Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-06-28 00:17:33 -04:00
Code Issues Projects Releases Packages Wiki Activity

SSH Agent: Expect passphrases to be in UTF-8

Browse source 
The previous default was to expect passphrases to be ASCII or
rather Latin-1. It would be reasonable to expect modern keys to
use UTF-8 instead.

This is a non-breaking change if passphrases only use characters
that fall within ASCII.

Fixes #2102
This commit is contained in:
Toni Spets 2018-07-13 17:41:47 +03:00 committed by Jonathan White
parent c67f7afa49
commit 3727d37101
3 changed files with 28 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/sshagent/OpenSSHKey.cpp
View file

@ -350,7 +350,7 @@ bool OpenSSHKey::openPrivateKey(const QString& passphrase)
QByteArray decryptKey; QByteArray decryptKey;
decryptKey.fill(0, cipher->keySize() + cipher->blockSize()); decryptKey.fill(0, cipher->keySize() + cipher->blockSize());
QByteArray phraseData = passphrase.toLatin1(); QByteArray phraseData = passphrase.toUtf8();
if (bcrypt_pbkdf(phraseData, salt, decryptKey, rounds) < 0) { if (bcrypt_pbkdf(phraseData, salt, decryptKey, rounds) < 0) {
m_error = tr("Key derivation failed, key file corrupted?"); m_error = tr("Key derivation failed, key file corrupted?");
return false; return false;

26
tests/TestOpenSSHKey.cpp
View file

@ -427,3 +427,29 @@ void TestOpenSSHKey::testDecryptRSAAES256CTR()
QCOMPARE(key.comment(), QString("")); QCOMPARE(key.comment(), QString(""));
QCOMPARE(key.fingerprint(), QString("SHA256:1Hsebt2WWnmc72FERsUOgvaajIGHkrMONxXylcmk87U")); QCOMPARE(key.fingerprint(), QString("SHA256:1Hsebt2WWnmc72FERsUOgvaajIGHkrMONxXylcmk87U"));
} }
void TestOpenSSHKey::testDecryptUTF8()
{
const QString keyString = QString(
"-----BEGIN OPENSSH PRIVATE KEY-----\n"
"b3BlbnNzaC1rZXktdjEAAAAACmFlczI1Ni1jdHIAAAAGYmNyeXB0AAAAGAAAABDtSl4OvT\n"
"H/wHay2dvjOnpIAAAAEAAAAAEAAAAzAAAAC3NzaC1lZDI1NTE5AAAAIIhrBrn6rb+d3GwF\n"
"ifpJ6gYut95lXvwypiQmu9ZpA8H9AAAAsD85Gpn2mbVEWq3ygx11wBnN5mUQXnMuP48rLv\n"
"0qwm12IihOkrR925ledwN2Sa5mkkL0XjDz6SsKfIFhFa84hUHQdw5zPR8yVGRWLzkNDmo7\n"
"WXNpnoE4ebsX2j0TsBNjP80RUcJdjSXidkt3+aZjaCfquO8cBQn4GJJSDSPwFJYlJeSD/h\n"
"vpb72MEQchOD3NNMORYTJ5sOJ73RayhhmwjTVlrG+zYAw6fXW0YXX3+5LE\n"
"-----END OPENSSH PRIVATE KEY-----\n"
);
const QByteArray keyData = keyString.toLatin1();
OpenSSHKey key;
QVERIFY(key.parse(keyData));
QVERIFY(key.encrypted());
QCOMPARE(key.cipherName(), QString("aes256-ctr"));
QVERIFY(!key.openPrivateKey("incorrectpassphrase"));
QVERIFY(key.openPrivateKey("äåéëþüúíóö"));
QCOMPARE(key.fingerprint(), QString("SHA256:EfUXwvH4rOoys+AlbznCqjMwzIVW8KuhoWu9uT03FYA"));
QCOMPARE(key.type(), QString("ssh-ed25519"));
QCOMPARE(key.comment(), QString("opensshkey-test-utf8@keepassxc"));
}

1
tests/TestOpenSSHKey.h
View file

@ -37,6 +37,7 @@ private slots:
void testDecryptRSAAES256CBC(); void testDecryptRSAAES256CBC();
void testDecryptOpenSSHAES256CTR(); void testDecryptOpenSSHAES256CTR();
void testDecryptRSAAES256CTR(); void testDecryptRSAAES256CTR();
void testDecryptUTF8();
}; };
#endif // TESTOPENSSHKEY_H #endif // TESTOPENSSHKEY_H