skylab/MasterPassword
2
0
Fork 0
Code Releases Activity

Memory fixes & handle masterPassword verification, masterKey site algorithm scoping, etc.

Browse Source
This commit is contained in:
Maarten Billemont 2017-07-22 23:45:54 -04:00
parent 37c0d323d9
commit 16004f2ffe
5 changed files with 239 additions and 106 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

235
core/c/mpw-marshall.c
View File

@ -21,22 +21,21 @@
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <json-c/json.h> #include <json-c/json.h>
#include <ctype.h>
#include <math.h>
#include "mpw-marshall.h" #include "mpw-marshall.h"
#include "mpw-util.h" #include "mpw-util.h"
MPMarshalledUser *mpw_marshall_user( MPMarshalledUser *mpw_marshall_user(
const char *fullName, MPMasterKey masterKey, const MPAlgorithmVersion algorithmVersion) { const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion) {
MPMarshalledUser *user = malloc( sizeof( MPMarshalledUser ) ); MPMarshalledUser *user = malloc( sizeof( MPMarshalledUser ) );
if (!user) if (!user)
return NULL; return NULL;
*user = (MPMarshalledUser){ *user = (MPMarshalledUser){
.name = fullName, .name = strdup( fullName ),
.key = masterKey, .masterPassword = strdup( masterPassword ),
.algorithm = algorithmVersion, .algorithm = algorithmVersion,
.redacted = true,
.avatar = 0, .avatar = 0,
.defaultType = MPSiteTypeGeneratedLong, .defaultType = MPSiteTypeGeneratedLong,
@ -57,7 +56,8 @@ MPMarshalledSite *mpw_marshall_site(
return NULL; return NULL;
marshalledUser->sites[marshalledUser->sites_count - 1] = (MPMarshalledSite){ marshalledUser->sites[marshalledUser->sites_count - 1] = (MPMarshalledSite){
.name = siteName, .name = strdup( siteName ),
.content = NULL,
.type = siteType, .type = siteType,
.counter = siteCounter, .counter = siteCounter,
.algorithm = algorithmVersion, .algorithm = algorithmVersion,
@ -83,7 +83,7 @@ MPMarshalledQuestion *mpw_marshal_question(
return NULL; return NULL;
marshalledSite->questions[marshalledSite->questions_count - 1] = (MPMarshalledQuestion){ marshalledSite->questions[marshalledSite->questions_count - 1] = (MPMarshalledQuestion){
.keyword = keyword, .keyword = strdup( keyword ),
}; };
return marshalledSite->questions + sizeof( MPMarshalledSite ) * (marshalledSite->questions_count - 1); return marshalledSite->questions + sizeof( MPMarshalledSite ) * (marshalledSite->questions_count - 1);
} }
@ -91,27 +91,39 @@ MPMarshalledQuestion *mpw_marshal_question(
bool mpw_marshal_free( bool mpw_marshal_free(
MPMarshalledUser *marshalledUser) { MPMarshalledUser *marshalledUser) {
bool success = true;
for (int s = 0; s < marshalledUser->sites_count; ++s) { for (int s = 0; s < marshalledUser->sites_count; ++s) {
MPMarshalledSite site = marshalledUser->sites[s]; MPMarshalledSite site = marshalledUser->sites[s];
if (!mpw_free( site.questions, sizeof( MPMarshalledQuestion ) * site.questions_count )) success &= mpw_free_string( site.name );
return false; for (int q = 0; q < site.questions_count; ++q) {
MPMarshalledQuestion question = site.questions[q];
success &= mpw_free_string( question.keyword );
}
success &= mpw_free( site.questions, sizeof( MPMarshalledQuestion ) * site.questions_count );
} }
if (!mpw_free( marshalledUser->sites, sizeof( MPMarshalledSite ) * marshalledUser->sites_count )) success &= mpw_free( marshalledUser->sites, sizeof( MPMarshalledSite ) * marshalledUser->sites_count );
return false; success &= mpw_free_string( marshalledUser->name );
success &= mpw_free_string( marshalledUser->masterPassword );
success &= mpw_free( marshalledUser, sizeof( MPMarshalledUser ) );
if (!mpw_free( marshalledUser, sizeof( MPMarshalledUser ) )) return success;
return false;
return true;
} }
