// public void Save(string strFile, PwGroup pgDataSource, KdbxFormat format,
		//	IStatusLogger slLogger)
		// {
		//	bool bMadeUnhidden = UrlUtil.UnhideFile(strFile);
		//
		//	IOConnectionInfo ioc = IOConnectionInfo.FromPath(strFile);
		//	this.Save(IOConnection.OpenWrite(ioc), pgDataSource, format, slLogger);
		//
		//	if(bMadeUnhidden) UrlUtil.HideFile(strFile, true); // Hide again
		// }

		/// <summary>
		/// Save the contents of the current <c>PwDatabase</c> to a KDBX file.
		/// </summary>
		/// <param name="sSaveTo">Stream to write the KDBX file into.</param>
		/// <param name="pgDataSource">Group containing all groups and
		/// entries to write. If <c>null</c>, the complete database will
		/// be written.</param>
		/// <param name="format">Format of the file to create.</param>
		/// <param name="slLogger">Logger that recieves status information.</param>
		public void Save(Stream sSaveTo, PwGroup pgDataSource, KdbxFormat format,
			IStatusLogger slLogger)
		{
			Debug.Assert(sSaveTo != null);
			if(sSaveTo == null) throw new ArgumentNullException("sSaveTo");

			m_format = format;
			m_slLogger = slLogger;

			HashingStreamEx hashedStream = new HashingStreamEx(sSaveTo, true, null);

			UTF8Encoding encNoBom = StrUtil.Utf8;
			CryptoRandom cr = CryptoRandom.Instance;

			try
			{
				m_pbMasterSeed = cr.GetRandomBytes(32);
				m_pbTransformSeed = cr.GetRandomBytes(32);
				m_pbEncryptionIV = cr.GetRandomBytes(16);

				m_pbProtectedStreamKey = cr.GetRandomBytes(32);
				m_craInnerRandomStream = CrsAlgorithm.Salsa20;
				m_randomStream = new CryptoRandomStream(m_craInnerRandomStream,
					m_pbProtectedStreamKey);

				m_pbStreamStartBytes = cr.GetRandomBytes(32);

				Stream writerStream;
				if(m_format == KdbxFormat.Default)
				{
					WriteHeader(hashedStream); // Also flushes the stream

					Stream sEncrypted = AttachStreamEncryptor(hashedStream);
					if((sEncrypted == null) || (sEncrypted == hashedStream))
						throw new SecurityException(KLRes.CryptoStreamFailed);

					sEncrypted.Write(m_pbStreamStartBytes, 0, m_pbStreamStartBytes.Length);

					Stream sHashed = new HashedBlockStream(sEncrypted, true);

					if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
						writerStream = new GZipStream(sHashed, CompressionMode.Compress);
					else
						writerStream = sHashed;
				}
				else if(m_format == KdbxFormat.PlainXml)
					writerStream = hashedStream;
				else { Debug.Assert(false); throw new FormatException("KdbFormat"); }

				m_xmlWriter = new XmlTextWriter(writerStream, encNoBom);
				WriteDocument(pgDataSource);

				m_xmlWriter.Flush();
				m_xmlWriter.Close();
				writerStream.Close();
			}
			finally { CommonCleanUpWrite(sSaveTo, hashedStream); }
		}
        public override void Run()
        {
            try
            {
                IOConnectionInfo ioc = _app.GetDb().Ioc;
                IFileStorage fileStorage = _app.GetFileStorage(ioc);
                if (fileStorage is CachingFileStorage)
                {
                    throw new Exception("Cannot sync a cached database!");
                }
                StatusLogger.UpdateMessage(UiStringKey.CheckingDatabaseForChanges);

                //download file from remote location and calculate hash:
                StatusLogger.UpdateSubMessage(_app.GetResourceString(UiStringKey.DownloadingRemoteFile));

                MemoryStream remoteData = new MemoryStream();
                using (
                    HashingStreamEx hashingRemoteStream = new HashingStreamEx(fileStorage.OpenFileForRead(ioc), false,
                                                                                new SHA256Managed()))
                {
                    hashingRemoteStream.CopyTo(remoteData);
                    hashingRemoteStream.Close();

                    if (!MemUtil.ArraysEqual(_app.GetDb().KpDatabase.HashOfFileOnDisk, hashingRemoteStream.Hash))
                    {
                        _app.TriggerReload(_context);
                        Finish(true);
                    }
                    else
                    {
                        Finish(true, _app.GetResourceString(UiStringKey.RemoteDatabaseUnchanged));
                    }
                }

            }
            catch (Exception e)
            {
                Finish(false, e.Message);
            }
        }
Beispiel #3
0
        public void Save(PwDatabase kpDatabase, Stream stream)
        {
            PwDatabaseV3 db =new PwDatabaseV3();
            KcpPassword pwd = kpDatabase.MasterKey.GetUserKey<KcpPassword>();
            string password = pwd != null ? pwd.Password.ReadString() : "";
            KcpKeyFile keyfile = kpDatabase.MasterKey.GetUserKey<KcpKeyFile>();
            Stream keyfileContents = null;
            if (keyfile != null)
            {
                keyfileContents = new MemoryStream(keyfile.RawFileData.ReadData());
            }
            db.SetMasterKey(password, keyfileContents);
            db.NumRounds = (long) kpDatabase.KeyEncryptionRounds;
            db.Name = kpDatabase.Name;
            if (kpDatabase.DataCipherUuid.Equals(StandardAesEngine.AesUuid))
            {
                db.Algorithm = PwEncryptionAlgorithm.Rjindal;
            }
            else
            {
                db.Algorithm = PwEncryptionAlgorithm.Twofish;
            }

            //create groups
            db.Groups.Clear();
            var fromGroups = kpDatabase.RootGroup.GetGroups(true);
            Dictionary<int, PwGroupV3> groupV3s = new Dictionary<int, PwGroupV3>(fromGroups.Count());
            foreach (PwGroup g in fromGroups)
            {
                if (g == kpDatabase.RootGroup)
                    continue;
                PwGroupV3 groupV3 = ConvertGroup(g, db);
                db.Groups.Add(groupV3);
                groupV3s[groupV3.Id.Id] = groupV3;
            }

            //traverse again and assign parents
            db.RootGroup = ConvertGroup(kpDatabase.RootGroup, db);
            db.RootGroup.Level = -1;

            AssignParent(kpDatabase.RootGroup, db, groupV3s);

            foreach (PwEntry e in kpDatabase.RootGroup.GetEntries(true))
            {
                PwEntryV3 entryV3 = ConvertEntry(e, db);
                entryV3.Parent = groupV3s[_groupData[e.ParentGroup.Uuid].Id];
                entryV3.Parent.ChildEntries.Add(entryV3);
                entryV3.GroupId = entryV3.Parent.Id.Id;
                db.Entries.Add(entryV3);
            }

            //add meta stream entries:
            if (db.Groups.Any())
            {
                foreach (var metaEntry in _metaStreams)
                {
                    metaEntry.GroupId = db.Groups.First().Id.Id;
                    db.Entries.Add(metaEntry);
                }

            }

            HashingStreamEx hashedStream = new HashingStreamEx(stream, true, null);
            PwDbV3Output output = new PwDbV3Output(db, hashedStream);
            output.Output();
            hashedStream.Close();
            HashOfLastStream = hashedStream.Hash;

            kpDatabase.HashOfLastIO = kpDatabase.HashOfFileOnDisk = HashOfLastStream;
            stream.Close();
        }
Beispiel #4
0
        public void PopulateDatabaseFromStream(PwDatabase db, Stream s, IStatusLogger slLogger)
        {
            #if !EXCLUDE_KEYTRANSFORM
            var importer = new Com.Keepassdroid.Database.Load.ImporterV3();

            var hashingStream = new HashingStreamEx(s, false, new SHA256Managed());

            _metaStreams = new List<PwEntryV3>();

            string password = "";//no need to distinguish between null and "" because empty passwords are invalid (and null is not allowed)
            KcpPassword passwordKey = (KcpPassword)db.MasterKey.GetUserKey(typeof(KcpPassword));
            if (passwordKey != null)
            {
                password = passwordKey.Password.ReadString();
            }

            KcpKeyFile passwordKeyfile = (KcpKeyFile)db.MasterKey.GetUserKey(typeof(KcpKeyFile));
            MemoryStream keyfileStream = null;
            if (passwordKeyfile != null)
            {
                keyfileStream = new MemoryStream(passwordKeyfile.RawFileData.ReadData());
            }

            try
            {
                var dbv3 = importer.OpenDatabase(hashingStream, password, keyfileStream);

                db.Name = dbv3.Name;
                db.KeyEncryptionRounds = (ulong) dbv3.NumKeyEncRounds;
                db.RootGroup = ConvertGroup(dbv3.RootGroup);
                if (dbv3.Algorithm == PwEncryptionAlgorithm.Rjindal)
                {
                    db.DataCipherUuid = StandardAesEngine.AesUuid;
                }
                else
                {
                    db.DataCipherUuid = new PwUuid(TwofishCipher.TwofishCipherEngine.TwofishCipherUuidBytes);
                }

            }
            catch (Java.IO.FileNotFoundException e)
            {
                throw new FileNotFoundException(
                    e.Message, e);
            }
            catch (Java.Lang.Exception e)
            {
                throw new Exception(e.LocalizedMessage ??
                e.Message ??
                e.GetType().Name, e);
            }

            HashOfLastStream = hashingStream.Hash;
            if (HashOfLastStream == null)
                throw new Exception("hashing didn't work"); //todo remove
            #else
            throw new Exception("Kdb is excluded with Key transform!");
            #endif
        }
		private void CommonCleanUpRead(Stream sSource, HashingStreamEx hashedStream)
		{
			hashedStream.Close();
			m_pbHashOfFileOnDisk = hashedStream.Hash;

			sSource.Close();

