passforios/pass/Models/Password.swift

//
//  Password.swift
//  pass
//
//  Created by Mingshen Sun on 2/2/2017.
//  Copyright © 2017 Bob Sun. All rights reserved.
//

import Foundation
import SwiftyUserDefaults
import OneTimePassword
import Base32

struct AdditionField {
    var title: String
    var content: String
}

class Password {
    static let otpKeywords = ["otp_secret", "otp_type", "otp_algorithm", "otp_period", "otp_digits", "otp_counter"]
    
    var name = ""
    var password = ""
    var additions = [String: String]()
    var additionKeys = [String]()
    var plainText = ""
    var changed = false
    var firstLineIsOTPField = false
    var otpToken: Token?
    
    init(name: String, plainText: String) {
        self.initEverything(name: name, plainText: plainText)
    }
    
    func updatePassword(name: String, plainText: String) {
        if self.plainText != plainText {
            self.initEverything(name: name, plainText: plainText)
            changed = true
        }
    }
    
    func initEverything(name: String, plainText: String) {
        self.name = name
        self.plainText = plainText
        
        // get password and additional fields
        let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {
            $0 == "\n" || $0 == "\r\n"
            }.map(String.init)
        guard plainTextSplit.count > 0 else {
            return;
        }
        self.password  = plainTextSplit[0]
        if plainTextSplit.count == 2 {
            (self.additions, self.additionKeys) = Password.getAdditionFields(from: plainTextSplit[1])
        }
        
        // check whether the first line of the plainText looks like an otp entry
        let (key, value) = Password.getKeyValuePair(from: plainTextSplit[0])
        if key != nil && Password.otpKeywords.contains(key!) {
            firstLineIsOTPField = true
            self.additions[key!] = value
            self.additionKeys.insert(key!, at: 0)
        } else {
            firstLineIsOTPField = false
        }
        
        // construct the otp token
        self.updateOtpToken()
    }
    
    func getUsername() -> String? {
        return getAdditionValue(withKey: "Username") ?? getAdditionValue(withKey: "username")
    }
    
    func getURLString() -> String? {
        return getAdditionValue(withKey: "URL") ?? getAdditionValue(withKey: "url") ?? getAdditionValue(withKey: "Url")
    }
    
    // return a key-value pair from the line
    // key might be nil, if there is no ":" in the line
    static func getKeyValuePair(from line: String) -> (key: String?, value: String) {
        let items = line.characters.split(separator: ":", maxSplits: 1, omittingEmptySubsequences: true).map(String.init)
        var key : String?
        var value = ""
        if items.count == 1 {
            value = items[0]
        } else if items.count == 2 {
            key = items[0]
            value = items[1].trimmingCharacters(in: .whitespaces)
        }
        return (key, value)
    }
    
    static func getAdditionFields(from additionFieldsPlainText: String) -> ([String: String], [String]){
        var additions = [String: String]()
        var additionKeys = [String]()
        var unknownIndex = 0

        additionFieldsPlainText.enumerateLines() { line, _ in
            if line == "" {
                return
            }
            var (key, value) = getKeyValuePair(from: line)
            if key == nil {
                unknownIndex += 1
                key = "unknown \(unknownIndex)"
            }
            additions[key!] = value
            additionKeys.append(key!)
        }
        
        return (additions, additionKeys)
    }
    
    func getAdditionsPlainText() -> String {
        // lines starting from the second
        let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {
            $0 == "\n" || $0 == "\r\n"
            }.map(String.init)
        if plainTextSplit.count == 1 {
            return ""
        } else {
            return plainTextSplit[1]
        }
    }
    
    func getPlainText() -> String {
        return self.plainText
    }
    
    func getPlainData() -> Data {
        return getPlainText().data(using: .utf8)!
    }
    
    private func getAdditionValue(withKey key: String) -> String? {
        return self.additions[key]
    }
    
    /*
     Set otpType and otpToken, if we are able to construct a valid token.
     
