diff --git a/core/c/mpw-marshall.c b/core/c/mpw-marshall.c index c94e7ce2..d977cd07 100644 --- a/core/c/mpw-marshall.c +++ b/core/c/mpw-marshall.c @@ -42,12 +42,15 @@ static time_t mpw_mktime( const char *time) { struct tm tm = { .tm_isdst = -1, .tm_gmtoff = 0 }; - sscanf( time, "%4d-%2d-%2dT%2d:%2d:%2dZ", + if (time && sscanf( time, "%4d-%2d-%2dT%2d:%2d:%2dZ", &tm.tm_year, &tm.tm_mon, &tm.tm_mday, - &tm.tm_hour, &tm.tm_min, &tm.tm_sec ); - tm.tm_year -= 1900; // tm_year 0 = rfc3339 year 1900 - tm.tm_mon -= 1; // tm_mon 0 = rfc3339 month 1 - return mktime( &tm ); + &tm.tm_hour, &tm.tm_min, &tm.tm_sec ) == 6) { + tm.tm_year -= 1900; // tm_year 0 = rfc3339 year 1900 + tm.tm_mon -= 1; // tm_mon 0 = rfc3339 month 1 + return mktime( &tm ); + } + + return false; } static bool mpw_update_masterKey(MPMasterKey *masterKey, MPAlgorithmVersion *masterKeyAlgorithm, MPAlgorithmVersion targetKeyAlgorithm, @@ -70,8 +73,8 @@ static bool mpw_update_masterKey(MPMasterKey *masterKey, MPAlgorithmVersion *mas MPMarshalledUser *mpw_marshall_user( const char *fullName, const char *masterPassword, const MPAlgorithmVersion algorithmVersion) { - MPMarshalledUser *user = malloc( sizeof( MPMarshalledUser ) ); - if (!user) + MPMarshalledUser *user; + if (!fullName || !masterPassword || !(user = malloc( sizeof( MPMarshalledUser ) ))) return NULL; *user = (MPMarshalledUser){ @@ -94,7 +97,7 @@ MPMarshalledSite *mpw_marshall_site( MPMarshalledUser *marshalledUser, const char *siteName, const MPSiteType siteType, const uint32_t siteCounter, const MPAlgorithmVersion algorithmVersion) { - if (!(marshalledUser->sites = + if (!siteName || !(marshalledUser->sites = realloc( marshalledUser->sites, sizeof( MPMarshalledSite ) * (++marshalledUser->sites_count) ))) return NULL; @@ -121,7 +124,7 @@ MPMarshalledSite *mpw_marshall_site( MPMarshalledQuestion *mpw_marshal_question( MPMarshalledSite *marshalledSite, const char *keyword) { - if (!(marshalledSite->questions = + if (!keyword || !(marshalledSite->questions = realloc( marshalledSite->questions, sizeof( MPMarshalledQuestion ) * (++marshalledSite->questions_count) ))) return NULL; @@ -155,16 +158,28 @@ bool mpw_marshal_free( #define try_asprintf(...) ({ if (asprintf( __VA_ARGS__ ) < 0) return false; }) bool mpw_marshall_write_flat( - char **out, const MPMarshalledUser *marshalledUser) { + char **out, const MPMarshalledUser *user, MPMarshallError *error) { - MPMasterKey masterKey = NULL; - MPAlgorithmVersion masterKeyAlgorithm = marshalledUser->algorithm - 1; - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - marshalledUser->algorithm, marshalledUser->name, marshalledUser->masterPassword )) + *error = MPMarshallErrorInternal; + if (!user->name || !strlen( user->name )) { + err( "Missing full name.\n" ); + *error = MPMarshallErrorMissing; return false; + } + if (!user->masterPassword || !strlen( user->masterPassword )) { + err( "Missing master password.\n" ); + *error = MPMarshallErrorMasterPassword; + return false; + } + MPMasterKey masterKey = NULL; + MPAlgorithmVersion masterKeyAlgorithm = user->algorithm - 1; + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, user->algorithm, user->name, user->masterPassword )) { + err( "Couldn't derive master key.\n" ); + return false; + } try_asprintf( out, "# Master Password site export\n" ); - if (marshalledUser->redacted) + if (user->redacted) try_asprintf( out, "# Export of site names and passwords in clear-text.\n" ); else try_asprintf( out, "# Export of site names and stored passwords (unless device-private) encrypted with the master key.