Profile

Cover photo
Jonas Hagmar
Works at ÅF
Attended Chalmers University of Technology
Lives in Gothenburg, Sweden
51 followers|36,079 views
AboutPostsPhotosVideos

Stream

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper

At last I managed to read, decrypt and parse the information I wanted from the KeePass file format. I am very happy that I managed to reach this milestone. The next step is to get to know libmicrohttpd in order to serve the information via http(s). The parsing implementation has somewhat sloppy error handling at the moment, since I was unused to working with a XML stream parser like expat, so that needs some attention as well. Working with expat was a very rewarding experience, to see how efficient things can get when the parser does not reconstruct the whole XML file as a tree before you get to select the information that you are interested in. It took me a while to realize that such a parser requires you to keep track of context upstream (from leaf to trunk), instead of finding elements by selecting downstream in the parsed tree, to be as efficient as possible, but then, that is what this project is all about - learning new tools.

#cryptkeyper   #KeePass  
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - Salsa20

The last few days, I have been working on a base64 decoding implementation that would that would satisfy my sense of coding style. I started looking for some existing implementations, but found nothing that was really to my liking (mental note: do not assume that top answers on StackOverflow are top quality). In the process, I realized how I could generate unit tests to test non-exported functionality in my library with the autotools test harness, and that was a very important insight, that will make me feel a lot more confident about the code as it starts to grow.

Now comes a part of the KeePass decoding that I have dreaded for some time. Not because it is very difficult, but because I find this part of the KeePass encryption scheme revolting. KeePass files are essentially AES encrypted XML files, where the AES key is generated by a transformation of the master password. However, certain fields in the XML are "protected" by a Salsa20 cipher, with a key that is given in the unencrypted file header!!! Why the author has made this design choice is totally beyond me. Enough ranting - time to get to work.

#cryptkeyper   #KeePass   #AES   #Salsa20   #base64  
1
Jonas Hagmar's profile photoJoakim Ohlrogge's profile photo
2 comments
 
Nice, thanks! I like screen a lot, so this should be even better. 
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - PKCS7 Padding

Encryption algorithms often operate on fixed block sizes. In the case of AES, which is probably the most popular algorithm these dayse, the block size is 16 bytes. So in order to encrypt data of arbitrary length, one has to pad the data to an even multiple of blocks.

Different padding schemes exist. The one I have to deal with at the moment is PKCS7, which is the padding scheme chosen in the KeePass format, that I am currently trying to write decryption routines for.

In PKCS7, you pad the data with at least one byte, and the enough bytes to fill up to an even block multiple. The value of each byte should be the total number of padding bytes.

The problem is that you have to know which block is the last one in the stream, which, in my case, I don't know until I have read beyond the end of the file.

This sounds simple enough, but it has taken me surprisingly long to work out what I believe will be an elegant implementation. What I will do is try to read n blocks into a buffer. If less than n blocks are read, I know which block is the last one, and can go on to unpad that block. If not, I will decrypt the first (n-1) blocks, which I then know cannot be the last. When the stream consumer has consumed the decrypted blocks, I will copy the last block to the first position in the buffer, try to read the additional (n-1) blocks, and the process continues.

I think that will work. Now it is time to start implementing.

#cryptkeyper   #PKCS7   #AES   #padding  
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper

Some more Pro Git reading today, as well as finishing the first stream "class" with test case. I am really starting to appreciate autotools, actually. Support for test cases is of course integrated in the build system by default. It's the familiar GNU feeling... do your homework, and you will discover that this is a professional tool that has matured to near perfection over countless iterations.

#cryptkeyper   #git  #autotools
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - More Git

I have read the first few chapters of Pro Git now, and it seems like an awesome VCS. Actually, I wonder why CVS and Subversion are still enjoying so much popularity when something like git is available.

