Apply change of `global.h` template

Ensure all formatting overloads are always included before CppUnit's
headers

.github/stale.yml

@@ -0,0 +1,19 @@
+# Number of days of inactivity before an issue becomes stale
+daysUntilStale: 60
+# Number of days of inactivity before a stale issue is closed
+daysUntilClose: 7
+# Issues with these labels will never be considered stale
+exemptLabels:
+  - pinned
+  - security
+  - feature request
+  - enhancement
+# Label to use when marking an issue as stale
+staleLabel: stale
+# Comment to post when marking an issue as stale. Set to `false` to disable
+markComment: >
+  This issue has been automatically marked as stale because it has not had
+  recent activity. It will be closed if no further activity occurs. Thank you
+  for your contributions.
+# Comment to post when closing a stale issue. Set to `false` to disable
+closeComment: false

CMakeLists.txt

@@ -1,4 +1,4 @@
-cmake_minimum_required(VERSION 3.1.0 FATAL_ERROR)
+cmake_minimum_required(VERSION 3.17.0 FATAL_ERROR)
 
 # set meta data
 project(passwordfile)
@@ -10,7 +10,7 @@ set(META_APP_URL "https://github.com/${META_APP_AUTHOR}/${META_PROJECT_NAME}")
 set(META_APP_DESCRIPTION "C++ library to read/write passwords from/to encrypted files")
 set(META_VERSION_MAJOR 5)
 set(META_VERSION_MINOR 0)
-set(META_VERSION_PATCH 5)
+set(META_VERSION_PATCH 11)
 set(META_ADD_DEFAULT_CPP_UNIT_TEST_APPLICATION ON)
 
 # add project files
@@ -36,17 +36,24 @@ set(TEST_SRC_FILES tests/utils.h tests/passwordfiletests.cpp tests/entrytests.cp
 
 set(DOC_FILES README.md)
 
+option(COMPILE_AES_SOURCES "compile AES sources" OFF)
+if (COMPILE_AES_SOURCES)
+    list(APPEND HEADER_FILES aes/aes.h)
+    list(APPEND SRC_FILES aes/aes.cpp)
+endif ()
+
 # find c++utilities
 set(CONFIGURATION_PACKAGE_SUFFIX
     ""
     CACHE STRING "sets the suffix for find_package() calls to packages configured via c++utilities")
-find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.0.0 REQUIRED)
+find_package(c++utilities${CONFIGURATION_PACKAGE_SUFFIX} 5.14.0 REQUIRED)
 use_cpp_utilities(VISIBILITY PUBLIC)
 
 # find 3rd party libraries
 include(3rdParty)
 use_zlib()
 use_crypto()
+use_standard_filesystem()
 
 # include modules to apply configuration
 include(BasicConfig)

README.md

@@ -7,3 +7,8 @@ applying the encryption.
 ## Build instructions
 The passwordfile library depends on c++utilities and is built in the same way.
 It also depends on OpenSSL and zlib.
+
+## Copyright notice and license
+Copyright © 2015-2024 Marius Kittler
+
+All code is licensed under [GPL-2-or-later](LICENSE).

aes/aes.cpp

@@ -4,408 +4,392 @@
 
 namespace Crypto {
 
- Aes::byte Aes::sbox[16][16] = {
-     { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76 },
-     { 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0 },
-     { 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15 },
-     { 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75 },
-     { 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84 },
-     { 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF },
-     { 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8 },
-     { 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2 },
-     { 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73 },
-     { 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB },
-     { 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79 },
-     { 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08 },
-     { 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A },
-     { 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E },
-     { 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF },
-     { 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }
- };
+/*!
+ * \class Aes
+ * \brief The Aes class implements AES encryption/decryption.
+ * \deprecated This class is not used by the rest of the library and not compiled by default.
+ *             OpenSSL's crypto library is used instead. This class only serves educational
+ *             purposes.
+ */
 
- Aes::byte Aes::inv_sbox[16][16] = {
-     { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb },
-     { 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb },
-     { 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e },
-     { 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 },
-     { 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 },
-     { 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 },
-     { 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 },
-     { 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b },
-     { 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 },
-     { 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e },
-     { 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b },
-     { 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 },
-     { 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f },
-     { 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef },
-     { 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 },
-     { 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d }
- };
+// clang-format off
+Aes::byte Aes::sbox[16][16] = {
+    { 0x63, 0x7C, 0x77, 0x7B, 0xF2, 0x6B, 0x6F, 0xC5, 0x30, 0x01, 0x67, 0x2B, 0xFE, 0xD7, 0xAB, 0x76 },
+    { 0xCA, 0x82, 0xC9, 0x7D, 0xFA, 0x59, 0x47, 0xF0, 0xAD, 0xD4, 0xA2, 0xAF, 0x9C, 0xA4, 0x72, 0xC0 },
+    { 0xB7, 0xFD, 0x93, 0x26, 0x36, 0x3F, 0xF7, 0xCC, 0x34, 0xA5, 0xE5, 0xF1, 0x71, 0xD8, 0x31, 0x15 },
+    { 0x04, 0xC7, 0x23, 0xC3, 0x18, 0x96, 0x05, 0x9A, 0x07, 0x12, 0x80, 0xE2, 0xEB, 0x27, 0xB2, 0x75 },
+    { 0x09, 0x83, 0x2C, 0x1A, 0x1B, 0x6E, 0x5A, 0xA0, 0x52, 0x3B, 0xD6, 0xB3, 0x29, 0xE3, 0x2F, 0x84 },
+    { 0x53, 0xD1, 0x00, 0xED, 0x20, 0xFC, 0xB1, 0x5B, 0x6A, 0xCB, 0xBE, 0x39, 0x4A, 0x4C, 0x58, 0xCF },
+    { 0xD0, 0xEF, 0xAA, 0xFB, 0x43, 0x4D, 0x33, 0x85, 0x45, 0xF9, 0x02, 0x7F, 0x50, 0x3C, 0x9F, 0xA8 },
+    { 0x51, 0xA3, 0x40, 0x8F, 0x92, 0x9D, 0x38, 0xF5, 0xBC, 0xB6, 0xDA, 0x21, 0x10, 0xFF, 0xF3, 0xD2 },
+    { 0xCD, 0x0C, 0x13, 0xEC, 0x5F, 0x97, 0x44, 0x17, 0xC4, 0xA7, 0x7E, 0x3D, 0x64, 0x5D, 0x19, 0x73 },
+    { 0x60, 0x81, 0x4F, 0xDC, 0x22, 0x2A, 0x90, 0x88, 0x46, 0xEE, 0xB8, 0x14, 0xDE, 0x5E, 0x0B, 0xDB },
+    { 0xE0, 0x32, 0x3A, 0x0A, 0x49, 0x06, 0x24, 0x5C, 0xC2, 0xD3, 0xAC, 0x62, 0x91, 0x95, 0xE4, 0x79 },
+    { 0xE7, 0xC8, 0x37, 0x6D, 0x8D, 0xD5, 0x4E, 0xA9, 0x6C, 0x56, 0xF4, 0xEA, 0x65, 0x7A, 0xAE, 0x08 },
+    { 0xBA, 0x78, 0x25, 0x2E, 0x1C, 0xA6, 0xB4, 0xC6, 0xE8, 0xDD, 0x74, 0x1F, 0x4B, 0xBD, 0x8B, 0x8A },
+    { 0x70, 0x3E, 0xB5, 0x66, 0x48, 0x03, 0xF6, 0x0E, 0x61, 0x35, 0x57, 0xB9, 0x86, 0xC1, 0x1D, 0x9E },
+    { 0xE1, 0xF8, 0x98, 0x11, 0x69, 0xD9, 0x8E, 0x94, 0x9B, 0x1E, 0x87, 0xE9, 0xCE, 0x55, 0x28, 0xDF },
+    { 0x8C, 0xA1, 0x89, 0x0D, 0xBF, 0xE6, 0x42, 0x68, 0x41, 0x99, 0x2D, 0x0F, 0xB0, 0x54, 0xBB, 0x16 }
+};
 
