-rw-r--r-- | pwmanager/pwmanager/libgcryptif.cpp | 25 | ||||
-rw-r--r-- | pwmanager/pwmanager/libgcryptif.h | 12 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.cpp | 20 | ||||
-rw-r--r-- | pwmanager/pwmanager/pwmdoc.h | 8 |
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp index ff94bf6..15f6cef 100644 --- a/pwmanager/pwmanager/libgcryptif.cpp +++ b/pwmanager/pwmanager/libgcryptif.cpp @@ -1,454 +1,463 @@ /*************************************************************************** * * * copyright (C) 2004 by Michael Buesch * * email: mbuesch@freenet.de * * * * hashPassphrase() is derived from GnuPG and is * * Copyright (C) 1998, 1999, 2000, 2001, 2003 * * Free Software Foundation, Inc. * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License version 2 * * as published by the Free Software Foundation. * * * ***************************************************************************/ /*************************************************************************** * copyright (C) 2004 by Ulf Schenk * This file is originaly based on version 1.1 of pwmanager * and was modified to run on embedded devices that run microkde * * $Id$ **************************************************************************/ #include "libgcryptif.h" #ifdef CONFIG_PWMANAGER_GCRY #include "pwmdoc.h" #include "randomizer.h" #include <gcrypt.h> #ifdef PWM_EMBEDDED #include <pwmprefs.h> #endif PwMerror LibGCryptIf::encrypt(unsigned char **outBuf, size_t *outBufLen, unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ) { PwMerror ret = e_success; gcry_error_t err; gcry_cipher_hd_t handle; size_t blklen; size_t unpaddedLen = inBufLen; size_t cipherKeylen; unsigned char *hashedKey; unsigned char salt[STRING2KEY_SALTLEN]; int algo = mapCipherId(_algo); if (!inBufLen || !keylen) return e_invalidArg; // test if algo is ready for encryption err = gcry_cipher_algo_info(algo, GCRYCTL_TEST_ALGO, 0, 0); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_TEST_ALGO failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // get the algo block length err = gcry_cipher_algo_info(algo, GCRYCTL_GET_BLKLEN, 0, &blklen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_GET_BLKLEN failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } /* double check if we have enough space. * We have only 1024 extra bytes for padding and salt. */ BUG_ON(blklen > 1024 - STRING2KEY_SALTLEN); // get the algo key length err = gcry_cipher_algo_info(algo, GCRYCTL_GET_KEYLEN, 0, &cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_GET_KEYLEN failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // now open the algo and get a handle err = gcry_cipher_open(&handle, algo, GCRY_CIPHER_MODE_CBC, 0); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_open() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_setkey() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; delete [] hashedKey; goto out_close; } delete [] hashedKey; /* allocate a buffer for the encrypted data. * The size of the buffer is the inBuf length, but blklen * aligned and plus the length of the salt, that is appended. */ *outBufLen = getBufLen(unpaddedLen, blklen) + STRING2KEY_SALTLEN; *outBuf = new unsigned char[*outBufLen]; padData(inBuf, unpaddedLen, blklen); // encrypt the padded data err = gcry_cipher_encrypt(handle, *outBuf, *outBufLen - STRING2KEY_SALTLEN, inBuf, *outBufLen - STRING2KEY_SALTLEN); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_encrypt() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out_delete; } // append the salt to the encrypted data memcpy(*outBuf + *outBufLen - STRING2KEY_SALTLEN, salt, STRING2KEY_SALTLEN); goto out_close; out_delete: delete [] *outBuf; out_close: gcry_cipher_close(handle); out: return ret; } PwMerror LibGCryptIf::decrypt(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo) + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PwMerror ret = e_success; gcry_error_t err; gcry_cipher_hd_t handle; size_t cipherKeylen; unsigned char *hashedKey; unsigned char salt[STRING2KEY_SALTLEN]; int algo = mapCipherId(_algo); if (!inBufLen || !keylen) return e_invalidArg; // test if algo is ready for encryption err = gcry_cipher_algo_info(algo, GCRYCTL_TEST_ALGO, 0, 0); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doDecrypt(): GCRYCTL_TEST_ALGO failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // get algo key length err = gcry_cipher_algo_info(algo, GCRYCTL_GET_KEYLEN, 0, &cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doDecrypt(): GCRYCTL_GET_KEYLEN failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // extract the salt of the encrypted data buffer memcpy(salt, inBuf + inBufLen - STRING2KEY_SALTLEN, STRING2KEY_SALTLEN); // open the algo and get a handle err = gcry_cipher_open(&handle, algo, GCRY_CIPHER_MODE_CBC, 0); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doDecrypt(): gcry_cipher_open() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out; } // hash the "key" to a fixed size hash matching "cipherKeylen" hashedKey = new unsigned char[cipherKeylen]; - hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false); + hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo); // so now set the hashed key err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doDecrypt(): gcry_cipher_setkey() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; delete [] hashedKey; goto out_close; } delete [] hashedKey; *outBufLen = inBufLen - STRING2KEY_SALTLEN; *outBuf = new unsigned char[*outBufLen]; // decrypt the data err = gcry_cipher_decrypt(handle, *outBuf, *outBufLen, inBuf, *outBufLen); if (err != GPG_ERR_NO_ERROR) { printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_encrypt() failed: ") + gcry_strerror(err)); ret = e_cryptNotImpl; goto out_delete; } // remove all random padding unpadData(*outBuf, outBufLen); goto out_close; out_delete: delete [] *outBuf; out_close: gcry_cipher_close(handle); out: return ret; } PwMerror LibGCryptIf::hash(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, char _algo) { PwMerror ret = e_success; unsigned int hashLen; int algo = mapHashId(_algo); hashLen = gcry_md_get_algo_dlen(algo); *outBufLen = hashLen; *outBuf = new unsigned char[*outBufLen]; gcry_md_hash_buffer(algo, *outBuf, inBuf, inBufLen); return ret; } unsigned int LibGCryptIf::hashLength(char _algo) { unsigned int ret; int algo = mapHashId(_algo); ret = gcry_md_get_algo_dlen(algo); return ret; } int LibGCryptIf::mapCipherId(char algo) { switch (algo) { case PWM_CRYPT_AES128: return GCRY_CIPHER_AES; case PWM_CRYPT_AES192: return GCRY_CIPHER_AES192; case PWM_CRYPT_AES256: return GCRY_CIPHER_AES256; case PWM_CRYPT_3DES: return GCRY_CIPHER_3DES; case PWM_CRYPT_TWOFISH: return GCRY_CIPHER_TWOFISH; case PWM_CRYPT_TWOFISH128: return GCRY_CIPHER_TWOFISH128; default: BUG(); } return GCRY_CIPHER_NONE; } int LibGCryptIf::mapHashId(char algo) { switch (algo) { case PWM_HASH_SHA1: return GCRY_MD_SHA1; case PWM_HASH_SHA256: return GCRY_MD_SHA256; case PWM_HASH_SHA384: return GCRY_MD_SHA384; case PWM_HASH_SHA512: return GCRY_MD_SHA512; case PWM_HASH_MD5: return GCRY_MD_MD5; case PWM_HASH_RMD160: return GCRY_MD_RMD160; case PWM_HASH_TIGER: return GCRY_MD_TIGER; default: BUG(); } return GCRY_MD_NONE; } bool LibGCryptIf::hashPassphrase(const unsigned char *pw, size_t pwlen, unsigned char *salt, unsigned char *key, size_t keylen, - bool create) + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { DEK dek; STRING2KEY s2k; bool ret; dek.keylen = keylen; s2k.mode = 1; - s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo()); + //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can + // be different from the one in the configuration. + s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo() + ); s2k.count = 0; if (!create) memcpy(s2k.salt, salt, STRING2KEY_SALTLEN); ret = doHashPassphrase(&dek, pw, pwlen, &s2k, create); if (!ret) goto out; memcpy(key, dek.key, dek.keylen); if (create) memcpy(salt, s2k.salt, STRING2KEY_SALTLEN); out: return ret; } bool LibGCryptIf::doHashPassphrase(DEK *dek, const unsigned char *pw, size_t pwlen, STRING2KEY *s2k, bool create) { // This function is derived from GnuPG-1.2.5-rc2 gcry_md_hd_t md; gcry_error_t err; bool ret = true; size_t pass, i; size_t used = 0; PWM_ASSERT(s2k->hash_algo); BUG_ON(!(dek->keylen > 0 && dek->keylen <= array_size(dek->key))); err = gcry_md_open(&md, s2k->hash_algo, 0); if (err != GPG_ERR_NO_ERROR) { ret = false; goto out; } for (pass = 0; used < dek->keylen; pass++) { if (pass) { gcry_md_reset(md); for (i = 0; i < pass; i++) // preset the hash context gcry_md_putc(md, 0); } if (s2k->mode == 1 || s2k->mode == 3) { size_t len2 = pwlen + 8; size_t count = len2; if (create && !pass) { Randomizer *rnd = Randomizer::obj(); const unsigned int salt_len = 8; string rndBuf(rnd->genRndBuf(salt_len)); memcpy(s2k->salt, rndBuf.c_str(), salt_len); if (s2k->mode == 3) s2k->count = 96; // 65536 iterations } if (s2k->mode == 3) { count = (16ul + (s2k->count & 15)) << ((s2k->count >> 4) + 6); if (count < len2) count = len2; } // a little bit complicated because we need a ulong for count while (count > len2) { // maybe iterated+salted gcry_md_write(md, s2k->salt, 8); gcry_md_write(md, pw, pwlen); count -= len2; } if (count < 8) { gcry_md_write(md, s2k->salt, count); } else { gcry_md_write(md, s2k->salt, 8); count -= 8; gcry_md_write(md, pw, count); } } else gcry_md_write(md, pw, pwlen); gcry_md_final(md); i = gcry_md_get_algo_dlen(s2k->hash_algo); if (i > dek->keylen - used) i = dek->keylen - used; memcpy(dek->key+used, gcry_md_read(md, s2k->hash_algo), i); used += i; } gcry_md_close(md); out: return ret; } void LibGCryptIf::padData(unsigned char *buf, size_t bufLen, size_t boundary) { size_t numPadBytes = boundary - ((bufLen + 1) % boundary); buf[bufLen] = static_cast<char>(0x01); size_t i = 0; Randomizer *rnd = Randomizer::obj(); char c; unsigned char *b; while (i < numPadBytes) { c = rnd->genRndChar(); if (c == static_cast<char>(0x01)) continue; b = buf + bufLen + 1 + i; *b = c; ++i; } } void LibGCryptIf::unpadData(const unsigned char *buf, size_t *bufLen) { size_t pos; BUG_ON(*bufLen % 8); pos = *bufLen - 1; while (buf[pos] != static_cast<char>(0x01)) { - qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); + //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) ); BUG_ON(!pos); //LR BUG we should terminte the loop if p == 0 if ( pos == 0 ) break; --pos; } *bufLen = pos; - qDebug("ente "); + //qDebug("ente "); } #endif // CONFIG_PWMANAGER_GCRY diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h index 1a7b658..9a987a2 100644 --- a/pwmanager/pwmanager/libgcryptif.h +++ b/pwmanager/pwmanager/libgcryptif.h @@ -1,171 +1,177 @@ /*************************************************************************** * * * copyright (C) 2004 by Michael Buesch * * email: mbuesch@freenet.de * * * * hashPassphrase() is derived from GnuPG and is * * Copyright (C) 1998, 1999, 2000, 2001, 2003 * * Free Software Foundation, Inc. * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License version 2 * * as published by the Free Software Foundation. * * * ***************************************************************************/ /*************************************************************************** * copyright (C) 2004 by Ulf Schenk * This file is originaly based on version 1.1 of pwmanager * and was modified to run on embedded devices that run microkde * * $Id$ **************************************************************************/ #ifndef __LIBGCRYPTIF_H #define __LIBGCRYPTIF_H #include "pwmexception.h" //#undef CONFIG_PWMANAGER_GCRY // for debugging only. #ifdef CONFIG_PWMANAGER_GCRY #include <stddef.h> #include <sys/types.h> #ifndef _WIN32_ #include <stdint.h> #else #define uint8_t Q_UINT8 #define byte Q_UINT8 #define uint32_t Q_UINT32 #endif #define STRING2KEY_SALTLEN 8 /** interface class for the libgcrypt cipher and hash algorithms * NOTE: Always allocate 1024 extra bytes for the inBuf (for padding) */ class LibGCryptIf { protected: struct STRING2KEY { int mode; int hash_algo; uint8_t salt[STRING2KEY_SALTLEN]; uint32_t count; }; struct DEK { size_t keylen; uint8_t key[32]; // this is the largest used keylen (256 bit) }; public: LibGCryptIf() { } /** is libgcrypt available? */ static bool available() { return true; } /** encrypt data. _algo is the PWM_CRYPT_* ID * of the algorithm. */ PwMerror encrypt(unsigned char **outBuf, size_t *outBufLen, unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** decrypt data. _algo is the PWM_CRYPT_* ID * of the algorithm. */ PwMerror decrypt(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, const unsigned char *key, size_t keylen, - char _algo); + char _algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash data. _algo is the PWM_HASH_* ID of the hash */ PwMerror hash(unsigned char **outBuf, size_t *outBufLen, const unsigned char *inBuf, size_t inBufLen, char _algo); /** returns the length of the hash. _algo is the PWM_HASH_* * id of the hash. returns 0 on error. */ unsigned int hashLength(char _algo); protected: /** returns the total buffer length */ size_t getBufLen(size_t inBufLen, size_t boundary) { return ((boundary - (inBufLen % boundary)) + inBufLen); } /** pad the data up to the given boundary. * "buf" has to be big enough! */ void padData(unsigned char *buf, size_t bufLen, size_t boundary); /** unpad the data */ void unpadData(const unsigned char *buf, size_t *bufLen); /** maps the PWM_CRYPT_* ID of an algorithm * to the libgcrypt GCRY_CIPHER_* ID */ int mapCipherId(char algo); /** maps the PWM_HASH_* ID of an algorithm * to the libgcrypt GCRY_MD_* ID */ int mapHashId(char algo); /** hash a passphrase to a cipher key */ bool hashPassphrase(const unsigned char *pw, size_t pwlen, unsigned char *salt, unsigned char *key, size_t keylen, - bool create); + bool create, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** hash a passphrase to a cipher key */ bool doHashPassphrase(DEK *dek, const unsigned char *pw, size_t pwlen, STRING2KEY *s2k, bool create); }; #else // CONFIG_PWMANAGER_GCRY /** libgcrypt is not installed. This is a NOP wrapper. */ class LibGCryptIf { public: LibGCryptIf() { } static bool available() { return false; } PwMerror encrypt(unsigned char **, size_t *, unsigned char *, size_t, const unsigned char *, size_t, char) { return e_cryptNotImpl; } PwMerror decrypt(unsigned char **, size_t *, const unsigned char *, size_t, const unsigned char *, size_t, char) { return e_cryptNotImpl; } PwMerror hash(unsigned char **, size_t *, const unsigned char *, size_t, char) { return e_hashNotImpl; } unsigned int hashLength(char) { return 0; } }; #endif // CONFIG_PWMANAGER_GCRY #endif // __LIBGCRYPTIF_H diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp index 17cb74a..a740d6d 100644 --- a/pwmanager/pwmanager/pwmdoc.cpp +++ b/pwmanager/pwmanager/pwmdoc.cpp @@ -362,377 +362,377 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file) * on disk. BUT we need to do saving procedure, * because *file != savedFilename. * Additionally