├── .gitignore
├── CHANGELOG.md
├── Cargo.lock
├── Cargo.toml
├── LICENSE
├── Makefile
├── README.md
├── proton-authenticator-mobile
    ├── Cargo.toml
    ├── android
    │   ├── .gitignore
    │   ├── build.gradle.kts
    │   ├── gradle.properties
    │   ├── gradle
    │   │   ├── libs.versions.toml
    │   │   └── wrapper
    │   │   │   ├── gradle-wrapper.jar
    │   │   │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   ├── lib
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   ├── proguard-rules.pro
    │   │   └── src
    │   │   │   └── main
    │   │   │       └── AndroidManifest.xml
    │   ├── libTest
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   └── src
    │   │   │   └── test
    │   │   │       └── kotlin
    │   │   │           └── proton
    │   │   │               └── android
    │   │   │                   └── authenticator
    │   │   │                       ├── AuthenticatorCryptoTest.kt
    │   │   │                       ├── AuthenticatorLoggerTest.kt
    │   │   │                       ├── MobileAuthenticatorClientTest.kt
    │   │   │                       ├── SyncOperationCheckerTest.kt
    │   │   │                       ├── TestUtils.kt
    │   │   │                       └── TotpGeneratorTest.kt
    │   ├── libTestApp
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   └── src
    │   │   │   └── main
    │   │   │       ├── AndroidManifest.xml
    │   │   │       ├── ic_launcher-playstore.png
    │   │   │       ├── java
    │   │   │           └── proton
    │   │   │           │   └── authenticator
    │   │   │           │       └── android
    │   │   │           │           └── benchmark
    │   │   │           │               └── MainActivity.kt
    │   │   │       └── res
    │   │   │           ├── drawable
    │   │   │               ├── ic_launcher_background.xml
    │   │   │               └── ic_launcher_foreground.xml
    │   │   │           ├── layout
    │   │   │               └── main_activity.xml
    │   │   │           ├── mipmap-anydpi-v26
    │   │   │               ├── ic_launcher.xml
    │   │   │               └── ic_launcher_round.xml
    │   │   │           ├── mipmap-hdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-mdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-xhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           ├── mipmap-xxhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   │   │           └── mipmap-xxxhdpi
    │   │   │               ├── ic_launcher.webp
    │   │   │               └── ic_launcher_round.webp
    │   └── settings.gradle.kts
    ├── bindgen.rs
    ├── build.rs
    ├── iOS
    │   └── AuthenticatorRustCore
    │   │   ├── .gitignore
    │   │   ├── .swiftpm
    │   │       └── xcode
    │   │       │   └── package.xcworkspace
    │   │       │       └── xcshareddata
    │   │       │           └── IDEWorkspaceChecks.plist
    │   │   ├── Package.swift
    │   │   └── README.md
    ├── src
    │   ├── authenticator.rs
    │   ├── authenticator.udl
    │   ├── benchmark.rs
    │   ├── benchmark.udl
    │   ├── crypto.rs
    │   ├── crypto.udl
    │   ├── entry.rs
    │   ├── generator.rs
    │   ├── generator.udl
    │   ├── import.rs
    │   ├── import.udl
    │   ├── issuer_mapper.rs
    │   ├── issuer_mapper.udl
    │   ├── lib.rs
    │   ├── log.rs
    │   ├── log.udl
    │   ├── namespace.udl
    │   ├── operations.rs
    │   ├── operations.udl
    │   ├── ordering.rs
    │   └── ordering.udl
    └── uniffi.toml
├── proton-authenticator-web
    ├── Cargo.toml
    ├── asm.js
    ├── package.json
    ├── src
    │   ├── common.rs
    │   ├── entry.rs
    │   ├── lib.rs
    │   ├── log.rs
    │   └── worker
    │   │   ├── client.rs
    │   │   ├── crypto.rs
    │   │   ├── generator.rs
    │   │   ├── import.rs
    │   │   ├── issuer.rs
    │   │   ├── mod.rs
    │   │   ├── operations.rs
    │   │   └── ordering.rs
    └── test
    │   ├── .gitignore
    │   ├── README.md
    │   ├── bun.lockb
    │   ├── package.json
    │   ├── proton-authenticator-web-worker-generator.spec.ts
    │   ├── proton-authenticator-web-worker-importer.spec.ts
    │   ├── proton-authenticator-web-worker-operations.spec.ts
    │   ├── proton-authenticator-web-worker.spec.ts
    │   └── tsconfig.json
├── proton-authenticator
    ├── Cargo.toml
    ├── build.rs
    ├── proto
    │   ├── authenticator_entry.proto
    │   └── google_authenticator.proto
    ├── resources
    │   ├── issuerInfos.txt
    │   └── issuerManualOverrides.txt
    ├── src
    │   ├── client.rs
    │   ├── crypto.rs
    │   ├── entry
    │   │   ├── create.rs
    │   │   ├── exporter.rs
    │   │   ├── gen
    │   │   │   ├── authenticator_entry.rs
    │   │   │   └── mod.rs
    │   │   ├── mod.rs
    │   │   ├── serializer.rs
    │   │   └── update.rs
    │   ├── generator.rs
    │   ├── issuer_mapper.rs
    │   ├── lib.rs
    │   ├── log.rs
    │   ├── operations.rs
    │   ├── ordering.rs
    │   ├── parser
    │   │   ├── aegis
    │   │   │   ├── db.rs
    │   │   │   ├── encrypted.rs
    │   │   │   ├── json.rs
    │   │   │   ├── mod.rs
    │   │   │   └── txt.rs
    │   │   ├── bitwarden
    │   │   │   ├── csv.rs
    │   │   │   ├── json.rs
    │   │   │   └── mod.rs
    │   │   ├── ente
    │   │   │   ├── mod.rs
    │   │   │   └── txt.rs
    │   │   ├── google
    │   │   │   ├── gen
    │   │   │   │   ├── google_authenticator.rs
