skylab/MasterPassword
2
0
Fork 0
Code Releases Activity

Split the API into the three distinct phases of the mpw algorithm.

Browse Source
This commit is contained in:
Maarten Billemont 2017-08-01 08:31:39 -04:00
parent 13107063df
commit 3c5cb1673a
15 changed files with 163 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
core/c/mpw-algorithm.c
View File

@ -22,12 +22,7 @@
#include "mpw-algorithm_v2.c"
#include "mpw-algorithm_v3.c"
#define MP_N 32768
#define MP_r 8
#define MP_p 2
#define MP_hash PearlHashSHA256
MPMasterKey mpw_masterKeyForUser(const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion) {
MPMasterKey mpw_masterKey(const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion) {
if (!fullName || !masterPassword)
return NULL;
@ -47,7 +42,8 @@ MPMasterKey mpw_masterKeyForUser(const char *fullName, const char *masterPasswor
}
}
const char *mpw_passwordForSite(MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
MPSiteKey mpw_siteKey(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext, const MPAlgorithmVersion algorithmVersion) {
if (!masterKey || !siteName)
@ -55,13 +51,34 @@ const char *mpw_passwordForSite(MPMasterKey masterKey, const char *siteName, con
switch (algorithmVersion) {
case MPAlgorithmVersion0:
return mpw_passwordForSite_v0( masterKey, siteName, siteType, siteCounter, siteVariant, siteContext );
return mpw_siteKey_v0( masterKey, siteName, siteCounter, siteVariant, siteContext );
case MPAlgorithmVersion1:
return mpw_passwordForSite_v1( masterKey, siteName, siteType, siteCounter, siteVariant, siteContext );
return mpw_siteKey_v1( masterKey, siteName, siteCounter, siteVariant, siteContext );
case MPAlgorithmVersion2:
return mpw_passwordForSite_v2( masterKey, siteName, siteType, siteCounter, siteVariant, siteContext );
return mpw_siteKey_v2( masterKey, siteName, siteCounter, siteVariant, siteContext );
case MPAlgorithmVersion3:
return mpw_passwordForSite_v3( masterKey, siteName, siteType, siteCounter, siteVariant, siteContext );
return mpw_siteKey_v3( masterKey, siteName, siteCounter, siteVariant, siteContext );
default:
ftl( "Unsupported version: %d", algorithmVersion );
return NULL;
}
}
const char *mpw_sitePassword(
MPSiteKey siteKey, const MPSiteType siteType, const MPAlgorithmVersion algorithmVersion) {
if (!siteKey)
return NULL;
switch (algorithmVersion) {
case MPAlgorithmVersion0:
return mpw_sitePassword_v0( siteKey, siteType );
case MPAlgorithmVersion1:
return mpw_sitePassword_v1( siteKey, siteType );
case MPAlgorithmVersion2:
return mpw_sitePassword_v2( siteKey, siteType );
case MPAlgorithmVersion3:
return mpw_sitePassword_v3( siteKey, siteType );
default:
ftl( "Unsupported version: %d", algorithmVersion );
return NULL;

17
core/c/mpw-algorithm.h
View File

@ -38,14 +38,19 @@ typedef enum( unsigned int, MPAlgorithmVersion ) {
};
/** Derive the master key for a user based on their name and master password.
* @return A new MP_dkLen-byte allocated buffer or NULL if an allocation error occurred. */
MPMasterKey mpw_masterKeyForUser(
* @return A new MPMasterKeySize-byte allocated buffer or NULL if an error occurred. */
MPMasterKey mpw_masterKey(
const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion);
/** Encode a password for the site from the given master key and site parameters.
* @return A newly allocated string or NULL if an allocation error occurred. */
const char *mpw_passwordForSite(
MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
/** Derive the site key for a user's site from the given master key and site parameters.
* @return A new MPSiteKeySize-byte allocated buffer or NULL if an error occurred. */
MPSiteKey mpw_siteKey(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext, const MPAlgorithmVersion algorithmVersion);
/** Encode a password for the site from the given site key.
* @return A newly allocated string or NULL if an error occurred. */
const char *mpw_sitePassword(
MPSiteKey siteKey, const MPSiteType siteType, const MPAlgorithmVersion algorithmVersion);
#endif // _MPW_ALGORITHM_H

33
core/c/mpw-algorithm_v0.c
View File

@ -77,15 +77,15 @@ static MPMasterKey mpw_masterKeyForUser_v0(const char *fullName, const char *mas
return masterKey;
}
static const char *mpw_passwordForSite_v0(MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
static MPSiteKey mpw_siteKey_v0(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext) {
const char *siteScope = mpw_scopeForVariant( siteVariant );
trc( "algorithm: v%d\n", 0 );
trc( "-- mpw_siteKey_v0\n" );
trc( "siteName: %s\n", siteName );
trc( "siteCounter: %d\n", siteCounter );
trc( "siteVariant: %d\n", siteVariant );
trc( "siteType: %d\n", siteType );
trc( "site scope: %s, context: %s\n", siteScope, siteContext? "<empty>": siteContext );
trc( "seed from: hmac-sha256(masterKey, %s | %s | %s | %s | %s | %s)\n",
siteScope, mpw_hex_l( htonl( strlen( siteName ) ) ), siteName,
@ -93,7 +93,7 @@ static const char *mpw_passwordForSite_v0(MPMasterKey masterKey, const char *sit
mpw_hex_l( htonl( siteContext? strlen( siteContext ): 0 ) ), siteContext? "(null)": siteContext );
// Calculate the site seed.
// sitePasswordSeed = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
// siteKey = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
size_t sitePasswordInfoSize = 0;
uint8_t *sitePasswordInfo = NULL;
mpw_push_string( &sitePasswordInfo, &sitePasswordInfoSize, siteScope );
@ -110,31 +110,40 @@ static const char *mpw_passwordForSite_v0(MPMasterKey masterKey, const char *sit
}
trc( "sitePasswordInfo ID: %s\n", mpw_id_buf( sitePasswordInfo, sitePasswordInfoSize ) );
const char *sitePasswordSeed = (const char *)mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
MPSiteKey siteKey = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
mpw_free( sitePasswordInfo, sitePasswordInfoSize );
if (!sitePasswordSeed) {
if (!siteKey) {
ftl( "Could not allocate site seed: %d\n", errno );
return NULL;
}
trc( "sitePasswordSeed ID: %s\n", mpw_id_buf( sitePasswordSeed, 32 ) );
trc( "siteKey ID: %s\n", mpw_id_buf( siteKey, 32 ) );
return siteKey;
}
static const char *mpw_sitePassword_v0(
MPSiteKey siteKey, const MPSiteType siteType) {
trc( "-- mpw_sitePassword_v0\n" );
trc( "siteType: %d\n", siteType );
// Determine the template.
const char *template = mpw_templateForType_v0( siteType, htons( sitePasswordSeed[0] ) );
const char *_siteKey = (const char *)siteKey;
const char *template = mpw_templateForType_v0( siteType, htons( _siteKey[0] ) );
trc( "type %d, template: %s\n", siteType, template );
if (strlen( template ) > 32) {
ftl( "Template too long for password seed: %lu", strlen( template ) );
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
mpw_free( _siteKey, sizeof( _siteKey ) );
return NULL;
}
// Encode the password from the seed using the template.
char *const sitePassword = calloc( strlen( template ) + 1, sizeof( char ) );
for (size_t c = 0; c < strlen( template ); ++c) {
sitePassword[c] = mpw_characterFromClass_v0( template[c], htons( sitePasswordSeed[c + 1] ) );
sitePassword[c] = mpw_characterFromClass_v0( template[c], htons( _siteKey[c + 1] ) );
trc( "class %c, index %u (0x%02X) -> character: %c\n",
template[c], htons( sitePasswordSeed[c + 1] ), htons( sitePasswordSeed[c + 1] ), sitePassword[c] );
template[c], htons( _siteKey[c + 1] ), htons( _siteKey[c + 1] ), sitePassword[c] );
}
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
return sitePassword;
}

