2017-02-09 01:27:52 +00:00
|
|
|
use base64;
|
2016-01-01 23:16:12 +00:00
|
|
|
use byteorder::{BigEndian, ByteOrder};
|
|
|
|
use crypto;
|
|
|
|
use crypto::aes;
|
2016-01-26 23:01:45 +00:00
|
|
|
use crypto::digest::Digest;
|
|
|
|
use crypto::hmac::Hmac;
|
2016-01-01 23:16:12 +00:00
|
|
|
use crypto::pbkdf2::pbkdf2;
|
|
|
|
use crypto::sha1::Sha1;
|
2016-03-13 20:45:31 +00:00
|
|
|
use protobuf::ProtobufEnum;
|
2017-01-06 16:18:41 +00:00
|
|
|
use rpassword;
|
2016-07-06 01:29:38 +00:00
|
|
|
use serde;
|
|
|
|
use serde_json;
|
2016-03-13 22:35:09 +00:00
|
|
|
use std::fs::File;
|
2018-02-11 11:37:08 +00:00
|
|
|
use std::io::{self, stderr, Read, Write};
|
2016-03-13 22:35:09 +00:00
|
|
|
use std::path::Path;
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2016-01-27 10:40:00 +00:00
|
|
|
use protocol::authentication::AuthenticationType;
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
2016-03-13 20:45:31 +00:00
|
|
|
pub struct Credentials {
|
|
|
|
pub username: String,
|
2016-07-06 01:29:38 +00:00
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
#[serde(serialize_with = "serialize_protobuf_enum")]
|
|
|
|
#[serde(deserialize_with = "deserialize_protobuf_enum")]
|
2016-03-13 20:45:31 +00:00
|
|
|
pub auth_type: AuthenticationType,
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
#[serde(serialize_with = "serialize_base64")]
|
|
|
|
#[serde(deserialize_with = "deserialize_base64")]
|
2016-07-06 01:29:38 +00:00
|
|
|
pub auth_data: Vec<u8>,
|
2016-03-13 22:35:09 +00:00
|
|
|
}
|
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
impl Credentials {
|
|
|
|
pub fn with_password(username: String, password: String) -> Credentials {
|
|
|
|
Credentials {
|
|
|
|
username: username,
|
|
|
|
auth_type: AuthenticationType::AUTHENTICATION_USER_PASS,
|
|
|
|
auth_data: password.into_bytes(),
|
|
|
|
}
|
2016-01-26 23:01:45 +00:00
|
|
|
}
|
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
pub fn with_blob(username: String, encrypted_blob: &str, device_id: &str) -> Credentials {
|
|
|
|
fn read_u8<R: Read>(stream: &mut R) -> io::Result<u8> {
|
|
|
|
let mut data = [0u8];
|
|
|
|
try!(stream.read_exact(&mut data));
|
|
|
|
Ok(data[0])
|
|
|
|
}
|
2016-01-26 23:01:45 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
fn read_int<R: Read>(stream: &mut R) -> io::Result<u32> {
|
|
|
|
let lo = try!(read_u8(stream)) as u32;
|
|
|
|
if lo & 0x80 == 0 {
|
|
|
|
return Ok(lo);
|
2016-01-01 23:16:12 +00:00
|
|
|
}
|
2016-01-26 23:01:45 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
let hi = try!(read_u8(stream)) as u32;
|
|
|
|
Ok(lo & 0x7f | hi << 7)
|
|
|
|
}
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
fn read_bytes<R: Read>(stream: &mut R) -> io::Result<Vec<u8>> {
|
|
|
|
let length = try!(read_int(stream));
|
|
|
|
let mut data = vec![0u8; length as usize];
|
|
|
|
try!(stream.read_exact(&mut data));
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
Ok(data)
|
2016-01-01 23:16:12 +00:00
|
|
|
}
|
|
|
|
|
2017-02-09 01:27:52 +00:00
|
|
|
let encrypted_blob = base64::decode(encrypted_blob).unwrap();
|
2016-01-01 23:16:12 +00:00
|
|
|
|
|
|
|
let secret = {
|
|
|
|
let mut data = [0u8; 20];
|
|
|
|
let mut h = crypto::sha1::Sha1::new();
|
2016-03-13 20:45:31 +00:00
|
|
|
h.input(device_id.as_bytes());
|
2016-01-01 23:16:12 +00:00
|
|
|
h.result(&mut data);
|
|
|
|
data
|
|
|
|
};
|
|
|
|
|
|
|
|
let key = {
|
|
|
|
let mut data = [0u8; 24];
|
|
|
|
let mut mac = Hmac::new(Sha1::new(), &secret);
|
|
|
|
pbkdf2(&mut mac, username.as_bytes(), 0x100, &mut data[0..20]);
|
|
|
|
|
|
|
|
let mut hash = Sha1::new();
|
|
|
|
hash.input(&data[0..20]);
|
|
|
|
hash.result(&mut data[0..20]);
|
|
|
|
BigEndian::write_u32(&mut data[20..], 20);
|
|
|
|
data
|
|
|
|
};
|
|
|
|
|
|
|
|
let blob = {
|
|
|
|
// Anyone know what this block mode is ?
