changed encryption method of SecStrings from Rijndael to ArcFour (much faster)

git-svn-id: https://svn.code.sf.net/p/keepassx/code/trunk@49 b624d157-de02-0410-bad0-e51aec6abb33
2006-02-22 19:12:44 +00:00
parent 68f1d12d74
commit f89372b0c5
13 changed files with 281 additions and 116 deletions
--- a/src/lib/EntryView.cpp
+++ b/src/lib/EntryView.cpp
@@ -69,14 +69,31 @@ ContextMenu->popup(e->globalPos());


 void KeepassEntryView::updateItems(unsigned int GroupID){
+
 clear();
 Items.clear();
 if(!db)return;
 if(!GroupID)return;
-EntryViewItem *tmp=NULL;
 for(int i=0;i<db->Entries.size();i++){
-  CEntry* entry=&db->Entries[i];
-  if(entry->GroupID==GroupID){
+  if(db->Entries[i].GroupID==GroupID)
+  	setEntry(&db->Entries[i]);
+}
+
+}
+
+void KeepassEntryView::showSearchResults(QList<Q_UINT32>& results){
+clear();
+Items.clear();
+for(int j=0; j<results.size(); j++){
+	for(int i=0; i<db->Entries.size();i++){
+		if(db->Entries[i].sID == results[j])
+ 		setEntry(&db->Entries[i]);
+	}
+}
+}
+
+void KeepassEntryView::setEntry(CEntry* entry){
+  EntryViewItem* tmp=NULL;
  Items.push_back(tmp=new EntryViewItem(this));
  Items.back()->pEntry=entry;
  int j=0;
@@ -93,8 +110,9 @@ for(int i=0;i<db->Entries.size();i++){
    if(config.ListView_HidePasswords)
      tmp->setText(j++,"******");
    else{
-      tmp->setText(j++,entry->Password.getString());
-      entry->Password.delRef();}}
+	  entry->Password.unlock();
+      tmp->setText(j++,entry->Password.string());
+      entry->Password.lock();}}
  if(config.Columns[4]){
    tmp->setText(j++,entry->Additional.section('\n',0,0));}
  if(config.Columns[5]){
@@ -108,17 +126,6 @@ for(int i=0;i<db->Entries.size();i++){
  if(config.Columns[9]){
   tmp->setText(j++,entry->BinaryDesc);}
  Items.back()->setIcon(0,EntryIcons[entry->ImageID]);
-}}
-}
-
-void KeepassEntryView::showSearchResults(QList<Q_UINT32>& results){
-updateItems(0);
-for(int j=0; j<results.size(); j++){
-	for(int i=0; i<Items.size();i++){
-		if(Items[i]->pEntry->sID == results[j])
- 		setItemHidden(Items[i],false);
-	}
-}
 }

 void KeepassEntryView::refreshItems(){
@@ -141,8 +148,9 @@ for(int i=0;i<Items.size();i++){
    if(config.ListView_HidePasswords)
      tmp->setText(j++,"******");
    else{
-      tmp->setText(j++,entry->Password.getString());
-      entry->Password.delRef();}}
+      entry->Password.unlock();
+      tmp->setText(j++,entry->Password.string());
+      entry->Password.lock();}}
  if(config.Columns[4]){
    tmp->setText(j++,entry->Additional.section('\n',0,0));}
  if(config.Columns[5]){
--- a/src/lib/EntryView.h
+++ b/src/lib/EntryView.h
@@ -38,6 +38,7 @@ public:
 vector<EntryViewItem*>Items;
 QMenu *ContextMenu;
 private:
+ void setEntry(CEntry* entry);
 int CurrentGroup;
 protected:
 virtual void contextMenuEvent(QContextMenuEvent *event);
--- a/src/lib/SecString.cpp
+++ b/src/lib/SecString.cpp
@@ -19,83 +19,89 @@
 ***************************************************************************/

 #include "SecString.h"
-#include <qmessagebox.h>
 #include <iostream>
+#include "crypto/arcfour.h"
 #include "random.h"
 using namespace std;
-Q_UINT8 SecString::Key[32]={0};
+CArcFour SecString::RC4;
+
+SecString::operator QString(){
+return string();
+}