we need to tempoarly restore * the old "filename", because deepLock() references it. */ QString newFilename(filename); filename = savedFilename; getDataChangedLock(); e = deepLock(false); putDataChangedLock(); filename = newFilename; switch (e) { case e_success: break; case e_wrongPw: case e_noPw: emitDataChanged(this); return e; default: emitDataChanged(this); return e_openFile; } } if (!isPwAvailable()) { /* password is not available. This means, the * document wasn't saved, yet. */ bool useChipcard = getDocStatFlag(DOC_STAT_USE_CHIPCARD); QString pw(requestNewMpw(&useChipcard)); if (pw != "") { currentPw = pw; } else { return e_noPw; } if (useChipcard) { setDocStatFlag(DOC_STAT_USE_CHIPCARD); } else { unsetDocStatFlag(DOC_STAT_USE_CHIPCARD); } } int _cryptAlgo = conf()->confGlobCryptAlgo(); int _hashAlgo = conf()->confGlobHashAlgo(); // sanity check for the selected algorithms if (_cryptAlgo < PWM_CRYPT_BLOWFISH || _cryptAlgo > PWM_CRYPT_TWOFISH128) { printWarn("Invalid Crypto-Algorithm selected! " "Config-file seems to be corrupt. " "Falling back to Blowfish."); _cryptAlgo = PWM_CRYPT_BLOWFISH; } if (_hashAlgo < PWM_HASH_SHA1 || _hashAlgo > PWM_HASH_TIGER) { printWarn("Invalid Hash-Algorithm selected! " "Config-file seems to be corrupt. " "Falling back to SHA1."); _hashAlgo = PWM_HASH_SHA1; } char cryptAlgo = static_cast<char>(_cryptAlgo); char hashAlgo = static_cast<char>(_hashAlgo); if (conf()->confGlobMakeFileBackup()) { if (!backupFile(filename)) return e_fileBackup; } if (QFile::exists(filename)) { /* Move the existing file to some tmp file. * When saving file succeeds, delete tmp file. Otherwise * move tmp file back. See below. */ Randomizer *rnd = Randomizer::obj(); char rnd_buf[5]; sprintf(rnd_buf, "%X%X%X%X", rnd->genRndChar() & 0xFF, rnd->genRndChar() & 0xFF, rnd->genRndChar() & 0xFF, rnd->genRndChar() & 0xFF); tmpFileMoved = filename + "." + rnd_buf + ".mv"; if (!copyFile(filename, tmpFileMoved)) return e_openFile; if (!QFile::remove(filename)) { printWarn(string("removing orig file ") + filename.latin1() + " failed!"); } } f.setName(filename); if (!f.open(IO_ReadWrite)) { ret = e_openFile; goto out_moveback; } e = writeFileHeader(hashAlgo, hashAlgo, cryptAlgo, compress, ¤tPw, &f); if (e == e_hashNotImpl) { printDebug("PwMDoc::saveDoc(): writeFileHeader() failed: e_hashNotImpl"); f.close(); ret = e_hashNotImpl; goto out_moveback; } else if (e != e_success) { printDebug("PwMDoc::saveDoc(): writeFileHeader() failed"); f.close(); ret = e_writeHeader; goto out_moveback; } if (!serializeDta(&serialized)) { printDebug("PwMDoc::saveDoc(): serializeDta() failed"); f.close(); ret = e_serializeDta; goto out_moveback; } e = writeDataHash(hashAlgo, &serialized, &f); if (e == e_hashNotImpl) { printDebug("PwMDoc::saveDoc(): writeDataHash() failed: e_hashNotImpl"); f.close(); ret = e_hashNotImpl; goto out_moveback; } else if (e != e_success) { printDebug("PwMDoc::saveDoc(): writeDataHash() failed"); f.close(); ret = e_writeHeader; goto out_moveback; } if (!compressDta(&serialized, compress)) { printDebug("PwMDoc::saveDoc(): compressDta() failed"); f.close(); ret = e_enc; goto out_moveback; } - e = encrypt(&serialized, ¤tPw, &f, cryptAlgo); + e = encrypt(&serialized, ¤tPw, &f, cryptAlgo, hashAlgo); if (e == e_weakPw) { printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw"); f.close(); ret = e_weakPw; goto out_moveback; } else if (e == e_cryptNotImpl) { printDebug("PwMDoc::saveDoc(): encrypt() failed: e_cryptNotImpl"); f.close(); ret = e_cryptNotImpl; goto out_moveback; } else if (e != e_success) { printDebug("PwMDoc::saveDoc(): encrypt() failed"); f.close(); ret = e_enc; goto out_moveback; } unsetDocStatFlag(DOC_STAT_DISK_DIRTY); f.close(); #ifndef _WIN32_ if (chmod(filename.latin1(), conf()->confGlobFilePermissions())) { printWarn(string("chmod failed: ") + strerror(errno)); } #endif openDocList.edit(this, getTitle().latin1()); if (wasDeepLocked) { /* Do _not_ save the data with the deepLock() * call, because this will recurse * into saveDoc() */ deepLock(true, false); /* We don't check return value here, because * it won't fail. See NOTE in deepLock() */ } if (tmpFileMoved != QString::null) { // now remove the moved file. if (!QFile::remove(tmpFileMoved)) { printWarn(string("removing file ") + tmpFileMoved.latin1() + " failed!"); } } ret = e_success; printDebug(string("writing file { name: ") + filename.latin1() + " compress: " + tostr(static_cast<int>(compress)) + " cryptAlgo: " + tostr(static_cast<int>(cryptAlgo)) + " hashAlgo: " + tostr(static_cast<int>(hashAlgo)) + " }"); goto out; out_moveback: if (tmpFileMoved != QString::null) { if (copyFile(tmpFileMoved, filename)) { if (!QFile::remove(tmpFileMoved)) { printWarn(string("removing tmp file ") + filename.latin1() + " failed!"); } } else { printWarn(string("couldn't copy file ") + tmpFileMoved.latin1() + " back to " + filename.latin1()); } } out: return ret; } PwMerror PwMDoc::openDoc(const QString *file, int