C API for hybrid passwords.
This commit is contained in:
parent
d6415277d0
commit
228f8e4ed1
@ -84,3 +84,45 @@ const char *mpw_sitePassword(
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *mpw_encrypt(
|
||||||
|
MPMasterKey masterKey, const char *plainText, const MPAlgorithmVersion algorithmVersion) {
|
||||||
|
|
||||||
|
if (!masterKey || !plainText)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
switch (algorithmVersion) {
|
||||||
|
case MPAlgorithmVersion0:
|
||||||
|
return mpw_encrypt_v0( masterKey, plainText );
|
||||||
|
case MPAlgorithmVersion1:
|
||||||
|
return mpw_encrypt_v1( masterKey, plainText );
|
||||||
|
case MPAlgorithmVersion2:
|
||||||
|
return mpw_encrypt_v2( masterKey, plainText );
|
||||||
|
case MPAlgorithmVersion3:
|
||||||
|
return mpw_encrypt_v3( masterKey, plainText );
|
||||||
|
default:
|
||||||
|
err( "Unsupported version: %d\n", algorithmVersion );
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *mpw_decrypt(
|
||||||
|
MPMasterKey masterKey, const char *cipherText, const MPAlgorithmVersion algorithmVersion) {
|
||||||
|
|
||||||
|
if (!masterKey || !cipherText)
|
||||||
|
return NULL;
|
||||||
|
|
||||||
|
switch (algorithmVersion) {
|
||||||
|
case MPAlgorithmVersion0:
|
||||||
|
return mpw_decrypt_v0( masterKey, cipherText );
|
||||||
|
case MPAlgorithmVersion1:
|
||||||
|
return mpw_decrypt_v1( masterKey, cipherText );
|
||||||
|
case MPAlgorithmVersion2:
|
||||||
|
return mpw_decrypt_v2( masterKey, cipherText );
|
||||||
|
case MPAlgorithmVersion3:
|
||||||
|
return mpw_decrypt_v3( masterKey, cipherText );
|
||||||
|
default:
|
||||||
|
err( "Unsupported version: %d\n", algorithmVersion );
|
||||||
|
return NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
@ -53,4 +53,14 @@ MPSiteKey mpw_siteKey(
|
|||||||
const char *mpw_sitePassword(
|
const char *mpw_sitePassword(
|
||||||
MPSiteKey siteKey, const MPPasswordType passwordType, const MPAlgorithmVersion algorithmVersion);
|
MPSiteKey siteKey, const MPPasswordType passwordType, const MPAlgorithmVersion algorithmVersion);
|
||||||
|
|
||||||
|
/** Perform symmetric encryption on a secret token's plainText.
|
||||||
|
* @return The newly allocated cipherText of the secret token encrypted by the masterKey. */
|
||||||
|
const char *mpw_encrypt(
|
||||||
|
MPMasterKey masterKey, const char *plainText, const MPAlgorithmVersion algorithmVersion);
|
||||||
|
|
||||||
|
/** Perform symmetric decryption on a secret token's cipherText.
|
||||||
|
* @return The newly allocated plainText of the secret token decrypted by the masterKey. */
|
||||||
|
const char *mpw_decrypt(
|
||||||
|
MPMasterKey masterKey, const char *cipherText, const MPAlgorithmVersion algorithmVersion);
|
||||||
|
|
||||||
#endif // _MPW_ALGORITHM_H
|
#endif // _MPW_ALGORITHM_H
|
||||||
|
@ -151,3 +151,15 @@ static const char *mpw_sitePassword_v0(
|
|||||||
|
|
||||||
return sitePassword;
|
return sitePassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *mpw_encrypt_v0(
|
||||||
|
MPMasterKey masterKey, const char *plainText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *mpw_decrypt_v0(
|
||||||
|
MPMasterKey masterKey, const char *cipherText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v1(
|
|||||||
|
|
||||||
return sitePassword;
|
return sitePassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *mpw_encrypt_v1(
|
||||||
|
MPMasterKey masterKey, const char *plainText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *mpw_decrypt_v1(
|
||||||
|
MPMasterKey masterKey, const char *cipherText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v2(
|
|||||||
|
|
||||||
return sitePassword;
|
return sitePassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *mpw_encrypt_v2(
|
||||||
|
MPMasterKey masterKey, const char *plainText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *mpw_decrypt_v2(
|
||||||
|
MPMasterKey masterKey, const char *cipherText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
@ -132,3 +132,15 @@ static const char *mpw_sitePassword_v3(
|
|||||||
|
|
||||||
return sitePassword;
|
return sitePassword;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *mpw_encrypt_v3(
|
||||||
|
MPMasterKey masterKey, const char *plainText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
|
||||||
|
const char *mpw_decrypt_v3(
|
||||||
|
MPMasterKey masterKey, const char *cipherText) {
|
||||||
|
|
||||||
|
return NULL; // TODO: aes128_cbc
|
||||||
|
}
|
||||||
|
@ -159,7 +159,7 @@ static bool mpw_marshall_write_flat(
|
|||||||
if (!site.name || !strlen( site.name ))
|
if (!site.name || !strlen( site.name ))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL;
|
const char *content = NULL;
|
||||||
if (!user->redacted) {
|
if (!user->redacted) {
|
||||||
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
