public DataProviderFactory(IMsSqlProvider msSqlProvider,
ISqliteProvider sqlLiteProvider,
IMessageFinder messageFinder)
{
DataProviderType = DataProviders.SQLite;
_msSqlProvider = msSqlProvider;
_sqlLiteProvider = sqlLiteProvider;
_messageFinder = messageFinder;
}
public static Account[] ParseAccounts(byte[] db, string password, ISqliteProvider provider)
{
try
{
CallSqlProvider(() => provider.Open(db), "Failed to open the SQLite database");
return(ParseAccounts(password, provider));
}
finally
{
CallSqlProvider(provider.Close, "Failed to close the SQLite database");
}
}
private static Credentials[] GetCredentialsForAccount(User user,
long accountId,
byte[] key,
ISqliteProvider provider)
{
var result = provider.Query(
// .....0.................1................2..................
"select LOG.UDC_USERNAME, LOG.UD_PASSWORD, LOG.UDC_DESCRIPTION " +
"from ACC_LOGIN LOG, ACC_LINK LINK " +
$"where LINK.DATE_DELETED = 1 and LINK.USER_ID = {user.Id} and " +
$"LINK.ENTRY_ID = {accountId} and LOG.LOGIN_ID = LINK.LOGIN_ID " +
"order by LINK.LOGIN_ID");
return(result.Select(row => new Credentials(username: DecryptTextField(GetColumn <byte[]>(row, 0), key),
password: DecryptTextField(GetColumn <byte[]>(row, 1), key),
description: DecryptTextField(GetColumn <byte[]>(row, 2), key)))
.ToArray());
}
//
// Internal (accessed by the tests)
//
internal static Account[] ParseAccounts(string password, ISqliteProvider provider)
{
try
{
var user = GetDefaultUser(provider);
var key = Util.DeriveDbKey(password, user.Salt);
if (!IsKeyCorrect(key, user.Verification))
{
throw new BadCredentialsException("Password verification failed");
}
return(GetAccounts(user, key, provider));
}
catch (SqliteProviderError e)
{
throw new InternalErrorException("SQL query failed", e);
}
}
private static Account[] GetAccounts(User user, byte[] key, ISqliteProvider provider)
{
var result = provider.Query(
// .....0.........1...............2........3.........
"select ENTRY_ID, UDC_ENTRY_NAME, UDC_URL, UD_COMMENT " +
"from ACC_ACCOUNT " +
$"where DATE_DELETED = 1 and USER_ID = {user.Id} and GROUP_TYPE = 2 " +
"order by ENTRY_ID");
return(result.Select(row =>
{
var id = GetColumn <long>(row, 0);
return new Account(id: id,
name: DecryptTextField(GetColumn <byte[]>(row, 1), key),
url: DecryptTextField(GetColumn <byte[]>(row, 2), key),
notes: DecryptTextField(GetColumn <byte[]>(row, 3), key),
credentials: GetCredentialsForAccount(user, id, key, provider));
}).ToArray());
}
private static User GetDefaultUser(ISqliteProvider provider)
{
// "6400..." is "default\0" in UTF-16
var result = provider.Query(
// .....0........1....2.......
"select USER_ID, KEY, PASSWORD " +
"from USER " +
"where DATE_DELETED = 1 and USERNAME = x'640065006600610075006c0074000000'");
foreach (var row in result)
{
return(new User()
{
Id = GetColumn <long>(row, 0),
Salt = GetColumn <byte[]>(row, 1),
Verification = GetColumn <byte[]>(row, 2),
});
}
throw new InternalErrorException("No users found in the vault database");
}
// The deviceId should be generated via Vault.GenerateRandomDeviceId on the first call and reused
// later on for the same device. This allows to bypass the email verification on every connection and
// prevents the pollution of the server side list of known devices.
public static Vault Open(string username,
string password,
string deviceId,
string deviceName,
IUi ui,
ISqliteProvider sqliteProvider)
{
// Download the database.
using var transport = new RestTransport();
var db = Client.OpenVaultDb(username: username,
password: password,
deviceId: deviceId,
deviceName: deviceName,
ui: ui,
transport: transport);
// Parse the database, extract and decrypt all the account information.
var accounts = Parser.ParseAccounts(db, password, sqliteProvider);
return(new Vault(accounts));
}
public HomeController(ISqliteProvider provider)
{
_provider = provider;
_hub = new OrderFeedHub(_provider);
}
public OrderFeedHub(ISqliteProvider provider)
{
_provider = provider;
}
