int UtlCryptoKeyRsa::importFromFile(const char* pFilename) { // Make sure we don't leave any previous keys hanging around clearKey(); FILE *pFile = fopen(pFilename, "rt"); if (!pFile) return -1; // First try to read a public key mpRsa = PEM_read_RSA_PUBKEY(pFile, 0, 0, 0); if (mpRsa) setKeyType(KEY_PUBLIC); else { // If that failed, try to read a private key fseek(pFile, 0, SEEK_SET); mpRsa = PEM_read_RSAPrivateKey(pFile, 0, 0, 0); if (mpRsa) setKeyType(KEY_PRIVATE); } fclose(pFile); if (isValid()) return setLastError(0); else return -1; }
STATIC bool updateData(const SecureStorageS *storage, const unsigned char *key, const unsigned char *val) { int16_t kLen = 0, vLen = 0; unsigned char *keyStr = NULL, *valStr = NULL; htab *t = NULL; if (storage == NULL || key == NULL || val == NULL) { assert(LIB_NAME "Storage structure and key, value strings must not be NULL" && (false || Storage_TestMode)); return false; } t = storage->Data; clearKey(storage, key); if (Utils_GetCharArrayLen(key, &kLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false || Utils_GetCharArrayLen(val, &vLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false) return false; if (hadd(t, key, kLen + UTILS_STR_LEN_SIZE, val)) { Utils_CreateAndCopyUcString(&keyStr, key, kLen + UTILS_STR_LEN_SIZE); hkey(t) = keyStr; Utils_CreateAndCopyUcString(&valStr, val, vLen + UTILS_STR_LEN_SIZE); hstuff(t) = valStr; } else { printf("Internal error: item: %s must be free\n", key); return false; } return true; }
void writeDraftPositions(const PeerId &peer, const MessageCursor &cur) { if (!_working()) return; if (cur.position == 0 && cur.anchor == 0 && cur.scroll == 0) { DraftsMap::iterator i = _draftsPositionsMap.find(peer); if (i != _draftsPositionsMap.cend()) { clearKey(i.value()); _draftsPositionsMap.erase(i); _mapChanged = true; _writeMap(); } } else { DraftsMap::const_iterator i = _draftsPositionsMap.constFind(peer); if (i == _draftsPositionsMap.cend()) { i = _draftsPositionsMap.insert(peer, genKey()); _mapChanged = true; _writeMap(WriteMapFast); } QString to = _basePath + toFilePart(i.value()); EncryptedDescriptor data(sizeof(quint64) + sizeof(qint32) * 3); data.stream << quint64(peer) << qint32(cur.position) << qint32(cur.anchor) << qint32(cur.scroll); FileWriteDescriptor file(i.value()); file.writeEncrypted(data); } }
void writeDraft(const PeerId &peer, const QString &text) { if (!_working()) return; if (text.isEmpty()) { DraftsMap::iterator i = _draftsMap.find(peer); if (i != _draftsMap.cend()) { clearKey(i.value()); _draftsMap.erase(i); _mapChanged = true; _writeMap(); } _draftsNotReadMap.remove(peer); } else { DraftsMap::const_iterator i = _draftsMap.constFind(peer); if (i == _draftsMap.cend()) { i = _draftsMap.insert(peer, genKey()); _mapChanged = true; _writeMap(WriteMapFast); } QString to = _basePath + toFilePart(i.value()); EncryptedDescriptor data(sizeof(quint64) + sizeof(quint32) + text.size() * sizeof(QChar)); data.stream << quint64(peer) << text; FileWriteDescriptor file(i.value()); file.writeEncrypted(data); _draftsNotReadMap.remove(peer); } }
void Keys::clear(void) { memset( data, 0, sizeof(KeysShared) ); clearKey(); filler.state = KeysFillerStateSecurity; filler.index = 0; }
bool SecureStorage_RemoveItem(const SecureStorageS *storage, const unsigned char *sKey, int16_t keyLen) { int16_t saltLen = 0; bool ret = false, ret1 = false; unsigned char *caEncKey = NULL, *rKey = NULL, *caKey = NULL; unsigned char cahKey[SHA256_LEN + UTILS_STR_LEN_SIZE + 1]; if (storage == NULL || sKey == NULL) { snprintf(errStr, sizeof(errStr), "SecureStorage_RemoveItem: Storage and key must not be NULL"); return false; } if (keyLen <= 0) { snprintf(errStr, sizeof(errStr), "SecureStorage_RemoveItem: key len %d must be positives\n", keyLen); return false; } if (READABLE_STORAGE == true) saltLen = 0; else if (Utils_GetCharArrayLen(storage->caSalt, &saltLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false) return false; if (generateAlignedCharAray(sKey, keyLen, storage->caSalt, saltLen, &caKey) == false) return false; if (isLengthValid(caKey, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN - 1) == false || getRandomFromKey(storage, caKey, cahKey, &rKey) == false) { Utils_Free(caKey); return false; } ret1 = clearKey(storage, cahKey); if (ret1 == false) { // continue to try to remove the "real" key value snprintf(errStr, sizeof(errStr), "Error: key for random '%s' was not found", cahKey); } ret = encrypt(caKey, rKey, storage->caSecret, &caEncKey); Utils_Free(rKey); if (ret == false) { Utils_Free(caKey); return false; } if (clearKey(storage, caEncKey) == false) { Utils_Free(caEncKey); snprintf(errStr, sizeof(errStr), "Error: key '%s' was not found", caKey); return false; } Utils_Free(caKey); Utils_Free(caEncKey); return ret1; }
SNAPHashTable::SNAPHashTable( unsigned i_tableSize, unsigned i_keySizeInBytes, unsigned i_valueSizeInBytes, unsigned i_valueCount, _uint64 i_invalidValueValue) /*++ Routine Description: Constructor for a new, empty closed hash table. Arguments: tableSize - How many slots should the table have. --*/ { keySizeInBytes = i_keySizeInBytes; valueSizeInBytes = i_valueSizeInBytes; valueCount = i_valueCount; invalidValueValue = i_invalidValueValue; elementSize = keySizeInBytes + valueSizeInBytes * valueCount; tableSize = i_tableSize; usedElementCount = 0; Table = NULL; if (tableSize <= 0) { tableSize = 0; return; } Table = BigAlloc(tableSize * elementSize); ownsMemoryForTable = true; // // Run through the table and set all of the first values to invalidValueValue, which means // unused. // for (unsigned i = 0; i < tableSize; i++) { void *entry = getEntry(i); _ASSERT(entry >= Table && entry <= (char *)Table + tableSize * elementSize); clearKey(entry); memcpy(getEntry(i), &invalidValueValue, valueSizeInBytes); } }
void ClearManager::onStart() { while (true) { int task = 0; bool result = false; StorageMap images; { QMutexLocker lock(&data->mutex); if (data->tasks.isEmpty()) { data->working = false; break; } task = data->tasks.at(0); images = data->images; } switch (task) { case ClearManagerAll: result = (QDir(cTempDir()).removeRecursively() && QDir(_basePath).removeRecursively()); break; case ClearManagerDownloads: result = QDir(cTempDir()).removeRecursively(); break; case ClearManagerImages: for (StorageMap::const_iterator i = images.cbegin(), e = images.cend(); i != e; ++i) { clearKey(i.value().first, false); } result = true; break; } { QMutexLocker lock(&data->mutex); if (data->tasks.at(0) == task) { data->tasks.pop_front(); if (data->tasks.isEmpty()) { data->working = false; } } if (result) { emit succeed(task, data->working ? 0 : this); } else { emit failed(task, data->working ? 0 : this); } if (!data->working) break; } } }
MessageCursor readDraftPositions(const PeerId &peer) { DraftsMap::iterator j = _draftsPositionsMap.find(peer); if (j == _draftsPositionsMap.cend()) { return MessageCursor(); } FileReadDescriptor draft; if (!readEncryptedFile(draft, toFilePart(j.value()))) { clearKey(j.value()); _draftsPositionsMap.erase(j); return MessageCursor(); } quint64 draftPeer; qint32 curPosition, curAnchor, curScroll; draft.stream >> draftPeer >> curPosition >> curAnchor >> curScroll; return (draftPeer == peer) ? MessageCursor(curPosition, curAnchor, curScroll) : MessageCursor(); }
int UtlCryptoKeyRsa::generateKey() { // Make sure we don't leave any previous keys hanging around clearKey(); int numKeyBits = 2048; unsigned long keyExponent = 65537; mpRsa = RSA_generate_key(numKeyBits, keyExponent, NULL, 0); if (mpRsa) { setKeyType(KEY_PRIVATE); return setLastError(0); } else { return setLastError(ERR_get_error()); } }
