Don't use /dev/random anymore

Display help if parsing arguments fails git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@197 b624d157-de02-0410-bad0-e51aec6abb33
17 years ago · 5a2ad9afef
parent 7c34d2010a
commit 5a2ad9afef
7 changed files with 115 additions and 153 deletions
--- a/src/crypto/yarrow.cpp
+++ b/src/crypto/yarrow.cpp
@ -400,7 +400,12 @@ struct yarrow_source StrongSrc[2];
 void initYarrow(){
 	yarrow256_init(&WeakCtx,2,WeakSrc);
 	yarrow256_init(&StrongCtx,2,StrongSrc);
-	new RandomSource();
+	
+	quint8 buffer[100];
+	for (int i=0; i<2; i++){
+		Random::getEntropy(buffer,100);
+		yarrowUpdateWeak(i,100*8,100,buffer);
+	}
 }

 void yarrowUpdateWeak(unsigned source, unsigned entropy, unsigned length, const quint8 *data){
--- a/src/keepassx.h
+++ b/src/keepassx.h
@ -37,9 +37,9 @@
 #include <cstdlib>
 #include <iostream>

-#include <assert.h>
-#include <math.h>
-#include <time.h>
+#include <cassert>
+#include <cmath>
+#include <ctime>

 #include <QApplication>
 #include <QBitArray>
--- a/src/lib/SecString.cpp
+++ b/src/lib/SecString.cpp
@ -24,82 +24,80 @@ using namespace std;
 CArcFour SecString::RC4;

 SecString::operator QString(){
-return string();
+	return string();
 }

 SecString::SecString(){
-locked=true;
+	locked=true;
 }

 int SecString::length(){
-return crypt.size();
+	return crypt.size();
 }

 SecString::~SecString(){
-lock();
+	lock();
 }

 void SecString::lock(){
-locked=true;
-overwrite(plain);
-plain=QString();
+	locked=true;
+	overwrite(plain);
+	plain=QString();
 }

 void SecString::unlock(){
-locked=false;
-plain=QString();
-if(!crypt.length()){return;}
-const unsigned char* buffer=new unsigned char[crypt.length()];
-SecString::RC4.decrypt((byte*)crypt.data(),(unsigned char*)buffer,crypt.length());
-plain=QString::fromUtf8((const char*)buffer,crypt.size());
-overwrite((unsigned char*)buffer,crypt.size());
-delete [] buffer;
+	locked = false;
+	plain = QString();
+	if(!crypt.length())
+		return;
+	const unsigned char* buffer = new unsigned char[crypt.length()];
+	SecString::RC4.decrypt( (byte*)crypt.data(), (unsigned char*)buffer, crypt.length() );
+	plain = QString::fromUtf8((const char*)buffer, crypt.size());
+	overwrite((unsigned char*)buffer, crypt.size());
+	delete [] buffer;
 }

-
 const QString& SecString::string(){
-if(locked){
- printf("Error in function SecString::string(): string is locked\n");
- return QString(">SEC_STRING_ERROR<");
-}
-return plain;
+	Q_ASSERT_X(!locked, "SecString::string()", "string is locked");
+	return plain;
 }

-
-void SecString::setString(QString& str,bool DeleteSource){
-QByteArray StrData=str.toUtf8();
-int len=StrData.size();
-unsigned char* buffer=new unsigned char[len];
-SecString::RC4.encrypt((const unsigned char*)StrData.data(),buffer,len);
-crypt=QByteArray((const char*)buffer,len);
-overwrite(buffer,len);
-overwrite((unsigned char*)StrData.data(),len);
-delete [] buffer;
-if(DeleteSource){
+void SecString::setString(QString& str, bool DeleteSource){
+	QByteArray StrData = str.toUtf8();
+	int len = StrData.size();
+	unsigned char* buffer = new unsigned char[len];
+	SecString::RC4.encrypt((const unsigned char*)StrData.data(), buffer, len);
+	crypt = QByteArray((const char*)buffer, len);
+	overwrite(buffer, len);
+	overwrite((unsigned char*)StrData.data(), len);
+	delete [] buffer;
+	if(DeleteSource){
 		overwrite(str);
-  str=QString();}
-lock();
+		str=QString();
+	}
+	lock();
 }

-void SecString::overwrite(unsigned char* str,int strlen){
-if(strlen==0 || str==NULL)return;
-for(int i=0; i<strlen; i++){
+void SecString::overwrite(unsigned char* str, int strlen){
+	if(strlen==0 || str==NULL)
+		return;
+	
+	for(int i=0; i<strlen; i++)
 		str[i]=0;
 }
-}

