aboutsummaryrefslogtreecommitdiffstats
path: root/src/tls
diff options
context:
space:
mode:
Diffstat (limited to 'src/tls')
-rw-r--r--src/tls/c_hello.cpp26
-rw-r--r--src/tls/c_kex.cpp26
-rw-r--r--src/tls/cert_req.cpp22
-rw-r--r--src/tls/cert_ver.cpp10
-rw-r--r--src/tls/finished.cpp14
-rw-r--r--src/tls/hello_verify.cpp10
-rw-r--r--src/tls/next_protocol.cpp6
-rw-r--r--src/tls/rec_read.cpp4
-rw-r--r--src/tls/rec_wri.cpp6
-rw-r--r--src/tls/s_hello.cpp16
-rw-r--r--src/tls/s_kex.cpp12
-rw-r--r--src/tls/session_ticket.cpp8
-rw-r--r--src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp10
-rw-r--r--src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h4
-rw-r--r--src/tls/tls_alert.cpp2
-rw-r--r--src/tls/tls_alert.h2
-rw-r--r--src/tls/tls_channel.cpp16
-rw-r--r--src/tls/tls_channel.h12
-rw-r--r--src/tls/tls_client.cpp6
-rw-r--r--src/tls/tls_client.h2
-rw-r--r--src/tls/tls_extensions.cpp34
-rw-r--r--src/tls/tls_extensions.h36
-rw-r--r--src/tls/tls_handshake_hash.cpp10
-rw-r--r--src/tls/tls_handshake_hash.h15
-rw-r--r--src/tls/tls_handshake_reader.cpp4
-rw-r--r--src/tls/tls_handshake_reader.h4
-rw-r--r--src/tls/tls_handshake_state.cpp2
-rw-r--r--src/tls/tls_handshake_state.h4
-rw-r--r--src/tls/tls_heartbeats.cpp12
-rw-r--r--src/tls/tls_heartbeats.h8
-rw-r--r--src/tls/tls_messages.h121
-rw-r--r--src/tls/tls_reader.h35
-rw-r--r--src/tls/tls_record.h12
-rw-r--r--src/tls/tls_server.cpp12
-rw-r--r--src/tls/tls_server.h4
-rw-r--r--src/tls/tls_session.cpp26
-rw-r--r--src/tls/tls_session.h24
-rw-r--r--src/tls/tls_session_key.cpp6
-rw-r--r--src/tls/tls_session_key.h6
-rw-r--r--src/tls/tls_session_manager.cpp4
-rw-r--r--src/tls/tls_session_manager.h8
41 files changed, 299 insertions, 302 deletions
diff --git a/src/tls/c_hello.cpp b/src/tls/c_hello.cpp
index df3957a4b..e63dc91ba 100644
--- a/src/tls/c_hello.cpp
+++ b/src/tls/c_hello.cpp
@@ -21,14 +21,14 @@ enum {
TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF
};
-MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng)
+std::vector<byte> make_hello_random(RandomNumberGenerator& rng)
{
- MemoryVector<byte> buf(32);
+ std::vector<byte> buf(32);
const u32bit time32 = static_cast<u32bit>(
std::chrono::system_clock::to_time_t(std::chrono::system_clock::now()));
- store_be(time32, buf);
+ store_be(time32, &buf[0]);
rng.randomize(&buf[4], buf.size() - 4);
return buf;
}
@@ -44,7 +44,7 @@ Hello_Request::Hello_Request(Record_Writer& writer)
/*
* Deserialize a Hello Request message
*/
-Hello_Request::Hello_Request(const MemoryRegion<byte>& buf)
+Hello_Request::Hello_Request(const std::vector<byte>& buf)
{
if(buf.size())
throw Decoding_Error("Bad Hello_Request, has non-zero size");
@@ -53,9 +53,9 @@ Hello_Request::Hello_Request(const MemoryRegion<byte>& buf)
/*
* Serialize a Hello Request message
*/
-MemoryVector<byte> Hello_Request::serialize() const
+std::vector<byte> Hello_Request::serialize() const
{
- return MemoryVector<byte>();
+ return std::vector<byte>();
}
/*
@@ -65,7 +65,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool next_protocol,
const std::string& hostname,
const std::string& srp_identifier) :
@@ -101,7 +101,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
const Session& session,
bool next_protocol) :
m_version(session.version()),
@@ -140,7 +140,7 @@ Client_Hello::Client_Hello(Record_Writer& writer,
/*
* Read a counterparty client hello
*/
-Client_Hello::Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type)
+Client_Hello::Client_Hello(const std::vector<byte>& buf, Handshake_Type type)
{
m_next_protocol = false;
m_secure_renegotiation = false;
@@ -158,9 +158,9 @@ Client_Hello::Client_Hello(const MemoryRegion<byte>& buf, Handshake_Type type)
/*
* Serialize a Client Hello message
*/
-MemoryVector<byte> Client_Hello::serialize() const
+std::vector<byte> Client_Hello::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
buf.push_back(m_version.major_version());
buf.push_back(m_version.minor_version());
@@ -202,7 +202,7 @@ MemoryVector<byte> Client_Hello::serialize() const
return buf;
}
-void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
+void Client_Hello::deserialize_sslv2(const std::vector<byte>& buf)
{
if(buf.size() < 12 || buf[0] != 1)
throw Decoding_Error("Client_Hello: SSLv2 hello corrupted");
@@ -243,7 +243,7 @@ void Client_Hello::deserialize_sslv2(const MemoryRegion<byte>& buf)
/*
* Deserialize a Client Hello message
*/
-void Client_Hello::deserialize(const MemoryRegion<byte>& buf)
+void Client_Hello::deserialize(const std::vector<byte>& buf)
{
if(buf.size() == 0)
throw Decoding_Error("Client_Hello: Packet corrupted");
diff --git a/src/tls/c_kex.cpp b/src/tls/c_kex.cpp
index f97081383..5ff9ec1ce 100644
--- a/src/tls/c_kex.cpp
+++ b/src/tls/c_kex.cpp
@@ -26,7 +26,7 @@ namespace TLS {
namespace {
-SecureVector<byte> strip_leading_zeros(const MemoryRegion<byte>& input)
+secure_vector<byte> strip_leading_zeros(const secure_vector<byte>& input)
{
size_t leading_zeros = 0;
@@ -37,8 +37,8 @@ SecureVector<byte> strip_leading_zeros(const MemoryRegion<byte>& input)
++leading_zeros;
}
- SecureVector<byte> output(&input[leading_zeros],
- input.size() - leading_zeros);
+ secure_vector<byte> output(&input[leading_zeros],
+ &input[input.size()-1]);
return output;
}
@@ -76,7 +76,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
SymmetricKey psk = creds.psk("tls-client", hostname, psk_identity);
- MemoryVector<byte> zeros(psk.length());
+ std::vector<byte> zeros(psk.length());
append_tls_length_value(pre_master, zeros, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
@@ -124,7 +124,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Key_Agreement ka(priv_key, "Raw");
- SecureVector<byte> dh_secret = strip_leading_zeros(
+ secure_vector<byte> dh_secret = strip_leading_zeros(
ka.derive_key(0, counterparty_key.public_value()).bits_of());
if(kex_algo == "DH")
@@ -153,7 +153,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
EC_Group group(name);
- MemoryVector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
ECDH_PublicKey counterparty_key(group, OS2ECP(ecdh_key, group.get_curve()));
@@ -161,7 +161,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Key_Agreement ka(priv_key, "Raw");
- SecureVector<byte> ecdh_secret = ka.derive_key(0, counterparty_key.public_value()).bits_of();
+ secure_vector<byte> ecdh_secret = ka.derive_key(0, counterparty_key.public_value()).bits_of();
if(kex_algo == "ECDH")
pre_master = ecdh_secret;
@@ -177,7 +177,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
{
const BigInt N = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
- MemoryVector<byte> salt = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> salt = reader.get_range<byte>(1, 1, 255);
const BigInt B = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const std::string srp_group = srp6_group_identifier(N, g);
@@ -228,7 +228,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
PK_Encryptor_EME encryptor(*rsa_pub, "PKCS1v15");
- MemoryVector<byte> encrypted_key = encryptor.encrypt(pre_master, rng);
+ std::vector<byte> encrypted_key = encryptor.encrypt(pre_master, rng);
if(state->version() == Protocol_Version::SSL_V3)
key_material = encrypted_key; // no length field
@@ -247,7 +247,7 @@ Client_Key_Exchange::Client_Key_Exchange(Record_Writer& writer,
/*
* Read a Client Key Exchange message
*/
-Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
+Client_Key_Exchange::Client_Key_Exchange(const std::vector<byte>& contents,
const Handshake_State* state,
Credentials_Manager& creds,
const Policy& policy,
@@ -326,7 +326,7 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
if(kex_algo == "PSK")
{
- MemoryVector<byte> zeros(psk.length());
+ std::vector<byte> zeros(psk.length());
append_tls_length_value(pre_master, zeros, 2);
append_tls_length_value(pre_master, psk.bits_of(), 2);
}
@@ -352,14 +352,14 @@ Client_Key_Exchange::Client_Key_Exchange(const MemoryRegion<byte>& contents,
{
PK_Key_Agreement ka(*ka_key, "Raw");
- MemoryVector<byte> client_pubkey;
+ std::vector<byte> client_pubkey;
if(ka_key->algo_name() == "DH")
client_pubkey = reader.get_range<byte>(2, 0, 65535);
else
client_pubkey = reader.get_range<byte>(1, 0, 255);
- SecureVector<byte> shared_secret = ka.derive_key(0, client_pubkey).bits_of();
+ secure_vector<byte> shared_secret = ka.derive_key(0, client_pubkey).bits_of();
if(ka_key->algo_name() == "DH")
shared_secret = strip_leading_zeros(shared_secret);
diff --git a/src/tls/cert_req.cpp b/src/tls/cert_req.cpp
index 1b686c1c4..6ec5339bb 100644
--- a/src/tls/cert_req.cpp
+++ b/src/tls/cert_req.cpp
@@ -80,7 +80,7 @@ Certificate_Req::Certificate_Req(Record_Writer& writer,
/**
* Deserialize a Certificate Request message
*/
-Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf,
+Certificate_Req::Certificate_Req(const std::vector<byte>& buf,
Protocol_Version version)
{
if(buf.size() < 4)
@@ -141,9 +141,9 @@ Certificate_Req::Certificate_Req(const MemoryRegion<byte>& buf,
/**
* Serialize a Certificate Request message
*/
-MemoryVector<byte> Certificate_Req::serialize() const
+std::vector<byte> Certificate_Req::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
std::vector<byte> cert_types;