QString readDraft(const PeerId &peer) { if (!_draftsNotReadMap.remove(peer)) return QString(); DraftsMap::iterator j = _draftsMap.find(peer); if (j == _draftsMap.cend()) { return QString(); } FileReadDescriptor draft; if (!readEncryptedFile(draft, toFilePart(j.value()))) { clearKey(j.value()); _draftsMap.erase(j); return QString(); } quint64 draftPeer; QString draftText; draft.stream >> draftPeer >> draftText; return (draftPeer == peer) ? draftText : QString(); }
StorageImageSaved readImage(const StorageKey &location) { StorageMap::iterator j = _storageMap.find(location); if (j == _storageMap.cend()) { return StorageImageSaved(); } FileReadDescriptor draft; if (!readEncryptedFile(draft, toFilePart(j.value().first), false)) { clearKey(j.value().first, false); _storageFilesSize -= j.value().second; _storageMap.erase(j); return StorageImageSaved(); } QByteArray imageData; quint64 locFirst, locSecond; quint32 imageType; draft.stream >> locFirst >> locSecond >> imageType >> imageData; return (locFirst == location.first && locSecond == location.second) ? StorageImageSaved(imageType, imageData) : StorageImageSaved(); }
void AccountModifyDlg::init() { //connect(pa->psi(), SIGNAL(pgpToggled(bool)), SLOT(pgpToggled(bool))); if (pa) pa->dialogRegister(this); setWindowTitle(CAP(caption())); #ifndef Q_WS_MAC setWindowIcon(IconsetFactory::icon("psi/account").icon()); #endif le_pass->setEnabled(true); le_host->setEnabled(false); lb_host->setEnabled(false); le_port->setEnabled(false); lb_port->setEnabled(false); // FIXME: Temporarily removing security level settings ck_req_mutual->hide(); cb_security_level->hide(); lb_security_level->hide(); connect(pb_close, SIGNAL(clicked()), SLOT(reject())); connect(ck_host, SIGNAL(toggled(bool)), SLOT(hostToggled(bool))); connect(pb_key, SIGNAL(clicked()), SLOT(chooseKey())); connect(pb_keyclear, SIGNAL(clicked()), SLOT(clearKey())); connect(pb_save, SIGNAL(clicked()), SLOT(save())); connect(ck_automatic_resource, SIGNAL(toggled(bool)), le_resource, SLOT(setDisabled(bool))); connect(ck_automatic_resource, SIGNAL(toggled(bool)), lb_resource, SLOT(setDisabled(bool))); gb_pgp->setEnabled(false); if (pa) { connect(pb_vcard, SIGNAL(clicked()), SLOT(detailsVCard())); connect(pb_changepw, SIGNAL(clicked()), SLOT(detailsChangePW())); } else { pb_vcard->setEnabled(false); pb_changepw->setEnabled(false); } // Hide the name if necessary le_name->setText(acc.name); le_jid->setText(JIDUtil::accountToString(acc.jid,false)); cb_ssl->addItem(tr("Always"),UserAccount::SSL_Yes); cb_ssl->addItem(tr("When available"),UserAccount::SSL_Auto); cb_ssl->addItem(tr("Never"), UserAccount::SSL_No); cb_ssl->addItem(tr("Legacy SSL"), UserAccount::SSL_Legacy); cb_ssl->setCurrentIndex(cb_ssl->findData(acc.ssl)); connect(cb_ssl, SIGNAL(activated(int)), SLOT(sslActivated(int))); cb_plain->addItem(tr("Always"),ClientStream::AllowPlain); cb_plain->addItem(tr("Over encrypted connection"), ClientStream::AllowPlainOverTLS); cb_plain->addItem(tr("Never"), ClientStream::NoAllowPlain); cb_plain->setCurrentIndex(cb_plain->findData(acc.allow_plain)); if (acc.opt_pass) le_pass->setText(acc.pass); ck_host->setChecked(acc.opt_host); le_host->setText(acc.host); le_port->setText(QString::number(acc.port)); ck_req_mutual->setChecked(acc.req_mutual_auth); ck_legacy_ssl_probe->setChecked(acc.legacy_ssl_probe); ck_automatic_resource->setChecked(acc.opt_automatic_resource); le_resource->setText(acc.resource); le_priority->setText(QString::number(acc.priority)); connect(ck_custom_auth,SIGNAL(toggled(bool)), lb_authid, SLOT(setEnabled(bool))); connect(ck_custom_auth,SIGNAL(toggled(bool)), le_authid, SLOT(setEnabled(bool))); connect(ck_custom_auth,SIGNAL(toggled(bool)), lb_realm, SLOT(setEnabled(bool))); connect(ck_custom_auth,SIGNAL(toggled(bool)), le_realm, SLOT(setEnabled(bool))); ck_custom_auth->setChecked(acc.customAuth); le_authid->setText(acc.authid); le_realm->setText(acc.realm); ck_compress->setChecked(acc.opt_compress); ck_auto->setChecked(acc.opt_auto); ck_reconn->setChecked(acc.opt_reconn); ck_connectAfterSleep->setChecked(acc.opt_connectAfterSleep); ck_log->setChecked(acc.opt_log); ck_keepAlive->setChecked(acc.opt_keepAlive); le_dtProxy->setText(acc.dtProxy.full()); le_stunHost->setText(acc.stunHost); le_stunPort->setText(QString::number(acc.stunPort)); key = acc.pgpSecretKey; updateUserID(); PGPUtil::instance().clearPGPAvailableCache(); if(PGPUtil::instance().pgpAvailable()) { gb_pgp->setEnabled(true); } pc = psi->proxy()->createProxyChooser(tab_connection); replaceWidget(lb_proxychooser, pc); pc->setCurrentItem(acc.proxyID); // Security level cb_security_level->addItem(tr("None"),QCA::SL_None); cb_security_level->addItem(tr("Integrity"),QCA::SL_Integrity); cb_security_level->addItem(tr("Baseline"),QCA::SL_Baseline); cb_security_level->addItem(tr("High"),QCA::SL_High); cb_security_level->addItem(tr("Highest"),QCA::SL_Highest); cb_security_level->setCurrentIndex(cb_security_level->findData(acc.security_level)); // Name if(le_name->text().isEmpty()) le_name->setFocus(); else if(le_jid->text().isEmpty()) le_jid->setFocus(); else pb_save->setFocus(); // Privacy privacyInitialized = false; lb_customPrivacy->hide(); privacyBlockedModel.setSourceModel(&privacyModel); lv_blocked->setModel(&privacyBlockedModel); if (pa) { connect(pa->privacyManager(),SIGNAL(defaultListAvailable(const PrivacyList&)),SLOT(updateBlockedContacts(const PrivacyList&))); connect(pa->privacyManager(),SIGNAL(defaultListError()),SLOT(getDefaultList_error())); connect(pa->privacyManager(),SIGNAL(changeList_error()),SLOT(changeList_error())); connect(pa,SIGNAL(updatedActivity()),SLOT(updatePrivacyTab())); } connect(tab_main,SIGNAL(currentChanged(int)),SLOT(tabChanged(int))); connect(pb_privacy, SIGNAL(clicked()), SLOT(privacyClicked())); connect(pb_removeBlock, SIGNAL(clicked()), SLOT(removeBlockClicked())); connect(pb_addBlock, SIGNAL(clicked()), SLOT(addBlockClicked())); // FIXME: Temporarily disabling blocking pb_removeBlock->hide(); pb_addBlock->hide(); // QWhatsThis helpers cb_plain->setWhatsThis( tr("Normally, Psi logs in using the <i>digest</i> authentication " "method. Check this box to force a plain text login " "to the Jabber server. Use this option only if you have " "problems connecting with the normal login procedure, as it " "makes your connection potentially vulnerable to " "attacks.")); ck_auto->setWhatsThis( tr("Automatically login to this account on Psi startup. Useful if " "you have Psi automatically launched when an Internet " "connection is detected.")); ck_connectAfterSleep->setWhatsThis( tr("Makes Psi try to connect when the computer resumes " "after a sleep.")); ck_reconn->setWhatsThis( tr("Makes Psi try to reconnect if the connection was broken. " "Useful, if you have an unstable connection and have to " "reconnect often.")); ck_log->setWhatsThis( tr("Keep a log of message history. Disable this " "option if you want to conserve disk space or if you need " "maximum security.")); ck_keepAlive->setWhatsThis( tr("Sends so called \"Keep-alive\" packets periodically. " "It is useful if your connection is set to be " "automatically disconnected after a certain period of " "inactivity (for example, by your ISP) and you want to keep it " "up all the time.")); cb_ssl->setWhatsThis( tr("Check this option to use an encrypted SSL connection to " "the Jabber server. You may use this option if your " "server supports it and if you have the necessary QCA-OpenSSL " "plugin installed. For more information, check the " "Psi homepage.")); ck_compress->setWhatsThis( tr("Check this option to use a compressed connection to " "the Jabber server, if the server supports it.")); ck_host->setWhatsThis( tr("Use this option for manual configuration of your Jabber host " "if it is not the same as the host you are connecting to. This option is mostly useful " "if you have some sort of proxy route on your " "local machine (i.e. you connect to localhost), but your " "account is registered on an external server.")); le_resource->setWhatsThis( tr("You can have multiple clients connected to the Jabber server " "with your single account. Each login is distinguished by a \"resource\" " "name, which you can specify in this field.")); ck_custom_auth->setWhatsThis( tr("This option sets the user (and realm) you want to " "authenticate as. This overrides the Jabber ID you are logging in " "as.")); le_priority->setWhatsThis( tr("<p>You can have multiple clients connected to the Jabber " "server with your single account. In such a situation, " "the client with the highest priority (that is specified in " "this field) will be the one that will receive " "all incoming events.</p>" "<p>For example, if you have a permanent connection " "to the Internet at your work location, and have a dial-up at home, " "you can have your Jabber client permanently running at work " "with a low priority, and you can still use the same account " "from home, using a client with higher priority to " "temporary \"disable\" the lower priority client at work.</p>")); // Hiding of UI components if ((!pa && acc.name.isEmpty()) || PsiOptions::instance()->getOption("options.ui.account.single").toBool()) { le_name->hide(); lb_name->hide(); } if (!PsiOptions::instance()->getOption("options.account.domain").toString().isEmpty()) { lb_example->hide(); lb_jid->setText(tr("Username:"******"options.pgp.enable").toBool()) { gb_pgp->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.privacy.show").toBool()) tab_main->removeTab(tab_main->indexOf(tab_privacy)); if (!PsiOptions::instance()->getOption("options.ui.account.proxy.show").toBool()) { lb_proxy->hide(); lb_proxychooser->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.manual-host").toBool()) { ck_host->hide(); lb_host->hide(); le_host->hide(); lb_port->hide(); le_port->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.keepalive").toBool()) ck_keepAlive->hide(); if (!PsiOptions::instance()->getOption("options.ui.account.legacy-ssl-probe").toBool()) ck_legacy_ssl_probe->hide(); if (!PsiOptions::instance()->getOption("options.ui.account.security.show").toBool()) { lb_plain->hide(); cb_plain->hide(); ck_req_mutual->hide(); lb_security_level->hide(); cb_security_level->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.security.show").toBool() && !PsiOptions::instance()->getOption("options.ui.account.legacy-ssl-probe").toBool() && !PsiOptions::instance()->getOption("options.ui.account.keepalive").toBool() && !PsiOptions::instance()->getOption("options.ui.account.manual-host").toBool() && !PsiOptions::instance()->getOption("options.ui.account.proxy.show").toBool()) { tab_main->removeTab(tab_main->indexOf(tab_connection)); } if (!PsiOptions::instance()->getOption("options.ui.account.resource").toBool()) { ck_automatic_resource->hide(); lb_resource->hide(); le_resource->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.custom-authid").toBool()) { ck_custom_auth->hide(); lb_authid->hide(); le_authid->hide(); lb_realm->hide(); le_realm->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.priority").toBool()) { lb_priority->hide(); le_priority->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.data-proxy").toBool()) { lb_dtProxy->hide(); le_dtProxy->hide(); } if (!PsiOptions::instance()->getOption("options.ui.account.resource").toBool() && !PsiOptions::instance()->getOption("options.ui.account.priority").toBool() && !PsiOptions::instance()->getOption("options.ui.account.data-proxy").toBool()) { tab_main->removeTab(tab_main->indexOf(tab_misc)); } resize(minimumSizeHint()); }
UtlCryptoKeyRsa::~UtlCryptoKeyRsa() { clearKey(); }
void tKeyPair::clear(){ clearKey(); clearValue(); }
void tKeyPair::setKey(const char *s){ clearKey(); if (s == NULL) return; key_ = new char[strlen(s)+1]; strcpy(key_,s); }