author | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
---|---|---|
committer | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
commit | 31c3fc0e0673b9403fb4ef4a9836305d1d49ff83 (patch) (unidiff) | |
tree | f5a44f4402294d6fd61e204489cdd776acb804aa | |
parent | 2b6072e39edbc8c9ab36e1e835b252a799db97a1 (diff) | |
download | kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.zip kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.gz kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.bz2 |
Fixed nasty PwM/Pi file reading bug, when
the used hash algo of file is different then the global
hash algo.
CVS ----------------------------------------------------------------------
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.cpp | 25 | ||||
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.h | 12 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.cpp | 20 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.h | 8 |
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp index ff94bf6..15f6cef 100644 --- a/pwmanager/pwmanager/libgcryptif.cpp +++ b/pwmanager/pwmanager/libgcryptif.cpp | |||
@@ -41,7 +41,9 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, | |||
41 | size_t inBufLen, | 41 | size_t inBufLen, |
42 | const unsigned char *key, | 42 | const unsigned char *key, |
43 | size_t keylen, | 43 | size_t keylen, |
44 | char _algo) | 44 | char _algo, |
45 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
46 | ) | ||
45 | { | 47 | { |
46 | PwMerror ret = e_success; | 48 | PwMerror ret = e_success; |
47 | gcry_error_t err; | 49 | gcry_error_t err; |
@@ -105,7 +107,7 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, | |||
105 | } | 107 | } |
106 | // hash the "key" to a fixed size hash matching "cipherKeylen" | 108 | // hash the "key" to a fixed size hash matching "cipherKeylen" |
107 | hashedKey = new unsigned char[cipherKeylen]; | 109 | hashedKey = new unsigned char[cipherKeylen]; |
108 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); | 110 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo); |
109 | // so now set the hashed key | 111 | // so now set the hashed key |
110 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); | 112 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); |
111 | if (err != GPG_ERR_NO_ERROR) { | 113 | if (err != GPG_ERR_NO_ERROR) { |
@@ -152,7 +154,9 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, | |||
152 | size_t inBufLen, | 154 | size_t inBufLen, |
153 | const unsigned char *key, | 155 | const unsigned char *key, |
154 | size_t keylen, | 156 | size_t keylen, |
155 | char _algo) | 157 | char _algo, |
158 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
159 | ) | ||
156 | { | 160 | { |
157 | PwMerror ret = e_success; | 161 | PwMerror ret = e_success; |
158 | gcry_error_t err; | 162 | gcry_error_t err; |
@@ -201,7 +205,7 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, | |||
201 | } | 205 | } |
202 | // hash the "key" to a fixed size hash matching "cipherKeylen" | 206 | // hash the "key" to a fixed size hash matching "cipherKeylen" |
203 | hashedKey = new unsigned char[cipherKeylen]; | 207 | hashedKey = new unsigned char[cipherKeylen]; |
204 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); | 208 | hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo); |
205 | // so now set the hashed key | 209 | // so now set the hashed key |
206 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); | 210 | err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); |
207 | if (err != GPG_ERR_NO_ERROR) { | 211 | if (err != GPG_ERR_NO_ERROR) { |
@@ -314,7 +318,9 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, | |||
314 | unsigned char *salt, | 318 | unsigned char *salt, |
315 | unsigned char *key, | 319 | unsigned char *key, |
316 | size_t keylen, | 320 | size_t keylen, |
317 | bool create) | 321 | bool create, |
322 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
323 | ) | ||
318 | { | 324 | { |
319 | DEK dek; | 325 | DEK dek; |
320 | STRING2KEY s2k; | 326 | STRING2KEY s2k; |
