1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
|
// -*- c++ -*-
//
// $Id: file.h 2843 2009-09-01 05:46:47Z rafi $
//
// Copyright (C) 2008, 2009 Rafael Ostertag
//
// This file is part of YAPET.
//
// YAPET is free software: you can redistribute it and/or modify it under the
// terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// YAPET is distributed in the hope that it will be useful, but WITHOUT ANY
// WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// YAPET. If not, see <http://www.gnu.org/licenses/>.
//
// Additional permission under GNU GPL version 3 section 7
//
// If you modify this program, or any covered work, by linking or combining it
// with the OpenSSL project's OpenSSL library (or a modified version of that
// library), containing parts covered by the terms of the OpenSSL or SSLeay
// licenses, Rafael Ostertag grants you additional permission to convey the
// resulting work. Corresponding Source for a non-source form of such a
// combination shall include the source code for the parts of OpenSSL used as
// well as that of the covered work.
//
#ifndef _FILE_H
#define _FILE_H
#ifdef HAVE_CONFIG_H
# include <config.h>
#endif
#ifdef HAVE_ASSERT_H
# include <assert.h>
#endif
#ifdef HAVE_STRING
# include <string>
#endif
#ifdef HAVE_LIST
# include <list>
#endif
#include "yapetexception.h"
#include "bdbuffer.h"
#include "structs.h"
#include "key.h"
#include "partdec.h"
namespace YAPET {
/**
* @brief Class for storing and retrieving encrypted data to and from disk
*
* This class takes care of storing and retrieving encrypted password
* records to and from disk.
*
* Each file created by this class starts with a unencrypted recognition
* string which currently consists of the 8 bytes "YAPET1.0" as depicted
* below.
*
@verbatim
+--------+--------+--------+--------+--------+--------+--------+--------+
| Y | A | P | E | T | 1 | . | 0 |
| 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte |
+--------+--------+--------+--------+--------+--------+--------+--------+
@endverbatim
*
* After the recognition string a 4 byte unsigned integer which is stored
* in big-endian order follows. This indicator is read to determine how
* many bytes to read in order to get the encrypted header.
*
@verbatim
+--------+--------+--------+--------+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted header exactly as many bytes |
| indicated by the prefix |
+--------+--------+--------+--------+--...---+
@endverbatim
*
* The decrypted header is 25 bytes in size (pre version 0.6). The first
* byte indicates the version of the file. The next 20 bytes are used as
* control string. After decryption, the control string is compared to the
* predefined clear text control string, in order to find out whether or
* not the key used to decrypt was the same used to encrypt.
*
@verbatim
+--------+
|Version |
| 1 byte |
+--------+--------+--------+--...---+
| Control String |
| 20 bytes |
+--------+--------+--------+--...---+
| Time when the Password |
| was set (4 bytes) |
+--------+--------+--------+
@endverbatim
*
* As of version 0.6, it File reads headers using a time_t value of 32 or 64
* bits (see above for 32 bits header). It writes always a header with 64
* bits as shown below. The header size is 29 bytes.
*
@verbatim
+--------+
|Version |
| 1 byte |
+--------+--------+--------+--...---+
| Control String |
| 20 bytes |
+--------+--------+--------+--...---+--------+--------+--------+--------+
| Time when the Password was set (8 bytes) |
| |
+--------+--------+--------+--------+--------+--------+--------+--------+
@endverbatim
*
* Each encrypted password record is prefixed by a 4 byte unsigned integer
* which is stored in big-endian order. The methods take care returning them
* in the appropriate order of the host system. That integer is used to
* indicate the length of the following encrypted data chunk.
*
@verbatim
+--------+--------+--------+--------+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted password record of exactly as |
| many bytes as indicated by the prefix |
+--------+--------+--------+--------+--...---+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted password record of exactly as |
| many bytes as indicated by the prefix |
+--------+--------+--------+--------+--...---+
[ . . . ]
@endverbatim
*
* Putting this together, an encrypted file created by this class looks like
* this
*
@verbatim
+--------+--------+--------+--------+--------+--------+--------+--------+
| Y | A | P | E | T | 1 | . | 0 |
| 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte | 1 byte |
+--------+--------+--------+--------+--------+--------+--------+--------+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted header exactly as many bytes |
| indicated by the prefix |
+--------+--------+--------+--------+--...---+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted password record of exactly as |
| many bytes as indicated by the prefix |
+--------+--------+--------+--------+--...---+
| Length indicator in big-endian |
| order (4 bytes) |
+--------+--------+--------+--------+--...---+
| Encrypted password record of exactly as |
| many bytes as indicated by the prefix |
+--------+--------+--------+--------+--...---+
[ . . . ]
@endverbatim
*
* Instances of this class keeps the file open for the lifetime of the
* instance.
*
* When saving a password record list, the file is reopened with the \c
* O_TRUNC specified. The recognition string and header are copied over from
* the former version of the file.
*
* The term 32bit header refers to the FileHeader_32 struct, because of the
* use of int32_t for storing the time the password was set.
*
* The term 64bit header refers to the FileHeader_64 struct, because of the
* use of int64_t for storing the time the password was set.
*
* @sa Record, FileHeader, PasswordRecord
*/
class File {
private:
/**
* @brief The file descriptor of the password file
*
* The file descriptor of the password file.
*/
int fd;
/**
* @brief The file name of the file
*
* The file name of the file.
*/
std::string filename;
/**
* @brief The modification time of the file.