#define try_asprintf(...) ({ if (asprintf( __VA_ARGS__ ) < 0) return false; }) #define try_asprintf(...) ({ if (asprintf( __VA_ARGS__ ) < 0) return false; })
bool mpw_marshall_write_flat( bool mpw_marshall_write_flat(
char **out, bool redacted, const MPMarshalledUser *marshalledUser) { char **out, const MPMarshalledUser *marshalledUser) {
MPAlgorithmVersion masterKeyAlgorithm = marshalledUser->algorithm;
MPMasterKey masterKey = mpw_masterKeyForUser(
marshalledUser->name, marshalledUser->masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", marshalledUser->name, masterKeyAlgorithm );
return false;
}
try_asprintf( out, "# Master Password site export\n" ); try_asprintf( out, "# Master Password site export\n" );
if (redacted) if (marshalledUser->redacted)
try_asprintf( out, "# Export of site names and passwords in clear-text.\n" ); try_asprintf( out, "# Export of site names and passwords in clear-text.\n" );
else else
try_asprintf( out, "# Export of site names and stored passwords (unless device-private) encrypted with the master key.\n" ); try_asprintf( out, "# Export of site names and stored passwords (unless device-private) encrypted with the master key.\n" );
@ -127,10 +139,10 @@ bool mpw_marshall_write_flat(
try_asprintf( out, "# User Name: %s\n", marshalledUser->name ); try_asprintf( out, "# User Name: %s\n", marshalledUser->name );
try_asprintf( out, "# Full Name: %s\n", marshalledUser->name ); try_asprintf( out, "# Full Name: %s\n", marshalledUser->name );
try_asprintf( out, "# Avatar: %u\n", marshalledUser->avatar ); try_asprintf( out, "# Avatar: %u\n", marshalledUser->avatar );
try_asprintf( out, "# Key ID: %s\n", mpw_id_buf( marshalledUser->key, MPMasterKeySize ) ); try_asprintf( out, "# Key ID: %s\n", mpw_id_buf( masterKey, MPMasterKeySize ) );
try_asprintf( out, "# Algorithm: %d\n", marshalledUser->algorithm ); try_asprintf( out, "# Algorithm: %d\n", marshalledUser->algorithm );
try_asprintf( out, "# Default Type: %d\n", marshalledUser->defaultType ); try_asprintf( out, "# Default Type: %d\n", marshalledUser->defaultType );
try_asprintf( out, "# Passwords: %s\n", redacted? "PROTECTED": "VISIBLE" ); try_asprintf( out, "# Passwords: %s\n", marshalledUser->redacted? "PROTECTED": "VISIBLE" );
try_asprintf( out, "##\n" ); try_asprintf( out, "##\n" );
try_asprintf( out, "#\n" ); try_asprintf( out, "#\n" );
try_asprintf( out, "# Last Times Password Login\t Site\tSite\n" ); try_asprintf( out, "# Last Times Password Login\t Site\tSite\n" );
@ -140,22 +152,48 @@ bool mpw_marshall_write_flat(
for (int s = 0; s < marshalledUser->sites_count; ++s) { for (int s = 0; s < marshalledUser->sites_count; ++s) {
MPMarshalledSite site = marshalledUser->sites[s]; MPMarshalledSite site = marshalledUser->sites[s];
const char *content = NULL; const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL;
if (!redacted && site.type & MPSiteTypeClassGenerated) if (!marshalledUser->redacted) {
content = mpw_passwordForSite( marshalledUser->key, site.name, site.type, site.counter, if (masterKeyAlgorithm != site.algorithm) {
MPSiteVariantPassword, NULL, site.algorithm ); mpw_free( masterKey, MPMasterKeySize );
// TODO: Personal Passwords masterKeyAlgorithm = site.algorithm;
masterKey = mpw_masterKeyForUser(
marshalledUser->name, marshalledUser->masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", marshalledUser->name, masterKeyAlgorithm );
return false;
}
}
if (site.type & MPSiteTypeClassGenerated)
content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter,
MPSiteVariantPassword, NULL, site.algorithm );
else if (content) {
// TODO: Decrypt Personal Passwords
//content = aes128_cbc( masterKey, content );
}
}
if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &site.lastUsed ) )) if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &site.lastUsed ) ))
