Git-Mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-09-20 04:44:43 -04:00
Code Issues Projects Releases Packages Wiki Activity

Prevent duplicate entries in passphrase wordlists

Browse source 
Replace a QVector for the wordlist with a QSet. This removes all duplicate entries in a given wordlist.
Thus, it hinders a malicious wordlist that has the proper length (>4000 entries) but with repetitions (effectively << 4000 entries) to be used and potentially create weaker passphrases than estimated.

Example:
List with 4000 items but only 64 unique words would lead to only 48 bit of Entropy instead of ~95 bit!
This commit is contained in:
christianwengert 2024-06-28 11:24:44 +02:00 committed by Jonathan White
parent 9b4e6b4e11
commit c7d318236f
8 changed files with 47 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/TestCli.cpp
View file

@ -1088,7 +1088,7 @@ void TestCli::testDiceware()
smallWordFile.close();
execCmd(dicewareCmd, {"diceware", "-W", "11", "-w", smallWordFile.fileName()});
QCOMPARE(m_stderr->readLine(), QByteArray("The word list is too small (< 1000 items)\n"));
QCOMPARE(m_stderr->readLine(), QByteArray("Cannot generate valid passphrases because the wordlist is too short\n"));
}
void TestCli::testEdit()