Search in sources :

Example 1 with PwDbHeaderV3

use of com.keepassdroid.database.PwDbHeaderV3 in project KeePassDX by Kunzisoft.

the class PwManagerOutputTest method testHeader.

public void testHeader() throws PwDbOutputException, IOException {
    ByteArrayOutputStream bActual = new ByteArrayOutputStream();
    PwDbV3Output pActual = new PwDbV3OutputDebug(mPM, bActual, true);
    PwDbHeaderV3 header = pActual.outputHeader(bActual);
    ByteArrayOutputStream bExpected = new ByteArrayOutputStream();
    PwDbHeaderOutputV3 outExpected = new PwDbHeaderOutputV3(mPM.dbHeader, bExpected);
    outExpected.output();
    assertHeadersEquals(mPM.dbHeader, header);
    assertTrue("No output", bActual.toByteArray().length > 0);
    assertArrayEquals("Header does not match.", bExpected.toByteArray(), bActual.toByteArray());
}
Also used : PwDbV3Output(com.keepassdroid.database.save.PwDbV3Output) PwDbHeaderV3(com.keepassdroid.database.PwDbHeaderV3) ByteArrayOutputStream(java.io.ByteArrayOutputStream) PwDbV3OutputDebug(com.keepassdroid.database.save.PwDbV3OutputDebug) PwDbHeaderOutputV3(com.keepassdroid.database.save.PwDbHeaderOutputV3)

Example 2 with PwDbHeaderV3

use of com.keepassdroid.database.PwDbHeaderV3 in project KeePassDX by Kunzisoft.

the class PwDbV3Output method outputHeader.

public PwDbHeaderV3 outputHeader(OutputStream os) throws PwDbOutputException {
    // Build header
    PwDbHeaderV3 header = new PwDbHeaderV3();
    header.signature1 = PwDbHeader.PWM_DBSIG_1;
    header.signature2 = PwDbHeaderV3.DBSIG_2;
    header.flags = PwDbHeaderV3.FLAG_SHA2;
    if (mPM.getEncAlgorithm() == PwEncryptionAlgorithm.Rjindal) {
        header.flags |= PwDbHeaderV3.FLAG_RIJNDAEL;
    } else if (mPM.getEncAlgorithm() == PwEncryptionAlgorithm.Twofish) {
        header.flags |= PwDbHeaderV3.FLAG_TWOFISH;
    } else {
        throw new PwDbOutputException("Unsupported algorithm.");
    }
    header.version = PwDbHeaderV3.DBVER_DW;
    header.numGroups = mPM.getGroups().size();
    header.numEntries = mPM.entries.size();
    header.numKeyEncRounds = mPM.getNumKeyEncRecords();
    setIVs(header);
    // Content checksum
    MessageDigest md = null;
    try {
        md = MessageDigest.getInstance("SHA-256");
    } catch (NoSuchAlgorithmException e) {
        throw new PwDbOutputException("SHA-256 not implemented here.");
    }
    // Header checksum
    MessageDigest headerDigest;
    try {
        headerDigest = MessageDigest.getInstance("SHA-256");
    } catch (NoSuchAlgorithmException e) {
        throw new PwDbOutputException("SHA-256 not implemented here.");
    }
    NullOutputStream nos;
    nos = new NullOutputStream();
    DigestOutputStream headerDos = new DigestOutputStream(nos, headerDigest);
    // Output header for the purpose of calculating the header checksum
    PwDbHeaderOutputV3 pho = new PwDbHeaderOutputV3(header, headerDos);
    try {
        pho.outputStart();
        pho.outputEnd();
        headerDos.flush();
    } catch (IOException e) {
        throw new PwDbOutputException(e);
    }
    byte[] headerHash = headerDigest.digest();
    headerHashBlock = getHeaderHashBuffer(headerHash);
    // Output database for the purpose of calculating the content checksum
    nos = new NullOutputStream();
    DigestOutputStream dos = new DigestOutputStream(nos, md);
    BufferedOutputStream bos = new BufferedOutputStream(dos);
    try {
        outputPlanGroupAndEntries(bos);
        bos.flush();
        bos.close();
    } catch (IOException e) {
        throw new PwDbOutputException("Failed to generate checksum.");
    }
    header.contentsHash = md.digest();
    // Output header for real output, containing content hash
    pho = new PwDbHeaderOutputV3(header, os);
    try {
        pho.outputStart();
        dos.on(false);
        pho.outputContentHash();
        dos.on(true);
        pho.outputEnd();
        dos.flush();
    } catch (IOException e) {
        throw new PwDbOutputException(e);
    }
    return header;
}
Also used : PwDbOutputException(com.keepassdroid.database.exception.PwDbOutputException) DigestOutputStream(java.security.DigestOutputStream) PwDbHeaderV3(com.keepassdroid.database.PwDbHeaderV3) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) MessageDigest(java.security.MessageDigest) BufferedOutputStream(java.io.BufferedOutputStream) NullOutputStream(com.keepassdroid.stream.NullOutputStream)

Example 3 with PwDbHeaderV3

use of com.keepassdroid.database.PwDbHeaderV3 in project KeePassDX by Kunzisoft.

the class PwDbV3Output method setIVs.

