @@ bool X509_Certificate::allowed_usage(Usage_Type usage) const
*/
u32bit X509_Certificate::path_limit() const
{
- return subject.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
+ return m_subject.get1_u32bit("X509v3.BasicConstraints.path_constraint", 0);
}
/*
@@ -283,7 +284,7 @@ u32bit X509_Certificate::path_limit() const
*/
Key_Constraints X509_Certificate::constraints() const
{
- return Key_Constraints(subject.get1_u32bit("X509v3.KeyUsage",
+ return Key_Constraints(m_subject.get1_u32bit("X509v3.KeyUsage",
NO_CONSTRAINTS));
}
@@ -292,7 +293,7 @@ Key_Constraints X509_Certificate::constraints() const
*/
std::vector<std::string> X509_Certificate::ex_constraints() const
{
- return lookup_oids(subject.get("X509v3.ExtendedKeyUsage"));
+ return lookup_oids(m_subject.get("X509v3.ExtendedKeyUsage"));
}
/*
@@ -300,17 +301,22 @@ std::vector<std::string> X509_Certificate::ex_constraints() const
*/
std::vector<std::string> X509_Certificate::policies() const
{
- return lookup_oids(subject.get("X509v3.CertificatePolicies"));
+ return lookup_oids(m_subject.get("X509v3.CertificatePolicies"));
+ }
+
+std::map<OID, std::pair<std::vector<byte>, bool>> X509_Certificate::v3_extensions() const
+ {
+ return m_v3_extensions;
}
std::string X509_Certificate::ocsp_responder() const
{
- return subject.get1("OCSP.responder", "");
+ return m_subject.get1("OCSP.responder", "");
}
std::string X509_Certificate::crl_distribution_point() const
{
- return subject.get1("CRL.DistributionPoint", "");
+ return m_subject.get1("CRL.DistributionPoint", "");
}
/*
@@ -318,7 +324,7 @@ std::string X509_Certificate::crl_distribution_point() const
*/
std::vector<byte> X509_Certificate::authority_key_id() const
{
- return issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
+ return m_issuer.get1_memvec("X509v3.AuthorityKeyIdentifier");
}
/*
@@ -326,7 +332,7 @@ std::vector<byte> X509_Certificate::authority_key_id() const
*/
std::vector<byte> X509_Certificate::subject_key_id() const
{
- return subject.get1_memvec("X509v3.SubjectKeyIdentifier");
+ return m_subject.get1_memvec("X509v3.SubjectKeyIdentifier");
}
/*
@@ -334,27 +340,27 @@ std::vector<byte> X509_Certificate::subject_key_id() const
*/
std::vector<byte> X509_Certificate::serial_number() const
{
- return subject.get1_memvec("X509.Certificate.serial");
+ return m_subject.get1_memvec("X509.Certificate.serial");
}
X509_DN X509_Certificate::issuer_dn() const
{
- return create_dn(issuer);
+ return create_dn(m_issuer);
}
std::vector<byte> X509_Certificate::raw_issuer_dn() const
{
- return issuer.get1_memvec("X509.Certificate.dn_bits");
+ return m_issuer.get1_memvec("X509.Certificate.dn_bits");
}
X509_DN X509_Certificate::subject_dn() const
{
- return create_dn(subject);
+ return create_dn(m_subject);
}
std::vector<byte> X509_Certificate::raw_subject_dn() const
{
- return subject.get1_memvec("X509.Certificate.dn_bits");
+ return m_subject.get1_memvec("X509.Certificate.dn_bits");
}
std::string X509_Certificate::fingerprint(const std::string& hash_name) const
@@ -379,7 +385,7 @@ std::string X509_Certificate::fingerprint(const std::string& hash_name) const
bool X509_Certificate::matches_dns_name(const std::string& name) const
{
- if(name == "")
+ if(name.empty())
return false;
std::vector<std::string> issued_names = subject_info("DNS");
@@ -402,25 +408,25 @@ bool X509_Certificate::matches_dns_name(const std::string& name) const
*/
bool X509_Certificate::operator==(const X509_Certificate& other) const
{
- return (sig == other.sig &&
- sig_algo == other.sig_algo &&
- self_signed == other.self_signed &&
- issuer == other.issuer &&
- subject == other.subject);
+ return (m_sig == other.m_sig &&
+ m_sig_algo == other.m_sig_algo &&
+ m_self_signed == other.m_self_signed &&
+ m_issuer == other.m_issuer &&
+ m_subject == other.m_subject);
}
bool X509_Certificate::operator<(const X509_Certificate& other) const
{
/* If signature values are not equal, sort by lexicographic ordering of that */
- if(sig != other.sig)
+ if(m_sig != other.m_sig)
{
- if(sig < other.sig)
+ if(m_sig < other.m_sig)
return true;
return false;
}
// Then compare the signed contents
- return tbs_bits < other.tbs_bits;
+ return m_tbs_bits < other.m_tbs_bits;
}
/*
@@ -508,9 +514,9 @@ std::string X509_Certificate::to_string() const
out << " " << ex_constraints[i] << "\n";
}
- if(ocsp_responder() != "")
+ if(!ocsp_responder().empty())
out << "OCSP responder " << ocsp_responder() << "\n";
- if(crl_distribution_point() != "")
+ if(!crl_distribution_point().empty())
out << "CRL " << crl_distribution_point() << "\n";
out << "Signature algorithm: " <<
diff --git a/src/lib/cert/x509/x509cert.h b/src/lib/cert/x509/x509cert.h
index 578360a80..32f2bba9f 100644
--- a/src/lib/cert/x509/x509cert.h
+++ b/src/lib/cert/x509/x509cert.h
@@ -30,7 +30,7 @@ enum class Usage_Type
/**
* This class represents X.509 Certificate
*/
-class BOTAN_DLL X509_Certificate : public X509_Object
+class BOTAN_DLL X509_Certificate final : public X509_Object
{
public:
/**
@@ -129,7 +129,7 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* Check whether this certificate is self signed.
* @return true if this certificate is self signed
*/
- bool is_self_signed() const { return self_signed; }
+ bool is_self_signed() const { return m_self_signed; }
/**
* Check whether this certificate is a CA certificate.
@@ -178,6 +178,12 @@ class BOTAN_DLL X509_Certificate : public X509_Object
std::vector<std::string> policies() const;
/**
+ * Get all extensions of this certificate indexed by oid.
+ * @return extension values and critical flag
+ */
+ std::map<OID, std::pair<std::vector<byte>, bool>> v3_extensions() const;
+
+ /**
* Return the listed address of an OCSP responder, or empty if not set
*/
std::string ocsp_responder() const;
@@ -220,16 +226,16 @@ class BOTAN_DLL X509_Certificate : public X509_Object
* PEM encoded certificate.
* @param source the data source
*/
- X509_Certificate(DataSource& source);
+ explicit X509_Certificate(DataSource& source);
/**
* Create a certificate from a file containing the DER or PEM
* encoded certificate.
* @param filename the name of the certificate file
*/
- X509_Certificate(const std::string& filename);
+ explicit X509_Certificate(const std::string& filename);
- X509_Certificate(const std::vector<byte>& in);
+ explicit X509_Certificate(const std::vector<byte>& in);
private:
void force_decode() override;
@@ -238,8 +244,9 @@ class BOTAN_DLL X509_Certificate : public X509_Object
X509_Certificate() {}
- Data_Store subject, issuer;
- bool self_signed;
+ Data_Store m_subject, m_issuer;
+ bool m_self_signed;
+ std::map<OID, std::pair<std::vector<byte>, bool>> m_v3_extensions;
};
/**
diff --git a/src/lib/cert/x509/x509opt.cpp b/src/lib/cert/x509/x509opt.cpp
index 52845658f..158f4c779 100644
--- a/src/lib/cert/x509/x509opt.cpp
+++ b/src/lib/cert/x509/x509opt.cpp
@@ -66,7 +66,7 @@ void X509_Cert_Options::CA_key(size_t limit)
*/
void X509_Cert_Options::sanity_check() const
{
- if(common_name == "" || country == "")
+ if(common_name.empty() || country.empty())
throw Encoding_Error("X.509 certificate: name and country MUST be set");
if(country.size() != 2)
throw Encoding_Error("Invalid ISO country code: " + country);
@@ -89,7 +89,7 @@ X509_Cert_Options::X509_Cert_Options(const std::string& initial_opts,
start = X509_Time(now);
end = X509_Time(now + std::chrono::seconds(expiration_time));
- if(initial_opts == "")
+ if(initial_opts.empty())
return;
std::vector<std::string> parsed = split_on(initial_opts, '/');
diff --git a/src/lib/cert/x509/x509path.cpp b/src/lib/cert/x509/x509path.cpp
index 7e54ad9f9..71c025280 100644
--- a/src/lib/cert/x509/x509path.cpp
+++ b/src/lib/cert/x509/x509path.cpp
@@ -170,7 +170,7 @@ check_chain(const std::vector<X509_Certificate>& cert_path,
else if(ocsp_status == Certificate_Status_Code::OCSP_RESPONSE_GOOD)
continue;
}
- catch(std::exception& e)
+ catch(std::exception&)
{
//std::cout << "OCSP error: " << e.what() << "\n";
}
@@ -249,7 +249,7 @@ Path_Validation_Result x509_path_validate(
std::vector<std::set<Certificate_Status_Code>> res = check_chain(cert_path, restrictions, certstores);
- if(hostname != "" && !cert_path[0].matches_dns_name(hostname))
+ if(!hostname.empty() && !cert_path[0].matches_dns_name(hostname))
res[0].insert(Certificate_Status_Code::CERT_NAME_NOMATCH);
if(!cert_path[0].allowed_usage(usage))
diff --git a/src/lib/cert/x509/x509path.h b/src/lib/cert/x509/x509path.h
index 08d92915d..b7061685a 100644
--- a/src/lib/cert/x509/x509path.h
+++ b/src/lib/cert/x509/x509path.h
@@ -120,7 +120,7 @@ class BOTAN_DLL Path_Validation_Result
Path_Validation_Result(std::vector<std::set<Certificate_Status_Code>> status,
std::vector<X509_Certificate>&& cert_chain);
- Path_Validation_Result(Certificate_Status_Code status) : m_overall(status) {}
+ explicit Path_Validation_Result(Certificate_Status_Code status) : m_overall(status) {}
private:
friend Path_Validation_Result BOTAN_DLL x509_path_validate(
diff --git a/src/lib/cert/x509/x509self.cpp b/src/lib/cert/x509/x509self.cpp
index 2f2f6a59f..7d1c01c37 100644
--- a/src/lib/cert/x509/x509self.cpp
+++ b/src/lib/cert/x509/x509self.cpp
@@ -126,7 +126,7 @@ PKCS10_Request create_cert_req(const X509_Cert_Options& opts,
.raw_bytes(pub_key)
.start_explicit(0);
- if(opts.challenge != "")
+ if(!opts.challenge.empty())
{
ASN1_String challenge(opts.challenge, DIRECTORY_STRING);
diff --git a/src/lib/compression/bzip2/bzip2.cpp b/src/lib/compression/bzip2/bzip2.cpp
index 09cd05919..d9ada84f6 100644
--- a/src/lib/compression/bzip2/bzip2.cpp
+++ b/src/lib/compression/bzip2/bzip2.cpp
@@ -37,7 +37,7 @@ class Bzip2_Stream : public Zlib_Style_Stream<bz_stream, char>
class Bzip2_Compression_Stream : public Bzip2_Stream
{
public:
- Bzip2_Compression_Stream(size_t block_size)
+ explicit Bzip2_Compression_Stream(size_t block_size)
{
int rc = BZ2_bzCompressInit(streamp(), block_size, 0, 0);
diff --git a/src/lib/compression/bzip2/bzip2.h b/src/lib/compression/bzip2/bzip2.h
index ca0ac529b..06c80cb8e 100644
--- a/src/lib/compression/bzip2/bzip2.h
+++ b/src/lib/compression/bzip2/bzip2.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Bzip2 Compression
*/
-class BOTAN_DLL Bzip2_Compression : public Stream_Compression
+class BOTAN_DLL Bzip2_Compression final : public Stream_Compression
{
public:
/**
@@ -39,7 +39,7 @@ class BOTAN_DLL Bzip2_Compression : public Stream_Compression
/**
* Bzip2 Deccompression
*/
-class BOTAN_DLL Bzip2_Decompression : public Stream_Decompression
+class BOTAN_DLL Bzip2_Decompression final : public Stream_Decompression
{
public:
std::string name() const override { return "Bzip2_Decompression"; }
diff --git a/src/lib/compression/compression.cpp b/src/lib/compression/compression.cpp
index fc2c6192a..54faec7b8 100644
--- a/src/lib/compression/compression.cpp
+++ b/src/lib/compression/compression.cpp
@@ -14,10 +14,28 @@ namespace Botan {
void* Compression_Alloc_Info::do_malloc(size_t n, size_t size)
{
- const size_t total_sz = n * size;
+ const size_t total_size = n * size;
+
+ BOTAN_ASSERT_EQUAL(total_size / size, n, "Overflow check");
+
+ // TODO maximum length check here?
+
+ void* ptr = std::malloc(total_size);
+
+ /*
+ * Return null rather than throwing here as we are being called by a
+ * C library and it may not be possible for an exception to unwind
+ * the call stack from here. The compression library is expecting a
+ * function written in C and a null return on error, which it will
+ * send upwards to the compression wrappers.
+ */
+
+ if(ptr)
+ {
+ std::memset(ptr, 0, total_size);
+ m_current_allocs[ptr] = total_size;
+ }
- void* ptr = std::malloc(total_sz);
- m_current_allocs[ptr] = total_sz;
return ptr;
}
@@ -38,7 +56,7 @@ void Compression_Alloc_Info::do_free(void* ptr)
namespace {
-Compressor_Transform* do_make_compressor(const std::string& type, const std::string suffix)
+Compressor_Transform* do_make_compressor(const std::string& type, const std::string& suffix)
{
const std::map<std::string, std::string> trans{
{"zlib", "Zlib"},
diff --git a/src/lib/compression/compression.h b/src/lib/compression/compression.h
index 0a8079de8..66aaacdc4 100644
--- a/src/lib/compression/compression.h
+++ b/src/lib/compression/compression.h
@@ -58,16 +58,16 @@ class Compression_Stream
class BOTAN_DLL Stream_Compression : public Compressor_Transform
{
public:
- void update(secure_vector<byte>& buf, size_t offset = 0) override;
+ void update(secure_vector<byte>& buf, size_t offset = 0) final override;
- void flush(secure_vector<byte>& buf, size_t offset = 0) override;
+ void flush(secure_vector<byte>& buf, size_t offset = 0) final override;
- void finish(secure_vector<byte>& buf, size_t offset = 0) override;
+ void finish(secure_vector<byte>& buf, size_t offset = 0) final override;
- void clear() override;
+ void clear() final override;
private:
- secure_vector<byte> start_raw(const byte[], size_t) override;
+ secure_vector<byte> start_raw(const byte[], size_t) final override;
void process(secure_vector<byte>& buf, size_t offset, u32bit flags);
@@ -80,14 +80,14 @@ class BOTAN_DLL Stream_Compression : public Compressor_Transform
class BOTAN_DLL Stream_Decompression : public Compressor_Transform
{
public:
- void update(secure_vector<byte>& buf, size_t offset = 0) override;
+ void update(secure_vector<byte>& buf, size_t offset = 0) final override;
- void finish(secure_vector<byte>& buf, size_t offset = 0) override;
+ void finish(secure_vector<byte>& buf, size_t offset = 0) final override;
- void clear() override;
+ void clear() final override;
private:
- secure_vector<byte> start_raw(const byte[], size_t) override;
+ secure_vector<byte> start_raw(const byte[], size_t) final override;
void process(secure_vector<byte>& buf, size_t offset, u32bit flags);
diff --git a/src/lib/compression/lzma/lzma.cpp b/src/lib/compression/lzma/lzma.cpp
index 5998d1c8c..3cc03a098 100644
--- a/src/lib/compression/lzma/lzma.cpp
+++ b/src/lib/compression/lzma/lzma.cpp
@@ -56,7 +56,7 @@ class LZMA_Stream : public Zlib_Style_Stream<lzma_stream, byte>
class LZMA_Compression_Stream : public LZMA_Stream
{
public:
- LZMA_Compression_Stream(size_t level)
+ explicit LZMA_Compression_Stream(size_t level)
{
lzma_ret rc = ::lzma_easy_encoder(streamp(), level, LZMA_CHECK_CRC64);
diff --git a/src/lib/compression/lzma/lzma.h b/src/lib/compression/lzma/lzma.h
index 5f19c4b97..d9ea10091 100644
--- a/src/lib/compression/lzma/lzma.h
+++ b/src/lib/compression/lzma/lzma.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* LZMA Compression
*/
-class BOTAN_DLL LZMA_Compression : public Stream_Compression
+class BOTAN_DLL LZMA_Compression final : public Stream_Compression
{
public:
/**
@@ -38,7 +38,7 @@ class BOTAN_DLL LZMA_Compression : public Stream_Compression
/**
* LZMA Deccompression
*/
-class BOTAN_DLL LZMA_Decompression : public Stream_Decompression
+class BOTAN_DLL LZMA_Decompression final : public Stream_Decompression
{
public:
std::string name() const override { return "LZMA_Decompression"; }
diff --git a/src/lib/compression/zlib/zlib.cpp b/src/lib/compression/zlib/zlib.cpp
index 8e1928826..6df5ee931 100644
--- a/src/lib/compression/zlib/zlib.cpp
+++ b/src/lib/compression/zlib/zlib.cpp
@@ -115,7 +115,7 @@ class Deflate_Compression_Stream : public Zlib_Compression_Stream
class Deflate_Decompression_Stream : public Zlib_Decompression_Stream
{
public:
- Deflate_Decompression_Stream(int wbits) : Zlib_Decompression_Stream(wbits, -1) {}
+ explicit Deflate_Decompression_Stream(int wbits) : Zlib_Decompression_Stream(wbits, -1) {}
};
class Gzip_Compression_Stream : public Zlib_Compression_Stream
@@ -140,7 +140,7 @@ class Gzip_Compression_Stream : public Zlib_Compression_Stream
class Gzip_Decompression_Stream : public Zlib_Decompression_Stream
{
public:
- Gzip_Decompression_Stream(int wbits) : Zlib_Decompression_Stream(wbits, 16) {}
+ explicit Gzip_Decompression_Stream(int wbits) : Zlib_Decompression_Stream(wbits, 16) {}
};
}
diff --git a/src/lib/compression/zlib/zlib.h b/src/lib/compression/zlib/zlib.h
index 2437e6133..6a8cead14 100644
--- a/src/lib/compression/zlib/zlib.h
+++ b/src/lib/compression/zlib/zlib.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Zlib Compression
*/
-class BOTAN_DLL Zlib_Compression : public Stream_Compression
+class BOTAN_DLL Zlib_Compression final : public Stream_Compression
{
public:
/**
@@ -38,7 +38,7 @@ class BOTAN_DLL Zlib_Compression : public Stream_Compression
/**
* Zlib Decompression
*/
-class BOTAN_DLL Zlib_Decompression : public Stream_Decompression
+class BOTAN_DLL Zlib_Decompression final : public Stream_Decompression
{
public:
std::string name() const override { return "Zlib_Decompression"; }
@@ -50,7 +50,7 @@ class BOTAN_DLL Zlib_Decompression : public Stream_Decompression
/**
* Deflate Compression
*/
-class BOTAN_DLL Deflate_Compression : public Stream_Compression
+class BOTAN_DLL Deflate_Compression final : public Stream_Compression
{
public:
/**
@@ -71,7 +71,7 @@ class BOTAN_DLL Deflate_Compression : public Stream_Compression
/**
* Deflate Decompression
*/
-class BOTAN_DLL Deflate_Decompression : public Stream_Decompression
+class BOTAN_DLL Deflate_Decompression final : public Stream_Decompression
{
public:
std::string name() const override { return "Deflate_Decompression"; }
@@ -83,7 +83,7 @@ class BOTAN_DLL Deflate_Decompression : public Stream_Decompression
/**
* Gzip Compression
*/
-class BOTAN_DLL Gzip_Compression : public Stream_Compression
+class BOTAN_DLL Gzip_Compression final : public Stream_Compression
{
public:
/**
@@ -106,7 +106,7 @@ class BOTAN_DLL Gzip_Compression : public Stream_Compression
/**
* Gzip Decompression
*/
-class BOTAN_DLL Gzip_Decompression : public Stream_Decompression
+class BOTAN_DLL Gzip_Decompression final : public Stream_Decompression
{
public:
std::string name() const override { return "Gzip_Decompression"; }
diff --git a/src/lib/entropy/beos_stats/es_beos.h b/src/lib/entropy/beos_stats/es_beos.h
index db5824f6f..a5b90a607 100644
--- a/src/lib/entropy/beos_stats/es_beos.h
+++ b/src/lib/entropy/beos_stats/es_beos.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* BeOS Entropy Source
*/
-class BeOS_EntropySource : public Entropy_Source
+class BeOS_EntropySource final : public Entropy_Source
{
private:
std::string name() const override { return "system_stats"; }
diff --git a/src/lib/entropy/cryptoapi_rng/es_capi.cpp b/src/lib/entropy/cryptoapi_rng/es_capi.cpp
index 88c8488ad..c9d8fb7c4 100644
--- a/src/lib/entropy/cryptoapi_rng/es_capi.cpp
+++ b/src/lib/entropy/cryptoapi_rng/es_capi.cpp
@@ -19,35 +19,35 @@ namespace {
class CSP_Handle
{
public:
- CSP_Handle(u64bit capi_provider)
+ explicit CSP_Handle(u64bit capi_provider)
{
- valid = false;
+ m_valid = false;
DWORD prov_type = (DWORD)capi_provider;
- if(CryptAcquireContext(&handle, 0, 0,
+ if(CryptAcquireContext(&m_handle, 0, 0,
prov_type, CRYPT_VERIFYCONTEXT))
- valid = true;
+ m_valid = true;
}
~CSP_Handle()
{
if(is_valid())
- CryptReleaseContext(handle, 0);
+ CryptReleaseContext(m_handle, 0);
}
size_t gen_random(byte out[], size_t n) const
{
- if(is_valid() && CryptGenRandom(handle, static_cast<DWORD>(n), out))
+ if(is_valid() && CryptGenRandom(m_handle, static_cast<DWORD>(n), out))
return n;
return 0;
}
- bool is_valid() const { return valid; }
+ bool is_valid() const { return m_valid; }
- HCRYPTPROV get_handle() const { return handle; }
+ HCRYPTPROV get_handle() const { return m_handle; }
private:
- HCRYPTPROV handle;
- bool valid;
+ HCRYPTPROV m_handle;
+ bool m_valid;
};
}
@@ -59,9 +59,9 @@ void Win32_CAPI_EntropySource::poll(Entropy_Accumulator& accum)
{
secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST);
- for(size_t i = 0; i != prov_types.size(); ++i)
+ for(size_t i = 0; i != m_prov_types.size(); ++i)
{
- CSP_Handle csp(prov_types[i]);
+ CSP_Handle csp(m_prov_types[i]);
if(size_t got = csp.gen_random(buf.data(), buf.size()))
{
@@ -80,14 +80,14 @@ Win32_CAPI_EntropySource::Win32_CAPI_EntropySource(const std::string& provs)
for(size_t i = 0; i != capi_provs.size(); ++i)
{
- if(capi_provs[i] == "RSA_FULL") prov_types.push_back(PROV_RSA_FULL);
- if(capi_provs[i] == "INTEL_SEC") prov_types.push_back(PROV_INTEL_SEC);
- if(capi_provs[i] == "FORTEZZA") prov_types.push_back(PROV_FORTEZZA);
- if(capi_provs[i] == "RNG") prov_types.push_back(PROV_RNG);
+ if(capi_provs[i] == "RSA_FULL") m_prov_types.push_back(PROV_RSA_FULL);
+ if(capi_provs[i] == "INTEL_SEC") m_prov_types.push_back(PROV_INTEL_SEC);
+ if(capi_provs[i] == "FORTEZZA") m_prov_types.push_back(PROV_FORTEZZA);
+ if(capi_provs[i] == "RNG") m_prov_types.push_back(PROV_RNG);
}
- if(prov_types.size() == 0)
- prov_types.push_back(PROV_RSA_FULL);
+ if(m_prov_types.size() == 0)
+ m_prov_types.push_back(PROV_RSA_FULL);
}
}
diff --git a/src/lib/entropy/cryptoapi_rng/es_capi.h b/src/lib/entropy/cryptoapi_rng/es_capi.h
index eb63183e9..b1c60bfa1 100644
--- a/src/lib/entropy/cryptoapi_rng/es_capi.h
+++ b/src/lib/entropy/cryptoapi_rng/es_capi.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Win32 CAPI Entropy Source
*/
-class Win32_CAPI_EntropySource : public Entropy_Source
+class Win32_CAPI_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "win32_cryptoapi"; }
@@ -27,9 +27,9 @@ class Win32_CAPI_EntropySource : public Entropy_Source
* Win32_Capi_Entropysource Constructor
* @param provs list of providers, separated by ':'
*/
- Win32_CAPI_EntropySource(const std::string& provs = "");
+ explicit Win32_CAPI_EntropySource(const std::string& provs = "");
private:
- std::vector<u64bit> prov_types;
+ std::vector<u64bit> m_prov_types;
};
}
diff --git a/src/lib/entropy/darwin_secrandom/darwin_secrandom.h b/src/lib/entropy/darwin_secrandom/darwin_secrandom.h
index 970cd7941..09cdc208d 100644
--- a/src/lib/entropy/darwin_secrandom/darwin_secrandom.h
+++ b/src/lib/entropy/darwin_secrandom/darwin_secrandom.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Entropy source using SecRandomCopyBytes from Darwin's Security.framework
*/
-class Darwin_SecRandom : public Entropy_Source
+class Darwin_SecRandom final : public Entropy_Source
{
public:
std::string name() const override { return "darwin_secrandom"; }
diff --git a/src/lib/entropy/dev_random/dev_random.h b/src/lib/entropy/dev_random/dev_random.h
index f634cf16c..1f29b2f64 100644
--- a/src/lib/entropy/dev_random/dev_random.h
+++ b/src/lib/entropy/dev_random/dev_random.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* Entropy source reading from kernel devices like /dev/random
*/
-class Device_EntropySource : public Entropy_Source
+class Device_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "dev_random"; }
diff --git a/src/lib/entropy/egd/es_egd.cpp b/src/lib/entropy/egd/es_egd.cpp
index ba43cc86d..9bc6de6fe 100644
--- a/src/lib/entropy/egd/es_egd.cpp
+++ b/src/lib/entropy/egd/es_egd.cpp
@@ -25,7 +25,7 @@
namespace Botan {
EGD_EntropySource::EGD_Socket::EGD_Socket(const std::string& path) :
- socket_path(path), m_fd(-1)
+ m_socket_path(path), m_fd(-1)
{
}
@@ -69,7 +69,7 @@ size_t EGD_EntropySource::EGD_Socket::read(byte outbuf[], size_t length)
if(m_fd < 0)
{
- m_fd = open_socket(socket_path);
+ m_fd = open_socket(m_socket_path);
if(m_fd < 0)
return 0;
}
@@ -121,14 +121,14 @@ void EGD_EntropySource::EGD_Socket::close()
EGD_EntropySource::EGD_EntropySource(const std::vector<std::string>& paths)
{
for(size_t i = 0; i != paths.size(); ++i)
- sockets.push_back(EGD_Socket(paths[i]));
+ m_sockets.push_back(EGD_Socket(paths[i]));
}
EGD_EntropySource::~EGD_EntropySource()
{
- for(size_t i = 0; i != sockets.size(); ++i)
- sockets[i].close();
- sockets.clear();
+ for(size_t i = 0; i != m_sockets.size(); ++i)
+ m_sockets[i].close();
+ m_sockets.clear();
}
/**
@@ -140,9 +140,9 @@ void EGD_EntropySource::poll(Entropy_Accumulator& accum)
secure_vector<byte>& buf = accum.get_io_buf(BOTAN_SYSTEM_RNG_POLL_REQUEST);
- for(size_t i = 0; i != sockets.size(); ++i)
+ for(size_t i = 0; i != m_sockets.size(); ++i)
{
- size_t got = sockets[i].read(buf.data(), buf.size());
+ size_t got = m_sockets[i].read(buf.data(), buf.size());
if(got)
{
diff --git a/src/lib/entropy/egd/es_egd.h b/src/lib/entropy/egd/es_egd.h
index 0b497a8bd..1a624713a 100644
--- a/src/lib/entropy/egd/es_egd.h
+++ b/src/lib/entropy/egd/es_egd.h
@@ -18,7 +18,7 @@ namespace Botan {
/**
* EGD Entropy Source
*/
-class EGD_EntropySource : public Entropy_Source
+class EGD_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "egd"; }
@@ -38,12 +38,12 @@ class EGD_EntropySource : public Entropy_Source
private:
static int open_socket(const std::string& path);
- std::string socket_path;
+ std::string m_socket_path;
int m_fd; // cached fd
};
std::mutex m_mutex;
- std::vector<EGD_Socket> sockets;
+ std::vector<EGD_Socket> m_sockets;
};
}
diff --git a/src/lib/entropy/entropy_src.h b/src/lib/entropy/entropy_src.h
index 0f4c38358..539df809a 100644
--- a/src/lib/entropy/entropy_src.h
+++ b/src/lib/entropy/entropy_src.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* Class used to accumulate the poll results of EntropySources
*/
-class BOTAN_DLL Entropy_Accumulator
+class BOTAN_DLL Entropy_Accumulator final
{
public:
/**
@@ -30,11 +30,9 @@ class BOTAN_DLL Entropy_Accumulator
* still be called again a few more times, and should be careful to return
* true then as well.
*/
- Entropy_Accumulator(std::function<bool (const byte[], size_t, double)> accum) :
+ explicit Entropy_Accumulator(std::function<bool (const byte[], size_t, double)> accum) :
m_accum_fn(accum) {}
- virtual ~Entropy_Accumulator() {}
-
/**
* @return if our polling goal has been achieved
*/
@@ -102,7 +100,7 @@ class BOTAN_DLL Entropy_Source
virtual ~Entropy_Source() {}
};
-class BOTAN_DLL Entropy_Sources
+class BOTAN_DLL Entropy_Sources final
{
public:
static Entropy_Sources& global_sources();
@@ -115,7 +113,7 @@ class BOTAN_DLL Entropy_Sources
bool poll_just(Entropy_Accumulator& accum, const std::string& src);
Entropy_Sources() {}
- Entropy_Sources(const std::vector<std::string>& sources);
+ explicit Entropy_Sources(const std::vector<std::string>& sources);
~Entropy_Sources();
private:
diff --git a/src/lib/entropy/hres_timer/hres_timer.cpp b/src/lib/entropy/hres_timer/hres_timer.cpp
index 0b39c935a..e2a5ddbef 100644
--- a/src/lib/entropy/hres_timer/hres_timer.cpp
+++ b/src/lib/entropy/hres_timer/hres_timer.cpp
@@ -1,19 +1,12 @@
/*
* High Resolution Timestamp Entropy Source
-* (C) 1999-2009,2011,2014 Jack Lloyd
+* (C) 1999-2009,2011,2014,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/internal/hres_timer.h>
-#include <botan/cpuid.h>
-#include <chrono>
-
-#if defined(BOTAN_TARGET_OS_HAS_QUERY_PERF_COUNTER)
- #include <windows.h>
- #undef min
- #undef max
-#endif
+#include <botan/internal/os_utils.h>
#if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
#include <time.h>
@@ -26,6 +19,10 @@ namespace Botan {
*/
void High_Resolution_Timestamp::poll(Entropy_Accumulator& accum)
{
+ accum.add(OS::get_processor_timestamp(), BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS);
+
+ accum.add(OS::get_system_timestamp_ns(), BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS);
+
#if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
#define CLOCK_GETTIME_POLL(src) \
@@ -57,65 +54,6 @@ void High_Resolution_Timestamp::poll(Entropy_Accumulator& accum)
#undef CLOCK_GETTIME_POLL
-#else
-
-#define STD_CHRONO_POLL(clock) \
- do { \
- auto timestamp = clock::now().time_since_epoch().count(); \
- accum.add(timestamp, BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS); \
- } while(0)
-
- STD_CHRONO_POLL(std::chrono::high_resolution_clock);
- STD_CHRONO_POLL(std::chrono::system_clock);
-
-#undef STD_CHRONO_POLL
-
-#endif
-
-#if defined(BOTAN_USE_GCC_INLINE_ASM)
-
- u64bit rtc = 0;
-
-#if defined(BOTAN_TARGET_CPU_IS_X86_FAMILY)
- if(CPUID::has_rdtsc()) // not availble on all x86 CPUs
- {
- u32bit rtc_low = 0, rtc_high = 0;
- asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low));
- rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low;
- }
-
-#elif defined(BOTAN_TARGET_CPU_IS_PPC_FAMILY)
- u32bit rtc_low = 0, rtc_high = 0;
- asm volatile("mftbu %0; mftb %1" : "=r" (rtc_high), "=r" (rtc_low));
- rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low;
-
-#elif defined(BOTAN_TARGET_ARCH_IS_ALPHA)
- asm volatile("rpcc %0" : "=r" (rtc));
-
-#elif defined(BOTAN_TARGET_ARCH_IS_SPARC64) && !defined(BOTAN_TARGET_OS_IS_OPENBSD)
- asm volatile("rd %%tick, %0" : "=r" (rtc));
-
-#elif defined(BOTAN_TARGET_ARCH_IS_IA64)
- asm volatile("mov %0=ar.itc" : "=r" (rtc));
-
-#elif defined(BOTAN_TARGET_ARCH_IS_S390X)
- asm volatile("stck 0(%0)" : : "a" (&rtc) : "memory", "cc");
-
-#elif defined(BOTAN_TARGET_ARCH_IS_HPPA)
- asm volatile("mfctl 16,%0" : "=r" (rtc)); // 64-bit only?
-
-#endif
-
- accum.add(rtc, BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS);
-
-#endif
-
-#if defined(BOTAN_TARGET_OS_HAS_QUERY_PERF_COUNTER)
- {
- LARGE_INTEGER tv;
- ::QueryPerformanceCounter(&tv);
- accum.add(tv.QuadPart, BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS);
- }
#endif
}
diff --git a/src/lib/entropy/hres_timer/hres_timer.h b/src/lib/entropy/hres_timer/hres_timer.h
index 93ced283a..d297a87b1 100644
--- a/src/lib/entropy/hres_timer/hres_timer.h
+++ b/src/lib/entropy/hres_timer/hres_timer.h
@@ -18,7 +18,7 @@ namespace Botan {
* @note Any results from timers are marked as not contributing entropy
* to the poll, as a local attacker could observe them directly.
*/
-class High_Resolution_Timestamp : public Entropy_Source
+class High_Resolution_Timestamp final : public Entropy_Source
{
public:
std::string name() const override { return "timestamp"; }
diff --git a/src/lib/entropy/proc_walk/proc_walk.cpp b/src/lib/entropy/proc_walk/proc_walk.cpp
index 7ef6a8e26..c59a8227b 100644
--- a/src/lib/entropy/proc_walk/proc_walk.cpp
+++ b/src/lib/entropy/proc_walk/proc_walk.cpp
@@ -28,7 +28,7 @@ namespace {
class Directory_Walker : public File_Descriptor_Source
{
public:
- Directory_Walker(const std::string& root) :
+ explicit Directory_Walker(const std::string& root) :
m_cur_dir(std::make_pair<DIR*, std::string>(nullptr, ""))
{
if(DIR* root_dir = ::opendir(root.c_str()))
diff --git a/src/lib/entropy/proc_walk/proc_walk.h b/src/lib/entropy/proc_walk/proc_walk.h
index b67f71111..f6db8185a 100644
--- a/src/lib/entropy/proc_walk/proc_walk.h
+++ b/src/lib/entropy/proc_walk/proc_walk.h
@@ -23,7 +23,7 @@ class File_Descriptor_Source
/**
* File Tree Walking Entropy Source
*/
-class ProcWalking_EntropySource : public Entropy_Source
+class ProcWalking_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "proc_walk"; }
diff --git a/src/lib/entropy/rdrand/rdrand.h b/src/lib/entropy/rdrand/rdrand.h
index 1fa928641..48d090775 100644
--- a/src/lib/entropy/rdrand/rdrand.h
+++ b/src/lib/entropy/rdrand/rdrand.h
@@ -16,7 +16,7 @@ namespace Botan {
* Entropy source using the rdrand instruction first introduced on
* Intel's Ivy Bridge architecture.
*/
-class Intel_Rdrand : public Entropy_Source
+class Intel_Rdrand final : public Entropy_Source
{
public:
std::string name() const override { return "rdrand"; }
diff --git a/src/lib/entropy/rdseed/rdseed.h b/src/lib/entropy/rdseed/rdseed.h
index 0f39250a1..f86c32768 100644
--- a/src/lib/entropy/rdseed/rdseed.h
+++ b/src/lib/entropy/rdseed/rdseed.h
@@ -16,7 +16,7 @@ namespace Botan {
* Entropy source using the rdseed instruction first introduced on
* Intel's Broadwell architecture.
*/
-class Intel_Rdseed : public Entropy_Source
+class Intel_Rdseed final : public Entropy_Source
{
public:
std::string name() const override { return "rdseed"; }
diff --git a/src/lib/entropy/unix_procs/unix_procs.h b/src/lib/entropy/unix_procs/unix_procs.h
index bc2fd87d1..e1749af5f 100644
--- a/src/lib/entropy/unix_procs/unix_procs.h
+++ b/src/lib/entropy/unix_procs/unix_procs.h
@@ -20,7 +20,7 @@ namespace Botan {
* effective against local attackers as they can sample from the same
* distribution.
*/
-class Unix_EntropySource : public Entropy_Source
+class Unix_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "unix_procs"; }
@@ -78,7 +78,7 @@ class Unix_EntropySource : public Entropy_Source
secure_vector<byte> m_buf;
};
-class UnixProcessInfo_EntropySource : public Entropy_Source
+class UnixProcessInfo_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "proc_info"; }
diff --git a/src/lib/entropy/win32_stats/es_win32.cpp b/src/lib/entropy/win32_stats/es_win32.cpp
index 52bb24136..ce0edea83 100644
--- a/src/lib/entropy/win32_stats/es_win32.cpp
+++ b/src/lib/entropy/win32_stats/es_win32.cpp
@@ -32,8 +32,8 @@ void Win32_EntropySource::poll(Entropy_Accumulator& accum)
GetSystemInfo(&sys_info);
accum.add(sys_info, BOTAN_ENTROPY_ESTIMATE_STATIC_SYSTEM_DATA);
- MEMORYSTATUS mem_info;
- GlobalMemoryStatus(&mem_info);
+ MEMORYSTATUSEX mem_info;
+ GlobalMemoryStatusEx(&mem_info);
accum.add(mem_info, BOTAN_ENTROPY_ESTIMATE_SYSTEM_DATA);
POINT point;
@@ -43,10 +43,6 @@ void Win32_EntropySource::poll(Entropy_Accumulator& accum)
GetCaretPos(&point);
accum.add(point, BOTAN_ENTROPY_ESTIMATE_SYSTEM_DATA);
- LARGE_INTEGER perf_counter;
- QueryPerformanceCounter(&perf_counter);
- accum.add(perf_counter, BOTAN_ENTROPY_ESTIMATE_TIMESTAMPS);
-
/*
Now use the Tooltip library to iterate throug various objects on
the system, including processes, threads, and heap objects.
@@ -76,7 +72,6 @@ void Win32_EntropySource::poll(Entropy_Accumulator& accum)
if(!accum.polling_finished())
{
- size_t heap_lists_found = 0;
HEAPLIST32 heap_list;
heap_list.dwSize = sizeof(HEAPLIST32);
@@ -85,6 +80,7 @@ void Win32_EntropySource::poll(Entropy_Accumulator& accum)
if(Heap32ListFirst(snapshot, &heap_list))
{
+ size_t heap_lists_found = 0;
do
{
accum.add(heap_list, BOTAN_ENTROPY_ESTIMATE_SYSTEM_DATA);
@@ -92,12 +88,12 @@ void Win32_EntropySource::poll(Entropy_Accumulator& accum)
if(++heap_lists_found > HEAP_LISTS_MAX)
break;
- size_t heap_objs_found = 0;
HEAPENTRY32 heap_entry;
heap_entry.dwSize = sizeof(HEAPENTRY32);
if(Heap32First(&heap_entry, heap_list.th32ProcessID,
heap_list.th32HeapID))
{
+ size_t heap_objs_found = 0;
do
{
if(heap_objs_found++ > HEAP_OBJS_PER_LIST)
diff --git a/src/lib/entropy/win32_stats/es_win32.h b/src/lib/entropy/win32_stats/es_win32.h
index 958a79e19..5dc3f7f17 100644
--- a/src/lib/entropy/win32_stats/es_win32.h
+++ b/src/lib/entropy/win32_stats/es_win32.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Win32 Entropy Source
*/
-class Win32_EntropySource : public Entropy_Source
+class Win32_EntropySource final : public Entropy_Source
{
public:
std::string name() const override { return "system_stats"; }
diff --git a/src/lib/ffi/ffi.cpp b/src/lib/ffi/ffi.cpp
index 48591a774..11084ae50 100644
--- a/src/lib/ffi/ffi.cpp
+++ b/src/lib/ffi/ffi.cpp
@@ -65,7 +65,7 @@ namespace {
class FFI_Error : public Botan::Exception
{
public:
- FFI_Error(const std::string& what) : Exception("FFI error", what) {}
+ explicit FFI_Error(const std::string& what) : Exception("FFI error", what) {}
};
template<typename T, uint32_t MAGIC>
@@ -167,7 +167,7 @@ inline int write_str_output(char out[], size_t* out_len, const std::string& str)
return write_str_output(reinterpret_cast<uint8_t*>(out), out_len, str);
}
-#define BOTAN_FFI_DO(T, obj, block) apply_fn(obj, BOTAN_CURRENT_FUNCTION, [=](T& obj) { do { block } while(0); return 0; })
+#define BOTAN_FFI_DO(T, obj, param, block) apply_fn(obj, BOTAN_CURRENT_FUNCTION, [=](T& param) { do { block } while(0); return 0; })
}
@@ -282,12 +282,12 @@ int botan_rng_destroy(botan_rng_t rng)
int botan_rng_get(botan_rng_t rng, uint8_t* out, size_t out_len)
{
- return BOTAN_FFI_DO(Botan::RandomNumberGenerator, rng, { rng.randomize(out, out_len); });
+ return BOTAN_FFI_DO(Botan::RandomNumberGenerator, rng, r, { r.randomize(out, out_len); });
}
int botan_rng_reseed(botan_rng_t rng, size_t bits)
{
- return BOTAN_FFI_DO(Botan::RandomNumberGenerator, rng, { rng.reseed(bits); });
+ return BOTAN_FFI_DO(Botan::RandomNumberGenerator, rng, r, { r.reseed(bits); });
}
int botan_hash_init(botan_hash_t* hash, const char* hash_name, uint32_t flags)
@@ -326,22 +326,22 @@ int botan_hash_destroy(botan_hash_t hash)
int botan_hash_output_length(botan_hash_t hash, size_t* out)
{
- return BOTAN_FFI_DO(Botan::HashFunction, hash, { *out = hash.output_length(); });
+ return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { *out = h.output_length(); });
}
int botan_hash_clear(botan_hash_t hash)
{
- return BOTAN_FFI_DO(Botan::HashFunction, hash, { hash.clear(); });
+ return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.clear(); });
}
int botan_hash_update(botan_hash_t hash, const uint8_t* buf, size_t len)
{
- return BOTAN_FFI_DO(Botan::HashFunction, hash, { hash.update(buf, len); });
+ return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.update(buf, len); });
}
int botan_hash_final(botan_hash_t hash, uint8_t out[])
{
- return BOTAN_FFI_DO(Botan::HashFunction, hash, { hash.final(out); });
+ return BOTAN_FFI_DO(Botan::HashFunction, hash, h, { h.final(out); });
}
int botan_mac_init(botan_mac_t* mac, const char* mac_name, uint32_t flags)
@@ -378,27 +378,27 @@ int botan_mac_destroy(botan_mac_t mac)
int botan_mac_set_key(botan_mac_t mac, const uint8_t* key, size_t key_len)
{
- return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, { mac.set_key(key, key_len); });
+ return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, m, { m.set_key(key, key_len); });
}
int botan_mac_output_length(botan_mac_t mac, size_t* out)
{
- return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, { *out = mac.output_length(); });
+ return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, m, { *out = m.output_length(); });
}
int botan_mac_clear(botan_mac_t mac)
{
- return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, { mac.clear(); });
+ return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, m, { m.clear(); });
}
int botan_mac_update(botan_mac_t mac, const uint8_t* buf, size_t len)
{
- return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, { mac.update(buf, len); });
+ return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, m, { m.update(buf, len); });
}
int botan_mac_final(botan_mac_t mac, uint8_t out[])
{
- return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, { mac.final(out); });
+ return BOTAN_FFI_DO(Botan::MessageAuthenticationCode, mac, m, { m.final(out); });
}
int botan_cipher_init(botan_cipher_t* cipher, const char* cipher_name, uint32_t flags)
@@ -433,23 +433,23 @@ int botan_cipher_destroy(botan_cipher_t cipher)
int botan_cipher_clear(botan_cipher_t cipher)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { cipher.clear(); });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { c.clear(); });
}
int botan_cipher_query_keylen(botan_cipher_t cipher,
size_t* out_minimum_keylength,
size_t* out_maximum_keylength)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, {
- *out_minimum_keylength = cipher.key_spec().minimum_keylength();
- *out_maximum_keylength = cipher.key_spec().maximum_keylength();
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, {
+ *out_minimum_keylength = c.key_spec().minimum_keylength();
+ *out_maximum_keylength = c.key_spec().maximum_keylength();
});
}
int botan_cipher_set_key(botan_cipher_t cipher,
const uint8_t* key, size_t key_len)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { cipher.set_key(key, key_len); });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { c.set_key(key, key_len); });
}
int botan_cipher_start(botan_cipher_t cipher_obj,
@@ -579,8 +579,8 @@ int botan_cipher_set_associated_data(botan_cipher_t cipher,
const uint8_t* ad,
size_t ad_len)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, {
- if(Botan::AEAD_Mode* aead = dynamic_cast<Botan::AEAD_Mode*>(&cipher))
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, {
+ if(Botan::AEAD_Mode* aead = dynamic_cast<Botan::AEAD_Mode*>(&c))
{
aead->set_associated_data(ad, ad_len);
return 0;
@@ -591,22 +591,22 @@ int botan_cipher_set_associated_data(botan_cipher_t cipher,
int botan_cipher_valid_nonce_length(botan_cipher_t cipher, size_t nl)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { return cipher.valid_nonce_length(nl) ? 1 : 0; });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { return c.valid_nonce_length(nl) ? 1 : 0; });
}
int botan_cipher_get_default_nonce_length(botan_cipher_t cipher, size_t* nl)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { *nl = cipher.default_nonce_length(); });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { *nl = c.default_nonce_length(); });
}
int botan_cipher_get_update_granularity(botan_cipher_t cipher, size_t* ug)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { *ug = cipher.update_granularity(); });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { *ug = c.update_granularity(); });
}
int botan_cipher_get_tag_length(botan_cipher_t cipher, size_t* tl)
{
- return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, { *tl = cipher.tag_size(); });
+ return BOTAN_FFI_DO(Botan::Cipher_Mode, cipher, c, { *tl = c.tag_size(); });
}
int botan_pbkdf(const char* pbkdf_algo, uint8_t out[], size_t out_len,
@@ -909,16 +909,16 @@ int botan_privkey_export_pubkey(botan_pubkey_t* pubout, botan_privkey_t key_obj)
int botan_pubkey_algo_name(botan_pubkey_t key, char out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::Public_Key, key, { return write_str_output(out, out_len, key.algo_name()); });
+ return BOTAN_FFI_DO(Botan::Public_Key, key, k, { return write_str_output(out, out_len, k.algo_name()); });
}
int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out_len, uint32_t flags)
{
- return BOTAN_FFI_DO(Botan::Public_Key, key, {
+ return BOTAN_FFI_DO(Botan::Public_Key, key, k, {
if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER)
- return write_vec_output(out, out_len, Botan::X509::BER_encode(key));
+ return write_vec_output(out, out_len, Botan::X509::BER_encode(k));
else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM)
- return write_str_output(out, out_len, Botan::X509::PEM_encode(key));
+ return write_str_output(out, out_len, Botan::X509::PEM_encode(k));
else
return -2;
});
@@ -926,11 +926,11 @@ int botan_pubkey_export(botan_pubkey_t key, uint8_t out[], size_t* out_len, uint
int botan_privkey_export(botan_privkey_t key, uint8_t out[], size_t* out_len, uint32_t flags)
{
- return BOTAN_FFI_DO(Botan::Private_Key, key, {
+ return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER)
- return write_vec_output(out, out_len, Botan::PKCS8::BER_encode(key));
+ return write_vec_output(out, out_len, Botan::PKCS8::BER_encode(k));
else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM)
- return write_str_output(out, out_len, Botan::PKCS8::PEM_encode(key));
+ return write_str_output(out, out_len, Botan::PKCS8::PEM_encode(k));
else
return -2;
});
@@ -943,14 +943,14 @@ int botan_privkey_export_encrypted(botan_privkey_t key,
const char* pbe,
uint32_t flags)
{
- return BOTAN_FFI_DO(Botan::Private_Key, key, {
+ return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
auto pbkdf_time = std::chrono::milliseconds(300);
Botan::RandomNumberGenerator& rng = safe_get(rng_obj);
if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_DER)
- return write_vec_output(out, out_len, Botan::PKCS8::BER_encode(key, rng, pass, pbkdf_time, pbe));
+ return write_vec_output(out, out_len, Botan::PKCS8::BER_encode(k, rng, pass, pbkdf_time, pbe));
else if(flags == BOTAN_PRIVKEY_EXPORT_FLAG_PEM)
- return write_str_output(out, out_len, Botan::PKCS8::PEM_encode(key, rng, pass, pbkdf_time, pbe));
+ return write_str_output(out, out_len, Botan::PKCS8::PEM_encode(k, rng, pass, pbkdf_time, pbe));
else
return -2;
});
@@ -958,15 +958,15 @@ int botan_privkey_export_encrypted(botan_privkey_t key,
int botan_pubkey_estimated_strength(botan_pubkey_t key, size_t* estimate)
{
- return BOTAN_FFI_DO(Botan::Public_Key, key, { *estimate = key.estimated_strength(); });
+ return BOTAN_FFI_DO(Botan::Public_Key, key, k, { *estimate = k.estimated_strength(); });
}
int botan_pubkey_fingerprint(botan_pubkey_t key, const char* hash_fn,
uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::Public_Key, key, {
+ return BOTAN_FFI_DO(Botan::Public_Key, key, k, {
std::unique_ptr<Botan::HashFunction> h(Botan::HashFunction::create(hash_fn));
- return write_vec_output(out, out_len, h->process(key.x509_subject_public_key()));
+ return write_vec_output(out, out_len, h->process(k.x509_subject_public_key()));
});
}
@@ -1007,8 +1007,8 @@ int botan_pk_op_encrypt(botan_pk_op_encrypt_t op,
uint8_t out[], size_t* out_len,
const uint8_t plaintext[], size_t plaintext_len)
{
- return BOTAN_FFI_DO(Botan::PK_Encryptor, op, {
- return write_vec_output(out, out_len, op.encrypt(plaintext, plaintext_len, safe_get(rng_obj)));
+ return BOTAN_FFI_DO(Botan::PK_Encryptor, op, o, {
+ return write_vec_output(out, out_len, o.encrypt(plaintext, plaintext_len, safe_get(rng_obj)));
});
}
@@ -1051,8 +1051,8 @@ int botan_pk_op_decrypt(botan_pk_op_decrypt_t op,
uint8_t out[], size_t* out_len,
uint8_t ciphertext[], size_t ciphertext_len)
{
- return BOTAN_FFI_DO(Botan::PK_Decryptor, op, {
- return write_vec_output(out, out_len, op.decrypt(ciphertext, ciphertext_len));
+ return BOTAN_FFI_DO(Botan::PK_Decryptor, op, o, {
+ return write_vec_output(out, out_len, o.decrypt(ciphertext, ciphertext_len));
});
}
@@ -1093,13 +1093,13 @@ int botan_pk_op_sign_destroy(botan_pk_op_sign_t op)
int botan_pk_op_sign_update(botan_pk_op_sign_t op, const uint8_t in[], size_t in_len)
{
- return BOTAN_FFI_DO(Botan::PK_Signer, op, { op.update(in, in_len); });
+ return BOTAN_FFI_DO(Botan::PK_Signer, op, o, { o.update(in, in_len); });
}
int botan_pk_op_sign_finish(botan_pk_op_sign_t op, botan_rng_t rng_obj, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::PK_Signer, op, {
- return write_vec_output(out, out_len, op.signature(safe_get(rng_obj)));
+ return BOTAN_FFI_DO(Botan::PK_Signer, op, o, {
+ return write_vec_output(out, out_len, o.signature(safe_get(rng_obj)));
});
}
@@ -1135,13 +1135,13 @@ int botan_pk_op_verify_destroy(botan_pk_op_verify_t op)
int botan_pk_op_verify_update(botan_pk_op_verify_t op, const uint8_t in[], size_t in_len)
{
- return BOTAN_FFI_DO(Botan::PK_Verifier, op, { op.update(in, in_len); });
+ return BOTAN_FFI_DO(Botan::PK_Verifier, op, o, { o.update(in, in_len); });
}
int botan_pk_op_verify_finish(botan_pk_op_verify_t op, const uint8_t sig[], size_t sig_len)
{
- return BOTAN_FFI_DO(Botan::PK_Verifier, op, {
- const bool legit = op.check_signature(sig, sig_len);
+ return BOTAN_FFI_DO(Botan::PK_Verifier, op, o, {
+ const bool legit = o.check_signature(sig, sig_len);
if(legit)
return 0;
@@ -1185,8 +1185,8 @@ int botan_pk_op_key_agreement_destroy(botan_pk_op_ka_t op)
int botan_pk_op_key_agreement_export_public(botan_privkey_t key,
uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::Private_Key, key, {
- if(auto kak = dynamic_cast<const Botan::PK_Key_Agreement_Key*>(&key))
+ return BOTAN_FFI_DO(Botan::Private_Key, key, k, {
+ if(auto kak = dynamic_cast<const Botan::PK_Key_Agreement_Key*>(&k))
return write_vec_output(out, out_len, kak->public_value());
return -2;
});
@@ -1197,8 +1197,8 @@ int botan_pk_op_key_agreement(botan_pk_op_ka_t op,
const uint8_t other_key[], size_t other_key_len,
const uint8_t salt[], size_t salt_len)
{
- return BOTAN_FFI_DO(Botan::PK_Key_Agreement, op, {
- auto k = op.derive_key(*out_len, other_key, other_key_len, salt, salt_len).bits_of();
+ return BOTAN_FFI_DO(Botan::PK_Key_Agreement, op, o, {
+ auto k = o.derive_key(*out_len, other_key, other_key_len, salt, salt_len).bits_of();
return write_vec_output(out, out_len, k);
});
}
@@ -1268,37 +1268,37 @@ int botan_x509_cert_destroy(botan_x509_cert_t cert)
int botan_x509_cert_get_time_starts(botan_x509_cert_t cert, char out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.start_time()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.start_time()); });
}
int botan_x509_cert_get_time_expires(botan_x509_cert_t cert, char out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.end_time()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.end_time()); });
}
int botan_x509_cert_get_serial_number(botan_x509_cert_t cert, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_vec_output(out, out_len, cert.serial_number()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_vec_output(out, out_len, c.serial_number()); });
}
int botan_x509_cert_get_fingerprint(botan_x509_cert_t cert, const char* hash, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.fingerprint(hash)); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.fingerprint(hash)); });
}
int botan_x509_cert_get_authority_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_vec_output(out, out_len, cert.authority_key_id()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_vec_output(out, out_len, c.authority_key_id()); });
}
int botan_x509_cert_get_subject_key_id(botan_x509_cert_t cert, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_vec_output(out, out_len, cert.subject_key_id()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_vec_output(out, out_len, c.subject_key_id()); });
}
int botan_x509_cert_get_public_key_bits(botan_x509_cert_t cert, uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_vec_output(out, out_len, cert.subject_public_key_bits()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_vec_output(out, out_len, c.subject_public_key_bits()); });
}
@@ -1310,34 +1310,53 @@ int botan_x509_cert_path_verify(botan_x509_cert_t cert, const char* dir)
int botan_x509_cert_get_public_key(botan_x509_cert_t cert, botan_pubkey_t* key)
{
+ try
+ {
+ if(key == nullptr)
+ return -1;
+
+ *key = nullptr;
+
+#if defined(BOTAN_HAS_RSA)
+ std::unique_ptr<Botan::Public_Key> publicKey(safe_get(cert).subject_public_key());
+ *key = new botan_pubkey_struct(publicKey.release());
+ return 0;
+#else
return BOTAN_FFI_ERROR_NOT_IMPLEMENTED;
- //return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_vec_output(out, out_len, cert.subject_public_key_bits()); });
+#endif
+ }
+ catch(std::exception& e)
+ {
+ log_exception(BOTAN_CURRENT_FUNCTION, e.what());
+ }
+
+ return BOTAN_FFI_ERROR_EXCEPTION_THROWN;
}
int botan_x509_cert_get_issuer_dn(botan_x509_cert_t cert,
const char* key, size_t index,
uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.issuer_info(key).at(index)); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.issuer_info(key).at(index)); });
}
int botan_x509_cert_get_subject_dn(botan_x509_cert_t cert,
const char* key, size_t index,
uint8_t out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.subject_info(key).at(index)); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.subject_info(key).at(index)); });
}
int botan_x509_cert_to_string(botan_x509_cert_t cert, char out[], size_t* out_len)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, { return write_str_output(out, out_len, cert.to_string()); });
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, { return write_str_output(out, out_len, c.to_string()); });
}
int botan_x509_cert_allowed_usage(botan_x509_cert_t cert, unsigned int key_usage)
{
- return BOTAN_FFI_DO(Botan::X509_Certificate, cert, {
+ return BOTAN_FFI_DO(Botan::X509_Certificate, cert, c, {
const Botan::Key_Constraints k = static_cast<Botan::Key_Constraints>(key_usage);
- if(cert.allowed_usage(k))
+ if(c.allowed_usage(k))
return 0;
return 1;
});
diff --git a/src/lib/filters/basefilt.h b/src/lib/filters/basefilt.h
index 36c5201a1..c065fae0e 100644
--- a/src/lib/filters/basefilt.h
+++ b/src/lib/filters/basefilt.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* BitBucket is a filter which simply discards all inputs
*/
-struct BOTAN_DLL BitBucket : public Filter
+struct BOTAN_DLL BitBucket final : public Filter
{
void write(const byte[], size_t) override {}
diff --git a/src/lib/filters/buf_filt.cpp b/src/lib/filters/buf_filt.cpp
index 6fb367e5f..9306c1ef8 100644
--- a/src/lib/filters/buf_filt.cpp
+++ b/src/lib/filters/buf_filt.cpp
@@ -16,16 +16,16 @@ namespace Botan {
* Buffered_Filter Constructor
*/
Buffered_Filter::Buffered_Filter(size_t b, size_t f) :
- main_block_mod(b), final_minimum(f)
+ m_main_block_mod(b), m_final_minimum(f)
{
- if(main_block_mod == 0)
- throw Invalid_Argument("main_block_mod == 0");
+ if(m_main_block_mod == 0)
+ throw Invalid_Argument("m_main_block_mod == 0");
- if(final_minimum > main_block_mod)
- throw Invalid_Argument("final_minimum > main_block_mod");
+ if(m_final_minimum > m_main_block_mod)
+ throw Invalid_Argument("m_final_minimum > m_main_block_mod");
- buffer.resize(2 * main_block_mod);
- buffer_pos = 0;
+ m_buffer.resize(2 * m_main_block_mod);
+ m_buffer_pos = 0;
}
/*
@@ -36,32 +36,32 @@ void Buffered_Filter::write(const byte input[], size_t input_size)
if(!input_size)
return;
- if(buffer_pos + input_size >= main_block_mod + final_minimum)
+ if(m_buffer_pos + input_size >= m_main_block_mod + m_final_minimum)
{
- size_t to_copy = std::min<size_t>(buffer.size() - buffer_pos, input_size);
+ size_t to_copy = std::min<size_t>(m_buffer.size() - m_buffer_pos, input_size);
- copy_mem(&buffer[buffer_pos], input, to_copy);
- buffer_pos += to_copy;
+ copy_mem(&m_buffer[m_buffer_pos], input, to_copy);
+ m_buffer_pos += to_copy;
input += to_copy;
input_size -= to_copy;
size_t total_to_consume =
- round_down(std::min(buffer_pos,
- buffer_pos + input_size - final_minimum),
- main_block_mod);
+ round_down(std::min(m_buffer_pos,
+ m_buffer_pos + input_size - m_final_minimum),
+ m_main_block_mod);
- buffered_block(buffer.data(), total_to_consume);
+ buffered_block(m_buffer.data(), total_to_consume);
- buffer_pos -= total_to_consume;
+ m_buffer_pos -= total_to_consume;
- copy_mem(buffer.data(), buffer.data() + total_to_consume, buffer_pos);
+ copy_mem(m_buffer.data(), m_buffer.data() + total_to_consume, m_buffer_pos);
}
- if(input_size >= final_minimum)
+ if(input_size >= m_final_minimum)
{
- size_t full_blocks = (input_size - final_minimum) / main_block_mod;
- size_t to_copy = full_blocks * main_block_mod;
+ size_t full_blocks = (input_size - m_final_minimum) / m_main_block_mod;
+ size_t to_copy = full_blocks * m_main_block_mod;
if(to_copy)
{
@@ -72,8 +72,8 @@ void Buffered_Filter::write(const byte input[], size_t input_size)
}
}
- copy_mem(&buffer[buffer_pos], input, input_size);
- buffer_pos += input_size;
+ copy_mem(&m_buffer[m_buffer_pos], input, input_size);
+ m_buffer_pos += input_size;
}
/*
@@ -81,23 +81,23 @@ void Buffered_Filter::write(const byte input[], size_t input_size)
*/
void Buffered_Filter::end_msg()
{
- if(buffer_pos < final_minimum)
+ if(m_buffer_pos < m_final_minimum)
throw Exception("Buffered filter end_msg without enough input");
- size_t spare_blocks = (buffer_pos - final_minimum) / main_block_mod;
+ size_t spare_blocks = (m_buffer_pos - m_final_minimum) / m_main_block_mod;
if(spare_blocks)
{
- size_t spare_bytes = main_block_mod * spare_blocks;
- buffered_block(buffer.data(), spare_bytes);
- buffered_final(&buffer[spare_bytes], buffer_pos - spare_bytes);
+ size_t spare_bytes = m_main_block_mod * spare_blocks;
+ buffered_block(m_buffer.data(), spare_bytes);
+ buffered_final(&m_buffer[spare_bytes], m_buffer_pos - spare_bytes);
}
else
{
- buffered_final(buffer.data(), buffer_pos);
+ buffered_final(m_buffer.data(), m_buffer_pos);
}
- buffer_pos = 0;
+ m_buffer_pos = 0;
}
}
diff --git a/src/lib/filters/buf_filt.h b/src/lib/filters/buf_filt.h
index f9d996ab0..2ec7c4d30 100644
--- a/src/lib/filters/buf_filt.h
+++ b/src/lib/filters/buf_filt.h
@@ -70,22 +70,22 @@ class BOTAN_DLL Buffered_Filter
/**
* @return block size of inputs
*/
- size_t buffered_block_size() const { return main_block_mod; }
+ size_t buffered_block_size() const { return m_main_block_mod; }
/**
* @return current position in the buffer
*/
- size_t current_position() const { return buffer_pos; }
+ size_t current_position() const { return m_buffer_pos; }
/**
* Reset the buffer position
*/
- void buffer_reset() { buffer_pos = 0; }
+ void buffer_reset() { m_buffer_pos = 0; }
private:
- size_t main_block_mod, final_minimum;
+ size_t m_main_block_mod, m_final_minimum;
- secure_vector<byte> buffer;
- size_t buffer_pos;
+ secure_vector<byte> m_buffer;
+ size_t m_buffer_pos;
};
}
diff --git a/src/lib/filters/codec_filt/b64_filt.cpp b/src/lib/filters/codec_filt/b64_filt.cpp
index a4656dbe6..fe6314d52 100644
--- a/src/lib/filters/codec_filt/b64_filt.cpp
+++ b/src/lib/filters/codec_filt/b64_filt.cpp
@@ -17,12 +17,12 @@ namespace Botan {
* Base64_Encoder Constructor
*/
Base64_Encoder::Base64_Encoder(bool breaks, size_t length, bool t_n) :
- line_length(breaks ? length : 0),
- trailing_newline(t_n && breaks),
- in(48),
- out(64),
- position(0),
- out_position(0)
+ m_line_length(breaks ? length : 0),
+ m_trailing_newline(t_n && breaks),
+ m_in(48),
+ m_out(64),
+ m_position(0),
+ m_out_position(0)
{
}
@@ -34,13 +34,13 @@ void Base64_Encoder::encode_and_send(const byte input[], size_t length,
{
while(length)
{
- const size_t proc = std::min(length, in.size());
+ const size_t proc = std::min(length, m_in.size());
size_t consumed = 0;
- size_t produced = base64_encode(reinterpret_cast<char*>(out.data()), input,
+ size_t produced = base64_encode(reinterpret_cast<char*>(m_out.data()), input,
proc, consumed, final_inputs);
- do_output(out.data(), produced);
+ do_output(m_out.data(), produced);
// FIXME: s/proc/consumed/?
input += proc;
@@ -53,22 +53,22 @@ void Base64_Encoder::encode_and_send(const byte input[], size_t length,
*/
void Base64_Encoder::do_output(const byte input[], size_t length)
{
- if(line_length == 0)
+ if(m_line_length == 0)
send(input, length);
else
{
size_t remaining = length, offset = 0;
while(remaining)
{
- size_t sent = std::min(line_length - out_position, remaining);
+ size_t sent = std::min(m_line_length - m_out_position, remaining);
send(input + offset, sent);
- out_position += sent;
+ m_out_position += sent;
remaining -= sent;
offset += sent;
- if(out_position == line_length)
+ if(m_out_position == m_line_length)
{
send('\n');
- out_position = 0;
+ m_out_position = 0;
}
}
}
@@ -79,22 +79,22 @@ void Base64_Encoder::do_output(const byte input[], size_t length)
*/
void Base64_Encoder::write(const byte input[], size_t length)
{
- buffer_insert(in, position, input, length);
- if(position + length >= in.size())
+ buffer_insert(m_in, m_position, input, length);
+ if(m_position + length >= m_in.size())
{
- encode_and_send(in.data(), in.size());
- input += (in.size() - position);
- length -= (in.size() - position);
- while(length >= in.size())
+ encode_and_send(m_in.data(), m_in.size());
+ input += (m_in.size() - m_position);
+ length -= (m_in.size() - m_position);
+ while(length >= m_in.size())
{
- encode_and_send(input, in.size());
- input += in.size();
- length -= in.size();
+ encode_and_send(input, m_in.size());
+ input += m_in.size();
+ length -= m_in.size();
}
- copy_mem(in.data(), input, length);
- position = 0;
+ copy_mem(m_in.data(), input, length);
+ m_position = 0;
}
- position += length;
+ m_position += length;
}
/*
@@ -102,19 +102,19 @@ void Base64_Encoder::write(const byte input[], size_t length)
*/
void Base64_Encoder::end_msg()
{
- encode_and_send(in.data(), position, true);
+ encode_and_send(m_in.data(), m_position, true);
- if(trailing_newline || (out_position && line_length))
+ if(m_trailing_newline || (m_out_position && m_line_length))
send('\n');
- out_position = position = 0;
+ m_out_position = m_position = 0;
}
/*
* Base64_Decoder Constructor
*/
Base64_Decoder::Base64_Decoder(Decoder_Checking c) :
- checking(c), in(64), out(48), position(0)
+ m_checking(c), m_in(64), m_out(48), m_position(0)
{
}
@@ -125,32 +125,32 @@ void Base64_Decoder::write(const byte input[], size_t length)
{
while(length)
{
- size_t to_copy = std::min<size_t>(length, in.size() - position);
+ size_t to_copy = std::min<size_t>(length, m_in.size() - m_position);
if(to_copy == 0)
{
- in.resize(in.size()*2);
- out.resize(out.size()*2);
+ m_in.resize(m_in.size()*2);
+ m_out.resize(m_out.size()*2);
}
- copy_mem(&in[position], input, to_copy);
- position += to_copy;
+ copy_mem(&m_in[m_position], input, to_copy);
+ m_position += to_copy;
size_t consumed = 0;
- size_t written = base64_decode(out.data(),
- reinterpret_cast<const char*>(in.data()),
- position,
+ size_t written = base64_decode(m_out.data(),
+ reinterpret_cast<const char*>(m_in.data()),
+ m_position,
consumed,
false,
- checking != FULL_CHECK);
+ m_checking != FULL_CHECK);
- send(out, written);
+ send(m_out, written);
- if(consumed != position)
+ if(consumed != m_position)
{
- copy_mem(in.data(), in.data() + consumed, position - consumed);
- position = position - consumed;
+ copy_mem(m_in.data(), m_in.data() + consumed, m_position - consumed);
+ m_position = m_position - consumed;
}
else
- position = 0;
+ m_position = 0;
length -= to_copy;
input += to_copy;
@@ -163,18 +163,18 @@ void Base64_Decoder::write(const byte input[], size_t length)
void Base64_Decoder::end_msg()
{
size_t consumed = 0;
- size_t written = base64_decode(out.data(),
- reinterpret_cast<const char*>(in.data()),
- position,
+ size_t written = base64_decode(m_out.data(),
+ reinterpret_cast<const char*>(m_in.data()),
+ m_position,
consumed,
true,
- checking != FULL_CHECK);
+ m_checking != FULL_CHECK);
- send(out, written);
+ send(m_out, written);
- const bool not_full_bytes = consumed != position;
+ const bool not_full_bytes = consumed != m_position;
- position = 0;
+ m_position = 0;
if(not_full_bytes)
throw Invalid_Argument("Base64_Decoder: Input not full bytes");
diff --git a/src/lib/filters/codec_filt/b64_filt.h b/src/lib/filters/codec_filt/b64_filt.h
index 8ab428076..f1879fb71 100644
--- a/src/lib/filters/codec_filt/b64_filt.h
+++ b/src/lib/filters/codec_filt/b64_filt.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* This class represents a Base64 encoder.
*/
-class BOTAN_DLL Base64_Encoder : public Filter
+class BOTAN_DLL Base64_Encoder final : public Filter
{
public:
std::string name() const override { return "Base64_Encoder"; }
@@ -45,16 +45,16 @@ class BOTAN_DLL Base64_Encoder : public Filter
bool final_inputs = false);
void do_output(const byte output[], size_t length);
- const size_t line_length;
- const bool trailing_newline;
- std::vector<byte> in, out;
- size_t position, out_position;
+ const size_t m_line_length;
+ const bool m_trailing_newline;
+ std::vector<byte> m_in, m_out;
+ size_t m_position, m_out_position;
};
/**
* This object represents a Base64 decoder.
*/
-class BOTAN_DLL Base64_Decoder : public Filter
+class BOTAN_DLL Base64_Decoder final : public Filter
{
public:
std::string name() const override { return "Base64_Decoder"; }
@@ -76,11 +76,11 @@ class BOTAN_DLL Base64_Decoder : public Filter
* @param checking the type of checking that shall be performed by
* the decoder
*/
- Base64_Decoder(Decoder_Checking checking = NONE);
+ explicit Base64_Decoder(Decoder_Checking checking = NONE);
private:
- const Decoder_Checking checking;
- std::vector<byte> in, out;
- size_t position;
+ const Decoder_Checking m_checking;
+ std::vector<byte> m_in, m_out;
+ size_t m_position;
};
}
diff --git a/src/lib/filters/codec_filt/hex_filt.cpp b/src/lib/filters/codec_filt/hex_filt.cpp
index e1a7dc9a5..2003055b4 100644
--- a/src/lib/filters/codec_filt/hex_filt.cpp
+++ b/src/lib/filters/codec_filt/hex_filt.cpp
@@ -23,21 +23,21 @@ const size_t HEX_CODEC_BUFFER_SIZE = 256;
* Hex_Encoder Constructor
*/
Hex_Encoder::Hex_Encoder(bool breaks, size_t length, Case c) :
- casing(c), line_length(breaks ? length : 0)
+ m_casing(c), m_line_length(breaks ? length : 0)
{
- in.resize(HEX_CODEC_BUFFER_SIZE);
- out.resize(2*in.size());
- counter = position = 0;
+ m_in.resize(HEX_CODEC_BUFFER_SIZE);
+ m_out.resize(2*m_in.size());
+ m_counter = m_position = 0;
}
/*
* Hex_Encoder Constructor
*/
-Hex_Encoder::Hex_Encoder(Case c) : casing(c), line_length(0)
+Hex_Encoder::Hex_Encoder(Case c) : m_casing(c), m_line_length(0)
{
- in.resize(HEX_CODEC_BUFFER_SIZE);
- out.resize(2*in.size());
- counter = position = 0;
+ m_in.resize(HEX_CODEC_BUFFER_SIZE);
+ m_out.resize(2*m_in.size());
+ m_counter = m_position = 0;
}
/*
@@ -45,26 +45,26 @@ Hex_Encoder::Hex_Encoder(Case c) : casing(c), line_length(0)
*/
void Hex_Encoder::encode_and_send(const byte block[], size_t length)
{
- hex_encode(reinterpret_cast<char*>(out.data()),
+ hex_encode(reinterpret_cast<char*>(m_out.data()),
block, length,
- casing == Uppercase);
+ m_casing == Uppercase);
- if(line_length == 0)
- send(out, 2*length);
+ if(m_line_length == 0)
+ send(m_out, 2*length);
else
{
size_t remaining = 2*length, offset = 0;
while(remaining)
{
- size_t sent = std::min(line_length - counter, remaining);
- send(&out[offset], sent);
- counter += sent;
+ size_t sent = std::min(m_line_length - m_counter, remaining);
+ send(&m_out[offset], sent);
+ m_counter += sent;
remaining -= sent;
offset += sent;
- if(counter == line_length)
+ if(m_counter == m_line_length)
{
send('\n');
- counter = 0;
+ m_counter = 0;
}
}
}
@@ -75,22 +75,22 @@ void Hex_Encoder::encode_and_send(const byte block[], size_t length)
*/
void Hex_Encoder::write(const byte input[], size_t length)
{
- buffer_insert(in, position, input, length);
- if(position + length >= in.size())
+ buffer_insert(m_in, m_position, input, length);
+ if(m_position + length >= m_in.size())
{
- encode_and_send(in.data(), in.size());
- input += (in.size() - position);
- length -= (in.size() - position);
- while(length >= in.size())
+ encode_and_send(m_in.data(), m_in.size());
+ input += (m_in.size() - m_position);
+ length -= (m_in.size() - m_position);
+ while(length >= m_in.size())
{
- encode_and_send(input, in.size());
- input += in.size();
- length -= in.size();
+ encode_and_send(input, m_in.size());
+ input += m_in.size();
+ length -= m_in.size();
}
- copy_mem(in.data(), input, length);
- position = 0;
+ copy_mem(m_in.data(), input, length);
+ m_position = 0;
}
- position += length;
+ m_position += length;
}
/*
@@ -98,20 +98,20 @@ void Hex_Encoder::write(const byte input[], size_t length)
*/
void Hex_Encoder::end_msg()
{
- encode_and_send(in.data(), position);
- if(counter && line_length)
+ encode_and_send(m_in.data(), m_position);
+ if(m_counter && m_line_length)
send('\n');
- counter = position = 0;
+ m_counter = m_position = 0;
}
/*
* Hex_Decoder Constructor
*/
-Hex_Decoder::Hex_Decoder(Decoder_Checking c) : checking(c)
+Hex_Decoder::Hex_Decoder(Decoder_Checking c) : m_checking(c)
{
- in.resize(HEX_CODEC_BUFFER_SIZE);
- out.resize(in.size() / 2);
- position = 0;
+ m_in.resize(HEX_CODEC_BUFFER_SIZE);
+ m_out.resize(m_in.size() / 2);
+ m_position = 0;
}
/*
@@ -121,26 +121,26 @@ void Hex_Decoder::write(const byte input[], size_t length)
{
while(length)
{
- size_t to_copy = std::min<size_t>(length, in.size() - position);
- copy_mem(&in[position], input, to_copy);
- position += to_copy;
+ size_t to_copy = std::min<size_t>(length, m_in.size() - m_position);
+ copy_mem(&m_in[m_position], input, to_copy);
+ m_position += to_copy;
size_t consumed = 0;
- size_t written = hex_decode(out.data(),
- reinterpret_cast<const char*>(in.data()),
- position,
+ size_t written = hex_decode(m_out.data(),
+ reinterpret_cast<const char*>(m_in.data()),
+ m_position,
consumed,
- checking != FULL_CHECK);
+ m_checking != FULL_CHECK);
- send(out, written);
+ send(m_out, written);
- if(consumed != position)
+ if(consumed != m_position)
{
- copy_mem(in.data(), in.data() + consumed, position - consumed);
- position = position - consumed;
+ copy_mem(m_in.data(), m_in.data() + consumed, m_position - consumed);
+ m_position = m_position - consumed;
}
else
- position = 0;
+ m_position = 0;
length -= to_copy;
input += to_copy;
@@ -153,17 +153,17 @@ void Hex_Decoder::write(const byte input[], size_t length)
void Hex_Decoder::end_msg()
{
size_t consumed = 0;
- size_t written = hex_decode(out.data(),
- reinterpret_cast<const char*>(in.data()),
- position,
+ size_t written = hex_decode(m_out.data(),
+ reinterpret_cast<const char*>(m_in.data()),
+ m_position,
consumed,
- checking != FULL_CHECK);
+ m_checking != FULL_CHECK);
- send(out, written);
+ send(m_out, written);
- const bool not_full_bytes = consumed != position;
+ const bool not_full_bytes = consumed != m_position;
- position = 0;
+ m_position = 0;
if(not_full_bytes)
throw Invalid_Argument("Hex_Decoder: Input not full bytes");
diff --git a/src/lib/filters/codec_filt/hex_filt.h b/src/lib/filters/codec_filt/hex_filt.h
index 6130e729c..f8a35b8b9 100644
--- a/src/lib/filters/codec_filt/hex_filt.h
+++ b/src/lib/filters/codec_filt/hex_filt.h
@@ -16,7 +16,7 @@ namespace Botan {
* Converts arbitrary binary data to hex strings, optionally with
* newlines inserted
*/
-class BOTAN_DLL Hex_Encoder : public Filter
+class BOTAN_DLL Hex_Encoder final : public Filter
{
public:
/**
@@ -33,7 +33,7 @@ class BOTAN_DLL Hex_Encoder : public Filter
* Create a hex encoder.
* @param the_case the case to use in the encoded strings.
*/
- Hex_Encoder(Case the_case);
+ explicit Hex_Encoder(Case the_case);
/**
* Create a hex encoder.
@@ -47,16 +47,16 @@ class BOTAN_DLL Hex_Encoder : public Filter
private:
void encode_and_send(const byte[], size_t);
- const Case casing;
- const size_t line_length;
- std::vector<byte> in, out;
- size_t position, counter;
+ const Case m_casing;
+ const size_t m_line_length;
+ std::vector<byte> m_in, m_out;
+ size_t m_position, m_counter;
};
/**
* Converts hex strings to bytes
*/
-class BOTAN_DLL Hex_Decoder : public Filter
+class BOTAN_DLL Hex_Decoder final : public Filter
{
public:
std::string name() const override { return "Hex_Decoder"; }
@@ -69,11 +69,11 @@ class BOTAN_DLL Hex_Decoder : public Filter
* character checking.
* @param checking the checking to use during decoding.
*/
- Hex_Decoder(Decoder_Checking checking = NONE);
+ explicit Hex_Decoder(Decoder_Checking checking = NONE);
private:
- const Decoder_Checking checking;
- std::vector<byte> in, out;
- size_t position;
+ const Decoder_Checking m_checking;
+ std::vector<byte> m_in, m_out;
+ size_t m_position;
};
}
diff --git a/src/lib/filters/data_snk.cpp b/src/lib/filters/data_snk.cpp
index f56c2d869..df35b12bf 100644
--- a/src/lib/filters/data_snk.cpp
+++ b/src/lib/filters/data_snk.cpp
@@ -17,10 +17,10 @@ namespace Botan {
*/
void DataSink_Stream::write(const byte out[], size_t length)
{
- sink.write(reinterpret_cast<const char*>(out), length);
- if(!sink.good())
+ m_sink.write(reinterpret_cast<const char*>(out), length);
+ if(!m_sink.good())
throw Stream_IO_Error("DataSink_Stream: Failure writing to " +
- identifier);
+ m_identifier);
}
/*
@@ -28,9 +28,9 @@ void DataSink_Stream::write(const byte out[], size_t length)
*/
DataSink_Stream::DataSink_Stream(std::ostream& out,
const std::string& name) :
- identifier(name),
- sink_p(nullptr),
- sink(out)
+ m_identifier(name),
+ m_sink_p(nullptr),
+ m_sink(out)
{
}
@@ -39,14 +39,14 @@ DataSink_Stream::DataSink_Stream(std::ostream& out,
*/
DataSink_Stream::DataSink_Stream(const std::string& path,
bool use_binary) :
- identifier(path),
- sink_p(new std::ofstream(path,
+ m_identifier(path),
+ m_sink_p(new std::ofstream(path,
use_binary ? std::ios::binary : std::ios::out)),
- sink(*sink_p)
+ m_sink(*m_sink_p)
{
- if(!sink.good())
+ if(!m_sink.good())
{
- delete sink_p;
+ delete m_sink_p;
throw Stream_IO_Error("DataSink_Stream: Failure opening " + path);
}
}
@@ -56,7 +56,7 @@ DataSink_Stream::DataSink_Stream(const std::string& path,
*/
DataSink_Stream::~DataSink_Stream()
{
- delete sink_p;
+ delete m_sink_p;
}
}
diff --git a/src/lib/filters/data_snk.h b/src/lib/filters/data_snk.h
index 15e2de6ef..56b292e46 100644
--- a/src/lib/filters/data_snk.h
+++ b/src/lib/filters/data_snk.h
@@ -33,7 +33,7 @@ class BOTAN_DLL DataSink : public Filter
class BOTAN_DLL DataSink_Stream : public DataSink
{
public:
- std::string name() const override { return identifier; }
+ std::string name() const override { return m_identifier; }
void write(const byte[], size_t) override;
@@ -56,10 +56,10 @@ class BOTAN_DLL DataSink_Stream : public DataSink
~DataSink_Stream();
private:
- const std::string identifier;
+ const std::string m_identifier;
- std::ostream* sink_p;
- std::ostream& sink;
+ std::ostream* m_sink_p;
+ std::ostream& m_sink;
};
}
diff --git a/src/lib/filters/filter.cpp b/src/lib/filters/filter.cpp
index 0bbde2853..6ae713314 100644
--- a/src/lib/filters/filter.cpp
+++ b/src/lib/filters/filter.cpp
@@ -6,7 +6,6 @@
*/
#include <botan/filter.h>
-#include <botan/secqueue.h>
#include <botan/exceptn.h>
namespace Botan {
@@ -16,10 +15,10 @@ namespace Botan {
*/
Filter::Filter()
{
- next.resize(1);
- port_num = 0;
- filter_owns = 0;
- owned = false;
+ m_next.resize(1);
+ m_port_num = 0;
+ m_filter_owns = 0;
+ m_owned = false;
}
/*
@@ -32,18 +31,18 @@ void Filter::send(const byte input[], size_t length)
bool nothing_attached = true;
for(size_t j = 0; j != total_ports(); ++j)
- if(next[j])
+ if(m_next[j])
{
- if(write_queue.size())
- next[j]->write(write_queue.data(), write_queue.size());
- next[j]->write(input, length);
+ if(m_write_queue.size())
+ m_next[j]->write(m_write_queue.data(), m_write_queue.size());
+ m_next[j]->write(input, length);
nothing_attached = false;
}
if(nothing_attached)
- write_queue += std::make_pair(input, length);
+ m_write_queue += std::make_pair(input, length);
else
- write_queue.clear();
+ m_write_queue.clear();
}
/*
@@ -53,8 +52,8 @@ void Filter::new_msg()
{
start_msg();
for(size_t j = 0; j != total_ports(); ++j)
- if(next[j])
- next[j]->new_msg();
+ if(m_next[j])
+ m_next[j]->new_msg();
}
/*
@@ -64,8 +63,8 @@ void Filter::finish_msg()
{
end_msg();
for(size_t j = 0; j != total_ports(); ++j)
- if(next[j])
- next[j]->finish_msg();
+ if(m_next[j])
+ m_next[j]->finish_msg();
}
/*
@@ -78,7 +77,7 @@ void Filter::attach(Filter* new_filter)
Filter* last = this;
while(last->get_next())
last = last->get_next();
- last->next[last->current_port()] = new_filter;
+ last->m_next[last->current_port()] = new_filter;
}
}
@@ -89,7 +88,7 @@ void Filter::set_port(size_t new_port)
{
if(new_port >= total_ports())
throw Invalid_Argument("Filter: Invalid port number");
- port_num = new_port;
+ m_port_num = new_port;
}
/*
@@ -97,8 +96,8 @@ void Filter::set_port(size_t new_port)
*/
Filter* Filter::get_next() const
{
- if(port_num < next.size())
- return next[port_num];
+ if(m_port_num < m_next.size())
+ return m_next[m_port_num];
return nullptr;
}
@@ -107,16 +106,16 @@ Filter* Filter::get_next() const
*/
void Filter::set_next(Filter* filters[], size_t size)
{
- next.clear();
+ m_next.clear();
- port_num = 0;
- filter_owns = 0;
+ m_port_num = 0;
+ m_filter_owns = 0;
while(size && filters && (filters[size-1] == nullptr))
--size;
if(filters && size)
- next.assign(filters, filters + size);
+ m_next.assign(filters, filters + size);
}
/*
@@ -124,7 +123,7 @@ void Filter::set_next(Filter* filters[], size_t size)
*/
size_t Filter::total_ports() const
{
- return next.size();
+ return m_next.size();
}
}
diff --git a/src/lib/filters/filter.h b/src/lib/filters/filter.h
index 9e28655c2..359a76ac0 100644
--- a/src/lib/filters/filter.h
+++ b/src/lib/filters/filter.h
@@ -115,7 +115,7 @@ class BOTAN_DLL Filter
friend class Fanout_Filter;
size_t total_ports() const;
- size_t current_port() const { return port_num; }
+ size_t current_port() const { return m_port_num; }
/**
* Set the active port
@@ -123,7 +123,7 @@ class BOTAN_DLL Filter
*/
void set_port(size_t new_port);
- size_t owns() const { return filter_owns; }
+ size_t owns() const { return m_filter_owns; }
/**
* Attach another filter to this one
@@ -138,12 +138,12 @@ class BOTAN_DLL Filter
void set_next(Filter* filters[], size_t count);
Filter* get_next() const;
- secure_vector<byte> write_queue;
- std::vector<Filter*> next;
- size_t port_num, filter_owns;
+ secure_vector<byte> m_write_queue;
+ std::vector<Filter*> m_next;
+ size_t m_port_num, m_filter_owns;
// true if filter belongs to a pipe --> prohibit filter sharing!
- bool owned;
+ bool m_owned;
};
/**
@@ -155,7 +155,7 @@ class BOTAN_DLL Fanout_Filter : public Filter
/**
* Increment the number of filters past us that we own
*/
- void incr_owns() { ++filter_owns; }
+ void incr_owns() { ++m_filter_owns; }
void set_port(size_t n) { Filter::set_port(n); }
@@ -165,9 +165,9 @@ class BOTAN_DLL Fanout_Filter : public Filter
private:
friend class Threaded_Fork;
- using Filter::write_queue;
+ using Filter::m_write_queue;
using Filter::total_ports;
- using Filter::next;
+ using Filter::m_next;
};
/**
diff --git a/src/lib/filters/filters.h b/src/lib/filters/filters.h
index 7a527dde0..4f559587f 100644
--- a/src/lib/filters/filters.h
+++ b/src/lib/filters/filters.h
@@ -67,7 +67,7 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter
* Construct a stream cipher filter.
* @param cipher a cipher object to use
*/
- StreamCipher_Filter(StreamCipher* cipher);
+ explicit StreamCipher_Filter(StreamCipher* cipher);
/**
* Construct a stream cipher filter.
@@ -80,7 +80,7 @@ class BOTAN_DLL StreamCipher_Filter : public Keyed_Filter
* Construct a stream cipher filter.
* @param cipher the name of the desired cipher
*/
- StreamCipher_Filter(const std::string& cipher);
+ explicit StreamCipher_Filter(const std::string& cipher);
/**
* Construct a stream cipher filter.
diff --git a/src/lib/filters/out_buf.cpp b/src/lib/filters/out_buf.cpp
index 34fbd84ed..e0d649a5b 100644
--- a/src/lib/filters/out_buf.cpp
+++ b/src/lib/filters/out_buf.cpp
@@ -65,10 +65,10 @@ void Output_Buffers::add(SecureQueue* queue)
{
BOTAN_ASSERT(queue, "queue was provided");
- BOTAN_ASSERT(buffers.size() < buffers.max_size(),
+ BOTAN_ASSERT(m_buffers.size() < m_buffers.max_size(),
"Room was available in container");
- buffers.push_back(queue);
+ m_buffers.push_back(queue);
}
/*
@@ -76,17 +76,17 @@ void Output_Buffers::add(SecureQueue* queue)
*/
void Output_Buffers::retire()
{
- for(size_t i = 0; i != buffers.size(); ++i)
- if(buffers[i] && buffers[i]->size() == 0)
+ for(size_t i = 0; i != m_buffers.size(); ++i)
+ if(m_buffers[i] && m_buffers[i]->size() == 0)
{
- delete buffers[i];
- buffers[i] = nullptr;
+ delete m_buffers[i];
+ m_buffers[i] = nullptr;
}
- while(buffers.size() && !buffers[0])
+ while(m_buffers.size() && !m_buffers[0])
{
- buffers.pop_front();
- offset = offset + Pipe::message_id(1);
+ m_buffers.pop_front();
+ m_offset = m_offset + Pipe::message_id(1);
}
}
@@ -95,12 +95,12 @@ void Output_Buffers::retire()
*/
SecureQueue* Output_Buffers::get(Pipe::message_id msg) const
{
- if(msg < offset)
+ if(msg < m_offset)
return nullptr;
BOTAN_ASSERT(msg < message_count(), "Message number is in range");
- return buffers[msg-offset];
+ return m_buffers[msg-m_offset];
}
/*
@@ -108,7 +108,7 @@ SecureQueue* Output_Buffers::get(Pipe::message_id msg) const
*/
Pipe::message_id Output_Buffers::message_count() const
{
- return (offset + buffers.size());
+ return (m_offset + m_buffers.size());
}
/*
@@ -116,7 +116,7 @@ Pipe::message_id Output_Buffers::message_count() const
*/
Output_Buffers::Output_Buffers()
{
- offset = 0;
+ m_offset = 0;
}
/*
@@ -124,8 +124,8 @@ Output_Buffers::Output_Buffers()
*/
Output_Buffers::~Output_Buffers()
{
- for(size_t j = 0; j != buffers.size(); ++j)
- delete buffers[j];
+ for(size_t j = 0; j != m_buffers.size(); ++j)
+ delete m_buffers[j];
}
}
diff --git a/src/lib/filters/out_buf.h b/src/lib/filters/out_buf.h
index 4617d9464..4898ca105 100644
--- a/src/lib/filters/out_buf.h
+++ b/src/lib/filters/out_buf.h
@@ -36,8 +36,8 @@ class Output_Buffers
private:
class SecureQueue* get(Pipe::message_id) const;
- std::deque<SecureQueue*> buffers;
- Pipe::message_id offset;
+ std::deque<SecureQueue*> m_buffers;
+ Pipe::message_id m_offset;
};
}
diff --git a/src/lib/filters/pipe.cpp b/src/lib/filters/pipe.cpp
index 15ace9ffc..a4962f891 100644
--- a/src/lib/filters/pipe.cpp
+++ b/src/lib/filters/pipe.cpp
@@ -56,8 +56,8 @@ Pipe::Pipe(std::initializer_list<Filter*> args)
*/
Pipe::~Pipe()
{
- destruct(pipe);
- delete outputs;
+ destruct(m_pipe);
+ delete m_outputs;
}
/*
@@ -65,10 +65,10 @@ Pipe::~Pipe()
*/
void Pipe::init()
{
- outputs = new Output_Buffers;
- pipe = nullptr;
- default_read = 0;
- inside_msg = false;
+ m_outputs = new Output_Buffers;
+ m_pipe = nullptr;
+ m_default_read = 0;
+ m_inside_msg = false;
}
/*
@@ -76,9 +76,9 @@ void Pipe::init()
*/
void Pipe::reset()
{
- destruct(pipe);
- pipe = nullptr;
- inside_msg = false;
+ destruct(m_pipe);
+ m_pipe = nullptr;
+ m_inside_msg = false;
}
/*
@@ -89,7 +89,7 @@ void Pipe::destruct(Filter* to_kill)
if(!to_kill || dynamic_cast<SecureQueue*>(to_kill))
return;
for(size_t j = 0; j != to_kill->total_ports(); ++j)
- destruct(to_kill->next[j]);
+ destruct(to_kill->m_next[j]);
delete to_kill;
}
@@ -108,7 +108,7 @@ void Pipe::set_default_msg(message_id msg)
{
if(msg >= message_count())
throw Invalid_Argument("Pipe::set_default_msg: msg number is too high");
- default_read = msg;
+ m_default_read = msg;
}
/*
@@ -157,13 +157,13 @@ void Pipe::process_msg(DataSource& input)
*/
void Pipe::start_msg()
{
- if(inside_msg)
+ if(m_inside_msg)
throw Invalid_State("Pipe::start_msg: Message was already started");
- if(pipe == nullptr)
- pipe = new Null_Filter;
- find_endpoints(pipe);
- pipe->new_msg();
- inside_msg = true;
+ if(m_pipe == nullptr)
+ m_pipe = new Null_Filter;
+ find_endpoints(m_pipe);
+ m_pipe->new_msg();
+ m_inside_msg = true;
}
/*
@@ -171,18 +171,18 @@ void Pipe::start_msg()
*/
void Pipe::end_msg()
{
- if(!inside_msg)
+ if(!m_inside_msg)
throw Invalid_State("Pipe::end_msg: Message was already ended");
- pipe->finish_msg();
- clear_endpoints(pipe);
- if(dynamic_cast<Null_Filter*>(pipe))
+ m_pipe->finish_msg();
+ clear_endpoints(m_pipe);
+ if(dynamic_cast<Null_Filter*>(m_pipe))
{
- delete pipe;
- pipe = nullptr;
+ delete m_pipe;
+ m_pipe = nullptr;
}
- inside_msg = false;
+ m_inside_msg = false;
- outputs->retire();
+ m_outputs->retire();
}
/*
@@ -191,13 +191,13 @@ void Pipe::end_msg()
void Pipe::find_endpoints(Filter* f)
{
for(size_t j = 0; j != f->total_ports(); ++j)
- if(f->next[j] && !dynamic_cast<SecureQueue*>(f->next[j]))
- find_endpoints(f->next[j]);
+ if(f->m_next[j] && !dynamic_cast<SecureQueue*>(f->m_next[j]))
+ find_endpoints(f->m_next[j]);
else
{
SecureQueue* q = new SecureQueue;
- f->next[j] = q;
- outputs->add(q);
+ f->m_next[j] = q;
+ m_outputs->add(q);
}
}
@@ -209,9 +209,9 @@ void Pipe::clear_endpoints(Filter* f)
if(!f) return;
for(size_t j = 0; j != f->total_ports(); ++j)
{
- if(f->next[j] && dynamic_cast<SecureQueue*>(f->next[j]))
- f->next[j] = nullptr;
- clear_endpoints(f->next[j]);
+ if(f->m_next[j] && dynamic_cast<SecureQueue*>(f->m_next[j]))
+ f->m_next[j] = nullptr;
+ clear_endpoints(f->m_next[j]);
}
}
@@ -220,19 +220,19 @@ void Pipe::clear_endpoints(Filter* f)
*/
void Pipe::append(Filter* filter)
{
- if(inside_msg)
+ if(m_inside_msg)
throw Invalid_State("Cannot append to a Pipe while it is processing");
if(!filter)
return;
if(dynamic_cast<SecureQueue*>(filter))
throw Invalid_Argument("Pipe::append: SecureQueue cannot be used");
- if(filter->owned)
+ if(filter->m_owned)
throw Invalid_Argument("Filters cannot be shared among multiple Pipes");
- filter->owned = true;
+ filter->m_owned = true;
- if(!pipe) pipe = filter;
- else pipe->attach(filter);
+ if(!m_pipe) m_pipe = filter;
+ else m_pipe->attach(filter);
}
/*
@@ -240,19 +240,19 @@ void Pipe::append(Filter* filter)
*/
void Pipe::prepend(Filter* filter)
{
- if(inside_msg)
+ if(m_inside_msg)
throw Invalid_State("Cannot prepend to a Pipe while it is processing");
if(!filter)
return;
if(dynamic_cast<SecureQueue*>(filter))
throw Invalid_Argument("Pipe::prepend: SecureQueue cannot be used");
- if(filter->owned)
+ if(filter->m_owned)
throw Invalid_Argument("Filters cannot be shared among multiple Pipes");
- filter->owned = true;
+ filter->m_owned = true;
- if(pipe) filter->attach(pipe);
- pipe = filter;
+ if(m_pipe) filter->attach(m_pipe);
+ m_pipe = filter;
}
/*
@@ -260,24 +260,24 @@ void Pipe::prepend(Filter* filter)
*/
void Pipe::pop()
{
- if(inside_msg)
+ if(m_inside_msg)
throw Invalid_State("Cannot pop off a Pipe while it is processing");
- if(!pipe)
+ if(!m_pipe)
return;
- if(pipe->total_ports() > 1)
+ if(m_pipe->total_ports() > 1)
throw Invalid_State("Cannot pop off a Filter with multiple ports");
- Filter* f = pipe;
+ Filter* f = m_pipe;
size_t owns = f->owns();
- pipe = pipe->next[0];
+ m_pipe = m_pipe->m_next[0];
delete f;
while(owns--)
{
- f = pipe;
- pipe = pipe->next[0];
+ f = m_pipe;
+ m_pipe = m_pipe->m_next[0];
delete f;
}
}
@@ -287,7 +287,7 @@ void Pipe::pop()
*/
Pipe::message_id Pipe::message_count() const
{
- return outputs->message_count();
+ return m_outputs->message_count();
}
/*
diff --git a/src/lib/filters/pipe.h b/src/lib/filters/pipe.h
index 3f8d4d04c..286484a81 100644
--- a/src/lib/filters/pipe.h
+++ b/src/lib/filters/pipe.h
@@ -24,7 +24,7 @@ namespace Botan {
* collected for retrieval. If you're familiar with the Unix shell
* environment, this design will sound quite familiar.
*/
-class BOTAN_DLL Pipe : public DataSource
+class BOTAN_DLL Pipe final : public DataSource
{
public:
/**
@@ -232,7 +232,7 @@ class BOTAN_DLL Pipe : public DataSource
/**
* @return currently set default message
*/
- size_t default_msg() const { return default_read; }
+ size_t default_msg() const { return m_default_read; }
/**
* Set the default message
@@ -297,7 +297,7 @@ class BOTAN_DLL Pipe : public DataSource
* Construct a Pipe from a list of filters
* @param filters the set of filters to use
*/
- Pipe(std::initializer_list<Filter*> filters);
+ explicit Pipe(std::initializer_list<Filter*> filters);
Pipe(const Pipe&) = delete;
Pipe& operator=(const Pipe&) = delete;
@@ -311,10 +311,10 @@ class BOTAN_DLL Pipe : public DataSource
message_id get_message_no(const std::string&, message_id) const;
- Filter* pipe;
- class Output_Buffers* outputs;
- message_id default_read;
- bool inside_msg;
+ Filter* m_pipe;
+ class Output_Buffers* m_outputs;
+ message_id m_default_read;
+ bool m_inside_msg;
};
/**
diff --git a/src/lib/filters/pipe_rw.cpp b/src/lib/filters/pipe_rw.cpp
index 796f9100e..646752e7c 100644
--- a/src/lib/filters/pipe_rw.cpp
+++ b/src/lib/filters/pipe_rw.cpp
@@ -8,7 +8,6 @@
#include <botan/pipe.h>
#include <botan/internal/out_buf.h>
-#include <botan/secqueue.h>
namespace Botan {
@@ -34,9 +33,9 @@ Pipe::message_id Pipe::get_message_no(const std::string& func_name,
*/
void Pipe::write(const byte input[], size_t length)
{
- if(!inside_msg)
+ if(!m_inside_msg)
throw Invalid_State("Cannot write to a Pipe while it is not processing");
- pipe->write(input, length);
+ m_pipe->write(input, length);
}
/*
@@ -73,7 +72,7 @@ void Pipe::write(DataSource& source)
*/
size_t Pipe::read(byte output[], size_t length, message_id msg)
{
- return outputs->read(output, length, get_message_no("read", msg));
+ return m_outputs->read(output, length, get_message_no("read", msg));
}
/*
@@ -130,7 +129,7 @@ std::string Pipe::read_all_as_string(message_id msg)
*/
size_t Pipe::remaining(message_id msg) const
{
- return outputs->remaining(get_message_no("remaining", msg));
+ return m_outputs->remaining(get_message_no("remaining", msg));
}
/*
@@ -139,7 +138,7 @@ size_t Pipe::remaining(message_id msg) const
size_t Pipe::peek(byte output[], size_t length,
size_t offset, message_id msg) const
{
- return outputs->peek(output, length, offset, get_message_no("peek", msg));
+ return m_outputs->peek(output, length, offset, get_message_no("peek", msg));
}
/*
@@ -160,12 +159,12 @@ size_t Pipe::peek(byte& out, size_t offset, message_id msg) const
size_t Pipe::get_bytes_read() const
{
- return outputs->get_bytes_read(DEFAULT_MESSAGE);
+ return m_outputs->get_bytes_read(DEFAULT_MESSAGE);
}
size_t Pipe::get_bytes_read(message_id msg) const
{
- return outputs->get_bytes_read(msg);
+ return m_outputs->get_bytes_read(msg);
}
bool Pipe::check_available(size_t n)
diff --git a/src/lib/filters/secqueue.cpp b/src/lib/filters/secqueue.cpp
index 120e8dd0d..6f4070813 100644
--- a/src/lib/filters/secqueue.cpp
+++ b/src/lib/filters/secqueue.cpp
@@ -17,42 +17,42 @@ namespace Botan {
class SecureQueueNode
{
public:
- SecureQueueNode() : buffer(DEFAULT_BUFFERSIZE)
- { next = nullptr; start = end = 0; }
+ SecureQueueNode() : m_buffer(DEFAULT_BUFFERSIZE)
+ { m_next = nullptr; m_start = m_end = 0; }
- ~SecureQueueNode() { next = nullptr; start = end = 0; }
+ ~SecureQueueNode() { m_next = nullptr; m_start = m_end = 0; }
size_t write(const byte input[], size_t length)
{
- size_t copied = std::min<size_t>(length, buffer.size() - end);
- copy_mem(buffer.data() + end, input, copied);
- end += copied;
+ size_t copied = std::min<size_t>(length, m_buffer.size() - m_end);
+ copy_mem(m_buffer.data() + m_end, input, copied);
+ m_end += copied;
return copied;
}
size_t read(byte output[], size_t length)
{
- size_t copied = std::min(length, end - start);
- copy_mem(output, buffer.data() + start, copied);
- start += copied;
+ size_t copied = std::min(length, m_end - m_start);
+ copy_mem(output, m_buffer.data() + m_start, copied);
+ m_start += copied;
return copied;
}
size_t peek(byte output[], size_t length, size_t offset = 0)
{
- const size_t left = end - start;
+ const size_t left = m_end - m_start;
if(offset >= left) return 0;
size_t copied = std::min(length, left - offset);
- copy_mem(output, buffer.data() + start + offset, copied);
+ copy_mem(output, m_buffer.data() + m_start + offset, copied);
return copied;
}
- size_t size() const { return (end - start); }
+ size_t size() const { return (m_end - m_start); }
private:
friend class SecureQueue;
- SecureQueueNode* next;
- secure_vector<byte> buffer;
- size_t start, end;
+ SecureQueueNode* m_next;
+ secure_vector<byte> m_buffer;
+ size_t m_start, m_end;
};
/*
@@ -78,8 +78,8 @@ SecureQueue::SecureQueue(const SecureQueue& input) :
SecureQueueNode* temp = input.m_head;
while(temp)
{
- write(&temp->buffer[temp->start], temp->end - temp->start);
- temp = temp->next;
+ write(&temp->m_buffer[temp->m_start], temp->m_end - temp->m_start);
+ temp = temp->m_next;
}
}
@@ -91,7 +91,7 @@ void SecureQueue::destroy()
SecureQueueNode* temp = m_head;
while(temp)
{
- SecureQueueNode* holder = temp->next;
+ SecureQueueNode* holder = temp->m_next;
delete temp;
temp = holder;
}
@@ -104,12 +104,13 @@ void SecureQueue::destroy()
SecureQueue& SecureQueue::operator=(const SecureQueue& input)
{
destroy();
+ m_bytes_read = input.get_bytes_read();
m_head = m_tail = new SecureQueueNode;
SecureQueueNode* temp = input.m_head;
while(temp)
{
- write(&temp->buffer[temp->start], temp->end - temp->start);
- temp = temp->next;
+ write(&temp->m_buffer[temp->m_start], temp->m_end - temp->m_start);
+ temp = temp->m_next;
}
return (*this);
}
@@ -128,8 +129,8 @@ void SecureQueue::write(const byte input[], size_t length)
length -= n;
if(length)
{
- m_tail->next = new SecureQueueNode;
- m_tail = m_tail->next;
+ m_tail->m_next = new SecureQueueNode;
+ m_tail = m_tail->m_next;
}
}
}
@@ -148,7 +149,7 @@ size_t SecureQueue::read(byte output[], size_t length)
length -= n;
if(m_head->size() == 0)
{
- SecureQueueNode* holder = m_head->next;
+ SecureQueueNode* holder = m_head->m_next;
delete m_head;
m_head = holder;
}
@@ -169,7 +170,7 @@ size_t SecureQueue::peek(byte output[], size_t length, size_t offset) const
if(offset >= current->size())
{
offset -= current->size();
- current = current->next;
+ current = current->m_next;
}
else
break;
@@ -183,7 +184,7 @@ size_t SecureQueue::peek(byte output[], size_t length, size_t offset) const
output += n;
got += n;
length -= n;
- current = current->next;
+ current = current->m_next;
}
return got;
}
@@ -207,7 +208,7 @@ size_t SecureQueue::size() const
while(current)
{
count += current->size();
- current = current->next;
+ current = current->m_next;
}
return count;
}
diff --git a/src/lib/filters/threaded_fork.cpp b/src/lib/filters/threaded_fork.cpp
index a6bb4c713..5ee802593 100644
--- a/src/lib/filters/threaded_fork.cpp
+++ b/src/lib/filters/threaded_fork.cpp
@@ -77,7 +77,7 @@ std::string Threaded_Fork::name() const
void Threaded_Fork::set_next(Filter* f[], size_t n)
{
Fork::set_next(f, n);
- n = next.size();
+ n = m_next.size();
if(n < m_threads.size())
m_threads.resize(n);
@@ -89,26 +89,26 @@ void Threaded_Fork::set_next(Filter* f[], size_t n)
m_threads.push_back(
std::shared_ptr<std::thread>(
new std::thread(
- std::bind(&Threaded_Fork::thread_entry, this, next[i]))));
+ std::bind(&Threaded_Fork::thread_entry, this, m_next[i]))));
}
}
}
void Threaded_Fork::send(const byte input[], size_t length)
{
- if(write_queue.size())
- thread_delegate_work(write_queue.data(), write_queue.size());
+ if(m_write_queue.size())
+ thread_delegate_work(m_write_queue.data(), m_write_queue.size());
thread_delegate_work(input, length);
bool nothing_attached = true;
for(size_t j = 0; j != total_ports(); ++j)
- if(next[j])
+ if(m_next[j])
nothing_attached = false;
if(nothing_attached)
- write_queue += std::make_pair(input, length);
+ m_write_queue += std::make_pair(input, length);
else
- write_queue.clear();
+ m_write_queue.clear();
}
void Threaded_Fork::thread_delegate_work(const byte input[], size_t length)
diff --git a/src/lib/filters/transform_filter.h b/src/lib/filters/transform_filter.h
index 3dd68405b..2ecc5cecb 100644
--- a/src/lib/filters/transform_filter.h
+++ b/src/lib/filters/transform_filter.h
@@ -21,7 +21,7 @@ class BOTAN_DLL Transform_Filter : public Keyed_Filter,
private Buffered_Filter
{
public:
- Transform_Filter(Transform* t);
+ explicit Transform_Filter(Transform* t);
void set_iv(const InitializationVector& iv) override;
@@ -49,7 +49,7 @@ class BOTAN_DLL Transform_Filter : public Keyed_Filter,
class Nonce_State
{
public:
- Nonce_State(bool allow_null_nonce) : m_fresh_nonce(allow_null_nonce) {}
+ explicit Nonce_State(bool allow_null_nonce) : m_fresh_nonce(allow_null_nonce) {}
void update(const InitializationVector& iv);
std::vector<byte> get();
diff --git a/src/lib/hash/blake2/blake2b.cpp b/src/lib/hash/blake2/blake2b.cpp
new file mode 100644
index 000000000..10ccbf5c0
--- /dev/null
+++ b/src/lib/hash/blake2/blake2b.cpp
@@ -0,0 +1,224 @@
+/*
+* Blake2b
+* (C) 2016 cynecx
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#include <botan/blake2b.h>
+#include <botan/exceptn.h>
+#include <botan/mem_ops.h>
+#include <botan/loadstor.h>
+#include <botan/rotate.h>
+#include <algorithm>
+
+namespace Botan {
+
+namespace {
+
+const u64bit blake2b_IV[BLAKE2B_IVU64COUNT] = {
+ 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL,
+ 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL,
+ 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL,
+ 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL
+};
+
+const u64bit blake2b_sigma[12][16] = {
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } ,
+ { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } ,
+ { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } ,
+ { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } ,
+ { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } ,
+ { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } ,
+ { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } ,
+ { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } ,
+ { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } ,
+ { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } ,
+ { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 }
+};
+}
+
+Blake2b* Blake2b::make(const Spec& spec)
+ {
+ return new Blake2b(spec.arg_as_integer(0, 512));
+ }
+
+Blake2b::Blake2b(size_t output_bits) :
+ m_output_bits(output_bits),
+ m_buffer(BLAKE2B_BLOCKBYTES),
+ m_buflen(0),
+ m_H(BLAKE2B_IVU64COUNT)
+ {
+ if(output_bits == 0 || output_bits % 8 != 0
+ || output_bits / 8 > BLAKE2B_OUTBYTES)
+ {
+ throw Invalid_Argument("Bad output bits size for Blake2b");
+ }
+
+ state_init();
+ }
+
+void Blake2b::state_init()
+ {
+ std::copy(std::begin(blake2b_IV), std::end(blake2b_IV), m_H.begin());
+ m_H[0] ^= 0x01010000 ^ static_cast<byte>(output_length());
+ m_T[0] = m_T[1] = 0;
+ m_F[0] = m_F[1] = 0;
+ }
+
+void Blake2b::compress(bool lastblock)
+ {
+ u64bit m[16];
+ u64bit v[16];
+ u64bit* const H = m_H.data();
+ const byte* const block = m_buffer.data();
+
+ if(lastblock)
+ {
+ m_F[0] = ~0ULL;
+ }
+
+ for(int i = 0; i < 16; i++)
+ {
+ m[i] = load_le<u64bit>(block, i);
+ }
+
+ for(int i = 0; i < 8; i++)
+ {
+ v[i] = H[i];
+ v[i + 8] = blake2b_IV[i];
+ }
+
+ v[12] ^= m_T[0];
+ v[13] ^= m_T[1];
+ v[14] ^= m_F[0];
+ v[15] ^= m_F[1];
+
+#define G(r, i, a, b, c, d) \
+ do { \
+ a = a + b + m[blake2b_sigma[r][2 * i + 0]]; \
+ d = rotate_right<u64bit>(d ^ a, 32); \
+ c = c + d; \
+ b = rotate_right<u64bit>(b ^ c, 24); \
+ a = a + b + m[blake2b_sigma[r][2 * i + 1]]; \
+ d = rotate_right<u64bit>(d ^ a, 16); \
+ c = c + d; \
+ b = rotate_right<u64bit>(b ^ c, 63); \
+ } while(0)
+
+#define ROUND(r) \
+ do { \
+ G(r, 0, v[0], v[4], v[8], v[12]); \
+ G(r, 1, v[1], v[5], v[9], v[13]); \
+ G(r, 2, v[2], v[6], v[10], v[14]); \
+ G(r, 3, v[3], v[7], v[11], v[15]); \
+ G(r, 4, v[0], v[5], v[10], v[15]); \
+ G(r, 5, v[1], v[6], v[11], v[12]); \
+ G(r, 6, v[2], v[7], v[8], v[13]); \
+ G(r, 7, v[3], v[4], v[9], v[14]); \
+ } while(0)
+
+ ROUND(0);
+ ROUND(1);
+ ROUND(2);
+ ROUND(3);
+ ROUND(4);
+ ROUND(5);
+ ROUND(6);
+ ROUND(7);
+ ROUND(8);
+ ROUND(9);
+ ROUND(10);
+ ROUND(11);
+
+ for(int i = 0; i < 8; i++)
+ {
+ H[i] ^= v[i] ^ v[i + 8];
+ }
+
+#undef G
+#undef ROUND
+ }
+
+void Blake2b::increment_counter(const u64bit inc)
+ {
+ m_T[0] += inc;
+ if(m_T[0] < inc)
+ {
+ m_T[1]++;
+ }
+ }
+
+void Blake2b::add_data(const byte input[], size_t length)
+ {
+ if(!input || length == 0)
+ {
+ return;
+ }
+
+ byte* const buffer = m_buffer.data();
+
+ while(length > 0)
+ {
+ size_t fill = BLAKE2B_BLOCKBYTES - m_buflen;
+
+ if(length <= fill)
+ {
+ std::memcpy(buffer + m_buflen, input, length);
+ m_buflen += length;
+ return;
+ }
+
+ std::memcpy(buffer + m_buflen, input, fill);
+ increment_counter(BLAKE2B_BLOCKBYTES);
+ compress();
+
+ m_buflen = 0;
+ input += fill;
+ length -= fill;
+ }
+ }
+
+void Blake2b::final_result(byte output[])
+ {
+ if(!output)
+ {
+ return;
+ }
+
+ byte* const buffer = m_buffer.data();
+ const u64bit* const H = static_cast<const u64bit*>(m_H.data());
+ u16bit outlen = static_cast<u16bit>(output_length());
+
+ std::memset(buffer + m_buflen, 0, BLAKE2B_BLOCKBYTES - m_buflen);
+ increment_counter(m_buflen);
+ compress(true);
+
+ for (u16bit i = 0; i < outlen; i++)
+ {
+ output[i] = (H[i >> 3] >> (8 * (i & 7))) & 0xFF;
+ }
+
+ clear();
+ }
+
+std::string Blake2b::name() const
+ {
+ return "Blake2b(" + std::to_string(m_output_bits) + ")";
+ }
+
+HashFunction* Blake2b::clone() const
+ {
+ return new Blake2b(m_output_bits);
+ }
+
+void Blake2b::clear()
+ {
+ zeroise(m_H);
+ zeroise(m_buffer);
+ m_buflen = 0;
+ state_init();
+ }
+
+}
diff --git a/src/lib/hash/blake2/blake2b.h b/src/lib/hash/blake2/blake2b.h
new file mode 100644
index 000000000..290db10f0
--- /dev/null
+++ b/src/lib/hash/blake2/blake2b.h
@@ -0,0 +1,63 @@
+/*
+* Blake2b
+* (C) 2016 cynecx
+*
+* Botan is released under the Simplified BSD License (see license.txt)
+*/
+
+#ifndef BOTAN_BLAKE2B_H__
+#define BOTAN_BLAKE2B_H__
+
+#include <botan/hash.h>
+#include <string>
+#include <memory>
+
+namespace Botan {
+
+enum blake2b_constant {
+ BLAKE2B_BLOCKBYTES = 128,
+ BLAKE2B_OUTBYTES = 64,
+ BLAKE2B_IVU64COUNT = 8
+};
+
+/**
+* BLAKE2B
+*/
+class BOTAN_DLL Blake2b final : public HashFunction
+ {
+ public:
+ /**
+ * @param output_bits the output size of Blake2b in bits
+ */
+ explicit Blake2b(size_t output_bits = 512);
+
+ size_t hash_block_size() const override { return BLAKE2B_BLOCKBYTES; }
+ size_t output_length() const override { return m_output_bits / 8; }
+
+ static Blake2b* make(const Spec& spec);
+
+ HashFunction* clone() const override;
+ std::string name() const override;
+ void clear() override;
+
+ private:
+ void add_data(const byte input[], size_t length) override;
+ void final_result(byte out[]) override;
+
+ inline void state_init();
+ inline void increment_counter(const u64bit inc);
+ void compress(bool lastblock = false);
+
+ size_t m_output_bits;
+
+ secure_vector<byte> m_buffer;
+ size_t m_buflen;
+
+ secure_vector<u64bit> m_H;
+ u64bit m_T[2];
+ u64bit m_F[2];
+ };
+
+}
+
+#endif
diff --git a/src/lib/hash/blake2/info.txt b/src/lib/hash/blake2/info.txt
new file mode 100644
index 000000000..6c6d88afe
--- /dev/null
+++ b/src/lib/hash/blake2/info.txt
@@ -0,0 +1 @@
+define BLAKE2B 20130131
diff --git a/src/lib/hash/checksum/adler32/adler32.cpp b/src/lib/hash/checksum/adler32/adler32.cpp
index f368b627c..304c664dd 100644
--- a/src/lib/hash/checksum/adler32/adler32.cpp
+++ b/src/lib/hash/checksum/adler32/adler32.cpp
@@ -61,12 +61,12 @@ void Adler32::add_data(const byte input[], size_t length)
while(length >= PROCESS_AMOUNT)
{
- adler32_update(input, PROCESS_AMOUNT, S1, S2);
+ adler32_update(input, PROCESS_AMOUNT, m_S1, m_S2);
input += PROCESS_AMOUNT;
length -= PROCESS_AMOUNT;
}
- adler32_update(input, length, S1, S2);
+ adler32_update(input, length, m_S1, m_S2);
}
/*
@@ -74,7 +74,7 @@ void Adler32::add_data(const byte input[], size_t length)
*/
void Adler32::final_result(byte output[])
{
- store_be(output, S2, S1);
+ store_be(output, m_S2, m_S1);
clear();
}
diff --git a/src/lib/hash/checksum/adler32/adler32.h b/src/lib/hash/checksum/adler32/adler32.h
index 307236d6d..73df6134a 100644
--- a/src/lib/hash/checksum/adler32/adler32.h
+++ b/src/lib/hash/checksum/adler32/adler32.h
@@ -15,21 +15,21 @@ namespace Botan {
/**
* The Adler32 checksum, used in zlib
*/
-class BOTAN_DLL Adler32 : public HashFunction
+class BOTAN_DLL Adler32 final : public HashFunction
{
public:
std::string name() const override { return "Adler32"; }
size_t output_length() const override { return 4; }
HashFunction* clone() const override { return new Adler32; }
- void clear() override { S1 = 1; S2 = 0; }
+ void clear() override { m_S1 = 1; m_S2 = 0; }
Adler32() { clear(); }
~Adler32() { clear(); }
private:
void add_data(const byte[], size_t) override;
void final_result(byte[]) override;
- u16bit S1, S2;
+ u16bit m_S1, m_S2;
};
}
diff --git a/src/lib/hash/checksum/crc24/crc24.cpp b/src/lib/hash/checksum/crc24/crc24.cpp
index 1484f643d..6f1eea453 100644
--- a/src/lib/hash/checksum/crc24/crc24.cpp
+++ b/src/lib/hash/checksum/crc24/crc24.cpp
@@ -60,7 +60,7 @@ void CRC24::add_data(const byte input[], size_t length)
0x00FA48FA, 0x007C0401, 0x0042FA2F, 0x00C4B6D4, 0x00C82F22, 0x004E63D9,
0x00D11CCE, 0x00575035, 0x005BC9C3, 0x00DD8538 };
- u32bit tmp = crc;
+ u32bit tmp = m_crc;
while(length >= 16)
{
tmp = TABLE[((tmp >> 16) ^ input[ 0]) & 0xFF] ^ (tmp << 8);
@@ -86,7 +86,7 @@ void CRC24::add_data(const byte input[], size_t length)
for(size_t i = 0; i != length; ++i)
tmp = TABLE[((tmp >> 16) ^ input[i]) & 0xFF] ^ (tmp << 8);
- crc = tmp;
+ m_crc = tmp;
}
/*
@@ -95,7 +95,7 @@ void CRC24::add_data(const byte input[], size_t length)
void CRC24::final_result(byte output[])
{
for(size_t i = 0; i != 3; ++i)
- output[i] = get_byte(i+1, crc);
+ output[i] = get_byte(i+1, m_crc);
clear();
}
diff --git a/src/lib/hash/checksum/crc24/crc24.h b/src/lib/hash/checksum/crc24/crc24.h
index 8df8bd727..f80ee1c2a 100644
--- a/src/lib/hash/checksum/crc24/crc24.h
+++ b/src/lib/hash/checksum/crc24/crc24.h
@@ -15,21 +15,21 @@ namespace Botan {
/**
* 24-bit cyclic redundancy check
*/
-class BOTAN_DLL CRC24 : public HashFunction
+class BOTAN_DLL CRC24 final : public HashFunction
{
public:
std::string name() const override { return "CRC24"; }
size_t output_length() const override { return 3; }
HashFunction* clone() const override { return new CRC24; }
- void clear() override { crc = 0xB704CE; }
+ void clear() override { m_crc = 0xB704CE; }
CRC24() { clear(); }
~CRC24() { clear(); }
private:
void add_data(const byte[], size_t) override;
void final_result(byte[]) override;
- u32bit crc;
+ u32bit m_crc;
};
}
diff --git a/src/lib/hash/checksum/crc32/crc32.cpp b/src/lib/hash/checksum/crc32/crc32.cpp
index 10d989cc6..ca8c87c5f 100644
--- a/src/lib/hash/checksum/crc32/crc32.cpp
+++ b/src/lib/hash/checksum/crc32/crc32.cpp
@@ -60,7 +60,7 @@ void CRC32::add_data(const byte input[], size_t length)
0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D };
- u32bit tmp = crc;
+ u32bit tmp = m_crc;
while(length >= 16)
{
tmp = TABLE[(tmp ^ input[ 0]) & 0xFF] ^ (tmp >> 8);
@@ -86,7 +86,7 @@ void CRC32::add_data(const byte input[], size_t length)
for(size_t i = 0; i != length; ++i)
tmp = TABLE[(tmp ^ input[i]) & 0xFF] ^ (tmp >> 8);
- crc = tmp;
+ m_crc = tmp;
}
/*
@@ -94,8 +94,8 @@ void CRC32::add_data(const byte input[], size_t length)
*/
void CRC32::final_result(byte output[])
{
- crc ^= 0xFFFFFFFF;
- store_be(crc, output);
+ m_crc ^= 0xFFFFFFFF;
+ store_be(m_crc, output);
clear();
}
diff --git a/src/lib/hash/checksum/crc32/crc32.h b/src/lib/hash/checksum/crc32/crc32.h
index 8ae95d42a..987f34608 100644
--- a/src/lib/hash/checksum/crc32/crc32.h
+++ b/src/lib/hash/checksum/crc32/crc32.h
@@ -15,21 +15,21 @@ namespace Botan {
/**
* 32-bit cyclic redundancy check
*/
-class BOTAN_DLL CRC32 : public HashFunction
+class BOTAN_DLL CRC32 final : public HashFunction
{
public:
std::string name() const override { return "CRC32"; }
size_t output_length() const override { return 4; }
HashFunction* clone() const override { return new CRC32; }
- void clear() override { crc = 0xFFFFFFFF; }
+ void clear() override { m_crc = 0xFFFFFFFF; }
CRC32() { clear(); }
~CRC32() { clear(); }
private:
void add_data(const byte[], size_t) override;
void final_result(byte[]) override;
- u32bit crc;
+ u32bit m_crc;
};
}
diff --git a/src/lib/hash/comb4p/comb4p.h b/src/lib/hash/comb4p/comb4p.h
index 1a99934a2..c05953ea5 100644
--- a/src/lib/hash/comb4p/comb4p.h
+++ b/src/lib/hash/comb4p/comb4p.h
@@ -16,7 +16,7 @@ namespace Botan {
* Combines two hash functions using a Feistel scheme. Described in
* "On the Security of Hash Function Combiners", Anja Lehmann
*/
-class BOTAN_DLL Comb4P : public HashFunction
+class BOTAN_DLL Comb4P final : public HashFunction
{
public:
/**
diff --git a/src/lib/hash/gost_3411/gost_3411.cpp b/src/lib/hash/gost_3411/gost_3411.cpp
index f8c9c0069..17c590a5c 100644
--- a/src/lib/hash/gost_3411/gost_3411.cpp
+++ b/src/lib/hash/gost_3411/gost_3411.cpp
@@ -13,22 +13,22 @@ namespace Botan {
* GOST 34.11 Constructor
*/
GOST_34_11::GOST_34_11() :
- cipher(GOST_28147_89_Params("R3411_CryptoPro")),
- buffer(32),
- sum(32),
- hash(32)
+ m_cipher(GOST_28147_89_Params("R3411_CryptoPro")),
+ m_buffer(32),
+ m_sum(32),
+ m_hash(32)
{
- count = 0;
- position = 0;
+ m_count = 0;
+ m_position = 0;
}
void GOST_34_11::clear()
{
- cipher.clear();
- zeroise(sum);
- zeroise(hash);
- count = 0;
- position = 0;
+ m_cipher.clear();
+ zeroise(m_sum);
+ zeroise(m_hash);
+ m_count = 0;
+ m_position = 0;
}
/**
@@ -36,18 +36,18 @@ void GOST_34_11::clear()
*/
void GOST_34_11::add_data(const byte input[], size_t length)
{
- count += length;
+ m_count += length;
- if(position)
+ if(m_position)
{
- buffer_insert(buffer, position, input, length);
+ buffer_insert(m_buffer, m_position, input, length);
- if(position + length >= hash_block_size())
+ if(m_position + length >= hash_block_size())
{
- compress_n(buffer.data(), 1);
- input += (hash_block_size() - position);
- length -= (hash_block_size() - position);
- position = 0;
+ compress_n(m_buffer.data(), 1);
+ input += (hash_block_size() - m_position);
+ length -= (hash_block_size() - m_position);
+ m_position = 0;
}
}
@@ -57,8 +57,8 @@ void GOST_34_11::add_data(const byte input[], size_t length)
if(full_blocks)
compress_n(input, full_blocks);
- buffer_insert(buffer, position, input + full_blocks * hash_block_size(), remaining);
- position += remaining;
+ buffer_insert(m_buffer, m_position, input + full_blocks * hash_block_size(), remaining);
+ m_position += remaining;
}
/**
@@ -70,15 +70,15 @@ void GOST_34_11::compress_n(const byte input[], size_t blocks)
{
for(u16bit j = 0, carry = 0; j != 32; ++j)
{
- u16bit s = sum[j] + input[32*i+j] + carry;
+ u16bit s = m_sum[j] + input[32*i+j] + carry;
carry = get_byte(0, s);
- sum[j] = get_byte(1, s);
+ m_sum[j] = get_byte(1, s);
}
byte S[32] = { 0 };
u64bit U[4], V[4];
- load_be(U, hash.data(), 4);
+ load_be(U, m_hash.data(), 4);
load_be(V, input + 32*i, 4);
for(size_t j = 0; j != 4; ++j)
@@ -90,8 +90,8 @@ void GOST_34_11::compress_n(const byte input[], size_t blocks)
for(size_t l = 0; l != 8; ++l)
key[4*l+k] = get_byte(l, U[k]) ^ get_byte(l, V[k]);
- cipher.set_key(key, 32);
- cipher.encrypt(&hash[8*j], S + 8*j);
+ m_cipher.set_key(key, 32);
+ m_cipher.encrypt(&m_hash[8*j], S + 8*j);
if(j == 3)
break;
@@ -165,7 +165,7 @@ void GOST_34_11::compress_n(const byte input[], size_t blocks)
S[30] = S2[0];
S[31] = S2[1];
- xor_buf(S, hash.data(), 32);
+ xor_buf(S, m_hash.data(), 32);
// 61 rounds of psi
S2[ 0] = S[ 2] ^ S[ 6] ^ S[14] ^ S[20] ^ S[22] ^ S[26] ^ S[28] ^ S[30];
@@ -207,7 +207,7 @@ void GOST_34_11::compress_n(const byte input[], size_t blocks)
S2[30] = S[ 2] ^ S[ 4] ^ S[ 8] ^ S[14] ^ S[16] ^ S[18] ^ S[22] ^ S[24] ^ S[28] ^ S[30];
S2[31] = S[ 3] ^ S[ 5] ^ S[ 9] ^ S[15] ^ S[17] ^ S[19] ^ S[23] ^ S[25] ^ S[29] ^ S[31];
- copy_mem(hash.data(), S2, 32);
+ copy_mem(m_hash.data(), S2, 32);
}
}
@@ -216,22 +216,22 @@ void GOST_34_11::compress_n(const byte input[], size_t blocks)
*/
void GOST_34_11::final_result(byte out[])
{
- if(position)
+ if(m_position)
{
- clear_mem(buffer.data() + position, buffer.size() - position);
- compress_n(buffer.data(), 1);
+ clear_mem(m_buffer.data() + m_position, m_buffer.size() - m_position);
+ compress_n(m_buffer.data(), 1);
}
secure_vector<byte> length_buf(32);
- const u64bit bit_count = count * 8;
+ const u64bit bit_count = m_count * 8;
store_le(bit_count, length_buf.data());
- secure_vector<byte> sum_buf = sum;
+ secure_vector<byte> sum_buf = m_sum;
compress_n(length_buf.data(), 1);
compress_n(sum_buf.data(), 1);
- copy_mem(out, hash.data(), 32);
+ copy_mem(out, m_hash.data(), 32);
clear();
}
diff --git a/src/lib/hash/gost_3411/gost_3411.h b/src/lib/hash/gost_3411/gost_3411.h
index 2ad96dbdb..16f6a4954 100644
--- a/src/lib/hash/gost_3411/gost_3411.h
+++ b/src/lib/hash/gost_3411/gost_3411.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* GOST 34.11
*/
-class BOTAN_DLL GOST_34_11 : public HashFunction
+class BOTAN_DLL GOST_34_11 final : public HashFunction
{
public:
std::string name() const override { return "GOST-R-34.11-94" ; }
@@ -33,10 +33,10 @@ class BOTAN_DLL GOST_34_11 : public HashFunction
void add_data(const byte[], size_t) override;
void final_result(byte[]) override;
- GOST_28147_89 cipher;
- secure_vector<byte> buffer, sum, hash;
- size_t position;
- u64bit count;
+ GOST_28147_89 m_cipher;
+ secure_vector<byte> m_buffer, m_sum, m_hash;
+ size_t m_position;
+ u64bit m_count;
};
}
diff --git a/src/lib/hash/has160/has160.cpp b/src/lib/hash/has160/has160.cpp
index 6b12e10ad..114b5f8b5 100644
--- a/src/lib/hash/has160/has160.cpp
+++ b/src/lib/hash/has160/has160.cpp
@@ -60,78 +60,78 @@ void HAS_160::compress_n(const byte input[], size_t blocks)
{
using namespace HAS_160_F;
- u32bit A = digest[0], B = digest[1], C = digest[2],
- D = digest[3], E = digest[4];
+ u32bit A = m_digest[0], B = m_digest[1], C = m_digest[2],
+ D = m_digest[3], E = m_digest[4];
for(size_t i = 0; i != blocks; ++i)
{
- load_le(X.data(), input, 16);
-
- X[16] = X[ 0] ^ X[ 1] ^ X[ 2] ^ X[ 3];
- X[17] = X[ 4] ^ X[ 5] ^ X[ 6] ^ X[ 7];
- X[18] = X[ 8] ^ X[ 9] ^ X[10] ^ X[11];
- X[19] = X[12] ^ X[13] ^ X[14] ^ X[15];
- F1(A,B,C,D,E,X[18], 5); F1(E,A,B,C,D,X[ 0],11);
- F1(D,E,A,B,C,X[ 1], 7); F1(C,D,E,A,B,X[ 2],15);
- F1(B,C,D,E,A,X[ 3], 6); F1(A,B,C,D,E,X[19],13);
- F1(E,A,B,C,D,X[ 4], 8); F1(D,E,A,B,C,X[ 5],14);
- F1(C,D,E,A,B,X[ 6], 7); F1(B,C,D,E,A,X[ 7],12);
- F1(A,B,C,D,E,X[16], 9); F1(E,A,B,C,D,X[ 8],11);
- F1(D,E,A,B,C,X[ 9], 8); F1(C,D,E,A,B,X[10],15);
- F1(B,C,D,E,A,X[11], 6); F1(A,B,C,D,E,X[17],12);
- F1(E,A,B,C,D,X[12], 9); F1(D,E,A,B,C,X[13],14);
- F1(C,D,E,A,B,X[14], 5); F1(B,C,D,E,A,X[15],13);
-
- X[16] = X[ 3] ^ X[ 6] ^ X[ 9] ^ X[12];
- X[17] = X[ 2] ^ X[ 5] ^ X[ 8] ^ X[15];
- X[18] = X[ 1] ^ X[ 4] ^ X[11] ^ X[14];
- X[19] = X[ 0] ^ X[ 7] ^ X[10] ^ X[13];
- F2(A,B,C,D,E,X[18], 5); F2(E,A,B,C,D,X[ 3],11);
- F2(D,E,A,B,C,X[ 6], 7); F2(C,D,E,A,B,X[ 9],15);
- F2(B,C,D,E,A,X[12], 6); F2(A,B,C,D,E,X[19],13);
- F2(E,A,B,C,D,X[15], 8); F2(D,E,A,B,C,X[ 2],14);
- F2(C,D,E,A,B,X[ 5], 7); F2(B,C,D,E,A,X[ 8],12);
- F2(A,B,C,D,E,X[16], 9); F2(E,A,B,C,D,X[11],11);
- F2(D,E,A,B,C,X[14], 8); F2(C,D,E,A,B,X[ 1],15);
- F2(B,C,D,E,A,X[ 4], 6); F2(A,B,C,D,E,X[17],12);
- F2(E,A,B,C,D,X[ 7], 9); F2(D,E,A,B,C,X[10],14);
- F2(C,D,E,A,B,X[13], 5); F2(B,C,D,E,A,X[ 0],13);
-
- X[16] = X[ 5] ^ X[ 7] ^ X[12] ^ X[14];
- X[17] = X[ 0] ^ X[ 2] ^ X[ 9] ^ X[11];
- X[18] = X[ 4] ^ X[ 6] ^ X[13] ^ X[15];
- X[19] = X[ 1] ^ X[ 3] ^ X[ 8] ^ X[10];
- F3(A,B,C,D,E,X[18], 5); F3(E,A,B,C,D,X[12],11);
- F3(D,E,A,B,C,X[ 5], 7); F3(C,D,E,A,B,X[14],15);
- F3(B,C,D,E,A,X[ 7], 6); F3(A,B,C,D,E,X[19],13);
- F3(E,A,B,C,D,X[ 0], 8); F3(D,E,A,B,C,X[ 9],14);
- F3(C,D,E,A,B,X[ 2], 7); F3(B,C,D,E,A,X[11],12);
- F3(A,B,C,D,E,X[16], 9); F3(E,A,B,C,D,X[ 4],11);
- F3(D,E,A,B,C,X[13], 8); F3(C,D,E,A,B,X[ 6],15);
- F3(B,C,D,E,A,X[15], 6); F3(A,B,C,D,E,X[17],12);
- F3(E,A,B,C,D,X[ 8], 9); F3(D,E,A,B,C,X[ 1],14);
- F3(C,D,E,A,B,X[10], 5); F3(B,C,D,E,A,X[ 3],13);
-
- X[16] = X[ 2] ^ X[ 7] ^ X[ 8] ^ X[13];
- X[17] = X[ 3] ^ X[ 4] ^ X[ 9] ^ X[14];
- X[18] = X[ 0] ^ X[ 5] ^ X[10] ^ X[15];
- X[19] = X[ 1] ^ X[ 6] ^ X[11] ^ X[12];
- F4(A,B,C,D,E,X[18], 5); F4(E,A,B,C,D,X[ 7],11);
- F4(D,E,A,B,C,X[ 2], 7); F4(C,D,E,A,B,X[13],15);
- F4(B,C,D,E,A,X[ 8], 6); F4(A,B,C,D,E,X[19],13);
- F4(E,A,B,C,D,X[ 3], 8); F4(D,E,A,B,C,X[14],14);
- F4(C,D,E,A,B,X[ 9], 7); F4(B,C,D,E,A,X[ 4],12);
- F4(A,B,C,D,E,X[16], 9); F4(E,A,B,C,D,X[15],11);
- F4(D,E,A,B,C,X[10], 8); F4(C,D,E,A,B,X[ 5],15);
- F4(B,C,D,E,A,X[ 0], 6); F4(A,B,C,D,E,X[17],12);
- F4(E,A,B,C,D,X[11], 9); F4(D,E,A,B,C,X[ 6],14);
- F4(C,D,E,A,B,X[ 1], 5); F4(B,C,D,E,A,X[12],13);
-
- A = (digest[0] += A);
- B = (digest[1] += B);
- C = (digest[2] += C);
- D = (digest[3] += D);
- E = (digest[4] += E);
+ load_le(m_X.data(), input, 16);
+
+ m_X[16] = m_X[ 0] ^ m_X[ 1] ^ m_X[ 2] ^ m_X[ 3];
+ m_X[17] = m_X[ 4] ^ m_X[ 5] ^ m_X[ 6] ^ m_X[ 7];
+ m_X[18] = m_X[ 8] ^ m_X[ 9] ^ m_X[10] ^ m_X[11];
+ m_X[19] = m_X[12] ^ m_X[13] ^ m_X[14] ^ m_X[15];
+ F1(A,B,C,D,E,m_X[18], 5); F1(E,A,B,C,D,m_X[ 0],11);
+ F1(D,E,A,B,C,m_X[ 1], 7); F1(C,D,E,A,B,m_X[ 2],15);
+ F1(B,C,D,E,A,m_X[ 3], 6); F1(A,B,C,D,E,m_X[19],13);
+ F1(E,A,B,C,D,m_X[ 4], 8); F1(D,E,A,B,C,m_X[ 5],14);
+ F1(C,D,E,A,B,m_X[ 6], 7); F1(B,C,D,E,A,m_X[ 7],12);
+ F1(A,B,C,D,E,m_X[16], 9); F1(E,A,B,C,D,m_X[ 8],11);
+ F1(D,E,A,B,C,m_X[ 9], 8); F1(C,D,E,A,B,m_X[10],15);
+ F1(B,C,D,E,A,m_X[11], 6); F1(A,B,C,D,E,m_X[17],12);
+ F1(E,A,B,C,D,m_X[12], 9); F1(D,E,A,B,C,m_X[13],14);
+ F1(C,D,E,A,B,m_X[14], 5); F1(B,C,D,E,A,m_X[15],13);
+
+ m_X[16] = m_X[ 3] ^ m_X[ 6] ^ m_X[ 9] ^ m_X[12];
+ m_X[17] = m_X[ 2] ^ m_X[ 5] ^ m_X[ 8] ^ m_X[15];
+ m_X[18] = m_X[ 1] ^ m_X[ 4] ^ m_X[11] ^ m_X[14];
+ m_X[19] = m_X[ 0] ^ m_X[ 7] ^ m_X[10] ^ m_X[13];
+ F2(A,B,C,D,E,m_X[18], 5); F2(E,A,B,C,D,m_X[ 3],11);
+ F2(D,E,A,B,C,m_X[ 6], 7); F2(C,D,E,A,B,m_X[ 9],15);
+ F2(B,C,D,E,A,m_X[12], 6); F2(A,B,C,D,E,m_X[19],13);
+ F2(E,A,B,C,D,m_X[15], 8); F2(D,E,A,B,C,m_X[ 2],14);
+ F2(C,D,E,A,B,m_X[ 5], 7); F2(B,C,D,E,A,m_X[ 8],12);
+ F2(A,B,C,D,E,m_X[16], 9); F2(E,A,B,C,D,m_X[11],11);
+ F2(D,E,A,B,C,m_X[14], 8); F2(C,D,E,A,B,m_X[ 1],15);
+ F2(B,C,D,E,A,m_X[ 4], 6); F2(A,B,C,D,E,m_X[17],12);
+ F2(E,A,B,C,D,m_X[ 7], 9); F2(D,E,A,B,C,m_X[10],14);
+ F2(C,D,E,A,B,m_X[13], 5); F2(B,C,D,E,A,m_X[ 0],13);
+
+ m_X[16] = m_X[ 5] ^ m_X[ 7] ^ m_X[12] ^ m_X[14];
+ m_X[17] = m_X[ 0] ^ m_X[ 2] ^ m_X[ 9] ^ m_X[11];
+ m_X[18] = m_X[ 4] ^ m_X[ 6] ^ m_X[13] ^ m_X[15];
+ m_X[19] = m_X[ 1] ^ m_X[ 3] ^ m_X[ 8] ^ m_X[10];
+ F3(A,B,C,D,E,m_X[18], 5); F3(E,A,B,C,D,m_X[12],11);
+ F3(D,E,A,B,C,m_X[ 5], 7); F3(C,D,E,A,B,m_X[14],15);
+ F3(B,C,D,E,A,m_X[ 7], 6); F3(A,B,C,D,E,m_X[19],13);
+ F3(E,A,B,C,D,m_X[ 0], 8); F3(D,E,A,B,C,m_X[ 9],14);
+ F3(C,D,E,A,B,m_X[ 2], 7); F3(B,C,D,E,A,m_X[11],12);
+ F3(A,B,C,D,E,m_X[16], 9); F3(E,A,B,C,D,m_X[ 4],11);
+ F3(D,E,A,B,C,m_X[13], 8); F3(C,D,E,A,B,m_X[ 6],15);
+ F3(B,C,D,E,A,m_X[15], 6); F3(A,B,C,D,E,m_X[17],12);
+ F3(E,A,B,C,D,m_X[ 8], 9); F3(D,E,A,B,C,m_X[ 1],14);
+ F3(C,D,E,A,B,m_X[10], 5); F3(B,C,D,E,A,m_X[ 3],13);
+
+ m_X[16] = m_X[ 2] ^ m_X[ 7] ^ m_X[ 8] ^ m_X[13];
+ m_X[17] = m_X[ 3] ^ m_X[ 4] ^ m_X[ 9] ^ m_X[14];
+ m_X[18] = m_X[ 0] ^ m_X[ 5] ^ m_X[10] ^ m_X[15];
+ m_X[19] = m_X[ 1] ^ m_X[ 6] ^ m_X[11] ^ m_X[12];
+ F4(A,B,C,D,E,m_X[18], 5); F4(E,A,B,C,D,m_X[ 7],11);
+ F4(D,E,A,B,C,m_X[ 2], 7); F4(C,D,E,A,B,m_X[13],15);
+ F4(B,C,D,E,A,m_X[ 8], 6); F4(A,B,C,D,E,m_X[19],13);
+ F4(E,A,B,C,D,m_X[ 3], 8); F4(D,E,A,B,C,m_X[14],14);
+ F4(C,D,E,A,B,m_X[ 9], 7); F4(B,C,D,E,A,m_X[ 4],12);
+ F4(A,B,C,D,E,m_X[16], 9); F4(E,A,B,C,D,m_X[15],11);
+ F4(D,E,A,B,C,m_X[10], 8); F4(C,D,E,A,B,m_X[ 5],15);
+ F4(B,C,D,E,A,m_X[ 0], 6); F4(A,B,C,D,E,m_X[17],12);
+ F4(E,A,B,C,D,m_X[11], 9); F4(D,E,A,B,C,m_X[ 6],14);
+ F4(C,D,E,A,B,m_X[ 1], 5); F4(B,C,D,E,A,m_X[12],13);
+
+ A = (m_digest[0] += A);
+ B = (m_digest[1] += B);
+ C = (m_digest[2] += C);
+ D = (m_digest[3] += D);
+ E = (m_digest[4] += E);
input += hash_block_size();
}
@@ -142,7 +142,7 @@ void HAS_160::compress_n(const byte input[], size_t blocks)
*/
void HAS_160::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -151,12 +151,12 @@ void HAS_160::copy_out(byte output[])
void HAS_160::clear()
{
MDx_HashFunction::clear();
- zeroise(X);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
- digest[4] = 0xC3D2E1F0;
+ zeroise(m_X);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
+ m_digest[4] = 0xC3D2E1F0;
}
}
diff --git a/src/lib/hash/has160/has160.h b/src/lib/hash/has160/has160.h
index 75d0bda90..7ef090eb7 100644
--- a/src/lib/hash/has160/has160.h
+++ b/src/lib/hash/has160/has160.h
@@ -16,7 +16,7 @@ namespace Botan {
* HAS-160, a Korean hash function standardized in
* TTAS.KO-12.0011/R1. Used in conjunction with KCDSA
*/
-class BOTAN_DLL HAS_160 : public MDx_HashFunction
+class BOTAN_DLL HAS_160 final : public MDx_HashFunction
{
public:
std::string name() const override { return "HAS-160"; }
@@ -25,13 +25,13 @@ class BOTAN_DLL HAS_160 : public MDx_HashFunction
void clear() override;
- HAS_160() : MDx_HashFunction(64, false, true), X(20), digest(5)
+ HAS_160() : MDx_HashFunction(64, false, true), m_X(20), m_digest(5)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
- secure_vector<u32bit> X, digest;
+ secure_vector<u32bit> m_X, m_digest;
};
}
diff --git a/src/lib/hash/hash.cpp b/src/lib/hash/hash.cpp
index fe210705e..9a15c7998 100644
--- a/src/lib/hash/hash.cpp
+++ b/src/lib/hash/hash.cpp
@@ -89,12 +89,16 @@
#include <botan/comb4p.h>
#endif
+#if defined(BOTAN_HAS_BLAKE2B)
+ #include <botan/blake2b.h>
+#endif
+
namespace Botan {
std::unique_ptr<HashFunction> HashFunction::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<HashFunction>(make_a<HashFunction>(algo_spec, provider));
+ return std::unique_ptr<HashFunction>(make_a<HashFunction>(Botan::HashFunction::Spec(algo_spec), provider));
}
std::vector<std::string> HashFunction::providers(const std::string& algo_spec)
@@ -203,4 +207,8 @@ BOTAN_REGISTER_NAMED_T(HashFunction, "Skein-512", Skein_512, Skein_512::make);
BOTAN_REGISTER_HASH_NOARGS(Whirlpool);
#endif
+#if defined(BOTAN_HAS_BLAKE2B)
+BOTAN_REGISTER_NAMED_T(HashFunction, "Blake2b", Blake2b, Blake2b::make);
+#endif
+
}
diff --git a/src/lib/hash/keccak/keccak.cpp b/src/lib/hash/keccak/keccak.cpp
index 39d0c822b..44297dcef 100644
--- a/src/lib/hash/keccak/keccak.cpp
+++ b/src/lib/hash/keccak/keccak.cpp
@@ -41,30 +41,30 @@ void keccak_f_1600(u64bit A[25])
const u64bit D4 = rotate_left(C4, 1) ^ C2;
const u64bit B00 = A[ 0] ^ D1;
- const u64bit B01 = rotate_left(A[ 6] ^ D2, 44);
- const u64bit B02 = rotate_left(A[12] ^ D3, 43);
- const u64bit B03 = rotate_left(A[18] ^ D4, 21);
- const u64bit B04 = rotate_left(A[24] ^ D0, 14);
- const u64bit B05 = rotate_left(A[ 3] ^ D4, 28);
- const u64bit B06 = rotate_left(A[ 9] ^ D0, 20);
- const u64bit B07 = rotate_left(A[10] ^ D1, 3);
- const u64bit B08 = rotate_left(A[16] ^ D2, 45);
- const u64bit B09 = rotate_left(A[22] ^ D3, 61);
const u64bit B10 = rotate_left(A[ 1] ^ D2, 1);
- const u64bit B11 = rotate_left(A[ 7] ^ D3, 6);
- const u64bit B12 = rotate_left(A[13] ^ D4, 25);
- const u64bit B13 = rotate_left(A[19] ^ D0, 8);
- const u64bit B14 = rotate_left(A[20] ^ D1, 18);
+ const u64bit B20 = rotate_left(A[ 2] ^ D3, 62);
+ const u64bit B05 = rotate_left(A[ 3] ^ D4, 28);
const u64bit B15 = rotate_left(A[ 4] ^ D0, 27);
const u64bit B16 = rotate_left(A[ 5] ^ D1, 36);
- const u64bit B17 = rotate_left(A[11] ^ D2, 10);
- const u64bit B18 = rotate_left(A[17] ^ D3, 15);
- const u64bit B19 = rotate_left(A[23] ^ D4, 56);
- const u64bit B20 = rotate_left(A[ 2] ^ D3, 62);
+ const u64bit B01 = rotate_left(A[ 6] ^ D2, 44);
+ const u64bit B11 = rotate_left(A[ 7] ^ D3, 6);
const u64bit B21 = rotate_left(A[ 8] ^ D4, 55);
+ const u64bit B06 = rotate_left(A[ 9] ^ D0, 20);
+ const u64bit B07 = rotate_left(A[10] ^ D1, 3);
+ const u64bit B17 = rotate_left(A[11] ^ D2, 10);
+ const u64bit B02 = rotate_left(A[12] ^ D3, 43);
+ const u64bit B12 = rotate_left(A[13] ^ D4, 25);
const u64bit B22 = rotate_left(A[14] ^ D0, 39);
const u64bit B23 = rotate_left(A[15] ^ D1, 41);
+ const u64bit B08 = rotate_left(A[16] ^ D2, 45);
+ const u64bit B18 = rotate_left(A[17] ^ D3, 15);
+ const u64bit B03 = rotate_left(A[18] ^ D4, 21);
+ const u64bit B13 = rotate_left(A[19] ^ D0, 8);
+ const u64bit B14 = rotate_left(A[20] ^ D1, 18);
const u64bit B24 = rotate_left(A[21] ^ D2, 2);
+ const u64bit B09 = rotate_left(A[22] ^ D3, 61);
+ const u64bit B19 = rotate_left(A[23] ^ D4, 56);
+ const u64bit B04 = rotate_left(A[24] ^ D0, 14);
A[ 0] = B00 ^ (~B01 & B02);
A[ 1] = B01 ^ (~B02 & B03);
@@ -99,10 +99,10 @@ void keccak_f_1600(u64bit A[25])
}
Keccak_1600::Keccak_1600(size_t output_bits) :
- output_bits(output_bits),
- bitrate(1600 - 2*output_bits),
- S(25),
- S_pos(0)
+ m_output_bits(output_bits),
+ m_bitrate(1600 - 2*output_bits),
+ m_S(25),
+ m_S_pos(0)
{
// We only support the parameters for the SHA-3 proposal
@@ -114,18 +114,18 @@ Keccak_1600::Keccak_1600(size_t output_bits) :
std::string Keccak_1600::name() const
{
- return "Keccak-1600(" + std::to_string(output_bits) + ")";
+ return "Keccak-1600(" + std::to_string(m_output_bits) + ")";
}
HashFunction* Keccak_1600::clone() const
{
- return new Keccak_1600(output_bits);
+ return new Keccak_1600(m_output_bits);
}
void Keccak_1600::clear()
{
- zeroise(S);
- S_pos = 0;
+ zeroise(m_S);
+ m_S_pos = 0;
}
void Keccak_1600::add_data(const byte input[], size_t length)
@@ -135,47 +135,47 @@ void Keccak_1600::add_data(const byte input[], size_t length)
while(length)
{
- size_t to_take = std::min(length, bitrate / 8 - S_pos);
+ size_t to_take = std::min(length, m_bitrate / 8 - m_S_pos);
length -= to_take;
- while(to_take && S_pos % 8)
+ while(to_take && m_S_pos % 8)
{
- S[S_pos / 8] ^= static_cast<u64bit>(input[0]) << (8 * (S_pos % 8));
+ m_S[m_S_pos / 8] ^= static_cast<u64bit>(input[0]) << (8 * (m_S_pos % 8));
- ++S_pos;
+ ++m_S_pos;
++input;
--to_take;
}
while(to_take && to_take % 8 == 0)
{
- S[S_pos / 8] ^= load_le<u64bit>(input, 0);
- S_pos += 8;
+ m_S[m_S_pos / 8] ^= load_le<u64bit>(input, 0);
+ m_S_pos += 8;
input += 8;
to_take -= 8;
}
while(to_take)
{
- S[S_pos / 8] ^= static_cast<u64bit>(input[0]) << (8 * (S_pos % 8));
+ m_S[m_S_pos / 8] ^= static_cast<u64bit>(input[0]) << (8 * (m_S_pos % 8));
- ++S_pos;
+ ++m_S_pos;
++input;
--to_take;
}
- if(S_pos == bitrate / 8)
+ if(m_S_pos == m_bitrate / 8)
{
- keccak_f_1600(S.data());
- S_pos = 0;
+ keccak_f_1600(m_S.data());
+ m_S_pos = 0;
}
}
}
void Keccak_1600::final_result(byte output[])
{
- std::vector<byte> padding(bitrate / 8 - S_pos);
+ std::vector<byte> padding(m_bitrate / 8 - m_S_pos);
padding[0] = 0x01;
padding[padding.size()-1] |= 0x80;
@@ -186,8 +186,8 @@ void Keccak_1600::final_result(byte output[])
* We never have to run the permutation again because we only support
* limited output lengths
*/
- for(size_t i = 0; i != output_bits/8; ++i)
- output[i] = get_byte(7 - (i % 8), S[i/8]);
+ for(size_t i = 0; i != m_output_bits/8; ++i)
+ output[i] = get_byte(7 - (i % 8), m_S[i/8]);
clear();
}
diff --git a/src/lib/hash/keccak/keccak.h b/src/lib/hash/keccak/keccak.h
index 0e7d3d5d1..a73595d6a 100644
--- a/src/lib/hash/keccak/keccak.h
+++ b/src/lib/hash/keccak/keccak.h
@@ -17,7 +17,7 @@ namespace Botan {
/**
* Keccak[1600], a SHA-3 candidate
*/
-class BOTAN_DLL Keccak_1600 : public HashFunction
+class BOTAN_DLL Keccak_1600 final : public HashFunction
{
public:
@@ -25,10 +25,10 @@ class BOTAN_DLL Keccak_1600 : public HashFunction
* @param output_bits the size of the hash output; must be one of
* 224, 256, 384, or 512
*/
- Keccak_1600(size_t output_bits = 512);
+ explicit Keccak_1600(size_t output_bits = 512);
- size_t hash_block_size() const override { return bitrate / 8; }
- size_t output_length() const override { return output_bits / 8; }
+ size_t hash_block_size() const override { return m_bitrate / 8; }
+ size_t output_length() const override { return m_output_bits / 8; }
HashFunction* clone() const override;
std::string name() const override;
@@ -37,9 +37,9 @@ class BOTAN_DLL Keccak_1600 : public HashFunction
void add_data(const byte input[], size_t length) override;
void final_result(byte out[]) override;
- size_t output_bits, bitrate;
- secure_vector<u64bit> S;
- size_t S_pos;
+ size_t m_output_bits, m_bitrate;
+ secure_vector<u64bit> m_S;
+ size_t m_S_pos;
};
}
diff --git a/src/lib/hash/md2/md2.cpp b/src/lib/hash/md2/md2.cpp
index 8fe016962..f5e222610 100644
--- a/src/lib/hash/md2/md2.cpp
+++ b/src/lib/hash/md2/md2.cpp
@@ -38,26 +38,26 @@ void MD2::hash(const byte input[])
0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A, 0xDB, 0x99, 0x8D, 0x33,
0x9F, 0x11, 0x83, 0x14 };
- buffer_insert(X, 16, input, hash_block_size());
- xor_buf(&X[32], X.data(), &X[16], hash_block_size());
+ buffer_insert(m_X, 16, input, hash_block_size());
+ xor_buf(&m_X[32], m_X.data(), &m_X[16], hash_block_size());
byte T = 0;
for(size_t i = 0; i != 18; ++i)
{
for(size_t k = 0; k != 48; k += 8)
{
- T = X[k ] ^= SBOX[T]; T = X[k+1] ^= SBOX[T];
- T = X[k+2] ^= SBOX[T]; T = X[k+3] ^= SBOX[T];
- T = X[k+4] ^= SBOX[T]; T = X[k+5] ^= SBOX[T];
- T = X[k+6] ^= SBOX[T]; T = X[k+7] ^= SBOX[T];
+ T = m_X[k ] ^= SBOX[T]; T = m_X[k+1] ^= SBOX[T];
+ T = m_X[k+2] ^= SBOX[T]; T = m_X[k+3] ^= SBOX[T];
+ T = m_X[k+4] ^= SBOX[T]; T = m_X[k+5] ^= SBOX[T];
+ T = m_X[k+6] ^= SBOX[T]; T = m_X[k+7] ^= SBOX[T];
}
T += static_cast<byte>(i);
}
- T = checksum[15];
+ T = m_checksum[15];
for(size_t i = 0; i != hash_block_size(); ++i)
- T = checksum[i] ^= SBOX[input[i] ^ T];
+ T = m_checksum[i] ^= SBOX[input[i] ^ T];
}
/**
@@ -65,23 +65,23 @@ void MD2::hash(const byte input[])
*/
void MD2::add_data(const byte input[], size_t length)
{
- buffer_insert(buffer, position, input, length);
+ buffer_insert(m_buffer, m_position, input, length);
- if(position + length >= hash_block_size())
+ if(m_position + length >= hash_block_size())
{
- hash(buffer.data());
- input += (hash_block_size() - position);
- length -= (hash_block_size() - position);
+ hash(m_buffer.data());
+ input += (hash_block_size() - m_position);
+ length -= (hash_block_size() - m_position);
while(length >= hash_block_size())
{
hash(input);
input += hash_block_size();
length -= hash_block_size();
}
- copy_mem(buffer.data(), input, length);
- position = 0;
+ copy_mem(m_buffer.data(), input, length);
+ m_position = 0;
}
- position += length;
+ m_position += length;
}
/**
@@ -89,12 +89,12 @@ void MD2::add_data(const byte input[], size_t length)
*/
void MD2::final_result(byte output[])
{
- for(size_t i = position; i != hash_block_size(); ++i)
- buffer[i] = static_cast<byte>(hash_block_size() - position);
+ for(size_t i = m_position; i != hash_block_size(); ++i)
+ m_buffer[i] = static_cast<byte>(hash_block_size() - m_position);
- hash(buffer.data());
- hash(checksum.data());
- copy_mem(output, X.data(), output_length());
+ hash(m_buffer.data());
+ hash(m_checksum.data());
+ copy_mem(output, m_X.data(), output_length());
clear();
}
@@ -103,10 +103,10 @@ void MD2::final_result(byte output[])
*/
void MD2::clear()
{
- zeroise(X);
- zeroise(checksum);
- zeroise(buffer);
- position = 0;
+ zeroise(m_X);
+ zeroise(m_checksum);
+ zeroise(m_buffer);
+ m_position = 0;
}
}
diff --git a/src/lib/hash/md2/md2.h b/src/lib/hash/md2/md2.h
index 62f1b8a9f..58629495a 100644
--- a/src/lib/hash/md2/md2.h
+++ b/src/lib/hash/md2/md2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MD2
*/
-class BOTAN_DLL MD2 : public HashFunction
+class BOTAN_DLL MD2 final : public HashFunction
{
public:
std::string name() const override { return "MD2"; }
@@ -25,15 +25,15 @@ class BOTAN_DLL MD2 : public HashFunction
void clear() override;
- MD2() : X(48), checksum(16), buffer(16)
+ MD2() : m_X(48), m_checksum(16), m_buffer(16), m_position(0)
{ clear(); }
private:
void add_data(const byte[], size_t) override;
void hash(const byte[]);
void final_result(byte[]) override;
- secure_vector<byte> X, checksum, buffer;
- size_t position;
+ secure_vector<byte> m_X, m_checksum, m_buffer;
+ size_t m_position;
};
}
diff --git a/src/lib/hash/md4/md4.cpp b/src/lib/hash/md4/md4.cpp
index 6f4503ac0..d22f2d1ac 100644
--- a/src/lib/hash/md4/md4.cpp
+++ b/src/lib/hash/md4/md4.cpp
@@ -45,43 +45,43 @@ inline void HH(u32bit& A, u32bit B, u32bit C, u32bit D, u32bit M, byte S)
*/
void MD4::compress_n(const byte input[], size_t blocks)
{
- u32bit A = digest[0], B = digest[1], C = digest[2], D = digest[3];
+ u32bit A = m_digest[0], B = m_digest[1], C = m_digest[2], D = m_digest[3];
for(size_t i = 0; i != blocks; ++i)
{
- load_le(M.data(), input, M.size());
-
- FF(A,B,C,D,M[ 0], 3); FF(D,A,B,C,M[ 1], 7);
- FF(C,D,A,B,M[ 2],11); FF(B,C,D,A,M[ 3],19);
- FF(A,B,C,D,M[ 4], 3); FF(D,A,B,C,M[ 5], 7);
- FF(C,D,A,B,M[ 6],11); FF(B,C,D,A,M[ 7],19);
- FF(A,B,C,D,M[ 8], 3); FF(D,A,B,C,M[ 9], 7);
- FF(C,D,A,B,M[10],11); FF(B,C,D,A,M[11],19);
- FF(A,B,C,D,M[12], 3); FF(D,A,B,C,M[13], 7);
- FF(C,D,A,B,M[14],11); FF(B,C,D,A,M[15],19);
-
- GG(A,B,C,D,M[ 0], 3); GG(D,A,B,C,M[ 4], 5);
- GG(C,D,A,B,M[ 8], 9); GG(B,C,D,A,M[12],13);
- GG(A,B,C,D,M[ 1], 3); GG(D,A,B,C,M[ 5], 5);
- GG(C,D,A,B,M[ 9], 9); GG(B,C,D,A,M[13],13);
- GG(A,B,C,D,M[ 2], 3); GG(D,A,B,C,M[ 6], 5);
- GG(C,D,A,B,M[10], 9); GG(B,C,D,A,M[14],13);
- GG(A,B,C,D,M[ 3], 3); GG(D,A,B,C,M[ 7], 5);
- GG(C,D,A,B,M[11], 9); GG(B,C,D,A,M[15],13);
-
- HH(A,B,C,D,M[ 0], 3); HH(D,A,B,C,M[ 8], 9);
- HH(C,D,A,B,M[ 4],11); HH(B,C,D,A,M[12],15);
- HH(A,B,C,D,M[ 2], 3); HH(D,A,B,C,M[10], 9);
- HH(C,D,A,B,M[ 6],11); HH(B,C,D,A,M[14],15);
- HH(A,B,C,D,M[ 1], 3); HH(D,A,B,C,M[ 9], 9);
- HH(C,D,A,B,M[ 5],11); HH(B,C,D,A,M[13],15);
- HH(A,B,C,D,M[ 3], 3); HH(D,A,B,C,M[11], 9);
- HH(C,D,A,B,M[ 7],11); HH(B,C,D,A,M[15],15);
-
- A = (digest[0] += A);
- B = (digest[1] += B);
- C = (digest[2] += C);
- D = (digest[3] += D);
+ load_le(m_M.data(), input, m_M.size());
+
+ FF(A,B,C,D,m_M[ 0], 3); FF(D,A,B,C,m_M[ 1], 7);
+ FF(C,D,A,B,m_M[ 2],11); FF(B,C,D,A,m_M[ 3],19);
+ FF(A,B,C,D,m_M[ 4], 3); FF(D,A,B,C,m_M[ 5], 7);
+ FF(C,D,A,B,m_M[ 6],11); FF(B,C,D,A,m_M[ 7],19);
+ FF(A,B,C,D,m_M[ 8], 3); FF(D,A,B,C,m_M[ 9], 7);
+ FF(C,D,A,B,m_M[10],11); FF(B,C,D,A,m_M[11],19);
+ FF(A,B,C,D,m_M[12], 3); FF(D,A,B,C,m_M[13], 7);
+ FF(C,D,A,B,m_M[14],11); FF(B,C,D,A,m_M[15],19);
+
+ GG(A,B,C,D,m_M[ 0], 3); GG(D,A,B,C,m_M[ 4], 5);
+ GG(C,D,A,B,m_M[ 8], 9); GG(B,C,D,A,m_M[12],13);
+ GG(A,B,C,D,m_M[ 1], 3); GG(D,A,B,C,m_M[ 5], 5);
+ GG(C,D,A,B,m_M[ 9], 9); GG(B,C,D,A,m_M[13],13);
+ GG(A,B,C,D,m_M[ 2], 3); GG(D,A,B,C,m_M[ 6], 5);
+ GG(C,D,A,B,m_M[10], 9); GG(B,C,D,A,m_M[14],13);
+ GG(A,B,C,D,m_M[ 3], 3); GG(D,A,B,C,m_M[ 7], 5);
+ GG(C,D,A,B,m_M[11], 9); GG(B,C,D,A,m_M[15],13);
+
+ HH(A,B,C,D,m_M[ 0], 3); HH(D,A,B,C,m_M[ 8], 9);
+ HH(C,D,A,B,m_M[ 4],11); HH(B,C,D,A,m_M[12],15);
+ HH(A,B,C,D,m_M[ 2], 3); HH(D,A,B,C,m_M[10], 9);
+ HH(C,D,A,B,m_M[ 6],11); HH(B,C,D,A,m_M[14],15);
+ HH(A,B,C,D,m_M[ 1], 3); HH(D,A,B,C,m_M[ 9], 9);
+ HH(C,D,A,B,m_M[ 5],11); HH(B,C,D,A,m_M[13],15);
+ HH(A,B,C,D,m_M[ 3], 3); HH(D,A,B,C,m_M[11], 9);
+ HH(C,D,A,B,m_M[ 7],11); HH(B,C,D,A,m_M[15],15);
+
+ A = (m_digest[0] += A);
+ B = (m_digest[1] += B);
+ C = (m_digest[2] += C);
+ D = (m_digest[3] += D);
input += hash_block_size();
}
@@ -92,7 +92,7 @@ void MD4::compress_n(const byte input[], size_t blocks)
*/
void MD4::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -101,11 +101,11 @@ void MD4::copy_out(byte output[])
void MD4::clear()
{
MDx_HashFunction::clear();
- zeroise(M);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
+ zeroise(m_M);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
}
}
diff --git a/src/lib/hash/md4/md4.h b/src/lib/hash/md4/md4.h
index 182da4ab2..8b7ab5d70 100644
--- a/src/lib/hash/md4/md4.h
+++ b/src/lib/hash/md4/md4.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MD4
*/
-class BOTAN_DLL MD4 : public MDx_HashFunction
+class BOTAN_DLL MD4 final : public MDx_HashFunction
{
public:
std::string name() const override { return "MD4"; }
@@ -24,21 +24,22 @@ class BOTAN_DLL MD4 : public MDx_HashFunction
void clear() override;
- MD4() : MDx_HashFunction(64, false, true), M(16), digest(4)
+ MD4() : MDx_HashFunction(64, false, true), m_M(16), m_digest(4)
{ clear(); }
protected:
void compress_n(const byte input[], size_t blocks) override;
void copy_out(byte[]) override;
+ private:
/**
- * The message buffer, exposed for use by subclasses (x86 asm)
+ * The message buffer
*/
- secure_vector<u32bit> M;
+ secure_vector<u32bit> m_M;
/**
- * The digest value, exposed for use by subclasses (x86 asm)
+ * The digest value
*/
- secure_vector<u32bit> digest;
+ secure_vector<u32bit> m_digest;
};
}
diff --git a/src/lib/hash/md5/md5.cpp b/src/lib/hash/md5/md5.cpp
index 89ca52419..439dbde7b 100644
--- a/src/lib/hash/md5/md5.cpp
+++ b/src/lib/hash/md5/md5.cpp
@@ -58,52 +58,52 @@ inline void II(u32bit& A, u32bit B, u32bit C, u32bit D, u32bit msg,
*/
void MD5::compress_n(const byte input[], size_t blocks)
{
- u32bit A = digest[0], B = digest[1], C = digest[2], D = digest[3];
+ u32bit A = m_digest[0], B = m_digest[1], C = m_digest[2], D = m_digest[3];
for(size_t i = 0; i != blocks; ++i)
{
- load_le(M.data(), input, M.size());
-
- FF(A,B,C,D,M[ 0], 7,0xD76AA478); FF(D,A,B,C,M[ 1],12,0xE8C7B756);
- FF(C,D,A,B,M[ 2],17,0x242070DB); FF(B,C,D,A,M[ 3],22,0xC1BDCEEE);
- FF(A,B,C,D,M[ 4], 7,0xF57C0FAF); FF(D,A,B,C,M[ 5],12,0x4787C62A);
- FF(C,D,A,B,M[ 6],17,0xA8304613); FF(B,C,D,A,M[ 7],22,0xFD469501);
- FF(A,B,C,D,M[ 8], 7,0x698098D8); FF(D,A,B,C,M[ 9],12,0x8B44F7AF);
- FF(C,D,A,B,M[10],17,0xFFFF5BB1); FF(B,C,D,A,M[11],22,0x895CD7BE);
- FF(A,B,C,D,M[12], 7,0x6B901122); FF(D,A,B,C,M[13],12,0xFD987193);
- FF(C,D,A,B,M[14],17,0xA679438E); FF(B,C,D,A,M[15],22,0x49B40821);
-
- GG(A,B,C,D,M[ 1], 5,0xF61E2562); GG(D,A,B,C,M[ 6], 9,0xC040B340);
- GG(C,D,A,B,M[11],14,0x265E5A51); GG(B,C,D,A,M[ 0],20,0xE9B6C7AA);
- GG(A,B,C,D,M[ 5], 5,0xD62F105D); GG(D,A,B,C,M[10], 9,0x02441453);
- GG(C,D,A,B,M[15],14,0xD8A1E681); GG(B,C,D,A,M[ 4],20,0xE7D3FBC8);
- GG(A,B,C,D,M[ 9], 5,0x21E1CDE6); GG(D,A,B,C,M[14], 9,0xC33707D6);
- GG(C,D,A,B,M[ 3],14,0xF4D50D87); GG(B,C,D,A,M[ 8],20,0x455A14ED);
- GG(A,B,C,D,M[13], 5,0xA9E3E905); GG(D,A,B,C,M[ 2], 9,0xFCEFA3F8);
- GG(C,D,A,B,M[ 7],14,0x676F02D9); GG(B,C,D,A,M[12],20,0x8D2A4C8A);
-
- HH(A,B,C,D,M[ 5], 4,0xFFFA3942); HH(D,A,B,C,M[ 8],11,0x8771F681);
- HH(C,D,A,B,M[11],16,0x6D9D6122); HH(B,C,D,A,M[14],23,0xFDE5380C);
- HH(A,B,C,D,M[ 1], 4,0xA4BEEA44); HH(D,A,B,C,M[ 4],11,0x4BDECFA9);
- HH(C,D,A,B,M[ 7],16,0xF6BB4B60); HH(B,C,D,A,M[10],23,0xBEBFBC70);
- HH(A,B,C,D,M[13], 4,0x289B7EC6); HH(D,A,B,C,M[ 0],11,0xEAA127FA);
- HH(C,D,A,B,M[ 3],16,0xD4EF3085); HH(B,C,D,A,M[ 6],23,0x04881D05);
- HH(A,B,C,D,M[ 9], 4,0xD9D4D039); HH(D,A,B,C,M[12],11,0xE6DB99E5);
- HH(C,D,A,B,M[15],16,0x1FA27CF8); HH(B,C,D,A,M[ 2],23,0xC4AC5665);
-
- II(A,B,C,D,M[ 0], 6,0xF4292244); II(D,A,B,C,M[ 7],10,0x432AFF97);
- II(C,D,A,B,M[14],15,0xAB9423A7); II(B,C,D,A,M[ 5],21,0xFC93A039);
- II(A,B,C,D,M[12], 6,0x655B59C3); II(D,A,B,C,M[ 3],10,0x8F0CCC92);
- II(C,D,A,B,M[10],15,0xFFEFF47D); II(B,C,D,A,M[ 1],21,0x85845DD1);
- II(A,B,C,D,M[ 8], 6,0x6FA87E4F); II(D,A,B,C,M[15],10,0xFE2CE6E0);
- II(C,D,A,B,M[ 6],15,0xA3014314); II(B,C,D,A,M[13],21,0x4E0811A1);
- II(A,B,C,D,M[ 4], 6,0xF7537E82); II(D,A,B,C,M[11],10,0xBD3AF235);
- II(C,D,A,B,M[ 2],15,0x2AD7D2BB); II(B,C,D,A,M[ 9],21,0xEB86D391);
-
- A = (digest[0] += A);
- B = (digest[1] += B);
- C = (digest[2] += C);
- D = (digest[3] += D);
+ load_le(m_M.data(), input, m_M.size());
+
+ FF(A,B,C,D,m_M[ 0], 7,0xD76AA478); FF(D,A,B,C,m_M[ 1],12,0xE8C7B756);
+ FF(C,D,A,B,m_M[ 2],17,0x242070DB); FF(B,C,D,A,m_M[ 3],22,0xC1BDCEEE);
+ FF(A,B,C,D,m_M[ 4], 7,0xF57C0FAF); FF(D,A,B,C,m_M[ 5],12,0x4787C62A);
+ FF(C,D,A,B,m_M[ 6],17,0xA8304613); FF(B,C,D,A,m_M[ 7],22,0xFD469501);
+ FF(A,B,C,D,m_M[ 8], 7,0x698098D8); FF(D,A,B,C,m_M[ 9],12,0x8B44F7AF);
+ FF(C,D,A,B,m_M[10],17,0xFFFF5BB1); FF(B,C,D,A,m_M[11],22,0x895CD7BE);
+ FF(A,B,C,D,m_M[12], 7,0x6B901122); FF(D,A,B,C,m_M[13],12,0xFD987193);
+ FF(C,D,A,B,m_M[14],17,0xA679438E); FF(B,C,D,A,m_M[15],22,0x49B40821);
+
+ GG(A,B,C,D,m_M[ 1], 5,0xF61E2562); GG(D,A,B,C,m_M[ 6], 9,0xC040B340);
+ GG(C,D,A,B,m_M[11],14,0x265E5A51); GG(B,C,D,A,m_M[ 0],20,0xE9B6C7AA);
+ GG(A,B,C,D,m_M[ 5], 5,0xD62F105D); GG(D,A,B,C,m_M[10], 9,0x02441453);
+ GG(C,D,A,B,m_M[15],14,0xD8A1E681); GG(B,C,D,A,m_M[ 4],20,0xE7D3FBC8);
+ GG(A,B,C,D,m_M[ 9], 5,0x21E1CDE6); GG(D,A,B,C,m_M[14], 9,0xC33707D6);
+ GG(C,D,A,B,m_M[ 3],14,0xF4D50D87); GG(B,C,D,A,m_M[ 8],20,0x455A14ED);
+ GG(A,B,C,D,m_M[13], 5,0xA9E3E905); GG(D,A,B,C,m_M[ 2], 9,0xFCEFA3F8);
+ GG(C,D,A,B,m_M[ 7],14,0x676F02D9); GG(B,C,D,A,m_M[12],20,0x8D2A4C8A);
+
+ HH(A,B,C,D,m_M[ 5], 4,0xFFFA3942); HH(D,A,B,C,m_M[ 8],11,0x8771F681);
+ HH(C,D,A,B,m_M[11],16,0x6D9D6122); HH(B,C,D,A,m_M[14],23,0xFDE5380C);
+ HH(A,B,C,D,m_M[ 1], 4,0xA4BEEA44); HH(D,A,B,C,m_M[ 4],11,0x4BDECFA9);
+ HH(C,D,A,B,m_M[ 7],16,0xF6BB4B60); HH(B,C,D,A,m_M[10],23,0xBEBFBC70);
+ HH(A,B,C,D,m_M[13], 4,0x289B7EC6); HH(D,A,B,C,m_M[ 0],11,0xEAA127FA);
+ HH(C,D,A,B,m_M[ 3],16,0xD4EF3085); HH(B,C,D,A,m_M[ 6],23,0x04881D05);
+ HH(A,B,C,D,m_M[ 9], 4,0xD9D4D039); HH(D,A,B,C,m_M[12],11,0xE6DB99E5);
+ HH(C,D,A,B,m_M[15],16,0x1FA27CF8); HH(B,C,D,A,m_M[ 2],23,0xC4AC5665);
+
+ II(A,B,C,D,m_M[ 0], 6,0xF4292244); II(D,A,B,C,m_M[ 7],10,0x432AFF97);
+ II(C,D,A,B,m_M[14],15,0xAB9423A7); II(B,C,D,A,m_M[ 5],21,0xFC93A039);
+ II(A,B,C,D,m_M[12], 6,0x655B59C3); II(D,A,B,C,m_M[ 3],10,0x8F0CCC92);
+ II(C,D,A,B,m_M[10],15,0xFFEFF47D); II(B,C,D,A,m_M[ 1],21,0x85845DD1);
+ II(A,B,C,D,m_M[ 8], 6,0x6FA87E4F); II(D,A,B,C,m_M[15],10,0xFE2CE6E0);
+ II(C,D,A,B,m_M[ 6],15,0xA3014314); II(B,C,D,A,m_M[13],21,0x4E0811A1);
+ II(A,B,C,D,m_M[ 4], 6,0xF7537E82); II(D,A,B,C,m_M[11],10,0xBD3AF235);
+ II(C,D,A,B,m_M[ 2],15,0x2AD7D2BB); II(B,C,D,A,m_M[ 9],21,0xEB86D391);
+
+ A = (m_digest[0] += A);
+ B = (m_digest[1] += B);
+ C = (m_digest[2] += C);
+ D = (m_digest[3] += D);
input += hash_block_size();
}
@@ -114,7 +114,7 @@ void MD5::compress_n(const byte input[], size_t blocks)
*/
void MD5::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -123,11 +123,11 @@ void MD5::copy_out(byte output[])
void MD5::clear()
{
MDx_HashFunction::clear();
- zeroise(M);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
+ zeroise(m_M);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
}
}
diff --git a/src/lib/hash/md5/md5.h b/src/lib/hash/md5/md5.h
index 9c5e548c0..bbeffee50 100644
--- a/src/lib/hash/md5/md5.h
+++ b/src/lib/hash/md5/md5.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* MD5
*/
-class BOTAN_DLL MD5 : public MDx_HashFunction
+class BOTAN_DLL MD5 final : public MDx_HashFunction
{
public:
std::string name() const override { return "MD5"; }
@@ -24,21 +24,22 @@ class BOTAN_DLL MD5 : public MDx_HashFunction
void clear() override;
- MD5() : MDx_HashFunction(64, false, true), M(16), digest(4)
+ MD5() : MDx_HashFunction(64, false, true), m_M(16), m_digest(4)
{ clear(); }
protected:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
+ private:
/**
- * The message buffer, exposed for use by subclasses (x86 asm)
+ * The message buffer
*/
- secure_vector<u32bit> M;
+ secure_vector<u32bit> m_M;
/**
- * The digest value, exposed for use by subclasses (x86 asm)
+ * The digest value
*/
- secure_vector<u32bit> digest;
+ secure_vector<u32bit> m_digest;
};
}
diff --git a/src/lib/hash/mdx_hash/mdx_hash.cpp b/src/lib/hash/mdx_hash/mdx_hash.cpp
index bd754d3cc..f21b4ac34 100644
--- a/src/lib/hash/mdx_hash/mdx_hash.cpp
+++ b/src/lib/hash/mdx_hash/mdx_hash.cpp
@@ -18,12 +18,12 @@ MDx_HashFunction::MDx_HashFunction(size_t block_len,
bool byte_end,
bool bit_end,
size_t cnt_size) :
- buffer(block_len),
+ m_buffer(block_len),
BIG_BYTE_ENDIAN(byte_end),
BIG_BIT_ENDIAN(bit_end),
COUNT_SIZE(cnt_size)
{
- count = position = 0;
+ m_count = m_position = 0;
}
/*
@@ -31,8 +31,8 @@ MDx_HashFunction::MDx_HashFunction(size_t block_len,
*/
void MDx_HashFunction::clear()
{
- zeroise(buffer);
- count = position = 0;
+ zeroise(m_buffer);
+ m_count = m_position = 0;
}
/*
@@ -40,29 +40,29 @@ void MDx_HashFunction::clear()
*/
void MDx_HashFunction::add_data(const byte input[], size_t length)
{
- count += length;
+ m_count += length;
- if(position)
+ if(m_position)
{
- buffer_insert(buffer, position, input, length);
+ buffer_insert(m_buffer, m_position, input, length);
- if(position + length >= buffer.size())
+ if(m_position + length >= m_buffer.size())
{
- compress_n(buffer.data(), 1);
- input += (buffer.size() - position);
- length -= (buffer.size() - position);
- position = 0;
+ compress_n(m_buffer.data(), 1);
+ input += (m_buffer.size() - m_position);
+ length -= (m_buffer.size() - m_position);
+ m_position = 0;
}
}
- const size_t full_blocks = length / buffer.size();
- const size_t remaining = length % buffer.size();
+ const size_t full_blocks = length / m_buffer.size();
+ const size_t remaining = length % m_buffer.size();
if(full_blocks)
compress_n(input, full_blocks);
- buffer_insert(buffer, position, input + full_blocks * buffer.size(), remaining);
- position += remaining;
+ buffer_insert(m_buffer, m_position, input + full_blocks * m_buffer.size(), remaining);
+ m_position += remaining;
}
/*
@@ -70,19 +70,19 @@ void MDx_HashFunction::add_data(const byte input[], size_t length)
*/
void MDx_HashFunction::final_result(byte output[])
{
- buffer[position] = (BIG_BIT_ENDIAN ? 0x80 : 0x01);
- for(size_t i = position+1; i != buffer.size(); ++i)
- buffer[i] = 0;
+ m_buffer[m_position] = (BIG_BIT_ENDIAN ? 0x80 : 0x01);
+ for(size_t i = m_position+1; i != m_buffer.size(); ++i)
+ m_buffer[i] = 0;
- if(position >= buffer.size() - COUNT_SIZE)
+ if(m_position >= m_buffer.size() - COUNT_SIZE)
{
- compress_n(buffer.data(), 1);
- zeroise(buffer);
+ compress_n(m_buffer.data(), 1);
+ zeroise(m_buffer);
}
- write_count(&buffer[buffer.size() - COUNT_SIZE]);
+ write_count(&m_buffer[m_buffer.size() - COUNT_SIZE]);
- compress_n(buffer.data(), 1);
+ compress_n(m_buffer.data(), 1);
copy_out(output);
clear();
}
@@ -97,7 +97,7 @@ void MDx_HashFunction::write_count(byte out[])
if(COUNT_SIZE >= output_length() || COUNT_SIZE >= hash_block_size())
throw Invalid_Argument("MDx_HashFunction: COUNT_SIZE is too big");
- const u64bit bit_count = count * 8;
+ const u64bit bit_count = m_count * 8;
if(BIG_BYTE_ENDIAN)
store_be(bit_count, out + COUNT_SIZE - 8);
diff --git a/src/lib/hash/mdx_hash/mdx_hash.h b/src/lib/hash/mdx_hash/mdx_hash.h
index 2652d9ea6..4b2f9bad0 100644
--- a/src/lib/hash/mdx_hash/mdx_hash.h
+++ b/src/lib/hash/mdx_hash/mdx_hash.h
@@ -29,7 +29,7 @@ class BOTAN_DLL MDx_HashFunction : public HashFunction
bool big_bit_endian,
size_t counter_size = 8);
- size_t hash_block_size() const override { return buffer.size(); }
+ size_t hash_block_size() const override { return m_buffer.size(); }
protected:
void add_data(const byte input[], size_t length) override;
void final_result(byte output[]) override;
@@ -55,9 +55,9 @@ class BOTAN_DLL MDx_HashFunction : public HashFunction
*/
virtual void write_count(byte out[]);
private:
- secure_vector<byte> buffer;
- u64bit count;
- size_t position;
+ secure_vector<byte> m_buffer;
+ u64bit m_count;
+ size_t m_position;
const bool BIG_BYTE_ENDIAN, BIG_BIT_ENDIAN;
const size_t COUNT_SIZE;
diff --git a/src/lib/hash/par_hash/par_hash.cpp b/src/lib/hash/par_hash/par_hash.cpp
index 5e970ab13..5645a99c7 100644
--- a/src/lib/hash/par_hash/par_hash.cpp
+++ b/src/lib/hash/par_hash/par_hash.cpp
@@ -12,24 +12,24 @@ namespace Botan {
Parallel* Parallel::make(const Spec& spec)
{
- std::vector<std::unique_ptr<HashFunction>> hashes;
+ std::vector<std::unique_ptr<HashFunction>> m_hashes;
for(size_t i = 0; i != spec.arg_count(); ++i)
{
auto h = HashFunction::create(spec.arg(i));
if(!h)
return nullptr;
- hashes.push_back(std::move(h));
+ m_hashes.push_back(std::move(h));
}
Parallel* p = new Parallel;
- std::swap(p->hashes, hashes);
+ std::swap(p->m_hashes, m_hashes);
return p;
}
void Parallel::add_data(const byte input[], size_t length)
{
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
hash->update(input, length);
}
@@ -37,7 +37,7 @@ void Parallel::final_result(byte out[])
{
u32bit offset = 0;
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
{
hash->final(out + offset);
offset += hash->output_length();
@@ -48,7 +48,7 @@ size_t Parallel::output_length() const
{
size_t sum = 0;
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
sum += hash->output_length();
return sum;
}
@@ -57,7 +57,7 @@ std::string Parallel::name() const
{
std::vector<std::string> names;
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
names.push_back(hash->name());
return "Parallel(" + string_join(names, ',') + ")";
@@ -67,7 +67,7 @@ HashFunction* Parallel::clone() const
{
std::vector<HashFunction*> hash_copies;
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
hash_copies.push_back(hash->clone());
return new Parallel(hash_copies);
@@ -75,7 +75,7 @@ HashFunction* Parallel::clone() const
void Parallel::clear()
{
- for(auto&& hash : hashes)
+ for(auto&& hash : m_hashes)
hash->clear();
}
@@ -84,7 +84,7 @@ Parallel::Parallel(const std::vector<HashFunction*>& in)
for(size_t i = 0; i != in.size(); ++i)
{
std::unique_ptr<HashFunction> h(in[i]->clone());
- hashes.push_back(std::move(h));
+ m_hashes.push_back(std::move(h));
}
}
diff --git a/src/lib/hash/par_hash/par_hash.h b/src/lib/hash/par_hash/par_hash.h
index 0410e6826..3a93f4e8e 100644
--- a/src/lib/hash/par_hash/par_hash.h
+++ b/src/lib/hash/par_hash/par_hash.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Parallel Hashes
*/
-class BOTAN_DLL Parallel : public HashFunction
+class BOTAN_DLL Parallel final : public HashFunction
{
public:
void clear() override;
@@ -28,7 +28,7 @@ class BOTAN_DLL Parallel : public HashFunction
/**
* @param hashes a set of hashes to compute in parallel
*/
- Parallel(const std::vector<HashFunction*>& hashes);
+ explicit Parallel(const std::vector<HashFunction*>& hashes);
Parallel(const Parallel&) = delete;
Parallel& operator=(const Parallel&) = delete;
@@ -40,7 +40,7 @@ class BOTAN_DLL Parallel : public HashFunction
void add_data(const byte[], size_t) override;
void final_result(byte[]) override;
- std::vector<std::unique_ptr<HashFunction>> hashes;
+ std::vector<std::unique_ptr<HashFunction>> m_hashes;
};
}
diff --git a/src/lib/hash/rmd128/rmd128.cpp b/src/lib/hash/rmd128/rmd128.cpp
index 394bf2acf..e520fa0c3 100644
--- a/src/lib/hash/rmd128/rmd128.cpp
+++ b/src/lib/hash/rmd128/rmd128.cpp
@@ -66,84 +66,84 @@ void RIPEMD_128::compress_n(const byte input[], size_t blocks)
for(size_t i = 0; i != blocks; ++i)
{
- load_le(M.data(), input, M.size());
-
- u32bit A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1,
- C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1;
-
- F1(A1,B1,C1,D1,M[ 0],11 ); F4(A2,B2,C2,D2,M[ 5], 8,MAGIC5);
- F1(D1,A1,B1,C1,M[ 1],14 ); F4(D2,A2,B2,C2,M[14], 9,MAGIC5);
- F1(C1,D1,A1,B1,M[ 2],15 ); F4(C2,D2,A2,B2,M[ 7], 9,MAGIC5);
- F1(B1,C1,D1,A1,M[ 3],12 ); F4(B2,C2,D2,A2,M[ 0],11,MAGIC5);
- F1(A1,B1,C1,D1,M[ 4], 5 ); F4(A2,B2,C2,D2,M[ 9],13,MAGIC5);
- F1(D1,A1,B1,C1,M[ 5], 8 ); F4(D2,A2,B2,C2,M[ 2],15,MAGIC5);
- F1(C1,D1,A1,B1,M[ 6], 7 ); F4(C2,D2,A2,B2,M[11],15,MAGIC5);
- F1(B1,C1,D1,A1,M[ 7], 9 ); F4(B2,C2,D2,A2,M[ 4], 5,MAGIC5);
- F1(A1,B1,C1,D1,M[ 8],11 ); F4(A2,B2,C2,D2,M[13], 7,MAGIC5);
- F1(D1,A1,B1,C1,M[ 9],13 ); F4(D2,A2,B2,C2,M[ 6], 7,MAGIC5);
- F1(C1,D1,A1,B1,M[10],14 ); F4(C2,D2,A2,B2,M[15], 8,MAGIC5);
- F1(B1,C1,D1,A1,M[11],15 ); F4(B2,C2,D2,A2,M[ 8],11,MAGIC5);
- F1(A1,B1,C1,D1,M[12], 6 ); F4(A2,B2,C2,D2,M[ 1],14,MAGIC5);
- F1(D1,A1,B1,C1,M[13], 7 ); F4(D2,A2,B2,C2,M[10],14,MAGIC5);
- F1(C1,D1,A1,B1,M[14], 9 ); F4(C2,D2,A2,B2,M[ 3],12,MAGIC5);
- F1(B1,C1,D1,A1,M[15], 8 ); F4(B2,C2,D2,A2,M[12], 6,MAGIC5);
-
- F2(A1,B1,C1,D1,M[ 7], 7,MAGIC2); F3(A2,B2,C2,D2,M[ 6], 9,MAGIC6);
- F2(D1,A1,B1,C1,M[ 4], 6,MAGIC2); F3(D2,A2,B2,C2,M[11],13,MAGIC6);
- F2(C1,D1,A1,B1,M[13], 8,MAGIC2); F3(C2,D2,A2,B2,M[ 3],15,MAGIC6);
- F2(B1,C1,D1,A1,M[ 1],13,MAGIC2); F3(B2,C2,D2,A2,M[ 7], 7,MAGIC6);
- F2(A1,B1,C1,D1,M[10],11,MAGIC2); F3(A2,B2,C2,D2,M[ 0],12,MAGIC6);
- F2(D1,A1,B1,C1,M[ 6], 9,MAGIC2); F3(D2,A2,B2,C2,M[13], 8,MAGIC6);
- F2(C1,D1,A1,B1,M[15], 7,MAGIC2); F3(C2,D2,A2,B2,M[ 5], 9,MAGIC6);
- F2(B1,C1,D1,A1,M[ 3],15,MAGIC2); F3(B2,C2,D2,A2,M[10],11,MAGIC6);
- F2(A1,B1,C1,D1,M[12], 7,MAGIC2); F3(A2,B2,C2,D2,M[14], 7,MAGIC6);
- F2(D1,A1,B1,C1,M[ 0],12,MAGIC2); F3(D2,A2,B2,C2,M[15], 7,MAGIC6);
- F2(C1,D1,A1,B1,M[ 9],15,MAGIC2); F3(C2,D2,A2,B2,M[ 8],12,MAGIC6);
- F2(B1,C1,D1,A1,M[ 5], 9,MAGIC2); F3(B2,C2,D2,A2,M[12], 7,MAGIC6);
- F2(A1,B1,C1,D1,M[ 2],11,MAGIC2); F3(A2,B2,C2,D2,M[ 4], 6,MAGIC6);
- F2(D1,A1,B1,C1,M[14], 7,MAGIC2); F3(D2,A2,B2,C2,M[ 9],15,MAGIC6);
- F2(C1,D1,A1,B1,M[11],13,MAGIC2); F3(C2,D2,A2,B2,M[ 1],13,MAGIC6);
- F2(B1,C1,D1,A1,M[ 8],12,MAGIC2); F3(B2,C2,D2,A2,M[ 2],11,MAGIC6);
-
- F3(A1,B1,C1,D1,M[ 3],11,MAGIC3); F2(A2,B2,C2,D2,M[15], 9,MAGIC7);
- F3(D1,A1,B1,C1,M[10],13,MAGIC3); F2(D2,A2,B2,C2,M[ 5], 7,MAGIC7);
- F3(C1,D1,A1,B1,M[14], 6,MAGIC3); F2(C2,D2,A2,B2,M[ 1],15,MAGIC7);
- F3(B1,C1,D1,A1,M[ 4], 7,MAGIC3); F2(B2,C2,D2,A2,M[ 3],11,MAGIC7);
- F3(A1,B1,C1,D1,M[ 9],14,MAGIC3); F2(A2,B2,C2,D2,M[ 7], 8,MAGIC7);
- F3(D1,A1,B1,C1,M[15], 9,MAGIC3); F2(D2,A2,B2,C2,M[14], 6,MAGIC7);
- F3(C1,D1,A1,B1,M[ 8],13,MAGIC3); F2(C2,D2,A2,B2,M[ 6], 6,MAGIC7);
- F3(B1,C1,D1,A1,M[ 1],15,MAGIC3); F2(B2,C2,D2,A2,M[ 9],14,MAGIC7);
- F3(A1,B1,C1,D1,M[ 2],14,MAGIC3); F2(A2,B2,C2,D2,M[11],12,MAGIC7);
- F3(D1,A1,B1,C1,M[ 7], 8,MAGIC3); F2(D2,A2,B2,C2,M[ 8],13,MAGIC7);
- F3(C1,D1,A1,B1,M[ 0],13,MAGIC3); F2(C2,D2,A2,B2,M[12], 5,MAGIC7);
- F3(B1,C1,D1,A1,M[ 6], 6,MAGIC3); F2(B2,C2,D2,A2,M[ 2],14,MAGIC7);
- F3(A1,B1,C1,D1,M[13], 5,MAGIC3); F2(A2,B2,C2,D2,M[10],13,MAGIC7);
- F3(D1,A1,B1,C1,M[11],12,MAGIC3); F2(D2,A2,B2,C2,M[ 0],13,MAGIC7);
- F3(C1,D1,A1,B1,M[ 5], 7,MAGIC3); F2(C2,D2,A2,B2,M[ 4], 7,MAGIC7);
- F3(B1,C1,D1,A1,M[12], 5,MAGIC3); F2(B2,C2,D2,A2,M[13], 5,MAGIC7);
-
- F4(A1,B1,C1,D1,M[ 1],11,MAGIC4); F1(A2,B2,C2,D2,M[ 8],15 );
- F4(D1,A1,B1,C1,M[ 9],12,MAGIC4); F1(D2,A2,B2,C2,M[ 6], 5 );
- F4(C1,D1,A1,B1,M[11],14,MAGIC4); F1(C2,D2,A2,B2,M[ 4], 8 );
- F4(B1,C1,D1,A1,M[10],15,MAGIC4); F1(B2,C2,D2,A2,M[ 1],11 );
- F4(A1,B1,C1,D1,M[ 0],14,MAGIC4); F1(A2,B2,C2,D2,M[ 3],14 );
- F4(D1,A1,B1,C1,M[ 8],15,MAGIC4); F1(D2,A2,B2,C2,M[11],14 );
- F4(C1,D1,A1,B1,M[12], 9,MAGIC4); F1(C2,D2,A2,B2,M[15], 6 );
- F4(B1,C1,D1,A1,M[ 4], 8,MAGIC4); F1(B2,C2,D2,A2,M[ 0],14 );
- F4(A1,B1,C1,D1,M[13], 9,MAGIC4); F1(A2,B2,C2,D2,M[ 5], 6 );
- F4(D1,A1,B1,C1,M[ 3],14,MAGIC4); F1(D2,A2,B2,C2,M[12], 9 );
- F4(C1,D1,A1,B1,M[ 7], 5,MAGIC4); F1(C2,D2,A2,B2,M[ 2],12 );
- F4(B1,C1,D1,A1,M[15], 6,MAGIC4); F1(B2,C2,D2,A2,M[13], 9 );
- F4(A1,B1,C1,D1,M[14], 8,MAGIC4); F1(A2,B2,C2,D2,M[ 9],12 );
- F4(D1,A1,B1,C1,M[ 5], 6,MAGIC4); F1(D2,A2,B2,C2,M[ 7], 5 );
- F4(C1,D1,A1,B1,M[ 6], 5,MAGIC4); F1(C2,D2,A2,B2,M[10],15 );
- F4(B1,C1,D1,A1,M[ 2],12,MAGIC4); F1(B2,C2,D2,A2,M[14], 8 );
-
- D2 = digest[1] + C1 + D2;
- digest[1] = digest[2] + D1 + A2;
- digest[2] = digest[3] + A1 + B2;
- digest[3] = digest[0] + B1 + C2;
- digest[0] = D2;
+ load_le(m_M.data(), input, m_M.size());
+
+ u32bit A1 = m_digest[0], A2 = A1, B1 = m_digest[1], B2 = B1,
+ C1 = m_digest[2], C2 = C1, D1 = m_digest[3], D2 = D1;
+
+ F1(A1,B1,C1,D1,m_M[ 0],11 ); F4(A2,B2,C2,D2,m_M[ 5], 8,MAGIC5);
+ F1(D1,A1,B1,C1,m_M[ 1],14 ); F4(D2,A2,B2,C2,m_M[14], 9,MAGIC5);
+ F1(C1,D1,A1,B1,m_M[ 2],15 ); F4(C2,D2,A2,B2,m_M[ 7], 9,MAGIC5);
+ F1(B1,C1,D1,A1,m_M[ 3],12 ); F4(B2,C2,D2,A2,m_M[ 0],11,MAGIC5);
+ F1(A1,B1,C1,D1,m_M[ 4], 5 ); F4(A2,B2,C2,D2,m_M[ 9],13,MAGIC5);
+ F1(D1,A1,B1,C1,m_M[ 5], 8 ); F4(D2,A2,B2,C2,m_M[ 2],15,MAGIC5);
+ F1(C1,D1,A1,B1,m_M[ 6], 7 ); F4(C2,D2,A2,B2,m_M[11],15,MAGIC5);
+ F1(B1,C1,D1,A1,m_M[ 7], 9 ); F4(B2,C2,D2,A2,m_M[ 4], 5,MAGIC5);
+ F1(A1,B1,C1,D1,m_M[ 8],11 ); F4(A2,B2,C2,D2,m_M[13], 7,MAGIC5);
+ F1(D1,A1,B1,C1,m_M[ 9],13 ); F4(D2,A2,B2,C2,m_M[ 6], 7,MAGIC5);
+ F1(C1,D1,A1,B1,m_M[10],14 ); F4(C2,D2,A2,B2,m_M[15], 8,MAGIC5);
+ F1(B1,C1,D1,A1,m_M[11],15 ); F4(B2,C2,D2,A2,m_M[ 8],11,MAGIC5);
+ F1(A1,B1,C1,D1,m_M[12], 6 ); F4(A2,B2,C2,D2,m_M[ 1],14,MAGIC5);
+ F1(D1,A1,B1,C1,m_M[13], 7 ); F4(D2,A2,B2,C2,m_M[10],14,MAGIC5);
+ F1(C1,D1,A1,B1,m_M[14], 9 ); F4(C2,D2,A2,B2,m_M[ 3],12,MAGIC5);
+ F1(B1,C1,D1,A1,m_M[15], 8 ); F4(B2,C2,D2,A2,m_M[12], 6,MAGIC5);
+
+ F2(A1,B1,C1,D1,m_M[ 7], 7,MAGIC2); F3(A2,B2,C2,D2,m_M[ 6], 9,MAGIC6);
+ F2(D1,A1,B1,C1,m_M[ 4], 6,MAGIC2); F3(D2,A2,B2,C2,m_M[11],13,MAGIC6);
+ F2(C1,D1,A1,B1,m_M[13], 8,MAGIC2); F3(C2,D2,A2,B2,m_M[ 3],15,MAGIC6);
+ F2(B1,C1,D1,A1,m_M[ 1],13,MAGIC2); F3(B2,C2,D2,A2,m_M[ 7], 7,MAGIC6);
+ F2(A1,B1,C1,D1,m_M[10],11,MAGIC2); F3(A2,B2,C2,D2,m_M[ 0],12,MAGIC6);
+ F2(D1,A1,B1,C1,m_M[ 6], 9,MAGIC2); F3(D2,A2,B2,C2,m_M[13], 8,MAGIC6);
+ F2(C1,D1,A1,B1,m_M[15], 7,MAGIC2); F3(C2,D2,A2,B2,m_M[ 5], 9,MAGIC6);
+ F2(B1,C1,D1,A1,m_M[ 3],15,MAGIC2); F3(B2,C2,D2,A2,m_M[10],11,MAGIC6);
+ F2(A1,B1,C1,D1,m_M[12], 7,MAGIC2); F3(A2,B2,C2,D2,m_M[14], 7,MAGIC6);
+ F2(D1,A1,B1,C1,m_M[ 0],12,MAGIC2); F3(D2,A2,B2,C2,m_M[15], 7,MAGIC6);
+ F2(C1,D1,A1,B1,m_M[ 9],15,MAGIC2); F3(C2,D2,A2,B2,m_M[ 8],12,MAGIC6);
+ F2(B1,C1,D1,A1,m_M[ 5], 9,MAGIC2); F3(B2,C2,D2,A2,m_M[12], 7,MAGIC6);
+ F2(A1,B1,C1,D1,m_M[ 2],11,MAGIC2); F3(A2,B2,C2,D2,m_M[ 4], 6,MAGIC6);
+ F2(D1,A1,B1,C1,m_M[14], 7,MAGIC2); F3(D2,A2,B2,C2,m_M[ 9],15,MAGIC6);
+ F2(C1,D1,A1,B1,m_M[11],13,MAGIC2); F3(C2,D2,A2,B2,m_M[ 1],13,MAGIC6);
+ F2(B1,C1,D1,A1,m_M[ 8],12,MAGIC2); F3(B2,C2,D2,A2,m_M[ 2],11,MAGIC6);
+
+ F3(A1,B1,C1,D1,m_M[ 3],11,MAGIC3); F2(A2,B2,C2,D2,m_M[15], 9,MAGIC7);
+ F3(D1,A1,B1,C1,m_M[10],13,MAGIC3); F2(D2,A2,B2,C2,m_M[ 5], 7,MAGIC7);
+ F3(C1,D1,A1,B1,m_M[14], 6,MAGIC3); F2(C2,D2,A2,B2,m_M[ 1],15,MAGIC7);
+ F3(B1,C1,D1,A1,m_M[ 4], 7,MAGIC3); F2(B2,C2,D2,A2,m_M[ 3],11,MAGIC7);
+ F3(A1,B1,C1,D1,m_M[ 9],14,MAGIC3); F2(A2,B2,C2,D2,m_M[ 7], 8,MAGIC7);
+ F3(D1,A1,B1,C1,m_M[15], 9,MAGIC3); F2(D2,A2,B2,C2,m_M[14], 6,MAGIC7);
+ F3(C1,D1,A1,B1,m_M[ 8],13,MAGIC3); F2(C2,D2,A2,B2,m_M[ 6], 6,MAGIC7);
+ F3(B1,C1,D1,A1,m_M[ 1],15,MAGIC3); F2(B2,C2,D2,A2,m_M[ 9],14,MAGIC7);
+ F3(A1,B1,C1,D1,m_M[ 2],14,MAGIC3); F2(A2,B2,C2,D2,m_M[11],12,MAGIC7);
+ F3(D1,A1,B1,C1,m_M[ 7], 8,MAGIC3); F2(D2,A2,B2,C2,m_M[ 8],13,MAGIC7);
+ F3(C1,D1,A1,B1,m_M[ 0],13,MAGIC3); F2(C2,D2,A2,B2,m_M[12], 5,MAGIC7);
+ F3(B1,C1,D1,A1,m_M[ 6], 6,MAGIC3); F2(B2,C2,D2,A2,m_M[ 2],14,MAGIC7);
+ F3(A1,B1,C1,D1,m_M[13], 5,MAGIC3); F2(A2,B2,C2,D2,m_M[10],13,MAGIC7);
+ F3(D1,A1,B1,C1,m_M[11],12,MAGIC3); F2(D2,A2,B2,C2,m_M[ 0],13,MAGIC7);
+ F3(C1,D1,A1,B1,m_M[ 5], 7,MAGIC3); F2(C2,D2,A2,B2,m_M[ 4], 7,MAGIC7);
+ F3(B1,C1,D1,A1,m_M[12], 5,MAGIC3); F2(B2,C2,D2,A2,m_M[13], 5,MAGIC7);
+
+ F4(A1,B1,C1,D1,m_M[ 1],11,MAGIC4); F1(A2,B2,C2,D2,m_M[ 8],15 );
+ F4(D1,A1,B1,C1,m_M[ 9],12,MAGIC4); F1(D2,A2,B2,C2,m_M[ 6], 5 );
+ F4(C1,D1,A1,B1,m_M[11],14,MAGIC4); F1(C2,D2,A2,B2,m_M[ 4], 8 );
+ F4(B1,C1,D1,A1,m_M[10],15,MAGIC4); F1(B2,C2,D2,A2,m_M[ 1],11 );
+ F4(A1,B1,C1,D1,m_M[ 0],14,MAGIC4); F1(A2,B2,C2,D2,m_M[ 3],14 );
+ F4(D1,A1,B1,C1,m_M[ 8],15,MAGIC4); F1(D2,A2,B2,C2,m_M[11],14 );
+ F4(C1,D1,A1,B1,m_M[12], 9,MAGIC4); F1(C2,D2,A2,B2,m_M[15], 6 );
+ F4(B1,C1,D1,A1,m_M[ 4], 8,MAGIC4); F1(B2,C2,D2,A2,m_M[ 0],14 );
+ F4(A1,B1,C1,D1,m_M[13], 9,MAGIC4); F1(A2,B2,C2,D2,m_M[ 5], 6 );
+ F4(D1,A1,B1,C1,m_M[ 3],14,MAGIC4); F1(D2,A2,B2,C2,m_M[12], 9 );
+ F4(C1,D1,A1,B1,m_M[ 7], 5,MAGIC4); F1(C2,D2,A2,B2,m_M[ 2],12 );
+ F4(B1,C1,D1,A1,m_M[15], 6,MAGIC4); F1(B2,C2,D2,A2,m_M[13], 9 );
+ F4(A1,B1,C1,D1,m_M[14], 8,MAGIC4); F1(A2,B2,C2,D2,m_M[ 9],12 );
+ F4(D1,A1,B1,C1,m_M[ 5], 6,MAGIC4); F1(D2,A2,B2,C2,m_M[ 7], 5 );
+ F4(C1,D1,A1,B1,m_M[ 6], 5,MAGIC4); F1(C2,D2,A2,B2,m_M[10],15 );
+ F4(B1,C1,D1,A1,m_M[ 2],12,MAGIC4); F1(B2,C2,D2,A2,m_M[14], 8 );
+
+ D2 = m_digest[1] + C1 + D2;
+ m_digest[1] = m_digest[2] + D1 + A2;
+ m_digest[2] = m_digest[3] + A1 + B2;
+ m_digest[3] = m_digest[0] + B1 + C2;
+ m_digest[0] = D2;
input += hash_block_size();
}
@@ -154,7 +154,7 @@ void RIPEMD_128::compress_n(const byte input[], size_t blocks)
*/
void RIPEMD_128::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -163,11 +163,11 @@ void RIPEMD_128::copy_out(byte output[])
void RIPEMD_128::clear()
{
MDx_HashFunction::clear();
- zeroise(M);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
+ zeroise(m_M);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
}
}
diff --git a/src/lib/hash/rmd128/rmd128.h b/src/lib/hash/rmd128/rmd128.h
index ea1eb2286..ba36ab902 100644
--- a/src/lib/hash/rmd128/rmd128.h
+++ b/src/lib/hash/rmd128/rmd128.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RIPEMD-128
*/
-class BOTAN_DLL RIPEMD_128 : public MDx_HashFunction
+class BOTAN_DLL RIPEMD_128 final : public MDx_HashFunction
{
public:
std::string name() const override { return "RIPEMD-128"; }
@@ -24,13 +24,13 @@ class BOTAN_DLL RIPEMD_128 : public MDx_HashFunction
void clear() override;
- RIPEMD_128() : MDx_HashFunction(64, false, true), M(16), digest(4)
+ RIPEMD_128() : MDx_HashFunction(64, false, true), m_M(16), m_digest(4)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
- secure_vector<u32bit> M, digest;
+ secure_vector<u32bit> m_M, m_digest;
};
}
diff --git a/src/lib/hash/rmd160/rmd160.cpp b/src/lib/hash/rmd160/rmd160.cpp
index 56d063338..a48b97882 100644
--- a/src/lib/hash/rmd160/rmd160.cpp
+++ b/src/lib/hash/rmd160/rmd160.cpp
@@ -80,103 +80,103 @@ void RIPEMD_160::compress_n(const byte input[], size_t blocks)
for(size_t i = 0; i != blocks; ++i)
{
- load_le(M.data(), input, M.size());
-
- u32bit A1 = digest[0], A2 = A1, B1 = digest[1], B2 = B1,
- C1 = digest[2], C2 = C1, D1 = digest[3], D2 = D1,
- E1 = digest[4], E2 = E1;
-
- F1(A1,B1,C1,D1,E1,M[ 0],11 ); F5(A2,B2,C2,D2,E2,M[ 5], 8,MAGIC6);
- F1(E1,A1,B1,C1,D1,M[ 1],14 ); F5(E2,A2,B2,C2,D2,M[14], 9,MAGIC6);
- F1(D1,E1,A1,B1,C1,M[ 2],15 ); F5(D2,E2,A2,B2,C2,M[ 7], 9,MAGIC6);
- F1(C1,D1,E1,A1,B1,M[ 3],12 ); F5(C2,D2,E2,A2,B2,M[ 0],11,MAGIC6);
- F1(B1,C1,D1,E1,A1,M[ 4], 5 ); F5(B2,C2,D2,E2,A2,M[ 9],13,MAGIC6);
- F1(A1,B1,C1,D1,E1,M[ 5], 8 ); F5(A2,B2,C2,D2,E2,M[ 2],15,MAGIC6);
- F1(E1,A1,B1,C1,D1,M[ 6], 7 ); F5(E2,A2,B2,C2,D2,M[11],15,MAGIC6);
- F1(D1,E1,A1,B1,C1,M[ 7], 9 ); F5(D2,E2,A2,B2,C2,M[ 4], 5,MAGIC6);
- F1(C1,D1,E1,A1,B1,M[ 8],11 ); F5(C2,D2,E2,A2,B2,M[13], 7,MAGIC6);
- F1(B1,C1,D1,E1,A1,M[ 9],13 ); F5(B2,C2,D2,E2,A2,M[ 6], 7,MAGIC6);
- F1(A1,B1,C1,D1,E1,M[10],14 ); F5(A2,B2,C2,D2,E2,M[15], 8,MAGIC6);
- F1(E1,A1,B1,C1,D1,M[11],15 ); F5(E2,A2,B2,C2,D2,M[ 8],11,MAGIC6);
- F1(D1,E1,A1,B1,C1,M[12], 6 ); F5(D2,E2,A2,B2,C2,M[ 1],14,MAGIC6);
- F1(C1,D1,E1,A1,B1,M[13], 7 ); F5(C2,D2,E2,A2,B2,M[10],14,MAGIC6);
- F1(B1,C1,D1,E1,A1,M[14], 9 ); F5(B2,C2,D2,E2,A2,M[ 3],12,MAGIC6);
- F1(A1,B1,C1,D1,E1,M[15], 8 ); F5(A2,B2,C2,D2,E2,M[12], 6,MAGIC6);
-
- F2(E1,A1,B1,C1,D1,M[ 7], 7,MAGIC2); F4(E2,A2,B2,C2,D2,M[ 6], 9,MAGIC7);
- F2(D1,E1,A1,B1,C1,M[ 4], 6,MAGIC2); F4(D2,E2,A2,B2,C2,M[11],13,MAGIC7);
- F2(C1,D1,E1,A1,B1,M[13], 8,MAGIC2); F4(C2,D2,E2,A2,B2,M[ 3],15,MAGIC7);
- F2(B1,C1,D1,E1,A1,M[ 1],13,MAGIC2); F4(B2,C2,D2,E2,A2,M[ 7], 7,MAGIC7);
- F2(A1,B1,C1,D1,E1,M[10],11,MAGIC2); F4(A2,B2,C2,D2,E2,M[ 0],12,MAGIC7);
- F2(E1,A1,B1,C1,D1,M[ 6], 9,MAGIC2); F4(E2,A2,B2,C2,D2,M[13], 8,MAGIC7);
- F2(D1,E1,A1,B1,C1,M[15], 7,MAGIC2); F4(D2,E2,A2,B2,C2,M[ 5], 9,MAGIC7);
- F2(C1,D1,E1,A1,B1,M[ 3],15,MAGIC2); F4(C2,D2,E2,A2,B2,M[10],11,MAGIC7);
- F2(B1,C1,D1,E1,A1,M[12], 7,MAGIC2); F4(B2,C2,D2,E2,A2,M[14], 7,MAGIC7);
- F2(A1,B1,C1,D1,E1,M[ 0],12,MAGIC2); F4(A2,B2,C2,D2,E2,M[15], 7,MAGIC7);
- F2(E1,A1,B1,C1,D1,M[ 9],15,MAGIC2); F4(E2,A2,B2,C2,D2,M[ 8],12,MAGIC7);
- F2(D1,E1,A1,B1,C1,M[ 5], 9,MAGIC2); F4(D2,E2,A2,B2,C2,M[12], 7,MAGIC7);
- F2(C1,D1,E1,A1,B1,M[ 2],11,MAGIC2); F4(C2,D2,E2,A2,B2,M[ 4], 6,MAGIC7);
- F2(B1,C1,D1,E1,A1,M[14], 7,MAGIC2); F4(B2,C2,D2,E2,A2,M[ 9],15,MAGIC7);
- F2(A1,B1,C1,D1,E1,M[11],13,MAGIC2); F4(A2,B2,C2,D2,E2,M[ 1],13,MAGIC7);
- F2(E1,A1,B1,C1,D1,M[ 8],12,MAGIC2); F4(E2,A2,B2,C2,D2,M[ 2],11,MAGIC7);
-
- F3(D1,E1,A1,B1,C1,M[ 3],11,MAGIC3); F3(D2,E2,A2,B2,C2,M[15], 9,MAGIC8);
- F3(C1,D1,E1,A1,B1,M[10],13,MAGIC3); F3(C2,D2,E2,A2,B2,M[ 5], 7,MAGIC8);
- F3(B1,C1,D1,E1,A1,M[14], 6,MAGIC3); F3(B2,C2,D2,E2,A2,M[ 1],15,MAGIC8);
- F3(A1,B1,C1,D1,E1,M[ 4], 7,MAGIC3); F3(A2,B2,C2,D2,E2,M[ 3],11,MAGIC8);
- F3(E1,A1,B1,C1,D1,M[ 9],14,MAGIC3); F3(E2,A2,B2,C2,D2,M[ 7], 8,MAGIC8);
- F3(D1,E1,A1,B1,C1,M[15], 9,MAGIC3); F3(D2,E2,A2,B2,C2,M[14], 6,MAGIC8);
- F3(C1,D1,E1,A1,B1,M[ 8],13,MAGIC3); F3(C2,D2,E2,A2,B2,M[ 6], 6,MAGIC8);
- F3(B1,C1,D1,E1,A1,M[ 1],15,MAGIC3); F3(B2,C2,D2,E2,A2,M[ 9],14,MAGIC8);
- F3(A1,B1,C1,D1,E1,M[ 2],14,MAGIC3); F3(A2,B2,C2,D2,E2,M[11],12,MAGIC8);
- F3(E1,A1,B1,C1,D1,M[ 7], 8,MAGIC3); F3(E2,A2,B2,C2,D2,M[ 8],13,MAGIC8);
- F3(D1,E1,A1,B1,C1,M[ 0],13,MAGIC3); F3(D2,E2,A2,B2,C2,M[12], 5,MAGIC8);
- F3(C1,D1,E1,A1,B1,M[ 6], 6,MAGIC3); F3(C2,D2,E2,A2,B2,M[ 2],14,MAGIC8);
- F3(B1,C1,D1,E1,A1,M[13], 5,MAGIC3); F3(B2,C2,D2,E2,A2,M[10],13,MAGIC8);
- F3(A1,B1,C1,D1,E1,M[11],12,MAGIC3); F3(A2,B2,C2,D2,E2,M[ 0],13,MAGIC8);
- F3(E1,A1,B1,C1,D1,M[ 5], 7,MAGIC3); F3(E2,A2,B2,C2,D2,M[ 4], 7,MAGIC8);
- F3(D1,E1,A1,B1,C1,M[12], 5,MAGIC3); F3(D2,E2,A2,B2,C2,M[13], 5,MAGIC8);
-
- F4(C1,D1,E1,A1,B1,M[ 1],11,MAGIC4); F2(C2,D2,E2,A2,B2,M[ 8],15,MAGIC9);
- F4(B1,C1,D1,E1,A1,M[ 9],12,MAGIC4); F2(B2,C2,D2,E2,A2,M[ 6], 5,MAGIC9);
- F4(A1,B1,C1,D1,E1,M[11],14,MAGIC4); F2(A2,B2,C2,D2,E2,M[ 4], 8,MAGIC9);
- F4(E1,A1,B1,C1,D1,M[10],15,MAGIC4); F2(E2,A2,B2,C2,D2,M[ 1],11,MAGIC9);
- F4(D1,E1,A1,B1,C1,M[ 0],14,MAGIC4); F2(D2,E2,A2,B2,C2,M[ 3],14,MAGIC9);
- F4(C1,D1,E1,A1,B1,M[ 8],15,MAGIC4); F2(C2,D2,E2,A2,B2,M[11],14,MAGIC9);
- F4(B1,C1,D1,E1,A1,M[12], 9,MAGIC4); F2(B2,C2,D2,E2,A2,M[15], 6,MAGIC9);
- F4(A1,B1,C1,D1,E1,M[ 4], 8,MAGIC4); F2(A2,B2,C2,D2,E2,M[ 0],14,MAGIC9);
- F4(E1,A1,B1,C1,D1,M[13], 9,MAGIC4); F2(E2,A2,B2,C2,D2,M[ 5], 6,MAGIC9);
- F4(D1,E1,A1,B1,C1,M[ 3],14,MAGIC4); F2(D2,E2,A2,B2,C2,M[12], 9,MAGIC9);
- F4(C1,D1,E1,A1,B1,M[ 7], 5,MAGIC4); F2(C2,D2,E2,A2,B2,M[ 2],12,MAGIC9);
- F4(B1,C1,D1,E1,A1,M[15], 6,MAGIC4); F2(B2,C2,D2,E2,A2,M[13], 9,MAGIC9);
- F4(A1,B1,C1,D1,E1,M[14], 8,MAGIC4); F2(A2,B2,C2,D2,E2,M[ 9],12,MAGIC9);
- F4(E1,A1,B1,C1,D1,M[ 5], 6,MAGIC4); F2(E2,A2,B2,C2,D2,M[ 7], 5,MAGIC9);
- F4(D1,E1,A1,B1,C1,M[ 6], 5,MAGIC4); F2(D2,E2,A2,B2,C2,M[10],15,MAGIC9);
- F4(C1,D1,E1,A1,B1,M[ 2],12,MAGIC4); F2(C2,D2,E2,A2,B2,M[14], 8,MAGIC9);
-
- F5(B1,C1,D1,E1,A1,M[ 4], 9,MAGIC5); F1(B2,C2,D2,E2,A2,M[12], 8 );
- F5(A1,B1,C1,D1,E1,M[ 0],15,MAGIC5); F1(A2,B2,C2,D2,E2,M[15], 5 );
- F5(E1,A1,B1,C1,D1,M[ 5], 5,MAGIC5); F1(E2,A2,B2,C2,D2,M[10],12 );
- F5(D1,E1,A1,B1,C1,M[ 9],11,MAGIC5); F1(D2,E2,A2,B2,C2,M[ 4], 9 );
- F5(C1,D1,E1,A1,B1,M[ 7], 6,MAGIC5); F1(C2,D2,E2,A2,B2,M[ 1],12 );
- F5(B1,C1,D1,E1,A1,M[12], 8,MAGIC5); F1(B2,C2,D2,E2,A2,M[ 5], 5 );
- F5(A1,B1,C1,D1,E1,M[ 2],13,MAGIC5); F1(A2,B2,C2,D2,E2,M[ 8],14 );
- F5(E1,A1,B1,C1,D1,M[10],12,MAGIC5); F1(E2,A2,B2,C2,D2,M[ 7], 6 );
- F5(D1,E1,A1,B1,C1,M[14], 5,MAGIC5); F1(D2,E2,A2,B2,C2,M[ 6], 8 );
- F5(C1,D1,E1,A1,B1,M[ 1],12,MAGIC5); F1(C2,D2,E2,A2,B2,M[ 2],13 );
- F5(B1,C1,D1,E1,A1,M[ 3],13,MAGIC5); F1(B2,C2,D2,E2,A2,M[13], 6 );
- F5(A1,B1,C1,D1,E1,M[ 8],14,MAGIC5); F1(A2,B2,C2,D2,E2,M[14], 5 );
- F5(E1,A1,B1,C1,D1,M[11],11,MAGIC5); F1(E2,A2,B2,C2,D2,M[ 0],15 );
- F5(D1,E1,A1,B1,C1,M[ 6], 8,MAGIC5); F1(D2,E2,A2,B2,C2,M[ 3],13 );
- F5(C1,D1,E1,A1,B1,M[15], 5,MAGIC5); F1(C2,D2,E2,A2,B2,M[ 9],11 );
- F5(B1,C1,D1,E1,A1,M[13], 6,MAGIC5); F1(B2,C2,D2,E2,A2,M[11],11 );
-
- C1 = digest[1] + C1 + D2;
- digest[1] = digest[2] + D1 + E2;
- digest[2] = digest[3] + E1 + A2;
- digest[3] = digest[4] + A1 + B2;
- digest[4] = digest[0] + B1 + C2;
- digest[0] = C1;
+ load_le(m_M.data(), input, m_M.size());
+
+ u32bit A1 = m_digest[0], A2 = A1, B1 = m_digest[1], B2 = B1,
+ C1 = m_digest[2], C2 = C1, D1 = m_digest[3], D2 = D1,
+ E1 = m_digest[4], E2 = E1;
+
+ F1(A1,B1,C1,D1,E1,m_M[ 0],11 ); F5(A2,B2,C2,D2,E2,m_M[ 5], 8,MAGIC6);
+ F1(E1,A1,B1,C1,D1,m_M[ 1],14 ); F5(E2,A2,B2,C2,D2,m_M[14], 9,MAGIC6);
+ F1(D1,E1,A1,B1,C1,m_M[ 2],15 ); F5(D2,E2,A2,B2,C2,m_M[ 7], 9,MAGIC6);
+ F1(C1,D1,E1,A1,B1,m_M[ 3],12 ); F5(C2,D2,E2,A2,B2,m_M[ 0],11,MAGIC6);
+ F1(B1,C1,D1,E1,A1,m_M[ 4], 5 ); F5(B2,C2,D2,E2,A2,m_M[ 9],13,MAGIC6);
+ F1(A1,B1,C1,D1,E1,m_M[ 5], 8 ); F5(A2,B2,C2,D2,E2,m_M[ 2],15,MAGIC6);
+ F1(E1,A1,B1,C1,D1,m_M[ 6], 7 ); F5(E2,A2,B2,C2,D2,m_M[11],15,MAGIC6);
+ F1(D1,E1,A1,B1,C1,m_M[ 7], 9 ); F5(D2,E2,A2,B2,C2,m_M[ 4], 5,MAGIC6);
+ F1(C1,D1,E1,A1,B1,m_M[ 8],11 ); F5(C2,D2,E2,A2,B2,m_M[13], 7,MAGIC6);
+ F1(B1,C1,D1,E1,A1,m_M[ 9],13 ); F5(B2,C2,D2,E2,A2,m_M[ 6], 7,MAGIC6);
+ F1(A1,B1,C1,D1,E1,m_M[10],14 ); F5(A2,B2,C2,D2,E2,m_M[15], 8,MAGIC6);
+ F1(E1,A1,B1,C1,D1,m_M[11],15 ); F5(E2,A2,B2,C2,D2,m_M[ 8],11,MAGIC6);
+ F1(D1,E1,A1,B1,C1,m_M[12], 6 ); F5(D2,E2,A2,B2,C2,m_M[ 1],14,MAGIC6);
+ F1(C1,D1,E1,A1,B1,m_M[13], 7 ); F5(C2,D2,E2,A2,B2,m_M[10],14,MAGIC6);
+ F1(B1,C1,D1,E1,A1,m_M[14], 9 ); F5(B2,C2,D2,E2,A2,m_M[ 3],12,MAGIC6);
+ F1(A1,B1,C1,D1,E1,m_M[15], 8 ); F5(A2,B2,C2,D2,E2,m_M[12], 6,MAGIC6);
+
+ F2(E1,A1,B1,C1,D1,m_M[ 7], 7,MAGIC2); F4(E2,A2,B2,C2,D2,m_M[ 6], 9,MAGIC7);
+ F2(D1,E1,A1,B1,C1,m_M[ 4], 6,MAGIC2); F4(D2,E2,A2,B2,C2,m_M[11],13,MAGIC7);
+ F2(C1,D1,E1,A1,B1,m_M[13], 8,MAGIC2); F4(C2,D2,E2,A2,B2,m_M[ 3],15,MAGIC7);
+ F2(B1,C1,D1,E1,A1,m_M[ 1],13,MAGIC2); F4(B2,C2,D2,E2,A2,m_M[ 7], 7,MAGIC7);
+ F2(A1,B1,C1,D1,E1,m_M[10],11,MAGIC2); F4(A2,B2,C2,D2,E2,m_M[ 0],12,MAGIC7);
+ F2(E1,A1,B1,C1,D1,m_M[ 6], 9,MAGIC2); F4(E2,A2,B2,C2,D2,m_M[13], 8,MAGIC7);
+ F2(D1,E1,A1,B1,C1,m_M[15], 7,MAGIC2); F4(D2,E2,A2,B2,C2,m_M[ 5], 9,MAGIC7);
+ F2(C1,D1,E1,A1,B1,m_M[ 3],15,MAGIC2); F4(C2,D2,E2,A2,B2,m_M[10],11,MAGIC7);
+ F2(B1,C1,D1,E1,A1,m_M[12], 7,MAGIC2); F4(B2,C2,D2,E2,A2,m_M[14], 7,MAGIC7);
+ F2(A1,B1,C1,D1,E1,m_M[ 0],12,MAGIC2); F4(A2,B2,C2,D2,E2,m_M[15], 7,MAGIC7);
+ F2(E1,A1,B1,C1,D1,m_M[ 9],15,MAGIC2); F4(E2,A2,B2,C2,D2,m_M[ 8],12,MAGIC7);
+ F2(D1,E1,A1,B1,C1,m_M[ 5], 9,MAGIC2); F4(D2,E2,A2,B2,C2,m_M[12], 7,MAGIC7);
+ F2(C1,D1,E1,A1,B1,m_M[ 2],11,MAGIC2); F4(C2,D2,E2,A2,B2,m_M[ 4], 6,MAGIC7);
+ F2(B1,C1,D1,E1,A1,m_M[14], 7,MAGIC2); F4(B2,C2,D2,E2,A2,m_M[ 9],15,MAGIC7);
+ F2(A1,B1,C1,D1,E1,m_M[11],13,MAGIC2); F4(A2,B2,C2,D2,E2,m_M[ 1],13,MAGIC7);
+ F2(E1,A1,B1,C1,D1,m_M[ 8],12,MAGIC2); F4(E2,A2,B2,C2,D2,m_M[ 2],11,MAGIC7);
+
+ F3(D1,E1,A1,B1,C1,m_M[ 3],11,MAGIC3); F3(D2,E2,A2,B2,C2,m_M[15], 9,MAGIC8);
+ F3(C1,D1,E1,A1,B1,m_M[10],13,MAGIC3); F3(C2,D2,E2,A2,B2,m_M[ 5], 7,MAGIC8);
+ F3(B1,C1,D1,E1,A1,m_M[14], 6,MAGIC3); F3(B2,C2,D2,E2,A2,m_M[ 1],15,MAGIC8);
+ F3(A1,B1,C1,D1,E1,m_M[ 4], 7,MAGIC3); F3(A2,B2,C2,D2,E2,m_M[ 3],11,MAGIC8);
+ F3(E1,A1,B1,C1,D1,m_M[ 9],14,MAGIC3); F3(E2,A2,B2,C2,D2,m_M[ 7], 8,MAGIC8);
+ F3(D1,E1,A1,B1,C1,m_M[15], 9,MAGIC3); F3(D2,E2,A2,B2,C2,m_M[14], 6,MAGIC8);
+ F3(C1,D1,E1,A1,B1,m_M[ 8],13,MAGIC3); F3(C2,D2,E2,A2,B2,m_M[ 6], 6,MAGIC8);
+ F3(B1,C1,D1,E1,A1,m_M[ 1],15,MAGIC3); F3(B2,C2,D2,E2,A2,m_M[ 9],14,MAGIC8);
+ F3(A1,B1,C1,D1,E1,m_M[ 2],14,MAGIC3); F3(A2,B2,C2,D2,E2,m_M[11],12,MAGIC8);
+ F3(E1,A1,B1,C1,D1,m_M[ 7], 8,MAGIC3); F3(E2,A2,B2,C2,D2,m_M[ 8],13,MAGIC8);
+ F3(D1,E1,A1,B1,C1,m_M[ 0],13,MAGIC3); F3(D2,E2,A2,B2,C2,m_M[12], 5,MAGIC8);
+ F3(C1,D1,E1,A1,B1,m_M[ 6], 6,MAGIC3); F3(C2,D2,E2,A2,B2,m_M[ 2],14,MAGIC8);
+ F3(B1,C1,D1,E1,A1,m_M[13], 5,MAGIC3); F3(B2,C2,D2,E2,A2,m_M[10],13,MAGIC8);
+ F3(A1,B1,C1,D1,E1,m_M[11],12,MAGIC3); F3(A2,B2,C2,D2,E2,m_M[ 0],13,MAGIC8);
+ F3(E1,A1,B1,C1,D1,m_M[ 5], 7,MAGIC3); F3(E2,A2,B2,C2,D2,m_M[ 4], 7,MAGIC8);
+ F3(D1,E1,A1,B1,C1,m_M[12], 5,MAGIC3); F3(D2,E2,A2,B2,C2,m_M[13], 5,MAGIC8);
+
+ F4(C1,D1,E1,A1,B1,m_M[ 1],11,MAGIC4); F2(C2,D2,E2,A2,B2,m_M[ 8],15,MAGIC9);
+ F4(B1,C1,D1,E1,A1,m_M[ 9],12,MAGIC4); F2(B2,C2,D2,E2,A2,m_M[ 6], 5,MAGIC9);
+ F4(A1,B1,C1,D1,E1,m_M[11],14,MAGIC4); F2(A2,B2,C2,D2,E2,m_M[ 4], 8,MAGIC9);
+ F4(E1,A1,B1,C1,D1,m_M[10],15,MAGIC4); F2(E2,A2,B2,C2,D2,m_M[ 1],11,MAGIC9);
+ F4(D1,E1,A1,B1,C1,m_M[ 0],14,MAGIC4); F2(D2,E2,A2,B2,C2,m_M[ 3],14,MAGIC9);
+ F4(C1,D1,E1,A1,B1,m_M[ 8],15,MAGIC4); F2(C2,D2,E2,A2,B2,m_M[11],14,MAGIC9);
+ F4(B1,C1,D1,E1,A1,m_M[12], 9,MAGIC4); F2(B2,C2,D2,E2,A2,m_M[15], 6,MAGIC9);
+ F4(A1,B1,C1,D1,E1,m_M[ 4], 8,MAGIC4); F2(A2,B2,C2,D2,E2,m_M[ 0],14,MAGIC9);
+ F4(E1,A1,B1,C1,D1,m_M[13], 9,MAGIC4); F2(E2,A2,B2,C2,D2,m_M[ 5], 6,MAGIC9);
+ F4(D1,E1,A1,B1,C1,m_M[ 3],14,MAGIC4); F2(D2,E2,A2,B2,C2,m_M[12], 9,MAGIC9);
+ F4(C1,D1,E1,A1,B1,m_M[ 7], 5,MAGIC4); F2(C2,D2,E2,A2,B2,m_M[ 2],12,MAGIC9);
+ F4(B1,C1,D1,E1,A1,m_M[15], 6,MAGIC4); F2(B2,C2,D2,E2,A2,m_M[13], 9,MAGIC9);
+ F4(A1,B1,C1,D1,E1,m_M[14], 8,MAGIC4); F2(A2,B2,C2,D2,E2,m_M[ 9],12,MAGIC9);
+ F4(E1,A1,B1,C1,D1,m_M[ 5], 6,MAGIC4); F2(E2,A2,B2,C2,D2,m_M[ 7], 5,MAGIC9);
+ F4(D1,E1,A1,B1,C1,m_M[ 6], 5,MAGIC4); F2(D2,E2,A2,B2,C2,m_M[10],15,MAGIC9);
+ F4(C1,D1,E1,A1,B1,m_M[ 2],12,MAGIC4); F2(C2,D2,E2,A2,B2,m_M[14], 8,MAGIC9);
+
+ F5(B1,C1,D1,E1,A1,m_M[ 4], 9,MAGIC5); F1(B2,C2,D2,E2,A2,m_M[12], 8 );
+ F5(A1,B1,C1,D1,E1,m_M[ 0],15,MAGIC5); F1(A2,B2,C2,D2,E2,m_M[15], 5 );
+ F5(E1,A1,B1,C1,D1,m_M[ 5], 5,MAGIC5); F1(E2,A2,B2,C2,D2,m_M[10],12 );
+ F5(D1,E1,A1,B1,C1,m_M[ 9],11,MAGIC5); F1(D2,E2,A2,B2,C2,m_M[ 4], 9 );
+ F5(C1,D1,E1,A1,B1,m_M[ 7], 6,MAGIC5); F1(C2,D2,E2,A2,B2,m_M[ 1],12 );
+ F5(B1,C1,D1,E1,A1,m_M[12], 8,MAGIC5); F1(B2,C2,D2,E2,A2,m_M[ 5], 5 );
+ F5(A1,B1,C1,D1,E1,m_M[ 2],13,MAGIC5); F1(A2,B2,C2,D2,E2,m_M[ 8],14 );
+ F5(E1,A1,B1,C1,D1,m_M[10],12,MAGIC5); F1(E2,A2,B2,C2,D2,m_M[ 7], 6 );
+ F5(D1,E1,A1,B1,C1,m_M[14], 5,MAGIC5); F1(D2,E2,A2,B2,C2,m_M[ 6], 8 );
+ F5(C1,D1,E1,A1,B1,m_M[ 1],12,MAGIC5); F1(C2,D2,E2,A2,B2,m_M[ 2],13 );
+ F5(B1,C1,D1,E1,A1,m_M[ 3],13,MAGIC5); F1(B2,C2,D2,E2,A2,m_M[13], 6 );
+ F5(A1,B1,C1,D1,E1,m_M[ 8],14,MAGIC5); F1(A2,B2,C2,D2,E2,m_M[14], 5 );
+ F5(E1,A1,B1,C1,D1,m_M[11],11,MAGIC5); F1(E2,A2,B2,C2,D2,m_M[ 0],15 );
+ F5(D1,E1,A1,B1,C1,m_M[ 6], 8,MAGIC5); F1(D2,E2,A2,B2,C2,m_M[ 3],13 );
+ F5(C1,D1,E1,A1,B1,m_M[15], 5,MAGIC5); F1(C2,D2,E2,A2,B2,m_M[ 9],11 );
+ F5(B1,C1,D1,E1,A1,m_M[13], 6,MAGIC5); F1(B2,C2,D2,E2,A2,m_M[11],11 );
+
+ C1 = m_digest[1] + C1 + D2;
+ m_digest[1] = m_digest[2] + D1 + E2;
+ m_digest[2] = m_digest[3] + E1 + A2;
+ m_digest[3] = m_digest[4] + A1 + B2;
+ m_digest[4] = m_digest[0] + B1 + C2;
+ m_digest[0] = C1;
input += hash_block_size();
}
@@ -187,7 +187,7 @@ void RIPEMD_160::compress_n(const byte input[], size_t blocks)
*/
void RIPEMD_160::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -196,12 +196,12 @@ void RIPEMD_160::copy_out(byte output[])
void RIPEMD_160::clear()
{
MDx_HashFunction::clear();
- zeroise(M);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
- digest[4] = 0xC3D2E1F0;
+ zeroise(m_M);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
+ m_digest[4] = 0xC3D2E1F0;
}
}
diff --git a/src/lib/hash/rmd160/rmd160.h b/src/lib/hash/rmd160/rmd160.h
index ad7182404..0e4103101 100644
--- a/src/lib/hash/rmd160/rmd160.h
+++ b/src/lib/hash/rmd160/rmd160.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* RIPEMD-160
*/
-class BOTAN_DLL RIPEMD_160 : public MDx_HashFunction
+class BOTAN_DLL RIPEMD_160 final : public MDx_HashFunction
{
public:
std::string name() const override { return "RIPEMD-160"; }
@@ -24,13 +24,13 @@ class BOTAN_DLL RIPEMD_160 : public MDx_HashFunction
void clear() override;
- RIPEMD_160() : MDx_HashFunction(64, false, true), M(16), digest(5)
+ RIPEMD_160() : MDx_HashFunction(64, false, true), m_M(16), m_digest(5)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
- secure_vector<u32bit> M, digest;
+ secure_vector<u32bit> m_M, m_digest;
};
}
diff --git a/src/lib/hash/sha1/sha160.cpp b/src/lib/hash/sha1/sha160.cpp
index 39d14f486..21e87465a 100644
--- a/src/lib/hash/sha1/sha160.cpp
+++ b/src/lib/hash/sha1/sha160.cpp
@@ -60,74 +60,74 @@ void SHA_160::compress_n(const byte input[], size_t blocks)
{
using namespace SHA1_F;
- u32bit A = digest[0], B = digest[1], C = digest[2],
- D = digest[3], E = digest[4];
+ u32bit A = m_digest[0], B = m_digest[1], C = m_digest[2],
+ D = m_digest[3], E = m_digest[4];
for(size_t i = 0; i != blocks; ++i)
{
- load_be(W.data(), input, 16);
+ load_be(m_W.data(), input, 16);
for(size_t j = 16; j != 80; j += 8)
{
- W[j ] = rotate_left((W[j-3] ^ W[j-8] ^ W[j-14] ^ W[j-16]), 1);
- W[j+1] = rotate_left((W[j-2] ^ W[j-7] ^ W[j-13] ^ W[j-15]), 1);
- W[j+2] = rotate_left((W[j-1] ^ W[j-6] ^ W[j-12] ^ W[j-14]), 1);
- W[j+3] = rotate_left((W[j ] ^ W[j-5] ^ W[j-11] ^ W[j-13]), 1);
- W[j+4] = rotate_left((W[j+1] ^ W[j-4] ^ W[j-10] ^ W[j-12]), 1);
- W[j+5] = rotate_left((W[j+2] ^ W[j-3] ^ W[j- 9] ^ W[j-11]), 1);
- W[j+6] = rotate_left((W[j+3] ^ W[j-2] ^ W[j- 8] ^ W[j-10]), 1);
- W[j+7] = rotate_left((W[j+4] ^ W[j-1] ^ W[j- 7] ^ W[j- 9]), 1);
+ m_W[j ] = rotate_left((m_W[j-3] ^ m_W[j-8] ^ m_W[j-14] ^ m_W[j-16]), 1);
+ m_W[j+1] = rotate_left((m_W[j-2] ^ m_W[j-7] ^ m_W[j-13] ^ m_W[j-15]), 1);
+ m_W[j+2] = rotate_left((m_W[j-1] ^ m_W[j-6] ^ m_W[j-12] ^ m_W[j-14]), 1);
+ m_W[j+3] = rotate_left((m_W[j ] ^ m_W[j-5] ^ m_W[j-11] ^ m_W[j-13]), 1);
+ m_W[j+4] = rotate_left((m_W[j+1] ^ m_W[j-4] ^ m_W[j-10] ^ m_W[j-12]), 1);
+ m_W[j+5] = rotate_left((m_W[j+2] ^ m_W[j-3] ^ m_W[j- 9] ^ m_W[j-11]), 1);
+ m_W[j+6] = rotate_left((m_W[j+3] ^ m_W[j-2] ^ m_W[j- 8] ^ m_W[j-10]), 1);
+ m_W[j+7] = rotate_left((m_W[j+4] ^ m_W[j-1] ^ m_W[j- 7] ^ m_W[j- 9]), 1);
}
- F1(A, B, C, D, E, W[ 0]); F1(E, A, B, C, D, W[ 1]);
- F1(D, E, A, B, C, W[ 2]); F1(C, D, E, A, B, W[ 3]);
- F1(B, C, D, E, A, W[ 4]); F1(A, B, C, D, E, W[ 5]);
- F1(E, A, B, C, D, W[ 6]); F1(D, E, A, B, C, W[ 7]);
- F1(C, D, E, A, B, W[ 8]); F1(B, C, D, E, A, W[ 9]);
- F1(A, B, C, D, E, W[10]); F1(E, A, B, C, D, W[11]);
- F1(D, E, A, B, C, W[12]); F1(C, D, E, A, B, W[13]);
- F1(B, C, D, E, A, W[14]); F1(A, B, C, D, E, W[15]);
- F1(E, A, B, C, D, W[16]); F1(D, E, A, B, C, W[17]);
- F1(C, D, E, A, B, W[18]); F1(B, C, D, E, A, W[19]);
-
- F2(A, B, C, D, E, W[20]); F2(E, A, B, C, D, W[21]);
- F2(D, E, A, B, C, W[22]); F2(C, D, E, A, B, W[23]);
- F2(B, C, D, E, A, W[24]); F2(A, B, C, D, E, W[25]);
- F2(E, A, B, C, D, W[26]); F2(D, E, A, B, C, W[27]);
- F2(C, D, E, A, B, W[28]); F2(B, C, D, E, A, W[29]);
- F2(A, B, C, D, E, W[30]); F2(E, A, B, C, D, W[31]);
- F2(D, E, A, B, C, W[32]); F2(C, D, E, A, B, W[33]);
- F2(B, C, D, E, A, W[34]); F2(A, B, C, D, E, W[35]);
- F2(E, A, B, C, D, W[36]); F2(D, E, A, B, C, W[37]);
- F2(C, D, E, A, B, W[38]); F2(B, C, D, E, A, W[39]);
-
- F3(A, B, C, D, E, W[40]); F3(E, A, B, C, D, W[41]);
- F3(D, E, A, B, C, W[42]); F3(C, D, E, A, B, W[43]);
- F3(B, C, D, E, A, W[44]); F3(A, B, C, D, E, W[45]);
- F3(E, A, B, C, D, W[46]); F3(D, E, A, B, C, W[47]);
- F3(C, D, E, A, B, W[48]); F3(B, C, D, E, A, W[49]);
- F3(A, B, C, D, E, W[50]); F3(E, A, B, C, D, W[51]);
- F3(D, E, A, B, C, W[52]); F3(C, D, E, A, B, W[53]);
- F3(B, C, D, E, A, W[54]); F3(A, B, C, D, E, W[55]);
- F3(E, A, B, C, D, W[56]); F3(D, E, A, B, C, W[57]);
- F3(C, D, E, A, B, W[58]); F3(B, C, D, E, A, W[59]);
-
- F4(A, B, C, D, E, W[60]); F4(E, A, B, C, D, W[61]);
- F4(D, E, A, B, C, W[62]); F4(C, D, E, A, B, W[63]);
- F4(B, C, D, E, A, W[64]); F4(A, B, C, D, E, W[65]);
- F4(E, A, B, C, D, W[66]); F4(D, E, A, B, C, W[67]);
- F4(C, D, E, A, B, W[68]); F4(B, C, D, E, A, W[69]);
- F4(A, B, C, D, E, W[70]); F4(E, A, B, C, D, W[71]);
- F4(D, E, A, B, C, W[72]); F4(C, D, E, A, B, W[73]);
- F4(B, C, D, E, A, W[74]); F4(A, B, C, D, E, W[75]);
- F4(E, A, B, C, D, W[76]); F4(D, E, A, B, C, W[77]);
- F4(C, D, E, A, B, W[78]); F4(B, C, D, E, A, W[79]);
-
- A = (digest[0] += A);
- B = (digest[1] += B);
- C = (digest[2] += C);
- D = (digest[3] += D);
- E = (digest[4] += E);
+ F1(A, B, C, D, E, m_W[ 0]); F1(E, A, B, C, D, m_W[ 1]);
+ F1(D, E, A, B, C, m_W[ 2]); F1(C, D, E, A, B, m_W[ 3]);
+ F1(B, C, D, E, A, m_W[ 4]); F1(A, B, C, D, E, m_W[ 5]);
+ F1(E, A, B, C, D, m_W[ 6]); F1(D, E, A, B, C, m_W[ 7]);
+ F1(C, D, E, A, B, m_W[ 8]); F1(B, C, D, E, A, m_W[ 9]);
+ F1(A, B, C, D, E, m_W[10]); F1(E, A, B, C, D, m_W[11]);
+ F1(D, E, A, B, C, m_W[12]); F1(C, D, E, A, B, m_W[13]);
+ F1(B, C, D, E, A, m_W[14]); F1(A, B, C, D, E, m_W[15]);
+ F1(E, A, B, C, D, m_W[16]); F1(D, E, A, B, C, m_W[17]);
+ F1(C, D, E, A, B, m_W[18]); F1(B, C, D, E, A, m_W[19]);
+
+ F2(A, B, C, D, E, m_W[20]); F2(E, A, B, C, D, m_W[21]);
+ F2(D, E, A, B, C, m_W[22]); F2(C, D, E, A, B, m_W[23]);
+ F2(B, C, D, E, A, m_W[24]); F2(A, B, C, D, E, m_W[25]);
+ F2(E, A, B, C, D, m_W[26]); F2(D, E, A, B, C, m_W[27]);
+ F2(C, D, E, A, B, m_W[28]); F2(B, C, D, E, A, m_W[29]);
+ F2(A, B, C, D, E, m_W[30]); F2(E, A, B, C, D, m_W[31]);
+ F2(D, E, A, B, C, m_W[32]); F2(C, D, E, A, B, m_W[33]);
+ F2(B, C, D, E, A, m_W[34]); F2(A, B, C, D, E, m_W[35]);
+ F2(E, A, B, C, D, m_W[36]); F2(D, E, A, B, C, m_W[37]);
+ F2(C, D, E, A, B, m_W[38]); F2(B, C, D, E, A, m_W[39]);
+
+ F3(A, B, C, D, E, m_W[40]); F3(E, A, B, C, D, m_W[41]);
+ F3(D, E, A, B, C, m_W[42]); F3(C, D, E, A, B, m_W[43]);
+ F3(B, C, D, E, A, m_W[44]); F3(A, B, C, D, E, m_W[45]);
+ F3(E, A, B, C, D, m_W[46]); F3(D, E, A, B, C, m_W[47]);
+ F3(C, D, E, A, B, m_W[48]); F3(B, C, D, E, A, m_W[49]);
+ F3(A, B, C, D, E, m_W[50]); F3(E, A, B, C, D, m_W[51]);
+ F3(D, E, A, B, C, m_W[52]); F3(C, D, E, A, B, m_W[53]);
+ F3(B, C, D, E, A, m_W[54]); F3(A, B, C, D, E, m_W[55]);
+ F3(E, A, B, C, D, m_W[56]); F3(D, E, A, B, C, m_W[57]);
+ F3(C, D, E, A, B, m_W[58]); F3(B, C, D, E, A, m_W[59]);
+
+ F4(A, B, C, D, E, m_W[60]); F4(E, A, B, C, D, m_W[61]);
+ F4(D, E, A, B, C, m_W[62]); F4(C, D, E, A, B, m_W[63]);
+ F4(B, C, D, E, A, m_W[64]); F4(A, B, C, D, E, m_W[65]);
+ F4(E, A, B, C, D, m_W[66]); F4(D, E, A, B, C, m_W[67]);
+ F4(C, D, E, A, B, m_W[68]); F4(B, C, D, E, A, m_W[69]);
+ F4(A, B, C, D, E, m_W[70]); F4(E, A, B, C, D, m_W[71]);
+ F4(D, E, A, B, C, m_W[72]); F4(C, D, E, A, B, m_W[73]);
+ F4(B, C, D, E, A, m_W[74]); F4(A, B, C, D, E, m_W[75]);
+ F4(E, A, B, C, D, m_W[76]); F4(D, E, A, B, C, m_W[77]);
+ F4(C, D, E, A, B, m_W[78]); F4(B, C, D, E, A, m_W[79]);
+
+ A = (m_digest[0] += A);
+ B = (m_digest[1] += B);
+ C = (m_digest[2] += C);
+ D = (m_digest[3] += D);
+ E = (m_digest[4] += E);
input += hash_block_size();
}
@@ -138,7 +138,7 @@ void SHA_160::compress_n(const byte input[], size_t blocks)
*/
void SHA_160::copy_out(byte output[])
{
- copy_out_vec_be(output, output_length(), digest);
+ copy_out_vec_be(output, output_length(), m_digest);
}
/*
@@ -147,12 +147,12 @@ void SHA_160::copy_out(byte output[])
void SHA_160::clear()
{
MDx_HashFunction::clear();
- zeroise(W);
- digest[0] = 0x67452301;
- digest[1] = 0xEFCDAB89;
- digest[2] = 0x98BADCFE;
- digest[3] = 0x10325476;
- digest[4] = 0xC3D2E1F0;
+ zeroise(m_W);
+ m_digest[0] = 0x67452301;
+ m_digest[1] = 0xEFCDAB89;
+ m_digest[2] = 0x98BADCFE;
+ m_digest[3] = 0x10325476;
+ m_digest[4] = 0xC3D2E1F0;
}
}
diff --git a/src/lib/hash/sha1/sha160.h b/src/lib/hash/sha1/sha160.h
index 6328d74c4..b4a161c14 100644
--- a/src/lib/hash/sha1/sha160.h
+++ b/src/lib/hash/sha1/sha160.h
@@ -24,7 +24,7 @@ class BOTAN_DLL SHA_160 : public MDx_HashFunction
void clear() override;
- SHA_160() : MDx_HashFunction(64, true, true), digest(5), W(80)
+ SHA_160() : MDx_HashFunction(64, true, true), m_digest(5), m_W(80)
{
clear();
}
@@ -35,8 +35,8 @@ class BOTAN_DLL SHA_160 : public MDx_HashFunction
* constraints
* @param W_size how big to make W
*/
- SHA_160(size_t W_size) :
- MDx_HashFunction(64, true, true), digest(5), W(W_size)
+ explicit SHA_160(size_t W_size) :
+ MDx_HashFunction(64, true, true), m_digest(5), m_W(W_size)
{
clear();
}
@@ -47,12 +47,12 @@ class BOTAN_DLL SHA_160 : public MDx_HashFunction
/**
* The digest value, exposed for use by subclasses (asm, SSE2)
*/
- secure_vector<u32bit> digest;
+ secure_vector<u32bit> m_digest;
/**
* The message buffer, exposed for use by subclasses (asm, SSE2)
*/
- secure_vector<u32bit> W;
+ secure_vector<u32bit> m_W;
};
}
diff --git a/src/lib/hash/sha1_sse2/sha1_sse2.cpp b/src/lib/hash/sha1_sse2/sha1_sse2.cpp
index 2e0688185..14ad88bc4 100644
--- a/src/lib/hash/sha1_sse2/sha1_sse2.cpp
+++ b/src/lib/hash/sha1_sse2/sha1_sse2.cpp
@@ -161,11 +161,11 @@ void SHA_160_SSE2::compress_n(const byte input_bytes[], size_t blocks)
const __m128i K40_59 = _mm_set1_epi32(0x8F1BBCDC);
const __m128i K60_79 = _mm_set1_epi32(0xCA62C1D6);
- u32bit A = digest[0],
- B = digest[1],
- C = digest[2],
- D = digest[3],
- E = digest[4];
+ u32bit A = m_digest[0],
+ B = m_digest[1],
+ C = m_digest[2],
+ D = m_digest[3],
+ E = m_digest[4];
const __m128i* input = reinterpret_cast<const __m128i*>(input_bytes);
@@ -316,11 +316,11 @@ void SHA_160_SSE2::compress_n(const byte input_bytes[], size_t blocks)
F4(C, D, E, A, B, GET_P_32(P3, 2));
F4(B, C, D, E, A, GET_P_32(P3, 3));
- A = (digest[0] += A);
- B = (digest[1] += B);
- C = (digest[2] += C);
- D = (digest[3] += D);
- E = (digest[4] += E);
+ A = (m_digest[0] += A);
+ B = (m_digest[1] += B);
+ C = (m_digest[2] += C);
+ D = (m_digest[3] += D);
+ E = (m_digest[4] += E);
input += (hash_block_size() / 16);
}
diff --git a/src/lib/hash/sha1_sse2/sha1_sse2.h b/src/lib/hash/sha1_sse2/sha1_sse2.h
index 20bb63727..a38600762 100644
--- a/src/lib/hash/sha1_sse2/sha1_sse2.h
+++ b/src/lib/hash/sha1_sse2/sha1_sse2.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SHA-160 using SSE2 for the message expansion
*/
-class BOTAN_DLL SHA_160_SSE2 : public SHA_160
+class BOTAN_DLL SHA_160_SSE2 final : public SHA_160
{
public:
HashFunction* clone() const override { return new SHA_160_SSE2; }
diff --git a/src/lib/hash/sha2_32/sha2_32.cpp b/src/lib/hash/sha2_32/sha2_32.cpp
index 5215164cf..46551431c 100644
--- a/src/lib/hash/sha2_32/sha2_32.cpp
+++ b/src/lib/hash/sha2_32/sha2_32.cpp
@@ -161,7 +161,7 @@ void compress(secure_vector<u32bit>& digest,
*/
void SHA_224::compress_n(const byte input[], size_t blocks)
{
- SHA2_32::compress(digest, input, blocks);
+ SHA2_32::compress(m_digest, input, blocks);
}
/*
@@ -169,7 +169,7 @@ void SHA_224::compress_n(const byte input[], size_t blocks)
*/
void SHA_224::copy_out(byte output[])
{
- copy_out_vec_be(output, output_length(), digest);
+ copy_out_vec_be(output, output_length(), m_digest);
}
/*
@@ -178,14 +178,14 @@ void SHA_224::copy_out(byte output[])
void SHA_224::clear()
{
MDx_HashFunction::clear();
- digest[0] = 0xC1059ED8;
- digest[1] = 0x367CD507;
- digest[2] = 0x3070DD17;
- digest[3] = 0xF70E5939;
- digest[4] = 0xFFC00B31;
- digest[5] = 0x68581511;
- digest[6] = 0x64F98FA7;
- digest[7] = 0xBEFA4FA4;
+ m_digest[0] = 0xC1059ED8;
+ m_digest[1] = 0x367CD507;
+ m_digest[2] = 0x3070DD17;
+ m_digest[3] = 0xF70E5939;
+ m_digest[4] = 0xFFC00B31;
+ m_digest[5] = 0x68581511;
+ m_digest[6] = 0x64F98FA7;
+ m_digest[7] = 0xBEFA4FA4;
}
/*
@@ -193,7 +193,7 @@ void SHA_224::clear()
*/
void SHA_256::compress_n(const byte input[], size_t blocks)
{
- SHA2_32::compress(digest, input, blocks);
+ SHA2_32::compress(m_digest, input, blocks);
}
/*
@@ -201,7 +201,7 @@ void SHA_256::compress_n(const byte input[], size_t blocks)
*/
void SHA_256::copy_out(byte output[])
{
- copy_out_vec_be(output, output_length(), digest);
+ copy_out_vec_be(output, output_length(), m_digest);
}
/*
@@ -210,14 +210,14 @@ void SHA_256::copy_out(byte output[])
void SHA_256::clear()
{
MDx_HashFunction::clear();
- digest[0] = 0x6A09E667;
- digest[1] = 0xBB67AE85;
- digest[2] = 0x3C6EF372;
- digest[3] = 0xA54FF53A;
- digest[4] = 0x510E527F;
- digest[5] = 0x9B05688C;
- digest[6] = 0x1F83D9AB;
- digest[7] = 0x5BE0CD19;
+ m_digest[0] = 0x6A09E667;
+ m_digest[1] = 0xBB67AE85;
+ m_digest[2] = 0x3C6EF372;
+ m_digest[3] = 0xA54FF53A;
+ m_digest[4] = 0x510E527F;
+ m_digest[5] = 0x9B05688C;
+ m_digest[6] = 0x1F83D9AB;
+ m_digest[7] = 0x5BE0CD19;
}
}
diff --git a/src/lib/hash/sha2_32/sha2_32.h b/src/lib/hash/sha2_32/sha2_32.h
index e51087dc1..528fe9cfd 100644
--- a/src/lib/hash/sha2_32/sha2_32.h
+++ b/src/lib/hash/sha2_32/sha2_32.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* SHA-224
*/
-class BOTAN_DLL SHA_224 : public MDx_HashFunction
+class BOTAN_DLL SHA_224 final : public MDx_HashFunction
{
public:
std::string name() const override { return "SHA-224"; }
@@ -25,19 +25,19 @@ class BOTAN_DLL SHA_224 : public MDx_HashFunction
void clear() override;
- SHA_224() : MDx_HashFunction(64, true, true), digest(8)
+ SHA_224() : MDx_HashFunction(64, true, true), m_digest(8)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
- secure_vector<u32bit> digest;
+ secure_vector<u32bit> m_digest;
};
/**
* SHA-256
*/
-class BOTAN_DLL SHA_256 : public MDx_HashFunction
+class BOTAN_DLL SHA_256 final : public MDx_HashFunction
{
public:
std::string name() const override { return "SHA-256"; }
@@ -46,13 +46,13 @@ class BOTAN_DLL SHA_256 : public MDx_HashFunction
void clear() override;
- SHA_256() : MDx_HashFunction(64, true, true), digest(8)
+ SHA_256() : MDx_HashFunction(64, true, true), m_digest(8)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
void copy_out(byte[]) override;
- secure_vector<u32bit> digest;
+ secure_vector<u32bit> m_digest;
};
}
diff --git a/src/lib/hash/sha2_64/sha2_64.h b/src/lib/hash/sha2_64/sha2_64.h
index 736b33d12..a38f12dae 100644
--- a/src/lib/hash/sha2_64/sha2_64.h
+++ b/src/lib/hash/sha2_64/sha2_64.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* SHA-384
*/
-class BOTAN_DLL SHA_384 : public MDx_HashFunction
+class BOTAN_DLL SHA_384 final : public MDx_HashFunction
{
public:
std::string name() const override { return "SHA-384"; }
@@ -36,7 +36,7 @@ class BOTAN_DLL SHA_384 : public MDx_HashFunction
/**
* SHA-512
*/
-class BOTAN_DLL SHA_512 : public MDx_HashFunction
+class BOTAN_DLL SHA_512 final : public MDx_HashFunction
{
public:
std::string name() const override { return "SHA-512"; }
@@ -57,7 +57,7 @@ class BOTAN_DLL SHA_512 : public MDx_HashFunction
/**
* SHA-512/256
*/
-class BOTAN_DLL SHA_512_256 : public MDx_HashFunction
+class BOTAN_DLL SHA_512_256 final : public MDx_HashFunction
{
public:
std::string name() const override { return "SHA-512-256"; }
diff --git a/src/lib/hash/skein/skein_512.cpp b/src/lib/hash/skein/skein_512.cpp
index fe95dd7a5..86ea9e75a 100644
--- a/src/lib/hash/skein/skein_512.cpp
+++ b/src/lib/hash/skein/skein_512.cpp
@@ -19,12 +19,12 @@ Skein_512* Skein_512::make(const Spec& spec)
Skein_512::Skein_512(size_t arg_output_bits,
const std::string& arg_personalization) :
- personalization(arg_personalization),
- output_bits(arg_output_bits),
+ m_personalization(arg_personalization),
+ m_output_bits(arg_output_bits),
m_threefish(new Threefish_512),
- T(2), buffer(64), buf_pos(0)
+ m_T(2), m_buffer(64), m_buf_pos(0)
{
- if(output_bits == 0 || output_bits % 8 != 0 || output_bits > 512)
+ if(m_output_bits == 0 || m_output_bits % 8 != 0 || m_output_bits > 512)
throw Invalid_Argument("Bad output bits size for Skein-512");
initial_block();
@@ -32,32 +32,32 @@ Skein_512::Skein_512(size_t arg_output_bits,
std::string Skein_512::name() const
{
- if(personalization != "")
- return "Skein-512(" + std::to_string(output_bits) + "," +
- personalization + ")";
- return "Skein-512(" + std::to_string(output_bits) + ")";
+ if(m_personalization != "")
+ return "Skein-512(" + std::to_string(m_output_bits) + "," +
+ m_personalization + ")";
+ return "Skein-512(" + std::to_string(m_output_bits) + ")";
}
HashFunction* Skein_512::clone() const
{
- return new Skein_512(output_bits, personalization);
+ return new Skein_512(m_output_bits, m_personalization);
}
void Skein_512::clear()
{
- zeroise(buffer);
- buf_pos = 0;
+ zeroise(m_buffer);
+ m_buf_pos = 0;
initial_block();
}
-void Skein_512::reset_tweak(type_code type, bool final)
+void Skein_512::reset_tweak(type_code type, bool is_final)
{
- T[0] = 0;
+ m_T[0] = 0;
- T[1] = (static_cast<u64bit>(type) << 56) |
+ m_T[1] = (static_cast<u64bit>(type) << 56) |
(static_cast<u64bit>(1) << 62) |
- (static_cast<u64bit>(final) << 63);
+ (static_cast<u64bit>(is_final) << 63);
}
void Skein_512::initial_block()
@@ -68,24 +68,24 @@ void Skein_512::initial_block()
// ASCII("SHA3") followed by version (0x0001) code
byte config_str[32] = { 0x53, 0x48, 0x41, 0x33, 0x01, 0x00, 0 };
- store_le(u32bit(output_bits), config_str + 8);
+ store_le(u32bit(m_output_bits), config_str + 8);
reset_tweak(SKEIN_CONFIG, true);
ubi_512(config_str, sizeof(config_str));
- if(personalization != "")
+ if(m_personalization != "")
{
/*
This is a limitation of this implementation, and not of the
algorithm specification. Could be fixed relatively easily, but
doesn't seem worth the trouble.
