int UtlCryptoKeyRsa::importFromFile(const char* pFilename)
{
// Make sure we don't leave any previous keys hanging around
clearKey();
FILE *pFile = fopen(pFilename, "rt");
if (!pFile)
return -1;
// First try to read a public key
mpRsa = PEM_read_RSA_PUBKEY(pFile, 0, 0, 0);
if (mpRsa)
setKeyType(KEY_PUBLIC);
else
{
// If that failed, try to read a private key
fseek(pFile, 0, SEEK_SET);
mpRsa = PEM_read_RSAPrivateKey(pFile, 0, 0, 0);
if (mpRsa)
setKeyType(KEY_PRIVATE);
}
fclose(pFile);
if (isValid())
return setLastError(0);
else
return -1;
}
STATIC bool updateData(const SecureStorageS *storage, const unsigned char *key, const unsigned char *val) {
int16_t kLen = 0, vLen = 0;
unsigned char *keyStr = NULL, *valStr = NULL;
htab *t = NULL;
if (storage == NULL || key == NULL || val == NULL) {
assert(LIB_NAME "Storage structure and key, value strings must not be NULL" && (false || Storage_TestMode));
return false;
}
t = storage->Data;
clearKey(storage, key);
if (Utils_GetCharArrayLen(key, &kLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false ||
Utils_GetCharArrayLen(val, &vLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false)
return false;
if (hadd(t, key, kLen + UTILS_STR_LEN_SIZE, val)) {
Utils_CreateAndCopyUcString(&keyStr, key, kLen + UTILS_STR_LEN_SIZE);
hkey(t) = keyStr;
Utils_CreateAndCopyUcString(&valStr, val, vLen + UTILS_STR_LEN_SIZE);
hstuff(t) = valStr;
} else {
printf("Internal error: item: %s must be free\n", key);
return false;
}
return true;
}
void writeDraftPositions(const PeerId &peer, const MessageCursor &cur) {
if (!_working()) return;
if (cur.position == 0 && cur.anchor == 0 && cur.scroll == 0) {
DraftsMap::iterator i = _draftsPositionsMap.find(peer);
if (i != _draftsPositionsMap.cend()) {
clearKey(i.value());
_draftsPositionsMap.erase(i);
_mapChanged = true;
_writeMap();
}
} else {
DraftsMap::const_iterator i = _draftsPositionsMap.constFind(peer);
if (i == _draftsPositionsMap.cend()) {
i = _draftsPositionsMap.insert(peer, genKey());
_mapChanged = true;
_writeMap(WriteMapFast);
}
QString to = _basePath + toFilePart(i.value());
EncryptedDescriptor data(sizeof(quint64) + sizeof(qint32) * 3);
data.stream << quint64(peer) << qint32(cur.position) << qint32(cur.anchor) << qint32(cur.scroll);
FileWriteDescriptor file(i.value());
file.writeEncrypted(data);
}
}
void writeDraft(const PeerId &peer, const QString &text) {
if (!_working()) return;
if (text.isEmpty()) {
DraftsMap::iterator i = _draftsMap.find(peer);
if (i != _draftsMap.cend()) {
clearKey(i.value());
_draftsMap.erase(i);
_mapChanged = true;
_writeMap();
}
_draftsNotReadMap.remove(peer);
} else {
DraftsMap::const_iterator i = _draftsMap.constFind(peer);
if (i == _draftsMap.cend()) {
i = _draftsMap.insert(peer, genKey());
_mapChanged = true;
_writeMap(WriteMapFast);
}
QString to = _basePath + toFilePart(i.value());
EncryptedDescriptor data(sizeof(quint64) + sizeof(quint32) + text.size() * sizeof(QChar));
data.stream << quint64(peer) << text;
FileWriteDescriptor file(i.value());
file.writeEncrypted(data);
_draftsNotReadMap.remove(peer);
}
}
void Keys::clear(void)
{
memset( data, 0, sizeof(KeysShared) );
clearKey();
filler.state = KeysFillerStateSecurity;
filler.index = 0;
}
bool SecureStorage_RemoveItem(const SecureStorageS *storage, const unsigned char *sKey, int16_t keyLen) {
int16_t saltLen = 0;
bool ret = false, ret1 = false;
unsigned char *caEncKey = NULL, *rKey = NULL, *caKey = NULL;
unsigned char cahKey[SHA256_LEN + UTILS_STR_LEN_SIZE + 1];
if (storage == NULL || sKey == NULL) {
snprintf(errStr, sizeof(errStr), "SecureStorage_RemoveItem: Storage and key must not be NULL");
return false;
}
if (keyLen <= 0) {
snprintf(errStr, sizeof(errStr), "SecureStorage_RemoveItem: key len %d must be positives\n", keyLen);
return false;
}
if (READABLE_STORAGE == true)
saltLen = 0;
else if (Utils_GetCharArrayLen(storage->caSalt, &saltLen, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN) == false)
return false;
if (generateAlignedCharAray(sKey, keyLen, storage->caSalt, saltLen, &caKey) == false) return false;
if (isLengthValid(caKey, KEY_VAL_MIN_STR_LEN, KEY_VAL_MAX_STR_LEN - 1) == false || getRandomFromKey(storage, caKey, cahKey, &rKey) == false) {
Utils_Free(caKey);
return false;
}
ret1 = clearKey(storage, cahKey);
if (ret1 == false) { // continue to try to remove the "real" key value
snprintf(errStr, sizeof(errStr), "Error: key for random '%s' was not found", cahKey);
}
ret = encrypt(caKey, rKey, storage->caSecret, &caEncKey);
Utils_Free(rKey);
if (ret == false) {
Utils_Free(caKey);
return false;
}
if (clearKey(storage, caEncKey) == false) {
Utils_Free(caEncKey);
snprintf(errStr, sizeof(errStr), "Error: key '%s' was not found", caKey);
return false;
}
Utils_Free(caKey);
Utils_Free(caEncKey);
return ret1;
}
SNAPHashTable::SNAPHashTable(
unsigned i_tableSize,
unsigned i_keySizeInBytes,
unsigned i_valueSizeInBytes,
unsigned i_valueCount,
_uint64 i_invalidValueValue)
/*++
Routine Description:
Constructor for a new, empty closed hash table.
Arguments:
tableSize - How many slots should the table have.
--*/
{
keySizeInBytes = i_keySizeInBytes;
valueSizeInBytes = i_valueSizeInBytes;
valueCount = i_valueCount;
invalidValueValue = i_invalidValueValue;
elementSize = keySizeInBytes + valueSizeInBytes * valueCount;
tableSize = i_tableSize;
usedElementCount = 0;
Table = NULL;
if (tableSize <= 0) {
tableSize = 0;
return;
}
Table = BigAlloc(tableSize * elementSize);
ownsMemoryForTable = true;
//
// Run through the table and set all of the first values to invalidValueValue, which means
// unused.
//
for (unsigned i = 0; i < tableSize; i++) {
void *entry = getEntry(i);
_ASSERT(entry >= Table && entry <= (char *)Table + tableSize * elementSize);
clearKey(entry);
memcpy(getEntry(i), &invalidValueValue, valueSizeInBytes);
}
}
void ClearManager::onStart() {
while (true) {
int task = 0;
bool result = false;
StorageMap images;
{
QMutexLocker lock(&data->mutex);
if (data->tasks.isEmpty()) {
data->working = false;
break;
}
task = data->tasks.at(0);
images = data->images;
}
switch (task) {
case ClearManagerAll:
result = (QDir(cTempDir()).removeRecursively() && QDir(_basePath).removeRecursively());
break;
case ClearManagerDownloads:
result = QDir(cTempDir()).removeRecursively();
break;
case ClearManagerImages:
for (StorageMap::const_iterator i = images.cbegin(), e = images.cend(); i != e; ++i) {
clearKey(i.value().first, false);
}
result = true;
break;
}
{
QMutexLocker lock(&data->mutex);
if (data->tasks.at(0) == task) {
data->tasks.pop_front();
if (data->tasks.isEmpty()) {
data->working = false;
}
}
if (result) {
emit succeed(task, data->working ? 0 : this);
} else {
emit failed(task, data->working ? 0 : this);
}
if (!data->working) break;
}
}
}
MessageCursor readDraftPositions(const PeerId &peer) {
DraftsMap::iterator j = _draftsPositionsMap.find(peer);
if (j == _draftsPositionsMap.cend()) {
return MessageCursor();
}
FileReadDescriptor draft;
if (!readEncryptedFile(draft, toFilePart(j.value()))) {
clearKey(j.value());
_draftsPositionsMap.erase(j);
return MessageCursor();
}
quint64 draftPeer;
qint32 curPosition, curAnchor, curScroll;
draft.stream >> draftPeer >> curPosition >> curAnchor >> curScroll;
return (draftPeer == peer) ? MessageCursor(curPosition, curAnchor, curScroll) : MessageCursor();
}
int UtlCryptoKeyRsa::generateKey()
{
// Make sure we don't leave any previous keys hanging around
clearKey();
int numKeyBits = 2048;
unsigned long keyExponent = 65537;
mpRsa = RSA_generate_key(numKeyBits, keyExponent, NULL, 0);
if (mpRsa)
{
setKeyType(KEY_PRIVATE);
return setLastError(0);
}
else
{
return setLastError(ERR_get_error());
}
}
QString readDraft(const PeerId &peer) {
if (!_draftsNotReadMap.remove(peer)) return QString();
DraftsMap::iterator j = _draftsMap.find(peer);