			// Reset memory protection settings (to always use reasonable
			// defaults)
			m_pwDatabase.MemoryProtection = new MemoryProtectionConfig();

			// Remove old backups (this call is required here in order to apply
			// the default history maintenance settings for people upgrading from
			// KeePass <= 2.14 to >= 2.15; also it ensures history integrity in
			// case a different application has created the KDBX file and ignored
			// the history maintenance settings)
			m_pwDatabase.MaintainBackups(); // Don't mark database as modified

			m_pbHashOfHeader = null;
		}
		private void CommonCleanUpRead(Stream sSource, HashingStreamEx hashedStream)
		{
			hashedStream.Close();
			m_pbHashOfFileOnDisk = hashedStream.Hash;

			sSource.Close();
		}
Beispiel #7
0
                public override void Close()
                {
                    if (_closed) return;

                    //write file to cache:
                    //(note: this might overwrite local changes. It's assumed that a sync operation or check was performed before
                    string hash;
                    using (var hashingStream = new HashingStreamEx(File.Create(_cachingFileStorage.CachedFilePath(ioc)), true, new SHA256Managed()))
                    {
                        Position = 0;
                        CopyTo(hashingStream);

                        hashingStream.Close();
                        hash = MemUtil.ByteArrayToHexString(hashingStream.Hash);
                    }

                    File.WriteAllText(_cachingFileStorage.VersionFilePath(ioc), hash);
                    //update file on remote. This might overwrite changes there as well, see above.
                    Position = 0;
                    if (_cachingFileStorage.IsCached(ioc))
                    {
                        //if the file already is in the cache, it's ok if writing to remote fails.
                        _cachingFileStorage.TryUpdateRemoteFile(this, ioc, _useFileTransaction, hash);
                    }
                    else
                    {
                        //if not, we don't accept a failure (e.g. invalid credentials would always remain a problem)
                        _cachingFileStorage.UpdateRemoteFile(this, ioc, _useFileTransaction, hash);
                    }

                    base.Close();

                    _closed = true;
                }
Beispiel #8
0
        /// <summary>
        /// copies the file in ioc to the local cache. Updates the cache version files and returns the new file hash.
        /// </summary>
        protected string UpdateCacheFromRemote(IOConnectionInfo ioc, string cachedFilePath)
        {
            //note: we might use the file version to check if it's already in the cache and if copying is required.
            //However, this is safer.
            string fileHash;

            //open stream:
            using (Stream remoteFile = _cachedStorage.OpenFileForRead(ioc))
            {

                using (HashingStreamEx cachedFile = new HashingStreamEx(File.Create(cachedFilePath), true, new SHA256Managed()))
                {
                    remoteFile.CopyTo(cachedFile);
                    cachedFile.Close();
                    fileHash = MemUtil.ByteArrayToHexString(cachedFile.Hash);
                }
            }

            //save hash in cache files:
            File.WriteAllText(VersionFilePath(ioc), fileHash);
            File.WriteAllText(BaseVersionFilePath(ioc), fileHash);
            return fileHash;
        }
Beispiel #9
0
        private void CommonCleanUpWrite(Stream sSaveTo, HashingStreamEx hashedStream)
        {
            hashedStream.Close();
            m_pbHashOfFileOnDisk = hashedStream.Hash;

            sSaveTo.Close();

            m_xmlWriter = null;
            m_pbHashOfHeader = null;
        }
		// public void Save(string strFile, PwGroup pgDataSource, KdbxFormat fmt,
		//	IStatusLogger slLogger)
		// {
		//	bool bMadeUnhidden = UrlUtil.UnhideFile(strFile);
		//
		//	IOConnectionInfo ioc = IOConnectionInfo.FromPath(strFile);
		//	this.Save(IOConnection.OpenWrite(ioc), pgDataSource, format, slLogger);
		//
		//	if(bMadeUnhidden) UrlUtil.HideFile(strFile, true); // Hide again
		// }

		/// <summary>
		/// Save the contents of the current <c>PwDatabase</c> to a KDBX file.
		/// </summary>
		/// <param name="sSaveTo">Stream to write the KDBX file into.</param>
		/// <param name="pgDataSource">Group containing all groups and
		/// entries to write. If <c>null</c>, the complete database will
		/// be written.</param>
		/// <param name="fmt">Format of the file to create.</param>
		/// <param name="slLogger">Logger that recieves status information.</param>
		public void Save(Stream sSaveTo, PwGroup pgDataSource, KdbxFormat fmt,
			IStatusLogger slLogger)
		{
			Debug.Assert(sSaveTo != null);
			if(sSaveTo == null) throw new ArgumentNullException("sSaveTo");

			if(m_bUsedOnce)
				throw new InvalidOperationException("Do not reuse KdbxFile objects!");
			m_bUsedOnce = true;

			m_format = fmt;
			m_slLogger = slLogger;

