mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2024-12-29 01:06:27 -05:00
YubiKey: Clean-up master seed challenge
* Tweak the logic so it more closely resembles other code (i.e. trasnformKey()). Matches existing style better. * Save the challengeResponseKey in the database structure so that it can be referred to later (i.e. database unlocking). Signed-off-by: Kyle Manna <kyle@kylemanna.com>
This commit is contained in:
parent
62190d79be
commit
77cc99acd3
@ -176,9 +176,14 @@ QByteArray Database::transformedMasterKey() const
|
||||
return m_data.transformedMasterKey;
|
||||
}
|
||||
|
||||
bool Database::challengeMasterSeed(const QByteArray& masterSeed, QByteArray& result) const
|
||||
QByteArray Database::challengeResponseKey() const
|
||||
{
|
||||
return m_data.key.challenge(masterSeed, result);
|
||||
return m_data.challengeResponseKey;
|
||||
}
|
||||
|
||||
bool Database::challengeMasterSeed(const QByteArray& masterSeed)
|
||||
{
|
||||
return m_data.key.challenge(masterSeed, m_data.challengeResponseKey);
|
||||
}
|
||||
|
||||
void Database::setCipher(const Uuid& cipher)
|
||||
|
@ -59,6 +59,7 @@ public:
|
||||
QByteArray transformedMasterKey;
|
||||
CompositeKey key;
|
||||
bool hasKey;
|
||||
QByteArray challengeResponseKey;
|
||||
};
|
||||
|
||||
Database();
|
||||
@ -89,7 +90,8 @@ public:
|
||||
quint64 transformRounds() const;
|
||||
QByteArray transformedMasterKey() const;
|
||||
const CompositeKey & key() const;
|
||||
bool challengeMasterSeed(const QByteArray& masterSeed, QByteArray& result) const;
|
||||
QByteArray challengeResponseKey() const;
|
||||
bool challengeMasterSeed(const QByteArray& masterSeed);
|
||||
|
||||
void setCipher(const Uuid& cipher);
|
||||
void setCompressionAlgo(Database::CompressionAlgorithm algo);
|
||||
|
@ -113,15 +113,14 @@ Database* KeePass2Reader::readDatabase(QIODevice* device, const CompositeKey& ke
|
||||
return nullptr;
|
||||
}
|
||||
|
||||
QByteArray challengeResult;
|
||||
if (m_db->challengeMasterSeed(m_masterSeed, challengeResult) == false) {
|
||||
if (m_db->challengeMasterSeed(m_masterSeed) == false) {
|
||||
raiseError(tr("Unable to issue challenge-response."));
|
||||
return Q_NULLPTR;
|
||||
}
|
||||
|
||||
CryptoHash hash(CryptoHash::Sha256);
|
||||
hash.addData(m_masterSeed);
|
||||
hash.addData(challengeResult);
|
||||
hash.addData(m_db->challengeResponseKey());
|
||||
hash.addData(m_db->transformedMasterKey());
|
||||
QByteArray finalKey = hash.result();
|
||||
|
||||
|
@ -51,15 +51,14 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
|
||||
QByteArray startBytes = randomGen()->randomArray(32);
|
||||
QByteArray endOfHeader = "\r\n\r\n";
|
||||
|
||||
QByteArray challengeResult;
|
||||
if (db->challengeMasterSeed(masterSeed, challengeResult) == false) {
|
||||
if (db->challengeMasterSeed(masterSeed) == false) {
|
||||
raiseError("Unable to issue challenge-response.");
|
||||
return;
|
||||
}
|
||||
|
||||
CryptoHash hash(CryptoHash::Sha256);
|
||||
hash.addData(masterSeed);
|
||||
hash.addData(challengeResult);
|
||||
hash.addData(db->challengeResponseKey());
|
||||
Q_ASSERT(!db->transformedMasterKey().isEmpty());
|
||||
hash.addData(db->transformedMasterKey());
|
||||
QByteArray finalKey = hash.result();
|
||||
|
Loading…
Reference in New Issue
Block a user