Skip to content

Commit

Permalink
Refactoring (#183)
Browse files Browse the repository at this point in the history
  • Loading branch information
@akopachov
akopachov committed Aug 3, 2023
1 parent 1b3e5d8 commit 446e0a1
Show file tree
Hide file tree
Showing 23 changed files with 374 additions and 412 deletions.
14 changes: 3 additions & 11 deletions cli/commands/add/add.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,9 +11,7 @@
struct TotpAddContext {
FuriString* args;
Cli* cli;
uint8_t* iv;
uint8_t crypto_version;
uint8_t crypto_key_slot;
const CryptoSettings* crypto_settings;
};

enum TotpIteratorUpdateTokenResultsEx {
Expand Down Expand Up @@ -70,9 +68,7 @@ static TotpIteratorUpdateTokenResult
furi_string_get_cstr(temp_str),
furi_string_size(temp_str),
token_secret_encoding,
context_t->iv,
context_t->crypto_version,
context_t->crypto_key_slot);
context_t->crypto_settings);

furi_string_secure_free(temp_str);

Expand Down Expand Up @@ -171,11 +167,7 @@ void totp_cli_command_add_handle(PluginState* plugin_state, FuriString* args, Cl
TOTP_CLI_LOCK_UI(plugin_state);

struct TotpAddContext add_context = {
.args = args,
.cli = cli,
.iv = &plugin_state->iv[0],
.crypto_version = plugin_state->crypto_version,
.crypto_key_slot = plugin_state->crypto_key_slot};
.args = args, .cli = cli, .crypto_settings = &plugin_state->crypto_settings};
TotpIteratorUpdateTokenResult add_result =
totp_token_info_iterator_add_new_token(iterator_context, &add_token_handler, &add_context);

Expand Down
2 changes: 1 addition & 1 deletion cli/commands/pin/pin.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ void totp_cli_command_pin_handle(PluginState* plugin_state, FuriString* args, Cl

bool do_change = false;
bool do_remove = false;
uint8_t crypto_key_slot = plugin_state->crypto_key_slot;
uint8_t crypto_key_slot = plugin_state->crypto_settings.crypto_key_slot;

bool arguments_parsed = true;
while(args_read_string_and_trim(args, temp_str)) {
Expand Down
14 changes: 3 additions & 11 deletions cli/commands/update/update.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,9 +13,7 @@
struct TotpUpdateContext {
FuriString* args;
Cli* cli;
uint8_t* iv;
uint8_t crypto_version;
uint8_t crypto_key_slot;
const CryptoSettings* crypto_settings;
};

enum TotpIteratorUpdateTokenResultsEx {
Expand Down Expand Up @@ -98,9 +96,7 @@ static TotpIteratorUpdateTokenResult
furi_string_get_cstr(temp_str),
furi_string_size(temp_str),
token_secret_encoding,
context_t->iv,
context_t->crypto_version,
context_t->crypto_key_slot)) {
context_t->crypto_settings)) {
furi_string_secure_free(temp_str);
return TotpIteratorUpdateTokenResultInvalidSecret;
}
Expand Down Expand Up @@ -155,11 +151,7 @@ void totp_cli_command_update_handle(PluginState* plugin_state, FuriString* args,
totp_token_info_iterator_go_to(iterator_context, token_number - 1);

struct TotpUpdateContext update_context = {
.args = args,
.cli = cli,
.iv = &plugin_state->iv[0],
.crypto_version = plugin_state->crypto_version,
.crypto_key_slot = plugin_state->crypto_key_slot};
.args = args, .cli = cli, .crypto_settings = &plugin_state->crypto_settings};
TotpIteratorUpdateTokenResult update_result = totp_token_info_iterator_update_current_token(
iterator_context, &update_token_handler, &update_context);

Expand Down
93 changes: 45 additions & 48 deletions services/config/config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -375,7 +375,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
break;
}

plugin_state->crypto_version = tmp_uint32;
plugin_state->crypto_settings.crypto_version = tmp_uint32;

if(!flipper_format_rewind(fff_data_file)) {
break;
Expand All @@ -388,7 +388,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
break;
}

plugin_state->crypto_key_slot = tmp_uint32;
plugin_state->crypto_settings.crypto_key_slot = tmp_uint32;

if(!flipper_format_rewind(fff_data_file)) {
break;
Expand All @@ -397,7 +397,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
if(!flipper_format_read_hex(
fff_data_file,
TOTP_CONFIG_KEY_BASE_IV,
&plugin_state->base_iv[0],
&plugin_state->crypto_settings.base_iv[0],
CRYPTO_IV_LENGTH)) {
FURI_LOG_D(LOGGING_TAG, "Missing base IV");
}
Expand All @@ -410,22 +410,23 @@ bool totp_config_file_load(PluginState* const plugin_state) {
if(flipper_format_get_value_count(
fff_data_file, TOTP_CONFIG_KEY_CRYPTO_VERIFY, &crypto_size) &&
crypto_size > 0) {
plugin_state->crypto_verify_data = malloc(sizeof(uint8_t) * crypto_size);
furi_check(plugin_state->crypto_verify_data != NULL);
plugin_state->crypto_verify_data_length = crypto_size;
plugin_state->crypto_settings.crypto_verify_data =
malloc(sizeof(uint8_t) * crypto_size);
furi_check(plugin_state->crypto_settings.crypto_verify_data != NULL);
plugin_state->crypto_settings.crypto_verify_data_length = crypto_size;
if(!flipper_format_read_hex(
fff_data_file,
TOTP_CONFIG_KEY_CRYPTO_VERIFY,
plugin_state->crypto_verify_data,
plugin_state->crypto_settings.crypto_verify_data,
crypto_size)) {
FURI_LOG_D(LOGGING_TAG, "Missing crypto verify token");
free(plugin_state->crypto_verify_data);
plugin_state->crypto_verify_data = NULL;
plugin_state->crypto_verify_data_length = 0;
free(plugin_state->crypto_settings.crypto_verify_data);
plugin_state->crypto_settings.crypto_verify_data = NULL;
plugin_state->crypto_settings.crypto_verify_data_length = 0;
}
} else {
plugin_state->crypto_verify_data = NULL;
plugin_state->crypto_verify_data_length = 0;
plugin_state->crypto_settings.crypto_verify_data = NULL;
plugin_state->crypto_settings.crypto_verify_data_length = 0;
}

if(!flipper_format_rewind(fff_data_file)) {
Expand All @@ -443,8 +444,11 @@ bool totp_config_file_load(PluginState* const plugin_state) {
}

if(!flipper_format_read_bool(
fff_data_file, TOTP_CONFIG_KEY_PINSET, &plugin_state->pin_set, 1)) {
plugin_state->pin_set = true;
fff_data_file,
TOTP_CONFIG_KEY_PINSET,
&plugin_state->crypto_settings.pin_required,
1)) {
plugin_state->crypto_settings.pin_required = true;
}

if(!flipper_format_rewind(fff_data_file)) {
Expand Down Expand Up @@ -498,9 +502,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
totp_token_info_iterator_alloc(
storage,
plugin_state->config_file_context->config_file,
plugin_state->iv,
plugin_state->crypto_version,
plugin_state->crypto_key_slot);
&plugin_state->crypto_settings);
result = true;
} while(false);

Expand All @@ -513,33 +515,39 @@ bool totp_config_file_update_crypto_signatures(const PluginState* plugin_state)
flipper_format_rewind(config_file);
bool update_result = false;
do {
uint32_t tmp_uint32 = plugin_state->crypto_version;
uint32_t tmp_uint32 = plugin_state->crypto_settings.crypto_version;
if(!flipper_format_insert_or_update_uint32(
config_file, TOTP_CONFIG_KEY_CRYPTO_VERSION, &tmp_uint32, 1)) {
break;
}

tmp_uint32 = plugin_state->crypto_key_slot;
tmp_uint32 = plugin_state->crypto_settings.crypto_key_slot;
if(!flipper_format_insert_or_update_uint32(
config_file, TOTP_CONFIG_KEY_CRYPTO_KEY_SLOT, &tmp_uint32, 1)) {
break;
}