try_asprintf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n", try_asprintf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n",
dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter, dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter,
site.loginName?: "", site.name, content?: "" ); site.loginName?: "", site.name, content?: "" );
} }
mpw_free( masterKey, MPMasterKeySize );
return true; return true;
} }
bool mpw_marshall_write_json( bool mpw_marshall_write_json(
char **out, bool redacted, const MPMarshalledUser *marshalledUser) { char **out, const MPMarshalledUser *marshalledUser) {
MPAlgorithmVersion masterKeyAlgorithm = marshalledUser->algorithm;
MPMasterKey masterKey = mpw_masterKeyForUser(
marshalledUser->name, marshalledUser->masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", marshalledUser->name, masterKeyAlgorithm );
return false;
}
json_object *json_out = json_object_new_object(); json_object *json_out = json_object_new_object();
@ -163,7 +201,7 @@ bool mpw_marshall_write_json(
json_object *json_export = json_object_new_object(); json_object *json_export = json_object_new_object();
json_object_object_add( json_out, "export", json_export ); json_object_object_add( json_out, "export", json_export );
json_object_object_add( json_export, "format", json_object_new_int( 1 ) ); json_object_object_add( json_export, "format", json_object_new_int( 1 ) );
json_object_object_add( json_export, "redacted", json_object_new_boolean( redacted ) ); json_object_object_add( json_export, "redacted", json_object_new_boolean( marshalledUser->redacted ) );
size_t dateSize = 21; size_t dateSize = 21;
char dateString[dateSize]; char dateString[dateSize];
@ -180,7 +218,7 @@ bool mpw_marshall_write_json(
if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &marshalledUser->lastUsed ) )) if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &marshalledUser->lastUsed ) ))
json_object_object_add( json_user, "last_used", json_object_new_string( dateString ) ); json_object_object_add( json_user, "last_used", json_object_new_string( dateString ) );
json_object_object_add( json_user, "key_id", json_object_new_string( mpw_id_buf( marshalledUser->key, MPMasterKeySize ) ) ); json_object_object_add( json_user, "key_id", json_object_new_string( mpw_id_buf( masterKey, MPMasterKeySize ) ) );
json_object_object_add( json_user, "algorithm", json_object_new_int( marshalledUser->algorithm ) ); json_object_object_add( json_user, "algorithm", json_object_new_int( marshalledUser->algorithm ) );
json_object_object_add( json_user, "default_type", json_object_new_int( marshalledUser->defaultType ) ); json_object_object_add( json_user, "default_type", json_object_new_int( marshalledUser->defaultType ) );
@ -192,13 +230,27 @@ bool mpw_marshall_write_json(
for (int s = 0; s < marshalledUser->sites_count; ++s) { for (int s = 0; s < marshalledUser->sites_count; ++s) {
MPMarshalledSite site = marshalledUser->sites[s]; MPMarshalledSite site = marshalledUser->sites[s];
const char *content = site.content; const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL;
if (!redacted && site.type & MPSiteTypeClassGenerated) if (!marshalledUser->redacted) {
content = mpw_passwordForSite( marshalledUser->key, site.name, site.type, site.counter, if (masterKeyAlgorithm != site.algorithm) {
MPSiteVariantPassword, NULL, site.algorithm ); mpw_free( masterKey, MPMasterKeySize );
// TODO: Personal Passwords masterKeyAlgorithm = site.algorithm;
//else if (redacted && content) masterKey = mpw_masterKeyForUser(
// content = aes128_cbc( marshalledUser->key, content ); marshalledUser->name, marshalledUser->masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", marshalledUser->name, masterKeyAlgorithm );
return false;
}
}
if (site.type & MPSiteTypeClassGenerated)
content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter,
MPSiteVariantPassword, NULL, site.algorithm );
else if (content) {
// TODO: Decrypt Personal Passwords
//content = aes128_cbc( masterKey, content );
}
}
json_object *json_site = json_object_new_object(); json_object *json_site = json_object_new_object();
json_object_object_add( json_sites, site.name, json_site ); json_object_object_add( json_sites, site.name, json_site );
@ -223,9 +275,9 @@ bool mpw_marshall_write_json(
json_object *json_site_question = json_object_new_object(); json_object *json_site_question = json_object_new_object();
json_object_object_add( json_site_questions, question.keyword, json_site_question ); json_object_object_add( json_site_questions, question.keyword, json_site_question );
if (!redacted) if (!marshalledUser->redacted)
json_object_object_add( json_site_question, "answer", json_object_new_string( json_object_object_add( json_site_question, "answer", json_object_new_string(
mpw_passwordForSite( marshalledUser->key, site.name, MPSiteTypeGeneratedPhrase, 1, mpw_passwordForSite( masterKey, site.name, MPSiteTypeGeneratedPhrase, 1,
MPSiteVariantAnswer, question.keyword, site.algorithm ) ) ); MPSiteVariantAnswer, question.keyword, site.algorithm ) ) );
json_object_put( json_site_question ); json_object_put( json_site_question );
} }
@ -241,19 +293,19 @@ bool mpw_marshall_write_json(
try_asprintf( out, "%s\n", json_object_to_json_string_ext( json_out, JSON_C_TO_STRING_PRETTY ) ); try_asprintf( out, "%s\n", json_object_to_json_string_ext( json_out, JSON_C_TO_STRING_PRETTY ) );
json_object_put( json_out ); json_object_put( json_out );
mpw_free( masterKey, MPMasterKeySize );
return true; return true;
} }
bool mpw_marshall_write( bool mpw_marshall_write(
char **out, const MPMarshallFormat outFormat, bool redacted, char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser) {
const MPMarshalledUser *marshalledUser) {
switch (outFormat) { switch (outFormat) {
case MPMarshallFormatFlat: case MPMarshallFormatFlat:
return mpw_marshall_write_flat( out, redacted, marshalledUser ); return mpw_marshall_write_flat( out, marshalledUser );
case MPMarshallFormatJSON: case MPMarshallFormatJSON:
return mpw_marshall_write_json( out, redacted, marshalledUser ); return mpw_marshall_write_json( out, marshalledUser );
} }
return false; return false;
@ -274,16 +326,14 @@ char *mpw_get_token(char **in, char *eol, char *delim) {
} }
MPMarshalledUser *mpw_marshall_read_flat( MPMarshalledUser *mpw_marshall_read_flat(
char *in) { char *in, const char *masterPassword) {
// Parse import data. // Parse import data.
int importFormat = 0; MPMasterKey masterKey = NULL;
MPMarshalledUser *user = NULL; MPMarshalledUser *user = NULL;
unsigned int importAvatar = 0; unsigned int importFormat = 0, importAvatar = 0;
int importKeyID; char *importUserName = NULL, *importKeyID = NULL, *importDate = NULL;
char *importUserName = NULL; MPAlgorithmVersion importAlgorithm = MPAlgorithmVersionCurrent, masterKeyAlgorithm = importAlgorithm;
char *importDate = NULL;
MPAlgorithmVersion importAlgorithm = MPAlgorithmVersionCurrent;
MPSiteType importDefaultType = (MPSiteType)0; MPSiteType importDefaultType = (MPSiteType)0;
bool headerStarted = false, headerEnded = false, importRedacted = false; bool headerStarted = false, headerEnded = false, importRedacted = false;
for (char *endOfLine, *positionInLine = in; (endOfLine = strstr( positionInLine, "\n" )); positionInLine = endOfLine + 1) { for (char *endOfLine, *positionInLine = in; (endOfLine = strstr( positionInLine, "\n" )); positionInLine = endOfLine + 1) {
@ -311,19 +361,21 @@ MPMarshalledUser *mpw_marshall_read_flat(