\n" ); @@ -172,103 +187,117 @@ bool mpw_marshall_write_flat( try_asprintf( out, "##\n" ); try_asprintf( out, "# Format: %d\n", 1 ); - size_t dateSize = 21; - char dateString[dateSize]; + char dateString[21]; time_t now = time( NULL ); - if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &now ) )) + if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &now ) )) try_asprintf( out, "# Date: %s\n", dateString ); - try_asprintf( out, "# User Name: %s\n", marshalledUser->name ); - try_asprintf( out, "# Full Name: %s\n", marshalledUser->name ); - try_asprintf( out, "# Avatar: %u\n", marshalledUser->avatar ); + try_asprintf( out, "# User Name: %s\n", user->name ); + try_asprintf( out, "# Full Name: %s\n", user->name ); + try_asprintf( out, "# Avatar: %u\n", user->avatar ); try_asprintf( out, "# Key ID: %s\n", mpw_id_buf( masterKey, MPMasterKeySize ) ); - try_asprintf( out, "# Algorithm: %d\n", marshalledUser->algorithm ); - try_asprintf( out, "# Default Type: %d\n", marshalledUser->defaultType ); - try_asprintf( out, "# Passwords: %s\n", marshalledUser->redacted? "PROTECTED": "VISIBLE" ); + try_asprintf( out, "# Algorithm: %d\n", user->algorithm ); + try_asprintf( out, "# Default Type: %d\n", user->defaultType ); + try_asprintf( out, "# Passwords: %s\n", user->redacted? "PROTECTED": "VISIBLE" ); try_asprintf( out, "##\n" ); try_asprintf( out, "#\n" ); try_asprintf( out, "# Last Times Password Login\t Site\tSite\n" ); try_asprintf( out, "# used used type name\t name\tpassword\n" ); // Sites. - for (int s = 0; s < marshalledUser->sites_count; ++s) { - MPMarshalledSite site = marshalledUser->sites[s]; + for (int s = 0; s < user->sites_count; ++s) { + MPMarshalledSite site = user->sites[s]; + if (!site.name || !strlen( site.name )) + continue; const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL; - if (!marshalledUser->redacted) { - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - site.algorithm, marshalledUser->name, marshalledUser->masterPassword )) + if (!user->redacted) { + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) { + err( "Couldn't derive master key.\n" ); return false; + } if (site.type & MPSiteTypeClassGenerated) - content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, - MPSiteVariantPassword, NULL, site.algorithm ); + content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, MPSiteVariantPassword, NULL, site.algorithm ); else if (content) { // TODO: Decrypt Personal Passwords //content = aes128_cbc( masterKey, content ); } } - if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &site.lastUsed ) )) + if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) )) try_asprintf( out, "%s %8ld %lu:%lu:%lu %25s\t%25s\t%s\n", dateString, (long)site.uses, (long)site.type, (long)site.algorithm, (long)site.counter, site.loginName?: "", site.name, content?: "" ); } mpw_free( masterKey, MPMasterKeySize ); + *error = MPMarshallSuccess; return true; } bool mpw_marshall_write_json( - char **out, const MPMarshalledUser *marshalledUser) { + char **out, const MPMarshalledUser *user, MPMarshallError *error) { - MPMasterKey masterKey = NULL; - MPAlgorithmVersion masterKeyAlgorithm = marshalledUser->algorithm - 1; - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - marshalledUser->algorithm, marshalledUser->name, marshalledUser->masterPassword )) + *error = MPMarshallErrorInternal; + if (!user->name || !strlen( user->name )) { + err( "Missing full name.\n" ); + *error = MPMarshallErrorMissing; return false; - - json_object *json_file = json_object_new_object(); + } + if (!user->masterPassword || !strlen( user->masterPassword )) { + err( "Missing master password.\n" ); + *error = MPMarshallErrorMasterPassword; + return false; + } + MPMasterKey masterKey = NULL; + MPAlgorithmVersion masterKeyAlgorithm = user->algorithm - 1; + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, user->algorithm, user->name, user->masterPassword )) { + err( "Couldn't derive master key.\n" ); + return false; + } // Section: "export" + json_object *json_file = json_object_new_object(); json_object *json_export = json_object_new_object(); json_object_object_add( json_file, "export", json_export ); json_object_object_add( json_export, "format", json_object_new_int( 1 ) ); - json_object_object_add( json_export, "redacted", json_object_new_boolean( marshalledUser->redacted ) ); + json_object_object_add( json_export, "redacted", json_object_new_boolean( user->redacted ) ); - size_t dateSize = 21; - char dateString[dateSize]; + char dateString[21]; time_t now = time( NULL ); - if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &now ) )) + if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &now ) )) json_object_object_add( json_export, "date", json_object_new_string( dateString ) ); // Section: "user" json_object *json_user = json_object_new_object(); json_object_object_add( json_file, "user", json_user ); - json_object_object_add( json_user, "avatar", json_object_new_int( marshalledUser->avatar ) ); - json_object_object_add( json_user, "full_name", json_object_new_string( marshalledUser->name ) ); + json_object_object_add( json_user, "avatar", json_object_new_int( user->avatar ) ); + json_object_object_add( json_user, "full_name", json_object_new_string( user->name ) ); - if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &marshalledUser->lastUsed ) )) + if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &user->lastUsed ) )) json_object_object_add( json_user, "last_used", json_object_new_string( dateString ) ); json_object_object_add( json_user, "key_id", json_object_new_string( mpw_id_buf( masterKey, MPMasterKeySize ) ) ); - json_object_object_add( json_user, "algorithm", json_object_new_int( marshalledUser->algorithm ) ); - json_object_object_add( json_user, "default_type", json_object_new_int( marshalledUser->defaultType ) ); + json_object_object_add( json_user, "algorithm", json_object_new_int( user->algorithm ) ); + json_object_object_add( json_user, "default_type", json_object_new_int( user->defaultType ) ); // Section "sites" json_object *json_sites = json_object_new_object(); json_object_object_add( json_file, "sites", json_sites ); - for (int s = 0; s < marshalledUser->sites_count; ++s) { - MPMarshalledSite site = marshalledUser->sites[s]; + for (int s = 0; s < user->sites_count; ++s) { + MPMarshalledSite site = user->sites[s]; + if (!site.name || !strlen( site.name )) + continue; const char *content = site.type & MPSiteFeatureExportContent? site.content: NULL; - if (!marshalledUser->redacted) { - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - site.algorithm, marshalledUser->name, marshalledUser->masterPassword )) + if (!user->redacted) { + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site.algorithm, user->name, user->masterPassword )) { + err( "Couldn't derive master key.\n" ); return false; + } if (site.type & MPSiteTypeClassGenerated) - content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, - MPSiteVariantPassword, NULL, site.algorithm ); + content = mpw_passwordForSite( masterKey, site.name, site.type, site.counter, MPSiteVariantPassword, NULL, site.algorithm ); else if (content) { // TODO: Decrypt Personal Passwords //content = aes128_cbc( masterKey, content ); @@ -287,21 +316,25 @@ bool mpw_marshall_write_json( json_object_object_add( json_site, "login_generated", json_object_new_boolean( site.loginGenerated ) ); json_object_object_add( json_site, "uses", json_object_new_int( site.uses ) ); - if (strftime( dateString, dateSize, "yyyy'-'MM'-'dd'T'HH':'mm':'ss'Z'", gmtime( &site.lastUsed ) )) + if (strftime( dateString, sizeof( dateString ), "%FT%TZ", gmtime( &site.lastUsed ) )) json_object_object_add( json_site, "last_used", json_object_new_string( dateString ) ); json_object *json_site_questions = json_object_new_object(); json_object_object_add( json_site, "questions", json_site_questions ); for (int q = 0; q < site.questions_count; ++q) { MPMarshalledQuestion question = site.questions[q]; + if (!question.keyword) + continue; json_object *json_site_question = json_object_new_object(); json_object_object_add( json_site_questions, question.keyword, json_site_question ); - if (!marshalledUser->redacted) - json_object_object_add( json_site_question, "answer", json_object_new_string( - mpw_passwordForSite( masterKey, site.name, MPSiteTypeGeneratedPhrase, 1, - MPSiteVariantAnswer, question.keyword, site.algorithm ) ) ); + if (!user->redacted) { + const char *answer = mpw_passwordForSite( masterKey, site.name, MPSiteTypeGeneratedPhrase, 1, + MPSiteVariantAnswer, question.keyword, site.algorithm ); + if (answer) + json_object_object_add( json_site_question, "answer", json_object_new_string( answer ) ); + } } json_object *json_site_mpw = json_object_new_object(); @@ -314,24 +347,29 @@ bool mpw_marshall_write_json( mpw_free( masterKey, MPMasterKeySize ); json_object_put( json_file ); + *error = MPMarshallSuccess; return true; } bool mpw_marshall_write( - char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser) { + char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser, MPMarshallError *error) { switch (outFormat) { case MPMarshallFormatFlat: - return mpw_marshall_write_flat( out, marshalledUser ); + return mpw_marshall_write_flat( out, marshalledUser, error ); case MPMarshallFormatJSON: - return mpw_marshall_write_json( out, marshalledUser ); + return mpw_marshall_write_json( out, marshalledUser, error ); } + err( "Unsupported output format: %u\n", outFormat ); + *error = MPMarshallErrorFormat; return false; } MPMarshalledUser *mpw_marshall_read_flat( - char *in, const char *masterPassword) { + char *in, const char *masterPassword, MPMarshallError *error) { + + *error = MPMarshallErrorInternal; // Parse import data. MPMasterKey masterKey = NULL; @@ -368,7 +406,8 @@ MPMarshalledUser *mpw_marshall_read_flat( char *headerValue = mpw_get_token( &positionInLine, endOfLine, "\n" ); if (!headerName || !headerValue) { err( "Invalid header: %s\n", strndup( positionInLine, endOfLine - positionInLine ) ); - return false; + *error = MPMarshallErrorStructure; + return NULL; } if (strcmp( headerName, "Format" ) == 0) @@ -385,7 +424,8 @@ MPMarshalledUser *mpw_marshall_read_flat( int importAlgorithmInt = atoi( headerValue ); if (importAlgorithmInt < MPAlgorithmVersionFirst || importAlgorithmInt > MPAlgorithmVersionLast) { err( "Invalid algorithm version: %s\n", headerValue ); - return false; + *error = MPMarshallErrorIllegal; + return NULL; } importAlgorithm = (MPAlgorithmVersion)importAlgorithmInt; } @@ -402,22 +442,25 @@ MPMarshalledUser *mpw_marshall_read_flat( continue; if (!importUserName) { err( "Missing header: Full Name\n" ); - return false; + *error = MPMarshallErrorMissing; + return NULL; } if (positionInLine >= endOfLine) continue; if (!user) { - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - importAlgorithm, importUserName, masterPassword )) - return false; + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, importAlgorithm, importUserName, masterPassword )) { + err( "Couldn't derive master key.\n" ); + return NULL; + } if (importKeyID && !mpw_id_buf_equals( importKeyID, mpw_id_buf( masterKey, MPMasterKeySize ) )) { err( "Incorrect master password for user import file: %s != %s\n", importKeyID, mpw_id_buf( masterKey, MPMasterKeySize ) ); - return false; + *error = MPMarshallErrorMasterPassword; + return NULL; } if (!(user = mpw_marshall_user( importUserName, masterPassword, importAlgorithm ))) { err( "Couldn't allocate a new user.\n" ); - return false; + return NULL; } user->redacted = importRedacted; @@ -426,83 +469,97 @@ MPMarshalledUser *mpw_marshall_read_flat( } // Site - char *lastUsed = NULL, *uses = NULL, *type = NULL, *version = NULL, *counter = NULL; - char *loginName = NULL, *siteName = NULL, *exportContent = NULL; + char *siteLastUsed = NULL, *siteUses = NULL, *siteType = NULL, *siteAlgorithm = NULL, *siteCounter = NULL; + char *siteLoginName = NULL, *siteName = NULL, *siteContent = NULL; switch (importFormat) { case 0: { - lastUsed = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); - uses = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); + siteLastUsed = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); + siteUses = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); char *typeAndVersion = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); if (typeAndVersion) { - type = strdup( strtok( typeAndVersion, ":" ) ); - version = strdup( strtok( NULL, "" ) ); + siteType = strdup( strtok( typeAndVersion, ":" ) ); + siteAlgorithm = strdup( strtok( NULL, "" ) ); mpw_free_string( typeAndVersion ); } - counter = strdup( "1" ); - loginName = NULL; + siteCounter = strdup( "1" ); + siteLoginName = NULL; siteName = mpw_get_token( &positionInLine, endOfLine, "\t\n" ); - exportContent = mpw_get_token( &positionInLine, endOfLine, "\n" ); + siteContent = mpw_get_token( &positionInLine, endOfLine, "\n" ); break; } case 1: { - lastUsed = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); - uses = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); + siteLastUsed = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); + siteUses = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); char *typeAndVersionAndCounter = mpw_get_token( &positionInLine, endOfLine, " \t\n" ); if (typeAndVersionAndCounter) { - type = strdup( strtok( typeAndVersionAndCounter, ":" ) ); - version = strdup( strtok( NULL, ":" ) ); - counter = strdup( strtok( NULL, "" ) ); + siteType = strdup( strtok( typeAndVersionAndCounter, ":" ) ); + siteAlgorithm = strdup( strtok( NULL, ":" ) ); + siteCounter = strdup( strtok( NULL, "" ) ); mpw_free_string( typeAndVersionAndCounter ); } - loginName = mpw_get_token( &positionInLine, endOfLine, "\t\n" ); + siteLoginName = mpw_get_token( &positionInLine, endOfLine, "\t\n" ); siteName = mpw_get_token( &positionInLine, endOfLine, "\t\n" ); - exportContent = mpw_get_token( &positionInLine, endOfLine, "\n" ); + siteContent = mpw_get_token( &positionInLine, endOfLine, "\n" ); break; } default: { - err( "Unexpected import format: %lu\n", (unsigned long)importFormat ); - return false; + err( "Unexpected import format: %u\n", importFormat ); + *error = MPMarshallErrorFormat; + return NULL; } } - if (siteName && type && counter && version && uses && lastUsed) { - MPMarshalledSite *site = mpw_marshall_site( user, siteName, - (MPSiteType)atoi( type ), (uint32_t)atoi( counter ), (MPAlgorithmVersion)atoi( version ) ); - site->loginName = loginName; - site->uses = (unsigned int)atoi( uses ); - site->lastUsed = mpw_mktime( lastUsed ); + if (siteName && siteType && siteCounter && siteAlgorithm && siteUses && siteLastUsed) { + MPAlgorithmVersion siteAlgorithmInt = (MPAlgorithmVersion)atoi( siteAlgorithm ); + if (siteAlgorithmInt < MPAlgorithmVersionFirst || siteAlgorithmInt > MPAlgorithmVersionLast) { + err( "Invalid site algorithm version: %u\n", siteAlgorithmInt ); + *error = MPMarshallErrorIllegal; + return NULL; + } - if (exportContent) { + MPMarshalledSite *site = mpw_marshall_site( user, siteName, + (MPSiteType)atoi( siteType ), (uint32_t)atoi( siteCounter ), siteAlgorithmInt ); + if (!site) { + err( "Couldn't allocate a new site.\n" ); + return NULL; + } + + site->loginName = siteLoginName? strdup( siteLoginName ): NULL; + site->uses = (unsigned int)atoi( siteUses ); + site->lastUsed = mpw_mktime( siteLastUsed ); + if (siteContent && strlen( siteContent )) { if (user->redacted) { - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - site->algorithm, importUserName, masterPassword )) - return false; + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site->algorithm, importUserName, masterPassword )) { + err( "Couldn't derive master key.\n" ); + return NULL; + } // TODO: Encrypt Personal Passwords //site->content = aes128_cbc( masterKey, exportContent ); } else - site->content = exportContent; + site->content = strdup( siteContent ); } } else wrn( "Skipping: lastUsed=%s, uses=%s, type=%s, version=%s, counter=%s, loginName=%s, siteName=%s\n", - lastUsed, uses, type, version, counter, loginName, siteName ); + siteLastUsed, siteUses, siteType, siteAlgorithm, siteCounter, siteLoginName, siteName ); - mpw_free_string( lastUsed ); - mpw_free_string( uses ); - mpw_free_string( type ); - mpw_free_string( version ); - mpw_free_string( counter ); - mpw_free_string( loginName ); + mpw_free_string( siteLastUsed ); + mpw_free_string( siteUses ); + mpw_free_string( siteType ); + mpw_free_string( siteAlgorithm ); + mpw_free_string( siteCounter ); + mpw_free_string( siteLoginName ); mpw_free_string( siteName ); - mpw_free_string( exportContent ); + mpw_free_string( siteContent ); } mpw_free_string( importUserName ); mpw_free_string( importKeyID ); mpw_free_string( importDate ); mpw_free( masterKey, MPMasterKeySize ); + *error = MPMarshallSuccess; return