33
core/c/mpw-algorithm_v1.c
View File

@ -26,7 +26,6 @@
#define MP_N 32768
#define MP_r 8
#define MP_p 2
#define MP_hash PearlHashSHA256
static MPMasterKey mpw_masterKeyForUser_v1(const char *fullName, const char *masterPassword) {
@ -62,15 +61,15 @@ static MPMasterKey mpw_masterKeyForUser_v1(const char *fullName, const char *mas
return masterKey;
}
static const char *mpw_passwordForSite_v1(MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
static MPSiteKey mpw_siteKey_v1(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext) {
const char *siteScope = mpw_scopeForVariant( siteVariant );
trc( "algorithm: v%d\n", 1 );
trc( "-- mpw_siteKey_v1\n" );
trc( "siteName: %s\n", siteName );
trc( "siteCounter: %d\n", siteCounter );
trc( "siteVariant: %d\n", siteVariant );
trc( "siteType: %d\n", siteType );
trc( "site scope: %s, context: %s\n", siteScope, siteContext? "<empty>": siteContext );
trc( "seed from: hmac-sha256(masterKey, %s | %s | %s | %s | %s | %s)\n",
siteScope, mpw_hex_l( htonl( strlen( siteName ) ) ), siteName,
@ -78,7 +77,7 @@ static const char *mpw_passwordForSite_v1(MPMasterKey masterKey, const char *sit
mpw_hex_l( htonl( siteContext? strlen( siteContext ): 0 ) ), siteContext? "(null)": siteContext );
// Calculate the site seed.
// sitePasswordSeed = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
// siteKey = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
size_t sitePasswordInfoSize = 0;
uint8_t *sitePasswordInfo = NULL;
mpw_push_string( &sitePasswordInfo, &sitePasswordInfoSize, siteScope );
@ -95,31 +94,39 @@ static const char *mpw_passwordForSite_v1(MPMasterKey masterKey, const char *sit
}
trc( "sitePasswordInfo ID: %s\n", mpw_id_buf( sitePasswordInfo, sitePasswordInfoSize ) );
const uint8_t *sitePasswordSeed = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
MPSiteKey siteKey = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
mpw_free( sitePasswordInfo, sitePasswordInfoSize );
if (!sitePasswordSeed) {
if (!siteKey) {
ftl( "Could not allocate site seed: %d\n", errno );
return NULL;
}
trc( "sitePasswordSeed ID: %s\n", mpw_id_buf( sitePasswordSeed, 32 ) );
trc( "siteKey ID: %s\n", mpw_id_buf( siteKey, 32 ) );
return siteKey;
}
static const char *mpw_sitePassword_v1(
MPSiteKey siteKey, const MPSiteType siteType) {
trc( "-- mpw_sitePassword_v1\n" );
trc( "siteType: %d\n", siteType );
// Determine the template.
const char *template = mpw_templateForType( siteType, sitePasswordSeed[0] );
const char *template = mpw_templateForType( siteType, siteKey[0] );
trc( "type %d, template: %s\n", siteType, template );
if (strlen( template ) > 32) {
ftl( "Template too long for password seed: %lu", strlen( template ) );
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
mpw_free( siteKey, sizeof( siteKey ) );
return NULL;
}
// Encode the password from the seed using the template.
char *const sitePassword = calloc( strlen( template ) + 1, sizeof( char ) );
for (size_t c = 0; c < strlen( template ); ++c) {
sitePassword[c] = mpw_characterFromClass( template[c], sitePasswordSeed[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], sitePasswordSeed[c + 1], sitePasswordSeed[c + 1],
sitePassword[c] = mpw_characterFromClass( template[c], siteKey[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], siteKey[c + 1], siteKey[c + 1],
sitePassword[c] );
}
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
return sitePassword;
}

