hush
/
SilentDragonLite
9
1
Fork 4
Code Issues 37 Pull Requests Projects Releases 8 Wiki Activity
Browse Source

reuse pwhash, delete plain wallet.dat after read/write

pull/167/head
DenioD 4 years ago
parent
788421f255
commit
cf7a4c08a3
2 changed files with 41 additions and 52 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 80
      src/addressbook.cpp
  2. 13
      src/connection.cpp

80
src/addressbook.cpp
View File

@ -395,40 +395,29 @@ void AddressBook::readFromStorage()
if (file.exists())
{
qDebug() << "Existiert";
QString password = DataStore::getChatDataStore()->getPassword();
int length = password.length();
char *sequence = NULL;
sequence = new char[length+1];
strncpy(sequence, password.toLocal8Bit(), length +1);
#define MESSAGE ((const unsigned char *) sequence)
#define MESSAGE_LEN length
unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES];
// Decrypt first
crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN);
QString passphraseHash = DataStore::getChatDataStore()->getPassword();
int length = passphraseHash.length();
#define PASSWORD sequence
#define KEY_LEN crypto_box_SEEDBYTES
char *sequence1 = NULL;
sequence1 = new char[length+1];
strncpy(sequence1, passphraseHash.toUtf8(), length+1);
/////////we use the Hash of the Password as Salt, not perfect but still a good solution.
#define PassphraseHashEnd ((const unsigned char *) sequence1)
#define MESSAGE_LEN length
unsigned char key[KEY_LEN];
#define PASSWORD sequence
#define KEY_LEN crypto_box_SEEDBYTES
if (crypto_pwhash
(key, sizeof key, PASSWORD, strlen(PASSWORD), hash,
crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE,
crypto_pwhash_ALG_DEFAULT) != 0) {
/* out of memory */
}
const QByteArray ba = QByteArray::fromHex(passphraseHash.toLatin1());
const unsigned char *pwHash= reinterpret_cast<const unsigned char *>(ba.constData());
FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, key);
qDebug() << "entschlüsselt";
FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, pwHash);
allLabels.clear();
file1.open(QIODevice::ReadOnly);
@ -463,7 +452,7 @@ void AddressBook::readFromStorage()
// qDebug() << "Read " << version << " Hush contacts from disk...";
file1.close();
FileEncryption::encrypt(target_encaddr_file, target_decaddr_file, key);
FileEncryption::encrypt(target_encaddr_file, target_decaddr_file, pwHash);
file1.remove();
}
else
@ -480,34 +469,21 @@ void AddressBook::writeToStorage()
// FileSystem::getInstance()->writeContactsOldFormat(AddressBook::writeableFile(), allLabels);
QString password = DataStore::getChatDataStore()->getPassword();
int length = password.length();
char *sequence = NULL;
sequence = new char[length+1];
strncpy(sequence, password.toLocal8Bit(), length +1);
#define MESSAGE ((const unsigned char *) sequence)
#define MESSAGE_LEN length
QString passphraseHash = DataStore::getChatDataStore()->getPassword();
int length = passphraseHash.length();
unsigned char hash[crypto_secretstream_xchacha20poly1305_KEYBYTES];
char *sequence1 = NULL;
sequence1 = new char[length+1];
strncpy(sequence1, passphraseHash.toUtf8(), length+1);
crypto_hash_sha256(hash,MESSAGE, MESSAGE_LEN);
#define PassphraseHashEnd ((const unsigned char *) sequence1)
#define MESSAGE_LEN length
#define PASSWORD sequence
#define KEY_LEN crypto_box_SEEDBYTES
#define KEY_LEN crypto_box_SEEDBYTES
/////////we use the Hash of the Password as Salt, not perfect but still a good solution.
unsigned char key[KEY_LEN];
if (crypto_pwhash
(key, sizeof key, PASSWORD, strlen(PASSWORD), hash,
crypto_pwhash_OPSLIMIT_SENSITIVE, crypto_pwhash_MEMLIMIT_SENSITIVE,
crypto_pwhash_ALG_DEFAULT) != 0) {
/* out of memory */
}
const QByteArray ba = QByteArray::fromHex(passphraseHash.toLatin1());
const unsigned char *pwHash= reinterpret_cast<const unsigned char *>(ba.constData());
@ -515,7 +491,7 @@ void AddressBook::writeToStorage()
QString target_encaddr_file = dir.filePath("addresslabels.dat.enc");
QString target_decaddr_file = dir.filePath("addresslabels.dat");
FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, key);
FileEncryption::decrypt(target_decaddr_file, target_encaddr_file, pwHash);
QFile file(target_decaddr_file);
file.open(QIODevice::ReadWrite | QIODevice::Truncate);
@ -538,7 +514,7 @@ void AddressBook::writeToStorage()
file.close();
FileEncryption::encrypt(target_encaddr_file, target_decaddr_file , key);
FileEncryption::encrypt(target_encaddr_file, target_decaddr_file , pwHash);
QFile file1(target_decaddr_file);
file1.remove();

13
src/connection.cpp
View File

@ -8,6 +8,16 @@
#include "../lib/silentdragonlitelib.h"
#include "precompiled.h"
#ifdef Q_OS_WIN
auto dirwalletconnection = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)).filePath("silentdragonlite/silentdragonlite-wallet.dat");
#endif
#ifdef Q_OS_MACOS
auto dirwalletconnection = QDir(QStandardPaths::writableLocation(QStandardPaths::AppDataLocation)).filePath("silentdragonlite/silentdragonlite-wallet.dat");
#endif
#ifdef Q_OS_LINUX
auto dirwalletconnection = QDir(QStandardPaths::writableLocation(QStandardPaths::HomeLocation)).filePath(".silentdragonlite/silentdragonlite-wallet.dat");
#endif
ConnectionLoader::ConnectionLoader(MainWindow* main, Controller* rpc)
{
this->main = main;
@ -152,6 +162,9 @@ void ConnectionLoader::doRPCSetConnection(Connection* conn)
rpc->setConnection(conn);
d->accept();
QTimer::singleShot(1, [=]() { delete this; });
QFile plaintextWallet(dirwalletconnection);
plaintextWallet.remove();
}
Connection* ConnectionLoader::makeConnection(std::shared_ptr<ConnectionConfig> config)

Write Preview
Loading…
Cancel
Save