user; } @@ -513,7 +570,7 @@ static json_object *mpw_marshall_get_json_section( char *sectionTokenizer = strdup( section ), *sectionToken = sectionTokenizer; for (sectionToken = strtok( sectionToken, "." ); sectionToken; sectionToken = strtok( NULL, "." )) if (!json_object_object_get_ex( json_value, sectionToken, &json_value ) || !json_value) { - err( "While resolving: %s: Missing value for: %s\n", section, sectionToken ); + dbg( "While resolving: %s: Missing value for: %s\n", section, sectionToken ); json_value = NULL; break; } @@ -553,14 +610,19 @@ static bool mpw_marshall_get_json_boolean( } MPMarshalledUser *mpw_marshall_read_json( - char *in, const char *masterPassword) { + char *in, const char *masterPassword, MPMarshallError *error) { - enum json_tokener_error error = json_tokener_success; - json_object *json_file = json_tokener_parse_verbose( in, &error ); - if (error != json_tokener_success) - err( "JSON error: %s\n", json_tokener_error_desc( error ) ); - if (!json_file) + *error = MPMarshallErrorInternal; + + // Parse JSON. + enum json_tokener_error json_error = json_tokener_success; + json_object *json_file = json_tokener_parse_verbose( in, &json_error ); + if (json_error != json_tokener_success) + err( "JSON error: %s\n", json_tokener_error_desc( json_error ) ); + if (!json_file) { + *error = MPMarshallErrorStructure; return NULL; + } // Parse import data. MPMasterKey masterKey = NULL; @@ -568,39 +630,51 @@ MPMarshalledUser *mpw_marshall_read_json( MPMarshalledUser *user = NULL; // Section: "export" - unsigned int importFormat = (unsigned int)mpw_marshall_get_json_int( json_file, "export.format", 0 ); - if (importFormat < 1) { - err( "Unsupported format: %d\n", importFormat ); + unsigned int fileFormat = (unsigned int)mpw_marshall_get_json_int( json_file, "export.format", 0 ); + if (fileFormat < 1) { + err( "Unsupported format: %u\n", fileFormat ); + *error = MPMarshallErrorFormat; return NULL; } - bool importRedacted = mpw_marshall_get_json_boolean( json_file, "export.redacted", true ); - const char *importDate = mpw_marshall_get_json_string( json_file, "export.date", NULL ); + bool fileRedacted = mpw_marshall_get_json_boolean( json_file, "export.redacted", true ); + const char *fileDate = mpw_marshall_get_json_string( json_file, "export.date", NULL ); // Section: "user" - unsigned int importAvatar = (unsigned int)mpw_marshall_get_json_int( json_file, "user.avatar", 0 ); - const char *importUserName = mpw_marshall_get_json_string( json_file, "user.full_name", NULL ); - const char *importLastUsed = mpw_marshall_get_json_string( json_file, "user.last_used", NULL ); - const char *importKeyID = mpw_marshall_get_json_string( json_file, "user.key_id", NULL ); - MPAlgorithmVersion - importAlgorithm = (MPAlgorithmVersion)mpw_marshall_get_json_int( json_file, "user.algorithm", MPAlgorithmVersionCurrent ); - MPSiteType importDefaultType = (MPSiteType)mpw_marshall_get_json_int( json_file, "user.default_type", MPSiteTypeDefault ); - - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - importAlgorithm, importUserName, masterPassword )) - return false; - if (importKeyID && !mpw_id_buf_equals( importKeyID, mpw_id_buf( masterKey, MPMasterKeySize ) )) { - err( "Incorrect master password for user import file: %s != %s\n", importKeyID, mpw_id_buf( masterKey, MPMasterKeySize ) ); - return false; + unsigned int avatar = (unsigned int)mpw_marshall_get_json_int( json_file, "user.avatar", 0 ); + const char *fullName = mpw_marshall_get_json_string( json_file, "user.full_name", NULL ); + const char *lastUsed = mpw_marshall_get_json_string( json_file, "user.last_used", NULL ); + const char *keyID = mpw_marshall_get_json_string( json_file, "user.key_id", NULL ); + MPAlgorithmVersion algorithm = (MPAlgorithmVersion)mpw_marshall_get_json_int( json_file, "user.algorithm", MPAlgorithmVersionCurrent ); + if (algorithm < MPAlgorithmVersionFirst || algorithm > MPAlgorithmVersionLast) { + err( "Invalid user algorithm version: %u\n", algorithm ); + *error = MPMarshallErrorIllegal; + return NULL; } - if (!