diff options
Diffstat (limited to 'src/constructs')
| -rw-r--r-- | src/constructs/cryptobox/cryptobox.cpp | 41 | ||||
| -rw-r--r-- | src/constructs/passhash/passhash9.cpp | 4 | ||||
| -rw-r--r-- | src/constructs/tss/tss.cpp | 6 |
3 files changed, 29 insertions, 22 deletions
diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp index 61fe51a88..0c37949bc 100644 --- a/src/constructs/cryptobox/cryptobox.cpp +++ b/src/constructs/cryptobox/cryptobox.cpp @@ -45,18 +45,22 @@ std::string encrypt(const byte input[], u32bit input_len, RandomNumberGenerator& rng) { SecureVector<byte> pbkdf_salt(PBKDF_SALT_LEN); - rng.randomize(pbkdf_salt.begin(), pbkdf_salt.size()); + rng.randomize(&pbkdf_salt[0], pbkdf_salt.size()); PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512)); - OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase, - &pbkdf_salt[0], pbkdf_salt.size(), - PBKDF_ITERATIONS); + OctetString master_key = pbkdf.derive_key( + PBKDF_OUTPUT_LEN, + passphrase, + &pbkdf_salt[0], + pbkdf_salt.size(), + PBKDF_ITERATIONS); - SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN); - SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN); - InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN, - CIPHER_IV_LEN); + const byte* mk = master_key.begin(); + + SymmetricKey cipher_key(&mk[0], CIPHER_KEY_LEN); + SymmetricKey mac_key(&mk[CIPHER_KEY_LEN], MAC_KEY_LEN); + InitializationVector iv(&mk[CIPHER_KEY_LEN + MAC_KEY_LEN], CIPHER_IV_LEN); Pipe pipe(get_cipher("Serpent/CTR-BE", cipher_key, iv, ENCRYPTION), new Fork( @@ -89,8 +93,7 @@ std::string encrypt(const byte input[], u32bit input_len, pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN, ciphertext_len, 0); - return PEM_Code::encode(out_buf.begin(), out_buf.size(), - "BOTAN CRYPTOBOX MESSAGE"); + return PEM_Code::encode(out_buf, "BOTAN CRYPTOBOX MESSAGE"); } std::string decrypt(const byte input[], u32bit input_len, @@ -112,14 +115,18 @@ std::string decrypt(const byte input[], u32bit input_len, PKCS5_PBKDF2 pbkdf(new HMAC(new SHA_512)); - OctetString mk = pbkdf.derive_key(PBKDF_OUTPUT_LEN, passphrase, - &pbkdf_salt[0], pbkdf_salt.size(), - PBKDF_ITERATIONS); + OctetString master_key = pbkdf.derive_key( + PBKDF_OUTPUT_LEN, + passphrase, + &pbkdf_salt[0], + pbkdf_salt.size(), + PBKDF_ITERATIONS); + + const byte* mk = master_key.begin(); - SymmetricKey cipher_key(mk.begin(), CIPHER_KEY_LEN); - SymmetricKey mac_key(mk.begin() + CIPHER_KEY_LEN, MAC_KEY_LEN); - InitializationVector iv(mk.begin() + CIPHER_KEY_LEN + MAC_KEY_LEN, - CIPHER_IV_LEN); + SymmetricKey cipher_key(&mk[0], CIPHER_KEY_LEN); + SymmetricKey mac_key(&mk[CIPHER_KEY_LEN], MAC_KEY_LEN); + InitializationVector iv(&mk[CIPHER_KEY_LEN + MAC_KEY_LEN], CIPHER_IV_LEN); Pipe pipe(new Fork( get_cipher("Serpent/CTR-BE", cipher_key, iv, DECRYPTION), diff --git a/src/constructs/passhash/passhash9.cpp b/src/constructs/passhash/passhash9.cpp index 6618f36fa..c120b39c5 100644 --- a/src/constructs/passhash/passhash9.cpp +++ b/src/constructs/passhash/passhash9.cpp @@ -139,8 +139,8 @@ bool check_passhash9(const std::string& pass, const std::string& hash) &bin[ALGID_BYTES + WORKFACTOR_BYTES], SALT_BYTES, kdf_iterations).bits_of(); - return same_mem(cmp.begin(), - bin.begin() + ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES, + return same_mem(&cmp[0], + &bin[ALGID_BYTES + WORKFACTOR_BYTES + SALT_BYTES], PASSHASH9_PBKDF_OUTPUT_LEN); } diff --git a/src/constructs/tss/tss.cpp b/src/constructs/tss/tss.cpp index ad45cfcec..1ae027a78 100644 --- a/src/constructs/tss/tss.cpp +++ b/src/constructs/tss/tss.cpp @@ -192,8 +192,8 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares) if(shares[i].size() < RTSS_HEADER_SIZE) throw Decoding_Error("Missing or malformed RTSS header"); - if(!same_mem(shares[0].contents.begin(), - shares[i].contents.begin(), RTSS_HEADER_SIZE)) + if(!same_mem(&shares[0].contents[0], + &shares[i].contents[0], RTSS_HEADER_SIZE)) throw Decoding_Error("Different RTSS headers detected"); } @@ -250,7 +250,7 @@ RTSS_Share::reconstruct(const std::vector<RTSS_Share>& shares) hash->update(secret, secret_len); SecureVector<byte> hash_check = hash->final(); - if(!same_mem(hash_check.begin(), secret + secret_len, hash->OUTPUT_LENGTH)) + if(!same_mem(&hash_check[0], secret + secret_len, hash->OUTPUT_LENGTH)) throw Decoding_Error("RTSS hash check failed"); return SecureVector<byte>(secret, secret_len); |