| author | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
|---|---|---|
| committer | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
| commit | 31c3fc0e0673b9403fb4ef4a9836305d1d49ff83 (patch) (unidiff) | |
| tree | f5a44f4402294d6fd61e204489cdd776acb804aa | |
| parent | 2b6072e39edbc8c9ab36e1e835b252a799db97a1 (diff) | |
| download | kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.zip kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.gz kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.bz2 | |
Fixed nasty PwM/Pi file reading bug, when
the used hash algo of file is different then the global
hash algo.
CVS ----------------------------------------------------------------------
| -rw-r--r-- | pwmanager/pwmanager/libgcryptif.cpp | 25 | ||||
| -rw-r--r-- | pwmanager/pwmanager/libgcryptif.h | 12 | ||||
| -rw-r--r-- | pwmanager/pwmanager/pwmdoc.cpp | 20 | ||||
| -rw-r--r-- | pwmanager/pwmanager/pwmdoc.h | 8 |
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp index ff94bf6..15f6cef 100644 --- a/pwmanager/pwmanager/libgcryptif.cpp +++ b/pwmanager/pwmanager/libgcryptif.cpp | |||
| @@ -42,5 +42,7 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, | |||
| 42 | const unsigned char *key, | 42 | const unsigned char *key, |
| 43 | size_t keylen, | 43 | size_t keylen, |
| 44 | char _algo) | 44 | char _algo, |
| 45 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 46 | ) | ||
| 45 | { | 47 | { |
| 46 | PwMerror ret = e_success; | 48 | PwMerror ret = e_success; |
| @@ -106,5 +108,5 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, | |||
| 106 | // hash the "key" to a fixed size hash matching "cipherKeylen" | 108 | // hash the "key" to a fixed size hash matching "cipherKeylen" |
| 107 | hashedKey = new unsigned char[cipherKeylen]; | 109 | hashedKey = new unsigned char[cipherKeylen]; |
| 108 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); | 110 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo); |
| 109 | // so now set the hashed key | 111 | // so now set the hashed key |
| 110 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); | 112 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); |
| @@ -153,5 +155,7 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, | |||
| 153 | const unsigned char *key, | 155 | const unsigned char *key, |
| 154 | size_t keylen, | 156 | size_t keylen, |
| 155 | char _algo) | 157 | char _algo, |
| 158 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 159 | ) | ||
| 156 | { | 160 | { |
| 157 | PwMerror ret = e_success; | 161 | PwMerror ret = e_success; |
| @@ -202,5 +206,5 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, | |||
| 202 | // hash the "key" to a fixed size hash matching "cipherKeylen" | 206 | // hash the "key" to a fixed size hash matching "cipherKeylen" |
| 203 | hashedKey = new unsigned char[cipherKeylen]; | 207 | hashedKey = new unsigned char[cipherKeylen]; |
| 204 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); | 208 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo); |
| 205 | // so now set the hashed key | 209 | // so now set the hashed key |
| 206 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); | 210 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); |
| @@ -315,5 +319,7 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, | |||
| 315 | unsigned char *key, | 319 | unsigned char *key, |
| 316 | size_t keylen, | 320 | size_t keylen, |
| 317 | bool create) | 321 | bool create, |
| 322 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 323 | ) | ||
| 318 | { | 324 | { |
| 319 | DEK dek; | 325 | DEK dek; |
| @@ -323,5 +329,8 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, | |||
| 323 | dek.keylen = keylen; | 329 | dek.keylen = keylen; |
| 324 | s2k.mode = 1; | 330 | s2k.mode = 1; |
| 325 | s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); | 331 | //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can |
| 332 | // be different from the one in the configuration. | ||
| 333 | s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo() | ||
| 334 | ); | ||
| 326 | s2k.count = 0; | 335 | s2k.count = 0; |
| 327 | if (!create) | 336 | if (!create) |
| @@ -440,5 +449,5 @@ void LibGCryptIf::unpadData(const unsigned char *buf, | |||
| 440 | pos = *bufLen - 1; | 449 | pos = *bufLen - 1; |
| 441 | while (buf[pos] != static_cast<char>(0x01)) { | 450 | while (buf[pos] != static_cast<char>(0x01)) { |
| 442 | qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); | 451 | //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); |
| 443 | BUG_ON(!pos); | 452 | BUG_ON(!pos); |
| 444 | //LR BUG we should terminte the loop if p == 0 | 453 | //LR BUG we should terminte the loop if p == 0 |
| @@ -448,5 +457,5 @@ void LibGCryptIf::unpadData(const unsigned char *buf, | |||
| 448 | } | 457 | } |
| 449 | *bufLen = pos; | 458 | *bufLen = pos; |
| 450 | qDebug("ente "); | 459 | //qDebug("ente "); |
| 451 | } | 460 | } |
| 452 | 461 | ||
diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h index 1a7b658..9a987a2 100644 --- a/pwmanager/pwmanager/libgcryptif.h +++ b/pwmanager/pwmanager/libgcryptif.h | |||
| @@ -74,5 +74,7 @@ public: | |||
| 74 | const unsigned char *key, | 74 | const unsigned char *key, |
| 75 | size_t keylen, | 75 | size_t keylen, |
| 76 | char _algo); | 76 | char _algo, |
| 77 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 78 | ); | ||