@Override
protected SecureRandom setIVs(PwDbHeader header) throws PwDbOutputException {
    SecureRandom random = super.setIVs(header);
    PwDbHeaderV3 h3 = (PwDbHeaderV3) header;
    random.nextBytes(h3.transformSeed);
    return random;
}
Also used : PwDbHeaderV3(com.keepassdroid.database.PwDbHeaderV3) SecureRandom(java.security.SecureRandom)

Example 4 with PwDbHeaderV3

use of com.keepassdroid.database.PwDbHeaderV3 in project KeePassDX by Kunzisoft.

the class PwDbV3OutputDebug method setIVs.

@Override
protected SecureRandom setIVs(PwDbHeader h) throws PwDbOutputException {
    PwDbHeaderV3 header = (PwDbHeaderV3) h;
    // Reuse random values to test equivalence in debug mode
    PwDbHeaderV3 origHeader = debugDb.dbHeader;
    System.arraycopy(origHeader.encryptionIV, 0, header.encryptionIV, 0, origHeader.encryptionIV.length);
    System.arraycopy(origHeader.masterSeed, 0, header.masterSeed, 0, origHeader.masterSeed.length);
    System.arraycopy(origHeader.transformSeed, 0, header.transformSeed, 0, origHeader.transformSeed.length);
    return null;
}
Also used : PwDbHeaderV3(com.keepassdroid.database.PwDbHeaderV3)

Example 5 with PwDbHeaderV3

use of com.keepassdroid.database.PwDbHeaderV3 in project KeePassDX by Kunzisoft.

the class ImporterV3 method openDatabase.

