summaryrefslogtreecommitdiffabout
Side-by-side diff
Diffstat (more/less context) (ignore whitespace changes)
-rw-r--r--pwmanager/pwmanager/libgcryptif.cpp25
-rw-r--r--pwmanager/pwmanager/libgcryptif.h12
-rw-r--r--pwmanager/pwmanager/pwmdoc.cpp20
-rw-r--r--pwmanager/pwmanager/pwmdoc.h8
4 files changed, 46 insertions, 19 deletions
diff --git a/pwmanager/pwmanager/libgcryptif.cpp b/pwmanager/pwmanager/libgcryptif.cpp
index ff94bf6..15f6cef 100644
--- a/pwmanager/pwmanager/libgcryptif.cpp
+++ b/pwmanager/pwmanager/libgcryptif.cpp
@@ -12,225 +12,229 @@
* as published by the Free Software Foundation. *
* *
***************************************************************************/
/***************************************************************************
* copyright (C) 2004 by Ulf Schenk
* This file is originaly based on version 1.1 of pwmanager
* and was modified to run on embedded devices that run microkde
*
* $Id$
**************************************************************************/
#include "libgcryptif.h"
#ifdef CONFIG_PWMANAGER_GCRY
#include "pwmdoc.h"
#include "randomizer.h"
#include <gcrypt.h>
#ifdef PWM_EMBEDDED
#include <pwmprefs.h>
#endif
PwMerror LibGCryptIf::encrypt(unsigned char **outBuf,
size_t *outBufLen,
unsigned char *inBuf,
size_t inBufLen,
const unsigned char *key,
size_t keylen,
- char _algo)
+ char _algo,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+ )
{
PwMerror ret = e_success;
gcry_error_t err;
gcry_cipher_hd_t handle;
size_t blklen;
size_t unpaddedLen = inBufLen;
size_t cipherKeylen;
unsigned char *hashedKey;
unsigned char salt[STRING2KEY_SALTLEN];
int algo = mapCipherId(_algo);
if (!inBufLen || !keylen)
return e_invalidArg;
// test if algo is ready for encryption
err = gcry_cipher_algo_info(algo,
GCRYCTL_TEST_ALGO,
0, 0);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_TEST_ALGO failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// get the algo block length
err = gcry_cipher_algo_info(algo,
GCRYCTL_GET_BLKLEN,
0,
&blklen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_GET_BLKLEN failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
/* double check if we have enough space.
* We have only 1024 extra bytes for padding and salt.
*/
BUG_ON(blklen > 1024 - STRING2KEY_SALTLEN);
// get the algo key length
err = gcry_cipher_algo_info(algo,
GCRYCTL_GET_KEYLEN,
0,
&cipherKeylen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): GCRYCTL_GET_KEYLEN failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// now open the algo and get a handle
err = gcry_cipher_open(&handle,
algo,
GCRY_CIPHER_MODE_CBC,
0);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_open() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// hash the "key" to a fixed size hash matching "cipherKeylen"
hashedKey = new unsigned char[cipherKeylen];
- hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true);
+ hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, true, _hashalgo);
// so now set the hashed key
err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_setkey() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
delete [] hashedKey;
goto out_close;
}
delete [] hashedKey;
/* allocate a buffer for the encrypted data.
* The size of the buffer is the inBuf length, but blklen
* aligned and plus the length of the salt, that is appended.
