author | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
---|---|---|
committer | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
commit | 31c3fc0e0673b9403fb4ef4a9836305d1d49ff83 (patch) (side-by-side diff) | |
tree | f5a44f4402294d6fd61e204489cdd776acb804aa | |
parent | 2b6072e39edbc8c9ab36e1e835b252a799db97a1 (diff) | |
download | kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.zip kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.gz kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.bz2 |
Fixed nasty PwM/Pi file reading bug, when
the used hash algo of file is different then the global
hash algo.
CVS ----------------------------------------------------------------------
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.cpp | 25 | ||||
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.h | 12 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.cpp | 20 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.h | 8 |
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp index ff94bf6..15f6cef 100644 --- a/pwmanager/pwmanager/libgcryptif.cpp +++ b/pwmanager/pwmanager/libgcryptif.cpp @@ -38,13 +38,15 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, size_t *outBufLen, unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ) { PwMerror ret = e_success; gcry_error_t err; gcry_cipher_hd_t handle; size_t blklen; size_t unpaddedLen = inBufLen; @@ -102,13 +104,13 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_setkey() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; @@ -149,13 +151,15 @@ out: PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PwMerror ret = e_success; gcry_error_t err; gcry_cipher_hd_t handle; size_t cipherKeylen; unsigned char *hashedKey; @@ -198,13 +202,13 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doDecrypt(): gcry_cipher_setkey() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; @@ -311,21 +315,26 @@ int LibGCryptIf::mapHashId(char algo) bool LibGCryptIf::hashPassphrase(const unsigned char *pw, size_t pwlen, unsigned char *salt, unsigned char *key, size_t keylen, - bool create) + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { DEK dek; STRING2KEY s2k; bool ret; dek.keylen = keylen; s2k.mode = 1; - s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); + //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can + // be different from the one in the configuration. + s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo() + ); s2k.count = 0; if (!create) memcpy(s2k.salt, salt, STRING2KEY_SALTLEN); ret = doHashPassphrase(&dek, pw, pwlen, @@ -436,19 +445,19 @@ void LibGCryptIf::unpadData(const unsigned char *buf, size_t *bufLen) { size_t pos; BUG_ON(*bufLen % 8); pos = *bufLen - 1; while (buf[pos] != static_cast<char>(0x01)) { - qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); + //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); BUG_ON(!pos); //LR BUG we should terminte the loop if p == 0 if ( pos == 0 ) break; --pos; } *bufLen = pos; - qDebug("ente "); + //qDebug("ente "); } #endif // CONFIG_PWMANAGER_GCRY diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h index 1a7b658..9a987a2 100644 --- a/pwmanager/pwmanager/libgcryptif.h +++ b/pwmanager/pwmanager/libgcryptif.h @@ -70,23 +70,27 @@ public: PwMerror encrypt(unsigned char **outBuf, size_t *outBufLen, unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** decrypt data. _algo is the PWM_CRYPT_* ID * of the algorithm. */ PwMerror decrypt(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash data. _algo is the PWM_HASH_* ID of the hash */ PwMerror hash(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, char _algo); @@ -121,13 +125,15 @@ protected: /** hash a passphrase to a cipher key */ bool hashPassphrase(const unsigned char *pw, size_t pwlen, unsigned char *salt, unsigned char *key, size_t keylen, - bool create); + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash a passphrase to a cipher key */ bool doHashPassphrase(DEK *dek, const unsigned char *pw, size_t pwlen, STRING2KEY *s2k, bool create); diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp index 17cb74a..a740d6d 100644 --- a/pwmanager/pwmanager/pwmdoc.cpp +++ b/pwmanager/pwmanager/pwmdoc.cpp @@ -484,13 +484,13 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file) if (!compressDta(&serialized, compress)) { printDebug("PwMDoc::saveDoc(): compressDta() failed"); f.close(); ret = e_enc; goto out_moveback; } - e = encrypt(&serialized, ¤tPw, &f, cryptAlgo); + e = encrypt(&serialized, ¤tPw, &f, cryptAlgo, hashAlgo); if (e == e_weakPw) { printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); f.close(); ret = e_weakPw; goto out_moveback; } else if (e == e_cryptNotImpl) { @@ -604,13 +604,13 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked) ret == e_fileFormat || ret == e_hashNotImpl) { return ret; } else return e_readFile; } - ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, &f); + ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, dataHashType, &f); if (ret == e_cryptNotImpl) { printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); f.close(); return e_cryptNotImpl; } else if (ret != e_success) { printDebug("PwMDoc::openDoc(): decrypt() failed"); @@ -1304,13 +1304,15 @@ bool PwMDoc::decompressDta(string *d, char algo) return true; } } return false; } -PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) +PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo, + char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PWM_ASSERT(d); PWM_ASSERT(pw); PWM_ASSERT(f); size_t encSize; @@ -1345,13 +1347,15 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) err = gc.encrypt(&encrypted, &encSize, plain, d->length(), reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ); delete [] plain; if (err != e_success) return e_cryptNotImpl; break; } default: { @@ -1368,13 +1372,15 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) } delete_ifnot_null_array(encrypted); return e_success; } PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, - char algo, QFile *f) + char algo, + char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase + QFile *f) { PWM_ASSERT(d); PWM_ASSERT(pw); PWM_ASSERT(f); unsigned int cryptLen = f->size() - pos; @@ -1420,13 +1426,15 @@ PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, err = gc.decrypt(&decrypted, &cryptLen, encrypted, cryptLen, reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); if (err != e_success) { delete [] encrypted; delete [] decrypted; return e_cryptNotImpl; } break; diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h index 138dd3d..9fcdda7 100644 --- a/pwmanager/pwmanager/pwmdoc.h +++ b/pwmanager/pwmanager/pwmdoc.h @@ -733,15 +733,19 @@ protected: PwMerror checkHeader(char *cryptAlgo, QString *pw, char *compress, unsigned int *headerLength, char *dataHashType, string *dataHash, QFile *f); /** check the data-hash */ PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); /** encrypt data "d" and write to "filename" */ - PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); + PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** read data from file beginning at "pos", decrypt and return it */ - PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); + PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, + char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase +QFile *f); /** compress the data */ bool compressDta(string *d, char algo); /** uncompress the data */ bool decompressDta(string *d, char algo); /** internal import function for a text-file generated by PwM. * If this is not a valid PwM-exported file, it returns e_fileFormat */ |