pwmanager.cpp

KeePassX用于保护密码的安全

                 Rijndael::Key32Bytes, 0) != RIJNDAEL_SUCCESS){
  _ERROR
  exit(1);}

memcpy(tmp,src,32);
for(int i=0;i<rounds;i++){
 rijndael.blockEncrypt((const quint8 *)tmp, 256, (quint8 *)tmp);
}

sha256_starts(&sha2);
sha256_update(&sha2,tmp,32);
sha256_finish(&sha2,tmp);

memcpy(dst,tmp,32);
delete [] tmp;
}

bool PwDatabase::CalcMasterKeyByPassword(QString& Password){

unsigned long KeyLen, FileSize, Read;
sha256_context sha32;
char *paKey = NULL;

if(Password == QString::null) return false;

paKey = new char[Password.length() + 1];
if(paKey == NULL) return false;
strcpy(paKey, Password.toUtf8());



if(paKey == NULL) return false;

KeyLen = strlen(paKey);

if(KeyLen == 0) {
SecString::overwrite((unsigned char*)paKey,Password.length() + 1);
delete [] paKey;
return false; }

sha256_starts(&sha32);
sha256_update(&sha32,(unsigned char*) paKey, KeyLen);
sha256_finish(&sha32,MasterKey);
SecString::overwrite((unsigned char*)paKey,Password.length() + 1);
delete [] paKey;
return true;
 }


bool PwDatabase::CalcMasterKeyByFile(QString filename){

QFile file(filename);
if(file.open(QIODevice::ReadOnly) == false) return false;
unsigned long FileSize=file.size();

if(FileSize == 32){
	if(file.read((char*)MasterKey,32) != 32){
	  file.close();
	  return false;}
}
else if(FileSize == 64){
	char hex[64];
	if(file.read(hex,64) != 64){
	  file.close();
	  return false;}
	file.close();
	if(!convHexToBinaryKey(hex,(char*)MasterKey)) return false;

}
else
{
sha256_context sha32;
sha256_starts(&sha32);
unsigned char* buffer = new unsigned char[2048];
while(1)
 {
 unsigned long read=file.read((char*)buffer,2048);
 if(read == 0) break;
 sha256_update(&sha32,buffer,read);
 if(read != 2048) break;
}
sha256_finish(&sha32,MasterKey);
delete [] buffer;
}

file.close();
return true;
}


CEntry* PwDatabase::addEntry(CEntry* NewEntry){
if(Entries.size()==0){
	NewEntry->sID=0;
 	NewEntry->Uuid.generate();
}
else{
	NewEntry->sID=Entries.back().sID+1;
	NewEntry->Uuid.generate();
}
Entries.push_back(*NewEntry);
return &Entries.back();
}


CEntry* PwDatabase::addEntry(){
CEntry NewEntry;
if(Entries.size()==0){
	NewEntry.sID=0;
	NewEntry.Uuid.generate();
}
else{
	NewEntry.Uuid.generate();
 	NewEntry.sID=Entries.back().sID+1;
}
Entries.push_back(NewEntry);
return &Entries.back();
}


bool PwDatabase::CalcMasterKeyByFileAndPw(QString filename, QString& Password){
quint8* FileKey;
quint8* PasswordKey;
PasswordKey=new quint8[32];
FileKey=new quint8[32];
sha256_context sha32;
/////////////////////////
QFile file(filename);
if(file.open(QIODevice::ReadOnly) == false) return false;
unsigned long FileSize=file.size();
if(FileSize == 32){
	if(file.read((char*)FileKey,32) != 32){
	   file.close();
	   return false;}
}
else if(FileSize == 64){
	char hex[64];
	if(file.read(hex,64) != 64){
	  file.close();
	  return false;}
	file.close();
	if(!convHexToBinaryKey(hex,(char*)FileKey)){return false;}
}
else{
sha256_starts(&sha32);
unsigned char* buffer = new unsigned char[2048];
while(1)
 {
 unsigned long read=file.read((char*)buffer,2048);
 if(read == 0) break;
 sha256_update(&sha32,buffer,read);
 if(read != 2048) break;
}
sha256_finish(&sha32,FileKey);
delete [] buffer;
}
file.close();