@@ -322,7 +328,10 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, | |||
322 | 328 | ||
323 | dek.keylen = keylen; | 329 | dek.keylen = keylen; |
324 | s2k.mode = 1; | 330 | s2k.mode = 1; |
325 | s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); | 331 | //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can |
332 | // be different from the one in the configuration. | ||
333 | s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo() | ||
334 | ); | ||
326 | s2k.count = 0; | 335 | s2k.count = 0; |
327 | if (!create) | 336 | if (!create) |
328 | memcpy(s2k.salt, salt, STRING2KEY_SALTLEN); | 337 | memcpy(s2k.salt, salt, STRING2KEY_SALTLEN); |
@@ -439,7 +448,7 @@ void LibGCryptIf::unpadData(const unsigned char *buf, | |||
439 | BUG_ON(*bufLen % 8); | 448 | BUG_ON(*bufLen % 8); |
440 | pos = *bufLen - 1; | 449 | pos = *bufLen - 1; |
441 | while (buf[pos] != static_cast<char>(0x01)) { | 450 | while (buf[pos] != static_cast<char>(0x01)) { |
442 | qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); | 451 | //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); |
443 | BUG_ON(!pos); | 452 | BUG_ON(!pos); |
444 | //LR BUG we should terminte the loop if p == 0 | 453 | //LR BUG we should terminte the loop if p == 0 |
445 | if ( pos == 0 ) | 454 | if ( pos == 0 ) |
@@ -447,7 +456,7 @@ void LibGCryptIf::unpadData(const unsigned char *buf, | |||
447 | --pos; | 456 | --pos; |
448 | } | 457 | } |
449 | *bufLen = pos; | 458 | *bufLen = pos; |
450 | qDebug("ente "); | 459 | //qDebug("ente "); |
451 | } | 460 | } |
452 | 461 | ||
453 | #endif // CONFIG_PWMANAGER_GCRY | 462 | #endif // CONFIG_PWMANAGER_GCRY |
diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h index 1a7b658..9a987a2 100644 --- a/pwmanager/pwmanager/libgcryptif.h +++ b/pwmanager/pwmanager/libgcryptif.h | |||
@@ -73,7 +73,9 @@ public: | |||
73 | size_t inBufLen, | 73 | size_t inBufLen, |
74 | const unsigned char *key, | 74 | const unsigned char *key, |
75 | size_t keylen, | 75 | size_t keylen, |
76 | char _algo); | 76 | char _algo, |
77 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
78 | ); | ||
77 | /** decrypt data. _algo is the PWM_CRYPT_* ID | 79 | /** decrypt data. _algo is the PWM_CRYPT_* ID |
78 | * of the algorithm. | 80 | * of the algorithm. |
79 | */ | 81 | */ |
@@ -83,7 +85,9 @@ public: | |||
83 | size_t inBufLen, | 85 | size_t inBufLen, |
84 | const unsigned char *key, | 86 | const unsigned char *key, |
85 | size_t keylen, | 87 | size_t keylen, |
86 | char _algo); | 88 | char _algo, |
89 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
90 | ); | ||
87 | /** hash data. _algo is the PWM_HASH_* ID of the hash */ | 91 | /** hash data. _algo is the PWM_HASH_* ID of the hash */ |
88 | PwMerror hash(unsigned char **outBuf, | 92 | PwMerror hash(unsigned char **outBuf, |
89 | size_t *outBufLen, | 93 | size_t *outBufLen, |
@@ -124,7 +128,9 @@ protected: | |||
124 | unsigned char *salt, | 128 | unsigned char *salt, |
125 | unsigned char *key, | 129 | unsigned char *key, |
126 | size_t keylen, | 130 | size_t keylen, |
127 | bool create); | 131 | bool create, |
132 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
133 | ); | ||
128 | /** hash a passphrase to a cipher key */ | 134 | /** hash a passphrase to a cipher key */ |
129 | bool doHashPassphrase(DEK *dek, | 135 | bool doHashPassphrase(DEK *dek, |
130 | const unsigned char *pw, | 136 | const unsigned char *pw, |
diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp index 17cb74a..a740d6d 100644 --- a/pwmanager/pwmanager/pwmdoc.cpp +++ b/pwmanager/pwmanager/pwmdoc.cpp | |||
@@ -487,7 +487,7 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file) | |||
487 | ret = e_enc; | 487 | ret = e_enc; |
488 | goto out_moveback; | 488 | goto out_moveback; |
489 | } | 489 | } |
490 | e = encrypt(&serialized, ¤tPw, &f, cryptAlgo); | 490 | e = encrypt(&serialized, ¤tPw, &f, cryptAlgo, hashAlgo); |
491 | if (e == e_weakPw) { | 491 | if (e == e_weakPw) { |
492 | printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); | 492 | printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); |
493 | f.close(); | 493 | f.close(); |
