Mercurial > hg > dav / file revision

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2018 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#include <stdio.h>
#include <stdlib.h>

#include <netinet/in.h>

#include "pwd.h"

#include <ucx/buffer.h>
#include <ucx/utils.h>



PwdStore* pwdstore_open(const char *file) {
    FILE *in = fopen(file, "r");
    if(!in) {
        return NULL;
    }
    
    UcxBuffer *buf = ucx_buffer_new(NULL, 2048, UCX_BUFFER_AUTOEXTEND);
    ucx_stream_copy(in, buf, (read_func)fread, (write_func)ucx_buffer_write);
    fclose(in);
    
    if(buf->size < PWDS_HEADER_SIZE || buf->space[0] != PWDS_MAGIC_CHAR) {
        ucx_buffer_free(buf);
        return NULL;
    }
    
    PwdStore *p = malloc(sizeof(PwdStore));
    p->ids = ucx_map_new(16);
    p->locations = NULL;
    p->content = buf;
    p->key = NULL;
    p->encoffset = PWDS_HEADER_SIZE;
    p->isdecrypted = 0;
    
    if(pwdstore_getindex(p)) {
        pwdstore_free(p);
        return NULL;
    }
    
    return p;
}

PwdStore* pwdstore_new(void) {
    PwdStore *p = calloc(1, sizeof(PwdStore));
    p->ids = ucx_map_new(16);
    p->content = ucx_buffer_new(NULL, PWDS_HEADER_SIZE, UCX_BUFFER_AUTOEXTEND);
    PWDS_MAGIC(p) = PWDS_MAGIC_CHAR;
    PWDS_VERSION(p) = 1;
    PWDS_ENC(p) = DAV_KEY_AES256;
    PWDS_PWFUNC(p) = DAV_PWFUNC_PBKDF2_SHA256;
    dav_rand_bytes(p->content->space+4, 16);
    p->isdecrypted = 1;
    p->encoffset = PWDS_HEADER_SIZE;
    return p;
}

static int readval(UcxBuffer *in, char **val, int allowzero) {
    *val = NULL;
    uint32_t length = 0;
    if(ucx_buffer_read(&length, 1, sizeof(uint32_t), in) != sizeof(uint32_t)) {
        return 0;
    }
    length = ntohl(length);
    if((length == 0 && !allowzero) || length > PWDSTORE_MAX_LEN) {
        return 0;
    }
    
    char *value = malloc(length + 1);
    value[length] = 0;
    if(ucx_buffer_read(value, 1, length, in) != length) {
        free(value);
        return 0;
    }
    
    *val = value;
    return 1;
}

static int read_pwdentry(PwdStore *p, UcxBuffer *in, int index) {
    int type = ucx_buffer_getc(in);
    if(type == EOF || type != 0) {
        // only type 0 supported yet
        return 0;
    }
    
    char *id = NULL;
    char *location = NULL;
    char *user = NULL;
    char *password = NULL;
    
    int res = 0;
    if((res += readval(in, &id, FALSE)) == 1) {
        if((res += readval(in, &location, TRUE)) == 2) {
            if(!index) {
                if((res += readval(in, &user, FALSE)) == 3) {
                    res += readval(in, &password, FALSE);
                }
            }
        }
    }
    
    int ret = 0;
    if((!index && res == 4) || (index && res == 2)) {
        pwdstore_put(p, id, location, user, password);
        ret = 1;
    }
    
    if(id) free(id);
    if(location) free(location);
    if(user) free(user);
    if(password) free(password);
    
    return ret;
    
}

int pwdstore_getindex(PwdStore *s) {
    uint32_t netindexlen;
    s->content->pos = PWDS_HEADER_SIZE - sizeof(uint32_t);
    if(ucx_buffer_read(&netindexlen, 1, sizeof(uint32_t), s->content) != sizeof(uint32_t)) {
        return 1;
    }
    uint32_t indexlen = ntohl(netindexlen);
    if(UINT32_MAX - PWDS_HEADER_SIZE < indexlen) {
        return 1;
    }
    if(s->content->size < PWDS_HEADER_SIZE + indexlen) {
        return 1;
    }
    s->encoffset += indexlen;
    
    UcxBuffer *index = ucx_buffer_new(s->content->space+PWDS_HEADER_SIZE, indexlen, 0);
    index->size = indexlen;
    while(read_pwdentry(s, index, 1)) {}
    
    ucx_buffer_free(index);
    
    return 0;
}

int pwdstore_decrypt(PwdStore *p) {
    if(!p->key) {
        return 1;
    }
    if(p->isdecrypted) {
        return 0;
    }
    
