2
0

C API for hybrid passwords.

This commit is contained in:
Maarten Billemont 2017-08-04 10:43:46 -04:00
parent d6415277d0
commit 228f8e4ed1
7 changed files with 115 additions and 15 deletions

View File

@ -84,3 +84,45 @@ const char *mpw_sitePassword(
return NULL; return NULL;
} }
} }
const char *mpw_encrypt(
MPMasterKey masterKey, const char *plainText, const MPAlgorithmVersion algorithmVersion) {
if (!masterKey || !plainText)
return NULL;
switch (algorithmVersion) {
case MPAlgorithmVersion0:
return mpw_encrypt_v0( masterKey, plainText );
case MPAlgorithmVersion1:
return mpw_encrypt_v1( masterKey, plainText );
case MPAlgorithmVersion2:
return mpw_encrypt_v2( masterKey, plainText );
case MPAlgorithmVersion3:
return mpw_encrypt_v3( masterKey, plainText );
default:
err( "Unsupported version: %d\n", algorithmVersion );
return NULL;
}
}
const char *mpw_decrypt(
MPMasterKey masterKey, const char *cipherText, const MPAlgorithmVersion algorithmVersion) {
if (!masterKey || !cipherText)
return NULL;
switch (algorithmVersion) {
case MPAlgorithmVersion0:
return mpw_decrypt_v0( masterKey, cipherText );
case MPAlgorithmVersion1:
return mpw_decrypt_v1( masterKey, cipherText );
case MPAlgorithmVersion2:
return mpw_decrypt_v2( masterKey, cipherText );
case MPAlgorithmVersion3:
return mpw_decrypt_v3( masterKey, cipherText );
default:
err( "Unsupported version: %d\n", algorithmVersion );
return NULL;
}
}

View File

@ -53,4 +53,14 @@ MPSiteKey mpw_siteKey(
const char *mpw_sitePassword( const char *mpw_sitePassword(
MPSiteKey siteKey, const MPPasswordType passwordType, const MPAlgorithmVersion algorithmVersion); MPSiteKey siteKey, const MPPasswordType passwordType, const MPAlgorithmVersion algorithmVersion);
/** Perform symmetric encryption on a secret token's plainText.
* @return The newly allocated cipherText of the secret token encrypted by the masterKey. */
const char *mpw_encrypt(
MPMasterKey masterKey, const char *plainText, const MPAlgorithmVersion algorithmVersion);
/** Perform symmetric decryption on a secret token's cipherText.
* @return The newly allocated plainText of the secret token decrypted by the masterKey. */
const char *mpw_decrypt(
MPMasterKey masterKey, const char *cipherText, const MPAlgorithmVersion algorithmVersion);
#endif // _MPW_ALGORITHM_H #endif // _MPW_ALGORITHM_H

View File

@ -151,3 +151,15 @@ static const char *mpw_sitePassword_v0(
return sitePassword; return sitePassword;
} }
const char *mpw_encrypt_v0(
MPMasterKey masterKey, const char *plainText) {
return NULL; // TODO: aes128_cbc
}
const char *mpw_decrypt_v0(
MPMasterKey masterKey, const char *cipherText) {
return NULL; // TODO: aes128_cbc
}

View File

@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v1(
return sitePassword; return sitePassword;
} }
const char *mpw_encrypt_v1(
MPMasterKey masterKey, const char *plainText) {
return NULL; // TODO: aes128_cbc
}
const char *mpw_decrypt_v1(
MPMasterKey masterKey, const char *cipherText) {
return NULL; // TODO: aes128_cbc
}

View File

@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v2(
return sitePassword; return sitePassword;
} }
const char *mpw_encrypt_v2(
MPMasterKey masterKey, const char *plainText) {
return NULL; // TODO: aes128_cbc
}
const char *mpw_decrypt_v2(
MPMasterKey masterKey, const char *cipherText) {
return NULL; // TODO: aes128_cbc
}

View File

@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v3(
return sitePassword; return sitePassword;
} }
const char *mpw_encrypt_v3(
MPMasterKey masterKey, const char *plainText) {
return NULL; // TODO: aes128_cbc
}
const char *mpw_decrypt_v3(
MPMasterKey masterKey, const char *cipherText) {
return NULL; // TODO: aes128_cbc
}

