Reorganize code and reduce header dependencies

src/lib/base/secmem.h

@@ -10,11 +10,14 @@
 
 #include <botan/allocator.h>
 #include <botan/types.h>  // IWYU pragma: export
-#include <algorithm>
-#include <deque>
 #include <type_traits>
 #include <vector>  // IWYU pragma: export
 
+#if !defined(BOTAN_IS_BEING_BUILT) && !defined(BOTAN_DISABLE_DEPRECATED_FEATURES)
+  // TODO(Botan4) remove this
+  #include <deque>
+#endif
+
 namespace Botan {
 
 template <typename T>
@@ -59,8 +62,11 @@ inline bool operator!=(const secure_allocator<T>&, const secure_allocator<U>&) {
 
 template <typename T>
 using secure_vector = std::vector<T, secure_allocator<T>>;
+
+#if !defined(BOTAN_IS_BEING_BUILT) && !defined(BOTAN_DISABLE_DEPRECATED_FEATURES)
 template <typename T>
 using secure_deque = std::deque<T, secure_allocator<T>>;
+#endif
 
 // For better compatibility with 1.10 API
 template <typename T>

src/lib/base/sym_algo.cpp

@@ -6,10 +6,15 @@
 
 #include <botan/sym_algo.h>
 
+#include <botan/symkey.h>
 #include <botan/exceptn.h>
 
 namespace Botan {
 
+void SymmetricAlgorithm::set_key(const OctetString& key) {
+   set_key(std::span{key.begin(), key.length()});
+}
+
 void SymmetricAlgorithm::throw_key_not_set_error() const {
    throw Key_Not_Set(name());
 }

src/lib/base/sym_algo.h

@@ -8,13 +8,15 @@
 #ifndef BOTAN_SYMMETRIC_ALGORITHM_H_
 #define BOTAN_SYMMETRIC_ALGORITHM_H_
 
-#include <botan/symkey.h>
 #include <botan/types.h>
 
+#include <string>
 #include <span>
 
 namespace Botan {
 
+class OctetString;
+
 /**
 * Represents the length requirements on an algorithm key
 */
@@ -110,7 +112,7 @@ class BOTAN_PUBLIC_API(2, 0) SymmetricAlgorithm {
       * Set the symmetric key of this object.
       * @param key the SymmetricKey to be set.
       */
-      void set_key(const SymmetricKey& key) { set_key(std::span{key.begin(), key.length()}); }
+      void set_key(const OctetString& key);
 
       /**
       * Set the symmetric key of this object.

src/lib/block/aes/aes.h

@@ -9,6 +9,7 @@
 #define BOTAN_AES_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/aria/aria.h

@@ -17,6 +17,7 @@
 #define BOTAN_ARIA_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/blowfish/blowfish.h

@@ -9,6 +9,7 @@
 #define BOTAN_BLOWFISH_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/camellia/camellia.h

@@ -9,6 +9,7 @@
 #define BOTAN_CAMELLIA_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/cast128/cast128.h

@@ -9,6 +9,7 @@
 #define BOTAN_CAST128_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/des/des.h

@@ -9,6 +9,7 @@
 #define BOTAN_DES_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/gost_28147/gost_28147.h

@@ -9,6 +9,7 @@
 #define BOTAN_GOST_28147_89_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/idea/idea.h

@@ -9,6 +9,7 @@
 #define BOTAN_IDEA_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/kuznyechik/kuznyechik.cpp

@@ -13,6 +13,7 @@
 
 #include <botan/mem_ops.h>
 #include <botan/internal/loadstor.h>
+#include <algorithm>
 
 namespace Botan {
 

src/lib/block/noekeon/noekeon.h

@@ -9,6 +9,7 @@
 #define BOTAN_NOEKEON_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/seed/seed.h

@@ -9,6 +9,7 @@
 #define BOTAN_SEED_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/serpent/serpent.h

@@ -9,6 +9,7 @@
 #define BOTAN_SERPENT_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/shacal2/shacal2.h

@@ -9,6 +9,7 @@
 #define BOTAN_SHACAL2_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/sm4/sm4.h

@@ -9,6 +9,7 @@
 #define BOTAN_SM4_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/threefish_512/threefish_512.h

@@ -9,6 +9,7 @@
 #define BOTAN_THREEFISH_512_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/block/twofish/twofish.h

@@ -9,6 +9,7 @@
 #define BOTAN_TWOFISH_H_
 
 #include <botan/block_cipher.h>
+#include <botan/secmem.h>
 
 namespace Botan {
 

src/lib/compression/compression.h

@@ -10,6 +10,7 @@
 
 #include <botan/exceptn.h>
 #include <botan/secmem.h>
+#include <memory>
 #include <string>
 
 namespace Botan {

src/lib/entropy/entropy_src.h

@@ -8,11 +8,11 @@
 #ifndef BOTAN_ENTROPY_H_
 #define BOTAN_ENTROPY_H_
 
-#include <botan/rng.h>
-#include <botan/secmem.h>
+#include <botan/api.h>
 #include <chrono>
 #include <memory>
 #include <string>
+#include <string_view>
 #include <vector>
 
 namespace Botan {

src/lib/entropy/getentropy/getentropy.cpp

@@ -6,6 +6,8 @@
 */
 
 #include <botan/internal/getentropy.h>
+
+#include <botan/rng.h>
 #include <unistd.h>
 
 // macOS and Android include it in sys/random.h instead

src/lib/entropy/rdseed/rdseed.cpp

@@ -8,10 +8,13 @@
 
 #include <botan/internal/rdseed.h>
 
+#include <botan/rng.h>
 #include <botan/compiler.h>
 #include <botan/internal/cpuid.h>
 
