summaryrefslogtreecommitdiffabout
Unidiff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--pwmanager/pwmanager/libgcryptif.cpp25
-rw-r--r--pwmanager/pwmanager/libgcryptif.h12
-rw-r--r--pwmanager/pwmanager/pwmdoc.cpp20
-rw-r--r--pwmanager/pwmanager/pwmdoc.h8
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp
index ff94bf6..15f6cef 100644
--- a/pwmanager/pwmanager/libgcryptif.cpp
+++ b/pwmanager/pwmanager/libgcryptif.cpp
@@ -41,7 +41,9 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf,
41 size_t inBufLen, 41 size_t inBufLen,
42 const unsigned char *key, 42 const unsigned char *key,
43 size_t keylen, 43 size_t keylen,
44 char _algo) 44 char _algo,
45 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
46 )
45{ 47{
46 PwMerror ret = e_success; 48 PwMerror ret = e_success;
47 gcry_error_t err; 49 gcry_error_t err;
@@ -105,7 +107,7 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf,
105 } 107 }
106 // hash the "key" to a fixed size hash matching "cipherKeylen" 108 // hash the "key" to a fixed size hash matching "cipherKeylen"
107 hashedKey = new unsigned char[cipherKeylen]; 109 hashedKey = new unsigned char[cipherKeylen];
108 hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); 110 hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo);
109 // so now set the hashed key 111 // so now set the hashed key
110 err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); 112 err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen);
111 if (err != GPG_ERR_NO_ERROR) { 113 if (err != GPG_ERR_NO_ERROR) {
@@ -152,7 +154,9 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf,
152 size_t inBufLen, 154 size_t inBufLen,
153 const unsigned char *key, 155 const unsigned char *key,
154 size_t keylen, 156 size_t keylen,
155 char _algo) 157 char _algo,
158 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
159)
156{ 160{
157 PwMerror ret = e_success; 161 PwMerror ret = e_success;
158 gcry_error_t err; 162 gcry_error_t err;
@@ -201,7 +205,7 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf,
201 } 205 }
202 // hash the "key" to a fixed size hash matching "cipherKeylen" 206 // hash the "key" to a fixed size hash matching "cipherKeylen"
203 hashedKey = new unsigned char[cipherKeylen]; 207 hashedKey = new unsigned char[cipherKeylen];
204 hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); 208 hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo);
205 // so now set the hashed key 209 // so now set the hashed key
206 err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); 210 err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen);
207 if (err != GPG_ERR_NO_ERROR) { 211 if (err != GPG_ERR_NO_ERROR) {
@@ -314,7 +318,9 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw,
314 unsigned char *salt, 318 unsigned char *salt,
315 unsigned char *key, 319 unsigned char *key,
316 size_t keylen, 320 size_t keylen,
317 bool create) 321 bool create,
322 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
323)
318{ 324{
319 DEK dek; 325 DEK dek;
320 STRING2KEY s2k; 326 STRING2KEY s2k;
@@ -322,7 +328,10 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw,
322 328
323 dek.keylen = keylen; 329 dek.keylen = keylen;
324 s2k.mode = 1; 330 s2k.mode = 1;
325 s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); 331 //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can
332 // be different from the one in the configuration.
333 s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo()
334 );
326 s2k.count = 0; 335 s2k.count = 0;
327 if (!create) 336 if (!create)
328 memcpy(s2k.salt, salt, STRING2KEY_SALTLEN); 337 memcpy(s2k.salt, salt, STRING2KEY_SALTLEN);
@@ -439,7 +448,7 @@ void LibGCryptIf::unpadData(const unsigned char *buf,
439 BUG_ON(*bufLen % 8); 448 BUG_ON(*bufLen % 8);
440 pos = *bufLen - 1; 449 pos = *bufLen - 1;
441 while (buf[pos] != static_cast<char>(0x01)) { 450 while (buf[pos] != static_cast<char>(0x01)) {
442 qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); 451 //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) );
443 BUG_ON(!pos); 452 BUG_ON(!pos);
444 //LR BUG we should terminte the loop if p == 0 453 //LR BUG we should terminte the loop if p == 0
445 if ( pos == 0 ) 454 if ( pos == 0 )
@@ -447,7 +456,7 @@ void LibGCryptIf::unpadData(const unsigned char *buf,
447 --pos; 456 --pos;
448 } 457 }
449 *bufLen = pos; 458 *bufLen = pos;
450 qDebug("ente "); 459 //qDebug("ente ");
451} 460}
452 461
453#endif // CONFIG_PWMANAGER_GCRY 462#endif // CONFIG_PWMANAGER_GCRY
diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h
index 1a7b658..9a987a2 100644
--- a/pwmanager/pwmanager/libgcryptif.h
+++ b/pwmanager/pwmanager/libgcryptif.h
@@ -73,7 +73,9 @@ public:
73 size_t inBufLen, 73 size_t inBufLen,
74 const unsigned char *key, 74 const unsigned char *key,
75 size_t keylen, 75 size_t keylen,
76 char _algo); 76 char _algo,
77 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
78);
77 /** decrypt data. _algo is the PWM_CRYPT_* ID 79 /** decrypt data. _algo is the PWM_CRYPT_* ID
78 * of the algorithm. 80 * of the algorithm.
79 */ 81 */
@@ -83,7 +85,9 @@ public:
83 size_t inBufLen, 85 size_t inBufLen,
84 const unsigned char *key, 86 const unsigned char *key,
85 size_t keylen, 87 size_t keylen,
86 char _algo); 88 char _algo,
89 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
90);
87 /** hash data. _algo is the PWM_HASH_* ID of the hash */ 91 /** hash data. _algo is the PWM_HASH_* ID of the hash */
88 PwMerror hash(unsigned char **outBuf, 92 PwMerror hash(unsigned char **outBuf,
89 size_t *outBufLen, 93 size_t *outBufLen,
@@ -124,7 +128,9 @@ protected:
124 unsigned char *salt, 128 unsigned char *salt,
125 unsigned char *key, 129 unsigned char *key,
126 size_t keylen, 130 size_t keylen,
127 bool create); 131 bool create,
132 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
133);
128 /** hash a passphrase to a cipher key */ 134 /** hash a passphrase to a cipher key */
129 bool doHashPassphrase(DEK *dek, 135 bool doHashPassphrase(DEK *dek,
130 const unsigned char *pw, 136 const unsigned char *pw,
diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp
index 17cb74a..a740d6d 100644
--- a/pwmanager/pwmanager/pwmdoc.cpp
+++ b/pwmanager/pwmanager/pwmdoc.cpp
@@ -487,7 +487,7 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file)
487 ret = e_enc; 487 ret = e_enc;
488 goto out_moveback; 488 goto out_moveback;
489 } 489 }
490 e = encrypt(&serialized, &currentPw, &f, cryptAlgo); 490 e = encrypt(&serialized, &currentPw, &f, cryptAlgo, hashAlgo);
491 if (e == e_weakPw) { 491 if (e == e_weakPw) {
492 printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); 492 printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw");
493 f.close(); 493 f.close();
@@ -607,7 +607,7 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked)
607 } else 607 } else
608 return e_readFile; 608 return e_readFile;
609 } 609 }
610 ret = decrypt(&decrypted, headerLen, &currentPw, cryptAlgo, &f); 610 ret = decrypt(&decrypted, headerLen, &currentPw, cryptAlgo, dataHashType, &f);
611 if (ret == e_cryptNotImpl) { 611 if (ret == e_cryptNotImpl) {
612 printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); 612 printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl");
613 f.close(); 613 f.close();
@@ -1307,7 +1307,9 @@ bool PwMDoc::decompressDta(string *d, char algo)
1307 return false; 1307 return false;
1308} 1308}
1309 1309
1310PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) 1310PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo,
1311 char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
1312)
1311{ 1313{
1312 PWM_ASSERT(d); 1314 PWM_ASSERT(d);
1313 PWM_ASSERT(pw); 1315 PWM_ASSERT(pw);
@@ -1348,7 +1350,9 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo)
1348 d->length(), 1350 d->length(),
1349 reinterpret_cast<const unsigned char *>(pw->latin1()), 1351 reinterpret_cast<const unsigned char *>(pw->latin1()),
1350 pw->length(), 1352 pw->length(),
1351 algo); 1353 algo,
1354 hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
1355 );
1352 delete [] plain; 1356 delete [] plain;
1353 if (err != e_success) 1357 if (err != e_success)
1354 return e_cryptNotImpl; 1358 return e_cryptNotImpl;
@@ -1371,7 +1375,9 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo)
1371} 1375}
1372 1376
1373PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, 1377PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw,
1374 char algo, QFile *f) 1378 char algo,
1379 char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase
1380 QFile *f)
1375{ 1381{
1376 PWM_ASSERT(d); 1382 PWM_ASSERT(d);
1377 PWM_ASSERT(pw); 1383 PWM_ASSERT(pw);
@@ -1423,7 +1429,9 @@ PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw,
1423 cryptLen, 1429 cryptLen,
1424 reinterpret_cast<const unsigned char *>(pw->latin1()), 1430 reinterpret_cast<const unsigned char *>(pw->latin1()),
1425 pw->length(), 1431 pw->length(),
1426 algo); 1432 algo,
1433 hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
1434);
1427 if (err != e_success) { 1435 if (err != e_success) {
1428 delete [] encrypted; 1436 delete [] encrypted;
1429 delete [] decrypted; 1437 delete [] decrypted;
diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h
index 138dd3d..9fcdda7 100644
--- a/pwmanager/pwmanager/pwmdoc.h
+++ b/pwmanager/pwmanager/pwmdoc.h
@@ -736,9 +736,13 @@ protected:
736 /** check the data-hash */ 736 /** check the data-hash */
737 PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); 737 PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream);
738 /** encrypt data "d" and write to "filename" */ 738 /** encrypt data "d" and write to "filename" */
739 PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); 739 PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo,
740 char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
741);
740 /** read data from file beginning at "pos", decrypt and return it */ 742 /** read data from file beginning at "pos", decrypt and return it */
741 PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); 743 PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo,
744 char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase
745QFile *f);
742 /** compress the data */ 746 /** compress the data */
743 bool compressDta(string *d, char algo); 747 bool compressDta(string *d, char algo);
744 /** uncompress the data */ 748 /** uncompress the data */