//////////////////////

unsigned long KeyLen;
char *paKey = NULL;
if(Password == QString::null) return false;
paKey = new char[Password.length() + 1];
if(paKey == NULL) return false;
strcpy(paKey, Password.toUtf8());
if(paKey == NULL) return false;
KeyLen = strlen(paKey);
if(KeyLen == 0) {
delete [] paKey;
return false; }
sha256_starts(&sha32);
sha256_update(&sha32,(unsigned char*) paKey, KeyLen);
sha256_finish(&sha32,PasswordKey);
delete [] paKey;
////////////////////
sha256_starts(&sha32);
sha256_update(&sha32,(unsigned char*)PasswordKey,32);
sha256_update(&sha32,(unsigned char*)FileKey,32);
sha256_finish(&sha32,MasterKey);
delete[] PasswordKey;
delete[] FileKey;
}

void PwDatabase::deleteEntry(CEntry* entry){
Entries.removeAt(Entries.indexOf(*entry));
}

bool PwDatabase::IsMetaStream(CEntry& p){
if(p.BinaryData.isNull()) return false;
if(p.Additional == "") return false;
if(p.BinaryDesc != "bin-stream") return false;
if(p.Title != "Meta-Info") return false;
if(p.UserName != "SYSTEM") return false;
if(p.URL != "$") return false;
if(p.ImageID != 0) return false;
return true;
}



void PwDatabase::moveEntry(CEntry* entry,CGroup* dst){
entry->GroupID=dst->ID;
}


CEntry* PwDatabase::cloneEntry(CEntry* entry){
CEntry *Dolly=addEntry();
quint32 sid=Dolly->sID;
*Dolly=*entry;
Dolly->sID=sid;
Dolly->Uuid.generate();
return Dolly;
}


bool CGroup::ReadGroupField(quint16 FieldType, quint32 FieldSize, quint8 *pData)
{

	switch(FieldType)
	{
	case 0x0000:
		// Ignore field
		break;
	case 0x0001:
		memcpyFromLEnd32(&ID, (char*)pData);
		break;
	case 0x0002:
		//Name.fromUtf8((char*)pData);
		Name=QString::fromUtf8((char*)pData);
		break;
	case 0x0003:
		Creation=dateFromPackedStruct5(pData);
		break;
	case 0x0004:
		LastMod=dateFromPackedStruct5(pData);
		break;
	case 0x0005:
		LastAccess=dateFromPackedStruct5(pData);
		break;
	case 0x0006:
		Expire=dateFromPackedStruct5(pData);
		break;
	case 0x0007:
		memcpyFromLEnd32(&ImageID, (char*)pData);
		OldImgID=ImageID;
		break;
	case 0x0008:
		memcpyFromLEnd16(&Level, (char*)pData);
		break;
	case 0x0009:
		memcpyFromLEnd32(&Flags, (char*)pData);
		break;
	case 0xFFFF:
		break;
	default:
		return false; // Field unsupported
	}

	return true; // Field supported
}

PwDatabase::PwDatabase(){
SearchGroupID=-1;
}

void PwDatabase::newDatabase(){
	file=new QFile();
}

bool CEntry::ReadEntryField(quint16 FieldType, quint32 FieldSize, quint8 *pData){