    │   │   │   │   └── mod.rs
    │   │   │   └── mod.rs
    │   │   ├── lastpass
    │   │   │   ├── json.rs
    │   │   │   └── mod.rs
    │   │   ├── mod.rs
    │   │   ├── proton_authenticator
    │   │   │   └── mod.rs
    │   │   └── twofas
    │   │   │   ├── mod.rs
    │   │   │   └── parser.rs
    │   ├── steam
    │   │   └── mod.rs
    │   ├── test_utils.rs
    │   └── utils.rs
    └── test_data
    │   └── authenticator
    │       ├── 2fas
    │           ├── decrypted.2fas
    │           ├── decrypted_ios.2fas
    │           ├── encrypted.2fas
    │           └── password
    │       ├── aegis
    │           ├── aegis-json-encrypted-test.json
    │           ├── aegis-json-unencrypted.json
    │           ├── aegis-txt.txt
    │           └── password
    │       ├── bitwarden
    │           ├── bitwarden.csv
    │           ├── bitwarden.json
    │           └── bitwarden_sample.csv
    │       ├── ente
    │           └── plain.txt
    │       └── lastpass
    │           ├── lastpass.json
    │           └── lastpass_ios_export.json
├── proton-pass-common
    ├── 2faDomains.txt
    ├── Cargo.toml
    ├── benches
    │   ├── card_detector.rs
    │   └── password_scorer.rs
    ├── build.rs
    ├── eff_large_wordlist.txt
    ├── passwords.txt
    ├── src
    │   ├── alias_prefix.rs
    │   ├── creditcard
    │   │   ├── detector.rs
    │   │   └── mod.rs
    │   ├── domain.rs
    │   ├── email.rs
    │   ├── file
    │   │   ├── associations.rs
    │   │   ├── mod.rs
    │   │   └── sanitize_filename.rs
    │   ├── host.rs
    │   ├── invite.rs
    │   ├── lib.rs
    │   ├── login.rs
    │   ├── passkey
    │   │   ├── generate.rs
    │   │   ├── mod.rs
    │   │   ├── parser
    │   │   │   ├── cvs.rs
    │   │   │   ├── ebay.rs
    │   │   │   ├── equal_sign.rs
    │   │   │   ├── mod.rs
    │   │   │   ├── paypal.rs
    │   │   │   ├── sanitize.rs
    │   │   │   └── swissid.rs
    │   │   ├── passkey_handling.rs
    │   │   ├── protonpasskey.rs
    │   │   ├── protonpasskeydeserializer.rs
    │   │   ├── protonpasskeyserializer.rs
    │   │   └── resolve.rs
    │   ├── password
    │   │   ├── analyzer.rs
    │   │   ├── mod.rs
    │   │   ├── password_generator.rs
    │   │   └── scorer.rs
    │   ├── qr.rs
    │   ├── twofa.rs
    │   └── wifi.rs
    ├── test_data
    │   └── file_format
    │   │   ├── pgpkey.private
    │   │   ├── pgpkey.pub
    │   │   ├── sample-unclosed.svg
    │   │   ├── sample.avi
    │   │   ├── sample.docx
    │   │   ├── sample.garbage
    │   │   ├── sample.ics
    │   │   ├── sample.jpg
    │   │   ├── sample.mp3
    │   │   ├── sample.mp4
    │   │   ├── sample.pages
    │   │   ├── sample.pdf
    │   │   ├── sample.png
    │   │   ├── sample.rar
    │   │   ├── sample.svg
    │   │   ├── sample.txt
    │   │   ├── sample.wav
    │   │   ├── sample.xlsx
    │   │   └── sample.zip
    └── tests
    │   ├── alias_prefix_valid.rs
    │   ├── credit_card_detector.rs
    │   ├── domain.rs
    │   ├── email_valid.rs
    │   ├── file.rs
    │   ├── passkey.rs
    │   ├── password_scorer.rs
    │   └── twofa_valid.rs
├── proton-pass-derive
    ├── Cargo.toml
    └── src
    │   └── lib.rs
├── proton-pass-mobile
    ├── Cargo.toml
    ├── android
    │   ├── .gitignore
    │   ├── build.gradle.kts
    │   ├── gradle.properties
    │   ├── gradle
    │   │   └── wrapper
    │   │   │   ├── gradle-wrapper.jar
    │   │   │   └── gradle-wrapper.properties
    │   ├── gradlew
    │   ├── gradlew.bat
    │   ├── lib
    │   │   ├── .gitignore
    │   │   ├── build.gradle.kts
    │   │   ├── proguard-rules.pro
    │   │   └── src
    │   │   │   └── main
    │   │   │       └── AndroidManifest.xml
    │   └── settings.gradle.kts
    ├── bindgen.rs
    ├── build.rs
    ├── iOS
    │   └── PassRustCore
    │   │   ├── .gitignore
    │   │   ├── .swiftpm
    │   │       └── xcode
    │   │       │   └── package.xcworkspace
    │   │       │       └── xcshareddata
    │   │       │           └── IDEWorkspaceChecks.plist
    │   │   ├── Package.swift
    │   │   └── README.md
    ├── src
    │   ├── alias.rs
    │   ├── alias.udl
    │   ├── creditcard.rs
    │   ├── creditcard.udl
    │   ├── domain.rs
    │   ├── domain.udl
    │   ├── email.rs
    │   ├── email.udl
    │   ├── file.rs
    │   ├── file.udl
    │   ├── host.rs
    │   ├── host.udl
    │   ├── invite.rs
    │   ├── invite.udl
    │   ├── lib.rs
    │   ├── login.rs
    │   ├── login.udl
    │   ├── namespace.udl
    │   ├── passkey.rs
    │   ├── passkey.udl
    │   ├── password.rs
    │   ├── password.udl
    │   ├── qr.rs
    │   ├── qr.udl
    │   ├── totp.rs
    │   ├── totp.udl
    │   ├── twofa.rs
    │   ├── twofa.udl
    │   ├── wifi.rs
    │   └── wifi.udl
    └── uniffi.toml
├── proton-pass-totp
    ├── Cargo.toml
    ├── benches
    │   └── totp_generation.rs
    ├── src
    │   ├── algorithm.rs
    │   ├── error.rs
    │   ├── lib.rs
    │   ├── queries.rs
    │   ├── sanitizer.rs
    │   └── totp.rs
    └── tests
    │   ├── edent.rs
    │   └── totp.rs
├── proton-pass-web
    ├── Cargo.toml
    ├── package.json
    ├── src
    │   ├── common.rs
    │   ├── lib.rs
    │   ├── password
    │   │   ├── mod.rs
    │   │   └── password.rs
    │   ├── ui
    │   │   ├── creditcard.rs
    │   │   ├── file.rs
    │   │   ├── login.rs
    │   │   ├── mod.rs
    │   │   └── wifi.rs
    │   └── worker