*/
- if(personalization.length() > 64)
+ if(m_personalization.length() > 64)
throw Invalid_Argument("Skein personalization must be less than 64 bytes");
- const byte* bits = reinterpret_cast<const byte*>(personalization.data());
+ const byte* bits = reinterpret_cast<const byte*>(m_personalization.data());
reset_tweak(SKEIN_PERSONALIZATION, true);
- ubi_512(bits, personalization.length());
+ ubi_512(bits, m_personalization.length());
}
reset_tweak(SKEIN_MSG, false);
@@ -98,7 +98,7 @@ void Skein_512::ubi_512(const byte msg[], size_t msg_len)
do
{
const size_t to_proc = std::min<size_t>(msg_len, 64);
- T[0] += to_proc;
+ m_T[0] += to_proc;
load_le(M.data(), msg, to_proc / 8);
@@ -108,10 +108,10 @@ void Skein_512::ubi_512(const byte msg[], size_t msg_len)
M[to_proc/8] |= static_cast<u64bit>(msg[8*(to_proc/8)+j]) << (8*j);
}
- m_threefish->skein_feedfwd(M, T);
+ m_threefish->skein_feedfwd(M, m_T);
// clear first flag if set
- T[1] &= ~(static_cast<u64bit>(1) << 62);
+ m_T[1] &= ~(static_cast<u64bit>(1) << 62);
msg_len -= to_proc;
msg += to_proc;
@@ -123,16 +123,16 @@ void Skein_512::add_data(const byte input[], size_t length)
if(length == 0)
return;
- if(buf_pos)
+ if(m_buf_pos)
{
- buffer_insert(buffer, buf_pos, input, length);
- if(buf_pos + length > 64)
+ buffer_insert(m_buffer, m_buf_pos, input, length);
+ if(m_buf_pos + length > 64)
{
- ubi_512(buffer.data(), buffer.size());
+ ubi_512(m_buffer.data(), m_buffer.size());
- input += (64 - buf_pos);
- length -= (64 - buf_pos);
- buf_pos = 0;
+ input += (64 - m_buf_pos);
+ length -= (64 - m_buf_pos);
+ m_buf_pos = 0;
}
}
@@ -143,27 +143,27 @@ void Skein_512::add_data(const byte input[], size_t length)
length -= full_blocks * 64;
- buffer_insert(buffer, buf_pos, input + full_blocks * 64, length);
- buf_pos += length;
+ buffer_insert(m_buffer, m_buf_pos, input + full_blocks * 64, length);
+ m_buf_pos += length;
}
void Skein_512::final_result(byte out[])
{
- T[1] |= (static_cast<u64bit>(1) << 63); // final block flag
+ m_T[1] |= (static_cast<u64bit>(1) << 63); // final block flag
- for(size_t i = buf_pos; i != buffer.size(); ++i)
- buffer[i] = 0;
+ for(size_t i = m_buf_pos; i != m_buffer.size(); ++i)
+ m_buffer[i] = 0;
- ubi_512(buffer.data(), buf_pos);
+ ubi_512(m_buffer.data(), m_buf_pos);
const byte counter[8] = { 0 };
reset_tweak(SKEIN_OUTPUT, true);
ubi_512(counter, sizeof(counter));
- copy_out_vec_le(out, output_bits / 8, m_threefish->m_K);
+ copy_out_vec_le(out, m_output_bits / 8, m_threefish->m_K);
- buf_pos = 0;
+ m_buf_pos = 0;
initial_block();
}
diff --git a/src/lib/hash/skein/skein_512.h b/src/lib/hash/skein/skein_512.h
index dceb34854..001d9a991 100644
--- a/src/lib/hash/skein/skein_512.h
+++ b/src/lib/hash/skein/skein_512.h
@@ -18,7 +18,7 @@ namespace Botan {
/**
* Skein-512, a SHA-3 candidate
*/
-class BOTAN_DLL Skein_512 : public HashFunction
+class BOTAN_DLL Skein_512 final : public HashFunction
{
public:
/**
@@ -30,7 +30,7 @@ class BOTAN_DLL Skein_512 : public HashFunction
const std::string& personalization = "");
size_t hash_block_size() const override { return 64; }
- size_t output_length() const override { return output_bits / 8; }
+ size_t output_length() const override { return m_output_bits / 8; }
static Skein_512* make(const Spec& spec);
@@ -55,15 +55,15 @@ class BOTAN_DLL Skein_512 : public HashFunction
void ubi_512(const byte msg[], size_t msg_len);
void initial_block();
- void reset_tweak(type_code type, bool final);
+ void reset_tweak(type_code type, bool is_final);
- std::string personalization;
- size_t output_bits;
+ std::string m_personalization;
+ size_t m_output_bits;
std::unique_ptr<Threefish_512> m_threefish;
- secure_vector<u64bit> T;
- secure_vector<byte> buffer;
- size_t buf_pos;
+ secure_vector<u64bit> m_T;
+ secure_vector<byte> m_buffer;
+ size_t m_buf_pos;
};
}
diff --git a/src/lib/hash/tiger/tiger.cpp b/src/lib/hash/tiger/tiger.cpp
index 79708a902..1da38291c 100644
--- a/src/lib/hash/tiger/tiger.cpp
+++ b/src/lib/hash/tiger/tiger.cpp
@@ -44,26 +44,26 @@ inline void mix(secure_vector<u64bit>& X)
*/
void Tiger::compress_n(const byte input[], size_t blocks)
{
- u64bit A = digest[0], B = digest[1], C = digest[2];
+ u64bit A = m_digest[0], B = m_digest[1], C = m_digest[2];
for(size_t i = 0; i != blocks; ++i)
{
- load_le(X.data(), input, X.size());
+ load_le(m_X.data(), input, m_X.size());
- pass(A, B, C, X, 5); mix(X);
- pass(C, A, B, X, 7); mix(X);
- pass(B, C, A, X, 9);
+ pass(A, B, C, m_X, 5); mix(m_X);
+ pass(C, A, B, m_X, 7); mix(m_X);
+ pass(B, C, A, m_X, 9);
- for(size_t j = 3; j != passes; ++j)
+ for(size_t j = 3; j != m_passes; ++j)
{
- mix(X);
- pass(A, B, C, X, 9);
+ mix(m_X);
+ pass(A, B, C, m_X, 9);
u64bit T = A; A = C; C = B; B = T;
}
- A = (digest[0] ^= A);
- B = digest[1] = B - digest[1];
- C = (digest[2] += C);
+ A = (m_digest[0] ^= A);
+ B = m_digest[1] = B - m_digest[1];
+ C = (m_digest[2] += C);
input += hash_block_size();
}
@@ -74,7 +74,7 @@ void Tiger::compress_n(const byte input[], size_t blocks)
*/
void Tiger::copy_out(byte output[])
{
- copy_out_vec_le(output, output_length(), digest);
+ copy_out_vec_le(output, output_length(), m_digest);
}
/*
@@ -147,10 +147,10 @@ void Tiger::pass(u64bit& A, u64bit& B, u64bit& C,
void Tiger::clear()
{
MDx_HashFunction::clear();
- zeroise(X);
- digest[0] = 0x0123456789ABCDEF;
- digest[1] = 0xFEDCBA9876543210;
- digest[2] = 0xF096A5B4C3B2E187;
+ zeroise(m_X);
+ m_digest[0] = 0x0123456789ABCDEF;
+ m_digest[1] = 0xFEDCBA9876543210;
+ m_digest[2] = 0xF096A5B4C3B2E187;
}
/*
@@ -159,7 +159,7 @@ void Tiger::clear()
std::string Tiger::name() const
{
return "Tiger(" + std::to_string(output_length()) + "," +
- std::to_string(passes) + ")";
+ std::to_string(m_passes) + ")";
}
/*
@@ -167,10 +167,10 @@ std::string Tiger::name() const
*/
Tiger::Tiger(size_t hash_len, size_t passes) :
MDx_HashFunction(64, false, false),
- X(8),
- digest(3),
- hash_len(hash_len),
- passes(passes)
+ m_X(8),
+ m_digest(3),
+ m_hash_len(hash_len),
+ m_passes(passes)
{
if(output_length() != 16 && output_length() != 20 && output_length() != 24)
throw Invalid_Argument("Tiger: Illegal hash output size: " +
diff --git a/src/lib/hash/tiger/tiger.h b/src/lib/hash/tiger/tiger.h
index 986186dda..fb0524d44 100644
--- a/src/lib/hash/tiger/tiger.h
+++ b/src/lib/hash/tiger/tiger.h
@@ -15,15 +15,15 @@ namespace Botan {
/**
* Tiger
*/
-class BOTAN_DLL Tiger : public MDx_HashFunction
+class BOTAN_DLL Tiger final : public MDx_HashFunction
{
public:
std::string name() const override;
- size_t output_length() const override { return hash_len; }
+ size_t output_length() const override { return m_hash_len; }
HashFunction* clone() const override
{
- return new Tiger(output_length(), passes);
+ return new Tiger(output_length(), m_passes);
}
void clear() override;
@@ -46,8 +46,8 @@ class BOTAN_DLL Tiger : public MDx_HashFunction
static const u64bit SBOX3[256];
static const u64bit SBOX4[256];
- secure_vector<u64bit> X, digest;
- const size_t hash_len, passes;
+ secure_vector<u64bit> m_X, m_digest;
+ const size_t m_hash_len, m_passes;
};
}
diff --git a/src/lib/hash/whirlpool/whirlpool.cpp b/src/lib/hash/whirlpool/whirlpool.cpp
index 9bebdfa7c..5bf4c5246 100644
--- a/src/lib/hash/whirlpool/whirlpool.cpp
+++ b/src/lib/hash/whirlpool/whirlpool.cpp
@@ -24,15 +24,15 @@ void Whirlpool::compress_n(const byte in[], size_t blocks)
for(size_t i = 0; i != blocks; ++i)
{
- load_be(M.data(), in, M.size());
+ load_be(m_M.data(), in, m_M.size());
u64bit K0, K1, K2, K3, K4, K5, K6, K7;
- K0 = digest[0]; K1 = digest[1]; K2 = digest[2]; K3 = digest[3];
- K4 = digest[4]; K5 = digest[5]; K6 = digest[6]; K7 = digest[7];
+ K0 = m_digest[0]; K1 = m_digest[1]; K2 = m_digest[2]; K3 = m_digest[3];
+ K4 = m_digest[4]; K5 = m_digest[5]; K6 = m_digest[6]; K7 = m_digest[7];
u64bit B0, B1, B2, B3, B4, B5, B6, B7;
- B0 = K0 ^ M[0]; B1 = K1 ^ M[1]; B2 = K2 ^ M[2]; B3 = K3 ^ M[3];
- B4 = K4 ^ M[4]; B5 = K5 ^ M[5]; B6 = K6 ^ M[6]; B7 = K7 ^ M[7];
+ B0 = K0 ^ m_M[0]; B1 = K1 ^ m_M[1]; B2 = K2 ^ m_M[2]; B3 = K3 ^ m_M[3];
+ B4 = K4 ^ m_M[4]; B5 = K5 ^ m_M[5]; B6 = K6 ^ m_M[6]; B7 = K7 ^ m_M[7];
for(size_t j = 0; j != 10; ++j)
{
@@ -110,14 +110,14 @@ void Whirlpool::compress_n(const byte in[], size_t blocks)
B4 = T4; B5 = T5; B6 = T6; B7 = T7;
}
- digest[0] ^= B0 ^ M[0];
- digest[1] ^= B1 ^ M[1];
- digest[2] ^= B2 ^ M[2];
- digest[3] ^= B3 ^ M[3];
- digest[4] ^= B4 ^ M[4];
- digest[5] ^= B5 ^ M[5];
- digest[6] ^= B6 ^ M[6];
- digest[7] ^= B7 ^ M[7];
+ m_digest[0] ^= B0 ^ m_M[0];
+ m_digest[1] ^= B1 ^ m_M[1];
+ m_digest[2] ^= B2 ^ m_M[2];
+ m_digest[3] ^= B3 ^ m_M[3];
+ m_digest[4] ^= B4 ^ m_M[4];
+ m_digest[5] ^= B5 ^ m_M[5];
+ m_digest[6] ^= B6 ^ m_M[6];
+ m_digest[7] ^= B7 ^ m_M[7];
in += hash_block_size();
}
@@ -128,7 +128,7 @@ void Whirlpool::compress_n(const byte in[], size_t blocks)
*/
void Whirlpool::copy_out(byte output[])
{
- copy_out_vec_be(output, output_length(), digest);
+ copy_out_vec_be(output, output_length(), m_digest);
}
/*
@@ -137,8 +137,8 @@ void Whirlpool::copy_out(byte output[])
void Whirlpool::clear()
{
MDx_HashFunction::clear();
- zeroise(M);
- zeroise(digest);
+ zeroise(m_M);
+ zeroise(m_digest);
}
}
diff --git a/src/lib/hash/whirlpool/whrlpool.h b/src/lib/hash/whirlpool/whrlpool.h
index ba91da080..d7db1de28 100644
--- a/src/lib/hash/whirlpool/whrlpool.h
+++ b/src/lib/hash/whirlpool/whrlpool.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Whirlpool
*/
-class BOTAN_DLL Whirlpool : public MDx_HashFunction
+class BOTAN_DLL Whirlpool final : public MDx_HashFunction
{
public:
std::string name() const override { return "Whirlpool"; }
@@ -24,7 +24,7 @@ class BOTAN_DLL Whirlpool : public MDx_HashFunction
void clear() override;
- Whirlpool() : MDx_HashFunction(64, true, true, 32), M(8), digest(8)
+ Whirlpool() : MDx_HashFunction(64, true, true, 32), m_M(8), m_digest(8)
{ clear(); }
private:
void compress_n(const byte[], size_t blocks) override;
@@ -39,7 +39,7 @@ class BOTAN_DLL Whirlpool : public MDx_HashFunction
static const u64bit C6[256];
static const u64bit C7[256];
- secure_vector<u64bit> M, digest;
+ secure_vector<u64bit> m_M, m_digest;
};
}
diff --git a/src/lib/kdf/hkdf/hkdf.h b/src/lib/kdf/hkdf/hkdf.h
index d8389a886..3e3e2b73a 100644
--- a/src/lib/kdf/hkdf/hkdf.h
+++ b/src/lib/kdf/hkdf/hkdf.h
@@ -18,10 +18,10 @@ namespace Botan {
* HKDF, see @rfc 5869 for details
* This is only the expansion portion of HKDF
*/
-class BOTAN_DLL HKDF : public KDF
+class BOTAN_DLL HKDF final : public KDF
{
public:
- HKDF(MessageAuthenticationCode* prf) : m_prf(prf) {}
+ explicit HKDF(MessageAuthenticationCode* prf) : m_prf(prf) {}
static HKDF* make(const Spec& spec);
diff --git a/src/lib/kdf/kdf.cpp b/src/lib/kdf/kdf.cpp
index cf13c4803..45ee165e0 100644
--- a/src/lib/kdf/kdf.cpp
+++ b/src/lib/kdf/kdf.cpp
@@ -48,7 +48,7 @@ KDF::~KDF() {}
std::unique_ptr<KDF> KDF::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<KDF>(make_a<KDF>(algo_spec, provider));
+ return std::unique_ptr<KDF>(make_a<KDF>(Botan::KDF::Spec(algo_spec), provider));
}
std::vector<std::string> KDF::providers(const std::string& algo_spec)
diff --git a/src/lib/kdf/kdf1/kdf1.h b/src/lib/kdf/kdf1/kdf1.h
index a22d19d97..adaa84894 100644
--- a/src/lib/kdf/kdf1/kdf1.h
+++ b/src/lib/kdf/kdf1/kdf1.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* KDF1, from IEEE 1363
*/
-class BOTAN_DLL KDF1 : public KDF
+class BOTAN_DLL KDF1 final : public KDF
{
public:
std::string name() const override { return "KDF1(" + m_hash->name() + ")"; }
@@ -27,7 +27,7 @@ class BOTAN_DLL KDF1 : public KDF
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const override;
- KDF1(HashFunction* h) : m_hash(h) {}
+ explicit KDF1(HashFunction* h) : m_hash(h) {}
private:
std::unique_ptr<HashFunction> m_hash;
};
diff --git a/src/lib/kdf/kdf2/kdf2.h b/src/lib/kdf/kdf2/kdf2.h
index e8a8be1fa..7403df21c 100644
--- a/src/lib/kdf/kdf2/kdf2.h
+++ b/src/lib/kdf/kdf2/kdf2.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* KDF2, from IEEE 1363
*/
-class BOTAN_DLL KDF2 : public KDF
+class BOTAN_DLL KDF2 final : public KDF
{
public:
std::string name() const override { return "KDF2(" + m_hash->name() + ")"; }
@@ -27,7 +27,7 @@ class BOTAN_DLL KDF2 : public KDF
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const override;
- KDF2(HashFunction* h) : m_hash(h) {}
+ explicit KDF2(HashFunction* h) : m_hash(h) {}
private:
std::unique_ptr<HashFunction> m_hash;
};
diff --git a/src/lib/kdf/prf_tls/prf_tls.h b/src/lib/kdf/prf_tls/prf_tls.h
index bb7cc2c4f..a51006d88 100644
--- a/src/lib/kdf/prf_tls/prf_tls.h
+++ b/src/lib/kdf/prf_tls/prf_tls.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* PRF used in TLS 1.0/1.1
*/
-class BOTAN_DLL TLS_PRF : public KDF
+class BOTAN_DLL TLS_PRF final : public KDF
{
public:
std::string name() const override { return "TLS-PRF"; }
@@ -36,7 +36,7 @@ class BOTAN_DLL TLS_PRF : public KDF
/**
* PRF used in TLS 1.2
*/
-class BOTAN_DLL TLS_12_PRF : public KDF
+class BOTAN_DLL TLS_12_PRF final : public KDF
{
public:
std::string name() const override { return "TLS-12-PRF(" + m_mac->name() + ")"; }
@@ -47,7 +47,7 @@ class BOTAN_DLL TLS_12_PRF : public KDF
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const override;
- TLS_12_PRF(MessageAuthenticationCode* mac) : m_mac(mac) {}
+ explicit TLS_12_PRF(MessageAuthenticationCode* mac) : m_mac(mac) {}
static TLS_12_PRF* make(const Spec& spec);
private:
diff --git a/src/lib/kdf/prf_x942/prf_x942.h b/src/lib/kdf/prf_x942/prf_x942.h
index d0b23067c..c15be9845 100644
--- a/src/lib/kdf/prf_x942/prf_x942.h
+++ b/src/lib/kdf/prf_x942/prf_x942.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* PRF from ANSI X9.42
*/
-class BOTAN_DLL X942_PRF : public KDF
+class BOTAN_DLL X942_PRF final : public KDF
{
public:
std::string name() const override { return "X942_PRF(" + m_key_wrap_oid + ")"; }
@@ -26,7 +26,7 @@ class BOTAN_DLL X942_PRF : public KDF
const byte secret[], size_t secret_len,
const byte salt[], size_t salt_len) const override;
- X942_PRF(const std::string& oid);
+ explicit X942_PRF(const std::string& oid);
private:
std::string m_key_wrap_oid;
};
diff --git a/src/lib/mac/cbc_mac/cbc_mac.h b/src/lib/mac/cbc_mac/cbc_mac.h
index f1c6d5230..cd2ebd18f 100644
--- a/src/lib/mac/cbc_mac/cbc_mac.h
+++ b/src/lib/mac/cbc_mac/cbc_mac.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* CBC-MAC
*/
-class BOTAN_DLL CBC_MAC : public MessageAuthenticationCode
+class BOTAN_DLL CBC_MAC final : public MessageAuthenticationCode
{
public:
std::string name() const override;
@@ -32,7 +32,7 @@ class BOTAN_DLL CBC_MAC : public MessageAuthenticationCode
/**
* @param cipher the underlying block cipher to use
*/
- CBC_MAC(BlockCipher* cipher);
+ explicit CBC_MAC(BlockCipher* cipher);
static CBC_MAC* make(const Spec& spec);
private:
diff --git a/src/lib/mac/cmac/cmac.h b/src/lib/mac/cmac/cmac.h
index 4f8d22b76..0e973b79d 100644
--- a/src/lib/mac/cmac/cmac.h
+++ b/src/lib/mac/cmac/cmac.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* CMAC, also known as OMAC1
*/
-class BOTAN_DLL CMAC : public MessageAuthenticationCode
+class BOTAN_DLL CMAC final : public MessageAuthenticationCode
{
public:
std::string name() const override;
@@ -40,7 +40,7 @@ class BOTAN_DLL CMAC : public MessageAuthenticationCode
/**
* @param cipher the underlying block cipher to use
*/
- CMAC(BlockCipher* cipher);
+ explicit CMAC(BlockCipher* cipher);
static CMAC* make(const Spec& spec);
diff --git a/src/lib/mac/hmac/hmac.h b/src/lib/mac/hmac/hmac.h
index 3f5652352..654a167e7 100644
--- a/src/lib/mac/hmac/hmac.h
+++ b/src/lib/mac/hmac/hmac.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* HMAC
*/
-class BOTAN_DLL HMAC : public MessageAuthenticationCode
+class BOTAN_DLL HMAC final : public MessageAuthenticationCode
{
public:
void clear() override;
@@ -34,7 +34,7 @@ class BOTAN_DLL HMAC : public MessageAuthenticationCode
/**
* @param hash the hash to use for HMACing
*/
- HMAC(HashFunction* hash);
+ explicit HMAC(HashFunction* hash);
static HMAC* make(const Spec& spec);
diff --git a/src/lib/mac/mac.cpp b/src/lib/mac/mac.cpp
index 8c1185c55..a3917141d 100644
--- a/src/lib/mac/mac.cpp
+++ b/src/lib/mac/mac.cpp
@@ -38,7 +38,7 @@ namespace Botan {
std::unique_ptr<MessageAuthenticationCode> MessageAuthenticationCode::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<MessageAuthenticationCode>(make_a<MessageAuthenticationCode>(algo_spec, provider));
+ return std::unique_ptr<MessageAuthenticationCode>(make_a<MessageAuthenticationCode>(MessageAuthenticationCode::Spec(algo_spec), provider));
}
std::vector<std::string> MessageAuthenticationCode::providers(const std::string& algo_spec)
diff --git a/src/lib/mac/poly1305/poly1305.h b/src/lib/mac/poly1305/poly1305.h
index 20bc9b5ad..740313122 100644
--- a/src/lib/mac/poly1305/poly1305.h
+++ b/src/lib/mac/poly1305/poly1305.h
@@ -17,7 +17,7 @@ namespace Botan {
* DJB's Poly1305
* Important note: each key can only be used once
*/
-class BOTAN_DLL Poly1305 : public MessageAuthenticationCode
+class BOTAN_DLL Poly1305 final : public MessageAuthenticationCode
{
public:
std::string name() const override { return "Poly1305"; }
diff --git a/src/lib/mac/siphash/siphash.h b/src/lib/mac/siphash/siphash.h
index 574835ca4..d774fe5e7 100644
--- a/src/lib/mac/siphash/siphash.h
+++ b/src/lib/mac/siphash/siphash.h
@@ -12,7 +12,7 @@
namespace Botan {
-class BOTAN_DLL SipHash : public MessageAuthenticationCode
+class BOTAN_DLL SipHash final : public MessageAuthenticationCode
{
public:
SipHash(size_t c = 2, size_t d = 4) : m_C(c), m_D(d) {}
diff --git a/src/lib/mac/x919_mac/x919_mac.h b/src/lib/mac/x919_mac/x919_mac.h
index 9cdcd1527..904931d20 100644
--- a/src/lib/mac/x919_mac/x919_mac.h
+++ b/src/lib/mac/x919_mac/x919_mac.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* DES/3DES-based MAC from ANSI X9.19
*/
-class BOTAN_DLL ANSI_X919_MAC : public MessageAuthenticationCode
+class BOTAN_DLL ANSI_X919_MAC final : public MessageAuthenticationCode
{
public:
void clear() override;
diff --git a/src/lib/math/ec_gfp/curve_gfp.cpp b/src/lib/math/ec_gfp/curve_gfp.cpp
index 96fe873af..9bf2191c6 100644
--- a/src/lib/math/ec_gfp/curve_gfp.cpp
+++ b/src/lib/math/ec_gfp/curve_gfp.cpp
@@ -14,7 +14,7 @@ namespace Botan {
namespace {
-class CurveGFp_Montgomery : public CurveGFp_Repr
+class CurveGFp_Montgomery final : public CurveGFp_Repr
{
public:
CurveGFp_Montgomery(const BigInt& p, const BigInt& a, const BigInt& b) :
@@ -80,6 +80,9 @@ void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
return;
}
+ const size_t x_sw = x.sig_words();
+ const size_t y_sw = y.sig_words();
+
const size_t output_size = 2*m_p_words + 1;
ws.resize(2*(m_p_words+2));
@@ -87,8 +90,8 @@ void CurveGFp_Montgomery::curve_mul(BigInt& z, const BigInt& x, const BigInt& y,
z.clear();
bigint_monty_mul(z.mutable_data(), output_size,
- x.data(), x.size(), x.sig_words(),
- y.data(), y.size(), y.sig_words(),
+ x.data(), x.size(), x_sw,
+ y.data(), y.size(), y_sw,
m_p.data(), m_p_words, m_p_dash,
ws.data());
}
@@ -102,6 +105,9 @@ void CurveGFp_Montgomery::curve_sqr(BigInt& z, const BigInt& x,
return;
}
+ const size_t x_sw = x.sig_words();
+ BOTAN_ASSERT(x_sw <= m_p_words, "Input in range");
+
const size_t output_size = 2*m_p_words + 1;
ws.resize(2*(m_p_words+2));
@@ -110,7 +116,7 @@ void CurveGFp_Montgomery::curve_sqr(BigInt& z, const BigInt& x,
z.clear();
bigint_monty_sqr(z.mutable_data(), output_size,
- x.data(), x.size(), x.sig_words(),
+ x.data(), x.size(), x_sw,
m_p.data(), m_p_words, m_p_dash,
ws.data());
}
@@ -203,7 +209,7 @@ void CurveGFp_NIST::curve_sqr(BigInt& z, const BigInt& x,
/**
* The NIST P-192 curve
*/
-class CurveGFp_P192 : public CurveGFp_NIST
+class CurveGFp_P192 final : public CurveGFp_NIST
{
public:
CurveGFp_P192(const BigInt& a, const BigInt& b) : CurveGFp_NIST(192, a, b) {}
@@ -215,7 +221,7 @@ class CurveGFp_P192 : public CurveGFp_NIST
/**
* The NIST P-224 curve
*/
-class CurveGFp_P224 : public CurveGFp_NIST
+class CurveGFp_P224 final : public CurveGFp_NIST
{
public:
CurveGFp_P224(const BigInt& a, const BigInt& b) : CurveGFp_NIST(224, a, b) {}
@@ -227,7 +233,7 @@ class CurveGFp_P224 : public CurveGFp_NIST
/**
* The NIST P-256 curve
*/
-class CurveGFp_P256 : public CurveGFp_NIST
+class CurveGFp_P256 final : public CurveGFp_NIST
{
public:
CurveGFp_P256(const BigInt& a, const BigInt& b) : CurveGFp_NIST(256, a, b) {}
@@ -239,7 +245,7 @@ class CurveGFp_P256 : public CurveGFp_NIST
/**
* The NIST P-384 curve
*/
-class CurveGFp_P384 : public CurveGFp_NIST
+class CurveGFp_P384 final : public CurveGFp_NIST
{
public:
CurveGFp_P384(const BigInt& a, const BigInt& b) : CurveGFp_NIST(384, a, b) {}
@@ -253,7 +259,7 @@ class CurveGFp_P384 : public CurveGFp_NIST
/**
* The NIST P-521 curve
*/
-class CurveGFp_P521 : public CurveGFp_NIST
+class CurveGFp_P521 final : public CurveGFp_NIST
{
public:
CurveGFp_P521(const BigInt& a, const BigInt& b) : CurveGFp_NIST(521, a, b) {}
diff --git a/src/lib/math/ec_gfp/curve_nistp.cpp b/src/lib/math/ec_gfp/curve_nistp.cpp
index bbc11ff21..c153340e9 100644
--- a/src/lib/math/ec_gfp/curve_nistp.cpp
+++ b/src/lib/math/ec_gfp/curve_nistp.cpp
@@ -32,8 +32,11 @@ void normalize(const BigInt& p, BigInt& x, secure_vector<word>& ws, size_t bound
const word* xd = x.data();
word borrow = 0;
- for(size_t i = 0; i != p_words; ++i)
- ws[i] = word_sub(xd[i], prime[i], &borrow);
+ for(size_t j = 0; j != p_words; ++j)
+ {
+ ws[j] = word_sub(xd[j], prime[j], &borrow);
+ }
+
ws[p_words] = word_sub(xd[p_words], 0, &borrow);
if(borrow)
@@ -72,7 +75,8 @@ void redc_p521(BigInt& x, secure_vector<word>& ws)
x.mask_bits(521);
- bigint_add3(x.mutable_data(), x.data(), p_words, ws.data(), p_words);
+ word carry = bigint_add3_nc(x.mutable_data(), x.data(), p_words, ws.data(), p_words);
+ BOTAN_ASSERT_EQUAL(carry, 0, "Final final carry in P-521 reduction");
normalize(prime_p521(), x, ws, 1);
}
diff --git a/src/lib/math/ec_gfp/point_gfp.cpp b/src/lib/math/ec_gfp/point_gfp.cpp
index 93508ba55..f15911db0 100644
--- a/src/lib/math/ec_gfp/point_gfp.cpp
+++ b/src/lib/math/ec_gfp/point_gfp.cpp
@@ -32,6 +32,11 @@ PointGFp::PointGFp(const CurveGFp& curve, const BigInt& x, const BigInt& y) :
m_coord_y(y),
m_coord_z(1)
{
+ if(x <= 0 || x >= curve.get_p())
+ throw Invalid_Argument("Invalid PointGFp affine x");
+ if(y <= 0 || y >= curve.get_p())
+ throw Invalid_Argument("Invalid PointGFp affine y");
+
m_curve.to_rep(m_coord_x, m_monty_ws);
m_curve.to_rep(m_coord_y, m_monty_ws);
m_curve.to_rep(m_coord_z, m_monty_ws);
@@ -283,24 +288,6 @@ PointGFp operator*(const BigInt& scalar, const PointGFp& point)
std::vector<BigInt> ws(9);
- if(scalar_bits <= 2)
- {
- const byte abs_val = scalar.byte_at(0);
-
- if(abs_val == 0)
- return PointGFp::zero_of(curve);
-
- PointGFp result = point;
-
- if(abs_val == 2)
- result.mult2(ws);
-
- if(scalar.is_negative())
- result.negate();
-
- return result;
- }
-
PointGFp R[2] = { PointGFp(curve), point };
for(size_t i = scalar_bits; i > 0; i--)
@@ -434,8 +421,8 @@ PointGFp Blinded_Point_Multiply::blinded_multiply(const BigInt& scalar_in,
for(size_t i = 0; i != m_h; ++i)
R.mult2(m_ws);
- const u32bit nibble = scalar.get_substring((windows-1)*m_h, m_h);
- R.add(m_U[nibble], m_ws);
+ const u32bit inner_nibble = scalar.get_substring((windows-1)*m_h, m_h);
+ R.add(m_U[inner_nibble], m_ws);
windows--;
}
}
diff --git a/src/lib/math/ec_gfp/point_gfp.h b/src/lib/math/ec_gfp/point_gfp.h
index 206e43155..c64963683 100644
--- a/src/lib/math/ec_gfp/point_gfp.h
+++ b/src/lib/math/ec_gfp/point_gfp.h
@@ -21,7 +21,7 @@ namespace Botan {
*/
struct BOTAN_DLL Illegal_Transformation : public Exception
{
- Illegal_Transformation(const std::string& err =
+ explicit Illegal_Transformation(const std::string& err =
"Requested transformation is not possible") :
Exception(err) {}
};
@@ -31,7 +31,7 @@ struct BOTAN_DLL Illegal_Transformation : public Exception
*/
struct BOTAN_DLL Illegal_Point : public Exception
{
- Illegal_Point(const std::string& err = "Malformed ECP point detected") :
+ explicit Illegal_Point(const std::string& err = "Malformed ECP point detected") :
Exception(err) {}
};
@@ -56,7 +56,7 @@ class BOTAN_DLL PointGFp
* Construct the zero point
* @param curve The base curve
*/
- PointGFp(const CurveGFp& curve);
+ explicit PointGFp(const CurveGFp& curve);
static PointGFp zero_of(const CurveGFp& curve)
{
diff --git a/src/lib/math/mp/info.txt b/src/lib/math/mp/info.txt
index a47475f7b..6aa0142f3 100644
--- a/src/lib/math/mp/info.txt
+++ b/src/lib/math/mp/info.txt
@@ -1,11 +1,10 @@
-define BIGINT_MP 20131128
+define BIGINT_MP 20151225
<source>
mp_asm.cpp
mp_comba.cpp
mp_karat.cpp
mp_monty.cpp
-mp_mulop.cpp
mp_misc.cpp
mp_shift.cpp
</source>
diff --git a/src/lib/math/mp/mp_asm.cpp b/src/lib/math/mp/mp_asm.cpp
index cc573a792..cfbb027d7 100644
--- a/src/lib/math/mp/mp_asm.cpp
+++ b/src/lib/math/mp/mp_asm.cpp
@@ -1,6 +1,6 @@
/*
-* Lowest Level MPI Algorithms
-* (C) 1999-2010 Jack Lloyd
+* MPI Add, Subtract, Word Multiply
+* (C) 1999-2010,2016 Jack Lloyd
* 2006 Luca Piccarreta
*
* Botan is released under the Simplified BSD License (see license.txt)
@@ -9,12 +9,83 @@
#include <botan/internal/mp_core.h>
#include <botan/internal/mp_asmi.h>
#include <botan/internal/mp_core.h>
+#include <botan/internal/ct_utils.h>
#include <botan/exceptn.h>
#include <botan/mem_ops.h>
namespace Botan {
/*
+* If cond == 0, does nothing.
+* If cond > 0, swaps x[0:size] with y[0:size]
+* Runs in constant time
+*/
+void bigint_cnd_swap(word cnd, word x[], word y[], size_t size)
+ {
+ const word mask = CT::expand_mask(cnd);
+
+ for(size_t i = 0; i != size; ++i)
+ {
+ word a = x[i];
+ word b = y[i];
+ x[i] = CT::select(mask, b, a);
+ y[i] = CT::select(mask, a, b);
+ }
+ }
+
+/*
+* If cond > 0 adds x[0:size] to y[0:size] and returns carry
+* Runs in constant time
+*/
+word bigint_cnd_add(word cnd, word x[], const word y[], size_t size)
+ {
+ const word mask = CT::expand_mask(cnd);
+
+ word carry = 0;
+ for(size_t i = 0; i != size; ++i)
+ {
+ /*
+ Here we are relying on asm version of word_add being
+ a single addcl or equivalent. Fix this.
+ */
+ const word z = word_add(x[i], y[i], &carry);
+ x[i] = CT::select(mask, z, x[i]);
+ }
+
+ return carry & mask;
+ }
+
+/*
+* If cond > 0 subs x[0:size] to y[0:size] and returns borrow
+* Runs in constant time
+*/
+word bigint_cnd_sub(word cnd, word x[], const word y[], size_t size)
+ {
+ const word mask = CT::expand_mask(cnd);
+
+ word carry = 0;
+ for(size_t i = 0; i != size; ++i)
+ {
+ const word z = word_sub(x[i], y[i], &carry);
+ x[i] = CT::select(mask, z, x[i]);
+ }
+
+ return carry & mask;
+ }
+
+void bigint_cnd_abs(word cnd, word x[], size_t size)
+ {
+ const word mask = CT::expand_mask(cnd);
+
+ word carry = mask & 1;
+ for(size_t i = 0; i != size; ++i)
+ {
+ const word z = word_add(~x[i], 0, &carry);
+ x[i] = CT::select(mask, z, x[i]);
+ }
+ }
+
+/*
* Two Operand Addition, No Carry
*/
word bigint_add2_nc(word x[], size_t x_size, const word y[], size_t y_size)
diff --git a/src/lib/math/mp/mp_comba.cpp b/src/lib/math/mp/mp_comba.cpp
index 0170c9fcd..647cb68cd 100644
--- a/src/lib/math/mp/mp_comba.cpp
+++ b/src/lib/math/mp/mp_comba.cpp
@@ -1,6 +1,7 @@
/*
* Comba Multiplication and Squaring
-* (C) 1999-2007,2011,2014 Jack Lloyd
+*
+* This file was automatically generated by ./src/scripts/comba.py on 2016-01-01
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -17,14 +18,14 @@ void bigint_comba_sqr4(word z[8], const word x[4])
{
word w2 = 0, w1 = 0, w0 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
+ word3_muladd (&w2, &w1, &w0, x[ 0], x[ 0]);
z[ 0] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
z[ 1] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
- word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
+ word3_muladd (&w1, &w0, &w2, x[ 1], x[ 1]);
z[ 2] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
@@ -32,13 +33,13 @@ void bigint_comba_sqr4(word z[8], const word x[4])
z[ 3] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
- word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
+ word3_muladd (&w0, &w2, &w1, x[ 2], x[ 2]);
z[ 4] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 3]);
z[ 5] = w2; w2 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
+ word3_muladd (&w2, &w1, &w0, x[ 3], x[ 3]);
z[ 6] = w0;
z[ 7] = w1;
}
@@ -89,14 +90,14 @@ void bigint_comba_sqr6(word z[12], const word x[6])
{
word w2 = 0, w1 = 0, w0 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
+ word3_muladd (&w2, &w1, &w0, x[ 0], x[ 0]);
z[ 0] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
z[ 1] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
- word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
+ word3_muladd (&w1, &w0, &w2, x[ 1], x[ 1]);
z[ 2] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
@@ -105,7 +106,7 @@ void bigint_comba_sqr6(word z[12], const word x[6])
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
- word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
+ word3_muladd (&w0, &w2, &w1, x[ 2], x[ 2]);
z[ 4] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
@@ -115,7 +116,7 @@ void bigint_comba_sqr6(word z[12], const word x[6])
word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
- word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
+ word3_muladd (&w2, &w1, &w0, x[ 3], x[ 3]);
z[ 6] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 5]);
@@ -123,13 +124,13 @@ void bigint_comba_sqr6(word z[12], const word x[6])
z[ 7] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
- word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
+ word3_muladd (&w1, &w0, &w2, x[ 4], x[ 4]);
z[ 8] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 5]);
z[ 9] = w0; w0 = 0;
- word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
+ word3_muladd (&w0, &w2, &w1, x[ 5], x[ 5]);
z[10] = w1;
z[11] = w2;
}
@@ -208,14 +209,14 @@ void bigint_comba_sqr8(word z[16], const word x[8])
{
word w2 = 0, w1 = 0, w0 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
+ word3_muladd (&w2, &w1, &w0, x[ 0], x[ 0]);
z[ 0] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
z[ 1] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
- word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
+ word3_muladd (&w1, &w0, &w2, x[ 1], x[ 1]);
z[ 2] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
@@ -224,7 +225,7 @@ void bigint_comba_sqr8(word z[16], const word x[8])
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
- word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
+ word3_muladd (&w0, &w2, &w1, x[ 2], x[ 2]);
z[ 4] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
@@ -235,7 +236,7 @@ void bigint_comba_sqr8(word z[16], const word x[8])
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
- word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
+ word3_muladd (&w2, &w1, &w0, x[ 3], x[ 3]);
z[ 6] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
@@ -247,7 +248,7 @@ void bigint_comba_sqr8(word z[16], const word x[8])
word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
- word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
+ word3_muladd (&w1, &w0, &w2, x[ 4], x[ 4]);
z[ 8] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 7]);
@@ -257,7 +258,7 @@ void bigint_comba_sqr8(word z[16], const word x[8])
word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
- word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
+ word3_muladd (&w0, &w2, &w1, x[ 5], x[ 5]);
z[10] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 4], x[ 7]);
@@ -265,13 +266,13 @@ void bigint_comba_sqr8(word z[16], const word x[8])
z[11] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
- word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
+ word3_muladd (&w2, &w1, &w0, x[ 6], x[ 6]);
z[12] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 6], x[ 7]);
z[13] = w1; w1 = 0;
- word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
+ word3_muladd (&w1, &w0, &w2, x[ 7], x[ 7]);
z[14] = w2;
z[15] = w0;
}
@@ -386,14 +387,14 @@ void bigint_comba_sqr9(word z[18], const word x[9])
{
word w2 = 0, w1 = 0, w0 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
+ word3_muladd (&w2, &w1, &w0, x[ 0], x[ 0]);
z[ 0] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
z[ 1] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
- word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
+ word3_muladd (&w1, &w0, &w2, x[ 1], x[ 1]);
z[ 2] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
@@ -402,7 +403,7 @@ void bigint_comba_sqr9(word z[18], const word x[9])
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
- word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
+ word3_muladd (&w0, &w2, &w1, x[ 2], x[ 2]);
z[ 4] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
@@ -413,7 +414,7 @@ void bigint_comba_sqr9(word z[18], const word x[9])
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
- word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
+ word3_muladd (&w2, &w1, &w0, x[ 3], x[ 3]);
z[ 6] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
@@ -426,7 +427,7 @@ void bigint_comba_sqr9(word z[18], const word x[9])
word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
- word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
+ word3_muladd (&w1, &w0, &w2, x[ 4], x[ 4]);
z[ 8] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 8]);
@@ -438,7 +439,7 @@ void bigint_comba_sqr9(word z[18], const word x[9])
word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 8]);
word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
- word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
+ word3_muladd (&w0, &w2, &w1, x[ 5], x[ 5]);
z[10] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 8]);
@@ -448,7 +449,7 @@ void bigint_comba_sqr9(word z[18], const word x[9])
word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 8]);
word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
- word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
+ word3_muladd (&w2, &w1, &w0, x[ 6], x[ 6]);
z[12] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 5], x[ 8]);
@@ -456,13 +457,13 @@ void bigint_comba_sqr9(word z[18], const word x[9])
z[13] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 6], x[ 8]);
- word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
+ word3_muladd (&w1, &w0, &w2, x[ 7], x[ 7]);
z[14] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 7], x[ 8]);
z[15] = w0; w0 = 0;
- word3_muladd(&w0, &w2, &w1, x[ 8], x[ 8]);
+ word3_muladd (&w0, &w2, &w1, x[ 8], x[ 8]);
z[16] = w1;
z[17] = w2;
}
@@ -598,14 +599,14 @@ void bigint_comba_sqr16(word z[32], const word x[16])
{
word w2 = 0, w1 = 0, w0 = 0;
- word3_muladd(&w2, &w1, &w0, x[ 0], x[ 0]);
+ word3_muladd (&w2, &w1, &w0, x[ 0], x[ 0]);
z[ 0] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 1]);
z[ 1] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 2]);
- word3_muladd(&w1, &w0, &w2, x[ 1], x[ 1]);
+ word3_muladd (&w1, &w0, &w2, x[ 1], x[ 1]);
z[ 2] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 3]);
@@ -614,7 +615,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 4]);
word3_muladd_2(&w0, &w2, &w1, x[ 1], x[ 3]);
- word3_muladd(&w0, &w2, &w1, x[ 2], x[ 2]);
+ word3_muladd (&w0, &w2, &w1, x[ 2], x[ 2]);
z[ 4] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[ 5]);
@@ -625,7 +626,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 6]);
word3_muladd_2(&w2, &w1, &w0, x[ 1], x[ 5]);
word3_muladd_2(&w2, &w1, &w0, x[ 2], x[ 4]);
- word3_muladd(&w2, &w1, &w0, x[ 3], x[ 3]);
+ word3_muladd (&w2, &w1, &w0, x[ 3], x[ 3]);
z[ 6] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[ 7]);
@@ -638,7 +639,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w1, &w0, &w2, x[ 1], x[ 7]);
word3_muladd_2(&w1, &w0, &w2, x[ 2], x[ 6]);
word3_muladd_2(&w1, &w0, &w2, x[ 3], x[ 5]);
- word3_muladd(&w1, &w0, &w2, x[ 4], x[ 4]);
+ word3_muladd (&w1, &w0, &w2, x[ 4], x[ 4]);
z[ 8] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[ 9]);
@@ -653,7 +654,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w0, &w2, &w1, x[ 2], x[ 8]);
word3_muladd_2(&w0, &w2, &w1, x[ 3], x[ 7]);
word3_muladd_2(&w0, &w2, &w1, x[ 4], x[ 6]);
- word3_muladd(&w0, &w2, &w1, x[ 5], x[ 5]);
+ word3_muladd (&w0, &w2, &w1, x[ 5], x[ 5]);
z[10] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 0], x[11]);
@@ -670,7 +671,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w2, &w1, &w0, x[ 3], x[ 9]);
word3_muladd_2(&w2, &w1, &w0, x[ 4], x[ 8]);
word3_muladd_2(&w2, &w1, &w0, x[ 5], x[ 7]);
- word3_muladd(&w2, &w1, &w0, x[ 6], x[ 6]);
+ word3_muladd (&w2, &w1, &w0, x[ 6], x[ 6]);
z[12] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 0], x[13]);
@@ -689,7 +690,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w1, &w0, &w2, x[ 4], x[10]);
word3_muladd_2(&w1, &w0, &w2, x[ 5], x[ 9]);
word3_muladd_2(&w1, &w0, &w2, x[ 6], x[ 8]);
- word3_muladd(&w1, &w0, &w2, x[ 7], x[ 7]);
+ word3_muladd (&w1, &w0, &w2, x[ 7], x[ 7]);
z[14] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 0], x[15]);
@@ -709,7 +710,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w0, &w2, &w1, x[ 5], x[11]);
word3_muladd_2(&w0, &w2, &w1, x[ 6], x[10]);
word3_muladd_2(&w0, &w2, &w1, x[ 7], x[ 9]);
- word3_muladd(&w0, &w2, &w1, x[ 8], x[ 8]);
+ word3_muladd (&w0, &w2, &w1, x[ 8], x[ 8]);
z[16] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 2], x[15]);
@@ -727,7 +728,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w2, &w1, &w0, x[ 6], x[12]);
word3_muladd_2(&w2, &w1, &w0, x[ 7], x[11]);
word3_muladd_2(&w2, &w1, &w0, x[ 8], x[10]);
- word3_muladd(&w2, &w1, &w0, x[ 9], x[ 9]);
+ word3_muladd (&w2, &w1, &w0, x[ 9], x[ 9]);
z[18] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[ 4], x[15]);
@@ -743,7 +744,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w1, &w0, &w2, x[ 7], x[13]);
word3_muladd_2(&w1, &w0, &w2, x[ 8], x[12]);
word3_muladd_2(&w1, &w0, &w2, x[ 9], x[11]);
- word3_muladd(&w1, &w0, &w2, x[10], x[10]);
+ word3_muladd (&w1, &w0, &w2, x[10], x[10]);
z[20] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[ 6], x[15]);
@@ -757,7 +758,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w0, &w2, &w1, x[ 8], x[14]);
word3_muladd_2(&w0, &w2, &w1, x[ 9], x[13]);
word3_muladd_2(&w0, &w2, &w1, x[10], x[12]);
- word3_muladd(&w0, &w2, &w1, x[11], x[11]);
+ word3_muladd (&w0, &w2, &w1, x[11], x[11]);
z[22] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[ 8], x[15]);
@@ -769,7 +770,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w2, &w1, &w0, x[ 9], x[15]);
word3_muladd_2(&w2, &w1, &w0, x[10], x[14]);
word3_muladd_2(&w2, &w1, &w0, x[11], x[13]);
- word3_muladd(&w2, &w1, &w0, x[12], x[12]);
+ word3_muladd (&w2, &w1, &w0, x[12], x[12]);
z[24] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[10], x[15]);
@@ -779,7 +780,7 @@ void bigint_comba_sqr16(word z[32], const word x[16])
word3_muladd_2(&w1, &w0, &w2, x[11], x[15]);
word3_muladd_2(&w1, &w0, &w2, x[12], x[14]);
- word3_muladd(&w1, &w0, &w2, x[13], x[13]);
+ word3_muladd (&w1, &w0, &w2, x[13], x[13]);
z[26] = w2; w2 = 0;
word3_muladd_2(&w2, &w1, &w0, x[12], x[15]);
@@ -787,13 +788,13 @@ void bigint_comba_sqr16(word z[32], const word x[16])
z[27] = w0; w0 = 0;
word3_muladd_2(&w0, &w2, &w1, x[13], x[15]);
- word3_muladd(&w0, &w2, &w1, x[14], x[14]);
+ word3_muladd (&w0, &w2, &w1, x[14], x[14]);
z[28] = w1; w1 = 0;
word3_muladd_2(&w1, &w0, &w2, x[14], x[15]);
z[29] = w2; w2 = 0;
- word3_muladd(&w2, &w1, &w0, x[15], x[15]);
+ word3_muladd (&w2, &w1, &w0, x[15], x[15]);
z[30] = w0;
z[31] = w1;
}
diff --git a/src/lib/math/mp/mp_core.h b/src/lib/math/mp/mp_core.h
index b97384d18..73f13742c 100644
--- a/src/lib/math/mp/mp_core.h
+++ b/src/lib/math/mp/mp_core.h
@@ -18,6 +18,36 @@ namespace Botan {
*/
const size_t MP_WORD_BITS = BOTAN_MP_WORD_BITS;
+/*
+* If cond == 0, does nothing.
+* If cond > 0, swaps x[0:size] with y[0:size]
+* Runs in constant time
+*/
+BOTAN_DLL
+void bigint_cnd_swap(word cnd, word x[], word y[], size_t size);
+
+/*
+* If cond > 0 adds x[0:size] to y[0:size] and returns carry
+* Runs in constant time
+*/
+BOTAN_DLL
+word bigint_cnd_add(word cnd, word x[], const word y[], size_t size);
+
+/*
+* If cond > 0 subs x[0:size] to y[0:size] and returns borrow
+* Runs in constant time
+*/
+BOTAN_DLL
+word bigint_cnd_sub(word cnd, word x[], const word y[], size_t size);
+
+/*
+* 2s complement absolute value
+* If cond > 0 sets x to ~x + 1
+* Runs in constant time
+*/
+BOTAN_DLL
+void bigint_cnd_abs(word cnd, word x[], size_t size);
+
/**
* Two operand addition
* @param x the first operand (and output)
@@ -81,15 +111,6 @@ void bigint_shr2(word y[], const word x[], size_t x_size,
size_t word_shift, size_t bit_shift);
/*
-* Simple O(N^2) Multiplication and Squaring
-*/
-void bigint_simple_mul(word z[],
- const word x[], size_t x_size,
- const word y[], size_t y_size);
-
-void bigint_simple_sqr(word z[], const word x[], size_t x_size);
-
-/*
* Linear Multiply
*/
void bigint_linmul2(word x[], size_t x_size, word y);
diff --git a/src/lib/math/mp/mp_karat.cpp b/src/lib/math/mp/mp_karat.cpp
index 96d9adae2..9135fdd6a 100644
--- a/src/lib/math/mp/mp_karat.cpp
+++ b/src/lib/math/mp/mp_karat.cpp
@@ -1,5 +1,5 @@
/*
-* Karatsuba Multiplication/Squaring
+* Multiplication and Squaring
* (C) 1999-2010 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
@@ -16,6 +16,37 @@ namespace {
const size_t KARATSUBA_MULTIPLY_THRESHOLD = 32;
const size_t KARATSUBA_SQUARE_THRESHOLD = 32;
+namespace {
+
+/*
+* Simple O(N^2) Multiplication
+*/
+void basecase_mul(word z[],
+ const word x[], size_t x_size,
+ const word y[], size_t y_size)
+ {
+ const size_t x_size_8 = x_size - (x_size % 8);
+
+ clear_mem(z, x_size + y_size);
+
+ for(size_t i = 0; i != y_size; ++i)
+ {
+ const word y_i = y[i];
+
+ word carry = 0;
+
+ for(size_t j = 0; j != x_size_8; j += 8)
+ carry = word8_madd3(z + i + j, x + j, y_i, carry);
+
+ for(size_t j = x_size_8; j != x_size; ++j)
+ z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry);
+
+ z[x_size+i] = carry;
+ }
+ }
+
+}
+
/*
* Karatsuba Multiplication Operation
*/
@@ -31,7 +62,7 @@ void karatsuba_mul(word z[], const word x[], const word y[], size_t N,
else if(N == 16)
return bigint_comba_mul16(z, x, y);
else
- return bigint_simple_mul(z, x, N, y, N);
+ return basecase_mul(z, x, N, y, N);
}
const size_t N2 = N / 2;
@@ -101,7 +132,7 @@ void karatsuba_sqr(word z[], const word x[], size_t N, word workspace[])
else if(N == 16)
return bigint_comba_sqr16(z, x);
else
- return bigint_simple_sqr(z, x, N);
+ return basecase_mul(z, x, N, x, N);
}
const size_t N2 = N / 2;
@@ -225,6 +256,9 @@ void bigint_mul(word z[], size_t z_size, word workspace[],
const word x[], size_t x_size, size_t x_sw,
const word y[], size_t y_size, size_t y_sw)
{
+ // checking that z_size >= x_sw + y_sw without overflow
+ BOTAN_ASSERT(z_size > x_sw && z_size > y_sw && z_size-x_sw >= y_sw, "Output size is sufficient");
+
if(x_sw == 1)
{
bigint_linmul3(z, y, y_sw, x[0]);
@@ -262,7 +296,7 @@ void bigint_mul(word z[], size_t z_size, word workspace[],
y_sw < KARATSUBA_MULTIPLY_THRESHOLD ||
!workspace)
{
- bigint_simple_mul(z, x, x_sw, y, y_sw);
+ basecase_mul(z, x, x_sw, y, y_sw);
}
else
{
@@ -271,7 +305,7 @@ void bigint_mul(word z[], size_t z_size, word workspace[],
if(N)
karatsuba_mul(z, x, y, N, workspace);
else
- bigint_simple_mul(z, x, x_sw, y, y_sw);
+ basecase_mul(z, x, x_sw, y, y_sw);
}
}
@@ -281,6 +315,8 @@ void bigint_mul(word z[], size_t z_size, word workspace[],
void bigint_sqr(word z[], size_t z_size, word workspace[],
const word x[], size_t x_size, size_t x_sw)
{
+ BOTAN_ASSERT(z_size/2 >= x_sw, "Output size is sufficient");
+
if(x_sw == 1)
{
bigint_linmul3(z, x, x_sw, x[0]);
@@ -307,7 +343,7 @@ void bigint_sqr(word z[], size_t z_size, word workspace[],
}
else if(x_size < KARATSUBA_SQUARE_THRESHOLD || !workspace)
{
- bigint_simple_sqr(z, x, x_sw);
+ basecase_mul(z, x, x_sw, x, x_sw);
}
else
{
@@ -316,7 +352,7 @@ void bigint_sqr(word z[], size_t z_size, word workspace[],
if(N)
karatsuba_sqr(z, x, N, workspace);
else
- bigint_simple_sqr(z, x, x_sw);
+ basecase_mul(z, x, x_sw, x, x_sw);
}
}
diff --git a/src/lib/math/mp/mp_mulop.cpp b/src/lib/math/mp/mp_mulop.cpp
deleted file mode 100644
index 432c7ef53..000000000
--- a/src/lib/math/mp/mp_mulop.cpp
+++ /dev/null
@@ -1,73 +0,0 @@
-/*
-* Simple O(N^2) Multiplication and Squaring
-* (C) 1999-2008 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include <botan/internal/mp_core.h>
-#include <botan/internal/mp_madd.h>
-#include <botan/internal/mp_asmi.h>
-#include <botan/mem_ops.h>
-
-namespace Botan {
-
-/*
-* Simple O(N^2) Multiplication
-*/
-void bigint_simple_mul(word z[], const word x[], size_t x_size,
- const word y[], size_t y_size)
- {
- const size_t x_size_8 = x_size - (x_size % 8);
-
- clear_mem(z, x_size + y_size);
-
- for(size_t i = 0; i != y_size; ++i)
- {
- const word y_i = y[i];
-
- word carry = 0;
-
- for(size_t j = 0; j != x_size_8; j += 8)
- carry = word8_madd3(z + i + j, x + j, y_i, carry);
-
- for(size_t j = x_size_8; j != x_size; ++j)
- z[i+j] = word_madd3(x[j], y_i, z[i+j], &carry);
-
- z[x_size+i] = carry;
- }
- }
-
-/*
-* Simple O(N^2) Squaring
-*
-* This is exactly the same algorithm as bigint_simple_mul, however
-* because C/C++ compilers suck at alias analysis it is good to have
-* the version where the compiler knows that x == y
-*
-* There is an O(n^1.5) squaring algorithm specified in Handbook of
-* Applied Cryptography, chapter 14
-*
-*/
-void bigint_simple_sqr(word z[], const word x[], size_t x_size)
- {
- const size_t x_size_8 = x_size - (x_size % 8);
-
- clear_mem(z, 2*x_size);
-
- for(size_t i = 0; i != x_size; ++i)
- {
- const word x_i = x[i];
- word carry = 0;
-
- for(size_t j = 0; j != x_size_8; j += 8)
- carry = word8_madd3(z + i + j, x + j, x_i, carry);
-
- for(size_t j = x_size_8; j != x_size; ++j)
- z[i+j] = word_madd3(x[j], x_i, z[i+j], &carry);
-
- z[x_size+i] = carry;
- }
- }
-
-}
diff --git a/src/lib/math/numbertheory/def_powm.h b/src/lib/math/numbertheory/def_powm.h
index ef5d6e39b..d60ca8173 100644
--- a/src/lib/math/numbertheory/def_powm.h
+++ b/src/lib/math/numbertheory/def_powm.h
@@ -29,11 +29,11 @@ class Fixed_Window_Exponentiator : public Modular_Exponentiator
Fixed_Window_Exponentiator(const BigInt&, Power_Mod::Usage_Hints);
private:
- Modular_Reducer reducer;
- BigInt exp;
- size_t window_bits;
- std::vector<BigInt> g;
- Power_Mod::Usage_Hints hints;
+ Modular_Reducer m_reducer;
+ BigInt m_exp;
+ size_t m_window_bits;
+ std::vector<BigInt> m_g;
+ Power_Mod::Usage_Hints m_hints;
};
/**
diff --git a/src/lib/math/numbertheory/dsa_gen.cpp b/src/lib/math/numbertheory/dsa_gen.cpp
index 60151355a..42bfeb4c1 100644
--- a/src/lib/math/numbertheory/dsa_gen.cpp
+++ b/src/lib/math/numbertheory/dsa_gen.cpp
@@ -61,19 +61,19 @@ bool generate_dsa_primes(RandomNumberGenerator& rng,
class Seed
{
public:
- Seed(const std::vector<byte>& s) : seed(s) {}
+ explicit Seed(const std::vector<byte>& s) : m_seed(s) {}
- operator std::vector<byte>& () { return seed; }
+ operator std::vector<byte>& () { return m_seed; }
Seed& operator++()
{
- for(size_t j = seed.size(); j > 0; --j)
- if(++seed[j-1])
+ for(size_t j = m_seed.size(); j > 0; --j)
+ if(++m_seed[j-1])
break;
return (*this);
}
private:
- std::vector<byte> seed;
+ std::vector<byte> m_seed;
};
Seed seed(seed_c);
diff --git a/src/lib/math/numbertheory/numthry.cpp b/src/lib/math/numbertheory/numthry.cpp
index 31dd72feb..ae2d33524 100644
--- a/src/lib/math/numbertheory/numthry.cpp
+++ b/src/lib/math/numbertheory/numthry.cpp
@@ -1,6 +1,6 @@
/*
* Number Theory Functions
-* (C) 1999-2011 Jack Lloyd
+* (C) 1999-2011,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -9,6 +9,7 @@
#include <botan/reducer.h>
#include <botan/internal/bit_ops.h>
#include <botan/internal/mp_core.h>
+#include <botan/internal/ct_utils.h>
#include <algorithm>
namespace Botan {
@@ -74,53 +75,200 @@ BigInt lcm(const BigInt& a, const BigInt& b)
return ((a * b) / gcd(a, b));
}
-namespace {
-
/*
-* If the modulus is odd, then we can avoid computing A and C. This is
-* a critical path algorithm in some instances and an odd modulus is
-* the common case for crypto, so worth special casing. See note 14.64
-* in Handbook of Applied Cryptography for more details.
+Sets result to a^-1 * 2^k mod a
+with n <= k <= 2n
+Returns k
+
+"The Montgomery Modular Inverse - Revisited" Çetin Koç, E. Savas
+http://citeseerx.ist.psu.edu/viewdoc/citations?doi=10.1.1.75.8377
+
+A const time implementation of this algorithm is described in
+"Constant Time Modular Inversion" Joppe W. Bos
+http://www.joppebos.com/files/CTInversion.pdf
*/
-BigInt inverse_mod_odd_modulus(const BigInt& n, const BigInt& mod)
+size_t almost_montgomery_inverse(BigInt& result,
+ const BigInt& a,
+ const BigInt& p)
{
- BigInt u = mod, v = n;
- BigInt B = 0, D = 1;
+ size_t k = 0;
- while(u.is_nonzero())
+ BigInt u = p, v = a, r = 0, s = 1;
+
+ while(v > 0)
{
- const size_t u_zero_bits = low_zero_bits(u);
- u >>= u_zero_bits;
- for(size_t i = 0; i != u_zero_bits; ++i)
+ if(u.is_even())
{
- if(B.is_odd())
- { B -= mod; }
- B >>= 1;
+ u >>= 1;
+ s <<= 1;
}
-
- const size_t v_zero_bits = low_zero_bits(v);
- v >>= v_zero_bits;
- for(size_t i = 0; i != v_zero_bits; ++i)
+ else if(v.is_even())
+ {
+ v >>= 1;
+ r <<= 1;
+ }
+ else if(u > v)
+ {
+ u -= v;
+ u >>= 1;
+ r += s;
+ s <<= 1;
+ }
+ else
{
- if(D.is_odd())
- { D -= mod; }
- D >>= 1;
+ v -= u;
+ v >>= 1;
+ s += r;
+ r <<= 1;
}
- if(u >= v) { u -= v; B -= D; }
- else { v -= u; D -= B; }
+ ++k;
}
- if(v != 1)
- return 0; // no modular inverse
+ if(r >= p)
+ {
+ r = r - p;
+ }
- while(D.is_negative()) D += mod;
- while(D >= mod) D -= mod;
+ result = p - r;
- return D;
+ return k;
}
-}
+BigInt normalized_montgomery_inverse(const BigInt& a, const BigInt& p)
+ {
+ BigInt r;
+ size_t k = almost_montgomery_inverse(r, a, p);
+
+ for(size_t i = 0; i != k; ++i)
+ {
+ if(r.is_odd())
+ r += p;
+ r >>= 1;
+ }
+
+ return r;
+ }
+
+BigInt ct_inverse_mod_odd_modulus(const BigInt& n, const BigInt& mod)
+ {
+ if(n.is_negative() || mod.is_negative())
+ throw Invalid_Argument("ct_inverse_mod_odd_modulus: arguments must be non-negative");
+ if(mod < 3 || mod.is_even())
+ throw Invalid_Argument("Bad modulus to ct_inverse_mod_odd_modulus");
+
+ /*
+ This uses a modular inversion algorithm designed by Niels Möller
+ and implemented in Nettle. The same algorithm was later also
+ adapted to GMP in mpn_sec_invert.
+
+ It can be easily implemented in a way that does not depend on
+ secret branches or memory lookups, providing resistance against
+ some forms of side channel attack.
+
+ There is also a description of the algorithm in Appendix 5 of "Fast
+ Software Polynomial Multiplication on ARM Processors using the NEON Engine"
+ by Danilo Câmara, Conrado P. L. Gouvêa, Julio López, and Ricardo
+ Dahab in LNCS 8182
+ http://conradoplg.cryptoland.net/files/2010/12/mocrysen13.pdf
+
+ Thanks to Niels for creating the algorithm, explaining some things
+ about it, and the reference to the paper.
+ */
+
+ // todo allow this to be pre-calculated and passed in as arg
+ BigInt mp1o2 = (mod + 1) >> 1;
+
+ const size_t mod_words = mod.sig_words();
+ BOTAN_ASSERT(mod_words > 0, "Not empty");
+
+ BigInt a = n;
+ BigInt b = mod;
+ BigInt u = 1, v = 0;
+
+ a.grow_to(mod_words);
+ u.grow_to(mod_words);
+ v.grow_to(mod_words);
+ mp1o2.grow_to(mod_words);
+
+ secure_vector<word>& a_w = a.get_word_vector();
+ secure_vector<word>& b_w = b.get_word_vector();
+ secure_vector<word>& u_w = u.get_word_vector();
+ secure_vector<word>& v_w = v.get_word_vector();
+
+ CT::poison(a_w.data(), a_w.size());
+ CT::poison(b_w.data(), b_w.size());
+ CT::poison(u_w.data(), u_w.size());
+ CT::poison(v_w.data(), v_w.size());
+
+ // Only n.bits() + mod.bits() iterations are required, but avoid leaking the size of n
+ size_t bits = 2 * mod.bits();
+
+ while(bits--)
+ {
+ /*
+ const word odd = a.is_odd();
+ a -= odd * b;
+ const word underflow = a.is_negative();
+ b += a * underflow;
+ a.set_sign(BigInt::Positive);
+
+ a >>= 1;
+
+ if(underflow)
+ {
+ std::swap(u, v);
+ }
+
+ u -= odd * v;
+ u += u.is_negative() * mod;
+
+ const word odd_u = u.is_odd();
+
+ u >>= 1;
+ u += mp1o2 * odd_u;
+ */
+
+ const word odd_a = a_w[0] & 1;
+
+ //if(odd_a) a -= b
+ word underflow = bigint_cnd_sub(odd_a, a_w.data(), b_w.data(), mod_words);
+
+ //if(underflow) { b -= a; a = abs(a); swap(u, v); }
+ bigint_cnd_add(underflow, b_w.data(), a_w.data(), mod_words);
+ bigint_cnd_abs(underflow, a_w.data(), mod_words);
+ bigint_cnd_swap(underflow, u_w.data(), v_w.data(), mod_words);
+
+ // a >>= 1
+ bigint_shr1(a_w.data(), mod_words, 0, 1);
+
+ //if(odd_a) u -= v;
+ word borrow = bigint_cnd_sub(odd_a, u_w.data(), v_w.data(), mod_words);
+
+ // if(borrow) u += p
+ bigint_cnd_add(borrow, u_w.data(), mod.data(), mod_words);
+
+ const word odd_u = u_w[0] & 1;
+
+ // u >>= 1
+ bigint_shr1(u_w.data(), mod_words, 0, 1);
+
+ //if(odd_u) u += mp1o2;
+ bigint_cnd_add(odd_u, u_w.data(), mp1o2.data(), mod_words);
+ }
+
+ CT::unpoison(a_w.data(), a_w.size());
+ CT::unpoison(b_w.data(), b_w.size());
+ CT::unpoison(u_w.data(), u_w.size());
+ CT::unpoison(v_w.data(), v_w.size());
+
+ BOTAN_ASSERT(a.is_zero(), "A is zero");
+
+ if(b != 1)
+ return 0;
+
+ return v;
+ }
/*
* Find the Modular Inverse
@@ -136,7 +284,7 @@ BigInt inverse_mod(const BigInt& n, const BigInt& mod)
return 0; // fast fail checks
if(mod.is_odd())
- return inverse_mod_odd_modulus(n, mod);
+ return ct_inverse_mod_odd_modulus(n, mod);
BigInt u = mod, v = n;
BigInt A = 1, B = 0, C = 0, D = 1;
diff --git a/src/lib/math/numbertheory/numthry.h b/src/lib/math/numbertheory/numthry.h
index 5df0858ee..e1e6c65f6 100644
--- a/src/lib/math/numbertheory/numthry.h
+++ b/src/lib/math/numbertheory/numthry.h
@@ -69,12 +69,34 @@ BigInt BOTAN_DLL square(const BigInt& x);
* Modular inversion
* @param x a positive integer
* @param modulus a positive integer
-* @return y st (x*y) % modulus == 1
+* @return y st (x*y) % modulus == 1 or 0 if no such value
+* Not const time
*/
BigInt BOTAN_DLL inverse_mod(const BigInt& x,
const BigInt& modulus);
/**
+* Const time modular inversion
+* Requires the modulus be odd
+*/
+BigInt BOTAN_DLL ct_inverse_mod_odd_modulus(const BigInt& n, const BigInt& mod);
+
+/**
+* Return a^-1 * 2^k mod b
+* Returns k, between n and 2n
+* Not const time
+*/
+size_t BOTAN_DLL almost_montgomery_inverse(BigInt& result,
+ const BigInt& a,
+ const BigInt& b);
+
+/**
+* Call almost_montgomery_inverse and correct the result to a^-1 mod b
+*/
+BigInt BOTAN_DLL normalized_montgomery_inverse(const BigInt& a, const BigInt& b);
+
+
+/**
* Compute the Jacobi symbol. If n is prime, this is equivalent
* to the Legendre symbol.
* @see http://mathworld.wolfram.com/JacobiSymbol.html
diff --git a/src/lib/math/numbertheory/pow_mod.cpp b/src/lib/math/numbertheory/pow_mod.cpp
index 49ff6cca2..5503f313c 100644
--- a/src/lib/math/numbertheory/pow_mod.cpp
+++ b/src/lib/math/numbertheory/pow_mod.cpp
@@ -34,10 +34,15 @@ Power_Mod::Power_Mod(const Power_Mod& other)
*/
Power_Mod& Power_Mod::operator=(const Power_Mod& other)
{
- delete m_core;
- m_core = nullptr;
- if(other.m_core)
- m_core = other.m_core->copy();
+ if(this != &other)
+ {
+ delete m_core;
+ m_core = nullptr;
+ if(other.m_core)
+ {
+ m_core = other.m_core->copy();
+ }
+ }
return (*this);
}
diff --git a/src/lib/math/numbertheory/powm_fw.cpp b/src/lib/math/numbertheory/powm_fw.cpp
index 14474104e..7369959a9 100644
--- a/src/lib/math/numbertheory/powm_fw.cpp
+++ b/src/lib/math/numbertheory/powm_fw.cpp
@@ -16,7 +16,7 @@ namespace Botan {
*/
void Fixed_Window_Exponentiator::set_exponent(const BigInt& e)
{
- exp = e;
+ m_exp = e;
}
/*
@@ -24,14 +24,14 @@ void Fixed_Window_Exponentiator::set_exponent(const BigInt& e)
*/
void Fixed_Window_Exponentiator::set_base(const BigInt& base)
{
- window_bits = Power_Mod::window_bits(exp.bits(), base.bits(), hints);
+ m_window_bits = Power_Mod::window_bits(m_exp.bits(), base.bits(), m_hints);
- g.resize((1 << window_bits));
- g[0] = 1;
- g[1] = base;
+ m_g.resize((1 << m_window_bits));
+ m_g[0] = 1;
+ m_g[1] = base;
- for(size_t i = 2; i != g.size(); ++i)
- g[i] = reducer.multiply(g[i-1], g[0]);
+ for(size_t i = 2; i != m_g.size(); ++i)
+ m_g[i] = m_reducer.multiply(m_g[i-1], m_g[0]);
}
/*
@@ -39,18 +39,18 @@ void Fixed_Window_Exponentiator::set_base(const BigInt& base)
*/
BigInt Fixed_Window_Exponentiator::execute() const
{
- const size_t exp_nibbles = (exp.bits() + window_bits - 1) / window_bits;
+ const size_t exp_nibbles = (m_exp.bits() + m_window_bits - 1) / m_window_bits;
BigInt x = 1;
for(size_t i = exp_nibbles; i > 0; --i)
{
- for(size_t j = 0; j != window_bits; ++j)
- x = reducer.square(x);
+ for(size_t j = 0; j != m_window_bits; ++j)
+ x = m_reducer.square(x);
- const u32bit nibble = exp.get_substring(window_bits*(i-1), window_bits);
+ const u32bit nibble = m_exp.get_substring(m_window_bits*(i-1), m_window_bits);
- x = reducer.multiply(x, g[nibble]);
+ x = m_reducer.multiply(x, m_g[nibble]);
}
return x;
}
@@ -60,10 +60,7 @@ BigInt Fixed_Window_Exponentiator::execute() const
*/
Fixed_Window_Exponentiator::Fixed_Window_Exponentiator(const BigInt& n,
Power_Mod::Usage_Hints hints)
- {
- reducer = Modular_Reducer(n);
- this->hints = hints;
- window_bits = 0;
- }
+ : m_reducer{Modular_Reducer(n)}, m_exp{}, m_window_bits{}, m_g{}, m_hints{hints}
+ {}
}
diff --git a/src/lib/math/numbertheory/reducer.cpp b/src/lib/math/numbertheory/reducer.cpp
index 332895d63..d5f1666e1 100644
--- a/src/lib/math/numbertheory/reducer.cpp
+++ b/src/lib/math/numbertheory/reducer.cpp
@@ -18,12 +18,12 @@ Modular_Reducer::Modular_Reducer(const BigInt& mod)
if(mod <= 0)
throw Invalid_Argument("Modular_Reducer: modulus must be positive");
- modulus = mod;
- mod_words = modulus.sig_words();
+ m_modulus = mod;
+ m_mod_words = m_modulus.sig_words();
- modulus_2 = Botan::square(modulus);
+ m_modulus_2 = Botan::square(m_modulus);
- mu = BigInt::power_of_2(2 * MP_WORD_BITS * mod_words) / modulus;
+ m_mu = BigInt::power_of_2(2 * MP_WORD_BITS * m_mod_words) / m_modulus;
}
/*
@@ -31,50 +31,50 @@ Modular_Reducer::Modular_Reducer(const BigInt& mod)
*/
BigInt Modular_Reducer::reduce(const BigInt& x) const
{
- if(mod_words == 0)
+ if(m_mod_words == 0)
throw Invalid_State("Modular_Reducer: Never initalized");
- if(x.cmp(modulus, false) < 0)
+ if(x.cmp(m_modulus, false) < 0)
{
if(x.is_negative())
- return x + modulus; // make positive
+ return x + m_modulus; // make positive
return x;
}
- else if(x.cmp(modulus_2, false) < 0)
+ else if(x.cmp(m_modulus_2, false) < 0)
{
BigInt t1 = x;
t1.set_sign(BigInt::Positive);
- t1 >>= (MP_WORD_BITS * (mod_words - 1));
- t1 *= mu;
+ t1 >>= (MP_WORD_BITS * (m_mod_words - 1));
+ t1 *= m_mu;
- t1 >>= (MP_WORD_BITS * (mod_words + 1));
- t1 *= modulus;
+ t1 >>= (MP_WORD_BITS * (m_mod_words + 1));
+ t1 *= m_modulus;
- t1.mask_bits(MP_WORD_BITS * (mod_words + 1));
+ t1.mask_bits(MP_WORD_BITS * (m_mod_words + 1));
BigInt t2 = x;
t2.set_sign(BigInt::Positive);
- t2.mask_bits(MP_WORD_BITS * (mod_words + 1));
+ t2.mask_bits(MP_WORD_BITS * (m_mod_words + 1));
t2 -= t1;
if(t2.is_negative())
{
- t2 += BigInt::power_of_2(MP_WORD_BITS * (mod_words + 1));
+ t2 += BigInt::power_of_2(MP_WORD_BITS * (m_mod_words + 1));
}
- while(t2 >= modulus)
- t2 -= modulus;
+ while(t2 >= m_modulus)
+ t2 -= m_modulus;
if(x.is_positive())
return t2;
else
- return (modulus - t2);
+ return (m_modulus - t2);
}
else
{
// too big, fall back to normal division
- return (x % modulus);
+ return (x % m_modulus);
}
}
diff --git a/src/lib/math/numbertheory/reducer.h b/src/lib/math/numbertheory/reducer.h
index b45e0e186..36808f00f 100644
--- a/src/lib/math/numbertheory/reducer.h
+++ b/src/lib/math/numbertheory/reducer.h
@@ -18,7 +18,7 @@ namespace Botan {
class BOTAN_DLL Modular_Reducer
{
public:
- const BigInt& get_modulus() const { return modulus; }
+ const BigInt& get_modulus() const { return m_modulus; }
BigInt reduce(const BigInt& x) const;
@@ -47,13 +47,13 @@ class BOTAN_DLL Modular_Reducer
BigInt cube(const BigInt& x) const
{ return multiply(x, this->square(x)); }
- bool initialized() const { return (mod_words != 0); }
+ bool initialized() const { return (m_mod_words != 0); }
- Modular_Reducer() { mod_words = 0; }
- Modular_Reducer(const BigInt& mod);
+ Modular_Reducer() { m_mod_words = 0; }
+ explicit Modular_Reducer(const BigInt& mod);
private:
- BigInt modulus, modulus_2, mu;
- size_t mod_words;
+ BigInt m_modulus, m_modulus_2, m_mu;
+ size_t m_mod_words;
};
}
diff --git a/src/lib/math/numbertheory/ressol.cpp b/src/lib/math/numbertheory/ressol.cpp
index 834dd94ce..127dc899e 100644
--- a/src/lib/math/numbertheory/ressol.cpp
+++ b/src/lib/math/numbertheory/ressol.cpp
@@ -16,15 +16,17 @@ namespace Botan {
*/
BigInt ressol(const BigInt& a, const BigInt& p)
{
- if(a < 0)
- throw Invalid_Argument("ressol(): a to solve for must be positive");
- if(p <= 1)
- throw Invalid_Argument("ressol(): prime must be > 1");
-
if(a == 0)
return 0;
+ else if(a < 0)
+ throw Invalid_Argument("ressol(): a to solve for must be positive");
+
if(p == 2)
return a;
+ else if(p <= 1)
+ throw Invalid_Argument("ressol(): prime must be > 1 a");
+ else if(p.is_even())
+ throw Invalid_Argument("ressol(): invalid prime");
if(jacobi(a, p) != 1) // not a quadratic residue
return -BigInt(1);
@@ -63,10 +65,12 @@ BigInt ressol(const BigInt& a, const BigInt& p)
{
q = mod_p.square(q);
++i;
- }
- if(s <= i)
- return -BigInt(1);
+ if(i > s)
+ {
+ return -BigInt(1);
+ }
+ }
c = power_mod(c, BigInt::power_of_2(s-i-1), p);
r = mod_p.multiply(r, c);
diff --git a/src/lib/misc/fpe_fe1/fpe_fe1.cpp b/src/lib/misc/fpe_fe1/fpe_fe1.cpp
index 197dbb21a..c59e41e78 100644
--- a/src/lib/misc/fpe_fe1/fpe_fe1.cpp
+++ b/src/lib/misc/fpe_fe1/fpe_fe1.cpp
@@ -85,42 +85,42 @@ class FPE_Encryptor
BigInt operator()(size_t i, const BigInt& R);
private:
- std::unique_ptr<MessageAuthenticationCode> mac;
- std::vector<byte> mac_n_t;
+ std::unique_ptr<MessageAuthenticationCode> m_mac;
+ std::vector<byte> m_mac_n_t;
};
FPE_Encryptor::FPE_Encryptor(const SymmetricKey& key,
const BigInt& n,
const std::vector<byte>& tweak)
{
- mac.reset(new HMAC(new SHA_256));
- mac->set_key(key);
+ m_mac.reset(new HMAC(new SHA_256));
+ m_mac->set_key(key);
std::vector<byte> n_bin = BigInt::encode(n);
if(n_bin.size() > MAX_N_BYTES)
throw Exception("N is too large for FPE encryption");
- mac->update_be(static_cast<u32bit>(n_bin.size()));
- mac->update(n_bin.data(), n_bin.size());
+ m_mac->update_be(static_cast<u32bit>(n_bin.size()));
+ m_mac->update(n_bin.data(), n_bin.size());
- mac->update_be(static_cast<u32bit>(tweak.size()));
- mac->update(tweak.data(), tweak.size());
+ m_mac->update_be(static_cast<u32bit>(tweak.size()));
+ m_mac->update(tweak.data(), tweak.size());
- mac_n_t = unlock(mac->final());
+ m_mac_n_t = unlock(m_mac->final());
}
BigInt FPE_Encryptor::operator()(size_t round_no, const BigInt& R)
{
secure_vector<byte> r_bin = BigInt::encode_locked(R);
- mac->update(mac_n_t);
- mac->update_be(static_cast<u32bit>(round_no));
+ m_mac->update(m_mac_n_t);
+ m_mac->update_be(static_cast<u32bit>(round_no));
- mac->update_be(static_cast<u32bit>(r_bin.size()));
- mac->update(r_bin.data(), r_bin.size());
+ m_mac->update_be(static_cast<u32bit>(r_bin.size()));
+ m_mac->update(r_bin.data(), r_bin.size());
- secure_vector<byte> X = mac->final();
+ secure_vector<byte> X = m_mac->final();
return BigInt(X.data(), X.size());
}
diff --git a/src/lib/misc/openpgp/openpgp.cpp b/src/lib/misc/openpgp/openpgp.cpp
index f42ce875e..7a08a93ef 100644
--- a/src/lib/misc/openpgp/openpgp.cpp
+++ b/src/lib/misc/openpgp/openpgp.cpp
@@ -177,7 +177,7 @@ secure_vector<byte> PGP_decode(DataSource& source,
}
base64.end_msg();
- if(crc != "" && crc != base64.read_all_as_string(1))
+ if(!crc.empty() && crc != base64.read_all_as_string(1))
throw Decoding_Error("PGP: Corrupt CRC");
return base64.read_all();
diff --git a/src/lib/misc/srp6/srp6_files.cpp b/src/lib/misc/srp6/srp6_files.cpp
index c028767ad..14ab1ac61 100644
--- a/src/lib/misc/srp6/srp6_files.cpp
+++ b/src/lib/misc/srp6/srp6_files.cpp
@@ -45,7 +45,7 @@ SRP6_Authenticator_File::SRP6_Authenticator_File(const std::string& filename)
else
continue; // unknown group, ignored
- entries[username] = SRP6_Data(v, salt, group_id);
+ m_entries[username] = SRP6_Data(v, salt, group_id);
}
}
@@ -54,9 +54,9 @@ bool SRP6_Authenticator_File::lookup_user(const std::string& username,
std::vector<byte>& salt,
std::string& group_id) const
{
- std::map<std::string, SRP6_Data>::const_iterator i = entries.find(username);
+ std::map<std::string, SRP6_Data>::const_iterator i = m_entries.find(username);
- if(i == entries.end())
+ if(i == m_entries.end())
return false;
v = i->second.v;
diff --git a/src/lib/misc/srp6/srp6_files.h b/src/lib/misc/srp6/srp6_files.h
index 45c3b0bfe..2b20de7a3 100644
--- a/src/lib/misc/srp6/srp6_files.h
+++ b/src/lib/misc/srp6/srp6_files.h
@@ -24,7 +24,7 @@ class BOTAN_DLL SRP6_Authenticator_File
* @param filename will be opened and processed as a SRP
* authenticator file
*/
- SRP6_Authenticator_File(const std::string& filename);
+ explicit SRP6_Authenticator_File(const std::string& filename);
bool lookup_user(const std::string& username,
BigInt& v,
@@ -35,17 +35,22 @@ class BOTAN_DLL SRP6_Authenticator_File
{
SRP6_Data() {}
- SRP6_Data(const BigInt& v,
- const std::vector<byte>& salt,
- const std::string& group_id) :
- v(v), salt(salt), group_id(group_id) {}
+ SRP6_Data(const BigInt& v_,
+ const std::vector<byte>& salt_,
+ const std::string& group_id_) :
+ v(v_), salt(salt_), group_id(group_id_) {}
+ // public member variable:
BigInt v;
+
+ // public member variable:
std::vector<byte> salt;
+
+ // public member variable:
std::string group_id;
};
- std::map<std::string, SRP6_Data> entries;
+ std::map<std::string, SRP6_Data> m_entries;
};
}
diff --git a/src/lib/misc/tss/tss.cpp b/src/lib/misc/tss/tss.cpp
index 6904f9f0a..e1727dc33 100644
--- a/src/lib/misc/tss/tss.cpp
+++ b/src/lib/misc/tss/tss.cpp
@@ -105,7 +105,7 @@ HashFunction* get_rtss_hash_by_id(byte id)
RTSS_Share::RTSS_Share(const std::string& hex_input)
{
- contents = hex_decode_locked(hex_input);
+ m_contents = hex_decode_locked(hex_input);
}
byte RTSS_Share::share_id() const
@@ -113,12 +113,12 @@ byte RTSS_Share::share_id() const
if(!initialized())
throw Invalid_State("RTSS_Share::share_id not initialized");
- return contents[20];
+ return m_contents[20];
}
std::string RTSS_Share::to_string() const
{
- return hex_encode(contents.data(), contents.size());
+ return hex_encode(m_contents.data(), m_contents.size());
}
std::vector<RTSS_Share>
@@ -137,16 +137,16 @@ RTSS_Share::split(byte M, byte N,
// Create RTSS header in each share
for(byte i = 0; i != N; ++i)
{
- shares[i].contents += std::make_pair(identifier, 16);
- shares[i].contents += rtss_hash_id(hash.name());
- shares[i].contents += M;
- shares[i].contents += get_byte(0, S_len);
- shares[i].contents += get_byte(1, S_len);
+ shares[i].m_contents += std::make_pair(identifier, 16);
+ shares[i].m_contents += rtss_hash_id(hash.name());
+ shares[i].m_contents += M;
+ shares[i].m_contents += get_byte(0, S_len);
+ shares[i].m_contents += get_byte(1, S_len);
}
// Choose sequential values for X starting from 1
for(byte i = 0; i != N; ++i)
- shares[i].contents.push_back(i+1);
+ shares[i].m_contents.push_back(i+1);
// secret = S || H(S)
secure_vector<byte> secret(S, S + S_len);
@@ -170,7 +170,7 @@ RTSS_Share::split(byte M, byte N,
X_i = gfp_mul(X_i, X);
}
- shares[j].contents.push_back(sum);
+ shares[j].m_contents.push_back(sum);
}
}
@@ -191,18 +191,18 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
if(shares[i].size() < RTSS_HEADER_SIZE)
throw Decoding_Error("Missing or malformed RTSS header");
- if(!same_mem(&shares[0].contents[0],
- &shares[i].contents[0], RTSS_HEADER_SIZE))
+ if(!same_mem(&shares[0].m_contents[0],
+ &shares[i].m_contents[0], RTSS_HEADER_SIZE))
throw Decoding_Error("Different RTSS headers detected");
}
- if(shares.size() < shares[0].contents[17])
+ if(shares.size() < shares[0].m_contents[17])
throw Decoding_Error("Insufficient shares to do TSS reconstruction");
- u16bit secret_len = make_u16bit(shares[0].contents[18],
- shares[0].contents[19]);
+ u16bit secret_len = make_u16bit(shares[0].m_contents[18],
+ shares[0].m_contents[19]);
- byte hash_id = shares[0].contents[16];
+ byte hash_id = shares[0].m_contents[16];
std::unique_ptr<HashFunction> hash(get_rtss_hash_by_id(hash_id));
@@ -215,7 +215,7 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
for(size_t i = RTSS_HEADER_SIZE + 1; i != shares[0].size(); ++i)
{
for(size_t j = 0; j != V.size(); ++j)
- V[j] = shares[j].contents[i];
+ V[j] = shares[j].m_contents[i];
byte r = 0;
for(size_t k = 0; k != shares.size(); ++k)
diff --git a/src/lib/misc/tss/tss.h b/src/lib/misc/tss/tss.h
index 09a5dbe19..6ff47a0cc 100644
--- a/src/lib/misc/tss/tss.h
+++ b/src/lib/misc/tss/tss.h
@@ -46,7 +46,7 @@ class BOTAN_DLL RTSS_Share
/**
* @param hex_input the share encoded in hexadecimal
*/
- RTSS_Share(const std::string& hex_input);
+ explicit RTSS_Share(const std::string& hex_input);
/**
* @return hex representation
@@ -61,14 +61,14 @@ class BOTAN_DLL RTSS_Share
/**
* @return size of this share in bytes
*/
- size_t size() const { return contents.size(); }
+ size_t size() const { return m_contents.size(); }
/**
* @return if this TSS share was initialized or not
*/
- bool initialized() const { return (contents.size() > 0); }
+ bool initialized() const { return (m_contents.size() > 0); }
private:
- secure_vector<byte> contents;
+ secure_vector<byte> m_contents;
};
}
diff --git a/src/lib/modes/aead/ccm/ccm.h b/src/lib/modes/aead/ccm/ccm.h
index 58ca447e8..8277a8f93 100644
--- a/src/lib/modes/aead/ccm/ccm.h
+++ b/src/lib/modes/aead/ccm/ccm.h
@@ -74,7 +74,7 @@ class BOTAN_DLL CCM_Mode : public AEAD_Mode
/**
* CCM Encryption
*/
-class BOTAN_DLL CCM_Encryption : public CCM_Mode
+class BOTAN_DLL CCM_Encryption final : public CCM_Mode
{
public:
/**
@@ -98,7 +98,7 @@ class BOTAN_DLL CCM_Encryption : public CCM_Mode
/**
* CCM Decryption
*/
-class BOTAN_DLL CCM_Decryption : public CCM_Mode
+class BOTAN_DLL CCM_Decryption final : public CCM_Mode
{
public:
/**
diff --git a/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h b/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h
index f496590af..5aa2dc010 100644
--- a/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h
+++ b/src/lib/modes/aead/chacha20poly1305/chacha20poly1305.h
@@ -58,7 +58,7 @@ class BOTAN_DLL ChaCha20Poly1305_Mode : public AEAD_Mode
/**
* ChaCha20Poly1305 Encryption
*/
-class BOTAN_DLL ChaCha20Poly1305_Encryption : public ChaCha20Poly1305_Mode
+class BOTAN_DLL ChaCha20Poly1305_Encryption final : public ChaCha20Poly1305_Mode
{
public:
size_t output_length(size_t input_length) const override
@@ -74,7 +74,7 @@ class BOTAN_DLL ChaCha20Poly1305_Encryption : public ChaCha20Poly1305_Mode
/**
* ChaCha20Poly1305 Decryption
*/
-class BOTAN_DLL ChaCha20Poly1305_Decryption : public ChaCha20Poly1305_Mode
+class BOTAN_DLL ChaCha20Poly1305_Decryption final : public ChaCha20Poly1305_Mode
{
public:
size_t output_length(size_t input_length) const override
diff --git a/src/lib/modes/aead/eax/eax.h b/src/lib/modes/aead/eax/eax.h
index 970bb9d43..e3d942d5e 100644
--- a/src/lib/modes/aead/eax/eax.h
+++ b/src/lib/modes/aead/eax/eax.h
@@ -62,7 +62,7 @@ class BOTAN_DLL EAX_Mode : public AEAD_Mode
/**
* EAX Encryption
*/
-class BOTAN_DLL EAX_Encryption : public EAX_Mode
+class BOTAN_DLL EAX_Encryption final : public EAX_Mode
{
public:
/**
@@ -85,7 +85,7 @@ class BOTAN_DLL EAX_Encryption : public EAX_Mode
/**
* EAX Decryption
*/
-class BOTAN_DLL EAX_Decryption : public EAX_Mode
+class BOTAN_DLL EAX_Decryption final : public EAX_Mode
{
public:
/**
diff --git a/src/lib/modes/aead/gcm/gcm.cpp b/src/lib/modes/aead/gcm/gcm.cpp
index a77c3e4d4..1dc5efe4f 100644
--- a/src/lib/modes/aead/gcm/gcm.cpp
+++ b/src/lib/modes/aead/gcm/gcm.cpp
@@ -162,7 +162,7 @@ GCM_Mode::GCM_Mode(BlockCipher* cipher, size_t tag_size) :
m_tag_size(tag_size),
m_cipher_name(cipher->name())
{
- if(cipher->block_size() != BS)
+ if(cipher->block_size() != m_BS)
throw Invalid_Argument("GCM requires a 128 bit cipher so cannot be used with " +
cipher->name());
@@ -187,7 +187,7 @@ std::string GCM_Mode::name() const
size_t GCM_Mode::update_granularity() const
{
- return BS;
+ return m_BS;
}
Key_Length_Specification GCM_Mode::key_spec() const
@@ -199,10 +199,10 @@ void GCM_Mode::key_schedule(const byte key[], size_t keylen)
{
m_ctr->set_key(key, keylen);
- const std::vector<byte> zeros(BS);
+ const std::vector<byte> zeros(m_BS);
m_ctr->set_iv(zeros.data(), zeros.size());
- secure_vector<byte> H(BS);
+ secure_vector<byte> H(m_BS);
m_ctr->encipher(H);
m_ghash->set_key(H);
}
@@ -217,7 +217,7 @@ secure_vector<byte> GCM_Mode::start_raw(const byte nonce[], size_t nonce_len)
if(!valid_nonce_length(nonce_len))
throw Invalid_IV_Length(name(), nonce_len);
- secure_vector<byte> y0(BS);
+ secure_vector<byte> y0(m_BS);
if(nonce_len == 12)
{
@@ -231,7 +231,7 @@ secure_vector<byte> GCM_Mode::start_raw(const byte nonce[], size_t nonce_len)
m_ctr->set_iv(y0.data(), y0.size());
- secure_vector<byte> m_enc_y0(BS);
+ secure_vector<byte> m_enc_y0(m_BS);
m_ctr->encipher(m_enc_y0);
m_ghash->start(m_enc_y0.data(), m_enc_y0.size());
diff --git a/src/lib/modes/aead/gcm/gcm.h b/src/lib/modes/aead/gcm/gcm.h
index 8e7ae8b7f..ba0d6cad8 100644
--- a/src/lib/modes/aead/gcm/gcm.h
+++ b/src/lib/modes/aead/gcm/gcm.h
@@ -39,7 +39,7 @@ class BOTAN_DLL GCM_Mode : public AEAD_Mode
protected:
GCM_Mode(BlockCipher* cipher, size_t tag_size);
- const size_t BS = 16;
+ const size_t m_BS = 16;
const size_t m_tag_size;
const std::string m_cipher_name;
@@ -55,7 +55,7 @@ class BOTAN_DLL GCM_Mode : public AEAD_Mode
/**
* GCM Encryption
*/
-class BOTAN_DLL GCM_Encryption : public GCM_Mode
+class BOTAN_DLL GCM_Encryption final : public GCM_Mode
{
public:
/**
@@ -78,7 +78,7 @@ class BOTAN_DLL GCM_Encryption : public GCM_Mode
/**
* GCM Decryption
*/
-class BOTAN_DLL GCM_Decryption : public GCM_Mode
+class BOTAN_DLL GCM_Decryption final : public GCM_Mode
{
public:
/**
diff --git a/src/lib/modes/aead/ocb/ocb.cpp b/src/lib/modes/aead/ocb/ocb.cpp
index 08157cd47..77126ec7a 100644
--- a/src/lib/modes/aead/ocb/ocb.cpp
+++ b/src/lib/modes/aead/ocb/ocb.cpp
@@ -15,7 +15,7 @@ namespace Botan {
class L_computer
{
public:
- L_computer(const BlockCipher& cipher)
+ explicit L_computer(const BlockCipher& cipher)
{
m_L_star.resize(cipher.block_size());
cipher.encrypt(m_L_star);
diff --git a/src/lib/modes/aead/ocb/ocb.h b/src/lib/modes/aead/ocb/ocb.h
index 53723a730..92edce970 100644
--- a/src/lib/modes/aead/ocb/ocb.h
+++ b/src/lib/modes/aead/ocb/ocb.h
@@ -73,7 +73,7 @@ class BOTAN_DLL OCB_Mode : public AEAD_Mode
secure_vector<byte> m_stretch;
};
-class BOTAN_DLL OCB_Encryption : public OCB_Mode
+class BOTAN_DLL OCB_Encryption final : public OCB_Mode
{
public:
/**
@@ -95,7 +95,7 @@ class BOTAN_DLL OCB_Encryption : public OCB_Mode
void encrypt(byte input[], size_t blocks);
};
-class BOTAN_DLL OCB_Decryption : public OCB_Mode
+class BOTAN_DLL OCB_Decryption final : public OCB_Mode
{
public:
/**
diff --git a/src/lib/modes/aead/siv/siv.h b/src/lib/modes/aead/siv/siv.h
index 8336026cb..d3e4c5270 100644
--- a/src/lib/modes/aead/siv/siv.h
+++ b/src/lib/modes/aead/siv/siv.h
@@ -43,7 +43,7 @@ class BOTAN_DLL SIV_Mode : public AEAD_Mode
size_t tag_size() const override { return 16; }
protected:
- SIV_Mode(BlockCipher* cipher);
+ explicit SIV_Mode(BlockCipher* cipher);
StreamCipher& ctr() { return *m_ctr; }
@@ -67,13 +67,13 @@ class BOTAN_DLL SIV_Mode : public AEAD_Mode
/**
* SIV Encryption
*/
-class BOTAN_DLL SIV_Encryption : public SIV_Mode
+class BOTAN_DLL SIV_Encryption final : public SIV_Mode
{
public:
/**
* @param cipher a block cipher
*/
- SIV_Encryption(BlockCipher* cipher) : SIV_Mode(cipher) {}
+ explicit SIV_Encryption(BlockCipher* cipher) : SIV_Mode(cipher) {}
void finish(secure_vector<byte>& final_block, size_t offset = 0) override;
@@ -86,13 +86,13 @@ class BOTAN_DLL SIV_Encryption : public SIV_Mode
/**
* SIV Decryption
*/
-class BOTAN_DLL SIV_Decryption : public SIV_Mode
+class BOTAN_DLL SIV_Decryption final : public SIV_Mode
{
public:
/**
* @param cipher a 128-bit block cipher
*/
- SIV_Decryption(BlockCipher* cipher) : SIV_Mode(cipher) {}
+ explicit SIV_Decryption(BlockCipher* cipher) : SIV_Mode(cipher) {}
void finish(secure_vector<byte>& final_block, size_t offset = 0) override;
diff --git a/src/lib/modes/cbc/cbc.h b/src/lib/modes/cbc/cbc.h
index 7fbcc8837..961991d4a 100644
--- a/src/lib/modes/cbc/cbc.h
+++ b/src/lib/modes/cbc/cbc.h
@@ -77,10 +77,10 @@ class BOTAN_DLL CBC_Encryption : public CBC_Mode
/**
* CBC Encryption with ciphertext stealing (CBC-CS3 variant)
*/
-class BOTAN_DLL CTS_Encryption : public CBC_Encryption
+class BOTAN_DLL CTS_Encryption final : public CBC_Encryption
{
public:
- CTS_Encryption(BlockCipher* cipher) : CBC_Encryption(cipher, nullptr) {}
+ explicit CTS_Encryption(BlockCipher* cipher) : CBC_Encryption(cipher, nullptr) {}
size_t output_length(size_t input_length) const override;
@@ -114,10 +114,10 @@ class BOTAN_DLL CBC_Decryption : public CBC_Mode
/**
* CBC Decryption with ciphertext stealing (CBC-CS3 variant)
*/
-class BOTAN_DLL CTS_Decryption : public CBC_Decryption
+class BOTAN_DLL CTS_Decryption final : public CBC_Decryption
{
public:
- CTS_Decryption(BlockCipher* cipher) : CBC_Decryption(cipher, nullptr) {}
+ explicit CTS_Decryption(BlockCipher* cipher) : CBC_Decryption(cipher, nullptr) {}
void finish(secure_vector<byte>& final_block, size_t offset = 0) override;
diff --git a/src/lib/modes/cfb/cfb.h b/src/lib/modes/cfb/cfb.h
index 25c42e4b0..49321a1c9 100644
--- a/src/lib/modes/cfb/cfb.h
+++ b/src/lib/modes/cfb/cfb.h
@@ -58,7 +58,7 @@ class BOTAN_DLL CFB_Mode : public Cipher_Mode
/**
* CFB Encryption
*/
-class BOTAN_DLL CFB_Encryption : public CFB_Mode
+class BOTAN_DLL CFB_Encryption final : public CFB_Mode
{
public:
CFB_Encryption(BlockCipher* cipher, size_t feedback_bits) :
@@ -72,7 +72,7 @@ class BOTAN_DLL CFB_Encryption : public CFB_Mode
/**
* CFB Decryption
*/
-class BOTAN_DLL CFB_Decryption : public CFB_Mode
+class BOTAN_DLL CFB_Decryption final : public CFB_Mode
{
public:
CFB_Decryption(BlockCipher* cipher, size_t feedback_bits) :
diff --git a/src/lib/modes/ecb/ecb.h b/src/lib/modes/ecb/ecb.h
index e885e8890..aebd4c1a5 100644
--- a/src/lib/modes/ecb/ecb.h
+++ b/src/lib/modes/ecb/ecb.h
@@ -49,7 +49,7 @@ class BOTAN_DLL ECB_Mode : public Cipher_Mode
/**
* ECB Encryption
*/
-class BOTAN_DLL ECB_Encryption : public ECB_Mode
+class BOTAN_DLL ECB_Encryption final : public ECB_Mode
{
public:
ECB_Encryption(BlockCipher* cipher, BlockCipherModePaddingMethod* padding) :
@@ -67,7 +67,7 @@ class BOTAN_DLL ECB_Encryption : public ECB_Mode
/**
* ECB Decryption
*/
-class BOTAN_DLL ECB_Decryption : public ECB_Mode
+class BOTAN_DLL ECB_Decryption final : public ECB_Mode
{
public:
ECB_Decryption(BlockCipher* cipher, BlockCipherModePaddingMethod* padding) :
diff --git a/src/lib/modes/mode_pad/mode_pad.h b/src/lib/modes/mode_pad/mode_pad.h
index 91102c66c..0a775b1ea 100644
--- a/src/lib/modes/mode_pad/mode_pad.h
+++ b/src/lib/modes/mode_pad/mode_pad.h
@@ -56,7 +56,7 @@ class BOTAN_DLL BlockCipherModePaddingMethod
/**
* PKCS#7 Padding
*/
-class BOTAN_DLL PKCS7_Padding : public BlockCipherModePaddingMethod
+class BOTAN_DLL PKCS7_Padding final : public BlockCipherModePaddingMethod
{
public:
void add_padding(secure_vector<byte>& buffer,
@@ -73,7 +73,7 @@ class BOTAN_DLL PKCS7_Padding : public BlockCipherModePaddingMethod
/**
* ANSI X9.23 Padding
*/
-class BOTAN_DLL ANSI_X923_Padding : public BlockCipherModePaddingMethod
+class BOTAN_DLL ANSI_X923_Padding final : public BlockCipherModePaddingMethod
{
public:
void add_padding(secure_vector<byte>& buffer,
@@ -90,7 +90,7 @@ class BOTAN_DLL ANSI_X923_Padding : public BlockCipherModePaddingMethod
/**
* One And Zeros Padding
*/
-class BOTAN_DLL OneAndZeros_Padding : public BlockCipherModePaddingMethod
+class BOTAN_DLL OneAndZeros_Padding final : public BlockCipherModePaddingMethod
{
public:
void add_padding(secure_vector<byte>& buffer,
@@ -107,7 +107,7 @@ class BOTAN_DLL OneAndZeros_Padding : public BlockCipherModePaddingMethod
/**
* Null Padding
*/
-class BOTAN_DLL Null_Padding : public BlockCipherModePaddingMethod
+class BOTAN_DLL Null_Padding final : public BlockCipherModePaddingMethod
{
public:
void add_padding(secure_vector<byte>&, size_t, size_t) const override {}
diff --git a/src/lib/modes/stream_mode.h b/src/lib/modes/stream_mode.h
index 5450bc37d..f5f1aa33a 100644
--- a/src/lib/modes/stream_mode.h
+++ b/src/lib/modes/stream_mode.h
@@ -15,7 +15,7 @@ namespace Botan {
class BOTAN_DLL Stream_Cipher_Mode : public Cipher_Mode
{
public:
- Stream_Cipher_Mode(StreamCipher* cipher) : m_cipher(cipher) {}
+ explicit Stream_Cipher_Mode(StreamCipher* cipher) : m_cipher(cipher) {}
void update(secure_vector<byte>& buf, size_t offset) override
{
diff --git a/src/lib/modes/xts/xts.h b/src/lib/modes/xts/xts.h
index b0a46144f..e751b1644 100644
--- a/src/lib/modes/xts/xts.h
+++ b/src/lib/modes/xts/xts.h
@@ -33,7 +33,7 @@ class BOTAN_DLL XTS_Mode : public Cipher_Mode
void clear() override;
protected:
- XTS_Mode(BlockCipher* cipher);
+ explicit XTS_Mode(BlockCipher* cipher);
const byte* tweak() const { return m_tweak.data(); }
@@ -52,10 +52,10 @@ class BOTAN_DLL XTS_Mode : public Cipher_Mode
/**
* IEEE P1619 XTS Encryption
*/
-class BOTAN_DLL XTS_Encryption : public XTS_Mode
+class BOTAN_DLL XTS_Encryption final : public XTS_Mode
{
public:
- XTS_Encryption(BlockCipher* cipher) : XTS_Mode(cipher) {}
+ explicit XTS_Encryption(BlockCipher* cipher) : XTS_Mode(cipher) {}
void update(secure_vector<byte>& blocks, size_t offset = 0) override;
@@ -67,10 +67,10 @@ class BOTAN_DLL XTS_Encryption : public XTS_Mode
/**
* IEEE P1619 XTS Decryption
*/
-class BOTAN_DLL XTS_Decryption : public XTS_Mode
+class BOTAN_DLL XTS_Decryption final : public XTS_Mode
{
public:
- XTS_Decryption(BlockCipher* cipher) : XTS_Mode(cipher) {}
+ explicit XTS_Decryption(BlockCipher* cipher) : XTS_Mode(cipher) {}
void update(secure_vector<byte>& blocks, size_t offset = 0) override;
diff --git a/src/lib/pbkdf/pbkdf.cpp b/src/lib/pbkdf/pbkdf.cpp
index 98722fcc6..01f52853a 100644
--- a/src/lib/pbkdf/pbkdf.cpp
+++ b/src/lib/pbkdf/pbkdf.cpp
@@ -34,7 +34,7 @@ PBKDF::~PBKDF() {}
std::unique_ptr<PBKDF> PBKDF::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<PBKDF>(make_a<PBKDF>(algo_spec, provider));
+ return std::unique_ptr<PBKDF>(make_a<PBKDF>(Botan::PBKDF::Spec(algo_spec), provider));
}
std::vector<std::string> PBKDF::providers(const std::string& algo_spec)
diff --git a/src/lib/pbkdf/pbkdf1/pbkdf1.h b/src/lib/pbkdf/pbkdf1/pbkdf1.h
index 3296f8887..cd10b3112 100644
--- a/src/lib/pbkdf/pbkdf1/pbkdf1.h
+++ b/src/lib/pbkdf/pbkdf1/pbkdf1.h
@@ -18,14 +18,14 @@ namespace Botan {
* Can only generate a key up to the size of the hash output.