public PwDatabaseV3 openDatabase(InputStream inStream, String password, InputStream kfIs, UpdateStatus status, long roundsFix) throws IOException, InvalidDBException {
    PwDatabaseV3 newManager;
    // Load entire file, most of it's encrypted.
    int fileSize = inStream.available();
    // Pad with a blocksize (Twofish uses 128 bits), since Android 4.3 tries to write more to the buffer
    byte[] filebuf = new byte[fileSize + 16];
    inStream.read(filebuf, 0, fileSize);
    inStream.close();
    // Parse header (unencrypted)
    if (fileSize < PwDbHeaderV3.BUF_SIZE)
        throw new IOException("File too short for header");
    PwDbHeaderV3 hdr = new PwDbHeaderV3();
    hdr.loadFromFile(filebuf, 0);
    if ((hdr.signature1 != PwDbHeader.PWM_DBSIG_1) || (hdr.signature2 != PwDbHeaderV3.DBSIG_2)) {
        throw new InvalidDBSignatureException();
    }
    if (!hdr.matchesVersion()) {
        throw new InvalidDBVersionException();
    }
    status.updateMessage(R.string.creating_db_key);
    newManager = createDB();
    newManager.setMasterKey(password, kfIs);
    // Select algorithm
    if ((hdr.flags & PwDbHeaderV3.FLAG_RIJNDAEL) != 0) {
        newManager.algorithm = PwEncryptionAlgorithm.Rjindal;
    } else if ((hdr.flags & PwDbHeaderV3.FLAG_TWOFISH) != 0) {
        newManager.algorithm = PwEncryptionAlgorithm.Twofish;
    } else {
        throw new InvalidAlgorithmException();
    }
    // Copy for testing
    newManager.copyHeader(hdr);
    newManager.numKeyEncRounds = hdr.numKeyEncRounds;
    newManager.name = "KeePass Password Manager";
    // Generate transformedMasterKey from masterKey
    newManager.makeFinalKey(hdr.masterSeed, hdr.transformSeed, newManager.numKeyEncRounds);
    status.updateMessage(R.string.decrypting_db);
    // Initialize Rijndael algorithm
    Cipher cipher;
    try {
        if (newManager.algorithm == PwEncryptionAlgorithm.Rjindal) {
            cipher = CipherFactory.getInstance("AES/CBC/PKCS5Padding");
        } else if (newManager.algorithm == PwEncryptionAlgorithm.Twofish) {
            cipher = CipherFactory.getInstance("Twofish/CBC/PKCS7PADDING");
        } else {
            throw new IOException("Encryption algorithm is not supported");
        }
    } catch (NoSuchAlgorithmException e1) {
        throw new IOException("No such algorithm");
    } catch (NoSuchPaddingException e1) {
        throw new IOException("No such pdading");
    }
    try {
        cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(newManager.finalKey, "AES"), new IvParameterSpec(hdr.encryptionIV));
    } catch (InvalidKeyException e1) {
        throw new IOException("Invalid key");
    } catch (InvalidAlgorithmParameterException e1) {
        throw new IOException("Invalid algorithm parameter.");
    }
    // Decrypt! The first bytes aren't encrypted (that's the header)
    int encryptedPartSize;
    try {
        encryptedPartSize = cipher.doFinal(filebuf, PwDbHeaderV3.BUF_SIZE, fileSize - PwDbHeaderV3.BUF_SIZE, filebuf, PwDbHeaderV3.BUF_SIZE);
    } catch (ShortBufferException e1) {
        throw new IOException("Buffer too short");
    } catch (IllegalBlockSizeException e1) {
        throw new IOException("Invalid block size");
    } catch (BadPaddingException e1) {
        throw new InvalidPasswordException();
    }
    // Copy decrypted data for testing
    newManager.copyEncrypted(filebuf, PwDbHeaderV3.BUF_SIZE, encryptedPartSize);
    MessageDigest md = null;
    try {
        md = MessageDigest.getInstance("SHA-256");
    } catch (NoSuchAlgorithmException e) {
        throw new IOException("No SHA-256 algorithm");
    }
    NullOutputStream nos = new NullOutputStream();
    DigestOutputStream dos = new DigestOutputStream(nos, md);
    dos.write(filebuf, PwDbHeaderV3.BUF_SIZE, encryptedPartSize);
    dos.close();
    byte[] hash = md.digest();
    if (!Arrays.equals(hash, hdr.contentsHash)) {
        Log.w("KeePassDroid", "Database file did not decrypt correctly. (checksum code is broken)");
        throw new InvalidPasswordException();
    }
    // Import all groups
    int pos = PwDbHeaderV3.BUF_SIZE;
    PwGroupV3 newGrp = new PwGroupV3();
    for (int i = 0; i < hdr.numGroups; ) {
        int fieldType = LEDataInputStream.readUShort(filebuf, pos);
        pos += 2;
        int fieldSize = LEDataInputStream.readInt(filebuf, pos);
        pos += 4;
        if (fieldType == 0xFFFF) {
            // End-Group record.  Save group and count it.
            newGrp.populateBlankFields(newManager);
            newManager.groups.add(newGrp);
            newGrp = new PwGroupV3();
            i++;
        } else {
            readGroupField(newManager, newGrp, fieldType, filebuf, pos);
        }
        pos += fieldSize;
    }
    // Import all entries
    PwEntryV3 newEnt = new PwEntryV3();
    for (int i = 0; i < hdr.numEntries; ) {
        int fieldType = LEDataInputStream.readUShort(filebuf, pos);
        int fieldSize = LEDataInputStream.readInt(filebuf, pos + 2);
        if (fieldType == 0xFFFF) {
            // End-Group record.  Save group and count it.
            newEnt.populateBlankFields(newManager);
            newManager.entries.add(newEnt);
            newEnt = new PwEntryV3();
            i++;
        } else {
            readEntryField(newManager, newEnt, filebuf, pos);
        }
        pos += 2 + 4 + fieldSize;
    }
    newManager.constructTree(null);
    return newManager;
}
Also used : PwEntryV3(com.keepassdroid.database.PwEntryV3) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) PwDbHeaderV3(com.keepassdroid.database.PwDbHeaderV3) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) InvalidDBSignatureException(com.keepassdroid.database.exception.InvalidDBSignatureException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) BadPaddingException(javax.crypto.BadPaddingException) InvalidKeyException(java.security.InvalidKeyException) InvalidDBVersionException(com.keepassdroid.database.exception.InvalidDBVersionException) PwDatabaseV3(com.keepassdroid.database.PwDatabaseV3) InvalidAlgorithmException(com.keepassdroid.database.exception.InvalidAlgorithmException) PwGroupV3(com.keepassdroid.database.PwGroupV3) SecretKeySpec(javax.crypto.spec.SecretKeySpec) DigestOutputStream(java.security.DigestOutputStream) ShortBufferException(javax.crypto.ShortBufferException) InvalidPasswordException(com.keepassdroid.database.exception.InvalidPasswordException) IvParameterSpec(javax.crypto.spec.IvParameterSpec) Cipher(javax.crypto.Cipher) MessageDigest(java.security.MessageDigest) NullOutputStream(com.keepassdroid.stream.NullOutputStream)

Aggregations

PwDbHeaderV3 (com.keepassdroid.database.PwDbHeaderV3)8 IOException (java.io.IOException)5 NullOutputStream (com.keepassdroid.stream.NullOutputStream)4 DigestOutputStream (java.security.DigestOutputStream)4 MessageDigest (java.security.MessageDigest)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 PwDbOutputException (com.keepassdroid.database.exception.PwDbOutputException)3 PwDatabaseV3 (com.keepassdroid.database.PwDatabaseV3)2 PwEntryV3 (com.keepassdroid.database.PwEntryV3)2 PwGroupV3 (com.keepassdroid.database.PwGroupV3)2 InvalidAlgorithmException (com.keepassdroid.database.exception.InvalidAlgorithmException)2 InvalidDBSignatureException (com.keepassdroid.database.exception.InvalidDBSignatureException)2 InvalidDBVersionException (com.keepassdroid.database.exception.InvalidDBVersionException)2 InvalidPasswordException (com.keepassdroid.database.exception.InvalidPasswordException)2 BufferedOutputStream (java.io.BufferedOutputStream)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)2 InvalidKeyException (java.security.InvalidKeyException)2 BadPaddingException (javax.crypto.BadPaddingException)2 Cipher (javax.crypto.Cipher)2