mirror of
https://bitbucket.org/smil3y/kde-workspace.git
synced 2025-02-24 02:42:50 +00:00
kwalletd: remove ECB support
Signed-off-by: Ivailo Monev <xakepa10@gmail.com>
This commit is contained in:
Ivailo Monev
parent
a58ea0da52
commit
91780aff84
4 changed files with 11 additions and 70 deletions
|
|
@ -47,14 +47,15 @@ namespace KWallet {
|
|||
|
||||
typedef char Digest[16];
|
||||
|
||||
static BlowfishPersistHandler *blowfishHandler =0;
|
||||
static BlowfishPersistHandler *blowfishHandler = 0;
|
||||
|
||||
BackendPersistHandler *BackendPersistHandler::getPersistHandler(BackendCipherType cipherType)
|
||||
{
|
||||
switch (cipherType){
|
||||
case BACKEND_CIPHER_BLOWFISH: {
|
||||
if (0 == blowfishHandler)
|
||||
if (blowfishHandler == 0) {
|
||||
blowfishHandler = new BlowfishPersistHandler;
|
||||
}
|
||||
return blowfishHandler;
|
||||
}
|
||||
default: {
|
||||
|
|
@ -66,14 +67,10 @@ BackendPersistHandler *BackendPersistHandler::getPersistHandler(BackendCipherTyp
|
|||
|
||||
BackendPersistHandler *BackendPersistHandler::getPersistHandler(char magicBuf[KWMAGIC_LEN])
|
||||
{
|
||||
if ((magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB || magicBuf[2] == KWALLET_CIPHER_BLOWFISH_CBC) &&
|
||||
if (magicBuf[2] == KWALLET_CIPHER_BLOWFISH_CBC &&
|
||||
(magicBuf[3] == KWALLET_HASH_SHA1 || magicBuf[3] == KWALLET_HASH_PBKDF2_SHA512)) {
|
||||
if (0 == blowfishHandler) {
|
||||
bool useECBforReading = magicBuf[2] == KWALLET_CIPHER_BLOWFISH_ECB;
|
||||
if (useECBforReading) {
|
||||
qDebug() << "this wallet uses ECB encryption. It'll be converted to CBC on next save.";
|
||||
}
|
||||
blowfishHandler = new BlowfishPersistHandler(useECBforReading);
|
||||
if (blowfishHandler == 0) {
|
||||
blowfishHandler = new BlowfishPersistHandler();
|
||||
}
|
||||
return blowfishHandler;
|
||||
}
|
||||
|
|
@ -84,11 +81,6 @@ int BlowfishPersistHandler::write(Backend* wb, KSaveFile& sf, QByteArray& versio
|
|||
{
|
||||
assert(wb->_cipherType == BACKEND_CIPHER_BLOWFISH);
|
||||
|
||||
if (_useECBforReading) {
|
||||
qDebug() << "This wallet used ECB and is now saved using CBC";
|
||||
_useECBforReading = false;
|
||||
}
|
||||
|
||||
version[2] = KWALLET_CIPHER_BLOWFISH_CBC;
|
||||
if(!wb->_useNewHash) {
|
||||
version[3] = KWALLET_HASH_SHA1;
|
||||
|
|
@ -255,7 +247,7 @@ int BlowfishPersistHandler::read(Backend* wb, QFile& db, WId)
|
|||
assert(encrypted.size() < db.size());
|
||||
|
||||
BlowFish _bf;
|
||||
CipherBlockChain bf(&_bf, _useECBforReading);
|
||||
CipherBlockChain bf(&_bf);
|
||||
int blksz = bf.blockSize();
|
||||
if ((encrypted.size() % blksz) != 0) {
|
||||
return -5; // invalid file structure
|
||||
|
|
|
|||
|
|
@ -56,13 +56,11 @@ public:
|
|||
|
||||
class BlowfishPersistHandler : public BackendPersistHandler {
|
||||
public:
|
||||
explicit BlowfishPersistHandler(bool useECBforReading =false) : _useECBforReading(useECBforReading) {}
|
||||
explicit BlowfishPersistHandler() {}
|
||||
virtual ~BlowfishPersistHandler() {}
|
||||
|
||||
virtual int write(Backend* wb, KSaveFile& sf, QByteArray& version, WId w);
|
||||
virtual int read(Backend* wb, QFile& sf, WId w);
|
||||
private:
|
||||
bool _useECBforReading;
|
||||
};
|
||||
|
||||
} // namespace
|
||||
|
|
|
|||
|
|
@ -21,9 +21,8 @@
|
|||
#include <string.h>
|
||||
#include <kdebug.h>
|
||||
|
||||
CipherBlockChain::CipherBlockChain(BlockCipher *cipher, bool useECBforReading) :
|
||||
_cipher(cipher)
|
||||
, _useECBforReading(useECBforReading)
|
||||
CipherBlockChain::CipherBlockChain(BlockCipher *cipher)
|
||||
: _cipher(cipher)
|
||||
{
|
||||
_next = 0L;
|
||||
_register = 0L;
|
||||
|
|
@ -111,54 +110,8 @@ int CipherBlockChain::encrypt(void *block, int len)
|
|||
return rc;
|
||||
}
|
||||
|
||||
// This is the old decrypt method, that was decrypting using ECB
|
||||
// instead of CBC
|
||||
int CipherBlockChain::decryptECB(void *block, int len) {
|
||||
if (_cipher && !_writer) {
|
||||
int rc;
|
||||
|
||||
_reader |= 1;
|
||||
|
||||
if (!_register) {
|
||||
_register = new unsigned char[len];
|
||||
_len = len;
|
||||
memset(_register, 0, len);
|
||||
} else if (len > _len) {
|
||||
return -1;
|
||||
}
|
||||
|
||||
if (!_next) {
|
||||
_next = new unsigned char[_len];
|
||||
}
|
||||
memcpy(_next, block, _len);
|
||||
|
||||
rc = _cipher->decrypt(block, len);
|
||||
|
||||
if (rc != -1) {
|
||||
// This might be optimizable
|
||||
char *tb = (char *)block;
|
||||
for (int i = 0; i < len; i++) {
|
||||
tb[i] ^= ((char *)_register)[i];
|
||||
}
|
||||
}
|
||||
|
||||
void *temp;
|
||||
temp = _next;
|
||||
_next = _register;
|
||||
_register = temp;
|
||||
|
||||
return rc;
|
||||
}
|
||||
return -1;
|
||||
}
|
||||
|
||||
int CipherBlockChain::decrypt(void *block, int len)
|
||||
{
|
||||
if (_useECBforReading) {
|
||||
kDebug() << "decrypting using ECB!";
|
||||
return decryptECB(block, len);
|
||||
}
|
||||
|
||||
if (_cipher && !_writer) {
|
||||
int rc = 0;
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@
|
|||
class CipherBlockChain : public BlockCipher
|
||||
{
|
||||
public:
|
||||
CipherBlockChain(BlockCipher *cipher, bool useECBforReading =false);
|
||||
CipherBlockChain(BlockCipher *cipher);
|
||||
virtual ~CipherBlockChain();
|
||||
|
||||
virtual bool setKey(void *key, int bitlength);
|
||||
|
|
@ -49,14 +49,12 @@ public:
|
|||
|
||||
private:
|
||||
void initRegister();
|
||||
int decryptECB(void *block, int len);
|
||||
|
||||
BlockCipher *_cipher;
|
||||
void *_register;
|
||||
void *_next;
|
||||
int _len;
|
||||
int _reader, _writer;
|
||||
bool _useECBforReading;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue