skylab/MasterPassword
2
0
Fork 0
Code Releases Activity

Wipe masterPassword on authentication & misc improvements.

Browse Source
This commit is contained in:
Maarten Billemont 2018-05-19 11:45:18 -04:00
parent cbf277c493
commit 1bd61759bf
5 changed files with 9 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/java/algorithm/src/main/java/com/lyndir/masterpassword/MPAlgorithm.java
View File

@ -77,7 +77,7 @@ public abstract class MPAlgorithm {
* for the case where {@code resultType} is a {@link MPResultTypeClass#Stateful}. * for the case where {@code resultType} is a {@link MPResultTypeClass#Stateful}.
*/ */
public abstract String siteResultFromState(byte[] masterKey, byte[] siteKey, public abstract String siteResultFromState(byte[] masterKey, byte[] siteKey,
MPResultType resultType, @Nullable String resultParam); MPResultType resultType, String resultParam);
/** /**
* The result for {@link #siteResult(byte[], byte[], String, UnsignedInteger, MPKeyPurpose, String, MPResultType, String)} * The result for {@link #siteResult(byte[], byte[], String, UnsignedInteger, MPKeyPurpose, String, MPResultType, String)}

7
core/java/algorithm/src/main/java/com/lyndir/masterpassword/MPMasterKey.java
View File

@ -44,13 +44,14 @@ public class MPMasterKey {
/** /**
* @param masterPassword The characters of the user's master password. * @param masterPassword The characters of the user's master password.
* Note: this array is held by reference and its contents invalidated on {@link #invalidate()}. * <b>Note: this method destroys the contents of the array.</b>
*/ */
@SuppressWarnings("AssignmentToCollectionOrArrayFieldFromParameter") @SuppressWarnings("AssignmentToCollectionOrArrayFieldFromParameter")
public MPMasterKey(final String fullName, final char[] masterPassword) { public MPMasterKey(final String fullName, final char[] masterPassword) {
this.fullName = fullName; this.fullName = fullName;
this.masterPassword = masterPassword; this.masterPassword = masterPassword.clone();
Arrays.fill( masterPassword, (char) 0 );
} }
@Nonnull @Nonnull
@ -162,7 +163,7 @@ public class MPMasterKey {
*/ */
public String siteState(final String siteName, final MPAlgorithm algorithm, final UnsignedInteger siteCounter, public String siteState(final String siteName, final MPAlgorithm algorithm, final UnsignedInteger siteCounter,
final MPKeyPurpose keyPurpose, @Nullable final String keyContext, final MPKeyPurpose keyPurpose, @Nullable final String keyContext,
final MPResultType resultType, @Nullable final String resultParam) final MPResultType resultType, final String resultParam)
throws MPKeyUnavailableException { throws MPKeyUnavailableException {
Preconditions.checkNotNull( resultParam ); Preconditions.checkNotNull( resultParam );

4
core/java/algorithm/src/main/java/com/lyndir/masterpassword/impl/MPAlgorithmV0.java
View File

@ -125,7 +125,7 @@ public class MPAlgorithmV0 extends MPAlgorithm {
case Template: case Template:
return siteResultFromTemplate( masterKey, siteKey, resultType, resultParam ); return siteResultFromTemplate( masterKey, siteKey, resultType, resultParam );
case Stateful: case Stateful:
return siteResultFromState( masterKey, siteKey, resultType, resultParam ); return siteResultFromState( masterKey, siteKey, resultType, Preconditions.checkNotNull( resultParam ) );
case Derive: case Derive:
return siteResultFromDerive( masterKey, siteKey, resultType, resultParam ); return siteResultFromDerive( masterKey, siteKey, resultType, resultParam );
} }
@ -170,7 +170,7 @@ public class MPAlgorithmV0 extends MPAlgorithm {
@Override @Override
public String siteResultFromState(final byte[] masterKey, final byte[] siteKey, public String siteResultFromState(final byte[] masterKey, final byte[] siteKey,
final MPResultType resultType, @Nullable final String resultParam) { final MPResultType resultType, final String resultParam) {
Preconditions.checkNotNull( resultParam ); Preconditions.checkNotNull( resultParam );
Preconditions.checkArgument( !resultParam.isEmpty() ); Preconditions.checkArgument( !resultParam.isEmpty() );

1
core/java/model/src/main/java/com/lyndir/masterpassword/model/MPUser.java
View File

@ -57,6 +57,7 @@ public interface MPUser<S extends MPSite<?>> extends Comparable<MPUser<?>> {
* Note: If a keyID is not set, authentication will always succeed and the keyID will be set to match the given master password. * Note: If a keyID is not set, authentication will always succeed and the keyID will be set to match the given master password.
* *
* @param masterPassword The password to authenticate with. * @param masterPassword The password to authenticate with.
* You cannot re-use this array after passing it in, authentication will destroy its contents.
* *
* @throws MPIncorrectMasterPasswordException If authentication fails due to the given master password not matching the user's keyID. * @throws MPIncorrectMasterPasswordException If authentication fails due to the given master password not matching the user's keyID.
*/ */

2
core/java/model/src/main/java/com/lyndir/masterpassword/model/impl/MPBasicSite.java
View File

@ -123,7 +123,7 @@ public abstract class MPBasicSite<Q extends MPQuestion> implements MPSite<Q> {
} }
protected String getState(final MPKeyPurpose keyPurpose, @Nullable final String keyContext, protected String getState(final MPKeyPurpose keyPurpose, @Nullable final String keyContext,
@Nullable final UnsignedInteger counter, final MPResultType type, @Nullable final String state) @Nullable final UnsignedInteger counter, final MPResultType type, final String state)
throws MPKeyUnavailableException { throws MPKeyUnavailableException {
return getUser().getMasterKey().siteState( return getUser().getMasterKey().siteState(