View File

@ -159,7 +159,7 @@ static bool mpw_marshall_write_flat(
if (!site.name || !strlen( site.name )) if (!site.name || !strlen( site.name ))
continue; continue;
const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL; const char *content = NULL;
if (!user->redacted) { if (!user->redacted) {
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) { if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." }; *error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
@ -171,16 +171,16 @@ static bool mpw_marshall_write_flat(
content = mpw_sitePassword( siteKey, site.type, site.algorithm ); content = mpw_sitePassword( siteKey, site.type, site.algorithm );
mpw_free( siteKey, MPSiteKeySize ); mpw_free( siteKey, MPSiteKeySize );
} }
else if (content) { else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
// TODO: Decrypt Personal Passwords content = mpw_decrypt( masterKey, site.content, site.algorithm );
//content = aes128_cbc( masterKey, content ); } else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
} content = strdup( site.content );
}
if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) )) if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) ))
mpw_string_pushf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n", mpw_string_pushf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n",
dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter, dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter,
site.loginName?: "", site.name, content?: "" ); site.loginName?: "", site.name, content?: "" );
mpw_free_string( content );
} }
mpw_free( masterKey, MPMasterKeySize ); mpw_free( masterKey, MPMasterKeySize );
@ -240,7 +240,7 @@ static bool mpw_marshall_write_json(
if (!site.name || !strlen( site.name )) if (!site.name || !strlen( site.name ))
continue; continue;
const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL; const char *content = NULL;
if (!user->redacted) { if (!user->redacted) {
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) { if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." }; *error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
@ -252,11 +252,11 @@ static bool mpw_marshall_write_json(
content = mpw_sitePassword( siteKey, site.type, site.algorithm ); content = mpw_sitePassword( siteKey, site.type, site.algorithm );
mpw_free( siteKey, MPSiteKeySize ); mpw_free( siteKey, MPSiteKeySize );
} }
else if (content) { else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
// TODO: Decrypt Personal Passwords content = mpw_decrypt( masterKey, site.content, site.algorithm );
//content = aes128_cbc( masterKey, content );
}
} }
else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
content = strdup( site.content );
json_object *json_site = json_object_new_object(); json_object *json_site = json_object_new_object();
json_object_object_add( json_sites, site.name, json_site ); json_object_object_add( json_sites, site.name, json_site );
@ -296,6 +296,8 @@ static bool mpw_marshall_write_json(
json_object_object_add( json_site, "_ext_mpw", json_site_mpw ); json_object_object_add( json_site, "_ext_mpw", json_site_mpw );
if (site.url) if (site.url)
json_object_object_add( json_site_mpw, "url", json_object_new_string( site.url ) ); json_object_object_add( json_site_mpw, "url", json_object_new_string( site.url ) );
mpw_free_string( content );
} }
mpw_string_pushf( out, "%s\n", json_object_to_json_string_ext( json_file, JSON_C_TO_STRING_PRETTY | JSON_C_TO_STRING_SPACED ) ); mpw_string_pushf( out, "%s\n", json_object_to_json_string_ext( json_file, JSON_C_TO_STRING_PRETTY | JSON_C_TO_STRING_SPACED ) );
@ -504,8 +506,7 @@ static MPMarshalledUser *mpw_marshall_read_flat(
return NULL; return NULL;
} }
// TODO: Encrypt Personal Passwords site->content = mpw_encrypt( masterKey, siteContent, site->algorithm );
//site->content = aes128_cbc( masterKey, exportContent );
} }
else else
site->content = strdup( siteContent ); site->content = strdup( siteContent );
@ -658,8 +659,7 @@ static MPMarshalledUser *mpw_marshall_read_json(
return NULL; return NULL;
} }
// TODO: Encrypt Personal Passwords site->content = mpw_encrypt( masterKey, siteContent, site->algorithm );
//site->content = aes128_cbc( masterKey, exportContent );
} }
else else
site->content = strdup( siteContent ); site->content = strdup( siteContent );