rixxc/KeePassDX
1
0
Fork 0
mirror of https://github.com/Kunzisoft/KeePassDX.git synced 2025-12-04 15:49:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Force twofish padding compatibility #955

Browse Source
This commit is contained in:
J-Jamet
2021-04-08 12:55:23 +02:00
parent 949905f6e2
commit 346b517c9d
4 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
app/src/main/java/com/kunzisoft/keepass/database/crypto/CipherEngine.kt
View File

@@ -36,6 +36,9 @@ abstract class CipherEngine {
return 16 return 16
} }
// Used only with padding workaround
var forcePaddingCompatibility = false
@Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class) @Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class)
abstract fun getCipher(opmode: Int, key: ByteArray, IV: ByteArray): Cipher abstract fun getCipher(opmode: Int, key: ByteArray, IV: ByteArray): Cipher

2
app/src/main/java/com/kunzisoft/keepass/database/crypto/TwofishEngine.kt
View File

@@ -30,7 +30,7 @@ class TwofishEngine : CipherEngine() {
@Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class) @Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class)
override fun getCipher(opmode: Int, key: ByteArray, IV: ByteArray): Cipher { override fun getCipher(opmode: Int, key: ByteArray, IV: ByteArray): Cipher {
return CipherFactory.getTwofish(opmode, key, IV) return CipherFactory.getTwofish(opmode, key, IV, forcePaddingCompatibility)
} }
override fun getEncryptionAlgorithm(): EncryptionAlgorithm { override fun getEncryptionAlgorithm(): EncryptionAlgorithm {

2
app/src/main/java/com/kunzisoft/keepass/database/file/input/DatabaseInputKDBX.kt
View File

@@ -151,9 +151,11 @@ class DatabaseInputKDBX(cacheDirectory: File,
val cipher: Cipher val cipher: Cipher
try { try {
engine = EncryptionAlgorithm.getFrom(mDatabase.cipherUuid).cipherEngine engine = EncryptionAlgorithm.getFrom(mDatabase.cipherUuid).cipherEngine
engine.forcePaddingCompatibility = true
mDatabase.setDataEngine(engine) mDatabase.setDataEngine(engine)
mDatabase.encryptionAlgorithm = engine.getEncryptionAlgorithm() mDatabase.encryptionAlgorithm = engine.getEncryptionAlgorithm()
cipher = engine.getCipher(Cipher.DECRYPT_MODE, mDatabase.finalKey!!, header.encryptionIV) cipher = engine.getCipher(Cipher.DECRYPT_MODE, mDatabase.finalKey!!, header.encryptionIV)
engine.forcePaddingCompatibility = false
} catch (e: Exception) { } catch (e: Exception) {
throw InvalidAlgorithmDatabaseException(e) throw InvalidAlgorithmDatabaseException(e)
} }

8
crypto/src/main/java/com/kunzisoft/encrypt/CipherFactory.kt
View File

@@ -38,8 +38,12 @@ object CipherFactory {
} }
@Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class) @Throws(NoSuchAlgorithmException::class, NoSuchPaddingException::class, InvalidKeyException::class, InvalidAlgorithmParameterException::class)
fun getTwofish(opmode: Int, key: ByteArray, IV: ByteArray): Cipher { fun getTwofish(opmode: Int, key: ByteArray, IV: ByteArray, forceCompatibility: Boolean = false): Cipher {
val cipher: Cipher = Cipher.getInstance("Twofish/CBC/PKCS7PADDING") val cipher: Cipher = if (forceCompatibility) {
Cipher.getInstance("Twofish/CBC/NoPadding")
} else {
Cipher.getInstance("Twofish/CBC/PKCS7PADDING")
}
cipher.init(opmode, SecretKeySpec(key, "AES"), IvParameterSpec(IV)) cipher.init(opmode, SecretKeySpec(key, "AES"), IvParameterSpec(IV))
return cipher return cipher
} }