@@ -155,7 +155,7 @@ MemoryVector<byte> Certificate_Req::serialize() const
if(!m_supported_algos.empty())
buf += Signature_Algorithms(m_supported_algos).serialize();
- MemoryVector<byte> encoded_names;
+ std::vector<byte> encoded_names;
for(size_t i = 0; i != names.size(); ++i)
{
@@ -184,7 +184,7 @@ Certificate::Certificate(Record_Writer& writer,
/**
* Deserialize a Certificate message
*/
-Certificate::Certificate(const MemoryRegion<byte>& buf)
+Certificate::Certificate(const std::vector<byte>& buf)
{
if(buf.size() < 3)
throw Decoding_Error("Certificate: Message malformed");
@@ -196,14 +196,14 @@ Certificate::Certificate(const MemoryRegion<byte>& buf)
const byte* certs = &buf[3];
- while(certs != buf.end())
+ while(size_t remaining_bytes = &buf[buf.size()] - certs)
{
- if(buf.end() - certs < 3)
+ if(remaining_bytes < 3)
throw Decoding_Error("Certificate: Message malformed");
const size_t cert_size = make_u32bit(0, certs[0], certs[1], certs[2]);
- if(buf.end() - certs < (3 + cert_size))
+ if(remaining_bytes < (3 + cert_size))
throw Decoding_Error("Certificate: Message malformed");
DataSource_Memory cert_buf(&certs[3], cert_size);
@@ -216,13 +216,13 @@ Certificate::Certificate(const MemoryRegion<byte>& buf)
/**
* Serialize a Certificate message
*/
-MemoryVector<byte> Certificate::serialize() const
+std::vector<byte> Certificate::serialize() const
{
- MemoryVector<byte> buf(3);
+ std::vector<byte> buf(3);
for(size_t i = 0; i != m_certs.size(); ++i)
{
- MemoryVector<byte> raw_cert = m_certs[i].BER_encode();
+ std::vector<byte> raw_cert = m_certs[i].BER_encode();
const size_t cert_size = raw_cert.size();
for(size_t i = 0; i != 3; ++i)
buf.push_back(get_byte<u32bit>(i+1, cert_size));
diff --git a/src/tls/cert_ver.cpp b/src/tls/cert_ver.cpp
index 0a377b35f..e6d90b060 100644
--- a/src/tls/cert_ver.cpp
+++ b/src/tls/cert_ver.cpp
@@ -33,7 +33,7 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
if(state->version() == Protocol_Version::SSL_V3)
{
- SecureVector<byte> md5_sha = state->hash.final_ssl3(
+ secure_vector<byte> md5_sha = state->hash.final_ssl3(
state->keys.master_secret());
if(priv_key->algo_name() == "DSA")
@@ -52,7 +52,7 @@ Certificate_Verify::Certificate_Verify(Record_Writer& writer,
/*
* Deserialize a Certificate Verify message
*/
-Certificate_Verify::Certificate_Verify(const MemoryRegion<byte>& buf,
+Certificate_Verify::Certificate_Verify(const std::vector<byte>& buf,
Protocol_Version version)
{
TLS_Data_Reader reader(buf);
@@ -69,9 +69,9 @@ Certificate_Verify::Certificate_Verify(const MemoryRegion<byte>& buf,
/*
* Serialize a Certificate Verify message
*/
-MemoryVector<byte> Certificate_Verify::serialize() const
+std::vector<byte> Certificate_Verify::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
if(hash_algo != "" && sig_algo != "")
{
@@ -102,7 +102,7 @@ bool Certificate_Verify::verify(const X509_Certificate& cert,
if(state->version() == Protocol_Version::SSL_V3)
{
- SecureVector<byte> md5_sha = state->hash.final_ssl3(
+ secure_vector<byte> md5_sha = state->hash.final_ssl3(
state->keys.master_secret());
return verifier.verify_message(&md5_sha[16], md5_sha.size()-16,
diff --git a/src/tls/finished.cpp b/src/tls/finished.cpp
index bb6e8d20e..c8ae4a343 100644
--- a/src/tls/finished.cpp
+++ b/src/tls/finished.cpp
@@ -18,7 +18,7 @@ namespace {
/*
* Compute the verify_data
*/
-MemoryVector<byte> finished_compute_verify(Handshake_State* state,
+std::vector<byte> finished_compute_verify(Handshake_State* state,
Connection_Side side)
{
if(state->version() == Protocol_Version::SSL_V3)
@@ -28,14 +28,14 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
Handshake_Hash hash = state->hash; // don't modify state
- MemoryVector<byte> ssl3_finished;
+ std::vector<byte> ssl3_finished;
if(side == CLIENT)
hash.update(SSL_CLIENT_LABEL, sizeof(SSL_CLIENT_LABEL));
else
hash.update(SSL_SERVER_LABEL, sizeof(SSL_SERVER_LABEL));
- return hash.final_ssl3(state->keys.master_secret());
+ return unlock(hash.final_ssl3(state->keys.master_secret()));
}
else
{
@@ -49,7 +49,7 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
std::unique_ptr<KDF> prf(state->protocol_specific_prf());
- MemoryVector<byte> input;
+ std::vector<byte> input;
if(side == CLIENT)
input += std::make_pair(TLS_CLIENT_LABEL, sizeof(TLS_CLIENT_LABEL));
else
@@ -57,7 +57,7 @@ MemoryVector<byte> finished_compute_verify(Handshake_State* state,
input += state->hash.final(state->version(), state->suite.mac_algo());
- return prf->derive_key(12, state->keys.master_secret(), input);
+ return unlock(prf->derive_key(12, state->keys.master_secret(), input));
}
}
@@ -77,7 +77,7 @@ Finished::Finished(Record_Writer& writer,
/*
* Serialize a Finished message
*/
-MemoryVector<byte> Finished::serialize() const
+std::vector<byte> Finished::serialize() const
{
return verification_data;
}
@@ -85,7 +85,7 @@ MemoryVector<byte> Finished::serialize() const
/*
* Deserialize a Finished message
*/
-Finished::Finished(const MemoryRegion<byte>& buf)
+Finished::Finished(const std::vector<byte>& buf)
{
verification_data = buf;
}
diff --git a/src/tls/hello_verify.cpp b/src/tls/hello_verify.cpp
index e844d7f72..c77076e4c 100644
--- a/src/tls/hello_verify.cpp
+++ b/src/tls/hello_verify.cpp
@@ -13,7 +13,7 @@ namespace Botan {
namespace TLS {
-Hello_Verify_Request::Hello_Verify_Request(const MemoryRegion<byte>& buf)
+Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& buf)
{
if(buf.size() < 3)
throw Decoding_Error("Hello verify request too small");
@@ -25,7 +25,7 @@ Hello_Verify_Request::Hello_Verify_Request(const MemoryRegion<byte>& buf)
copy_mem(&m_cookie[0], &buf[2], buf.size() - 2);
}
-Hello_Verify_Request::Hello_Verify_Request(const MemoryVector<byte>& client_hello_bits,
+Hello_Verify_Request::Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
const SymmetricKey& secret_key)
{
@@ -37,10 +37,10 @@ Hello_Verify_Request::Hello_Verify_Request(const MemoryVector<byte>& client_hell
hmac->update_be(client_identity.size());
hmac->update(client_identity);
- m_cookie = hmac->final();
+ m_cookie = unlock(hmac->final());
}
-MemoryVector<byte> Hello_Verify_Request::serialize() const
+std::vector<byte> Hello_Verify_Request::serialize() const
{
/* DTLS 1.2 server implementations SHOULD use DTLS version 1.0
regardless of the version of TLS that is expected to be
@@ -49,7 +49,7 @@ MemoryVector<byte> Hello_Verify_Request::serialize() const
Protocol_Version format_version(Protocol_Version::TLS_V11);
- MemoryVector<byte> bits;
+ std::vector<byte> bits;
bits.push_back(format_version.major_version());
bits.push_back(format_version.minor_version());
bits += m_cookie;
diff --git a/src/tls/next_protocol.cpp b/src/tls/next_protocol.cpp
index 17b77fb6e..adf9acbe9 100644
--- a/src/tls/next_protocol.cpp
+++ b/src/tls/next_protocol.cpp
@@ -22,7 +22,7 @@ Next_Protocol::Next_Protocol(Record_Writer& writer,
hash.update(writer.send(*this));
}
-Next_Protocol::Next_Protocol(const MemoryRegion<byte>& buf)
+Next_Protocol::Next_Protocol(const std::vector<byte>& buf)
{
TLS_Data_Reader reader(buf);
@@ -31,9 +31,9 @@ Next_Protocol::Next_Protocol(const MemoryRegion<byte>& buf)
reader.get_range_vector<byte>(1, 0, 255); // padding, ignored
}
-MemoryVector<byte> Next_Protocol::serialize() const
+std::vector<byte> Next_Protocol::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
append_tls_length_value(buf,
reinterpret_cast<const byte*>(m_protocol.data()),
diff --git a/src/tls/rec_read.cpp b/src/tls/rec_read.cpp
index b240f4703..4a1d6aac1 100644
--- a/src/tls/rec_read.cpp
+++ b/src/tls/rec_read.cpp
@@ -165,7 +165,7 @@ size_t Record_Reader::fill_buffer_to(const byte*& input,
size_t Record_Reader::add_input(const byte input_array[], size_t input_sz,
size_t& consumed,
byte& msg_type,
- MemoryVector<byte>& msg)
+ std::vector<byte>& msg)
{
const byte* input = &input_array[0];
@@ -333,7 +333,7 @@ size_t Record_Reader::add_input(const byte input_array[], size_t input_sz,
++m_seq_no;
- m_mac->final(m_macbuf);
+ m_mac->final(&m_macbuf[0]);
const size_t mac_offset = record_len - (m_macbuf.size() + pad_size);
diff --git a/src/tls/rec_wri.cpp b/src/tls/rec_wri.cpp
index 3a54d7931..63383f85e 100644
--- a/src/tls/rec_wri.cpp
+++ b/src/tls/rec_wri.cpp
@@ -146,10 +146,10 @@ void Record_Writer::activate(Connection_Side side,
throw Invalid_Argument("Record_Writer: Unknown hash " + mac_algo);
}
-MemoryVector<byte> Record_Writer::send(Handshake_Message& msg)
+std::vector<byte> Record_Writer::send(Handshake_Message& msg)
{
- const MemoryVector<byte> buf = msg.serialize();
- MemoryVector<byte> send_buf(4);
+ const std::vector<byte> buf = msg.serialize();
+ std::vector<byte> send_buf(4);
const size_t buf_size = buf.size();
diff --git a/src/tls/s_hello.cpp b/src/tls/s_hello.cpp
index 1244dd2d8..d4cc4a1ab 100644
--- a/src/tls/s_hello.cpp
+++ b/src/tls/s_hello.cpp
@@ -21,13 +21,13 @@ namespace TLS {
*/
Server_Hello::Server_Hello(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& session_id,
+ const std::vector<byte>& session_id,
Protocol_Version ver,
u16bit ciphersuite,
byte compression,
size_t max_fragment_size,
bool client_has_secure_renegotiation,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool offer_session_ticket,
bool client_has_npn,