I do wonder about one small thing, and that is why git uses the terminology branch, when it seems like the proper abstraction would be marker, or something like that. I guess it is a matter of tradition, but I think keeping the branch terminology must cause some confusion for many people.

Still doing some code cleanup on the side while reading up on git, and preparing for writing some stream "classes" as the next step of development. It is really weird, but I have failed to find any stream (memory stream etc.) library in C. It cannot be that everyone rolls their own, but I guess I will this time.

#cryptkeyper   #git   #C
1
Joakim Ohlrogge's profile photo
 
I think branch is quite a good term since it represents a separate path of development. The concept is the same, the implementation differs from SVN and CVS. What is weird is that git stores each commit as a snapshot and relies on compression to keep the repository small (pretty brilliant in all it's genious insanity).
(If I understood it correctly of course)
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - The Menu

Some Pro Git reading today - really looking forward to start using it. This is the rest of the menu; the tools that I hope to get to know more about over the course of the project:

emacs - ede/cedet - libgcrypt - expat - libmicrohttpd - autotools - yubikey - zlib - the GNU coding standards - valgrind - gdb - pthreads - NFC - Android SDK

#cryptkeyper   #password   #passwordsafety   #security
1
Jonas Hagmar's profile photoJoakim Ohlrogge's profile photo
3 comments
 
Keep in mind that git is lightning fast at switching branches, branches are just pointers. Also merging is generally very easy compared to cvs and svn so all that "excessive branching" and merging is less work than one would think.
I find that I use feature-branches as a way to scope what I'm currently working at and it also geives me some flexibility when it comes to try different variants and decide in which order to actually release the features.
Add a comment...
Have him in circles
51 people
Mats Kvarnström's profile photo
Kristofer Jakobsson's profile photo
Søren Wulf Kristiansen's profile photo
Madelen Jakobsson's profile photo
Anders Ericson's profile photo
Anthea Dee Anthea's profile photo
IOAN SEBASTIAN NEMES's profile photo
PG Hagmar's profile photo
Joakim Ohlrogge's profile photo

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - XML Parsing

I got past my stage of procrastination (thanks for the tmux tip, +Joakim Ohlrogge)  by going over the top a bit with the Salsa20 implementation. The reference implementation and various other more optimized implementations available from the inventor of the cipher was not really to my liking. They were directly dependent on the test harness that was used in the cipher competition where it was entered, which set requirements on types used, call signatures, etc. The encryption/decryption calls took a buffer length parameter, but the cipher got out of sync if the length is ever an uneven multiple of 64 (which was not indicated anywhere). In encryption algorithm implementations, the common rule in optimized implementations is to unroll loops, strap out unnecessary handling of endianness, etc., anything you can do in order to improve performance. Guess if that was done in any of the original implentations. Sigh.

Anyway, now I have an implementation with all of the features I lacked, and which passes all the test vectors from the cipher competition submission. With the Salsa20 decryption and base64 decoding in place, it is time to start working on the XML parsing. I will be using expat, which is a proven, light-weight library, which by the way, is used in git. I have started looking at the API, and it seems pretty elegant.

The plan ahead is to store key-value pairs in a tree structre with optional groups, a structure that will be able to accomodate other file formats as well, if I decide to include support for them. When that is done, I will start looking at serving the data over https.
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - Hashed Stream

My PKCS7 padding idea from yesterday worked out well, so I went straight for the next layer of the KeePass file, which is the hashed block stream. Mini headers with a sequential block counter, a SHA256 hash and a block size field are followed by the data of the block. Pretty straightforward, but a lot of error checking code, which I will try to figure out how make as pretty as possible.

Now I actually have access to the plain XML data of the KeePass file. Some things remain before I feel satisfied with the KeePass parser. First of all, I need to make a gzip stream reader to support the optional compression layer in KeePass files. Then I need to implement a base64 decoding and a Salsa20 stream cipher to deobfuscate "protected" fields in the XML data.

