From 23eb8c4250d9dc763978e5fbddc1c7e784839078 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 7 Sep 2010 22:58:45 +0000 Subject: Realization while thinking about the recently added truncate: in a STL container like vector, truncate is simply resize, but what MemoryRegion called resize will zap the entire contents, and then what was resize was called grow_to. This is really problematic in terms of the goal of replacing MemoryRegion with a vector with a custom allocator. In this checkin: - Remove MemoryRegion::grow_to and MemoryRegion::truncate - Change the semantics of MemoryRegion::resize to change the size while keeping any current contents intact (up to the new size), zero initializing any new values. Unrelated, just noticed the lack while I was in there, add a version of CryptoBox::decrypt taking a std::string for the input. --- src/constructs/cryptobox/cryptobox.cpp | 20 +++++++++++++++----- src/constructs/cryptobox/cryptobox.h | 8 ++++++++ 2 files changed, 23 insertions(+), 5 deletions(-) (limited to 'src/constructs/cryptobox') diff --git a/src/constructs/cryptobox/cryptobox.cpp b/src/constructs/cryptobox/cryptobox.cpp index 6dcca0754..61fe51a88 100644 --- a/src/constructs/cryptobox/cryptobox.cpp +++ b/src/constructs/cryptobox/cryptobox.cpp @@ -73,16 +73,18 @@ std::string encrypt(const byte input[], u32bit input_len, mac (20 bytes) ciphertext */ - u32bit ciphertext_len = pipe.remaining(0); + const u32bit ciphertext_len = pipe.remaining(0); - SecureVector out_buf; + SecureVector out_buf(VERSION_CODE_LEN + + PBKDF_SALT_LEN + + MAC_OUTPUT_LEN + + ciphertext_len); for(u32bit i = 0; i != VERSION_CODE_LEN; ++i) - out_buf.append(get_byte(i, CRYPTOBOX_VERSION_CODE)); + out_buf[i] = get_byte(i, CRYPTOBOX_VERSION_CODE); - out_buf.append(pbkdf_salt.begin(), pbkdf_salt.size()); + out_buf.copy(VERSION_CODE_LEN, pbkdf_salt, PBKDF_SALT_LEN); - out_buf.grow_to(out_buf.size() + MAC_OUTPUT_LEN + ciphertext_len); pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN, MAC_OUTPUT_LEN, 1); pipe.read(out_buf + VERSION_CODE_LEN + PBKDF_SALT_LEN + MAC_OUTPUT_LEN, ciphertext_len, 0); @@ -140,6 +142,14 @@ std::string decrypt(const byte input[], u32bit input_len, return pipe.read_all_as_string(0); } +std::string decrypt(const std::string& input, + const std::string& passphrase) + { + return decrypt(reinterpret_cast(&input[0]), + input.size(), + passphrase); + } + } } diff --git a/src/constructs/cryptobox/cryptobox.h b/src/constructs/cryptobox/cryptobox.h index 0380dcff9..12f054eff 100644 --- a/src/constructs/cryptobox/cryptobox.h +++ b/src/constructs/cryptobox/cryptobox.h @@ -38,6 +38,14 @@ BOTAN_DLL std::string encrypt(const byte input[], u32bit input_len, BOTAN_DLL std::string decrypt(const byte input[], u32bit input_len, const std::string& passphrase); +/** +* Decrypt a message encrypted with CryptoBox::encrypt +* @param input the input data +* @param passphrase the passphrase used to encrypt the message +*/ +BOTAN_DLL std::string decrypt(const std::string& input, + const std::string& passphrase); + } } -- cgit v1.2.3