Store encrypted passwords with connections.
Closes #22 as encrypted password is now deleted as part of the connection record.
This commit is contained in:
eelke
parent
e5ae9663c4
commit
d489f11e52
11 changed files with 252 additions and 695 deletions
|
|
@ -2,23 +2,19 @@
|
|||
#define PASSWORDMANAGER_H
|
||||
|
||||
#include "Expected.h"
|
||||
#include "KeyStrengthener.h"
|
||||
#include <QSqlDatabase>
|
||||
#include <botan/secmem.h>
|
||||
#include <string>
|
||||
#include <tuple>
|
||||
#include <memory>
|
||||
|
||||
#include <botan/pwdhash.h>
|
||||
|
||||
|
||||
//#include <botan/botan.h>
|
||||
//#include <botan/symkey.h>
|
||||
|
||||
#include <map>
|
||||
|
||||
namespace Botan {
|
||||
|
||||
class Encrypted_PSK_Database;
|
||||
//class Sqlite3_Database;
|
||||
class PasswordHash;
|
||||
|
||||
}
|
||||
|
|
@ -33,6 +29,7 @@ public:
|
|||
using PasswordManagerException::PasswordManagerException;
|
||||
|
||||
};
|
||||
class PasswordCryptoEngine;
|
||||
|
||||
class PasswordManager {
|
||||
public:
|
||||
|
|
@ -57,58 +54,24 @@ public:
|
|||
void closeDatabase();
|
||||
bool locked() const;
|
||||
|
||||
void set(const std::string &id, const std::string &passwd);
|
||||
bool get(const std::string &id, std::string &password);
|
||||
void remove(const std::string &id);
|
||||
std::string encrypt(const std::string &id, const std::string &passwd);
|
||||
std::string decrypt(const std::string &id, const std::string &encpwd);
|
||||
// void remove(const std::string &id);
|
||||
private:
|
||||
QString m_passwordTableName = "psk_passwd";
|
||||
QString m_secretAlgoTableName = "psk_masterkey_algo";
|
||||
QString m_secretHashTableName = "psk_masterkey_hash";
|
||||
std::unique_ptr<Botan::Encrypted_PSK_Database> m_pskDatabase;
|
||||
std::unique_ptr<PasswordCryptoEngine> m_cryptoEngine;
|
||||
|
||||
bool isPskStoreInitialized(QSqlDatabase& db);
|
||||
void initializeNewPskStore(QSqlDatabase &db);
|
||||
|
||||
class KeyStrengthener {
|
||||
public:
|
||||
KeyStrengthener() = default;
|
||||
KeyStrengthener(std::unique_ptr<Botan::PasswordHash> hasher, Botan::secure_vector<uint8_t> salt, size_t keysize)
|
||||
: m_hasher (std::move(hasher))
|
||||
, m_salt (std::move(salt))
|
||||
, m_keySize(keysize)
|
||||
{}
|
||||
|
||||
KeyStrengthener(const KeyStrengthener&) = delete;
|
||||
KeyStrengthener& operator=(const KeyStrengthener &) = delete;
|
||||
|
||||
KeyStrengthener(KeyStrengthener &&rhs)
|
||||
: m_hasher (std::move(rhs.m_hasher))
|
||||
, m_salt (std::move(rhs.m_salt))
|
||||
, m_keySize(rhs.m_keySize)
|
||||
{}
|
||||
|
||||
KeyStrengthener& operator=(KeyStrengthener &&rhs)
|
||||
{
|
||||
if (&rhs != this) {
|
||||
m_hasher = std::move(rhs.m_hasher);
|
||||
m_salt = std::move(rhs.m_salt);
|
||||
m_keySize = rhs.m_keySize;
|
||||
}
|
||||
return *this;
|
||||
}
|
||||
|
||||
Botan::secure_vector<uint8_t> derive(const std::string &passphrase);
|
||||
void saveParams(QSqlDatabase &db, const QString &table_name);
|
||||
private:
|
||||
std::unique_ptr<Botan::PasswordHash> m_hasher;
|
||||
Botan::secure_vector<uint8_t> m_salt;
|
||||
size_t m_keySize;
|
||||
};
|
||||
|
||||
/// Get PasswordHash from parameters in database
|
||||
KeyStrengthener getKeyStrengthener(QSqlDatabase &db);
|
||||
KeyStrengthener createKeyStrengthener();
|
||||
|
||||
std::tuple<Botan::secure_vector<uint8_t>, Botan::secure_vector<uint8_t>>
|
||||
deriveKey(KeyStrengthener &ks, QString passphrase);
|
||||
};
|
||||
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue