From 832e03bb7f93aad76321d3b255a2494170492f7d Mon Sep 17 00:00:00 2001
From: ni-jessica <jessica_ni@brown.edu>
Date: Thu, 7 Dec 2023 20:33:00 -0500
Subject: [PATCH] feat: update server for password with offset

---
 backend/src/cryptography.cpp | 11 +++++------
 backend/src/server.cpp       |  2 +-
 2 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/backend/src/cryptography.cpp b/backend/src/cryptography.cpp
index a6556c3..376bcb4 100644
--- a/backend/src/cryptography.cpp
+++ b/backend/src/cryptography.cpp
@@ -21,12 +21,11 @@ namespace cryptography
 
     std::string encryptPassword(const std::string &password, unsigned char *b, int offset)
     {
-        // encrypt password
-        const unsigned char *data = (const unsigned char *)password.data();
-        unsigned char encryptedPassword[crypto_core_ristretto255_BYTES + offset];
-        crypto_scalarmult_ristretto255(encryptedPassword + offset, b, data);
-        memcpy(encryptedPassword, data, offset);
-        return std::string(encryptedPassword, encryptedPassword + crypto_core_ristretto255_BYTES+offset);
+        std::string rawPassword = password.substr(offset, crypto_core_ristretto255_BYTES);
+        const unsigned char *data = (const unsigned char *)rawPassword.data();
+        unsigned char encryptedPassword[crypto_core_ristretto255_BYTES];
+        crypto_scalarmult_ristretto255(encryptedPassword, b, data);
+        return std::string(encryptedPassword, encryptedPassword + crypto_core_ristretto255_BYTES);
     }
 
     std::vector<std::string> encrypt(const std::unordered_set<std::string> &passwords, unsigned char *b, int offset)
diff --git a/backend/src/server.cpp b/backend/src/server.cpp
index ed3b747..ee6ecbb 100644
--- a/backend/src/server.cpp
+++ b/backend/src/server.cpp
@@ -43,7 +43,7 @@ namespace server
         int offset = 1;
         std::string encrypted_password = cryptography::encryptPassword(crow::utility::base64decode(user_password, user_password.size()), b, offset);
         response["status"] = "success";
-        response["userPassword"] = crow::utility::base64encode(encrypted_password, encrypted_password.size()+offset);
+        response["userPassword"] = crow::utility::base64encode(encrypted_password, encrypted_password.size());
         response["breachedPasswords"] = breached_passwords;
         
         return response; });