33
core/c/mpw-algorithm_v2.c
View File

@ -26,7 +26,6 @@
#define MP_N 32768
#define MP_r 8
#define MP_p 2
#define MP_hash PearlHashSHA256
static MPMasterKey mpw_masterKeyForUser_v2(const char *fullName, const char *masterPassword) {
@ -62,15 +61,15 @@ static MPMasterKey mpw_masterKeyForUser_v2(const char *fullName, const char *mas
return masterKey;
}
static const char *mpw_passwordForSite_v2(MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
static MPSiteKey mpw_siteKey_v2(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext) {
const char *siteScope = mpw_scopeForVariant( siteVariant );
trc( "algorithm: v%d\n", 2 );
trc( "-- mpw_siteKey_v2\n" );
trc( "siteName: %s\n", siteName );
trc( "siteCounter: %d\n", siteCounter );
trc( "siteVariant: %d\n", siteVariant );
trc( "siteType: %d\n", siteType );
trc( "site scope: %s, context: %s\n", siteScope, siteContext? "<empty>": siteContext );
trc( "seed from: hmac-sha256(masterKey, %s | %s | %s | %s | %s | %s)\n",
siteScope, mpw_hex_l( htonl( strlen( siteName ) ) ), siteName,
@ -78,7 +77,7 @@ static const char *mpw_passwordForSite_v2(MPMasterKey masterKey, const char *sit
mpw_hex_l( htonl( siteContext? strlen( siteContext ): 0 ) ), siteContext? "(null)": siteContext );
// Calculate the site seed.
// sitePasswordSeed = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
// siteKey = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
size_t sitePasswordInfoSize = 0;
uint8_t *sitePasswordInfo = NULL;
mpw_push_string( &sitePasswordInfo, &sitePasswordInfoSize, siteScope );
@ -95,31 +94,39 @@ static const char *mpw_passwordForSite_v2(MPMasterKey masterKey, const char *sit
}
trc( "sitePasswordInfo ID: %s\n", mpw_id_buf( sitePasswordInfo, sitePasswordInfoSize ) );
const uint8_t *sitePasswordSeed = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
const uint8_t *siteKey = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
mpw_free( sitePasswordInfo, sitePasswordInfoSize );
if (!sitePasswordSeed) {
if (!siteKey) {
ftl( "Could not allocate site seed: %d\n", errno );
return NULL;
}
trc( "sitePasswordSeed ID: %s\n", mpw_id_buf( sitePasswordSeed, 32 ) );
trc( "siteKey ID: %s\n", mpw_id_buf( siteKey, 32 ) );
return siteKey;
}
static const char *mpw_sitePassword_v2(
MPSiteKey siteKey, const MPSiteType siteType) {
trc( "-- mpw_sitePassword_v2\n" );
trc( "siteType: %d\n", siteType );
// Determine the template.
const char *template = mpw_templateForType( siteType, sitePasswordSeed[0] );
const char *template = mpw_templateForType( siteType, siteKey[0] );
trc( "type %d, template: %s\n", siteType, template );
if (strlen( template ) > 32) {
ftl( "Template too long for password seed: %lu", strlen( template ) );
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
mpw_free( siteKey, sizeof( siteKey ) );
return NULL;
}
// Encode the password from the seed using the template.
char *const sitePassword = calloc( strlen( template ) + 1, sizeof( char ) );
for (size_t c = 0; c < strlen( template ); ++c) {
sitePassword[c] = mpw_characterFromClass( template[c], sitePasswordSeed[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], sitePasswordSeed[c + 1], sitePasswordSeed[c + 1],
sitePassword[c] = mpw_characterFromClass( template[c], siteKey[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], siteKey[c + 1], siteKey[c + 1],
sitePassword[c] );
}
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
return sitePassword;
}