|
2016-03-13 20:45:31 +00:00
|
|
|
let mut data = vec![0u8; encrypted_blob.len()];
|
2018-02-11 11:37:08 +00:00
|
|
|
let mut cipher = aes::ecb_decryptor(
|
|
|
|
aes::KeySize::KeySize192,
|
|
|
|
&key,
|
|
|
|
crypto::blockmodes::NoPadding,
|
|
|
|
);
|
|
|
|
cipher
|
|
|
|
.decrypt(
|
|
|
|
&mut crypto::buffer::RefReadBuffer::new(&encrypted_blob),
|
|
|
|
&mut crypto::buffer::RefWriteBuffer::new(&mut data),
|
|
|
|
true,
|
|
|
|
)
|
|
|
|
.unwrap();
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
let l = encrypted_blob.len();
|
2016-01-02 15:19:39 +00:00
|
|
|
for i in 0..l - 0x10 {
|
2016-01-01 23:16:12 +00:00
|
|
|
data[l - i - 1] ^= data[l - i - 0x11];
|
|
|
|
}
|
|
|
|
|
|
|
|
data
|
|
|
|
};
|
|
|
|
|
|
|
|
let mut cursor = io::Cursor::new(&blob);
|
|
|
|
read_u8(&mut cursor).unwrap();
|
|
|
|
read_bytes(&mut cursor).unwrap();
|
|
|
|
read_u8(&mut cursor).unwrap();
|
|
|
|
let auth_type = read_int(&mut cursor).unwrap();
|
|
|
|
let auth_type = AuthenticationType::from_i32(auth_type as i32).unwrap();
|
|
|
|
read_u8(&mut cursor).unwrap();
|
2018-02-11 11:37:08 +00:00
|
|
|
let auth_data = read_bytes(&mut cursor).unwrap();
|
2016-01-01 23:16:12 +00:00
|
|
|
|
2016-03-13 20:45:31 +00:00
|
|
|
Credentials {
|
|
|
|
username: username,
|
|
|
|
auth_type: auth_type,
|
|
|
|
auth_data: auth_data,
|
|
|
|
}
|
2016-01-01 23:16:12 +00:00
|
|
|
}
|
2016-03-13 22:35:09 +00:00
|
|
|
|
2018-02-09 20:18:06 +00:00
|
|
|
fn from_reader<R: Read>(mut reader: R) -> Credentials {
|
2016-03-13 22:35:09 +00:00
|
|
|
let mut contents = String::new();
|
|
|
|
reader.read_to_string(&mut contents).unwrap();
|
|
|
|
|
2016-07-06 01:29:38 +00:00
|
|
|
serde_json::from_str(&contents).unwrap()
|
2016-03-13 22:35:09 +00:00
|
|
|
}
|
|
|
|
|
2018-02-09 20:18:06 +00:00
|
|
|
pub(crate) fn from_file<P: AsRef<Path>>(path: P) -> Option<Credentials> {
|
2016-03-16 04:07:04 +00:00
|
|
|
File::open(path).ok().map(Credentials::from_reader)
|
2016-03-13 22:35:09 +00:00
|
|
|
}
|
|
|
|
|
2018-02-09 20:24:58 +00:00
|
|
|
fn save_to_writer<W: Write>(&self, writer: &mut W) {
|
2016-07-06 01:29:38 +00:00
|
|
|
let contents = serde_json::to_string(&self.clone()).unwrap();
|
2016-03-13 22:35:09 +00:00
|
|
|
writer.write_all(contents.as_bytes()).unwrap();
|
|
|
|
}
|
|
|
|
|
2018-02-09 20:24:58 +00:00
|
|
|
pub(crate) fn save_to_file<P: AsRef<Path>>(&self, path: P) {
|
2016-03-13 22:35:09 +00:00
|
|
|
let mut file = File::create(path).unwrap();
|
|
|
|
self.save_to_writer(&mut file)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-01-29 12:50:18 +00:00
|
|
|
fn serialize_protobuf_enum<T, S>(v: &T, ser: S) -> Result<S::Ok, S::Error>
|
2018-02-11 11:37:08 +00:00
