<table><tr><td style="">sandsmark requested changes to this revision.<br />sandsmark added a comment.<br />This revision now requires changes to proceed.
</td><a style="text-decoration: none; padding: 4px 8px; margin: 0 8px 8px; float: right; color: #464C5C; font-weight: bold; border-radius: 3px; background-color: #F7F7F9; background-image: linear-gradient(to bottom,#fff,#f1f0f1); display: inline-block; border: 1px solid rgba(71,87,120,.2);" href="https://phabricator.kde.org/D16134">View Revision</a></tr></table><br /><div><div><p>just did a quite read-through, but hindenburg has the final say if he disagrees with any of my requests.</p></div></div><br /><div><strong>INLINE COMMENTS</strong><div><div style="margin: 6px 0 12px 0;"><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88020">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:234</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"><span class="n">SecureHistoryFile</span><span style="color: #aa2211">::</span><span class="n">SecureHistoryFile</span><span class="p">()</span> <span style="color: #aa2211">:</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_rcipher</span><span class="p">(</span><span class="n">QString</span><span style="color: #aa2211">::</span><span class="n">fromUtf8</span><span class="p">(</span><span style="color: #766510">"aes128"</span><span class="p">),</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">Cipher</span><span style="color: #aa2211">::</span><span class="n">CTR</span><span class="p">),</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_wcipher</span><span class="p">(</span><span class="n">QString</span><span style="color: #aa2211">::</span><span class="n">fromUtf8</span><span class="p">(</span><span style="color: #766510">"aes128"</span><span class="p">),</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">Cipher</span><span style="color: #aa2211">::</span><span class="n">CTR</span><span class="p">)</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">is there any error handling in case this goes wrong? does it throw or assert?</p>

<p style="padding: 0; margin: 8px;">passing in strings like that looks extremely error prone (and system config error prone), unfortunately most crypto APIs like that (botan is a bit better).</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88014">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:237</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"><span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_iv_ref</span> <span style="color: #aa2211">=</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">Random</span><span style="color: #aa2211">::</span><span class="n">randomArray</span><span class="p">(</span><span style="color: #601200">8</span><span class="p">)</span> <span style="color: #aa2211">+</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">SecureArray</span><span class="p">(</span><span style="color: #601200">8</span><span class="p">,</span> <span style="color: #601200">0</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_iv_counter</span> <span style="color: #aa2211">=</span> <span class="p">(((</span><span class="n">qint64_be</span><span style="color: #aa2211">*</span><span class="p">)</span> <span class="n">_iv_ref</span><span class="p">.</span><span class="n">data</span><span class="p">())</span> <span style="color: #aa2211">+</span> <span style="color: #601200">1</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">use camelCase not snake_case</p>

<p style="padding: 0; margin: 8px;">and could probably do with a comment to explain what is happening and why. I guess you're generating 8 random bytes and padding with 8 zeroes?</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88019">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:238</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_iv_ref</span> <span style="color: #aa2211">=</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">Random</span><span style="color: #aa2211">::</span><span class="n">randomArray</span><span class="p">(</span><span style="color: #601200">8</span><span class="p">)</span> <span style="color: #aa2211">+</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">SecureArray</span><span class="p">(</span><span style="color: #601200">8</span><span class="p">,</span> <span style="color: #601200">0</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_iv_counter</span> <span style="color: #aa2211">=</span> <span class="p">(((</span><span class="n">qint64_be</span><span style="color: #aa2211">*</span><span class="p">)</span> <span class="n">_iv_ref</span><span class="p">.</span><span class="n">data</span><span class="p">())</span> <span style="color: #aa2211">+</span> <span style="color: #601200">1</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_key</span> <span style="color: #aa2211">=</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">SymmetricKey</span><span class="p">(</span><span style="color: #601200">16</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">I'm not sure I understand what does does, and that casting doesn't look safe (but I could be wrong, I just don't immediately understand what is happening).</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88013">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:240</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_key</span> <span style="color: #aa2211">=</span> <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">SymmetricKey</span><span class="p">(</span><span style="color: #601200">16</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">_rbuf</span><span class="p">.</span><span class="n">reserve</span><span class="p">(</span><span style="color: #601200">0x400</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">why 1KB?</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88025">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:248</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span style="color: #aa4000">auto</span> <span class="n">encrypted</span> <span style="color: #aa2211">=</span> <span class="n">_wcipher</span><span class="p">.</span><span class="n">update</span><span class="p">(</span><span class="n">QByteArray</span><span class="p">(</span><span class="n">buffer</span><span class="p">,</span> <span class="n">count</span><span class="p">));</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">Q_ASSERT</span><span class="p">(</span><span class="n">_wcipher</span><span class="p">.</span><span class="n">ok</span><span class="p">());</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">don't use assert here (same as below, I just read this review the wrong way).</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88016">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:254</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"><span style="color: #aa4000">void</span> <span class="n">SecureHistoryFile</span><span style="color: #aa2211">::</span><span class="n">get</span><span class="p">(</span><span style="color: #aa4000">char</span> <span style="color: #aa2211">*</span><span class="n">buffer</span><span class="p">,</span> <span class="n">qint64</span> <span class="n">size</span><span class="p">,</span> <span class="n">qint64</span> <span class="n">loc</span><span class="p">)</span> <span class="p">{</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">qint64</span> <span class="n">base</span> <span style="color: #aa2211">=</span> <span class="n">loc</span> <span style="color: #aa2211">&</span> <span style="color: #aa2211">~</span><span style="color: #601200">0x0F</span><span class="p">;</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">qint64</span> <span class="n">off</span> <span style="color: #aa2211">=</span> <span class="n">loc</span> <span style="color: #aa2211">&</span> <span style="color: #601200">0x0F</span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">what does this do</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88017">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:255</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">qint64</span> <span class="n">base</span> <span style="color: #aa2211">=</span> <span class="n">loc</span> <span style="color: #aa2211">&</span> <span style="color: #aa2211">~</span><span style="color: #601200">0x0F</span><span class="p">;</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">qint64</span> <span class="n">off</span> <span style="color: #aa2211">=</span> <span class="n">loc</span> <span style="color: #aa2211">&</span> <span style="color: #601200">0x0F</span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">samesies</p>