35
core/c/mpw-algorithm_v3.c
View File

@ -26,12 +26,11 @@
#define MP_N 32768
#define MP_r 8
#define MP_p 2
#define MP_hash PearlHashSHA256
static MPMasterKey mpw_masterKeyForUser_v3(const char *fullName, const char *masterPassword) {
const char *mpKeyScope = mpw_scopeForVariant( MPSiteVariantPassword );
trc( "algorithm: v%d\n", 3 );
trc( "-- mpw_masterKeyForUser_v3\n" );
trc( "fullName: %s (%zu)\n", fullName, strlen( fullName ) );
trc( "masterPassword: %s\n", masterPassword );
trc( "key scope: %s\n", mpKeyScope );
@ -62,15 +61,15 @@ static MPMasterKey mpw_masterKeyForUser_v3(const char *fullName, const char *mas
return masterKey;
}
static const char *mpw_passwordForSite_v3(MPMasterKey masterKey, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter,
static MPSiteKey mpw_siteKey_v3(
MPMasterKey masterKey, const char *siteName, const uint32_t siteCounter,
const MPSiteVariant siteVariant, const char *siteContext) {
const char *siteScope = mpw_scopeForVariant( siteVariant );
trc( "algorithm: v%d\n", 3 );
trc( "-- mpw_siteKey_v3\n" );
trc( "siteName: %s\n", siteName );
trc( "siteCounter: %d\n", siteCounter );
trc( "siteVariant: %d\n", siteVariant );
trc( "siteType: %d\n", siteType );
trc( "site scope: %s, context: %s\n", siteScope, siteContext? "<empty>": siteContext );
trc( "seed from: hmac-sha256(masterKey, %s | %s | %s | %s | %s | %s)\n",
siteScope, mpw_hex_l( htonl( strlen( siteName ) ) ), siteName,
@ -78,7 +77,7 @@ static const char *mpw_passwordForSite_v3(MPMasterKey masterKey, const char *sit
mpw_hex_l( htonl( siteContext? strlen( siteContext ): 0 ) ), siteContext? "(null)": siteContext );
// Calculate the site seed.
// sitePasswordSeed = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
// siteKey = hmac-sha256( masterKey, siteScope . #siteName . siteName . siteCounter . #siteContext . siteContext )
size_t sitePasswordInfoSize = 0;
uint8_t *sitePasswordInfo = NULL;
mpw_push_string( &sitePasswordInfo, &sitePasswordInfoSize, siteScope );
@ -95,31 +94,39 @@ static const char *mpw_passwordForSite_v3(MPMasterKey masterKey, const char *sit
}
trc( "sitePasswordInfo ID: %s\n", mpw_id_buf( sitePasswordInfo, sitePasswordInfoSize ) );
const uint8_t *sitePasswordSeed = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
MPSiteKey siteKey = mpw_hmac_sha256( masterKey, MPMasterKeySize, sitePasswordInfo, sitePasswordInfoSize );
mpw_free( sitePasswordInfo, sitePasswordInfoSize );
if (!sitePasswordSeed) {
if (!siteKey) {
ftl( "Could not allocate site seed: %d\n", errno );
return NULL;
}
trc( "sitePasswordSeed ID: %s\n", mpw_id_buf( sitePasswordSeed, 32 ) );
trc( "siteKey ID: %s\n", mpw_id_buf( siteKey, 32 ) );
return siteKey;
}
static const char *mpw_sitePassword_v3(
MPSiteKey siteKey, const MPSiteType siteType) {
trc( "-- mpw_sitePassword_v3\n" );
trc( "siteType: %d\n", siteType );
// Determine the template.
const char *template = mpw_templateForType( siteType, sitePasswordSeed[0] );
const char *template = mpw_templateForType( siteType, siteKey[0] );
trc( "type %d, template: %s\n", siteType, template );
if (strlen( template ) > 32) {
ftl( "Template too long for password seed: %lu", strlen( template ) );
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
mpw_free( siteKey, sizeof( siteKey ) );
return NULL;
}
// Encode the password from the seed using the template.
char *const sitePassword = calloc( strlen( template ) + 1, sizeof( char ) );
for (size_t c = 0; c < strlen( template ); ++c) {
sitePassword[c] = mpw_characterFromClass( template[c], sitePasswordSeed[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], sitePasswordSeed[c + 1], sitePasswordSeed[c + 1],
sitePassword[c] = mpw_characterFromClass( template[c], siteKey[c + 1] );
trc( "class %c, index %u (0x%02X) -> character: %c\n", template[c], siteKey[c + 1], siteKey[c + 1],
sitePassword[c] );
}
mpw_free( sitePasswordSeed, sizeof( sitePasswordSeed ) );
return sitePassword;
}

2
core/c/mpw-marshall-util.c
View File

@ -102,7 +102,7 @@ bool mpw_update_masterKey(MPMasterKey *masterKey, MPAlgorithmVersion *masterKeyA
if (*masterKeyAlgorithm != targetKeyAlgorithm) {
mpw_free( *masterKey, MPMasterKeySize );
*masterKeyAlgorithm = targetKeyAlgorithm;
*masterKey = mpw_masterKeyForUser(
*masterKey = mpw_masterKey(
fullName, masterPassword, *masterKeyAlgorithm );
if (!*masterKey) {
err( "Couldn't derive master key for user %s, algorithm %d.\n", fullName, *masterKeyAlgorithm );