     Example of TOTP fields
     otp_secret: secretsecretsecretsecretsecretsecret
     otp_type: totp
     otp_algorithm: sha1 (default: sha1, optional)
     otp_period: 30 (default: 30, optional)
     otp_digits: 6 (default: 6, optional)
     
     Example of HOTP fields
     otp_secret: secretsecretsecretsecretsecretsecret
     otp_type: hotp
     otp_counter: 1
     otp_digits: 6 (default: 6, optional)
     
     */
    func updateOtpToken() {
        // get secret data
        guard let secretString = getAdditionValue(withKey: "otp_secret"),
            let secretData = MF_Base32Codec.data(fromBase32String: secretString),
            !secretData.isEmpty else {
                // print("Missing / Invalid otp secret")
                return
        }
        
        // get type
        guard let type = getAdditionValue(withKey: "otp_type")?.lowercased(),
            (type == "totp" || type == "hotp") else {
                // print("Missing  / Invalid otp type")
                return
        }
        
        // get algorithm (optional)
        var algorithm = Generator.Algorithm.sha1
        if let algoString = getAdditionValue(withKey: "otp_algorithm") {
            switch algoString.lowercased() {
                case "sha256":
                    algorithm = Generator.Algorithm.sha256
                case "sha512":
                    algorithm = Generator.Algorithm.sha512
                default:
                    algorithm = Generator.Algorithm.sha1
            }
        }
    
        // construct the token
        if type == "totp" {
            // HOTP
            // default: 6 digits, 30 seconds
            guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),
                let period = Double(getAdditionValue(withKey: "otp_period") ?? "30.0") else {
                    let alertMessage = "Invalid otp_digits or otp_period."
                    print(alertMessage)
                    return
            }
            guard let generator = Generator(
                factor: .timer(period: period),
                secret: secretData,
                algorithm: algorithm,
                digits: digits) else {
                    let alertMessage = "Invalid OTP generator parameters."
                    print(alertMessage)
                    return
            }
            self.otpToken = Token(name: self.name, issuer: "", generator: generator)
        } else {
            // HOTP
            // default: 6 digits
            guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),
                let counter = UInt64(getAdditionValue(withKey: "otp_counter") ?? "") else {
                    let alertMessage = "Invalid otp_digits or otp_counter."
                    print(alertMessage)
                    return
            }
            guard let generator = Generator(
                factor: .counter(counter),
                secret: secretData,
                algorithm: algorithm,
                digits: digits) else {
                    let alertMessage = "Invalid OTP generator parameters."
                    print(alertMessage)
                    return
            }
            self.otpToken = Token(name: self.name, issuer: "", generator: generator)
        }
    }
    
    // it is guaranteed that it is a HOTP password when we call this
    func increaseHotpCounter() {
        var lines : [String] = []
        self.plainText.enumerateLines() { line, _ in
            let (key, value) = Password.getKeyValuePair(from: line)
            if key == "otp_counter", let newValue = UInt64(value)?.advanced(by: 1) {
                let newLine = "\(key!): \(newValue)"
                lines.append(newLine)
            } else {
                lines.append(line)
            }
        }
        self.updatePassword(name: self.name, plainText: lines.joined(separator: "\n"))
    }
    
    // return the description and the password strings
    func getOtpStrings() -> (description: String, otp: String)? {
        guard let token = self.otpToken else {
            return nil
        }
        var description : String
        switch token.generator.factor {
        case .counter:
            // htop
            description = "HMAC-based"
        case .timer(let period):
            // totp
            let timeSinceEpoch = Date().timeIntervalSince1970
            let validTime = Int(period - timeSinceEpoch.truncatingRemainder(dividingBy: period))
            description = "time-based (expiring in \(validTime)s)"
        }
        let otp = self.otpToken?.currentPassword ?? "error"
        return (description, otp)
    }
}
refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00			`//`
			`// Password.swift`
			`// pass`
			`//`
			`// Created by Mingshen Sun on 2/2/2017.`
			`// Copyright © 2017 Bob Sun. All rights reserved.`
			`//`