- Aes::word Aes::rcon[52] = {
-     0x00000000, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000,
-     0x80000000, 0x1B000000, 0x36000000, 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
-     0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, 0x97000000, 0x35000000, 0x6A000000,
-     0xD4000000, 0xB3000000, 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000, 0x39000000,
-     0x72000000, 0xE4000000, 0xD3000000, 0xBD000000, 0x61000000, 0xC2000000, 0x9F000000, 0x25000000,
-     0x4A000000, 0x94000000, 0x33000000, 0x66000000, 0xCC000000, 0x83000000, 0x1D000000, 0x3A000000,
-     0x74000000, 0xE8000000, 0xCB000000, 0x8D000000
- };
+Aes::byte Aes::inv_sbox[16][16] = {
+    { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb },
+    { 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, 0x34, 0x8e, 0x43, 0x44, 0xc4, 0xde, 0xe9, 0xcb },
+    { 0x54, 0x7b, 0x94, 0x32, 0xa6, 0xc2, 0x23, 0x3d, 0xee, 0x4c, 0x95, 0x0b, 0x42, 0xfa, 0xc3, 0x4e },
+    { 0x08, 0x2e, 0xa1, 0x66, 0x28, 0xd9, 0x24, 0xb2, 0x76, 0x5b, 0xa2, 0x49, 0x6d, 0x8b, 0xd1, 0x25 },
+    { 0x72, 0xf8, 0xf6, 0x64, 0x86, 0x68, 0x98, 0x16, 0xd4, 0xa4, 0x5c, 0xcc, 0x5d, 0x65, 0xb6, 0x92 },
+    { 0x6c, 0x70, 0x48, 0x50, 0xfd, 0xed, 0xb9, 0xda, 0x5e, 0x15, 0x46, 0x57, 0xa7, 0x8d, 0x9d, 0x84 },
+    { 0x90, 0xd8, 0xab, 0x00, 0x8c, 0xbc, 0xd3, 0x0a, 0xf7, 0xe4, 0x58, 0x05, 0xb8, 0xb3, 0x45, 0x06 },
+    { 0xd0, 0x2c, 0x1e, 0x8f, 0xca, 0x3f, 0x0f, 0x02, 0xc1, 0xaf, 0xbd, 0x03, 0x01, 0x13, 0x8a, 0x6b },
+    { 0x3a, 0x91, 0x11, 0x41, 0x4f, 0x67, 0xdc, 0xea, 0x97, 0xf2, 0xcf, 0xce, 0xf0, 0xb4, 0xe6, 0x73 },
+    { 0x96, 0xac, 0x74, 0x22, 0xe7, 0xad, 0x35, 0x85, 0xe2, 0xf9, 0x37, 0xe8, 0x1c, 0x75, 0xdf, 0x6e },
+    { 0x47, 0xf1, 0x1a, 0x71, 0x1d, 0x29, 0xc5, 0x89, 0x6f, 0xb7, 0x62, 0x0e, 0xaa, 0x18, 0xbe, 0x1b },
+    { 0xfc, 0x56, 0x3e, 0x4b, 0xc6, 0xd2, 0x79, 0x20, 0x9a, 0xdb, 0xc0, 0xfe, 0x78, 0xcd, 0x5a, 0xf4 },
+    { 0x1f, 0xdd, 0xa8, 0x33, 0x88, 0x07, 0xc7, 0x31, 0xb1, 0x12, 0x10, 0x59, 0x27, 0x80, 0xec, 0x5f },
+    { 0x60, 0x51, 0x7f, 0xa9, 0x19, 0xb5, 0x4a, 0x0d, 0x2d, 0xe5, 0x7a, 0x9f, 0x93, 0xc9, 0x9c, 0xef },
+    { 0xa0, 0xe0, 0x3b, 0x4d, 0xae, 0x2a, 0xf5, 0xb0, 0xc8, 0xeb, 0xbb, 0x3c, 0x83, 0x53, 0x99, 0x61 },
+    { 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d }
+};
 
- Aes::Aes() :
-     key_length(0),
-     num_rounds(0),
-     w(0)
- {
-     memset(state, 0, 16);
- }
+Aes::word Aes::rcon[52] = {
+    0x00000000, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000,
+    0x80000000, 0x1B000000, 0x36000000, 0x6C000000, 0xD8000000, 0xAB000000, 0x4D000000, 0x9A000000,
+    0x2F000000, 0x5E000000, 0xBC000000, 0x63000000, 0xC6000000, 0x97000000, 0x35000000, 0x6A000000,
+    0xD4000000, 0xB3000000, 0x7D000000, 0xFA000000, 0xEF000000, 0xC5000000, 0x91000000, 0x39000000,
+    0x72000000, 0xE4000000, 0xD3000000, 0xBD000000, 0x61000000, 0xC2000000, 0x9F000000, 0x25000000,
+    0x4A000000, 0x94000000, 0x33000000, 0x66000000, 0xCC000000, 0x83000000, 0x1D000000, 0x3A000000,
+    0x74000000, 0xE8000000, 0xCB000000, 0x8D000000
+};
+// clang-format on
 