const std::vector<std::string>& next_protocols,
@@ -53,7 +53,7 @@ Server_Hello::Server_Hello(Record_Writer& writer,
/*
* Deserialize a Server Hello message
*/
-Server_Hello::Server_Hello(const MemoryRegion<byte>& buf)
+Server_Hello::Server_Hello(const std::vector<byte>& buf)
{
m_secure_renegotiation = false;
m_supports_session_ticket = false;
@@ -118,9 +118,9 @@ Server_Hello::Server_Hello(const MemoryRegion<byte>& buf)
/*
* Serialize a Server Hello message
*/
-MemoryVector<byte> Server_Hello::serialize() const
+std::vector<byte> Server_Hello::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
buf.push_back(m_version.major_version());
buf.push_back(m_version.minor_version());
@@ -167,7 +167,7 @@ Server_Hello_Done::Server_Hello_Done(Record_Writer& writer,
/*
* Deserialize a Server Hello Done message
*/
-Server_Hello_Done::Server_Hello_Done(const MemoryRegion<byte>& buf)
+Server_Hello_Done::Server_Hello_Done(const std::vector<byte>& buf)
{
if(buf.size())
throw Decoding_Error("Server_Hello_Done: Must be empty, and is not");
@@ -176,9 +176,9 @@ Server_Hello_Done::Server_Hello_Done(const MemoryRegion<byte>& buf)
/*
* Serialize a Server Hello Done message
*/
-MemoryVector<byte> Server_Hello_Done::serialize() const
+std::vector<byte> Server_Hello_Done::serialize() const
{
- return MemoryVector<byte>();
+ return std::vector<byte>();
}
}
diff --git a/src/tls/s_kex.cpp b/src/tls/s_kex.cpp
index 34cd872ac..d28b44857 100644
--- a/src/tls/s_kex.cpp
+++ b/src/tls/s_kex.cpp
@@ -95,7 +95,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
std::string group_id;
BigInt v;
- MemoryVector<byte> salt;
+ std::vector<byte> salt;
const bool found = creds.srp_verifier("tls-server", hostname,
srp_identifier,
@@ -142,7 +142,7 @@ Server_Key_Exchange::Server_Key_Exchange(Record_Writer& writer,
/**
* Deserialize a Server Key Exchange message
*/
-Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
+Server_Key_Exchange::Server_Key_Exchange(const std::vector<byte>& buf,
const std::string& kex_algo,
const std::string& sig_algo,
Protocol_Version version) :
@@ -186,7 +186,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
const std::string name = Supported_Elliptic_Curves::curve_id_to_name(curve_id);
- MemoryVector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> ecdh_key = reader.get_range<byte>(1, 1, 255);
if(name == "")
throw Decoding_Error("Server_Key_Exchange: Server sent unknown named curve " +
@@ -203,7 +203,7 @@ Server_Key_Exchange::Server_Key_Exchange(const MemoryRegion<byte>& buf,
const BigInt N = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
const BigInt g = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
- MemoryVector<byte> salt = reader.get_range<byte>(1, 1, 255);
+ std::vector<byte> salt = reader.get_range<byte>(1, 1, 255);
const BigInt B = BigInt::decode(reader.get_range<byte>(2, 1, 65535));
append_tls_length_value(m_params, BigInt::encode(N), 2);
@@ -236,9 +236,9 @@ Server_Key_Exchange::~Server_Key_Exchange()
/**
* Serialize a Server Key Exchange message
*/
-MemoryVector<byte> Server_Key_Exchange::serialize() const
+std::vector<byte> Server_Key_Exchange::serialize() const
{
- MemoryVector<byte> buf = params();
+ std::vector<byte> buf = params();
if(m_signature.size())
{
diff --git a/src/tls/session_ticket.cpp b/src/tls/session_ticket.cpp
index 273996a16..8cee2a454 100644
--- a/src/tls/session_ticket.cpp
+++ b/src/tls/session_ticket.cpp
@@ -17,7 +17,7 @@ namespace TLS {
New_Session_Ticket::New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
u32bit lifetime) :
m_ticket_lifetime_hint(lifetime),
m_ticket(ticket)
@@ -32,7 +32,7 @@ New_Session_Ticket::New_Session_Ticket(Record_Writer& writer,
hash.update(writer.send(*this));
}
-New_Session_Ticket::New_Session_Ticket(const MemoryRegion<byte>& buf) :
+New_Session_Ticket::New_Session_Ticket(const std::vector<byte>& buf) :
m_ticket_lifetime_hint(0)
{
if(buf.size() < 6)
@@ -44,9 +44,9 @@ New_Session_Ticket::New_Session_Ticket(const MemoryRegion<byte>& buf) :
m_ticket = reader.get_range<byte>(2, 0, 65535);
}
-MemoryVector<byte> New_Session_Ticket::serialize() const
+std::vector<byte> New_Session_Ticket::serialize() const
{
- MemoryVector<byte> buf(4);
+ std::vector<byte> buf(4);
store_be(m_ticket_lifetime_hint, &buf[0]);
append_tls_length_value(buf, m_ticket, 2);
return buf;
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
index f4d0e1034..b6aaa3498 100644
--- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
+++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.cpp
@@ -53,7 +53,7 @@ class sqlite3_statement
bind(column, timeval);
}
- void bind(int column, const MemoryRegion<byte>& val)
+ void bind(int column, const std::vector<byte>& val)
{
int rc = sqlite3_bind_blob(m_stmt, column, &val[0], val.size(), SQLITE_TRANSIENT);
if(rc != SQLITE_OK)
@@ -137,7 +137,7 @@ SymmetricKey derive_key(const std::string& passphrase,
{
std::unique_ptr<PBKDF> pbkdf(get_pbkdf("PBKDF2(SHA-512)"));
- SecureVector<byte> x = pbkdf->derive_key(32 + 3,
+ std::vector<byte> x = pbkdf->derive_key(32 + 3,
passphrase,
salt, salt_len,
iterations).bits_of();
@@ -217,7 +217,7 @@ Session_Manager_SQLite::Session_Manager_SQLite(const std::string& passphrase,
// new database case
- MemoryVector<byte> salt = rng.random_vec(16);
+ std::vector<byte> salt = rng.random_vec(16);
const size_t iterations = 64 * 1024;
size_t check_val = 0;
@@ -240,7 +240,7 @@ Session_Manager_SQLite::~Session_Manager_SQLite()
sqlite3_close(m_db);
}
-bool Session_Manager_SQLite::load_from_session_id(const MemoryRegion<byte>& session_id,
+bool Session_Manager_SQLite::load_from_session_id(const std::vector<byte>& session_id,
Session& session)
{
sqlite3_statement stmt(m_db, "select session from tls_sessions where session_id = ?1");
@@ -300,7 +300,7 @@ bool Session_Manager_SQLite::load_from_host_info(const std::string& hostname,
return false;
}
-void Session_Manager_SQLite::remove_entry(const MemoryRegion<byte>& session_id)
+void Session_Manager_SQLite::remove_entry(const std::vector<byte>& session_id)
{
sqlite3_statement stmt(m_db, "delete from tls_sessions where session_id = ?1");
diff --git a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
index cac7affd0..923915496 100644
--- a/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
+++ b/src/tls/sessions_sqlite/tls_sqlite_sess_mgr.h
@@ -40,13 +40,13 @@ class BOTAN_DLL Session_Manager_SQLite : public Session_Manager
~Session_Manager_SQLite();
- bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ bool load_from_session_id(const std::vector<byte>& session_id,
Session& session);
bool load_from_host_info(const std::string& hostname, u16bit port,
Session& session);
- void remove_entry(const MemoryRegion<byte>& session_id);
+ void remove_entry(const std::vector<byte>& session_id);
void save(const Session& session_data);
diff --git a/src/tls/tls_alert.cpp b/src/tls/tls_alert.cpp
index dee082bac..5bc2e7484 100644
--- a/src/tls/tls_alert.cpp
+++ b/src/tls/tls_alert.cpp
@@ -12,7 +12,7 @@ namespace Botan {
namespace TLS {
-Alert::Alert(const MemoryRegion<byte>& buf)
+Alert::Alert(const std::vector<byte>& buf)
{
if(buf.size() != 2)
throw Decoding_Error("Alert: Bad size " + std::to_string(buf.size()) +
diff --git a/src/tls/tls_alert.h b/src/tls/tls_alert.h
index 3dfff3d29..b3001f259 100644
--- a/src/tls/tls_alert.h
+++ b/src/tls/tls_alert.h
@@ -82,7 +82,7 @@ class BOTAN_DLL Alert
* Deserialize an Alert message
* @param buf the serialized alert
*/
- Alert(const MemoryRegion<byte>& buf);
+ Alert(const std::vector<byte>& buf);
Alert(Type alert_type, bool is_fatal = false) :
fatal(is_fatal), type_code(alert_type) {}
diff --git a/src/tls/tls_channel.cpp b/src/tls/tls_channel.cpp
index 7a66eb946..ff6722b5e 100644
--- a/src/tls/tls_channel.cpp
+++ b/src/tls/tls_channel.cpp
@@ -43,7 +43,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
while(buf_size)
{
byte rec_type = CONNECTION_CLOSED;
- MemoryVector<byte> record;
+ std::vector<byte> record;
size_t consumed = 0;
const size_t needed = reader.add_input(buf, buf_size,
@@ -67,12 +67,12 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
{
Heartbeat_Message heartbeat(record);
- const MemoryRegion<byte>& payload = heartbeat.payload();
+ const std::vector<byte>& payload = heartbeat.payload();
if(heartbeat.is_request() && !state)
{
Heartbeat_Message response(Heartbeat_Message::RESPONSE,
- payload, payload.size());
+ &payload[0], payload.size());
writer.send(HEARTBEAT, response.contents());
}
@@ -159,7 +159,7 @@ size_t Channel::received_data(const byte buf[], size_t buf_size)
* Split up and process handshake messages
*/
void Channel::read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf)
+ const std::vector<byte>& rec_buf)
{
if(rec_type == HANDSHAKE)
{
@@ -178,7 +178,7 @@ void Channel::read_handshake(byte rec_type,
{
if(state->handshake_reader()->have_full_record())
{
- std::pair<Handshake_Type, MemoryVector<byte> > msg =
+ std::pair<Handshake_Type, std::vector<byte> > msg =
state->handshake_reader()->get_next_record();
process_handshake_msg(msg.first, msg.second);
}
@@ -188,7 +188,7 @@ void Channel::read_handshake(byte rec_type,
else if(rec_type == CHANGE_CIPHER_SPEC)
{