*/
*outBufLen = getBufLen(unpaddedLen, blklen) + STRING2KEY_SALTLEN;
*outBuf = new unsigned char[*outBufLen];
padData(inBuf, unpaddedLen, blklen);
// encrypt the padded data
err = gcry_cipher_encrypt(handle,
*outBuf,
*outBufLen - STRING2KEY_SALTLEN,
inBuf,
*outBufLen - STRING2KEY_SALTLEN);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_encrypt() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out_delete;
}
// append the salt to the encrypted data
memcpy(*outBuf + *outBufLen - STRING2KEY_SALTLEN, salt, STRING2KEY_SALTLEN);
goto out_close;
out_delete:
delete [] *outBuf;
out_close:
gcry_cipher_close(handle);
out:
return ret;
}
PwMerror LibGCryptIf::decrypt(unsigned char **outBuf,
size_t *outBufLen,
const unsigned char *inBuf,
size_t inBufLen,
const unsigned char *key,
size_t keylen,
- char _algo)
+ char _algo,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+)
{
PwMerror ret = e_success;
gcry_error_t err;
gcry_cipher_hd_t handle;
size_t cipherKeylen;
unsigned char *hashedKey;
unsigned char salt[STRING2KEY_SALTLEN];
int algo = mapCipherId(_algo);
if (!inBufLen || !keylen)
return e_invalidArg;
// test if algo is ready for encryption
err = gcry_cipher_algo_info(algo,
GCRYCTL_TEST_ALGO,
0, 0);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doDecrypt(): GCRYCTL_TEST_ALGO failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// get algo key length
err = gcry_cipher_algo_info(algo,
GCRYCTL_GET_KEYLEN,
0,
&cipherKeylen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doDecrypt(): GCRYCTL_GET_KEYLEN failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// extract the salt of the encrypted data buffer
memcpy(salt, inBuf + inBufLen - STRING2KEY_SALTLEN, STRING2KEY_SALTLEN);
// open the algo and get a handle
err = gcry_cipher_open(&handle,
algo,
GCRY_CIPHER_MODE_CBC,
0);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doDecrypt(): gcry_cipher_open() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out;
}
// hash the "key" to a fixed size hash matching "cipherKeylen"
hashedKey = new unsigned char[cipherKeylen];
- hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false);
+ hashPassphrase(key, keylen, salt, hashedKey, cipherKeylen, false, _hashalgo);
// so now set the hashed key
err = gcry_cipher_setkey(handle, hashedKey, cipherKeylen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doDecrypt(): gcry_cipher_setkey() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
delete [] hashedKey;
goto out_close;
}
delete [] hashedKey;
*outBufLen = inBufLen - STRING2KEY_SALTLEN;
*outBuf = new unsigned char[*outBufLen];
// decrypt the data
err = gcry_cipher_decrypt(handle,
*outBuf,
*outBufLen,
inBuf,
*outBufLen);
if (err != GPG_ERR_NO_ERROR) {
printDebug(string("LibGCryptIf::doEncrypt(): gcry_cipher_encrypt() failed: ")
+ gcry_strerror(err));
ret = e_cryptNotImpl;
goto out_delete;
}
// remove all random padding
unpadData(*outBuf, outBufLen);
goto out_close;
out_delete:
delete [] *outBuf;
out_close:
gcry_cipher_close(handle);
out:
@@ -285,73 +289,78 @@ int LibGCryptIf::mapCipherId(char algo)
}
return GCRY_CIPHER_NONE;
}
int LibGCryptIf::mapHashId(char algo)
{
switch (algo) {
case PWM_HASH_SHA1:
return GCRY_MD_SHA1;
case PWM_HASH_SHA256:
return GCRY_MD_SHA256;
case PWM_HASH_SHA384:
return GCRY_MD_SHA384;
case PWM_HASH_SHA512:
return GCRY_MD_SHA512;
case PWM_HASH_MD5:
return GCRY_MD_MD5;
case PWM_HASH_RMD160:
return GCRY_MD_RMD160;
case PWM_HASH_TIGER:
return GCRY_MD_TIGER;
default:
BUG();
}
return GCRY_MD_NONE;
}
bool LibGCryptIf::hashPassphrase(const unsigned char *pw,
size_t pwlen,
unsigned char *salt,
unsigned char *key,
size_t keylen,
- bool create)
+ bool create,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+)
{
DEK dek;
STRING2KEY s2k;
bool ret;
dek.keylen = keylen;
s2k.mode = 1;
- s2k.hash_algo = mapHashId(conf()->confGlobHashAlgo());
+ //US bug: do not use the global hash algo here. Use the passed ago instead. The hashalgo stored in the file can
+ // be different from the one in the configuration.