if(!flipper_format_insert_or_update_hex(
config_file, TOTP_CONFIG_KEY_BASE_IV, plugin_state->base_iv, CRYPTO_IV_LENGTH)) {
config_file,
TOTP_CONFIG_KEY_BASE_IV,
plugin_state->crypto_settings.base_iv,
CRYPTO_IV_LENGTH)) {
break;
}

if(!flipper_format_insert_or_update_hex(
config_file,
TOTP_CONFIG_KEY_CRYPTO_VERIFY,
plugin_state->crypto_verify_data,
plugin_state->crypto_verify_data_length)) {
plugin_state->crypto_settings.crypto_verify_data,
plugin_state->crypto_settings.crypto_verify_data_length)) {
break;
}

if(!flipper_format_insert_or_update_bool(
config_file, TOTP_CONFIG_KEY_PINSET, &plugin_state->pin_set, 1)) {
config_file,
TOTP_CONFIG_KEY_PINSET,
&plugin_state->crypto_settings.pin_required,
1)) {
break;
}

Expand Down Expand Up @@ -581,24 +589,20 @@ bool totp_config_file_update_encryption(
return false;
}

uint8_t old_iv[CRYPTO_IV_LENGTH];
memcpy(&old_iv[0], &plugin_state->iv[0], CRYPTO_IV_LENGTH);

uint8_t old_crypto_key_slot = plugin_state->crypto_key_slot;
uint8_t old_crypto_version = plugin_state->crypto_version;
CryptoSettings old_crypto_settings = plugin_state->crypto_settings;

memset(&plugin_state->iv[0], 0, CRYPTO_IV_LENGTH);
memset(&plugin_state->base_iv[0], 0, CRYPTO_IV_LENGTH);
if(plugin_state->crypto_verify_data != NULL) {
free(plugin_state->crypto_verify_data);
plugin_state->crypto_verify_data = NULL;
memset(&plugin_state->crypto_settings.iv[0], 0, CRYPTO_IV_LENGTH);
memset(&plugin_state->crypto_settings.base_iv[0], 0, CRYPTO_IV_LENGTH);
if(plugin_state->crypto_settings.crypto_verify_data != NULL) {
free(plugin_state->crypto_settings.crypto_verify_data);
plugin_state->crypto_settings.crypto_verify_data = NULL;
}

plugin_state->crypto_key_slot = new_crypto_key_slot;
plugin_state->crypto_version = CRYPTO_LATEST_VERSION;
plugin_state->crypto_settings.crypto_key_slot = new_crypto_key_slot;
plugin_state->crypto_settings.crypto_version = CRYPTO_LATEST_VERSION;

CryptoSeedIVResult seed_result =
totp_crypto_seed_iv(plugin_state, new_pin_length > 0 ? new_pin : NULL, new_pin_length);
CryptoSeedIVResult seed_result = totp_crypto_seed_iv(
&plugin_state->crypto_settings, new_pin_length > 0 ? new_pin : NULL, new_pin_length);
if(seed_result & CryptoSeedIVResultFlagSuccess &&
seed_result & CryptoSeedIVResultFlagNewCryptoVerifyData &&
!totp_config_file_update_crypto_signatures(plugin_state)) {
Expand Down Expand Up @@ -649,21 +653,14 @@ bool totp_config_file_update_encryption(

size_t plain_token_length;
uint8_t* plain_token = totp_crypto_decrypt(
encrypted_token,
secret_bytes_count,
&old_iv[0],
old_crypto_version,
old_crypto_key_slot,
&plain_token_length);
encrypted_token, secret_bytes_count, &old_crypto_settings, &plain_token_length);

free(encrypted_token);
size_t encrypted_token_length;
encrypted_token = totp_crypto_encrypt(
plain_token,
plain_token_length,
&plugin_state->iv[0],
plugin_state->crypto_version,
plugin_state->crypto_key_slot,
&plugin_state->crypto_settings,
&encrypted_token_length);

