Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-05-02 14:46:07 -04:00
Code Issues Projects Releases Packages Wiki Activity

Prevent duplicate entries in passphrase wordlists

Browse source 
Replace a QVector for the wordlist with a QSet. This removes all duplicate entries in a given wordlist.
Thus, it hinders a malicious wordlist that has the proper length (>4000 entries) but with repetitions (effectively << 4000 entries) to be used and potentially create weaker passphrases than estimated.

Example:
List with 4000 items but only 64 unique words would lead to only 48 bit of Entropy instead of ~95 bit!
This commit is contained in:
Jonathan White 2024-09-13 22:48:16 -04:00
parent 0ae88131f6
commit ad9ef88e15
No known key found for this signature in database
GPG key ID: 440FC65F2E0C6E01
8 changed files with 48 additions and 27 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/TestCli.cpp
View file

@ -1087,7 +1087,7 @@ void TestCli::testDiceware()
smallWordFile.close();
execCmd(dicewareCmd, {"diceware", "-W", "11", "-w", smallWordFile.fileName()});
QCOMPARE(m_stderr->readLine(), QByteArray("The word list is too small (< 1000 items)\n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Cannot generate valid passphrases because the wordlist is too short\n"));
}
void TestCli::testEdit()