util/SecretData code cleanup

PiperOrigin-RevId: 544037037

4 files changed, 38 insertions, 36 deletions

diff --git a/cc/util/BUILD.bazel b/cc/util/BUILD.bazel
index 55845211c..f92575e69 100644
--- a/cc/util/BUILD.bazel
+++ b/cc/util/BUILD.bazel
@@ -28,8 +28,10 @@ cc_library(
     name = "secret_data_internal",
     hdrs = ["secret_data_internal.h"],
     include_prefix = "tink/util",
+    visibility = ["//visibility:private"],
     deps = [
         "@boringssl//:crypto",
+        "@com_google_absl//absl/base:config",
         "@com_google_absl//absl/base:core_headers",
     ],
 )
diff --git a/cc/util/CMakeLists.txt b/cc/util/CMakeLists.txt
index c2e5ef509..c90623012 100644
--- a/cc/util/CMakeLists.txt
+++ b/cc/util/CMakeLists.txt
@@ -438,8 +438,8 @@ tink_cc_library(
   SRCS
     secret_data_internal.h
   DEPS
-    absl::strings
-    absl::base
+    absl::config
+    absl::core_headers
     crypto
 )
 
diff --git a/cc/util/secret_data.h b/cc/util/secret_data.h
index 213b699aa..54ce23423 100644
--- a/cc/util/secret_data.h
+++ b/cc/util/secret_data.h
@@ -28,6 +28,17 @@
 namespace crypto {
 namespace tink {
 namespace util {
+namespace internal {
+
+template <typename T>
+struct SanitizingDeleter {
+  void operator()(T* ptr) {
+    ptr->~T();  // Invoke destructor. Must do this before sanitize.
+    SanitizingAllocator<T>().deallocate(ptr, 1);
+  }
+};
+
+}  // namespace internal
 
 // Stores secret (sensitive) data and makes sure it's marked as such and
 // destroyed in a safe way.
diff --git a/cc/util/secret_data_internal.h b/cc/util/secret_data_internal.h
index ddcacd5d0..7d88b9341 100644
--- a/cc/util/secret_data_internal.h
+++ b/cc/util/secret_data_internal.h
@@ -18,7 +18,8 @@
 #define TINK_UTIL_SECRET_DATA_INTERNAL_H_
 
 #include <cstddef>
-#include <memory>
+#include <cstdlib>
+#include <limits>
 #include <new>
 
 #include "absl/base/attributes.h"
@@ -30,15 +31,12 @@ namespace tink {
 namespace util {
 namespace internal {
 
-// placeholder for sanitization_functions, please ignore
 inline void SafeZeroMemory(void* ptr, std::size_t size) {
   OPENSSL_cleanse(ptr, size);
 }
 
 template <typename T>
-struct SanitizingAllocator {
-  typedef T value_type;
-
+struct SanitizingAllocatorImpl {
   // If aligned operator new is not supported this only supports under aligned
   // types.
 #ifndef __cpp_aligned_new
@@ -47,12 +45,7 @@ struct SanitizingAllocator {
                 "before C++17");
 #endif
 
-  SanitizingAllocator() = default;
-  template <class U>
-  explicit constexpr SanitizingAllocator(
-      const SanitizingAllocator<U>&) noexcept {}
-
-  ABSL_MUST_USE_RESULT T* allocate(std::size_t n) {
+  static T* allocate(std::size_t n) {
     if (n > std::numeric_limits<std::size_t>::max() / sizeof(T)) {
 #ifdef ABSL_HAVE_EXCEPTIONS
       throw std::bad_array_new_length();
@@ -62,14 +55,13 @@ struct SanitizingAllocator {
     }
     std::size_t size = n * sizeof(T);
 #ifdef __cpp_aligned_new
-    void* result = ::operator new(size, std::align_val_t(alignof(T)));
+    return static_cast<T*>(::operator new(size, std::align_val_t(alignof(T))));
 #else
-    void* result = ::operator new(size);
+    return static_cast<T*>(::operator new(size));
 #endif
-    return static_cast<T*>(result);
   }
 
-  void deallocate(T* ptr, std::size_t n) noexcept {
+  static void deallocate(void* ptr, std::size_t n) {
     SafeZeroMemory(ptr, n * sizeof(T));
 #ifdef __cpp_aligned_new
     ::operator delete(ptr, std::align_val_t(alignof(T)));
@@ -77,42 +69,39 @@ struct SanitizingAllocator {
     ::operator delete(ptr);
 #endif
   }
-
-  // Allocator requirements mandate definition of eq and neq operators
-  bool operator==(const SanitizingAllocator&) { return true; }
-  bool operator!=(const SanitizingAllocator&) { return false; }
 };
 
 // Specialization for malloc-like aligned storage.
 template <>
-struct SanitizingAllocator<void> {
-  typedef void value_type;
+struct SanitizingAllocatorImpl<void> {
+  static void* allocate(std::size_t n) { return std::malloc(n); }
+  static void deallocate(void* ptr, std::size_t n) {
+    SafeZeroMemory(ptr, n);
+    return std::free(ptr);
+  }
+};
+
+template <typename T>
+struct SanitizingAllocator {
+  typedef T value_type;
 
   SanitizingAllocator() = default;
   template <class U>
   explicit constexpr SanitizingAllocator(
       const SanitizingAllocator<U>&) noexcept {}
 
-  ABSL_MUST_USE_RESULT void* allocate(std::size_t n) { return std::malloc(n); }
+  ABSL_MUST_USE_RESULT T* allocate(std::size_t n) {
+    return SanitizingAllocatorImpl<T>::allocate(n);
+  }
 
-  void deallocate(void* ptr, std::size_t n) noexcept {
-    SafeZeroMemory(ptr, n);
-    std::free(ptr);
+  void deallocate(T* ptr, std::size_t n) noexcept {
+    SanitizingAllocatorImpl<T>::deallocate(ptr, n);
   }
 
   // Allocator requirements mandate definition of eq and neq operators
   bool operator==(const SanitizingAllocator&) { return true; }
   bool operator!=(const SanitizingAllocator&) { return false; }
 };
-// placeholder 2 for sanitization_functions, please ignore
-
-template <typename T>
-struct SanitizingDeleter {
-  void operator()(T* ptr) {
-    ptr->~T();  // Invoke destructor. Must do this before sanitize.
-    SanitizingAllocator<T>().deallocate(ptr, 1);
-  }
-};
 
 }  // namespace internal
 }  // namespace util