openLocked) { PWM_ASSERT(file); PWM_ASSERT(openLocked == 0 || openLocked == 1 || openLocked == 2); string decrypted, dataHash; PwMerror ret; char cryptAlgo, dataHashType, compress; unsigned int headerLen; if (*file == "") return e_readFile; filename = *file; /* check if this file is already open. * This does not catch symlinks! */ if (!isDeepLocked()) { if (getOpenDocList()->find(filename.latin1())) return e_alreadyOpen; } QFile f(filename); if (openLocked == 2) { // open deep-locked if (!QFile::exists(filename)) return e_openFile; if (deepLock(true, false) != e_success) return e_openFile; goto out_success; } if (!f.open(IO_ReadOnly)) return e_openFile; ret = checkHeader(&cryptAlgo, ¤tPw, &compress, &headerLen, &dataHashType, &dataHash, &f); if (ret != e_success) { printDebug("PwMDoc::openDoc(): checkHeader() failed"); f.close(); if (ret == e_wrongPw) { wrongMpwMsgBox(getDocStatFlag(DOC_STAT_USE_CHIPCARD)); return ret; } else if (ret == e_noPw || ret == e_fileVer || ret == e_fileFormat || ret == e_hashNotImpl) { return ret; } else return e_readFile; } - ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, &f); + ret = decrypt(&decrypted, headerLen, ¤tPw, cryptAlgo, dataHashType, &f); if (ret == e_cryptNotImpl) { printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl"); f.close(); return e_cryptNotImpl; } else if (ret != e_success) { printDebug("PwMDoc::openDoc(): decrypt() failed"); f.close(); return e_readFile; } if (!decompressDta(&decrypted, compress)) { printDebug("PwMDoc::openDoc(): decompressDta() failed"); f.close(); return e_fileCorrupt; } ret = checkDataHash(dataHashType, &dataHash, &decrypted); if (ret == e_hashNotImpl) { printDebug("PwMDoc::openDoc(): checkDataHash() failed: e_hashNotImpl"); f.close(); return e_hashNotImpl; } else if (ret != e_success) { printDebug("PwMDoc::openDoc(): checkDataHash() failed"); f.close(); return e_fileCorrupt; } if (!deSerializeDta(&decrypted, openLocked == 1)) { printDebug("PwMDoc::openDoc(): deSerializeDta() failed"); f.close(); return e_readFile; } f.close(); timer()->start(DocTimer::id_mpwTimer); timer()->start(DocTimer::id_autoLockTimer); out_success: openDocList.edit(this, getTitle().latin1()); emit docOpened(this); return e_success; } PwMerror PwMDoc::writeFileHeader(char keyHash, char dataHash, char crypt, char compress, QString *pw, QFile *f) { PWM_ASSERT(pw); PWM_ASSERT(f); //US ENH: or maybe a bug: checking here for listView does not make sense because we do not check anywhere else //Wenn I sync, I open a doc without a view => listView is 0 => Assertion //US PWM_ASSERT(listView); if (f->writeBlock(FILE_ID_HEADER, strlen(FILE_ID_HEADER)) != static_cast<Q_LONG>(strlen(FILE_ID_HEADER))) { return e_writeFile; } if (f->putch(PWM_FILE_VER) == -1 || f->putch(keyHash) == -1 || f->putch(dataHash) == -1 || f->putch(crypt) == -1 || f->putch(compress) == -1 || f->putch((getDocStatFlag(DOC_STAT_USE_CHIPCARD)) ? (static_cast<char>(0x01)) : (static_cast<char>(0x00))) == -1) { return e_writeFile; } // write bytes of NUL-data. These bytes are reserved for future-use. const int bufSize = 64; char tmp_buf[bufSize]; memset(tmp_buf, 0x00, bufSize); if (f->writeBlock(tmp_buf, bufSize) != bufSize) return e_writeFile; switch (keyHash) { case PWM_HASH_SHA1: { const int hashlen = SHA1_HASH_LEN_BYTE; Sha1 hash; hash.sha1_write(reinterpret_cast<const byte *>(pw->latin1()), pw->length()); string ret = hash.sha1_read(); if (f->writeBlock(ret.c_str(), hashlen) != hashlen) return e_writeFile; break; } case PWM_HASH_SHA256: /*... fall through */ case PWM_HASH_SHA384: case PWM_HASH_SHA512: case PWM_HASH_MD5: case PWM_HASH_RMD160: case PWM_HASH_TIGER: { if (!LibGCryptIf::available()) return e_hashNotImpl; LibGCryptIf gc; PwMerror err; unsigned char *buf; size_t hashLen; err = gc.hash(&buf, &hashLen, reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), keyHash); if (err != e_success) return e_hashNotImpl; if (f->writeBlock(reinterpret_cast<const char *>(buf), hashLen) != static_cast<Q_LONG>(hashLen)) { delete [] buf; return e_hashNotImpl; } delete [] buf; break; } default: { return e_hashNotImpl; } } return e_success; } PwMerror PwMDoc::checkHeader(char *cryptAlgo, QString *pw, char *compress, unsigned int *headerLength, char *dataHashType, string *dataHash, QFile *f) { PWM_ASSERT(cryptAlgo); PWM_ASSERT(pw); PWM_ASSERT(headerLength); PWM_ASSERT(dataHashType); PWM_ASSERT(dataHash); PWM_ASSERT(f); int tmpRet; // check "magic" header const char magicHdr[] = FILE_ID_HEADER; const int hdrLen = array_size(magicHdr) - 1; char tmp[hdrLen]; if (f->readBlock(tmp, hdrLen) != hdrLen) @@ -1182,373 +1182,381 @@ bool PwMDoc::deSerializeDta(const string *d, bool entriesLocked) #ifndef PWM_EMBEDDED try { Serializer ser(d->c_str()); ser.setDefaultLockStat(entriesLocked); if (!ser.deSerialize(&dti)) return false; } catch (PwMException) { return false; } #else Serializer ser(d->c_str()); ser.setDefaultLockStat(entriesLocked); if (!ser.deSerialize(&dti)) return false; #endif emitDataChanged(this); return true; } bool