+ s2k.hash_algo = mapHashId(_hashalgo //conf()->confGlobHashAlgo()
+ );
s2k.count = 0;
if (!create)
memcpy(s2k.salt, salt, STRING2KEY_SALTLEN);
ret = doHashPassphrase(&dek,
pw,
pwlen,
&s2k,
create);
if (!ret)
goto out;
memcpy(key, dek.key, dek.keylen);
if (create)
memcpy(salt, s2k.salt, STRING2KEY_SALTLEN);
out:
return ret;
}
bool LibGCryptIf::doHashPassphrase(DEK *dek,
const unsigned char *pw,
size_t pwlen,
STRING2KEY *s2k,
bool create)
{
// This function is derived from GnuPG-1.2.5-rc2
gcry_md_hd_t md;
gcry_error_t err;
bool ret = true;
size_t pass, i;
size_t used = 0;
PWM_ASSERT(s2k->hash_algo);
@@ -410,45 +419,45 @@ bool LibGCryptIf::doHashPassphrase(DEK *dek,
gcry_md_close(md);
out:
return ret;
}
void LibGCryptIf::padData(unsigned char *buf,
size_t bufLen,
size_t boundary)
{
size_t numPadBytes = boundary - ((bufLen + 1) % boundary);
buf[bufLen] = static_cast<char>(0x01);
size_t i = 0;
Randomizer *rnd = Randomizer::obj();
char c;
unsigned char *b;
while (i < numPadBytes) {
c = rnd->genRndChar();
if (c == static_cast<char>(0x01))
continue;
b = buf + bufLen + 1 + i;
*b = c;
++i;
}
}
void LibGCryptIf::unpadData(const unsigned char *buf,
size_t *bufLen)
{
size_t pos;
BUG_ON(*bufLen % 8);
pos = *bufLen - 1;
while (buf[pos] != static_cast<char>(0x01)) {
- qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) );
+ //qDebug("pos %d %d %d", pos, buf[pos], static_cast<char>(0x01) );
BUG_ON(!pos);
//LR BUG we should terminte the loop if p == 0
if ( pos == 0 )
break;
--pos;
}
*bufLen = pos;
- qDebug("ente ");
+ //qDebug("ente ");
}
#endif // CONFIG_PWMANAGER_GCRY
diff --git a/pwmanager/pwmanager/libgcryptif.h b/pwmanager/pwmanager/libgcryptif.h
index 1a7b658..9a987a2 100644
--- a/pwmanager/pwmanager/libgcryptif.h
+++ b/pwmanager/pwmanager/libgcryptif.h
@@ -44,116 +44,122 @@
* NOTE: Always allocate 1024 extra bytes for the inBuf (for padding)
*/
class LibGCryptIf
{
protected:
struct STRING2KEY
{
int mode;
int hash_algo;
uint8_t salt[STRING2KEY_SALTLEN];
uint32_t count;
};
struct DEK
{
size_t keylen;
uint8_t key[32]; // this is the largest used keylen (256 bit)
};
public:
LibGCryptIf() { }
/** is libgcrypt available? */
static bool available()
{ return true; }
/** encrypt data. _algo is the PWM_CRYPT_* ID
* of the algorithm.
*/
PwMerror encrypt(unsigned char **outBuf,
size_t *outBufLen,
unsigned char *inBuf,
size_t inBufLen,
const unsigned char *key,
size_t keylen,
- char _algo);
+ char _algo,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+);
/** decrypt data. _algo is the PWM_CRYPT_* ID
* of the algorithm.
*/
PwMerror decrypt(unsigned char **outBuf,
size_t *outBufLen,
const unsigned char *inBuf,
size_t inBufLen,
const unsigned char *key,
size_t keylen,
- char _algo);
+ char _algo,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+);
/** hash data. _algo is the PWM_HASH_* ID of the hash */
PwMerror hash(unsigned char **outBuf,
size_t *outBufLen,
const unsigned char *inBuf,
size_t inBufLen,
char _algo);
/** returns the length of the hash. _algo is the PWM_HASH_*
* id of the hash. returns 0 on error.