			`import Foundation`
			`import SwiftyUserDefaults`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`import OneTimePassword`
			`import Base32`
refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00
make additional information ordered 2017-02-06 22:14:42 +08:00			`struct AdditionField {`
			`var title: String`
			`var content: String`
			`}`

refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00			`class Password {`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`static let otpKeywords = ["otp_secret", "otp_type", "otp_algorithm", "otp_period", "otp_digits", "otp_counter"]`

simplify Password class 2017-02-11 14:30:35 +08:00			`var name = ""`
			`var password = ""`
refactor Password class 2017-02-11 16:07:59 +08:00			`var additions = [String: String]()`
			`var additionKeys = [String]()`
support edit password 2017-02-13 01:15:42 +08:00			`var plainText = ""`
			`var changed = false`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`var firstLineIsOTPField = false`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`var otpToken: Token?`
refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00
support edit password 2017-02-13 01:15:42 +08:00			`init(name: String, plainText: String) {`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`self.initEverything(name: name, plainText: plainText)`
			`}`

			`func updatePassword(name: String, plainText: String) {`
			`if self.plainText != plainText {`
			`self.initEverything(name: name, plainText: plainText)`
			`changed = true`
			`}`
			`}`

			`func initEverything(name: String, plainText: String) {`
update icon in detailed page 2017-02-09 13:17:11 +08:00			`self.name = name`
support edit password 2017-02-13 01:15:42 +08:00			`self.plainText = plainText`
Polish class Password 2017-03-03 10:49:32 +08:00
			`// get password and additional fields`
			`let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {`
			`$0 == "\n" \|\| $0 == "\r\n"`
			`}.map(String.init)`
Fix a bug. 2017-03-04 00:56:41 +08:00			`guard plainTextSplit.count > 0 else {`
			`return;`
			`}`
Polish class Password 2017-03-03 10:49:32 +08:00			`self.password = plainTextSplit[0]`
Fix a bug. 2017-03-04 00:56:41 +08:00			`if plainTextSplit.count == 2 {`
			`(self.additions, self.additionKeys) = Password.getAdditionFields(from: plainTextSplit[1])`
			`}`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`// check whether the first line of the plainText looks like an otp entry`
			`let (key, value) = Password.getKeyValuePair(from: plainTextSplit[0])`
			`if key != nil && Password.otpKeywords.contains(key!) {`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`firstLineIsOTPField = true`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`self.additions[key!] = value`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`self.additionKeys.insert(key!, at: 0)`
			`} else {`
			`firstLineIsOTPField = false`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`}`

			`// construct the otp token`
			`self.updateOtpToken()`
refactor Password class 2017-02-11 16:07:59 +08:00			`}`

			`func getUsername() -> String? {`
			`return getAdditionValue(withKey: "Username") ?? getAdditionValue(withKey: "username")`
			`}`

Fix #54: try other ways to load favicon - try to replace http to https - if a url does not start with http or https, try to add https - return if cannot form a URL 2017-03-15 14:14:42 -07:00			`func getURLString() -> String? {`
refactor Password class 2017-02-11 16:07:59 +08:00			`return getAdditionValue(withKey: "URL") ?? getAdditionValue(withKey: "url") ?? getAdditionValue(withKey: "Url")`
			`}`

Polish class Password 2017-03-03 10:49:32 +08:00			`// return a key-value pair from the line`
			`// key might be nil, if there is no ":" in the line`
			`static func getKeyValuePair(from line: String) -> (key: String?, value: String) {`
			`let items = line.characters.split(separator: ":", maxSplits: 1, omittingEmptySubsequences: true).map(String.init)`
			`var key : String?`
			`var value = ""`
			`if items.count == 1 {`
			`value = items[0]`
			`} else if items.count == 2 {`
			`key = items[0]`
			`value = items[1].trimmingCharacters(in: .whitespaces)`
			`}`
			`return (key, value)`
			`}`