PwMDoc::getEntry(const QString &category, unsigned int index, PwMDataItem * d, bool unlockIfLocked) { PWM_ASSERT(d); unsigned int cat = 0; if (!findCategory(category, &cat)) { BUG(); return false; } return getEntry(cat, index, d, unlockIfLocked); } bool PwMDoc::getEntry(unsigned int category, unsigned int index, PwMDataItem *d, bool unlockIfLocked) { if (index > dti.dta[category].d.size() - 1) return false; bool locked = isLocked(category, index); if (locked) { /* this entry is locked. We don't return a password, * until it's unlocked by the user by inserting * chipcard or entering the mpw */ if (unlockIfLocked) { if (!lockAt(category, index, false)) { return false; } locked = false; } } *d = dti.dta[category].d[index]; if (locked) d->pw = LOCKED_STRING.latin1(); return true; } PwMerror PwMDoc::getCommentByLvp(const QString &category, int listViewPos, string *foundComment) { PWM_ASSERT(foundComment); unsigned int cat = 0; if (!findCategory(category, &cat)) return e_invalidArg; unsigned int i, entries = numEntries(cat); for (i = 0; i < entries; ++i) { if (dti.dta[cat].d[i].listViewPos == listViewPos) { *foundComment = dti.dta[cat].d[i].comment; if (dti.dta[cat].d[i].binary) return e_binEntry; return e_normalEntry; } } BUG(); return e_generic; } bool PwMDoc::compressDta(string *d, char algo) { PWM_ASSERT(d); switch (algo) { case PWM_COMPRESS_GZIP: { CompressGzip comp; return comp.compress(d); } #ifndef PWM_EMBEDDED case PWM_COMPRESS_BZIP2: { CompressBzip2 comp; return comp.compress(d); } #endif case PWM_COMPRESS_NONE: { return true; } default: { BUG(); } } return false; } bool PwMDoc::decompressDta(string *d, char algo) { PWM_ASSERT(d); switch (algo) { case PWM_COMPRESS_GZIP: { CompressGzip comp; return comp.decompress(d); } #ifndef PWM_EMBEDDED case PWM_COMPRESS_BZIP2: { CompressBzip2 comp; return comp.decompress(d); } #endif case PWM_COMPRESS_NONE: { return true; } } return false; } -PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo) +PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo, + char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +) { PWM_ASSERT(d); PWM_ASSERT(pw); PWM_ASSERT(f); size_t encSize; byte *encrypted = 0; switch (algo) { case PWM_CRYPT_BLOWFISH: { Blowfish::padNull(d); encSize = d->length(); encrypted = new byte[encSize]; Blowfish bf; if (bf.bf_setkey((byte *) pw->latin1(), pw->length())) { delete [] encrypted; return e_weakPw; } bf.bf_encrypt((byte *) encrypted, (byte *) d->c_str(), encSize); break; } case PWM_CRYPT_AES128: /*... fall through */ case PWM_CRYPT_AES192: case PWM_CRYPT_AES256: case PWM_CRYPT_3DES: case PWM_CRYPT_TWOFISH: case PWM_CRYPT_TWOFISH128: { if (!LibGCryptIf::available()) return e_cryptNotImpl; LibGCryptIf gc; PwMerror err; unsigned char *plain = new unsigned char[d->length() + 1024]; memcpy(plain, d->c_str(), d->length()); err = gc.encrypt(&encrypted, &encSize, plain, d->length(), reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase + ); delete [] plain; if (err != e_success) return e_cryptNotImpl; break; } default: { delete_ifnot_null_array(encrypted); return e_cryptNotImpl; } } // write encrypted data to file if (f->writeBlock(reinterpret_cast<const char *>(encrypted), static_cast<Q_ULONG>(encSize)) != static_cast<Q_LONG>(encSize)) { delete_ifnot_null_array(encrypted); return e_writeFile; } delete_ifnot_null_array(encrypted); return e_success; } PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw, - char algo, QFile *f) + char algo, + char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase + QFile *f) { PWM_ASSERT(d); PWM_ASSERT(pw); PWM_ASSERT(f); unsigned int cryptLen = f->size() - pos; byte *encrypted = new byte[cryptLen]; byte *decrypted = new byte[cryptLen]; f->at(pos); #ifndef PWM_EMBEDDED if (f->readBlock(reinterpret_cast<char *>(encrypted), static_cast<Q_ULONG>(cryptLen)) != static_cast<Q_LONG>(cryptLen)) { delete [] encrypted; delete [] decrypted; return e_readFile; } #else if (f->readBlock((char *)(encrypted), (unsigned long)(cryptLen)) != (long)(cryptLen)) { delete [] encrypted; delete [] decrypted; return e_readFile; } #endif switch (algo) { case PWM_CRYPT_BLOWFISH: { Blowfish bf; bf.bf_setkey((byte *) pw->latin1(), pw->length()); bf.bf_decrypt(decrypted, encrypted, cryptLen); break; } case PWM_CRYPT_AES128: /*... fall through */ case PWM_CRYPT_AES192: case PWM_CRYPT_AES256: case PWM_CRYPT_3DES: case PWM_CRYPT_TWOFISH: case PWM_CRYPT_TWOFISH128: { if (!LibGCryptIf::available()) return e_cryptNotImpl; LibGCryptIf gc; PwMerror err; err = gc.decrypt(&decrypted, &cryptLen, encrypted, cryptLen, reinterpret_cast<const unsigned char *>(pw->latin1()), pw->length(), - algo); + algo, + hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); if (err != e_success) { delete [] encrypted; delete [] decrypted; return e_cryptNotImpl; } break; } default: { delete [] encrypted; delete [] decrypted; return e_cryptNotImpl; } } delete [] encrypted; #ifndef PWM_EMBEDDED d->assign(reinterpret_cast<const char *>(decrypted), static_cast<string::size_type>(cryptLen)); #else