*/
unsigned int hashLength(char _algo);
protected:
/** returns the total buffer length */
size_t getBufLen(size_t inBufLen, size_t boundary)
{
return ((boundary - (inBufLen % boundary)) + inBufLen);
}
/** pad the data up to the given boundary.
* "buf" has to be big enough!
*/
void padData(unsigned char *buf,
size_t bufLen,
size_t boundary);
/** unpad the data */
void unpadData(const unsigned char *buf,
size_t *bufLen);
/** maps the PWM_CRYPT_* ID of an algorithm
* to the libgcrypt GCRY_CIPHER_* ID
*/
int mapCipherId(char algo);
/** maps the PWM_HASH_* ID of an algorithm
* to the libgcrypt GCRY_MD_* ID
*/
int mapHashId(char algo);
/** hash a passphrase to a cipher key */
bool hashPassphrase(const unsigned char *pw,
size_t pwlen,
unsigned char *salt,
unsigned char *key,
size_t keylen,
- bool create);
+ bool create,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+);
/** hash a passphrase to a cipher key */
bool doHashPassphrase(DEK *dek,
const unsigned char *pw,
size_t pwlen,
STRING2KEY *s2k,
bool create);
};
#else // CONFIG_PWMANAGER_GCRY
/** libgcrypt is not installed. This is a NOP wrapper. */
class LibGCryptIf
{
public:
LibGCryptIf() { }
static bool available()
{ return false; }
PwMerror encrypt(unsigned char **,
size_t *,
unsigned char *,
size_t,
const unsigned char *,
size_t,
char)
{ return e_cryptNotImpl; }
PwMerror decrypt(unsigned char **,
size_t *,
const unsigned char *,
size_t,
const unsigned char *,
size_t,
char)
diff --git a/pwmanager/pwmanager/pwmdoc.cpp b/pwmanager/pwmanager/pwmdoc.cpp
index 17cb74a..a740d6d 100644
--- a/pwmanager/pwmanager/pwmdoc.cpp
+++ b/pwmanager/pwmanager/pwmdoc.cpp
@@ -458,65 +458,65 @@ PwMerror PwMDoc::saveDoc(char compress, const QString *file)
ret = e_hashNotImpl;
goto out_moveback;
} else if (e != e_success) {
printDebug("PwMDoc::saveDoc(): writeFileHeader() failed");
f.close();
ret = e_writeHeader;
goto out_moveback;
}
if (!serializeDta(&serialized)) {
printDebug("PwMDoc::saveDoc(): serializeDta() failed");
f.close();
ret = e_serializeDta;
goto out_moveback;
}
e = writeDataHash(hashAlgo, &serialized, &f);
if (e == e_hashNotImpl) {
printDebug("PwMDoc::saveDoc(): writeDataHash() failed: e_hashNotImpl");
f.close();
ret = e_hashNotImpl;
goto out_moveback;
} else if (e != e_success) {
printDebug("PwMDoc::saveDoc(): writeDataHash() failed");
f.close();
ret = e_writeHeader;
goto out_moveback;
}
if (!compressDta(&serialized, compress)) {
printDebug("PwMDoc::saveDoc(): compressDta() failed");
f.close();
ret = e_enc;
goto out_moveback;
}
- e = encrypt(&serialized, &currentPw, &f, cryptAlgo);
+ e = encrypt(&serialized, &currentPw, &f, cryptAlgo, hashAlgo);
if (e == e_weakPw) {
printDebug("PwMDoc::saveDoc(): encrypt() failed: e_weakPw");
f.close();
ret = e_weakPw;
goto out_moveback;
} else if (e == e_cryptNotImpl) {
printDebug("PwMDoc::saveDoc(): encrypt() failed: e_cryptNotImpl");
f.close();
ret = e_cryptNotImpl;
goto out_moveback;
} else if (e != e_success) {
printDebug("PwMDoc::saveDoc(): encrypt() failed");
f.close();
ret = e_enc;
goto out_moveback;
}
unsetDocStatFlag(DOC_STAT_DISK_DIRTY);
f.close();
#ifndef _WIN32_
if (chmod(filename.latin1(),
conf()->confGlobFilePermissions())) {
printWarn(string("chmod failed: ") + strerror(errno));