memset_s(plain_token, plain_token_length, 0, plain_token_length);
Expand Down Expand Up @@ -700,12 +697,12 @@ bool totp_config_file_ensure_latest_encryption(
const uint8_t* pin,
uint8_t pin_length) {
bool result = true;
if(plugin_state->crypto_version < CRYPTO_LATEST_VERSION) {
if(plugin_state->crypto_settings.crypto_version < CRYPTO_LATEST_VERSION) {
FURI_LOG_I(LOGGING_TAG, "Migration to crypto v%d is needed", CRYPTO_LATEST_VERSION);
char* backup_path = totp_config_file_backup(plugin_state);
if(backup_path != NULL) {
free(backup_path);
uint8_t crypto_key_slot = plugin_state->crypto_key_slot;
uint8_t crypto_key_slot = plugin_state->crypto_settings.crypto_key_slot;
if(!totp_crypto_check_key_slot(crypto_key_slot)) {
crypto_key_slot = DEFAULT_CRYPTO_KEY_SLOT;
}
Expand Down
17 changes: 5 additions & 12 deletions services/config/token_info_iterator.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
#include <flipper_format/flipper_format_stream.h>
#include <toolbox/stream/file_stream.h>
#include "../../types/common.h"
#include "../../types/crypto_settings.h"

#define CONFIG_FILE_PART_FILE_PATH CONFIG_FILE_DIRECTORY_PATH "/totp.conf.part"
#define STREAM_COPY_BUFFER_SIZE 128
Expand All @@ -15,9 +16,7 @@ struct TokenInfoIteratorContext {
size_t last_seek_index;
TokenInfo* current_token;
FlipperFormat* config_file;
uint8_t* iv;
uint8_t crypto_version;
uint8_t crypto_key_slot;
CryptoSettings* crypto_settings;
Storage* storage;
};

Expand Down Expand Up @@ -242,9 +241,7 @@ static bool
TokenInfoIteratorContext* totp_token_info_iterator_alloc(
Storage* storage,
FlipperFormat* config_file,
uint8_t* iv,
uint8_t crypto_version,
uint8_t crypto_key_slot) {
CryptoSettings* crypto_settings) {
Stream* stream = flipper_format_get_raw_stream(config_file);
stream_rewind(stream);
size_t tokens_count = 0;
Expand All @@ -262,9 +259,7 @@ TokenInfoIteratorContext* totp_token_info_iterator_alloc(
context->total_count = tokens_count;
context->current_token = token_info_alloc();
context->config_file = config_file;
context->iv = iv;
context->crypto_version = crypto_version;
context->crypto_key_slot = crypto_key_slot;
context->crypto_settings = crypto_settings;
context->storage = storage;
return context;
}
Expand Down Expand Up @@ -461,9 +456,7 @@ bool totp_token_info_iterator_go_to(TokenInfoIteratorContext* context, size_t to
furi_string_get_cstr(temp_str),
furi_string_size(temp_str),
PlainTokenSecretEncodingBase32,
context->iv,
context->crypto_version,
context->crypto_key_slot)) {
context->crypto_settings)) {
FURI_LOG_W(
LOGGING_TAG,
"Token \"%s\" has plain secret",
Expand Down
8 changes: 2 additions & 6 deletions services/config/token_info_iterator.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,17 +28,13 @@ enum TotpIteratorUpdateTokenResults {
* @brief Initializes a new token info iterator
* @param storage storage reference
* @param config_file config file to use
* @param iv initialization vector (IV) to be used for encryption\decryption
* @param crypto_version crypto algorithm version to be used
* @param crypto_key_slot crypto key slot to be used
* @param crypto_settings crypto settings
* @return Token info iterator context
*/
TokenInfoIteratorContext* totp_token_info_iterator_alloc(
Storage* storage,
FlipperFormat* config_file,
uint8_t* iv,
uint8_t crypto_version,
uint8_t crypto_key_slot);
CryptoSettings* crypto_settings);

/**
* @brief Navigates iterator to the token with given index
Expand Down
Loading

0 comments on commit 446e0a1

Please sign in to comment.