feat: password encrypt/decrypt
This commit is contained in:
@@ -4,7 +4,7 @@
|
|||||||
<groupId>me.hatter</groupId>
|
<groupId>me.hatter</groupId>
|
||||||
<artifactId>card-cryptomator</artifactId>
|
<artifactId>card-cryptomator</artifactId>
|
||||||
<name>card-cryptomator</name>
|
<name>card-cryptomator</name>
|
||||||
<version>1.0.0</version>
|
<version>1.0.1</version>
|
||||||
<description>Plug-in for Cryptomator to store vault passwords with card-cli encryption.</description>
|
<description>Plug-in for Cryptomator to store vault passwords with card-cli encryption.</description>
|
||||||
<url>https://git.hatter.ink/hatter/card-cryptomator</url>
|
<url>https://git.hatter.ink/hatter/card-cryptomator</url>
|
||||||
<developers>
|
<developers>
|
||||||
|
|||||||
7
justfile
Normal file
7
justfile
Normal file
@@ -0,0 +1,7 @@
|
|||||||
|
_:
|
||||||
|
@just --list
|
||||||
|
|
||||||
|
# build pacakge
|
||||||
|
build:
|
||||||
|
buildj package
|
||||||
|
|
||||||
2
pom.xml
2
pom.xml
@@ -5,7 +5,7 @@
|
|||||||
<modelVersion>4.0.0</modelVersion>
|
<modelVersion>4.0.0</modelVersion>
|
||||||
<groupId>me.hatter</groupId>
|
<groupId>me.hatter</groupId>
|
||||||
<artifactId>card-cryptomator</artifactId>
|
<artifactId>card-cryptomator</artifactId>
|
||||||
<version>1.0.0</version>
|
<version>1.0.1</version>
|
||||||
|
|
||||||
<name>card-cryptomator</name>
|
<name>card-cryptomator</name>
|
||||||
<description>Plug-in for Cryptomator to store vault passwords with card-cli encryption.</description>
|
<description>Plug-in for Cryptomator to store vault passwords with card-cli encryption.</description>
|
||||||
|
|||||||
@@ -11,6 +11,8 @@ public class CardConfig {
|
|||||||
*/
|
*/
|
||||||
private String encryptKeyBasePath;
|
private String encryptKeyBasePath;
|
||||||
|
|
||||||
|
private Long passwordCacheTimeMillis;
|
||||||
|
|
||||||
public String getEncryptKeyBasePath() {
|
public String getEncryptKeyBasePath() {
|
||||||
return encryptKeyBasePath;
|
return encryptKeyBasePath;
|
||||||
}
|
}
|
||||||
@@ -18,4 +20,12 @@ public class CardConfig {
|
|||||||
public void setEncryptKeyBasePath(String encryptKeyBasePath) {
|
public void setEncryptKeyBasePath(String encryptKeyBasePath) {
|
||||||
this.encryptKeyBasePath = encryptKeyBasePath;
|
this.encryptKeyBasePath = encryptKeyBasePath;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public Long getPasswordCacheTimeMillis() {
|
||||||
|
return passwordCacheTimeMillis;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setPasswordCacheTimeMillis(Long passwordCacheTimeMillis) {
|
||||||
|
this.passwordCacheTimeMillis = passwordCacheTimeMillis;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -14,6 +14,7 @@ import java.util.Base64;
|
|||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.concurrent.ConcurrentHashMap;
|
import java.util.concurrent.ConcurrentHashMap;
|
||||||
import java.util.concurrent.ConcurrentMap;
|
import java.util.concurrent.ConcurrentMap;
|
||||||
|
import java.util.concurrent.TimeUnit;
|
||||||
import java.util.concurrent.atomic.AtomicReference;
|
import java.util.concurrent.atomic.AtomicReference;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@@ -27,7 +28,36 @@ public class Utils {
|
|||||||
private static final File CARD_CONFIG_FILE2 = new File(USER_HOME, ".config/cryptomator/card_config.json");
|
private static final File CARD_CONFIG_FILE2 = new File(USER_HOME, ".config/cryptomator/card_config.json");
|
||||||
private static final File DEFAULT_ENCRYPTION_KEY_BASE_PATH = new File(USER_HOME, ".config/cryptomator/card_keys/");
|
private static final File DEFAULT_ENCRYPTION_KEY_BASE_PATH = new File(USER_HOME, ".config/cryptomator/card_keys/");
|
||||||
|
|
||||||
