Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2024-10-01 01:26:01 -04:00
Code Issues Packages Projects Releases Wiki Activity

SSH Agent: Fix handling of encrypted RSA keys

Browse Source 
Also fix multiple UI issues caused by said keys.

Fixes #1560
This commit is contained in:
Toni Spets 2018-03-01 18:27:53 +02:00 committed by Janek Bevendorff
parent 97a890e8a0
commit b0a61f437a
4 changed files with 52 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
src/gui/entry/EditEntryWidget.cpp
View File

@ -346,24 +346,32 @@ void EditEntryWidget::updateSSHAgentKeyInfo()
return;
}
m_sshAgentUi->fingerprintTextLabel->setText(key.fingerprint());
if (key.encrypted()) {
m_sshAgentUi->commentTextLabel->setText(tr("(encrypted)"));
m_sshAgentUi->decryptButton->setEnabled(true);
if (!key.fingerprint().isEmpty()) {
m_sshAgentUi->fingerprintTextLabel->setText(key.fingerprint());
} else {
m_sshAgentUi->commentTextLabel->setText(key.comment());
m_sshAgentUi->fingerprintTextLabel->setText(tr("(encrypted)"));
}
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
if (!key.comment().isEmpty() || !key.encrypted()) {
m_sshAgentUi->commentTextLabel->setText(key.comment());
} else {
m_sshAgentUi->commentTextLabel->setText(tr("(encrypted)"));
m_sshAgentUi->decryptButton->setEnabled(true);
}
if (!key.publicKey().isEmpty()) {
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
m_sshAgentUi->copyToClipboardButton->setEnabled(true);
} else {
m_sshAgentUi->publicKeyEdit->document()->setPlainText(tr("(encrypted)"));
m_sshAgentUi->copyToClipboardButton->setDisabled(true);
}
// enable agent buttons only if we have an agent running
if (SSHAgent::instance()->isAgentRunning()) {
m_sshAgentUi->addToAgentButton->setEnabled(true);
m_sshAgentUi->removeFromAgentButton->setEnabled(true);
}
m_sshAgentUi->copyToClipboardButton->setEnabled(true);
}
void EditEntryWidget::saveSSHAgentConfig()
@ -410,7 +418,7 @@ void EditEntryWidget::browsePrivateKey()
}
}
bool EditEntryWidget::getOpenSSHKey(OpenSSHKey& key)
bool EditEntryWidget::getOpenSSHKey(OpenSSHKey& key, bool decrypt)
{
QByteArray privateKeyData;
@ -436,7 +444,7 @@ bool EditEntryWidget::getOpenSSHKey(OpenSSHKey& key)
privateKeyData = localFile.readAll();
}
if (privateKeyData.length() == 0) {
if (privateKeyData.isEmpty()) {
return false;
}
@ -445,6 +453,13 @@ bool EditEntryWidget::getOpenSSHKey(OpenSSHKey& key)
return false;
}
if (key.encrypted() && (decrypt || key.publicKey().isEmpty())) {
if (!key.openPrivateKey(m_entry->password())) {
showMessage(key.errorString(), MessageWidget::Error);
return false;
}
}
if (key.comment().isEmpty()) {
key.setComment(m_entry->username());
}
@ -456,16 +471,12 @@ void EditEntryWidget::addKeyToAgent()
{
OpenSSHKey key;
if (!getOpenSSHKey(key)) {
if (!getOpenSSHKey(key, true)) {
return;
}
if (!key.openPrivateKey(m_entry->password())) {
showMessage(key.errorString(), MessageWidget::Error);
} else {
m_sshAgentUi->commentTextLabel->setText(key.comment());
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
}
m_sshAgentUi->commentTextLabel->setText(key.comment());
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
quint32 lifetime = 0;
bool confirm = m_sshAgentUi->requireUserConfirmationCheckBox->isChecked();
@ -494,16 +505,19 @@ void EditEntryWidget::decryptPrivateKey()
{
OpenSSHKey key;
if (!getOpenSSHKey(key)) {
if (!getOpenSSHKey(key, true)) {
return;
}
if (!key.openPrivateKey(m_entry->password())) {
showMessage(key.errorString(), MessageWidget::Error);
} else {
if (!key.comment().isEmpty()) {
m_sshAgentUi->commentTextLabel->setText(key.comment());
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
} else {
m_sshAgentUi->commentTextLabel->setText(tr("n/a"));
}
m_sshAgentUi->fingerprintTextLabel->setText(key.fingerprint());
m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());
m_sshAgentUi->copyToClipboardButton->setEnabled(true);
}
void EditEntryWidget::copyPublicKey()

2
src/gui/entry/EditEntryWidget.h
View File

@ -128,7 +128,7 @@ private:
QMenu* createPresetsMenu();
void updateEntryData(Entry* entry) const;
#ifdef WITH_XC_SSHAGENT
bool getOpenSSHKey(OpenSSHKey& key);
bool getOpenSSHKey(OpenSSHKey& key, bool decrypt = false);
void saveSSHAgentConfig();
#endif

10
src/sshagent/OpenSSHKey.cpp
View File

@ -94,6 +94,10 @@ int OpenSSHKey::keyLength() const
const QString OpenSSHKey::fingerprint() const
{
if (m_publicData.isEmpty()) {
return {};
}
QByteArray publicKey;
BinaryStream stream(&publicKey);
@ -115,6 +119,10 @@ const QString OpenSSHKey::comment() const
const QString OpenSSHKey::publicKey() const
{
if (m_publicData.isEmpty()) {
return {};
}
QByteArray publicKey;
BinaryStream stream(&publicKey);
@ -326,7 +334,7 @@ bool OpenSSHKey::openPrivateKey(const QString& passphrase)
return false;
}
if (passphrase.length() == 0) {
if (passphrase.isEmpty()) {
m_error = tr("Passphrase is required to decrypt this key");
return false;
}

6
src/sshagent/SSHAgent.cpp
View File

@ -260,6 +260,10 @@ void SSHAgent::databaseModeChanged(DatabaseWidget::Mode mode)
continue;
}
if (!key.openPrivateKey(e->password())) {
continue;
}
if (key.comment().isEmpty()) {
key.setComment(e->username());
}
@ -268,7 +272,7 @@ void SSHAgent::databaseModeChanged(DatabaseWidget::Mode mode)
removeIdentityAtLock(key, uuid);
}
if (settings.addAtDatabaseOpen() && key.openPrivateKey(e->password())) {
if (settings.addAtDatabaseOpen()) {
int lifetime = 0;
if (settings.useLifetimeConstraintWhenAdding()) {