- Aes::~Aes()
- {
- }
+Aes::Aes()
+    : keyLength(0)
+    , numRounds(0)
+    , w(0)
+{
+    memset(state, 0, 16);
+}
 
- Aes::byte Aes::gmul(byte a, byte b)
- {
-     unsigned char p = 0;
-     unsigned char hi;
+Aes::~Aes()
+{
+}
 
-     for(byte i = 0; i < 8; ++i) {
-         if((b & 1) == 1)
-             p ^= a;
-         hi = (a & 0x80);
-         a <<= 1;
-         if(hi == 0x80)
-             a ^= 0x1b;
-         b >>= 1;
-     }
-     return p;
- }
+Aes::byte Aes::gmul(byte a, byte b)
+{
+    unsigned char p = 0;
+    unsigned char hi;
+
+    for (byte i = 0; i < 8; ++i) {
+        if ((b & 1) == 1)
+            p ^= a;
+        hi = (a & 0x80);
+        a <<= 1;
+        if (hi == 0x80)
+            a ^= 0x1b;
+        b >>= 1;
+    }
+    return p;
+}
 
 void Aes::rotWord(word *b)
- {
-     byte tmp[4];
-     memcpy(tmp, b, 4);
+{
+    byte tmp[4];
+    memcpy(tmp, b, 4);
 
-     byte tmpb = tmp[3];
+    byte tmpb = tmp[3];
 
-     for(byte i = 3; i > 0; --i)
-         tmp[i] = tmp[i - 1];
+    for (byte i = 3; i > 0; --i)
+        tmp[i] = tmp[i - 1];
 
