X-Git-Url: https://git.quassel-irc.org/?a=blobdiff_plain;f=src%2Fcore%2Fcipher.cpp;h=fb6a69720668f7acd905e88e3989092046a91d8a;hb=f12d6496251729f7d21f4fbcb0814dec7fba4b75;hp=7cc75d0a5774cab7e972e0ceaa970ecd0edfe77b;hpb=d921c7e14b3bd35d2b9f022ae88b90d83b97d568;p=quassel.git diff --git a/src/core/cipher.cpp b/src/core/cipher.cpp index 7cc75d0a..fb6a6972 100644 --- a/src/core/cipher.cpp +++ b/src/core/cipher.cpp @@ -13,7 +13,7 @@ */ #include "cipher.h" -#include "logger.h" +#include "logmessage.h" Cipher::Cipher() { @@ -117,7 +117,6 @@ QByteArray Cipher::decrypt(QByteArray cipherText) // (if cbc and no error we parse cbc) || (if ecb and error we parse cbc) if ((m_cbc && !error) || (!m_cbc && error)) { - cipherText = cipherText; temp = blowfishCBC(cipherText, false); if (temp == cipherText) @@ -364,6 +363,10 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction) } else { + // ECB Blowfish encodes in blocks of 12 chars, so anything else is malformed input + if ((temp.length() % 12) != 0) + return cipherText; + temp = b64ToByte(temp); while ((temp.length() % 8) != 0) temp.append('\0'); } @@ -376,8 +379,13 @@ QByteArray Cipher::blowfishECB(QByteArray cipherText, bool direction) if (!cipher.ok()) return cipherText; - if (direction) + if (direction) { + // Sanity check + if ((temp2.length() % 8) != 0) + return cipherText; + temp2 = byteToB64(temp2); + } return temp2; } @@ -420,13 +428,13 @@ QByteArray Cipher::byteToB64(QByteArray text) right += v; for (int i = 0; i < 6; i++) { - encoded.append(base64.at(right & 0x3F).toAscii()); + encoded.append(base64.at(right & 0x3F).toLatin1()); right = right >> 6; } - //TODO make sure the .toascii doesn't break anything + //TODO make sure the .toLatin1 doesn't break anything for (int i = 0; i < 6; i++) { - encoded.append(base64.at(left & 0x3F).toAscii()); + encoded.append(base64.at(left & 0x3F).toLatin1()); left = left >> 6; } }