			PwGroup pgRoot = (pgDataSource ?? m_pwDatabase.RootGroup);
			UTF8Encoding encNoBom = StrUtil.Utf8;
			CryptoRandom cr = CryptoRandom.Instance;
			byte[] pbCipherKey = null;
			byte[] pbHmacKey64 = null;

			m_pbsBinaries.Clear();
			m_pbsBinaries.AddFrom(pgRoot);

			List<Stream> lStreams = new List<Stream>();
			lStreams.Add(sSaveTo);

			HashingStreamEx sHashing = new HashingStreamEx(sSaveTo, true, null);
			lStreams.Add(sHashing);

			try
			{
				m_uFileVersion = GetMinKdbxVersion();

				int cbEncKey, cbEncIV;
				ICipherEngine iCipher = GetCipher(out cbEncKey, out cbEncIV);

				m_pbMasterSeed = cr.GetRandomBytes(32);
				m_pbEncryptionIV = cr.GetRandomBytes((uint)cbEncIV);

				// m_pbTransformSeed = cr.GetRandomBytes(32);
				PwUuid puKdf = m_pwDatabase.KdfParameters.KdfUuid;
				KdfEngine kdf = KdfPool.Get(puKdf);
				if(kdf == null)
					throw new Exception(KLRes.UnknownKdf + MessageService.NewParagraph +
						// KLRes.FileNewVerOrPlgReq + MessageService.NewParagraph +
						"UUID: " + puKdf.ToHexString() + ".");
				kdf.Randomize(m_pwDatabase.KdfParameters);

				if(m_format == KdbxFormat.Default)
				{
					if(m_uFileVersion < FileVersion32_4)
					{
						m_craInnerRandomStream = CrsAlgorithm.Salsa20;
						m_pbInnerRandomStreamKey = cr.GetRandomBytes(32);
					}
					else // KDBX >= 4
					{
						m_craInnerRandomStream = CrsAlgorithm.ChaCha20;
						m_pbInnerRandomStreamKey = cr.GetRandomBytes(64);
					}

					m_randomStream = new CryptoRandomStream(m_craInnerRandomStream,
						m_pbInnerRandomStreamKey);
				}

				if(m_uFileVersion < FileVersion32_4)
					m_pbStreamStartBytes = cr.GetRandomBytes(32);

				Stream sXml;
				if(m_format == KdbxFormat.Default)
				{
					byte[] pbHeader = GenerateHeader();
					m_pbHashOfHeader = CryptoUtil.HashSha256(pbHeader);

					MemUtil.Write(sHashing, pbHeader);
					sHashing.Flush();

					ComputeKeys(out pbCipherKey, cbEncKey, out pbHmacKey64);

					Stream sPlain;
					if(m_uFileVersion < FileVersion32_4)
					{
						Stream sEncrypted = EncryptStream(sHashing, iCipher,
							pbCipherKey, cbEncIV, true);
						if((sEncrypted == null) || (sEncrypted == sHashing))
							throw new SecurityException(KLRes.CryptoStreamFailed);
						lStreams.Add(sEncrypted);

						MemUtil.Write(sEncrypted, m_pbStreamStartBytes);

						sPlain = new HashedBlockStream(sEncrypted, true);
					}
					else // KDBX >= 4
					{
						// For integrity checking (without knowing the master key)
						MemUtil.Write(sHashing, m_pbHashOfHeader);

						byte[] pbHeaderHmac = ComputeHeaderHmac(pbHeader, pbHmacKey64);
						MemUtil.Write(sHashing, pbHeaderHmac);

						Stream sBlocks = new HmacBlockStream(sHashing, true,
							true, pbHmacKey64);
						lStreams.Add(sBlocks);

						sPlain = EncryptStream(sBlocks, iCipher, pbCipherKey,
							cbEncIV, true);
						if((sPlain == null) || (sPlain == sBlocks))
							throw new SecurityException(KLRes.CryptoStreamFailed);
					}
					lStreams.Add(sPlain);

					if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
					{
						sXml = new GZipStream(sPlain, CompressionMode.Compress);
						lStreams.Add(sXml);
					}
					else sXml = sPlain;

					if(m_uFileVersion >= FileVersion32_4)
						WriteInnerHeader(sXml); // Binary header before XML
				}
				else if(m_format == KdbxFormat.PlainXml)
					sXml = sHashing;
				else
				{
					Debug.Assert(false);
					throw new ArgumentOutOfRangeException("fmt");
				}

#if KeePassUAP
				XmlWriterSettings xws = new XmlWriterSettings();
				xws.Encoding = encNoBom;
				xws.Indent = true;
				xws.IndentChars = "\t";
				xws.NewLineOnAttributes = false;

				XmlWriter xw = XmlWriter.Create(sXml, xws);
#else
				XmlTextWriter xw = new XmlTextWriter(sXml, encNoBom);

				xw.Formatting = Formatting.Indented;
				xw.IndentChar = '\t';
				xw.Indentation = 1;
#endif
				m_xmlWriter = xw;

				WriteDocument(pgRoot);

				m_xmlWriter.Flush();
				m_xmlWriter.Close();
			}
			finally
			{
				if(pbCipherKey != null) MemUtil.ZeroByteArray(pbCipherKey);
				if(pbHmacKey64 != null) MemUtil.ZeroByteArray(pbHmacKey64);

