diff options
Diffstat (limited to 'src/lib')
-rw-r--r-- | src/lib/block/blowfish/blowfish.cpp | 2 | ||||
-rw-r--r-- | src/lib/cert/x509/certstor.h | 2 | ||||
-rw-r--r-- | src/lib/cert/x509/x509path.cpp | 8 | ||||
-rw-r--r-- | src/lib/codec/base64/base64.cpp | 4 | ||||
-rw-r--r-- | src/lib/constructs/srp6/srp6.cpp | 27 | ||||
-rw-r--r-- | src/lib/constructs/srp6/srp6.h | 6 | ||||
-rw-r--r-- | src/lib/modes/aead/ocb/ocb.cpp | 6 | ||||
-rw-r--r-- | src/lib/pubkey/dsa/dsa.cpp | 2 | ||||
-rw-r--r-- | src/lib/tls/tls_channel.cpp | 4 | ||||
-rw-r--r-- | src/lib/tls/tls_client.cpp | 1 | ||||
-rw-r--r-- | src/lib/tls/tls_extensions.h | 6 | ||||
-rw-r--r-- | src/lib/tls/tls_messages.h | 8 |
12 files changed, 39 insertions, 37 deletions
diff --git a/src/lib/block/blowfish/blowfish.cpp b/src/lib/block/blowfish/blowfish.cpp index e93359141..b896033f4 100644 --- a/src/lib/block/blowfish/blowfish.cpp +++ b/src/lib/block/blowfish/blowfish.cpp @@ -139,7 +139,7 @@ void Blowfish::eks_key_schedule(const byte key[], size_t length, key_expansion(key, length, salt); const byte null_salt[16] = { 0 }; - const size_t rounds = 1 << workfactor; + const size_t rounds = static_cast<size_t>(1) << workfactor; for(size_t r = 0; r != rounds; ++r) { diff --git a/src/lib/cert/x509/certstor.h b/src/lib/cert/x509/certstor.h index 8c9fd9610..79a33f75d 100644 --- a/src/lib/cert/x509/certstor.h +++ b/src/lib/cert/x509/certstor.h @@ -31,7 +31,7 @@ class BOTAN_DLL Certificate_Store bool certificate_known(const X509_Certificate& cert) const { - return find_cert(cert.subject_dn(), cert.subject_key_id()); + return find_cert(cert.subject_dn(), cert.subject_key_id()) != nullptr; } // remove this (used by TLS::Server) diff --git a/src/lib/cert/x509/x509path.cpp b/src/lib/cert/x509/x509path.cpp index e8e44f653..73a5a158b 100644 --- a/src/lib/cert/x509/x509path.cpp +++ b/src/lib/cert/x509/x509path.cpp @@ -30,13 +30,13 @@ find_issuing_cert(const X509_Certificate& cert, const X509_DN issuer_dn = cert.issuer_dn(); const std::vector<byte> auth_key_id = cert.authority_key_id(); - if(const X509_Certificate* cert = end_certs.find_cert(issuer_dn, auth_key_id)) - return cert; + if(const X509_Certificate* c = end_certs.find_cert(issuer_dn, auth_key_id)) + return c; for(size_t i = 0; i != certstores.size(); ++i) { - if(const X509_Certificate* cert = certstores[i]->find_cert(issuer_dn, auth_key_id)) - return cert; + if(const X509_Certificate* c = certstores[i]->find_cert(issuer_dn, auth_key_id)) + return c; } return nullptr; diff --git a/src/lib/codec/base64/base64.cpp b/src/lib/codec/base64/base64.cpp index b66478d2b..23c60fb35 100644 --- a/src/lib/codec/base64/base64.cpp +++ b/src/lib/codec/base64/base64.cpp @@ -168,8 +168,8 @@ size_t base64_decode(byte output[], { if(decode_buf_pos) { - for(size_t i = decode_buf_pos; i != 4; ++i) - decode_buf[i] = 0; + for(size_t j = decode_buf_pos; j != 4; ++j) + decode_buf[j] = 0; final_truncate = (4 - decode_buf_pos); decode_buf_pos = 4; } diff --git a/src/lib/constructs/srp6/srp6.cpp b/src/lib/constructs/srp6/srp6.cpp index 678dc8978..fba7fa326 100644 --- a/src/lib/constructs/srp6/srp6.cpp +++ b/src/lib/constructs/srp6/srp6.cpp @@ -131,32 +131,29 @@ BigInt SRP6_Server_Session::step1(const BigInt& v, const BigInt& g = group.get_g(); const BigInt& p = group.get_p(); - p_bytes = p.bytes(); + m_p_bytes = p.bytes(); + m_v = v; + m_b = BigInt(rng, 256); + m_p = p; + m_hash_id = hash_id; - BigInt k = hash_seq(hash_id, p_bytes, p, g); - - BigInt b(rng, 256); + const BigInt k = hash_seq(hash_id, m_p_bytes, p, g); - B = (v*k + power_mod(g, b, p)) % p; + m_B = (v*k + power_mod(g, m_b, p)) % p; - this->v = v; - this->b = b; - this->p = p; - this->hash_id = hash_id; - - return B; + return m_B; } SymmetricKey SRP6_Server_Session::step2(const BigInt& A) { - if(A <= 0 || A >= p) + if(A <= 0 || A >= m_p) throw std::runtime_error("Invalid SRP parameter from client"); - BigInt u = hash_seq(hash_id, p_bytes, A, B); + const BigInt u = hash_seq(m_hash_id, m_p_bytes, A, m_B); - BigInt S = power_mod(A * power_mod(v, u, p), b, p); + const