aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/ffi/ffi.h47
-rw-r--r--src/lib/ffi/ffi_util.h6
-rw-r--r--src/lib/prov/pkcs11/p11_ecdh.cpp2
-rw-r--r--src/lib/utils/exceptn.h12
4 files changed, 59 insertions, 8 deletions
diff --git a/src/lib/ffi/ffi.h b/src/lib/ffi/ffi.h
index 323f47557..980d8f906 100644
--- a/src/lib/ffi/ffi.h
+++ b/src/lib/ffi/ffi.h
@@ -191,8 +191,11 @@ typedef struct botan_rng_struct* botan_rng_t;
* Initialize a random number generator object
* @param rng rng object
* @param rng_type type of the rng, possible values:
-* "system": System_RNG, "user": AutoSeeded_RNG
-* Set rng_type to null or empty string to let the library choose
+* "system": system RNG
+* "user": userspace RNG
+* "user-threadsafe": userspace RNG, with internal locking
+* "rdrand": directly read RDRAND
+* Set rng_type to null to let the library choose some default.
*/
BOTAN_PUBLIC_API(2,0) int botan_rng_init(botan_rng_t* rng, const char* rng_type);
@@ -242,7 +245,7 @@ BOTAN_PUBLIC_API(2,8) int botan_rng_add_entropy(botan_rng_t rng,
/**
* Frees all resources of the random number generator object
* @param rng rng object
-* @return always returns 0
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,0) int botan_rng_destroy(botan_rng_t rng);
@@ -314,7 +317,7 @@ BOTAN_PUBLIC_API(2,0) int botan_hash_clear(botan_hash_t hash);
/**
* Frees all resources of the hash object
* @param hash hash object
-* @return always returns 0
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,0) int botan_hash_destroy(botan_hash_t hash);
@@ -408,7 +411,7 @@ BOTAN_PUBLIC_API(2,8) int botan_mac_get_keyspec(botan_mac_t mac,
/**
* Frees all resources of the MAC object
* @param mac mac object
-* @return always returns 0
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,0) int botan_mac_destroy(botan_mac_t mac);
@@ -521,6 +524,7 @@ BOTAN_PUBLIC_API(2,0) int botan_cipher_clear(botan_cipher_t hash);
/**
* Destroy the cipher object
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,0) int botan_cipher_destroy(botan_cipher_t cipher);
@@ -658,6 +662,7 @@ BOTAN_PUBLIC_API(2,1) int botan_block_cipher_init(botan_block_cipher_t* bc,
/**
* Destroy a block cipher object
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,1) int botan_block_cipher_destroy(botan_block_cipher_t bc);
@@ -729,6 +734,7 @@ BOTAN_PUBLIC_API(2,1) int botan_mp_init(botan_mp_t* mp);
/**
* Destroy (deallocate) an MPI
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,1) int botan_mp_destroy(botan_mp_t mp);
@@ -1009,6 +1015,9 @@ BOTAN_PUBLIC_API(2,0) int botan_privkey_load(botan_privkey_t* key,
const uint8_t bits[], size_t len,
const char* password);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_privkey_destroy(botan_privkey_t key);
#define BOTAN_PRIVKEY_EXPORT_FLAG_DER 0
@@ -1084,6 +1093,9 @@ BOTAN_PUBLIC_API(2,0) int botan_pubkey_estimated_strength(botan_pubkey_t key, si
BOTAN_PUBLIC_API(2,0) int botan_pubkey_fingerprint(botan_pubkey_t key, const char* hash,
uint8_t out[], size_t* out_len);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pubkey_destroy(botan_pubkey_t key);
/*
@@ -1330,6 +1342,9 @@ BOTAN_PUBLIC_API(2,0) int botan_pk_op_encrypt_create(botan_pk_op_encrypt_t* op,
const char* padding,
uint32_t flags);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pk_op_encrypt_destroy(botan_pk_op_encrypt_t op);
BOTAN_PUBLIC_API(2,8) int botan_pk_op_encrypt_output_length(botan_pk_op_encrypt_t op,
@@ -1352,6 +1367,10 @@ BOTAN_PUBLIC_API(2,0) int botan_pk_op_decrypt_create(botan_pk_op_decrypt_t* op,
botan_privkey_t key,
const char* padding,
uint32_t flags);
+
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pk_op_decrypt_destroy(botan_pk_op_decrypt_t op);
BOTAN_PUBLIC_API(2,8) int botan_pk_op_decrypt_output_length(botan_pk_op_decrypt_t op,
@@ -1373,6 +1392,9 @@ int botan_pk_op_sign_create(botan_pk_op_sign_t* op,
const char* hash_and_padding,
uint32_t flags);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pk_op_sign_destroy(botan_pk_op_sign_t op);