				CommonCleanUpWrite(lStreams, sHashing);
			}
		}
		private void CommonCleanUpWrite(List<Stream> lStreams, HashingStreamEx sHashing)
		{
			CloseStreams(lStreams);

			Debug.Assert(lStreams.Contains(sHashing)); // sHashing must be closed
			m_pbHashOfFileOnDisk = sHashing.Hash;
			Debug.Assert(m_pbHashOfFileOnDisk != null);

			CleanUpInnerRandomStream();

			m_xmlWriter = null;
			m_pbHashOfHeader = null;
		}
Beispiel #12
0
        /// <summary>
        /// Load a KDB file from a stream.
        /// </summary>
        /// <param name="sSource">Stream to read the data from. Must contain
        /// a KDBX stream.</param>
        /// <param name="kdbFormat">Format specifier.</param>
        /// <param name="slLogger">Status logger (optional).</param>
        public void Load(Stream sSource, KdbxFormat kdbFormat, IStatusLogger slLogger)
        {
            Debug.Assert(sSource != null);
            if(sSource == null) throw new ArgumentNullException("sSource");

            m_format = kdbFormat;
            m_slLogger = slLogger;

            HashingStreamEx hashedStream = new HashingStreamEx(sSource, false, null);

            UTF8Encoding encNoBom = StrUtil.Utf8;
            try
            {
                BinaryReaderEx br = null;
                BinaryReaderEx brDecrypted = null;
                Stream readerStream = null;

                if(kdbFormat == KdbxFormat.Default || kdbFormat == KdbxFormat.ProtocolBuffers)
                {
                    br = new BinaryReaderEx(hashedStream, encNoBom, KLRes.FileCorrupted);
                    ReadHeader(br);

                    Stream sDecrypted = AttachStreamDecryptor(hashedStream);
                    if((sDecrypted == null) || (sDecrypted == hashedStream))
                        throw new SecurityException(KLRes.CryptoStreamFailed);

                    if (m_slLogger != null)
                        m_slLogger.SetText("KP2AKEY_TransformingKey", LogStatusType.AdditionalInfo);

                    brDecrypted = new BinaryReaderEx(sDecrypted, encNoBom, KLRes.FileCorrupted);
                    byte[] pbStoredStartBytes = brDecrypted.ReadBytes(32);

                    if((m_pbStreamStartBytes == null) || (m_pbStreamStartBytes.Length != 32))
                        throw new InvalidDataException();

                    if (m_slLogger != null)
                        m_slLogger.SetText("KP2AKEY_DecodingDatabase", LogStatusType.AdditionalInfo);

                    for(int iStart = 0; iStart < 32; ++iStart)
                    {
                        if(pbStoredStartBytes[iStart] != m_pbStreamStartBytes[iStart])
                            throw new InvalidCompositeKeyException();
                    }

                    Stream sHashed = new HashedBlockStream(sDecrypted, false, 0,
                        !m_bRepairMode);

                    if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
                        readerStream = new Ionic.Zlib.GZipStream(sHashed, Ionic.Zlib.CompressionMode.Decompress);
                    else readerStream = sHashed;
                }
                else if(kdbFormat == KdbxFormat.PlainXml)
                    readerStream = hashedStream;
                else { Debug.Assert(false); throw new FormatException("KdbFormat"); }

                if(kdbFormat != KdbxFormat.PlainXml) // Is an encrypted format
                {
                    if(m_pbProtectedStreamKey == null)
                    {
                        Debug.Assert(false);
                        throw new SecurityException("Invalid protected stream key!");
                    }

                    m_randomStream = new CryptoRandomStream(m_craInnerRandomStream,
                        m_pbProtectedStreamKey);
                }
                else m_randomStream = null; // No random stream for plain-text files
                if (m_slLogger != null)
                    m_slLogger.SetText("KP2AKEY_ParsingDatabase", LogStatusType.AdditionalInfo);
                var stopWatch = Stopwatch.StartNew();

                if (kdbFormat == KdbxFormat.ProtocolBuffers)
                {
                    KdbpFile.ReadDocument(m_pwDatabase, readerStream, m_pbProtectedStreamKey, m_pbHashOfHeader);

                    Kp2aLog.Log(String.Format("KdbpFile.ReadDocument: {0}ms", stopWatch.ElapsedMilliseconds));

                }
                else
                {
                    ReadXmlStreamed(readerStream, hashedStream);