if(state->handshake_reader()->empty() && rec_buf.size() == 1 && rec_buf[0] == 1)
- process_handshake_msg(HANDSHAKE_CCS, MemoryVector<byte>());
+ process_handshake_msg(HANDSHAKE_CCS, std::vector<byte>());
else
throw Decoding_Error("Malformed ChangeCipherSpec message");
}
@@ -259,7 +259,7 @@ void Channel::Secure_Renegotiation_State::update(Client_Hello* client_hello)
if(client_hello->secure_renegotiation())
{
- const MemoryVector<byte>& data = client_hello->renegotiation_info();
+ const std::vector<byte>& data = client_hello->renegotiation_info();
if(initial_handshake)
{
@@ -294,7 +294,7 @@ void Channel::Secure_Renegotiation_State::update(Server_Hello* server_hello)
if(secure_renegotiation)
{
- const MemoryVector<byte>& data = server_hello->renegotiation_info();
+ const std::vector<byte>& data = server_hello->renegotiation_info();
if(initial_handshake)
{
diff --git a/src/tls/tls_channel.h b/src/tls/tls_channel.h
index d1131460b..46dafc416 100644
--- a/src/tls/tls_channel.h
+++ b/src/tls/tls_channel.h
@@ -92,10 +92,10 @@ class BOTAN_DLL Channel
void send_alert(const Alert& alert);
virtual void read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf);
+ const std::vector<byte>& rec_buf);
virtual void process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents) = 0;
+ const std::vector<byte>& contents) = 0;
virtual void alert_notify(const Alert& alert) = 0;
@@ -122,12 +122,12 @@ class BOTAN_DLL Channel
void update(class Finished* client_finished,
class Finished* server_finished);
- const MemoryVector<byte>& for_client_hello() const
+ const std::vector<byte>& for_client_hello() const
{ return client_verify; }
- MemoryVector<byte> for_server_hello() const
+ std::vector<byte> for_server_hello() const
{
- MemoryVector<byte> buf = client_verify;
+ std::vector<byte> buf = client_verify;
buf += server_verify;
return buf;
}
@@ -137,7 +137,7 @@ class BOTAN_DLL Channel
private:
bool initial_handshake;
bool secure_renegotiation;
- MemoryVector<byte> client_verify, server_verify;
+ std::vector<byte> client_verify, server_verify;
};
Secure_Renegotiation_State secure_renegotiation;
diff --git a/src/tls/tls_client.cpp b/src/tls/tls_client.cpp
index dd17db2cf..feb9ef85f 100644
--- a/src/tls/tls_client.cpp
+++ b/src/tls/tls_client.cpp
@@ -141,7 +141,7 @@ void Client::alert_notify(const Alert& alert)
* Process a handshake message
*/
void Client::process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents)
+ const std::vector<byte>& contents)
{
if(state == 0)
throw Unexpected_Message("Unexpected handshake message from server");
@@ -446,9 +446,9 @@ void Client::process_handshake_msg(Handshake_Type type,
secure_renegotiation.update(state->client_finished, state->server_finished);
- MemoryVector<byte> session_id = state->server_hello->session_id();
+ std::vector<byte> session_id = state->server_hello->session_id();
- const MemoryRegion<byte>& session_ticket = state->session_ticket();
+ const std::vector<byte>& session_ticket = state->session_ticket();
if(session_id.empty() && !session_ticket.empty())
session_id = make_hello_random(rng);
diff --git a/src/tls/tls_client.h b/src/tls/tls_client.h
index 297c5f611..2844780bd 100644
--- a/src/tls/tls_client.h
+++ b/src/tls/tls_client.h
@@ -56,7 +56,7 @@ class BOTAN_DLL Client : public Channel
void renegotiate(bool force_full_renegotiation);
private:
void process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents);
+ const std::vector<byte>& contents) override;
void alert_notify(const Alert& alert);
diff --git a/src/tls/tls_extensions.cpp b/src/tls/tls_extensions.cpp
index 6d69bfb9b..0f4e3176e 100644
--- a/src/tls/tls_extensions.cpp
+++ b/src/tls/tls_extensions.cpp
@@ -81,9 +81,9 @@ Extensions::Extensions(TLS_Data_Reader& reader)
}
}
-MemoryVector<byte> Extensions::serialize() const
+std::vector<byte> Extensions::serialize() const
{
- MemoryVector<byte> buf(2); // 2 bytes for length field
+ std::vector<byte> buf(2); // 2 bytes for length field
for(std::map<Handshake_Extension_Type, Extension*>::const_iterator i = extensions.begin();
i != extensions.end(); ++i)
@@ -93,7 +93,7 @@ MemoryVector<byte> Extensions::serialize() const
const u16bit extn_code = i->second->type();
- MemoryVector<byte> extn_val = i->second->serialize();
+ std::vector<byte> extn_val = i->second->serialize();
buf.push_back(get_byte(0, extn_code));
buf.push_back(get_byte(1, extn_code));
@@ -111,7 +111,7 @@ MemoryVector<byte> Extensions::serialize() const
// avoid sending a completely empty extensions block
if(buf.size() == 2)
- return MemoryVector<byte>();
+ return std::vector<byte>();
return buf;
}
@@ -159,9 +159,9 @@ Server_Name_Indicator::Server_Name_Indicator(TLS_Data_Reader& reader,
}
}
-MemoryVector<byte> Server_Name_Indicator::serialize() const
+std::vector<byte> Server_Name_Indicator::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
size_t name_len = sni_host_name.size();
@@ -188,9 +188,9 @@ SRP_Identifier::SRP_Identifier(TLS_Data_Reader& reader,
throw Decoding_Error("Bad encoding for SRP identifier extension");
}
-MemoryVector<byte> SRP_Identifier::serialize() const
+std::vector<byte> SRP_Identifier::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
const byte* srp_bytes =
reinterpret_cast<const byte*>(srp_identifier.data());
@@ -209,9 +209,9 @@ Renegotation_Extension::Renegotation_Extension(TLS_Data_Reader& reader,
throw Decoding_Error("Bad encoding for secure renegotiation extn");
}
-MemoryVector<byte> Renegotation_Extension::serialize() const
+std::vector<byte> Renegotation_Extension::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
append_tls_length_value(buf, reneg_data, 1);
return buf;
}
@@ -279,9 +279,9 @@ Next_Protocol_Notification::Next_Protocol_Notification(TLS_Data_Reader& reader,
}
}
-MemoryVector<byte> Next_Protocol_Notification::serialize() const
+std::vector<byte> Next_Protocol_Notification::serialize() const
{
- MemoryVector<byte> buf;
+ std::vector<byte> buf;
for(size_t i = 0; i != m_protocols.size(); ++i)
{
@@ -356,9 +356,9 @@ u16bit Supported_Elliptic_Curves::name_to_curve_id(const std::string& name)
throw Invalid_Argument("name_to_curve_id unknown name " + name);
}
-MemoryVector<byte> Supported_Elliptic_Curves::serialize() const
+std::vector<byte> Supported_Elliptic_Curves::serialize() const
{
- MemoryVector<byte> buf(2);
+ std::vector<byte> buf(2);
for(size_t i = 0; i != m_curves.size(); ++i)
{
@@ -466,9 +466,9 @@ byte Signature_Algorithms::sig_algo_code(const std::string& name)
throw Internal_Error("Unknown sig ID " + name + " for signature_algorithms");
}
-MemoryVector<byte> Signature_Algorithms::serialize() const
+std::vector<byte> Signature_Algorithms::serialize() const
{
- MemoryVector<byte> buf(2);
+ std::vector<byte> buf(2);
for(size_t i = 0; i != m_supported_algos.size(); ++i)
{
@@ -516,7 +516,7 @@ Signature_Algorithms::Signature_Algorithms(TLS_Data_Reader& reader,
Session_Ticket::Session_Ticket(TLS_Data_Reader& reader,
u16bit extension_size)
{
- m_ticket = reader.get_elem<byte, MemoryVector<byte> >(extension_size);
+ m_ticket = reader.get_elem<byte, std::vector<byte> >(extension_size);
}
}
diff --git a/src/tls/tls_extensions.h b/src/tls/tls_extensions.h
index 3fe3f7399..885851c95 100644
--- a/src/tls/tls_extensions.h
+++ b/src/tls/tls_extensions.h
@@ -49,7 +49,7 @@ class Extension
public:
virtual Handshake_Extension_Type type() const = 0;
- virtual MemoryVector<byte> serialize() const = 0;
+ virtual std::vector<byte> serialize() const = 0;
virtual bool empty() const = 0;
@@ -75,7 +75,7 @@ class Server_Name_Indicator : public Extension
std::string host_name() const { return sni_host_name; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return sni_host_name == ""; }
private:
@@ -101,7 +101,7 @@ class SRP_Identifier : public Extension
std::string identifier() const { return srp_identifier; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return srp_identifier == ""; }
private:
@@ -121,20 +121,20 @@ class Renegotation_Extension : public Extension
Renegotation_Extension() {}
- Renegotation_Extension(const MemoryRegion<byte>& bits) :
+ Renegotation_Extension(const std::vector<byte>& bits) :
reneg_data(bits) {}
Renegotation_Extension(TLS_Data_Reader& reader,
u16bit extension_size);
- const MemoryVector<byte>& renegotiation_info() const
+ const std::vector<byte>& renegotiation_info() const
{ return reneg_data; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; } // always send this
private:
- MemoryVector<byte> reneg_data;
+ std::vector<byte> reneg_data;
};
/**
@@ -152,9 +152,9 @@ class Maximum_Fragment_Length : public Extension
size_t fragment_size() const;
- MemoryVector<byte> serialize() const
+ std::vector<byte> serialize() const
{
- return MemoryVector<byte>(&val, 1);
+ return std::vector<byte>(1, val);
}
/**
@@ -204,7 +204,7 @@ class Next_Protocol_Notification : public Extension
Next_Protocol_Notification(TLS_Data_Reader& reader,
u16bit extension_size);
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
private:
@@ -219,7 +219,7 @@ class Session_Ticket : public Extension
Handshake_Extension_Type type() const { return static_type(); }
- const MemoryVector<byte>& contents() const { return m_ticket; }
+ const std::vector<byte>& contents() const { return m_ticket; }
/**
* Create empty extension, used by both client and server
@@ -229,7 +229,7 @@ class Session_Ticket : public Extension
/**
* Extension with ticket, used by client
*/
- Session_Ticket(const MemoryRegion<byte>& session_ticket) :
+ Session_Ticket(const std::vector<byte>& session_ticket) :
m_ticket(session_ticket) {}
/**
@@ -237,11 +237,11 @@ class Session_Ticket : public Extension
*/
Session_Ticket(TLS_Data_Reader& reader, u16bit extension_size);
- MemoryVector<byte> serialize() const { return m_ticket; }
+ std::vector<byte> serialize() const { return m_ticket; }
bool empty() const { return false; }
private:
- MemoryVector<byte> m_ticket;
+ std::vector<byte> m_ticket;
};
/**
@@ -260,7 +260,7 @@ class Supported_Elliptic_Curves : public Extension
const std::vector<std::string>& curves() const { return m_curves; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Supported_Elliptic_Curves(const std::vector<std::string>& curves) :
m_curves(curves) {}
@@ -296,7 +296,7 @@ class Signature_Algorithms : public Extension
return m_supported_algos;
}
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
@@ -322,7 +322,7 @@ class Heartbeat_Support_Indicator : public Extension
bool peer_allowed_to_send() const { return m_peer_allowed_to_send; }
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
bool empty() const { return false; }
@@ -360,7 +360,7 @@ class Extensions
extensions[extn->type()] = extn;
}
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Extensions() {}
diff --git a/src/tls/tls_handshake_hash.cpp b/src/tls/tls_handshake_hash.cpp
index 02516632e..df956e7bb 100644
--- a/src/tls/tls_handshake_hash.cpp
+++ b/src/tls/tls_handshake_hash.cpp
@@ -16,7 +16,7 @@ namespace Botan {
namespace TLS {
void Handshake_Hash::update(Handshake_Type handshake_type,
- const MemoryRegion<byte>& handshake_msg)
+ const std::vector<byte>& handshake_msg)
{
update(static_cast<byte>(handshake_type));
@@ -30,7 +30,7 @@ void Handshake_Hash::update(Handshake_Type handshake_type,
/**
* Return a TLS Handshake Hash
*/
-SecureVector<byte> Handshake_Hash::final(Protocol_Version version,
+secure_vector<byte> Handshake_Hash::final(Protocol_Version version,
const std::string& mac_algo)
{
Algorithm_Factory& af = global_state().algorithm_factory();
@@ -59,7 +59,7 @@ SecureVector<byte> Handshake_Hash::final(Protocol_Version version,
/**
* Return a SSLv3 Handshake Hash
*/
-SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
+secure_vector<byte> Handshake_Hash::final_ssl3(const secure_vector<byte>& secret)
{
const byte PAD_INNER = 0x36, PAD_OUTER = 0x5C;
@@ -79,7 +79,7 @@ SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
for(size_t i = 0; i != 40; ++i)
sha1->update(PAD_INNER);
- SecureVector<byte> inner_md5 = md5->final(), inner_sha1 = sha1->final();
+ secure_vector<byte> inner_md5 = md5->final(), inner_sha1 = sha1->final();
md5->update(secret);
sha1->update(secret);
@@ -92,7 +92,7 @@ SecureVector<byte> Handshake_Hash::final_ssl3(const MemoryRegion<byte>& secret)
md5->update(inner_md5);
sha1->update(inner_sha1);
- SecureVector<byte> output;
+ secure_vector<byte> output;
output += md5->final();
output += sha1->final();
return output;
diff --git a/src/tls/tls_handshake_hash.h b/src/tls/tls_handshake_hash.h
index c13f97aa8..02943977f 100644
--- a/src/tls/tls_handshake_hash.h
+++ b/src/tls/tls_handshake_hash.h
@@ -27,25 +27,28 @@ class Handshake_Hash
void update(const byte in[], size_t length)
{ data += std::make_pair(in, length); }
- void update(const MemoryRegion<byte>& in)
+ void update(const secure_vector<byte>& in)
+ { data += in; }
+
+ void update(const std::vector<byte>& in)
{ data += in; }
void update(byte in)
{ data.push_back(in); }
void update(Handshake_Type handshake_type,
- const MemoryRegion<byte>& handshake_msg);
+ const std::vector<byte>& handshake_msg);
- SecureVector<byte> final(Protocol_Version version,
+ secure_vector<byte> final(Protocol_Version version,
const std::string& mac_algo);
- SecureVector<byte> final_ssl3(const MemoryRegion<byte>& master_secret);
+ secure_vector<byte> final_ssl3(const secure_vector<byte>& master_secret);
- const SecureVector<byte>& get_contents() const
+ const secure_vector<byte>& get_contents() const
{ return data; }
private:
- SecureVector<byte> data;
+ secure_vector<byte> data;
};
}
diff --git a/src/tls/tls_handshake_reader.cpp b/src/tls/tls_handshake_reader.cpp
index 8278a2296..a3fe48f71 100644
--- a/src/tls/tls_handshake_reader.cpp
+++ b/src/tls/tls_handshake_reader.cpp
@@ -38,7 +38,7 @@ bool Stream_Handshake_Reader::have_full_record() const
return false;
}
-std::pair<Handshake_Type, MemoryVector<byte> > Stream_Handshake_Reader::get_next_record()
+std::pair<Handshake_Type, std::vector<byte> > Stream_Handshake_Reader::get_next_record()
{
if(m_queue.size() >= 4)
{
@@ -50,7 +50,7 @@ std::pair<Handshake_Type, MemoryVector<byte> > Stream_Handshake_Reader::get_next
if(m_queue.size() >= length + 4)
{
Handshake_Type type = static_cast<Handshake_Type>(head[0]);
- MemoryVector<byte> contents(length);
+ std::vector<byte> contents(length);
m_queue.read(head, 4); // discard
m_queue.read(&contents[0], contents.size());
diff --git a/src/tls/tls_handshake_reader.h b/src/tls/tls_handshake_reader.h
index 06a273ced..618e1878a 100644
--- a/src/tls/tls_handshake_reader.h
+++ b/src/tls/tls_handshake_reader.h
@@ -29,7 +29,7 @@ class Handshake_Reader
virtual bool have_full_record() const = 0;
- virtual std::pair<Handshake_Type, MemoryVector<byte> > get_next_record() = 0;
+ virtual std::pair<Handshake_Type, std::vector<byte> > get_next_record() = 0;
virtual ~Handshake_Reader() {}
};
@@ -46,7 +46,7 @@ class Stream_Handshake_Reader : public Handshake_Reader
bool have_full_record() const;
- std::pair<Handshake_Type, MemoryVector<byte> > get_next_record();
+ std::pair<Handshake_Type, std::vector<byte> > get_next_record();
private:
SecureQueue m_queue;
};
diff --git a/src/tls/tls_handshake_state.cpp b/src/tls/tls_handshake_state.cpp
index f5a9f899c..b8f3125c8 100644
--- a/src/tls/tls_handshake_state.cpp
+++ b/src/tls/tls_handshake_state.cpp
@@ -154,7 +154,7 @@ std::string Handshake_State::srp_identifier() const
return "";
}
-const MemoryRegion<byte>& Handshake_State::session_ticket() const
+const std::vector<byte>& Handshake_State::session_ticket() const
{
if(new_session_ticket && !new_session_ticket->ticket().empty())
return new_session_ticket->ticket();
diff --git a/src/tls/tls_handshake_state.h b/src/tls/tls_handshake_state.h
index 364c715f8..ef8b4ee8f 100644
--- a/src/tls/tls_handshake_state.h
+++ b/src/tls/tls_handshake_state.h
@@ -37,7 +37,7 @@ class Handshake_State
void confirm_transition_to(Handshake_Type handshake_msg);
void set_expected_next(Handshake_Type handshake_msg);
- const MemoryRegion<byte>& session_ticket() const;
+ const std::vector<byte>& session_ticket() const;
std::pair<std::string, Signature_Format>
understand_sig_format(const Public_Key* key,
@@ -86,7 +86,7 @@ class Handshake_State
/*
* Only used by clients for session resumption
*/
- SecureVector<byte> resume_master_secret;
+ secure_vector<byte> resume_master_secret;
/*
*
diff --git a/src/tls/tls_heartbeats.cpp b/src/tls/tls_heartbeats.cpp
index 059772d34..8c129858e 100644
--- a/src/tls/tls_heartbeats.cpp
+++ b/src/tls/tls_heartbeats.cpp
@@ -14,7 +14,7 @@ namespace Botan {
namespace TLS {
-Heartbeat_Message::Heartbeat_Message(const MemoryRegion<byte>& buf)
+Heartbeat_Message::Heartbeat_Message(const std::vector<byte>& buf)
{
TLS_Data_Reader reader(buf);
@@ -35,13 +35,13 @@ Heartbeat_Message::Heartbeat_Message(Type type,
const byte payload[],
size_t payload_len) :
m_type(type),
- m_payload(payload, payload_len)
+ m_payload(payload, payload + payload_len)
{
}
-MemoryVector<byte> Heartbeat_Message::contents() const
+std::vector<byte> Heartbeat_Message::contents() const
{
- MemoryVector<byte> send_buf(3 + m_payload.size() + 16);
+ std::vector<byte> send_buf(3 + m_payload.size() + 16);
send_buf[0] = m_type;
send_buf[1] = get_byte<u16bit>(0, m_payload.size());
send_buf[2] = get_byte<u16bit>(1, m_payload.size());
@@ -51,9 +51,9 @@ MemoryVector<byte> Heartbeat_Message::contents() const
return send_buf;
}
-MemoryVector<byte> Heartbeat_Support_Indicator::serialize() const
+std::vector<byte> Heartbeat_Support_Indicator::serialize() const
{
- MemoryVector<byte> heartbeat(1);
+ std::vector<byte> heartbeat(1);
heartbeat[0] = (m_peer_allowed_to_send ? 1 : 2);
return heartbeat;
}
diff --git a/src/tls/tls_heartbeats.h b/src/tls/tls_heartbeats.h
index 4fa49501b..f3cc9ec68 100644
--- a/src/tls/tls_heartbeats.h
+++ b/src/tls/tls_heartbeats.h
@@ -19,18 +19,18 @@ class Heartbeat_Message
public:
enum Type { REQUEST = 1, RESPONSE = 2 };
- MemoryVector<byte> contents() const;
+ std::vector<byte> contents() const;
- const MemoryRegion<byte>& payload() const { return m_payload; }
+ const std::vector<byte>& payload() const { return m_payload; }
bool is_request() const { return m_type == REQUEST; }
- Heartbeat_Message(const MemoryRegion<byte>& buf);
+ Heartbeat_Message(const std::vector<byte>& buf);
Heartbeat_Message(Type type, const byte payload[], size_t payload_len);
private:
Type m_type;
- MemoryVector<byte> m_payload;
+ std::vector<byte> m_payload;