| 77 | /** decrypt data. _algo is the PWM_CRYPT_* ID | 79 | /** decrypt data. _algo is the PWM_CRYPT_* ID |
| 78 | * of the algorithm. | 80 | * of the algorithm. |
| @@ -84,5 +86,7 @@ public: | |||
| 84 | const unsigned char *key, | 86 | const unsigned char *key, |
| 85 | size_t keylen, | 87 | size_t keylen, |
| 86 | char _algo); | 88 | char _algo, |
| 89 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 90 | ); | ||
| 87 | /** hash data. _algo is the PWM_HASH_* ID of the hash */ | 91 | /** hash data. _algo is the PWM_HASH_* ID of the hash */ |
| 88 | PwMerror hash(unsigned char **outBuf, | 92 | PwMerror hash(unsigned char **outBuf, |
| @@ -125,5 +129,7 @@ protected: | |||
| 125 | unsigned char *key, | 129 | unsigned char *key, |
| 126 | size_t keylen, | 130 | size_t keylen, |
| 127 | bool create); | 131 | bool create, |
| 132 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 133 | ); | ||
| 128 | /** hash a passphrase to a cipher key */ | 134 | /** hash a passphrase to a cipher key */ |
| 129 | bool doHashPassphrase(DEK *dek, | 135 | bool doHashPassphrase(DEK *dek, |
diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp index 17cb74a..a740d6d 100644 --- a/pwmanager/pwmanager/pwmdoc.cpp +++ b/pwmanager/pwmanager/pwmdoc.cpp | |||
| @@ -488,5 +488,5 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file) | |||
| 488 | goto out_moveback; | 488 | goto out_moveback; |
| 489 | } | 489 | } |
| 490 | e = encrypt(&serialized, ¤tPw, &f, cryptAlgo); | 490 | e = encrypt(&serialized, ¤tPw, &f, cryptAlgo, hashAlgo); |
| 491 | if (e == e_weakPw) { | 491 | if (e == e_weakPw) { |
| 492 | printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); | 492 | printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); |
| @@ -608,5 +608,5 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked) | |||
| 608 | return e_readFile; | 608 | return e_readFile; |
| 609 | } | 609 | } |
| 610 | ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, &f); | 610 | ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, dataHashType, &f); |
| 611 | if (ret == e_cryptNotImpl) { | 611 | if (ret == e_cryptNotImpl) { |
| 612 | printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); | 612 | printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); |
| @@ -1308,5 +1308,7 @@ bool PwMDoc::decompressDta(string *d, char algo) | |||
| 1308 | } | 1308 | } |
| 1309 | 1309 | ||
| 1310 | PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | 1310 | PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo, |
| 1311 | char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 1312 | ) | ||
| 1311 | { | 1313 | { |
| 1312 | PWM_ASSERT(d); | 1314 | PWM_ASSERT(d); |
| @@ -1349,5 +1351,7 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | |||
| 1349 | reinterpret_cast<const unsigned char *>(pw->latin1()), | 1351 | reinterpret_cast<const unsigned char *>(pw->latin1()), |
| 1350 | pw->length(), | 1352 | pw->length(), |
| 1351 | algo); | 1353 | algo, |
| 1354 | hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 1355 | ); | ||
| 1352 | delete [] plain; | 1356 | delete [] plain; |
| 1353 | if (err != e_success) | 1357 | if (err != e_success) |
| @@ -1372,5 +1376,7 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | |||
| 1372 | 1376 | ||
| 1373 | PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, | 1377 | PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, |
| 1374 | char algo, QFile *f) | 1378 | char algo, |
| 1379 | char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 1380 | QFile *f) | ||
| 1375 | { | 1381 | { |
| 1376 | PWM_ASSERT(d); | 1382 | PWM_ASSERT(d); |
| @@ -1424,5 +1430,7 @@ PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, | |||
| 1424 | reinterpret_cast<const unsigned char *>(pw->latin1()), | 1430 | reinterpret_cast<const unsigned char *>(pw->latin1()), |
| 1425 | pw->length(), | 1431 | pw->length(), |
| 1426 | algo); | 1432 | algo, |
| 1433 | hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 1434 | ); | ||
| 1427 | if (err != e_success) { | 1435 | if (err != e_success) { |
| 1428 | delete [] encrypted; | 1436 | delete [] encrypted; |
diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h index 138dd3d..9fcdda7 100644 --- a/pwmanager/pwmanager/pwmdoc.h +++ b/pwmanager/pwmanager/pwmdoc.h | |||
| @@ -737,7 +737,11 @@ protected: | |||
| 737 | PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); | 737 | PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); |
| 738 | /** encrypt data "d" and write to "filename" */ | 738 | /** encrypt data "d" and write to "filename" */ |
| 739 | PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); | 739 | PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo, |
| 740 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 741 | ); | ||
| 740 | /** read data from file beginning at "pos", decrypt and return it */ | 742 | /** read data from file beginning at "pos", decrypt and return it */ |
| 741 | PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); | 743 | PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, |
| 744 | char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
| 745 | QFile *f); | ||
| 742 | /** compress the data */ | 746 | /** compress the data */ |
| 743 | bool compressDta(string *d, char algo); | 747 | bool compressDta(string *d, char algo); |