                    Kp2aLog.Log(String.Format("ReadXmlStreamed: {0}ms", stopWatch.ElapsedMilliseconds));
                }

                readerStream.Close();
                // GC.KeepAlive(br);
                // GC.KeepAlive(brDecrypted);
            }
            catch(CryptographicException) // Thrown on invalid padding
            {
                throw new CryptographicException(KLRes.FileCorrupted);
            }
            finally { CommonCleanUpRead(sSource, hashedStream); }
        }
Beispiel #13
0
        /// <summary>
        /// Load a KDB file from a stream.
        /// </summary>
        /// <param name="sSource">Stream to read the data from. Must contain
        /// a KDB4 stream.</param>
        /// <param name="kdbFormat">Format specifier.</param>
        /// <param name="slLogger">Status logger (optional).</param>
        public void Load(Stream sSource, Kdb4Format kdbFormat, IStatusLogger slLogger)
        {
            Debug.Assert(sSource != null);
            if(sSource == null) throw new ArgumentNullException("sSource");

            m_format = kdbFormat;
            m_slLogger = slLogger;

            HashingStreamEx hashedStream = new HashingStreamEx(sSource, false, null);

            UTF8Encoding encNoBom = new UTF8Encoding(false, false);

            try
            {
                BinaryReader br = null;
                BinaryReader brDecrypted = null;
                Stream readerStream = null;

                if(kdbFormat == Kdb4Format.Default)
                {
                    br = new BinaryReader(hashedStream, encNoBom);
                    ReadHeader(br);

                    Stream sDecrypted = AttachStreamDecryptor(hashedStream);
                    if((sDecrypted == null) || (sDecrypted == hashedStream))
                        throw new SecurityException(KLRes.CryptoStreamFailed);

                    brDecrypted = new BinaryReader(sDecrypted, encNoBom);
                    byte[] pbStoredStartBytes = brDecrypted.ReadBytes(32);

                    if((pbStoredStartBytes == null) || (pbStoredStartBytes.Length != 32) ||
                        (m_pbStreamStartBytes == null) || (m_pbStreamStartBytes.Length != 32))
                    {
                        throw new InvalidDataException();
                    }

                    for(int iStart = 0; iStart < 32; ++iStart)
                    {
                        if(pbStoredStartBytes[iStart] != m_pbStreamStartBytes[iStart])
                            throw new InvalidCompositeKeyException();
                    }

                    Stream sHashed = new HashedBlockStream(sDecrypted, false);

                    if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
                        readerStream = new GZipStream(sHashed, CompressionMode.Decompress);
                    else readerStream = sHashed;
                }
                else if(kdbFormat == Kdb4Format.PlainXml)
                    readerStream = hashedStream;
                else { Debug.Assert(false); throw new FormatException("KdbFormat"); }

                if(kdbFormat != Kdb4Format.PlainXml) // Is an encrypted format
                {
                    if(m_pbProtectedStreamKey == null)
                    {
                        Debug.Assert(false);
                        throw new SecurityException("Invalid protected stream key!");
                    }

                    m_randomStream = new CryptoRandomStream(CrsAlgorithm.ArcFour, m_pbProtectedStreamKey);
                }
                else m_randomStream = null; // No random stream for plain text files

                ReadXmlStreamed(readerStream, hashedStream);
                // ReadXmlDom(readerStream);

                GC.KeepAlive(brDecrypted);
                GC.KeepAlive(br);

                CommonCleanUpRead(sSource, hashedStream);
            }
            catch(Exception)
            {
                CommonCleanUpRead(sSource, hashedStream);
                throw;
            }
        }
Beispiel #14
0
        /// <summary>
        /// Load a KDB file from a stream.
        /// </summary>
        /// <param name="sSource">Stream to read the data from. Must contain
        /// a KDBX stream.</param>
        /// <param name="kdbFormat">Format specifier.</param>
        /// <param name="slLogger">Status logger (optional).</param>
        public void Load(Stream sSource, KdbxFormat kdbFormat, IStatusLogger slLogger)
        {
            Debug.Assert(sSource != null);
            if(sSource == null) throw new ArgumentNullException("sSource");

            m_format = kdbFormat;
            m_slLogger = slLogger;

            HashingStreamEx hashedStream = new HashingStreamEx(sSource, false, null);

            UTF8Encoding encNoBom = StrUtil.Utf8;
            try
            {
                BinaryReaderEx br = null;
                BinaryReaderEx brDecrypted = null;
                Stream readerStream = null;

                if(kdbFormat == KdbxFormat.Default)
                {
                    br = new BinaryReaderEx(hashedStream, encNoBom, KLRes.FileCorrupted);
                    ReadHeader(br);

                    Stream sDecrypted = AttachStreamDecryptor(hashedStream);
                    if((sDecrypted == null) || (sDecrypted == hashedStream))
                        throw new SecurityException(KLRes.CryptoStreamFailed);

                    brDecrypted = new BinaryReaderEx(sDecrypted, encNoBom, KLRes.FileCorrupted);
                    byte[] pbStoredStartBytes = brDecrypted.ReadBytes(32);

                    if((m_pbStreamStartBytes == null) || (m_pbStreamStartBytes.Length != 32))
                        throw new InvalidDataException();

                    for(int iStart = 0; iStart < 32; ++iStart)
                    {
                        if(pbStoredStartBytes[iStart] != m_pbStreamStartBytes[iStart])
                            throw new InvalidCompositeKeyException();
                    }

