thooge
/
keepassx1
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Don't use /dev/random anymore

Browse Source 
Display help if parsing arguments fails

git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@197 b624d157-de02-0410-bad0-e51aec6abb33
master
sniperbeamer 17 years ago
parent 7c34d2010a
commit 5a2ad9afef
7 changed files with 115 additions and 153 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 7
      src/crypto/yarrow.cpp
  2. 6
      src/keepassx.h
  3. 96
      src/lib/SecString.cpp
  4. 68
      src/lib/random.cpp
  5. 37
      src/lib/random.h
  6. 40
      src/main.cpp
  7. 2
      src/src.pro

7
src/crypto/yarrow.cpp
Unescape View File

@ -400,7 +400,12 @@ struct yarrow_source StrongSrc[2];
void initYarrow(){ void initYarrow(){
yarrow256_init(&WeakCtx,2,WeakSrc); yarrow256_init(&WeakCtx,2,WeakSrc);
yarrow256_init(&StrongCtx,2,StrongSrc); yarrow256_init(&StrongCtx,2,StrongSrc);
new RandomSource();
quint8 buffer[100];
for (int i=0; i<2; i++){
Random::getEntropy(buffer,100);
yarrowUpdateWeak(i,100*8,100,buffer);
}
} }
void yarrowUpdateWeak(unsigned source, unsigned entropy, unsigned length, const quint8 *data){ void yarrowUpdateWeak(unsigned source, unsigned entropy, unsigned length, const quint8 *data){

6
src/keepassx.h
Unescape View File

@ -37,9 +37,9 @@
#include <cstdlib> #include <cstdlib>
#include <iostream> #include <iostream>
#include <assert.h> #include <cassert>
#include <math.h> #include <cmath>
#include <time.h> #include <ctime>
#include <QApplication> #include <QApplication>
#include <QBitArray> #include <QBitArray>

96
src/lib/SecString.cpp
Unescape View File

@ -24,82 +24,80 @@ using namespace std;
CArcFour SecString::RC4; CArcFour SecString::RC4;
SecString::operator QString(){ SecString::operator QString(){
return string(); return string();
} }
SecString::SecString(){ SecString::SecString(){
locked=true; locked=true;
} }
int SecString::length(){ int SecString::length(){
return crypt.size(); return crypt.size();
} }
SecString::~SecString(){ SecString::~SecString(){
lock(); lock();
} }
void SecString::lock(){ void SecString::lock(){
locked=true; locked=true;
overwrite(plain); overwrite(plain);
plain=QString(); plain=QString();
} }
void SecString::unlock(){ void SecString::unlock(){
locked=false; locked = false;
plain=QString(); plain = QString();
if(!crypt.length()){return;} if(!crypt.length())
const unsigned char* buffer=new unsigned char[crypt.length()]; return;
SecString::RC4.decrypt((byte*)crypt.data(),(unsigned char*)buffer,crypt.length()); const unsigned char* buffer = new unsigned char[crypt.length()];
plain=QString::fromUtf8((const char*)buffer,crypt.size()); SecString::RC4.decrypt( (byte*)crypt.data(), (unsigned char*)buffer, crypt.length() );
overwrite((unsigned char*)buffer,crypt.size()); plain = QString::fromUtf8((const char*)buffer, crypt.size());
delete [] buffer; overwrite((unsigned char*)buffer, crypt.size());
delete [] buffer;
} }
const QString& SecString::string(){ const QString& SecString::string(){
if(locked){ Q_ASSERT_X(!locked, "SecString::string()", "string is locked");
printf("Error in function SecString::string(): string is locked\n"); return plain;
return QString(">SEC_STRING_ERROR<");
}
return plain;
} }
void SecString::setString(QString& str, bool DeleteSource){
void SecString::setString(QString& str,bool DeleteSource){ QByteArray StrData = str.toUtf8();
QByteArray StrData=str.toUtf8(); int len = StrData.size();
int len=StrData.size(); unsigned char* buffer = new unsigned char[len];
unsigned char* buffer=new unsigned char[len]; SecString::RC4.encrypt((const unsigned char*)StrData.data(), buffer, len);
SecString::RC4.encrypt((const unsigned char*)StrData.data(),buffer,len); crypt = QByteArray((const char*)buffer, len);
crypt=QByteArray((const char*)buffer,len); overwrite(buffer, len);
overwrite(buffer,len); overwrite((unsigned char*)StrData.data(), len);
overwrite((unsigned char*)StrData.data(),len); delete [] buffer;
delete [] buffer; if(DeleteSource){
if(DeleteSource){
overwrite(str); overwrite(str);
str=QString();} str=QString();
lock(); }
lock();
} }
void SecString::overwrite(unsigned char* str,int strlen){ void SecString::overwrite(unsigned char* str, int strlen){
if(strlen==0 || str==NULL)return; if(strlen==0 || str==NULL)
for(int i=0; i<strlen; i++){ return;
for(int i=0; i<strlen; i++)
str[i]=0; str[i]=0;
} }
}
void SecString::overwrite(QString &str){ void SecString::overwrite(QString& str){
if(str.length()==0)return; if(str.length()==0)
for(int i=0; i<str.length(); i++){ return;
((char*)str.data())[i]=0;
}
}
for(int i=0; i<str.length(); i++)
((char*)str.data())[i] = 0;
}
void SecString::generateSessionKey(){ void SecString::generateSessionKey(){
CArcFour arc; CArcFour arc;
unsigned char* sessionkey=new unsigned char[32]; unsigned char sessionkey[32];
randomize(sessionkey,32); randomize(sessionkey,32);
RC4.setKey(sessionkey,32); RC4.setKey(sessionkey,32);
delete [] sessionkey; overwrite(sessionkey,32);
} }