<p style="padding: 0; margin: 8px;">if it does what I think it does the usual (and more understandable, imho) way of doing this is to use division and modulo</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88018">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:260</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span style="color: #aa4000">auto</span> <span class="n">decrypted</span> <span style="color: #aa2211">=</span> <span class="n">decrypt_block</span><span class="p">(</span><span class="n">_rbuf</span><span class="p">,</span> <span class="n">loc</span> <span style="color: #aa2211">>></span> <span style="color: #601200">4</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">memcpy</span><span class="p">(</span><span class="n">buffer</span><span class="p">,</span> <span class="n">decrypted</span><span class="p">.</span><span class="n">constData</span><span class="p">()</span> <span style="color: #aa2211">+</span> <span class="n">off</span><span class="p">,</span> <span class="n">size</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">what type is decrypted?</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88022">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.cpp:271</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span style="color: #aa4000">auto</span> <span class="n">decrypted</span> <span style="color: #aa2211">=</span> <span class="n">_rcipher</span><span class="p">.</span><span class="n">update</span><span class="p">(</span><span class="n">buf</span><span class="p">);</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">Q_ASSERT</span><span class="p">(</span><span class="n">_rcipher</span><span class="p">.</span><span class="n">ok</span><span class="p">());</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">don't use an assert here, this isn't some error that just makes sense to check for when developing.</p>

<p style="padding: 0; margin: 8px;">either handle it properly all the way to the top or just abort();, otherwise you very quickly get a false sense of security.</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88015">View Inline</a><span style="color: #4b4d51; font-weight: bold;">History.h:92</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);"><span style="color: #a0a000">private</span><span class="p">:</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">MemoryRegion</span> <span class="n">decrypt_block</span><span class="p">(</span><span class="n">QByteArray</span> <span style="color: #aa2211">&</span><span class="n">buf</span><span class="p">,</span> <span class="n">qint64</span> <span class="n">block_idx</span><span class="p">);</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">camelCase</p></div></div><br /><div style="border: 1px solid #C7CCD9; border-radius: 3px;"><div style="padding: 0; background: #F7F7F7; border-color: #e3e4e8; border-style: solid; border-width: 0 0 1px 0; margin: 0;"><div style="color: #74777d; background: #eff2f4; padding: 6px 8px; overflow: hidden;"><a style="float: right; text-decoration: none;" href="https://phabricator.kde.org/D16134#inline-88023">View Inline</a><span style="color: #4b4d51; font-weight: bold;">main.cpp:91</span></div>
<div style="font: 11px/15px "Menlo", "Consolas", "Monaco", monospace; white-space: pre-wrap; clear: both; padding: 4px 0; margin: 0;"><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span style="color: #74777d">// Initialize QCA to enable SecureHistoryFile support</span>
</div><div style="padding: 0 8px; margin: 0 4px; background: rgba(151, 234, 151, .6);">    <span class="n">QCA</span><span style="color: #aa2211">::</span><span class="n">Initializer</span> <span class="n">init</span><span class="p">;</span>
</div></div></div>
<div style="margin: 8px 0; padding: 0 12px;"><p style="padding: 0; margin: 8px;">make it locally static in the SecureHistory constructor, then we get less ifdefs (that is also threadsafe, fwiw, so shouldn't be any different from this).</p></div></div></div></div></div><br /><div><strong>REPOSITORY</strong><div><div>R319 Konsole</div></div></div><br /><div><strong>REVISION DETAIL</strong><div><a href="https://phabricator.kde.org/D16134">https://phabricator.kde.org/D16134</a></div></div><br /><div><strong>To: </strong>langbeck, tcanabrava, hindenburg, Konsole, sandsmark<br /><strong>Cc: </strong>sandsmark, pino, frederico, konsole-devel, herrold, ngraham, maximilianocuria, hindenburg<br /></div>