2e8c76d0c4
NOTE: seems like merging broke the capability to read KDBX<=3. Conflicts: src/KeePassLib2Android/Collections/AutoTypeConfig.cs src/KeePassLib2Android/Collections/ProtectedBinaryDictionary.cs src/KeePassLib2Android/Collections/ProtectedStringDictionary.cs src/KeePassLib2Android/Collections/PwObjectList.cs src/KeePassLib2Android/Collections/PwObjectPool.cs src/KeePassLib2Android/Collections/StringDictionaryEx.cs src/KeePassLib2Android/Cryptography/Cipher/CipherPool.cs src/KeePassLib2Android/Cryptography/Cipher/ICipherEngine.cs src/KeePassLib2Android/Cryptography/Cipher/Salsa20Cipher.cs src/KeePassLib2Android/Cryptography/Cipher/StandardAesEngine.cs src/KeePassLib2Android/Cryptography/CryptoRandom.cs src/KeePassLib2Android/Cryptography/CryptoRandomStream.cs src/KeePassLib2Android/Cryptography/HashingStreamEx.cs src/KeePassLib2Android/Cryptography/HmacOtp.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/CharSetBasedGenerator.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/CustomPwGenerator.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/CustomPwGeneratorPool.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/PatternBasedGenerator.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/PwCharSet.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/PwGenerator.cs src/KeePassLib2Android/Cryptography/PasswordGenerator/PwProfile.cs src/KeePassLib2Android/Cryptography/PopularPasswords.cs src/KeePassLib2Android/Cryptography/QualityEstimation.cs src/KeePassLib2Android/Cryptography/SelfTest.cs src/KeePassLib2Android/Delegates/Handlers.cs src/KeePassLib2Android/Interfaces/IDeepCloneable.cs src/KeePassLib2Android/Interfaces/IStatusLogger.cs src/KeePassLib2Android/Interfaces/IStructureItem.cs src/KeePassLib2Android/Interfaces/ITimeLogger.cs src/KeePassLib2Android/Interfaces/IUIOperations.cs src/KeePassLib2Android/Interfaces/IXmlSerializerEx.cs src/KeePassLib2Android/Keys/CompositeKey.cs src/KeePassLib2Android/Keys/IUserKey.cs src/KeePassLib2Android/Keys/KcpCustomKey.cs src/KeePassLib2Android/Keys/KcpKeyFile.cs src/KeePassLib2Android/Keys/KcpPassword.cs src/KeePassLib2Android/Keys/KcpUserAccount.cs src/KeePassLib2Android/Keys/KeyProvider.cs src/KeePassLib2Android/Keys/KeyProviderPool.cs src/KeePassLib2Android/Keys/KeyValidator.cs src/KeePassLib2Android/Keys/KeyValidatorPool.cs src/KeePassLib2Android/Keys/UserKeyType.cs src/KeePassLib2Android/Native/NativeLib.cs src/KeePassLib2Android/Native/NativeMethods.cs src/KeePassLib2Android/Properties/AssemblyInfo.cs src/KeePassLib2Android/PwCustomIcon.cs src/KeePassLib2Android/PwDatabase.cs src/KeePassLib2Android/PwDefs.cs src/KeePassLib2Android/PwDeletedObject.cs src/KeePassLib2Android/PwEntry.cs src/KeePassLib2Android/PwEnums.cs src/KeePassLib2Android/PwGroup.cs src/KeePassLib2Android/PwUuid.cs src/KeePassLib2Android/Resources/KLRes.Generated.cs src/KeePassLib2Android/Security/ProtectedBinary.cs src/KeePassLib2Android/Security/ProtectedString.cs src/KeePassLib2Android/Security/XorredBuffer.cs src/KeePassLib2Android/Serialization/BinaryReaderEx.cs src/KeePassLib2Android/Serialization/FileLock.cs src/KeePassLib2Android/Serialization/FileTransactionEx.cs src/KeePassLib2Android/Serialization/HashedBlockStream.cs src/KeePassLib2Android/Serialization/IOConnection.cs src/KeePassLib2Android/Serialization/IOConnectionInfo.cs src/KeePassLib2Android/Serialization/KdbxFile.Read.Streamed.cs src/KeePassLib2Android/Serialization/KdbxFile.Read.cs src/KeePassLib2Android/Serialization/KdbxFile.Write.cs src/KeePassLib2Android/Serialization/KdbxFile.cs src/KeePassLib2Android/Serialization/OldFormatException.cs src/KeePassLib2Android/Translation/KPControlCustomization.cs src/KeePassLib2Android/Translation/KPFormCustomization.cs src/KeePassLib2Android/Translation/KPStringTable.cs src/KeePassLib2Android/Translation/KPStringTableItem.cs src/KeePassLib2Android/Translation/KPTranslation.cs src/KeePassLib2Android/Translation/KPTranslationProperties.cs src/KeePassLib2Android/Utility/AppLogEx.cs src/KeePassLib2Android/Utility/GfxUtil.cs src/KeePassLib2Android/Utility/MemUtil.cs src/KeePassLib2Android/Utility/MessageService.cs src/KeePassLib2Android/Utility/StrUtil.cs src/KeePassLib2Android/Utility/TimeUtil.cs src/KeePassLib2Android/Utility/UrlUtil.cs
163 lines
5.4 KiB
C#
163 lines
5.4 KiB
C#
/*
|
|
KeePass Password Safe - The Open-Source Password Manager
|
|
Copyright (C) 2003-2016 Dominik Reichl <dominik.reichl@t-online.de>
|
|
|
|
This program is free software; you can redistribute it and/or modify
|
|
it under the terms of the GNU General Public License as published by
|
|
the Free Software Foundation; either version 2 of the License, or
|
|
(at your option) any later version.