68
src/lib/random.cpp
Unescape View File

@ -20,35 +20,20 @@
#include "random.h" #include "random.h"
#if defined(Q_WS_WIN)
#if defined(Q_WS_X11) || defined(Q_WS_MAC)
#include <QFile>
#elif defined(Q_WS_WIN)
#include <windows.h> #include <windows.h>
#include <QSysInfo> #include <QSysInfo>
#endif #endif
RandomSource::RandomSource(){ #include <QCursor>
quint8 buffer[100]; #include <QDateTime>
for (int i=0; i<2; i++){ #include <QTime>
getRandomWeak(buffer,100);
yarrowUpdateWeak(i,100*8,100,buffer);
}
#ifdef HAS_DEV_RANDOM
if (QFile::exists("/dev/random")){
DevRandom* devRandom = new DevRandom(this);
connect(devRandom, SIGNAL(randomAvailable(int,QByteArray,int)), SLOT(seedStrong(int,QByteArray,int)));
connect(devRandom, SIGNAL(finished()), SLOT(deleteLater()));
devRandom->start();
}
else{
deleteLater();
}
#else
deleteLater();
#endif
}
void RandomSource::getRandomWeak(quint8* buffer, int length){ void Random::getEntropy(quint8* buffer, int length){
#if defined(HAS_DEV_RANDOM) #if defined(Q_WS_X11) || defined(Q_WS_MAC)
QFile dev_urandom("/dev/urandom"); QFile dev_urandom("/dev/urandom");
if (dev_urandom.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_urandom.read((char*)buffer,length)==length) if (dev_urandom.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_urandom.read((char*)buffer,length)==length)
return; return;
@ -69,30 +54,27 @@ void RandomSource::getRandomWeak(quint8* buffer, int length){
} }
#endif #endif
srand(time(NULL)); initStdRand();
for(int i=0;i<length;i++){ for(int i=0;i<length;i++){
((quint8*)buffer)[i] = (quint8) (rand()%256); ((quint8*)buffer)[i] = (quint8) (qrand()%256);
} }
} }
#ifdef HAS_DEV_RANDOM void Random::initStdRand(){
void RandomSource::seedStrong(int source, QByteArray buffer, int length){ static bool initalized = false;
yarrowUpdateStrong(source,length*8,length,(const quint8*)buffer.constData()); if (initalized)
} return;
DevRandom::DevRandom(QObject* parent) : QThread(parent){ QByteArray buffer;
} QDataStream stream(&buffer, QIODevice::WriteOnly);
void DevRandom::run(){ stream << QCursor::pos();
QByteArray buffer(50,0); stream << QDateTime::currentDateTime().toTime_t();
for (int i=0; i<2; i++){ stream << QTime::currentTime().msec();
if (getRandomStrong((quint8*)buffer.data(),50))
emit randomAvailable(i,buffer,50); quint8 hash[32];
} SHA256::hashBuffer(buffer.data(), hash, buffer.size());
}
bool DevRandom::getRandomStrong(quint8* buffer, int length){ qsrand( (uint) *hash );
QFile dev_random("/dev/random"); initalized = true;
return (dev_random.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_random.read((char*)buffer,length)==length);
} }
#endif

