From 2434e9111f78017e29be348d5244135c2a88c018 Mon Sep 17 00:00:00 2001 From: sniperbeamer Date: Mon, 19 Jan 2009 20:33:17 +0000 Subject: [PATCH] Fixed bug that prevented opening db with keyfile and password git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@256 b624d157-de02-0410-bad0-e51aec6abb33 --- src/Kdb3Database.cpp | 23 +++++++++++------------ src/crypto/sha256.cpp | 14 ++++++++++++++ src/crypto/sha256.h | 4 +++- src/dialogs/PasswordDlg.cpp | 2 +- 4 files changed, 29 insertions(+), 14 deletions(-) diff --git a/src/Kdb3Database.cpp b/src/Kdb3Database.cpp index a8a1060..768bf45 100644 --- a/src/Kdb3Database.cpp +++ b/src/Kdb3Database.cpp @@ -885,7 +885,7 @@ bool Kdb3Database::setFileKey(const QString& filename){ error=decodeFileError(file.error()); return false; } - unsigned long FileSize=file.size(); + qint64 FileSize=file.size(); if(FileSize == 0){ error=tr("Key file is empty."); return false; @@ -913,33 +913,32 @@ bool Kdb3Database::setFileKey(const QString& filename){ } } SHA256 sha; - unsigned char* buffer = new unsigned char[2048]; - while(1) - { - unsigned long read=file.read((char*)buffer,2048); - if(read == 0) break; - sha.update(buffer,read); - if(read != 2048) break; - } + unsigned char* buffer[2048]; + unsigned long read; + do { + read = file.read((char*)buffer,2048); + if (read != 0) + sha.update(buffer,read); + } while (read == 2048); sha.finish(*RawMasterKey); RawMasterKey.lock(); - delete [] buffer; return true; } bool Kdb3Database::setCompositeKey(const QString& Password,const QString& filename){ SHA256 sha; - if(!setFileKey(filename))return false; + setPasswordKey(Password); RawMasterKey.unlock(); sha.update(*RawMasterKey,32); RawMasterKey.lock(); - setPasswordKey(Password); + if(!setFileKey(filename))return false; RawMasterKey.unlock(); sha.update(*RawMasterKey,32); sha.finish(*RawMasterKey); RawMasterKey.lock(); + return true; } diff --git a/src/crypto/sha256.cpp b/src/crypto/sha256.cpp index acc8883..ef3ca34 100644 --- a/src/crypto/sha256.cpp +++ b/src/crypto/sha256.cpp @@ -42,6 +42,20 @@ void SHA256::hashBuffer(const void* input, void* digest, quint32 length){ sha256_starts(&ctx); sha256_update(&ctx,(quint8*)input,length); sha256_finish(&ctx,(quint8*)digest); + overwriteCtx(&ctx); +} + +void SHA256::overwriteCtx(sha256_context* ctx) { + ctx->total[0] = 0; + ctx->total[1] = 0; + + for (int i=0; i<8; i++) { + ctx->state[i] = 0; + } + + for (int i=0; i<8; i++) { + ctx->buffer[i] = 0; + } } void sha256_starts( sha256_context *ctx ) diff --git a/src/crypto/sha256.h b/src/crypto/sha256.h index f3bdd3b..d0f64c2 100644 --- a/src/crypto/sha256.h +++ b/src/crypto/sha256.h @@ -37,11 +37,13 @@ extern void sha256_finish( sha256_context *ctx, quint8 digest[32] ); class SHA256{ public: SHA256(){sha256_starts(&ctx);} + ~SHA256(){overwriteCtx(&ctx);}; void update(void* input,quint32 length){sha256_update(&ctx,(quint8*)input,length);} void finish(void* digest){sha256_finish(&ctx,(quint8*)digest);} static void hashBuffer(const void* input, void* digest,quint32 length); private: - sha256_context ctx; + static void overwriteCtx(sha256_context* ctx); + sha256_context ctx; }; diff --git a/src/dialogs/PasswordDlg.cpp b/src/dialogs/PasswordDlg.cpp index 15a12ad..90e490e 100644 --- a/src/dialogs/PasswordDlg.cpp +++ b/src/dialogs/PasswordDlg.cpp @@ -287,7 +287,7 @@ void PasswordDialog::OnOK(){ config->setLastKeyLocation(QString()); } else if(Check_KeyFile->isChecked()){ - config->setLastKeyType(PASSWORD); + config->setLastKeyType(KEYFILE); config->setLastKeyLocation(Combo_KeyFile->currentText()); } }