DimanNe · April 5, 2020 20:52
diff --git a/tink password-based encryption.cpp b/tink password-based encryption.cpp
   // ==================================================================================================
   // First, given a password, generate a key, as per https://stackoverflow.com/a/52196373/758986
   // aka perform "key stretching"
   const std::string Password = "Password";
   const std::string Salt     = "1234";
   std::string       Key;
   Key.resize(32);
   // https://crypto.stackexchange.com/questions/35423/appropriate-scrypt-parameters-when-generating-an-scrypt-hash?newreg=c73ca93cedae4729b07a9ab776e4904b
   const int ScryptResult = EVP_PBE_scrypt(Password.data(),
                                           Password.size(),
                                           reinterpret_cast<const uint8_t *>(Salt.data()),
                                           Salt.size(),
                                           1 << 20,                 // N => 128Nr bytes, 2Nr rounds
                                           16,                      // r
                                           1,                       // uint64_t p,
                                           5ull * std::gibi::num,   // max_mem
                                           reinterpret_cast<uint8_t *>(Key.data()),
                                           Key.size());
   std::cout << "Scrypt return: " << ScryptResult << "\nKey:\n" << Key << std::endl;

   // ==================================================================================================
   // Encrypt
   ctu::StatusOr<std::unique_ptr<ct::Aead>> StatusOrAead = ct::subtle::AesGcmBoringSsl::New(Key);
   if(StatusOrAead.ok() == false) {
      std::cout << StatusOrAead.status().error_message() << std::endl;
      return 0;
   }
   std::unique_ptr<ct::Aead>  Aead               = std::move(StatusOrAead.ValueOrDie());
   const std::string          PlainText          = "Hello world!";
   ctu::StatusOr<std::string> StatusOrCiphertext = Aead->Encrypt(PlainText, {});
   if(StatusOrAead.ok() == false) {
      std::cout << StatusOrCiphertext.status().error_message() << std::endl;
      return 0;
   }
   const std::string Ciphertext = std::move(StatusOrCiphertext.ValueOrDie());


   // ==================================================================================================
   // Decrypt
   ctu::StatusOr<std::unique_ptr<ct::Aead>> StatusOrAead2 = ct::subtle::AesGcmBoringSsl::New(Key);
   if(StatusOrAead2.ok() == false) {
      std::cout << StatusOrAead2.status().error_message() << std::endl;
      return 0;
   }
   std::unique_ptr<ct::Aead>  Aead2             = std::move(StatusOrAead2.ValueOrDie());
   ctu::StatusOr<std::string> StatusOrPlainText = Aead->Decrypt(Ciphertext, {});
   if(StatusOrPlainText.ok() == false) {
      std::cout << StatusOrPlainText.status().error_message() << std::endl;
      return 0;
   }
   std::cout << "Initial plaintext: " << PlainText << "\n"
             << "Restored plaintext: " << StatusOrPlainText.ValueOrDie() << std::endl;
	// ==================================================================================================
	// First, given a password, generate a key, as per https://stackoverflow.com/a/52196373/758986
	// aka perform "key stretching"
	const std::string Password = "Password";
	const std::string Salt = "1234";
	std::string Key;
	Key.resize(32);
	// https://crypto.stackexchange.com/questions/35423/appropriate-scrypt-parameters-when-generating-an-scrypt-hash?newreg=c73ca93cedae4729b07a9ab776e4904b
	const int ScryptResult = EVP_PBE_scrypt(Password.data(),
	Password.size(),
	reinterpret_cast<const uint8_t *>(Salt.data()),
	Salt.size(),
	1 << 20, // N => 128Nr bytes, 2Nr rounds
	16, // r
	1, // uint64_t p,
	5ull * std::gibi::num, // max_mem
	reinterpret_cast<uint8_t *>(Key.data()),
	Key.size());
	std::cout << "Scrypt return: " << ScryptResult << "\nKey:\n" << Key << std::endl;

	// ==================================================================================================
	// Encrypt
	ctu::StatusOr<std::unique_ptr<ct::Aead>> StatusOrAead = ct::subtle::AesGcmBoringSsl::New(Key);
	if(StatusOrAead.ok() == false) {
	std::cout << StatusOrAead.status().error_message() << std::endl;
	return 0;
	}
	std::unique_ptr<ct::Aead> Aead = std::move(StatusOrAead.ValueOrDie());
	const std::string PlainText = "Hello world!";
	ctu::StatusOr<std::string> StatusOrCiphertext = Aead->Encrypt(PlainText, {});
	if(StatusOrAead.ok() == false) {
	std::cout << StatusOrCiphertext.status().error_message() << std::endl;
	return 0;
	}
	const std::string Ciphertext = std::move(StatusOrCiphertext.ValueOrDie());


	// ==================================================================================================
	// Decrypt
	ctu::StatusOr<std::unique_ptr<ct::Aead>> StatusOrAead2 = ct::subtle::AesGcmBoringSsl::New(Key);
	if(StatusOrAead2.ok() == false) {
	std::cout << StatusOrAead2.status().error_message() << std::endl;
	return 0;
	}
	std::unique_ptr<ct::Aead> Aead2 = std::move(StatusOrAead2.ValueOrDie());
	ctu::StatusOr<std::string> StatusOrPlainText = Aead->Decrypt(Ciphertext, {});
	if(StatusOrPlainText.ok() == false) {
	std::cout << StatusOrPlainText.status().error_message() << std::endl;
	return 0;
	}
	std::cout << "Initial plaintext: " << PlainText << "\n"
	<< "Restored plaintext: " << StatusOrPlainText.ValueOrDie() << std::endl;