|
|
|
|
This program is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
GNU General Public License for more details.
|
|
|
|
You should have received a copy of the GNU General Public License
|
|
along with this program; if not, write to the Free Software
|
|
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
*/
|
|
|
|
// Implementation of the Salsa20 cipher, based on the eSTREAM submission.
|
|
|
|
|
|
using System;
|
|
using System.Collections.Generic;
|
|
using System.Diagnostics;
|
|
|
|
using KeePassLib.Utility;
|
|
|
|
namespace KeePassLib.Cryptography.Cipher
|
|
{
|
|
public sealed class Salsa20Cipher : CtrBlockCipher
|
|
{
|
|
private uint[] m_s = new uint[16]; // State
|
|
private uint[] m_x = new uint[16]; // Working buffer
|
|
|
|
private static readonly uint[] g_sigma = new uint[4] {
|
|
0x61707865, 0x3320646E, 0x79622D32, 0x6B206574
|
|
};
|
|
|
|
public override int BlockSize
|
|
{
|
|
get { return 64; }
|
|
}
|
|
|
|
public Salsa20Cipher(byte[] pbKey32, byte[] pbIV8) : base()
|
|
{
|
|
if(pbKey32 == null) throw new ArgumentNullException("pbKey32");
|
|
if(pbKey32.Length != 32) throw new ArgumentOutOfRangeException("pbKey32");
|
|
if(pbIV8 == null) throw new ArgumentNullException("pbIV8");
|
|
if(pbIV8.Length != 8) throw new ArgumentOutOfRangeException("pbIV8");
|
|
// Clear sensitive data
|
|
// Key setup
|
|
m_s[1] = MemUtil.BytesToUInt32(pbKey32, 0);
|
|
m_s[2] = MemUtil.BytesToUInt32(pbKey32, 4);
|
|
m_s[3] = MemUtil.BytesToUInt32(pbKey32, 8);
|
|
m_s[4] = MemUtil.BytesToUInt32(pbKey32, 12);
|
|
m_s[11] = MemUtil.BytesToUInt32(pbKey32, 16);
|
|
m_s[12] = MemUtil.BytesToUInt32(pbKey32, 20);
|
|
m_s[13] = MemUtil.BytesToUInt32(pbKey32, 24);
|
|
m_s[14] = MemUtil.BytesToUInt32(pbKey32, 28);
|
|
m_s[0] = g_sigma[0];
|
|
m_s[5] = g_sigma[1];
|
|
m_s[10] = g_sigma[2];
|
|
m_s[15] = g_sigma[3];
|
|
|
|
// IV setup
|
|
m_s[6] = MemUtil.BytesToUInt32(pbIV8, 0);
|
|
m_s[7] = MemUtil.BytesToUInt32(pbIV8, 4);
|
|
m_s[8] = 0; // Counter, low
|
|
m_s[9] = 0; // Counter, high
|
|
}
|
|
|
|
protected override void Dispose(bool bDisposing)
|
|
{
|
|
MemUtil.ZeroArray<uint>(m_s);
|
|
MemUtil.ZeroArray<uint>(m_x);
|
|
|
|
base.Dispose(bDisposing);
|
|
}
|
|
// Compiler/runtime might remove array bound checks after this
|
|
protected override void NextBlock(byte[] pBlock)
|
|
{
|
|
if(pBlock == null) throw new ArgumentNullException("pBlock");
|
|
if(pBlock.Length != 64) throw new ArgumentOutOfRangeException("pBlock");
|
|
|
|
// x is a local alias for the working buffer; with this,
|
|
// the compiler/runtime might remove some checks