			`static func getAdditionFields(from additionFieldsPlainText: String) -> ([String: String], [String]){`
			`var additions = [String: String]()`
			`var additionKeys = [String]()`
Hide unknown fields 2017-02-14 11:16:30 +08:00			`var unknownIndex = 0`
support edit password 2017-02-13 01:15:42 +08:00
			`additionFieldsPlainText.enumerateLines() { line, _ in`
ignore empty lines in the password additional fields 2017-02-20 17:43:04 +08:00			`if line == "" {`
			`return`
			`}`
Polish class Password 2017-03-03 10:49:32 +08:00			`var (key, value) = getKeyValuePair(from: line)`
			`if key == nil {`
Hide unknown fields 2017-02-14 11:16:30 +08:00			`unknownIndex += 1`
			`key = "unknown \(unknownIndex)"`
support edit password 2017-02-13 01:15:42 +08:00			`}`
Polish class Password 2017-03-03 10:49:32 +08:00			`additions[key!] = value`
			`additionKeys.append(key!)`
support edit password 2017-02-13 01:15:42 +08:00			`}`
Polish class Password 2017-03-03 10:49:32 +08:00
			`return (additions, additionKeys)`
support edit password 2017-02-13 01:15:42 +08:00			`}`

			`func getAdditionsPlainText() -> String {`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`// lines starting from the second`
			`let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {`
			`$0 == "\n" \|\| $0 == "\r\n"`
			`}.map(String.init)`
			`if plainTextSplit.count == 1 {`
			`return ""`
			`} else {`
			`return plainTextSplit[1]`
			`}`
support edit password 2017-02-13 01:15:42 +08:00			`}`

			`func getPlainText() -> String {`
Support hiding one time password related fields. - Add a switch to turn on/off one time password related fields. - Improve how we show the additional information 2017-03-03 17:12:25 +08:00			`return self.plainText`
refactor Password class 2017-02-11 16:07:59 +08:00			`}`

			`func getPlainData() -> Data {`
Use UTF-8 instead of ASCII for encoding (#44) 2017-03-01 14:54:52 +08:00			`return getPlainText().data(using: .utf8)!`
refactor Password class 2017-02-11 16:07:59 +08:00			`}`

			`private func getAdditionValue(withKey key: String) -> String? {`
			`return self.additions[key]`
refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00			`}`
generate random password 2017-02-11 22:00:04 +08:00
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`/*`
			`Set otpType and otpToken, if we are able to construct a valid token.`

			`Example of TOTP fields`
			`otp_secret: secretsecretsecretsecretsecretsecret`
			`otp_type: totp`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`otp_algorithm: sha1 (default: sha1, optional)`
			`otp_period: 30 (default: 30, optional)`
			`otp_digits: 6 (default: 6, optional)`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00
			`Example of HOTP fields`
			`otp_secret: secretsecretsecretsecretsecretsecret`
			`otp_type: hotp`
			`otp_counter: 1`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`otp_digits: 6 (default: 6, optional)`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00
			`*/`
			`func updateOtpToken() {`
			`// get secret data`
			`guard let secretString = getAdditionValue(withKey: "otp_secret"),`
			`let secretData = MF_Base32Codec.data(fromBase32String: secretString),`
			`!secretData.isEmpty else {`
			`// print("Missing / Invalid otp secret")`
			`return`
			`}`

			`// get type`
			`guard let type = getAdditionValue(withKey: "otp_type")?.lowercased(),`
			`(type == "totp" \|\| type == "hotp") else {`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`// print("Missing / Invalid otp type")`
			`return`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`}`

Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`// get algorithm (optional)`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`var algorithm = Generator.Algorithm.sha1`
			`if let algoString = getAdditionValue(withKey: "otp_algorithm") {`
			`switch algoString.lowercased() {`
			`case "sha256":`
			`algorithm = Generator.Algorithm.sha256`
			`case "sha512":`
			`algorithm = Generator.Algorithm.sha512`
			`default:`
			`algorithm = Generator.Algorithm.sha1`
			`}`
			`}`

			`// construct the token`
			`if type == "totp" {`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`// HOTP`
			`// default: 6 digits, 30 seconds`
			`guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),`
			`let period = Double(getAdditionValue(withKey: "otp_period") ?? "30.0") else {`
			`let alertMessage = "Invalid otp_digits or otp_period."`
			`print(alertMessage)`
			`return`
			`}`
			`guard let generator = Generator(`
			`factor: .timer(period: period),`
			`secret: secretData,`
			`algorithm: algorithm,`
			`digits: digits) else {`
			`let alertMessage = "Invalid OTP generator parameters."`
			`print(alertMessage)`
			`return`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`}`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`self.otpToken = Token(name: self.name, issuer: "", generator: generator)`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`} else {`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`// HOTP`
			`// default: 6 digits`
			`guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),`
			`let counter = UInt64(getAdditionValue(withKey: "otp_counter") ?? "") else {`
			`let alertMessage = "Invalid otp_digits or otp_counter."`
			`print(alertMessage)`
			`return`
			`}`
			`guard let generator = Generator(`
			`factor: .counter(counter),`
			`secret: secretData,`
			`algorithm: algorithm,`
			`digits: digits) else {`
			`let alertMessage = "Invalid OTP generator parameters."`
			`print(alertMessage)`
			`return`
			`}`
			`self.otpToken = Token(name: self.name, issuer: "", generator: generator)`
			`}`
			`}`

			`// it is guaranteed that it is a HOTP password when we call this`
			`func increaseHotpCounter() {`
			`var lines : [String] = []`
			`self.plainText.enumerateLines() { line, _ in`
			`let (key, value) = Password.getKeyValuePair(from: line)`
			`if key == "otp_counter", let newValue = UInt64(value)?.advanced(by: 1) {`
			`let newLine = "\(key!): \(newValue)"`
			`lines.append(newLine)`
			`} else {`
			`lines.append(line)`
			`}`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`}`
Update OTP token generation and support HOTP - Update logic: Only fields otp_secret and otp_type are required for TOTP. Only fields otp_secret, otp_type and otp_counter are required for HOTP. Other fields (i.e., otp_algorithm, otp_digits, otp_period) are optional. - Support HOTP: (1) passwords are initially concealed; (2) "tap->next" generates a new password and commits the updated password file automatically 2017-03-07 00:52:22 +08:00			`self.updatePassword(name: self.name, plainText: lines.joined(separator: "\n"))`
Provide basic support about one time password (totp only) 2017-03-03 14:45:16 +08:00			`}`
Fix a bug about TOTP refresh 2017-03-07 09:50:18 +08:00
			`// return the description and the password strings`
			`func getOtpStrings() -> (description: String, otp: String)? {`
			`guard let token = self.otpToken else {`
			`return nil`
			`}`
			`var description : String`
			`switch token.generator.factor {`
			`case .counter:`
			`// htop`
			`description = "HMAC-based"`
			`case .timer(let period):`
			`// totp`
			`let timeSinceEpoch = Date().timeIntervalSince1970`
			`let validTime = Int(period - timeSinceEpoch.truncatingRemainder(dividingBy: period))`
			`description = "time-based (expiring in \(validTime)s)"`
			`}`
			`let otp = self.otpToken?.currentPassword ?? "error"`
			`return (description, otp)`
			`}`
refactor PasswordEntitiy model, add decrypt extension 2017-02-02 18:02:43 +08:00			`}`