Skip to content

Commit f678baf

Browse files
mitya57mitya57
committed
Make sure my_public_key length is exactly 128 bytes
Fixes 'Client public key size is invalid' error from KWallet. Fixes 48.
1 parent 6745ef3 commit f678baf

File tree

3 files changed

+10
-9
lines changed

3 files changed

+10
-9
lines changed

secretstorage/dhcrypto.py

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,8 +27,10 @@
2727
)
2828

2929

30-
def int_to_bytes(number: int) -> bytes:
31-
return number.to_bytes(math.ceil(number.bit_length() / 8), 'big')
30+
def int_to_bytes(number: int, length: int) -> bytes:
31+
result = number.to_bytes(math.ceil(number.bit_length() / 8), 'big')
32+
# Pad with zero bytes if needed.
33+
return b'\x00' * (length - len(result)) + result
3234

3335

3436
DH_PRIME_1024 = int.from_bytes(DH_PRIME_1024_BYTES, 'big')
@@ -46,9 +48,7 @@ def __init__(self) -> None:
4648
def set_server_public_key(self, server_public_key: int) -> None:
4749
common_secret_int = pow(server_public_key, self.my_private_key,
4850
DH_PRIME_1024)
49-
common_secret = int_to_bytes(common_secret_int)
50-
# Prepend NULL bytes if needed
51-
common_secret = b'\x00' * (0x80 - len(common_secret)) + common_secret
51+
common_secret = int_to_bytes(common_secret_int, 128)
5252
# HKDF with null salt, empty info and SHA-256 hash
5353
salt = b'\x00' * 0x20
5454
pseudo_random_key = hmac.new(salt, common_secret, sha256).digest()

secretstorage/util.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,7 +102,7 @@ def open_session(connection: DBusConnection) -> Session:
102102
output, result = service.call(
103103
'OpenSession', 'sv',
104104
ALGORITHM_DH,
105-
('ay', int_to_bytes(session.my_public_key)))
105+
('ay', int_to_bytes(session.my_public_key, 128)))
106106
except DBusErrorResponse as resp:
107107
if resp.name != DBUS_NOT_SUPPORTED:
108108
raise

tests/test_dhcrypto.py

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ class ConversionTest(unittest.TestCase):
1414
between bytes and long."""
1515

1616
def test_int_to_bytes(self) -> None:
17-
self.assertEqual(int_to_bytes(1), b'\x01')
18-
self.assertEqual(int_to_bytes(258), b'\x01\x02')
19-
self.assertEqual(int_to_bytes(1 << 64), b'\x01' + b'\x00' * 8)
17+
self.assertEqual(int_to_bytes(1, 1), b'\x01')
18+
self.assertEqual(int_to_bytes(1, 2), b'\x00\x01')
19+
self.assertEqual(int_to_bytes(258, 2), b'\x01\x02')
20+
self.assertEqual(int_to_bytes(1 << 64, 9), b'\x01' + b'\x00' * 8)

0 commit comments

Comments
 (0)