* Unless needed for backwards compatibility, use PKCS5_PBKDF2
*/
-class BOTAN_DLL PKCS5_PBKDF1 : public PBKDF
+class BOTAN_DLL PKCS5_PBKDF1 final : public PBKDF
{
public:
/**
* Create a PKCS #5 instance using the specified hash function.
* @param hash pointer to a hash function object to use
*/
- PKCS5_PBKDF1(HashFunction* hash) : m_hash(hash) {}
+ explicit PKCS5_PBKDF1(HashFunction* hash) : m_hash(hash) {}
std::string name() const override
{
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
index 30cf7cbdf..5a8f529c6 100644
--- a/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
+++ b/src/lib/pbkdf/pbkdf2/pbkdf2.cpp
@@ -40,7 +40,7 @@ pbkdf2(MessageAuthenticationCode& prf,
{
prf.set_key(reinterpret_cast<const byte*>(passphrase.data()), passphrase.size());
}
- catch(Invalid_Key_Length)
+ catch(Invalid_Key_Length&)
{
throw Exception("PBKDF2 with " + prf.name() +
" cannot accept passphrases of length " +
@@ -122,7 +122,7 @@ PKCS5_PBKDF2::pbkdf(byte key[], size_t key_len,
size_t iterations,
std::chrono::milliseconds msec) const
{
- return pbkdf2(*mac.get(), key, key_len, passphrase, salt, salt_len, iterations, msec);
+ return pbkdf2(*m_mac.get(), key, key_len, passphrase, salt, salt_len, iterations, msec);
}
diff --git a/src/lib/pbkdf/pbkdf2/pbkdf2.h b/src/lib/pbkdf/pbkdf2/pbkdf2.h
index d74410b89..4f77f338b 100644
--- a/src/lib/pbkdf/pbkdf2/pbkdf2.h
+++ b/src/lib/pbkdf/pbkdf2/pbkdf2.h
@@ -25,17 +25,17 @@ BOTAN_DLL size_t pbkdf2(MessageAuthenticationCode& prf,
/**
* PKCS #5 PBKDF2
*/
-class BOTAN_DLL PKCS5_PBKDF2 : public PBKDF
+class BOTAN_DLL PKCS5_PBKDF2 final : public PBKDF
{
public:
std::string name() const override
{
- return "PBKDF2(" + mac->name() + ")";
+ return "PBKDF2(" + m_mac->name() + ")";
}
PBKDF* clone() const override
{
- return new PKCS5_PBKDF2(mac->clone());
+ return new PKCS5_PBKDF2(m_mac->clone());
}
size_t pbkdf(byte output_buf[], size_t output_len,
@@ -48,11 +48,11 @@ class BOTAN_DLL PKCS5_PBKDF2 : public PBKDF
* Create a PKCS #5 instance using the specified message auth code
* @param mac_fn the MAC object to use as PRF
*/
- PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : mac(mac_fn) {}
+ explicit PKCS5_PBKDF2(MessageAuthenticationCode* mac_fn) : m_mac(mac_fn) {}
static PKCS5_PBKDF2* make(const Spec& spec);
private:
- std::unique_ptr<MessageAuthenticationCode> mac;
+ std::unique_ptr<MessageAuthenticationCode> m_mac;
};
}
diff --git a/src/lib/pk_pad/eme.cpp b/src/lib/pk_pad/eme.cpp
index 4804a8a81..623c3777e 100644
--- a/src/lib/pk_pad/eme.cpp
+++ b/src/lib/pk_pad/eme.cpp
@@ -44,7 +44,7 @@ EME* get_eme(const std::string& algo_spec)
{
SCAN_Name request(algo_spec);
- if(EME* eme = make_a<EME>(algo_spec))
+ if(EME* eme = make_a<EME>(Botan::EME::Spec(algo_spec)))
return eme;
if(request.algo_name() == "Raw")
diff --git a/src/lib/pk_pad/eme_oaep/oaep.h b/src/lib/pk_pad/eme_oaep/oaep.h
index 13e6efeec..22d009f5f 100644
--- a/src/lib/pk_pad/eme_oaep/oaep.h
+++ b/src/lib/pk_pad/eme_oaep/oaep.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* OAEP (called EME1 in IEEE 1363 and in earlier versions of the library)
*/
-class BOTAN_DLL OAEP : public EME
+class BOTAN_DLL OAEP final : public EME
{
public:
size_t maximum_input_size(size_t) const override;
diff --git a/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h
index 83c99e61b..148ab7e20 100644
--- a/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h
+++ b/src/lib/pk_pad/eme_pkcs1/eme_pkcs.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* EME from PKCS #1 v1.5
*/
-class BOTAN_DLL EME_PKCS1v15 : public EME
+class BOTAN_DLL EME_PKCS1v15 final : public EME
{
public:
size_t maximum_input_size(size_t) const override;
diff --git a/src/lib/pk_pad/eme_raw/eme_raw.h b/src/lib/pk_pad/eme_raw/eme_raw.h
index 04604c72d..ae57587a3 100644
--- a/src/lib/pk_pad/eme_raw/eme_raw.h
+++ b/src/lib/pk_pad/eme_raw/eme_raw.h
@@ -11,7 +11,7 @@
namespace Botan {
-class BOTAN_DLL EME_Raw : public EME
+class BOTAN_DLL EME_Raw final : public EME
{
public:
size_t maximum_input_size(size_t i) const override;
diff --git a/src/lib/pk_pad/emsa.cpp b/src/lib/pk_pad/emsa.cpp
index e20286a7d..3b8641357 100644
--- a/src/lib/pk_pad/emsa.cpp
+++ b/src/lib/pk_pad/emsa.cpp
@@ -39,7 +39,7 @@ EMSA* get_emsa(const std::string& algo_spec)
{
SCAN_Name request(algo_spec);
- if(EMSA* emsa = make_a<EMSA>(algo_spec))
+ if(EMSA* emsa = make_a<EMSA>(Botan::EMSA::Spec(algo_spec)))
return emsa;
throw Algorithm_Not_Found(algo_spec);
diff --git a/src/lib/pk_pad/emsa1/emsa1.h b/src/lib/pk_pad/emsa1/emsa1.h
index 3e10162b2..e346167da 100644
--- a/src/lib/pk_pad/emsa1/emsa1.h
+++ b/src/lib/pk_pad/emsa1/emsa1.h
@@ -23,7 +23,7 @@ class BOTAN_DLL EMSA1 : public EMSA
/**
* @param hash the hash function to use
*/
- EMSA1(HashFunction* hash) : m_hash(hash) {}
+ explicit EMSA1(HashFunction* hash) : m_hash(hash) {}
protected:
size_t hash_output_length() const { return m_hash->output_length(); }
diff --git a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h b/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h
index 24d8b99e2..a7fae6c23 100644
--- a/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h
+++ b/src/lib/pk_pad/emsa1_bsi/emsa1_bsi.h
@@ -18,13 +18,13 @@ namespace Botan {
* only hash values which are less or equal than the maximum key
* length. The implementation comes from InSiTo
*/
-class BOTAN_DLL EMSA1_BSI : public EMSA1
+class BOTAN_DLL EMSA1_BSI final : public EMSA1
{
public:
/**
* @param hash the hash object to use
*/
- EMSA1_BSI(HashFunction* hash) : EMSA1(hash) {}
+ explicit EMSA1_BSI(HashFunction* hash) : EMSA1(hash) {}
private:
secure_vector<byte> encoding_of(const secure_vector<byte>&, size_t,
RandomNumberGenerator& rng) override;
diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp
index 940f91c9a..e990ef8af 100644
--- a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp
+++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.cpp
@@ -93,13 +93,13 @@ EMSA_PKCS1v15::EMSA_PKCS1v15(HashFunction* hash) : m_hash(hash)
void EMSA_PKCS1v15_Raw::update(const byte input[], size_t length)
{
- message += std::make_pair(input, length);
+ m_message += std::make_pair(input, length);
}
secure_vector<byte> EMSA_PKCS1v15_Raw::raw_data()
{
secure_vector<byte> ret;
- std::swap(ret, message);
+ std::swap(ret, m_message);
return ret;
}
diff --git a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h
index 19886f80c..9d5bc7829 100644
--- a/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h
+++ b/src/lib/pk_pad/emsa_pkcs1/emsa_pkcs1.h
@@ -18,7 +18,7 @@ namespace Botan {
* aka PKCS #1 block type 1
* aka EMSA3 from IEEE 1363
*/
-class BOTAN_DLL EMSA_PKCS1v15 : public EMSA
+class BOTAN_DLL EMSA_PKCS1v15 final : public EMSA
{
public:
static EMSA* make(const EMSA::Spec& spec);
@@ -26,7 +26,7 @@ class BOTAN_DLL EMSA_PKCS1v15 : public EMSA
/**
* @param hash the hash object to use
*/
- EMSA_PKCS1v15(HashFunction* hash);
+ explicit EMSA_PKCS1v15(HashFunction* hash);
void update(const byte[], size_t) override;
@@ -47,7 +47,7 @@ class BOTAN_DLL EMSA_PKCS1v15 : public EMSA
* (which according to QCA docs is "identical to PKCS#11's CKM_RSA_PKCS
* mechanism", something I have not confirmed)
*/
-class BOTAN_DLL EMSA_PKCS1v15_Raw : public EMSA
+class BOTAN_DLL EMSA_PKCS1v15_Raw final : public EMSA
{
public:
void update(const byte[], size_t) override;
@@ -61,7 +61,7 @@ class BOTAN_DLL EMSA_PKCS1v15_Raw : public EMSA
size_t) override;
private:
- secure_vector<byte> message;
+ secure_vector<byte> m_message;
};
}
diff --git a/src/lib/pk_pad/emsa_pssr/pssr.cpp b/src/lib/pk_pad/emsa_pssr/pssr.cpp
index 36b0ab64c..ddd8c5f0b 100644
--- a/src/lib/pk_pad/emsa_pssr/pssr.cpp
+++ b/src/lib/pk_pad/emsa_pssr/pssr.cpp
@@ -30,7 +30,7 @@ PSSR* PSSR::make(const Spec& request)
*/
void PSSR::update(const byte input[], size_t length)
{
- hash->update(input, length);
+ m_hash->update(input, length);
}
/*
@@ -38,7 +38,7 @@ void PSSR::update(const byte input[], size_t length)
*/
secure_vector<byte> PSSR::raw_data()
{
- return hash->final();
+ return m_hash->final();
}
/*
@@ -48,28 +48,28 @@ secure_vector<byte> PSSR::encoding_of(const secure_vector<byte>& msg,
size_t output_bits,
RandomNumberGenerator& rng)
{
- const size_t HASH_SIZE = hash->output_length();
+ const size_t HASH_SIZE = m_hash->output_length();
if(msg.size() != HASH_SIZE)
throw Encoding_Error("PSSR::encoding_of: Bad input length");
- if(output_bits < 8*HASH_SIZE + 8*SALT_SIZE + 9)
+ if(output_bits < 8*HASH_SIZE + 8*m_SALT_SIZE + 9)
throw Encoding_Error("PSSR::encoding_of: Output length is too small");
const size_t output_length = (output_bits + 7) / 8;
- secure_vector<byte> salt = rng.random_vec(SALT_SIZE);
+ secure_vector<byte> salt = rng.random_vec(m_SALT_SIZE);
for(size_t j = 0; j != 8; ++j)
- hash->update(0);
- hash->update(msg);
- hash->update(salt);
- secure_vector<byte> H = hash->final();
+ m_hash->update(0);
+ m_hash->update(msg);
+ m_hash->update(salt);
+ secure_vector<byte> H = m_hash->final();
secure_vector<byte> EM(output_length);
- EM[output_length - HASH_SIZE - SALT_SIZE - 2] = 0x01;
- buffer_insert(EM, output_length - 1 - HASH_SIZE - SALT_SIZE, salt);
- mgf1_mask(*hash, H.data(), HASH_SIZE, EM.data(), output_length - HASH_SIZE - 1);
+ EM[output_length - HASH_SIZE - m_SALT_SIZE - 2] = 0x01;
+ buffer_insert(EM, output_length - 1 - HASH_SIZE - m_SALT_SIZE, salt);
+ mgf1_mask(*m_hash, H.data(), HASH_SIZE, EM.data(), output_length - HASH_SIZE - 1);
EM[0] &= 0xFF >> (8 * ((output_bits + 7) / 8) - output_bits);
buffer_insert(EM, output_length - 1 - HASH_SIZE, H);
EM[output_length-1] = 0xBC;
@@ -83,7 +83,7 @@ secure_vector<byte> PSSR::encoding_of(const secure_vector<byte>& msg,
bool PSSR::verify(const secure_vector<byte>& const_coded,
const secure_vector<byte>& raw, size_t key_bits)
{
- const size_t HASH_SIZE = hash->output_length();
+ const size_t HASH_SIZE = m_hash->output_length();
const size_t KEY_BYTES = (key_bits + 7) / 8;
if(key_bits < 8*HASH_SIZE + 9)
@@ -116,7 +116,7 @@ bool PSSR::verify(const secure_vector<byte>& const_coded,
const byte* H = &coded[DB_size];
const size_t H_size = HASH_SIZE;
- mgf1_mask(*hash, H, H_size, DB, DB_size);
+ mgf1_mask(*m_hash, H, H_size, DB, DB_size);
DB[0] &= 0xFF >> TOP_BITS;
size_t salt_offset = 0;
@@ -131,21 +131,21 @@ bool PSSR::verify(const secure_vector<byte>& const_coded,
return false;
for(size_t j = 0; j != 8; ++j)
- hash->update(0);
- hash->update(raw);
- hash->update(&DB[salt_offset], DB_size - salt_offset);
- secure_vector<byte> H2 = hash->final();
+ m_hash->update(0);
+ m_hash->update(raw);
+ m_hash->update(&DB[salt_offset], DB_size - salt_offset);
+ secure_vector<byte> H2 = m_hash->final();
return same_mem(H, H2.data(), HASH_SIZE);
}
PSSR::PSSR(HashFunction* h) :
- SALT_SIZE(h->output_length()), hash(h)
+ m_SALT_SIZE(h->output_length()), m_hash(h)
{
}
PSSR::PSSR(HashFunction* h, size_t salt_size) :
- SALT_SIZE(salt_size), hash(h)
+ m_SALT_SIZE(salt_size), m_hash(h)
{
}
diff --git a/src/lib/pk_pad/emsa_pssr/pssr.h b/src/lib/pk_pad/emsa_pssr/pssr.h
index 066c580d8..ee234b0b6 100644
--- a/src/lib/pk_pad/emsa_pssr/pssr.h
+++ b/src/lib/pk_pad/emsa_pssr/pssr.h
@@ -16,14 +16,14 @@ namespace Botan {
/**
* PSSR (called EMSA4 in IEEE 1363 and in old versions of the library)
*/
-class BOTAN_DLL PSSR : public EMSA
+class BOTAN_DLL PSSR final : public EMSA
{
public:
/**
* @param hash the hash object to use
*/
- PSSR(HashFunction* hash);
+ explicit PSSR(HashFunction* hash);
/**
* @param hash the hash object to use
@@ -45,8 +45,8 @@ class BOTAN_DLL PSSR : public EMSA
const secure_vector<byte>& raw,
size_t key_bits) override;
- size_t SALT_SIZE;
- std::unique_ptr<HashFunction> hash;
+ size_t m_SALT_SIZE;
+ std::unique_ptr<HashFunction> m_hash;
};
}
diff --git a/src/lib/pk_pad/emsa_raw/emsa_raw.cpp b/src/lib/pk_pad/emsa_raw/emsa_raw.cpp
index 4560bd3c3..8d3bbdbc3 100644
--- a/src/lib/pk_pad/emsa_raw/emsa_raw.cpp
+++ b/src/lib/pk_pad/emsa_raw/emsa_raw.cpp
@@ -14,7 +14,7 @@ namespace Botan {
*/
void EMSA_Raw::update(const byte input[], size_t length)
{
- message += std::make_pair(input, length);
+ m_message += std::make_pair(input, length);
}
/*
@@ -23,7 +23,7 @@ void EMSA_Raw::update(const byte input[], size_t length)
secure_vector<byte> EMSA_Raw::raw_data()
{
secure_vector<byte> output;
- std::swap(message, output);
+ std::swap(m_message, output);
return output;
}
diff --git a/src/lib/pk_pad/emsa_raw/emsa_raw.h b/src/lib/pk_pad/emsa_raw/emsa_raw.h
index d1d6ac912..272d34b0e 100644
--- a/src/lib/pk_pad/emsa_raw/emsa_raw.h
+++ b/src/lib/pk_pad/emsa_raw/emsa_raw.h
@@ -16,7 +16,7 @@ namespace Botan {
* EMSA-Raw - sign inputs directly
* Don't use this unless you know what you are doing.
*/
-class BOTAN_DLL EMSA_Raw : public EMSA
+class BOTAN_DLL EMSA_Raw final : public EMSA
{
private:
void update(const byte[], size_t) override;
@@ -27,7 +27,7 @@ class BOTAN_DLL EMSA_Raw : public EMSA
bool verify(const secure_vector<byte>&, const secure_vector<byte>&,
size_t) override;
- secure_vector<byte> message;
+ secure_vector<byte> m_message;
};
}
diff --git a/src/lib/pk_pad/emsa_x931/emsa_x931.h b/src/lib/pk_pad/emsa_x931/emsa_x931.h
index 29bad4a4a..400042a86 100644
--- a/src/lib/pk_pad/emsa_x931/emsa_x931.h
+++ b/src/lib/pk_pad/emsa_x931/emsa_x931.h
@@ -18,13 +18,13 @@ namespace Botan {
* Useful for Rabin-Williams, also sometimes used with RSA in
* odd protocols.
*/
-class BOTAN_DLL EMSA_X931 : public EMSA
+class BOTAN_DLL EMSA_X931 final : public EMSA
{
public:
/**
* @param hash the hash object to use
*/
- EMSA_X931(HashFunction* hash);
+ explicit EMSA_X931(HashFunction* hash);
private:
void update(const byte[], size_t) override;
secure_vector<byte> raw_data() override;
diff --git a/src/lib/pk_pad/mgf1/mgf1.h b/src/lib/pk_pad/mgf1/mgf1.h
index ed2f1d023..bddb8bba8 100644
--- a/src/lib/pk_pad/mgf1/mgf1.h
+++ b/src/lib/pk_pad/mgf1/mgf1.h
@@ -15,9 +15,9 @@ namespace Botan {
/**
* MGF1 from PKCS #1 v2.0
*/
-void mgf1_mask(HashFunction& hash,
- const byte in[], size_t in_len,
- byte out[], size_t out_len);
+void BOTAN_DLL mgf1_mask(HashFunction& hash,
+ const byte in[], size_t in_len,
+ byte out[], size_t out_len);
}
diff --git a/src/lib/prov/openssl/openssl.h b/src/lib/prov/openssl/openssl.h
index 05d3e953f..ebaa2b756 100644
--- a/src/lib/prov/openssl/openssl.h
+++ b/src/lib/prov/openssl/openssl.h
@@ -29,6 +29,7 @@ class OpenSSL_Error : public Exception
#define BOTAN_OPENSSL_RSA_PRIO 90
#define BOTAN_OPENSSL_ECDSA_PRIO 90
+#define BOTAN_OPENSSL_ECDH_PRIO 90
}
diff --git a/src/lib/prov/openssl/openssl_block.cpp b/src/lib/prov/openssl/openssl_block.cpp
index a35919e3a..c868e8977 100644
--- a/src/lib/prov/openssl/openssl_block.cpp
+++ b/src/lib/prov/openssl/openssl_block.cpp
@@ -17,85 +17,85 @@ namespace {
class OpenSSL_BlockCipher : public BlockCipher
{
public:
- void clear();
- std::string name() const { return cipher_name; }
- BlockCipher* clone() const;
-
- size_t block_size() const { return block_sz; }
-
OpenSSL_BlockCipher(const EVP_CIPHER*, const std::string&);
OpenSSL_BlockCipher(const EVP_CIPHER*, const std::string&,
size_t, size_t, size_t);
- Key_Length_Specification key_spec() const { return cipher_key_spec; }
-
~OpenSSL_BlockCipher();
- private:
- void encrypt_n(const byte in[], byte out[], size_t blocks) const
+
+ void clear() override;
+ std::string name() const override { return m_cipher_name; }
+ BlockCipher* clone() const override;
+
+ size_t block_size() const override { return m_block_sz; }
+
+ Key_Length_Specification key_spec() const override { return m_cipher_key_spec; }
+
+ void encrypt_n(const byte in[], byte out[], size_t blocks) const override
{
int out_len = 0;
- EVP_EncryptUpdate(&encrypt, out, &out_len, in, blocks * block_sz);
+ EVP_EncryptUpdate(&m_encrypt, out, &out_len, in, blocks * m_block_sz);
}
- void decrypt_n(const byte in[], byte out[], size_t blocks) const
+ void decrypt_n(const byte in[], byte out[], size_t blocks) const override
{
int out_len = 0;
- EVP_DecryptUpdate(&decrypt, out, &out_len, in, blocks * block_sz);
+ EVP_DecryptUpdate(&m_decrypt, out, &out_len, in, blocks * m_block_sz);
}
- void key_schedule(const byte[], size_t);
+ void key_schedule(const byte key[], size_t key_len) override;
- size_t block_sz;
- Key_Length_Specification cipher_key_spec;
- std::string cipher_name;
- mutable EVP_CIPHER_CTX encrypt, decrypt;
+ size_t m_block_sz;
+ Key_Length_Specification m_cipher_key_spec;
+ std::string m_cipher_name;
+ mutable EVP_CIPHER_CTX m_encrypt, m_decrypt;
};
OpenSSL_BlockCipher::OpenSSL_BlockCipher(const EVP_CIPHER* algo,
const std::string& algo_name) :
- block_sz(EVP_CIPHER_block_size(algo)),
- cipher_key_spec(EVP_CIPHER_key_length(algo)),
- cipher_name(algo_name)
+ m_block_sz(EVP_CIPHER_block_size(algo)),
+ m_cipher_key_spec(EVP_CIPHER_key_length(algo)),
+ m_cipher_name(algo_name)
{
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
throw Invalid_Argument("OpenSSL_BlockCipher: Non-ECB EVP was passed in");
- EVP_CIPHER_CTX_init(&encrypt);
- EVP_CIPHER_CTX_init(&decrypt);
+ EVP_CIPHER_CTX_init(&m_encrypt);
+ EVP_CIPHER_CTX_init(&m_decrypt);
- EVP_EncryptInit_ex(&encrypt, algo, nullptr, nullptr, nullptr);
- EVP_DecryptInit_ex(&decrypt, algo, nullptr, nullptr, nullptr);
+ EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr);
+ EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr);
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
+ EVP_CIPHER_CTX_set_padding(&m_encrypt, 0);
+ EVP_CIPHER_CTX_set_padding(&m_decrypt, 0);
}
OpenSSL_BlockCipher::OpenSSL_BlockCipher(const EVP_CIPHER* algo,
const std::string& algo_name,
size_t key_min, size_t key_max,
size_t key_mod) :
- block_sz(EVP_CIPHER_block_size(algo)),
- cipher_key_spec(key_min, key_max, key_mod),
- cipher_name(algo_name)
+ m_block_sz(EVP_CIPHER_block_size(algo)),
+ m_cipher_key_spec(key_min, key_max, key_mod),
+ m_cipher_name(algo_name)
{
if(EVP_CIPHER_mode(algo) != EVP_CIPH_ECB_MODE)
throw Invalid_Argument("OpenSSL_BlockCipher: Non-ECB EVP was passed in");
- EVP_CIPHER_CTX_init(&encrypt);
- EVP_CIPHER_CTX_init(&decrypt);
+ EVP_CIPHER_CTX_init(&m_encrypt);
+ EVP_CIPHER_CTX_init(&m_decrypt);
- EVP_EncryptInit_ex(&encrypt, algo, nullptr, nullptr, nullptr);
- EVP_DecryptInit_ex(&decrypt, algo, nullptr, nullptr, nullptr);
+ EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr);
+ EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr);
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
+ EVP_CIPHER_CTX_set_padding(&m_encrypt, 0);
+ EVP_CIPHER_CTX_set_padding(&m_decrypt, 0);
}
OpenSSL_BlockCipher::~OpenSSL_BlockCipher()
{
- EVP_CIPHER_CTX_cleanup(&encrypt);
- EVP_CIPHER_CTX_cleanup(&decrypt);
+ EVP_CIPHER_CTX_cleanup(&m_encrypt);
+ EVP_CIPHER_CTX_cleanup(&m_decrypt);
}
/*
@@ -105,18 +105,18 @@ void OpenSSL_BlockCipher::key_schedule(const byte key[], size_t length)
{
secure_vector<byte> full_key(key, key + length);
- if(cipher_name == "TripleDES" && length == 16)
+ if(m_cipher_name == "TripleDES" && length == 16)
{
full_key += std::make_pair(key, 8);
}
else
- if(EVP_CIPHER_CTX_set_key_length(&encrypt, length) == 0 ||
- EVP_CIPHER_CTX_set_key_length(&decrypt, length) == 0)
+ if(EVP_CIPHER_CTX_set_key_length(&m_encrypt, length) == 0 ||
+ EVP_CIPHER_CTX_set_key_length(&m_decrypt, length) == 0)
throw Invalid_Argument("OpenSSL_BlockCipher: Bad key length for " +
- cipher_name);
+ m_cipher_name);
- EVP_EncryptInit_ex(&encrypt, nullptr, nullptr, full_key.data(), nullptr);
- EVP_DecryptInit_ex(&decrypt, nullptr, nullptr, full_key.data(), nullptr);
+ EVP_EncryptInit_ex(&m_encrypt, nullptr, nullptr, full_key.data(), nullptr);
+ EVP_DecryptInit_ex(&m_decrypt, nullptr, nullptr, full_key.data(), nullptr);
}
/*
@@ -124,11 +124,11 @@ void OpenSSL_BlockCipher::key_schedule(const byte key[], size_t length)
*/
BlockCipher* OpenSSL_BlockCipher::clone() const
{
- return new OpenSSL_BlockCipher(EVP_CIPHER_CTX_cipher(&encrypt),
- cipher_name,
- cipher_key_spec.minimum_keylength(),
- cipher_key_spec.maximum_keylength(),
- cipher_key_spec.keylength_multiple());
+ return new OpenSSL_BlockCipher(EVP_CIPHER_CTX_cipher(&m_encrypt),
+ m_cipher_name,
+ m_cipher_key_spec.minimum_keylength(),
+ m_cipher_key_spec.maximum_keylength(),
+ m_cipher_key_spec.keylength_multiple());
}
/*
@@ -136,16 +136,16 @@ BlockCipher* OpenSSL_BlockCipher::clone() const
*/
void OpenSSL_BlockCipher::clear()
{
- const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&encrypt);
-
- EVP_CIPHER_CTX_cleanup(&encrypt);
- EVP_CIPHER_CTX_cleanup(&decrypt);
- EVP_CIPHER_CTX_init(&encrypt);
- EVP_CIPHER_CTX_init(&decrypt);
- EVP_EncryptInit_ex(&encrypt, algo, nullptr, nullptr, nullptr);
- EVP_DecryptInit_ex(&decrypt, algo, nullptr, nullptr, nullptr);
- EVP_CIPHER_CTX_set_padding(&encrypt, 0);
- EVP_CIPHER_CTX_set_padding(&decrypt, 0);
+ const EVP_CIPHER* algo = EVP_CIPHER_CTX_cipher(&m_encrypt);
+
+ EVP_CIPHER_CTX_cleanup(&m_encrypt);
+ EVP_CIPHER_CTX_cleanup(&m_decrypt);
+ EVP_CIPHER_CTX_init(&m_encrypt);
+ EVP_CIPHER_CTX_init(&m_decrypt);
+ EVP_EncryptInit_ex(&m_encrypt, algo, nullptr, nullptr, nullptr);
+ EVP_DecryptInit_ex(&m_decrypt, algo, nullptr, nullptr, nullptr);
+ EVP_CIPHER_CTX_set_padding(&m_encrypt, 0);
+ EVP_CIPHER_CTX_set_padding(&m_decrypt, 0);
}
std::function<BlockCipher* (const BlockCipher::Spec&)>
@@ -169,12 +169,12 @@ make_evp_block_maker_keylen(const EVP_CIPHER* cipher, const char* algo,
#define BOTAN_REGISTER_OPENSSL_EVP_BLOCK(NAME, EVP) \
BOTAN_REGISTER_TYPE(BlockCipher, EVP_BlockCipher ## EVP, NAME, \
- make_evp_block_maker(EVP(), NAME), "openssl", BOTAN_OPENSSL_BLOCK_PRIO);
+ make_evp_block_maker(EVP(), NAME), "openssl", BOTAN_OPENSSL_BLOCK_PRIO)
#define BOTAN_REGISTER_OPENSSL_EVP_BLOCK_KEYLEN(NAME, EVP, KMIN, KMAX, KMOD) \
BOTAN_REGISTER_TYPE(BlockCipher, OpenSSL_BlockCipher ## EVP, NAME, \
make_evp_block_maker_keylen(EVP(), NAME, KMIN, KMAX, KMOD), \
- "openssl", BOTAN_OPENSSL_BLOCK_PRIO);
+ "openssl", BOTAN_OPENSSL_BLOCK_PRIO)
#if !defined(OPENSSL_NO_AES)
BOTAN_REGISTER_OPENSSL_EVP_BLOCK("AES-128", EVP_aes_128_ecb);
diff --git a/src/lib/prov/openssl/openssl_ecdsa.cpp b/src/lib/prov/openssl/openssl_ec.cpp
index 8b1af24db..74d8f744a 100644
--- a/src/lib/prov/openssl/openssl_ecdsa.cpp
+++ b/src/lib/prov/openssl/openssl_ec.cpp
@@ -1,29 +1,49 @@
/*
-* ECDSA via OpenSSL
-* (C) 2015 Jack Lloyd
+* ECDSA and ECDH via OpenSSL
+* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
+#include <iostream>
#include <botan/internal/openssl.h>
-#include <openssl/x509.h>
-#if defined(BOTAN_HAS_ECDSA) && !defined(OPENSSL_NO_ECDSA)
+#if defined(BOTAN_HAS_ECC_PUBLIC_KEY_CRYPTO)
+ #include <botan/der_enc.h>
+ #include <botan/pkcs8.h>
+ #include <botan/oids.h>
+ #include <botan/internal/pk_utils.h>
+#endif
+
+#if defined(BOTAN_HAS_ECDSA)
+ #include <botan/ecdsa.h>
+#endif
-#include <botan/der_enc.h>
-#include <botan/ecdsa.h>
-#include <botan/pkcs8.h>
-#include <botan/oids.h>
-#include <botan/internal/pk_utils.h>
+#if defined(BOTAN_HAS_ECDH)
+ #include <botan/ecdh.h>
+#endif
-#include <openssl/ecdsa.h>
-#include <openssl/ec.h>
+#include <openssl/x509.h>
#include <openssl/objects.h>
+#if !defined(OPENSSL_NO_EC)
+ #include <openssl/ec.h>
+#endif
+
+#if !defined(OPENSSL_NO_ECDSA)
+ #include <openssl/ecdsa.h>
+#endif
+
+#if !defined(OPENSSL_NO_ECDH)
+ #include <openssl/ecdh.h>
+#endif
+
namespace Botan {
namespace {
+#if defined(BOTAN_HAS_ECC_PUBLIC_KEY_CRYPTO)
+
secure_vector<byte> PKCS8_for_openssl(const EC_PrivateKey& ec)
{
const PointGFp& pub_key = ec.public_point();
@@ -49,13 +69,11 @@ int OpenSSL_EC_nid_for(const OID& oid)
return -1;
static const std::map<std::string, int> nid_map = {
- //{ "secp160r1", NID_secp160r1 },
- //{ "secp160r2", NID_secp160r2 },
{ "secp192r1", NID_X9_62_prime192v1 },
{ "secp224r1", NID_secp224r1 },
{ "secp256r1", NID_X9_62_prime256v1 },
{ "secp384r1", NID_secp384r1 },
- { "secp521r1", NID_secp521r1 }
+ { "secp521r1", NID_secp521r1 },
// TODO: OpenSSL 1.0.2 added brainpool curves
};
@@ -67,6 +85,10 @@ int OpenSSL_EC_nid_for(const OID& oid)
return -1;
}
+#endif
+
+#if defined(BOTAN_HAS_ECDSA) && !defined(OPENSSL_NO_ECDSA)
+
class OpenSSL_ECDSA_Verification_Operation : public PK_Ops::Verification_with_EMSA
{
public:
@@ -200,8 +222,83 @@ BOTAN_REGISTER_TYPE(PK_Ops::Signature, OpenSSL_ECDSA_Signing_Operation, "ECDSA",
OpenSSL_ECDSA_Signing_Operation::make,
"openssl", BOTAN_OPENSSL_ECDSA_PRIO);
+#endif
+
+#if defined(BOTAN_HAS_ECDH) && !defined(OPENSSL_NO_ECDH)
+
+class OpenSSL_ECDH_KA_Operation : public PK_Ops::Key_Agreement_with_KDF
+ {
+ public:
+ typedef ECDH_PrivateKey Key_Type;
+
+ static OpenSSL_ECDH_KA_Operation* make(const Spec& spec)
+ {
+ if(const ECDH_PrivateKey* ecdh = dynamic_cast<const ECDH_PrivateKey*>(&spec.key()))
+ {
+ const int nid = OpenSSL_EC_nid_for(ecdh->domain().get_oid());
+ if(nid > 0)
+ return new OpenSSL_ECDH_KA_Operation(*ecdh, spec.padding());
+ }
+
+ return nullptr;
+ }
+
+ OpenSSL_ECDH_KA_Operation(const ECDH_PrivateKey& ecdh, const std::string& kdf) :
+ PK_Ops::Key_Agreement_with_KDF(kdf), m_ossl_ec(::EC_KEY_new(), ::EC_KEY_free)
+ {
+ const secure_vector<byte> der = PKCS8_for_openssl(ecdh);
+ const byte* der_ptr = der.data();
+ m_ossl_ec.reset(d2i_ECPrivateKey(nullptr, &der_ptr, der.size()));
+ if(!m_ossl_ec)
+ throw OpenSSL_Error("d2i_ECPrivateKey");
+ }
+
+ secure_vector<byte> raw_agree(const byte w[], size_t w_len) override
+ {
+ const EC_GROUP* group = ::EC_KEY_get0_group(m_ossl_ec.get());
+ const size_t out_len = (::EC_GROUP_get_degree(group) + 7) / 8;
+ secure_vector<byte> out(out_len);
+ EC_POINT* pub_key = ::EC_POINT_new(group);
+
+ if(!pub_key)
+ throw OpenSSL_Error("EC_POINT_new");
+
+ const int os2ecp_rc =
+ ::EC_POINT_oct2point(group, pub_key, w, w_len, nullptr);
+
+ if(os2ecp_rc != 1)
+ throw OpenSSL_Error("EC_POINT_oct2point");
+
+ const int ecdh_rc = ::ECDH_compute_key(out.data(),
+ out.size(),
+ pub_key,
+ m_ossl_ec.get(),
+ /*KDF*/nullptr);
+
+ if(ecdh_rc <= 0)
+ throw OpenSSL_Error("ECDH_compute_key");
+
+ const size_t ecdh_sz = static_cast<size_t>(ecdh_rc);
+
+ if(ecdh_sz > out.size())
+ throw Internal_Error("OpenSSL ECDH returned more than requested");
+
+ out.resize(ecdh_sz);
+ return out;
+ }
+
+ private:
+ std::unique_ptr<EC_KEY, std::function<void (EC_KEY*)>> m_ossl_ec;
+ size_t m_order_bits = 0;
+ };
+
+BOTAN_REGISTER_TYPE(PK_Ops::Key_Agreement, OpenSSL_ECDH_KA_Operation, "ECDH",
+ OpenSSL_ECDH_KA_Operation::make,
+ "openssl", BOTAN_OPENSSL_ECDH_PRIO);
+
+#endif
+
}
}
-#endif
diff --git a/src/lib/prov/openssl/openssl_hash.cpp b/src/lib/prov/openssl/openssl_hash.cpp
index c89dd777d..574cfed91 100644
--- a/src/lib/prov/openssl/openssl_hash.cpp
+++ b/src/lib/prov/openssl/openssl_hash.cpp
@@ -17,26 +17,26 @@ namespace {
class OpenSSL_HashFunction : public HashFunction
{
public:
- void clear()
+ void clear() override
{
const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
EVP_DigestInit_ex(&m_md, algo, nullptr);
}
- std::string name() const { return m_name; }
+ std::string name() const override { return m_name; }
- HashFunction* clone() const
+ HashFunction* clone() const override
{
const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
return new OpenSSL_HashFunction(algo, name());
}
- size_t output_length() const
+ size_t output_length() const override
{
return EVP_MD_size(EVP_MD_CTX_md(&m_md));
}
- size_t hash_block_size() const
+ size_t hash_block_size() const override
{
return EVP_MD_block_size(EVP_MD_CTX_md(&m_md));
}
@@ -53,12 +53,12 @@ class OpenSSL_HashFunction : public HashFunction
}
private:
- void add_data(const byte input[], size_t length)
+ void add_data(const byte input[], size_t length) override
{
EVP_DigestUpdate(&m_md, input, length);
}
- void final_result(byte output[])
+ void final_result(byte output[]) override
{
EVP_DigestFinal_ex(&m_md, output, nullptr);
const EVP_MD* algo = EVP_MD_CTX_md(&m_md);
@@ -80,7 +80,7 @@ make_evp_hash_maker(const EVP_MD* md, const char* algo)
#define BOTAN_REGISTER_OPENSSL_EVP_HASH(NAME, EVP) \
BOTAN_REGISTER_TYPE(HashFunction, OpenSSL_HashFunction ## EVP, NAME, \
- make_evp_hash_maker(EVP(), NAME), "openssl", BOTAN_OPENSSL_HASH_PRIO);
+ make_evp_hash_maker(EVP(), NAME), "openssl", BOTAN_OPENSSL_HASH_PRIO)
#if !defined(OPENSSL_NO_SHA)
BOTAN_REGISTER_OPENSSL_EVP_HASH("SHA-160", EVP_sha1);
diff --git a/src/lib/prov/openssl/openssl_rc4.cpp b/src/lib/prov/openssl/openssl_rc4.cpp
index 84d739c91..e36535e08 100644
--- a/src/lib/prov/openssl/openssl_rc4.cpp
+++ b/src/lib/prov/openssl/openssl_rc4.cpp
@@ -21,9 +21,9 @@ namespace {
class OpenSSL_RC4 : public StreamCipher
{
public:
- void clear() { clear_mem(&m_rc4, 1); }
+ void clear() override { clear_mem(&m_rc4, 1); }
- std::string name() const
+ std::string name() const override
{
switch(m_skip)
{
@@ -36,22 +36,22 @@ class OpenSSL_RC4 : public StreamCipher
}
}
- StreamCipher* clone() const { return new OpenSSL_RC4; }
+ StreamCipher* clone() const override { return new OpenSSL_RC4; }
- Key_Length_Specification key_spec() const
+ Key_Length_Specification key_spec() const override
{
return Key_Length_Specification(1, 32);
}
- OpenSSL_RC4(size_t skip = 0) : m_skip(skip) { clear(); }
+ explicit OpenSSL_RC4(size_t skip = 0) : m_skip(skip) { clear(); }
~OpenSSL_RC4() { clear(); }
private:
- void cipher(const byte in[], byte out[], size_t length)
+ void cipher(const byte in[], byte out[], size_t length) override
{
::RC4(&m_rc4, length, in, out);
}
- void key_schedule(const byte key[], size_t length)
+ void key_schedule(const byte key[], size_t length) override
{
::RC4_set_key(&m_rc4, length, key);
byte d = 0;
diff --git a/src/lib/prov/tpm/tpm.h b/src/lib/prov/tpm/tpm.h
index ce5eabe1c..7df232be3 100644
--- a/src/lib/prov/tpm/tpm.h
+++ b/src/lib/prov/tpm/tpm.h
@@ -5,6 +5,9 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
+#ifndef BOTAN_TPM_H__
+#define BOTAN_TPM_H__
+
#include <botan/exceptn.h>
#include <botan/pk_keys.h>
#include <botan/bigint.h>
@@ -180,3 +183,5 @@ class BOTAN_DLL TPM_PrivateKey : public Private_Key
// TODO: PCR measurement, writing, key locking
}
+
+#endif
diff --git a/src/lib/prov/tpm/uuid.h b/src/lib/prov/tpm/uuid.h
index 3c35da1f4..0094f4f83 100644
--- a/src/lib/prov/tpm/uuid.h
+++ b/src/lib/prov/tpm/uuid.h
@@ -5,6 +5,9 @@
* Botan is released under the Simplified BSD License (see license.txt)
*/
+#ifndef BOTAN_UUID_H__
+#define BOTAN_UUID_H__
+
#include <botan/secmem.h>
#include <botan/hex.h>
#include <sstream>
@@ -99,3 +102,5 @@ class UUID
};
}
+
+#endif
diff --git a/src/lib/pubkey/blinding.cpp b/src/lib/pubkey/blinding.cpp
index 4a5c5acff..b20a30fa1 100644
--- a/src/lib/pubkey/blinding.cpp
+++ b/src/lib/pubkey/blinding.cpp
@@ -19,11 +19,8 @@ namespace Botan {
Blinder::Blinder(const BigInt& modulus,
std::function<BigInt (const BigInt&)> fwd,
std::function<BigInt (const BigInt&)> inv) :
- m_fwd_fn(fwd), m_inv_fn(inv)
+ m_reducer{Modular_Reducer(modulus)}, m_rng{}, m_fwd_fn(fwd), m_inv_fn(inv), m_modulus_bits{modulus.bits()}, m_e{}, m_d{}, m_counter{}
{
- m_reducer = Modular_Reducer(modulus);
- m_modulus_bits = modulus.bits();
-
#if defined(BOTAN_HAS_SYSTEM_RNG)
m_rng.reset(new System_RNG);
#else
diff --git a/src/lib/pubkey/curve25519/curve25519.h b/src/lib/pubkey/curve25519/curve25519.h
index c3e3d4e60..9d2868d6d 100644
--- a/src/lib/pubkey/curve25519/curve25519.h
+++ b/src/lib/pubkey/curve25519/curve25519.h
@@ -32,7 +32,7 @@ class BOTAN_DLL Curve25519_PublicKey : public virtual Public_Key
Curve25519_PublicKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits);
- Curve25519_PublicKey(const secure_vector<byte>& pub) : m_public(pub) {}
+ explicit Curve25519_PublicKey(const secure_vector<byte>& pub) : m_public(pub) {}
protected:
Curve25519_PublicKey() {}
secure_vector<byte> m_public;
@@ -47,9 +47,9 @@ class BOTAN_DLL Curve25519_PrivateKey : public Curve25519_PublicKey,
const secure_vector<byte>& key_bits,
RandomNumberGenerator& rng);
- Curve25519_PrivateKey(RandomNumberGenerator& rng);
+ explicit Curve25519_PrivateKey(RandomNumberGenerator& rng);
- Curve25519_PrivateKey(const secure_vector<byte>& secret_key);
+ explicit Curve25519_PrivateKey(const secure_vector<byte>& secret_key);
std::vector<byte> public_value() const override { return Curve25519_PublicKey::public_value(); }
diff --git a/src/lib/pubkey/curve25519/donna.cpp b/src/lib/pubkey/curve25519/donna.cpp
index 78966f745..9b28e412c 100644
--- a/src/lib/pubkey/curve25519/donna.cpp
+++ b/src/lib/pubkey/curve25519/donna.cpp
@@ -350,9 +350,9 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) {
copy_mem(nqpqx, q, 5);
for (i = 0; i < 32; ++i) {
- u8 byte = n[31 - i];
+ u8 byteval = n[31 - i];
for (j = 0; j < 8; ++j) {
- const limb bit = byte >> 7;
+ const limb bit = byteval >> 7;
swap_conditional(nqx, nqpqx, bit);
swap_conditional(nqz, nqpqz, bit);
@@ -377,7 +377,7 @@ cmult(limb *resultx, limb *resultz, const u8 *n, const limb *q) {
nqpqz = nqpqz2;
nqpqz2 = t;
- byte <<= 1;
+ byteval <<= 1;
}
}
diff --git a/src/lib/pubkey/dh/dh.cpp b/src/lib/pubkey/dh/dh.cpp
index 3888166bb..9eb4e5cd0 100644
--- a/src/lib/pubkey/dh/dh.cpp
+++ b/src/lib/pubkey/dh/dh.cpp
@@ -18,8 +18,8 @@ namespace Botan {
*/
DH_PublicKey::DH_PublicKey(const DL_Group& grp, const BigInt& y1)
{
- group = grp;
- y = y1;
+ m_group = grp;
+ m_y = y1;
}
/*
@@ -27,7 +27,7 @@ DH_PublicKey::DH_PublicKey(const DL_Group& grp, const BigInt& y1)
*/
std::vector<byte> DH_PublicKey::public_value() const
{
- return unlock(BigInt::encode_1363(y, group_p().bytes()));
+ return unlock(BigInt::encode_1363(m_y, group_p().bytes()));
}
/*
@@ -37,19 +37,19 @@ DH_PrivateKey::DH_PrivateKey(RandomNumberGenerator& rng,
const DL_Group& grp,
const BigInt& x_arg)
{
- group = grp;
- x = x_arg;
+ m_group = grp;
+ m_x = x_arg;
- if(x == 0)
+ if(m_x == 0)
{
const BigInt& p = group_p();
- x.randomize(rng, dl_exponent_size(p.bits()));
+ m_x.randomize(rng, dl_exponent_size(p.bits()));
}
- if(y == 0)
- y = power_mod(group_g(), x, group_p());
+ if(m_y == 0)
+ m_y = power_mod(group_g(), m_x, group_p());
- if(x == 0)
+ if(m_x == 0)
gen_check(rng);
else
load_check(rng);
@@ -63,8 +63,8 @@ DH_PrivateKey::DH_PrivateKey(const AlgorithmIdentifier& alg_id,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
- if(y == 0)
- y = power_mod(group_g(), x, group_p());
+ if(m_y == 0)
+ m_y = power_mod(group_g(), m_x, group_p());
load_check(rng);
}
diff --git a/src/lib/pubkey/dl_algo/dl_algo.cpp b/src/lib/pubkey/dl_algo/dl_algo.cpp
index 4d179fe50..d85249750 100644
--- a/src/lib/pubkey/dl_algo/dl_algo.cpp
+++ b/src/lib/pubkey/dl_algo/dl_algo.cpp
@@ -15,41 +15,41 @@ namespace Botan {
size_t DL_Scheme_PublicKey::estimated_strength() const
{
- return dl_work_factor(group.get_p().bits());
+ return dl_work_factor(m_group.get_p().bits());
}
AlgorithmIdentifier DL_Scheme_PublicKey::algorithm_identifier() const
{
return AlgorithmIdentifier(get_oid(),
- group.DER_encode(group_format()));
+ m_group.DER_encode(group_format()));
}
std::vector<byte> DL_Scheme_PublicKey::x509_subject_public_key() const
{
- return DER_Encoder().encode(y).get_contents_unlocked();
+ return DER_Encoder().encode(m_y).get_contents_unlocked();
}
DL_Scheme_PublicKey::DL_Scheme_PublicKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
- group.BER_decode(alg_id.parameters, format);
+ m_group.BER_decode(alg_id.parameters, format);
- BER_Decoder(key_bits).decode(y);
+ BER_Decoder(key_bits).decode(m_y);
}
secure_vector<byte> DL_Scheme_PrivateKey::pkcs8_private_key() const
{
- return DER_Encoder().encode(x).get_contents();
+ return DER_Encoder().encode(m_x).get_contents();
}
DL_Scheme_PrivateKey::DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits,
DL_Group::Format format)
{
- group.BER_decode(alg_id.parameters, format);
+ m_group.BER_decode(alg_id.parameters, format);
- BER_Decoder(key_bits).decode(x);
+ BER_Decoder(key_bits).decode(m_x);
}
/*
@@ -58,9 +58,9 @@ DL_Scheme_PrivateKey::DL_Scheme_PrivateKey(const AlgorithmIdentifier& alg_id,
bool DL_Scheme_PublicKey::check_key(RandomNumberGenerator& rng,
bool strong) const
{
- if(y < 2 || y >= group_p())
+ if(m_y < 2 || m_y >= group_p())
return false;
- if(!group.verify_group(rng, strong))
+ if(!m_group.verify_group(rng, strong))
return false;
return true;
}
@@ -74,15 +74,15 @@ bool DL_Scheme_PrivateKey::check_key(RandomNumberGenerator& rng,
const BigInt& p = group_p();
const BigInt& g = group_g();
- if(y < 2 || y >= p || x < 2 || x >= p)
+ if(m_y < 2 || m_y >= p || m_x < 2 || m_x >= p)
return false;
- if(!group.verify_group(rng, strong))
+ if(!m_group.verify_group(rng, strong))
return false;
if(!strong)
return true;
- if(y != power_mod(g, x, p))
+ if(m_y != power_mod(g, m_x, p))
return false;
return true;
diff --git a/src/lib/pubkey/dl_algo/dl_algo.h b/src/lib/pubkey/dl_algo/dl_algo.h
index 18886e5dc..705cce8b3 100644
--- a/src/lib/pubkey/dl_algo/dl_algo.h
+++ b/src/lib/pubkey/dl_algo/dl_algo.h
@@ -29,30 +29,30 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
* Get the DL domain parameters of this key.
* @return DL domain parameters of this key
*/
- const DL_Group& get_domain() const { return group; }
+ const DL_Group& get_domain() const { return m_group; }
/**
* Get the public value y with y = g^x mod p where x is the secret key.
*/
- const BigInt& get_y() const { return y; }
+ const BigInt& get_y() const { return m_y; }
/**
* Get the prime p of the underlying DL group.
* @return prime p
*/
- const BigInt& group_p() const { return group.get_p(); }
+ const BigInt& group_p() const { return m_group.get_p(); }
/**
* Get the prime q of the underlying DL group.
* @return prime q
*/
- const BigInt& group_q() const { return group.get_q(); }
+ const BigInt& group_q() const { return m_group.get_q(); }
/**
* Get the generator g of the underlying DL group.
* @return generator g
*/
- const BigInt& group_g() const { return group.get_g(); }
+ const BigInt& group_g() const { return m_group.get_g(); }
/**
* Get the underlying groups encoding format.
@@ -72,12 +72,12 @@ class BOTAN_DLL DL_Scheme_PublicKey : public virtual Public_Key
/**
* The DL public key
*/
- BigInt y;
+ BigInt m_y;
/**
* The DL group
*/
- DL_Group group;
+ DL_Group m_group;
};
/**
@@ -93,7 +93,7 @@ class BOTAN_DLL DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey,
* Get the secret key x.
* @return secret key
*/
- const BigInt& get_x() const { return x; }
+ const BigInt& get_x() const { return m_x; }
secure_vector<byte> pkcs8_private_key() const override;
@@ -107,7 +107,7 @@ class BOTAN_DLL DL_Scheme_PrivateKey : public virtual DL_Scheme_PublicKey,
/**
* The DL private key
*/
- BigInt x;
+ BigInt m_x;
};
}
diff --git a/src/lib/pubkey/dl_group/dl_group.cpp b/src/lib/pubkey/dl_group/dl_group.cpp
index ed9b60c7c..40660e62a 100644
--- a/src/lib/pubkey/dl_group/dl_group.cpp
+++ b/src/lib/pubkey/dl_group/dl_group.cpp
@@ -20,7 +20,7 @@ namespace Botan {
*/
DL_Group::DL_Group()
{
- initialized = false;
+ m_initialized = false;
}
/*
@@ -48,35 +48,35 @@ DL_Group::DL_Group(RandomNumberGenerator& rng,
if(type == Strong)
{
- p = random_safe_prime(rng, pbits);
- q = (p - 1) / 2;
- g = 2;
+ m_p = random_safe_prime(rng, pbits);
+ m_q = (m_p - 1) / 2;
+ m_g = 2;
}
else if(type == Prime_Subgroup)
{
if(!qbits)
qbits = dl_exponent_size(pbits);
- q = random_prime(rng, qbits);
+ m_q = random_prime(rng, qbits);
BigInt X;
- while(p.bits() != pbits || !is_prime(p, rng))
+ while(m_p.bits() != pbits || !is_prime(m_p, rng))
{
X.randomize(rng, pbits);
- p = X - (X % (2*q) - 1);
+ m_p = X - (X % (2*m_q) - 1);
}
- g = make_dsa_generator(p, q);
+ m_g = make_dsa_generator(m_p, m_q);
}
else if(type == DSA_Kosherizer)
{
qbits = qbits ? qbits : ((pbits <= 1024) ? 160 : 256);
- generate_dsa_primes(rng, p, q, pbits, qbits);
+ generate_dsa_primes(rng, m_p, m_q, pbits, qbits);
- g = make_dsa_generator(p, q);
+ m_g = make_dsa_generator(m_p, m_q);
}
- initialized = true;
+ m_initialized = true;
}
/*
@@ -86,13 +86,13 @@ DL_Group::DL_Group(RandomNumberGenerator& rng,
const std::vector<byte>& seed,
size_t pbits, size_t qbits)
{
- if(!generate_dsa_primes(rng, p, q, pbits, qbits, seed))
+ if(!generate_dsa_primes(rng, m_p, m_q, pbits, qbits, seed))
throw Invalid_Argument("DL_Group: The seed given does not "
"generate a DSA group");
- g = make_dsa_generator(p, q);
+ m_g = make_dsa_generator(m_p, m_q);
- initialized = true;
+ m_initialized = true;
}
/*
@@ -123,11 +123,11 @@ void DL_Group::initialize(const BigInt& p1, const BigInt& q1, const BigInt& g1)
if(q1 < 0 || q1 >= p1)
throw Invalid_Argument("DL_Group: Subgroup invalid");
- p = p1;
- g = g1;
- q = q1;
+ m_p = p1;
+ m_g = g1;
+ m_q = q1;
- initialized = true;
+ m_initialized = true;
}
/*
@@ -135,7 +135,7 @@ void DL_Group::initialize(const BigInt& p1, const BigInt& q1, const BigInt& g1)
*/
void DL_Group::init_check() const
{
- if(!initialized)
+ if(!m_initialized)
throw Invalid_State("DLP group cannot be used uninitialized");
}
@@ -147,16 +147,16 @@ bool DL_Group::verify_group(RandomNumberGenerator& rng,
{
init_check();
- if(g < 2 || p < 3 || q < 0)
+ if(m_g < 2 || m_p < 3 || m_q < 0)
return false;
- if((q != 0) && ((p - 1) % q != 0))
+ if((m_q != 0) && ((m_p - 1) % m_q != 0))
return false;
const size_t prob = (strong) ? 56 : 10;
- if(!is_prime(p, rng, prob))
+ if(!is_prime(m_p, rng, prob))
return false;
- if((q > 0) && !is_prime(q, rng, prob))
+ if((m_q > 0) && !is_prime(m_q, rng, prob))
return false;
return true;
}
@@ -167,7 +167,7 @@ bool DL_Group::verify_group(RandomNumberGenerator& rng,
const BigInt& DL_Group::get_p() const
{
init_check();
- return p;
+ return m_p;
}
/*
@@ -176,7 +176,7 @@ const BigInt& DL_Group::get_p() const
const BigInt& DL_Group::get_g() const
{
init_check();
- return g;
+ return m_g;
}
/*
@@ -185,9 +185,9 @@ const BigInt& DL_Group::get_g() const
const BigInt& DL_Group::get_q() const
{
init_check();
- if(q == 0)
+ if(m_q == 0)
throw Invalid_State("DLP group has no q prime specified");
- return q;
+ return m_q;
}
/*
@@ -197,16 +197,16 @@ std::vector<byte> DL_Group::DER_encode(Format format) const
{
init_check();
- if((q == 0) && (format != PKCS_3))
+ if((m_q == 0) && (format != PKCS_3))
throw Encoding_Error("The ANSI DL parameter formats require a subgroup");
if(format == ANSI_X9_57)
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(p)
- .encode(q)
- .encode(g)
+ .encode(m_p)
+ .encode(m_q)
+ .encode(m_g)
.end_cons()
.get_contents_unlocked();
}
@@ -214,9 +214,9 @@ std::vector<byte> DL_Group::DER_encode(Format format) const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(p)
- .encode(g)
- .encode(q)
+ .encode(m_p)
+ .encode(m_g)
+ .encode(m_q)
.end_cons()
.get_contents_unlocked();
}
@@ -224,8 +224,8 @@ std::vector<byte> DL_Group::DER_encode(Format format) const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(p)
- .encode(g)
+ .encode(m_p)
+ .encode(m_g)
.end_cons()
.get_contents_unlocked();
}
diff --git a/src/lib/pubkey/dl_group/dl_group.h b/src/lib/pubkey/dl_group/dl_group.h
index 7201054f2..8bdd205da 100644
--- a/src/lib/pubkey/dl_group/dl_group.h
+++ b/src/lib/pubkey/dl_group/dl_group.h
@@ -161,8 +161,8 @@ class BOTAN_DLL DL_Group
void init_check() const;
void initialize(const BigInt&, const BigInt&, const BigInt&);
- bool initialized;
- BigInt p, q, g;
+ bool m_initialized;
+ BigInt m_p, m_q, m_g;
};
}
diff --git a/src/lib/pubkey/dlies/dlies.cpp b/src/lib/pubkey/dlies/dlies.cpp
index 708064d27..86cd51e19 100644
--- a/src/lib/pubkey/dlies/dlies.cpp
+++ b/src/lib/pubkey/dlies/dlies.cpp
@@ -16,12 +16,12 @@ DLIES_Encryptor::DLIES_Encryptor(const PK_Key_Agreement_Key& key,
KDF* kdf_obj,
MessageAuthenticationCode* mac_obj,
size_t mac_kl) :
- ka(key, "Raw"),
- kdf(kdf_obj),
- mac(mac_obj),
- mac_keylen(mac_kl)
+ m_ka(key, "Raw"),
+ m_kdf(kdf_obj),
+ m_mac(mac_obj),
+ m_mac_keylen(mac_kl)
{
- my_key = key.public_value();
+ m_my_key = key.public_value();
}
/*
@@ -32,31 +32,31 @@ std::vector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
{
if(length > maximum_input_size())
throw Invalid_Argument("DLIES: Plaintext too large");
- if(other_key.empty())
+ if(m_other_key.empty())
throw Invalid_State("DLIES: The other key was never set");
- secure_vector<byte> out(my_key.size() + length + mac->output_length());
- buffer_insert(out, 0, my_key);
- buffer_insert(out, my_key.size(), in, length);
+ secure_vector<byte> out(m_my_key.size() + length + m_mac->output_length());
+ buffer_insert(out, 0, m_my_key);
+ buffer_insert(out, m_my_key.size(), in, length);
- secure_vector<byte> vz(my_key.begin(), my_key.end());
- vz += ka.derive_key(0, other_key).bits_of();
+ secure_vector<byte> vz(m_my_key.begin(), m_my_key.end());
+ vz += m_ka.derive_key(0, m_other_key).bits_of();
- const size_t K_LENGTH = length + mac_keylen;
- secure_vector<byte> K = kdf->derive_key(K_LENGTH, vz);
+ const size_t K_LENGTH = length + m_mac_keylen;
+ secure_vector<byte> K = m_kdf->derive_key(K_LENGTH, vz);
if(K.size() != K_LENGTH)
throw Encoding_Error("DLIES: KDF did not provide sufficient output");
- byte* C = &out[my_key.size()];
+ byte* C = &out[m_my_key.size()];
- mac->set_key(K.data(), mac_keylen);
- xor_buf(C, &K[mac_keylen], length);
+ m_mac->set_key(K.data(), m_mac_keylen);
+ xor_buf(C, &K[m_mac_keylen], length);
- mac->update(C, length);
+ m_mac->update(C, length);
for(size_t j = 0; j != 8; ++j)
- mac->update(0);
+ m_mac->update(0);
- mac->final(C + length);
+ m_mac->final(C + length);
return unlock(out);
}
@@ -66,7 +66,7 @@ std::vector<byte> DLIES_Encryptor::enc(const byte in[], size_t length,
*/
void DLIES_Encryptor::set_other_key(const std::vector<byte>& ok)
{
- other_key = ok;
+ m_other_key = ok;
}
/*
@@ -84,12 +84,12 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
KDF* kdf_obj,
MessageAuthenticationCode* mac_obj,
size_t mac_kl) :
- ka(key, "Raw"),
- kdf(kdf_obj),
- mac(mac_obj),
- mac_keylen(mac_kl)
+ m_ka(key, "Raw"),
+ m_kdf(kdf_obj),
+ m_mac(mac_obj),
+ m_mac_keylen(mac_kl)
{
- my_key = key.public_value();
+ m_my_key = key.public_value();
}
/*
@@ -97,35 +97,35 @@ DLIES_Decryptor::DLIES_Decryptor(const PK_Key_Agreement_Key& key,
*/
secure_vector<byte> DLIES_Decryptor::dec(const byte msg[], size_t length) const
{
- if(length < my_key.size() + mac->output_length())
+ if(length < m_my_key.size() + m_mac->output_length())
throw Decoding_Error("DLIES decryption: ciphertext is too short");
- const size_t CIPHER_LEN = length - my_key.size() - mac->output_length();
+ const size_t CIPHER_LEN = length - m_my_key.size() - m_mac->output_length();
- std::vector<byte> v(msg, msg + my_key.size());
+ std::vector<byte> v(msg, msg + m_my_key.size());
- secure_vector<byte> C(msg + my_key.size(), msg + my_key.size() + CIPHER_LEN);
+ secure_vector<byte> C(msg + m_my_key.size(), msg + m_my_key.size() + CIPHER_LEN);
- secure_vector<byte> T(msg + my_key.size() + CIPHER_LEN,
- msg + my_key.size() + CIPHER_LEN + mac->output_length());
+ secure_vector<byte> T(msg + m_my_key.size() + CIPHER_LEN,
+ msg + m_my_key.size() + CIPHER_LEN + m_mac->output_length());
- secure_vector<byte> vz(msg, msg + my_key.size());
- vz += ka.derive_key(0, v).bits_of();
+ secure_vector<byte> vz(msg, msg + m_my_key.size());
+ vz += m_ka.derive_key(0, v).bits_of();
- const size_t K_LENGTH = C.size() + mac_keylen;
- secure_vector<byte> K = kdf->derive_key(K_LENGTH, vz);
+ const size_t K_LENGTH = C.size() + m_mac_keylen;
+ secure_vector<byte> K = m_kdf->derive_key(K_LENGTH, vz);
if(K.size() != K_LENGTH)
throw Encoding_Error("DLIES: KDF did not provide sufficient output");
- mac->set_key(K.data(), mac_keylen);
- mac->update(C);
+ m_mac->set_key(K.data(), m_mac_keylen);
+ m_mac->update(C);
for(size_t j = 0; j != 8; ++j)
- mac->update(0);
- secure_vector<byte> T2 = mac->final();
+ m_mac->update(0);
+ secure_vector<byte> T2 = m_mac->final();
if(T != T2)
throw Decoding_Error("DLIES: message authentication failed");
- xor_buf(C, K.data() + mac_keylen, C.size());
+ xor_buf(C, K.data() + m_mac_keylen, C.size());
return C;
}
diff --git a/src/lib/pubkey/dlies/dlies.h b/src/lib/pubkey/dlies/dlies.h
index ed5928080..dd8838a28 100644
--- a/src/lib/pubkey/dlies/dlies.h
+++ b/src/lib/pubkey/dlies/dlies.h
@@ -32,12 +32,12 @@ class BOTAN_DLL DLIES_Encryptor : public PK_Encryptor
size_t maximum_input_size() const override;
- std::vector<byte> other_key, my_key;
+ std::vector<byte> m_other_key, m_my_key;
- PK_Key_Agreement ka;
- std::unique_ptr<KDF> kdf;
- std::unique_ptr<MessageAuthenticationCode> mac;
- size_t mac_keylen;
+ PK_Key_Agreement m_ka;
+ std::unique_ptr<KDF> m_kdf;
+ std::unique_ptr<MessageAuthenticationCode> m_mac;
+ size_t m_mac_keylen;
};
/**
@@ -54,12 +54,12 @@ class BOTAN_DLL DLIES_Decryptor : public PK_Decryptor
private:
secure_vector<byte> dec(const byte[], size_t) const override;
- std::vector<byte> my_key;
+ std::vector<byte> m_my_key;
- PK_Key_Agreement ka;
- std::unique_ptr<KDF> kdf;
- std::unique_ptr<MessageAuthenticationCode> mac;
- size_t mac_keylen;
+ PK_Key_Agreement m_ka;
+ std::unique_ptr<KDF> m_kdf;
+ std::unique_ptr<MessageAuthenticationCode> m_mac;
+ size_t m_mac_keylen;
};
}
diff --git a/src/lib/pubkey/dsa/dsa.cpp b/src/lib/pubkey/dsa/dsa.cpp
index ec0830533..471189cd8 100644
--- a/src/lib/pubkey/dsa/dsa.cpp
+++ b/src/lib/pubkey/dsa/dsa.cpp
@@ -20,8 +20,8 @@ namespace Botan {
*/
DSA_PublicKey::DSA_PublicKey(const DL_Group& grp, const BigInt& y1)
{
- group = grp;
- y = y1;
+ m_group = grp;
+ m_y = y1;
}
/*
@@ -31,13 +31,13 @@ DSA_PrivateKey::DSA_PrivateKey(RandomNumberGenerator& rng,
const DL_Group& grp,
const BigInt& x_arg)
{
- group = grp;
- x = x_arg;
+ m_group = grp;
+ m_x = x_arg;
- if(x == 0)
- x = BigInt::random_integer(rng, 2, group_q() - 1);
+ if(m_x == 0)
+ m_x = BigInt::random_integer(rng, 2, group_q() - 1);
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
if(x_arg == 0)
gen_check(rng);
@@ -50,7 +50,7 @@ DSA_PrivateKey::DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
load_check(rng);
}
@@ -60,7 +60,7 @@ DSA_PrivateKey::DSA_PrivateKey(const AlgorithmIdentifier& alg_id,
*/
bool DSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
{
- if(!DL_Scheme_PrivateKey::check_key(rng, strong) || x >= group_q())
+ if(!DL_Scheme_PrivateKey::check_key(rng, strong) || m_x >= group_q())
return false;
if(!strong)
@@ -80,25 +80,25 @@ class DSA_Signature_Operation : public PK_Ops::Signature_with_EMSA
typedef DSA_PrivateKey Key_Type;
DSA_Signature_Operation(const DSA_PrivateKey& dsa, const std::string& emsa) :
PK_Ops::Signature_with_EMSA(emsa),
- q(dsa.group_q()),
- x(dsa.get_x()),
- powermod_g_p(dsa.group_g(), dsa.group_p()),
- mod_q(dsa.group_q()),
+ m_q(dsa.group_q()),
+ m_x(dsa.get_x()),
+ m_powermod_g_p(dsa.group_g(), dsa.group_p()),
+ m_mod_q(dsa.group_q()),
m_hash(hash_for_deterministic_signature(emsa))
{
}
size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return q.bytes(); }
- size_t max_input_bits() const override { return q.bits(); }
+ size_t message_part_size() const override { return m_q.bytes(); }
+ size_t max_input_bits() const override { return m_q.bits(); }
secure_vector<byte> raw_sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) override;
private:
- const BigInt& q;
- const BigInt& x;
- Fixed_Base_Power_Mod powermod_g_p;
- Modular_Reducer mod_q;
+ const BigInt& m_q;
+ const BigInt& m_x;
+ Fixed_Base_Power_Mod m_powermod_g_p;
+ Modular_Reducer m_mod_q;
std::string m_hash;
};
@@ -108,23 +108,23 @@ DSA_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
{
BigInt i(msg, msg_len);
- while(i >= q)
- i -= q;
+ while(i >= m_q)
+ i -= m_q;
- const BigInt k = generate_rfc6979_nonce(x, q, i, m_hash);
+ const BigInt k = generate_rfc6979_nonce(m_x, m_q, i, m_hash);
auto future_r = std::async(std::launch::async,
- [&]() { return mod_q.reduce(powermod_g_p(k)); });
+ [&]() { return m_mod_q.reduce(m_powermod_g_p(k)); });
- BigInt s = inverse_mod(k, q);
+ BigInt s = inverse_mod(k, m_q);
const BigInt r = future_r.get();
- s = mod_q.multiply(s, mul_add(x, r, i));
+ s = m_mod_q.multiply(s, mul_add(m_x, r, i));
// With overwhelming probability, a bug rather than actual zero r/s
BOTAN_ASSERT(s != 0, "invalid s");
BOTAN_ASSERT(r != 0, "invalid r");
- secure_vector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*m_q.bytes());
r.binary_encode(&output[output.size() / 2 - r.bytes()]);
s.binary_encode(&output[output.size() - s.bytes()]);
return output;
@@ -140,54 +140,51 @@ class DSA_Verification_Operation : public PK_Ops::Verification_with_EMSA
DSA_Verification_Operation(const DSA_PublicKey& dsa,
const std::string& emsa) :
PK_Ops::Verification_with_EMSA(emsa),
- q(dsa.group_q()), y(dsa.get_y())
- {
- powermod_g_p = Fixed_Base_Power_Mod(dsa.group_g(), dsa.group_p());
- powermod_y_p = Fixed_Base_Power_Mod(y, dsa.group_p());
- mod_p = Modular_Reducer(dsa.group_p());
- mod_q = Modular_Reducer(dsa.group_q());
- }
+ m_q(dsa.group_q()), m_y(dsa.get_y()), m_powermod_g_p{Fixed_Base_Power_Mod(dsa.group_g(), dsa.group_p())},
+ m_powermod_y_p{Fixed_Base_Power_Mod(m_y, dsa.group_p())}, m_mod_p{Modular_Reducer(dsa.group_p())},
+ m_mod_q{Modular_Reducer(dsa.group_q())}
+ {}
size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return q.bytes(); }
- size_t max_input_bits() const override { return q.bits(); }
+ size_t message_part_size() const override { return m_q.bytes(); }
+ size_t max_input_bits() const override { return m_q.bits(); }
bool with_recovery() const override { return false; }
bool verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len) override;
private:
- const BigInt& q;
- const BigInt& y;
+ const BigInt& m_q;
+ const BigInt& m_y;
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Modular_Reducer mod_p, mod_q;
+ Fixed_Base_Power_Mod m_powermod_g_p, m_powermod_y_p;
+ Modular_Reducer m_mod_p, m_mod_q;
};
bool DSA_Verification_Operation::verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len)
{
- if(sig_len != 2*q.bytes() || msg_len > q.bytes())
+ if(sig_len != 2*m_q.bytes() || msg_len > m_q.bytes())
return false;
- BigInt r(sig, q.bytes());
- BigInt s(sig + q.bytes(), q.bytes());
+ BigInt r(sig, m_q.bytes());
+ BigInt s(sig + m_q.bytes(), m_q.bytes());
BigInt i(msg, msg_len);
- if(r <= 0 || r >= q || s <= 0 || s >= q)
+ if(r <= 0 || r >= m_q || s <= 0 || s >= m_q)
return false;
- s = inverse_mod(s, q);
+ s = inverse_mod(s, m_q);
auto future_s_i = std::async(std::launch::async,
- [&]() { return powermod_g_p(mod_q.multiply(s, i)); });
+ [&]() { return m_powermod_g_p(m_mod_q.multiply(s, i)); });
- BigInt s_r = powermod_y_p(mod_q.multiply(s, r));
+ BigInt s_r = m_powermod_y_p(m_mod_q.multiply(s, r));
BigInt s_i = future_s_i.get();
- s = mod_p.multiply(s_i, s_r);
+ s = m_mod_p.multiply(s_i, s_r);
- return (mod_q.reduce(s) == r);
+ return (m_mod_q.reduce(s) == r);
}
BOTAN_REGISTER_PK_SIGNATURE_OP("DSA", DSA_Signature_Operation);
diff --git a/src/lib/pubkey/ec_group/ec_group.cpp b/src/lib/pubkey/ec_group/ec_group.cpp
index fc46675bd..c264d7314 100644
--- a/src/lib/pubkey/ec_group/ec_group.cpp
+++ b/src/lib/pubkey/ec_group/ec_group.cpp
@@ -23,7 +23,7 @@ EC_Group::EC_Group(const OID& domain_oid)
throw Lookup_Error("No ECC domain data for " + domain_oid.as_string());
*this = EC_Group(pem);
- oid = domain_oid.as_string();
+ m_oid = domain_oid.as_string();
}
EC_Group::EC_Group(const std::string& str)
@@ -75,13 +75,13 @@ EC_Group::EC_Group(const std::vector<byte>& ber_data)
.decode_octet_string_bigint(b)
.end_cons()
.decode(sv_base_point, OCTET_STRING)
- .decode(order)
- .decode(cofactor)
+ .decode(m_order)
+ .decode(m_cofactor)
.end_cons()
.verify_end();
- curve = CurveGFp(p, a, b);
- base_point = OS2ECP(sv_base_point, curve);
+ m_curve = CurveGFp(p, a, b);
+ m_base_point = OS2ECP(sv_base_point, m_curve);
}
else
throw Decoding_Error("Unexpected tag while decoding ECC domain params");
@@ -95,24 +95,24 @@ EC_Group::DER_encode(EC_Group_Encoding form) const
const size_t ecpVers1 = 1;
OID curve_type("1.2.840.10045.1.1");
- const size_t p_bytes = curve.get_p().bytes();
+ const size_t p_bytes = m_curve.get_p().bytes();
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(ecpVers1)
.start_cons(SEQUENCE)
.encode(curve_type)
- .encode(curve.get_p())
+ .encode(m_curve.get_p())
.end_cons()
.start_cons(SEQUENCE)
- .encode(BigInt::encode_1363(curve.get_a(), p_bytes),
+ .encode(BigInt::encode_1363(m_curve.get_a(), p_bytes),
OCTET_STRING)
- .encode(BigInt::encode_1363(curve.get_b(), p_bytes),
+ .encode(BigInt::encode_1363(m_curve.get_b(), p_bytes),
OCTET_STRING)
.end_cons()
- .encode(EC2OSP(base_point, PointGFp::UNCOMPRESSED), OCTET_STRING)
- .encode(order)
- .encode(cofactor)
+ .encode(EC2OSP(m_base_point, PointGFp::UNCOMPRESSED), OCTET_STRING)
+ .encode(m_order)
+ .encode(m_cofactor)
.end_cons()
.get_contents_unlocked();
}
diff --git a/src/lib/pubkey/ec_group/ec_group.h b/src/lib/pubkey/ec_group/ec_group.h
index 67ade0c65..a03b97a68 100644
--- a/src/lib/pubkey/ec_group/ec_group.h
+++ b/src/lib/pubkey/ec_group/ec_group.h
@@ -43,24 +43,24 @@ class BOTAN_DLL EC_Group
const PointGFp& base_point,
const BigInt& order,
const BigInt& cofactor) :
- curve(curve),
- base_point(base_point),
- order(order),
- cofactor(cofactor),
- oid("")
+ m_curve(curve),
+ m_base_point(base_point),
+ m_order(order),
+ m_cofactor(cofactor),
+ m_oid("")
{}
/**
* Decode a BER encoded ECC domain parameter set
* @param ber_encoding the bytes of the BER encoding
*/
- EC_Group(const std::vector<byte>& ber_encoding);
+ explicit EC_Group(const std::vector<byte>& ber_encoding);
/**
* Create an EC domain by OID (or throw if unknown)
* @param oid the OID of the EC domain to create
*/
- EC_Group(const OID& oid);
+ explicit EC_Group(const OID& oid);
/**
* Create an EC domain from PEM encoding (as from PEM_encode), or
@@ -86,33 +86,33 @@ class BOTAN_DLL EC_Group
* Return domain parameter curve
* @result domain parameter curve
*/
- const CurveGFp& get_curve() const { return curve; }
+ const CurveGFp& get_curve() const { return m_curve; }
/**
* Return group base point
* @result base point
*/
- const PointGFp& get_base_point() const { return base_point; }
+ const PointGFp& get_base_point() const { return m_base_point; }
/**
* Return the order of the base point
* @result order of the base point
*/
- const BigInt& get_order() const { return order; }
+ const BigInt& get_order() const { return m_order; }
/**
* Return the cofactor
* @result the cofactor
*/
- const BigInt& get_cofactor() const { return cofactor; }
+ const BigInt& get_cofactor() const { return m_cofactor; }
- bool initialized() const { return !base_point.is_zero(); }
+ bool initialized() const { return !m_base_point.is_zero(); }
/**
* Return the OID of these domain parameters
* @result the OID
*/
- std::string get_oid() const { return oid; }
+ std::string get_oid() const { return m_oid; }
bool operator==(const EC_Group& other) const
{
@@ -128,10 +128,10 @@ class BOTAN_DLL EC_Group
static const char* PEM_for_named_group(const std::string& name);
private:
- CurveGFp curve;
- PointGFp base_point;
- BigInt order, cofactor;
- std::string oid;
+ CurveGFp m_curve;
+ PointGFp m_base_point;
+ BigInt m_order, m_cofactor;
+ std::string m_oid;
};
inline bool operator!=(const EC_Group& lhs,
diff --git a/src/lib/pubkey/ecc_key/ecc_key.cpp b/src/lib/pubkey/ecc_key/ecc_key.cpp
index b0c053688..2dca20725 100644
--- a/src/lib/pubkey/ecc_key/ecc_key.cpp
+++ b/src/lib/pubkey/ecc_key/ecc_key.cpp
@@ -25,21 +25,16 @@ size_t EC_PublicKey::estimated_strength() const
EC_PublicKey::EC_PublicKey(const EC_Group& dom_par,
const PointGFp& pub_point) :
- domain_params(dom_par), public_key(pub_point),
- domain_encoding(EC_DOMPAR_ENC_EXPLICIT)
+ m_domain_params(dom_par), m_public_key(pub_point),
+ m_domain_encoding(EC_DOMPAR_ENC_EXPLICIT)
{
if(domain().get_curve() != public_point().get_curve())
throw Invalid_Argument("EC_PublicKey: curve mismatch in constructor");
}
EC_PublicKey::EC_PublicKey(const AlgorithmIdentifier& alg_id,
- const secure_vector<byte>& key_bits)
- {
- domain_params = EC_Group(alg_id.parameters);
- domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
-
- public_key = OS2ECP(key_bits, domain().get_curve());
- }
+ const secure_vector<byte>& key_bits) : m_domain_params{EC_Group(alg_id.parameters)}, m_public_key{OS2ECP(key_bits, domain().get_curve())}, m_domain_encoding{EC_DOMPAR_ENC_EXPLICIT}
+ {}
bool EC_PublicKey::check_key(RandomNumberGenerator&,
bool) const
@@ -64,20 +59,20 @@ void EC_PublicKey::set_parameter_encoding(EC_Group_Encoding form)
form != EC_DOMPAR_ENC_OID)
throw Invalid_Argument("Invalid encoding form for EC-key object specified");
- if((form == EC_DOMPAR_ENC_OID) && (domain_params.get_oid() == ""))
+ if((form == EC_DOMPAR_ENC_OID) && (m_domain_params.get_oid() == ""))
throw Invalid_Argument("Invalid encoding form OID specified for "
"EC-key object whose corresponding domain "
"parameters are without oid");
- domain_encoding = form;
+ m_domain_encoding = form;
}
const BigInt& EC_PrivateKey::private_value() const
{
- if(private_key == 0)
+ if(m_private_key == 0)
throw Invalid_State("EC_PrivateKey::private_value - uninitialized");
- return private_key;
+ return m_private_key;
}
/**
@@ -87,17 +82,17 @@ EC_PrivateKey::EC_PrivateKey(RandomNumberGenerator& rng,
const EC_Group& ec_group,
const BigInt& x)
{
- domain_params = ec_group;
- domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
+ m_domain_params = ec_group;
+ m_domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
if(x == 0)
- private_key = BigInt::random_integer(rng, 1, domain().get_order());
+ m_private_key = BigInt::random_integer(rng, 1, domain().get_order());
else
- private_key = x;
+ m_private_key = x;
- public_key = domain().get_base_point() * private_key;
+ m_public_key = domain().get_base_point() * m_private_key;
- BOTAN_ASSERT(public_key.on_the_curve(),
+ BOTAN_ASSERT(m_public_key.on_the_curve(),
"Generated public key point was on the curve");
}
@@ -106,7 +101,7 @@ secure_vector<byte> EC_PrivateKey::pkcs8_private_key() const
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(static_cast<size_t>(1))
- .encode(BigInt::encode_1363(private_key, private_key.bytes()),
+ .encode(BigInt::encode_1363(m_private_key, m_private_key.bytes()),
OCTET_STRING)
.end_cons()
.get_contents();
@@ -115,8 +110,8 @@ secure_vector<byte> EC_PrivateKey::pkcs8_private_key() const
EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
const secure_vector<byte>& key_bits)
{
- domain_params = EC_Group(alg_id.parameters);
- domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
+ m_domain_params = EC_Group(alg_id.parameters);
+ m_domain_encoding = EC_DOMPAR_ENC_EXPLICIT;
OID key_parameters;
secure_vector<byte> public_key_bits;
@@ -124,7 +119,7 @@ EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
.decode_and_check<size_t>(1, "Unknown version code for ECC key")
- .decode_octet_string_bigint(private_key)
+ .decode_octet_string_bigint(m_private_key)
.decode_optional(key_parameters, ASN1_Tag(0), PRIVATE)
.decode_optional_string(public_key_bits, BIT_STRING, 1, PRIVATE)
.end_cons();
@@ -134,14 +129,14 @@ EC_PrivateKey::EC_PrivateKey(const AlgorithmIdentifier& alg_id,
if(public_key_bits.empty())
{
- public_key = domain().get_base_point() * private_key;
+ m_public_key = domain().get_base_point() * m_private_key;
- BOTAN_ASSERT(public_key.on_the_curve(),
+ BOTAN_ASSERT(m_public_key.on_the_curve(),
"Public point derived from loaded key was on the curve");
}
else
{
- public_key = OS2ECP(public_key_bits, domain().get_curve());
+ m_public_key = OS2ECP(public_key_bits, domain().get_curve());
// OS2ECP verifies that the point is on the curve
}
}
diff --git a/src/lib/pubkey/ecc_key/ecc_key.h b/src/lib/pubkey/ecc_key/ecc_key.h
index 6764df0f0..3f93a908c 100644
--- a/src/lib/pubkey/ecc_key/ecc_key.h
+++ b/src/lib/pubkey/ecc_key/ecc_key.h
@@ -41,7 +41,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* domain parameters of this point are not set
* @result the public point of this key
*/
- const PointGFp& public_point() const { return public_key; }
+ const PointGFp& public_point() const { return m_public_key; }
AlgorithmIdentifier algorithm_identifier() const override;
@@ -56,7 +56,7 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* domain parameters of this point are not set
* @result the domain parameters of this key
*/
- const EC_Group& domain() const { return domain_params; }
+ const EC_Group& domain() const { return m_domain_params; }
/**
* Set the domain parameter encoding to be used when encoding this key.
