Anywhere where we use MemoryRegion::begin to get access to the raw pointer

representation (rather than in an interator context), instead use &buf[0],
which works for both MemoryRegion and std::vector

3 files changed, 29 insertions, 22 deletions

diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp
index 61fe51a88..0c37949bc 100644
--- a/src/constructs/cryptobox/cryptobox.cpp
+++ b/src/constructs/cryptobox/cryptobox.cpp
@@ -45,18 +45,22 @@ std::string encrypt(const byte input[], u32bit input_len,
                     RandomNumberGenerator& rng)
    {
    SecureVector<byte> pbkdf_salt(PBKDF_SALT_LEN);
-   rng.randomize(pbkdf_salt.begin(), pbkdf_salt.size());
+   rng.randomize(&pbkdf_salt[0], pbkdf_salt.size());
 
    PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
 
-   OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase,
-                                     &pbkdf_salt[0], pbkdf_salt.size(),
-                                     PBKDF_ITERATIONS);
+   OctetString master_key = pbkdf.derive_key(
+      PBKDF_OUTPUT_LEN,
+      passphrase,
+      &pbkdf_salt[0],
+      pbkdf_salt.size(),
+      PBKDF_ITERATIONS);
 
-   SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN);
-   SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN);
-   InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN,
-                           CIPHER_IV_LEN);
+   const byte* mk = master_key.begin();
+
+   SymmetricKey cipher_key(&mk[0], CIPHER_KEY_LEN);
+   SymmetricKey mac_key(&mk[CIPHER_KEY_LEN], MAC_KEY_LEN);
+   InitializationVector iv(&mk[CIPHER_KEY_LEN + MAC_KEY_LEN], CIPHER_IV_LEN);
 
    Pipe pipe(get_cipher("Serpent/CTR-BE", cipher_key, iv, ENCRYPTION),
              new Fork(
@@ -89,8 +93,7 @@ std::string encrypt(const byte input[], u32bit input_len,
    pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN,
              ciphertext_len, 0);
 
-   return PEM_Code::encode(out_buf.begin(), out_buf.size(),
-                           "BOTAN CRYPTOBOX MESSAGE");
+   return PEM_Code::encode(out_buf, "BOTAN CRYPTOBOX MESSAGE");
    }
 
 std::string decrypt(const byte input[], u32bit input_len,
@@ -112,14 +115,18 @@ std::string decrypt(const byte input[], u32bit input_len,
 
    PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512));
 
-   OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase,
-                                     &pbkdf_salt[0], pbkdf_salt.size(),
-                                     PBKDF_ITERATIONS);
+   OctetString master_key = pbkdf.derive_key(
+      PBKDF_OUTPUT_LEN,
+      passphrase,
+      &pbkdf_salt[0],
+      pbkdf_salt.size(),
+      PBKDF_ITERATIONS);
+
+   const byte* mk = master_key.begin();
 
-   SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN);
-   SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN);
-   InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN,
-                           CIPHER_IV_LEN);
+   SymmetricKey cipher_key(&mk[0], CIPHER_KEY_LEN);
+   SymmetricKey mac_key(&mk[CIPHER_KEY_LEN], MAC_KEY_LEN);
+   InitializationVector iv(&mk[CIPHER_KEY_LEN + MAC_KEY_LEN], CIPHER_IV_LEN);
 
    Pipe pipe(new Fork(
                 get_cipher("Serpent/CTR-BE", cipher_key, iv, DECRYPTION),
diff --git a/src/constructs/passhash/passhash9.cpp b/src/constructs/passhash/passhash9.cpp
index 6618f36fa..c120b39c5 100644
--- a/src/constructs/passhash/passhash9.cpp
+++ b/src/constructs/passhash/passhash9.cpp
@@ -139,8 +139,8 @@ bool check_passhash9(const std::string& pass, const std::string& hash)
       &bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES,
       kdf_iterations).bits_of();
 
-   return same_mem(cmp.begin(),
-                   bin.begin() + ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES,
+   return same_mem(&cmp[0],
+                   &bin[ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES],
                    PASSHASH9_PBKDF_OUTPUT_LEN);
    }
 
diff --git a/src/constructs/tss/tss.cpp b/src/constructs/tss/tss.cpp
index ad45cfcec..1ae027a78 100644
--- a/src/constructs/tss/tss.cpp
+++ b/src/constructs/tss/tss.cpp
@@ -192,8 +192,8 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
       if(shares[i].size() < RTSS_HEADER_SIZE)
          throw Decoding_Error("Missing or malformed RTSS header");
 
-      if(!same_mem(shares[0].contents.begin(),
-                   shares[i].contents.begin(), RTSS_HEADER_SIZE))
+      if(!same_mem(&shares[0].contents[0],
+                   &shares[i].contents[0], RTSS_HEADER_SIZE))
          throw Decoding_Error("Different RTSS headers detected");
       }
 
@@ -250,7 +250,7 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares)
    hash->update(secret, secret_len);
    SecureVector<byte> hash_check = hash->final();
 
-   if(!same_mem(hash_check.begin(), secret + secret_len, hash->OUTPUT_LENGTH))
+   if(!same_mem(&hash_check[0], secret + secret_len, hash->OUTPUT_LENGTH))
       throw Decoding_Error("RTSS hash check failed");
 
    return SecureVector<byte>(secret, secret_len);