};
}
diff --git a/src/tls/tls_messages.h b/src/tls/tls_messages.h
index d9146dda1..e3bdaa6a0 100644
--- a/src/tls/tls_messages.h
+++ b/src/tls/tls_messages.h
@@ -34,7 +34,7 @@ class Record_Reader;
class Handshake_Message
{
public:
- virtual MemoryVector<byte> serialize() const = 0;
+ virtual std::vector<byte> serialize() const = 0;
virtual Handshake_Type type() const = 0;
Handshake_Message() {}
@@ -44,7 +44,7 @@ class Handshake_Message
Handshake_Message& operator=(const Handshake_Message&) { return (*this); }
};
-MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng);
+std::vector<byte> make_hello_random(RandomNumberGenerator& rng);
/**
* DTLS Hello Verify Request
@@ -52,18 +52,18 @@ MemoryVector<byte> make_hello_random(RandomNumberGenerator& rng);
class Hello_Verify_Request : public Handshake_Message
{
public:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Handshake_Type type() const { return HELLO_VERIFY_REQUEST; }
- MemoryVector<byte> cookie() const { return m_cookie; }
+ std::vector<byte> cookie() const { return m_cookie; }
- Hello_Verify_Request(const MemoryRegion<byte>& buf);
+ Hello_Verify_Request(const std::vector<byte>& buf);
- Hello_Verify_Request(const MemoryVector<byte>& client_hello_bits,
+ Hello_Verify_Request(const std::vector<byte>& client_hello_bits,
const std::string& client_identity,
const SymmetricKey& secret_key);
private:
- MemoryVector<byte> m_cookie;
+ std::vector<byte> m_cookie;
};
/**
@@ -76,7 +76,7 @@ class Client_Hello : public Handshake_Message
Protocol_Version version() const { return m_version; }
- const MemoryVector<byte>& session_id() const { return m_session_id; }
+ const std::vector<byte>& session_id() const { return m_session_id; }
const std::vector<std::pair<std::string, std::string> >& supported_algos() const
{ return m_supported_algos; }
@@ -87,7 +87,7 @@ class Client_Hello : public Handshake_Message
std::vector<u16bit> ciphersuites() const { return m_suites; }
std::vector<byte> compression_methods() const { return m_comp_methods; }
- const MemoryVector<byte>& random() const { return m_random; }
+ const std::vector<byte>& random() const { return m_random; }
std::string sni_hostname() const { return m_hostname; }
@@ -95,7 +95,7 @@ class Client_Hello : public Handshake_Message
bool secure_renegotiation() const { return m_secure_renegotiation; }
- const MemoryVector<byte>& renegotiation_info()
+ const std::vector<byte>& renegotiation_info()
{ return m_renegotiation_info; }
bool offered_suite(u16bit ciphersuite) const;
@@ -106,7 +106,7 @@ class Client_Hello : public Handshake_Message
bool supports_session_ticket() const { return m_supports_session_ticket; }
- const MemoryRegion<byte>& session_ticket() const
+ const std::vector<byte>& session_ticket() const
{ return m_session_ticket; }
bool supports_heartbeats() const { return m_supports_heartbeats; }
@@ -117,7 +117,7 @@ class Client_Hello : public Handshake_Message
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool next_protocol = false,
const std::string& hostname = "",
const std::string& srp_identifier = "");
@@ -126,20 +126,20 @@ class Client_Hello : public Handshake_Message
Handshake_Hash& hash,
const Policy& policy,
RandomNumberGenerator& rng,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
const Session& resumed_session,
bool next_protocol = false);
- Client_Hello(const MemoryRegion<byte>& buf,
+ Client_Hello(const std::vector<byte>& buf,
Handshake_Type type);
private:
- MemoryVector<byte> serialize() const;
- void deserialize(const MemoryRegion<byte>& buf);
- void deserialize_sslv2(const MemoryRegion<byte>& buf);
+ std::vector<byte> serialize() const;
+ void deserialize(const std::vector<byte>& buf);
+ void deserialize_sslv2(const std::vector<byte>& buf);
Protocol_Version m_version;
- MemoryVector<byte> m_session_id, m_random;
+ std::vector<byte> m_session_id, m_random;
std::vector<u16bit> m_suites;
std::vector<byte> m_comp_methods;
std::string m_hostname;
@@ -148,13 +148,13 @@ class Client_Hello : public Handshake_Message
size_t m_fragment_size;
bool m_secure_renegotiation;
- MemoryVector<byte> m_renegotiation_info;
+ std::vector<byte> m_renegotiation_info;
std::vector<std::pair<std::string, std::string> > m_supported_algos;
std::vector<std::string> m_supported_curves;
bool m_supports_session_ticket;
- MemoryVector<byte> m_session_ticket;
+ std::vector<byte> m_session_ticket;
bool m_supports_heartbeats;
bool m_peer_can_send_heartbeats;
@@ -170,9 +170,9 @@ class Server_Hello : public Handshake_Message
Protocol_Version version() { return m_version; }
- const MemoryVector<byte>& random() const { return m_random; }
+ const std::vector<byte>& random() const { return m_random; }
- const MemoryVector<byte>& session_id() const { return m_session_id; }
+ const std::vector<byte>& session_id() const { return m_session_id; }
u16bit ciphersuite() const { return m_ciphersuite; }
@@ -189,7 +189,7 @@ class Server_Hello : public Handshake_Message
size_t fragment_size() const { return m_fragment_size; }
- const MemoryVector<byte>& renegotiation_info()
+ const std::vector<byte>& renegotiation_info()
{ return m_renegotiation_info; }
bool supports_heartbeats() const { return m_supports_heartbeats; }
@@ -198,31 +198,31 @@ class Server_Hello : public Handshake_Message
Server_Hello(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& session_id,
+ const std::vector<byte>& session_id,
Protocol_Version ver,
u16bit ciphersuite,
byte compression,
size_t max_fragment_size,
bool client_has_secure_renegotiation,
- const MemoryRegion<byte>& reneg_info,
+ const std::vector<byte>& reneg_info,
bool offer_session_ticket,
bool client_has_npn,
const std::vector<std::string>& next_protocols,
bool client_has_heartbeat,
RandomNumberGenerator& rng);
- Server_Hello(const MemoryRegion<byte>& buf);
+ Server_Hello(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Protocol_Version m_version;
- MemoryVector<byte> m_session_id, m_random;
+ std::vector<byte> m_session_id, m_random;
u16bit m_ciphersuite;
byte m_comp_method;
size_t m_fragment_size;
bool m_secure_renegotiation;
- MemoryVector<byte> m_renegotiation_info;
+ std::vector<byte> m_renegotiation_info;
bool m_next_protocol;
std::vector<std::string> m_next_protocols;
@@ -240,7 +240,7 @@ class Client_Key_Exchange : public Handshake_Message
public:
Handshake_Type type() const { return CLIENT_KEX; }
- const SecureVector<byte>& pre_master_secret() const
+ const secure_vector<byte>& pre_master_secret() const
{ return pre_master; }
Client_Key_Exchange(Record_Writer& output,
@@ -250,16 +250,17 @@ class Client_Key_Exchange : public Handshake_Message
const std::string& hostname,
RandomNumberGenerator& rng);
- Client_Key_Exchange(const MemoryRegion<byte>& buf,
+ Client_Key_Exchange(const std::vector<byte>& buf,
const Handshake_State* state,
Credentials_Manager& creds,
const Policy& policy,
RandomNumberGenerator& rng);
private:
- MemoryVector<byte> serialize() const { return key_material; }
+ std::vector<byte> serialize() const { return key_material; }
- SecureVector<byte> key_material, pre_master;
+ std::vector<byte> key_material;
+ secure_vector<byte> pre_master;
};
/**
@@ -278,9 +279,9 @@ class Certificate : public Handshake_Message
Handshake_Hash& hash,
const std::vector<X509_Certificate>& certs);
- Certificate(const MemoryRegion<byte>& buf);
+ Certificate(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::vector<X509_Certificate> m_certs;
};
@@ -307,10 +308,10 @@ class Certificate_Req : public Handshake_Message
const std::vector<X509_Certificate>& allowed_cas,
Protocol_Version version);
- Certificate_Req(const MemoryRegion<byte>& buf,
+ Certificate_Req(const std::vector<byte>& buf,
Protocol_Version version);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::vector<X509_DN> names;
std::vector<std::string> cert_key_types;
@@ -339,14 +340,14 @@ class Certificate_Verify : public Handshake_Message
RandomNumberGenerator& rng,
const Private_Key* key);
- Certificate_Verify(const MemoryRegion<byte>& buf,
+ Certificate_Verify(const std::vector<byte>& buf,
Protocol_Version version);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::string sig_algo; // sig algo used to create signature
std::string hash_algo; // hash used to create signature
- MemoryVector<byte> signature;
+ std::vector<byte> signature;
};
/**
@@ -357,7 +358,7 @@ class Finished : public Handshake_Message
public:
Handshake_Type type() const { return FINISHED; }
- MemoryVector<byte> verify_data() const
+ std::vector<byte> verify_data() const
{ return verification_data; }
bool verify(Handshake_State* state,
@@ -367,12 +368,12 @@ class Finished : public Handshake_Message
Handshake_State* state,
Connection_Side side);
- Finished(const MemoryRegion<byte>& buf);
+ Finished(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Connection_Side side;
- MemoryVector<byte> verification_data;
+ std::vector<byte> verification_data;
};
/**
@@ -384,9 +385,9 @@ class Hello_Request : public Handshake_Message
Handshake_Type type() const { return HELLO_REQUEST; }
Hello_Request(Record_Writer& writer);
- Hello_Request(const MemoryRegion<byte>& buf);
+ Hello_Request(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