#cryptkeyper   #PKCS7   #gzip   #base64   #Salsa20  
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper

Once again I will try to remind myself to write nice code to begin with, and not get tempted by doing something quick and dirty, and fool myself by saying that I will clean it up eventually. Finally I am done cleaning up the mess I made last weekend.

I have succeeded in generating the correct AES key for opening a KeePass file with a passphrase, and the next step will be to unwrap that layer of encryption to reveal the next layer, which is more or less the raw XML of the key database, interrupted by periodic SHA hashes.

Still reading Pro Git, but the chapters about contributing to projects is not really applicable to my situation at the moment. Looking forward to finishing the book, and moving on to git-flow.

#cryptkeyper   #cryptography   #git  
1
Jonas Hagmar's profile photoJoakim Ohlrogge's profile photo
2 comments
 
Right, let's call it refactoring then... :) I guess it's a matter of personal taste. I find writing functionality and error handling at the same time rather enjoyable, but if I write the functionality first, writing the error handling is very tedious. In this case, it has been a few days of tedious work...

Like you, I have come to see good code as a constant work in progress, rather than an isolated project that you finish. There are always things that can be improved.
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper

Some more cleanup today, but I couldn't stay away from doing some work on the stream implementations, which are a lot more fun to do.

#cryptkeyper  
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - Setting up a Repository

I needed to set up a repository - badly. Manual "versioning" was quickly getting out of hand at this early stage, so I put chapter 1 of Pro Git to use and set up a home for my project on github in jhagmar/cryptkeyper.

It is time I started giving away some real details as to what I have in mind for this project. The root of the weaknesses of all password managers I know of is that the password database and the master key are present at the same time on the same insecure system. In all simplicity, what I have planned is a password server, that can serve passwords one at a time to the insecure client, giving away the least possible sensitive information in the insecure environment. In other words, you replace a dumb database (the simple file) with a database with some intelligence (the server). By doing so, you can incorporate all kinds of nifty tricks, like access control, logging, database revocation, protection from replay attacks, etc.

Thank you +Joakim Ohlrogge for your comments and feedback, it will be invaluable. I hope in time the project will attract at least some more followers, but a lot of work remains until I reach a stage where the project starts to become interesting to actually use.

#cryptkeyper   #password   #passwordsafety   #security  
1
Add a comment...

Jonas Hagmar

Shared publicly  - 
 
Project Cryptkeyper - Reading Up

Now that I know I can manage to at least decrypt KeePass files, I am going to pause the development a while to make sure the code looks as nice as I want it to before the next round. The next steps will be checking the hashes of the decrypted contents and then parsing the resulting XML with expat.

I have also reached a point in the development where I have to get started with a repository. This will be an excellent opportunity to finally learn git, so I will be prioritizing reading Pro Git.

#cryptkeyper   #password   #passwordsafety   #security  
1
Add a comment...
People
Have him in circles
51 people
Mats Kvarnström's profile photo
Kristofer Jakobsson's profile photo
Søren Wulf Kristiansen's profile photo
Madelen Jakobsson's profile photo
Anders Ericson's profile photo
Anthea Dee Anthea's profile photo
IOAN SEBASTIAN NEMES's profile photo
PG Hagmar's profile photo
Joakim Ohlrogge's profile photo
Work
Occupation
Software Developer
Employment
  • ÅF
    Consultant, 2013 - present
  • Epsilon Embedded Väst
    Consultant, 2012 - 2012
  • Fraunhofer-Chalmers Center for Industrial Mathematics
    Development Engineer, 2006 - 2012
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Gothenburg, Sweden
Links
Contributor to
Story
Tagline
Explore. Experience. Enjoy.
Introduction
I use Google+ to share my joy of learning new things. My greatest interests at the moment are Android, embedded systems, cooking, cold process soap making, baking, reading books, and, in general, adding more things to this list.
Education
  • Chalmers University of Technology
    2002
Basic Information
Gender
Male