|
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
|
||||||
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
|
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
|
||||||
@ -171,16 +171,16 @@ static bool mpw_marshall_write_flat(
|
|||||||
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
|
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
|
||||||
mpw_free( siteKey, MPSiteKeySize );
|
mpw_free( siteKey, MPSiteKeySize );
|
||||||
}
|
}
|
||||||
else if (content) {
|
else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
|
||||||
// TODO: Decrypt Personal Passwords
|
content = mpw_decrypt( masterKey, site.content, site.algorithm );
|
||||||
//content = aes128_cbc( masterKey, content );
|
} else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
|
||||||
}
|
content = strdup( site.content );
|
||||||
}
|
|
||||||
|
|
||||||
if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) ))
|
if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) ))
|
||||||
mpw_string_pushf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n",
|
mpw_string_pushf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n",
|
||||||
dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter,
|
dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter,
|
||||||
site.loginName?: "", site.name, content?: "" );
|
site.loginName?: "", site.name, content?: "" );
|
||||||
|
mpw_free_string( content );
|
||||||
}
|
}
|
||||||
mpw_free( masterKey, MPMasterKeySize );
|
mpw_free( masterKey, MPMasterKeySize );
|
||||||
|
|
||||||
@ -240,7 +240,7 @@ static bool mpw_marshall_write_json(
|
|||||||
if (!site.name || !strlen( site.name ))
|
if (!site.name || !strlen( site.name ))
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL;
|
const char *content = NULL;
|
||||||
if (!user->redacted) {
|
if (!user->redacted) {
|
||||||
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
|
if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) {
|
||||||
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
|
*error = (MPMarshallError){ MPMarshallErrorInternal, "Couldn't derive master key." };
|
||||||
@ -252,11 +252,11 @@ static bool mpw_marshall_write_json(
|
|||||||
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
|
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
|
||||||
mpw_free( siteKey, MPSiteKeySize );
|
mpw_free( siteKey, MPSiteKeySize );
|
||||||
}
|
}
|
||||||
else if (content) {
|
else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
|
||||||
// TODO: Decrypt Personal Passwords
|
content = mpw_decrypt( masterKey, site.content, site.algorithm );
|
||||||
//content = aes128_cbc( masterKey, content );
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
else if (site.type & MPSiteFeatureExportContent && site.content && strlen( site.content ))
|
||||||
|
content = strdup( site.content );
|
||||||
|
|
||||||
json_object *json_site = json_object_new_object();
|
json_object *json_site = json_object_new_object();
|
||||||
json_object_object_add( json_sites, site.name, json_site );
|
json_object_object_add( json_sites, site.name, json_site );
|
||||||
@ -296,6 +296,8 @@ static bool mpw_marshall_write_json(
|
|||||||
json_object_object_add( json_site, "_ext_mpw", json_site_mpw );
|
json_object_object_add( json_site, "_ext_mpw", json_site_mpw );
|
||||||
if (site.url)
|
if (site.url)
|
||||||
json_object_object_add( json_site_mpw, "url", json_object_new_string( site.url ) );
|
json_object_object_add( json_site_mpw, "url", json_object_new_string( site.url ) );
|
||||||
|
|
||||||
|
mpw_free_string( content );
|
||||||
}
|
}
|
||||||
|
|
||||||
mpw_string_pushf( out, "%s\n", json_object_to_json_string_ext( json_file, JSON_C_TO_STRING_PRETTY | JSON_C_TO_STRING_SPACED ) );
|
mpw_string_pushf( out, "%s\n", json_object_to_json_string_ext( json_file, JSON_C_TO_STRING_PRETTY | JSON_C_TO_STRING_SPACED ) );
|
||||||
@ -504,8 +506,7 @@ static MPMarshalledUser *mpw_marshall_read_flat(
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Encrypt Personal Passwords
|
site->content = mpw_encrypt( masterKey, siteContent, site->algorithm );
|
||||||
//site->content = aes128_cbc( masterKey, exportContent );
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
site->content = strdup( siteContent );
|
site->content = strdup( siteContent );
|
||||||
@ -658,8 +659,7 @@ static MPMarshalledUser *mpw_marshall_read_json(
|
|||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Encrypt Personal Passwords
|
site->content = mpw_encrypt( masterKey, siteContent, site->algorithm );
|
||||||
//site->content = aes128_cbc( masterKey, exportContent );
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
site->content = strdup( siteContent );
|
site->content = strdup( siteContent );
|
||||||
|
Loading…
Reference in New Issue
Block a user