bool
Crypt::Validate(const String &password, const String &originalHash, EncryptionType iType) const
{
switch (iType)
{
case ETMD5:
{
// Salts are not used for the MD5 hashes.
HashCreator encrypter(HashCreator::MD5);
bool result = encrypter.ValidateHash(password, originalHash, false);
return result;
}
case ETSHA256:
{
// Salts are always used for the SHA256 hashes.
HashCreator encrypter(HashCreator::SHA256);
bool result = encrypter.ValidateHash(password, originalHash, true);
return result;
}
default:
{
assert(0);
}
}
return false;
}
void encrypt(char pstring[26], char cstring[26], int key)
{
int i;
//printf("\nKey at start: %d\n", key);
for(i = 0; i < 26; i++)
{
pstring[i] = reduce(pstring[i]);
//printf("%d ", pstring[i]);
}
//printf("\n");
for(i = 0; i < 26; i++)
{
cstring[i] = encrypter(key, pstring[i]);
//printf("%d ", cstring[i]);
}
//printf("\n");
for(i = 0; i < 26; i++)
{
cstring[i] = modulo(cstring[i]);
//printf("%d ", cstring[i]);
}
//printf("\n");
for(i = 0; i < 26; i++)
{
cstring[i] = enlarge(cstring[i]);
//printf("%d ", cstring[i]);
}
//printf("\n");
return;
}
String
Crypt::EnCrypt(const String &sInput,EncryptionType iType) const
{
switch (iType)
{
case ETNone:
return sInput;
case ETBlowFish:
{
if (sInput.IsEmpty())
return "";
return blow_fish_->EncryptToString(sInput);
}
case ETMD5:
{
HashCreator crypter(HashCreator::MD5);
String sResult = crypter.GenerateHashNoSalt(sInput, HashCreator::hex);
return sResult;
}
case ETSHA256:
{
HashCreator encrypter(HashCreator::SHA256);
AnsiString result = encrypter.GenerateHash(sInput, "");
return result;
}
default:
{
assert(0);
}
}
return "";
}
bool EncryptedStore::closeWrite()
{
Q_D(KOdfStore);
bool passWasAsked = false;
if (d->fileName == MANIFEST_FILE) {
m_manifestBuffer = static_cast<QBuffer*>(d->stream)->buffer();
return true;
}
// Find a password
// Do not accept empty passwords for compatibility with OOo
if (m_password.isEmpty()) {
findPasswordInKWallet();
}
while (m_password.isEmpty()) {
QPointer<KNewPasswordDialog> dlg = new KNewPasswordDialog(d->window);
dlg->setPrompt(i18n("Please enter the password to encrypt the document with."));
if (! dlg->exec()) {
// Without the first password, prevent asking again by deadsimply refusing to continue functioning
// TODO: This feels rather hackish. There should be a better way to do this.
delete m_pZip;
m_pZip = 0;
d->good = false;
delete dlg;
return false;
}
if (dlg){
m_password = QCA::SecureArray(dlg->password().toUtf8());
passWasAsked = true;
}
delete dlg;
}
// Ask the user to save the password
if (passWasAsked && KMessageBox::questionYesNo(d->window, i18n("Do you want to save the password?")) == KMessageBox::Yes) {
savePasswordInKWallet();
}
QByteArray resultData;
if (d->fileName == THUMBNAIL_FILE) {
// TODO: Replace with a generic 'encrypted'-thumbnail
resultData = static_cast<QBuffer*>(d->stream)->buffer();
} else if (!isToBeEncrypted(d->fileName)) {
resultData = static_cast<QBuffer*>(d->stream)->buffer();
} else {
m_bPasswordUsed = true;
// Build all cryptographic data
QCA::SecureArray passwordHash = QCA::Hash("sha1").hash(m_password);
QCA::Random random;
KoEncryptedStore_EncryptionData encData;
encData.initVector = random.randomArray(8);
encData.salt = random.randomArray(16);
encData.iterationCount = 1024;
QCA::SymmetricKey key = QCA::PBKDF2("sha1").makeKey(passwordHash, QCA::InitializationVector(encData.salt), 16, encData.iterationCount);
QCA::Cipher encrypter("blowfish", QCA::Cipher::CFB, QCA::Cipher::DefaultPadding, QCA::Encode, key, QCA::InitializationVector(encData.initVector));
// Get the written data
QByteArray data = static_cast<QBuffer*>(d->stream)->buffer();
encData.filesize = data.size();
// Compress the data
QBuffer compressedData;
QIODevice *compressDevice = KFilterDev::device(&compressedData, "application/x-gzip", false);
if (!compressDevice) {
return false;
}
static_cast<KFilterDev*>(compressDevice)->setSkipHeaders();
if (!compressDevice->open(QIODevice::WriteOnly)) {
delete compressDevice;
return false;
}
if (compressDevice->write(data) != data.size()) {
delete compressDevice;
return false;
}
compressDevice->close();
delete compressDevice;
encData.checksum = QCA::Hash("sha1").hash(QCA::SecureArray(compressedData.buffer()));
encData.checksumShort = false;
// Encrypt the data
QCA::SecureArray result = encrypter.update(QCA::SecureArray(compressedData.buffer()));
result += encrypter.final();
resultData = result.toByteArray();
m_encryptionData.insert(d->fileName, encData);
}
if (!m_pZip->writeData(resultData.data(), resultData.size())) {
m_pZip->finishWriting(resultData.size());
return false;
}
return m_pZip->finishWriting(resultData.size());
}