    │   │   ├── mod.rs
    │   │   ├── passkey.rs
    │   │   └── totp.rs
    └── test
    │   ├── .gitignore
    │   ├── README.md
    │   ├── bun.lockb
    │   ├── package.json
    │   ├── proton-pass-web-password.spec.ts
    │   ├── proton-pass-web-ui.spec.ts
    │   ├── proton-pass-web-worker.spec.ts
    │   └── tsconfig.json
├── release.toml
├── rustfmt.toml
└── tools
    ├── custom2faDomains.txt
    ├── excluded2faDomains.txt
    ├── generate2FADomains.py
    ├── generateCommonPasswordList.py
    └── icon_fetcher
        ├── Cargo.toml
        ├── config.toml
        └── src
            └── main.rs


/.gitignore:
--------------------------------------------------------------------------------
 1 | *.DS_Store
 2 | .idea/
 3 | /target
 4 | .cargo/
 5 | 
 6 | # Pass mobile
 7 | proton-pass-mobile/android/lib/**/*.kt
 8 | proton-pass-mobile/iOS/headers
 9 | proton-pass-mobile/iOS/frameworks
10 | proton-pass-mobile/iOS/PassRustCore/*.xcframework
11 | proton-pass-mobile/src/proton
12 | proton-pass-mobile/src/common.udl
13 | proton-pass-mobile/src/*.h
14 | proton-pass-mobile/src/*.swift
15 | proton-pass-mobile/src/*.modulemap
16 | proton-pass-mobile/iOS/**/*.swift
17 | proton-pass-mobile/pkg
18 | 
19 | proton-pass-web/**/pkg
20 | proton-pass-web/dist
21 | 
22 | # Authenticator
23 | proton-authenticator-mobile/android/lib/**/*.kt
24 | proton-authenticator-mobile/iOS/headers
25 | proton-authenticator-mobile/iOS/frameworks
26 | proton-authenticator-mobile/iOS/AuthenticatorRustCore/*.xcframework
27 | proton-authenticator-mobile/src/proton
28 | proton-authenticator-mobile/src/common.udl
29 | proton-authenticator-mobile/src/*.h
30 | proton-authenticator-mobile/src/*.swift
31 | proton-authenticator-mobile/src/*.modulemap
32 | proton-authenticator-mobile/iOS/**/*.swift
33 | proton-authenticator-mobile/pkg
34 | 
35 | proton-authenticator-web/**/pkg
36 | proton-authenticator-web/dist
37 | 
38 | 


--------------------------------------------------------------------------------
/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [workspace]
 2 | resolver = "1"
 3 | members = [
 4 |     "proton-authenticator",
 5 |     "proton-authenticator-mobile",
 6 |     "proton-authenticator-web",
 7 |     "proton-pass-common",
 8 |     "proton-pass-mobile",
 9 |     "proton-pass-web",
10 |     "proton-pass-derive",
11 |     "proton-pass-totp",
12 |     "tools/icon_fetcher"
13 | ]
14 | 
15 | [workspace.dependencies]
16 | criterion = { version = "0.5.1", features = ["html_reports"] }
17 | js-sys = "0.3.77"
18 | serde = { version = "1.0", features = ["derive"] }
19 | serde_json = "1.0"
20 | tokio = { version = "1.44.1", features = ["full"] }
21 | tsify-next = { version = "0.5.5", features = ["wasm-bindgen", "js", "json"] }
22 | wasm-bindgen = "0.2.100"
23 | wasm-bindgen-futures = "0.4.50"
24 | 
25 | [profile.release]
26 | opt-level = "s" # Tell `rustc` to optimize for small code size.
27 | strip = true
28 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-authenticator-mobile"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | # Flags for cargo-release
 7 | [package.metadata.release]
 8 | pre-release-replacements = [
 9 |     # Yes, we are relying on the number of whitespaces
10 |     {file="android/lib/build.gradle.kts", search="    version = .*", replace="    version = \"{{version}}\""}
11 | ]
12 | 
13 | 
14 | [lib]
15 | doctest = false
16 | crate-type = ["cdylib", "staticlib"]
17 | name = "proton_authenticator_common_mobile"
18 | 
19 | [dependencies]
20 | proton-authenticator = { path = "../proton-authenticator" }
21 | proton-pass-derive = { path = "../proton-pass-derive" }
22 | 
23 | tokio.workspace = true
24 | 
25 | chrono = "0.4.40"
26 | uniffi = { version = "0.29.2" }
27 | 
28 | [build-dependencies]
29 | uniffi = { version = "0.29.2", features = [ "build" ] }
30 | 
31 | [[bin]]
32 | name = "uniffi-bindgen"
33 | path = "./bindgen.rs"
34 | required-features = [ "uniffi/cli" ]
35 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/caches
 5 | /.idea/libraries
 6 | /.idea/modules.xml
 7 | /.idea/workspace.xml
 8 | /.idea/navEditor.xml
 9 | /.idea/assetWizardSettings.xml
10 | .DS_Store
11 | /build
12 | /captures
13 | .externalNativeBuild
14 | .cxx
15 | local.properties
16 | *.so
17 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
 2 | plugins {
 3 |     alias(libs.plugins.gradlePlugin.application) apply false
 4 |     alias(libs.plugins.gradlePlugin.kotlin.android) apply false
 5 |     alias(libs.plugins.gradlePlugin.kotlin.jvm) apply false
 6 |     alias(libs.plugins.gradlePlugin.kotlin.serialization) apply false
 7 |     alias(libs.plugins.gradlePlugin.kotlinx.atomicfu) apply false
 8 |     alias(libs.plugins.gradlePlugin.library) apply false
 9 |     alias(libs.plugins.gradlePlugin.maven.publish) apply false
10 | }
11 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/gradle.properties:
--------------------------------------------------------------------------------
 1 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
 2 | android.useAndroidX=true
 3 | kotlin.code.style=official
 4 | android.nonTransitiveRClass=true
 5 | 
 6 | # --- MAVEN PUBLISHING CONFIG
 7 | RELEASE_SIGNING_ENABLED=true
 8 | 
 9 | # or when publishing to https://s01.oss.sonatype.org
10 | SONATYPE_HOST=S01
11 | 
12 | POM_NAME=Proton Authenticator Common
13 | POM_DESCRIPTION=A shared library for Proton Authenticator clients that implements common operations.
14 | POM_URL=https://github.com/ProtonPass
15 | POM_INCEPTION_YEAR=2023
16 | POM_LICENSE_NAME=GNU GENERAL PUBLIC LICENSE, Version 3.0
17 | POM_LICENSE_URL=https://www.gnu.org/licenses/gpl-3.0.en.html
18 | POM_LICENSE_DIST=repo
19 | POM_DEVELOPER_ID=opensource@proton.me
20 | POM_DEVELOPER_NAME=Open Source Proton
21 | POM_DEVELOPER_URL=opensource@proton.me
22 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Wed Sep 20 13:19:37 CEST 2023
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | distributionUrl=https\://services.gradle.org/distributions/gradle-8.11.1-bin.zip
5 | zipStoreBase=GRADLE_USER_HOME
6 | zipStorePath=wrapper/dists
7 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/lib/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/lib/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/lib/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <manifest/>


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/.gitignore:
--------------------------------------------------------------------------------
1 | build/
2 | jniLibs/
3 | src/main/kotlin/**/*.kt


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     alias(libs.plugins.gradlePlugin.kotlin.jvm)
 3 |     alias(libs.plugins.gradlePlugin.kotlinx.atomicfu)
 4 |     alias(libs.plugins.gradlePlugin.kotlin.serialization)
 5 | }
 6 | 
 7 | kotlin {
 8 |     jvmToolchain(17)
 9 | }
10 | 
11 | sourceSets {
12 |     main {
13 |         // Make sure jniLibs is treated as resources, so it is on the classpath
14 |         resources {
15 |             srcDir("src/main/jniLibs")
16 |         }
17 |     }
18 | }
19 | 
20 | tasks.test {
21 |     systemProperty("jna.library.path", file("src/main/jniLibs").absolutePath)
22 | 
23 |     testLogging {
24 |         events("PASSED", "SKIPPED", "FAILED") // which events to display
25 |         showStandardStreams = true            // show standard out/err for each test
26 |         exceptionFormat = org.gradle.api.tasks.testing.logging.TestExceptionFormat.FULL
27 |     }
28 | }
29 | 
30 | dependencies {
31 |     implementation(libs.kotlinx.serialization.json)
32 |     implementation(libs.kotlinx.coroutines.core)
33 |     implementation(libs.jna)
34 |     implementation(libs.okio)
35 | 
36 |     testImplementation(libs.coroutines.test)
37 |     testImplementation(libs.kotlinx.coroutines.core)
38 |     testImplementation(libs.kotlinx.datetime)
39 |     testImplementation(libs.kotlinTest)
40 |     testImplementation(libs.junit)
41 |     testImplementation(libs.truth)
42 |     testImplementation(libs.turbine)
43 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/src/test/kotlin/proton/android/authenticator/AuthenticatorCryptoTest.kt:
--------------------------------------------------------------------------------
 1 | package proton.android.authenticator
 2 | 
 3 | import com.google.common.truth.Truth.assertThat
 4 | import org.junit.Test
 5 | import uniffi.proton_authenticator_common_mobile.AuthenticatorCrypto
 6 | import uniffi.proton_authenticator_common_mobile.AuthenticatorMobileClient
 7 | 
 8 | class AuthenticatorCryptoTest {
 9 | 
10 |     private val crypto = AuthenticatorCrypto()
11 | 
12 |     @Test
13 |     fun `can generate encryption key`() {
14 |         val key = crypto.generateKey()
15 |         assertThat(key.size).isEqualTo(32)
16 |     }
17 |     
18 |     @Test
19 |     fun `can encrypt and decrypt`() {
20 |         val client = AuthenticatorMobileClient()
21 |         val label1 = "MYLABEL1"
22 |         val label2 = "MYLABEL2"
23 | 
24 |         val entry1 = client.entryFromUri(entryUriWithLabel(label1))
25 |         val entry2 = client.entryFromUri(entryUriWithLabel(label2))
26 | 
27 |         val key = crypto.generateKey()
28 |         val encrypted = crypto.encryptManyEntries(listOf(entry1, entry2), key)
29 |         
30 |         assertThat(encrypted.size).isEqualTo(2)
31 | 
32 |         val decrypted = crypto.decryptManyEntries(encrypted, key)
33 |         assertThat(decrypted.size).isEqualTo(2)
34 | 
35 |         assertThat(decrypted[0].name).isEqualTo(label1)
36 |         assertThat(decrypted[1].name).isEqualTo(label2)
37 |     }
38 | 
39 |     @Test
40 |     fun `generateKey generates different keys`() {
41 |         val key1 = crypto.generateKey()
42 |         val key2 = crypto.generateKey()
43 | 
44 |         assertThat(key1).isNotEqualTo(key2)
45 |     }
46 | 
47 |     private fun entryUriWithLabel(label: String): String =
48 |         "otpauth://totp/$label?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15"
49 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/src/test/kotlin/proton/android/authenticator/AuthenticatorLoggerTest.kt:
--------------------------------------------------------------------------------
 1 | package proton.android.authenticator
 2 | 
 3 | import com.google.common.truth.Truth.assertThat
 4 | import org.junit.Test
 5 | import uniffi.proton_authenticator_common_mobile.AuthenticatorLogLevel
 6 | import uniffi.proton_authenticator_common_mobile.AuthenticatorLogger
 7 | import uniffi.proton_authenticator_common_mobile.emitLog
 8 | import uniffi.proton_authenticator_common_mobile.registerAuthenticatorLogger
 9 | 
10 | class AuthenticatorLoggerTest {
11 | 
12 |     @Test
13 |     fun `can register a logger`() {
14 |         val loggedMessages = mutableListOf<Pair<AuthenticatorLogLevel, String>>()
15 |         registerAuthenticatorLogger(object : AuthenticatorLogger {
16 |             override fun log(level: AuthenticatorLogLevel, message: String) {
17 |                 loggedMessages.add(level to message)
18 |             }
19 |         })
20 | 
21 |         val messages = listOf(
22 |             "trace message",
