mirrors/keepassxc
1
0
Fork 0
mirror of https://github.com/keepassxreboot/keepassxc.git synced 2025-04-05 13:37:43 +03:00
Code Issues Projects Releases Packages Wiki Activity

Fix issues with TOTP

Browse source 
* otp setting is properly loaded and saved (Fix #2671)
* Removing the key from TOTP Setup clears all TOTP
settings for entry
* Santize TOTP key prior to storing in OTP format
This commit is contained in:
Jonathan White 2019-02-01 21:01:51 -05:00
parent d3a424cc74
commit cc932eff30
5 changed files with 67 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

21
src/core/Entry.cpp
View file

@ -427,14 +427,21 @@ QString Entry::totp() const
void Entry::setTotp(QSharedPointer<Totp::Settings> settings) void Entry::setTotp(QSharedPointer<Totp::Settings> settings)
{ {
beginUpdate(); beginUpdate();
m_data.totpSettings = std::move(settings); if (settings->key.isEmpty()) {
m_data.totpSettings.reset();
auto text = Totp::writeSettings(m_data.totpSettings, title(), username()); m_attributes->remove(Totp::ATTRIBUTE_OTP);
if (m_attributes->hasKey(Totp::ATTRIBUTE_OTP)) { m_attributes->remove(Totp::ATTRIBUTE_SEED);
m_attributes->set(Totp::ATTRIBUTE_OTP, text, true); m_attributes->remove(Totp::ATTRIBUTE_SETTINGS);
} else { } else {
m_attributes->set(Totp::ATTRIBUTE_SEED, m_data.totpSettings->key, true); m_data.totpSettings = std::move(settings);
m_attributes->set(Totp::ATTRIBUTE_SETTINGS, text);
auto text = Totp::writeSettings(m_data.totpSettings, title(), username());
if (m_attributes->hasKey(Totp::ATTRIBUTE_OTP)) {
m_attributes->set(Totp::ATTRIBUTE_OTP, text, true);
} else {
m_attributes->set(Totp::ATTRIBUTE_SEED, m_data.totpSettings->key, true);
m_attributes->set(Totp::ATTRIBUTE_SETTINGS, text);
}
} }
endUpdate(); endUpdate();
} }

1
src/core/EntryAttributes.cpp
View file

@ -137,7 +137,6 @@ void EntryAttributes::remove(const QString& key)
Q_ASSERT(!isDefaultAttribute(key)); Q_ASSERT(!isDefaultAttribute(key));
if (!m_attributes.contains(key)) { if (!m_attributes.contains(key)) {
Q_ASSERT(false);
return; return;
} }

17
src/gui/TotpSetupDialog.cpp
View file

@ -45,16 +45,21 @@ void TotpSetupDialog::saveSettings()
{ {
QString encShortName; QString encShortName;
uint digits = Totp::DEFAULT_DIGITS; uint digits = Totp::DEFAULT_DIGITS;
if (m_ui->radio8Digits->isChecked()) { uint step = Totp::DEFAULT_STEP;
digits = 8;
} else if (m_ui->radio7Digits->isChecked()) { if (m_ui->radioSteam->isChecked()) {
digits = 7;
} else if (m_ui->radioSteam->isChecked()) {
digits = Totp::STEAM_DIGITS; digits = Totp::STEAM_DIGITS;
encShortName = Totp::STEAM_SHORTNAME; encShortName = Totp::STEAM_SHORTNAME;
} else if (m_ui->radioCustom->isChecked()) {
step = m_ui->stepSpinBox->value();
if (m_ui->radio8Digits->isChecked()) {
digits = 8;
} else if (m_ui->radio7Digits->isChecked()) {
digits = 7;
}
} }
auto settings = Totp::createSettings(m_ui->seedEdit->text(), digits, m_ui->stepSpinBox->value(), encShortName); auto settings = Totp::createSettings(m_ui->seedEdit->text(), digits, step, encShortName, m_entry->totpSettings());
m_entry->setTotp(settings); m_entry->setTotp(settings);
emit totpUpdated(); emit totpUpdated();
close(); close();

