# HG changeset patch
# User Olaf Wintermann <olaf.wintermann@gmail.com>
# Date 1570866812 -7200
# Node ID f503c272bd70ca5c55310f68504bf3f28620d07a
# Parent  5162c1334c43b2c42d0c4141c59e2f15126c10e8
update secret store format description

diff -r 5162c1334c43 -r f503c272bd70 dav/main.c
--- a/dav/main.c	Sat Oct 12 08:51:31 2019 +0200
+++ b/dav/main.c	Sat Oct 12 09:53:32 2019 +0200
@@ -2646,7 +2646,7 @@
     
     char *id = assistant_getcfg("Credentials identifier");
     if(id && pwdstore_get(secrets, id)) {
-        fprintf(stderr, "Credentials with this id already exist");
+        fprintf(stderr, "Credentials with this id already exist.\n");
         return 1;
     }
     
diff -r 5162c1334c43 -r f503c272bd70 dav/pwd.c
--- a/dav/pwd.c	Sat Oct 12 08:51:31 2019 +0200
+++ b/dav/pwd.c	Sat Oct 12 09:53:32 2019 +0200
@@ -91,12 +91,18 @@
 }
 
 static int readval(UcxBuffer *in, char **val, int allowzero) {
+    // value  = length string
+    // length = uint32
+    // string = bytes
+    
     *val = NULL;
+    
+    // get length
     uint32_t length = 0;
     if(ucx_buffer_read(&length, 1, sizeof(uint32_t), in) != sizeof(uint32_t)) {
         return 0;
     }
-    length = ntohl(length);
+    length = ntohl(length); // convert from BE to host byte order
     if(length == 0) {
         if(allowzero) {
             return 1;
@@ -108,6 +114,7 @@
         return 0;
     }
     
+    // get value
     char *value = malloc(length + 1);
     value[length] = 0;
     if(ucx_buffer_read(value, 1, length, in) != length) {
@@ -120,18 +127,21 @@
 }
 
 static int read_indexentry(PwdStore *p, UcxBuffer *in) {
+    // read type of index element
     int type = ucx_buffer_getc(in);
     if(type == EOF || type != 0) {
         // only type 0 supported yet
         return 0;
     }
-    
+      
     char *id = NULL;
     UcxList *locations = NULL;
     
+    // get id (required)
     int ret = 0;
     if(readval(in, &id, FALSE)) {
         ret = 1;
+        // get locations
         char *location = NULL;
         while((ret = readval(in, &location, TRUE)) == 1) {
             if(!location) {
@@ -183,23 +193,35 @@
 
 int pwdstore_getindex(PwdStore *s) {
     uint32_t netindexlen;
+    
+    // set the position to the last 4 bytes of the header
+    // for reading index length
     s->content->pos = PWDS_HEADER_SIZE - sizeof(uint32_t);
+    
+    // read indexlen and convert to host byte order
     if(ucx_buffer_read(&netindexlen, 1, sizeof(uint32_t), s->content) != sizeof(uint32_t)) {
         return 1;
     }
     uint32_t indexlen = ntohl(netindexlen);
+    
+    // integer overflow check
     if(UINT32_MAX - PWDS_HEADER_SIZE < indexlen) {
         return 1;
     }
     if(s->content->size < PWDS_HEADER_SIZE + indexlen) {
         return 1;
     }
-    s->encoffset += indexlen;
+    // encrypted content starts after the index content
+    s->encoffset = PWDS_HEADER_SIZE + indexlen;
     
+    // the index starts after the header
     UcxBuffer *index = ucx_buffer_new(s->content->space+PWDS_HEADER_SIZE, indexlen, 0);
     index->size = indexlen;
+    
+    // read index
     while(read_indexentry(s, index)) {}
     
+    // free index buffer structure (not the content)
     ucx_buffer_free(index);
     
     return 0;
diff -r 5162c1334c43 -r f503c272bd70 dav/pwd.h
--- a/dav/pwd.h	Sat Oct 12 08:51:31 2019 +0200
+++ b/dav/pwd.h	Sat Oct 12 09:53:32 2019 +0200
@@ -53,11 +53,14 @@
  * pwfunc = 1 byte
  * salt = 16 bytes
  * indexlen = uint32
- * index = { length id locations zero }
+ * index = { itype length id locations zero }
+ * enc_content = iv bytes
+ * iv = 16 bytes
  * content = { entry }
- * entry = length id length username length password
+ * entry = itype length id length username length password
  * length = uint32
  * zero = 4 zero bytes
+ * itype = 1 byte
  * id = string
  * locations = { length string }
  * username = string