};
/**
@@ -397,7 +398,7 @@ class Server_Key_Exchange : public Handshake_Message
public:
Handshake_Type type() const { return SERVER_KEX; }
- const MemoryVector<byte>& params() const { return m_params; }
+ const std::vector<byte>& params() const { return m_params; }
bool verify(const X509_Certificate& cert,
Handshake_State* state) const;
@@ -415,23 +416,23 @@ class Server_Key_Exchange : public Handshake_Message
RandomNumberGenerator& rng,
const Private_Key* signing_key = 0);
- Server_Key_Exchange(const MemoryRegion<byte>& buf,
+ Server_Key_Exchange(const std::vector<byte>& buf,
const std::string& kex_alg,
const std::string& sig_alg,
Protocol_Version version);
~Server_Key_Exchange();
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
Private_Key* m_kex_key;
SRP6_Server_Session* m_srp_params;
- MemoryVector<byte> m_params;
+ std::vector<byte> m_params;
std::string m_sig_algo; // sig algo used to create signature
std::string m_hash_algo; // hash used to create signature
- MemoryVector<byte> m_signature;
+ std::vector<byte> m_signature;
};
/**
@@ -443,9 +444,9 @@ class Server_Hello_Done : public Handshake_Message
Handshake_Type type() const { return SERVER_HELLO_DONE; }
Server_Hello_Done(Record_Writer& writer, Handshake_Hash& hash);
- Server_Hello_Done(const MemoryRegion<byte>& buf);
+ Server_Hello_Done(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
};
/**
@@ -462,9 +463,9 @@ class Next_Protocol : public Handshake_Message
Handshake_Hash& hash,
const std::string& protocol);
- Next_Protocol(const MemoryRegion<byte>& buf);
+ Next_Protocol(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
std::string m_protocol;
};
@@ -475,22 +476,22 @@ class New_Session_Ticket : public Handshake_Message
Handshake_Type type() const { return NEW_SESSION_TICKET; }
u32bit ticket_lifetime_hint() const { return m_ticket_lifetime_hint; }
- const MemoryVector<byte>& ticket() const { return m_ticket; }
+ const std::vector<byte>& ticket() const { return m_ticket; }
New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
u32bit lifetime);
New_Session_Ticket(Record_Writer& writer,
Handshake_Hash& hash);
- New_Session_Ticket(const MemoryRegion<byte>& buf);
+ New_Session_Ticket(const std::vector<byte>& buf);
private:
- MemoryVector<byte> serialize() const;
+ std::vector<byte> serialize() const;
u32bit m_ticket_lifetime_hint;
- MemoryVector<byte> m_ticket;
+ std::vector<byte> m_ticket;
};
}
diff --git a/src/tls/tls_reader.h b/src/tls/tls_reader.h
index bf8098bed..7440e16b7 100644
--- a/src/tls/tls_reader.h
+++ b/src/tls/tls_reader.h
@@ -25,7 +25,7 @@ namespace TLS {
class TLS_Data_Reader
{
public:
- TLS_Data_Reader(const MemoryRegion<byte>& buf_in) :
+ TLS_Data_Reader(const std::vector<byte>& buf_in) :
buf(buf_in), offset(0) {}
void assert_done() const
@@ -91,14 +91,14 @@ class TLS_Data_Reader
}
template<typename T>
- SecureVector<T> get_range(size_t len_bytes,
+ std::vector<T> get_range(size_t len_bytes,
size_t min_elems,
size_t max_elems)
{
const size_t num_elems =
get_num_elems(len_bytes, sizeof(T), min_elems, max_elems);
- return get_elem<T, SecureVector<T> >(num_elems);
+ return get_elem<T, std::vector<T> >(num_elems);
}
template<typename T>
@@ -123,9 +123,9 @@ class TLS_Data_Reader
}
template<typename T>
- SecureVector<T> get_fixed(size_t size)
+ std::vector<T> get_fixed(size_t size)
{
- return get_elem<T, SecureVector<T> >(size);
+ return get_elem<T, std::vector<T> >(size);
}
private:
@@ -169,15 +169,15 @@ class TLS_Data_Reader
}
}
- const MemoryRegion<byte>& buf;
+ const std::vector<byte>& buf;
size_t offset;
};
/**
* Helper function for encoding length-tagged vectors
*/
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
+template<typename T, typename Alloc>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
const T* vals,
size_t vals_size,
size_t tag_size)
@@ -200,26 +200,19 @@ void append_tls_length_value(MemoryRegion<byte>& buf,
buf.push_back(get_byte(j, vals[i]));
}
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
- const MemoryRegion<T>& vals,
+template<typename T, typename Alloc, typename Alloc2>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
+ const std::vector<T, Alloc2>& vals,
size_t tag_size)
{
append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
}
-template<typename T>
-void append_tls_length_value(MemoryRegion<byte>& buf,
- const std::vector<T>& vals,
+template<typename Alloc>
+void append_tls_length_value(std::vector<byte, Alloc>& buf,
+ const std::string& str,
size_t tag_size)
{
- append_tls_length_value(buf, &vals[0], vals.size(), tag_size);
- }
-
-inline void append_tls_length_value(MemoryRegion<byte>& buf,
- const std::string& str,
- size_t tag_size)
- {
append_tls_length_value(buf,
reinterpret_cast<const byte*>(&str[0]),
str.size(),
diff --git a/src/tls/tls_record.h b/src/tls/tls_record.h
index 3b44ee1c6..a92dcbe9d 100644
--- a/src/tls/tls_record.h
+++ b/src/tls/tls_record.h
@@ -33,10 +33,10 @@ class BOTAN_DLL Record_Writer
void send(byte type, const byte input[], size_t length);
void send(byte type, byte val) { send(type, &val, 1); }
- void send(byte type, const MemoryRegion<byte>& input)
+ void send(byte type, const std::vector<byte>& input)
{ send(type, &input[0], input.size()); }
- MemoryVector<byte> send(class Handshake_Message& msg);
+ std::vector<byte> send(class Handshake_Message& msg);
void send_alert(const Alert& alert);
@@ -62,7 +62,7 @@ class BOTAN_DLL Record_Writer
std::function<void (const byte[], size_t)> m_output_fn;
- MemoryVector<byte> m_writebuf;
+ std::vector<byte> m_writebuf;
Pipe m_cipher;
MessageAuthenticationCode* m_mac;
@@ -93,7 +93,7 @@ class BOTAN_DLL Record_Reader
size_t add_input(const byte input[], size_t input_size,
size_t& input_consumed,
byte& msg_type,
- MemoryVector<byte>& msg);
+ std::vector<byte>& msg);
void activate(Connection_Side side,
const Ciphersuite& suite,
@@ -118,8 +118,8 @@ class BOTAN_DLL Record_Reader
size_t& input_consumed,
size_t desired);
- MemoryVector<byte> m_readbuf;
- MemoryVector<byte> m_macbuf;
+ std::vector<byte> m_readbuf;
+ std::vector<byte> m_macbuf;
size_t m_readbuf_pos;
Pipe m_cipher;
diff --git a/src/tls/tls_server.cpp b/src/tls/tls_server.cpp
index 1e8c73ec3..7c2c4d323 100644
--- a/src/tls/tls_server.cpp
+++ b/src/tls/tls_server.cpp
@@ -24,8 +24,8 @@ bool check_for_resume(Session& session_info,
Client_Hello* client_hello,
std::chrono::seconds session_ticket_lifetime)
{
- const MemoryVector<byte>& client_session_id = client_hello->session_id();
- const MemoryVector<byte>& session_ticket = client_hello->session_ticket();
+ const std::vector<byte>& client_session_id = client_hello->session_id();
+ const std::vector<byte>& session_ticket = client_hello->session_ticket();
if(session_ticket.empty())
{
@@ -232,7 +232,7 @@ void Server::alert_notify(const Alert& alert)
* Split up and process handshake messages
*/
void Server::read_handshake(byte rec_type,
- const MemoryRegion<byte>& rec_buf)
+ const std::vector<byte>& rec_buf)
{
if(rec_type == HANDSHAKE && !state)
{
@@ -247,7 +247,7 @@ void Server::read_handshake(byte rec_type,
* Process a handshake message
*/
void Server::process_handshake_msg(Handshake_Type type,
- const MemoryRegion<byte>& contents)
+ const std::vector<byte>& contents)
{
if(state == 0)
throw Unexpected_Message("Unexpected handshake message from client");
@@ -396,7 +396,7 @@ void Server::process_handshake_msg(Handshake_Type type,
state->server_hello = new Server_Hello(
writer,
state->hash,
- rng.random_vec(32), // new session ID
+ unlock(rng.random_vec(32)), // new session ID
state->version(),
choose_ciphersuite(policy, creds, cert_chains, state->client_hello),
choose_compression(policy, state->client_hello->compression_methods()),
@@ -569,7 +569,7 @@ void Server::process_handshake_msg(Handshake_Type type,
secure_renegotiation.supported(),
state->server_hello->fragment_size(),
peer_certs,
- MemoryVector<byte>(),
+ std::vector<byte>(),
m_hostname,
state->srp_identifier()
);
diff --git a/src/tls/tls_server.h b/src/tls/tls_server.h
index 684021ebc..441e03eb2 100644
--- a/src/tls/tls_server.h
+++ b/src/tls/tls_server.h
@@ -51,9 +51,9 @@ class BOTAN_DLL Server : public Channel
{ return m_next_protocol; }
private:
- void read_handshake(byte, const MemoryRegion<byte>&);
+ void read_handshake(byte, const std::vector<byte>&);
- void process_handshake_msg(Handshake_Type, const MemoryRegion<byte>&);
+ void process_handshake_msg(Handshake_Type, const std::vector<byte>&);
void alert_notify(const Alert& alert);
diff --git a/src/tls/tls_session.cpp b/src/tls/tls_session.cpp
index dac38e67b..d2aae9a7e 100644
--- a/src/tls/tls_session.cpp
+++ b/src/tls/tls_session.cpp
@@ -18,8 +18,8 @@ namespace Botan {
namespace TLS {
-Session::Session(const MemoryRegion<byte>& session_identifier,
- const MemoryRegion<byte>& master_secret,
+Session::Session(const std::vector<byte>& session_identifier,
+ const secure_vector<byte>& master_secret,
Protocol_Version version,
u16bit ciphersuite,
byte compression_method,
@@ -27,7 +27,7 @@ Session::Session(const MemoryRegion<byte>& session_identifier,
bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& certs,
- const MemoryRegion<byte>& ticket,
+ const std::vector<byte>& ticket,