@@ -76,16 +76,17 @@ class BOTAN_DLL EC_PublicKey : public virtual Public_Key
* @result the encoding to use
*/
EC_Group_Encoding domain_format() const
- { return domain_encoding; }
+ { return m_domain_encoding; }
size_t estimated_strength() const override;
protected:
- EC_PublicKey() : domain_encoding(EC_DOMPAR_ENC_EXPLICIT) {}
+ EC_PublicKey() : m_domain_params{}, m_public_key{}, m_domain_encoding(EC_DOMPAR_ENC_EXPLICIT)
+ {}
- EC_Group domain_params;
- PointGFp public_key;
- EC_Group_Encoding domain_encoding;
+ EC_Group m_domain_params;
+ PointGFp m_public_key;
+ EC_Group_Encoding m_domain_encoding;
};
/**
@@ -112,7 +113,7 @@ class BOTAN_DLL EC_PrivateKey : public virtual EC_PublicKey,
protected:
EC_PrivateKey() {}
- BigInt private_key;
+ BigInt m_private_key;
};
}
diff --git a/src/lib/pubkey/ecdh/ecdh.cpp b/src/lib/pubkey/ecdh/ecdh.cpp
index 6b589df9b..55e215bc1 100644
--- a/src/lib/pubkey/ecdh/ecdh.cpp
+++ b/src/lib/pubkey/ecdh/ecdh.cpp
@@ -26,23 +26,23 @@ class ECDH_KA_Operation : public PK_Ops::Key_Agreement_with_KDF
ECDH_KA_Operation(const ECDH_PrivateKey& key, const std::string& kdf) :
PK_Ops::Key_Agreement_with_KDF(kdf),
- curve(key.domain().get_curve()),
- cofactor(key.domain().get_cofactor())
+ m_curve(key.domain().get_curve()),
+ m_cofactor(key.domain().get_cofactor())
{
- l_times_priv = inverse_mod(cofactor, key.domain().get_order()) * key.private_value();
+ m_l_times_priv = inverse_mod(m_cofactor, key.domain().get_order()) * key.private_value();
}
secure_vector<byte> raw_agree(const byte w[], size_t w_len) override
{
- PointGFp point = OS2ECP(w, w_len, curve);
- PointGFp S = (cofactor * point) * l_times_priv;
+ PointGFp point = OS2ECP(w, w_len, m_curve);
+ PointGFp S = (m_cofactor * point) * m_l_times_priv;
BOTAN_ASSERT(S.on_the_curve(), "ECDH agreed value was on the curve");
- return BigInt::encode_1363(S.get_affine_x(), curve.get_p().bytes());
+ return BigInt::encode_1363(S.get_affine_x(), m_curve.get_p().bytes());
}
private:
- const CurveGFp& curve;
- const BigInt& cofactor;
- BigInt l_times_priv;
+ const CurveGFp& m_curve;
+ const BigInt& m_cofactor;
+ BigInt m_l_times_priv;
};
}
diff --git a/src/lib/pubkey/elgamal/elgamal.cpp b/src/lib/pubkey/elgamal/elgamal.cpp
index 4ff3cc47a..10dc195a8 100644
--- a/src/lib/pubkey/elgamal/elgamal.cpp
+++ b/src/lib/pubkey/elgamal/elgamal.cpp
@@ -19,8 +19,8 @@ namespace Botan {
*/
ElGamal_PublicKey::ElGamal_PublicKey(const DL_Group& grp, const BigInt& y1)
{
- group = grp;
- y = y1;
+ m_group = grp;
+ m_y = y1;
}
/*
@@ -30,13 +30,13 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(RandomNumberGenerator& rng,
const DL_Group& grp,
const BigInt& x_arg)
{
- group = grp;
- x = x_arg;
+ m_group = grp;
+ m_x = x_arg;
- if(x == 0)
- x.randomize(rng, dl_exponent_size(group_p().bits()));
+ if(m_x == 0)
+ m_x.randomize(rng, dl_exponent_size(group_p().bits()));
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
if(x_arg == 0)
gen_check(rng);
@@ -49,7 +49,7 @@ ElGamal_PrivateKey::ElGamal_PrivateKey(const AlgorithmIdentifier& alg_id,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_42)
{
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
load_check(rng);
}
@@ -78,7 +78,7 @@ class ElGamal_Encryption_Operation : public PK_Ops::Encryption_with_EME
public:
typedef ElGamal_PublicKey Key_Type;
- size_t max_raw_input_bits() const override { return mod_p.get_modulus().bits() - 1; }
+ size_t max_raw_input_bits() const override { return m_mod_p.get_modulus().bits() - 1; }
ElGamal_Encryption_Operation(const ElGamal_PublicKey& key, const std::string& eme);
@@ -86,8 +86,8 @@ class ElGamal_Encryption_Operation : public PK_Ops::Encryption_with_EME
RandomNumberGenerator& rng) override;
private:
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Modular_Reducer mod_p;
+ Fixed_Base_Power_Mod m_powermod_g_p, m_powermod_y_p;
+ Modular_Reducer m_mod_p;
};
ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicKey& key,
@@ -96,16 +96,16 @@ ElGamal_Encryption_Operation::ElGamal_Encryption_Operation(const ElGamal_PublicK
{
const BigInt& p = key.group_p();
- powermod_g_p = Fixed_Base_Power_Mod(key.group_g(), p);
- powermod_y_p = Fixed_Base_Power_Mod(key.get_y(), p);
- mod_p = Modular_Reducer(p);
+ m_powermod_g_p = Fixed_Base_Power_Mod(key.group_g(), p);
+ m_powermod_y_p = Fixed_Base_Power_Mod(key.get_y(), p);
+ m_mod_p = Modular_Reducer(p);
}
secure_vector<byte>
ElGamal_Encryption_Operation::raw_encrypt(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng)
{
- const BigInt& p = mod_p.get_modulus();
+ const BigInt& p = m_mod_p.get_modulus();
BigInt m(msg, msg_len);
@@ -114,8 +114,8 @@ ElGamal_Encryption_Operation::raw_encrypt(const byte msg[], size_t msg_len,
BigInt k(rng, dl_exponent_size(p.bits()));
- BigInt a = powermod_g_p(k);
- BigInt b = mod_p.multiply(m, powermod_y_p(k));
+ BigInt a = m_powermod_g_p(k);
+ BigInt b = m_mod_p.multiply(m, m_powermod_y_p(k));
secure_vector<byte> output(2*p.bytes());
a.binary_encode(&output[p.bytes() - a.bytes()]);
@@ -132,32 +132,32 @@ class ElGamal_Decryption_Operation : public PK_Ops::Decryption_with_EME
typedef ElGamal_PrivateKey Key_Type;
size_t max_raw_input_bits() const override
- { return mod_p.get_modulus().bits() - 1; }
+ { return m_mod_p.get_modulus().bits() - 1; }
ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key, const std::string& eme);
secure_vector<byte> raw_decrypt(const byte msg[], size_t msg_len) override;
private:
- Fixed_Exponent_Power_Mod powermod_x_p;
- Modular_Reducer mod_p;
- Blinder blinder;
+ Fixed_Exponent_Power_Mod m_powermod_x_p;
+ Modular_Reducer m_mod_p;
+ Blinder m_blinder;
};
ElGamal_Decryption_Operation::ElGamal_Decryption_Operation(const ElGamal_PrivateKey& key,
const std::string& eme) :
PK_Ops::Decryption_with_EME(eme),
- powermod_x_p(Fixed_Exponent_Power_Mod(key.get_x(), key.group_p())),
- mod_p(Modular_Reducer(key.group_p())),
- blinder(key.group_p(),
+ m_powermod_x_p(Fixed_Exponent_Power_Mod(key.get_x(), key.group_p())),
+ m_mod_p(Modular_Reducer(key.group_p())),
+ m_blinder(key.group_p(),
[](const BigInt& k) { return k; },
- [this](const BigInt& k) { return powermod_x_p(k); })
+ [this](const BigInt& k) { return m_powermod_x_p(k); })
{
}
secure_vector<byte>
ElGamal_Decryption_Operation::raw_decrypt(const byte msg[], size_t msg_len)
{
- const BigInt& p = mod_p.get_modulus();
+ const BigInt& p = m_mod_p.get_modulus();
const size_t p_bytes = p.bytes();
@@ -170,11 +170,11 @@ ElGamal_Decryption_Operation::raw_decrypt(const byte msg[], size_t msg_len)
if(a >= p || b >= p)
throw Invalid_Argument("ElGamal decryption: Invalid message");
- a = blinder.blind(a);
+ a = m_blinder.blind(a);
- BigInt r = mod_p.multiply(b, inverse_mod(powermod_x_p(a), p));
+ BigInt r = m_mod_p.multiply(b, inverse_mod(m_powermod_x_p(a), p));
- return BigInt::encode_locked(blinder.unblind(r));
+ return BigInt::encode_locked(m_blinder.unblind(r));
}
BOTAN_REGISTER_PK_ENCRYPTION_OP("ElGamal", ElGamal_Encryption_Operation);
diff --git a/src/lib/pubkey/gost_3410/gost_3410.cpp b/src/lib/pubkey/gost_3410/gost_3410.cpp
index f04692d12..51db47619 100644
--- a/src/lib/pubkey/gost_3410/gost_3410.cpp
+++ b/src/lib/pubkey/gost_3410/gost_3410.cpp
@@ -55,7 +55,7 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
// The parameters also includes hash and cipher OIDs
BER_Decoder(alg_id.parameters).start_cons(SEQUENCE).decode(ecc_param_id);
- domain_params = EC_Group(ecc_param_id);
+ m_domain_params = EC_Group(ecc_param_id);
secure_vector<byte> bits;
BER_Decoder(key_bits).decode(bits, OCTET_STRING);
@@ -72,9 +72,9 @@ GOST_3410_PublicKey::GOST_3410_PublicKey(const AlgorithmIdentifier& alg_id,
BigInt x(bits.data(), part_size);
BigInt y(&bits[part_size], part_size);
- public_key = PointGFp(domain().get_curve(), x, y);
+ m_public_key = PointGFp(domain().get_curve(), x, y);
- BOTAN_ASSERT(public_key.on_the_curve(),
+ BOTAN_ASSERT(m_public_key.on_the_curve(),
"Loaded GOST 34.10 public key is on the curve");
}
@@ -160,28 +160,28 @@ class GOST_3410_Verification_Operation : public PK_Ops::Verification_with_EMSA
GOST_3410_Verification_Operation(const GOST_3410_PublicKey& gost,
const std::string& emsa) :
PK_Ops::Verification_with_EMSA(emsa),
- base_point(gost.domain().get_base_point()),
- public_point(gost.public_point()),
- order(gost.domain().get_order()) {}
+ m_base_point(gost.domain().get_base_point()),
+ m_public_point(gost.public_point()),
+ m_order(gost.domain().get_order()) {}
size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return order.bytes(); }
- size_t max_input_bits() const override { return order.bits(); }
+ size_t message_part_size() const override { return m_order.bytes(); }
+ size_t max_input_bits() const override { return m_order.bits(); }
bool with_recovery() const override { return false; }
bool verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len) override;
private:
- const PointGFp& base_point;
- const PointGFp& public_point;
- const BigInt& order;
+ const PointGFp& m_base_point;
+ const PointGFp& m_public_point;
+ const BigInt& m_order;
};
bool GOST_3410_Verification_Operation::verify(const byte msg[], size_t msg_len,
const byte sig[], size_t sig_len)
{
- if(sig_len != order.bytes()*2)
+ if(sig_len != m_order.bytes()*2)
return false;
BigInt e = decode_le(msg, msg_len);
@@ -189,20 +189,20 @@ bool GOST_3410_Verification_Operation::verify(const byte msg[], size_t msg_len,
BigInt s(sig, sig_len / 2);
BigInt r(sig + sig_len / 2, sig_len / 2);
- if(r <= 0 || r >= order || s <= 0 || s >= order)
+ if(r <= 0 || r >= m_order || s <= 0 || s >= m_order)
return false;
- e %= order;
+ e %= m_order;
if(e == 0)
e = 1;
- BigInt v = inverse_mod(e, order);
+ BigInt v = inverse_mod(e, m_order);
- BigInt z1 = (s*v) % order;
- BigInt z2 = (-r*v) % order;
+ BigInt z1 = (s*v) % m_order;
+ BigInt z2 = (-r*v) % m_order;
- PointGFp R = multi_exponentiate(base_point, z1,
- public_point, z2);
+ PointGFp R = multi_exponentiate(m_base_point, z1,
+ m_public_point, z2);
if(R.is_zero())
return false;
diff --git a/src/lib/pubkey/if_algo/if_algo.cpp b/src/lib/pubkey/if_algo/if_algo.cpp
index 9c49b8dd4..e5f3ae20f 100644
--- a/src/lib/pubkey/if_algo/if_algo.cpp
+++ b/src/lib/pubkey/if_algo/if_algo.cpp
@@ -15,7 +15,7 @@ namespace Botan {
size_t IF_Scheme_PublicKey::estimated_strength() const
{
- return if_work_factor(n.bits());
+ return if_work_factor(m_n.bits());
}
AlgorithmIdentifier IF_Scheme_PublicKey::algorithm_identifier() const
@@ -28,8 +28,8 @@ std::vector<byte> IF_Scheme_PublicKey::x509_subject_public_key() const
{
return DER_Encoder()
.start_cons(SEQUENCE)
- .encode(n)
- .encode(e)
+ .encode(m_n)
+ .encode(m_e)
.end_cons()
.get_contents_unlocked();
}
@@ -39,8 +39,8 @@ IF_Scheme_PublicKey::IF_Scheme_PublicKey(const AlgorithmIdentifier&,
{
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
- .decode(n)
- .decode(e)
+ .decode(m_n)
+ .decode(m_e)
.verify_end()
.end_cons();
}
@@ -50,7 +50,7 @@ IF_Scheme_PublicKey::IF_Scheme_PublicKey(const AlgorithmIdentifier&,
*/
bool IF_Scheme_PublicKey::check_key(RandomNumberGenerator&, bool) const
{
- if(n < 35 || n.is_even() || e < 2)
+ if(m_n < 35 || m_n.is_even() || m_e < 2)
return false;
return true;
}
@@ -60,14 +60,14 @@ secure_vector<byte> IF_Scheme_PrivateKey::pkcs8_private_key() const
return DER_Encoder()
.start_cons(SEQUENCE)
.encode(static_cast<size_t>(0))
- .encode(n)
- .encode(e)
- .encode(d)
- .encode(p)
- .encode(q)
- .encode(d1)
- .encode(d2)
- .encode(c)
+ .encode(m_n)
+ .encode(m_e)
+ .encode(m_d)
+ .encode(m_p)
+ .encode(m_q)
+ .encode(m_d1)
+ .encode(m_d2)
+ .encode(m_c)
.end_cons()
.get_contents();
}
@@ -79,14 +79,14 @@ IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
BER_Decoder(key_bits)
.start_cons(SEQUENCE)
.decode_and_check<size_t>(0, "Unknown PKCS #1 key format version")
- .decode(n)
- .decode(e)
- .decode(d)
- .decode(p)
- .decode(q)
- .decode(d1)
- .decode(d2)
- .decode(c)
+ .decode(m_n)
+ .decode(m_e)
+ .decode(m_d)
+ .decode(m_p)
+ .decode(m_q)
+ .decode(m_d1)
+ .decode(m_d2)
+ .decode(m_c)
.end_cons();
load_check(rng);
@@ -97,26 +97,23 @@ IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
const BigInt& prime2,
const BigInt& exp,
const BigInt& d_exp,
- const BigInt& mod)
+ const BigInt& mod) :
+ m_d{ d_exp }, m_p{ prime1 }, m_q{ prime2 }, m_d1{}, m_d2{}, m_c{ inverse_mod( m_q, m_p ) }
{
- p = prime1;
- q = prime2;
- e = exp;
- d = d_exp;
- n = mod.is_nonzero() ? mod : p * q;
+ m_n = mod.is_nonzero() ? mod : m_p * m_q;
+ m_e = exp;
- if(d == 0)
+ if(m_d == 0)
{
- BigInt inv_for_d = lcm(p - 1, q - 1);
- if(e.is_even())
+ BigInt inv_for_d = lcm(m_p - 1, m_q - 1);
+ if(m_e.is_even())
inv_for_d >>= 1;
- d = inverse_mod(e, inv_for_d);
+ m_d = inverse_mod(m_e, inv_for_d);
}
- d1 = d % (p - 1);
- d2 = d % (q - 1);
- c = inverse_mod(q, p);
+ m_d1 = m_d % (m_p - 1);
+ m_d2 = m_d % (m_q - 1);
load_check(rng);
}
@@ -127,15 +124,15 @@ IF_Scheme_PrivateKey::IF_Scheme_PrivateKey(RandomNumberGenerator& rng,
bool IF_Scheme_PrivateKey::check_key(RandomNumberGenerator& rng,
bool strong) const
{
- if(n < 35 || n.is_even() || e < 2 || d < 2 || p < 3 || q < 3 || p*q != n)
+ if(m_n < 35 || m_n.is_even() || m_e < 2 || m_d < 2 || m_p < 3 || m_q < 3 || m_p*m_q != m_n)
return false;
- if(d1 != d % (p - 1) || d2 != d % (q - 1) || c != inverse_mod(q, p))
+ if(m_d1 != m_d % (m_p - 1) || m_d2 != m_d % (m_q - 1) || m_c != inverse_mod(m_q, m_p))
return false;
const size_t prob = (strong) ? 56 : 12;
- if(!is_prime(p, rng, prob) || !is_prime(q, rng, prob))
+ if(!is_prime(m_p, rng, prob) || !is_prime(m_q, rng, prob))
return false;
return true;
}
diff --git a/src/lib/pubkey/if_algo/if_algo.h b/src/lib/pubkey/if_algo/if_algo.h
index dec731af3..46dbd51a9 100644
--- a/src/lib/pubkey/if_algo/if_algo.h
+++ b/src/lib/pubkey/if_algo/if_algo.h
@@ -24,7 +24,7 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
const secure_vector<byte>& key_bits);
IF_Scheme_PublicKey(const BigInt& n, const BigInt& e) :
- n(n), e(e) {}
+ m_n(n), m_e(e) {}
bool check_key(RandomNumberGenerator& rng, bool) const override;
@@ -35,21 +35,21 @@ class BOTAN_DLL IF_Scheme_PublicKey : public virtual Public_Key
/**
* @return public modulus
*/
- const BigInt& get_n() const { return n; }
+ const BigInt& get_n() const { return m_n; }
/**
* @return public exponent
*/
- const BigInt& get_e() const { return e; }
+ const BigInt& get_e() const { return m_e; }
- size_t max_input_bits() const override { return (n.bits() - 1); }
+ size_t max_input_bits() const override { return (m_n.bits() - 1); }
size_t estimated_strength() const override;
protected:
IF_Scheme_PublicKey() {}
- BigInt n, e;
+ BigInt m_n, m_e;
};
/**
@@ -76,30 +76,30 @@ class BOTAN_DLL IF_Scheme_PrivateKey : public virtual IF_Scheme_PublicKey,
* Get the first prime p.
* @return prime p
*/
- const BigInt& get_p() const { return p; }
+ const BigInt& get_p() const { return m_p; }
/**
* Get the second prime q.
* @return prime q
*/
- const BigInt& get_q() const { return q; }
+ const BigInt& get_q() const { return m_q; }
/**
* Get d with exp * d = 1 mod (p - 1, q - 1).
* @return d
*/
- const BigInt& get_d() const { return d; }
+ const BigInt& get_d() const { return m_d; }
- const BigInt& get_c() const { return c; }
- const BigInt& get_d1() const { return d1; }
- const BigInt& get_d2() const { return d2; }
+ const BigInt& get_c() const { return m_c; }
+ const BigInt& get_d1() const { return m_d1; }
+ const BigInt& get_d2() const { return m_d2; }
secure_vector<byte> pkcs8_private_key() const override;
protected:
IF_Scheme_PrivateKey() {}
- BigInt d, p, q, d1, d2, c;
+ BigInt m_d, m_p, m_q, m_d1, m_d2, m_c;
};
}
diff --git a/src/lib/pubkey/keypair/keypair.cpp b/src/lib/pubkey/keypair/keypair.cpp
index ef211ffd4..0f5a48541 100644
--- a/src/lib/pubkey/keypair/keypair.cpp
+++ b/src/lib/pubkey/keypair/keypair.cpp
@@ -59,7 +59,7 @@ bool signature_consistency_check(RandomNumberGenerator& rng,
{
signature = signer.sign_message(message, rng);
}
- catch(Encoding_Error)
+ catch(Encoding_Error&)
{
return false;
}
diff --git a/src/lib/pubkey/mce/gf2m_rootfind_dcmp.cpp b/src/lib/pubkey/mce/gf2m_rootfind_dcmp.cpp
index 3a377a447..acae036db 100644
--- a/src/lib/pubkey/mce/gf2m_rootfind_dcmp.cpp
+++ b/src/lib/pubkey/mce/gf2m_rootfind_dcmp.cpp
@@ -95,7 +95,7 @@ secure_vector<gf2m> find_roots_gf2m_decomp(const polyn_gf2m & polyn, u32bit code
}
gf2m_decomp_rootfind_state::gf2m_decomp_rootfind_state(const polyn_gf2m & polyn, u32bit the_code_length) :
- code_length(the_code_length)
+ code_length(the_code_length), m_j(0), m_j_gray(0)
{
gf2m coeff_3;
gf2m coeff_head;
@@ -105,7 +105,7 @@ gf2m_decomp_rootfind_state::gf2m_decomp_rootfind_state(const polyn_gf2m & polyn,
{
throw Internal_Error("Unexpected degree in gf2m_decomp_rootfind_state");
}
- this->m_j = 0;
+
coeff_3 = polyn.get_coef( 3);
coeff_head = polyn.get_coef( deg_sigma); /* dummy value for SCA CM */
if(coeff_3 != 0)
@@ -238,10 +238,9 @@ gf2m gf2m_decomp_rootfind_state::calc_Fxj_j_neq_0( const polyn_gf2m & sigma, gf2
gf2m sum = 0;
u32bit i;
std::shared_ptr<GF2m_Field> sp_field = sigma.get_sp_field();
- gf2m xl_j_tt_5i, xl_j_tt_5, xl_gray_tt_3;
const gf2m jl_gray = sp_field->gf_l_from_n(j_gray);
- xl_j_tt_5 = sp_field->gf_square_rr(jl_gray);
- xl_gray_tt_3 = sp_field->gf_mul_rrr(xl_j_tt_5, jl_gray);
+ gf2m xl_j_tt_5 = sp_field->gf_square_rr(jl_gray);
+ gf2m xl_gray_tt_3 = sp_field->gf_mul_rrr(xl_j_tt_5, jl_gray);
xl_j_tt_5 = sp_field->gf_mul_rrr(xl_j_tt_5, xl_gray_tt_3);
@@ -253,13 +252,16 @@ gf2m gf2m_decomp_rootfind_state::calc_Fxj_j_neq_0( const polyn_gf2m & sigma, gf2
/* treat i = 0 special: */
sum ^= this->m_Aij[0];
/* treat i = 1 special also */
+
if(this->m_outer_summands > 1)
{
gf2m x;
- xl_j_tt_5i = xl_j_tt_5;
x = sp_field->gf_mul_zrz(xl_j_tt_5, this->m_Aij[1]); /* x_j^{5i} A_i^j */
sum ^= x;
}
+
+ gf2m xl_j_tt_5i = xl_j_tt_5;
+
for(i = 2; i < this->m_outer_summands; i++)
{
gf2m x;
@@ -273,7 +275,9 @@ gf2m gf2m_decomp_rootfind_state::calc_Fxj_j_neq_0( const polyn_gf2m & sigma, gf2
secure_vector<gf2m> gf2m_decomp_rootfind_state::find_roots(const polyn_gf2m & sigma)
{
- secure_vector<gf2m> result(sigma.get_degree());
+ const int sigma_degree = sigma.get_degree();
+ BOTAN_ASSERT(sigma_degree > 0, "Valid sigma");
+ secure_vector<gf2m> result(sigma_degree);
u32bit root_pos = 0;
this->calc_Ai_zero(sigma);
diff --git a/src/lib/pubkey/mce/gf2m_small_m.h b/src/lib/pubkey/mce/gf2m_small_m.h
index 6a8de4424..0b27a82e3 100644
--- a/src/lib/pubkey/mce/gf2m_small_m.h
+++ b/src/lib/pubkey/mce/gf2m_small_m.h
@@ -25,7 +25,7 @@ typedef u16bit gf2m;
class BOTAN_DLL GF2m_Field
{
public:
- GF2m_Field(size_t extdeg);
+ explicit GF2m_Field(size_t extdeg);
gf2m gf_mul(gf2m x, gf2m y) const
{
diff --git a/src/lib/pubkey/mce/goppa_code.cpp b/src/lib/pubkey/mce/goppa_code.cpp
index 02908aa4f..2657beee9 100644
--- a/src/lib/pubkey/mce/goppa_code.cpp
+++ b/src/lib/pubkey/mce/goppa_code.cpp
@@ -96,8 +96,9 @@ secure_vector<gf2m> goppa_decode(const polyn_gf2m & syndrom_polyn,
sigma.set_coef(2*i, sp_field->gf_square(u.get_coef(i)));
}
- const size_t v_deg = v.get_degree();
- for(size_t i = 0; i <= v_deg; ++i)
+ const int v_deg = v.get_degree();
+ BOTAN_ASSERT(v_deg > 0, "Valid degree");
+ for(int i = 0; i <= v_deg; ++i)
{
sigma.set_coef(2*i+1, sp_field->gf_square(v.get_coef(i)));
}
diff --git a/src/lib/pubkey/mce/info.txt b/src/lib/pubkey/mce/info.txt
index 1e9b848dd..bb0f06764 100644
--- a/src/lib/pubkey/mce/info.txt
+++ b/src/lib/pubkey/mce/info.txt
@@ -1,7 +1,6 @@
define MCELIECE 20150922
<header:public>
-mce_kem.h
mceliece.h
polyn_gf2m.h
gf2m_small_m.h
diff --git a/src/lib/pubkey/mce/mce_kem.cpp b/src/lib/pubkey/mce/mce_kem.cpp
deleted file mode 100644
index dede67731..000000000
--- a/src/lib/pubkey/mce/mce_kem.cpp
+++ /dev/null
@@ -1,51 +0,0 @@
-/**
- * (C) 2014 cryptosource GmbH
- * (C) 2014 Falko Strenzke [email protected]
- *
- * Botan is released under the Simplified BSD License (see license.txt)
- *
- */
-
-#include <botan/mce_kem.h>
-#include <botan/internal/mce_internal.h>
-#include <botan/sha2_64.h>
-
-namespace Botan {
-
-McEliece_KEM_Encryptor::McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key) :
- m_key(public_key)
- {
- }
-
-std::pair<secure_vector<byte>, secure_vector<byte>>
-McEliece_KEM_Encryptor::encrypt(RandomNumberGenerator& rng)
- {
- const secure_vector<byte> plaintext = m_key.random_plaintext_element(rng);
-
- secure_vector<byte> ciphertext, error_mask;
- mceliece_encrypt(ciphertext, error_mask, plaintext, m_key, rng);
-
- SHA_512 hash;
- hash.update(plaintext);
- hash.update(error_mask);
- secure_vector<byte> sym_key = hash.final();
-
- return std::make_pair(ciphertext, sym_key);
- }
-
-McEliece_KEM_Decryptor::McEliece_KEM_Decryptor(const McEliece_PrivateKey& key) : m_key(key) { }
-
-secure_vector<Botan::byte> McEliece_KEM_Decryptor::decrypt(const byte msg[], size_t msg_len)
- {
- secure_vector<byte> plaintext, error_mask;
- mceliece_decrypt(plaintext, error_mask, msg, msg_len, m_key);
-
- SHA_512 hash;
- hash.update(plaintext);
- hash.update(error_mask);
-
- secure_vector<byte> sym_key = hash.final();
- return sym_key;
- }
-
-}
diff --git a/src/lib/pubkey/mce/mce_kem.h b/src/lib/pubkey/mce/mce_kem.h
deleted file mode 100644
index cd899d568..000000000
--- a/src/lib/pubkey/mce/mce_kem.h
+++ /dev/null
@@ -1,55 +0,0 @@
-/**
- * (C) 2014 cryptosource GmbH
- * (C) 2014 Falko Strenzke [email protected]
- *
- * Botan is released under the Simplified BSD License (see license.txt)
- *
- */
-
-#ifndef BOTAN_MCE_KEM_H__
-#define BOTAN_MCE_KEM_H__
-
-#include <botan/mceliece.h>
-#include <utility>
-
-namespace Botan {
-
-class BOTAN_DLL McEliece_KEM_Encryptor
- {
- public:
- McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key);
-
- /**
- * returns the pair (mceliece ciphertext, symmetric key)
- */
- std::pair<secure_vector<byte>, secure_vector<byte>> encrypt(RandomNumberGenerator& rng);
-
- private:
- const McEliece_PublicKey& m_key;
- };
-
-class BOTAN_DLL McEliece_KEM_Decryptor
- {
- public:
- McEliece_KEM_Decryptor(const McEliece_PrivateKey& mce_key);
-
- /**
- * returns the derived 512-bit symmetric key
- */
- secure_vector<Botan::byte> decrypt(const byte msg[], size_t msg_len);
-
- /**
- * returns the derived 512-bit symmetric key
- */
- template<typename Alloc>
- secure_vector<Botan::byte> decrypt_vec(const std::vector<byte, Alloc>& v)
- {
- return decrypt(v.data(), v.size());
- }
-
- private:
- const McEliece_PrivateKey& m_key;
- };
-}
-
-#endif
diff --git a/src/lib/pubkey/mce/mceliece.h b/src/lib/pubkey/mce/mceliece.h
index ead326230..311f0f253 100644
--- a/src/lib/pubkey/mce/mceliece.h
+++ b/src/lib/pubkey/mce/mceliece.h
@@ -21,7 +21,7 @@ namespace Botan {
class BOTAN_DLL McEliece_PublicKey : public virtual Public_Key
{
public:
- McEliece_PublicKey(const std::vector<byte>& key_bits);
+ explicit McEliece_PublicKey(const std::vector<byte>& key_bits);
McEliece_PublicKey(std::vector<byte> const& pub_matrix, u32bit the_t, u32bit the_code_length) :
m_public_matrix(pub_matrix),
@@ -59,7 +59,7 @@ class BOTAN_DLL McEliece_PublicKey : public virtual Public_Key
bool operator!=(const McEliece_PublicKey& other) const { return !(*this == other); }
protected:
- McEliece_PublicKey() {}
+ McEliece_PublicKey() : m_t(0), m_code_length(0) {}
std::vector<byte> m_public_matrix;
u32bit m_t;
@@ -90,7 +90,7 @@ class BOTAN_DLL McEliece_PrivateKey : public virtual McEliece_PublicKey,
*/
McEliece_PrivateKey(RandomNumberGenerator& rng, size_t code_length, size_t t);
- McEliece_PrivateKey(const secure_vector<byte>& key_bits);
+ explicit McEliece_PrivateKey(const secure_vector<byte>& key_bits);
McEliece_PrivateKey(polyn_gf2m const& goppa_polyn,
std::vector<u32bit> const& parity_check_matrix_coeffs,
diff --git a/src/lib/pubkey/mce/mceliece_key.cpp b/src/lib/pubkey/mce/mceliece_key.cpp
index 8edbbf88a..455d1f381 100644
--- a/src/lib/pubkey/mce/mceliece_key.cpp
+++ b/src/lib/pubkey/mce/mceliece_key.cpp
@@ -4,6 +4,7 @@
*
* (C) 2014 cryptosource GmbH
* (C) 2014 Falko Strenzke [email protected]
+ * (C) 2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*
@@ -13,6 +14,8 @@
#include <botan/internal/mce_internal.h>
#include <botan/internal/bit_ops.h>
#include <botan/internal/code_based_util.h>
+#include <botan/internal/pk_ops_impl.h>
+#include <botan/internal/pk_utils.h>
#include <botan/der_enc.h>
#include <botan/ber_dec.h>
@@ -292,6 +295,68 @@ bool McEliece_PublicKey::operator==(const McEliece_PublicKey& other) const
return true;
}
+namespace {
+
+class MCE_KEM_Encryptor : public PK_Ops::KEM_Encryption_with_KDF
+ {
+ public:
+ typedef McEliece_PublicKey Key_Type;
+
+ MCE_KEM_Encryptor(const McEliece_PublicKey& key,
+ const std::string& kdf) :
+ KEM_Encryption_with_KDF(kdf), m_key(key) {}
+
+ private:
+ void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& raw_shared_key,
+ Botan::RandomNumberGenerator& rng) override
+ {
+ secure_vector<byte> plaintext = m_key.random_plaintext_element(rng);
+
+ secure_vector<byte> ciphertext, error_mask;
+ mceliece_encrypt(ciphertext, error_mask, plaintext, m_key, rng);
+
+ raw_shared_key.clear();
+ raw_shared_key += plaintext;
+ raw_shared_key += error_mask;
+
+ out_encapsulated_key.swap(ciphertext);
+ }
+
+ const McEliece_PublicKey& m_key;
+ };
+
+class MCE_KEM_Decryptor : public PK_Ops::KEM_Decryption_with_KDF
+ {
+ public:
+ typedef McEliece_PrivateKey Key_Type;
+
+ MCE_KEM_Decryptor(const McEliece_PrivateKey& key,
+ const std::string& kdf) :
+ KEM_Decryption_with_KDF(kdf), m_key(key) {}
+
+ private:
+ secure_vector<byte>
+ raw_kem_decrypt(const byte encap_key[], size_t len) override
+ {
+ secure_vector<byte> plaintext, error_mask;
+ mceliece_decrypt(plaintext, error_mask, encap_key, len, m_key);
+
+ secure_vector<byte> output;
+ output.reserve(plaintext.size() + error_mask.size());
+ output.insert(output.end(), plaintext.begin(), plaintext.end());
+ output.insert(output.end(), error_mask.begin(), error_mask.end());
+ return output;
+ }
+
+ const McEliece_PrivateKey& m_key;
+ };
+
+BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP("McEliece", MCE_KEM_Encryptor);
+BOTAN_REGISTER_PK_KEM_DECRYPTION_OP("McEliece", MCE_KEM_Decryptor);
+
+}
+
}
diff --git a/src/lib/pubkey/mce/polyn_gf2m.cpp b/src/lib/pubkey/mce/polyn_gf2m.cpp
index ec60213db..e0d1c5a65 100644
--- a/src/lib/pubkey/mce/polyn_gf2m.cpp
+++ b/src/lib/pubkey/mce/polyn_gf2m.cpp
@@ -268,7 +268,11 @@ void polyn_gf2m::remainder(polyn_gf2m &p, const polyn_gf2m & g)
if (d >= 0) {
gf2m la = msp_field->gf_inv_rn(g.get_lead_coef());
- for (i = p.get_degree(); d >= 0; --i, --d) {
+ const int p_degree = p.get_degree();
+
+ BOTAN_ASSERT(p_degree > 0, "Valid polynomial");
+
+ for (i = p_degree; d >= 0; --i, --d) {
if (p[i] != 0) {
gf2m lb = msp_field->gf_mul_rrn(la, p[i]);
for (j = 0; j < g.get_degree(); ++j)
@@ -455,6 +459,8 @@ std::pair<polyn_gf2m, polyn_gf2m> polyn_gf2m::eea_with_coefficients( const polyn
// r0 <- g, r1 <- p, u0 <- 0, u1 <- 1
dr = g.get_degree();
+ BOTAN_ASSERT(dr > 3, "Valid polynomial");
+
polyn_gf2m r0(dr, g.msp_field);
polyn_gf2m r1(dr - 1, g.msp_field);
polyn_gf2m u0(dr - 1, g.msp_field);
@@ -638,40 +644,35 @@ polyn_gf2m::polyn_gf2m(int t, Botan::RandomNumberGenerator& rng, std::shared_ptr
coeff(t+1),
msp_field(sp_field)
{
- int i;
(*this).set_coef( t, 1);
- i = 0;
- int m_deg;
+ int degree = 0;
do
{
- for (i = 0; i < t; ++i)
+ for (int i = 0; i < t; ++i)
{
(*this).set_coef( i, random_code_element(sp_field->get_cardinality(), rng));
}
- polyn_gf2m::degppf(*this, &m_deg);
+ polyn_gf2m::degppf(*this, &degree);
}
- while (m_deg < t);
+ while (degree < t);
}
void polyn_gf2m::poly_shiftmod( const polyn_gf2m & g)
{
- int i, t;
- gf2m a;
-
- if(g.get_degree() <= 0)
+ if(g.get_degree() <= 1)
{
- throw Invalid_Argument("shiftmod cannot be called on polynomials of degree 0 or less");
+ throw Invalid_Argument("shiftmod cannot be called on polynomials of degree 1 or less");
}
- std::shared_ptr<GF2m_Field> msp_field = g.msp_field;
+ std::shared_ptr<GF2m_Field> field = g.msp_field;
- t = g.get_degree();
- a = msp_field->gf_div(this->coeff[t-1], g.coeff[t]);
- for (i = t - 1; i > 0; --i)
+ int t = g.get_degree();
+ gf2m a = field->gf_div(this->coeff[t-1], g.coeff[t]);
+ for (int i = t - 1; i > 0; --i)
{
this->coeff[i] = this->coeff[i - 1] ^ this->msp_field->gf_mul(a, g.coeff[i]);
}
- this->coeff[0] = msp_field->gf_mul(a, g.coeff[0]);
+ this->coeff[0] = field->gf_mul(a, g.coeff[0]);
}
std::vector<polyn_gf2m> polyn_gf2m::sqrt_mod_init(const polyn_gf2m & g)
diff --git a/src/lib/pubkey/mce/polyn_gf2m.h b/src/lib/pubkey/mce/polyn_gf2m.h
index 5d012f27b..62264e480 100644
--- a/src/lib/pubkey/mce/polyn_gf2m.h
+++ b/src/lib/pubkey/mce/polyn_gf2m.h
@@ -27,7 +27,7 @@ struct polyn_gf2m
/**
* create a zero polynomial:
*/
- polyn_gf2m( std::shared_ptr<GF2m_Field> sp_field );
+ explicit polyn_gf2m( std::shared_ptr<GF2m_Field> sp_field );
polyn_gf2m()
:m_deg(-1)
@@ -147,8 +147,13 @@ struct polyn_gf2m
static polyn_gf2m gcd_aux(polyn_gf2m& p1, polyn_gf2m& p2);
public:
+ // public member variable:
int m_deg;
+
+ // public member variable:
secure_vector<gf2m> coeff;
+
+ // public member variable:
std::shared_ptr<GF2m_Field> msp_field;
};
diff --git a/src/lib/pubkey/mceies/info.txt b/src/lib/pubkey/mceies/info.txt
index 547e4a47a..56363fe4f 100644
--- a/src/lib/pubkey/mceies/info.txt
+++ b/src/lib/pubkey/mceies/info.txt
@@ -4,4 +4,5 @@ define MCEIES 20150706
aes
mce
ocb
+kdf1
</requires>
diff --git a/src/lib/pubkey/mceies/mceies.cpp b/src/lib/pubkey/mceies/mceies.cpp
index e83fa257e..95042e529 100644
--- a/src/lib/pubkey/mceies/mceies.cpp
+++ b/src/lib/pubkey/mceies/mceies.cpp
@@ -8,7 +8,7 @@
#include <botan/mceies.h>
#include <botan/aead.h>
#include <botan/mceliece.h>
-#include <botan/mce_kem.h>
+#include <botan/pubkey.h>
namespace Botan {
@@ -36,11 +36,10 @@ mceies_encrypt(const McEliece_PublicKey& pubkey,
RandomNumberGenerator& rng,
const std::string& algo)
{
- McEliece_KEM_Encryptor kem_op(pubkey);
+ PK_KEM_Encryptor kem_op(pubkey, "KDF1(SHA-512)");
- const std::pair<secure_vector<byte>,secure_vector<byte>> mce_ciphertext__key = kem_op.encrypt(rng);
- const secure_vector<byte>& mce_ciphertext = mce_ciphertext__key.first;
- const secure_vector<byte>& mce_key = mce_ciphertext__key.second;
+ secure_vector<byte> mce_ciphertext, mce_key;
+ kem_op.encrypt(mce_ciphertext, mce_key, 64, rng);
const size_t mce_code_bytes = (pubkey.get_code_length() + 7) / 8;
@@ -75,7 +74,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey,
{
try
{
- McEliece_KEM_Decryptor kem_op(privkey);
+ PK_KEM_Decryptor kem_op(privkey, "KDF1(SHA-512)");
const size_t mce_code_bytes = (privkey.get_code_length() + 7) / 8;
@@ -88,7 +87,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey,
if(ct_len < mce_code_bytes + nonce_len + aead->tag_size())
throw Exception("Input message too small to be valid");
- const secure_vector<byte> mce_key = kem_op.decrypt(ct, mce_code_bytes);
+ const secure_vector<byte> mce_key = kem_op.decrypt(ct, mce_code_bytes, 64);
aead->set_key(aead_key(mce_key, *aead));
aead->set_associated_data(ad, ad_len);
@@ -99,7 +98,7 @@ mceies_decrypt(const McEliece_PrivateKey& privkey,
aead->finish(pt, 0);
return pt;
}
- catch(Integrity_Failure)
+ catch(Integrity_Failure&)
{
throw;
}
diff --git a/src/lib/pubkey/nr/nr.cpp b/src/lib/pubkey/nr/nr.cpp
index ed90c2345..5e2cb1be5 100644
--- a/src/lib/pubkey/nr/nr.cpp
+++ b/src/lib/pubkey/nr/nr.cpp
@@ -24,8 +24,8 @@ NR_PublicKey::NR_PublicKey(const AlgorithmIdentifier& alg_id,
*/
NR_PublicKey::NR_PublicKey(const DL_Group& grp, const BigInt& y1)
{
- group = grp;
- y = y1;
+ m_group = grp;
+ m_y = y1;
}
/*
@@ -35,13 +35,13 @@ NR_PrivateKey::NR_PrivateKey(RandomNumberGenerator& rng,
const DL_Group& grp,
const BigInt& x_arg)
{
- group = grp;
- x = x_arg;
+ m_group = grp;
+ m_x = x_arg;
- if(x == 0)
- x = BigInt::random_integer(rng, 2, group_q() - 1);
+ if(m_x == 0)
+ m_x = BigInt::random_integer(rng, 2, group_q() - 1);
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
if(x_arg == 0)
gen_check(rng);
@@ -54,7 +54,7 @@ NR_PrivateKey::NR_PrivateKey(const AlgorithmIdentifier& alg_id,
RandomNumberGenerator& rng) :
DL_Scheme_PrivateKey(alg_id, key_bits, DL_Group::ANSI_X9_57)
{
- y = power_mod(group_g(), x, group_p());
+ m_y = power_mod(group_g(), m_x, group_p());
load_check(rng);
}
@@ -64,7 +64,7 @@ NR_PrivateKey::NR_PrivateKey(const AlgorithmIdentifier& alg_id,
*/
bool NR_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
{
- if(!DL_Scheme_PrivateKey::check_key(rng, strong) || x >= group_q())
+ if(!DL_Scheme_PrivateKey::check_key(rng, strong) || m_x >= group_q())
return false;
if(!strong)
@@ -84,24 +84,24 @@ class NR_Signature_Operation : public PK_Ops::Signature_with_EMSA
typedef NR_PrivateKey Key_Type;
NR_Signature_Operation(const NR_PrivateKey& nr, const std::string& emsa) :
PK_Ops::Signature_with_EMSA(emsa),
- q(nr.group_q()),
- x(nr.get_x()),
- powermod_g_p(nr.group_g(), nr.group_p()),
- mod_q(nr.group_q())
+ m_q(nr.group_q()),
+ m_x(nr.get_x()),
+ m_powermod_g_p(nr.group_g(), nr.group_p()),
+ m_mod_q(nr.group_q())
{
}
size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return q.bytes(); }
- size_t max_input_bits() const override { return (q.bits() - 1); }
+ size_t message_part_size() const override { return m_q.bytes(); }
+ size_t max_input_bits() const override { return (m_q.bits() - 1); }
secure_vector<byte> raw_sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) override;
private:
- const BigInt& q;
- const BigInt& x;
- Fixed_Base_Power_Mod powermod_g_p;
- Modular_Reducer mod_q;
+ const BigInt& m_q;
+ const BigInt& m_x;
+ Fixed_Base_Power_Mod m_powermod_g_p;
+ Modular_Reducer m_mod_q;
};
secure_vector<byte>
@@ -112,7 +112,7 @@ NR_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
BigInt f(msg, msg_len);
- if(f >= q)
+ if(f >= m_q)
throw Invalid_Argument("NR_Signature_Operation: Input is out of range");
BigInt c, d;
@@ -121,14 +121,14 @@ NR_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
{
BigInt k;
do
- k.randomize(rng, q.bits());
- while(k >= q);
+ k.randomize(rng, m_q.bits());
+ while(k >= m_q);
- c = mod_q.reduce(powermod_g_p(k) + f);
- d = mod_q.reduce(k - x * c);
+ c = m_mod_q.reduce(m_powermod_g_p(k) + f);
+ d = m_mod_q.reduce(k - m_x * c);
}
- secure_vector<byte> output(2*q.bytes());
+ secure_vector<byte> output(2*m_q.bytes());
c.binary_encode(&output[output.size() / 2 - c.bytes()]);
d.binary_encode(&output[output.size() - d.bytes()]);
return output;
@@ -144,33 +144,30 @@ class NR_Verification_Operation : public PK_Ops::Verification_with_EMSA
typedef NR_PublicKey Key_Type;
NR_Verification_Operation(const NR_PublicKey& nr, const std::string& emsa) :
PK_Ops::Verification_with_EMSA(emsa),
- q(nr.group_q()), y(nr.get_y())
- {
- powermod_g_p = Fixed_Base_Power_Mod(nr.group_g(), nr.group_p());
- powermod_y_p = Fixed_Base_Power_Mod(y, nr.group_p());
- mod_p = Modular_Reducer(nr.group_p());
- mod_q = Modular_Reducer(nr.group_q());
- }
+ m_q(nr.group_q()), m_y(nr.get_y()), m_powermod_g_p{Fixed_Base_Power_Mod(nr.group_g(), nr.group_p())},
+ m_powermod_y_p{Fixed_Base_Power_Mod(m_y, nr.group_p())}, m_mod_p{Modular_Reducer(nr.group_p())},
+ m_mod_q{Modular_Reducer(nr.group_q())}
+ {}
size_t message_parts() const override { return 2; }
- size_t message_part_size() const override { return q.bytes(); }
- size_t max_input_bits() const override { return (q.bits() - 1); }
+ size_t message_part_size() const override { return m_q.bytes(); }
+ size_t max_input_bits() const override { return (m_q.bits() - 1); }
bool with_recovery() const override { return true; }
secure_vector<byte> verify_mr(const byte msg[], size_t msg_len) override;
private:
- const BigInt& q;
- const BigInt& y;
+ const BigInt& m_q;
+ const BigInt& m_y;
- Fixed_Base_Power_Mod powermod_g_p, powermod_y_p;
- Modular_Reducer mod_p, mod_q;
+ Fixed_Base_Power_Mod m_powermod_g_p, m_powermod_y_p;
+ Modular_Reducer m_mod_p, m_mod_q;
};
secure_vector<byte>
NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
- const BigInt& q = mod_q.get_modulus();
+ const BigInt& q = m_mod_q.get_modulus();
if(msg_len != 2*q.bytes())
throw Invalid_Argument("NR verification: Invalid signature");
@@ -181,11 +178,11 @@ NR_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
if(c.is_zero() || c >= q || d >= q)
throw Invalid_Argument("NR verification: Invalid signature");
- auto future_y_c = std::async(std::launch::async, powermod_y_p, c);
- BigInt g_d = powermod_g_p(d);
+ auto future_y_c = std::async(std::launch::async, m_powermod_y_p, c);
+ BigInt g_d = m_powermod_g_p(d);
- BigInt i = mod_p.multiply(g_d, future_y_c.get());
- return BigInt::encode_locked(mod_q.reduce(c - i));
+ BigInt i = m_mod_p.multiply(g_d, future_y_c.get());
+ return BigInt::encode_locked(m_mod_q.reduce(c - i));
}
}
diff --git a/src/lib/pubkey/pk_keys.cpp b/src/lib/pubkey/pk_keys.cpp
index 635934037..ebaa0eb69 100644
--- a/src/lib/pubkey/pk_keys.cpp
+++ b/src/lib/pubkey/pk_keys.cpp
@@ -19,7 +19,7 @@ OID Public_Key::get_oid() const
try {
return OIDS::lookup(algo_name());
}
- catch(Lookup_Error)
+ catch(Lookup_Error&)
{
throw Lookup_Error("PK algo " + algo_name() + " has no defined OIDs");
}
diff --git a/src/lib/pubkey/pk_ops.cpp b/src/lib/pubkey/pk_ops.cpp
index bc421eb90..81b087894 100644
--- a/src/lib/pubkey/pk_ops.cpp
+++ b/src/lib/pubkey/pk_ops.cpp
@@ -129,4 +129,47 @@ bool PK_Ops::Verification_with_EMSA::is_valid_signature(const byte sig[], size_t
}
}
+void PK_Ops::KEM_Encryption_with_KDF::kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const uint8_t salt[],
+ size_t salt_len)
+ {
+ secure_vector<byte> raw_shared;
+ this->raw_kem_encrypt(out_encapsulated_key, raw_shared, rng);
+
+ out_shared_key = m_kdf->derive_key(desired_shared_key_len,
+ raw_shared.data(), raw_shared.size(),
+ salt, salt_len);
+ }
+
+PK_Ops::KEM_Encryption_with_KDF::KEM_Encryption_with_KDF(const std::string& kdf)
+ {
+ m_kdf.reset(get_kdf(kdf));
+ }
+
+PK_Ops::KEM_Encryption_with_KDF::~KEM_Encryption_with_KDF() {}
+
+secure_vector<byte>
+PK_Ops::KEM_Decryption_with_KDF::kem_decrypt(const byte encap_key[],
+ size_t len,
+ size_t desired_shared_key_len,
+ const uint8_t salt[],
+ size_t salt_len)
+ {
+ secure_vector<byte> raw_shared = this->raw_kem_decrypt(encap_key, len);
+
+ return m_kdf->derive_key(desired_shared_key_len,
+ raw_shared.data(), raw_shared.size(),
+ salt, salt_len);
+ }
+
+PK_Ops::KEM_Decryption_with_KDF::KEM_Decryption_with_KDF(const std::string& kdf)
+ {
+ m_kdf.reset(get_kdf(kdf));
+ }
+
+PK_Ops::KEM_Decryption_with_KDF::~KEM_Decryption_with_KDF() {}
+
}
diff --git a/src/lib/pubkey/pk_ops.h b/src/lib/pubkey/pk_ops.h
index 3a2a8bdb5..6fc21ea4a 100644
--- a/src/lib/pubkey/pk_ops.h
+++ b/src/lib/pubkey/pk_ops.h
@@ -47,11 +47,13 @@ typedef PK_Spec<Private_Key> PK_Spec_Private_Key;
class BOTAN_DLL Encryption
{
public:
+ typedef PK_Spec_Public_Key Spec;
+
virtual size_t max_input_bits() const = 0;
- virtual secure_vector<byte> encrypt(const byte msg[], size_t msg_len, RandomNumberGenerator& rng) = 0;
-
- typedef PK_Spec_Public_Key Spec;
+ virtual secure_vector<byte> encrypt(const byte msg[],
+ size_t msg_len,
+ RandomNumberGenerator& rng) = 0;
virtual ~Encryption() {}
};
@@ -164,6 +166,38 @@ class BOTAN_DLL Key_Agreement
virtual ~Key_Agreement() {}
};
+/**
+* KEM (key encapsulation)
+*/
+class BOTAN_DLL KEM_Encryption
+ {
+ public:
+ typedef PK_Spec_Public_Key Spec;
+
+ virtual void kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const uint8_t salt[],
+ size_t salt_len) = 0;
+
+ virtual ~KEM_Encryption() {}
+ };
+
+class BOTAN_DLL KEM_Decryption
+ {
+ public:
+ typedef PK_Spec_Private_Key Spec;
+
+ virtual secure_vector<byte> kem_decrypt(const byte encap_key[],
+ size_t len,
+ size_t desired_shared_key_len,
+ const uint8_t salt[],
+ size_t salt_len) = 0;
+
+ virtual ~KEM_Decryption() {}
+ };
+
}
}
diff --git a/src/lib/pubkey/pk_ops_impl.h b/src/lib/pubkey/pk_ops_impl.h
index f27de4af4..9be65cf21 100644
--- a/src/lib/pubkey/pk_ops_impl.h
+++ b/src/lib/pubkey/pk_ops_impl.h
@@ -23,7 +23,7 @@ class Encryption_with_EME : public Encryption
~Encryption_with_EME();
protected:
- Encryption_with_EME(const std::string& eme);
+ explicit Encryption_with_EME(const std::string& eme);
private:
virtual size_t max_raw_input_bits() const = 0;
@@ -41,7 +41,7 @@ class Decryption_with_EME : public Decryption
~Decryption_with_EME();
protected:
- Decryption_with_EME(const std::string& eme);
+ explicit Decryption_with_EME(const std::string& eme);
private:
virtual size_t max_raw_input_bits() const = 0;
virtual secure_vector<byte> raw_decrypt(const byte msg[], size_t len) = 0;
@@ -59,7 +59,7 @@ class Verification_with_EMSA : public Verification
protected:
- Verification_with_EMSA(const std::string& emsa);
+ explicit Verification_with_EMSA(const std::string& emsa);
~Verification_with_EMSA();
/**
@@ -105,7 +105,7 @@ class Signature_with_EMSA : public Signature
secure_vector<byte> sign(RandomNumberGenerator& rng) override;
protected:
- Signature_with_EMSA(const std::string& emsa);
+ explicit Signature_with_EMSA(const std::string& emsa);
~Signature_with_EMSA();
private:
@@ -132,13 +132,53 @@ class Key_Agreement_with_KDF : public Key_Agreement
const byte salt[], size_t salt_len) override;
protected:
- Key_Agreement_with_KDF(const std::string& kdf);
+ explicit Key_Agreement_with_KDF(const std::string& kdf);
~Key_Agreement_with_KDF();
private:
virtual secure_vector<byte> raw_agree(const byte w[], size_t w_len) = 0;
std::unique_ptr<KDF> m_kdf;
};
+class KEM_Encryption_with_KDF : public KEM_Encryption
+ {
+ public:
+ void kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const uint8_t salt[],
+ size_t salt_len) override;
+
+ protected:
+ virtual void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& raw_shared_key,
+ Botan::RandomNumberGenerator& rng) = 0;
+
+ explicit KEM_Encryption_with_KDF(const std::string& kdf);
+ ~KEM_Encryption_with_KDF();
+ private:
+ std::unique_ptr<KDF> m_kdf;
+ };
+
+class KEM_Decryption_with_KDF : public KEM_Decryption
+ {
+ public:
+ secure_vector<byte> kem_decrypt(const byte encap_key[],
+ size_t len,
+ size_t desired_shared_key_len,
+ const uint8_t salt[],
+ size_t salt_len) override;
+
+ protected:
+ virtual secure_vector<byte>
+ raw_kem_decrypt(const byte encap_key[], size_t len) = 0;
+
+ explicit KEM_Decryption_with_KDF(const std::string& kdf);
+ ~KEM_Decryption_with_KDF();
+ private:
+ std::unique_ptr<KDF> m_kdf;
+ };
+
}
}
diff --git a/src/lib/pubkey/pk_utils.h b/src/lib/pubkey/pk_utils.h
index 326a6ea68..04a0bf5ca 100644
--- a/src/lib/pubkey/pk_utils.h
+++ b/src/lib/pubkey/pk_utils.h
@@ -32,6 +32,9 @@ OP* make_pk_op(const typename T::Spec& spec)
#define BOTAN_REGISTER_PK_VERIFY_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::Verification, NAME, TYPE)
#define BOTAN_REGISTER_PK_KEY_AGREE_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::Key_Agreement, NAME, TYPE)
+#define BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::KEM_Encryption, NAME, TYPE)
+#define BOTAN_REGISTER_PK_KEM_DECRYPTION_OP(NAME, TYPE) BOTAN_REGISTER_PK_OP(PK_Ops::KEM_Decryption, NAME, TYPE)
+
}
#endif
diff --git a/src/lib/pubkey/pkcs8.cpp b/src/lib/pubkey/pkcs8.cpp
index 92157a196..ddf9be2f0 100644
--- a/src/lib/pubkey/pkcs8.cpp
+++ b/src/lib/pubkey/pkcs8.cpp
@@ -44,19 +44,39 @@ secure_vector<byte> PKCS8_extract(DataSource& source,
secure_vector<byte> PKCS8_decode(
DataSource& source,
std::function<std::string ()> get_passphrase,
- AlgorithmIdentifier& pk_alg_id)
+ AlgorithmIdentifier& pk_alg_id,
+ bool is_encrypted)
{
AlgorithmIdentifier pbe_alg_id;
secure_vector<byte> key_data, key;
- bool is_encrypted = true;
try {
if(ASN1::maybe_BER(source) && !PEM_Code::matches(source))
- key_data = PKCS8_extract(source, pbe_alg_id);
+ {
+ if ( is_encrypted )
+ {
+ key_data = PKCS8_extract(source, pbe_alg_id);
+ }
+ else
+ {
+ // todo read more efficiently
+ while ( !source.end_of_data() )
+ {
+ byte b;
+ size_t read = source.read_byte( b );
+ if ( read )
+ {
+ key_data.push_back( b );
+ }
+ }
+ }
+ }
else
{
std::string label;
key_data = PEM_Code::decode(source, label);
+
+ // todo remove autodetect for pem as well?
if(label == "PRIVATE KEY")
is_encrypted = false;
else if(label == "ENCRYPTED PRIVATE KEY")
@@ -133,7 +153,7 @@ namespace {
std::pair<std::string, std::string>
choose_pbe_params(const std::string& pbe_algo, const std::string& key_algo)
{
- if(pbe_algo == "")
+ if(pbe_algo.empty())
{
// Defaults:
if(key_algo == "Curve25519" || key_algo == "McEliece")
@@ -182,54 +202,79 @@ std::string PEM_encode(const Private_Key& key,
std::chrono::milliseconds msec,
const std::string& pbe_algo)
{
- if(pass == "")
+ if(pass.empty())
return PEM_encode(key);
return PEM_Code::encode(PKCS8::BER_encode(key, rng, pass, msec, pbe_algo),
"ENCRYPTED PRIVATE KEY");
}
+namespace {
+
/*
-* Extract a private key and return it
+* Extract a private key (encrypted/unencrypted) and return it
*/
Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
- std::function<std::string ()> get_pass)
+ std::function<std::string ()> get_pass,
+ bool is_encrypted)
{
AlgorithmIdentifier alg_id;
- secure_vector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id);
+ secure_vector<byte> pkcs8_key = PKCS8_decode(source, get_pass, alg_id, is_encrypted);
const std::string alg_name = OIDS::lookup(alg_id.oid);
- if(alg_name == "" || alg_name == alg_id.oid.as_string())
+ if(alg_name.empty() || alg_name == alg_id.oid.as_string())
throw PKCS8_Exception("Unknown algorithm OID: " +
alg_id.oid.as_string());
return make_private_key(alg_id, pkcs8_key, rng);
}
+}
+
/*
-* Extract a private key and return it
+* Extract an encrypted private key and return it
*/
-Private_Key* load_key(const std::string& fsname,
+Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
std::function<std::string ()> get_pass)
{
- DataSource_Stream source(fsname, true);
- return PKCS8::load_key(source, rng, get_pass);
+ return load_key(source, rng, get_pass, true);
}
/*
-* Extract a private key and return it
+* Extract an encrypted private key and return it
*/
Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
const std::string& pass)
{
- return PKCS8::load_key(source, rng, [pass]() { return pass; });
+ return load_key(source, rng, [pass]() { return pass; }, true);
+ }
+
+/*
+* Extract an unencrypted private key and return it
+*/
+Private_Key* load_key(DataSource& source,
+ RandomNumberGenerator& rng)
+ {
+ return load_key(source, rng, []() -> std::string {
+ throw PKCS8_Exception( "Internal error: Attempt to read password for unencrypted key" );}, false);
+ }
+
+/*
+* Extract an encrypted private key and return it
+*/
+Private_Key* load_key(const std::string& fsname,
+ RandomNumberGenerator& rng,
+ std::function<std::string ()> get_pass)
+ {
+ DataSource_Stream source(fsname, true);
+ return load_key(source, rng, get_pass, true);
}
/*
-* Extract a private key and return it
+* Extract an encrypted private key and return it
*/
Private_Key* load_key(const std::string& fsname,
RandomNumberGenerator& rng,
@@ -239,6 +284,17 @@ Private_Key* load_key(const std::string& fsname,
}
/*
+* Extract an unencrypted private key and return it
+*/
+Private_Key* load_key(const std::string& fsname,
+ RandomNumberGenerator& rng)
+ {
+ DataSource_Stream source(fsname, true);
+ return load_key(source, rng, []() -> std::string {
+ throw PKCS8_Exception( "Internal error: Attempt to read password for unencrypted key" );}, false);
+ }
+
+/*
* Make a copy of this private key
*/
Private_Key* copy_key(const Private_Key& key,
diff --git a/src/lib/pubkey/pkcs8.h b/src/lib/pubkey/pkcs8.h
index ac037407e..791a612df 100644
--- a/src/lib/pubkey/pkcs8.h
+++ b/src/lib/pubkey/pkcs8.h
@@ -19,7 +19,7 @@ namespace Botan {
*/
struct BOTAN_DLL PKCS8_Exception : public Decoding_Error
{
- PKCS8_Exception(const std::string& error) :
+ explicit PKCS8_Exception(const std::string& error) :
Decoding_Error("PKCS #8: " + error) {}
};
@@ -80,50 +80,62 @@ PEM_encode(const Private_Key& key,
const std::string& pbe_algo = "");
/**
-* Load a key from a data source.
+* Load an encrypted key from a data source.
* @param source the data source providing the encoded key
* @param rng the rng to use
* @param get_passphrase a function that returns passphrases
* @return loaded private key object
*/
-BOTAN_DLL Private_Key* load_key(
- DataSource& source,
- RandomNumberGenerator& rng,
- std::function<std::string ()> get_passphrase);
+BOTAN_DLL Private_Key* load_key(DataSource& source,
+ RandomNumberGenerator& rng,
+ std::function<std::string ()> get_passphrase);
-/** Load a key from a data source.
+/** Load an encrypted key from a data source.
* @param source the data source providing the encoded key
* @param rng the rng to use
-* @param pass the passphrase to decrypt the key. Provide an empty
-* string if the key is not encrypted
+* @param pass the passphrase to decrypt the key
* @return loaded private key object
*/
BOTAN_DLL Private_Key* load_key(DataSource& source,
RandomNumberGenerator& rng,
- const std::string& pass = "");
+ const std::string& pass);
+
+/** Load an unencrypted key from a data source.
+* @param source the data source providing the encoded key
+* @param rng the rng to use
+* @return loaded private key object
+*/
+BOTAN_DLL Private_Key* load_key(DataSource& source,
+ RandomNumberGenerator& rng);
/**
-* Load a key from a file.
+* Load an encrypted key from a file.
* @param filename the path to the file containing the encoded key
* @param rng the rng to use
* @param get_passphrase a function that returns passphrases
* @return loaded private key object
*/
-BOTAN_DLL Private_Key* load_key(
- const std::string& filename,
- RandomNumberGenerator& rng,
- std::function<std::string ()> get_passphrase);
+BOTAN_DLL Private_Key* load_key(const std::string& filename,
+ RandomNumberGenerator& rng,
+ std::function<std::string ()> get_passphrase);
-/** Load a key from a file.
+/** Load an encrypted key from a file.
* @param filename the path to the file containing the encoded key
* @param rng the rng to use
-* @param pass the passphrase to decrypt the key. Provide an empty
-* string if the key is not encrypted
+* @param pass the passphrase to decrypt the key
* @return loaded private key object
*/
BOTAN_DLL Private_Key* load_key(const std::string& filename,
RandomNumberGenerator& rng,
- const std::string& pass = "");
+ const std::string& pass);
+
+/** Load an unencrypted key from a file.
+* @param filename the path to the file containing the encoded key
+* @param rng the rng to use
+* @return loaded private key object
+*/
+BOTAN_DLL Private_Key* load_key(const std::string& filename,
+ RandomNumberGenerator& rng);
/**
* Copy an existing encoded key object.
diff --git a/src/lib/pubkey/pubkey.cpp b/src/lib/pubkey/pubkey.cpp
index b9923f54b..d3b711f1e 100644
--- a/src/lib/pubkey/pubkey.cpp
+++ b/src/lib/pubkey/pubkey.cpp
@@ -22,7 +22,7 @@ T* get_pk_op(const std::string& what, const Key& key, const std::string& pad,
return p;
const std::string err = what + " with " + key.algo_name() + "/" + pad + " not supported";
- if(provider != "")
+ if(!provider.empty())
throw Lookup_Error(err + " with provider " + provider);
else
throw Lookup_Error(err);
@@ -59,9 +59,51 @@ secure_vector<byte> PK_Decryptor_EME::dec(const byte msg[], size_t length) const
return m_op->decrypt(msg, length);
}
-PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key, const std::string& kdf)
+PK_KEM_Encryptor::PK_KEM_Encryptor(const Public_Key& key,
+ const std::string& param,
+ const std::string& provider)
+ {
+ m_op.reset(get_pk_op<PK_Ops::KEM_Encryption>("KEM", key, param, provider));
+ }
+
+void PK_KEM_Encryptor::encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const uint8_t salt[],
+ size_t salt_len)
+ {
+ m_op->kem_encrypt(out_encapsulated_key,
+ out_shared_key,
+ desired_shared_key_len,
+ rng,
+ salt,
+ salt_len);
+ }
+
+PK_KEM_Decryptor::PK_KEM_Decryptor(const Private_Key& key,
+ const std::string& param,
+ const std::string& provider)
+ {
+ m_op.reset(get_pk_op<PK_Ops::KEM_Decryption>("KEM", key, param, provider));
+ }
+
+secure_vector<byte> PK_KEM_Decryptor::decrypt(const byte encap_key[],
+ size_t encap_key_len,
+ size_t desired_shared_key_len,
+ const uint8_t salt[],
+ size_t salt_len)
+ {
+ return m_op->kem_decrypt(encap_key, encap_key_len,
+ desired_shared_key_len,
+ salt, salt_len);
+ }
+
+PK_Key_Agreement::PK_Key_Agreement(const Private_Key& key,
+ const std::string& kdf,
+ const std::string& provider)
{
- m_op.reset(get_pk_op<PK_Ops::Key_Agreement>("Key agreement", key, kdf));
+ m_op.reset(get_pk_op<PK_Ops::Key_Agreement>("Key agreement", key, kdf, provider));
}
SymmetricKey PK_Key_Agreement::derive_key(size_t key_len,
@@ -189,7 +231,7 @@ bool PK_Verifier::check_signature(const byte sig[], size_t length)
throw Decoding_Error("PK_Verifier: Unknown signature format " +
std::to_string(m_sig_format));
}
- catch(Invalid_Argument) { return false; }
+ catch(Invalid_Argument&) { return false; }
}
}
diff --git a/src/lib/pubkey/pubkey.h b/src/lib/pubkey/pubkey.h
index 637e522e4..bfcde2190 100644
--- a/src/lib/pubkey/pubkey.h
+++ b/src/lib/pubkey/pubkey.h
@@ -325,8 +325,11 @@ class BOTAN_DLL PK_Key_Agreement
* Construct a PK Key Agreement.
* @param key the key to use
* @param kdf name of the KDF to use (or 'Raw' for no KDF)
+ * @param provider the algo provider to use (or empty for default)
*/
- PK_Key_Agreement(const Private_Key& key, const std::string& kdf);
+ PK_Key_Agreement(const Private_Key& key,
+ const std::string& kdf,
+ const std::string& provider = "");
/*
* Perform Key Agreement Operation
@@ -438,6 +441,87 @@ class BOTAN_DLL PK_Decryptor_EME : public PK_Decryptor
std::unique_ptr<PK_Ops::Decryption> m_op;
};
+class BOTAN_DLL PK_KEM_Encryptor
+ {
+ public:
+ PK_KEM_Encryptor(const Public_Key& key,
+ const std::string& kem_param = "",
+ const std::string& provider = "");
+
+ void encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const uint8_t salt[],
+ size_t salt_len);
+
+ template<typename Alloc>
+ void encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng,
+ const std::vector<uint8_t, Alloc>& salt)
+ {
+ this->encrypt(out_encapsulated_key,
+ out_shared_key,
+ desired_shared_key_len,
+ rng,
+ salt.data(), salt.size());
+ }
+
+ void encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& out_shared_key,
+ size_t desired_shared_key_len,
+ Botan::RandomNumberGenerator& rng)
+ {
+ this->encrypt(out_encapsulated_key,
+ out_shared_key,
+ desired_shared_key_len,
+ rng,
+ nullptr,
+ 0);
+ }
+
+ private:
+ std::unique_ptr<PK_Ops::KEM_Encryption> m_op;
+ };
+
+class BOTAN_DLL PK_KEM_Decryptor
+ {
+ public:
+ PK_KEM_Decryptor(const Private_Key& key,
+ const std::string& kem_param = "",
+ const std::string& provider = "");
+
+ secure_vector<byte> decrypt(const byte encap_key[],
+ size_t encap_key_len,
+ size_t desired_shared_key_len,
+ const uint8_t salt[],
+ size_t salt_len);
+
+ secure_vector<byte> decrypt(const byte encap_key[],
+ size_t encap_key_len,
+ size_t desired_shared_key_len)
+ {
+ return this->decrypt(encap_key, encap_key_len,
+ desired_shared_key_len,
+ nullptr, 0);
+ }
+
+ template<typename Alloc1, typename Alloc2>
+ secure_vector<byte> decrypt(const std::vector<byte, Alloc1>& encap_key,
+ size_t desired_shared_key_len,
+ const std::vector<byte, Alloc2>& salt)
+ {
+ return this->decrypt(encap_key.data(), encap_key.size(),
+ desired_shared_key_len,
+ salt.data(), salt.size());
+ }
+
+ private:
+ std::unique_ptr<PK_Ops::KEM_Decryption> m_op;
+ };
+
}
#endif
diff --git a/src/lib/pubkey/rsa/rsa.cpp b/src/lib/pubkey/rsa/rsa.cpp
index 5804d0034..eb9fc2892 100644
--- a/src/lib/pubkey/rsa/rsa.cpp
+++ b/src/lib/pubkey/rsa/rsa.cpp
@@ -1,6 +1,6 @@
/*
* RSA
-* (C) 1999-2010 Jack Lloyd
+* (C) 1999-2010,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -27,19 +27,19 @@ RSA_PrivateKey::RSA_PrivateKey(RandomNumberGenerator& rng,
if(exp < 3 || exp % 2 == 0)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
- e = exp;
+ m_e = exp;
do
{
- p = random_prime(rng, (bits + 1) / 2, e);
- q = random_prime(rng, bits - p.bits(), e);
- n = p * q;
- } while(n.bits() != bits);
+ m_p = random_prime(rng, (bits + 1) / 2, m_e);
+ m_q = random_prime(rng, bits - m_p.bits(), m_e);
+ m_n = m_p * m_q;
+ } while(m_n.bits() != bits);
- d = inverse_mod(e, lcm(p - 1, q - 1));
- d1 = d % (p - 1);
- d2 = d % (q - 1);
- c = inverse_mod(q, p);
+ m_d = inverse_mod(m_e, lcm(m_p - 1, m_q - 1));
+ m_d1 = m_d % (m_p - 1);
+ m_d2 = m_d % (m_q - 1);
+ m_c = inverse_mod(m_q, m_p);
gen_check(rng);
}
@@ -55,7 +55,7 @@ bool RSA_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
if(!strong)
return true;
- if((e * d) % lcm(p - 1, q - 1) != 1)
+ if((m_e * m_d) % lcm(m_p - 1, m_q - 1) != 1)
return false;
return KeyPair::signature_consistency_check(rng, *this, "EMSA4(SHA-1)");
@@ -69,25 +69,25 @@ namespace {
class RSA_Private_Operation
{
protected:
- size_t get_max_input_bits() const { return (n.bits() - 1); }
+ size_t get_max_input_bits() const { return (m_n.bits() - 1); }
- RSA_Private_Operation(const RSA_PrivateKey& rsa) :
- n(rsa.get_n()),
- q(rsa.get_q()),
- c(rsa.get_c()),
+ explicit RSA_Private_Operation(const RSA_PrivateKey& rsa) :
+ m_n(rsa.get_n()),
+ m_q(rsa.get_q()),
+ m_c(rsa.get_c()),
m_powermod_e_n(rsa.get_e(), rsa.get_n()),
m_powermod_d1_p(rsa.get_d1(), rsa.get_p()),
m_powermod_d2_q(rsa.get_d2(), rsa.get_q()),
m_mod_p(rsa.get_p()),
- m_blinder(n,
+ m_blinder(m_n,
[this](const BigInt& k) { return m_powermod_e_n(k); },
- [this](const BigInt& k) { return inverse_mod(k, n); })
+ [this](const BigInt& k) { return inverse_mod(k, m_n); })
{
}
BigInt blinded_private_op(const BigInt& m) const
{
- if(m >= n)
+ if(m >= m_n)
throw Invalid_Argument("RSA private op - input is too large");
return m_blinder.unblind(private_op(m_blinder.blind(m)));
@@ -99,14 +99,14 @@ class RSA_Private_Operation
BigInt j2 = m_powermod_d2_q(m);
BigInt j1 = future_j1.get();
- j1 = m_mod_p.reduce(sub_mul(j1, j2, c));
+ j1 = m_mod_p.reduce(sub_mul(j1, j2, m_c));
- return mul_add(j1, q, j2);
+ return mul_add(j1, m_q, j2);
}
- const BigInt& n;
- const BigInt& q;
- const BigInt& c;
+ const BigInt& m_n;
+ const BigInt& m_q;
+ const BigInt& m_c;
Fixed_Exponent_Power_Mod m_powermod_e_n, m_powermod_d1_p, m_powermod_d2_q;
Modular_Reducer m_mod_p;
Blinder m_blinder;
@@ -133,7 +133,7 @@ class RSA_Signature_Operation : public PK_Ops::Signature_with_EMSA,
const BigInt x = blinded_private_op(m);
const BigInt c = m_powermod_e_n(x);
BOTAN_ASSERT(m == c, "RSA sign consistency check");
- return BigInt::encode_1363(x, n.bytes());
+ return BigInt::encode_1363(x, m_n.bytes());
}
};
@@ -156,33 +156,58 @@ class RSA_Decryption_Operation : public PK_Ops::Decryption_with_EME,
const BigInt m(msg, msg_len);
const BigInt x = blinded_private_op(m);
const BigInt c = m_powermod_e_n(x);
- BOTAN_ASSERT(m == c, "RSA sign consistency check");
+ BOTAN_ASSERT(m == c, "RSA decrypt consistency check");
return BigInt::encode_locked(x);
}
};
+class RSA_KEM_Decryption_Operation : public PK_Ops::KEM_Decryption_with_KDF,
+ private RSA_Private_Operation
+ {
+ public:
+ typedef RSA_PrivateKey Key_Type;
+
+ RSA_KEM_Decryption_Operation(const RSA_PrivateKey& key,
+ const std::string& kdf) :
+ PK_Ops::KEM_Decryption_with_KDF(kdf),
+ RSA_Private_Operation(key)
+ {}
+
+ secure_vector<byte>
+ raw_kem_decrypt(const byte encap_key[], size_t len) override
+ {
+ const BigInt m(encap_key, len);
+ const BigInt x = blinded_private_op(m);
+ const BigInt c = m_powermod_e_n(x);
+ BOTAN_ASSERT(m == c, "RSA KEM consistency check");
+ return BigInt::encode_1363(x, m_n.bytes());
+ }
+ };
+
/**
* RSA public (encrypt/verify) operation
*/
class RSA_Public_Operation
{
public:
- RSA_Public_Operation(const RSA_PublicKey& rsa) :
- n(rsa.get_n()), powermod_e_n(rsa.get_e(), rsa.get_n())
+ explicit RSA_Public_Operation(const RSA_PublicKey& rsa) :
+ m_n(rsa.get_n()), m_powermod_e_n(rsa.get_e(), rsa.get_n())
{}
- size_t get_max_input_bits() const { return (n.bits() - 1); }
+ size_t get_max_input_bits() const { return (m_n.bits() - 1); }
protected:
BigInt public_op(const BigInt& m) const
{
- if(m >= n)
+ if(m >= m_n)
throw Invalid_Argument("RSA public op - input is too large");
- return powermod_e_n(m);
+ return m_powermod_e_n(m);
}
- const BigInt& n;
- Fixed_Exponent_Power_Mod powermod_e_n;
+ const BigInt& get_n() const { return m_n; }
+
+ const BigInt& m_n;
+ Fixed_Exponent_Power_Mod m_powermod_e_n;
};
class RSA_Encryption_Operation : public PK_Ops::Encryption_with_EME,
@@ -203,7 +228,7 @@ class RSA_Encryption_Operation : public PK_Ops::Encryption_with_EME,
RandomNumberGenerator&) override
{
BigInt m(msg, msg_len);
- return BigInt::encode_1363(public_op(m), n.bytes());
+ return BigInt::encode_1363(public_op(m), m_n.bytes());
}
};
@@ -230,11 +255,40 @@ class RSA_Verify_Operation : public PK_Ops::Verification_with_EMSA,
}
};
+class RSA_KEM_Encryption_Operation : public PK_Ops::KEM_Encryption_with_KDF,
+ private RSA_Public_Operation
+ {
+ public:
+ typedef RSA_PublicKey Key_Type;
+
+ RSA_KEM_Encryption_Operation(const RSA_PublicKey& key,
+ const std::string& kdf) :
+ PK_Ops::KEM_Encryption_with_KDF(kdf),
+ RSA_Public_Operation(key) {}
+
+ private:
+ void raw_kem_encrypt(secure_vector<byte>& out_encapsulated_key,
+ secure_vector<byte>& raw_shared_key,
+ Botan::RandomNumberGenerator& rng) override
+ {
+ const BigInt r = BigInt::random_integer(rng, 1, get_n());
+ const BigInt c = public_op(r);
+
+ out_encapsulated_key = BigInt::encode_locked(c);
+ raw_shared_key = BigInt::encode_locked(r);
+ }
+ };
+
+
BOTAN_REGISTER_PK_ENCRYPTION_OP("RSA", RSA_Encryption_Operation);
BOTAN_REGISTER_PK_DECRYPTION_OP("RSA", RSA_Decryption_Operation);
+
BOTAN_REGISTER_PK_SIGNATURE_OP("RSA", RSA_Signature_Operation);
BOTAN_REGISTER_PK_VERIFY_OP("RSA", RSA_Verify_Operation);
+BOTAN_REGISTER_PK_KEM_ENCRYPTION_OP("RSA", RSA_KEM_Encryption_Operation);
+BOTAN_REGISTER_PK_KEM_DECRYPTION_OP("RSA", RSA_KEM_Decryption_Operation);
+
}
}
diff --git a/src/lib/pubkey/rw/rw.cpp b/src/lib/pubkey/rw/rw.cpp
index aa92578af..bf6b647a1 100644
--- a/src/lib/pubkey/rw/rw.cpp
+++ b/src/lib/pubkey/rw/rw.cpp
@@ -28,19 +28,19 @@ RW_PrivateKey::RW_PrivateKey(RandomNumberGenerator& rng,
if(exp < 2 || exp % 2 == 1)
throw Invalid_Argument(algo_name() + ": Invalid encryption exponent");
- e = exp;
+ m_e = exp;
do
{
- p = random_prime(rng, (bits + 1) / 2, e / 2, 3, 4);
- q = random_prime(rng, bits - p.bits(), e / 2, ((p % 8 == 3) ? 7 : 3), 8);
- n = p * q;
- } while(n.bits() != bits);
+ m_p = random_prime(rng, (bits + 1) / 2, m_e / 2, 3, 4);
+ m_q = random_prime(rng, bits - m_p.bits(), m_e / 2, ((m_p % 8 == 3) ? 7 : 3), 8);
+ m_n = m_p * m_q;
+ } while(m_n.bits() != bits);
- d = inverse_mod(e, lcm(p - 1, q - 1) >> 1);
- d1 = d % (p - 1);
- d2 = d % (q - 1);
- c = inverse_mod(q, p);
+ m_d = inverse_mod(m_e, lcm(m_p - 1, m_q - 1) >> 1);
+ m_d1 = m_d % (m_p - 1);
+ m_d2 = m_d % (m_q - 1);
+ m_c = inverse_mod(m_q, m_p);
gen_check(rng);
}
@@ -56,7 +56,7 @@ bool RW_PrivateKey::check_key(RandomNumberGenerator& rng, bool strong) const
if(!strong)
return true;
- if((e * d) % (lcm(p - 1, q - 1) / 2) != 1)
+ if((m_e * m_d) % (lcm(m_p - 1, m_q - 1) / 2) != 1)
return false;
return KeyPair::signature_consistency_check(rng, *this, "EMSA2(SHA-1)");
@@ -75,32 +75,32 @@ class RW_Signature_Operation : public PK_Ops::Signature_with_EMSA
RW_Signature_Operation(const RW_PrivateKey& rw,
const std::string& emsa) :
PK_Ops::Signature_with_EMSA(emsa),
- n(rw.get_n()),
- e(rw.get_e()),
- q(rw.get_q()),
- c(rw.get_c()),
- powermod_d1_p(rw.get_d1(), rw.get_p()),
- powermod_d2_q(rw.get_d2(), rw.get_q()),
- mod_p(rw.get_p()),
- blinder(n,
- [this](const BigInt& k) { return power_mod(k, e, n); },
- [this](const BigInt& k) { return inverse_mod(k, n); })
+ m_n(rw.get_n()),
+ m_e(rw.get_e()),
+ m_q(rw.get_q()),
+ m_c(rw.get_c()),
+ m_powermod_d1_p(rw.get_d1(), rw.get_p()),
+ m_powermod_d2_q(rw.get_d2(), rw.get_q()),
+ m_mod_p(rw.get_p()),
+ m_blinder(m_n,
+ [this](const BigInt& k) { return power_mod(k, m_e, m_n); },
+ [this](const BigInt& k) { return inverse_mod(k, m_n); })
{
}
- size_t max_input_bits() const override { return (n.bits() - 1); }
+ size_t max_input_bits() const override { return (m_n.bits() - 1); }
secure_vector<byte> raw_sign(const byte msg[], size_t msg_len,
RandomNumberGenerator& rng) override;
private:
- const BigInt& n;
- const BigInt& e;
- const BigInt& q;
- const BigInt& c;
-
- Fixed_Exponent_Power_Mod powermod_d1_p, powermod_d2_q;
- Modular_Reducer mod_p;
- Blinder blinder;
+ const BigInt& m_n;
+ const BigInt& m_e;
+ const BigInt& m_q;
+ const BigInt& m_c;
+
+ Fixed_Exponent_Power_Mod m_powermod_d1_p, m_powermod_d2_q;
+ Modular_Reducer m_mod_p;
+ Blinder m_blinder;
};
secure_vector<byte>
@@ -109,23 +109,23 @@ RW_Signature_Operation::raw_sign(const byte msg[], size_t msg_len,
{
BigInt i(msg, msg_len);
- if(i >= n || i % 16 != 12)
+ if(i >= m_n || i % 16 != 12)
throw Invalid_Argument("Rabin-Williams: invalid input");
- if(jacobi(i, n) != 1)
+ if(jacobi(i, m_n) != 1)
i >>= 1;
- i = blinder.blind(i);
+ i = m_blinder.blind(i);
- auto future_j1 = std::async(std::launch::async, powermod_d1_p, i);
- const BigInt j2 = powermod_d2_q(i);
+ auto future_j1 = std::async(std::launch::async, m_powermod_d1_p, i);
+ const BigInt j2 = m_powermod_d2_q(i);
BigInt j1 = future_j1.get();
- j1 = mod_p.reduce(sub_mul(j1, j2, c));
+ j1 = m_mod_p.reduce(sub_mul(j1, j2, m_c));
- const BigInt r = blinder.unblind(mul_add(j1, q, j2));
+ const BigInt r = m_blinder.unblind(mul_add(j1, m_q, j2));
- return BigInt::encode_1363(std::min(r, n - r), n.bytes());
+ return BigInt::encode_1363(std::min(r, m_n - r), m_n.bytes());
}
/**
@@ -138,17 +138,17 @@ class RW_Verification_Operation : public PK_Ops::Verification_with_EMSA
RW_Verification_Operation(const RW_PublicKey& rw, const std::string& emsa) :
PK_Ops::Verification_with_EMSA(emsa),
- n(rw.get_n()), powermod_e_n(rw.get_e(), rw.get_n())
+ m_n(rw.get_n()), m_powermod_e_n(rw.get_e(), rw.get_n())
{}
- size_t max_input_bits() const override { return (n.bits() - 1); }
+ size_t max_input_bits() const override { return (m_n.bits() - 1); }
bool with_recovery() const override { return true; }
secure_vector<byte> verify_mr(const byte msg[], size_t msg_len) override;
private:
- const BigInt& n;
- Fixed_Exponent_Power_Mod powermod_e_n;
+ const BigInt& m_n;
+ Fixed_Exponent_Power_Mod m_powermod_e_n;
};
secure_vector<byte>
@@ -156,16 +156,16 @@ RW_Verification_Operation::verify_mr(const byte msg[], size_t msg_len)
{
BigInt m(msg, msg_len);
- if((m > (n >> 1)) || m.is_negative())
+ if((m > (m_n >> 1)) || m.is_negative())
throw Invalid_Argument("RW signature verification: m > n / 2 || m < 0");
- BigInt r = powermod_e_n(m);
+ BigInt r = m_powermod_e_n(m);
if(r % 16 == 12)
return BigInt::encode_locked(r);
if(r % 8 == 6)
return BigInt::encode_locked(2*r);
- r = n - r;
+ r = m_n - r;
if(r % 16 == 12)
return BigInt::encode_locked(r);
if(r % 8 == 6)
diff --git a/src/lib/rng/hmac_rng/hmac_rng.cpp b/src/lib/rng/hmac_rng/hmac_rng.cpp
index f5a782526..0b80de7bd 100644
--- a/src/lib/rng/hmac_rng/hmac_rng.cpp
+++ b/src/lib/rng/hmac_rng/hmac_rng.cpp
@@ -1,12 +1,13 @@
/*
* HMAC_RNG
-* (C) 2008,2009,2013,2015 Jack Lloyd
+* (C) 2008,2009,2013,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/hmac_rng.h>
#include <botan/entropy_src.h>
+#include <botan/internal/os_utils.h>
#include <algorithm>
#include <chrono>
@@ -69,10 +70,10 @@ void HMAC_RNG::clear()
void HMAC_RNG::new_K_value(byte label)
{
- typedef std::chrono::high_resolution_clock clock;
-
m_prf->update(m_K);
- m_prf->update_be(clock::now().time_since_epoch().count());
+ m_prf->update_be(m_pid);
+ m_prf->update_be(OS::get_processor_timestamp());
+ m_prf->update_be(OS::get_system_timestamp_ns());
m_prf->update_be(m_counter++);
m_prf->update(label);
m_prf->final(m_K.data());
@@ -83,7 +84,7 @@ void HMAC_RNG::new_K_value(byte label)
*/
void HMAC_RNG::randomize(byte out[], size_t length)
{
- if(!is_seeded())
+ if(!is_seeded() || m_pid != OS::get_process_id())
{
reseed(256);
if(!is_seeded())
@@ -168,6 +169,7 @@ size_t HMAC_RNG::reseed_with_sources(Entropy_Sources& srcs,
m_extractor->output_length() * 8);
m_output_since_reseed = 0;
+ m_pid = OS::get_process_id();
return static_cast<size_t>(bits_collected);
}
diff --git a/src/lib/rng/hmac_rng/hmac_rng.h b/src/lib/rng/hmac_rng/hmac_rng.h
index 1e38daa08..95ae25e39 100644
--- a/src/lib/rng/hmac_rng/hmac_rng.h
+++ b/src/lib/rng/hmac_rng/hmac_rng.h
@@ -60,6 +60,7 @@ class BOTAN_DLL HMAC_RNG : public RandomNumberGenerator
secure_vector<byte> m_K;
u32bit m_counter = 0;
+ u32bit m_pid = 0;
};
}
diff --git a/src/lib/rng/rng.h b/src/lib/rng/rng.h
index 23e974b92..2e29a713c 100644
--- a/src/lib/rng/rng.h
+++ b/src/lib/rng/rng.h
@@ -61,18 +61,6 @@ class BOTAN_DLL RandomNumberGenerator
}
/**
- * Return a value in range [0,2^bits)
- */
- u64bit gen_mask(size_t bits)
- {
- if(bits == 0 || bits > 64)
- throw Invalid_Argument("RandomNumberGenerator::gen_mask invalid argument");
-
- const u64bit mask = ((1 << bits) - 1);
- return this->get_random<u64bit>() & mask;
- }
-
- /**
* Return a random byte
* @return random byte
*/
@@ -211,7 +199,7 @@ class BOTAN_DLL Serialized_RNG : public RandomNumberGenerator
}
Serialized_RNG() : m_rng(RandomNumberGenerator::make_rng()) {}
- Serialized_RNG(RandomNumberGenerator* rng) : m_rng(rng) {}
+ explicit Serialized_RNG(RandomNumberGenerator* rng) : m_rng(rng) {}
private:
mutable std::mutex m_mutex;
std::unique_ptr<RandomNumberGenerator> m_rng;
diff --git a/src/lib/stream/chacha/chacha.h b/src/lib/stream/chacha/chacha.h
index df6e1c9c0..92f8ef035 100644
--- a/src/lib/stream/chacha/chacha.h
+++ b/src/lib/stream/chacha/chacha.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DJB's ChaCha (http://cr.yp.to/chacha.html)
*/
-class BOTAN_DLL ChaCha : public StreamCipher
+class BOTAN_DLL ChaCha final : public StreamCipher
{
public:
void cipher(const byte in[], byte out[], size_t length) override;
diff --git a/src/lib/stream/ctr/ctr.h b/src/lib/stream/ctr/ctr.h
index f59f06d5f..8e931605c 100644
--- a/src/lib/stream/ctr/ctr.h
+++ b/src/lib/stream/ctr/ctr.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* CTR-BE (Counter mode, big-endian)
*/
-class BOTAN_DLL CTR_BE : public StreamCipher
+class BOTAN_DLL CTR_BE final : public StreamCipher
{
public:
void cipher(const byte in[], byte out[], size_t length) override;
@@ -43,7 +43,7 @@ class BOTAN_DLL CTR_BE : public StreamCipher
/**
* @param cipher the underlying block cipher to use
*/
- CTR_BE(BlockCipher* cipher);
+ explicit CTR_BE(BlockCipher* cipher);
private:
void key_schedule(const byte key[], size_t key_len) override;
void increment_counter();
diff --git a/src/lib/stream/ofb/ofb.h b/src/lib/stream/ofb/ofb.h
index 32dc199bc..fecd47d9d 100644
--- a/src/lib/stream/ofb/ofb.h
+++ b/src/lib/stream/ofb/ofb.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* Output Feedback Mode
*/
-class BOTAN_DLL OFB : public StreamCipher
+class BOTAN_DLL OFB final : public StreamCipher
{
public:
void cipher(const byte in[], byte out[], size_t length) override;
@@ -43,7 +43,7 @@ class BOTAN_DLL OFB : public StreamCipher
/**
* @param cipher the underlying block cipher to use
*/
- OFB(BlockCipher* cipher);
+ explicit OFB(BlockCipher* cipher);
private:
void key_schedule(const byte key[], size_t key_len) override;
diff --git a/src/lib/stream/rc4/rc4.cpp b/src/lib/stream/rc4/rc4.cpp
index 6146e2818..895f38091 100644
--- a/src/lib/stream/rc4/rc4.cpp
+++ b/src/lib/stream/rc4/rc4.cpp
@@ -23,16 +23,16 @@ RC4* RC4::make(const Spec& spec)
*/
void RC4::cipher(const byte in[], byte out[], size_t length)
{
- while(length >= buffer.size() - position)
+ while(length >= m_buffer.size() - m_position)
{
- xor_buf(out, in, &buffer[position], buffer.size() - position);
- length -= (buffer.size() - position);
- in += (buffer.size() - position);
- out += (buffer.size() - position);
+ xor_buf(out, in, &m_buffer[m_position], m_buffer.size() - m_position);
+ length -= (m_buffer.size() - m_position);
+ in += (m_buffer.size() - m_position);
+ out += (m_buffer.size() - m_position);
generate();
}
- xor_buf(out, in, &buffer[position], length);
- position += length;
+ xor_buf(out, in, &m_buffer[m_position], length);
+ m_position += length;
}
/*
@@ -41,26 +41,26 @@ void RC4::cipher(const byte in[], byte out[], size_t length)
void RC4::generate()
{
byte SX, SY;
- for(size_t i = 0; i != buffer.size(); i += 4)
+ for(size_t i = 0; i != m_buffer.size(); i += 4)
{
- SX = state[X+1]; Y = (Y + SX) % 256; SY = state[Y];
- state[X+1] = SY; state[Y] = SX;
- buffer[i] = state[(SX + SY) % 256];
-
- SX = state[X+2]; Y = (Y + SX) % 256; SY = state[Y];
- state[X+2] = SY; state[Y] = SX;
- buffer[i+1] = state[(SX + SY) % 256];
-
- SX = state[X+3]; Y = (Y + SX) % 256; SY = state[Y];
- state[X+3] = SY; state[Y] = SX;
- buffer[i+2] = state[(SX + SY) % 256];
-
- X = (X + 4) % 256;
- SX = state[X]; Y = (Y + SX) % 256; SY = state[Y];
- state[X] = SY; state[Y] = SX;
- buffer[i+3] = state[(SX + SY) % 256];
+ SX = m_state[m_X+1]; m_Y = (m_Y + SX) % 256; SY = m_state[m_Y];
+ m_state[m_X+1] = SY; m_state[m_Y] = SX;
+ m_buffer[i] = m_state[(SX + SY) % 256];
+
+ SX = m_state[m_X+2]; m_Y = (m_Y + SX) % 256; SY = m_state[m_Y];
+ m_state[m_X+2] = SY; m_state[m_Y] = SX;
+ m_buffer[i+1] = m_state[(SX + SY) % 256];
+
+ SX = m_state[m_X+3]; m_Y = (m_Y + SX) % 256; SY = m_state[m_Y];
+ m_state[m_X+3] = SY; m_state[m_Y] = SX;
+ m_buffer[i+2] = m_state[(SX + SY) % 256];
+
+ m_X = (m_X + 4) % 256;
+ SX = m_state[m_X]; m_Y = (m_Y + SX) % 256; SY = m_state[m_Y];
+ m_state[m_X] = SY; m_state[m_Y] = SX;
+ m_buffer[i+3] = m_state[(SX + SY) % 256];
}
- position = 0;
+ m_position = 0;
}
/*
@@ -68,24 +68,24 @@ void RC4::generate()
*/
void RC4::key_schedule(const byte key[], size_t length)
{
- state.resize(256);
- buffer.resize(256);
+ m_state.resize(256);
+ m_buffer.resize(256);
- position = X = Y = 0;
+ m_position = m_X = m_Y = 0;
for(size_t i = 0; i != 256; ++i)
- state[i] = static_cast<byte>(i);
+ m_state[i] = static_cast<byte>(i);
for(size_t i = 0, state_index = 0; i != 256; ++i)
{
- state_index = (state_index + key[i % length] + state[i]) % 256;
- std::swap(state[i], state[state_index]);
+ state_index = (state_index + key[i % length] + m_state[i]) % 256;
+ std::swap(m_state[i], m_state[state_index]);
}
- for(size_t i = 0; i <= SKIP; i += buffer.size())
+ for(size_t i = 0; i <= m_SKIP; i += m_buffer.size())
generate();
- position += (SKIP % buffer.size());
+ m_position += (m_SKIP % m_buffer.size());
}
/*
@@ -93,9 +93,9 @@ void RC4::key_schedule(const byte key[], size_t length)
*/
std::string RC4::name() const
{
- if(SKIP == 0) return "RC4";
- if(SKIP == 256) return "MARK-4";
- else return "RC4_skip(" + std::to_string(SKIP) + ")";
+ if(m_SKIP == 0) return "RC4";
+ if(m_SKIP == 256) return "MARK-4";
+ else return "RC4_skip(" + std::to_string(m_SKIP) + ")";
}
/*
@@ -103,14 +103,14 @@ std::string RC4::name() const
*/
void RC4::clear()
{
- zap(state);
- zap(buffer);
- position = X = Y = 0;
+ zap(m_state);
+ zap(m_buffer);
+ m_position = m_X = m_Y = 0;
}
/*
* RC4 Constructor
*/
-RC4::RC4(size_t s) : SKIP(s), X(0), Y(0) {}
+RC4::RC4(size_t s) : m_SKIP(s) {}
}
diff --git a/src/lib/stream/rc4/rc4.h b/src/lib/stream/rc4/rc4.h
index 60c9450b4..f166a2772 100644
--- a/src/lib/stream/rc4/rc4.h
+++ b/src/lib/stream/rc4/rc4.h
@@ -16,7 +16,7 @@ namespace Botan {
/**
* RC4 stream cipher
*/
-class BOTAN_DLL RC4 : public StreamCipher
+class BOTAN_DLL RC4 final : public StreamCipher
{
public:
void cipher(const byte in[], byte out[], size_t length) override;
@@ -24,7 +24,7 @@ class BOTAN_DLL RC4 : public StreamCipher
void clear() override;
std::string name() const override;
- StreamCipher* clone() const override { return new RC4(SKIP); }
+ StreamCipher* clone() const override { return new RC4(m_SKIP); }
Key_Length_Specification key_spec() const override
{
@@ -36,20 +36,19 @@ class BOTAN_DLL RC4 : public StreamCipher
/**
* @param skip skip this many initial bytes in the keystream
*/
- RC4(size_t skip = 0);
+ explicit RC4(size_t skip = 0);
~RC4() { clear(); }
private:
void key_schedule(const byte[], size_t) override;
void generate();
- const size_t SKIP;
-
- byte X, Y;
- secure_vector<byte> state;
-
- secure_vector<byte> buffer;
- size_t position;
+ const size_t m_SKIP;
+ byte m_X = 0;
+ byte m_Y = 0;
+ secure_vector<byte> m_state;
+ secure_vector<byte> m_buffer;
+ size_t m_position = 0;
};
}
diff --git a/src/lib/stream/salsa20/salsa20.h b/src/lib/stream/salsa20/salsa20.h
index a5e7a1f14..7e75470da 100644
--- a/src/lib/stream/salsa20/salsa20.h
+++ b/src/lib/stream/salsa20/salsa20.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* DJB's Salsa20 (and XSalsa20)
*/
-class BOTAN_DLL Salsa20 : public StreamCipher
+class BOTAN_DLL Salsa20 final : public StreamCipher
{
public:
void cipher(const byte in[], byte out[], size_t length) override;
diff --git a/src/lib/stream/stream_cipher.cpp b/src/lib/stream/stream_cipher.cpp
index 060e65d86..03ef5e329 100644
--- a/src/lib/stream/stream_cipher.cpp
+++ b/src/lib/stream/stream_cipher.cpp
@@ -33,7 +33,7 @@ namespace Botan {
std::unique_ptr<StreamCipher> StreamCipher::create(const std::string& algo_spec,
const std::string& provider)
{
- return std::unique_ptr<StreamCipher>(make_a<StreamCipher>(algo_spec, provider));
+ return std::unique_ptr<StreamCipher>(make_a<StreamCipher>(Botan::StreamCipher::Spec(algo_spec), provider));
}
std::vector<std::string> StreamCipher::providers(const std::string& algo_spec)
diff --git a/src/lib/tls/info.txt b/src/lib/tls/info.txt
index 1b0cf1415..a43d5619a 100644
--- a/src/lib/tls/info.txt
+++ b/src/lib/tls/info.txt
@@ -25,7 +25,6 @@ tls_extensions.h
tls_handshake_hash.h
tls_handshake_io.h
tls_handshake_state.h
-tls_heartbeats.h
tls_messages.h
tls_reader.h
tls_record.h
@@ -51,6 +50,5 @@ rng
rsa
sha1
sha2_32
-srp6
x509
</requires>
diff --git a/src/lib/tls/msg_cert_req.cpp b/src/lib/tls/msg_cert_req.cpp
index aaaf754c8..4fd528148 100644
--- a/src/lib/tls/msg_cert_req.cpp
+++ b/src/lib/tls/msg_cert_req.cpp
@@ -89,7 +89,7 @@ Certificate_Req::Certificate_Req(const std::vector<byte>& buf,
{
const std::string cert_type_name = cert_type_code_to_name(cert_type_codes[i]);
- if(cert_type_name == "") // something we don't know
+ if(cert_type_name.empty()) // something we don't know
continue;
m_cert_key_types.push_back(cert_type_name);
diff --git a/src/lib/tls/msg_cert_verify.cpp b/src/lib/tls/msg_cert_verify.cpp
index 74565e29b..0d157dc57 100644
--- a/src/lib/tls/msg_cert_verify.cpp
+++ b/src/lib/tls/msg_cert_verify.cpp
@@ -59,7 +59,7 @@ std::vector<byte> Certificate_Verify::serialize() const
{
std::vector<byte> buf;
- if(m_hash_algo != "" && m_sig_algo != "")
+ if(!m_hash_algo.empty() && !m_sig_algo.empty())
{
buf.push_back(Signature_Algorithms::hash_algo_code(m_hash_algo));
buf.push_back(Signature_Algorithms::sig_algo_code(m_sig_algo));
@@ -77,12 +77,14 @@ std::vector<byte> Certificate_Verify::serialize() const
* Verify a Certificate Verify message
*/
bool Certificate_Verify::verify(const X509_Certificate& cert,
- const Handshake_State& state) const
+ const Handshake_State& state,
+ const Policy& policy) const
{
std::unique_ptr<Public_Key> key(cert.subject_public_key());
std::pair<std::string, Signature_Format> format =
- state.understand_sig_format(*key.get(), m_hash_algo, m_sig_algo);
+ state.parse_sig_format(*key.get(), m_hash_algo, m_sig_algo,
+ true, policy);
PK_Verifier verifier(*key, format.first, format.second);
diff --git a/src/lib/tls/msg_certificate.cpp b/src/lib/tls/msg_certificate.cpp
index f0ccc5328..5be9379bd 100644
--- a/src/lib/tls/msg_certificate.cpp
+++ b/src/lib/tls/msg_certificate.cpp
@@ -71,8 +71,10 @@ std::vector<byte> Certificate::serialize() const
{
std::vector<byte> raw_cert = m_certs[i].BER_encode();
const size_t cert_size = raw_cert.size();
- for(size_t i = 0; i != 3; ++i)
- buf.push_back(get_byte<u32bit>(i+1, cert_size));
+ for(size_t j = 0; j != 3; ++j)
+ {
+ buf.push_back(get_byte<u32bit>(j+1, cert_size));
+ }
buf += raw_cert;
}
diff --git a/src/lib/tls/msg_client_hello.cpp b/src/lib/tls/msg_client_hello.cpp
index ce20d6781..23807215f 100644
--- a/src/lib/tls/msg_client_hello.cpp
+++ b/src/lib/tls/msg_client_hello.cpp
@@ -1,6 +1,6 @@
/*
* TLS Hello Request and Client Hello Messages
-* (C) 2004-2011,2015 Jack Lloyd
+* (C) 2004-2011,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -80,15 +80,13 @@ Client_Hello::Client_Hello(Handshake_IO& io,
m_suites(policy.ciphersuite_list(m_version, (srp_identifier != ""))),
m_comp_methods(policy.compression())
{
+ m_extensions.add(new Extended_Master_Secret);
m_extensions.add(new Renegotiation_Extension(reneg_info));
- m_extensions.add(new SRP_Identifier(srp_identifier));
+
m_extensions.add(new Server_Name_Indicator(hostname));
m_extensions.add(new Session_Ticket());
m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves()));
- if(policy.negotiate_heartbeat_support())
- m_extensions.add(new Heartbeat_Support_Indicator(true));
-
if(m_version.supports_negotiable_signature_algorithms())
m_extensions.add(new Signature_Algorithms(policy.allowed_signature_hashes(),
policy.allowed_signature_methods()));
@@ -99,6 +97,15 @@ Client_Hello::Client_Hello(Handshake_IO& io,
if(reneg_info.empty() && !next_protocols.empty())
m_extensions.add(new Application_Layer_Protocol_Notification(next_protocols));
+#if defined(BOTAN_HAS_SRP6)
+ m_extensions.add(new SRP_Identifier(srp_identifier));
+#else
+ if(!srp_identifier.empty())
+ {
+ throw Invalid_State("Attempting to initiate SRP session but TLS-SRP support disabled");
+ }
+#endif
+
BOTAN_ASSERT(policy.acceptable_protocol_version(version),
"Our policy accepts the version we are offering");
@@ -130,18 +137,18 @@ Client_Hello::Client_Hello(Handshake_IO& io,
if(!value_exists(m_comp_methods, session.compression_method()))
m_comp_methods.push_back(session.compression_method());
+ /*
+ We always add the EMS extension, even if not used in the original session.