}
#endif
openDocList.edit(this, getTitle().latin1());
if (wasDeepLocked) {
/* Do _not_ save the data with the deepLock()
* call, because this will recurse
* into saveDoc()
*/
deepLock(true, false);
/* We don't check return value here, because
@@ -578,65 +578,65 @@ PwMerror PwMDoc::openDoc(const QString *file, int openLocked)
return e_alreadyOpen;
}
QFile f(filename);
if (openLocked == 2) {
// open deep-locked
if (!QFile::exists(filename))
return e_openFile;
if (deepLock(true, false) != e_success)
return e_openFile;
goto out_success;
}
if (!f.open(IO_ReadOnly))
return e_openFile;
ret = checkHeader(&cryptAlgo, &currentPw, &compress, &headerLen,
&dataHashType, &dataHash, &f);
if (ret != e_success) {
printDebug("PwMDoc::openDoc(): checkHeader() failed");
f.close();
if (ret == e_wrongPw) {
wrongMpwMsgBox(getDocStatFlag(DOC_STAT_USE_CHIPCARD));
return ret;
} else if (ret == e_noPw ||
ret == e_fileVer ||
ret == e_fileFormat ||
ret == e_hashNotImpl) {
return ret;
} else
return e_readFile;
}
- ret = decrypt(&decrypted, headerLen, &currentPw, cryptAlgo, &f);
+ ret = decrypt(&decrypted, headerLen, &currentPw, cryptAlgo, dataHashType, &f);
if (ret == e_cryptNotImpl) {
printDebug("PwMDoc::openDoc(): decrypt() failed: e_cryptNotImpl");
f.close();
return e_cryptNotImpl;
} else if (ret != e_success) {
printDebug("PwMDoc::openDoc(): decrypt() failed");
f.close();
return e_readFile;
}
if (!decompressDta(&decrypted, compress)) {
printDebug("PwMDoc::openDoc(): decompressDta() failed");
f.close();
return e_fileCorrupt;
}
ret = checkDataHash(dataHashType, &dataHash, &decrypted);
if (ret == e_hashNotImpl) {
printDebug("PwMDoc::openDoc(): checkDataHash() failed: e_hashNotImpl");
f.close();
return e_hashNotImpl;
} else if (ret != e_success) {
printDebug("PwMDoc::openDoc(): checkDataHash() failed");
f.close();
return e_fileCorrupt;
}
if (!deSerializeDta(&decrypted, openLocked == 1)) {
printDebug("PwMDoc::openDoc(): deSerializeDta() failed");
f.close();
return e_readFile;
}
f.close();
timer()->start(DocTimer::id_mpwTimer);
timer()->start(DocTimer::id_autoLockTimer);
@@ -1278,181 +1278,189 @@ bool PwMDoc::compressDta(string *d, char algo)
}
#endif
case PWM_COMPRESS_NONE: {
return true;
} default: {
BUG();
}
}
return false;
}
bool PwMDoc::decompressDta(string *d, char algo)
{
PWM_ASSERT(d);
switch (algo) {
case PWM_COMPRESS_GZIP: {
CompressGzip comp;
return comp.decompress(d);
}
#ifndef PWM_EMBEDDED
case PWM_COMPRESS_BZIP2: {
CompressBzip2 comp;
return comp.decompress(d);
}
#endif
case PWM_COMPRESS_NONE: {
return true;
}
}
return false;
}
-PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo)
+PwMerror PwMDoc::encrypt(string *d, const QString *pw, QFile *f, char algo,
+ char hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+)
{
PWM_ASSERT(d);
PWM_ASSERT(pw);
PWM_ASSERT(f);
size_t encSize;
byte *encrypted = 0;
switch (algo) {
case PWM_CRYPT_BLOWFISH: {
Blowfish::padNull(d);
encSize = d->length();
encrypted = new byte[encSize];
Blowfish bf;
if (bf.bf_setkey((byte *) pw->latin1(), pw->length())) {
delete [] encrypted;
return e_weakPw;
}
bf.bf_encrypt((byte *) encrypted, (byte *) d->c_str(), encSize);
break;
}
case PWM_CRYPT_AES128:
/*... fall through */