-     tmp[0] = tmpb;
-
-     memcpy(b, tmp, 4);
- }
-
-void Aes::subWord( word *b )
- {
-     byte tmp[ 4 ];
-     memcpy( tmp, b, 4 );
-
-     for( byte i = 0; i < 4; ++i )
-         tmp[ i ] = sbox[ tmp[ i ] >> 4 ][ tmp[ i ] & 0x0f ];
-
-     memcpy( b, tmp, 4 );
- }
-
-void Aes::expandKey( byte *key )
- {
-     if( w )
-         delete [] w;
-
-     w = new word[ 4 * ( num_rounds + 1 ) ];
-
-     for( byte iw = 0, ib = 0; iw < key_length; ++iw, ib += 4 )
-         w[ iw ] = ( key[ ib ] << 24 ) + ( key[ ib + 1 ] << 16 ) + ( key[ ib + 2 ] << 8 ) + key[ ib + 3 ];
-
-     word tmp;
-
-     for( byte i = key_length; i < ( 4 * ( num_rounds + 1 ) ); ++i ) {
-
-         tmp = w[ i - 1 ];
-
-         if( ( i % key_length ) == 0 ) {
-             rotWord( &tmp );
-             subWord( &tmp );
-             tmp ^= rcon[ i / key_length ];
-         } else if( ( key_length > 6 ) && ( ( i % key_length ) == 4 ) ) {
-             subWord( &tmp );
-         }
-
-         w[ i ] = w[ i - key_length ] ^ tmp;
-     }
- }
-
-void Aes::addRoundKey( byte round )
- {
-     for( byte col = 0; col < 4; ++col )
-         for( byte row = 0; row < 4; ++row )
-             state[ row ][ col ] ^= ( w[ round * 4 + col ] >> ( 24 - row * 8 ) ) & 0x000000ff;
- }
-
-void Aes::shiftRows( void )
- {
-     byte tmp = 0;
-     tmp = state[ 1 ][ 0 ];
-     state[ 1 ][ 0 ] = state[ 1 ][ 1 ];
-     state[ 1 ][ 1 ] = state[ 1 ][ 2 ];
-     state[ 1 ][ 2 ] = state[ 1 ][ 3 ];
-     state[ 1 ][ 3 ] = tmp;
-
-     tmp = state[ 2 ][ 0 ];
-     state[ 2 ][ 0 ] = state[ 2 ][ 2 ];
-     state[ 2 ][ 2 ] = tmp;
-     tmp = state[ 2 ][ 1 ];
-     state[ 2 ][ 1 ] = state[ 2 ][ 3 ];
-     state[ 2 ][ 3 ] = tmp;
-
-     tmp = state[ 3 ][ 3 ];
-     state[ 3 ][ 3 ] = state[ 3 ][ 2 ];
-     state[ 3 ][ 2 ] = state[ 3 ][ 1 ];
-     state[ 3 ][ 1 ] = state[ 3 ][ 0 ];
-     state[ 3 ][ 0 ] = tmp;
- }
-
-void Aes::invShiftRows( void )
- {
-     byte tmp = 0;
-     tmp = state[ 3 ][ 0 ];
-     state[ 3 ][ 0 ] = state[ 3 ][ 1 ];
-     state[ 3 ][ 1 ] = state[ 3 ][ 2 ];
-     state[ 3 ][ 2 ] = state[ 3 ][ 3 ];
-     state[ 3 ][ 3 ] = tmp;
-
-     tmp = state[ 2 ][ 0 ];
-     state[ 2 ][ 0 ] = state[ 2 ][ 2 ];
-     state[ 2 ][ 2 ] = tmp;
-     tmp = state[ 2 ][ 1 ];
-     state[ 2 ][ 1 ] = state[ 2 ][ 3 ];
-     state[ 2 ][ 3 ] = tmp;
-
-     tmp = state[ 1 ][ 3 ];
-     state[ 1 ][ 3 ] = state[ 1 ][ 2 ];
-     state[ 1 ][ 2 ] = state[ 1 ][ 1 ];
-     state[ 1 ][ 1 ] = state[ 1 ][ 0 ];
-     state[ 1 ][ 0 ] = tmp;
- }
-
-void Aes::mixColumns( void )
- {
-     unsigned char a[4];
-     unsigned char b[4];
-     unsigned char h = 0;
-
-     for( byte col = 0; col < 4; ++col ) {
-
-         for( byte row = 0; row < 4; ++row ) {
-
-             a[ row ]    = state[ row ][ col ];
-             h            = state[ row ][ col ] & 0x80;
-             b[ row ]    = state[ row ][ col ] << 1;
-
-             if( h == 0x80 )
-                 b[ row ] ^= 0x1b;
-         }
-
-         state[ 0 ][ col ] = b[ 0 ] ^ a[ 3 ] ^ a[ 2 ] ^ b[ 1 ] ^ a[ 1 ];
-         state[ 1 ][ col ] = b[ 1 ] ^ a[ 0 ] ^ a[ 3 ] ^ b[ 2 ] ^ a[ 2 ];
-         state[ 2 ][ col ] = b[ 2 ] ^ a[ 1 ] ^ a[ 0 ] ^ b[ 3 ] ^ a[ 3 ];
-         state[ 3 ][ col ] = b[ 3 ] ^ a[ 2 ] ^ a[ 1 ] ^ b[ 0 ] ^ a[ 0 ];
-     }
- }
-
-void Aes::invMixColumns( void )
- {
-     unsigned char a[4];
-
-     for( byte col = 0; col < 4; ++col ) {
-
-         for( byte row = 0; row < 4; ++ row )
-             a[ row ] = state[ row ][ col ];
-
-         state[ 0 ][ col ] = gmul( a[ 0 ], 14 ) ^ gmul( a[ 3 ], 9 ) ^ gmul( a[ 2 ], 13 ) ^ gmul( a[ 1 ], 11 );
-         state[ 1 ][ col ] = gmul( a[ 1 ], 14 ) ^ gmul( a[ 0 ], 9 ) ^ gmul( a[ 3 ], 13 ) ^ gmul( a[ 2 ], 11 );
-         state[ 2 ][ col ] = gmul( a[ 2 ], 14 ) ^ gmul( a[ 1 ], 9 ) ^ gmul( a[ 0 ], 13 ) ^ gmul( a[ 3 ], 11 );
-         state[ 3 ][ col ] = gmul( a[ 3 ], 14 ) ^ gmul( a[ 2 ], 9 ) ^ gmul( a[ 1 ], 13 ) ^ gmul( a[ 0 ], 11 );
-     }
-
- }
-
-bool Aes::setKey( char *key )
- {
-
-     size_t key_len = strlen( key );
-
-     byte *w_key            = 0;
-     byte des_key_len    = 0;
-
-     if( key_len <= 16 ) {
-
-         key_length = 4;
-         num_rounds = 10;
-         des_key_len = 16;
-
-     } else if( key_len <= 24 ) {
-
-         key_length = 6;
-         num_rounds = 12;
-         des_key_len = 24;
-
-     } else if( key_len <= 32 ) {
-
-         key_length = 8;
-         num_rounds = 14;
-         des_key_len = 32;
-
-     }
-
-     w_key = new byte[ des_key_len ];
-
-     for( byte i = 0, t = 0; t < des_key_len; ++i, ++t ) {
-         if( i == key_len )
-             i = 0;
-         *( w_key + t ) = *( key + i );
-     }
-
-     expandKey( w_key );
-
-     delete [] w_key;
-
-     return true;
- }
-
-void Aes::cipher( void )
- {
-     addRoundKey( 0 );
-
-     for( byte round = 1; round < num_rounds; ++round ) {
-
-         for( byte row = 0; row < 4; ++row )
-             for( byte col = 0; col < 4; ++col )
-                 state[ row ][ col ] = sbox[ state[ row ][ col ] >> 4 ][ state[ row ][ col ] & 0x0f ];
-
-         shiftRows( );
-         mixColumns( );
-         addRoundKey( round );
-     }
-
-     for( byte row = 0; row < 4; ++row )
-         for( byte col = 0; col < 4; ++col )
-             state[ row ][ col ] = sbox[ state[ row ][ col ] >> 4 ][ state[ row ][ col ] & 0x0f ];
-
-     shiftRows( );
-     addRoundKey( num_rounds );
- }
-
-void Aes::invCipher( void )
- {
-     addRoundKey( num_rounds );
-
-     for( byte round = ( num_rounds - 1 ); round > 0; --round ) {
-
-         invShiftRows( );
-
-         for( byte row = 0; row < 4; ++row )
-             for( byte col = 0; col < 4; ++col )
-                 state[ row ][ col ] = inv_sbox[ state[ row ][ col ] >> 4 ][ state[ row ][ col ] & 0x0f ];
-
-         addRoundKey( round );
-         invMixColumns( );
-     }
-
-     invShiftRows( );
-
-     for( byte row = 0; row < 4; ++row )
-         for( byte col = 0; col < 4; ++col )
-             state[ row ][ col ] = inv_sbox[ state[ row ][ col ] >> 4 ][ state[ row ][ col ] & 0x0f ];
-
-     addRoundKey( 0 );
- }
-
- size_t Aes::encrypt( char **data, size_t length, char *key )
- {
-     if( length == 0 )
-         return 0;
-
-     if( !setKey( key ) )
-         return 0;
-
-     size_t old_length = length;
-     while( length % 16 )
-         ++length;
-
-     char *buffer = new char[ length ];
-     memset( buffer, 0, length );
-     memcpy( buffer, *data, old_length );
-
-     delete [] *data;
-     *data = buffer;
-
-     size_t cur_block = 0;
-
-     do {
-
-         for( byte col = 0; col < 4; ++col )
-             for( byte row = 0; row < 4; ++row )
-                 state[ row ][ col ] = static_cast< byte >( ( *data )[ cur_block * 16 + row + 4 * col ] );
-
-         cipher( );
-
-         for( byte col = 0; col < 4; ++col )
-             for( byte row = 0; row < 4; ++row )
-                 ( *data )[ cur_block * 16 + row + 4 * col ] = static_cast< char >( state[ row ][ col ] );
-
-         ++cur_block;
-
-     } while( cur_block * 16 != length );
-
-     return cur_block;
- }
-
- size_t Aes::decrypt( char **data, size_t length, char *key )
- {
-     if( length == 0 )
-         return 0;
-
-     if( !setKey( key ) )
-         return 0;
-
-     size_t old_length = length;
-     while( length % 16 )
-         ++length;
-
-     char *buffer = new char[ length ];
-     memset( buffer, 0, length );
-     memcpy( buffer, *data, old_length );
-
-     delete [] *data;
-     *data = buffer;
-
-     size_t cur_block = 0;
-
-     do {
-
-         for( byte col = 0; col < 4; ++col )
-             for( byte row = 0; row < 4; ++row )
-                 state[ row ][ col ] = static_cast< byte >( ( *data )[ cur_block * 16 + row + 4 * col ] );
-
-         invCipher( );
-
-         for( byte col = 0; col < 4; ++col )
-             for( byte row = 0; row < 4; ++row )
-                 ( *data )[ cur_block * 16 + row + 4 * col ] = static_cast< char >( state[ row ][ col ] );
-
-         ++cur_block;
-
-     } while( cur_block * 16 != length );
-
-     --length;
-
-     while( ! ( ( *buffer ) + length ) )
-         --length;
-
-     ++length;
-
-     return length;
- }
+    tmp[0] = tmpb;
 
