Minimal support for MIME secret encoding (#1170)

Co-authored-by: Fabian Henneke <FabianHenneke@users.noreply.github.com>
This commit is contained in:
Joris Minjat 2020-10-23 18:13:37 +02:00 committed by GitHub
parent 66b31f1432
commit 38ece10e0d
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 28 additions and 7 deletions

View file

@ -31,9 +31,9 @@ class PasswordEntry(content: String, private val totpFinder: TotpFinder = UriTot
constructor(os: ByteArrayOutputStream) : this(os.toString("UTF-8"), UriTotpFinder())
init {
val passContent = content.split("\n".toRegex(), 2).toTypedArray()
password = if (UriTotpFinder.TOTP_FIELDS.any { passContent[0].startsWith(it) }) "" else passContent[0]
extraContent = findExtraContent(passContent)
val (foundPassword, passContent) = findAndStripPassword(content.split("\n".toRegex()))
password = foundPassword
extraContent = passContent.joinToString("\n")
username = findUsername()
digits = findOtpDigits(content)
totpSecret = findTotpSecret(content)
@ -86,10 +86,16 @@ class PasswordEntry(content: String, private val totpFinder: TotpFinder = UriTot
return null
}
private fun findExtraContent(passContent: Array<String>) = when {
password.isEmpty() && passContent[0].isNotEmpty() -> passContent[0]
passContent.size > 1 -> passContent[1]
else -> ""
private fun findAndStripPassword(passContent: List<String>): Pair<String, List<String>> {
if (UriTotpFinder.TOTP_FIELDS.any { passContent[0].startsWith(it) }) return Pair("", passContent)
for (line in passContent) {
for (prefix in PASSWORD_FIELDS) {
if (line.startsWith(prefix, ignoreCase = true)) {
return Pair(line.substring(prefix.length).trimStart(), passContent.minus(line))
}
}
}
return Pair(passContent[0], passContent.minus(passContent[0]))
}
private fun findTotpSecret(decryptedContent: String): String? {
@ -121,5 +127,11 @@ class PasswordEntry(content: String, private val totpFinder: TotpFinder = UriTot
"id:",
"identity:"
)
val PASSWORD_FIELDS = arrayOf(
"password:",
"secret:",
"pass:",
)
}
}

View file

@ -28,6 +28,12 @@ class PasswordEntryTest {
assertEquals("", makeEntry("\nblubb").password)
assertEquals("", makeEntry("\n").password)
assertEquals("", makeEntry("").password)
for (field in PasswordEntry.PASSWORD_FIELDS) {
assertEquals("fooooo", makeEntry("\n$field fooooo").password)
assertEquals("fooooo", makeEntry("\n${field.toUpperCase()} fooooo").password)
assertEquals("fooooo", makeEntry("GOPASS-SECRET-1.0\n$field fooooo").password)
assertEquals("fooooo", makeEntry("someFirstLine\nUsername: bar\n$field fooooo").password)
}
}
@Test fun testGetExtraContent() {
@ -37,6 +43,9 @@ class PasswordEntryTest {
assertEquals("", makeEntry("fooooo").extraContent)
assertEquals("blubb\n", makeEntry("\nblubb\n").extraContent)
assertEquals("blubb", makeEntry("\nblubb").extraContent)
assertEquals("blubb", makeEntry("blubb\npassword: foo").extraContent)
assertEquals("blubb", makeEntry("password: foo\nblubb").extraContent)
assertEquals("blubb\nusername: bar", makeEntry("blubb\npassword: foo\nusername: bar").extraContent)
assertEquals("", makeEntry("\n").extraContent)
assertEquals("", makeEntry("").extraContent)
}