(user = mpw_marshall_user( importUserName, masterPassword, importAlgorithm ))) { + MPSiteType defaultType = (MPSiteType)mpw_marshall_get_json_int( json_file, "user.default_type", MPSiteTypeDefault ); + + if (!fullName || !strlen( fullName )) { + err( "Missing value for full name.\n" ); + *error = MPMarshallErrorMissing; + return NULL; + } + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, algorithm, fullName, masterPassword )) { + err( "Couldn't derive master key.\n" ); + return NULL; + } + if (keyID && !mpw_id_buf_equals( keyID, mpw_id_buf( masterKey, MPMasterKeySize ) )) { + err( "Incorrect master password for user import file: %s != %s\n", keyID, mpw_id_buf( masterKey, MPMasterKeySize ) ); + *error = MPMarshallErrorMasterPassword; + return NULL; + } + if (!(user = mpw_marshall_user( fullName, masterPassword, algorithm ))) { err( "Couldn't allocate a new user.\n" ); - return false; + return NULL; } - user->redacted = importRedacted; - user->avatar = importAvatar; - user->defaultType = importDefaultType; - user->lastUsed = mpw_mktime( importLastUsed ); + user->redacted = fileRedacted; + user->avatar = avatar; + user->defaultType = defaultType; + user->lastUsed = mpw_mktime( lastUsed ); // Section "sites" json_object_iter json_site; @@ -608,34 +682,44 @@ MPMarshalledUser *mpw_marshall_read_json( json_object_object_foreachC( json_sites, json_site ) { MPSiteType siteType = (MPSiteType)mpw_marshall_get_json_int( json_site.val, "type", user->defaultType ); uint32_t siteCounter = (uint32_t)mpw_marshall_get_json_int( json_site.val, "counter", 1 ); - MPAlgorithmVersion algorithm = (MPAlgorithmVersion)mpw_marshall_get_json_int( json_site.val, "algorithm", user->algorithm ); - const char *exportContent = mpw_marshall_get_json_string( json_site.val, "password", NULL ); - const char *loginName = mpw_marshall_get_json_string( json_site.val, "login_name", NULL ); - bool loginGenerated = mpw_marshall_get_json_boolean( json_site.val, "login_generated", false ); - unsigned int uses = (unsigned int)mpw_marshall_get_json_int( json_site.val, "uses", 0 ); - const char *lastUsed = mpw_marshall_get_json_string( json_site.val, "last_used", NULL ); + MPAlgorithmVersion siteAlgorithm = (MPAlgorithmVersion)mpw_marshall_get_json_int( json_site.val, "algorithm", user->algorithm ); + if (siteAlgorithm < MPAlgorithmVersionFirst || siteAlgorithm > MPAlgorithmVersionLast) { + err( "Invalid site algorithm version: %u\n", siteAlgorithm ); + *error = MPMarshallErrorIllegal; + return NULL; + } + const char *siteContent = mpw_marshall_get_json_string( json_site.val, "password", NULL ); + const char *siteLoginName = mpw_marshall_get_json_string( json_site.val, "login_name", NULL ); + bool siteLoginGenerated = mpw_marshall_get_json_boolean( json_site.val, "login_generated", false ); + unsigned int siteUses = (unsigned int)mpw_marshall_get_json_int( json_site.val, "uses", 0 ); + const char *siteLastUsed = mpw_marshall_get_json_string( json_site.val, "last_used", NULL ); json_object *json_site_mpw = mpw_marshall_get_json_section( json_site.val, "_ext_mpw" ); - const char *url = mpw_marshall_get_json_string( json_site_mpw, "url", NULL ); + const char *siteURL = mpw_marshall_get_json_string( json_site_mpw, "url", NULL ); - MPMarshalledSite *site = mpw_marshall_site( user, json_site.key, siteType, siteCounter, algorithm ); - site->loginName = loginName; - site->loginGenerated = loginGenerated; - site->url = url; - site->uses = uses; - site->lastUsed = mpw_mktime( lastUsed ); + MPMarshalledSite *site = mpw_marshall_site( user, json_site.key, siteType, siteCounter, siteAlgorithm ); + if (!site) { + err( "Couldn't allocate a new site.\n" ); + return NULL; + } - if (exportContent) { + site->loginName = siteLoginName? strdup( siteLoginName ): NULL; + site->loginGenerated = siteLoginGenerated; + site->url = siteURL? strdup( siteURL ): NULL; + site->uses = siteUses; + site->lastUsed = mpw_mktime( siteLastUsed ); + if (siteContent && strlen( siteContent )) { if (user->redacted) { - if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, - site->algorithm, importUserName, masterPassword )) - return false; + if (!mpw_update_masterKey( &masterKey, &masterKeyAlgorithm, site->algorithm, fullName, masterPassword )) { + err( "Couldn't derive master key.