19
core/c/mpw-marshall.c
View File

@ -170,8 +170,11 @@ static bool mpw_marshall_write_flat(
return false;
}
if (site.type & MPSiteTypeClassGenerated)
content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, MPSiteVariantPassword, NULL, site.algorithm );
if (site.type & MPSiteTypeClassGenerated) {
MPSiteKey siteKey = mpw_siteKey( masterKey, site.name, site.counter, MPSiteVariantPassword, NULL, site.algorithm );
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
mpw_free( siteKey, MPSiteKeySize );
}
else if (content) {
// TODO: Decrypt Personal Passwords
//content = aes128_cbc( masterKey, content );
@ -250,8 +253,11 @@ static bool mpw_marshall_write_json(
return false;
}
if (site.type & MPSiteTypeClassGenerated)
content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, MPSiteVariantPassword, NULL, site.algorithm );
if (site.type & MPSiteTypeClassGenerated) {
MPSiteKey siteKey = mpw_siteKey( masterKey, site.name, site.counter, MPSiteVariantPassword, NULL, site.algorithm );
content = mpw_sitePassword( siteKey, site.type, site.algorithm );
mpw_free( siteKey, MPSiteKeySize );
}
else if (content) {
// TODO: Decrypt Personal Passwords
//content = aes128_cbc( masterKey, content );
@ -284,8 +290,9 @@ static bool mpw_marshall_write_json(
json_object_object_add( json_site_questions, question.keyword, json_site_question );
if (!user->redacted) {
const char *answer = mpw_passwordForSite( masterKey, site.name, MPSiteTypeGeneratedPhrase, 1,
MPSiteVariantAnswer, question.keyword, site.algorithm );
MPSiteKey siteKey = mpw_siteKey( masterKey, site.name, 1, MPSiteVariantAnswer, question.keyword, site.algorithm );
const char *answer = mpw_sitePassword( siteKey, MPSiteTypeGeneratedPhrase, site.algorithm );
mpw_free( siteKey, MPSiteKeySize );
if (answer)
json_object_object_add( json_site_question, "answer", json_object_new_string( answer ) );
}

4
core/c/mpw-types.h
View File

@ -33,7 +33,9 @@
#define MPMasterKeySize 64
typedef const uint8_t *MPMasterKey;
typedef const char *MPMasterKeyID;
#define MPSiteKeySize 256 / 8 // Bytes in HMAC-SHA-256
typedef const uint8_t *MPSiteKey;
typedef const char *MPKeyID;
typedef enum( unsigned int, MPSiteVariant ) {
/** Generate a key for authentication. */

5
core/c/mpw-util.c
View File

@ -136,7 +136,10 @@ uint8_t const *mpw_hmac_sha256(const uint8_t *key, const size_t keySize, const u
return NULL;
}
const char *mpw_id_buf(const void *buf, size_t length) {
MPKeyID mpw_id_buf(const void *buf, size_t length) {
if (!buf)
return "<unset>";
#if HAS_CPERCIVA
uint8_t hash[32];

2
core/c/mpw-util.h
View File

@ -122,7 +122,7 @@ const char *mpw_hex(const void *buf, size_t length);
const char *mpw_hex_l(uint32_t number);
/** Encode a fingerprint for a buffer.
* @return A C-string in a reused buffer, do not free or store it. */
const char *mpw_id_buf(const void *buf, size_t length);
MPKeyID mpw_id_buf(const void *buf, size_t length);
/** Compare two fingerprints for equality.
* @return true if the buffers represent identical fingerprints. */
bool mpw_id_buf_equals(const char *id1, const char *id2);

2
platform-darwin/Source/MPAlgorithmV0.m
View File

@ -128,7 +128,7 @@ static NSOperationQueue *_mpwQueue = nil;
__block NSData *keyData;
[self mpw_perform:^{
NSDate *start = [NSDate date];
MPMasterKey masterKey = mpw_masterKeyForUser( fullName.UTF8String, masterPassword.UTF8String, [self version] );
MPMasterKey masterKey = mpw_masterKey( fullName.UTF8String, masterPassword.UTF8String, [self version] );
if (masterKey) {
keyData = [NSData dataWithBytes:masterKey length:MPMasterKeySize];
trc( @"User: %@, password: %@ derives to key ID: %@ (took %0.2fs)", //