23 |             "debug message",
24 |             "info message",
25 |             "warn message",
26 |             "error message"
27 |         )
28 | 
29 |         val levels = listOf(
30 |             AuthenticatorLogLevel.TRACE,
31 |             AuthenticatorLogLevel.DEBUG,
32 |             AuthenticatorLogLevel.INFO,
33 |             AuthenticatorLogLevel.WARN,
34 |             AuthenticatorLogLevel.ERROR,
35 |         )
36 | 
37 |         for ((message, level) in messages.zip(levels)) {
38 |             emitLog(level, message)
39 |         }
40 | 
41 |         assertThat(loggedMessages.size).isEqualTo(messages.size)
42 | 
43 |         for (i in messages.indices) {
44 |             val loggedMessage = loggedMessages[i]
45 |             assertThat(loggedMessage.first).isEqualTo(levels[i])
46 |             assertThat(loggedMessage.second).isEqualTo(messages[i])
47 |         }
48 |     }
49 | 
50 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/src/test/kotlin/proton/android/authenticator/SyncOperationCheckerTest.kt:
--------------------------------------------------------------------------------
 1 | package proton.android.authenticator
 2 | 
 3 | import com.google.common.truth.Truth.assertThat
 4 | import org.junit.Test
 5 | import uniffi.proton_authenticator_common_mobile.LocalEntry
 6 | import uniffi.proton_authenticator_common_mobile.LocalEntryState
 7 | import uniffi.proton_authenticator_common_mobile.OperationType
 8 | import uniffi.proton_authenticator_common_mobile.RemoteEntry
 9 | import uniffi.proton_authenticator_common_mobile.SyncOperationChecker
10 | 
11 | class SyncOperationCheckerTest {
12 | 
13 |     private val instance = SyncOperationChecker()
14 | 
15 |     @Test
16 |     fun `can handle empty lists`() {
17 |         val res = instance.calculateOperations(emptyList(), emptyList())
18 |         assertThat(res).isEmpty()
19 |     }
20 | 
21 |     @Test
22 |     fun `does not return anything in case no differences`() {
23 |         val entry = TestUtils.getEntry1()
24 |         val remote = listOf(RemoteEntry(remoteId = "REMOTE_ID", entry = entry, modifyTime = NOW))
25 |         val local = listOf(LocalEntry(
26 |             entry = entry,
27 |             state = LocalEntryState.SYNCED,
28 |             modifyTime = NOW,
29 |             localModifyTime = null
30 |         ))
31 |         val res = instance.calculateOperations(remote, local)
32 |         assertThat(res).isEmpty()
33 |     }
34 | 
35 |     @Test
36 |     fun `remote entry not present in local returns upsert`() {
37 |         val entry = TestUtils.getEntry1()
38 |         val remoteId = "REMOTE_ID"
39 |         val remote = listOf(RemoteEntry(remoteId = remoteId, entry = entry, modifyTime = NOW))
40 |         val res = instance.calculateOperations(remote, emptyList())
41 | 
42 |         assertThat(res.size).isEqualTo(1)
43 |         assertThat(res[0].entry).isEqualTo(entry)
44 |         assertThat(res[0].remoteId).isEqualTo(remoteId)
45 |         assertThat(res[0].operation).isEqualTo(OperationType.UPSERT)
46 |     }
47 | 
48 |     @Test
49 |     fun `local entry pending to be pushed not present in remote returns push`() {
50 |         val entry = TestUtils.getEntry1()
51 |         val local = listOf(LocalEntry(
52 |             entry = entry,
53 |             state = LocalEntryState.PENDING_SYNC,
54 |             modifyTime = NOW,
55 |             localModifyTime = null
56 |         ))
57 |         val res = instance.calculateOperations(emptyList(), local)
58 | 
59 |         assertThat(res.size).isEqualTo(1)
60 |         assertThat(res[0].entry).isEqualTo(entry)
61 |         assertThat(res[0].remoteId).isNull()
62 |         assertThat(res[0].operation).isEqualTo(OperationType.PUSH)
63 |     }
64 | 
65 |     companion object {
66 |         private val NOW = 1_700_000_000L
67 |     }
68 | 
69 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTest/src/test/kotlin/proton/android/authenticator/TestUtils.kt:
--------------------------------------------------------------------------------
 1 | package proton.android.authenticator
 2 | 
 3 | import uniffi.proton_authenticator_common_mobile.AuthenticatorEntryModel
 4 | import uniffi.proton_authenticator_common_mobile.AuthenticatorMobileClient
 5 | 
 6 | object TestUtils {
 7 | 
 8 |     fun getEntry1(): AuthenticatorEntryModel {
 9 |         val client = AuthenticatorMobileClient()
10 |         return client.entryFromUri("otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15")
11 |     }
12 | 
13 |     fun getEntry2(): AuthenticatorEntryModel {
14 |         val client = AuthenticatorMobileClient()
15 |         return client.entryFromUri("otpauth://totp/MYLABEL?secret=MYSECRET123&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15")
16 |     }
17 | 
18 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/.gitignore:
--------------------------------------------------------------------------------
1 | build/


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | plugins {
 2 |     alias(libs.plugins.gradlePlugin.application)
 3 |     alias(libs.plugins.gradlePlugin.kotlin.android)
 4 | }
 5 | 
 6 | android {
 7 |     namespace = "proton.android.authenticator.benchmark"
 8 |     compileSdk = libs.versions.compileSdk.get().toInt()
 9 | 
10 |     defaultConfig {
11 |         minSdk = libs.versions.minSdk.get().toInt()
12 | 
13 |         proguardFiles(
14 |             getDefaultProguardFile("proguard-android-optimize.txt"),
15 |             "proguard-rules.pro"
16 |         )
17 |     }
18 | 
19 |     compileOptions {
20 |         sourceCompatibility = JavaVersion.VERSION_17
21 |         targetCompatibility = JavaVersion.VERSION_17
