libidav/pwdstore.h

Thu, 28 Nov 2024 17:18:43 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Thu, 28 Nov 2024 17:18:43 +0100
changeset 848
b71598a22e11
parent 841
21403bdaf54c
permissions
-rw-r--r--

fix property set/remove list size checks

/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright 2024 Olaf Wintermann. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 *   1. Redistributions of source code must retain the above copyright
 *      notice, this list of conditions and the following disclaimer.
 *
 *   2. Redistributions in binary form must reproduce the above copyright
 *      notice, this list of conditions and the following disclaimer in the
 *      documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#ifndef LIBIDAV_PWDSTORE_H
#define LIBIDAV_PWDSTORE_H

#ifdef __cplusplus
extern "C" {
#endif

#include <stdlib.h>
#include <inttypes.h>

#include <cx/map.h>
#include <cx/buffer.h>
#include <cx/linked_list.h>
#include "crypto.h"

#ifdef __cplusplus
extern "C" {
#endif

#define PWDSTORE_MAX_LEN 4096
    
/*
 * File Format:
 * 
 * file = header, index, enc_content
 * header = magic, version, enc, pwfunc, salt, indexlen
 * magic = 1 byte
 * version = 1 byte
 * enc = 1 byte
 * pwfunc = 1 byte
 * salt = 16 bytes
 * indexlen = uint32
 * index = { itype length id locations zero }
 * enc_content = iv bytes
 * iv = 16 bytes
 * content = { entry }
 * entry = itype length id length username length password
 * length = uint32
 * zero = 4 zero bytes
 * itype = 1 byte
 * id = string
 * locations = { length string }
 * username = string
 * password = string
 * 
 * The content is AES encrypted with a key derived from a password
 * and the salt. The first 16 bytes are the aes iv.
 * 
 * All integers are big endian
 */
    
#define PWDS_HEADER_SIZE 24
    
typedef struct PwdStore        PwdStore;
typedef struct PwdEntry        PwdEntry;
typedef struct PwdIndexEntry   PwdIndexEntry;

struct PwdStore {
    /*
     * map of all credentials
     * key is the username
     * value is PwdEntry*
     */
    CxMap *ids;
    
    /*
     * list of all credentials with location
     * value is PwdIndexEntry*
     */
    CxList *locations;
    
    /*
     * list of all credentials without location
     * value is PwdIndexEntry*
     */
    CxList *noloc;
    
    /*
     * index map that contains all elements from the lists
     * 'locations' and 'noloc'
     */
    CxMap *index;
    
    /*
     * a buffer containing the complete file content
     */
    CxBuffer *content;
    
    /*
     * key used for encryption/decryption
     */
    DavKey *key;
    
    /*
     * optional shell command, that is used for getting the master password
     */
    char *unlock_cmd;
    
    /*
     * optional shell command, that is exected when the secretstore is closed
     */
    char *lock_cmd;
    
    /*
     * start offset of the encrypted buffer
     */
    uint32_t encoffset;
    
    /*
     * indicates if the PwdStore is decrypted with pwdstore_decrypt
     */
    uint8_t isdecrypted;
};

#define PWDS_MAGIC(p) (p)->content->space[0]
#define PWDS_VERSION(p) (p)->content->space[1]
#define PWDS_ENC(p) (p)->content->space[2]
#define PWDS_PWFUNC(p) (p)->content->space[3]

#define PWDS_MAGIC_CHAR 'P'

struct PwdEntry {
    char *id;
    char *user;
    char *password;
};

struct PwdIndexEntry {
    char *id;
    CxList *locations;
};

/*
 * opens the password store
 * the content is still encrypted and must be decrypted using pwdstore_decrypt
 */
PwdStore* pwdstore_open(const char *file);

PwdStore* pwdstore_new(void);

PwdStore* pwdstore_clone(PwdStore *p);

/*
 * decrypts the password store with the previously set password
 */
int pwdstore_decrypt(PwdStore *p);

int pwdstore_setpassword(PwdStore *p, const char *password);

void pwdstore_encsettings(PwdStore *p, uint8_t enc, uint8_t pwfunc);

void pwdstore_free_entry(PwdEntry *e);
void pwdstore_free(PwdStore* p);

int pwdstore_has_id(PwdStore *s, const char *id);

PwdEntry* pwdstore_get(PwdStore *p, const char *id);

void pwdstore_put(PwdStore *p, const char *id, const char *username, const char *password);
void pwdstore_put_index(PwdStore *p, char *id, CxList *locations);

void pwdstore_remove_entry(PwdStore *s, const char *id);

int pwdstore_store(PwdStore *p, const char *file);


int pwdstore_decrypt_secrets(PwdStore *secrets);






typedef char*(*pwdstore_pwinput_func)(void *userdata);

void pwdstore_set_pwinput_func(pwdstore_pwinput_func func, void *userdata);

char * pwdstore_default_pwinput(char *prompt);



/* private */
int pwdstore_getindex(PwdStore *s);

#ifdef __cplusplus
}
#endif

#endif /* LIBIDAV_PWDSTORE_H */

mercurial