\n" ); + return NULL; + } // TODO: Encrypt Personal Passwords //site->content = aes128_cbc( masterKey, exportContent ); } else - site->content = exportContent; + site->content = strdup( siteContent ); } json_object_iter json_site_question; @@ -645,18 +729,21 @@ MPMarshalledUser *mpw_marshall_read_json( } json_object_put( json_file ); + *error = MPMarshallSuccess; return user; } MPMarshalledUser *mpw_marshall_read( - char *in, const MPMarshallFormat inFormat, const char *masterPassword) { + char *in, const MPMarshallFormat inFormat, const char *masterPassword, MPMarshallError *error) { switch (inFormat) { case MPMarshallFormatFlat: - return mpw_marshall_read_flat( in, masterPassword ); + return mpw_marshall_read_flat( in, masterPassword, error ); case MPMarshallFormatJSON: - return mpw_marshall_read_json( in, masterPassword ); + return mpw_marshall_read_json( in, masterPassword, error ); } + err( "Unsupported input format: %u\n", inFormat ); + *error = MPMarshallErrorFormat; return NULL; } diff --git a/core/c/mpw-marshall.h b/core/c/mpw-marshall.h index bfb37859..d70ed6c9 100644 --- a/core/c/mpw-marshall.h +++ b/core/c/mpw-marshall.h @@ -35,6 +35,23 @@ typedef enum( unsigned int, MPMarshallFormat ) { MPMarshallFormatJSON, }; +typedef enum( unsigned int, MPMarshallError ) { + /** The marshalling operation completed successfully. */ + MPMarshallSuccess, + /** An error in the structure of the marshall file interrupted marshalling. */ + MPMarshallErrorStructure, + /** The marshall file uses an unsupported format version. */ + MPMarshallErrorFormat, + /** A required value is missing or not specified. */ + MPMarshallErrorMissing, + /** The given master password is not valid. */ + MPMarshallErrorMasterPassword, + /** An illegal value was specified. */ + MPMarshallErrorIllegal, + /** An internal system error interrupted marshalling. */ + MPMarshallErrorInternal, +}; + typedef struct MPMarshalledQuestion { const char *keyword; } MPMarshalledQuestion; @@ -74,12 +91,12 @@ typedef struct MPMarshalledUser { //// Marshalling. bool mpw_marshall_write( - char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser); + char **out, const MPMarshallFormat outFormat, const MPMarshalledUser *marshalledUser, MPMarshallError *error); //// Unmarshalling. MPMarshalledUser *mpw_marshall_read( - char *in, const MPMarshallFormat inFormat, const char *masterPassword); + char *in, const MPMarshallFormat inFormat, const char *masterPassword, MPMarshallError *error); //// Utilities. diff --git a/platform-independent/cli-c/cli/mpw-cli.c b/platform-independent/cli-c/cli/mpw-cli.c index 4e38b1ef..7d5ac9c2 100644 --- a/platform-independent/cli-c/cli/mpw-cli.c +++ b/platform-independent/cli-c/cli/mpw-cli.c @@ -226,10 +226,11 @@ int main(int argc, char *const argv[]) { fclose( mpwSites ); // Parse file. - MPMarshalledUser *user = mpw_marshall_read( buf, mpwSitesFormat, masterPassword ); + MPMarshallError marshallError = MPMarshallSuccess; + MPMarshalledUser *user = mpw_marshall_read( buf, mpwSitesFormat, masterPassword, &marshallError ); mpw_free_string( buf ); - if (!user) - wrn( "Couldn't parse configuration file: %s\n", mpwSitesPath ); + if (!user || marshallError != MPMarshallSuccess) + wrn( "Couldn't parse configuration file: %s: %d\n", mpwSitesPath, marshallError ); else { // Load defaults. @@ -257,8 +258,8 @@ int main(int argc, char *const argv[]) { else { buf = NULL; - if (!mpw_marshall_write( &buf, MPMarshallFormatJSON, user )) - wrn( "Couldn't encode updated configuration file." ); + if (!mpw_marshall_write( &buf, MPMarshallFormatJSON, user, &marshallError ) || marshallError != MPMarshallSuccess) + wrn( "Couldn't encode updated configuration file: %s: %d", mpwSitesPath, marshallError ); else if (fwrite( buf, sizeof( char ), strlen( buf ), mpwSites ) != strlen( buf )) wrn( "Error while writing updated configuration file: %s: %d\n", mpwSitesPath, ferror( mpwSites ) );