|
|
|
where
|
|
|
|
T: ProtobufEnum,
|
|
|
|
S: serde::Serializer,
|
|
|
|
{
|
2016-07-06 01:29:38 +00:00
|
|
|
serde::Serialize::serialize(&v.value(), ser)
|
2016-01-01 23:16:12 +00:00
|
|
|
}
|
2016-03-13 22:35:09 +00:00
|
|
|
|
2017-01-29 12:50:18 +00:00
|
|
|
fn deserialize_protobuf_enum<T, D>(de: D) -> Result<T, D::Error>
|
2018-02-11 11:37:08 +00:00
|
|
|
where
|
|
|
|
T: ProtobufEnum,
|
|
|
|
D: serde::Deserializer,
|
|
|
|
{
|
|
|
|
let v: i32 = try!(serde::Deserialize::deserialize(de));
|
2017-02-09 01:32:18 +00:00
|
|
|
T::from_i32(v).ok_or_else(|| serde::de::Error::custom("Invalid enum value"))
|
2016-07-06 01:29:38 +00:00
|
|
|
}
|
|
|
|
|
2017-01-29 12:50:18 +00:00
|
|
|
fn serialize_base64<T, S>(v: &T, ser: S) -> Result<S::Ok, S::Error>
|
2018-02-11 11:37:08 +00:00
|
|
|
where
|
|
|
|
T: AsRef<[u8]>,
|
|
|
|
S: serde::Serializer,
|
|
|
|
{
|
2017-02-09 01:27:52 +00:00
|
|
|
serde::Serialize::serialize(&base64::encode(v.as_ref()), ser)
|
2016-07-06 01:29:38 +00:00
|
|
|
}
|
|
|
|
|
2017-01-29 12:50:18 +00:00
|
|
|
fn deserialize_base64<D>(de: D) -> Result<Vec<u8>, D::Error>
|
2018-02-11 11:37:08 +00:00
|
|
|
where
|
|
|
|
D: serde::Deserializer,
|
|
|
|
{
|
|
|
|
let v: String = try!(serde::Deserialize::deserialize(de));
|
2017-02-09 01:27:52 +00:00
|
|
|
base64::decode(&v).map_err(|e| serde::de::Error::custom(e.to_string()))
|
2016-03-13 22:35:09 +00:00
|
|
|
}
|
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
pub fn get_credentials(
|
|
|
|
username: Option<String>,
|
|
|
|
password: Option<String>,
|
|
|
|
cached_credentials: Option<Credentials>,
|
|
|
|
) -> Option<Credentials> {
|
2017-01-18 17:07:20 +00:00
|
|
|
match (username, password, cached_credentials) {
|
2018-02-11 11:37:08 +00:00
|
|
|
(Some(username), Some(password), _) => Some(Credentials::with_password(username, password)),
|
2017-01-06 16:18:41 +00:00
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
(Some(ref username), _, Some(ref credentials)) if *username == credentials.username => {
|
|
|
|
Some(credentials.clone())
|
|
|
|
}
|
2017-01-06 16:18:41 +00:00
|
|
|
|
|
|
|
(Some(username), None, _) => {
|
|
|
|
write!(stderr(), "Password for {}: ", username).unwrap();
|
|
|
|
stderr().flush().unwrap();
|
|
|
|
let password = rpassword::read_password().unwrap();
|
2017-02-22 04:17:04 +00:00
|
|
|
Some(Credentials::with_password(username.clone(), password))
|
2017-01-06 16:18:41 +00:00
|
|
|
}
|
|
|
|
|
2018-02-11 11:37:08 +00:00
|
|
|
(None, _, Some(credentials)) => Some(credentials),
|
2017-01-06 16:18:41 +00:00
|
|
|
|
2017-02-22 04:17:04 +00:00
|
|
|
(None, _, None) => None,
|
2017-01-06 16:18:41 +00:00
|
|
|
}
|
|
|
|
}
|