if (j == _draftsMap.cend()) {
return QString();
}
FileReadDescriptor draft;
if (!readEncryptedFile(draft, toFilePart(j.value()))) {
clearKey(j.value());
_draftsMap.erase(j);
return QString();
}
quint64 draftPeer;
QString draftText;
draft.stream >> draftPeer >> draftText;
return (draftPeer == peer) ? draftText : QString();
}
StorageImageSaved readImage(const StorageKey &location) {
StorageMap::iterator j = _storageMap.find(location);
if (j == _storageMap.cend()) {
return StorageImageSaved();
}
FileReadDescriptor draft;
if (!readEncryptedFile(draft, toFilePart(j.value().first), false)) {
clearKey(j.value().first, false);
_storageFilesSize -= j.value().second;
_storageMap.erase(j);
return StorageImageSaved();
}
QByteArray imageData;
quint64 locFirst, locSecond;
quint32 imageType;
draft.stream >> locFirst >> locSecond >> imageType >> imageData;
return (locFirst == location.first && locSecond == location.second) ? StorageImageSaved(imageType, imageData) : StorageImageSaved();
}
void AccountModifyDlg::init()
{
//connect(pa->psi(), SIGNAL(pgpToggled(bool)), SLOT(pgpToggled(bool)));
if (pa)
pa->dialogRegister(this);
setWindowTitle(CAP(caption()));
#ifndef Q_WS_MAC
setWindowIcon(IconsetFactory::icon("psi/account").icon());
#endif
le_pass->setEnabled(true);
le_host->setEnabled(false);
lb_host->setEnabled(false);
le_port->setEnabled(false);
lb_port->setEnabled(false);
// FIXME: Temporarily removing security level settings
ck_req_mutual->hide();
cb_security_level->hide();
lb_security_level->hide();
connect(pb_close, SIGNAL(clicked()), SLOT(reject()));
connect(ck_host, SIGNAL(toggled(bool)), SLOT(hostToggled(bool)));
connect(pb_key, SIGNAL(clicked()), SLOT(chooseKey()));
connect(pb_keyclear, SIGNAL(clicked()), SLOT(clearKey()));
connect(pb_save, SIGNAL(clicked()), SLOT(save()));
connect(ck_automatic_resource, SIGNAL(toggled(bool)), le_resource, SLOT(setDisabled(bool)));
connect(ck_automatic_resource, SIGNAL(toggled(bool)), lb_resource, SLOT(setDisabled(bool)));
gb_pgp->setEnabled(false);
if (pa) {
connect(pb_vcard, SIGNAL(clicked()), SLOT(detailsVCard()));
connect(pb_changepw, SIGNAL(clicked()), SLOT(detailsChangePW()));
}
else {
pb_vcard->setEnabled(false);
pb_changepw->setEnabled(false);
}
// Hide the name if necessary
le_name->setText(acc.name);
le_jid->setText(JIDUtil::accountToString(acc.jid,false));
cb_ssl->addItem(tr("Always"),UserAccount::SSL_Yes);
cb_ssl->addItem(tr("When available"),UserAccount::SSL_Auto);
cb_ssl->addItem(tr("Never"), UserAccount::SSL_No);
cb_ssl->addItem(tr("Legacy SSL"), UserAccount::SSL_Legacy);
cb_ssl->setCurrentIndex(cb_ssl->findData(acc.ssl));
connect(cb_ssl, SIGNAL(activated(int)), SLOT(sslActivated(int)));
cb_plain->addItem(tr("Always"),ClientStream::AllowPlain);
cb_plain->addItem(tr("Over encrypted connection"), ClientStream::AllowPlainOverTLS);
cb_plain->addItem(tr("Never"), ClientStream::NoAllowPlain);
cb_plain->setCurrentIndex(cb_plain->findData(acc.allow_plain));
if (acc.opt_pass)
le_pass->setText(acc.pass);
ck_host->setChecked(acc.opt_host);
le_host->setText(acc.host);
le_port->setText(QString::number(acc.port));
ck_req_mutual->setChecked(acc.req_mutual_auth);
ck_legacy_ssl_probe->setChecked(acc.legacy_ssl_probe);
ck_automatic_resource->setChecked(acc.opt_automatic_resource);
le_resource->setText(acc.resource);
le_priority->setText(QString::number(acc.priority));
connect(ck_custom_auth,SIGNAL(toggled(bool)), lb_authid, SLOT(setEnabled(bool)));
connect(ck_custom_auth,SIGNAL(toggled(bool)), le_authid, SLOT(setEnabled(bool)));
connect(ck_custom_auth,SIGNAL(toggled(bool)), lb_realm, SLOT(setEnabled(bool)));
connect(ck_custom_auth,SIGNAL(toggled(bool)), le_realm, SLOT(setEnabled(bool)));
ck_custom_auth->setChecked(acc.customAuth);
le_authid->setText(acc.authid);
le_realm->setText(acc.realm);
ck_compress->setChecked(acc.opt_compress);
ck_auto->setChecked(acc.opt_auto);
ck_reconn->setChecked(acc.opt_reconn);
ck_connectAfterSleep->setChecked(acc.opt_connectAfterSleep);
ck_log->setChecked(acc.opt_log);
ck_keepAlive->setChecked(acc.opt_keepAlive);
le_dtProxy->setText(acc.dtProxy.full());
le_stunHost->setText(acc.stunHost);
le_stunPort->setText(QString::number(acc.stunPort));
key = acc.pgpSecretKey;
updateUserID();
PGPUtil::instance().clearPGPAvailableCache();
if(PGPUtil::instance().pgpAvailable()) {
gb_pgp->setEnabled(true);
}
pc = psi->proxy()->createProxyChooser(tab_connection);
replaceWidget(lb_proxychooser, pc);
pc->setCurrentItem(acc.proxyID);
// Security level
cb_security_level->addItem(tr("None"),QCA::SL_None);
cb_security_level->addItem(tr("Integrity"),QCA::SL_Integrity);
cb_security_level->addItem(tr("Baseline"),QCA::SL_Baseline);
cb_security_level->addItem(tr("High"),QCA::SL_High);
cb_security_level->addItem(tr("Highest"),QCA::SL_Highest);
cb_security_level->setCurrentIndex(cb_security_level->findData(acc.security_level));
// Name
if(le_name->text().isEmpty())
le_name->setFocus();
else if(le_jid->text().isEmpty())
le_jid->setFocus();
else
pb_save->setFocus();
// Privacy
privacyInitialized = false;
lb_customPrivacy->hide();
privacyBlockedModel.setSourceModel(&privacyModel);
lv_blocked->setModel(&privacyBlockedModel);
if (pa) {
connect(pa->privacyManager(),SIGNAL(defaultListAvailable(const PrivacyList&)),SLOT(updateBlockedContacts(const PrivacyList&)));
connect(pa->privacyManager(),SIGNAL(defaultListError()),SLOT(getDefaultList_error()));
connect(pa->privacyManager(),SIGNAL(changeList_error()),SLOT(changeList_error()));
connect(pa,SIGNAL(updatedActivity()),SLOT(updatePrivacyTab()));
}
connect(tab_main,SIGNAL(currentChanged(int)),SLOT(tabChanged(int)));
connect(pb_privacy, SIGNAL(clicked()), SLOT(privacyClicked()));
connect(pb_removeBlock, SIGNAL(clicked()), SLOT(removeBlockClicked()));
connect(pb_addBlock, SIGNAL(clicked()), SLOT(addBlockClicked()));
// FIXME: Temporarily disabling blocking
pb_removeBlock->hide();
pb_addBlock->hide();
// QWhatsThis helpers
cb_plain->setWhatsThis(
tr("Normally, Psi logs in using the <i>digest</i> authentication "
"method. Check this box to force a plain text login "
"to the Jabber server. Use this option only if you have "
"problems connecting with the normal login procedure, as it "
"makes your connection potentially vulnerable to "
"attacks."));
ck_auto->setWhatsThis(
tr("Automatically login to this account on Psi startup. Useful if "
"you have Psi automatically launched when an Internet "
"connection is detected."));
ck_connectAfterSleep->setWhatsThis(
tr("Makes Psi try to connect when the computer resumes "
"after a sleep."));
ck_reconn->setWhatsThis(
tr("Makes Psi try to reconnect if the connection was broken. "
"Useful, if you have an unstable connection and have to "
"reconnect often."));
ck_log->setWhatsThis(
tr("Keep a log of message history. Disable this "
"option if you want to conserve disk space or if you need "
"maximum security."));
ck_keepAlive->setWhatsThis(
tr("Sends so called \"Keep-alive\" packets periodically. "
"It is useful if your connection is set to be "
"automatically disconnected after a certain period of "
"inactivity (for example, by your ISP) and you want to keep it "
"up all the time."));
cb_ssl->setWhatsThis(
tr("Check this option to use an encrypted SSL connection to "
"the Jabber server. You may use this option if your "
"server supports it and if you have the necessary QCA-OpenSSL "
"plugin installed. For more information, check the "
"Psi homepage."));
ck_compress->setWhatsThis(
tr("Check this option to use a compressed connection to "
"the Jabber server, if the server supports it."));
ck_host->setWhatsThis(
tr("Use this option for manual configuration of your Jabber host "
"if it is not the same as the host you are connecting to. This option is mostly useful "
"if you have some sort of proxy route on your "