*
* Holds the modification time of the file. It has to be
* updated each time a write occurs.
*
* This is used to detect file modification made outside
* this class.
*
* As of version 0.6, a 64 bit variable is used
*/
int64_t mtime;
/**
* @brief Flag for enabling file security.
*
* In this context "file security" means tight access restrictions
* on the files created, or refusing to read a file that has not
* tight access restriction set.
*
* If this flag is \c true, reading a file not having the mode 0600
* is not allowed and files created will have the mode
* 0600. Setting this to \c false, will disable the checks and not
* enforce the mode 0600 when writing files.
*/
bool usefsecurity;
//! Checks the permissions and owner of a file for security
void checkFileSecurity() throw (YAPETException);
//! Sets the owner and permissions on a file
void setFileSecurity() throw (YAPETException);
//! Creates and opens a new file.
void openCreate() throw (YAPETException);
//! Opens an existing file
void openNoCreate() throw (YAPETException);
//! Returns the last modification time of the open file
int64_t lastModified() const throw (YAPETException);
//! Seek to a position relative to the current offset
void seekCurr (off_t offset) const throw (YAPETException);
//! Seek to an absolute offset
void seekAbs (off_t offset) const throw (YAPETException);
//! Prepare the file for saving the password records.
void preparePWSave() throw (YAPETException);
protected:
template <class t>
union ENDIAN {
/**
* @brief bits unsigned integer in host order.
*
* 32 bits unsigned integer in host order.
*/
t value;
uint8_t fields[sizeof(t)];
};
#ifndef WORDS_BIGENDIAN
/**
* @brief The given integer will be converted to big endian format
*
* Converts the length indicator provided to the big endian byte
* order, suitable for writing to disk.
*
* @param i the length indicator in host byte order
*
* @return an unsigned integer in big-endian format.
*/
template<class t>
t int_to_disk (t le) const {
ENDIAN<t> in;
ENDIAN<t> out;
in.value = le;
out.value = 0;
for (register unsigned int i=0; i < sizeof(t); i++)
out.fields[(sizeof(t)-1)-i] = in.fields[i];
return out.value;
}
/**
* @brief The given integer will be converted to the endianess of the host
*
* Converts the length indicator read from the file to the host byte
* order. The length indicator is always stored in big endian order.
*
* @param i the length indicator as read from the file
*
* @return an unsigned 32 bits integer in host byte order.
*/
template<class t>
t int_from_disk (t i) const {
return int_to_disk<t>(i);
}
#else
/**
* @brief The given integer will be converted to big
* endian format
*
* Converts the length indicator provided to the big endian byte
* order, suitable for writing to disk.
*
* @param i the length indicator in host byte order
*
* @return an unsigned integer in big-endian format.
*/
template<class t>
t int_to_disk (t i) const {
return i;
}
/**
* @brief The given integer will be converted to the
* endianess of the host
*
* Converts the length indicator read from the file to the
* host byte order. The length indicator is always stored
* in big endian order.
*
* @param i the length indicator as read from the file
*
* @return an unsigned integer in host byte order.
*/
template<class t>
t int_from_disk (t i) const {
return i;
}
#endif // WORDS_BIGENDIAN
//! Seeks to the first password record length indicator in
//! the file
void seekDataSection() const throw (YAPETException);
//! Reads from the current offset in the file
BDBuffer* read() const throw (YAPETException);
//! Writes at the current offset in the file
void write (const BDBuffer& buff,
bool forceappend = false,
bool forcewrite = false)
throw (YAPETException, YAPETRetryException);
//! Indicates whether or not the file is empty
bool isempty() const throw (YAPETException);
//! Initializes an empty file
void initFile (const Key& key) throw (YAPETException);
//! Writes the given header encrypted to the file
void writeHeader (const Record<FileHeader_64>& header,
const Key& key)
throw (YAPETException);
//! Writes the given encrypted header to the file
void writeHeader (const BDBuffer& enc_header) throw (YAPETException);
//! Reads the encrypted header
BDBuffer* readHeader() const throw (YAPETException);
//! Reads the encrypted header and return it decrypted
void readHeader(const Key& key, Record<FileHeader_32>** ptr32, Record<FileHeader_64>** ptr64) const throw(YAPETException);
//! Validates the given key
void validateKey (const Key& key)
throw (YAPETException, YAPETInvalidPasswordException);
public:
//! Constructor
File (const std::string& fn,
const Key& key,
bool create = false,
bool secure = true)
throw (YAPETException);
File (const File& f) throw (YAPETException);
~File();
//! Saves a password record list.
void save (std::list<PartDec>& records) throw (YAPETException);
//! Reads the stored password records from the file.
std::list<PartDec> read (const Key& key) const throw (YAPETException);
//! Returns the file name of the current file.
std::string getFilename() const {
return filename;
}
//! Sets a new encryption key for the current file.
void setNewKey (const Key& oldkey, const Key& newkey) throw (YAPETException);
int64_t getMasterPWSet (const Key& key) const throw (YAPETException, YAPETInvalidPasswordException);
//! Return the file version
FILE_VERSION getFileVersion(const Key& key) const throw (YAPETException, YAPETInvalidPasswordException);
//! Returns the time the master password was set
const File& operator= (const File& f) throw (YAPETException);
//! Returns whether or not file security is enabled
bool filesecurityEnabled() const {
return usefsecurity;
}
//! Sets file security
void setFilesecurity (bool secure) {
usefsecurity = secure;
}
};
}
#endif // _FILE_H
|