 SecString::SecString(){
-len=0;
+locked=true;
 }

+int SecString::length(){
+return crypt.size();
+}

 SecString::~SecString(){
-overwrite(plaintext);
+lock();
 }

-void SecString::getString(QString & str){
-if(data.size()){
-Rijndael aes;
-int r=aes.init(Rijndael::CBC, Rijndael::Decrypt,Key,Rijndael::Key32Bytes);
-if(r){ cout << "AES error, code " << r << endl;
-       exit(-1);}
-char* out=new char[len];
-r=aes.padDecrypt((unsigned char*)data.data(),data.size(),(unsigned char*)out);
-if(r!=len){ cout << "AES error in SecString::getString(), r!=length, r=" << r << endl;
-       	       exit(-1);}
-str=QString::fromUtf8(out,len);
-overwrite(out,len);
-delete [] out;
-}
+void SecString::lock(){
+locked=true;
+overwrite(plain);
+plain=QString();
 }

-QString& SecString::getString(){
-getString(plaintext);
-return plaintext;
+void SecString::unlock(){
+locked=false;
+plain=QString();
+if(!crypt.length()){return;}
+const unsigned char* buffer=new unsigned char[crypt.length()];
+SecString::RC4.decrypt((byte*)crypt.data(),(unsigned char*)buffer,crypt.length());
+plain=QString::fromUtf8((const char*)buffer,crypt.size());
+overwrite((unsigned char*)buffer,crypt.size());
+delete [] buffer;
 }

-void SecString::delRef(){
-overwrite(plaintext);
+
+const QString& SecString::string(){
+if(locked){
+ printf("Error in function SecString::string(): string is locked\n");
+ return QString(">SEC_STRING_ERROR<");
+}
+return plain;
 }

-void SecString::setString(QString& str,bool DelSrc){
-Rijndael aes;
-int r=aes.init(Rijndael::CBC, Rijndael::Encrypt,Key,Rijndael::Key32Bytes);
-if(r){ cout << "AES error, code " << r << endl;
-       exit(-1);}
-int il=str.length();
-char* input=new char[il];
-char* output=new char[il+16];
-memcpy(input,str.utf8(),il);
-r=aes.padEncrypt((unsigned char*)input,il,(unsigned char*)output);
-if(r<0){ cout << "AES error, code " << r << endl;
-         exit(-1);}
-len=il;
-data=QByteArray(output,r);
-overwrite(input,il);
-delete [] input;
-if(DelSrc)overwrite(str);
+
+void SecString::setString(QString& str,bool DeleteSource){
+QByteArray StrData=str.toUtf8();
+int len=StrData.size();
+unsigned char* buffer=new unsigned char[len];
+SecString::RC4.encrypt((const unsigned char*)StrData.data(),buffer,len);
+crypt=QByteArray((const char*)buffer,len);
+overwrite(buffer,len);
+overwrite((unsigned char*)StrData.data(),len);
+delete [] buffer;
+if(DeleteSource){
+  overwrite(str);
+  str=QString();}
+lock();
 }

-void SecString::overwrite(char* str,int strlen){
+void SecString::overwrite(unsigned char* str,int strlen){
 if(strlen==0 || str==NULL)return;
-getRandomBytes(str,strlen,1,false);
+for(int i=0; i<strlen; i++){
+	str[i]=0;
+}
 }

 void SecString::overwrite(QString &str){
 if(str.length()==0)return;
-char* tmp=new char[str.length()];
-getRandomBytes(tmp,str.length(),1,false);
-str=tmp;
-delete [] tmp;
+for(int i=0; i<str.length(); i++){
+	((char*)str.data())[i]=0;
+}
 }

-int SecString::length(){
-return len;
-}

 void SecString::generateSessionKey(){
-getRandomBytes(Key,32,1,false);
-}
-
+CArcFour arc;
+unsigned char* sessionkey=new unsigned char[32];
+getRandomBytes(sessionkey,32,1,false);
+RC4.setKey(sessionkey,32);
+delete [] sessionkey;
+}
--- a/src/lib/SecString.h
+++ b/src/lib/SecString.h
@@ -23,28 +23,29 @@
 #include <QByteArray>
 #include <qstring.h>
 #include <qglobal.h>
-#include "crypto/rijndael.h"
+#include "crypto/arcfour.h"

 class SecString{
 public:
- SecString(unsigned char* key);
 SecString();
 ~SecString();
-
- void getString(QString& str);
- QString& getString();
 void setString(QString& str, bool DelSrc=false);
- void delRef();
- static void overwrite(char* str,int len);
- static void overwrite(QString& str);
+ void lock();
+ void unlock();
+ const QString& string();
+ operator QString();
 int length();
+
+ static void overwrite(unsigned char* str,int len);
+ static void overwrite(QString& str);
 static void generateSessionKey();

 private:
- static Q_UINT8 Key[32];
- QString plaintext;
- QByteArray data;
- int len;
+ bool locked;
+ static CArcFour RC4;
+ QByteArray crypt;
+ QString plain;
+
 };