Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-01-15 01:07:27 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Regenerate transform seed and transform master key on save.

Browse Source
This commit is contained in:
rockihack 2017-10-13 12:31:57 +02:00 committed by Jonathan White
parent 3bc8a79b9b
commit c6f83b9ca6
4 changed files with 31 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
src/core/Database.cpp
View File

@ -257,6 +257,25 @@ bool Database::hasKey() const
return m_data.hasKey; return m_data.hasKey;
} }
bool Database::transformKeyWithSeed(const QByteArray& transformSeed)
{
Q_ASSERT(hasKey());
bool ok;
QString errorString;
QByteArray transformedMasterKey =
m_data.key.transform(transformSeed, transformRounds(), &ok, &errorString);
if (!ok) {
return false;
}
m_data.transformSeed = transformSeed;
m_data.transformedMasterKey = transformedMasterKey;
return true;
}
bool Database::verifyKey(const CompositeKey& key) const bool Database::verifyKey(const CompositeKey& key) const
{ {
Q_ASSERT(hasKey()); Q_ASSERT(hasKey());

1
src/core/Database.h
View File

@ -106,6 +106,7 @@ public:
*/ */
bool setKey(const CompositeKey& key); bool setKey(const CompositeKey& key);
bool hasKey() const; bool hasKey() const;
bool transformKeyWithSeed(const QByteArray& transformSeed);
bool verifyKey(const CompositeKey& key) const; bool verifyKey(const CompositeKey& key) const;
void recycleEntry(Entry* entry); void recycleEntry(Entry* entry);
void recycleGroup(Group* group); void recycleGroup(Group* group);

8
src/format/KeePass2Writer.cpp
View File

@ -45,6 +45,7 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
m_error = false; m_error = false;
m_errorStr.clear(); m_errorStr.clear();
QByteArray transformSeed = randomGen()->randomArray(32);
QByteArray masterSeed = randomGen()->randomArray(32); QByteArray masterSeed = randomGen()->randomArray(32);
QByteArray encryptionIV = randomGen()->randomArray(16); QByteArray encryptionIV = randomGen()->randomArray(16);
QByteArray protectedStreamKey = randomGen()->randomArray(32); QByteArray protectedStreamKey = randomGen()->randomArray(32);
@ -52,7 +53,12 @@ void KeePass2Writer::writeDatabase(QIODevice* device, Database* db)
QByteArray endOfHeader = "\r\n\r\n"; QByteArray endOfHeader = "\r\n\r\n";
if (db->challengeMasterSeed(masterSeed) == false) { if (db->challengeMasterSeed(masterSeed) == false) {
raiseError("Unable to issue challenge-response."); raiseError(tr("Unable to issue challenge-response."));
return;
}
if (!db->transformKeyWithSeed(transformSeed)) {
raiseError(tr("Unable to calculate master key"));
return; return;
} }

4
src/format/KeePass2Writer.h
View File

@ -18,6 +18,8 @@
#ifndef KEEPASSX_KEEPASS2WRITER_H #ifndef KEEPASSX_KEEPASS2WRITER_H
#define KEEPASSX_KEEPASS2WRITER_H #define KEEPASSX_KEEPASS2WRITER_H
#include <QCoreApplication>
#include "format/KeePass2.h" #include "format/KeePass2.h"
#include "keys/CompositeKey.h" #include "keys/CompositeKey.h"
@ -26,6 +28,8 @@ class QIODevice;
class KeePass2Writer class KeePass2Writer
{ {
Q_DECLARE_TR_FUNCTIONS(KeePass2Writer)
public: public:
KeePass2Writer(); KeePass2Writer();
void writeDatabase(QIODevice* device, Database* db); void writeDatabase(QIODevice* device, Database* db);