Secure StringSinks

Question

So it seems that the common way to use algorithms in Crypto++ is to use StringSinks, which are initiated by passing a reference to a std::string.

But what if you don't want to use std::string because of security issues? Is it possible to get the data into something like a SecByteBlock, or do I have to create my own sink class which targets a re-growing secure buffer string class?

Answer 1

Try the SecByteBlockSink patch. It was posted to the Crypto++ Users group, but Wei never incorporated it into the library. There's also a wiki page on it here: SecByteBlockSink .

$ cat filters.h.patch
Index: filters.h
===================================================================
--- filters.h        (revision 525)
+++ filters.h        (working copy)
@@ -10,6 +10,7 @@
 #include "queue.h"
 #include "algparam.h"
 #include <deque>
+#include <limits>

 NAMESPACE_BEGIN(CryptoPP)

@@ -805,6 +806,31 @@
                 {SourceInitialize(pumpAll,
MakeParameters("RandomNumberGeneratorPointer",
&rng)("RandomNumberStoreSize", length));}
 };

+class CRYPTOPP_DLL SecByteBlockSink : public Bufferless<Sink>
+{
+public:
+        SecByteBlockSink(SecByteBlock& sbb) : m_sbb(sbb) { }
+
+        size_t Put2(const byte *inString, size_t length, int /*messageEnd*/, bool /*blocking*/)
+        {
+                if(!inString || !length) return length;
+
+                const size_t size = m_sbb.size();
+                const size_t max = std::numeric_limits<std::size_t>::max() - size;
+
+                if(length > max)
+                        InvalidArgument("SecByteBlockSink: buffer overflow");
+
+                m_sbb.resize(size+length);
+                memcpy(m_sbb.begin()+size, inString, length);
+                
+                return 0;
+        }
+
+private:
+        SecByteBlock& m_sbb;
+};
+
 NAMESPACE_END

 #endif