// Header // Header
char *headerName = mpw_get_token( &positionInLine, endOfLine, ":\n" ); char *headerName = mpw_get_token( &positionInLine, endOfLine, ":\n" );
char *headerValue = mpw_get_token( &positionInLine, endOfLine, "\n" ); char *headerValue = mpw_get_token( &positionInLine, endOfLine, "\n" );
if (!headerName || !headerValue) if (!headerName || !headerValue) {
ftl( "Invalid header: %s\n", strndup( positionInLine, endOfLine - positionInLine ) ); err( "Invalid header: %s\n", strndup( positionInLine, endOfLine - positionInLine ) );
return false;
}
if (strcmp( headerName, "Format" ) == 0) if (strcmp( headerName, "Format" ) == 0)
importFormat = atoi( headerValue ); importFormat = (unsigned int)atoi( headerValue );
if (strcmp( headerName, "Date" ) == 0) if (strcmp( headerName, "Date" ) == 0)
importDate = strdup( headerValue ); importDate = strdup( headerValue );
if (strcmp( headerName, "Full Name" ) == 0 || strcmp( headerName, "User Name" ) == 0) if (strcmp( headerName, "Full Name" ) == 0 || strcmp( headerName, "User Name" ) == 0)
importUserName = strdup( headerValue ); importUserName = strdup( headerValue );
if (strcmp( headerName, "Avatar" ) == 0) if (strcmp( headerName, "Avatar" ) == 0)
importAvatar = (unsigned int)atoi( headerValue ); importAvatar = (unsigned int)atoi( headerValue );
//if (strcmp( headerName, "Key ID" ) == 0) if (strcmp( headerName, "Key ID" ) == 0)
// importKeyID = strdup( headerValue ); importKeyID = strdup( headerValue );
if (strcmp( headerName, "Algorithm" ) == 0) { if (strcmp( headerName, "Algorithm" ) == 0) {
int importAlgorithmInt = atoi( headerValue ); int importAlgorithmInt = atoi( headerValue );
if (importAlgorithmInt < MPAlgorithmVersionFirst || importAlgorithmInt > MPAlgorithmVersionLast) if (importAlgorithmInt < MPAlgorithmVersionFirst || importAlgorithmInt > MPAlgorithmVersionLast)
@ -335,20 +387,38 @@ MPMarshalledUser *mpw_marshall_read_flat(
if (strcmp( headerName, "Passwords" ) == 0) if (strcmp( headerName, "Passwords" ) == 0)
importRedacted = strcmp( headerValue, "VISIBLE" ) != 0; importRedacted = strcmp( headerValue, "VISIBLE" ) != 0;
mpw_free_string( headerName );
mpw_free_string( headerValue );
continue; continue;
} }
if (!headerEnded) if (!headerEnded)
continue; continue;
if (!importUserName) if (!importUserName) {
ftl( "Missing header: Full Name\n" ); //MPImportResultMalformedInput; err( "Missing header: Full Name\n" );
return false;
}
if (positionInLine >= endOfLine) if (positionInLine >= endOfLine)
continue; continue;
if (!user) { if (!user) {
if (!(user = mpw_marshall_user( importUserName, NULL, importAlgorithm ))) mpw_free( masterKey, MPMasterKeySize );
ftl( "Couldn't allocate a new user." ); masterKeyAlgorithm = importAlgorithm;
masterKey = mpw_masterKeyForUser(
importUserName, masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", importUserName, masterKeyAlgorithm );
return false;
}
if (importKeyID && strcmp( importKeyID, mpw_id_buf( masterKey, MPMasterKeySize ) ) != 0) {
err( "Incorrect master password for user import file.\n" );
return false;
}
if (!(user = mpw_marshall_user( importUserName, masterPassword, importAlgorithm ))) {
err( "Couldn't allocate a new user." );
return false;
}
//user.key = importKeyID; user->redacted = importRedacted;
user->avatar = importAvatar; user->avatar = importAvatar;
user->defaultType = importDefaultType; user->defaultType = importDefaultType;
} }
@ -367,8 +437,8 @@ MPMarshalledUser *mpw_marshall_read_flat(
version = strdup( strtok( NULL, "" ) ); version = strdup( strtok( NULL, "" ) );
mpw_free_string( typeAndVersion ); mpw_free_string( typeAndVersion );
} }
counter = ""; counter = strdup( "1" );
loginName = ""; loginName = NULL;