const std::string& sni_hostname,
const std::string& srp_identifier) :
m_start_time(std::chrono::system_clock::now()),
@@ -48,7 +48,7 @@ Session::Session(const MemoryRegion<byte>& session_identifier,
Session::Session(const std::string& pem)
{
- SecureVector<byte> der = PEM_Code::decode_check_label(pem, "SSL SESSION");
+ secure_vector<byte> der = PEM_Code::decode_check_label(pem, "SSL SESSION");
*this = Session(&der[0], der.size());
}
@@ -61,7 +61,7 @@ Session::Session(const byte ber[], size_t ber_len)
byte major_version = 0, minor_version = 0;
- MemoryVector<byte> peer_cert_bits;
+ std::vector<byte> peer_cert_bits;
size_t start_time = 0;
@@ -94,16 +94,16 @@ Session::Session(const byte ber[], size_t ber_len)
if(!peer_cert_bits.empty())
{
- DataSource_Memory certs(peer_cert_bits);
+ DataSource_Memory certs(&peer_cert_bits[0], peer_cert_bits.size());
while(!certs.end_of_data())
m_peer_certs.push_back(X509_Certificate(certs));
}
}
-SecureVector<byte> Session::DER_encode() const
+secure_vector<byte> Session::DER_encode() const
{
- MemoryVector<byte> peer_cert_bits;
+ std::vector<byte> peer_cert_bits;
for(size_t i = 0; i != m_peer_certs.size(); ++i)
peer_cert_bits += m_peer_certs[i].BER_encode();
@@ -154,7 +154,7 @@ const size_t MAC_OUTPUT_LENGTH = 32;
}
-MemoryVector<byte>
+std::vector<byte>
Session::encrypt(const SymmetricKey& master_key,
RandomNumberGenerator& rng) const
{
@@ -177,9 +177,9 @@ Session::encrypt(const SymmetricKey& master_key,
Pipe pipe(get_cipher(SESSION_CRYPTO_CIPHER, cipher_key, cipher_iv, ENCRYPTION));
pipe.process_msg(this->DER_encode());
- MemoryVector<byte> ctext = pipe.read_all(0);
+ secure_vector<byte> ctext = pipe.read_all(0);
- MemoryVector<byte> out(MAGIC_LENGTH);
+ std::vector<byte> out(MAGIC_LENGTH);
store_be(SESSION_CRYPTO_MAGIC, &out[0]);
out += cipher_iv.bits_of();
out += ctext;
@@ -217,7 +217,7 @@ Session Session::decrypt(const byte buf[], size_t buf_len,
mac->set_key(mac_key);
mac->update(&buf[0], buf_len - MAC_OUTPUT_LENGTH);
- MemoryVector<byte> computed_mac = mac->final();
+ secure_vector<byte> computed_mac = mac->final();
if(!same_mem(&buf[buf_len - MAC_OUTPUT_LENGTH], &computed_mac[0], computed_mac.size()))
throw Decoding_Error("MAC verification failed for encrypted session");
@@ -234,7 +234,7 @@ Session Session::decrypt(const byte buf[], size_t buf_len,
Pipe pipe(get_cipher(SESSION_CRYPTO_CIPHER, cipher_key, cipher_iv, DECRYPTION));
pipe.process_msg(&buf[CTEXT_OFFSET],
buf_len - (MAC_OUTPUT_LENGTH + CTEXT_OFFSET));
- SecureVector<byte> ber = pipe.read_all();
+ secure_vector<byte> ber = pipe.read_all();
return Session(&ber[0], ber.size());
}
diff --git a/src/tls/tls_session.h b/src/tls/tls_session.h
index a2b341a30..2c474bc6a 100644
--- a/src/tls/tls_session.h
+++ b/src/tls/tls_session.h
@@ -43,8 +43,8 @@ class BOTAN_DLL Session
/**
* New session (sets session start time)
*/
- Session(const MemoryRegion<byte>& session_id,
- const MemoryRegion<byte>& master_secret,
+ Session(const std::vector<byte>& session_id,
+ const secure_vector<byte>& master_secret,
Protocol_Version version,
u16bit ciphersuite,
byte compression_method,
@@ -52,7 +52,7 @@ class BOTAN_DLL Session
bool secure_renegotiation_supported,
size_t fragment_size,
const std::vector<X509_Certificate>& peer_certs,
- const MemoryRegion<byte>& session_ticket,
+ const std::vector<byte>& session_ticket,
const std::string& sni_hostname = "",
const std::string& srp_identifier = "");
@@ -71,12 +71,12 @@ class BOTAN_DLL Session
* @warning if the master secret is compromised so is the
* session traffic
*/
- SecureVector<byte> DER_encode() const;
+ secure_vector<byte> DER_encode() const;
/**
* Encrypt a session (useful for serialization or session tickets)
*/
- MemoryVector<byte> encrypt(const SymmetricKey& key,
+ std::vector<byte> encrypt(const SymmetricKey& key,
RandomNumberGenerator& rng) const;
@@ -95,7 +95,7 @@ class BOTAN_DLL Session
* @param ctext the ciphertext returned by encrypt
* @param key the same key used by the encrypting side
*/
- static inline Session decrypt(const MemoryRegion<byte>& ctext,
+ static inline Session decrypt(const std::vector<byte>& ctext,
const SymmetricKey& key)
{
return Session::decrypt(&ctext[0], ctext.size(), key);
@@ -147,13 +147,13 @@ class BOTAN_DLL Session
/**
* Get the saved master secret
*/
- const SecureVector<byte>& master_secret() const
+ const secure_vector<byte>& master_secret() const
{ return m_master_secret; }
/**
* Get the session identifier
*/
- const MemoryVector<byte>& session_id() const
+ const std::vector<byte>& session_id() const
{ return m_identifier; }
/**
@@ -186,16 +186,16 @@ class BOTAN_DLL Session
/**
* Return the session ticket the server gave us
*/
- const MemoryVector<byte>& session_ticket() const { return m_session_ticket; }
+ const std::vector<byte>& session_ticket() const { return m_session_ticket; }
private:
enum { TLS_SESSION_PARAM_STRUCT_VERSION = 0x2994e300 };
std::chrono::system_clock::time_point m_start_time;
- MemoryVector<byte> m_identifier;
- MemoryVector<byte> m_session_ticket; // only used by client side
- SecureVector<byte> m_master_secret;
+ std::vector<byte> m_identifier;
+ std::vector<byte> m_session_ticket; // only used by client side
+ secure_vector<byte> m_master_secret;
Protocol_Version m_version;
u16bit m_ciphersuite;
diff --git a/src/tls/tls_session_key.cpp b/src/tls/tls_session_key.cpp
index 4d7603ce1..0cd74a63a 100644
--- a/src/tls/tls_session_key.cpp
+++ b/src/tls/tls_session_key.cpp
@@ -19,7 +19,7 @@ namespace TLS {
* Session_Keys Constructor
*/
Session_Keys::Session_Keys(Handshake_State* state,
- const MemoryRegion<byte>& pre_master_secret,
+ const secure_vector<byte>& pre_master_secret,
bool resuming)
{
const size_t mac_keylen = output_length_of(state->suite.mac_algo());
@@ -45,7 +45,7 @@ Session_Keys::Session_Keys(Handshake_State* state,
}
else
{
- SecureVector<byte> salt;
+ secure_vector<byte> salt;
if(state->version() != Protocol_Version::SSL_V3)
salt += std::make_pair(MASTER_SECRET_MAGIC, sizeof(MASTER_SECRET_MAGIC));
@@ -56,7 +56,7 @@ Session_Keys::Session_Keys(Handshake_State* state,
master_sec = prf->derive_key(48, pre_master_secret, salt);
}
- SecureVector<byte> salt;
+ secure_vector<byte> salt;
if(state->version() != Protocol_Version::SSL_V3)
salt += std::make_pair(KEY_GEN_MAGIC, sizeof(KEY_GEN_MAGIC));
salt += state->server_hello->random();
diff --git a/src/tls/tls_session_key.h b/src/tls/tls_session_key.h
index 25de56aea..0021694e3 100644
--- a/src/tls/tls_session_key.h
+++ b/src/tls/tls_session_key.h
@@ -31,16 +31,16 @@ class Session_Keys
InitializationVector client_iv() const { return c_iv; }
InitializationVector server_iv() const { return s_iv; }
- const SecureVector<byte>& master_secret() const { return master_sec; }
+ const secure_vector<byte>& master_secret() const { return master_sec; }
Session_Keys() {}
Session_Keys(class Handshake_State* state,
- const MemoryRegion<byte>& pre_master,
+ const secure_vector<byte>& pre_master,
bool resuming);
private:
- SecureVector<byte> master_sec;
+ secure_vector<byte> master_sec;
SymmetricKey c_cipher, s_cipher, c_mac, s_mac;
InitializationVector c_iv, s_iv;
};
diff --git a/src/tls/tls_session_manager.cpp b/src/tls/tls_session_manager.cpp
index d103df35f..72eb83c21 100644
--- a/src/tls/tls_session_manager.cpp
+++ b/src/tls/tls_session_manager.cpp
@@ -37,7 +37,7 @@ bool Session_Manager_In_Memory::load_from_session_str(
}
bool Session_Manager_In_Memory::load_from_session_id(
- const MemoryRegion<byte>& session_id, Session& session)
+ const std::vector<byte>& session_id, Session& session)
{
std::lock_guard<std::mutex> lock(m_mutex);
@@ -69,7 +69,7 @@ bool Session_Manager_In_Memory::load_from_host_info(
}
void Session_Manager_In_Memory::remove_entry(
- const MemoryRegion<byte>& session_id)
+ const std::vector<byte>& session_id)
{
std::lock_guard<std::mutex> lock(m_mutex);
diff --git a/src/tls/tls_session_manager.h b/src/tls/tls_session_manager.h
index 84d51406d..fa1ecae39 100644
--- a/src/tls/tls_session_manager.h
+++ b/src/tls/tls_session_manager.h
@@ -36,7 +36,7 @@ class BOTAN_DLL Session_Manager
or not modified if not found
* @return true if session was modified
*/
- virtual bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ virtual bool load_from_session_id(const std::vector<byte>& session_id,
Session& session) = 0;
/**
@@ -53,7 +53,7 @@ class BOTAN_DLL Session_Manager
/**
* Remove this session id from the cache, if it exists
*/
- virtual void remove_entry(const MemoryRegion<byte>& session_id) = 0;
+ virtual void remove_entry(const std::vector<byte>& session_id) = 0;
/**
* Save a session on a best effort basis; the manager may not in
@@ -94,13 +94,13 @@ class BOTAN_DLL Session_Manager_In_Memory : public Session_Manager
m_session_lifetime(session_lifetime)
{}
- bool load_from_session_id(const MemoryRegion<byte>& session_id,
+ bool load_from_session_id(const std::vector<byte>& session_id,
Session& session);
bool load_from_host_info(const std::string& hostname, u16bit port,
Session& session);
- void remove_entry(const MemoryRegion<byte>& session_id);
+ void remove_entry(const std::vector<byte>& session_id);
void save(const Session& session_data);