37
src/lib/random.h
Unescape View File

@ -22,40 +22,9 @@
#include <QObject> #include <QObject>
#if defined(Q_WS_X11) || defined(Q_WS_MAC) namespace Random {
#define HAS_DEV_RANDOM void getEntropy(quint8* buffer, int length);
#include <QThread> void initStdRand();
#endif
class RandomSource : public QObject {
Q_OBJECT
public:
RandomSource();
private:
static void getRandomWeak(quint8* buffer, int length);
#ifdef HAS_DEV_RANDOM
private slots:
void seedStrong(int source, QByteArray buffer, int length);
#endif
}; };
#ifdef HAS_DEV_RANDOM
class DevRandom : public QThread {
Q_OBJECT
public:
DevRandom(QObject* parent = 0);
void run();
signals:
void randomAvailable(int source, QByteArray buffer, int length);
private:
static bool getRandomStrong(quint8* buffer, int length);
};
#endif
#endif #endif

40
src/main.cpp
Unescape View File

@ -55,7 +55,8 @@ int main(int argc, char **argv)
initAppPaths(argc,argv); initAppPaths(argc,argv);
CmdLineArgs args; CmdLineArgs args;
if(!args.preparse(argc,argv)){ // searches only for the -cfg parameter if(!args.preparse(argc,argv)){ // searches only for the -cfg parameter
qCritical(CSTR(args.error())); qCritical(CSTR( args.error().append("\n") ));
args.printHelp();
return 1; return 1;
} }
@ -127,8 +128,15 @@ int main(int argc, char **argv)
app = new QApplication(argc,argv); app = new QApplication(argc,argv);
#endif #endif
} }
args.parse(QApplication::arguments()); if ( !args.parse(QApplication::arguments()) ){
qCritical(CSTR( args.error().append("\n") ));
args.printHelp();
return 1;
}
if (args.help()){
args.printHelp();
return 1;
}
//Internationalization //Internationalization
QLocale loc; QLocale loc;
@ -233,7 +241,7 @@ CmdLineArgs::CmdLineArgs(){
bool CmdLineArgs::parse(const QStringList& argv){ bool CmdLineArgs::parse(const QStringList& argv){
for(int i=1;i<argv.size();i++){ for(int i=1;i<argv.size();i++){
if(argv[i]=="-help"){ if(argv[i]=="-help" || argv[i]=="--help" || argv[i]=="-h"){
Help=true; Help=true;
break; // break, because other arguments will be ignored anyway break; // break, because other arguments will be ignored anyway
} }
@ -263,7 +271,7 @@ bool CmdLineArgs::parse(const QStringList& argv){
StartLocked=true; StartLocked=true;
continue; continue;
} }
if(i==1){ if(i==1 && argv[i].left(1)!="-"){
File=argv[1]; File=argv[1];
continue; continue;
} }
@ -294,17 +302,17 @@ bool CmdLineArgs::preparse(int argc,char** argv){
} }
void CmdLineArgs::printHelp(){ void CmdLineArgs::printHelp(){
cout << "KeePassX" << APP_VERSION << endl; cerr << "KeePassX " << APP_VERSION << endl;
cout << "Usage: keepassx [Filename] [Options]" << endl; cerr << "Usage: keepassx [Filename] [Options]" << endl;
cout << " -help This Help" << endl; cerr << " -help This Help" << endl;
cout << " -cfg <CONFIG> Use specified file for loading/saving the configuration." << endl; cerr << " -cfg <CONFIG> Use specified file for loading/saving the configuration." << endl;
cout << " -min Start minimized." << endl; cerr << " -min Start minimized." << endl;
cout << " -lock Start locked." << endl; cerr << " -lock Start locked." << endl;
cout << " -lang <LOCALE> Use specified language instead of systems default." << endl; cerr << " -lang <LOCALE> Use specified language instead of systems default." << endl;
cout << " <LOCALE> is the ISO-639 language code with or without ISO-3166 country code" << endl; cerr << " <LOCALE> is the ISO-639 language code with or without ISO-3166 country code" << endl;
cout << " Examples: de German" << endl; cerr << " Examples: de German" << endl;
cout << " de_CH German(Switzerland)"<<endl; cerr << " de_CH German(Switzerland)" << endl;
cout << " pt_BR Portuguese(Brazil)"<<endl; cerr << " pt_BR Portuguese(Brazil)" << endl;
} }

2
src/src.pro
Unescape View File

@ -173,7 +173,7 @@ HEADERS += lib/UrlLabel.h \
dialogs/CalendarDlg.h \ dialogs/CalendarDlg.h \
dialogs/ExpiredEntriesDlg.h \ dialogs/ExpiredEntriesDlg.h \
# dialogs/TrashCanDlg.h \ # dialogs/TrashCanDlg.h \
lib/random.h \ # lib/random.h \
Database.h \ Database.h \
lib/AutoType.h \ lib/AutoType.h \
lib/FileDialogs.h \ lib/FileDialogs.h \