internal static KeyMac DecryptAccountKey(M.Item encryptedItem, KeyMac masterKey)
{
var raw = encryptedItem.Key.Decode64();
if (raw.Length != 112)
{
throw CorruptedError("key has invalid size");
}
using var io = new BinaryReader(new MemoryStream(raw, false));
var iv = io.ReadBytes(16);
var ciphertext = io.ReadBytes(64);
var storedTag = io.ReadBytes(32);
// Rewind and reread everything to the tag
io.BaseStream.Seek(0, SeekOrigin.Begin);
var hashedContent = io.ReadBytes(80);
var computedTag = Crypto.HmacSha256(masterKey.MacKey, hashedContent);
if (!computedTag.SequenceEqual(storedTag))
{
throw CorruptedError("key tag doesn't match");
}
return(new KeyMac(Util.DecryptAes(ciphertext, iv, masterKey)));
}
internal static Account DecryptAccount(M.Item encryptedItem,
KeyMac masterKey,
KeyMac overviewKey,
Dictionary <string, Folder> folders)
{
var overview = DecryptAccountOverview(encryptedItem, overviewKey);
var accountKey = DecryptAccountKey(encryptedItem, masterKey);
var details = DecryptAccountDetails(encryptedItem, accountKey);
return(new Account(id: encryptedItem.Id,
name: overview.Title ?? "",
username: FindDetailField(details, "username"),
password: FindDetailField(details, "password"),
url: overview.Url ?? "",
note: details.Notes ?? "",
folder: folders.GetOrDefault(encryptedItem.FolderId ?? "", Folder.None)));
}
internal static M.ItemDetails DecryptAccountDetails(M.Item encryptedItem, KeyMac accountKey)
{
return(DecryptJson <M.ItemDetails>(encryptedItem.Details, accountKey));
}
internal static M.ItemOverview DecryptAccountOverview(M.Item encryptedItem, KeyMac overviewKey)
{
return(DecryptJson <M.ItemOverview>(encryptedItem.Overview, overviewKey));
}