+ If the server understands it and follows the RFC it should reject our resume
+ attempt and upgrade us to a new session with the EMS protection.
+ */
+ m_extensions.add(new Extended_Master_Secret);
+
m_extensions.add(new Renegotiation_Extension(reneg_info));
- m_extensions.add(new SRP_Identifier(session.srp_identifier()));
m_extensions.add(new Server_Name_Indicator(session.server_info().hostname()));
m_extensions.add(new Session_Ticket(session.session_ticket()));
m_extensions.add(new Supported_Elliptic_Curves(policy.allowed_ecc_curves()));
- if(policy.negotiate_heartbeat_support())
- m_extensions.add(new Heartbeat_Support_Indicator(true));
-
- if(session.fragment_size() != 0)
- m_extensions.add(new Maximum_Fragment_Length(session.fragment_size()));
-
if(m_version.supports_negotiable_signature_algorithms())
m_extensions.add(new Signature_Algorithms(policy.allowed_signature_hashes(),
policy.allowed_signature_methods()));
@@ -149,6 +156,15 @@ Client_Hello::Client_Hello(Handshake_IO& io,
if(reneg_info.empty() && !next_protocols.empty())
m_extensions.add(new Application_Layer_Protocol_Notification(next_protocols));
+#if defined(BOTAN_HAS_SRP6)
+ m_extensions.add(new SRP_Identifier(session.srp_identifier()));
+#else
+ if(!session.srp_identifier().empty())
+ {
+ throw Invalid_State("Attempting to resume SRP session but TLS-SRP support disabled");
+ }
+#endif
+
hash.update(io.send(*this));
}
diff --git a/src/lib/tls/msg_client_kex.cpp b/src/lib/tls/msg_client_kex.cpp
index 7ce9b9df2..4bec9f3be 100644
--- a/src/lib/tls/msg_client_kex.cpp
+++ b/src/lib/tls/msg_client_kex.cpp
@@ -10,14 +10,19 @@
#include <botan/internal/tls_extensions.h>
#include <botan/internal/tls_handshake_io.h>
#include <botan/credentials_manager.h>
+#include <botan/rng.h>
+#include <botan/loadstor.h>
+#include <botan/internal/ct_utils.h>
+
#include <botan/pubkey.h>
+
#include <botan/dh.h>
#include <botan/ecdh.h>
#include <botan/rsa.h>
+
+#if defined(BOTAN_HAS_SRP6)
#include <botan/srp6.h>
-#include <botan/rng.h>
-#include <botan/loadstor.h>
-#include <botan/internal/ct_utils.h>
+#endif
namespace Botan {
@@ -166,6 +171,7 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io,
append_tls_length_value(m_key_material, priv_key.public_value(), 1);
}
+#if defined(BOTAN_HAS_SRP6)
else if(kex_algo == "SRP_SHA")
{
const BigInt N = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
@@ -193,6 +199,7 @@ Client_Key_Exchange::Client_Key_Exchange(Handshake_IO& io,
append_tls_length_value(m_key_material, BigInt::encode(srp_vals.first), 2);
m_pre_master = srp_vals.second.bits_of();
}
+#endif
else
{
throw Internal_Error("Client_Key_Exchange: Unknown kex " +
@@ -323,12 +330,14 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents,
append_tls_length_value(m_pre_master, zeros, 2);
append_tls_length_value(m_pre_master, psk.bits_of(), 2);
}
+#if defined(BOTAN_HAS_SRP6)
else if(kex_algo == "SRP_SHA")
{
SRP6_Server_Session& srp = state.server_kex()->server_srp_params();
m_pre_master = srp.step2(BigInt::decode(reader.get_range<byte>(2, 0, 65535))).bits_of();
}
+#endif
else if(kex_algo == "DH" || kex_algo == "DHE_PSK" ||
kex_algo == "ECDH" || kex_algo == "ECDHE_PSK")
{
@@ -365,7 +374,7 @@ Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents,
else
m_pre_master = shared_secret;
}
- catch(std::exception &e)
+ catch(std::exception &)
{
/*
* Something failed in the DH computation. To avoid possible
diff --git a/src/lib/tls/msg_finished.cpp b/src/lib/tls/msg_finished.cpp
index b837172b6..2d6b11995 100644
--- a/src/lib/tls/msg_finished.cpp
+++ b/src/lib/tls/msg_finished.cpp
@@ -48,9 +48,8 @@ std::vector<byte> finished_compute_verify(const Handshake_State& state,
*/
Finished::Finished(Handshake_IO& io,
Handshake_State& state,
- Connection_Side side)
+ Connection_Side side) : m_verification_data(finished_compute_verify( state, side ))
{
- m_verification_data = finished_compute_verify(state, side);
state.hash().update(io.send(*this));
}
@@ -65,10 +64,8 @@ std::vector<byte> Finished::serialize() const
/*
* Deserialize a Finished message
*/
-Finished::Finished(const std::vector<byte>& buf)
- {
- m_verification_data = buf;
- }
+Finished::Finished(const std::vector<byte>& buf) : m_verification_data(buf)
+ {}
/*
* Verify a Finished message
diff --git a/src/lib/tls/msg_server_hello.cpp b/src/lib/tls/msg_server_hello.cpp
index ba7eee3d9..f8d0c63c7 100644
--- a/src/lib/tls/msg_server_hello.cpp
+++ b/src/lib/tls/msg_server_hello.cpp
@@ -1,6 +1,6 @@
/*
* TLS Server Hello and Server Hello Done
-* (C) 2004-2011,2015 Jack Lloyd
+* (C) 2004-2011,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -28,26 +28,23 @@ Server_Hello::Server_Hello(Handshake_IO& io,
u16bit ciphersuite,
byte compression,
bool offer_session_ticket,
- const std::string next_protocol) :
+ const std::string& next_protocol) :
m_version(new_session_version),
m_session_id(new_session_id),
m_random(make_hello_random(rng, policy)),
m_ciphersuite(ciphersuite),
m_comp_method(compression)
{
+ if(client_hello.supports_extended_master_secret())
+ m_extensions.add(new Extended_Master_Secret);
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));
if(client_hello.supports_session_ticket() && offer_session_ticket)
m_extensions.add(new Session_Ticket());
- if(size_t max_fragment_size = client_hello.fragment_size())
- m_extensions.add(new Maximum_Fragment_Length(max_fragment_size));
-
- if(policy.negotiate_heartbeat_support() && client_hello.supports_heartbeats())
- m_extensions.add(new Heartbeat_Support_Indicator(true));
-
- if(next_protocol != "" && client_hello.supports_alpn())
+ if(!next_protocol.empty() && client_hello.supports_alpn())
m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
if(m_version.is_datagram_protocol())
@@ -90,19 +87,16 @@ Server_Hello::Server_Hello(Handshake_IO& io,
m_ciphersuite(resumed_session.ciphersuite_code()),
m_comp_method(resumed_session.compression_method())
{
+ if(client_hello.supports_extended_master_secret())
+ m_extensions.add(new Extended_Master_Secret);
+
if(client_hello.secure_renegotiation())
m_extensions.add(new Renegotiation_Extension(reneg_info));
if(client_hello.supports_session_ticket() && offer_session_ticket)
m_extensions.add(new Session_Ticket());
- if(size_t max_fragment_size = resumed_session.fragment_size())
- m_extensions.add(new Maximum_Fragment_Length(max_fragment_size));
-
- if(policy.negotiate_heartbeat_support() && client_hello.supports_heartbeats())
- m_extensions.add(new Heartbeat_Support_Indicator(true));
-
- if(next_protocol != "" && client_hello.supports_alpn())
+ if(!next_protocol.empty() && client_hello.supports_alpn())
m_extensions.add(new Application_Layer_Protocol_Notification(next_protocol));
hash.update(io.send(*this));
diff --git a/src/lib/tls/msg_server_kex.cpp b/src/lib/tls/msg_server_kex.cpp
index 0c3b5c704..98e3ad1f0 100644
--- a/src/lib/tls/msg_server_kex.cpp
+++ b/src/lib/tls/msg_server_kex.cpp
@@ -12,11 +12,14 @@
#include <botan/credentials_manager.h>
#include <botan/loadstor.h>
#include <botan/pubkey.h>
+#include <botan/oids.h>
+
#include <botan/dh.h>
#include <botan/ecdh.h>
-#include <botan/rsa.h>
+
+#if defined(BOTAN_HAS_SRP6)
#include <botan/srp6.h>
-#include <botan/oids.h>
+#endif
namespace Botan {
@@ -45,7 +48,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
if(kex_algo == "DH" || kex_algo == "DHE_PSK")
{
- std::unique_ptr<DH_PrivateKey> dh(new DH_PrivateKey(rng, policy.dh_group()));
+ std::unique_ptr<DH_PrivateKey> dh(new DH_PrivateKey(rng, DL_Group(policy.dh_group())));
append_tls_length_value(m_params, BigInt::encode(dh->get_domain().get_p()), 2);
append_tls_length_value(m_params, BigInt::encode(dh->get_domain().get_g()), 2);
@@ -86,6 +89,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
m_kex_key.reset(ecdh.release());
}
+#if defined(BOTAN_HAS_SRP6)
else if(kex_algo == "SRP_SHA")
{
const std::string srp_identifier = state.client_hello()->srp_identifier();
@@ -115,6 +119,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
append_tls_length_value(m_params, salt, 1);
append_tls_length_value(m_params, BigInt::encode(B), 2);
}
+#endif
else if(kex_algo != "PSK")
throw Internal_Error("Server_Key_Exchange: Unknown kex type " + kex_algo);
@@ -142,8 +147,7 @@ Server_Key_Exchange::Server_Key_Exchange(Handshake_IO& io,
Server_Key_Exchange::Server_Key_Exchange(const std::vector<byte>& buf,
const std::string& kex_algo,
const std::string& sig_algo,
- Protocol_Version version) :
- m_kex_key(nullptr), m_srp_params(nullptr)
+ Protocol_Version version)
{
TLS_Data_Reader reader("ServerKeyExchange", buf);
@@ -229,10 +233,12 @@ std::vector<byte> Server_Key_Exchange::serialize() const
* Verify a Server Key Exchange message
*/
bool Server_Key_Exchange::verify(const Public_Key& server_key,
- const Handshake_State& state) const
+ const Handshake_State& state,
+ const Policy& policy) const
{
std::pair<std::string, Signature_Format> format =
- state.understand_sig_format(server_key, m_hash_algo, m_sig_algo);
+ state.parse_sig_format(server_key, m_hash_algo, m_sig_algo,
+ false, policy);
PK_Verifier verifier(server_key, format.first, format.second);
@@ -249,12 +255,6 @@ const Private_Key& Server_Key_Exchange::server_kex_key() const
return *m_kex_key;
}
-// Only valid for SRP negotiation
-SRP6_Server_Session& Server_Key_Exchange::server_srp_params() const
- {
- BOTAN_ASSERT_NONNULL(m_srp_params);
- return *m_srp_params;
- }
}
}
diff --git a/src/lib/tls/sessions_sql/tls_session_manager_sql.cpp b/src/lib/tls/sessions_sql/tls_session_manager_sql.cpp
index e13401c1d..049c12df1 100644
--- a/src/lib/tls/sessions_sql/tls_session_manager_sql.cpp
+++ b/src/lib/tls/sessions_sql/tls_session_manager_sql.cpp
@@ -88,7 +88,6 @@ Session_Manager_SQL::Session_Manager_SQL(std::shared_ptr<SQL_Database> db,
std::chrono::milliseconds(100),
iterations);
- printf("pbkdf iter %d\n", iterations);
size_t check_val = make_u16bit(x[0], x[1]);
m_session_key.assign(x.begin() + 2, x.end());
diff --git a/src/lib/tls/tls_alert.cpp b/src/lib/tls/tls_alert.cpp
index 5cfb1b0b1..6cecb3bbe 100644
--- a/src/lib/tls/tls_alert.cpp
+++ b/src/lib/tls/tls_alert.cpp
@@ -108,9 +108,6 @@ std::string Alert::type_string() const
case NULL_ALERT:
return "none";
-
- case HEARTBEAT_PAYLOAD:
- return "heartbeat_payload";
}
/*
diff --git a/src/lib/tls/tls_alert.h b/src/lib/tls/tls_alert.h
index 81946d9db..1184c6260 100644
--- a/src/lib/tls/tls_alert.h
+++ b/src/lib/tls/tls_alert.h
@@ -60,8 +60,7 @@ class BOTAN_DLL Alert
NO_APPLICATION_PROTOCOL = 120, // RFC 7301
// pseudo alert values
- NULL_ALERT = 256,
- HEARTBEAT_PAYLOAD = 257
+ NULL_ALERT = 256
};
/**
@@ -93,7 +92,7 @@ class BOTAN_DLL Alert
* Deserialize an Alert message
* @param buf the serialized alert
*/
- Alert(const secure_vector<byte>& buf);
+ explicit Alert(const secure_vector<byte>& buf);
/**
* Create a new Alert
diff --git a/src/lib/tls/tls_blocking.cpp b/src/lib/tls/tls_blocking.cpp
index f88b7896c..a1867b6b5 100644
--- a/src/lib/tls/tls_blocking.cpp
+++ b/src/lib/tls/tls_blocking.cpp
@@ -20,7 +20,7 @@ Blocking_Client::Blocking_Client(read_fn reader,
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& server_info,
- const Protocol_Version offer_version,
+ const Protocol_Version& offer_version,
const std::vector<std::string>& next) :
m_read(reader),
m_channel(writer,
@@ -42,7 +42,7 @@ bool Blocking_Client::handshake_cb(const Session& session)
return this->handshake_complete(session);
}
-void Blocking_Client::alert_cb(const Alert alert, const byte[], size_t)
+void Blocking_Client::alert_cb(const Alert& alert, const byte[], size_t)
{
this->alert_notification(alert);
}
diff --git a/src/lib/tls/tls_blocking.h b/src/lib/tls/tls_blocking.h
index 89421f5f5..00e65cbaf 100644
--- a/src/lib/tls/tls_blocking.h
+++ b/src/lib/tls/tls_blocking.h
@@ -39,7 +39,7 @@ class BOTAN_DLL Blocking_Client
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& server_info = Server_Information(),
- const Protocol_Version offer_version = Protocol_Version::latest_tls_version(),
+ const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),
const std::vector<std::string>& next_protos = {});
/**
@@ -89,7 +89,7 @@ class BOTAN_DLL Blocking_Client
void data_cb(const byte data[], size_t data_len);
- void alert_cb(const Alert alert, const byte data[], size_t data_len);
+ void alert_cb(const Alert& alert, const byte data[], size_t data_len);
read_fn m_read;
TLS::Client m_channel;
diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp
index c7adc18cd..2cf351c80 100644
--- a/src/lib/tls/tls_channel.cpp
+++ b/src/lib/tls/tls_channel.cpp
@@ -8,7 +8,6 @@
#include <botan/tls_channel.h>
#include <botan/internal/tls_handshake_state.h>
#include <botan/internal/tls_messages.h>
-#include <botan/internal/tls_heartbeats.h>
#include <botan/internal/tls_record.h>
#include <botan/internal/tls_seq_numbers.h>
#include <botan/internal/rounding.h>
@@ -161,22 +160,6 @@ void Channel::renegotiate(bool force_full_renegotiation)
throw Exception("Cannot renegotiate on inactive connection");
}
-size_t Channel::maximum_fragment_size() const
- {
- // should we be caching this value?
-
- if(auto pending = pending_state())
- if(auto server_hello = pending->server_hello())
- if(size_t frag = server_hello->fragment_size())
- return frag;
-
- if(auto active = active_state())
- if(size_t frag = active->server_hello()->fragment_size())
- return frag;
-
- return MAX_PLAINTEXT_SIZE;
- }
-
void Channel::change_cipher_spec_reader(Connection_Side side)
{
auto pending = pending_state();
@@ -269,20 +252,6 @@ void Channel::activate_session()
}
}
-bool Channel::peer_supports_heartbeats() const
- {
- if(auto active = active_state())
- return active->server_hello()->supports_heartbeats();
- return false;
- }
-
-bool Channel::heartbeat_sending_allowed() const
- {
- if(auto active = active_state())
- return active->server_hello()->peer_can_send_heartbeats();
- return false;
- }
-
size_t Channel::received_data(const std::vector<byte>& buf)
{
return this->received_data(buf.data(), buf.size());
@@ -290,8 +259,6 @@ size_t Channel::received_data(const std::vector<byte>& buf)
size_t Channel::received_data(const byte input[], size_t input_size)
{
- const size_t max_fragment_size = maximum_fragment_size();
-
try
{
while(!is_closed() && input_size)
@@ -331,9 +298,9 @@ size_t Channel::received_data(const byte input[], size_t input_size)
if(input_size == 0 && needed != 0)
return needed; // need more data to complete record
- if(record.size() > max_fragment_size)
+ if(record.size() > MAX_PLAINTEXT_SIZE)
throw TLS_Exception(Alert::RECORD_OVERFLOW,
- "TLS input record is larger than allowed maximum");
+ "TLS plaintext record is larger than allowed maximum");
if(record_type == HANDSHAKE || record_type == CHANGE_CIPHER_SPEC)
{
@@ -394,31 +361,6 @@ size_t Channel::received_data(const byte input[], size_t input_size)
}
}
}
- else if(record_type == HEARTBEAT && peer_supports_heartbeats())
- {
- if(!active_state())
- throw Unexpected_Message("Heartbeat sent before handshake done");
-
- Heartbeat_Message heartbeat(unlock(record));
-
- const std::vector<byte>& payload = heartbeat.payload();
-
- if(heartbeat.is_request())
- {
- if(!pending_state())
- {
- const std::vector<byte> padding = unlock(rng().random_vec(16));
- Heartbeat_Message response(Heartbeat_Message::RESPONSE,
- payload.data(), payload.size(), padding);
-
- send_record(HEARTBEAT, response.contents());
- }
- }
- else
- {
- m_alert_cb(Alert(Alert::HEARTBEAT_PAYLOAD), payload.data(), payload.size());
- }
- }
else if(record_type == APPLICATION_DATA)
{
if(!active_state())
@@ -486,18 +428,6 @@ size_t Channel::received_data(const byte input[], size_t input_size)
}
}
-void Channel::heartbeat(const byte payload[], size_t payload_size, size_t pad_size)
- {
- if(heartbeat_sending_allowed())
- {
- const std::vector<byte> padding = unlock(rng().random_vec(pad_size + 16));
- Heartbeat_Message heartbeat(Heartbeat_Message::REQUEST,
- payload, payload_size, padding);
-
- send_record(HEARTBEAT, heartbeat.contents());
- }
- }
-
void Channel::write_record(Connection_Cipher_State* cipher_state, u16bit epoch,
byte record_type, const byte input[], size_t length)
{
@@ -544,11 +474,9 @@ void Channel::send_record_array(u16bit epoch, byte type, const byte input[], siz
length -= 1;
}
- const size_t max_fragment_size = maximum_fragment_size();
-
while(length)
{
- const size_t sending = std::min(length, max_fragment_size);
+ const size_t sending = std::min<size_t>(length, MAX_PLAINTEXT_SIZE);
write_record(cipher_state.get(), epoch, type, input, sending);
input += sending;
diff --git a/src/lib/tls/tls_channel.h b/src/lib/tls/tls_channel.h
index 9ef2d17c4..e0219c242 100644
--- a/src/lib/tls/tls_channel.h
+++ b/src/lib/tls/tls_channel.h
@@ -161,28 +161,6 @@ class BOTAN_DLL Channel
*/
bool timeout_check();
- /**
- * @return true iff the peer supports heartbeat messages
- */
- bool peer_supports_heartbeats() const;
-
- /**
- * @return true iff we are allowed to send heartbeat messages
- */
- bool heartbeat_sending_allowed() const;
-
- /**
- * Attempt to send a heartbeat message (if negotiated with counterparty)
- * @param payload will be echoed back
- * @param payload_size size of payload in bytes
- * @param pad_bytes include 16 + pad_bytes extra bytes in the message (not echoed)
- */
- void heartbeat(const byte payload[], size_t payload_size, size_t pad_bytes = 0);
-
- /**
- * Attempt to send a heartbeat message (if negotiated with counterparty)
- */
- void heartbeat() { heartbeat(nullptr, 0); }
protected:
virtual void process_handshake_msg(const Handshake_State* active_state,
@@ -226,8 +204,6 @@ class BOTAN_DLL Channel
handshake_msg_cb get_handshake_msg_cb() const { return m_handshake_msg_cb; }
private:
- size_t maximum_fragment_size() const;
-
void send_record(byte record_type, const std::vector<byte>& record);
void send_record_under_epoch(u16bit epoch, byte record_type,
diff --git a/src/lib/tls/tls_ciphersuite.cpp b/src/lib/tls/tls_ciphersuite.cpp
index 76c4e2416..20142adc5 100644
--- a/src/lib/tls/tls_ciphersuite.cpp
+++ b/src/lib/tls/tls_ciphersuite.cpp
@@ -27,9 +27,11 @@ std::vector<Ciphersuite> gather_known_ciphersuites()
{
std::vector<Ciphersuite> ciphersuites;
- for(size_t i = 0; i <= 0xFFFF; ++i)
+ std::vector<u16bit> all_ids = Ciphersuite::all_known_ciphersuite_ids();
+
+ for(auto id : all_ids)
{
- Ciphersuite suite = Ciphersuite::by_id(i);
+ Ciphersuite suite = Ciphersuite::by_id(id);
if(suite.valid())
ciphersuites.push_back(suite);
diff --git a/src/lib/tls/tls_ciphersuite.h b/src/lib/tls/tls_ciphersuite.h
index 26faca11b..355dd5a8f 100644
--- a/src/lib/tls/tls_ciphersuite.h
+++ b/src/lib/tls/tls_ciphersuite.h
@@ -29,6 +29,8 @@ class BOTAN_DLL Ciphersuite
*/
static Ciphersuite by_id(u16bit suite);
+ static std::vector<u16bit> all_known_ciphersuite_ids();
+
/**
* Returns true iff this suite is a known SCSV
*/
@@ -91,7 +93,7 @@ class BOTAN_DLL Ciphersuite
const std::string& prf_algo() const
{
- return (m_prf_algo != "") ? m_prf_algo : m_mac_algo;
+ return (!m_prf_algo.empty()) ? m_prf_algo : m_mac_algo;
}
/**
diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp
index 82630b7fa..301c77c6b 100644
--- a/src/lib/tls/tls_client.cpp
+++ b/src/lib/tls/tls_client.cpp
@@ -1,6 +1,6 @@
/*
* TLS Client
-* (C) 2004-2011,2012,2015 Jack Lloyd
+* (C) 2004-2011,2012,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -51,7 +51,7 @@ Client::Client(output_fn output_fn,
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& info,
- const Protocol_Version offer_version,
+ const Protocol_Version& offer_version,
const std::vector<std::string>& next_protos,
size_t io_buf_sz) :
Channel(output_fn, proc_cb, alert_cb, handshake_cb, Channel::handshake_msg_cb(),
@@ -75,7 +75,7 @@ Client::Client(output_fn output_fn,
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& info,
- const Protocol_Version offer_version,
+ const Protocol_Version& offer_version,
const std::vector<std::string>& next_protos) :
Channel(output_fn, proc_cb, alert_cb, handshake_cb, hs_msg_cb,
session_manager, rng, policy, offer_version.is_datagram_protocol()),
@@ -394,7 +394,7 @@ void Client::process_handshake_msg(const Handshake_State* active_state,
{
const Public_Key& server_key = state.get_server_public_Key();
- if(!state.server_kex()->verify(server_key, state))
+ if(!state.server_kex()->verify(server_key, state, policy()))
{
throw TLS_Exception(Alert::DECRYPT_ERROR,
"Bad signature on server key exchange");
@@ -509,7 +509,7 @@ void Client::process_handshake_msg(const Handshake_State* active_state,
state.server_hello()->ciphersuite(),
state.server_hello()->compression_method(),
CLIENT,
- state.server_hello()->fragment_size(),
+ state.server_hello()->supports_extended_master_secret(),
get_peer_cert_chain(state),
session_ticket,
m_info,
diff --git a/src/lib/tls/tls_client.h b/src/lib/tls/tls_client.h
index b835c013e..45a741878 100644
--- a/src/lib/tls/tls_client.h
+++ b/src/lib/tls/tls_client.h
@@ -19,7 +19,7 @@ namespace TLS {
/**
* SSL/TLS Client
*/
-class BOTAN_DLL Client : public Channel
+class BOTAN_DLL Client final : public Channel
{
public:
/**
@@ -62,7 +62,7 @@ class BOTAN_DLL Client : public Channel
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& server_info = Server_Information(),
- const Protocol_Version offer_version = Protocol_Version::latest_tls_version(),
+ const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),
const std::vector<std::string>& next_protocols = {},
size_t reserved_io_buffer_size = 16*1024
);
@@ -77,7 +77,7 @@ class BOTAN_DLL Client : public Channel
const Policy& policy,
RandomNumberGenerator& rng,
const Server_Information& server_info = Server_Information(),
- const Protocol_Version offer_version = Protocol_Version::latest_tls_version(),
+ const Protocol_Version& offer_version = Protocol_Version::latest_tls_version(),
const std::vector<std::string>& next_protocols = {}
);
diff --git a/src/lib/tls/tls_exceptn.h b/src/lib/tls/tls_exceptn.h
index 509226094..2ed5b685c 100644
--- a/src/lib/tls/tls_exceptn.h
+++ b/src/lib/tls/tls_exceptn.h
@@ -36,7 +36,7 @@ class BOTAN_DLL TLS_Exception : public Exception
*/
struct BOTAN_DLL Unexpected_Message : public TLS_Exception
{
- Unexpected_Message(const std::string& err) :
+ explicit Unexpected_Message(const std::string& err) :
TLS_Exception(Alert::UNEXPECTED_MESSAGE, err) {}
};
diff --git a/src/lib/tls/tls_extensions.cpp b/src/lib/tls/tls_extensions.cpp
index 06efebb4b..4acf9a6fe 100644
--- a/src/lib/tls/tls_extensions.cpp
+++ b/src/lib/tls/tls_extensions.cpp
@@ -1,6 +1,6 @@
/*
* TLS Extensions
-* (C) 2011,2012,2015 Jack Lloyd
+* (C) 2011,2012,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -24,11 +24,10 @@ Extension* make_extension(TLS_Data_Reader& reader,
case TLSEXT_SERVER_NAME_INDICATION:
return new Server_Name_Indicator(reader, size);
- case TLSEXT_MAX_FRAGMENT_LENGTH:
- return new Maximum_Fragment_Length(reader, size);
-
+#if defined(BOTAN_HAS_SRP6)
case TLSEXT_SRP_IDENTIFIER:
return new SRP_Identifier(reader, size);
+#endif
case TLSEXT_USABLE_ELLIPTIC_CURVES:
return new Supported_Elliptic_Curves(reader, size);
@@ -39,14 +38,14 @@ Extension* make_extension(TLS_Data_Reader& reader,
case TLSEXT_SIGNATURE_ALGORITHMS:
return new Signature_Algorithms(reader, size);
- case TLSEXT_USE_SRTP:
+ case TLSEXT_USE_SRTP:
return new SRTP_Protection_Profiles(reader, size);
case TLSEXT_ALPN:
return new Application_Layer_Protocol_Notification(reader, size);
- case TLSEXT_HEARTBEAT_SUPPORT:
- return new Heartbeat_Support_Indicator(reader, size);
+ case TLSEXT_EXTENDED_MASTER_SECRET:
+ return new Extended_Master_Secret(reader, size);
case TLSEXT_SESSION_TICKET:
return new Session_Ticket(reader, size);
@@ -88,7 +87,7 @@ std::vector<byte> Extensions::serialize() const
{
std::vector<byte> buf(2); // 2 bytes for length field
- for(auto& extn : extensions)
+ for(auto& extn : m_extensions)
{
if(extn.second->empty())
continue;
@@ -121,7 +120,7 @@ std::vector<byte> Extensions::serialize() const
std::set<Handshake_Extension_Type> Extensions::extension_types() const
{
std::set<Handshake_Extension_Type> offers;
- for(auto i = extensions.begin(); i != extensions.end(); ++i)
+ for(auto i = m_extensions.begin(); i != m_extensions.end(); ++i)
offers.insert(i->first);
return offers;
}
@@ -147,8 +146,8 @@ Server_Name_Indicator::Server_Name_Indicator(TLS_Data_Reader& reader,
if(name_type == 0) // DNS
{
- sni_host_name = reader.get_string(2, 1, 65535);
- name_bytes -= (2 + sni_host_name.size());
+ m_sni_host_name = reader.get_string(2, 1, 65535);
+ name_bytes -= (2 + m_sni_host_name.size());
}
else // some other unknown name type
{
@@ -162,7 +161,7 @@ std::vector<byte> Server_Name_Indicator::serialize() const
{
std::vector<byte> buf;
- size_t name_len = sni_host_name.size();
+ size_t name_len = m_sni_host_name.size();
buf.push_back(get_byte<u16bit>(0, name_len+3));
buf.push_back(get_byte<u16bit>(1, name_len+3));
@@ -172,18 +171,18 @@ std::vector<byte> Server_Name_Indicator::serialize() const
buf.push_back(get_byte<u16bit>(1, name_len));
buf += std::make_pair(
- reinterpret_cast<const byte*>(sni_host_name.data()),
- sni_host_name.size());
+ reinterpret_cast<const byte*>(m_sni_host_name.data()),
+ m_sni_host_name.size());
return buf;
}
+#if defined(BOTAN_HAS_SRP6)
+
SRP_Identifier::SRP_Identifier(TLS_Data_Reader& reader,
- u16bit extension_size)
+ u16bit extension_size) : m_srp_identifier(reader.get_string(1, 1, 255))
{
- srp_identifier = reader.get_string(1, 1, 255);
-
- if(srp_identifier.size() + 1 != extension_size)
+ if(m_srp_identifier.size() + 1 != extension_size)
throw Decoding_Error("Bad encoding for SRP identifier extension");
}
@@ -192,76 +191,29 @@ std::vector<byte> SRP_Identifier::serialize() const
std::vector<byte> buf;
const byte* srp_bytes =
- reinterpret_cast<const byte*>(srp_identifier.data());
+ reinterpret_cast<const byte*>(m_srp_identifier.data());
- append_tls_length_value(buf, srp_bytes, srp_identifier.size(), 1);
+ append_tls_length_value(buf, srp_bytes, m_srp_identifier.size(), 1);
return buf;
}
+#endif
+
Renegotiation_Extension::Renegotiation_Extension(TLS_Data_Reader& reader,
- u16bit extension_size)
+ u16bit extension_size) : m_reneg_data(reader.get_range<byte>(1, 0, 255))
{
- reneg_data = reader.get_range<byte>(1, 0, 255);
-
- if(reneg_data.size() + 1 != extension_size)
+ if(m_reneg_data.size() + 1 != extension_size)
throw Decoding_Error("Bad encoding for secure renegotiation extn");
}
std::vector<byte> Renegotiation_Extension::serialize() const
{
std::vector<byte> buf;
- append_tls_length_value(buf, reneg_data, 1);
+ append_tls_length_value(buf, m_reneg_data, 1);
return buf;
}
-std::vector<byte> Maximum_Fragment_Length::serialize() const
- {
- switch(m_max_fragment)
- {
- case 512:
- return std::vector<byte>(1, 1);
- case 1024:
- return std::vector<byte>(1, 2);
- case 2048:
- return std::vector<byte>(1, 3);
- case 4096:
- return std::vector<byte>(1, 4);
- default:
- throw Invalid_Argument("Bad setting " +
- std::to_string(m_max_fragment) +
- " for maximum fragment size");
- }
- }
-
-Maximum_Fragment_Length::Maximum_Fragment_Length(TLS_Data_Reader& reader,
- u16bit extension_size)
- {
- if(extension_size != 1)
- throw Decoding_Error("Bad size for maximum fragment extension");
-
- const byte val = reader.get_byte();
-
- switch(val)
- {
- case 1:
- m_max_fragment = 512;
- break;
- case 2:
- m_max_fragment = 1024;
- break;
- case 3:
- m_max_fragment = 2048;
- break;
- case 4:
- m_max_fragment = 4096;
- break;
- default:
- throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
- "Bad value " + std::to_string(val) + " for max fragment len");
- }
- }
-
Application_Layer_Protocol_Notification::Application_Layer_Protocol_Notification(TLS_Data_Reader& reader,
u16bit extension_size)
{
@@ -424,7 +376,7 @@ Supported_Elliptic_Curves::Supported_Elliptic_Curves(TLS_Data_Reader& reader,
const u16bit id = reader.get_u16bit();
const std::string name = curve_id_to_name(id);
- if(name != "")
+ if(!name.empty())
m_curves.push_back(name);
}
}
@@ -552,7 +504,7 @@ Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader,
len -= 2;
// If not something we know, ignore it completely
- if(hash_code == "" || sig_code == "")
+ if(hash_code.empty() || sig_code.empty())
continue;
m_supported_algos.push_back(std::make_pair(hash_code, sig_code));
@@ -560,16 +512,12 @@ Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader,
}
Session_Ticket::Session_Ticket(TLS_Data_Reader& reader,
- u16bit extension_size)
- {
- m_ticket = reader.get_elem<byte, std::vector<byte> >(extension_size);
- }
+ u16bit extension_size) : m_ticket(reader.get_elem<byte, std::vector<byte>>(extension_size))
+ {}
SRTP_Protection_Profiles::SRTP_Protection_Profiles(TLS_Data_Reader& reader,
- u16bit extension_size)
+ u16bit extension_size) : m_pp(reader.get_range<u16bit>(2, 0, 65535))
{
- m_pp = reader.get_range<u16bit>(2, 0, 65535);
-
const std::vector<byte> mki = reader.get_range<byte>(1, 0, 255);
if(m_pp.size() * 2 + mki.size() + 3 != extension_size)
@@ -598,6 +546,18 @@ std::vector<byte> SRTP_Protection_Profiles::serialize() const
return buf;
}
+Extended_Master_Secret::Extended_Master_Secret(TLS_Data_Reader&,
+ u16bit extension_size)
+ {
+ if(extension_size != 0)
+ throw Decoding_Error("Invalid extended_master_secret extension");
+ }
+
+std::vector<byte> Extended_Master_Secret::serialize() const
+ {
+ return std::vector<byte>();
+ }
+
}
}
diff --git a/src/lib/tls/tls_extensions.h b/src/lib/tls/tls_extensions.h
index 7527b5cdd..a5aac0020 100644
--- a/src/lib/tls/tls_extensions.h
+++ b/src/lib/tls/tls_extensions.h
@@ -1,6 +1,6 @@
/*
* TLS Extensions
-* (C) 2011-2012 Jack Lloyd
+* (C) 2011,2012,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -23,7 +23,7 @@ class TLS_Data_Reader;
enum Handshake_Extension_Type {
TLSEXT_SERVER_NAME_INDICATION = 0,
- TLSEXT_MAX_FRAGMENT_LENGTH = 1,
+ // 1 is maximum fragment length
TLSEXT_CLIENT_CERT_URL = 2,
TLSEXT_TRUSTED_CA_KEYS = 3,
TLSEXT_TRUNCATED_HMAC = 4,
@@ -37,6 +37,8 @@ enum Handshake_Extension_Type {
TLSEXT_HEARTBEAT_SUPPORT = 15,
TLSEXT_ALPN = 16,
+ TLSEXT_EXTENDED_MASTER_SECRET = 23,
+
TLSEXT_SESSION_TICKET = 35,
TLSEXT_SAFE_RENEGOTIATION = 65281,
@@ -69,7 +71,7 @@ class Extension
/**
* Server Name Indicator extension (RFC 3546)
*/
-class Server_Name_Indicator : public Extension
+class Server_Name_Indicator final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -77,25 +79,26 @@ class Server_Name_Indicator : public Extension
Handshake_Extension_Type type() const override { return static_type(); }
- Server_Name_Indicator(const std::string& host_name) :
- sni_host_name(host_name) {}
+ explicit Server_Name_Indicator(const std::string& host_name) :
+ m_sni_host_name(host_name) {}
Server_Name_Indicator(TLS_Data_Reader& reader,
u16bit extension_size);
- std::string host_name() const { return sni_host_name; }
+ std::string host_name() const { return m_sni_host_name; }
std::vector<byte> serialize() const override;
- bool empty() const override { return sni_host_name == ""; }
+ bool empty() const override { return m_sni_host_name.empty(); }
private:
- std::string sni_host_name;
+ std::string m_sni_host_name;
};
+#if defined(BOTAN_HAS_SRP6)
/**
* SRP identifier extension (RFC 5054)
*/
-class SRP_Identifier : public Extension
+class SRP_Identifier final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -103,25 +106,26 @@ class SRP_Identifier : public Extension
Handshake_Extension_Type type() const override { return static_type(); }
- SRP_Identifier(const std::string& identifier) :
- srp_identifier(identifier) {}
+ explicit SRP_Identifier(const std::string& identifier) :
+ m_srp_identifier(identifier) {}
SRP_Identifier(TLS_Data_Reader& reader,
u16bit extension_size);
- std::string identifier() const { return srp_identifier; }
+ std::string identifier() const { return m_srp_identifier; }
std::vector<byte> serialize() const override;
- bool empty() const override { return srp_identifier == ""; }
+ bool empty() const override { return m_srp_identifier.empty(); }
private:
- std::string srp_identifier;
+ std::string m_srp_identifier;
};
+#endif
/**
* Renegotiation Indication Extension (RFC 5746)
*/
-class Renegotiation_Extension : public Extension
+class Renegotiation_Extension final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -131,58 +135,26 @@ class Renegotiation_Extension : public Extension
Renegotiation_Extension() {}
- Renegotiation_Extension(const std::vector<byte>& bits) :
- reneg_data(bits) {}
+ explicit Renegotiation_Extension(const std::vector<byte>& bits) :
+ m_reneg_data(bits) {}
Renegotiation_Extension(TLS_Data_Reader& reader,
u16bit extension_size);
const std::vector<byte>& renegotiation_info() const
- { return reneg_data; }
+ { return m_reneg_data; }
std::vector<byte> serialize() const override;
bool empty() const override { return false; } // always send this
private:
- std::vector<byte> reneg_data;
- };
-
-/**
-* Maximum Fragment Length Negotiation Extension (RFC 4366 sec 3.2)
-*/
-class Maximum_Fragment_Length : public Extension
- {
- public:
- static Handshake_Extension_Type static_type()
- { return TLSEXT_MAX_FRAGMENT_LENGTH; }
-
- Handshake_Extension_Type type() const override { return static_type(); }
-
- bool empty() const override { return false; }
-
- size_t fragment_size() const { return m_max_fragment; }
-
- std::vector<byte> serialize() const override;
-
- /**
- * @param max_fragment specifies what maximum fragment size to
- * advertise. Currently must be one of 512, 1024, 2048, or
- * 4096.
- */
- Maximum_Fragment_Length(size_t max_fragment) :
- m_max_fragment(max_fragment) {}
-
- Maximum_Fragment_Length(TLS_Data_Reader& reader,
- u16bit extension_size);
-
- private:
- size_t m_max_fragment;
+ std::vector<byte> m_reneg_data;
};
/**
* ALPN (RFC 7301)
*/
-class Application_Layer_Protocol_Notification : public Extension
+class Application_Layer_Protocol_Notification final : public Extension
{
public:
static Handshake_Extension_Type static_type() { return TLSEXT_ALPN; }
@@ -196,13 +168,13 @@ class Application_Layer_Protocol_Notification : public Extension
/**
* Single protocol, used by server
*/
- Application_Layer_Protocol_Notification(const std::string& protocol) :
+ explicit Application_Layer_Protocol_Notification(const std::string& protocol) :
m_protocols(1, protocol) {}
/**
* List of protocols, used by client
*/
- Application_Layer_Protocol_Notification(const std::vector<std::string>& protocols) :
+ explicit Application_Layer_Protocol_Notification(const std::vector<std::string>& protocols) :
m_protocols(protocols) {}
Application_Layer_Protocol_Notification(TLS_Data_Reader& reader,
@@ -218,7 +190,7 @@ class Application_Layer_Protocol_Notification : public Extension
/**
* Session Ticket Extension (RFC 5077)
*/
-class Session_Ticket : public Extension
+class Session_Ticket final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -239,7 +211,7 @@ class Session_Ticket : public Extension
/**
* Extension with ticket, used by client
*/
- Session_Ticket(const std::vector<byte>& session_ticket) :
+ explicit Session_Ticket(const std::vector<byte>& session_ticket) :
m_ticket(session_ticket) {}
/**
@@ -257,7 +229,7 @@ class Session_Ticket : public Extension
/**
* Supported Elliptic Curves Extension (RFC 4492)
*/
-class Supported_Elliptic_Curves : public Extension
+class Supported_Elliptic_Curves final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -272,7 +244,7 @@ class Supported_Elliptic_Curves : public Extension
std::vector<byte> serialize() const override;
- Supported_Elliptic_Curves(const std::vector<std::string>& curves) :
+ explicit Supported_Elliptic_Curves(const std::vector<std::string>& curves) :
m_curves(curves) {}
Supported_Elliptic_Curves(TLS_Data_Reader& reader,
@@ -286,7 +258,7 @@ class Supported_Elliptic_Curves : public Extension
/**
* Signature Algorithms Extension for TLS 1.2 (RFC 5246)
*/
-class Signature_Algorithms : public Extension
+class Signature_Algorithms final : public Extension
{
public:
static Handshake_Extension_Type static_type()
@@ -313,7 +285,7 @@ class Signature_Algorithms : public Extension
Signature_Algorithms(const std::vector<std::string>& hashes,
const std::vector<std::string>& sig_algos);
- Signature_Algorithms(const std::vector<std::pair<std::string, std::string> >& algos) :
+ explicit Signature_Algorithms(const std::vector<std::pair<std::string, std::string> >& algos) :
m_supported_algos(algos) {}
Signature_Algorithms(TLS_Data_Reader& reader,
@@ -323,55 +295,49 @@ class Signature_Algorithms : public Extension
};
/**
-* Heartbeat Extension (RFC 6520)
+* Used to indicate SRTP algorithms for DTLS (RFC 5764)
*/
-class Heartbeat_Support_Indicator : public Extension
+class SRTP_Protection_Profiles final : public Extension
{
public:
static Handshake_Extension_Type static_type()
- { return TLSEXT_HEARTBEAT_SUPPORT; }
+ { return TLSEXT_USE_SRTP; }
Handshake_Extension_Type type() const override { return static_type(); }
- bool peer_allowed_to_send() const { return m_peer_allowed_to_send; }
+ const std::vector<u16bit>& profiles() const { return m_pp; }
std::vector<byte> serialize() const override;
- bool empty() const override { return false; }
+ bool empty() const override { return m_pp.empty(); }
- Heartbeat_Support_Indicator(bool peer_allowed_to_send) :
- m_peer_allowed_to_send(peer_allowed_to_send) {}
+ explicit SRTP_Protection_Profiles(const std::vector<u16bit>& pp) : m_pp(pp) {}
- Heartbeat_Support_Indicator(TLS_Data_Reader& reader, u16bit extension_size);
+ explicit SRTP_Protection_Profiles(u16bit pp) : m_pp(1, pp) {}
+ SRTP_Protection_Profiles(TLS_Data_Reader& reader, u16bit extension_size);
private:
- bool m_peer_allowed_to_send;
+ std::vector<u16bit> m_pp;
};
/**
-* Used to indicate SRTP algorithms for DTLS (RFC 5764)
+* Extended Master Secret Extension (RFC 7627)
*/
-class SRTP_Protection_Profiles : public Extension
+class Extended_Master_Secret final : public Extension
{
public:
static Handshake_Extension_Type static_type()
- { return TLSEXT_USE_SRTP; }
+ { return TLSEXT_EXTENDED_MASTER_SECRET; }
Handshake_Extension_Type type() const override { return static_type(); }
- const std::vector<u16bit>& profiles() const { return m_pp; }
-
std::vector<byte> serialize() const override;
- bool empty() const override { return m_pp.empty(); }
-
- SRTP_Protection_Profiles(const std::vector<u16bit>& pp) : m_pp(pp) {}
+ bool empty() const override { return false; }
- SRTP_Protection_Profiles(u16bit pp) : m_pp(1, pp) {}
+ Extended_Master_Secret() {}
- SRTP_Protection_Profiles(TLS_Data_Reader& reader, u16bit extension_size);
- private:
- std::vector<u16bit> m_pp;
+ Extended_Master_Secret(TLS_Data_Reader& reader, u16bit extension_size);
};
/**
@@ -387,9 +353,9 @@ class Extensions
{
Handshake_Extension_Type type = T::static_type();
- auto i = extensions.find(type);
+ auto i = m_extensions.find(type);
- if(i != extensions.end())
+ if(i != m_extensions.end())
return dynamic_cast<T*>(i->second.get());
return nullptr;
}
@@ -402,7 +368,7 @@ class Extensions
void add(Extension* extn)
{
- extensions[extn->type()].reset(extn);
+ m_extensions[extn->type()].reset(extn);
}
std::vector<byte> serialize() const;
@@ -411,13 +377,13 @@ class Extensions
Extensions() {}
- Extensions(TLS_Data_Reader& reader) { deserialize(reader); }
+ explicit Extensions(TLS_Data_Reader& reader) { deserialize(reader); }
private:
Extensions(const Extensions&) {}
Extensions& operator=(const Extensions&) { return (*this); }
- std::map<Handshake_Extension_Type, std::unique_ptr<Extension>> extensions;
+ std::map<Handshake_Extension_Type, std::unique_ptr<Extension>> m_extensions;
};
}
diff --git a/src/lib/tls/tls_handshake_hash.cpp b/src/lib/tls/tls_handshake_hash.cpp
index 615767cc2..00b8d744c 100644
--- a/src/lib/tls/tls_handshake_hash.cpp
+++ b/src/lib/tls/tls_handshake_hash.cpp
@@ -29,7 +29,7 @@ secure_vector<byte> Handshake_Hash::final(Protocol_Version version,
};
std::unique_ptr<HashFunction> hash(HashFunction::create(choose_hash()));
- hash->update(data);
+ hash->update(m_data);
return hash->final();
}
diff --git a/src/lib/tls/tls_handshake_hash.h b/src/lib/tls/tls_handshake_hash.h
index 050f3a454..d0f5c882f 100644
--- a/src/lib/tls/tls_handshake_hash.h
+++ b/src/lib/tls/tls_handshake_hash.h
@@ -23,19 +23,19 @@ class Handshake_Hash
{
public:
void update(const byte in[], size_t length)
- { data += std::make_pair(in, length); }
+ { m_data += std::make_pair(in, length); }
void update(const std::vector<byte>& in)
- { data += in; }
+ { m_data += in; }
secure_vector<byte> final(Protocol_Version version,
const std::string& mac_algo) const;
- const std::vector<byte>& get_contents() const { return data; }
+ const std::vector<byte>& get_contents() const { return m_data; }
- void reset() { data.clear(); }
+ void reset() { m_data.clear(); }
private:
- std::vector<byte> data;
+ std::vector<byte> m_data;
};
}
diff --git a/src/lib/tls/tls_handshake_io.h b/src/lib/tls/tls_handshake_io.h
index a1c1c5ce3..601ac41d9 100644
--- a/src/lib/tls/tls_handshake_io.h
+++ b/src/lib/tls/tls_handshake_io.h
@@ -62,12 +62,12 @@ class Handshake_IO
/**
* Handshake IO for stream-based handshakes
*/
-class Stream_Handshake_IO : public Handshake_IO
+class Stream_Handshake_IO final : public Handshake_IO
{
public:
typedef std::function<void (byte, const std::vector<byte>&)> writer_fn;
- Stream_Handshake_IO(writer_fn writer) : m_send_hs(writer) {}
+ explicit Stream_Handshake_IO(writer_fn writer) : m_send_hs(writer) {}
Protocol_Version initial_record_version() const override;
@@ -93,7 +93,7 @@ class Stream_Handshake_IO : public Handshake_IO
/**
* Handshake IO for datagram-based handshakes
*/
-class Datagram_Handshake_IO : public Handshake_IO
+class Datagram_Handshake_IO final : public Handshake_IO
{
public:
typedef std::function<void (u16bit, byte, const std::vector<byte>&)> writer_fn;
diff --git a/src/lib/tls/tls_handshake_state.cpp b/src/lib/tls/tls_handshake_state.cpp
index f885d3b08..67ba43265 100644
--- a/src/lib/tls/tls_handshake_state.cpp
+++ b/src/lib/tls/tls_handshake_state.cpp
@@ -1,6 +1,6 @@
/*
* TLS Handshaking
-* (C) 2004-2006,2011,2012,2015 Jack Lloyd
+* (C) 2004-2006,2011,2012,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -325,12 +325,16 @@ Handshake_State::get_next_handshake_msg()
std::string Handshake_State::srp_identifier() const
{
+#if defined(BOTAN_HAS_SRP6)
+ // Authenticated via the successful key exchange
if(ciphersuite().valid() && ciphersuite().kex_algo() == "SRP_SHA")
return client_hello()->srp_identifier();
+#endif
return "";
}
+
std::vector<byte> Handshake_State::session_ticket() const
{
if(new_session_ticket() && !new_session_ticket()->ticket().empty())
@@ -445,58 +449,111 @@ Handshake_State::choose_sig_format(const Private_Key& key,
throw Invalid_Argument(sig_algo + " is invalid/unknown for TLS signatures");
}
+namespace {
+
+bool supported_algos_include(
+ const std::vector<std::pair<std::string, std::string>>& algos,
+ const std::string& key_type,
+ const std::string& hash_type)
+ {
+ for(auto&& algo : algos)
+ {
+ if(algo.first == hash_type && algo.second == key_type)
+ {
+ return true;
+ }
+ }
+
+ return false;
+ }
+
+}
+
std::pair<std::string, Signature_Format>
-Handshake_State::understand_sig_format(const Public_Key& key,
- std::string hash_algo,
- std::string sig_algo) const
+Handshake_State::parse_sig_format(const Public_Key& key,
+ const std::string& input_hash_algo,
+ const std::string& input_sig_algo,
+ bool for_client_auth,
+ const Policy& policy) const
{
- const std::string algo_name = key.algo_name();
+ const std::string key_type = key.algo_name();
- /*
- FIXME: This should check what was sent against the client hello
- preferences, or the certificate request, to ensure it was allowed
- by those restrictions.
+ if(!policy.allowed_signature_method(key_type))
+ {
+ throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
+ "Rejecting " + key_type + " signature");
+ }
- Or not?
- */
+ std::string hash_algo;
if(this->version().supports_negotiable_signature_algorithms())
{
- if(hash_algo == "")
+ if(input_sig_algo != key_type)
+ throw Decoding_Error("Counterparty sent inconsistent key and sig types");
+
+ if(input_hash_algo == "")
throw Decoding_Error("Counterparty did not send hash/sig IDS");
- if(sig_algo != algo_name)
- throw Decoding_Error("Counterparty sent inconsistent key and sig types");
+ hash_algo = input_hash_algo;
+
+ if(for_client_auth && !cert_req())
+ {
+ throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
+ "No certificate verify set");
+ }
+
+ /*
+ Confirm the signature type we just received against the
+ supported_algos list that we sent; it better be there.
+ */
+
+ const auto supported_algos =
+ for_client_auth ? cert_req()->supported_algos() :
+ client_hello()->supported_algos();
+
+ if(!supported_algos_include(supported_algos, key_type, hash_algo))
+ {
+ throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
+ "TLS signature extension did not allow for " +
+ key_type + "/" + hash_algo + " signature");
+ }
}
else
{
- if(hash_algo != "" || sig_algo != "")
+ if(input_hash_algo != "" || input_sig_algo != "")
throw Decoding_Error("Counterparty sent hash/sig IDs with old version");
- }
- if(algo_name == "RSA")
- {
- if(!this->version().supports_negotiable_signature_algorithms())
+ if(key_type == "RSA")
{
hash_algo = "Parallel(MD5,SHA-160)";
}
+ else if(key_type == "DSA" || key_type == "ECDSA")
+ {
+ hash_algo = "SHA-1";
+ }
+ else
+ {
+ throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
+ }
+
+ /*
+ There is no check on the acceptability of a v1.0/v1.1 hash type,
+ since it's implicit with use of the protocol
+ */
+ }
+ if(key_type == "RSA")
+ {
const std::string padding = "EMSA3(" + hash_algo + ")";
return std::make_pair(padding, IEEE_1363);
}
- else if(algo_name == "DSA" || algo_name == "ECDSA")
+ else if(key_type == "DSA" || key_type == "ECDSA")
{
- if(!this->version().supports_negotiable_signature_algorithms())
- {
- hash_algo = "SHA-1";
- }
-
const std::string padding = "EMSA1(" + hash_algo + ")";
-
return std::make_pair(padding, DER_SEQUENCE);
}
- throw Invalid_Argument(algo_name + " is invalid/unknown for TLS signatures");
+ throw Invalid_Argument(key_type + " is invalid/unknown for TLS signatures");
}
}
diff --git a/src/lib/tls/tls_handshake_state.h b/src/lib/tls/tls_handshake_state.h
index 6260b090f..2943a8637 100644
--- a/src/lib/tls/tls_handshake_state.h
+++ b/src/lib/tls/tls_handshake_state.h
@@ -80,9 +80,11 @@ class Handshake_State
std::vector<byte> session_ticket() const;
std::pair<std::string, Signature_Format>
- understand_sig_format(const Public_Key& key,
- std::string hash_algo,
- std::string sig_algo) const;
+ parse_sig_format(const Public_Key& key,
+ const std::string& hash_algo,
+ const std::string& sig_algo,
+ bool for_client_auth,
+ const Policy& policy) const;
std::pair<std::string, Signature_Format>
choose_sig_format(const Private_Key& key,
diff --git a/src/lib/tls/tls_heartbeats.cpp b/src/lib/tls/tls_heartbeats.cpp
deleted file mode 100644
index 14f7db51c..000000000
--- a/src/lib/tls/tls_heartbeats.cpp
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
-* TLS Heartbeats
-* (C) 2012,2015 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#include <botan/internal/tls_heartbeats.h>
-#include <botan/internal/tls_extensions.h>
-#include <botan/internal/tls_reader.h>
-#include <botan/tls_exceptn.h>
-
-namespace Botan {
-
-namespace TLS {
-
-Heartbeat_Message::Heartbeat_Message(const std::vector<byte>& buf)
- {
- TLS_Data_Reader reader("Heartbeat", buf);
-
- const byte type = reader.get_byte();
-
- if(type != 1 && type != 2)
- throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
- "Unknown heartbeat message type");
-
- m_type = static_cast<Type>(type);
-
- m_payload = reader.get_range<byte>(2, 0, 16*1024);
-
- m_padding = reader.get_remaining();
-
- if(m_padding.size() < 16)
- throw Decoding_Error("Invalid heartbeat padding");
- }
-
-Heartbeat_Message::Heartbeat_Message(Type type,
- const byte payload[],
- size_t payload_len,
- const std::vector<byte>& padding) :
- m_type(type),
- m_payload(payload, payload + payload_len),
- m_padding(padding)
- {
- if(payload_len >= 64*1024)
- throw Exception("Heartbeat payload too long");
- if(m_padding.size() < 16)
- throw Exception("Invalid heartbeat padding length");
- }
-
-std::vector<byte> Heartbeat_Message::contents() const
- {
- //std::vector<byte> send_buf(3 + m_payload.size() + 16);
- std::vector<byte> send_buf;
- send_buf.reserve(3 + m_payload.size() + m_padding.size());
-
- send_buf.push_back(m_type);
- send_buf.push_back(get_byte<u16bit>(0, m_payload.size()));
- send_buf.push_back(get_byte<u16bit>(1, m_payload.size()));
- send_buf += m_payload;
- send_buf += m_padding;
-
- return send_buf;
- }
-
-std::vector<byte> Heartbeat_Support_Indicator::serialize() const
- {
- std::vector<byte> heartbeat(1);
- heartbeat[0] = (m_peer_allowed_to_send ? 1 : 2);
- return heartbeat;
- }
-
-Heartbeat_Support_Indicator::Heartbeat_Support_Indicator(TLS_Data_Reader& reader,
- u16bit extension_size)
- {
- if(extension_size != 1)
- throw Decoding_Error("Strange size for heartbeat extension");
-
- const byte code = reader.get_byte();
-
- if(code != 1 && code != 2)
- throw TLS_Exception(Alert::ILLEGAL_PARAMETER,
- "Unknown heartbeat code " + std::to_string(code));
-
- m_peer_allowed_to_send = (code == 1);
- }
-
-}
-
-}
diff --git a/src/lib/tls/tls_heartbeats.h b/src/lib/tls/tls_heartbeats.h
deleted file mode 100644
index dcb63babe..000000000
--- a/src/lib/tls/tls_heartbeats.h
+++ /dev/null
@@ -1,44 +0,0 @@
-/*
-* TLS Heartbeats
-* (C) 2012,2015 Jack Lloyd
-*
-* Botan is released under the Simplified BSD License (see license.txt)
-*/
-
-#ifndef BOTAN_TLS_HEARTBEATS_H__
-#define BOTAN_TLS_HEARTBEATS_H__
-
-#include <botan/secmem.h>
-
-namespace Botan {
-
-namespace TLS {
-
-/**
-* TLS Heartbeat message
-*/
-class Heartbeat_Message
- {
- public:
- enum Type { REQUEST = 1, RESPONSE = 2 };
-
- std::vector<byte> contents() const;
-
- const std::vector<byte>& payload() const { return m_payload; }
-
- bool is_request() const { return m_type == REQUEST; }
-
- Heartbeat_Message(const std::vector<byte>& buf);
-
- Heartbeat_Message(Type type, const byte payload[], size_t payload_len,
- const std::vector<byte>& padding);
- private:
- Type m_type;
- std::vector<byte> m_payload, m_padding;
- };
-
-}
-
-}
-
-#endif
diff --git a/src/lib/tls/tls_magic.h b/src/lib/tls/tls_magic.h
index 6db908b08..798e428ff 100644
--- a/src/lib/tls/tls_magic.h
+++ b/src/lib/tls/tls_magic.h
@@ -31,7 +31,6 @@ enum Record_Type {
ALERT = 21,
HANDSHAKE = 22,
APPLICATION_DATA = 23,
- HEARTBEAT = 24,
NO_RECORD = 256
};
diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h
index 7a556a61c..3bee89e13 100644
--- a/src/lib/tls/tls_messages.h
+++ b/src/lib/tls/tls_messages.h
@@ -22,7 +22,10 @@
namespace Botan {
class Credentials_Manager;
+
+#if defined(BOTAN_HAS_SRP6)
class SRP6_Server_Session;
+#endif
namespace TLS {
@@ -35,7 +38,7 @@ std::vector<byte> make_hello_random(RandomNumberGenerator& rng,
/**
* DTLS Hello Verify Request
*/
-class Hello_Verify_Request : public Handshake_Message
+class Hello_Verify_Request final : public Handshake_Message
{
public:
std::vector<byte> serialize() const override;
@@ -43,7 +46,7 @@ class Hello_Verify_Request : public Handshake_Message
std::vector<byte> cookie() const { return m_cookie; }
- Hello_Verify_Request(const std::vector<byte>& buf);
+ explicit Hello_Verify_Request(const std::vector<byte>& buf);
Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
@@ -55,7 +58,7 @@ class Hello_Verify_Request : public Handshake_Message
/**
* Client Hello Message
*/
-class Client_Hello : public Handshake_Message
+class Client_Hello final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CLIENT_HELLO; }
@@ -95,12 +98,14 @@ class Client_Hello : public Handshake_Message
return "";
}
+#if defined(BOTAN_HAS_SRP6)
std::string srp_identifier() const
{
if(SRP_Identifier* srp = m_extensions.get<SRP_Identifier>())
return srp->identifier();
return "";
}
+#endif
bool secure_renegotiation() const
{
@@ -114,13 +119,6 @@ class Client_Hello : public Handshake_Message
return std::vector<byte>();
}
- size_t fragment_size() const
- {
- if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>())
- return frag->fragment_size();
- return 0;
- }
-
bool supports_session_ticket() const
{
return m_extensions.has<Session_Ticket>();
@@ -138,6 +136,11 @@ class Client_Hello : public Handshake_Message
return m_extensions.has<Application_Layer_Protocol_Notification>();
}
+ bool supports_extended_master_secret() const
+ {
+ return m_extensions.has<Extended_Master_Secret>();
+ }
+
std::vector<std::string> next_protocols() const
{
if(auto alpn = m_extensions.get<Application_Layer_Protocol_Notification>())
@@ -145,18 +148,6 @@ class Client_Hello : public Handshake_Message
return std::vector<std::string>();
}
- bool supports_heartbeats() const
- {
- return m_extensions.has<Heartbeat_Support_Indicator>();
- }
-
- bool peer_can_send_heartbeats() const
- {
- if(Heartbeat_Support_Indicator* hb = m_extensions.get<Heartbeat_Support_Indicator>())
- return hb->peer_allowed_to_send();
- return false;
- }
-
std::vector<u16bit> srtp_profiles() const
{
if(SRTP_Protection_Profiles* srtp = m_extensions.get<SRTP_Protection_Profiles>())
@@ -187,7 +178,7 @@ class Client_Hello : public Handshake_Message
const Session& resumed_session,
const std::vector<std::string>& next_protocols);
- Client_Hello(const std::vector<byte>& buf);
+ explicit Client_Hello(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -205,7 +196,7 @@ class Client_Hello : public Handshake_Message
/**
* Server Hello Message
*/
-class Server_Hello : public Handshake_Message
+class Server_Hello final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_HELLO; }
@@ -232,11 +223,9 @@ class Server_Hello : public Handshake_Message
return std::vector<byte>();
}
- size_t fragment_size() const
+ bool supports_extended_master_secret() const
{
- if(Maximum_Fragment_Length* frag = m_extensions.get<Maximum_Fragment_Length>())
- return frag->fragment_size();
- return 0;
+ return m_extensions.has<Extended_Master_Secret>();
}
bool supports_session_ticket() const
@@ -244,18 +233,6 @@ class Server_Hello : public Handshake_Message
return m_extensions.has<Session_Ticket>();
}
- bool supports_heartbeats() const
- {
- return m_extensions.has<Heartbeat_Support_Indicator>();
- }
-
- bool peer_can_send_heartbeats() const
- {
- if(auto hb = m_extensions.get<Heartbeat_Support_Indicator>())
- return hb->peer_allowed_to_send();
- return false;
- }
-
u16bit srtp_profile() const
{
if(auto srtp = m_extensions.get<SRTP_Protection_Profiles>())
@@ -290,7 +267,7 @@ class Server_Hello : public Handshake_Message
u16bit ciphersuite,
byte compression,
bool offer_session_ticket,
- const std::string next_protocol);
+ const std::string& next_protocol);
Server_Hello(Handshake_IO& io,
Handshake_Hash& hash,
@@ -302,7 +279,7 @@ class Server_Hello : public Handshake_Message
bool offer_session_ticket,
const std::string& next_protocol);
- Server_Hello(const std::vector<byte>& buf);
+ explicit Server_Hello(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -317,7 +294,7 @@ class Server_Hello : public Handshake_Message
/**
* Client Key Exchange Message
*/
-class Client_Key_Exchange : public Handshake_Message
+class Client_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CLIENT_KEX; }
@@ -351,7 +328,7 @@ class Client_Key_Exchange : public Handshake_Message
/**
* Certificate Message
*/
-class Certificate : public Handshake_Message
+class Certificate final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE; }
@@ -364,7 +341,7 @@ class Certificate : public Handshake_Message
Handshake_Hash& hash,
const std::vector<X509_Certificate>& certs);
- Certificate(const std::vector<byte>& buf);
+ explicit Certificate(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -374,7 +351,7 @@ class Certificate : public Handshake_Message
/**
* Certificate Request Message
*/
-class Certificate_Req : public Handshake_Message
+class Certificate_Req final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_REQUEST; }
@@ -407,7 +384,7 @@ class Certificate_Req : public Handshake_Message
/**
* Certificate Verify Message
*/
-class Certificate_Verify : public Handshake_Message
+class Certificate_Verify final : public Handshake_Message
{
public:
Handshake_Type type() const override { return CERTIFICATE_VERIFY; }
@@ -418,7 +395,8 @@ class Certificate_Verify : public Handshake_Message
* @param state the handshake state
*/
bool verify(const X509_Certificate& cert,
- const Handshake_State& state) const;
+ const Handshake_State& state,
+ const Policy& policy) const;
Certificate_Verify(Handshake_IO& io,
Handshake_State& state,
@@ -439,7 +417,7 @@ class Certificate_Verify : public Handshake_Message
/**
* Finished Message
*/
-class Finished : public Handshake_Message
+class Finished final : public Handshake_Message
{
public:
Handshake_Type type() const override { return FINISHED; }
@@ -454,7 +432,7 @@ class Finished : public Handshake_Message
Handshake_State& state,
Connection_Side side);
- Finished(const std::vector<byte>& buf);
+ explicit Finished(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -464,13 +442,13 @@ class Finished : public Handshake_Message
/**
* Hello Request Message
*/
-class Hello_Request : public Handshake_Message
+class Hello_Request final : public Handshake_Message
{
public:
Handshake_Type type() const override { return HELLO_REQUEST; }
- Hello_Request(Handshake_IO& io);
- Hello_Request(const std::vector<byte>& buf);
+ explicit Hello_Request(Handshake_IO& io);
+ explicit Hello_Request(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
};
@@ -478,7 +456,7 @@ class Hello_Request : public Handshake_Message
/**
* Server Key Exchange Message
*/
-class Server_Key_Exchange : public Handshake_Message
+class Server_Key_Exchange final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_KEX; }
@@ -486,13 +464,20 @@ class Server_Key_Exchange : public Handshake_Message
const std::vector<byte>& params() const { return m_params; }
bool verify(const Public_Key& server_key,
- const Handshake_State& state) const;
+ const Handshake_State& state,
+ const Policy& policy) const;
// Only valid for certain kex types
const Private_Key& server_kex_key() const;
+#if defined(BOTAN_HAS_SRP6)
// Only valid for SRP negotiation
- SRP6_Server_Session& server_srp_params() const;
+ SRP6_Server_Session& server_srp_params() const
+ {
+ BOTAN_ASSERT_NONNULL(m_srp_params);
+ return *m_srp_params;
+ }
+#endif
Server_Key_Exchange(Handshake_IO& io,
Handshake_State& state,
@@ -510,8 +495,10 @@ class Server_Key_Exchange : public Handshake_Message
private:
std::vector<byte> serialize() const override;
- std::unique_ptr<Private_Key> m_kex_key;
+#if defined(BOTAN_HAS_SRP6)
std::unique_ptr<SRP6_Server_Session> m_srp_params;
+#endif
+ std::unique_ptr<Private_Key> m_kex_key;
std::vector<byte> m_params;
@@ -523,13 +510,13 @@ class Server_Key_Exchange : public Handshake_Message
/**
* Server Hello Done Message
*/
-class Server_Hello_Done : public Handshake_Message
+class Server_Hello_Done final : public Handshake_Message
{
public:
Handshake_Type type() const override { return SERVER_HELLO_DONE; }
Server_Hello_Done(Handshake_IO& io, Handshake_Hash& hash);
- Server_Hello_Done(const std::vector<byte>& buf);
+ explicit Server_Hello_Done(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
};
@@ -537,7 +524,7 @@ class Server_Hello_Done : public Handshake_Message
/**
* New Session Ticket Message
*/
-class New_Session_Ticket : public Handshake_Message
+class New_Session_Ticket final : public Handshake_Message
{
public:
Handshake_Type type() const override { return NEW_SESSION_TICKET; }
@@ -553,7 +540,7 @@ class New_Session_Ticket : public Handshake_Message
New_Session_Ticket(Handshake_IO& io,
Handshake_Hash& hash);
- New_Session_Ticket(const std::vector<byte>& buf);
+ explicit New_Session_Ticket(const std::vector<byte>& buf);
private:
std::vector<byte> serialize() const override;
@@ -564,7 +551,7 @@ class New_Session_Ticket : public Handshake_Message
/**
* Change Cipher Spec
*/
-class Change_Cipher_Spec : public Handshake_Message
+class Change_Cipher_Spec final : public Handshake_Message
{
public:
Handshake_Type type() const override { return HANDSHAKE_CCS; }
diff --git a/src/lib/tls/tls_policy.cpp b/src/lib/tls/tls_policy.cpp
index 374c5f12b..be4c61b16 100644
--- a/src/lib/tls/tls_policy.cpp
+++ b/src/lib/tls/tls_policy.cpp
@@ -1,6 +1,6 @@
/*
* Policies for TLS
-* (C) 2004-2010,2012,2015 Jack Lloyd
+* (C) 2004-2010,2012,2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -64,7 +64,7 @@ std::vector<std::string> Policy::allowed_macs() const
std::vector<std::string> Policy::allowed_key_exchange_methods() const
{
return {
- "SRP_SHA",
+ //"SRP_SHA",
//"ECDHE_PSK",
//"DHE_PSK",
//"PSK",
@@ -80,10 +80,15 @@ std::vector<std::string> Policy::allowed_signature_methods() const
"ECDSA",
"RSA",
"DSA",
- //""
+ //"" (anon)
};
}
+bool Policy::allowed_signature_method(const std::string& sig_method) const
+ {
+ return value_exists(allowed_signature_methods(), sig_method);
+ }
+
std::vector<std::string> Policy::allowed_ecc_curves() const
{
return {
@@ -167,7 +172,6 @@ bool Policy::acceptable_ciphersuite(const Ciphersuite&) const
return true;
}
-bool Policy::negotiate_heartbeat_support() const { return false; }
bool Policy::allow_server_initiated_renegotiation() const { return false; }
bool Policy::allow_insecure_renegotiation() const { return false; }
bool Policy::include_time_in_hello_random() const { return true; }
@@ -270,9 +274,7 @@ std::vector<u16bit> Policy::ciphersuite_list(Protocol_Version version,
const std::vector<std::string> kex = allowed_key_exchange_methods();
const std::vector<std::string> sigs = allowed_signature_methods();
- Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
-
- std::set<Ciphersuite, Ciphersuite_Preference_Ordering> ciphersuites(order);
+ std::vector<Ciphersuite> ciphersuites;
for(auto&& suite : Ciphersuite::all_known_ciphersuites())
{
@@ -301,13 +303,16 @@ std::vector<u16bit> Policy::ciphersuite_list(Protocol_Version version,
continue;
}
- // OK, allow it:
- ciphersuites.insert(suite);
+ // OK, consider it
+ ciphersuites.push_back(suite);
}
if(ciphersuites.empty())
throw Exception("Policy does not allow any available cipher suite");
+ Ciphersuite_Preference_Ordering order(ciphers, macs, kex, sigs);
+ std::sort(ciphersuites.begin(), ciphersuites.end(), order);
+
std::vector<u16bit> ciphersuite_codes;
for(auto i : ciphersuites)
ciphersuite_codes.push_back(i.ciphersuite_code());
@@ -347,7 +352,6 @@ void Policy::print(std::ostream& o) const
print_vec(o, "key_exchange_methods", allowed_key_exchange_methods());
print_vec(o, "ecc_curves", allowed_ecc_curves());
- print_bool(o, "negotiate_heartbeat_support", negotiate_heartbeat_support());
print_bool(o, "allow_insecure_renegotiation", allow_insecure_renegotiation());
print_bool(o, "include_time_in_hello_random", include_time_in_hello_random());
print_bool(o, "allow_server_initiated_renegotiation", allow_server_initiated_renegotiation());
diff --git a/src/lib/tls/tls_policy.h b/src/lib/tls/tls_policy.h
index 4d496cc7d..67388b115 100644
--- a/src/lib/tls/tls_policy.h
+++ b/src/lib/tls/tls_policy.h
@@ -57,6 +57,8 @@ class BOTAN_DLL Policy
*/
virtual std::vector<std::string> allowed_signature_methods() const;
+ bool allowed_signature_method(const std::string& sig_method) const;
+
/**
* Return list of ECC curves we are willing to use in order of preference
*/
@@ -77,11 +79,6 @@ class BOTAN_DLL Policy
virtual std::string choose_curve(const std::vector<std::string>& curve_names) const;
/**
- * Attempt to negotiate the use of the heartbeat extension
- */
- virtual bool negotiate_heartbeat_support() const;
-
- /**
* Allow renegotiation even if the counterparty doesn't
* support the secure renegotiation extension.
*
@@ -269,9 +266,6 @@ class BOTAN_DLL Text_Policy : public Policy
std::vector<std::string> allowed_ecc_curves() const override
{ return get_list("ecc_curves", Policy::allowed_ecc_curves()); }
- bool negotiate_heartbeat_support() const override
- { return get_bool("negotiate_heartbeat_support", Policy::negotiate_heartbeat_support()); }
-
bool allow_insecure_renegotiation() const override
{ return get_bool("allow_insecure_renegotiation", Policy::allow_insecure_renegotiation()); }
@@ -308,16 +302,14 @@ class BOTAN_DLL Text_Policy : public Policy
void set(const std::string& k, const std::string& v) { m_kv[k] = v; }
- Text_Policy(const std::string& s)
+ explicit Text_Policy(const std::string& s)
{
std::istringstream iss(s);
m_kv = read_cfg(iss);
}
- Text_Policy(std::istream& in)
- {
- m_kv = read_cfg(in);
- }
+ explicit Text_Policy(std::istream& in) : m_kv(read_cfg(in))
+ {}
private:
@@ -326,7 +318,7 @@ class BOTAN_DLL Text_Policy : public Policy
{
const std::string v = get_str(key);
- if(v == "")
+ if(v.empty())
return def;
return split_on(v, ' ');
@@ -336,7 +328,7 @@ class BOTAN_DLL Text_Policy : public Policy
{
const std::string v = get_str(key);
- if(v == "")
+ if(v.empty())
return def;
return to_u32bit(v);
@@ -346,7 +338,7 @@ class BOTAN_DLL Text_Policy : public Policy
{
const std::string v = get_str(key);
- if(v == "")
+ if(v.empty())
return def;
if(v == "true" || v == "True")
diff --git a/src/lib/tls/tls_record.cpp b/src/lib/tls/tls_record.cpp
index e38b26547..bdb37baad 100644
--- a/src/lib/tls/tls_record.cpp
+++ b/src/lib/tls/tls_record.cpp
@@ -456,7 +456,11 @@ size_t read_tls_record(secure_vector<byte>& readbuf,
if(record_len > MAX_CIPHERTEXT_SIZE)
throw TLS_Exception(Alert::RECORD_OVERFLOW,
- "Got message that exceeds maximum size");
+ "Received a record that exceeds maximum size");
+
+ if(record_len == 0)
+ throw TLS_Exception(Alert::DECODE_ERROR,
+ "Received a completely empty record");
if(size_t needed = fill_buffer_to(readbuf,
input, input_sz, consumed,
@@ -543,9 +547,12 @@ size_t read_dtls_record(secure_vector<byte>& readbuf,
const size_t record_len = make_u16bit(readbuf[DTLS_HEADER_SIZE-2],
readbuf[DTLS_HEADER_SIZE-1]);
- if(record_len > MAX_CIPHERTEXT_SIZE)
- throw TLS_Exception(Alert::RECORD_OVERFLOW,
- "Got message that exceeds maximum size");
+ // Invalid packet:
+ if(record_len == 0 || record_len > MAX_CIPHERTEXT_SIZE)
+ {
+ readbuf.clear();
+ return 0;
+ }
if(fill_buffer_to(readbuf, input, input_sz, consumed, DTLS_HEADER_SIZE + record_len))
{
diff --git a/src/lib/tls/tls_seq_numbers.h b/src/lib/tls/tls_seq_numbers.h
index 09962075e..aa0cfe1f4 100644
--- a/src/lib/tls/tls_seq_numbers.h
+++ b/src/lib/tls/tls_seq_numbers.h
@@ -32,7 +32,7 @@ class Connection_Sequence_Numbers
virtual void read_accept(u64bit seq) = 0;
};
-class Stream_Sequence_Numbers : public Connection_Sequence_Numbers
+class Stream_Sequence_Numbers final : public Connection_Sequence_Numbers
{
public:
void new_read_cipher_state() override { m_read_seq_no = 0; m_read_epoch += 1; }
@@ -53,7 +53,7 @@ class Stream_Sequence_Numbers : public Connection_Sequence_Numbers
u16bit m_write_epoch = 0;
};
-class Datagram_Sequence_Numbers : public Connection_Sequence_Numbers
+class Datagram_Sequence_Numbers final : public Connection_Sequence_Numbers
{
public:
Datagram_Sequence_Numbers() { m_write_seqs[0] = 0; }
diff --git a/src/lib/tls/tls_server.cpp b/src/lib/tls/tls_server.cpp
index 774827346..41b14ae08 100644
--- a/src/lib/tls/tls_server.cpp
+++ b/src/lib/tls/tls_server.cpp
@@ -1,6 +1,6 @@
/*
* TLS Server
-* (C) 2004-2011,2012 Jack Lloyd
+* (C) 2004-2011,2012,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -84,12 +84,14 @@ bool check_for_resume(Session& session_info,
session_info.compression_method()))
return false;
+#if defined(BOTAN_HAS_SRP6)
// client sent a different SRP identity
if(client_hello->srp_identifier() != "")
{
if(client_hello->srp_identifier() != session_info.srp_identifier())
return false;
}
+#endif
// client sent a different SNI hostname
if(client_hello->sni_hostname() != "")
@@ -98,6 +100,24 @@ bool check_for_resume(Session& session_info,
return false;
}
+ // Checking extended_master_secret on resume (RFC 7627 section 5.3)
+ if(client_hello->supports_extended_master_secret() != session_info.supports_extended_master_secret())
+ {
+ if(!session_info.supports_extended_master_secret())
+ {
+ return false; // force new handshake with extended master secret
+ }
+ else
+ {
+ /*
+ Client previously negotiated session with extended master secret,
+ but has now attempted to resume without the extension: abort
+ */
+ throw TLS_Exception(Alert::HANDSHAKE_FAILURE,
+ "Client resumed extended ms session without sending extension");
+ }
+ }
+
return true;
}
@@ -142,6 +162,7 @@ u16bit choose_ciphersuite(
if(suite.sig_algo() != "" && cert_chains.count(suite.sig_algo()) == 0)
continue;
+#if defined(BOTAN_HAS_SRP6)
/*
The client may offer SRP cipher suites in the hello message but
omit the SRP extension. If the server would like to select an
@@ -153,6 +174,7 @@ u16bit choose_ciphersuite(
if(suite.kex_algo() == "SRP_SHA" && client_hello->srp_identifier() == "")
throw TLS_Exception(Alert::UNKNOWN_PSK_IDENTITY,
"Client wanted SRP but did not send username");
+#endif
return suite_id;
}
@@ -596,7 +618,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state,
state.client_certs()->cert_chain();
const bool sig_valid =
- state.client_verify()->verify(client_certs[0], state);
+ state.client_verify()->verify(client_certs[0], state, policy());
state.hash().update(state.handshake_io().format(contents, type));
@@ -647,7 +669,7 @@ void Server::process_handshake_msg(const Handshake_State* active_state,
state.server_hello()->ciphersuite(),
state.server_hello()->compression_method(),
SERVER,
- state.server_hello()->fragment_size(),
+ state.server_hello()->supports_extended_master_secret(),
get_peer_cert_chain(state),
std::vector<byte>(),
Server_Information(state.client_hello()->sni_hostname()),
diff --git a/src/lib/tls/tls_server.h b/src/lib/tls/tls_server.h
index ffe1111bc..5ea2a1318 100644
--- a/src/lib/tls/tls_server.h
+++ b/src/lib/tls/tls_server.h
@@ -19,7 +19,7 @@ namespace TLS {
/**
* TLS Server
*/
-class BOTAN_DLL Server : public Channel
+class BOTAN_DLL Server final : public Channel
{
public:
typedef std::function<std::string (std::vector<std::string>)> next_protocol_fn;
diff --git a/src/lib/tls/tls_session.cpp b/src/lib/tls/tls_session.cpp
index 7089a70f0..6d5fc1a7b 100644
--- a/src/lib/tls/tls_session.cpp
+++ b/src/lib/tls/tls_session.cpp
@@ -23,7 +23,7 @@ Session::Session(const std::vector<byte>& session_identifier,
u16bit ciphersuite,
byte compression_method,
Connection_Side side,
- size_t fragment_size,
+ bool extended_master_secret,
const std::vector<X509_Certificate>& certs,
const std::vector<byte>& ticket,
const Server_Information& server_info,
@@ -38,7 +38,7 @@ Session::Session(const std::vector<byte>& session_identifier,
m_compression_method(compression_method),
m_connection_side(side),
m_srtp_profile(srtp_profile),
- m_fragment_size(fragment_size),
+ m_extended_master_secret(extended_master_secret),
m_peer_certs(certs),
m_server_info(server_info),
m_srp_identifier(srp_identifier)
@@ -67,6 +67,7 @@ Session::Session(const byte ber[], size_t ber_len)
size_t start_time = 0;
size_t srtp_profile = 0;
+ size_t fragment_size = 0;
BER_Decoder(ber, ber_len)
.start_cons(SEQUENCE)
@@ -80,7 +81,8 @@ Session::Session(const byte ber[], size_t ber_len)
.decode_integer_type(m_ciphersuite)
.decode_integer_type(m_compression_method)
.decode_integer_type(side_code)
- .decode_integer_type(m_fragment_size)
+ .decode_integer_type(fragment_size)
+ .decode(m_extended_master_secret)
.decode(m_master_secret, OCTET_STRING)
.decode(peer_cert_bits, OCTET_STRING)
.decode(server_hostname)
@@ -91,6 +93,16 @@ Session::Session(const byte ber[], size_t ber_len)
.end_cons()
.verify_end();
+ /*
+ Fragment size is not supported anymore, but the field is still
+ set in the session object.
