X-Git-Url: https://git.quassel-irc.org/?a=blobdiff_plain;ds=sidebyside;f=src%2Fcore%2Fcipher.cpp;h=c5a40c21439e0b08363adc85b73207fdd88b4890;hb=8f2ee00f4edef1693628d3af0bdee84d725eb754;hp=3f299f40c04fcd24e6071f89f6cb7a60bcdc073c;hpb=310dc3ae20541ec5364a9e70a17f3322adb5723f;p=quassel.git

diff --git a/src/core/cipher.cpp b/src/core/cipher.cpp
index 3f299f40..c5a40c21 100644
--- a/src/core/cipher.cpp
+++ b/src/core/cipher.cpp
@@ -13,7 +13,7 @@
 */
 
 #include "cipher.h"
-#include "logger.h"
+#include "logmessage.h"
 
 Cipher::Cipher()
 {
@@ -30,9 +30,6 @@ Cipher::Cipher(QByteArray key, QString cipherType)
 }
 
 
-Cipher::~Cipher()
-{}
-
 bool Cipher::setKey(QByteArray key)
 {
     if (key.isEmpty()) {
@@ -56,7 +53,8 @@ bool Cipher::setKey(QByteArray key)
 //    if(Preferences::self()->encryptionType())
 //      m_cbc = true;
 //    else
-        m_cbc = false;
+//    default to CBC
+        m_cbc = true;
         m_key = key;
     }
     return true;
@@ -117,7 +115,6 @@ QByteArray Cipher::decrypt(QByteArray cipherText)
     // (if cbc and no error we parse cbc) || (if ecb and error we parse cbc)
     if ((m_cbc && !error) || (!m_cbc && error))
     {
-        cipherText = cipherText;
         temp = blowfishCBC(cipherText, false);
 
         if (temp == cipherText)
@@ -364,6 +361,10 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction)
     }
     else
     {
+        // ECB Blowfish encodes in blocks of 12 chars, so anything else is malformed input
+        if ((temp.length() % 12) != 0)
+            return cipherText;
+
         temp = b64ToByte(temp);
         while ((temp.length() % 8) != 0) temp.append('\0');
     }
@@ -376,8 +377,13 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction)
     if (!cipher.ok())
         return cipherText;
 
-    if (direction)
+    if (direction) {
+        // Sanity check
+        if ((temp2.length() % 8) != 0)
+            return cipherText;
+
         temp2 = byteToB64(temp2);
+    }
 
     return temp2;
 }