22 |     }
23 | 
24 |     kotlinOptions {
25 |         jvmTarget = JavaVersion.VERSION_17.toString()
26 |     }
27 | }
28 | 
29 | dependencies {
30 |     implementation(projects.lib)
31 | 
32 |     implementation(libs.kotlinx.coroutines.core)
33 |     implementation(libs.kotlinx.datetime)
34 | }
35 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <manifest xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     xmlns:tools="http://schemas.android.com/tools">
 4 | 
 5 |     <application
 6 |         android:allowBackup="false"
 7 |         android:icon="@mipmap/ic_launcher"
 8 |         android:label="AuthenticatorBenchmark"
 9 |         android:supportsRtl="true"
10 |         android:taskAffinity="">
11 | 
12 |         <activity
13 |             android:exported="true"
14 |             android:name="proton.authenticator.android.benchmark.MainActivity"
15 |             android:windowSoftInputMode="adjustResize">
16 |             <intent-filter>
17 |                 <action android:name="android.intent.action.MAIN" />
18 |                 <category android:name="android.intent.category.LAUNCHER" />
19 |             </intent-filter>
20 |         </activity>
21 |     </application>
22 | 
23 | </manifest>
24 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/ic_launcher-playstore.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/ic_launcher-playstore.png


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/java/proton/authenticator/android/benchmark/MainActivity.kt:
--------------------------------------------------------------------------------
 1 | package proton.authenticator.android.benchmark
 2 | 
 3 | import android.app.Activity
 4 | import android.os.Bundle
 5 | import android.widget.Button
 6 | import proton.android.authenticator.benchmark.R
 7 | import proton.android.authenticator.commonrust.AuthenticatorMobileClient
 8 | import proton.android.authenticator.commonrust.MobileTotpBenchmark
 9 | 
10 | class MainActivity: Activity() {
11 | 
12 |     override fun onCreate(savedInstanceState: Bundle?) {
13 |         super.onCreate(savedInstanceState)
14 |         setContentView(R.layout.main_activity)
15 | 
16 |         findViewById<Button>(R.id.run_button).setOnClickListener {
17 |             runTest()
18 |         }
19 |     }
20 | 
21 |     private fun runTest() {
22 |         generationBenchmark("SHA1")
23 |         generationBenchmark("SHA256")
24 |         generationBenchmark("SHA512")
25 |     }
26 | 
27 |     private fun generationBenchmark(algorithm: String) {
28 |         val client = AuthenticatorMobileClient()
29 |         val sha1Entry = client.entryFromUri(getEntryUri(algorithm))
30 | 
31 |         val benchmarker = MobileTotpBenchmark(10_000u)
32 |         val count = benchmarker.run(sha1Entry)
33 |         println("[$algorithm] Generated $count codes in 10 seconds. Codes per second: ${count / 10u}")
34 |     }
35 | 
36 |     private fun getEntryUri(algorithm: String): String = "otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=${algorithm}&digits=8&period=15"
37 | }


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/drawable/ic_launcher_foreground.xml:
--------------------------------------------------------------------------------
 1 | <vector xmlns:android="http://schemas.android.com/apk/res/android"
 2 |     xmlns:aapt="http://schemas.android.com/aapt"
 3 |     android:width="108dp"
 4 |     android:height="108dp"
 5 |     android:viewportWidth="108"
 6 |     android:viewportHeight="108">
 7 |     <path
 8 |         android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
 9 |         <aapt:attr name="android:fillColor">
10 |             <gradient
11 |                 android:startY="49.59793"
12 |                 android:startX="42.9492"
13 |                 android:endY="92.4963"
14 |                 android:endX="85.84757"
15 |                 android:type="linear">
16 |                 <item
17 |                     android:color="#44000000"
18 |                     android:offset="0.0" />
19 |                 <item
20 |                     android:color="#00000000"
21 |                     android:offset="1.0" />
22 |             </gradient>
23 |         </aapt:attr>
24 |     </path>
25 |     <path
26 |         android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
27 |         android:fillColor="#FFFFFF"
28 |         android:fillType="nonZero"
29 |         android:strokeWidth="1"
30 |         android:strokeColor="#00000000"/>
31 | </vector>


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/layout/main_activity.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="utf-8"?>
 2 | <LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
 3 |     android:layout_width="match_parent"
 4 |     android:layout_height="match_parent"
 5 |     android:paddingLeft="16dp"
 6 |     android:paddingRight="16dp"
 7 |     android:orientation="vertical" >
 8 |     <Button
 9 |         android:id="@+id/run_button"
10 |         android:layout_width="100dp"
11 |         android:layout_height="wrap_content"
12 |         android:layout_gravity="center"
13 |         android:text="Run" />
14 | </LinearLayout>


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-anydpi-v26/ic_launcher.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background"/>
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground"/>
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-anydpi-v26/ic_launcher_round.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <adaptive-icon xmlns:android="http://schemas.android.com/apk/res/android">
3 |     <background android:drawable="@drawable/ic_launcher_background"/>
4 |     <foreground android:drawable="@drawable/ic_launcher_foreground"/>