BigInt S = power_mod(A * power_mod(m_v, u, m_p), m_b, m_p); - return BigInt::encode_1363(S, p_bytes); + return BigInt::encode_1363(S, m_p_bytes); } } diff --git a/src/lib/constructs/srp6/srp6.h b/src/lib/constructs/srp6/srp6.h index 6f3960be1..b0adc5da4 100644 --- a/src/lib/constructs/srp6/srp6.h +++ b/src/lib/constructs/srp6/srp6.h @@ -87,9 +87,9 @@ class BOTAN_DLL SRP6_Server_Session SymmetricKey step2(const BigInt& A); private: - std::string hash_id; - BigInt B, b, v, S, p; - size_t p_bytes; + std::string m_hash_id; + BigInt m_B, m_b, m_v, m_S, m_p; + size_t m_p_bytes; }; } diff --git a/src/lib/modes/aead/ocb/ocb.cpp b/src/lib/modes/aead/ocb/ocb.cpp index 2e337ba66..5909e0c12 100644 --- a/src/lib/modes/aead/ocb/ocb.cpp +++ b/src/lib/modes/aead/ocb/ocb.cpp @@ -296,9 +296,9 @@ void OCB_Encryption::finish(secure_vector<byte>& buffer, size_t offset) m_offset ^= m_L->star(); // Offset_* - secure_vector<byte> buf(BS); - m_cipher->encrypt(m_offset, buf); - xor_buf(&remainder[0], &buf[0], remainder_bytes); + secure_vector<byte> zeros(BS); + m_cipher->encrypt(m_offset, zeros); + xor_buf(&remainder[0], &zeros[0], remainder_bytes); } } diff --git a/src/lib/pubkey/dsa/dsa.cpp b/src/lib/pubkey/dsa/dsa.cpp index 5d56d6b89..c66db52f6 100644 --- a/src/lib/pubkey/dsa/dsa.cpp +++ b/src/lib/pubkey/dsa/dsa.cpp @@ -115,8 +115,6 @@ DSA_Verification_Operation::DSA_Verification_Operation(const DSA_PublicKey& dsa) bool DSA_Verification_Operation::verify(const byte msg[], size_t msg_len, const byte sig[], size_t sig_len) { - const BigInt& q = mod_q.get_modulus(); - if(sig_len != 2*q.bytes() || msg_len > q.bytes()) return false; diff --git a/src/lib/tls/tls_channel.cpp b/src/lib/tls/tls_channel.cpp index 0617f992c..25307166b 100644 --- a/src/lib/tls/tls_channel.cpp +++ b/src/lib/tls/tls_channel.cpp @@ -458,12 +458,12 @@ size_t Channel::received_data(const byte input[], size_t input_size) send_fatal_alert(e.type()); throw; } - catch(Integrity_Failure& e) + catch(Integrity_Failure&) { send_fatal_alert(Alert::BAD_RECORD_MAC); throw; } - catch(Decoding_Error& e) + catch(Decoding_Error&) { send_fatal_alert(Alert::DECODE_ERROR); throw; diff --git a/src/lib/tls/tls_client.cpp b/src/lib/tls/tls_client.cpp index 6c17409a7..7cc0dddbd 100644 --- a/src/lib/tls/tls_client.cpp +++ b/src/lib/tls/tls_client.cpp @@ -9,6 +9,7 @@ #include <botan/internal/tls_handshake_state.h> #include <botan/internal/tls_messages.h> #include <botan/internal/stl_util.h> +#include <iterator> namespace Botan { diff --git a/src/lib/tls/tls_extensions.h b/src/lib/tls/tls_extensions.h index a88938eba..ac1f75a2b 100644 --- a/src/lib/tls/tls_extensions.h +++ b/src/lib/tls/tls_extensions.h @@ -372,6 +372,12 @@ class Extensions return nullptr; } + template<typename T> + bool has() const + { + return get<T>() != nullptr; + } + void add(Extension* extn) { extensions[extn->type()].reset(extn); diff --git a/src/lib/tls/tls_messages.h b/src/lib/tls/tls_messages.h index 6cfb2f5bf..626f6a1cf 100644 --- a/src/lib/tls/tls_messages.h +++ b/src/lib/tls/tls_messages.h @@ -103,7 +103,7 @@ class Client_Hello : public Handshake_Message bool secure_renegotiation() const { - return m_extensions.get<Renegotiation_Extension>(); + return m_extensions.has<Renegotiation_Extension>(); } std::vector<byte> renegotiation_info() const @@ -115,7 +115,7 @@ class Client_Hello : public Handshake_Message bool next_protocol_notification() const { - return m_extensions.get<Next_Protocol_Notification>(); + return m_extensions.has<Next_Protocol_Notification>(); } size_t fragment_size() const @@ -127,7 +127,7 @@ class Client_Hello : public Handshake_Message bool supports_session_ticket() const { - return m_extensions.get<Session_Ticket>(); + return m_extensions.has<Session_Ticket>(); } std::vector<byte> session_ticket() const @@ -139,7 +139,7 @@ class Client_Hello : public Handshake_Message bool supports_heartbeats() const { - return m_extensions.get<Heartbeat_Support_Indicator>(); + return m_extensions.has<Heartbeat_Support_Indicator>(); } bool peer_can_send_heartbeats() const |