case PWM_CRYPT_AES192:
case PWM_CRYPT_AES256:
case PWM_CRYPT_3DES:
case PWM_CRYPT_TWOFISH:
case PWM_CRYPT_TWOFISH128: {
if (!LibGCryptIf::available())
return e_cryptNotImpl;
LibGCryptIf gc;
PwMerror err;
unsigned char *plain = new unsigned char[d->length() + 1024];
memcpy(plain, d->c_str(), d->length());
err = gc.encrypt(&encrypted,
&encSize,
plain,
d->length(),
reinterpret_cast<const unsigned char *>(pw->latin1()),
pw->length(),
- algo);
+ algo,
+ hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+ );
delete [] plain;
if (err != e_success)
return e_cryptNotImpl;
break;
}
default: {
delete_ifnot_null_array(encrypted);
return e_cryptNotImpl;
} }
// write encrypted data to file
if (f->writeBlock(reinterpret_cast<const char *>(encrypted),
static_cast<Q_ULONG>(encSize))
!= static_cast<Q_LONG>(encSize)) {
delete_ifnot_null_array(encrypted);
return e_writeFile;
}
delete_ifnot_null_array(encrypted);
return e_success;
}
PwMerror PwMDoc::decrypt(string *d, unsigned int pos, const QString *pw,
- char algo, QFile *f)
+ char algo,
+ char hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase
+ QFile *f)
{
PWM_ASSERT(d);
PWM_ASSERT(pw);
PWM_ASSERT(f);
unsigned int cryptLen = f->size() - pos;
byte *encrypted = new byte[cryptLen];
byte *decrypted = new byte[cryptLen];
f->at(pos);
#ifndef PWM_EMBEDDED
if (f->readBlock(reinterpret_cast<char *>(encrypted),
static_cast<Q_ULONG>(cryptLen))
!= static_cast<Q_LONG>(cryptLen)) {
delete [] encrypted;
delete [] decrypted;
return e_readFile;
}
#else
if (f->readBlock((char *)(encrypted),
(unsigned long)(cryptLen))
!= (long)(cryptLen)) {
delete [] encrypted;
delete [] decrypted;
return e_readFile;
}
#endif
switch (algo) {
case PWM_CRYPT_BLOWFISH: {
Blowfish bf;
bf.bf_setkey((byte *) pw->latin1(), pw->length());
bf.bf_decrypt(decrypted, encrypted, cryptLen);
break;
}
case PWM_CRYPT_AES128:
/*... fall through */
case PWM_CRYPT_AES192:
case PWM_CRYPT_AES256:
case PWM_CRYPT_3DES:
case PWM_CRYPT_TWOFISH:
case PWM_CRYPT_TWOFISH128: {
if (!LibGCryptIf::available())
return e_cryptNotImpl;
LibGCryptIf gc;
PwMerror err;
err = gc.decrypt(&decrypted,
&cryptLen,
encrypted,
cryptLen,
reinterpret_cast<const unsigned char *>(pw->latin1()),
pw->length(),
- algo);
+ algo,
+ hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+);
if (err != e_success) {
delete [] encrypted;
delete [] decrypted;
return e_cryptNotImpl;
}
break;
}
default: {
delete [] encrypted;
delete [] decrypted;
return e_cryptNotImpl;
} }
delete [] encrypted;
#ifndef PWM_EMBEDDED
d->assign(reinterpret_cast<const char *>(decrypted),
static_cast<string::size_type>(cryptLen));
#else
d->assign((const char *)(decrypted),
(string::size_type)(cryptLen));
#endif
delete [] decrypted;
if (algo == PWM_CRYPT_BLOWFISH) {
if (!Blowfish::unpadNull(d)) {
BUG();
return e_readFile;
}
}
return e_success;
}
PwMerror PwMDoc::checkDataHash(char dataHashType, const string *dataHash,
const string *dataStream)
diff --git a/pwmanager/pwmanager/pwmdoc.h b/pwmanager/pwmanager/pwmdoc.h
index 138dd3d..9fcdda7 100644
--- a/pwmanager/pwmanager/pwmdoc.h
+++ b/pwmanager/pwmanager/pwmdoc.h
@@ -707,67 +707,71 @@ protected:
* for this document, while it's unnamed. If it's 0,
* we have to get a new unique one.
