forked from ansd/lastpass-go
-
Notifications
You must be signed in to change notification settings - Fork 0
/
ecb.go
108 lines (98 loc) · 2.84 KB
/
ecb.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
// This is a helper program used by scripts/create-unit-test-data.sh.
//
// It expects 2 arguments: username and password.
//
// It adds an AES 256 ECB base 64 encrypted account to LastPass.
// It outputs the ID of the added account.
package main
import (
"bytes"
"crypto/aes"
"encoding/base64"
"encoding/hex"
"encoding/xml"
"fmt"
"net/http"
"net/url"
"github.com/veloceapps/lastpass-go"
"github.com/veloceapps/lastpass-go/ecb"
"github.com/veloceapps/lastpass-go/test/unit/login"
)
func main() {
client, resp := login.NewClient()
key := resp.EncryptionKey
acctECBBase64 := &lastpass.Account{
Name: encryptECBBase64("nameECB", key),
Username: encryptECBBase64("user ECB", key),
Password: encryptECBBase64("password ECB", key),
Group: encryptECBBase64("groupECB", key),
Notes: encryptECBBase64("notes ECB", key),
URL: hex.EncodeToString([]byte("http://urlECB")),
}
add(client, resp.Token, acctECBBase64)
fmt.Print(acctECBBase64.ID)
}
func add(client *http.Client, token string, acct *lastpass.Account) {
type result struct {
Msg string `xml:"msg,attr"`
AccountID string `xml:"aid,attr"`
}
var response struct {
Result result `xml:"result"`
}
res, err := client.PostForm("https://lastpass.com/show_website.php", url.Values{
"extjs": []string{"1"},
"token": []string{token},
"method": []string{"cli"},
"pwprotect": []string{"off"},
"aid": []string{"0"},
"url": []string{acct.URL},
"name": []string{acct.Name},
"grouping": []string{acct.Group},
"username": []string{acct.Username},
"password": []string{acct.Password},
"extra": []string{acct.Notes},
})
if err != nil {
panic(err)
}
if res.StatusCode != http.StatusOK {
panic(res.Status)
}
if res.Header.Get("Content-Length") == "0" {
panic("Empty response")
}
defer res.Body.Close()
if err = xml.NewDecoder(res.Body).Decode(&response); err != nil {
panic(err)
}
if response.Result.Msg != "accountadded" {
panic("failed to add account")
}
acct.ID = response.Result.AccountID
}
func encryptECBBase64(plaintext string, encryptionKey []byte) string {
if len(plaintext) == 0 {
return ""
}
encrypted := encryptAES256ECB(plaintext, encryptionKey)
encoded := make([]byte, base64.StdEncoding.EncodedLen(len(encrypted)))
base64.StdEncoding.Encode(encoded, encrypted)
return string(encoded)
}
func encryptAES256ECB(plaintext string, encryptionKey []byte) []byte {
padded := pkcs7Pad([]byte(plaintext), aes.BlockSize)
block, err := aes.NewCipher(encryptionKey)
if err != nil {
panic(err)
}
enc := ecb.NewECBEncrypter(block)
encrypted := make([]byte, len(padded))
enc.CryptBlocks(encrypted, padded)
return encrypted
}
func pkcs7Pad(data []byte, blockSize int) []byte {
padding := blockSize - len(data)%blockSize
padtext := bytes.Repeat([]byte{byte(padding)}, padding)
return append(data, padtext...)
}