50
src/totp/totp.cpp
View file

@ -55,10 +55,16 @@ QSharedPointer<Totp::Settings> Totp::parseSettings(const QString& rawSettings, c
QUrlQuery query(rawSettings); QUrlQuery query(rawSettings);
if (query.hasQueryItem("key")) { if (query.hasQueryItem("key")) {
// Compatibility with "KeeOtp" plugin // Compatibility with "KeeOtp" plugin
// if settings are changed, will convert to semi-colon format settings->keeOtp = true;
settings->key = query.queryItemValue("key"); settings->key = query.queryItemValue("key");
settings->digits = query.queryItemValue("size").toUInt(); settings->digits = DEFAULT_DIGITS;
settings->step = query.queryItemValue("step").toUInt(); settings->step = DEFAULT_STEP;
if (query.hasQueryItem("size")) {
settings->digits = query.queryItemValue("size").toUInt();
}
if (query.hasQueryItem("step")) {
settings->step = query.queryItemValue("step").toUInt();
}
} else { } else {
// Parse semi-colon separated values ([step];[digits|S]) // Parse semi-colon separated values ([step];[digits|S])
auto vars = rawSettings.split(";"); auto vars = rawSettings.split(";");
@ -88,12 +94,24 @@ QSharedPointer<Totp::Settings> Totp::parseSettings(const QString& rawSettings, c
return settings; return settings;
} }
QSharedPointer<Totp::Settings> QSharedPointer<Totp::Settings> Totp::createSettings(const QString& key,
Totp::createSettings(const QString& key, const uint digits, const uint step, const QString& encoderShortName) const uint digits,
const uint step,
const QString& encoderShortName,
QSharedPointer<Totp::Settings> prevSettings)
{ {
bool isCustom = digits != DEFAULT_DIGITS || step != DEFAULT_STEP; bool isCustom = digits != DEFAULT_DIGITS || step != DEFAULT_STEP;
return QSharedPointer<Totp::Settings>( if (prevSettings) {
new Totp::Settings{getEncoderByShortName(encoderShortName), key, false, isCustom, digits, step}); prevSettings->key = key;
prevSettings->digits = digits;
prevSettings->step = step;
prevSettings->encoder = Totp::getEncoderByShortName(encoderShortName);
prevSettings->custom = isCustom;
return prevSettings;
} else {
return QSharedPointer<Totp::Settings>(
new Totp::Settings{getEncoderByShortName(encoderShortName), key, false, false, isCustom, digits, step});
}
} }
QString Totp::writeSettings(const QSharedPointer<Totp::Settings>& settings, QString Totp::writeSettings(const QSharedPointer<Totp::Settings>& settings,
@ -118,15 +136,19 @@ QString Totp::writeSettings(const QSharedPointer<Totp::Settings>& settings,
urlstring.append("&encoder=").append(settings->encoder.name); urlstring.append("&encoder=").append(settings->encoder.name);
} }
return urlstring; return urlstring;
} } else if (settings->keeOtp) {
// KeeOtp output
// Semicolon output [step];[encoder] return QString("key=%1&size=%2&step=%3")
if (!settings->encoder.shortName.isEmpty()) { .arg(QString(Base32::sanitizeInput(settings->key.toLatin1())))
.arg(settings->digits)
.arg(settings->step);
} else if (!settings->encoder.shortName.isEmpty()) {
// Semicolon output [step];[encoder]
return QString("%1;%2").arg(settings->step).arg(settings->encoder.shortName); return QString("%1;%2").arg(settings->step).arg(settings->encoder.shortName);
} else {
// Semicolon output [step];[digits]
return QString("%1;%2").arg(settings->step).arg(settings->digits);
} }
// Semicolon output [step];[digits]
return QString("%1;%2").arg(settings->step).arg(settings->digits);
} }
QString Totp::generateTotp(const QSharedPointer<Totp::Settings>& settings, const quint64 time) QString Totp::generateTotp(const QSharedPointer<Totp::Settings>& settings, const quint64 time)

8
src/totp/totp.h
View file

@ -44,6 +44,7 @@ namespace Totp
Totp::Encoder encoder; Totp::Encoder encoder;
QString key; QString key;
bool otpUrl; bool otpUrl;
bool keeOtp;
bool custom; bool custom;
uint digits; uint digits;
uint step; uint step;
@ -59,8 +60,11 @@ namespace Totp
static const QString ATTRIBUTE_SETTINGS = "TOTP Settings"; static const QString ATTRIBUTE_SETTINGS = "TOTP Settings";
QSharedPointer<Totp::Settings> parseSettings(const QString& rawSettings, const QString& key = {}); QSharedPointer<Totp::Settings> parseSettings(const QString& rawSettings, const QString& key = {});
QSharedPointer<Totp::Settings> QSharedPointer<Totp::Settings> createSettings(const QString& key,
createSettings(const QString& key, const uint digits, const uint step, const QString& encoderShortName = {}); const uint digits,
const uint step,
const QString& encoderShortName = {},
QSharedPointer<Totp::Settings> prevSettings = {});
QString writeSettings(const QSharedPointer<Totp::Settings>& settings, QString writeSettings(const QSharedPointer<Totp::Settings>& settings,
const QString& title = {}, const QString& title = {},
const QString& username = {}, const QString& username = {},