-void SecString::overwrite(QString &str){
-if(str.length()==0)return;
-for(int i=0; i<str.length(); i++){
-	((char*)str.data())[i]=0;
-}
-}
+void SecString::overwrite(QString& str){
+	if(str.length()==0)
+		return;
 	
+	for(int i=0; i<str.length(); i++)
+		((char*)str.data())[i] = 0;
+}

 void SecString::generateSessionKey(){
-CArcFour arc;
-unsigned char* sessionkey=new unsigned char[32];
-randomize(sessionkey,32);
-RC4.setKey(sessionkey,32);
-delete [] sessionkey;
+	CArcFour arc;
+	unsigned char sessionkey[32];
+	randomize(sessionkey,32);
+	RC4.setKey(sessionkey,32);
+	overwrite(sessionkey,32);
 }
--- a/src/lib/random.cpp
+++ b/src/lib/random.cpp
@ -20,35 +20,20 @@

 #include "random.h"

-#if defined(Q_WS_WIN)
+
+#if defined(Q_WS_X11) || defined(Q_WS_MAC)
+	#include <QFile>
+#elif defined(Q_WS_WIN)
 	#include <windows.h>
 	#include <QSysInfo>
 #endif

-RandomSource::RandomSource(){
-	quint8 buffer[100];
-	for (int i=0; i<2; i++){
-		getRandomWeak(buffer,100);
-		yarrowUpdateWeak(i,100*8,100,buffer);
-	}
-	
-#ifdef HAS_DEV_RANDOM
-	if (QFile::exists("/dev/random")){
-		DevRandom* devRandom = new DevRandom(this);
-		connect(devRandom, SIGNAL(randomAvailable(int,QByteArray,int)), SLOT(seedStrong(int,QByteArray,int)));
-		connect(devRandom, SIGNAL(finished()), SLOT(deleteLater()));
-		devRandom->start();
-	}
-	else{
-		deleteLater();
-	}
-#else
-	deleteLater();
-#endif
-}
+#include <QCursor>
+#include <QDateTime>
+#include <QTime>

-void RandomSource::getRandomWeak(quint8* buffer, int length){
-#if defined(HAS_DEV_RANDOM)
+void Random::getEntropy(quint8* buffer, int length){
+#if defined(Q_WS_X11) || defined(Q_WS_MAC)
 	QFile dev_urandom("/dev/urandom");
 	if (dev_urandom.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_urandom.read((char*)buffer,length)==length)
 		return;
@ -69,30 +54,27 @@ void RandomSource::getRandomWeak(quint8* buffer, int length){
 	}
 #endif
 	
-	srand(time(NULL));
+	initStdRand();
 	for(int i=0;i<length;i++){
-		((quint8*)buffer)[i] = (quint8) (rand()%256);
+		((quint8*)buffer)[i] = (quint8) (qrand()%256);
 	}
 }

-#ifdef HAS_DEV_RANDOM
-void RandomSource::seedStrong(int source, QByteArray buffer, int length){
-	yarrowUpdateStrong(source,length*8,length,(const quint8*)buffer.constData());
-}
+void Random::initStdRand(){
+	static bool initalized = false;
+	if (initalized)
+		return;
 	
-DevRandom::DevRandom(QObject* parent) : QThread(parent){
-}
+	QByteArray buffer;
+	QDataStream stream(&buffer, QIODevice::WriteOnly);
 	
-void DevRandom::run(){
-	QByteArray buffer(50,0);
-	for (int i=0; i<2; i++){
-		if (getRandomStrong((quint8*)buffer.data(),50))
-			emit randomAvailable(i,buffer,50);
-	}
-}
+	stream << QCursor::pos();
+	stream << QDateTime::currentDateTime().toTime_t();
+	stream << QTime::currentTime().msec();
+	
+	quint8 hash[32];
+	SHA256::hashBuffer(buffer.data(), hash, buffer.size());
 	
-bool DevRandom::getRandomStrong(quint8* buffer, int length){
-	QFile dev_random("/dev/random");
-	return (dev_random.open(QIODevice::ReadOnly|QIODevice::Unbuffered) && dev_random.read((char*)buffer,length)==length);
+	qsrand( (uint) *hash );
+	initalized = true;
 }
-#endif
--- a/src/lib/random.h
+++ b/src/lib/random.h
@ -22,40 +22,9 @@

