changeset
update secret store format description
Sat, 12 Oct 2019 09:53:32 +0200
- author
- Olaf Wintermann <olaf.wintermann@gmail.com>
- date
- Sat, 12 Oct 2019 09:53:32 +0200
- changeset 653
- f503c272bd70
- parent 652
- 5162c1334c43
- child 654
- 8f2b8f2a5cde
update secret store format description
| dav/main.c | file | annotate | diff | comparison | revisions | |
| dav/pwd.c | file | annotate | diff | comparison | revisions | |
| dav/pwd.h | file | annotate | diff | comparison | revisions |
--- a/dav/main.c Sat Oct 12 08:51:31 2019 +0200 +++ b/dav/main.c Sat Oct 12 09:53:32 2019 +0200 @@ -2646,7 +2646,7 @@ char *id = assistant_getcfg("Credentials identifier"); if(id && pwdstore_get(secrets, id)) { - fprintf(stderr, "Credentials with this id already exist"); + fprintf(stderr, "Credentials with this id already exist.\n"); return 1; }
--- a/dav/pwd.c Sat Oct 12 08:51:31 2019 +0200 +++ b/dav/pwd.c Sat Oct 12 09:53:32 2019 +0200 @@ -91,12 +91,18 @@ } static int readval(UcxBuffer *in, char **val, int allowzero) { + // value = length string + // length = uint32 + // string = bytes + *val = NULL; + + // get length uint32_t length = 0; if(ucx_buffer_read(&length, 1, sizeof(uint32_t), in) != sizeof(uint32_t)) { return 0; } - length = ntohl(length); + length = ntohl(length); // convert from BE to host byte order if(length == 0) { if(allowzero) { return 1; @@ -108,6 +114,7 @@ return 0; } + // get value char *value = malloc(length + 1); value[length] = 0; if(ucx_buffer_read(value, 1, length, in) != length) { @@ -120,18 +127,21 @@ } static int read_indexentry(PwdStore *p, UcxBuffer *in) { + // read type of index element int type = ucx_buffer_getc(in); if(type == EOF || type != 0) { // only type 0 supported yet return 0; } - + char *id = NULL; UcxList *locations = NULL; + // get id (required) int ret = 0; if(readval(in, &id, FALSE)) { ret = 1; + // get locations char *location = NULL; while((ret = readval(in, &location, TRUE)) == 1) { if(!location) { @@ -183,23 +193,35 @@ int pwdstore_getindex(PwdStore *s) { uint32_t netindexlen; + + // set the position to the last 4 bytes of the header + // for reading index length s->content->pos = PWDS_HEADER_SIZE - sizeof(uint32_t); + + // read indexlen and convert to host byte order if(ucx_buffer_read(&netindexlen, 1, sizeof(uint32_t), s->content) != sizeof(uint32_t)) { return 1; } uint32_t indexlen = ntohl(netindexlen); + + // integer overflow check if(UINT32_MAX - PWDS_HEADER_SIZE < indexlen) { return 1; } if(s->content->size < PWDS_HEADER_SIZE + indexlen) { return 1; } - s->encoffset += indexlen; + // encrypted content starts after the index content + s->encoffset = PWDS_HEADER_SIZE + indexlen; + // the index starts after the header UcxBuffer *index = ucx_buffer_new(s->content->space+PWDS_HEADER_SIZE, indexlen, 0); index->size = indexlen; + + // read index while(read_indexentry(s, index)) {} + // free index buffer structure (not the content) ucx_buffer_free(index); return 0;
--- a/dav/pwd.h Sat Oct 12 08:51:31 2019 +0200 +++ b/dav/pwd.h Sat Oct 12 09:53:32 2019 +0200 @@ -53,11 +53,14 @@ * pwfunc = 1 byte * salt = 16 bytes * indexlen = uint32 - * index = { length id locations zero } + * index = { itype length id locations zero } + * enc_content = iv bytes + * iv = 16 bytes * content = { entry } - * entry = length id length username length password + * entry = itype length id length username length password * length = uint32 * zero = 4 zero bytes + * itype = 1 byte * id = string * locations = { length string } * username = string
