Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-08-08 06:22:53 -04:00
Code Issues Projects Releases Packages Wiki Activity

Pull out KDFs into their own class hierarchy

Browse source 
In preparation for multiple KDFs in KDBX 4
This commit is contained in:
angelsl 2017-11-12 20:20:57 +08:00 committed by Jonathan White
parent 6aaa89a23c
commit 2e19af5032
No known key found for this signature in database
GPG key ID: 440FC65F2E0C6E01
18 changed files with 555 additions and 265 deletions
Download patch file Download diff file Expand all files Collapse all files

18
src/format/KeePass1Reader.cpp
View file

@ -21,6 +21,7 @@
#include <QImage>
#include <QTextCodec>
#include "crypto/kdf/AesKdf.h"
#include "core/Database.h"
#include "core/Endian.h"
#include "core/Entry.h"
@ -159,10 +160,10 @@ Database* KeePass1Reader::readDatabase(QIODevice* device, const QString& passwor
raiseError("Invalid number of transform rounds");
return nullptr;
}
if (!m_db->setTransformRounds(m_transformRounds)) {
raiseError(tr("Unable to calculate master key"));
return nullptr;
}
AesKdf* kdf = new AesKdf();
kdf->setRounds(m_transformRounds);
kdf->setSeed(m_transformSeed);
db->setKdf(kdf);
qint64 contentPos = m_device->pos();
@ -397,12 +398,11 @@ QByteArray KeePass1Reader::key(const QByteArray& password, const QByteArray& key
key.setPassword(password);
key.setKeyfileData(keyfileData);
bool ok;
QString errorString;
QByteArray transformedKey = key.transform(m_transformSeed, m_transformRounds, &ok, &errorString);
QByteArray transformedKey;
bool result = key.transform(*m_db->kdf(), transformedKey);
if (!ok) {
raiseError(errorString);
if (!result) {
raiseError("Key transformation failed");
return QByteArray();
}

32
src/format/KeePass2Reader.cpp
View file

@ -24,6 +24,7 @@
#include "core/Database.h"
#include "core/Endian.h"
#include "crypto/CryptoHash.h"
#include "crypto/kdf/AesKdf.h"
#include "format/KeePass1.h"
#include "format/KeePass2.h"
#include "format/KeePass2RandomStream.h"
@ -53,7 +54,6 @@ Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& ke
m_headerEnd = false;
m_xmlData.clear();
m_masterSeed.clear();
m_transformSeed.clear();
m_encryptionIV.clear();
m_streamStartBytes.clear();
m_protectedStreamKey.clear();
@ -101,14 +101,14 @@ Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& ke
}
// check if all required headers were present
if (m_masterSeed.isEmpty() || m_transformSeed.isEmpty() || m_encryptionIV.isEmpty()
if (m_masterSeed.isEmpty() || m_encryptionIV.isEmpty()
|| m_streamStartBytes.isEmpty() || m_protectedStreamKey.isEmpty()
|| m_db->cipher().isNull()) {
raiseError("missing database headers");
return nullptr;
}
if (!m_db->setKey(key, m_transformSeed, false)) {
if (!m_db->setKey(key, false)) {
raiseError(tr("Unable to calculate master key"));
return nullptr;
}
@ -378,7 +378,15 @@ void KeePass2Reader::setTransformSeed(const QByteArray& data)
raiseError("Invalid transform seed size");
}
else {
m_transformSeed = data;
AesKdf* aesKdf;
if (m_db->kdf()->type() == Kdf::Type::AES) {
aesKdf = static_cast<AesKdf*>(m_db->kdf());
} else {
aesKdf = new AesKdf();
m_db->setKdf(aesKdf);
}
aesKdf->setSeed(data);
}
}
@ -388,10 +396,18 @@ void KeePass2Reader::setTransformRounds(const QByteArray& data)
raiseError("Invalid transform rounds size");
}
else {
if (!m_db->setTransformRounds(Endian::bytesToUInt64(data, KeePass2::BYTEORDER))) {
raiseError(tr("Unable to calculate master key"));
}
}
quint64 rounds = Endian::bytesToUInt64(data, KeePass2::BYTEORDER);
AesKdf* aesKdf;
if (m_db->kdf()->type() == Kdf::Type::AES) {
aesKdf = static_cast<AesKdf*>(m_db->kdf());
} else {
aesKdf = new AesKdf();
m_db->setKdf(aesKdf);
}
aesKdf->setRounds(rounds);
}
}
void KeePass2Reader::setEncryptionIV(const QByteArray& data)

1
src/format/KeePass2Reader.h
View file

@ -64,7 +64,6 @@ private:
Database* m_db;
QByteArray m_masterSeed;
QByteArray m_transformSeed;
QByteArray m_encryptionIV;
QByteArray m_streamStartBytes;
QByteArray m_protectedStreamKey;

9
src/format/KeePass2Writer.cpp
View file

@ -24,6 +24,7 @@
#include "core/Database.h"
#include "core/Endian.h"
#include "crypto/CryptoHash.h"
#include "crypto/kdf/AesKdf.h"
#include "crypto/Random.h"
#include "format/KeePass2RandomStream.h"
#include "format/KeePass2XmlWriter.h"
@ -45,7 +46,6 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
m_error = false;
m_errorStr.clear();
QByteArray transformSeed = randomGen()->randomArray(32);
QByteArray masterSeed = randomGen()->randomArray(32);
QByteArray encryptionIV = randomGen()->randomArray(16);
QByteArray protectedStreamKey = randomGen()->randomArray(32);
@ -57,7 +57,7 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
return;
}
if (!db->transformKeyWithSeed(transformSeed)) {
if (!db->setKey(db->key(), false, true)) {
raiseError(tr("Unable to calculate master key"));
return;
}
@ -81,10 +81,11 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
CHECK_RETURN(writeHeaderField(KeePass2::CompressionFlags,
Endian::int32ToBytes(db->compressionAlgo(),
KeePass2::BYTEORDER)));
AesKdf* kdf = static_cast<AesKdf*>(db->kdf());
CHECK_RETURN(writeHeaderField(KeePass2::MasterSeed, masterSeed));
CHECK_RETURN(writeHeaderField(KeePass2::TransformSeed, db->transformSeed()));
CHECK_RETURN(writeHeaderField(KeePass2::TransformSeed, kdf->seed()));
CHECK_RETURN(writeHeaderField(KeePass2::TransformRounds,
Endian::int64ToBytes(db->transformRounds(),
Endian::int64ToBytes(kdf->rounds(),
KeePass2::BYTEORDER)));
CHECK_RETURN(writeHeaderField(KeePass2::EncryptionIV, encryptionIV));
CHECK_RETURN(writeHeaderField(KeePass2::ProtectedStreamKey, protectedStreamKey));