1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
extern crate byteorder;
extern crate crypto;
use byteorder::{BigEndian, WriteBytesExt};
use crypto::hmac::Hmac;
use crypto::scrypt::{scrypt, ScryptParams};
use crypto::sha2::Sha256;
const KEY_LEN: usize = 64;
const SEED_LEN: usize = 32;
const MAGIC: &'static [u8] = b"com.lyndir.masterpassword";
const VEC_IO_ERROR_STR: &'static str = "IO error while writing to Vec";
pub const CHAR_CLASS_N: &'static [char] = &['0', '1', '2', '3', '4', '5', '6', '7', '8', '9'];
pub const TEMPLATES_PIN: &'static [Template] =
&[&[CHAR_CLASS_N, CHAR_CLASS_N, CHAR_CLASS_N, CHAR_CLASS_N]];
pub type Template<'a> = &'a [&'a [char]];
#[derive(Debug, Eq, PartialEq, Clone, Copy, Hash, Ord, PartialOrd)]
pub struct Seed {
pub raw: [u8; SEED_LEN],
}
impl Seed {
pub fn create_password(&self, templates: &[Template]) -> String {
for template in templates {
debug_assert!(template.len() < SEED_LEN);
}
let template = templates[self.raw[0] as usize % templates.len()];
assert!(template.len() < SEED_LEN);
let mut password = String::with_capacity(template.len());
for (characters, &seed) in template.iter().zip(self.raw[1..].iter()) {
password.push(characters[seed as usize % characters.len()]);
}
return password;
}
}
pub struct SeedGenerator {
hmac: Hmac<Sha256>,
}
impl SeedGenerator {
pub fn new(identity: &[u8], password: &[u8]) -> Self {
const LOG_N: u8 = 15;
const R: u32 = 8;
const P: u32 = 2;
let mut key = [0; KEY_LEN];
let mut seed = MAGIC.to_vec();
seed.write_u32::<BigEndian>(identity.len() as u32)
.expect(VEC_IO_ERROR_STR);
seed.extend_from_slice(identity);
scrypt(password, &seed, &ScryptParams::new(LOG_N, R, P), &mut key);
SeedGenerator {
hmac: Hmac::new(Sha256::new(), &key),
}
}
pub fn calculate_password_seed(&mut self, message: &[u8], counter: u32) -> Seed {
use crypto::mac::Mac;
let mut input = MAGIC.to_vec();
input
.write_u32::<BigEndian>(message.len() as u32)
.expect(VEC_IO_ERROR_STR);
input.extend(message);
input
.write_u32::<BigEndian>(counter)
.expect(VEC_IO_ERROR_STR);
self.hmac.input(&input);
let mut seed = [0; SEED_LEN];
self.hmac.raw_result(&mut seed);
self.hmac.reset();
Seed { raw: seed }
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
pub fn test_pins() {
const TESTS: &'static [(&'static str, &'static str, &'static str, u32, &'static str)] = &[
("John Doe", "password", "tomato", 1, "5914"),
("John Doe", "password", "potato", 1, "7329"),
("John Doe", "password", "carrot", 1, "0762"),
("John Doe", "password", "tomato", 2, "2525"),
("John Doe", "password", "potato", 2, "9390"),
("John Doe", "password", "carrot", 2, "2750"),
("Nice Guy", "verysafe", "tomato", 2, "6380"),
("Nice Guy", "verysafe", "potato", 2, "1749"),
("Nice Guy", "verysafe", "carrot", 2, "7846"),
];
for test in TESTS {
let &(identity, master, message, counter, result) = test;
let mut generator = SeedGenerator::new(identity.as_bytes(), master.as_bytes());
let generated = generator
.calculate_password_seed(message.as_bytes(), counter)
.create_password(TEMPLATES_PIN);
assert_eq!(generated, result);
}
}
}