"local machine (i.e. you connect to localhost), but your "
"account is registered on an external server."));
le_resource->setWhatsThis(
tr("You can have multiple clients connected to the Jabber server "
"with your single account. Each login is distinguished by a \"resource\" "
"name, which you can specify in this field."));
ck_custom_auth->setWhatsThis(
tr("This option sets the user (and realm) you want to "
"authenticate as. This overrides the Jabber ID you are logging in "
"as."));
le_priority->setWhatsThis(
tr("<p>You can have multiple clients connected to the Jabber "
"server with your single account. In such a situation, "
"the client with the highest priority (that is specified in "
"this field) will be the one that will receive "
"all incoming events.</p>"
"<p>For example, if you have a permanent connection "
"to the Internet at your work location, and have a dial-up at home, "
"you can have your Jabber client permanently running at work "
"with a low priority, and you can still use the same account "
"from home, using a client with higher priority to "
"temporary \"disable\" the lower priority client at work.</p>"));
// Hiding of UI components
if ((!pa && acc.name.isEmpty()) || PsiOptions::instance()->getOption("options.ui.account.single").toBool()) {
le_name->hide();
lb_name->hide();
}
if (!PsiOptions::instance()->getOption("options.account.domain").toString().isEmpty()) {
lb_example->hide();
lb_jid->setText(tr("Username:"******"options.pgp.enable").toBool()) {
gb_pgp->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.privacy.show").toBool())
tab_main->removeTab(tab_main->indexOf(tab_privacy));
if (!PsiOptions::instance()->getOption("options.ui.account.proxy.show").toBool()) {
lb_proxy->hide();
lb_proxychooser->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.manual-host").toBool()) {
ck_host->hide();
lb_host->hide();
le_host->hide();
lb_port->hide();
le_port->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.keepalive").toBool())
ck_keepAlive->hide();
if (!PsiOptions::instance()->getOption("options.ui.account.legacy-ssl-probe").toBool())
ck_legacy_ssl_probe->hide();
if (!PsiOptions::instance()->getOption("options.ui.account.security.show").toBool()) {
lb_plain->hide();
cb_plain->hide();
ck_req_mutual->hide();
lb_security_level->hide();
cb_security_level->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.security.show").toBool() && !PsiOptions::instance()->getOption("options.ui.account.legacy-ssl-probe").toBool() && !PsiOptions::instance()->getOption("options.ui.account.keepalive").toBool() && !PsiOptions::instance()->getOption("options.ui.account.manual-host").toBool() && !PsiOptions::instance()->getOption("options.ui.account.proxy.show").toBool()) {
tab_main->removeTab(tab_main->indexOf(tab_connection));
}
if (!PsiOptions::instance()->getOption("options.ui.account.resource").toBool()) {
ck_automatic_resource->hide();
lb_resource->hide();
le_resource->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.custom-authid").toBool()) {
ck_custom_auth->hide();
lb_authid->hide();
le_authid->hide();
lb_realm->hide();
le_realm->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.priority").toBool()) {
lb_priority->hide();
le_priority->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.data-proxy").toBool()) {
lb_dtProxy->hide();
le_dtProxy->hide();
}
if (!PsiOptions::instance()->getOption("options.ui.account.resource").toBool() && !PsiOptions::instance()->getOption("options.ui.account.priority").toBool() && !PsiOptions::instance()->getOption("options.ui.account.data-proxy").toBool()) {
tab_main->removeTab(tab_main->indexOf(tab_misc));
}
resize(minimumSizeHint());
}
UtlCryptoKeyRsa::~UtlCryptoKeyRsa()
{
clearKey();
}
void tKeyPair::clear(){
clearKey();
clearValue();
}
void tKeyPair::setKey(const char *s){
clearKey();
if (s == NULL) return;
key_ = new char[strlen(s)+1];
strcpy(key_,s);
}