-#include <immintrin.h>
+#if !defined(BOTAN_USE_GCC_INLINE_ASM)
+   #include <immintrin.h>
+#endif
 
 namespace Botan {
 
@@ -48,7 +51,11 @@ BOTAN_FUNC_ISA("rdseed") bool read_rdseed(secure_vector<uint32_t>& seed) {
       }
 
       // Intel suggests pausing if RDSEED fails.
+#if defined(BOTAN_USE_GCC_INLINE_ASM)
+      asm volatile("pause");
+#else
       _mm_pause();
+#endif
    }
 
    return false;  // failed to produce an output after many attempts

src/lib/entropy/win32_stats/es_win32.cpp

@@ -6,6 +6,8 @@
 
 #include <botan/internal/es_win32.h>
 
+#include <botan/rng.h>
+
 #define NOMINMAX 1
 #define _WINSOCKAPI_  // stop windows.h including winsock.h
 #include <windows.h>

src/lib/hash/trunc_hash/trunc_hash.cpp

@@ -10,6 +10,7 @@
 
 #include <botan/exceptn.h>
 #include <botan/internal/fmt.h>
+#include <algorithm>
 
 namespace Botan {
 

src/lib/kdf/kdf.h

@@ -10,9 +10,9 @@
 #define BOTAN_KDF_BASE_H_
 
 #include <botan/concepts.h>
-#include <botan/exceptn.h>
 #include <botan/mem_ops.h>
 #include <botan/secmem.h>
+#include <memory>
 #include <span>
 #include <string>
 #include <string_view>
@@ -277,16 +277,11 @@ class BOTAN_PUBLIC_API(2, 0) KDF {
 BOTAN_DEPRECATED("Use KDF::create")
 
 inline KDF* get_kdf(std::string_view algo_spec) {
-   auto kdf = KDF::create(algo_spec);
-   if(kdf) {
-      return kdf.release();
-   }
-
    if(algo_spec == "Raw") {
       return nullptr;
    }
 
-   throw Algorithm_Not_Found(algo_spec);
+   return KDF::create_or_throw(algo_spec).release();
 }
 
 }  // namespace Botan

src/lib/math/numbertheory/monty.h

@@ -10,6 +10,7 @@
 #include <botan/bigint.h>
 
 #include <botan/internal/ct_utils.h>
+#include <memory>
 
 namespace Botan {
 

src/lib/math/pcurves/pcurves.h

@@ -14,6 +14,7 @@
 #include <botan/types.h>
 #include <array>
 #include <optional>
+#include <memory>
 #include <span>
 #include <string_view>
 #include <vector>

src/lib/math/pcurves/pcurves_id.h

@@ -7,7 +7,6 @@
 #ifndef BOTAN_PCURVES_ID_H_
 #define BOTAN_PCURVES_ID_H_
 
-#include <botan/secmem.h>
 #include <botan/types.h>
 #include <optional>
 #include <string>

src/lib/math/pcurves/pcurves_impl/pcurves_wrap.h

@@ -9,6 +9,7 @@
 
 #include <botan/internal/pcurves.h>
 #include <botan/internal/pcurves_impl.h>
+#include <botan/exceptn.h>
 
 namespace Botan::PCurve {
 

src/lib/misc/fpe_fe1/fpe_fe1.h

@@ -9,7 +9,9 @@
 #define BOTAN_FPE_FE1_H_
 
 #include <botan/bigint.h>
+#include <botan/symkey.h>
 #include <botan/sym_algo.h>
+#include <memory>
 
 namespace Botan {
 
@@ -83,6 +85,8 @@ class BOTAN_PUBLIC_API(2, 5) FPE_FE1 final : public SymmetricAlgorithm {
 
 namespace FPE {
 
+class OctetString;
+
 /**
 * Format Preserving Encryption using the scheme FE1 from the paper
 * "Format-Preserving Encryption" by Bellare, Rogaway, et al
@@ -98,7 +102,7 @@ namespace FPE {
 * may be insecure for some values of n. Prefer FPE_FE1 class
 */
 BigInt BOTAN_PUBLIC_API(2, 0)
-   fe1_encrypt(const BigInt& n, const BigInt& X, const SymmetricKey& key, const std::vector<uint8_t>& tweak);
+   fe1_encrypt(const BigInt& n, const BigInt& X, const OctetString& key, const std::vector<uint8_t>& tweak);
 
 /**
 * Decrypt X from and onto the group Z_n using key and tweak
@@ -111,7 +115,7 @@ BigInt BOTAN_PUBLIC_API(2, 0)
 * may be insecure for some values of n. Prefer FPE_FE1 class
 */
 BigInt BOTAN_PUBLIC_API(2, 0)
-   fe1_decrypt(const BigInt& n, const BigInt& X, const SymmetricKey& key, const std::vector<uint8_t>& tweak);
+   fe1_decrypt(const BigInt& n, const BigInt& X, const OctetString& key, const std::vector<uint8_t>& tweak);
 
 }  // namespace FPE
 

src/lib/misc/hotp/otp.h

@@ -9,6 +9,7 @@
 #define BOTAN_ONE_TIME_PASSWORDS_H_
 
 #include <botan/mac.h>
+#include <botan/symkey.h>
 #include <chrono>
 
 namespace Botan {

src/lib/modes/cipher_mode.h

@@ -12,6 +12,7 @@
 #include <botan/exceptn.h>
 #include <botan/secmem.h>
 #include <botan/sym_algo.h>
+#include <memory>
 #include <span>
 #include <string>
 #include <string_view>

src/lib/modes/mode_pad/mode_pad.h

@@ -10,6 +10,7 @@
 #define BOTAN_MODE_PADDING_H_
 
 #include <botan/secmem.h>
+#include <memory>
 #include <string>
 
 namespace Botan {