    // decrypt contet
    size_t encsz = p->content->size - p->encoffset;
    UcxBuffer *enc = ucx_buffer_new(p->content->space + p->encoffset, encsz, 0);
    enc->size = encsz;
    enc->size = p->content->size - p->encoffset;
    UcxBuffer *content = aes_decrypt_buffer(enc, p->key);
    ucx_buffer_free(enc);
    if(!content) {
        return 1;
    }
    
    while(read_pwdentry(p, content, 0)) {}
    
    ucx_buffer_free(content);
    
    return 0;
}

int pwdstore_setpassword(PwdStore *p, const char *password) {
    DavKey *key = dav_pw2key(
            password,
            p->content->space + 4,
            16,
            PWDS_PWFUNC(p),
            PWDS_ENC(p));
    if(!key) {
        return 1;
    }
    
    p->key = key;
    return 0;
}

void pwdstore_encsettings(PwdStore *p, uint8_t enc, uint8_t pwfunc) {
    PWDS_ENC(p) = enc;
    PWDS_PWFUNC(p) = pwfunc;
}

void pwdstore_free_entry(PwdEntry *e) {
    if(e->id) free(e->id);
    if(e->location) free(e->location);
    if(e->user) free(e->user);
    if(e->password) free(e->password);
    free(e);
}

void pwdstore_free(PwdStore* p) {
    ucx_map_free_content(p->ids, (ucx_destructor)pwdstore_free_entry);
    ucx_map_free(p->ids);
    
    ucx_list_free(p->locations);
    
    if(p->content) {
        ucx_buffer_free(p->content);
    }
    
    free(p);
}

int pwdstore_has_id(PwdStore *s, const char *id) {
    return ucx_map_cstr_get(s->ids, id) ? 1 : 0;
}

int pwdstore_has_location(PwdStore *s, const char *location) {
    return 0;
}

PwdEntry* pwdstore_get(PwdStore *p, const char *id) {
    PwdEntry *e = ucx_map_cstr_get(p->ids, id);
    if(e && e->user && e->password) {
        return e;
    } else {
        return NULL;
    }
}

void pwdstore_put(PwdStore *p, const char *id, const char *location, const char *username, const char *password) {
    PwdEntry *entry = malloc(sizeof(PwdEntry));
    entry->id = strdup(id);
    entry->location = location ? strdup(location) : NULL;
    entry->user = username ? strdup(username) : NULL;
    entry->password = password ? strdup(password) : NULL;
    ucx_map_cstr_put(p->ids, id, entry);
    
    if(location) {
        p->locations = ucx_list_append(p->locations, entry);
    }
}

int pwdstore_store(PwdStore *p, const char *file) {
    if(!p->key) {
        return 1;
    }
    
    UcxBuffer *index = ucx_buffer_new(NULL, 2048, UCX_BUFFER_AUTOEXTEND);
    UcxBuffer *content = ucx_buffer_new(NULL, 2048, UCX_BUFFER_AUTOEXTEND);
    
    UcxMapIterator i = ucx_map_iterator(p->ids);
    PwdEntry *value;
    UCX_MAP_FOREACH(key, value, i) {
        if(!value->id || !value->user || !value->password) {
            continue;
        }
        
        uint32_t idlen = strlen(value->id);
        uint32_t locationlen = value->location ? strlen(value->location) : 0;
        uint32_t ulen = strlen(value->user);
        uint32_t plen = strlen(value->password);
        uint32_t netidlen = htonl(idlen);
        uint32_t netlocationlen = htonl(locationlen);
        uint32_t netulen = htonl(ulen);
        uint32_t netplen = htonl(plen);
        
        // index buffer
        ucx_buffer_putc(index, 0); // type
        
        ucx_buffer_write(&netidlen, 1, sizeof(uint32_t), index);
        ucx_buffer_write(value->id, 1, idlen, index);
        ucx_buffer_write(&netlocationlen, 1, sizeof(uint32_t), index);
        if(value->location) {
            ucx_buffer_write(value->location, 1, locationlen, index);
        }
        
        // content buffer
        ucx_buffer_putc(content, 0); // type
        
        ucx_buffer_write(&netidlen, 1, sizeof(uint32_t), content);
        ucx_buffer_write(value->id, 1, idlen, content);
        ucx_buffer_write(&netlocationlen, 1, sizeof(uint32_t), content);
        if(value->location) {
            ucx_buffer_write(value->location, 1, locationlen, content);
        }
        ucx_buffer_write(&netulen, 1, sizeof(uint32_t), content);
        ucx_buffer_write(value->user, 1, ulen, content);
        ucx_buffer_write(&netplen, 1, sizeof(uint32_t), content);
        ucx_buffer_write(value->password, 1, plen, content);
    }
      
    content->pos = 0;
    UcxBuffer *enc = aes_encrypt_buffer(content, p->key);

    p->content->pos = PWDS_HEADER_SIZE - sizeof(uint32_t);
    p->content->size = PWDS_HEADER_SIZE;
    
    // add index after header
    uint32_t netindexlen = htonl((uint32_t)index->size);
    ucx_buffer_write(&netindexlen, 1, sizeof(uint32_t), p->content);
    ucx_buffer_write(index->space, 1, index->size, p->content);
    
    // add encrypted buffer
    ucx_buffer_write(enc->space, 1, enc->size, p->content);
    
    ucx_buffer_free(enc);
    
    FILE *out = fopen(file, "w");
    if(!out) {
        return 1;
    }
    fwrite(p->content->space, 1, p->content->size, out);
    fclose(out);
    
    return 0;
}