d->assign((const char *)(decrypted), (string::size_type)(cryptLen)); #endif delete [] decrypted; if (algo == PWM_CRYPT_BLOWFISH) { if (!Blowfish::unpadNull(d)) { BUG(); return e_readFile; } } return e_success; } PwMerror PwMDoc::checkDataHash(char dataHashType, const string *dataHash, const string *dataStream) { PWM_ASSERT(dataHash); PWM_ASSERT(dataStream); switch(dataHashType) { case PWM_HASH_SHA1: { Sha1 hash; hash.sha1_write((byte*)dataStream->c_str(), dataStream->length()); string ret = hash.sha1_read(); if (ret != *dataHash) return e_fileCorrupt; break; } case PWM_HASH_SHA256: /*... fall through */ case PWM_HASH_SHA384: case PWM_HASH_SHA512: case PWM_HASH_MD5: case PWM_HASH_RMD160: case PWM_HASH_TIGER: { if (!LibGCryptIf::available()) return e_hashNotImpl; LibGCryptIf gc; PwMerror err; unsigned char *buf; size_t hashLen; err = gc.hash(&buf, &hashLen, reinterpret_cast<const unsigned char *>(dataStream->c_str()), dataStream->length(), dataHashType); if (err != e_success) return e_hashNotImpl; string calcHash(reinterpret_cast<const char *>(buf), static_cast<string::size_type>(hashLen)); delete [] buf; if (calcHash != *dataHash) return e_fileCorrupt; break; } default: return e_hashNotImpl; } return e_success; } bool PwMDoc::lockAt(unsigned int category, unsigned int index, bool lock) { if (index >= numEntries(category)) { BUG(); return false; } if (lock == dti.dta[category].d[index].lockStat) return true; if (!lock && currentPw != "") { // "unlocking" and "password is already set" if (!getDocStatFlag(DOC_STAT_UNLOCK_WITHOUT_PW)) { // unlocking without pw not allowed QString pw; pw = requestMpw(getDocStatFlag(DOC_STAT_USE_CHIPCARD)); if (pw != "") { if (pw != currentPw) { wrongMpwMsgBox(getDocStatFlag(DOC_STAT_USE_CHIPCARD)); return false; } else { timer()->start(DocTimer::id_mpwTimer); } } else { return false; } } else { timer()->start(DocTimer::id_mpwTimer); } } dti.dta[category].d[index].lockStat = lock; dti.dta[category].d[index].rev++; // increment revision counter. emitDataChanged(this); if (!lock) timer()->start(DocTimer::id_autoLockTimer); return true; } bool PwMDoc::lockAt(const QString &category,unsigned int index, bool lock) { unsigned int cat = 0; if (!findCategory(category, &cat)) { BUG(); return false; } diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h index 138dd3d..9fcdda7 100644 --- a/pwmanager/pwmanager/pwmdoc.h +++ b/pwmanager/pwmanager/pwmdoc.h @@ -611,217 +611,221 @@ public: { if (numCategories() > 1) return false; if (numEntries(0)) return false; return true; } /** returns the filename of this doc */ const QString& getFilename() { return filename; } /** returns the title of the doc */ QString getTitle(); /** sets the list-view-pointer hold in the doc */ void setListViewPointer(PwMView *_listView) { listView = _listView; } /** returns the list-view-pointer */ PwMView * getListViewPointer() { return listView; } /** try to delete the doc. The user may be asked to save * the data. The user may cancel the whole operation. * false is returned, then. */ bool tryDelete(); /** is the doc deleted? (with tryDelete() ) */ bool isDeleted() { return deleted; } /** returns the document timer object */ DocTimer * timer() { return _timer; } /** get a lock on the dataChanged signal. * If someone is holding a lock, the signal is not emitted. */ void getDataChangedLock() { ++dataChangedLock; } /** put the dataChanged lock */ void putDataChangedLock() { --dataChangedLock; } /** returns the revision count of the item at cat/index */ unsigned int getEntryRevCnt(unsigned int category, unsigned int index) { return dti.dta[category].d[index].rev; } /** returns a const pointer to the entries meta */ const PwMMetaData * getEntryMeta(unsigned int category, unsigned int index) { return &(dti.dta[category].d[index].meta); } /** is the entry at "category" "index" a binary entry? */ bool isBinEntry(unsigned int category, unsigned int index) { return dti.dta[category].d[index].binary; } public slots: /** wrapper for PwMTray */ void _deepUnlock(); signals: /** the data of the document has changed and must be updated * in all views. * NOTE: use emitDataChanged(PwMDoc *document) to emit this signal! */ void dataChanged(PwMDoc *document); /** the document class is going to close. This signal may be * used to nofify all views, that the user closed the document, * so the views can go down, too. */ void docClosed(PwMDoc *document); /** somebody just opened the document */ void docOpened(PwMDoc *document); /** this document object just got created */ void docCreated(PwMDoc *document); public: /** emit the dataChanged signal after checking for a lock */ void emitDataChanged(PwMDoc *document) { if (!dataChangedLock) emit dataChanged(document); } protected: /** current file for this doc */ QString filename; //US ENH: we need a place where we keep the syncentries. So I invented // struct PwMItem, that has a vector of PwMCategoryItem and vector of PwMSyncItem /** holds all data */ PwMItem dti; /** maximum