+ */
+ if(fragment_size != 0)
+ {
+ throw Decoding_Error("Serialized TLS session used maximum fragment length which is "
+ " no longer supported");
+ }
+
m_version = Protocol_Version(major_version, minor_version);
m_start_time = std::chrono::system_clock::from_time_t(start_time);
m_connection_side = static_cast<Connection_Side>(side_code);
@@ -128,7 +140,8 @@ secure_vector<byte> Session::DER_encode() const
.encode(static_cast<size_t>(m_ciphersuite))
.encode(static_cast<size_t>(m_compression_method))
.encode(static_cast<size_t>(m_connection_side))
- .encode(static_cast<size_t>(m_fragment_size))
+ .encode(static_cast<size_t>(/*old fragment size*/0))
+ .encode(m_extended_master_secret)
.encode(m_master_secret, OCTET_STRING)
.encode(peer_cert_bits, OCTET_STRING)
.encode(ASN1_String(m_server_info.hostname(), UTF8_STRING))
diff --git a/src/lib/tls/tls_session.h b/src/lib/tls/tls_session.h
index 81c662507..8ca646cf2 100644
--- a/src/lib/tls/tls_session.h
+++ b/src/lib/tls/tls_session.h
@@ -38,7 +38,7 @@ class BOTAN_DLL Session
m_compression_method(0),
m_connection_side(static_cast<Connection_Side>(0)),
m_srtp_profile(0),
- m_fragment_size(0)
+ m_extended_master_secret(false)
{}
/**
@@ -50,7 +50,7 @@ class BOTAN_DLL Session
u16bit ciphersuite,
byte compression_method,
Connection_Side side,
- size_t fragment_size,
+ bool supports_extended_master_secret,
const std::vector<X509_Certificate>& peer_certs,
const std::vector<byte>& session_ticket,
const Server_Information& server_info,
@@ -65,7 +65,7 @@ class BOTAN_DLL Session
/**
* Load a session from PEM representation (created by PEM_encode)
*/
- Session(const std::string& pem);
+ explicit Session(const std::string& pem);
/**
* Encode this session data for storage
@@ -151,15 +151,12 @@ class BOTAN_DLL Session
const std::vector<byte>& session_id() const { return m_identifier; }
/**
- * Get the negotiated maximum fragment size (or 0 if default)
- */
- size_t fragment_size() const { return m_fragment_size; }
-
- /**
* Get the negotiated DTLS-SRTP algorithm (RFC 5764)
*/
u16bit dtls_srtp_profile() const { return m_srtp_profile; }
+ bool supports_extended_master_secret() const { return m_extended_master_secret; }
+
/**
* Return the certificate chain of the peer (possibly empty)
*/
@@ -183,7 +180,7 @@ class BOTAN_DLL Session
const Server_Information& server_info() const { return m_server_info; }
private:
- enum { TLS_SESSION_PARAM_STRUCT_VERSION = 20150104 };
+ enum { TLS_SESSION_PARAM_STRUCT_VERSION = 20160103 };
std::chrono::system_clock::time_point m_start_time;
@@ -196,8 +193,7 @@ class BOTAN_DLL Session
byte m_compression_method;
Connection_Side m_connection_side;
u16bit m_srtp_profile;
-
- size_t m_fragment_size;
+ bool m_extended_master_secret;
std::vector<X509_Certificate> m_peer_certs;
Server_Information m_server_info; // optional
diff --git a/src/lib/tls/tls_session_key.cpp b/src/lib/tls/tls_session_key.cpp
index 574b6940b..0e796aa23 100644
--- a/src/lib/tls/tls_session_key.cpp
+++ b/src/lib/tls/tls_session_key.cpp
@@ -1,6 +1,6 @@
/*
* TLS Session Key
-* (C) 2004-2006,2011 Jack Lloyd
+* (C) 2004-2006,2011,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -24,11 +24,17 @@ Session_Keys::Session_Keys(const Handshake_State* state,
const size_t mac_keylen = state->ciphersuite().mac_keylen();
const size_t cipher_nonce_bytes = state->ciphersuite().nonce_bytes_from_handshake();
+ const bool extended_master_secret = state->server_hello()->supports_extended_master_secret();
+
const size_t prf_gen = 2 * (mac_keylen + cipher_keylen + cipher_nonce_bytes);
const byte MASTER_SECRET_MAGIC[] = {
0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };
+ const byte EXT_MASTER_SECRET_MAGIC[] = {
+ 0x65, 0x78, 0x74, 0x65, 0x6E, 0x64, 0x65, 0x64, 0x20,
+ 0x6D, 0x61, 0x73, 0x74, 0x65, 0x72, 0x20, 0x73, 0x65, 0x63, 0x72, 0x65, 0x74 };
+
const byte KEY_GEN_MAGIC[] = {
0x6B, 0x65, 0x79, 0x20, 0x65, 0x78, 0x70, 0x61, 0x6E, 0x73, 0x69, 0x6F, 0x6E };
@@ -36,16 +42,26 @@ Session_Keys::Session_Keys(const Handshake_State* state,
if(resuming)
{
- master_sec = pre_master_secret;
+ // This is actually the master secret saved as part of the session
+ m_master_sec = pre_master_secret;
}
else
{
secure_vector<byte> salt;
- salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
- salt += state->client_hello()->random();
- salt += state->server_hello()->random();
-
- master_sec = prf->derive_key(48, pre_master_secret, salt);
+ if(extended_master_secret)
+ {
+ salt += std::make_pair(EXT_MASTER_SECRET_MAGIC, sizeof(EXT_MASTER_SECRET_MAGIC));
+ salt += state->hash().final(state->version(),
+ state->ciphersuite().prf_algo());
+ }
+ else
+ {
+ salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
+ salt += state->client_hello()->random();
+ salt += state->server_hello()->random();
+ }
+
+ m_master_sec = prf->derive_key(48, pre_master_secret, salt);
}
secure_vector<byte> salt;
@@ -53,26 +69,26 @@ Session_Keys::Session_Keys(const Handshake_State* state,
salt += state->server_hello()->random();
salt += state->client_hello()->random();
- SymmetricKey keyblock = prf->derive_key(prf_gen, master_sec, salt);
+ SymmetricKey keyblock = prf->derive_key(prf_gen, m_master_sec, salt);
const byte* key_data = keyblock.begin();
- c_mac = SymmetricKey(key_data, mac_keylen);
+ m_c_mac = SymmetricKey(key_data, mac_keylen);
key_data += mac_keylen;
- s_mac = SymmetricKey(key_data, mac_keylen);
+ m_s_mac = SymmetricKey(key_data, mac_keylen);
key_data += mac_keylen;
- c_cipher = SymmetricKey(key_data, cipher_keylen);
+ m_c_cipher = SymmetricKey(key_data, cipher_keylen);
key_data += cipher_keylen;
- s_cipher = SymmetricKey(key_data, cipher_keylen);
+ m_s_cipher = SymmetricKey(key_data, cipher_keylen);
key_data += cipher_keylen;
- c_iv = InitializationVector(key_data, cipher_nonce_bytes);
+ m_c_iv = InitializationVector(key_data, cipher_nonce_bytes);
key_data += cipher_nonce_bytes;
- s_iv = InitializationVector(key_data, cipher_nonce_bytes);
+ m_s_iv = InitializationVector(key_data, cipher_nonce_bytes);
}
}
diff --git a/src/lib/tls/tls_session_key.h b/src/lib/tls/tls_session_key.h
index 6b74f907d..23c4a78fb 100644
--- a/src/lib/tls/tls_session_key.h
+++ b/src/lib/tls/tls_session_key.h
@@ -20,16 +20,16 @@ namespace TLS {
class Session_Keys
{
public:
- SymmetricKey client_cipher_key() const { return c_cipher; }
- SymmetricKey server_cipher_key() const { return s_cipher; }
+ SymmetricKey client_cipher_key() const { return m_c_cipher; }
+ SymmetricKey server_cipher_key() const { return m_s_cipher; }
- SymmetricKey client_mac_key() const { return c_mac; }
- SymmetricKey server_mac_key() const { return s_mac; }
+ SymmetricKey client_mac_key() const { return m_c_mac; }
+ SymmetricKey server_mac_key() const { return m_s_mac; }
- InitializationVector client_iv() const { return c_iv; }
- InitializationVector server_iv() const { return s_iv; }
+ InitializationVector client_iv() const { return m_c_iv; }
+ InitializationVector server_iv() const { return m_s_iv; }
- const secure_vector<byte>& master_secret() const { return master_sec; }
+ const secure_vector<byte>& master_secret() const { return m_master_sec; }
Session_Keys() {}
@@ -38,9 +38,9 @@ class Session_Keys
bool resuming);
private:
- secure_vector<byte> master_sec;
- SymmetricKey c_cipher, s_cipher, c_mac, s_mac;
- InitializationVector c_iv, s_iv;
+ secure_vector<byte> m_master_sec;
+ SymmetricKey m_c_cipher, m_s_cipher, m_c_mac, m_s_mac;
+ InitializationVector m_c_iv, m_s_iv;
};
}
diff --git a/src/lib/tls/tls_session_manager.h b/src/lib/tls/tls_session_manager.h
index 5ab151c26..e01462f66 100644
--- a/src/lib/tls/tls_session_manager.h
+++ b/src/lib/tls/tls_session_manager.h
@@ -127,7 +127,7 @@ class BOTAN_DLL Session_Manager_In_Memory : public Session_Manager
void remove_entry(const std::vector<byte>& session_id) override;
- size_t remove_all();
+ size_t remove_all() override;
void save(const Session& session_data) override;
diff --git a/src/lib/tls/tls_suite_info.cpp b/src/lib/tls/tls_suite_info.cpp
index 5aff035b9..0bebecb82 100644
--- a/src/lib/tls/tls_suite_info.cpp
+++ b/src/lib/tls/tls_suite_info.cpp
@@ -3,7 +3,7 @@
*
* This file was automatically generated from the IANA assignments
* (tls-parameters.txt hash 6a934405ed41aa4d6113dad17f815867741430ac)
-* by ./src/scripts/tls_suite_info.py on 2015-11-13
+* by ./src/scripts/tls_suite_info.py on 2016-01-06
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -14,51 +14,262 @@ namespace Botan {
namespace TLS {
+std::vector<u16bit> Ciphersuite::all_known_ciphersuite_ids()
+ {
+ return std::vector<u16bit>{
+ 0x000A,
+ 0x0013,
+ 0x0016,
+ 0x001B,
+ 0x002F,
+ 0x0032,
+ 0x0033,
+ 0x0034,
+ 0x0035,
+ 0x0038,
+ 0x0039,
+ 0x003A,
+ 0x003C,
+ 0x003D,
+ 0x0040,
+ 0x0041,
+ 0x0044,
+ 0x0045,
+ 0x0046,
+ 0x0067,
+ 0x006A,
+ 0x006B,
+ 0x006C,
+ 0x006D,
+ 0x0084,
+ 0x0087,
+ 0x0088,
+ 0x0089,
+ 0x008B,
+ 0x008C,
+ 0x008D,
+ 0x008F,
+ 0x0090,
+ 0x0091,
+ 0x0096,
+ 0x0099,
+ 0x009A,
+ 0x009B,
+ 0x009C,
+ 0x009D,
+ 0x009E,
+ 0x009F,
+ 0x00A2,
+ 0x00A3,
+ 0x00A6,
+ 0x00A7,
+ 0x00A8,
+ 0x00A9,
+ 0x00AA,
+ 0x00AB,
+ 0x00AE,
+ 0x00AF,
+ 0x00B2,
+ 0x00B3,
+ 0x00BA,
+ 0x00BD,
+ 0x00BE,
+ 0x00BF,
+ 0x00C0,
+ 0x00C3,
+ 0x00C4,
+ 0x00C5,
+ 0xC008,
+ 0xC009,
+ 0xC00A,
+ 0xC012,
+ 0xC013,
+ 0xC014,
+ 0xC017,
+ 0xC018,
+ 0xC019,
+ 0xC01A,
+ 0xC01B,
+ 0xC01C,
+ 0xC01D,
+ 0xC01E,
+ 0xC01F,
+ 0xC020,
+ 0xC021,
+ 0xC022,
+ 0xC023,
+ 0xC024,
+ 0xC027,
+ 0xC028,
+ 0xC02B,
+ 0xC02C,
+ 0xC02F,
+ 0xC030,
+ 0xC034,
+ 0xC035,
+ 0xC036,
+ 0xC037,
+ 0xC038,
+ 0xC072,
+ 0xC073,
+ 0xC076,
+ 0xC077,
+ 0xC07A,
+ 0xC07B,
+ 0xC07C,
+ 0xC07D,
+ 0xC080,
+ 0xC081,
+ 0xC084,
+ 0xC085,
+ 0xC086,
+ 0xC087,
+ 0xC08A,
+ 0xC08B,
+ 0xC08E,
+ 0xC08F,
+ 0xC090,
+ 0xC091,
+ 0xC094,
+ 0xC095,
+ 0xC096,
+ 0xC097,
+ 0xC09A,
+ 0xC09B,
+ 0xC09C,
+ 0xC09D,
+ 0xC09E,
+ 0xC09F,
+ 0xC0A0,
+ 0xC0A1,
+ 0xC0A2,
+ 0xC0A3,
+ 0xC0A4,
+ 0xC0A5,
+ 0xC0A6,
+ 0xC0A7,
+ 0xC0A8,
+ 0xC0A9,
+ 0xC0AA,
+ 0xC0AB,
+ 0xC0AC,
+ 0xC0AD,
+ 0xC0AE,
+ 0xC0AF,
+ 0xCC13,
+ 0xCC14,
+ 0xCC15,
+ 0xFFF0,
+ 0xFFF1,
+ 0xFFF2,
+ 0xFFF3,
+ 0xFFF4,
+ 0xFFF5,
+ 0xFFF6,
+ 0xFFF7,
+ 0xFFF8,
+ 0xFFF9,
+ 0xFFFA,
+ 0xFFFB,
+ };
+}
+
Ciphersuite Ciphersuite::by_id(u16bit suite)
{
switch(suite)
{
+ case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0x000A, "RSA", "RSA", "3DES", 24, 8, 0, "SHA-1", 20);
+
case 0x0013: // DHE_DSS_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0x0013, "DSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0x0016, "RSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
+
+ case 0x001B: // DH_anon_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0x001B, "", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
+
+ case 0x002F: // RSA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0x002F, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-1", 20);
+
case 0x0032: // DHE_DSS_WITH_AES_128_CBC_SHA
return Ciphersuite(0x0032, "DSA", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x0040: // DHE_DSS_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x0040, "DSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0x0033: // DHE_RSA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0x0033, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x00A2: // DHE_DSS_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x00A2, "DSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x0034: // DH_anon_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0x0034, "", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);
+
+ case 0x0035: // RSA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0x0035, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-1", 20);
case 0x0038: // DHE_DSS_WITH_AES_256_CBC_SHA
return Ciphersuite(0x0038, "DSA", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x006A: // DHE_DSS_WITH_AES_256_CBC_SHA256
- return Ciphersuite(0x006A, "DSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+ case 0x0039: // DHE_RSA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0x0039, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x00A3: // DHE_DSS_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x00A3, "DSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x003A: // DH_anon_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0x003A, "", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);
+
+ case 0x003C: // RSA_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x003C, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-256", 32);
+
+ case 0x003D: // RSA_WITH_AES_256_CBC_SHA256
+ return Ciphersuite(0x003D, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-256", 32);
+
+ case 0x0040: // DHE_DSS_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x0040, "DSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+
+ case 0x0041: // RSA_WITH_CAMELLIA_128_CBC_SHA
+ return Ciphersuite(0x0041, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-1", 20);
case 0x0044: // DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
return Ciphersuite(0x0044, "DSA", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);
- case 0x00BD: // DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0x00BD, "DSA", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0x0045: // DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
+ return Ciphersuite(0x0045, "RSA", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);
- case 0xC080: // DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC080, "DSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x0046: // DH_anon_WITH_CAMELLIA_128_CBC_SHA
+ return Ciphersuite(0x0046, "", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);
+
+ case 0x0067: // DHE_RSA_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x0067, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+
+ case 0x006A: // DHE_DSS_WITH_AES_256_CBC_SHA256
+ return Ciphersuite(0x006A, "DSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+
+ case 0x006B: // DHE_RSA_WITH_AES_256_CBC_SHA256
+ return Ciphersuite(0x006B, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+
+ case 0x006C: // DH_anon_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x006C, "", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+
+ case 0x006D: // DH_anon_WITH_AES_256_CBC_SHA256
+ return Ciphersuite(0x006D, "", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+
+ case 0x0084: // RSA_WITH_CAMELLIA_256_CBC_SHA
+ return Ciphersuite(0x0084, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-1", 20);
case 0x0087: // DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
return Ciphersuite(0x0087, "DSA", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);
- case 0x00C3: // DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
- return Ciphersuite(0x00C3, "DSA", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);
+ case 0x0088: // DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
+ return Ciphersuite(0x0088, "RSA", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);
- case 0xC081: // DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC081, "DSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x0089: // DH_anon_WITH_CAMELLIA_256_CBC_SHA
+ return Ciphersuite(0x0089, "", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);
- case 0x0099: // DHE_DSS_WITH_SEED_CBC_SHA
- return Ciphersuite(0x0099, "DSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
+ case 0x008B: // PSK_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0x008B, "", "PSK", "3DES", 24, 8, 0, "SHA-1", 20);
+
+ case 0x008C: // PSK_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0x008C, "", "PSK", "AES-128", 16, 16, 0, "SHA-1", 20);
+
+ case 0x008D: // PSK_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0x008D, "", "PSK", "AES-256", 32, 16, 0, "SHA-1", 20);
case 0x008F: // DHE_PSK_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0x008F, "", "DHE_PSK", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -66,203 +277,170 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0x0090: // DHE_PSK_WITH_AES_128_CBC_SHA
return Ciphersuite(0x0090, "", "DHE_PSK", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x00B2: // DHE_PSK_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x00B2, "", "DHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
-
- case 0xC0A6: // DHE_PSK_WITH_AES_128_CCM
- return Ciphersuite(0xC0A6, "", "DHE_PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0x00AA: // DHE_PSK_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x00AA, "", "DHE_PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xFFFA: // DHE_PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFFA, "", "DHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
-
case 0x0091: // DHE_PSK_WITH_AES_256_CBC_SHA
return Ciphersuite(0x0091, "", "DHE_PSK", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x00B3: // DHE_PSK_WITH_AES_256_CBC_SHA384
- return Ciphersuite(0x00B3, "", "DHE_PSK", "AES-256", 32, 16, 0, "SHA-384", 48);
+ case 0x0096: // RSA_WITH_SEED_CBC_SHA
+ return Ciphersuite(0x0096, "RSA", "RSA", "SEED", 16, 16, 0, "SHA-1", 20);
- case 0xC0A7: // DHE_PSK_WITH_AES_256_CCM
- return Ciphersuite(0xC0A7, "", "DHE_PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x0099: // DHE_DSS_WITH_SEED_CBC_SHA
+ return Ciphersuite(0x0099, "DSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
- case 0x00AB: // DHE_PSK_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x00AB, "", "DHE_PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x009A: // DHE_RSA_WITH_SEED_CBC_SHA
+ return Ciphersuite(0x009A, "RSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
- case 0xFFFB: // DHE_PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFFB, "", "DHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0x009B: // DH_anon_WITH_SEED_CBC_SHA
+ return Ciphersuite(0x009B, "", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
- case 0xC096: // DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0xC096, "", "DHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0x009C: // RSA_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x009C, "RSA", "RSA", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC090: // DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC090, "", "DHE_PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x009D: // RSA_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x009D, "RSA", "RSA", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC097: // DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- return Ciphersuite(0xC097, "", "DHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
+ case 0x009E: // DHE_RSA_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x009E, "RSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC091: // DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC091, "", "DHE_PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x009F: // DHE_RSA_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x009F, "RSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x0016: // DHE_RSA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0x0016, "RSA", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0x00A2: // DHE_DSS_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x00A2, "DSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x0033: // DHE_RSA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0x0033, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0x00A3: // DHE_DSS_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x00A3, "DSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x0067: // DHE_RSA_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x0067, "RSA", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0x00A6: // DH_anon_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x00A6, "", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC09E: // DHE_RSA_WITH_AES_128_CCM
- return Ciphersuite(0xC09E, "RSA", "DH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00A7: // DH_anon_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x00A7, "", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC0A2: // DHE_RSA_WITH_AES_128_CCM_8
- return Ciphersuite(0xC0A2, "RSA", "DH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00A8: // PSK_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x00A8, "", "PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x009E: // DHE_RSA_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x009E, "RSA", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00A9: // PSK_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x00A9, "", "PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xFFF4: // DHE_RSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF4, "RSA", "DH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0x00AA: // DHE_PSK_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0x00AA, "", "DHE_PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x0039: // DHE_RSA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0x0039, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0x00AB: // DHE_PSK_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0x00AB, "", "DHE_PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x006B: // DHE_RSA_WITH_AES_256_CBC_SHA256
- return Ciphersuite(0x006B, "RSA", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+ case 0x00AE: // PSK_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x00AE, "", "PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
- case 0xC09F: // DHE_RSA_WITH_AES_256_CCM
- return Ciphersuite(0xC09F, "RSA", "DH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00AF: // PSK_WITH_AES_256_CBC_SHA384
+ return Ciphersuite(0x00AF, "", "PSK", "AES-256", 32, 16, 0, "SHA-384", 48);
- case 0xC0A3: // DHE_RSA_WITH_AES_256_CCM_8
- return Ciphersuite(0xC0A3, "RSA", "DH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00B2: // DHE_PSK_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0x00B2, "", "DHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
- case 0x009F: // DHE_RSA_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x009F, "RSA", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x00B3: // DHE_PSK_WITH_AES_256_CBC_SHA384
+ return Ciphersuite(0x00B3, "", "DHE_PSK", "AES-256", 32, 16, 0, "SHA-384", 48);
- case 0xFFF5: // DHE_RSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF5, "RSA", "DH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0x00BA: // RSA_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0x00BA, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0x0045: // DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
- return Ciphersuite(0x0045, "RSA", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);
+ case 0x00BD: // DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0x00BD, "DSA", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
case 0x00BE: // DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
return Ciphersuite(0x00BE, "RSA", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0xC07C: // DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC07C, "RSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0x00BF: // DH_anon_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0x00BF, "", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0x0088: // DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
- return Ciphersuite(0x0088, "RSA", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);
+ case 0x00C0: // RSA_WITH_CAMELLIA_256_CBC_SHA256
+ return Ciphersuite(0x00C0, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-256", 32);
+
+ case 0x00C3: // DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
+ return Ciphersuite(0x00C3, "DSA", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);
case 0x00C4: // DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
return Ciphersuite(0x00C4, "RSA", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);
- case 0xC07D: // DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC07D, "RSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0x00C5: // DH_anon_WITH_CAMELLIA_256_CBC_SHA256
+ return Ciphersuite(0x00C5, "", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);
- case 0xCC15: // DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- return Ciphersuite(0xCC15, "RSA", "DH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
+ case 0xC008: // ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC008, "ECDSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0x009A: // DHE_RSA_WITH_SEED_CBC_SHA
- return Ciphersuite(0x009A, "RSA", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
+ case 0xC009: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC009, "ECDSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x001B: // DH_anon_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0x001B, "", "DH", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xC00A: // ECDHE_ECDSA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC00A, "ECDSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x0034: // DH_anon_WITH_AES_128_CBC_SHA
- return Ciphersuite(0x0034, "", "DH", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC012, "RSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0x006C: // DH_anon_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x006C, "", "DH", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC013: // ECDHE_RSA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC013, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x00A6: // DH_anon_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x00A6, "", "DH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC014: // ECDHE_RSA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC014, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x003A: // DH_anon_WITH_AES_256_CBC_SHA
- return Ciphersuite(0x003A, "", "DH", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC017, "", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0x006D: // DH_anon_WITH_AES_256_CBC_SHA256
- return Ciphersuite(0x006D, "", "DH", "AES-256", 32, 16, 0, "SHA-256", 32);
+ case 0xC018: // ECDH_anon_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC018, "", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x00A7: // DH_anon_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x00A7, "", "DH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC019, "", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0x0046: // DH_anon_WITH_CAMELLIA_128_CBC_SHA
- return Ciphersuite(0x0046, "", "DH", "Camellia-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC01A: // SRP_SHA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC01A, "", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0x00BF: // DH_anon_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0x00BF, "", "DH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC01B: // SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC01B, "RSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0xC084: // DH_anon_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC084, "", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC01C: // SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
+ return Ciphersuite(0xC01C, "DSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
- case 0x0089: // DH_anon_WITH_CAMELLIA_256_CBC_SHA
- return Ciphersuite(0x0089, "", "DH", "Camellia-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC01D: // SRP_SHA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC01D, "", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x00C5: // DH_anon_WITH_CAMELLIA_256_CBC_SHA256
- return Ciphersuite(0x00C5, "", "DH", "Camellia-256", 32, 16, 0, "SHA-256", 32);
+ case 0xC01E: // SRP_SHA_RSA_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC01E, "RSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0xC085: // DH_anon_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC085, "", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC01F: // SRP_SHA_DSS_WITH_AES_128_CBC_SHA
+ return Ciphersuite(0xC01F, "DSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0x009B: // DH_anon_WITH_SEED_CBC_SHA
- return Ciphersuite(0x009B, "", "DH", "SEED", 16, 16, 0, "SHA-1", 20);
+ case 0xC020: // SRP_SHA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC020, "", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0xC008: // ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC008, "ECDSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xC021: // SRP_SHA_RSA_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC021, "RSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
- case 0xC009: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC009, "ECDSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC022: // SRP_SHA_DSS_WITH_AES_256_CBC_SHA
+ return Ciphersuite(0xC022, "DSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
case 0xC023: // ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
return Ciphersuite(0xC023, "ECDSA", "ECDH", "AES-128", 16, 16, 0, "SHA-256", 32);
- case 0xC0AC: // ECDHE_ECDSA_WITH_AES_128_CCM
- return Ciphersuite(0xC0AC, "ECDSA", "ECDH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xC0AE: // ECDHE_ECDSA_WITH_AES_128_CCM_8
- return Ciphersuite(0xC0AE, "ECDSA", "ECDH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xC02B: // ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0xC02B, "ECDSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xFFF2: // ECDHE_ECDSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF2, "ECDSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
-
- case 0xC00A: // ECDHE_ECDSA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC00A, "ECDSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
-
case 0xC024: // ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
return Ciphersuite(0xC024, "ECDSA", "ECDH", "AES-256", 32, 16, 0, "SHA-384", 48);
- case 0xC0AD: // ECDHE_ECDSA_WITH_AES_256_CCM
- return Ciphersuite(0xC0AD, "ECDSA", "ECDH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC027: // ECDHE_RSA_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0xC027, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-256", 32);
- case 0xC0AF: // ECDHE_ECDSA_WITH_AES_256_CCM_8
- return Ciphersuite(0xC0AF, "ECDSA", "ECDH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC028: // ECDHE_RSA_WITH_AES_256_CBC_SHA384
+ return Ciphersuite(0xC028, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-384", 48);
+
+ case 0xC02B: // ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0xC02B, "ECDSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
case 0xC02C: // ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
return Ciphersuite(0xC02C, "ECDSA", "ECDH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xFFF3: // ECDHE_ECDSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF3, "ECDSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
-
- case 0xC072: // ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0xC072, "ECDSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
-
- case 0xC086: // ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC086, "ECDSA", "ECDH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xC073: // ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
- return Ciphersuite(0xC073, "ECDSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);
-
- case 0xC087: // ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC087, "ECDSA", "ECDH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC02F: // ECDHE_RSA_WITH_AES_128_GCM_SHA256
+ return Ciphersuite(0xC02F, "RSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xCC14: // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
- return Ciphersuite(0xCC14, "ECDSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
+ case 0xC030: // ECDHE_RSA_WITH_AES_256_GCM_SHA384
+ return Ciphersuite(0xC030, "RSA", "ECDH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
case 0xC034: // ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
return Ciphersuite(0xC034, "", "ECDHE_PSK", "3DES", 24, 8, 0, "SHA-1", 20);
@@ -270,215 +448,197 @@ Ciphersuite Ciphersuite::by_id(u16bit suite)
case 0xC035: // ECDHE_PSK_WITH_AES_128_CBC_SHA
return Ciphersuite(0xC035, "", "ECDHE_PSK", "AES-128", 16, 16, 0, "SHA-1", 20);
- case 0xC037: // ECDHE_PSK_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0xC037, "", "ECDHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
-
- case 0xFFF8: // ECDHE_PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF8, "", "ECDHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
-
case 0xC036: // ECDHE_PSK_WITH_AES_256_CBC_SHA
return Ciphersuite(0xC036, "", "ECDHE_PSK", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC037: // ECDHE_PSK_WITH_AES_128_CBC_SHA256
+ return Ciphersuite(0xC037, "", "ECDHE_PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
+
case 0xC038: // ECDHE_PSK_WITH_AES_256_CBC_SHA384
return Ciphersuite(0xC038, "", "ECDHE_PSK", "AES-256", 32, 16, 0, "SHA-384", 48);
- case 0xFFF9: // ECDHE_PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF9, "", "ECDHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xC072: // ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0xC072, "ECDSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0xC09A: // ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0xC09A, "", "ECDHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC073: // ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
+ return Ciphersuite(0xC073, "ECDSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0xC09B: // ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
- return Ciphersuite(0xC09B, "", "ECDHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
+ case 0xC076: // ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0xC076, "RSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0xC012: // ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC012, "RSA", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xC077: // ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
+ return Ciphersuite(0xC077, "RSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0xC013: // ECDHE_RSA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC013, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC07A: // RSA_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC07A, "RSA", "RSA", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC027: // ECDHE_RSA_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0xC027, "RSA", "ECDH", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC07B: // RSA_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC07B, "RSA", "RSA", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC02F: // ECDHE_RSA_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0xC02F, "RSA", "ECDH", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC07C: // DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC07C, "RSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xFFF0: // ECDHE_RSA_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF0, "RSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xC07D: // DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC07D, "RSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC014: // ECDHE_RSA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC014, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC080: // DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC080, "DSA", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC028: // ECDHE_RSA_WITH_AES_256_CBC_SHA384
- return Ciphersuite(0xC028, "RSA", "ECDH", "AES-256", 32, 16, 0, "SHA-384", 48);
+ case 0xC081: // DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC081, "DSA", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC030: // ECDHE_RSA_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0xC030, "RSA", "ECDH", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC084: // DH_anon_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC084, "", "DH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xFFF1: // ECDHE_RSA_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF1, "RSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xC085: // DH_anon_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC085, "", "DH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC076: // ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0xC076, "RSA", "ECDH", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC086: // ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC086, "ECDSA", "ECDH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+
+ case 0xC087: // ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC087, "ECDSA", "ECDH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
case 0xC08A: // ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
return Ciphersuite(0xC08A, "RSA", "ECDH", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC077: // ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
- return Ciphersuite(0xC077, "RSA", "ECDH", "Camellia-256", 32, 16, 0, "SHA-384", 48);
-
case 0xC08B: // ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
return Ciphersuite(0xC08B, "RSA", "ECDH", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xCC13: // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
- return Ciphersuite(0xCC13, "RSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
-
- case 0xC017: // ECDH_anon_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC017, "", "ECDH", "3DES", 24, 8, 0, "SHA-1", 20);
-
- case 0xC018: // ECDH_anon_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC018, "", "ECDH", "AES-128", 16, 16, 0, "SHA-1", 20);
-
- case 0xC019: // ECDH_anon_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC019, "", "ECDH", "AES-256", 32, 16, 0, "SHA-1", 20);
-
- case 0xC0AA: // PSK_DHE_WITH_AES_128_CCM_8
- return Ciphersuite(0xC0AA, "", "DHE_PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
-
- case 0xC0AB: // PSK_DHE_WITH_AES_256_CCM_8
- return Ciphersuite(0xC0AB, "", "DHE_PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC08E: // PSK_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC08E, "", "PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x008B: // PSK_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0x008B, "", "PSK", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xC08F: // PSK_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC08F, "", "PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0x008C: // PSK_WITH_AES_128_CBC_SHA
- return Ciphersuite(0x008C, "", "PSK", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC090: // DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
+ return Ciphersuite(0xC090, "", "DHE_PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x00AE: // PSK_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x00AE, "", "PSK", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC091: // DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
+ return Ciphersuite(0xC091, "", "DHE_PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
- case 0xC0A4: // PSK_WITH_AES_128_CCM
- return Ciphersuite(0xC0A4, "", "PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC094: // PSK_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0xC094, "", "PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0xC0A8: // PSK_WITH_AES_128_CCM_8
- return Ciphersuite(0xC0A8, "", "PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC095: // PSK_WITH_CAMELLIA_256_CBC_SHA384
+ return Ciphersuite(0xC095, "", "PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0x00A8: // PSK_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x00A8, "", "PSK", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC096: // DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0xC096, "", "DHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0xFFF6: // PSK_WITH_AES_128_OCB_SHA256
- return Ciphersuite(0xFFF6, "", "PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xC097: // DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ return Ciphersuite(0xC097, "", "DHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0x008D: // PSK_WITH_AES_256_CBC_SHA
- return Ciphersuite(0x008D, "", "PSK", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC09A: // ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
+ return Ciphersuite(0xC09A, "", "ECDHE_PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
- case 0x00AF: // PSK_WITH_AES_256_CBC_SHA384
- return Ciphersuite(0x00AF, "", "PSK", "AES-256", 32, 16, 0, "SHA-384", 48);
+ case 0xC09B: // ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
+ return Ciphersuite(0xC09B, "", "ECDHE_PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
- case 0xC0A5: // PSK_WITH_AES_256_CCM
- return Ciphersuite(0xC0A5, "", "PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC09C: // RSA_WITH_AES_128_CCM
+ return Ciphersuite(0xC09C, "RSA", "RSA", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC0A9: // PSK_WITH_AES_256_CCM_8
- return Ciphersuite(0xC0A9, "", "PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC09D: // RSA_WITH_AES_256_CCM
+ return Ciphersuite(0xC09D, "RSA", "RSA", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x00A9: // PSK_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x00A9, "", "PSK", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC09E: // DHE_RSA_WITH_AES_128_CCM
+ return Ciphersuite(0xC09E, "RSA", "DH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xFFF7: // PSK_WITH_AES_256_OCB_SHA256
- return Ciphersuite(0xFFF7, "", "PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
+ case 0xC09F: // DHE_RSA_WITH_AES_256_CCM
+ return Ciphersuite(0xC09F, "RSA", "DH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC094: // PSK_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0xC094, "", "PSK", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC0A0: // RSA_WITH_AES_128_CCM_8
+ return Ciphersuite(0xC0A0, "RSA", "RSA", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC08E: // PSK_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC08E, "", "PSK", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0A1: // RSA_WITH_AES_256_CCM_8
+ return Ciphersuite(0xC0A1, "RSA", "RSA", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC095: // PSK_WITH_CAMELLIA_256_CBC_SHA384
- return Ciphersuite(0xC095, "", "PSK", "Camellia-256", 32, 16, 0, "SHA-384", 48);
+ case 0xC0A2: // DHE_RSA_WITH_AES_128_CCM_8
+ return Ciphersuite(0xC0A2, "RSA", "DH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC08F: // PSK_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC08F, "", "PSK", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC0A3: // DHE_RSA_WITH_AES_256_CCM_8
+ return Ciphersuite(0xC0A3, "RSA", "DH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x000A: // RSA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0x000A, "RSA", "RSA", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xC0A4: // PSK_WITH_AES_128_CCM
+ return Ciphersuite(0xC0A4, "", "PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x002F: // RSA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0x002F, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC0A5: // PSK_WITH_AES_256_CCM
+ return Ciphersuite(0xC0A5, "", "PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x003C: // RSA_WITH_AES_128_CBC_SHA256
- return Ciphersuite(0x003C, "RSA", "RSA", "AES-128", 16, 16, 0, "SHA-256", 32);
+ case 0xC0A6: // DHE_PSK_WITH_AES_128_CCM
+ return Ciphersuite(0xC0A6, "", "DHE_PSK", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC09C: // RSA_WITH_AES_128_CCM
- return Ciphersuite(0xC09C, "RSA", "RSA", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0A7: // DHE_PSK_WITH_AES_256_CCM
+ return Ciphersuite(0xC0A7, "", "DHE_PSK", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC0A0: // RSA_WITH_AES_128_CCM_8
- return Ciphersuite(0xC0A0, "RSA", "RSA", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0A8: // PSK_WITH_AES_128_CCM_8
+ return Ciphersuite(0xC0A8, "", "PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x009C: // RSA_WITH_AES_128_GCM_SHA256
- return Ciphersuite(0x009C, "RSA", "RSA", "AES-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0A9: // PSK_WITH_AES_256_CCM_8
+ return Ciphersuite(0xC0A9, "", "PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x0035: // RSA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0x0035, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xC0AA: // PSK_DHE_WITH_AES_128_CCM_8
+ return Ciphersuite(0xC0AA, "", "DHE_PSK", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x003D: // RSA_WITH_AES_256_CBC_SHA256
- return Ciphersuite(0x003D, "RSA", "RSA", "AES-256", 32, 16, 0, "SHA-256", 32);
+ case 0xC0AB: // PSK_DHE_WITH_AES_256_CCM_8
+ return Ciphersuite(0xC0AB, "", "DHE_PSK", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC09D: // RSA_WITH_AES_256_CCM
- return Ciphersuite(0xC09D, "RSA", "RSA", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0AC: // ECDHE_ECDSA_WITH_AES_128_CCM
+ return Ciphersuite(0xC0AC, "ECDSA", "ECDH", "AES-128/CCM", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0xC0A1: // RSA_WITH_AES_256_CCM_8
- return Ciphersuite(0xC0A1, "RSA", "RSA", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xC0AD: // ECDHE_ECDSA_WITH_AES_256_CCM
+ return Ciphersuite(0xC0AD, "ECDSA", "ECDH", "AES-256/CCM", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x009D: // RSA_WITH_AES_256_GCM_SHA384
- return Ciphersuite(0x009D, "RSA", "RSA", "AES-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xC0AE: // ECDHE_ECDSA_WITH_AES_128_CCM_8
+ return Ciphersuite(0xC0AE, "ECDSA", "ECDH", "AES-128/CCM(8)", 16, 4, 8, "AEAD", 0, "SHA-256");
- case 0x0041: // RSA_WITH_CAMELLIA_128_CBC_SHA
- return Ciphersuite(0x0041, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-1", 20);
+ case 0xC0AF: // ECDHE_ECDSA_WITH_AES_256_CCM_8
+ return Ciphersuite(0xC0AF, "ECDSA", "ECDH", "AES-256/CCM(8)", 32, 4, 8, "AEAD", 0, "SHA-256");
- case 0x00BA: // RSA_WITH_CAMELLIA_128_CBC_SHA256
- return Ciphersuite(0x00BA, "RSA", "RSA", "Camellia-128", 16, 16, 0, "SHA-256", 32);
+ case 0xCC13: // ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ return Ciphersuite(0xCC13, "RSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
- case 0xC07A: // RSA_WITH_CAMELLIA_128_GCM_SHA256
- return Ciphersuite(0xC07A, "RSA", "RSA", "Camellia-128/GCM", 16, 4, 8, "AEAD", 0, "SHA-256");
+ case 0xCC14: // ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
+ return Ciphersuite(0xCC14, "ECDSA", "ECDH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
- case 0x0084: // RSA_WITH_CAMELLIA_256_CBC_SHA
- return Ciphersuite(0x0084, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-1", 20);
+ case 0xCC15: // DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
+ return Ciphersuite(0xCC15, "RSA", "DH", "ChaCha20Poly1305", 32, 0, 0, "AEAD", 0, "SHA-256");
- case 0x00C0: // RSA_WITH_CAMELLIA_256_CBC_SHA256
- return Ciphersuite(0x00C0, "RSA", "RSA", "Camellia-256", 32, 16, 0, "SHA-256", 32);
+ case 0xFFF0: // ECDHE_RSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFF0, "RSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC07B: // RSA_WITH_CAMELLIA_256_GCM_SHA384
- return Ciphersuite(0xC07B, "RSA", "RSA", "Camellia-256/GCM", 32, 4, 8, "AEAD", 0, "SHA-384");
+ case 0xFFF1: // ECDHE_RSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFF1, "RSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
- case 0x0096: // RSA_WITH_SEED_CBC_SHA
- return Ciphersuite(0x0096, "RSA", "RSA", "SEED", 16, 16, 0, "SHA-1", 20);
+ case 0xFFF2: // ECDHE_ECDSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFF2, "ECDSA", "ECDH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01C: // SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC01C, "DSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xFFF3: // ECDHE_ECDSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFF3, "ECDSA", "ECDH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01F: // SRP_SHA_DSS_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC01F, "DSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xFFF4: // DHE_RSA_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFF4, "RSA", "DH", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC022: // SRP_SHA_DSS_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC022, "DSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xFFF5: // DHE_RSA_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFF5, "RSA", "DH", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01B: // SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC01B, "RSA", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xFFF6: // PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFF6, "", "PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01E: // SRP_SHA_RSA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC01E, "RSA", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xFFF7: // PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFF7, "", "PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC021: // SRP_SHA_RSA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC021, "RSA", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xFFF8: // ECDHE_PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFF8, "", "ECDHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01A: // SRP_SHA_WITH_3DES_EDE_CBC_SHA
- return Ciphersuite(0xC01A, "", "SRP_SHA", "3DES", 24, 8, 0, "SHA-1", 20);
+ case 0xFFF9: // ECDHE_PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFF9, "", "ECDHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC01D: // SRP_SHA_WITH_AES_128_CBC_SHA
- return Ciphersuite(0xC01D, "", "SRP_SHA", "AES-128", 16, 16, 0, "SHA-1", 20);
+ case 0xFFFA: // DHE_PSK_WITH_AES_128_OCB_SHA256
+ return Ciphersuite(0xFFFA, "", "DHE_PSK", "AES-128/OCB(12)", 16, 4, 0, "AEAD", 0, "SHA-256");
- case 0xC020: // SRP_SHA_WITH_AES_256_CBC_SHA
- return Ciphersuite(0xC020, "", "SRP_SHA", "AES-256", 32, 16, 0, "SHA-1", 20);
+ case 0xFFFB: // DHE_PSK_WITH_AES_256_OCB_SHA256
+ return Ciphersuite(0xFFFB, "", "DHE_PSK", "AES-256/OCB(12)", 32, 4, 0, "AEAD", 0, "SHA-256");
}
diff --git a/src/lib/utils/assert.h b/src/lib/utils/assert.h
index 97924174e..f80f9b170 100644
--- a/src/lib/utils/assert.h
+++ b/src/lib/utils/assert.h
@@ -15,7 +15,7 @@ namespace Botan {
/**
* Called when an assertion fails
*/
-void BOTAN_DLL assertion_failure(const char* expr_str,
+BOTAN_NORETURN void BOTAN_DLL assertion_failure(const char* expr_str,
const char* assertion_made,
const char* func,
const char* file,
diff --git a/src/lib/utils/ct_utils.h b/src/lib/utils/ct_utils.h
index 2307dd587..401a53e86 100644
--- a/src/lib/utils/ct_utils.h
+++ b/src/lib/utils/ct_utils.h
@@ -1,12 +1,12 @@
/*
* Functions for constant time operations on data and testing of
-* constant time annotations using ctgrind.
+* constant time annotations using valgrind.
*
* For more information about constant time programming see
* Wagner, Molnar, et al "The Program Counter Security Model"
*
* (C) 2010 Falko Strenzke
-* (C) 2015 Jack Lloyd
+* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -17,23 +17,36 @@
#include <botan/secmem.h>
#include <vector>
-#if defined(BOTAN_USE_CTGRIND)
-
-// These are external symbols from libctgrind.so
-extern "C" void ct_poison(const void* address, size_t length);
-extern "C" void ct_unpoison(const void* address, size_t length);
-
+#if defined(BOTAN_HAS_VALGRIND)
+ #include <valgrind/memcheck.h>
#endif
namespace Botan {
namespace CT {
+/**
+* Use valgrind to mark the contents of memory as being undefined.
+* Valgrind will accept operations which manipulate undefined values,
+* but will warn if an undefined value is used to decided a conditional
+* jump or a load/store address. So if we poison all of our inputs we
+* can confirm that the operations in question are truly const time
+* when compiled by whatever compiler is in use.
+*
+* Even better, the VALGRIND_MAKE_MEM_* macros work even when the
+* program is not run under valgrind (though with a few cycles of
+* overhead, which is unfortunate in final binaries as these
+* annotations tend to be used in fairly important loops).
+*
+* This approach was first used in ctgrind (https://github.com/agl/ctgrind)
+* but calling the valgrind mecheck API directly works just as well and
+* doesn't require a custom patched valgrind.
+*/
template<typename T>
-inline void poison(T* p, size_t n)
+inline void poison(const T* p, size_t n)
{
-#if defined(BOTAN_USE_CTGRIND)
- ct_poison(p, sizeof(T)*n);
+#if defined(BOTAN_HAS_VALGRIND)
+ VALGRIND_MAKE_MEM_UNDEFINED(p, n * sizeof(T));
#else
BOTAN_UNUSED(p);
BOTAN_UNUSED(n);
@@ -41,10 +54,10 @@ inline void poison(T* p, size_t n)
}
template<typename T>
-inline void unpoison(T* p, size_t n)
+inline void unpoison(const T* p, size_t n)
{
-#if defined(BOTAN_USE_CTGRIND)
- ct_unpoison(p, sizeof(T)*n);
+#if defined(BOTAN_HAS_VALGRIND)
+ VALGRIND_MAKE_MEM_DEFINED(p, n * sizeof(T));
#else
BOTAN_UNUSED(p);
BOTAN_UNUSED(n);
@@ -54,7 +67,11 @@ inline void unpoison(T* p, size_t n)
template<typename T>
inline void unpoison(T& p)
{
- unpoison(&p, 1);
+#if defined(BOTAN_HAS_VALGRIND)
+ VALGRIND_MAKE_MEM_DEFINED(&p, sizeof(T));
+#else
+ BOTAN_UNUSED(p);
+#endif
}
/*
diff --git a/src/lib/utils/data_src.cpp b/src/lib/utils/data_src.cpp
index 4e0725943..0c06f2fe4 100644
--- a/src/lib/utils/data_src.cpp
+++ b/src/lib/utils/data_src.cpp
@@ -41,6 +41,7 @@ size_t DataSource::discard_next(size_t n)
{
const size_t got = this->read(buf, std::min(n, sizeof(buf)));
discarded += got;
+ n -= got;
if(got == 0)
break;
@@ -54,15 +55,15 @@ size_t DataSource::discard_next(size_t n)
*/
size_t DataSource_Memory::read(byte out[], size_t length)
{
- size_t got = std::min<size_t>(source.size() - offset, length);
- copy_mem(out, source.data() + offset, got);
- offset += got;
+ size_t got = std::min<size_t>(m_source.size() - m_offset, length);
+ copy_mem(out, m_source.data() + m_offset, got);
+ m_offset += got;
return got;
}
bool DataSource_Memory::check_available(size_t n)
{
- return (n <= (source.size() - offset));
+ return (n <= (m_source.size() - m_offset));
}
/*
@@ -71,11 +72,11 @@ bool DataSource_Memory::check_available(size_t n)
size_t DataSource_Memory::peek(byte out[], size_t length,
size_t peek_offset) const
{
- const size_t bytes_left = source.size() - offset;
+ const size_t bytes_left = m_source.size() - m_offset;
if(peek_offset >= bytes_left) return 0;
size_t got = std::min(bytes_left - peek_offset, length);
- copy_mem(out, &source[offset + peek_offset], got);
+ copy_mem(out, &m_source[m_offset + peek_offset], got);
return got;
}
@@ -84,18 +85,17 @@ size_t DataSource_Memory::peek(byte out[], size_t length,
*/
bool DataSource_Memory::end_of_data() const
{
- return (offset == source.size());
+ return (m_offset == m_source.size());
}
/*
* DataSource_Memory Constructor
*/
DataSource_Memory::DataSource_Memory(const std::string& in) :
- source(reinterpret_cast<const byte*>(in.data()),
+ m_source(reinterpret_cast<const byte*>(in.data()),
reinterpret_cast<const byte*>(in.data()) + in.length()),
- offset(0)
+ m_offset(0)
{
- offset = 0;
}
/*
@@ -103,21 +103,21 @@ DataSource_Memory::DataSource_Memory(const std::string& in) :
*/
size_t DataSource_Stream::read(byte out[], size_t length)
{
- source.read(reinterpret_cast<char*>(out), length);
- if(source.bad())
+ m_source.read(reinterpret_cast<char*>(out), length);
+ if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::read: Source failure");
- size_t got = source.gcount();
- total_read += got;
+ size_t got = m_source.gcount();
+ m_total_read += got;
return got;
}
bool DataSource_Stream::check_available(size_t n)
{
- const std::streampos orig_pos = source.tellg();
- source.seekg(0, std::ios::end);
- const size_t avail = source.tellg() - orig_pos;
- source.seekg(orig_pos);
+ const std::streampos orig_pos = m_source.tellg();
+ m_source.seekg(0, std::ios::end);
+ const size_t avail = m_source.tellg() - orig_pos;
+ m_source.seekg(orig_pos);
return (avail >= n);
}
@@ -134,23 +134,23 @@ size_t DataSource_Stream::peek(byte out[], size_t length, size_t offset) const
if(offset)
{
secure_vector<byte> buf(offset);
- source.read(reinterpret_cast<char*>(buf.data()), buf.size());
- if(source.bad())
+ m_source.read(reinterpret_cast<char*>(buf.data()), buf.size());
+ if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::peek: Source failure");
- got = source.gcount();
+ got = m_source.gcount();
}
if(got == offset)
{
- source.read(reinterpret_cast<char*>(out), length);
- if(source.bad())
+ m_source.read(reinterpret_cast<char*>(out), length);
+ if(m_source.bad())
throw Stream_IO_Error("DataSource_Stream::peek: Source failure");
- got = source.gcount();
+ got = m_source.gcount();
}
- if(source.eof())
- source.clear();
- source.seekg(total_read, std::ios::beg);
+ if(m_source.eof())
+ m_source.clear();
+ m_source.seekg(m_total_read, std::ios::beg);
return got;
}
@@ -160,7 +160,7 @@ size_t DataSource_Stream::peek(byte out[], size_t length, size_t offset) const
*/
bool DataSource_Stream::end_of_data() const
{
- return (!source.good());
+ return (!m_source.good());
}
/*
@@ -168,7 +168,7 @@ bool DataSource_Stream::end_of_data() const
*/
std::string DataSource_Stream::id() const
{
- return identifier;
+ return m_identifier;
}
/*
@@ -176,15 +176,15 @@ std::string DataSource_Stream::id() const
*/
DataSource_Stream::DataSource_Stream(const std::string& path,
bool use_binary) :
- identifier(path),
- source_p(new std::ifstream(path,
+ m_identifier(path),
+ m_source_p(new std::ifstream(path,
use_binary ? std::ios::binary : std::ios::in)),
- source(*source_p),
- total_read(0)
+ m_source(*m_source_p),
+ m_total_read(0)
{
- if(!source.good())
+ if(!m_source.good())
{
- delete source_p;
+ delete m_source_p;
throw Stream_IO_Error("DataSource: Failure opening file " + path);
}
}
@@ -194,10 +194,10 @@ DataSource_Stream::DataSource_Stream(const std::string& path,
*/
DataSource_Stream::DataSource_Stream(std::istream& in,
const std::string& name) :
- identifier(name),
- source_p(nullptr),
- source(in),
- total_read(0)
+ m_identifier(name),
+ m_source_p(nullptr),
+ m_source(in),
+ m_total_read(0)
{
}
@@ -206,7 +206,7 @@ DataSource_Stream::DataSource_Stream(std::istream& in,
*/
DataSource_Stream::~DataSource_Stream()
{
- delete source_p;
+ delete m_source_p;
}
}
diff --git a/src/lib/utils/data_src.h b/src/lib/utils/data_src.h
index 2b6998448..6a100ce63 100644
--- a/src/lib/utils/data_src.h
+++ b/src/lib/utils/data_src.h
@@ -108,7 +108,7 @@ class BOTAN_DLL DataSource_Memory : public DataSource
* Construct a memory source that reads from a string
* @param in the string to read from
*/
- DataSource_Memory(const std::string& in);
+ explicit DataSource_Memory(const std::string& in);
/**
* Construct a memory source that reads from a byte array
@@ -116,26 +116,26 @@ class BOTAN_DLL DataSource_Memory : public DataSource
* @param length the length of the byte array
*/
DataSource_Memory(const byte in[], size_t length) :
- source(in, in + length), offset(0) {}
+ m_source(in, in + length), m_offset(0) {}
/**
* Construct a memory source that reads from a secure_vector
* @param in the MemoryRegion to read from
*/
- DataSource_Memory(const secure_vector<byte>& in) :
- source(in), offset(0) {}
+ explicit DataSource_Memory(const secure_vector<byte>& in) :
+ m_source(in), m_offset(0) {}
/**
* Construct a memory source that reads from a std::vector
* @param in the MemoryRegion to read from
*/
- DataSource_Memory(const std::vector<byte>& in) :
- source(in.begin(), in.end()), offset(0) {}
+ explicit DataSource_Memory(const std::vector<byte>& in) :
+ m_source(in.begin(), in.end()), m_offset(0) {}
- size_t get_bytes_read() const override { return offset; }
+ size_t get_bytes_read() const override { return m_offset; }
private:
- secure_vector<byte> source;
- size_t offset;
+ secure_vector<byte> m_source;
+ size_t m_offset;
};
/**
@@ -166,13 +166,13 @@ class BOTAN_DLL DataSource_Stream : public DataSource
~DataSource_Stream();
- size_t get_bytes_read() const override { return total_read; }
+ size_t get_bytes_read() const override { return m_total_read; }
private:
- const std::string identifier;
+ const std::string m_identifier;
- std::istream* source_p;
- std::istream& source;
- size_t total_read;
+ std::istream* m_source_p;
+ std::istream& m_source;
+ size_t m_total_read;
};
}
diff --git a/src/lib/utils/database.h b/src/lib/utils/database.h
index 4d8b90d0c..4cc0989b1 100644
--- a/src/lib/utils/database.h
+++ b/src/lib/utils/database.h
@@ -23,7 +23,7 @@ class BOTAN_DLL SQL_Database
class BOTAN_DLL SQL_DB_Error : public Exception
{
public:
- SQL_DB_Error(const std::string& what) : Exception("SQL database", what) {}
+ explicit SQL_DB_Error(const std::string& what) : Exception("SQL database", what) {}
};
class BOTAN_DLL Statement
diff --git a/src/lib/utils/datastor/datastor.cpp b/src/lib/utils/datastor/datastor.cpp
index 69c1bf453..6f1b71082 100644
--- a/src/lib/utils/datastor/datastor.cpp
+++ b/src/lib/utils/datastor/datastor.cpp
@@ -18,7 +18,7 @@ namespace Botan {
*/
bool Data_Store::operator==(const Data_Store& other) const
{
- return (contents == other.contents);
+ return (m_contents == other.m_contents);
}
/*
@@ -26,7 +26,7 @@ bool Data_Store::operator==(const Data_Store& other) const
*/
bool Data_Store::has_value(const std::string& key) const
{
- return (contents.lower_bound(key) != contents.end());
+ return (m_contents.lower_bound(key) != m_contents.end());
}
/*
@@ -37,7 +37,7 @@ std::multimap<std::string, std::string> Data_Store::search_for(
{
std::multimap<std::string, std::string> out;
- for(auto i = contents.begin(); i != contents.end(); ++i)
+ for(auto i = m_contents.begin(); i != m_contents.end(); ++i)
if(predicate(i->first, i->second))
out.insert(std::make_pair(i->first, i->second));
@@ -50,7 +50,7 @@ std::multimap<std::string, std::string> Data_Store::search_for(
std::vector<std::string> Data_Store::get(const std::string& looking_for) const
{
std::vector<std::string> out;
- auto range = contents.equal_range(looking_for);
+ auto range = m_contents.equal_range(looking_for);
for(auto i = range.first; i != range.second; ++i)
out.push_back(i->second);
return out;
@@ -125,7 +125,7 @@ u32bit Data_Store::get1_u32bit(const std::string& key,
*/
void Data_Store::add(const std::string& key, const std::string& val)
{
- multimap_insert(contents, key, val);
+ multimap_insert(m_contents, key, val);
}
/*
@@ -157,7 +157,7 @@ void Data_Store::add(const std::multimap<std::string, std::string>& in)
std::multimap<std::string, std::string>::const_iterator i = in.begin();
while(i != in.end())
{
- contents.insert(*i);
+ m_contents.insert(*i);
++i;
}
}
diff --git a/src/lib/utils/datastor/datastor.h b/src/lib/utils/datastor/datastor.h
index 66bb0e650..3b25e1fe4 100644
--- a/src/lib/utils/datastor/datastor.h
+++ b/src/lib/utils/datastor/datastor.h
@@ -49,7 +49,7 @@ class BOTAN_DLL Data_Store
void add(const std::string&, const secure_vector<byte>&);
void add(const std::string&, const std::vector<byte>&);
private:
- std::multimap<std::string, std::string> contents;
+ std::multimap<std::string, std::string> m_contents;
};
}
diff --git a/src/lib/utils/donna128.h b/src/lib/utils/donna128.h
index c72ccb55c..c2a3e0d2e 100644
--- a/src/lib/utils/donna128.h
+++ b/src/lib/utils/donna128.h
@@ -104,8 +104,8 @@ inline u64bit carry_shift(const donna128& a, size_t shift)
return (a >> shift).lo();
}
-inline u64bit combine_lower(const donna128 a, size_t s1,
- const donna128 b, size_t s2)
+inline u64bit combine_lower(const donna128& a, size_t s1,
+ const donna128& b, size_t s2)
{
donna128 z = (a >> s1) | (b << s2);
return z.lo();
diff --git a/src/lib/utils/dyn_load/dyn_load.cpp b/src/lib/utils/dyn_load/dyn_load.cpp
index 3448acf6a..c0795942b 100644
--- a/src/lib/utils/dyn_load/dyn_load.cpp
+++ b/src/lib/utils/dyn_load/dyn_load.cpp
@@ -30,31 +30,31 @@ void raise_runtime_loader_exception(const std::string& lib_name,
Dynamically_Loaded_Library::Dynamically_Loaded_Library(
const std::string& library) :
- lib_name(library), lib(nullptr)
+ m_lib_name(library), m_lib(nullptr)
{
#if defined(BOTAN_TARGET_OS_HAS_DLOPEN)
- lib = ::dlopen(lib_name.c_str(), RTLD_LAZY);
+ m_lib = ::dlopen(m_lib_name.c_str(), RTLD_LAZY);
- if(!lib)
- raise_runtime_loader_exception(lib_name, dlerror());
+ if(!m_lib)
+ raise_runtime_loader_exception(m_lib_name, dlerror());
#elif defined(BOTAN_TARGET_OS_HAS_LOADLIBRARY)
- lib = ::LoadLibraryA(lib_name.c_str());
+ m_lib = ::LoadLibraryA(m_lib_name.c_str());
- if(!lib)
- raise_runtime_loader_exception(lib_name, "LoadLibrary failed");
+ if(!m_lib)
+ raise_runtime_loader_exception(m_lib_name, "LoadLibrary failed");
#endif
- if(!lib)
- raise_runtime_loader_exception(lib_name, "Dynamic load not supported");
+ if(!m_lib)
+ raise_runtime_loader_exception(m_lib_name, "Dynamic load not supported");
}
Dynamically_Loaded_Library::~Dynamically_Loaded_Library()
{
#if defined(BOTAN_TARGET_OS_HAS_DLOPEN)
- ::dlclose(lib);
+ ::dlclose(m_lib);
#elif defined(BOTAN_TARGET_OS_HAS_LOADLIBRARY)
- ::FreeLibrary((HMODULE)lib);
+ ::FreeLibrary((HMODULE)m_lib);
#endif
}
@@ -63,15 +63,15 @@ void* Dynamically_Loaded_Library::resolve_symbol(const std::string& symbol)
void* addr = nullptr;
#if defined(BOTAN_TARGET_OS_HAS_DLOPEN)
- addr = ::dlsym(lib, symbol.c_str());
+ addr = ::dlsym(m_lib, symbol.c_str());
#elif defined(BOTAN_TARGET_OS_HAS_LOADLIBRARY)
- addr = reinterpret_cast<void*>(::GetProcAddress((HMODULE)lib,
+ addr = reinterpret_cast<void*>(::GetProcAddress((HMODULE)m_lib,
symbol.c_str()));
#endif
if(!addr)
throw Exception("Failed to resolve symbol " + symbol +
- " in " + lib_name);
+ " in " + m_lib_name);
return addr;
}
diff --git a/src/lib/utils/dyn_load/dyn_load.h b/src/lib/utils/dyn_load/dyn_load.h
index 32227f76f..7a9f4a83c 100644
--- a/src/lib/utils/dyn_load/dyn_load.h
+++ b/src/lib/utils/dyn_load/dyn_load.h
@@ -58,8 +58,8 @@ class Dynamically_Loaded_Library
Dynamically_Loaded_Library(const Dynamically_Loaded_Library&);
Dynamically_Loaded_Library& operator=(const Dynamically_Loaded_Library&);
- std::string lib_name;
- void* lib;
+ std::string m_lib_name;
+ void* m_lib;
};
}
diff --git a/src/lib/utils/exceptn.h b/src/lib/utils/exceptn.h
index 7ac32288d..b6797f0f6 100644
--- a/src/lib/utils/exceptn.h
+++ b/src/lib/utils/exceptn.h
@@ -21,12 +21,11 @@ namespace Botan {
class BOTAN_DLL Exception : public std::exception
{
public:
- Exception(const std::string& what) : m_what(what) {}
- Exception(const char* prefix, const std::string& what) : m_what(std::string(prefix) + " " + what) {}
- //const char* what() const override BOTAN_NOEXCEPT { return m_what.c_str(); }
- const char* what() const BOTAN_NOEXCEPT override { return m_what.c_str(); }
+ explicit Exception(const std::string& msg) : m_msg(msg) {}
+ Exception(const char* prefix, const std::string& msg) : m_msg(std::string(prefix) + " " + msg) {}
+ const char* what() const BOTAN_NOEXCEPT override { return m_msg.c_str(); }
private:
- std::string m_what;
+ std::string m_msg;
};
/**
@@ -35,8 +34,8 @@ class BOTAN_DLL Exception : public std::exception
class BOTAN_DLL Invalid_Argument : public Exception
{
public:
- Invalid_Argument(const std::string& what) :
- Exception("Invalid argument", what) {}
+ explicit Invalid_Argument(const std::string& msg) :
+ Exception("Invalid argument", msg) {}
};
/**
@@ -47,7 +46,7 @@ class BOTAN_DLL Invalid_Argument : public Exception
*/
struct BOTAN_DLL Unsupported_Argument : public Invalid_Argument
{
- Unsupported_Argument(const std::string& msg) : Invalid_Argument(msg) {}
+ explicit Unsupported_Argument(const std::string& msg) : Invalid_Argument(msg) {}
};
/**
@@ -55,7 +54,7 @@ struct BOTAN_DLL Unsupported_Argument : public Invalid_Argument
*/
struct BOTAN_DLL Invalid_State : public Exception
{
- Invalid_State(const std::string& err) :
+ explicit Invalid_State(const std::string& err) :
Exception(err)
{}
};
@@ -65,7 +64,7 @@ struct BOTAN_DLL Invalid_State : public Exception
*/
struct BOTAN_DLL Lookup_Error : public Exception
{
- Lookup_Error(const std::string& err) :
+ explicit Lookup_Error(const std::string& err) :
Exception(err)
{}
};
@@ -75,7 +74,7 @@ struct BOTAN_DLL Lookup_Error : public Exception
*/
struct BOTAN_DLL Internal_Error : public Exception
{
- Internal_Error(const std::string& err) :
+ explicit Internal_Error(const std::string& err) :
Exception("Internal error: " + err)
{}
};
@@ -107,7 +106,7 @@ struct BOTAN_DLL Invalid_IV_Length : public Invalid_Argument
*/
struct BOTAN_DLL PRNG_Unseeded : public Invalid_State
{
- PRNG_Unseeded(const std::string& algo) :
+ explicit PRNG_Unseeded(const std::string& algo) :
Invalid_State("PRNG not seeded: " + algo)
{}
};
@@ -117,7 +116,7 @@ struct BOTAN_DLL PRNG_Unseeded : public Invalid_State
*/
struct BOTAN_DLL Policy_Violation : public Invalid_State
{
- Policy_Violation(const std::string& err) :
+ explicit Policy_Violation(const std::string& err) :
Invalid_State("Policy violation: " + err)
{}
};
@@ -127,7 +126,7 @@ struct BOTAN_DLL Policy_Violation : public Invalid_State
*/
struct BOTAN_DLL Algorithm_Not_Found : public Lookup_Error
{
- Algorithm_Not_Found(const std::string& name) :
+ explicit Algorithm_Not_Found(const std::string& name) :
Lookup_Error("Could not find any algorithm named \"" + name + "\"")
{}
};
@@ -137,7 +136,7 @@ struct BOTAN_DLL Algorithm_Not_Found : public Lookup_Error
*/
struct BOTAN_DLL No_Provider_Found : public Exception
{
- No_Provider_Found(const std::string& name) :
+ explicit No_Provider_Found(const std::string& name) :
Exception("Could not find any provider for algorithm named \"" + name + "\"")
{}
};
@@ -147,7 +146,7 @@ struct BOTAN_DLL No_Provider_Found : public Exception
*/
struct BOTAN_DLL Invalid_Algorithm_Name : public Invalid_Argument
{
- Invalid_Algorithm_Name(const std::string& name):
+ explicit Invalid_Algorithm_Name(const std::string& name):
Invalid_Argument("Invalid algorithm name: " + name)
{}
};
@@ -157,7 +156,7 @@ struct BOTAN_DLL Invalid_Algorithm_Name : public Invalid_Argument
*/
struct BOTAN_DLL Encoding_Error : public Invalid_Argument
{
- Encoding_Error(const std::string& name) :
+ explicit Encoding_Error(const std::string& name) :
Invalid_Argument("Encoding error: " + name) {}
};
@@ -166,7 +165,7 @@ struct BOTAN_DLL Encoding_Error : public Invalid_Argument
*/
struct BOTAN_DLL Decoding_Error : public Invalid_Argument
{
- Decoding_Error(const std::string& name) :
+ explicit Decoding_Error(const std::string& name) :
Invalid_Argument("Decoding error: " + name) {}
};
@@ -175,7 +174,7 @@ struct BOTAN_DLL Decoding_Error : public Invalid_Argument
*/
struct BOTAN_DLL Integrity_Failure : public Exception
{
- Integrity_Failure(const std::string& msg) :
+ explicit Integrity_Failure(const std::string& msg) :
Exception("Integrity failure: " + msg) {}
};
@@ -184,7 +183,7 @@ struct BOTAN_DLL Integrity_Failure : public Exception
*/
struct BOTAN_DLL Invalid_OID : public Decoding_Error
{
- Invalid_OID(const std::string& oid) :
+ explicit Invalid_OID(const std::string& oid) :
Decoding_Error("Invalid ASN.1 OID: " + oid) {}
};
@@ -193,7 +192,7 @@ struct BOTAN_DLL Invalid_OID : public Decoding_Error
*/
struct BOTAN_DLL Stream_IO_Error : public Exception
{
- Stream_IO_Error(const std::string& err) :
+ explicit Stream_IO_Error(const std::string& err) :
Exception("I/O error: " + err)
{}
};
@@ -211,7 +210,7 @@ struct BOTAN_DLL No_Filesystem_Access : public Exception
*/
struct BOTAN_DLL Self_Test_Failure : public Internal_Error
{
- Self_Test_Failure(const std::string& err) :
+ explicit Self_Test_Failure(const std::string& err) :
Internal_Error("Self test failed: " + err)
{}
};
diff --git a/src/lib/utils/http_util/http_util.cpp b/src/lib/utils/http_util/http_util.cpp
index 1f67c0b4b..1286e4026 100644
--- a/src/lib/utils/http_util/http_util.cpp
+++ b/src/lib/utils/http_util/http_util.cpp
@@ -98,7 +98,6 @@ Response http_sync(http_exch_fn http_transact,
const auto protocol_host_sep = url.find("://");
if(protocol_host_sep == std::string::npos)
throw Exception("Invalid URL " + url);
- const std::string protocol = url.substr(0, protocol_host_sep);
const auto host_loc_sep = url.find('/', protocol_host_sep + 3);
@@ -128,7 +127,7 @@ Response http_sync(http_exch_fn http_transact,
else if(verb == "POST")
outbuf << "Content-Length: " << body.size() << "\r\n";
- if(content_type != "")
+ if(!content_type.empty())
outbuf << "Content-Type: " << content_type << "\r\n";
outbuf << "Connection: close\r\n\r\n";
outbuf.write(reinterpret_cast<const char*>(body.data()), body.size());
@@ -185,7 +184,7 @@ Response http_sync(http_exch_fn http_transact,
const std::string header_size = search_map(headers, std::string("Content-Length"));
- if(header_size != "")
+ if(!header_size.empty())
{
if(resp_body.size() != to_u32bit(header_size))
throw Exception("Content-Length disagreement, header says " +
diff --git a/src/lib/utils/info.txt b/src/lib/utils/info.txt
index 348992ddf..511e6b0e8 100644
--- a/src/lib/utils/info.txt
+++ b/src/lib/utils/info.txt
@@ -31,3 +31,7 @@ rounding.h
semaphore.h
stl_util.h
</header:internal>
+
+<libs>
+linux -> rt
+</libs>
diff --git a/src/lib/utils/loadstor.h b/src/lib/utils/loadstor.h
index 53700fc86..a6c2b7969 100644
--- a/src/lib/utils/loadstor.h
+++ b/src/lib/utils/loadstor.h
@@ -1,6 +1,6 @@
/*
* Load/Store Operators
-* (C) 1999-2007 Jack Lloyd
+* (C) 1999-2007,2015 Jack Lloyd
* 2007 Yves Jerschow
*
* Botan is released under the Simplified BSD License (see license.txt)
@@ -144,10 +144,13 @@ inline T load_le(const byte in[], size_t off)
template<>
inline u16bit load_be<u16bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u16bit);
+
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u16bit*>(in) + off));
+ u16bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2B(x);
#else
- in += off * sizeof(u16bit);
return make_u16bit(in[0], in[1]);
#endif
}
@@ -161,10 +164,13 @@ inline u16bit load_be<u16bit>(const byte in[], size_t off)
template<>
inline u16bit load_le<u16bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u16bit);
+
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u16bit*>(in) + off));
+ u16bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2L(x);
#else
- in += off * sizeof(u16bit);
return make_u16bit(in[1], in[0]);
#endif
}
@@ -178,10 +184,12 @@ inline u16bit load_le<u16bit>(const byte in[], size_t off)
template<>
inline u32bit load_be<u32bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u32bit);
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u32bit*>(in) + off));
+ u32bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2B(x);
#else
- in += off * sizeof(u32bit);
return make_u32bit(in[0], in[1], in[2], in[3]);
#endif
}
@@ -195,10 +203,12 @@ inline u32bit load_be<u32bit>(const byte in[], size_t off)
template<>
inline u32bit load_le<u32bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u32bit);
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u32bit*>(in) + off));
+ u32bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2L(x);
#else
- in += off * sizeof(u32bit);
return make_u32bit(in[3], in[2], in[1], in[0]);
#endif
}
@@ -212,10 +222,12 @@ inline u32bit load_le<u32bit>(const byte in[], size_t off)
template<>
inline u64bit load_be<u64bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u64bit);
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2B(*(reinterpret_cast<const u64bit*>(in) + off));
+ u64bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2B(x);
#else
- in += off * sizeof(u64bit);
return make_u64bit(in[0], in[1], in[2], in[3],
in[4], in[5], in[6], in[7]);
#endif
@@ -230,10 +242,12 @@ inline u64bit load_be<u64bit>(const byte in[], size_t off)
template<>
inline u64bit load_le<u64bit>(const byte in[], size_t off)
{
+ in += off * sizeof(u64bit);
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- return BOTAN_ENDIAN_N2L(*(reinterpret_cast<const u64bit*>(in) + off));
+ u64bit x;
+ std::memcpy(&x, in, sizeof(x));
+ return BOTAN_ENDIAN_N2L(x);
#else
- in += off * sizeof(u64bit);
return make_u64bit(in[7], in[6], in[5], in[4],
in[3], in[2], in[1], in[0]);
#endif
@@ -308,24 +322,27 @@ inline void load_le(T out[],
const byte in[],
size_t count)
{
+ if(count > 0)
+ {
#if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
- std::memcpy(out, in, sizeof(T)*count);
+ std::memcpy(out, in, sizeof(T)*count);
#if defined(BOTAN_TARGET_CPU_IS_BIG_ENDIAN)
- const size_t blocks = count - (count % 4);
- const size_t left = count - blocks;
+ const size_t blocks = count - (count % 4);
+ const size_t left = count - blocks;
- for(size_t i = 0; i != blocks; i += 4)
- bswap_4(out + i);
+ for(size_t i = 0; i != blocks; i += 4)
+ bswap_4(out + i);
- for(size_t i = 0; i != left; ++i)
- out[blocks+i] = reverse_bytes(out[blocks+i]);
+ for(size_t i = 0; i != left; ++i)
+ out[blocks+i] = reverse_bytes(out[blocks+i]);
#endif
#else
- for(size_t i = 0; i != count; ++i)
- out[i] = load_le<T>(in, i);
+ for(size_t i = 0; i != count; ++i)
+ out[i] = load_le<T>(in, i);
#endif
+ }
}
/**
@@ -397,24 +414,27 @@ inline void load_be(T out[],
const byte in[],
size_t count)
{
+ if(count > 0)
+ {
#if defined(BOTAN_TARGET_CPU_HAS_KNOWN_ENDIANNESS)
- std::memcpy(out, in, sizeof(T)*count);
+ std::memcpy(out, in, sizeof(T)*count);
#if defined(BOTAN_TARGET_CPU_IS_LITTLE_ENDIAN)
- const size_t blocks = count - (count % 4);
- const size_t left = count - blocks;
+ const size_t blocks = count - (count % 4);
+ const size_t left = count - blocks;
- for(size_t i = 0; i != blocks; i += 4)
- bswap_4(out + i);
+ for(size_t i = 0; i != blocks; i += 4)
+ bswap_4(out + i);
- for(size_t i = 0; i != left; ++i)
- out[blocks+i] = reverse_bytes(out[blocks+i]);
+ for(size_t i = 0; i != left; ++i)
+ out[blocks+i] = reverse_bytes(out[blocks+i]);
#endif
#else
- for(size_t i = 0; i != count; ++i)
- out[i] = load_be<T>(in, i);
+ for(size_t i = 0; i != count; ++i)
+ out[i] = load_be<T>(in, i);
#endif
+ }
}
/**
@@ -425,7 +445,8 @@ inline void load_be(T out[],
inline void store_be(u16bit in, byte out[2])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u16bit*>(out) = BOTAN_ENDIAN_B2N(in);
+ u16bit o = BOTAN_ENDIAN_N2B(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(0, in);
out[1] = get_byte(1, in);
@@ -440,7 +461,8 @@ inline void store_be(u16bit in, byte out[2])
inline void store_le(u16bit in, byte out[2])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u16bit*>(out) = BOTAN_ENDIAN_L2N(in);
+ u16bit o = BOTAN_ENDIAN_N2L(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(1, in);
out[1] = get_byte(0, in);
@@ -455,7 +477,8 @@ inline void store_le(u16bit in, byte out[2])
inline void store_be(u32bit in, byte out[4])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_B2N(in);
+ u32bit o = BOTAN_ENDIAN_B2N(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(0, in);
out[1] = get_byte(1, in);
@@ -472,7 +495,8 @@ inline void store_be(u32bit in, byte out[4])
inline void store_le(u32bit in, byte out[4])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u32bit*>(out) = BOTAN_ENDIAN_L2N(in);
+ u32bit o = BOTAN_ENDIAN_L2N(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(3, in);
out[1] = get_byte(2, in);
@@ -489,7 +513,8 @@ inline void store_le(u32bit in, byte out[4])
inline void store_be(u64bit in, byte out[8])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_B2N(in);
+ u64bit o = BOTAN_ENDIAN_B2N(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(0, in);
out[1] = get_byte(1, in);
@@ -510,7 +535,8 @@ inline void store_be(u64bit in, byte out[8])
inline void store_le(u64bit in, byte out[8])
{
#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
- *reinterpret_cast<u64bit*>(out) = BOTAN_ENDIAN_L2N(in);
+ u64bit o = BOTAN_ENDIAN_L2N(in);
+ std::memcpy(out, &o, sizeof(o));
#else
out[0] = get_byte(7, in);
out[1] = get_byte(6, in);
diff --git a/src/lib/utils/mem_ops.h b/src/lib/utils/mem_ops.h
index 6ea7bdafe..0d2d0dab0 100644
--- a/src/lib/utils/mem_ops.h
+++ b/src/lib/utils/mem_ops.h
@@ -1,6 +1,6 @@
/*
* Memory Operations
-* (C) 1999-2009,2012 Jack Lloyd
+* (C) 1999-2009,2012,2015 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -28,7 +28,10 @@ BOTAN_DLL void zero_mem(void* ptr, size_t n);
*/
template<typename T> inline void clear_mem(T* ptr, size_t n)
{
- std::memset(ptr, 0, sizeof(T)*n);
+ if(n > 0)
+ {
+ std::memset(ptr, 0, sizeof(T)*n);
+ }
}
/**
@@ -39,7 +42,10 @@ template<typename T> inline void clear_mem(T* ptr, size_t n)
*/
template<typename T> inline void copy_mem(T* out, const T* in, size_t n)
{
- std::memmove(out, in, sizeof(T)*n);
+ if(n > 0)
+ {
+ std::memmove(out, in, sizeof(T)*n);
+ }
}
/**
@@ -51,7 +57,10 @@ template<typename T> inline void copy_mem(T* out, const T* in, size_t n)
template<typename T>
inline void set_mem(T* ptr, size_t n, byte val)
{
- std::memset(ptr, val, sizeof(T)*n);
+ if(n > 0)
+ {
+ std::memset(ptr, val, sizeof(T)*n);
+ }
}
/**
@@ -72,7 +81,7 @@ template<typename T> inline bool same_mem(const T* p1, const T* p2, size_t n)
}
/**
-* XOR arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length
+* XOR_ arrays. Postcondition out[i] = in[i] ^ out[i] forall i = 0...length
* @param out the input/output buffer
* @param in the read-only input buffer
* @param length the length of the buffers
@@ -80,18 +89,10 @@ template<typename T> inline bool same_mem(const T* p1, const T* p2, size_t n)
template<typename T>
void xor_buf(T out[], const T in[], size_t length)
{
- while(length >= 8)
- {
- out[0] ^= in[0]; out[1] ^= in[1];
- out[2] ^= in[2]; out[3] ^= in[3];
- out[4] ^= in[4]; out[5] ^= in[5];
- out[6] ^= in[6]; out[7] ^= in[7];
-
- out += 8; in += 8; length -= 8;
- }
-
for(size_t i = 0; i != length; ++i)
+ {
out[i] ^= in[i];
+ }
}
/**
@@ -106,60 +107,12 @@ template<typename T> void xor_buf(T out[],
const T in2[],
size_t length)
{
- while(length >= 8)
- {
- out[0] = in[0] ^ in2[0];
- out[1] = in[1] ^ in2[1];
- out[2] = in[2] ^ in2[2];
- out[3] = in[3] ^ in2[3];
- out[4] = in[4] ^ in2[4];
- out[5] = in[5] ^ in2[5];
- out[6] = in[6] ^ in2[6];
- out[7] = in[7] ^ in2[7];
-
- in += 8; in2 += 8; out += 8; length -= 8;
- }
-
for(size_t i = 0; i != length; ++i)
- out[i] = in[i] ^ in2[i];
- }
-
-#if BOTAN_TARGET_UNALIGNED_MEMORY_ACCESS_OK
-
-template<>
-inline void xor_buf<byte>(byte out[], const byte in[], size_t length)
- {
- while(length >= 8)
{
- *reinterpret_cast<u64bit*>(out) ^= *reinterpret_cast<const u64bit*>(in);
- out += 8; in += 8; length -= 8;
- }
-
- for(size_t i = 0; i != length; ++i)
- out[i] ^= in[i];
- }
-
-template<>
-inline void xor_buf<byte>(byte out[],
- const byte in[],
- const byte in2[],
- size_t length)
- {
- while(length >= 8)
- {
- *reinterpret_cast<u64bit*>(out) =
- *reinterpret_cast<const u64bit*>(in) ^
- *reinterpret_cast<const u64bit*>(in2);
-
- in += 8; in2 += 8; out += 8; length -= 8;
- }
-
- for(size_t i = 0; i != length; ++i)
out[i] = in[i] ^ in2[i];
+ }
}
-#endif
-
template<typename Alloc, typename Alloc2>
void xor_buf(std::vector<byte, Alloc>& out,
const std::vector<byte, Alloc2>& in,
diff --git a/src/lib/utils/os_utils.cpp b/src/lib/utils/os_utils.cpp
index ae93d58d7..8fa099bc6 100644
--- a/src/lib/utils/os_utils.cpp
+++ b/src/lib/utils/os_utils.cpp
@@ -1,27 +1,103 @@
/*
* OS and machine specific utility functions
-* (C) 2015 Jack Lloyd
+* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
#include <botan/internal/os_utils.h>
+#include <botan/cpuid.h>
#include <botan/exceptn.h>
#include <botan/mem_ops.h>
+#include <chrono>
-//TODO: defined(BOTAN_TARGET_OS_TYPE_IS_POSIX)
-
-#if defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
+#if defined(BOTAN_TARGET_OS_TYPE_IS_UNIX)
#include <sys/types.h>
#include <sys/mman.h>
#include <sys/resource.h>
#include <unistd.h>
#endif
+#if defined(BOTAN_TARGET_OS_TYPE_IS_WINDOWS)
+ #include <windows.h>
+#endif
+
namespace Botan {
namespace OS {
+uint32_t get_process_id()
+ {
+#if defined(BOTAN_TARGET_OS_IS_UNIX)
+ return ::getpid();
+#elif defined(BOTAN_TARGET_OS_IS_WINDOWS)
+ return ::GetCurrentProcessId();
+#else
+ return 0;
+#endif
+ }
+
+uint64_t get_processor_timestamp()
+ {
+ uint64_t rtc = 0;
+
+#if defined(BOTAN_TARGET_OS_HAS_QUERY_PERF_COUNTER)
+ LARGE_INTEGER tv;
+ ::QueryPerformanceCounter(&tv);
+ rtc = tv.QuadPart;
+#endif
+
+#if defined(BOTAN_USE_GCC_INLINE_ASM)
+
+#if defined(BOTAN_TARGET_CPU_IS_X86_FAMILY)
+ if(CPUID::has_rdtsc()) // not availble on all x86 CPUs
+ {
+ uint32_t rtc_low = 0, rtc_high = 0;
+ asm volatile("rdtsc" : "=d" (rtc_high), "=a" (rtc_low));
+ rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low;
+ }
+
+#elif defined(BOTAN_TARGET_CPU_IS_PPC_FAMILY)
+ uint32_t rtc_low = 0, rtc_high = 0;
+ asm volatile("mftbu %0; mftb %1" : "=r" (rtc_high), "=r" (rtc_low));
+ rtc = (static_cast<u64bit>(rtc_high) << 32) | rtc_low;
+
+#elif defined(BOTAN_TARGET_ARCH_IS_ALPHA)
+ asm volatile("rpcc %0" : "=r" (rtc));
+
+#elif defined(BOTAN_TARGET_ARCH_IS_SPARC64) && !defined(BOTAN_TARGET_OS_IS_OPENBSD)
+ // OpenBSD does not trap access to the %tick register
+ asm volatile("rd %%tick, %0" : "=r" (rtc));
+
+#elif defined(BOTAN_TARGET_ARCH_IS_IA64)
+ asm volatile("mov %0=ar.itc" : "=r" (rtc));
+
+#elif defined(BOTAN_TARGET_ARCH_IS_S390X)
+ asm volatile("stck 0(%0)" : : "a" (&rtc) : "memory", "cc");
+
+#elif defined(BOTAN_TARGET_ARCH_IS_HPPA)
+ asm volatile("mfctl 16,%0" : "=r" (rtc)); // 64-bit only?
+#endif
+
+#endif
+
+ return rtc;
+ }
+
+uint64_t get_system_timestamp_ns()
+ {
+#if defined(BOTAN_TARGET_OS_HAS_CLOCK_GETTIME)
+ struct timespec ts;
+ if(::clock_gettime(CLOCK_REALTIME, &ts) == 0)
+ {
+ return (static_cast<uint64_t>(ts.tv_sec) * 1000000000) + static_cast<uint64_t>(ts.tv_nsec);
+ }
+#endif
+
+ auto now = std::chrono::high_resolution_clock::now().time_since_epoch();
+ return std::chrono::duration_cast<std::chrono::nanoseconds>(now).count();
+ }
+
size_t get_memory_locking_limit()
{
#if defined(BOTAN_TARGET_OS_HAS_POSIX_MLOCK)
diff --git a/src/lib/utils/os_utils.h b/src/lib/utils/os_utils.h
index 0030f88c9..3335463f7 100644
--- a/src/lib/utils/os_utils.h
+++ b/src/lib/utils/os_utils.h
@@ -1,6 +1,6 @@
/*
* OS specific utility functions
-* (C) 2015 Jack Lloyd
+* (C) 2015,2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/
@@ -14,6 +14,26 @@ namespace Botan {
namespace OS {
+/**
+* Returns the OS assigned process ID, if available. Otherwise returns 0.
+*/
+uint32_t get_process_id();
+
+/**
+* Returns the value of the hardware cycle counter, if available.
+* Returns 0 if not available. On Windows uses QueryPerformanceCounter.
+* On other platforms reads the native cycle counter directly.
+* The epoch and update rate are arbitrary and may not be constant
+* (depending on the hardware).
+*/
+uint64_t get_processor_timestamp();
+
+/**
+* Returns the value of the system clock with best resolution available,
+* normalized to nanoseconds resolution.
+*/
+uint64_t get_system_timestamp_ns();
+
/*
* Returns the maximum amount of memory (in bytes) we could/should
* hyptothetically allocate. Reads "BOTAN_MLOCK_POOL_SIZE" from
@@ -22,9 +42,9 @@ namespace OS {
size_t get_memory_locking_limit();
/*
-* Request so many bytes of page-aligned RAM locked into memory OS
-* calls (mlock, VirtualLock, or similar). Returns null on failure. The
-* memory returned is zeroed. Free it with free_locked_pages.
+* Request so many bytes of page-aligned RAM locked into memory using
+* mlock, VirtualLock, or similar. Returns null on failure. The memory
+* returned is zeroed. Free it with free_locked_pages.
*/
void* allocate_locked_pages(size_t length);
diff --git a/src/lib/utils/parsing.cpp b/src/lib/utils/parsing.cpp
index 2bf41f260..e5c8562b5 100644
--- a/src/lib/utils/parsing.cpp
+++ b/src/lib/utils/parsing.cpp
@@ -53,7 +53,7 @@ u32bit to_u32bit(const std::string& str)
*/
u32bit timespec_to_u32bit(const std::string& timespec)
{
- if(timespec == "")
+ if(timespec.empty())
return 0;
const char suffix = timespec[timespec.size()-1];
@@ -129,7 +129,7 @@ std::vector<std::string> parse_algorithm_name(const std::string& namex)
substring += c;
}
- if(substring != "")
+ if(!substring.empty())
throw Invalid_Algorithm_Name(namex);
return elems;
@@ -144,14 +144,14 @@ std::vector<std::string> split_on_pred(const std::string& str,
std::function<bool (char)> pred)
{
std::vector<std::string> elems;
- if(str == "") return elems;
+ if(str.empty()) return elems;
std::string substr;
for(auto i = str.begin(); i != str.end(); ++i)
{
if(pred(*i))
{
- if(substr != "")
+ if(!substr.empty())
elems.push_back(substr);
substr.clear();
}
@@ -159,7 +159,7 @@ std::vector<std::string> split_on_pred(const std::string& str,
substr += *i;
}
- if(substr == "")
+ if(substr.empty())
throw Invalid_Argument("Unable to split string: " + str);
elems.push_back(substr);
@@ -197,7 +197,7 @@ std::vector<u32bit> parse_asn1_oid(const std::string& oid)
if(c == '.')
{
- if(substring == "")
+ if(substring.empty())
throw Invalid_OID(oid);
oid_elems.push_back(to_u32bit(substring));
substring.clear();
@@ -206,7 +206,7 @@ std::vector<u32bit> parse_asn1_oid(const std::string& oid)
substring += c;
}
- if(substring == "")
+ if(substring.empty())
throw Invalid_OID(oid);
oid_elems.push_back(to_u32bit(substring));
diff --git a/src/lib/utils/read_cfg.cpp b/src/lib/utils/read_cfg.cpp
index 1a15f2e63..bf68c0479 100644
--- a/src/lib/utils/read_cfg.cpp
+++ b/src/lib/utils/read_cfg.cpp
@@ -38,12 +38,12 @@ std::map<std::string, std::string> read_cfg(std::istream& is)
++line;
- if(s == "" || s[0] == '#')
+ if(s.empty() || s[0] == '#')
continue;
s = clean_ws(s.substr(0, s.find('#')));
- if(s == "")
+ if(s.empty())
continue;
auto eq = s.find("=");
diff --git a/src/lib/utils/semaphore.h b/src/lib/utils/semaphore.h
index 3495043e5..994a15f21 100644
--- a/src/lib/utils/semaphore.h
+++ b/src/lib/utils/semaphore.h
@@ -16,7 +16,7 @@ namespace Botan {
class Semaphore
{
public:
- Semaphore(int value = 0) : m_value(value), m_wakeups(0) {}
+ explicit Semaphore(int value = 0) : m_value(value), m_wakeups(0) {}
void acquire();
diff --git a/src/lib/utils/simd/simd_sse2/simd_sse2.h b/src/lib/utils/simd/simd_sse2/simd_sse2.h
index 9e85bd45b..551e9189c 100644
--- a/src/lib/utils/simd/simd_sse2/simd_sse2.h
+++ b/src/lib/utils/simd/simd_sse2/simd_sse2.h
@@ -18,24 +18,24 @@ namespace Botan {
class SIMD_SSE2
{
public:
- SIMD_SSE2(const u32bit B[4])
+ explicit SIMD_SSE2(const u32bit B[4])
{
- reg = _mm_loadu_si128(reinterpret_cast<const __m128i*>(B));
+ m_reg = _mm_loadu_si128(reinterpret_cast<const __m128i*>(B));
}
SIMD_SSE2(u32bit B0, u32bit B1, u32bit B2, u32bit B3)
{
- reg = _mm_set_epi32(B0, B1, B2, B3);
+ m_reg = _mm_set_epi32(B0, B1, B2, B3);
}
- SIMD_SSE2(u32bit B)
+ explicit SIMD_SSE2(u32bit B)
{
- reg = _mm_set1_epi32(B);
+ m_reg = _mm_set1_epi32(B);
}
static SIMD_SSE2 load_le(const void* in)
{
- return _mm_loadu_si128(reinterpret_cast<const __m128i*>(in));
+ return SIMD_SSE2(_mm_loadu_si128(reinterpret_cast<const __m128i*>(in)));
}
static SIMD_SSE2 load_be(const void* in)
@@ -45,7 +45,7 @@ class SIMD_SSE2
void store_le(byte out[]) const
{
- _mm_storeu_si128(reinterpret_cast<__m128i*>(out), reg);
+ _mm_storeu_si128(reinterpret_cast<__m128i*>(out), m_reg);
}
void store_be(byte out[]) const
@@ -55,8 +55,8 @@ class SIMD_SSE2
void rotate_left(size_t rot)
{
- reg = _mm_or_si128(_mm_slli_epi32(reg, static_cast<int>(rot)),
- _mm_srli_epi32(reg, static_cast<int>(32-rot)));
+ m_reg = _mm_or_si128(_mm_slli_epi32(m_reg, static_cast<int>(rot)),
+ _mm_srli_epi32(m_reg, static_cast<int>(32-rot)));
}
void rotate_right(size_t rot)
@@ -66,98 +66,98 @@ class SIMD_SSE2
void operator+=(const SIMD_SSE2& other)
{
- reg = _mm_add_epi32(reg, other.reg);
+ m_reg = _mm_add_epi32(m_reg, other.m_reg);
}
SIMD_SSE2 operator+(const SIMD_SSE2& other) const
{
- return _mm_add_epi32(reg, other.reg);
+ return SIMD_SSE2(_mm_add_epi32(m_reg, other.m_reg));
}
void operator-=(const SIMD_SSE2& other)
{
- reg = _mm_sub_epi32(reg, other.reg);
+ m_reg = _mm_sub_epi32(m_reg, other.m_reg);
}
SIMD_SSE2 operator-(const SIMD_SSE2& other) const
{
- return _mm_sub_epi32(reg, other.reg);
+ return SIMD_SSE2(_mm_sub_epi32(m_reg, other.m_reg));
}
void operator^=(const SIMD_SSE2& other)
{
- reg = _mm_xor_si128(reg, other.reg);
+ m_reg = _mm_xor_si128(m_reg, other.m_reg);
}
SIMD_SSE2 operator^(const SIMD_SSE2& other) const
{
- return _mm_xor_si128(reg, other.reg);
+ return SIMD_SSE2(_mm_xor_si128(m_reg, other.m_reg));
}
void operator|=(const SIMD_SSE2& other)
{
- reg = _mm_or_si128(reg, other.reg);
+ m_reg = _mm_or_si128(m_reg, other.m_reg);
}
SIMD_SSE2 operator&(const SIMD_SSE2& other)
{
- return _mm_and_si128(reg, other.reg);
+ return SIMD_SSE2(_mm_and_si128(m_reg, other.m_reg));
}
void operator&=(const SIMD_SSE2& other)
{
- reg = _mm_and_si128(reg, other.reg);
+ m_reg = _mm_and_si128(m_reg, other.m_reg);
}
SIMD_SSE2 operator<<(size_t shift) const
{
- return _mm_slli_epi32(reg, static_cast<int>(shift));
+ return SIMD_SSE2(_mm_slli_epi32(m_reg, static_cast<int>(shift)));
}
SIMD_SSE2 operator>>(size_t shift) const
{
- return _mm_srli_epi32(reg, static_cast<int>(shift));
+ return SIMD_SSE2(_mm_srli_epi32(m_reg, static_cast<int>(shift)));
}
SIMD_SSE2 operator~() const
{
- return _mm_xor_si128(reg, _mm_set1_epi32(0xFFFFFFFF));
+ return SIMD_SSE2(_mm_xor_si128(m_reg, _mm_set1_epi32(0xFFFFFFFF)));
}
// (~reg) & other
SIMD_SSE2 andc(const SIMD_SSE2& other)
{
- return _mm_andnot_si128(reg, other.reg);
+ return SIMD_SSE2(_mm_andnot_si128(m_reg, other.m_reg));
}
SIMD_SSE2 bswap() const
{
- __m128i T = reg;
+ __m128i T = m_reg;
T = _mm_shufflehi_epi16(T, _MM_SHUFFLE(2, 3, 0, 1));
T = _mm_shufflelo_epi16(T, _MM_SHUFFLE(2, 3, 0, 1));
- return _mm_or_si128(_mm_srli_epi16(T, 8),
- _mm_slli_epi16(T, 8));
+ return SIMD_SSE2(_mm_or_si128(_mm_srli_epi16(T, 8),
+ _mm_slli_epi16(T, 8)));
}
static void transpose(SIMD_SSE2& B0, SIMD_SSE2& B1,
SIMD_SSE2& B2, SIMD_SSE2& B3)
{
- __m128i T0 = _mm_unpacklo_epi32(B0.reg, B1.reg);
- __m128i T1 = _mm_unpacklo_epi32(B2.reg, B3.reg);
- __m128i T2 = _mm_unpackhi_epi32(B0.reg, B1.reg);
- __m128i T3 = _mm_unpackhi_epi32(B2.reg, B3.reg);
- B0.reg = _mm_unpacklo_epi64(T0, T1);
- B1.reg = _mm_unpackhi_epi64(T0, T1);
- B2.reg = _mm_unpacklo_epi64(T2, T3);
- B3.reg = _mm_unpackhi_epi64(T2, T3);
+ __m128i T0 = _mm_unpacklo_epi32(B0.m_reg, B1.m_reg);
+ __m128i T1 = _mm_unpacklo_epi32(B2.m_reg, B3.m_reg);
+ __m128i T2 = _mm_unpackhi_epi32(B0.m_reg, B1.m_reg);
+ __m128i T3 = _mm_unpackhi_epi32(B2.m_reg, B3.m_reg);
+ B0.m_reg = _mm_unpacklo_epi64(T0, T1);
+ B1.m_reg = _mm_unpackhi_epi64(T0, T1);
+ B2.m_reg = _mm_unpacklo_epi64(T2, T3);
+ B3.m_reg = _mm_unpackhi_epi64(T2, T3);
}
private:
- SIMD_SSE2(__m128i in) { reg = in; }
+ explicit SIMD_SSE2(__m128i in) { m_reg = in; }
- __m128i reg;
+ __m128i m_reg;
};
}