diff --git a/libs/crypt/picrypt.cpp b/libs/crypt/picrypt.cpp index 49fbfb12..cabea37d 100644 --- a/libs/crypt/picrypt.cpp +++ b/libs/crypt/picrypt.cpp @@ -50,15 +50,9 @@ bool PICrypt::setKey(const PIByteArray & _key) { } -bool PICrypt::setKey(const PIString & secret) { - PIByteArray hash; - hash.resize(crypto_generichash_BYTES); - PIByteArray s(secret.data(), secret.size()); - crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size); - hash.resize(key_.size()); - key_ = std::move(hash); - secret.deleteData(); - return true; +bool PICrypt::setKey(const PIString & secret) {; + key_ = hash(secret); + return key_.isNotEmpty(); } @@ -145,23 +139,23 @@ PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, PIByteArray key, bo } -PIByteArray PICrypt::hash(const PIString & secret) { - PIByteArray hash; - if (!init()) return hash; - hash.resize(crypto_generichash_BYTES); - PIByteArray s(secret.data(), secret.size()); - crypto_generichash(hash.data(), hash.size(), s.data(), s.size(), (const uchar *)hash_def_key, hash_def_key_size); - secret.deleteData(); - return hash; +PIByteArray PICrypt::hash(PIString secret) { + if (!init()) return {}; + PIByteArray s = secret.toUTF8(); + PIByteArray h = hash(s); + memset(const_cast(secret.data()), 0, s.size()); + secret.fill('\0'); + s.fill(0); + return h; } PIByteArray PICrypt::hash(const PIByteArray & data) { - PIByteArray hash; - if (!init()) return hash; - hash.resize(crypto_generichash_BYTES); - crypto_generichash(hash.data(), hash.size(), data.data(), data.size(), (const uchar *)hash_def_key, hash_def_key_size); - return hash; + if (!init()) return {}; + PIByteArray h; + h.resize(crypto_generichash_BYTES); + crypto_generichash(h.data(), h.size(), data.data(), data.size(), (const uchar *)hash_def_key, hash_def_key_size); + return h; } @@ -336,7 +330,7 @@ PIByteArray PICrypt::decrypt(const PIByteArray & crypt_data, const PIByteArray & } -PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray & seed) { +PIByteArray PICrypt::passwordHash(PIString password, const PIByteArray & seed) { #ifdef crypto_pwhash_ALG_ARGON2I13 PIByteArray pass = password.toUTF8(); PIByteArray n = hash(seed); @@ -352,7 +346,8 @@ PIByteArray PICrypt::passwordHash(const PIString & password, const PIByteArray & crypto_pwhash_argon2i_memlimit_moderate(), crypto_pwhash_ALG_ARGON2I13); pass.fill(0); - password.deleteData(); + memset(const_cast(password.data()), 0, pass.size()); + password.fill('\0'); if (r != 0) return PIByteArray(); return ph; #else diff --git a/libs/io_utils/pistreampacker.cpp b/libs/io_utils/pistreampacker.cpp index 85424617..855c9445 100644 --- a/libs/io_utils/pistreampacker.cpp +++ b/libs/io_utils/pistreampacker.cpp @@ -61,22 +61,7 @@ void PIStreamPacker::clear() { void PIStreamPacker::send(const PIByteArray & data) { if (data.isEmpty()) return; - PIByteArray cd; - if (crypt_frag) { - int fcnt = (data.size_s() - 1) / crypt_frag_size + 1, fst = 0; - // piCout << "crypt_frag send" << fcnt << "frags"; - PIByteArray frag; - for (int i = 0; i < fcnt; ++i) { - if (i == fcnt - 1) - frag = PIByteArray(data.data(fst), data.size_s() - fst); - else - frag = PIByteArray(data.data(fst), crypt_frag_size); - fst += crypt_frag_size; - cd << cryptData(frag); - } - } else { - cd = cryptData(data); - } + PIByteArray cd = cryptData(data); // piCout << "crypt" << data.size() << "->" << cd.size() << key().size(); PIByteArray hdr, part; hdr << packet_sign; @@ -158,26 +143,7 @@ void PIStreamPacker::received(const PIByteArray & data) { packet.append(stream.data(), ps); stream.remove(0, ps); if (packet.size_s() == packet_size) { - PIByteArray cd; - if (crypt_frag) { - // piCout << "decrypt frags ..." << packet_size; - while (packet.size_s() >= 4) { - // piCout << "decrypt frags take data ..."; - PIByteArray frag; - // piCout << "decrypt frags take data done" << frag.size_s(); - packet >> frag; - if (frag.isEmpty()) { - // piCout << "decrypt frags corrupt, break"; - cd.clear(); - break; - } - cd.append(decryptData(frag)); - // piCout << "decrypt frags add" << frag.size_s(); - } - // piCout << "decrypt frags done" << cd.size(); - } else { - cd = decryptData(packet); - } + PIByteArray cd = decryptData(packet); // piCout << "decrypt" << packet.size() << "->" << cd.size() << key().size(); if (!cd.isEmpty()) { endPacketReceive(); diff --git a/libs/main/crypt/picrypt.h b/libs/main/crypt/picrypt.h index 5fa2f098..51780b7c 100644 --- a/libs/main/crypt/picrypt.h +++ b/libs/main/crypt/picrypt.h @@ -80,7 +80,7 @@ public: //! \~\brief //! \~english Generate hash from keyphrase "secret", may be used as a key for encryption //! \~russian Генерировать хэш из ключевой фразы "secret", может использоваться в качестве ключа для шифрования - static PIByteArray hash(const PIString & secret); + static PIByteArray hash(PIString secret); //! \~\brief //! \~english Generate hash from bytearray @@ -172,7 +172,7 @@ public: //! \~\brief //! \~english Generate password hash from "password" //! \~russian Генерировать хэш пароля из "password" - static PIByteArray passwordHash(const PIString & password, const PIByteArray & seed); + static PIByteArray passwordHash(PIString password, const PIByteArray & seed); //! \~\brief //! \~english Returns libsodium version diff --git a/libs/main/io_utils/pistreampacker.h b/libs/main/io_utils/pistreampacker.h index 9a9b6512..ce49919a 100644 --- a/libs/main/io_utils/pistreampacker.h +++ b/libs/main/io_utils/pistreampacker.h @@ -38,9 +38,8 @@ class PIStreamPackerConfig: public PIEthUtilBase { public: PIStreamPackerConfig() { - crypt_frag = crypt_size = false; + crypt_size = false; aggressive_optimization = true; - crypt_frag_size = 1 * 1024 * 1024; max_packet_size = 1400; packet_sign = 0xAFBE; } @@ -65,10 +64,6 @@ public: //! Returns aggressive optimization bool aggressiveOptimization() const { return aggressive_optimization; } - bool cryptFragmentationEnabled() const { return crypt_frag; } - void setCryptFragmentationEnabled(bool on) { crypt_frag = on; } - int cryptFragmentationSize() const { return crypt_frag_size; } - void setCryptFragmentationSize(int size_) { crypt_frag_size = size_; } bool cryptSizeEnabled() const { return crypt_size; } void setCryptSizeEnabled(bool on) { crypt_size = on; } @@ -80,8 +75,7 @@ public: void setConfiguration(const PIStreamPackerConfig & config) { *this = config; } private: - bool crypt_frag, crypt_size, aggressive_optimization; - int crypt_frag_size; + bool crypt_size, aggressive_optimization; ushort packet_sign; int max_packet_size; }; diff --git a/libs/main/text/pistring.h b/libs/main/text/pistring.h index 7c014adf..b4f5767f 100644 --- a/libs/main/text/pistring.h +++ b/libs/main/text/pistring.h @@ -40,7 +40,6 @@ class PIStringList; //! \~russian Класс строки. class PIP_EXPORT PIString { BINARY_STREAM_FRIEND(PIString); - friend class PICrypt; public: typedef PIDeque::iterator iterator;