+    memcpy(b, tmp, 4);
 }
+
+void Aes::subWord(word *b)
+{
+    byte tmp[4];
+    memcpy(tmp, b, 4);
+
+    for (byte i = 0; i < 4; ++i)
+        tmp[i] = sbox[tmp[i] >> 4][tmp[i] & 0x0f];
+
+    memcpy(b, tmp, 4);
+}
+
+void Aes::expandKey(byte *key)
+{
+    if (w)
+        delete[] w;
+
+    w = new word[4 * (numRounds + 1)];
+
+    for (byte iw = 0, ib = 0; iw < keyLength; ++iw, ib += 4)
+        w[iw] = static_cast<word>((key[ib] << 24) + (key[ib + 1] << 16) + (key[ib + 2] << 8) + key[ib + 3]);
+
+    word tmp;
+
+    for (byte i = keyLength; i < (4 * (numRounds + 1)); ++i) {
+
+        tmp = w[i - 1];
+
+        if ((i % keyLength) == 0) {
+            rotWord(&tmp);
+            subWord(&tmp);
+            tmp ^= rcon[i / keyLength];
+        } else if ((keyLength > 6) && ((i % keyLength) == 4)) {
+            subWord(&tmp);
+        }
+
+        w[i] = w[i - keyLength] ^ tmp;
+    }
+}
+
+void Aes::addRoundKey(byte round)
+{
+    for (byte col = 0; col < 4; ++col)
+        for (byte row = 0; row < 4; ++row)
+            state[row][col] ^= static_cast<byte>((w[round * 4 + col] >> (24 - row * 8)) & 0x000000ff);
+}
+
+void Aes::shiftRows(void)
+{
+    byte tmp = 0;
+    tmp = state[1][0];
+    state[1][0] = state[1][1];
+    state[1][1] = state[1][2];
+    state[1][2] = state[1][3];
+    state[1][3] = tmp;
+
+    tmp = state[2][0];
+    state[2][0] = state[2][2];
+    state[2][2] = tmp;
+    tmp = state[2][1];
+    state[2][1] = state[2][3];
+    state[2][3] = tmp;
+
+    tmp = state[3][3];
+    state[3][3] = state[3][2];
+    state[3][2] = state[3][1];
+    state[3][1] = state[3][0];
+    state[3][0] = tmp;
+}
+
+void Aes::invShiftRows(void)
+{
+    byte tmp = 0;
+    tmp = state[3][0];
+    state[3][0] = state[3][1];
+    state[3][1] = state[3][2];
+    state[3][2] = state[3][3];
+    state[3][3] = tmp;
+
+    tmp = state[2][0];
+    state[2][0] = state[2][2];
+    state[2][2] = tmp;
+    tmp = state[2][1];
+    state[2][1] = state[2][3];
+    state[2][3] = tmp;
+
+    tmp = state[1][3];
+    state[1][3] = state[1][2];
+    state[1][2] = state[1][1];
+    state[1][1] = state[1][0];
+    state[1][0] = tmp;
+}
+
+void Aes::mixColumns(void)
+{
+    unsigned char a[4];
+    unsigned char b[4];
+    unsigned char h = 0;
+
+    for (byte col = 0; col < 4; ++col) {
+        for (byte row = 0; row < 4; ++row) {
+            a[row] = state[row][col];
+            h = state[row][col] & 0x80;
+            b[row] = static_cast<byte>(state[row][col] << 1);
+            if (h == 0x80)
+                b[row] ^= 0x1b;
+        }
+        state[0][col] = b[0] ^ a[3] ^ a[2] ^ b[1] ^ a[1];
+        state[1][col] = b[1] ^ a[0] ^ a[3] ^ b[2] ^ a[2];
+        state[2][col] = b[2] ^ a[1] ^ a[0] ^ b[3] ^ a[3];
+        state[3][col] = b[3] ^ a[2] ^ a[1] ^ b[0] ^ a[0];
+    }
+}
+
+void Aes::invMixColumns(void)
+{
+    unsigned char a[4];
+
+    for (byte col = 0; col < 4; ++col) {
+        for (byte row = 0; row < 4; ++row)
+            a[row] = state[row][col];
+        state[0][col] = gmul(a[0], 14) ^ gmul(a[3], 9) ^ gmul(a[2], 13) ^ gmul(a[1], 11);
+        state[1][col] = gmul(a[1], 14) ^ gmul(a[0], 9) ^ gmul(a[3], 13) ^ gmul(a[2], 11);
+        state[2][col] = gmul(a[2], 14) ^ gmul(a[1], 9) ^ gmul(a[0], 13) ^ gmul(a[3], 11);
+        state[3][col] = gmul(a[3], 14) ^ gmul(a[2], 9) ^ gmul(a[1], 13) ^ gmul(a[0], 11);
+    }
+}
+
+bool Aes::setKey(char *key)
+{
+    size_t keyLen = strlen(key);
+
+    byte *wKey = 0;
+    byte desKeyLen = 0;
+
+    if (keyLen <= 16) {
+        keyLength = 4;
+        numRounds = 10;
+        desKeyLen = 16;
+
+    } else if (keyLen <= 24) {
+        keyLength = 6;
+        numRounds = 12;
+        desKeyLen = 24;
+
+    } else if (keyLen <= 32) {
+        keyLength = 8;
+        numRounds = 14;
+        desKeyLen = 32;
+    }
+
+    wKey = new byte[desKeyLen];
+    for (byte i = 0, t = 0; t < desKeyLen; ++i, ++t) {
+        if (i == keyLen)
+            i = 0;
+        *(wKey + t) = static_cast<byte>(*(key + i));
+    }
+
+    expandKey(wKey);
+    delete[] wKey;
+    return true;
+}
+
+void Aes::cipher(void)
+{
+    addRoundKey(0);
+
+    for (byte round = 1; round < numRounds; ++round) {
+        for (byte row = 0; row < 4; ++row)
+            for (byte col = 0; col < 4; ++col)
+                state[row][col] = sbox[state[row][col] >> 4][state[row][col] & 0x0f];
+        shiftRows();
+        mixColumns();
+        addRoundKey(round);
+    }
+
+    for (byte row = 0; row < 4; ++row)
+        for (byte col = 0; col < 4; ++col)
+            state[row][col] = sbox[state[row][col] >> 4][state[row][col] & 0x0f];
+
+    shiftRows();
+    addRoundKey(numRounds);
+}
+
+void Aes::invCipher(void)
+{
+    addRoundKey(numRounds);
+
+    for (byte round = (numRounds - 1); round > 0; --round) {
+        invShiftRows();
+        for (byte row = 0; row < 4; ++row)
+            for (byte col = 0; col < 4; ++col)
+                state[row][col] = inv_sbox[state[row][col] >> 4][state[row][col] & 0x0f];
+        addRoundKey(round);
+        invMixColumns();
+    }
+
+    invShiftRows();
+
+    for (byte row = 0; row < 4; ++row)
+        for (byte col = 0; col < 4; ++col)
+            state[row][col] = inv_sbox[state[row][col] >> 4][state[row][col] & 0x0f];
+
+    addRoundKey(0);
+}
+
+size_t Aes::encrypt(char **data, std::size_t length, char *key)
+{
+    if (length == 0)
+        return 0;
+
+    if (!setKey(key))
+        return 0;
+
+    size_t oldLength = length;
+    while (length % 16)
+        ++length;
+
+    char *buffer = new char[length];
+    memset(buffer, 0, length);
+    memcpy(buffer, *data, oldLength);
+
+    delete[] * data;
+    *data = buffer;
+
+    size_t curBlock = 0;
+
+    do {
+        for (byte col = 0; col < 4; ++col)
+            for (byte row = 0; row < 4; ++row)
+                state[row][col] = static_cast<byte>((*data)[curBlock * 16 + row + 4 * col]);
+        cipher();
+        for (byte col = 0; col < 4; ++col)
+            for (byte row = 0; row < 4; ++row)
+                (*data)[curBlock * 16 + row + 4 * col] = static_cast<char>(state[row][col]);
+        ++curBlock;
+    } while (curBlock * 16 != length);
+
+    return curBlock;
+}
+
+size_t Aes::decrypt(char **data, std::size_t length, char *key)
+{
+    if (length == 0)
+        return 0;
+
+    if (!setKey(key))
+        return 0;
+
+    std::size_t oldLength = length;
+    while (length % 16)
+        ++length;
+
+    char *buffer = new char[length];
+    memset(buffer, 0, length);
+    memcpy(buffer, *data, oldLength);
+
+    delete[] * data;
+    *data = buffer;
+
+    std::size_t curBlock = 0;
+
+    do {
+        for (byte col = 0; col < 4; ++col)
+            for (byte row = 0; row < 4; ++row)
+                state[row][col] = static_cast<byte>((*data)[curBlock * 16 + row + 4 * col]);
+
+        invCipher();
+
+        for (byte col = 0; col < 4; ++col)
+            for (byte row = 0; row < 4; ++row)
+                (*data)[curBlock * 16 + row + 4 * col] = static_cast<char>(state[row][col]);
+
+        ++curBlock;
+
+    } while (curBlock * 16 != length);
+
+    --length;
+
+    while (!(static_cast<decltype(length)>(*buffer) + length))
+        --length;
+
+    ++length;
+
+    return length;
+}
+
+} // namespace Crypto