number of entries */ unsigned int maxEntries; /** currently used password to encrypt data */ QString currentPw; /** current global document status flags */ unsigned int curDocStat; /** browser process for goToURL() */ KProcess browserProc; /** pointer to the list-view, using this document. * As there can only be one list-view per doc, we * don't need a list here. */ PwMView *listView; /** unnamedNum is used to store the "unnamed counter" * for this document, while it's unnamed. If it's 0, * we have to get a new unique one. */ unsigned int unnamedNum; /** is this doc going to be deleted (executing in destructor context) */ bool deleted; /** document timer */ DocTimer *_timer; /** lock counter for the "dataChanged" signal */ unsigned int dataChangedLock; /** list of all open documents */ static PwMDocList openDocList; protected: /** serialize "dta" and return it in "d". */ bool serializeDta(string *d); /** de-serialize "d" and overwrite "dta" */ bool deSerializeDta(const string *d, bool entriesLocked); /** write header to file */ PwMerror writeFileHeader(char keyHash, char dataHash, char crypt, char compress, QString *pw, QFile *f); /** write data-hash to file */ PwMerror writeDataHash(char dataHash, string *d, QFile *f); /** check header. Read header info and verify key-hash and filever. * returns length of header in "headerLength" */ PwMerror checkHeader(char *cryptAlgo, QString *pw, char *compress, unsigned int *headerLength, char *dataHashType, string *dataHash, QFile *f); /** check the data-hash */ PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream); /** encrypt data "d" and write to "filename" */ - PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo); + PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo, + char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase +); /** read data from file beginning at "pos", decrypt and return it */ - PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f); + PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, + char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase +QFile *f); /** compress the data */ bool compressDta(string *d, char algo); /** uncompress the data */ bool decompressDta(string *d, char algo); /** internal import function for a text-file generated by PwM. * If this is not a valid PwM-exported file, it returns e_fileFormat */ PwMerror importText_PwM(const QString *file); /** PwM-text-import helper function to extract the name/pw/comment out * of one entry-line */ bool textExtractEntry_PwM(const char *in, ssize_t in_size, string *out); /** compare two strings */ bool compareString(const string &s1, const string &s2, bool caseSensitive, bool exactWordMatch); /** clears all document-data */ void clearDoc(); /** delete all empty categories */ void delAllEmptyCat(bool dontFlagDirty); /** set a document status flag */ void setDocStatFlag(unsigned int statFlag) { curDocStat |= statFlag; } /** unset a document status flag */ void unsetDocStatFlag(unsigned int statFlag) { curDocStat &= ~statFlag; } /** get a document status flag */ bool getDocStatFlag(unsigned int statFlag) const { return (curDocStat & statFlag); } /** set the "currentPassword" */ void setCurrentPw(const QString &pw) { currentPw = pw; setDocStatFlag(DOC_STAT_DISK_DIRTY); } /** make a backup-copy of the given file */ bool backupFile(const QString &filePath); /** copy a file from src to dst */ bool copyFile(const QString &src, const QString &dst); public: #ifdef PWM_EMBEDDED //US ENH: this is the magic function that syncronizes the local doc with the remote doc. PwMerror syncronize(KSyncManager* manager, PwMDoc* syncLocal, PwMDoc* syncRemote, int mode ); //takePwMDataItem returns the following values // 0 equal // 1 take local // 2 take remote // 3 cancel int takePwMDataItem( PwMDataItem* local, PwMDataItem* remote, QDateTime lastSync, int mode , bool full ); //the following methods are the overwritten callbackmethods from the syncinterface virtual bool sync(KSyncManager* manager, QString filename, int mode); virtual void removeSyncInfo( QString syncProfile); #endif //US ENH: helpermethods to return a whole category entry /** returns a pointer to the categoryitem */ PwMCategoryItem* getCategoryEntry(unsigned int index) { return &(dti.dta[index]); } private: //US ENH: helpermethods to access the sync data for a certain syncname. // It returns the syncdatas index bool findSyncData(const QString &syncname, unsigned int *index); /** add new syncdataentry */ PwMerror addSyncDataEntry(PwMSyncItem *d, bool dontFlagDirty = false); /** returns a pointer to the syncdata */ PwMSyncItem* getSyncDataEntry(unsigned int index) { return &(dti.syncDta[index]); } /** delete entry */ bool delSyncDataEntry(unsigned int index, bool dontFlagDirty = false); /** returns number of categories */ unsigned int numSyncDataEntries() { return dti.syncDta.size(); } PwMDataItem* findEntryByID(const QString &uid, unsigned int *category, unsigned int *index); QStringList getIDEntryList(); }; #endif |