@@ -607,7 +607,7 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked) | |||
607 | } else | 607 | } else |
608 | return e_readFile; | 608 | return e_readFile; |
609 | } | 609 | } |
610 | ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, &f); | 610 | ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, dataHashType, &f); |
611 | if (ret == e_cryptNotImpl) { | 611 | if (ret == e_cryptNotImpl) { |
612 | printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); | 612 | printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); |
613 | f.close(); | 613 | f.close(); |
@@ -1307,7 +1307,9 @@ bool PwMDoc::decompressDta(string *d, char algo) | |||
1307 | return false; | 1307 | return false; |
1308 | } | 1308 | } |
1309 | 1309 | ||
1310 | PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | 1310 | PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo, |
1311 | char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
1312 | ) | ||
1311 | { | 1313 | { |
1312 | PWM_ASSERT(d); | 1314 | PWM_ASSERT(d); |
1313 | PWM_ASSERT(pw); | 1315 | PWM_ASSERT(pw); |
@@ -1348,7 +1350,9 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | |||
1348 | d->length(), | 1350 | d->length(), |
1349 | reinterpret_cast<const unsigned char *>(pw->latin1()), | 1351 | reinterpret_cast<const unsigned char *>(pw->latin1()), |
1350 | pw->length(), | 1352 | pw->length(), |
1351 | algo); | 1353 | algo, |
1354 | hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
1355 | ); | ||
1352 | delete [] plain; | 1356 | delete [] plain; |
1353 | if (err != e_success) | 1357 | if (err != e_success) |
1354 | return e_cryptNotImpl; | 1358 | return e_cryptNotImpl; |
@@ -1371,7 +1375,9 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) | |||
1371 | } | 1375 | } |
1372 | 1376 | ||
1373 | PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, | 1377 | PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, |
1374 | char algo, QFile *f) | 1378 | char algo, |
1379 | char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
1380 | QFile *f) | ||
1375 | { | 1381 | { |
1376 | PWM_ASSERT(d); | 1382 | PWM_ASSERT(d); |
1377 | PWM_ASSERT(pw); | 1383 | PWM_ASSERT(pw); |
@@ -1423,7 +1429,9 @@ PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, | |||
1423 | cryptLen, | 1429 | cryptLen, |
1424 | reinterpret_cast<const unsigned char *>(pw->latin1()), | 1430 | reinterpret_cast<const unsigned char *>(pw->latin1()), |
1425 | pw->length(), | 1431 | pw->length(), |
1426 | algo); | 1432 | algo, |
1433 | hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
1434 | ); | ||
1427 | if (err != e_success) { | 1435 | if (err != e_success) { |
1428 | delete [] encrypted; | 1436 | delete [] encrypted; |
1429 | delete [] decrypted; | 1437 | delete [] decrypted; |
diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h index 138dd3d..9fcdda7 100644 --- a/pwmanager/pwmanager/pwmdoc.h +++ b/pwmanager/pwmanager/pwmdoc.h | |||
@@ -736,9 +736,13 @@ protected: | |||
736 | /** check the data-hash */ | 736 | /** check the data-hash */ |
737 | PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); | 737 | PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); |
738 | /** encrypt data "d" and write to "filename" */ | 738 | /** encrypt data "d" and write to "filename" */ |
739 | PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); | 739 | PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo, |
740 | char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
741 | ); | ||
740 | /** read data from file beginning at "pos", decrypt and return it */ | 742 | /** read data from file beginning at "pos", decrypt and return it */ |
741 | PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); | 743 | PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, |
744 | char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase | ||
745 | QFile *f); | ||
742 | /** compress the data */ | 746 | /** compress the data */ |
743 | bool compressDta(string *d, char algo); | 747 | bool compressDta(string *d, char algo); |
744 | /** uncompress the data */ | 748 | /** uncompress the data */ |