5 | </adaptive-icon>


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-hdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-hdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-hdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-hdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-mdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-mdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-mdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-mdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxxhdpi/ic_launcher.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxxhdpi/ic_launcher.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-mobile/android/libTestApp/src/main/res/mipmap-xxxhdpi/ic_launcher_round.webp


--------------------------------------------------------------------------------
/proton-authenticator-mobile/android/settings.gradle.kts:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         google()
 4 |         mavenCentral()
 5 |         gradlePluginPortal()
 6 |     }
 7 | }
 8 | 
 9 | enableFeaturePreview("TYPESAFE_PROJECT_ACCESSORS")
10 | 
11 | dependencyResolutionManagement {
12 |     repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
13 |     repositories {
14 |         google()
15 |         mavenCentral()
16 |     }
17 | }
18 | 
19 | rootProject.name = "ProtonAuthenticatorCommonRust"
20 | include(":lib")
21 | include(":libTest")
22 | include(":libTestApp")
23 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/bindgen.rs:
--------------------------------------------------------------------------------
1 | fn main() {
2 |     uniffi::uniffi_bindgen_main()
3 | }
4 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/iOS/AuthenticatorRustCore/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | /.build
3 | /Packages
4 | xcuserdata/
5 | DerivedData/
6 | .swiftpm/configuration/registries.json
7 | .swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata
8 | .netrc
9 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/iOS/AuthenticatorRustCore/.swiftpm/xcode/package.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3 | <plist version="1.0">
4 | <dict>
5 | 	<key>IDEDidComputeMac32BitWarning</key>
6 | 	<true/>
7 | </dict>
8 | </plist>
9 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/iOS/AuthenticatorRustCore/Package.swift:
--------------------------------------------------------------------------------
 1 | // swift-tools-version: 6.0
 2 | // The swift-tools-version declares the minimum version of Swift required to build this package.
 3 | 
 4 | import PackageDescription
 5 | 
 6 | let package = Package(
 7 |     name: "AuthenticatorRustCore",
 8 |     platforms: [
 9 |         .iOS(.v17),
10 |         .macOS(.v13),
11 |         .tvOS(.v16),
12 |         .watchOS(.v8),
13 |         .visionOS(.v2)
14 |     ],
15 |     products: [
16 |         // Products define the executables and libraries a package produces, making them visible to other packages.
17 |         .library(
18 |             name: "AuthenticatorRustCore",
19 |             targets: ["AuthenticatorRustCore"]),
20 |     ],
21 |     targets: [
22 |         .binaryTarget(name: "RustFrameworkFFI", path: "./RustFramework.xcframework"),
23 | 
24 |         // Targets are the basic building blocks of a package, defining a module or a test suite.
25 |         // Targets can depend on other targets in this package and products from dependencies.
26 |         .target(
27 |             name: "AuthenticatorRustCore",
28 |             dependencies: [
29 |                 .target(name: "RustFrameworkFFI")
30 |             ],
31 |             swiftSettings: [
32 |                 .unsafeFlags(["-suppress-warnings"]),
33 |             ]
34 |         )
35 |     ]
36 | )
37 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/iOS/AuthenticatorRustCore/README.md:
--------------------------------------------------------------------------------
 1 | # Authenticator Rust Core
 2 | 
 3 | This package expose the common rust validation functions used by all Authenticator clients.
 4 | It enable a clear validation process between client and no surprises in the long run. 
 5 | 
 6 | To update the package please execute the following command at the root of the repository.
 7 | 
 8 | ```bash
 9 | make authenticator-ios-package
10 | ```
11 | 
12 | You can then copy the updated package into the Authenticator application
13 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/benchmark.rs:
--------------------------------------------------------------------------------
 1 | use crate::AuthenticatorEntryModel;
 2 | use proton_authenticator::AuthenticatorClient;
 3 | use std::hint::black_box;
 4 | 
 5 | pub struct MobileTotpBenchmark {
 6 |     milliseconds: u64,
 7 | }
 8 | 
 9 | impl MobileTotpBenchmark {
10 |     pub fn new(milliseconds: u64) -> Self {
11 |         Self { milliseconds }
12 |     }
13 | 
14 |     pub fn run(&self, entry: AuthenticatorEntryModel) -> u64 {
15 |         let start = chrono::Utc::now();
16 |         let as_entry = entry.to_entry().unwrap();
17 | 
18 |         let mut count = 0;
19 |         let entries = vec![as_entry];
20 |         loop {
21 |             let now = chrono::Utc::now();
22 |             if (now - start).num_milliseconds() > self.milliseconds as i64 {
23 |                 break;
24 |             }
25 | 
26 |             let codes = AuthenticatorClient
27 |                 .generate_codes(&entries, now.timestamp() as u64)
28 |                 .unwrap();
29 |             black_box(codes);
30 |             count += 1;
31 |         }
32 | 
33 |         count
34 |     }
35 | }
