Skip to content

Commit 8126360

Browse files
solardizsolardiz
committed
KWallet format: Support partially-endianness-unbroken wallets
Fixes #5866
1 parent cb0c337 commit 8126360

File tree

1 file changed

+26
-4
lines changed

1 file changed

+26
-4
lines changed

src/kwallet_fmt_plug.c

Lines changed: 26 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -250,12 +250,12 @@ static void set_salt(void *salt)
250250
}
251251

252252
// Based on "BlowfishPersistHandler::read" in backendpersisthandler.cpp
253-
static int verify_key(unsigned char *key, int key_size)
253+
static int verify_key_body(unsigned char *key, int key_size, int not_even_wrong)
254254
{
255255
SHA_CTX ctx;
256256
BF_KEY bf_key;
257257
int sz;
258-
int i;
258+
int i, n;
259259
unsigned char testhash[20];
260260
unsigned char buffer[0x10000]; // XXX respect the stack limits!
261261
const char *t;
@@ -265,7 +265,8 @@ static int verify_key(unsigned char *key, int key_size)
265265

266266
/* Blowfish implementation in KWallet is wrong w.r.t endianness
267267
* Well, that is why we had bad_blowfish_plug.c originally ;) */
268-
alter_endianity(buffer, cur_salt->ctlen);
268+
if (!not_even_wrong)
269+
alter_endianity(buffer, cur_salt->ctlen);
269270

270271
if (cur_salt->kwallet_minor_version == 0) {
271272
BF_set_key(&bf_key, key_size, key);
@@ -280,7 +281,8 @@ static int verify_key(unsigned char *key, int key_size)
280281
BF_cbc_encrypt(buffer, buffer, cur_salt->ctlen, &bf_key, ivec, 0);
281282
}
282283

283-
alter_endianity(buffer, cur_salt->ctlen);
284+
if (!not_even_wrong)
285+
alter_endianity(buffer, cur_salt->ctlen);
284286

285287
/* verification stuff */
286288
t = (char *) buffer;
@@ -302,6 +304,17 @@ static int verify_key(unsigned char *key, int key_size)
302304
// file structure error
303305
return -1;
304306
}
307+
308+
for (i = n = 0; i < fsize && i < 52; i++)
309+
if (!t[i])
310+
n++;
311+
if (n >= 16) /* actually seen was 32 zero bytes out of 52 */
312+
return 0;
313+
314+
if (not_even_wrong)
315+
return -2;
316+
317+
/* This only works for the original wrong code, not weirder */
305318
SHA1_Init(&ctx);
306319
SHA1_Update(&ctx, t, fsize);
307320
SHA1_Final(testhash, &ctx);
@@ -316,6 +329,15 @@ static int verify_key(unsigned char *key, int key_size)
316329
return 0;
317330
}
318331

332+
static int verify_key(unsigned char *key, int key_size)
333+
{
334+
if (!verify_key_body(key, key_size, 0))
335+
return 0;
336+
if (cur_salt->kwallet_minor_version == 1 && !verify_key_body(key, key_size, 1))
337+
return 0;
338+
return -1;
339+
}
340+
319341
static int crypt_all(int *pcount, struct db_salt *salt)
320342
{
321343
const int count = *pcount;

0 commit comments

Comments
 (0)