aes/aes.h

@@ -1,28 +1,28 @@
 #ifndef AES_INCLUDED
 #define AES_INCLUDED AES_INCLUDED
 
-#include <c++utilities/application/global.h>
+#include "../global.h"
 
 #include <cstring>
 
 namespace Crypto {
 
-class LIB_EXPORT Aes {
+class PASSWORD_FILE_EXPORT Aes {
 
 public:
-    typedef unsigned char byte;
-    typedef unsigned long word;
+    using byte = unsigned char;
+    using word = unsigned long;
 
     Aes();
     ~Aes();
 
-    size_t encrypt(char **data, size_t length, char *key);
-    size_t decrypt(char **data, size_t length, char *key);
+    std::size_t encrypt(char **data, std::size_t length, char *key);
+    std::size_t decrypt(char **data, std::size_t length, char *key);
 
 private:
     static byte gmul(byte a, byte b);
-    static void rotWord(word *b );
-    static void subWord(word *b );
+    static void rotWord(word *b);
+    static void subWord(word *b);
 
     bool setKey(char *key);
     void expandKey(byte *key);
@@ -42,13 +42,13 @@ private:
     static byte inv_sbox[16][16];
     static word rcon[52];
 
-    byte key_length;
-    byte num_rounds;
+    byte keyLength;
+    byte numRounds;
 
     word *w;
     byte state[4][4];
 };
 
-}
+} // namespace Crypto
 
 #endif /* AES_INCLUDED */

global.h

@@ -4,6 +4,7 @@
 #ifndef PASSWORD_FILE_GLOBAL
 #define PASSWORD_FILE_GLOBAL
 
+#include "passwordfile-definitions.h"
 #include <c++utilities/application/global.h>
 
 #ifdef PASSWORD_FILE_STATIC

io/cryptoexception.cpp

@@ -5,7 +5,7 @@ namespace Io {
  * \class CryptoException
  * \brief The exception that is thrown when an encryption/decryption error occurs.
  * \remarks Must not have any inline methods/c'tors/d'tors (so the vtable is invoked in any compile unit).
- *          Otherwise it is not possible to throw/catch it accross library boundaries under Android.
+ *          Otherwise it is not possible to throw/catch it across library boundaries under Android.
  */
 
 /*!

io/entry.cpp

@@ -20,7 +20,7 @@ namespace Io {
 
 /*!
  * \class Entry
- * \brief Instances of the Entry class form a hierarchic data strucutre used to store
+ * \brief Instances of the Entry class form a hierarchic data structure used to store
  *        account information.
  *
  * Entries can be serialized and deserialized using the parse() and make() methods.
@@ -302,7 +302,7 @@ void NodeEntry::deleteChildren(int begin, int end)
 
     // adjust indices of subsequent children
     const int diff = end - begin;
-    for (auto iterator = m_children.begin() + begin, end = m_children.end(); iterator != end; ++iterator) {
+    for (auto iterator = m_children.begin() + begin, end2 = m_children.end(); iterator != end2; ++iterator) {
         (*iterator)->m_index -= diff;
     }
 }
@@ -320,7 +320,7 @@ void NodeEntry::replaceChild(size_t at, Entry *newChild)
         return;
     }
 
-    // detatch the old child
+    // detach the old child
     m_children[at]->m_parent = nullptr;
     m_children[at]->m_index = -1;
 

io/parsingexception.cpp

@@ -6,7 +6,7 @@ namespace Io {
  * \class ParsingException
  * \brief The exception that is thrown when a parsing error occurs.
  * \remarks Must not have any inline methods/c'tors/d'tors (so the vtable is invoked in any compile unit).
- *          Otherwise it is not possible to throw/catch it accross library boundaries under Android.
+ *          Otherwise it is not possible to throw/catch it across library boundaries under Android.
  */
 