 #include <QObject>

-#if defined(Q_WS_X11) || defined(Q_WS_MAC)
-#define HAS_DEV_RANDOM
-#include <QThread>
-#endif
-
-class RandomSource : public QObject {
-	Q_OBJECT
-	
-	public:
-		RandomSource();
-	
-	private:
-		static void getRandomWeak(quint8* buffer, int length);
-
-#ifdef HAS_DEV_RANDOM
-	private slots:
-		void seedStrong(int source, QByteArray buffer, int length);
-#endif
+namespace Random {
+	void getEntropy(quint8* buffer, int length);
+	void initStdRand();
 };

-#ifdef HAS_DEV_RANDOM
-class DevRandom : public QThread {
-	Q_OBJECT
-	
-	public:
-		DevRandom(QObject* parent = 0);
-		void run();
-		
-	signals:
-		void randomAvailable(int source, QByteArray buffer, int length);
-		
-	private:
-		static bool getRandomStrong(quint8* buffer, int length);
-};
-#endif
-
 #endif
--- a/src/main.cpp
+++ b/src/main.cpp
@ -55,7 +55,8 @@ int main(int argc, char **argv)
 	initAppPaths(argc,argv);
 	CmdLineArgs args;
 	if(!args.preparse(argc,argv)){ // searches only for the -cfg parameter
-		qCritical(CSTR(args.error()));
+		qCritical(CSTR( args.error().append("\n") ));
+		args.printHelp();
 		return 1;
 	}

@ -127,8 +128,15 @@ int main(int argc, char **argv)
 			app = new QApplication(argc,argv);
 		#endif	
 	}
-	args.parse(QApplication::arguments());
-	
+	if ( !args.parse(QApplication::arguments()) ){
+		qCritical(CSTR( args.error().append("\n") ));
+		args.printHelp();
+		return 1;
+	}
+	if (args.help()){
+		args.printHelp();
+		return 1;
+	}
 	
 	//Internationalization
 	QLocale loc;
@ -233,7 +241,7 @@ CmdLineArgs::CmdLineArgs(){

 bool CmdLineArgs::parse(const QStringList& argv){
 	for(int i=1;i<argv.size();i++){
-		if(argv[i]=="-help"){
+		if(argv[i]=="-help" || argv[i]=="--help" || argv[i]=="-h"){
 			Help=true;
 			break; // break, because other arguments will be ignored anyway
 		}
@ -263,7 +271,7 @@ bool CmdLineArgs::parse(const QStringList& argv){
 			StartLocked=true;
 			continue;
 		}
-		if(i==1){
+		if(i==1 && argv[i].left(1)!="-"){
 			File=argv[1];
 			continue;
 		}
@ -294,17 +302,17 @@ bool CmdLineArgs::preparse(int argc,char** argv){
 }

 void CmdLineArgs::printHelp(){
-	cout << "KeePassX" << APP_VERSION << endl;
-	cout << "Usage: keepassx  [Filename] [Options]" << endl;
-	cout << "  -help             This Help" << endl;
-	cout << "  -cfg <CONFIG>     Use specified file for loading/saving the configuration." << endl;
-	cout << "  -min              Start minimized." << endl;
-	cout << "  -lock             Start locked." << endl;
-	cout << "  -lang <LOCALE>    Use specified language instead of systems default." << endl;
-	cout << "                    <LOCALE> is the ISO-639 language code with or without ISO-3166 country code" << endl;
-	cout << "                    Examples: de     German" << endl;
-	cout << "                              de_CH  German(Switzerland)"<<endl;
-	cout << "                              pt_BR  Portuguese(Brazil)"<<endl;
+	cerr << "KeePassX " << APP_VERSION << endl;
+	cerr << "Usage: keepassx  [Filename] [Options]" << endl;
+	cerr << "  -help             This Help" << endl;
+	cerr << "  -cfg <CONFIG>     Use specified file for loading/saving the configuration." << endl;
+	cerr << "  -min              Start minimized." << endl;
+	cerr << "  -lock             Start locked." << endl;
+	cerr << "  -lang <LOCALE>    Use specified language instead of systems default." << endl;
+	cerr << "                    <LOCALE> is the ISO-639 language code with or without ISO-3166 country code" << endl;
+	cerr << "                    Examples: de     German" << endl;
+	cerr << "                              de_CH  German(Switzerland)" << endl;
+	cerr << "                              pt_BR  Portuguese(Brazil)" << endl;
 }


--- a/src/src.pro
+++ b/src/src.pro
@ -173,7 +173,7 @@ HEADERS += lib/UrlLabel.h \
           dialogs/CalendarDlg.h \
           dialogs/ExpiredEntriesDlg.h \
 #           dialogs/TrashCanDlg.h \
-           lib/random.h \
+#           lib/random.h \
           Database.h \
           lib/AutoType.h \
           lib/FileDialogs.h \