13
platform-independent/cli-c/cli/mpw-bench.c
View File

@ -64,7 +64,7 @@ int main(int argc, char *const argv[]) {
// Similar to phase-two of mpw
uint8_t *sitePasswordInfo = malloc( 128 );
iterations = 3000000;
masterKey = mpw_masterKeyForUser( fullName, masterPassword, MPAlgorithmVersionCurrent );
masterKey = mpw_masterKey( fullName, masterPassword, MPAlgorithmVersionCurrent );
if (!masterKey)
ftl( "Could not allocate master key: %d\n", errno );
mpw_getTime( &startTime );
@ -95,7 +95,7 @@ int main(int argc, char *const argv[]) {
iterations = 50;
mpw_getTime( &startTime );
for (int i = 1; i <= iterations; ++i) {
free( (void *)mpw_masterKeyForUser( fullName, masterPassword, MPAlgorithmVersionCurrent ) );
free( (void *)mpw_masterKey( fullName, masterPassword, MPAlgorithmVersionCurrent ) );
if (modff(100.f * i / iterations, &percent) == 0)
fprintf( stderr, "\rscrypt_mpw: iteration %d / %d (%.0f%%)..", i, iterations, percent );
@ -107,13 +107,16 @@ int main(int argc, char *const argv[]) {
iterations = 50;
mpw_getTime( &startTime );
for (int i = 1; i <= iterations; ++i) {
masterKey = mpw_masterKeyForUser( fullName, masterPassword, MPAlgorithmVersionCurrent );
masterKey = mpw_masterKey( fullName, masterPassword, MPAlgorithmVersionCurrent );
if (!masterKey)
ftl( "Could not allocate master key: %d\n", errno );
free( (void *)mpw_passwordForSite(
masterKey, siteName, siteType, siteCounter, siteVariant, siteContext, MPAlgorithmVersionCurrent ) );
MPSiteKey siteKey = mpw_siteKey(
masterKey, siteName, siteCounter, siteVariant, siteContext, MPAlgorithmVersionCurrent );
free( (void *)mpw_sitePassword(
siteKey, siteType, MPAlgorithmVersionCurrent ) );
free( (void *)masterKey );
free( (void *)siteKey );
if (modff(100.f * i / iterations, &percent) == 0)
fprintf( stderr, "\rmpw: iteration %d / %d (%.0f%%)..", i, iterations, percent );

7
platform-independent/cli-c/cli/mpw-cli.c
View File

@ -311,16 +311,17 @@ int main(int argc, char *const argv[]) {
mpw_free_string( identicon );
// Output the password.
MPMasterKey masterKey = mpw_masterKeyForUser(
MPMasterKey masterKey = mpw_masterKey(
fullName, masterPassword, algorithmVersion );
mpw_free_string( masterPassword );
mpw_free_string( fullName );
if (!masterKey)
ftl( "Couldn't derive master key." );
const char *sitePassword = mpw_passwordForSite(
masterKey, siteName, siteType, siteCounter, siteVariant, siteContextArg, algorithmVersion );
MPSiteKey siteKey = mpw_siteKey( masterKey, siteName, siteCounter, siteVariant, siteContextArg, algorithmVersion );
const char *sitePassword = mpw_sitePassword(siteKey, siteType, algorithmVersion );
mpw_free( masterKey, MPMasterKeySize );
mpw_free( siteKey, MPSiteKeySize );
mpw_free_string( siteName );
if (!sitePassword)
ftl( "Couldn't derive site password." );

11
platform-independent/cli-c/cli/mpw-tests.c
View File

@ -24,7 +24,7 @@ int main(int argc, char *const argv[]) {
// Read in the test case.
xmlChar *id = mpw_xmlTestCaseString( testCase, "id" );
uint32_t algorithm = mpw_xmlTestCaseInteger( testCase, "algorithm" );
MPAlgorithmVersion algorithm = (MPAlgorithmVersion)mpw_xmlTestCaseInteger( testCase, "algorithm" );
xmlChar *fullName = mpw_xmlTestCaseString( testCase, "fullName" );
xmlChar *masterPassword = mpw_xmlTestCaseString( testCase, "masterPassword" );
xmlChar *keyID = mpw_xmlTestCaseString( testCase, "keyID" );
@ -46,15 +46,18 @@ int main(int argc, char *const argv[]) {
}
// 1. calculate the master key.
MPMasterKey masterKey = mpw_masterKeyForUser(
MPMasterKey masterKey = mpw_masterKey(
(char *)fullName, (char *)masterPassword, algorithm );
if (!masterKey)
ftl( "Couldn't derive master key." );
// 2. calculate the site password.
const char *sitePassword = mpw_passwordForSite(
masterKey, (char *)siteName, siteType, siteCounter, siteVariant, (char *)siteContext, algorithm );
MPSiteKey siteKey = mpw_siteKey(
masterKey, (char *)siteName, siteCounter, siteVariant, (char *)siteContext, algorithm );
const char *sitePassword = mpw_sitePassword(
siteKey, siteType, algorithm );
mpw_free( masterKey, MPMasterKeySize );
mpw_free( siteKey, MPSiteKeySize );
if (!sitePassword)
ftl( "Couldn't derive site password." );