author | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
---|---|---|
committer | ulf69 <ulf69> | 2004-11-07 02:10:50 (UTC) |
commit | 31c3fc0e0673b9403fb4ef4a9836305d1d49ff83 (patch) (side-by-side diff) | |
tree | f5a44f4402294d6fd61e204489cdd776acb804aa | |
parent | 2b6072e39edbc8c9ab36e1e835b252a799db97a1 (diff) | |
download | kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.zip kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.gz kdepimpi-31c3fc0e0673b9403fb4ef4a9836305d1d49ff83.tar.bz2 |
Fixed nasty PwM/Pi file reading bug, when
the used hash algo of file is different then the global
hash algo.
CVS ----------------------------------------------------------------------
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.cpp | 25 | ||||
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.h | 12 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.cpp | 20 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.h | 8 |
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp index ff94bf6..15f6cef 100644 --- a/pwmanager/pwmanager/libgcryptif.cpp +++ b/pwmanager/pwmanager/libgcryptif.cpp @@ -42,5 +42,7 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ) { PwMerror ret = e_success; @@ -106,5 +108,5 @@ PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); @@ -153,5 +155,7 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PwMerror ret = e_success; @@ -202,5 +206,5 @@ PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); @@ -315,5 +319,7 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, unsigned char *key, size_t keylen, - bool create) + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { DEK dek; @@ -323,5 +329,8 @@ bool LibGCryptIf::hashPassphrase(const unsigned char *pw, dek.keylen = keylen; s2k.mode = 1; - s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); + //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can + // be different from the one in the configuration. + s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo() + ); s2k.count = 0; if (!create) @@ -440,5 +449,5 @@ void LibGCryptIf::unpadData(const unsigned char *buf, pos = *bufLen - 1; while (buf[pos] != static_cast<char>(0x01)) { - qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); + //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); BUG_ON(!pos); //LR BUG we should terminte the loop if p == 0 @@ -448,5 +457,5 @@ void LibGCryptIf::unpadData(const unsigned char *buf, } *bufLen = pos; - qDebug("ente "); + //qDebug("ente "); } diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h index 1a7b658..9a987a2 100644 --- a/pwmanager/pwmanager/libgcryptif.h +++ b/pwmanager/pwmanager/libgcryptif.h @@ -74,5 +74,7 @@ public: const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** decrypt data. _algo is the PWM_CRYPT_* ID * of the algorithm. @@ -84,5 +86,7 @@ public: const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash data. _algo is the PWM_HASH_* ID of the hash */ PwMerror hash(unsigned char **outBuf, @@ -125,5 +129,7 @@ protected: unsigned char *key, size_t keylen, - bool create); + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash a passphrase to a cipher key */ bool doHashPassphrase(DEK *dek, diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp index 17cb74a..a740d6d 100644 --- a/pwmanager/pwmanager/pwmdoc.cpp +++ b/pwmanager/pwmanager/pwmdoc.cpp @@ -488,5 +488,5 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file) goto out_moveback; } - e = encrypt(&serialized, ¤tPw, &f, cryptAlgo); + e = encrypt(&serialized, ¤tPw, &f, cryptAlgo, hashAlgo); if (e == e_weakPw) { printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); @@ -608,5 +608,5 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked) return e_readFile; } - ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, &f); + ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, dataHashType, &f); if (ret == e_cryptNotImpl) { printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); @@ -1308,5 +1308,7 @@ bool PwMDoc::decompressDta(string *d, char algo) } -PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) +PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo, + char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PWM_ASSERT(d); @@ -1349,5 +1351,7 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ); delete [] plain; if (err != e_success) @@ -1372,5 +1376,7 @@ PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, - char algo, QFile *f) + char algo, + char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase + QFile *f) { PWM_ASSERT(d); @@ -1424,5 +1430,7 @@ PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); if (err != e_success) { delete [] encrypted; diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h index 138dd3d..9fcdda7 100644 --- a/pwmanager/pwmanager/pwmdoc.h +++ b/pwmanager/pwmanager/pwmdoc.h @@ -737,7 +737,11 @@ protected: PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); /** encrypt data "d" and write to "filename" */ - PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); + PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** read data from file beginning at "pos", decrypt and return it */ - PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); + PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, + char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase +QFile *f); /** compress the data */ bool compressDta(string *d, char algo); |