private static final ConcurrentMap<String, String> PASSWORD_CACHE_MAP = new ConcurrentHashMap<>();
|
private static final ConcurrentMap<String, CachedPasswordWithTime> PASSWORD_CACHE_MAP = new ConcurrentHashMap<>();
|
||||||
|
|
||||||
|
private static class CachedPasswordWithTime {
|
||||||
|
private String password;
|
||||||
|
private long timestamp;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static void putCachedPassword(CardConfig cardConfig, String key, String password) {
|
||||||
|
final CachedPasswordWithTime cachedPasswordWithTime = new CachedPasswordWithTime();
|
||||||
|
cachedPasswordWithTime.password = password;
|
||||||
|
cachedPasswordWithTime.timestamp = System.currentTimeMillis();
|
||||||
|
PASSWORD_CACHE_MAP.put(key, cachedPasswordWithTime);
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String getCachedPassword(CardConfig cardConfig, String key) {
|
||||||
|
final CachedPasswordWithTime cachedPasswordWithTime = PASSWORD_CACHE_MAP.get(key);
|
||||||
|
if (cachedPasswordWithTime == null) {
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
final long defaultPasswordCacheTimeMillis = TimeUnit.DAYS.toMillis(1);
|
||||||
|
final long passwordCacheTimeMillis = (cardConfig.getPasswordCacheTimeMillis() == null)
|
||||||
|
? defaultPasswordCacheTimeMillis
|
||||||
|
: cardConfig.getPasswordCacheTimeMillis();
|
||||||
|
if ((System.currentTimeMillis() - cachedPasswordWithTime.timestamp) > passwordCacheTimeMillis) {
|
||||||
|
PASSWORD_CACHE_MAP.remove(key);
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
cachedPasswordWithTime.timestamp = System.currentTimeMillis();
|
||||||
|
return cachedPasswordWithTime.password;
|
||||||
|
}
|
||||||
|
|
||||||
public static boolean isCheckPassphraseStored() {
|
public static boolean isCheckPassphraseStored() {
|
||||||
final StackTraceElement stack = getCallerStackTrace();
|
final StackTraceElement stack = getCallerStackTrace();
|
||||||
@@ -161,7 +191,7 @@ public class Utils {
|
|||||||
params.add("--auto-pbe");
|
params.add("--auto-pbe");
|
||||||
params.add("--json");
|
params.add("--json");
|
||||||
|
|
||||||
final String password = PASSWORD_CACHE_MAP.get(vault);
|
final String password = getCachedPassword(cardConfig, vault);
|
||||||
if (password != null) {
|
if (password != null) {
|
||||||
params.add("--password");
|
params.add("--password");
|
||||||
params.add(password);
|
params.add(password);
|
||||||
@@ -180,7 +210,7 @@ public class Utils {
|
|||||||
final String resultString = new String(decryptResult.getStdout(), StandardCharsets.UTF_8);
|
final String resultString = new String(decryptResult.getStdout(), StandardCharsets.UTF_8);
|
||||||
final CardHmacDecryptResult result = new Gson().fromJson(resultString, CardHmacDecryptResult.class);
|
final CardHmacDecryptResult result = new Gson().fromJson(resultString, CardHmacDecryptResult.class);
|
||||||
if (result.getPassword() != null) {
|
if (result.getPassword() != null) {
|
||||||
PASSWORD_CACHE_MAP.put(vault, result.getPassword());
|
putCachedPassword(cardConfig, vault, result.getPassword());
|
||||||
}
|
}
|
||||||
return Base64.getDecoder().decode(result.getPlaintext());
|
return Base64.getDecoder().decode(result.getPlaintext());
|
||||||
}
|
}
|
||||||
@@ -195,7 +225,7 @@ public class Utils {
|
|||||||
params.add("1000000");
|
params.add("1000000");
|
||||||
params.add("--json");
|
params.add("--json");
|
||||||
|
|
||||||
final String password = PASSWORD_CACHE_MAP.get(vault);
|
final String password = getCachedPassword(cardConfig, vault);
|
||||||
if (password != null) {
|
if (password != null) {
|
||||||
params.add("--password");
|
params.add("--password");
|
||||||
params.add(password);
|
params.add(password);
|
||||||
|
|||||||
Reference in New Issue
Block a user