From ab1994b2b0183d04c8434831eb145e37ac094514 Mon Sep 17 00:00:00 2001 From: ni-jessica Date: Thu, 7 Dec 2023 20:33:00 -0500 Subject: [PATCH] feat: update server for password with offset --- backend/src/cryptography.cpp | 11 +++++------ backend/src/server.cpp | 2 +- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/backend/src/cryptography.cpp b/backend/src/cryptography.cpp index a6556c3..376bcb4 100644 --- a/backend/src/cryptography.cpp +++ b/backend/src/cryptography.cpp @@ -21,12 +21,11 @@ namespace cryptography std::string encryptPassword(const std::string &password, unsigned char *b, int offset) { - // encrypt password - const unsigned char *data = (const unsigned char *)password.data(); - unsigned char encryptedPassword[crypto_core_ristretto255_BYTES + offset]; - crypto_scalarmult_ristretto255(encryptedPassword + offset, b, data); - memcpy(encryptedPassword, data, offset); - return std::string(encryptedPassword, encryptedPassword + crypto_core_ristretto255_BYTES+offset); + std::string rawPassword = password.substr(offset, crypto_core_ristretto255_BYTES); + const unsigned char *data = (const unsigned char *)rawPassword.data(); + unsigned char encryptedPassword[crypto_core_ristretto255_BYTES]; + crypto_scalarmult_ristretto255(encryptedPassword, b, data); + return std::string(encryptedPassword, encryptedPassword + crypto_core_ristretto255_BYTES); } std::vector encrypt(const std::unordered_set &passwords, unsigned char *b, int offset) diff --git a/backend/src/server.cpp b/backend/src/server.cpp index ed3b747..ee6ecbb 100644 --- a/backend/src/server.cpp +++ b/backend/src/server.cpp @@ -43,7 +43,7 @@ namespace server int offset = 1; std::string encrypted_password = cryptography::encryptPassword(crow::utility::base64decode(user_password, user_password.size()), b, offset); response["status"] = "success"; - response["userPassword"] = crow::utility::base64encode(encrypted_password, encrypted_password.size()+offset); + response["userPassword"] = crow::utility::base64encode(encrypted_password, encrypted_password.size()); response["breachedPasswords"] = breached_passwords; return response; });