switch(FieldType)
	{
	case 0x0000:
		// Ignore field
		break;
	case 0x0001:
		Uuid=KpxUuid(pData);
		break;
	case 0x0002:
		memcpyFromLEnd32(&GroupID, (char*)pData);
		break;
	case 0x0003:
		memcpyFromLEnd32(&ImageID, (char*)pData);
		OldImgID=ImageID;
		break;
	case 0x0004:
		Title=QString::fromUtf8((char*)pData);
		break;
	case 0x0005:
		URL=QString::fromUtf8((char*)pData);
		break;
	case 0x0006:
		UserName=QString::fromUtf8((char*)pData);
		break;
	case 0x0007:{
		QString s=QString::fromUtf8((char*)pData);
		Password.setString(s,true);
		break;}
	case 0x0008:
		Additional=QString::fromUtf8((char*)pData);
		break;
	case 0x0009:
		Creation=dateFromPackedStruct5(pData);
		break;
	case 0x000A:
		LastMod=dateFromPackedStruct5(pData);
		break;
	case 0x000B:
		LastAccess=dateFromPackedStruct5(pData);
		break;
	case 0x000C:
		Expire=dateFromPackedStruct5(pData);
		break;
	case 0x000D:
		BinaryDesc=(char*)pData;
		break;
	case 0x000E:
		if(FieldSize != 0)
			BinaryData=QByteArray((char*)pData,FieldSize);
		else
			BinaryData=QByteArray(); //=NULL
		break;
	case 0xFFFF:
		break;
	default:
		return false; // Field unsupported
	}

	return true; // Field processed
}

bool PwDatabase::closeDatabase(){
Groups.clear();
Entries.clear();
file->close();
delete file;
file=NULL;
return true;
}


bool PwDatabase::saveDatabase(){
CGroup SearchGroup;
quint32 NumGroups,NumEntries,Signature1,Signature2,Flags,Version;
quint8 TrafoRandomSeed[32];
quint8 FinalRandomSeed[16];
quint8 ContentsHash[32];
quint8 EncryptionIV[16];

Q_ASSERT(file);
if(!(file->openMode() & QIODevice::WriteOnly)){
	file->close();
}
if(!file->isOpen()){
	if(!file->open(QIODevice::ReadWrite)){
		Errors << tr("Could not open file for writing.");
		return false;
	}
}


/*	This is only a fix for a bug in the implementation of the metastream creation
	in KeePassX 0.2.1. to restore lost icons.
	It should be removed after a while.
	--------------------------------------------------*/
	for(int i=0;i<Groups.size();i++){
		if(Groups[i].ImageID<BUILTIN_ICONS)
			Groups[i].OldImgID=Groups[i].ImageID;}
	for(int i=0;i<Entries.size();i++){
		if(Entries[i].ImageID<BUILTIN_ICONS)
			Entries[i].OldImgID=Entries[i].ImageID;}
/*  --------------------------------------------------*/


unsigned int FileSize;

QList<CEntry*> MetaStreams;
for(int i=0; i<UnkownMetaStreams.size();i++){
	MetaStreams << &UnkownMetaStreams[i];
}
CEntry CustomIconsMetaStream;
createCustomIconsMetaStream(&CustomIconsMetaStream);
MetaStreams << &CustomIconsMetaStream;

FileSize=DB_HEADER_SIZE;
// Get the size of all groups (94 Byte + length of the name string)
for(int i = 0; i < Groups.size(); i++){
  FileSize += 94 + Groups[i].Name.toUtf8().length()+1;
}
// Get the size of all entries
for(int i = 0; i < Entries.size(); i++){
  FileSize	+= 134
			+Entries[i].Title.toUtf8().length()+1
			+Entries[i].UserName.toUtf8().length()+1
			+Entries[i].URL.toUtf8().length()+1
			+Entries[i].Password.length()+1
			+Entries[i].Additional.toUtf8().length()+1
			+Entries[i].BinaryDesc.toUtf8().length()+1
			+Entries[i].BinaryData.length();	
}

for(int i=0; i < MetaStreams.size(); i++){
  FileSize	+=164
			+MetaStreams[i]->Additional.toUtf8().length()+1
			+MetaStreams[i]->BinaryData.length();
}


// Round up filesize to 16-byte boundary for Rijndael/Twofish
FileSize = (FileSize + 16) - (FileSize % 16);
char* buffer=new char[FileSize+16];


Signature1 = PWM_DBSIG_1;
Signature2 = PWM_DBSIG_2;
Flags = PWM_FLAG_SHA2;