                    Stream sHashed = new HashedBlockStream(sDecrypted, false, 0,
                        !m_bRepairMode);

                    if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
                        readerStream = new GZipStream(sHashed, CompressionMode.Decompress);
                    else readerStream = sHashed;
                }
                else if(kdbFormat == KdbxFormat.PlainXml)
                    readerStream = hashedStream;
                else { Debug.Assert(false); throw new FormatException("KdbFormat"); }

                if(kdbFormat != KdbxFormat.PlainXml) // Is an encrypted format
                {
                    if(m_pbProtectedStreamKey == null)
                    {
                        Debug.Assert(false);
                        throw new SecurityException("Invalid protected stream key!");
                    }

                    m_randomStream = new CryptoRandomStream(m_craInnerRandomStream,
                        m_pbProtectedStreamKey);
                }
                else m_randomStream = null; // No random stream for plain-text files

            #if KeePassDebug_WriteXml
                // FileStream fsOut = new FileStream("Raw.xml", FileMode.Create,
                //	FileAccess.Write, FileShare.None);
                // try
                // {
                //	while(true)
                //	{
                //		int b = readerStream.ReadByte();
                //		if(b == -1) break;
                //		fsOut.WriteByte((byte)b);
                //	}
                // }
                // catch(Exception) { }
                // fsOut.Close();
            #endif

                ReadXmlStreamed(readerStream, hashedStream);
                // ReadXmlDom(readerStream);

                readerStream.Close();
                // GC.KeepAlive(br);
                // GC.KeepAlive(brDecrypted);
            }
            catch(CryptographicException) // Thrown on invalid padding
            {
                throw new CryptographicException(KLRes.FileCorrupted);
            }
            finally { CommonCleanUpRead(sSource, hashedStream); }
        }
Beispiel #15
0
        public MemoryStream GetRemoteDataAndHash(IOConnectionInfo ioc, out string hash)
        {
            MemoryStream remoteData = new MemoryStream();

            using (var remoteStream =_cachedStorage.OpenFileForRead(ioc))
            {
                //note: directly copying to remoteData and hashing causes NullReferenceExceptions in FTP and with Digest auth
                // -> use the temp data approach:
                MemoryStream tempData = new MemoryStream();
                remoteStream.CopyTo(tempData);
                tempData.Position = 0;
                HashingStreamEx hashingRemoteStream = new HashingStreamEx(tempData, false, new SHA256Managed());

                hashingRemoteStream.CopyTo(remoteData);
                hashingRemoteStream.Close();
                hash = MemUtil.ByteArrayToHexString(hashingRemoteStream.Hash);
            }
            remoteData.Position = 0;
            return remoteData;
        }
Beispiel #16
0
        private void CommonCleanUpRead(Stream sSource, HashingStreamEx hashedStream)
        {
            hashedStream.Close();
            m_pbHashOfFileOnDisk = hashedStream.Hash;

            sSource.Close();

            // Reset memory protection settings (to always use reasonable
            // defaults)
            m_pwDatabase.MemoryProtection = new MemoryProtectionConfig();

            // Remove old backups (this call is required here in order to apply
            // the default history maintenance settings for people upgrading from
            // KeePass <= 2.14 to >= 2.15; also it ensures history integrity in
            // case a different application has created the KDBX file and ignored
            // the history maintenance settings)
            m_pwDatabase.MaintainBackups(); // Don't mark database as modified

            // Expand the root group, such that in case the user accidently
            // collapses the root group he can simply reopen the database
            PwGroup pgRoot = m_pwDatabase.RootGroup;
            if(pgRoot != null) pgRoot.IsExpanded = true;
            else { Debug.Assert(false); }

            m_pbHashOfHeader = null;
        }
		/// <summary>
		/// Load a KDBX file from a stream.
		/// </summary>
		/// <param name="sSource">Stream to read the data from. Must contain
		/// a KDBX stream.</param>
		/// <param name="fmt">Format.</param>
		/// <param name="slLogger">Status logger (optional).</param>
		public void Load(Stream sSource, KdbxFormat fmt, IStatusLogger slLogger)
		{
			Debug.Assert(sSource != null);
			if(sSource == null) throw new ArgumentNullException("sSource");

			if(m_bUsedOnce)
				throw new InvalidOperationException("Do not reuse KdbxFile objects!");
			m_bUsedOnce = true;

#if KDBX_BENCHMARK
			Stopwatch swTime = Stopwatch.StartNew();
#endif

			m_format = fmt;
			m_slLogger = slLogger;

			m_pbsBinaries.Clear();

			UTF8Encoding encNoBom = StrUtil.Utf8;
			byte[] pbCipherKey = null;
			byte[] pbHmacKey64 = null;

			List<Stream> lStreams = new List<Stream>();
			lStreams.Add(sSource);