*/
unsigned int unnamedNum;
/** is this doc going to be deleted (executing in destructor context) */
bool deleted;
/** document timer */
DocTimer *_timer;
/** lock counter for the "dataChanged" signal */
unsigned int dataChangedLock;
/** list of all open documents */
static PwMDocList openDocList;
protected:
/** serialize "dta" and return it in "d". */
bool serializeDta(string *d);
/** de-serialize "d" and overwrite "dta" */
bool deSerializeDta(const string *d, bool entriesLocked);
/** write header to file */
PwMerror writeFileHeader(char keyHash, char dataHash, char crypt, char compress,
QString *pw, QFile *f);
/** write data-hash to file */
PwMerror writeDataHash(char dataHash, string *d, QFile *f);
/** check header. Read header info and verify key-hash and filever.
* returns length of header in "headerLength" */
PwMerror checkHeader(char *cryptAlgo, QString *pw, char *compress,
unsigned int *headerLength, char *dataHashType,
string *dataHash, QFile *f);
/** check the data-hash */
PwMerror checkDataHash(char dataHashType, const string *dataHash, const string *dataStream);
/** encrypt data "d" and write to "filename" */
- PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo);
+ PwMerror encrypt(string *d, const QString *pw, QFile *f, char algo,
+ char _hashalgo //US BUG: pass _hashalgo because we need it in hashPassphrase
+);
/** read data from file beginning at "pos", decrypt and return it */
- PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo, QFile *f);
+ PwMerror decrypt(string *d, unsigned int pos, const QString *pw, char algo,
+ char _hashalgo, //US BUG: pass _hashalgo because we need it in hashPassphrase
+QFile *f);
/** compress the data */
bool compressDta(string *d, char algo);
/** uncompress the data */
bool decompressDta(string *d, char algo);
/** internal import function for a text-file generated by PwM.
* If this is not a valid PwM-exported file, it returns e_fileFormat */
PwMerror importText_PwM(const QString *file);
/** PwM-text-import helper function to extract the name/pw/comment out
* of one entry-line */
bool textExtractEntry_PwM(const char *in, ssize_t in_size, string *out);
/** compare two strings */
bool compareString(const string &s1, const string &s2, bool caseSensitive,
bool exactWordMatch);
/** clears all document-data */
void clearDoc();
/** delete all empty categories */
void delAllEmptyCat(bool dontFlagDirty);
/** set a document status flag */
void setDocStatFlag(unsigned int statFlag)
{ curDocStat |= statFlag; }
/** unset a document status flag */
void unsetDocStatFlag(unsigned int statFlag)
{ curDocStat &= ~statFlag; }
/** get a document status flag */
bool getDocStatFlag(unsigned int statFlag) const
{ return (curDocStat & statFlag); }
/** set the "currentPassword" */
void setCurrentPw(const QString &pw)
{
currentPw = pw;
setDocStatFlag(DOC_STAT_DISK_DIRTY);
}