 /*!

io/passwordfile.cpp

@@ -8,6 +8,7 @@
 
 #include <c++utilities/conversion/stringbuilder.h>
 #include <c++utilities/conversion/stringconversion.h>
+#include <c++utilities/io/path.h>
 
 #include <openssl/conf.h>
 #include <openssl/err.h>
@@ -17,6 +18,7 @@
 #include <zlib.h>
 
 #include <cstring>
+#include <filesystem>
 #include <functional>
 #include <limits>
 #include <memory>
@@ -28,7 +30,9 @@ using namespace CppUtilities;
 
 namespace Io {
 
-const unsigned int aes256cbcIvSize = 16U;
+constexpr unsigned int aes256cbcIvSize = 16U;
+constexpr unsigned int aes256blockSize = 32U;
+constexpr unsigned int aes256additionalBufferSize = aes256blockSize * 2;
 
 /*!
  * \class PasswordFile
@@ -87,12 +91,12 @@ PasswordFile::PasswordFile(const PasswordFile &other)
  * \brief Moves the password file.
  */
 PasswordFile::PasswordFile(PasswordFile &&other)
-    : m_path(move(other.m_path))
-    , m_password(move(other.m_password))
-    , m_rootEntry(move(other.m_rootEntry))
-    , m_extendedHeader(move(other.m_extendedHeader))
-    , m_encryptedExtendedHeader(move(other.m_encryptedExtendedHeader))
-    , m_file(move(other.m_file))
+    : m_path(std::move(other.m_path))
+    , m_password(std::move(other.m_password))
+    , m_rootEntry(std::move(other.m_rootEntry))
+    , m_extendedHeader(std::move(other.m_extendedHeader))
+    , m_encryptedExtendedHeader(std::move(other.m_encryptedExtendedHeader))
+    , m_file(std::move(other.m_file))
     , m_freader(BinaryReader(&m_file))
     , m_fwriter(BinaryWriter(&m_file))
     , m_version(other.m_version)
@@ -116,7 +120,7 @@ void PasswordFile::open(PasswordFileOpenFlags options)
 {
     close();
     if (m_path.empty()) {
-        throw std::ios_base::failure("Unable to open file because path is emtpy.");
+        throw std::ios_base::failure("Unable to open file because path is empty.");
     }
     m_file.open(
         m_path, options & PasswordFileOpenFlags::ReadOnly ? ios_base::in | ios_base::binary : ios_base::in | ios_base::out | ios_base::binary);
@@ -272,7 +276,7 @@ void PasswordFile::load()
 
         // initiate ctx, decrypt data
         EVP_CIPHER_CTX *ctx = nullptr;
-        decryptedData.resize(remainingSize + 32);
+        decryptedData.resize(remainingSize + aes256additionalBufferSize);
         int outlen1, outlen2;
         if ((ctx = EVP_CIPHER_CTX_new()) == nullptr || EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), nullptr, password.data, iv) != 1
             || EVP_DecryptUpdate(ctx, reinterpret_cast<unsigned char *>(decryptedData.data()), &outlen1,
@@ -292,7 +296,7 @@ void PasswordFile::load()
                 msg += ERR_error_string(errorCode, nullptr);
                 errorCode = ERR_get_error();
             }
-            throw CryptoException(move(msg));
+            throw CryptoException(std::move(msg));
         }
 
         if (ctx) {
@@ -347,10 +351,10 @@ void PasswordFile::load()
     stringstream decryptedStream(stringstream::in | stringstream::out | stringstream::binary);
     decryptedStream.exceptions(ios_base::failbit | ios_base::badbit);
     try {
-#ifdef _LIBCPP_VERSION
-        decryptedStream.write(decryptedData.data(), static_cast<streamsize>(remainingSize));
-#else
+#if defined(__GLIBCXX__) && !defined(_LIBCPP_VERSION)
         decryptedStream.rdbuf()->pubsetbuf(decryptedData.data(), static_cast<streamsize>(remainingSize));
+#else
+        decryptedStream.write(decryptedData.data(), static_cast<streamsize>(remainingSize));
 #endif
         if (m_version >= 0x5u) {
             BinaryReader reader(&decryptedStream);
@@ -387,9 +391,10 @@ std::uint32_t PasswordFile::mininumVersion(PasswordFileSaveFlags options) const
 /*!
  * \brief Writes the current root entry to the file under path() replacing its previous contents.
  * \param options Specify the features (like encryption and compression) to be used.
- * \throws Throws ios_base::failure when an IO error occurs.
- * \throws Throws runtime_error when no root entry is present or a compression error occurs.
+ * \throws Throws std::ios_base::failure when an IO error occurs.
+ * \throws Throws std::filesystem::filesystem_error when a filesystem error occurs.
  * \throws Throws Io::CryptoException when an encryption error occurs.
+ * \throws Throws std::runtime_error when no root entry is present or a compression error occurs.
  */
 void PasswordFile::save(PasswordFileSaveFlags options)
 {
@@ -398,7 +403,9 @@ void PasswordFile::save(PasswordFileSaveFlags options)
     }
 
     // use already opened and writable file; otherwise re-open the file
+    auto fileSize = std::size_t();
     if (m_file.good() && m_file.is_open() && !(m_openOptions & PasswordFileOpenFlags::ReadOnly)) {
+        fileSize = size();
         m_file.seekp(0);
     } else {
         m_file.clear();
@@ -416,16 +423,24 @@ void PasswordFile::save(PasswordFileSaveFlags options)
         }
     }
 
+    // write entries
     write(options);
     m_file.flush();
+
+    // truncate file if it became smaller
+    const auto newSize = static_cast<std::size_t>(m_file.tellp());
+    if (fileSize && newSize < fileSize) {
+        m_file.close();
+        std::filesystem::resize_file(makeNativePath(m_path), newSize);
+    }
 }
 
 /*!
  * \brief Writes the current root entry to the file which is assumed to be opened and writeable.
  * \param options Specify the features (like encryption and compression) to be used.
- * \throws Throws ios_base::failure when an IO error occurs.
- * \throws Throws runtime_error when no root entry is present or a compression error occurs.
+ * \throws Throws std::ios_base::failure when an IO error occurs.
  * \throws Throws Io::CryptoException when an encryption error occurs.
+ * \throws Throws std::runtime_error when no root entry is present, a compression error occurs.
  */
 void PasswordFile::write(PasswordFileSaveFlags options)
 {
@@ -450,7 +465,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
     }
     m_fwriter.writeByte(flags);
 