BOTAN_PUBLIC_API(2,8) int botan_pk_op_sign_output_length(botan_pk_op_sign_t op, size_t* olen);
@@ -1394,6 +1416,9 @@ int botan_pk_op_verify_create(botan_pk_op_verify_t* op,
const char* hash_and_padding,
uint32_t flags);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pk_op_verify_destroy(botan_pk_op_verify_t op);
BOTAN_PUBLIC_API(2,0) int botan_pk_op_verify_update(botan_pk_op_verify_t op, const uint8_t in[], size_t in_len);
@@ -1410,6 +1435,9 @@ int botan_pk_op_key_agreement_create(botan_pk_op_ka_t* op,
const char* kdf,
uint32_t flags);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_pk_op_key_agreement_destroy(botan_pk_op_ka_t op);
BOTAN_PUBLIC_API(2,0) int botan_pk_op_key_agreement_export_public(botan_privkey_t key,
@@ -1454,6 +1482,10 @@ typedef struct botan_x509_cert_struct* botan_x509_cert_t;
BOTAN_PUBLIC_API(2,0) int botan_x509_cert_load(botan_x509_cert_t* cert_obj, const uint8_t cert[], size_t cert_len);
BOTAN_PUBLIC_API(2,0) int botan_x509_cert_load_file(botan_x509_cert_t* cert_obj, const char* filename);
+
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,0) int botan_x509_cert_destroy(botan_x509_cert_t cert);
BOTAN_PUBLIC_API(2,8) int botan_x509_cert_dup(botan_x509_cert_t* new_cert, botan_x509_cert_t cert);
@@ -1566,6 +1598,7 @@ int botan_hotp_init(botan_hotp_t* hotp,
/**
* Destroy a HOTP instance
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,8)
int botan_hotp_destroy(botan_hotp_t hotp);
@@ -1607,6 +1640,7 @@ int botan_totp_init(botan_totp_t* totp,
/**
* Destroy a TOTP instance
+* @return 0 if success, error if invalid object handle
*/
BOTAN_PUBLIC_API(2,8)
int botan_totp_destroy(botan_totp_t totp);
@@ -1650,6 +1684,9 @@ int botan_fpe_fe1_init(botan_fpe_t* fpe, botan_mp_t n,
const uint8_t key[], size_t key_len,
size_t rounds, uint32_t flags);
+/**
+* @return 0 if success, error if invalid object handle
+*/
BOTAN_PUBLIC_API(2,8)
int botan_fpe_destroy(botan_fpe_t fpe);
diff --git a/src/lib/ffi/ffi_util.h b/src/lib/ffi/ffi_util.h
index 2962b05e1..e77a2debb 100644
--- a/src/lib/ffi/ffi_util.h
+++ b/src/lib/ffi/ffi_util.h
@@ -82,7 +82,11 @@ int apply_fn(botan_struct<T, M>* o, const char* func_name, F func)
if(o->magic_ok() == false)
return BOTAN_FFI_ERROR_INVALID_OBJECT;
- return ffi_guard_thunk(func_name, [&]() { return func(*o->unsafe_get()); });
+ T* p = o->unsafe_get();
+ if(p == nullptr)
+ return BOTAN_FFI_ERROR_INVALID_OBJECT;
+
+ return ffi_guard_thunk(func_name, [&]() { return func(*p); });
}
#define BOTAN_FFI_DO(T, obj, param, block) \
diff --git a/src/lib/prov/pkcs11/p11_ecdh.cpp b/src/lib/prov/pkcs11/p11_ecdh.cpp
index 0cd671bcb..f6e27e513 100644
--- a/src/lib/prov/pkcs11/p11_ecdh.cpp
+++ b/src/lib/prov/pkcs11/p11_ecdh.cpp
@@ -74,7 +74,7 @@ class PKCS11_ECDH_KA_Operation final : public PK_Ops::Key_Agreement
attributes.add_bool(AttributeType::Extractable, true);
attributes.add_numeric(AttributeType::Class, static_cast< CK_OBJECT_CLASS >(ObjectClass::SecretKey));
attributes.add_numeric(AttributeType::KeyType, static_cast< CK_KEY_TYPE >(KeyType::GenericSecret));
- attributes.add_numeric(AttributeType::ValueLen, key_len);
+ attributes.add_numeric(AttributeType::ValueLen, static_cast< CK_ULONG >(key_len));
m_key.module()->C_DeriveKey(m_key.session().handle(), m_mechanism.data(), m_key.handle(), attributes.data(),
attributes.count(), &secret_handle);
diff --git a/src/lib/utils/exceptn.h b/src/lib/utils/exceptn.h
index 0de17f6f3..61e7c7c1f 100644
--- a/src/lib/utils/exceptn.h
+++ b/src/lib/utils/exceptn.h
@@ -109,9 +109,19 @@ class BOTAN_PUBLIC_API(2,0) Exception : public std::exception
*/
virtual int error_code() const noexcept { return 0; }
- protected:
+ /**
+ * Avoid throwing base Exception, use a subclass
+ */
explicit Exception(const std::string& msg);
+
+ /**
+ * Avoid throwing base Exception, use a subclass
+ */
Exception(const char* prefix, const std::string& msg);
+
+ /**
+ * Avoid throwing base Exception, use a subclass
+ */
Exception(const std::string& msg, const std::exception& e);
private: