0

我正在编写一个 ProtectedPtr 类,该类使用 Windows Crypto API 保护内存中的对象,并且在创建通用常量时间比较函数时遇到了问题。我当前的代码:

template <class T>
bool operator==(volatile const ProtectedPtr& other)
{
    std::size_t thisDataSize = sizeof(*protectedData) / sizeof(T);
    std::size_t otherDataSize = sizeof(*other) / sizeof(T);

    volatile auto thisData = (byte*)getEncyptedData();
    volatile auto otherData = (byte*)other.getEncyptedData();

    if (thisDataSize != otherDataSize)
        return false;

    volatile int result = 0;
    for (int i = 0; i < thisDataSize; i++)
        result |= thisData[i] ^ otherData[i];

    return result == 0;
}

getEncryptedData 函数:

std::unique_ptr<T> protectedData;
const T& getEncyptedData() const
{
    ProtectMemory(true);
    return *protectedData;
}

问题是转换为字节*。将此类与字符串一起使用时,我的编译器抱怨无法将字符串转换为字节指针。我在想也许试图将我的函数基于 Go 的 ConstantTimeByteEq 函数,但它仍然让我回到我原来的问题,将模板类型转换为 int 或我可以执行二进制操作的东西。

Go 的 ConstantTimeByteEq 函数:

func ConstantTimeByteEq(x, y uint8) int {
    z := ^(x ^ y)
    z &= z >> 4
    z &= z >> 2
    z &= z >> 1

    return int(z)
}

如何轻松地将模板类型转换为可以轻松执行二进制操作的东西?

更新根据 lockcmpxchg8b 的建议工作的通用常量比较函数:

//only works on primative types, and types that don't have
//internal pointers pointing to dynamically allocated data
byte* serialize()
{
    const size_t size = sizeof(*protectedData);
    byte* out = new byte[size];

    ProtectMemory(false);
    memcpy(out, &(*protectedData), size);
    ProtectMemory(true);

    return out;
}

bool operator==(ProtectedPtr& other)
{
    if (sizeof(*protectedData) != sizeof(*other))
        return false;

    volatile auto thisData = serialize();
    volatile auto otherData = other.serialize();

    volatile int result = 0;
    for (int i = 0; i < sizeof(*protectedData); i++)
        result |= thisData[i] ^ otherData[i];

    //wipe the unencrypted copies of the data
    SecureZeroMemory(thisData, sizeof(thisData));
    SecureZeroMemory(otherData, sizeof(otherData));

    return result == 0;
}
4

2 回答 2

1

通常,您要在当前代码中完成的任务称为Format Preserving Encryption。即,加密 astd::string使得得到的密文也是有效的std::string. 这比让加密过程从原始类型转换为平面字节数组要困难得多。

要转换为平面数组,请为“Serializer”对象声明第二个模板参数,该对象知道如何将 T 类型的对象序列化为无符号字符数组。您可以将其默认为适用于所有原始类型的通用sizeof/memcpy序列化程序。

这是std::string. 

template <class T>
class Serializer
{
  public:
    virtual size_t serializedSize(const T& obj) const = 0;
    virtual size_t serialize(const T& obj, unsigned char *out, size_t max) const = 0;
    virtual void deserialize(const unsigned char *in, size_t len, T& out) const = 0;
};

class StringSerializer : public Serializer<std::string>
{
public:

  size_t serializedSize(const std::string& obj) const {
    return obj.length();
  };

  size_t serialize(const std::string& obj, unsigned char *out, size_t max) const {
    if(max >= obj.length()){
      memcpy(out, obj.c_str(), obj.length());
      return obj.length();
    }
    throw std::runtime_error("overflow");
  }

  void deserialize(const unsigned char *in, size_t len, std::string& out) const {
    out = std::string((const char *)in, (const char *)(in+len));
  }
};

一旦你将对象减少到一个平面数组unsigned chars,那么你给定的恒定时间比较算法就可以正常工作。

这是使用上面的序列化程序的示例代码的一个非常简化的版本。

template <class T, class S>
class Test
{
  std::unique_ptr<unsigned char[]> protectedData;
  size_t serSize;
public:
  Test(const T& obj) : protectedData() {
    S serializer;
    size_t size = serializer.serializedSize(obj);

    protectedData.reset(new unsigned char[size]);
    serSize = serializer.serialize(obj, protectedData.get(), size);

    // "Encrypt"
    for(size_t i=0; i< size; i++)
      protectedData.get()[i] ^= 0xa5;
  }

  size_t getEncryptedLen() const {
    return serSize;
  }
  const unsigned char *getEncryptedData() const {
    return protectedData.get();
  }

  const T getPlaintextData() const {
    S serializer;
    T target;

    //"Decrypt"
    for(size_t i=0; i< serSize; i++)
      protectedData.get()[i] ^= 0xa5;

    serializer.deserialize(protectedData.get(), serSize, target);
    return target;
  }
};

int main(int argc, char *argv[])
{
  std::string data = "test";
  Test<std::string, StringSerializer> tester(data);

  const unsigned char *ptr = tester.getEncryptedData();
  std::cout << "\"Encrypted\" bytes: ";
  for(size_t i=0; i<tester.getEncryptedLen(); i++)
    std::cout << std::setw(2) << std::hex << std::setfill('0') << (unsigned int)ptr[i] << " ";
  std::cout << std::endl;

  std::string recov = tester.getPlaintextData();

  std::cout << "Recovered: " << recov << std::endl;
}

输出:

$ ./a.out
"Encrypted" bytes: d1 c0 d6 d1
Recovered: test

编辑:回答对原始/平面类型的通用序列化程序的请求。将此视为伪代码,因为我将其输入浏览器而无需测试。我不确定这是否是正确的模板语法。

template<class T>
class PrimitiveSerializer : public Serializer<T>
{
public:

  size_t serializedSize(const T& obj) const {
    return sizeof obj;
  };

  size_t serialize(const T& obj, unsigned char *out, size_t max) const {
    if(max >= sizeof obj){
      memcpy(out, &obj, sizeof obj);
      return sizeof obj;
    }
    throw std::runtime_error("overflow");
  }

  void deserialize(const unsigned char *in, size_t len, T& out) const {
    if(len < sizeof out) {
      throw std::runtime_error("underflow");
    }
    memcpy(&out, in, sizeof out);
  }
};
于 2017-11-29T06:11:19.937 回答
0

我很好奇编译器会给你什么错误。

也就是说,尝试转换为const char*or const void*

另一个问题可能是从 64 位指针转换为 8 位byte. 尝试转换为int, long, 或longlong

编辑:根据您的反馈,另一个小改动:

volatile auto thisData = (byte*)&getEncyptedData();
volatile auto otherData = (byte*)&other.getEncyptedData();

(注意与号)。这将允许以前的演员表工作

于 2017-11-29T03:45:27.230 回答