-    // write extened header
+    // write extended header
     if (version >= 0x4U) {
         if (m_extendedHeader.size() > numeric_limits<std::uint16_t>::max()) {
             throw runtime_error("Extended header exceeds maximum size.");
@@ -463,7 +478,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
     stringstream buffstr(stringstream::in | stringstream::out | stringstream::binary);
     buffstr.exceptions(ios_base::failbit | ios_base::badbit);
 
-    // write encrypted extened header
+    // write encrypted extended header
     if (version >= 0x5U) {
         if (m_encryptedExtendedHeader.size() > numeric_limits<std::uint16_t>::max()) {
             throw runtime_error("Encrypted extended header exceeds maximum size.");
@@ -494,7 +509,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
         case Z_BUF_ERROR:
             throw runtime_error("Compressing failed. The destination buffer was too small.");
         case Z_OK:
-            encryptedData.swap(decryptedData); // decompression successful
+            encryptedData.swap(decryptedData); // compression successful
             size = 8 + compressedSize;
         }
     }
@@ -528,7 +543,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
     EVP_CIPHER_CTX *ctx = nullptr;
     unsigned char iv[aes256cbcIvSize];
     int outlen1, outlen2;
-    encryptedData.resize(size + 32);
+    encryptedData.resize(size + aes256additionalBufferSize);
     if (RAND_bytes(iv, aes256cbcIvSize) != 1 || (ctx = EVP_CIPHER_CTX_new()) == nullptr
         || EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), nullptr, password.data, iv) != 1
         || EVP_EncryptUpdate(ctx, reinterpret_cast<unsigned char *>(encryptedData.data()), &outlen1,
@@ -548,7 +563,7 @@ void PasswordFile::write(PasswordFileSaveFlags options)
             msg += ERR_error_string(errorCode, nullptr);
             errorCode = ERR_get_error();
         }
-        throw CryptoException(move(msg));
+        throw CryptoException(std::move(msg));
     }
 
     if (ctx) {

tests/entrytests.cpp

@@ -2,9 +2,6 @@
 
 #include "./utils.h"
 
-#include <c++utilities/tests/testutils.h>
-using namespace CppUtilities;
-
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
 
@@ -160,7 +157,7 @@ void EntryTests::testEntryByPath()
     CPPUNIT_ASSERT_EQUAL_MESSAGE("return current instance", static_cast<Entry *>(&root), root.entryByPath(path));
 
     path = { "root", "foo" };
-    CPPUNIT_ASSERT_MESSAGE("nullptr for non-existant path", !root.entryByPath(path));
+    CPPUNIT_ASSERT_MESSAGE("nullptr for non-existent path", !root.entryByPath(path));
 
     path = { "root", "node" };
     const auto *const node = root.entryByPath(path, true, &createNode);

tests/fieldtests.cpp

@@ -3,9 +3,6 @@
 
 #include "./utils.h"
 
-#include <c++utilities/tests/testutils.h>
-using namespace CppUtilities;
-
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
 

tests/opensslrandomdevice.cpp

@@ -1,6 +1,6 @@
 #include "../util/opensslrandomdevice.h"
 
-#include <c++utilities/tests/testutils.h>
+#include "./utils.h"
 
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>

tests/passwordfiletests.cpp

@@ -2,7 +2,7 @@
 #include "../io/entry.h"
 #include "../io/passwordfile.h"
 
-#include <c++utilities/tests/testutils.h>
+#include "./utils.h"
 
 #include <cppunit/TestFixture.h>
 #include <cppunit/extensions/HelperMacros.h>
@@ -208,7 +208,7 @@ void PasswordFileTests::testExtendedWriting()
     CPPUNIT_ASSERT_EQUAL(""s, file.extendedHeader());
     CPPUNIT_ASSERT_EQUAL(""s, file.encryptedExtendedHeader());
     file.rootEntry()->setLabel("testfile2 - modified");
-    new AccountEntry("newAccount", file.rootEntry());
+    auto *const newAccount = new AccountEntry("newAccount", file.rootEntry());
     file.setPassword("654321");
     file.extendedHeader() = "foo";
     file.encryptedExtendedHeader() = "bar";
@@ -220,4 +220,18 @@ void PasswordFileTests::testExtendedWriting()
 
     // check backup files
     testReading("extended writing", testfile1 + ".backup", "123456", testfile2 + ".backup", string(), false, false);
+
+    // remove newAccount again to check what happens if the file size decreases
+    const auto fileSize = file.size();
+    delete newAccount;
+    file.save(PasswordFileSaveFlags::Encryption | PasswordFileSaveFlags::PasswordHashing);
+    file.close();
+    file.clearEntries();
+    file.open();
+    CPPUNIT_ASSERT_LESS(fileSize, file.size());
+    file.load();
+
+    auto path = std::list<std::string>{ "newAccount" };
+    CPPUNIT_ASSERT(file.rootEntry());
+    CPPUNIT_ASSERT(!file.rootEntry()->entryByPath(path));
 }

tests/utils.h

@@ -23,4 +23,8 @@ inline std::ostream &operator<<(std::ostream &out, const Io::Field *field)
 
 } // namespace CppUtilities
 
+#include <c++utilities/tests/testutils.h>
+
+using namespace CppUtilities;
+
 #endif // PASSWORDFILE_TESTS_UTILS_H

util/openssl.cpp

@@ -49,16 +49,8 @@ void clean()
  */
 Sha256Sum computeSha256Sum(const unsigned char *buffer, std::size_t size)
 {
-    // init sha256 hashing
-    SHA256_CTX sha256;
-    SHA256_Init(&sha256);
-
-    // do the actual hashing
-    SHA256_Update(&sha256, buffer, size);
-
-    // finalize the hashing
-    Sha256Sum hash;
-    SHA256_Final(hash.data, &sha256);
+    auto hash = Sha256Sum();
+    SHA256(buffer, size, hash.data);
     return hash;
 }
 

util/opensslrandomdevice.cpp

@@ -45,7 +45,7 @@ OpenSslRandomDevice::result_type OpenSslRandomDevice::operator()() const
         errorMsg += ERR_error_string(errorCode, nullptr);
         errorCode = ERR_get_error();
     }
-    throw Io::CryptoException(move(errorMsg));
+    throw Io::CryptoException(std::move(errorMsg));
 }
 
 /*!