File indexing completed on 2024-05-19 05:53:29 

0001 /*
0002  * SPDX-License-Identifier: GPL-3.0-or-later
0003  * SPDX-FileCopyrightText: 2020 Johan Ouwerkerk <jm.ouwerkerk@gmail.com>
0004  */
0005 
0006 #include "secret.h"
0007 
0008 #include <QScopedPointer>
0009 #include <QtDebug>
0010 
0011 #include <cstring>
0012 
0013 namespace test
0014 {
0015     secrets::SecureMasterKey * useDummyPassword(accounts::AccountSecret *secret)
0016     {
0017         QByteArray salt;
0018         salt.resize(crypto_pwhash_SALTBYTES);
0019         salt.fill('\x0', -1);
0020         QString password(QStringLiteral("password"));
0021         QByteArray challenge = QByteArray::fromBase64("HG8yZFZRDbtkViPnLQCiRZco3PdjFuvn");
0022         QByteArray nonce = QByteArray::fromBase64("QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB");
0023 
0024         std::optional<secrets::EncryptedSecret> verify = secrets::EncryptedSecret::from(challenge, nonce);
0025         if (!verify) {
0026             qDebug () << "Failed to construct password challenge object";
0027             return nullptr;
0028         }
0029         return useDummyPassword(secret, password, salt, *verify);
0030     }
0031 
0032     secrets::SecureMasterKey * useDummyPassword(accounts::AccountSecret *secret, QString &password, QByteArray &salt, const secrets::EncryptedSecret &challenge)
0033     {
0034         if (!secret) {
0035             qDebug () << "No account secret provided...";
0036             return nullptr;
0037         }
0038 
0039         std::optional<secrets::KeyDerivationParameters> keyParams = secrets::KeyDerivationParameters::create(
0040             crypto_secretbox_KEYBYTES, crypto_pwhash_ALG_DEFAULT, crypto_pwhash_MEMLIMIT_MIN, crypto_pwhash_OPSLIMIT_MIN
0041         );
0042         if (!keyParams) {
0043             qDebug () << "Failed to construct key derivation parameters";
0044             return nullptr;
0045         }
0046 
0047         if (!secret->requestExistingPassword(challenge, salt, *keyParams)) {
0048             qDebug() << "Failed to simulate password request";
0049             return nullptr;
0050         }
0051         if (!secret->answerExistingPassword(password)) {
0052             qDebug() << "Failed to supply the password";
0053             return nullptr;
0054         }
0055 
0056         secrets::SecureMasterKey * k = secret->deriveKey();
0057         if (!k) {
0058             qDebug() << "Failed to derive the master key";
0059             return nullptr;
0060         }
0061         return k;
0062     }
0063 
0064     std::optional<secrets::EncryptedSecret> encrypt(const accounts::AccountSecret *secret, const QByteArray &tokenSecret)
0065     {
0066         QScopedPointer<secrets::SecureMemory> memory(secrets::SecureMemory::allocate((size_t) tokenSecret.size()));
0067         if (!memory) {
0068             qDebug () << "Failed to set up secure memory region for token secret";
0069             return std::nullopt;
0070         }
0071 
0072         std::memcpy(memory->data(), tokenSecret.constData(), memory->size());
0073         std::optional<secrets::EncryptedSecret> s = secret->encrypt(memory.data());
0074         if (!s) {
0075             qDebug () << "Failed to encrypt token secret";
0076             return std::nullopt;
0077         }
0078         return s;
0079     }
0080 }