Fix challenge-response key data after Botan

* Fix #6420 * Refactor Challenge-Response key files to be more streamlined. Added a test to confirm raw key data is accurate.
2021-04-22 23:07:49 -04:00
parent 60adcacaaa
commit fd0bdaae80
14 changed files with 65 additions and 108 deletions
--- a/src/keys/YkChallengeResponseKey.cpp
+++ b/src/keys/YkChallengeResponseKey.cpp
@@ -16,30 +16,29 @@
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-#include "keys/YkChallengeResponseKey.h"
-#include "keys/drivers/YubiKey.h"
+#include "ChallengeResponseKey.h"

 #include "core/AsyncTask.h"
-#include "core/Tools.h"
-#include "crypto/CryptoHash.h"
-#include "crypto/Random.h"

-#include <QApplication>
-#include <QEventLoop>
-#include <QFile>
-#include <QFutureWatcher>
-#include <QXmlStreamReader>
-#include <QtConcurrent>
+QUuid ChallengeResponseKey::UUID("e092495c-e77d-498b-84a1-05ae0d955508");

-QUuid YkChallengeResponseKey::UUID("e092495c-e77d-498b-84a1-05ae0d955508");
-
-YkChallengeResponseKey::YkChallengeResponseKey(YubiKeySlot keySlot)
-    : ChallengeResponseKey(UUID)
+ChallengeResponseKey::ChallengeResponseKey(YubiKeySlot keySlot)
+    : Key(UUID)
    , m_keySlot(keySlot)
 {
 }

-bool YkChallengeResponseKey::challenge(const QByteArray& challenge)
+QByteArray ChallengeResponseKey::rawKey() const
+{
+    return QByteArray(m_key.data(), m_key.size());
+}
+
+QString ChallengeResponseKey::error() const
+{
+    return m_error;
+}
+
+bool ChallengeResponseKey::challenge(const QByteArray& challenge)
 {
    m_error.clear();
    auto result =
--- a/src/keys/ChallengeResponseKey.h
+++ b/src/keys/ChallengeResponseKey.h
@@ -16,44 +16,36 @@
 *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

-#ifndef KEEPASSX_CHALLENGE_RESPONSE_KEY_H
-#define KEEPASSX_CHALLENGE_RESPONSE_KEY_H
+#ifndef KPXC_CHALLENGE_RESPONSE_KEY_H
+#define KPXC_CHALLENGE_RESPONSE_KEY_H
+
+#include "Key.h"
+#include "drivers/YubiKey.h"

 #include <QByteArray>
 #include <QUuid>
+
 #include <botan/secmem.h>

-class ChallengeResponseKey
+class ChallengeResponseKey : public Key
 {
 public:
-    explicit ChallengeResponseKey(const QUuid& uuid)
-        : m_uuid(uuid)
-    {
-    }
-    virtual ~ChallengeResponseKey() = default;
+    explicit ChallengeResponseKey(YubiKeySlot keySlot = {});
+    ~ChallengeResponseKey() override = default;

-    virtual bool challenge(const QByteArray& challenge) = 0;
+    QByteArray rawKey() const override;

-    Botan::secure_vector<char>& rawKey()
-    {
-        return m_key;
-    }
-    QUuid uuid() const
-    {
-        return m_uuid;
-    }
-    QString error() const
-    {
-        return m_error;
-    }
+    virtual bool challenge(const QByteArray& challenge);
+    QString error() const;

-protected:
-    QString m_error;
-    Botan::secure_vector<char> m_key;
+    static QUuid UUID;

 private:
    Q_DISABLE_COPY(ChallengeResponseKey);
-    QUuid m_uuid;
+
+    QString m_error;
+    Botan::secure_vector<char> m_key;
+    YubiKeySlot m_keySlot;
 };

-#endif // KEEPASSX_CHALLENGE_RESPONSE_KEY_H
+#endif // KPXC_CHALLENGE_RESPONSE_KEY_H
--- a/src/keys/CompositeKey.cpp
+++ b/src/keys/CompositeKey.cpp
@@ -24,6 +24,7 @@
 #include "core/Global.h"
 #include "crypto/CryptoHash.h"
 #include "crypto/kdf/AesKdf.h"
+#include "keys/ChallengeResponseKey.h"

 QUuid CompositeKey::UUID("76a7ae25-a542-4add-9849-7c06be945b94");

@@ -143,7 +144,7 @@ bool CompositeKey::challenge(const QByteArray& seed, QByteArray& result, QString
            qWarning() << "Failed to issue challenge: " << key->error();
            return false;
        }
-        cryptoHash.addData(key->rawKey().data());
+        cryptoHash.addData(key->rawKey());
    }

    result = cryptoHash.result();
--- a/src/keys/CompositeKey.h
+++ b/src/keys/CompositeKey.h
@@ -23,10 +23,11 @@
 #include <QSharedPointer>
 #include <QString>

-#include "crypto/kdf/Kdf.h"
-#include "keys/ChallengeResponseKey.h"
 #include "keys/Key.h"

+class Kdf;
+class ChallengeResponseKey;
+
 class CompositeKey : public Key
 {
 public:
--- a/src/keys/YkChallengeResponseKey.h
+++ b/src/keys/YkChallengeResponseKey.h
@@ -1,39 +0,0 @@
-/*
- *  Copyright (C) 2019 KeePassXC Team <team@keepassxc.org>
- *
- *  This program is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 2 or (at your option)
- *  version 3 of the License.
- *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with this program.  If not, see <http://www.gnu.org/licenses/>.
- */
-
-#ifndef KEEPASSX_YK_CHALLENGERESPONSEKEY_H
-#define KEEPASSX_YK_CHALLENGERESPONSEKEY_H
-
-#include "core/Global.h"
-#include "keys/ChallengeResponseKey.h"
-#include "keys/drivers/YubiKey.h"
-
-class YkChallengeResponseKey : public ChallengeResponseKey
-{
-public:
-    static QUuid UUID;
-
-    explicit YkChallengeResponseKey(YubiKeySlot keySlot = {});
-    ~YkChallengeResponseKey() override = default;
-
-    bool challenge(const QByteArray& challenge) override;
-
-private:
-    YubiKeySlot m_keySlot;
-};
-
-#endif // KEEPASSX_YK_CHALLENGERESPONSEKEY_H