siteName = mpw_get_token( &positionInLine, endOfLine, "\t\n" ); siteName = mpw_get_token( &positionInLine, endOfLine, "\t\n" );
exportContent = mpw_get_token( &positionInLine, endOfLine, "\n" ); exportContent = mpw_get_token( &positionInLine, endOfLine, "\n" );
break; break;
@ -389,14 +459,33 @@ MPMarshalledUser *mpw_marshall_read_flat(
break; break;
} }
default: { default: {
ftl( "Unexpected import format: %lu\n", (unsigned long)importFormat ); err( "Unexpected import format: %lu\n", (unsigned long)importFormat );
return false;
} }
} }
if (siteName && type && counter && version && uses && lastUsed) { if (siteName && type && counter && version && uses && lastUsed) {
MPMarshalledSite *site = mpw_marshall_site( user, siteName, MPMarshalledSite *site = mpw_marshall_site( user, siteName,
(MPSiteType)atoi( type ), (uint32_t)atoi( counter ), (MPAlgorithmVersion)atoi( version ) ); (MPSiteType)atoi( type ), (uint32_t)atoi( counter ), (MPAlgorithmVersion)atoi( version ) );
site->content = exportContent; if (exportContent) {
if (user->redacted) {
if (masterKeyAlgorithm != site->algorithm) {
mpw_free( masterKey, MPMasterKeySize );
masterKeyAlgorithm = site->algorithm;
masterKey = mpw_masterKeyForUser(
user->name, user->masterPassword, masterKeyAlgorithm );
if (!masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", user->name, masterKeyAlgorithm );
return false;
}
}
// TODO: Encrypt Personal Passwords
//site->content = aes128_cbc( masterKey, exportContent );
} else
site->content = exportContent;
}
site->loginName = loginName; site->loginName = loginName;
site->uses = (unsigned int)atoi( uses ); site->uses = (unsigned int)atoi( uses );
struct tm lastUsed_tm = { .tm_isdst = -1, .tm_gmtoff = 0 }; struct tm lastUsed_tm = { .tm_isdst = -1, .tm_gmtoff = 0 };
@ -410,25 +499,39 @@ MPMarshalledUser *mpw_marshall_read_flat(
else else
wrn( "Skipping: lastUsed=%s, uses=%s, type=%s, version=%s, counter=%s, loginName=%s, siteName=%s\n", wrn( "Skipping: lastUsed=%s, uses=%s, type=%s, version=%s, counter=%s, loginName=%s, siteName=%s\n",
lastUsed, uses, type, version, counter, loginName, siteName ); lastUsed, uses, type, version, counter, loginName, siteName );
mpw_free_string( lastUsed );
mpw_free_string( uses );
mpw_free_string( type );
mpw_free_string( version );
mpw_free_string( counter );
mpw_free_string( loginName );
mpw_free_string( siteName );
mpw_free_string( exportContent );
} }
mpw_free( masterKey, MPMasterKeySize );
mpw_free_string( importUserName );
mpw_free_string( importKeyID );
mpw_free_string( importDate );
return user; return user;
} }
MPMarshalledUser *mpw_marshall_read_json( MPMarshalledUser *mpw_marshall_read_json(
char *in) { char *in, const char *masterPassword) {
return NULL; return NULL;
} }
MPMarshalledUser *mpw_marshall_read( MPMarshalledUser *mpw_marshall_read(
char *in, const MPMarshallFormat outFormat) { char *in, const MPMarshallFormat inFormat, const char *masterPassword) {
switch (outFormat) { switch (inFormat) {
case MPMarshallFormatFlat: case MPMarshallFormatFlat:
return mpw_marshall_read_flat( in ); return mpw_marshall_read_flat( in, masterPassword );
case MPMarshallFormatJSON: case MPMarshallFormatJSON:
return mpw_marshall_read_json( in ); return mpw_marshall_read_json( in, masterPassword );
} }
return NULL; return NULL;

10
core/c/mpw-marshall.h
View File

@ -59,8 +59,9 @@ typedef struct MPMarshalledSite {
typedef struct MPMarshalledUser { typedef struct MPMarshalledUser {
const char *name; const char *name;
MPMasterKey key; const char *masterPassword;
MPAlgorithmVersion algorithm; MPAlgorithmVersion algorithm;
bool redacted;
unsigned int avatar; unsigned int avatar;
MPSiteType defaultType; MPSiteType defaultType;
@ -73,18 +74,17 @@ typedef struct MPMarshalledUser {
//// Marshalling. //// Marshalling.
