...
authorVolker Birk <vb@pep-project.org>
Tue, 28 Jun 2016 10:00:41 +0200
changeset 131ca1c06f93f3a
parent 130 e12d4e883f67
child 132 267c3fe7351c
child 133 e258d39e1a61
...
GateKeeper.cpp
     1.1 --- a/GateKeeper.cpp	Tue Jun 28 02:50:31 2016 +0200
     1.2 +++ b/GateKeeper.cpp	Tue Jun 28 10:00:41 2016 +0200
     1.3 @@ -240,6 +240,11 @@
     1.4          if (status)
     1.5              throw runtime_error("BCryptGenerateSymmetricKey");
     1.6  
     1.7 +        DWORD keylength = 0;
     1.8 +        ULONG copied = 0;
     1.9 +        status = BCryptGetProperty(hKey, BCRYPT_KEY_LENGTH, (PUCHAR) &keylength, sizeof(DWORD), &copied, 0);
    1.10 +        assert(keylength == 256);
    1.11 +
    1.12          return hKey;
    1.13      }
    1.14  
    1.15 @@ -396,10 +401,11 @@
    1.16          HANDLE hFile = NULL;
    1.17          char *unencrypted_buffer = NULL;
    1.18  
    1.19 -        UCHAR nonce[16];
    1.20 -        memset(nonce, 0, 16);
    1.21 +        UCHAR nonce[12];
    1.22 +        memcpy(nonce, crypted.data(), sizeof(nonce));
    1.23          UCHAR iv[16];
    1.24 -        memset(iv, 0, 16);
    1.25 +        memset(iv, 0, sizeof(iv));
    1.26 +        memcpy(iv, crypted.data(), sizeof(nonce));
    1.27  
    1.28          BCRYPT_AUTHENTICATED_CIPHER_MODE_INFO authInfo;
    1.29          BCRYPT_INIT_AUTH_MODE_INFO(authInfo);
    1.30 @@ -409,13 +415,15 @@
    1.31  
    1.32          ULONG unencrypted_size;
    1.33          NTSTATUS status = BCryptDecrypt(dk, (PUCHAR) crypted.data(), crypted.size(),
    1.34 -                &authInfo, iv, 16, NULL, 0, &unencrypted_size, 0);
    1.35 +                &authInfo, iv, sizeof(iv), NULL, 0, &unencrypted_size, 0);
    1.36          if (status)
    1.37              goto closing;
    1.38          
    1.39          unencrypted_buffer = new char[unencrypted_size];
    1.40 -
    1.41 -        status = BCryptDecrypt(dk, (PUCHAR) crypted.data(), crypted.size(),
    1.42 +        PUCHAR crypted_data = (PUCHAR) crypted.data();
    1.43 +        ULONG crypted_size = (ULONG) crypted.size();
    1.44 +        
    1.45 +        status = BCryptDecrypt(dk, crypted_data, crypted_size,
    1.46              &authInfo, iv, 16, (PUCHAR) unencrypted_buffer, unencrypted_size, &unencrypted_size, 0);
    1.47          if (status)
    1.48              goto closing;