feat: Implement dump-seeds command

jaysonsantos · Aug 12, 2021 · 02b4ae4 · 02b4ae4
1 parent 9ea6b5c
commit 02b4ae4
Show file tree

Hide file tree

Showing 7 changed files with 56 additions and 10 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/cli/src/main.rs b/cli/src/main.rs
@@ -34,6 +34,7 @@ enum Config {
         #[structopt(short, long, help = "fuzzy search a service by its name")]
         service_name: String,
     },
+    DumpSeeds,
 }
 
 pub fn setup_error_handlers() -> Result<()> {
@@ -121,6 +122,26 @@ async fn work() -> Result<()> {
                 )
             }
         }
+        Config::DumpSeeds => {
+            let client = get_saved_client()?;
+            let mut services: Vec<AuthenticatorToken> = match mambembe_keyring::get() {
+                Ok(services) => services,
+                Err(MambembeKeyringError::NoPasswordFound) => {
+                    let services = client.list_authenticator_tokens().await?;
+                    mambembe_keyring::set(&services).unwrap();
+                    services
+                }
+                Err(err) => return Err(err.into()),
+            };
+            for service in services.iter_mut() {
+                client.initialize_authenticator_token(service)?;
+                println!(
+                    "Servie: {} Seed: {}",
+                    service.name,
+                    &service.dump_seed()?
+                );
+            }
+        }
     }
 
     // client.check_current_device().await?;

diff --git a/keyring/Cargo.toml b/keyring/Cargo.toml
@@ -13,6 +13,7 @@ mambembe-lib = { path = "../lib" }
 serde = "1.0.125"
 serde_json = "1.0.64"
 thiserror = "1.0.24"
+tracing = "0.1.26"
 
 [features]
 with-keyring = ["keyring"]

diff --git a/keyring/src/lib.rs b/keyring/src/lib.rs
@@ -8,6 +8,7 @@ use keyring::{Keyring, KeyringError};
 use serde::{de::DeserializeOwned, Serialize};
 use serde_json::{from_str, to_string_pretty};
 use thiserror::Error;
+use tracing::instrument;
 
 use mambembe_lib::{models::AuthenticatorToken, AuthyClient};
 
@@ -35,17 +36,20 @@ pub trait Data<T> {
 }
 
 impl<T> Data<T> for AuthyClient {
+    #[instrument]
     fn get_keyring() -> &'static Keyring<'static> {
         &DEVICES
     }
 }
 
 impl<T> Data<T> for Vec<AuthenticatorToken> {
+    #[instrument]
     fn get_keyring() -> &'static Keyring<'static> {
         &TOKENS
     }
 }
 
+#[instrument]
 pub fn get<T>() -> Result<T>
 where
     T: DeserializeOwned + Data<T>,
@@ -58,6 +62,7 @@ where
     Ok(from_str(&data)?)
 }
 
+#[instrument(skip(data))]
 pub fn set<T>(data: &T) -> Result<()>
 where
     T: Serialize + Data<T>,

diff --git a/lib/Cargo.toml b/lib/Cargo.toml
@@ -10,6 +10,7 @@ aes = "*"
 async-trait = "0.1.48"
 block-modes = "*"
 data-encoding = "2.3.2"
+hex = "0.4.3"
 hmac = "0.10.1"
 itertools = "0.10.0"
 json = "0.12.4"

diff --git a/lib/src/models.rs b/lib/src/models.rs
@@ -1,10 +1,14 @@
-use data_encoding::HEXLOWER;
+use data_encoding::{BASE32, HEXLOWER};
 use serde::{Deserialize, Serialize};
 use sha2::Digest;
 
 use crate::{
-    client::TimeSync, crypto::decrypt_data, error::Result, password::derive_key,
-    tokens::calculate_future_tokens, MambembeError,
+    client::TimeSync,
+    crypto::decrypt_data,
+    error::Result,
+    password::derive_key,
+    tokens::{calculate_future_tokens, decode_seed},
+    MambembeError,
 };
 
 pub type Pin = String;
@@ -89,4 +93,10 @@ impl AuthenticatorToken {
 
         Ok(data)
     }
+
+    pub fn dump_seed(&self) -> Result<String> {
+        self.decrypt_seed()
+            .map(decode_seed)
+            .map(|seed| BASE32.encode(&seed)) // Re-encode again because most of the clients expect this
+    }
 }
diff --git a/lib/src/tokens.rs b/lib/src/tokens.rs
@@ -18,13 +18,17 @@ pub(crate) fn calculate_token(
     digits: usize,
     time_sync: Option<&TimeSync>,
 ) -> InternalResult<String> {
-    let seed = BASE32.decode(seed).unwrap_or_else(|_| seed.to_vec());
+    let seed = decode_seed(seed);
     // let seed = HEXLOWER.encode(&seed);
     let time = get_time(time_sync);
     let s = build_slauth_context(&seed, digits, time / OTHERS_DEFAULT_PERIOD);
     Ok(s.gen())
 }
 
+pub(crate) fn decode_seed<T>(seed: T) -> Vec<u8> where T: AsRef<[u8]> {
+    BASE32.decode(seed.as_ref()).unwrap_or_else(|_| seed.as_ref().to_vec())
+}
+
 pub(crate) fn build_slauth_context(seed: &[u8], digits: usize, padded_time: u64) -> HOTPContext {
     HOTPBuilder::new()
         .algorithm(HashesAlgorithm::SHA1)