			HashingStreamEx sHashing = new HashingStreamEx(sSource, false, null);
			lStreams.Add(sHashing);

			try
			{
				Stream sXml;
				if(fmt == KdbxFormat.Default)
				{
					BinaryReaderEx br = new BinaryReaderEx(sHashing,
						encNoBom, KLRes.FileCorrupted);
					byte[] pbHeader = LoadHeader(br);
					m_pbHashOfHeader = CryptoUtil.HashSha256(pbHeader);

					int cbEncKey, cbEncIV;
					ICipherEngine iCipher = GetCipher(out cbEncKey, out cbEncIV);

					ComputeKeys(out pbCipherKey, cbEncKey, out pbHmacKey64);

					string strIncomplete = KLRes.FileHeaderCorrupted + " " +
						KLRes.FileIncomplete;

					Stream sPlain;
					if(m_uFileVersion < FileVersion32_4)
					{
						Stream sDecrypted = EncryptStream(sHashing, iCipher,
							pbCipherKey, cbEncIV, false);
						if((sDecrypted == null) || (sDecrypted == sHashing))
							throw new SecurityException(KLRes.CryptoStreamFailed);
						lStreams.Add(sDecrypted);

						BinaryReaderEx brDecrypted = new BinaryReaderEx(sDecrypted,
							encNoBom, strIncomplete);
						byte[] pbStoredStartBytes = brDecrypted.ReadBytes(32);

						if((m_pbStreamStartBytes == null) || (m_pbStreamStartBytes.Length != 32))
							throw new EndOfStreamException(strIncomplete);
						if(!MemUtil.ArraysEqual(pbStoredStartBytes, m_pbStreamStartBytes))
							throw new InvalidCompositeKeyException();

						sPlain = new HashedBlockStream(sDecrypted, false, 0, !m_bRepairMode);
					}
					else // KDBX >= 4
					{
						byte[] pbStoredHash = MemUtil.Read(sHashing, 32);
						if((pbStoredHash == null) || (pbStoredHash.Length != 32))
							throw new EndOfStreamException(strIncomplete);
						if(!MemUtil.ArraysEqual(m_pbHashOfHeader, pbStoredHash))
							throw new InvalidDataException(KLRes.FileHeaderCorrupted);

						byte[] pbHeaderHmac = ComputeHeaderHmac(pbHeader, pbHmacKey64);
						byte[] pbStoredHmac = MemUtil.Read(sHashing, 32);
						if((pbStoredHmac == null) || (pbStoredHmac.Length != 32))
							throw new EndOfStreamException(strIncomplete);
						if(!MemUtil.ArraysEqual(pbHeaderHmac, pbStoredHmac))
							throw new InvalidCompositeKeyException();

						HmacBlockStream sBlocks = new HmacBlockStream(sHashing,
							false, !m_bRepairMode, pbHmacKey64);
						lStreams.Add(sBlocks);

						sPlain = EncryptStream(sBlocks, iCipher, pbCipherKey,
							cbEncIV, false);
						if((sPlain == null) || (sPlain == sBlocks))
							throw new SecurityException(KLRes.CryptoStreamFailed);
					}
					lStreams.Add(sPlain);

					if(m_pwDatabase.Compression == PwCompressionAlgorithm.GZip)
					{
						sXml = new GZipStream(sPlain, CompressionMode.Decompress);
						lStreams.Add(sXml);
					}
					else sXml = sPlain;

					if(m_uFileVersion >= FileVersion32_4)
						LoadInnerHeader(sXml); // Binary header before XML
				}
				else if(fmt == KdbxFormat.PlainXml)
					sXml = sHashing;
				else { Debug.Assert(false); throw new ArgumentOutOfRangeException("fmt"); }

				if(fmt == KdbxFormat.Default)
				{
					if(m_pbInnerRandomStreamKey == null)
					{
						Debug.Assert(false);
						throw new SecurityException("Invalid inner random stream key!");
					}

					m_randomStream = new CryptoRandomStream(m_craInnerRandomStream,
						m_pbInnerRandomStreamKey);
				}

#if KeePassDebug_WriteXml
				// FileStream fsOut = new FileStream("Raw.xml", FileMode.Create,
				//	FileAccess.Write, FileShare.None);
				// try
				// {
				//	while(true)
				//	{
				//		int b = sXml.ReadByte();
				//		if(b == -1) break;
				//		fsOut.WriteByte((byte)b);
				//	}
				// }
				// catch(Exception) { }
				// fsOut.Close();
#endif

				ReadXmlStreamed(sXml, sHashing);
				// ReadXmlDom(sXml);
			}
			catch(CryptographicException) // Thrown on invalid padding
			{
				throw new CryptographicException(KLRes.FileCorrupted);
			}
			finally
			{
				if(pbCipherKey != null) MemUtil.ZeroByteArray(pbCipherKey);
				if(pbHmacKey64 != null) MemUtil.ZeroByteArray(pbHmacKey64);

				CommonCleanUpRead(lStreams, sHashing);
			}

#if KDBX_BENCHMARK
			swTime.Stop();
			MessageService.ShowInfo("Loading KDBX took " +
				swTime.ElapsedMilliseconds.ToString() + " ms.");
#endif
		}