bool mpw_marshall_write( bool mpw_marshall_write(
char **out, const MPMarshallFormat outFormat, bool redacted, char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser);
const MPMarshalledUser *marshalledUser);
//// Unmarshalling. //// Unmarshalling.
MPMarshalledUser *mpw_marshall_read( MPMarshalledUser *mpw_marshall_read(
char *in, const MPMarshallFormat outFormat); char *in, const MPMarshallFormat inFormat, const char *masterPassword);
//// Utilities. //// Utilities.
MPMarshalledUser *mpw_marshall_user( MPMarshalledUser *mpw_marshall_user(
const char *fullName, MPMasterKey masterKey, const MPAlgorithmVersion algorithmVersion); const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion);
MPMarshalledSite *mpw_marshall_site( MPMarshalledSite *mpw_marshall_site(
MPMarshalledUser *marshalledUser, MPMarshalledUser *marshalledUser,
const char *siteName, const MPSiteType siteType, const uint32_t siteCounter, const MPAlgorithmVersion algorithmVersion); const char *siteName, const MPSiteType siteType, const uint32_t siteCounter, const MPAlgorithmVersion algorithmVersion);

1
core/c/mpw-types.h
View File

@ -32,6 +32,7 @@
#define MPMasterKeySize 64 #define MPMasterKeySize 64
typedef const uint8_t *MPMasterKey; typedef const uint8_t *MPMasterKey;
typedef const char *MPMasterKeyID;
typedef enum( unsigned int, MPSiteVariant ) { typedef enum( unsigned int, MPSiteVariant ) {
/** Generate a key for authentication. */ /** Generate a key for authentication. */

2
platform-independent/cli-c/cli/mpw-bench.c
View File

@ -58,7 +58,7 @@ int main(int argc, char *const argv[]) {
struct timeval startTime; struct timeval startTime;
unsigned int iterations; unsigned int iterations;
float percent; float percent;
const uint8_t *masterKey; MPMasterKey masterKey;
// Start HMAC-SHA-256 // Start HMAC-SHA-256
// Similar to phase-two of mpw // Similar to phase-two of mpw

97
platform-independent/cli-c/cli/mpw-cli.c
View File

@ -200,45 +200,74 @@ int main(int argc, char *const argv[]) {
while (!masterPassword || !strlen( masterPassword )) while (!masterPassword || !strlen( masterPassword ))
masterPassword = getpass( "Your master password: " ); masterPassword = getpass( "Your master password: " );
// Read defaults for fullName user from config. // Find the user's sites file.
char *mpwSitesPath = mpwPath( fullName, "mpsites" ); FILE *mpwSites = NULL;
if (!mpwSitesPath) MPMarshallFormat mpwSitesFormat = MPMarshallFormatJSON;
wrn( "Couldn't resolve path for configuration file: %d\n", errno ); char *mpwSitesPath = mpwPath( fullName, "mpsites.json" );
if (!mpwSitesPath || !(mpwSites = fopen( mpwSitesPath, "r" ))) {
else {
FILE *mpwSites = fopen( mpwSitesPath, "r" );
free( mpwSitesPath ); free( mpwSitesPath );
if (!mpwSites) mpwSitesFormat = MPMarshallFormatFlat;
mpwSitesPath = mpwPath( fullName, "mpsites" );
if (!mpwSitesPath || !(mpwSites = fopen( mpwSitesPath, "r" )))
dbg( "Couldn't open configuration file: %s: %d\n", mpwSitesPath, errno ); dbg( "Couldn't open configuration file: %s: %d\n", mpwSitesPath, errno );
}
free( mpwSitesPath );
// Read the user's sites file.