|
|
uint[] x = m_x;
|
|
if(x == null) throw new InvalidOperationException();
|
|
if(x.Length < 16) throw new InvalidOperationException();
|
|
|
|
uint[] s = m_s;
|
|
if(s == null) throw new InvalidOperationException();
|
|
if(s.Length < 16) throw new InvalidOperationException();
|
|
|
|
Array.Copy(s, x, 16);
|
|
|
|
unchecked
|
|
{
|
|
// 10 * 8 quarter rounds = 20 rounds
|
|
for(int i = 0; i < 10; ++i) // (int i = 20; i > 0; i -= 2)
|
|
{
|
|
x[ 4] ^= MemUtil.RotateLeft32(x[ 0] + x[12], 7);
|
|
x[ 8] ^= MemUtil.RotateLeft32(x[ 4] + x[ 0], 9);
|
|
x[12] ^= MemUtil.RotateLeft32(x[ 8] + x[ 4], 13);
|
|
x[ 0] ^= MemUtil.RotateLeft32(x[12] + x[ 8], 18);
|
|
|
|
x[ 9] ^= MemUtil.RotateLeft32(x[ 5] + x[ 1], 7);
|
|
x[13] ^= MemUtil.RotateLeft32(x[ 9] + x[ 5], 9);
|
|
x[ 1] ^= MemUtil.RotateLeft32(x[13] + x[ 9], 13);
|
|
x[ 5] ^= MemUtil.RotateLeft32(x[ 1] + x[13], 18);
|
|
|
|
x[14] ^= MemUtil.RotateLeft32(x[10] + x[ 6], 7);
|
|
x[ 2] ^= MemUtil.RotateLeft32(x[14] + x[10], 9);
|
|
x[ 6] ^= MemUtil.RotateLeft32(x[ 2] + x[14], 13);
|
|
x[10] ^= MemUtil.RotateLeft32(x[ 6] + x[ 2], 18);
|
|
|
|
x[ 3] ^= MemUtil.RotateLeft32(x[15] + x[11], 7);
|
|
x[ 7] ^= MemUtil.RotateLeft32(x[ 3] + x[15], 9);
|
|
x[11] ^= MemUtil.RotateLeft32(x[ 7] + x[ 3], 13);
|
|
x[15] ^= MemUtil.RotateLeft32(x[11] + x[ 7], 18);
|
|
|
|
x[ 1] ^= MemUtil.RotateLeft32(x[ 0] + x[ 3], 7);
|
|
x[ 2] ^= MemUtil.RotateLeft32(x[ 1] + x[ 0], 9);
|
|
x[ 3] ^= MemUtil.RotateLeft32(x[ 2] + x[ 1], 13);
|
|
x[ 0] ^= MemUtil.RotateLeft32(x[ 3] + x[ 2], 18);
|
|
|
|
x[ 6] ^= MemUtil.RotateLeft32(x[ 5] + x[ 4], 7);
|
|
x[ 7] ^= MemUtil.RotateLeft32(x[ 6] + x[ 5], 9);
|
|
x[ 4] ^= MemUtil.RotateLeft32(x[ 7] + x[ 6], 13);
|
|
x[ 5] ^= MemUtil.RotateLeft32(x[ 4] + x[ 7], 18);
|
|
|
|
x[11] ^= MemUtil.RotateLeft32(x[10] + x[ 9], 7);
|
|
x[ 8] ^= MemUtil.RotateLeft32(x[11] + x[10], 9);
|
|
x[ 9] ^= MemUtil.RotateLeft32(x[ 8] + x[11], 13);
|
|
x[10] ^= MemUtil.RotateLeft32(x[ 9] + x[ 8], 18);
|
|
|
|
x[12] ^= MemUtil.RotateLeft32(x[15] + x[14], 7);
|
|
x[13] ^= MemUtil.RotateLeft32(x[12] + x[15], 9);
|
|
x[14] ^= MemUtil.RotateLeft32(x[13] + x[12], 13);
|
|
x[15] ^= MemUtil.RotateLeft32(x[14] + x[13], 18);
|
|
}
|
|
|
|
for(int i = 0; i < 16; ++i) x[i] += s[i];
|
|
|
|
for(int i = 0; i < 16; ++i)
|
|
{
|
|
int i4 = i << 2;
|
|
uint xi = x[i];
|
|
|
|
pBlock[i4] = (byte)xi;
|
|
pBlock[i4 + 1] = (byte)(xi >> 8);
|
|
pBlock[i4 + 2] = (byte)(xi >> 16);
|
|
pBlock[i4 + 3] = (byte)(xi >> 24);
|
|
}
|
|
|
|
++s[8];
|
|
if(s[8] == 0) ++s[9];
|
|
}
|
|
}
|
|
}
|
|
}
|