if (mpwSites) {
// Read file.
size_t readAmount = 4096, bufSize = 0, bufPointer = 0, readSize = 0;
char *buf = NULL;
while ((buf = realloc( buf, bufSize += readAmount )) &&
(bufPointer += (readSize = fread( buf + bufPointer, 1, readAmount, mpwSites ))) &&
(readSize == readAmount));
if (ferror( mpwSites ))
wrn( "Error while reading configuration file: %s: %d", mpwSitesPath, ferror( mpwSites ) );
fclose( mpwSites );
// Parse file.
MPMarshalledUser *user = mpw_marshall_read( buf, mpwSitesFormat, masterPassword );
mpw_free_string( buf );
if (!user)
wrn( "Couldn't parse configuration file: %s\n", mpwSitesPath );
else { else {
size_t readAmount = 4096, bufSize = 0, bufPointer = 0, readSize = 0; // Load defaults.
void *buf = NULL; mpw_free_string( fullName );
while ((buf = realloc( buf, bufSize += readAmount )) && mpw_free_string( masterPassword );
(bufPointer += (readSize = fread( buf + bufPointer, 1, readAmount, mpwSites ))) && fullName = strdup( user->name );
(readSize == readAmount)); masterPassword = strdup( user->masterPassword );
algorithmVersion = user->algorithm;
// Load personal defaults from user config. siteType = user->defaultType;
MPMarshalledUser *user = mpw_marshall_read( buf, MPMarshallFormatFlat ); for (int s = 0; s < user->sites_count; ++s) {
if (!user) MPMarshalledSite site = user->sites[s];
wrn( "Couldn't parse configuration file: %s\n", mpwSitesPath ); if (strcmp( siteName, site.name ) == 0) {
siteType = site.type;
else { siteCounter = site.counter;
fullName = user->name; algorithmVersion = site.algorithm;
algorithmVersion = user->algorithm; break;
siteType = user->defaultType;
for (int s = 0; s < user->sites_count; ++s) {
MPMarshalledSite site = user->sites[s];
if (strcmp( siteName, site.name ) == 0) {
siteType = site.type;
siteCounter = site.counter;
algorithmVersion = site.algorithm;
break;
}
} }
mpw_marshal_free( user );
} }
// Current format is not current, write out a new current format config file.
if (mpwSitesFormat != MPMarshallFormatJSON) {
mpwSitesPath = mpwPath( fullName, "mpsites.json" );
if (!mpwSitesPath || !(mpwSites = fopen( mpwSitesPath, "w" )))
wrn( "Couldn't create updated configuration file: %s: %d\n", mpwSitesPath, errno );
else {
buf = NULL;
if (!mpw_marshall_write( &buf, MPMarshallFormatJSON, user ))
wrn( "Couldn't encode updated configuration file." );
else if (fwrite( buf, sizeof( char ), strlen( buf ), mpwSites ) != strlen( buf ))
wrn( "Error while writing updated configuration file: %s: %d\n", mpwSitesPath, ferror( mpwSites ) );
mpw_free_string( buf );
fclose( mpwSites );
}
}
mpw_marshal_free( user );
} }
} }
@ -281,7 +310,7 @@ int main(int argc, char *const argv[]) {
mpw_free_string( identicon ); mpw_free_string( identicon );
// Output the password. // Output the password.
const uint8_t *masterKey = mpw_masterKeyForUser( MPMasterKey masterKey = mpw_masterKeyForUser(
fullName, masterPassword, algorithmVersion ); fullName, masterPassword, algorithmVersion );
mpw_free_string( masterPassword ); mpw_free_string( masterPassword );
mpw_free_string( fullName ); mpw_free_string( fullName );