36 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/benchmark.udl:
--------------------------------------------------------------------------------
1 | interface MobileTotpBenchmark {
2 |   constructor(u64 milliseconds);
3 |   u64 run(AuthenticatorEntryModel model);
4 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/crypto.rs:
--------------------------------------------------------------------------------
 1 | use crate::AuthenticatorEntryModel;
 2 | use proton_authenticator::crypto::EncryptionTag;
 3 | use proton_pass_derive::Error;
 4 | 
 5 | #[derive(Clone, Debug, Error)]
 6 | pub enum AuthenticatorCryptoError {
 7 |     CryptoError,
 8 | }
 9 | 
10 | pub struct AuthenticatorCrypto;
11 | 
12 | impl AuthenticatorCrypto {
13 |     pub fn new() -> Self {
14 |         Self
15 |     }
16 | 
17 |     pub fn generate_key(&self) -> Vec<u8> {
18 |         proton_authenticator::crypto::generate_encryption_key()
19 |     }
20 | 
21 |     pub fn encrypt_entry(
22 |         &self,
23 |         model: AuthenticatorEntryModel,
24 |         key: Vec<u8>,
25 |     ) -> Result<Vec<u8>, AuthenticatorCryptoError> {
26 |         let res = self.encrypt_many_entries(vec![model], key)?;
27 |         Ok(res[0].clone())
28 |     }
29 | 
30 |     pub fn encrypt_many_entries(
31 |         &self,
32 |         models: Vec<AuthenticatorEntryModel>,
33 |         mut key: Vec<u8>,
34 |     ) -> Result<Vec<Vec<u8>>, AuthenticatorCryptoError> {
35 |         let mut res = Vec::with_capacity(models.len());
36 |         for model in models {
37 |             let as_entry = model.to_entry().map_err(|_| AuthenticatorCryptoError::CryptoError)?;
38 |             let serialized = as_entry
39 |                 .serialize()
40 |                 .map_err(|_| AuthenticatorCryptoError::CryptoError)?;
41 |             let decrypted = proton_authenticator::crypto::encrypt(&serialized, &key, EncryptionTag::Entry)
42 |                 .map_err(|_| AuthenticatorCryptoError::CryptoError)?;
43 |             res.push(decrypted);
44 |         }
45 |         key.clear();
46 |         Ok(res)
47 |     }
48 | 
49 |     pub fn decrypt_entry(
50 |         &self,
51 |         ciphertext: Vec<u8>,
52 |         key: Vec<u8>,
53 |     ) -> Result<AuthenticatorEntryModel, AuthenticatorCryptoError> {
54 |         let res = self.decrypt_many_entries(vec![ciphertext], key)?;
55 |         Ok(res[0].clone())
56 |     }
57 | 
58 |     pub fn decrypt_many_entries(
59 |         &self,
60 |         ciphertexts: Vec<Vec<u8>>,
61 |         mut key: Vec<u8>,
62 |     ) -> Result<Vec<AuthenticatorEntryModel>, AuthenticatorCryptoError> {
63 |         let mut res = Vec::with_capacity(ciphertexts.len());
64 |         for ciphertext in ciphertexts {
65 |             let decrypted = proton_authenticator::crypto::decrypt(&ciphertext, &key, EncryptionTag::Entry)
66 |                 .map_err(|_| AuthenticatorCryptoError::CryptoError)?;
67 | 
68 |             let deserialized = proton_authenticator::AuthenticatorEntry::deserialize(&decrypted)
69 |                 .map_err(|_| AuthenticatorCryptoError::CryptoError)?;
70 | 
71 |             let as_model = AuthenticatorEntryModel::from(deserialized);
72 |             res.push(as_model);
73 |         }
74 |         key.clear();
75 |         Ok(res)
76 |     }
77 | }
78 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/crypto.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum AuthenticatorCryptoError {
 3 |   "CryptoError"
 4 | };
 5 | 
 6 | interface AuthenticatorCrypto {
 7 |   constructor();
 8 | 
 9 |   bytes generate_key();
10 | 
11 |   [Throws=AuthenticatorCryptoError]
12 |   bytes encrypt_entry(AuthenticatorEntryModel model, bytes key);
13 | 
14 |   [Throws=AuthenticatorCryptoError]
15 |   sequence<bytes> encrypt_many_entries(sequence<AuthenticatorEntryModel> models, bytes key);
16 | 
17 |   [Throws=AuthenticatorCryptoError]
18 |   AuthenticatorEntryModel decrypt_entry(bytes ciphertext, bytes key);
19 | 
20 |   [Throws=AuthenticatorCryptoError]
21 |   sequence<AuthenticatorEntryModel> decrypt_many_entries(sequence<bytes> ciphertexts, bytes key);
22 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/entry.rs:
--------------------------------------------------------------------------------
 1 | use crate::AuthenticatorError;
 2 | use proton_authenticator::{AuthenticatorEntry, AuthenticatorEntryContent, AuthenticatorEntryType as CommonEntryType};
 3 | 
 4 | #[derive(Clone, Debug)]
 5 | pub struct AuthenticatorEntryModel {
 6 |     pub id: String,
 7 |     pub name: String,
 8 |     pub uri: String,
 9 |     pub period: u16,
10 |     pub issuer: String,
11 |     pub secret: String,
12 |     pub note: Option<String>,
13 |     pub entry_type: AuthenticatorEntryType,
14 | }
15 | 
16 | #[derive(Clone, Debug)]
17 | pub enum AuthenticatorEntryType {
18 |     TOTP,
19 |     Steam,
20 | }
21 | 
22 | impl From<AuthenticatorEntryType> for CommonEntryType {
23 |     fn from(t: AuthenticatorEntryType) -> Self {
24 |         match t {
25 |             AuthenticatorEntryType::TOTP => CommonEntryType::Totp,
26 |             AuthenticatorEntryType::Steam => CommonEntryType::Steam,
27 |         }
28 |     }
29 | }
30 | 
31 | impl AuthenticatorEntryModel {
32 |     pub fn to_entry(&self) -> Result<AuthenticatorEntry, AuthenticatorError> {
33 |         let mut entry = AuthenticatorEntry::from_uri_and_id(&self.uri, self.note.clone(), self.id.clone())?;
34 | 
35 |         if let AuthenticatorEntryContent::Steam(ref mut steam) = entry.content {
36 |             if !self.name.trim().is_empty() {
37 |                 steam.set_name(Some(self.name.trim().to_string()));
38 |             }
39 |         }
40 | 
41 |         Ok(entry)
42 |     }
43 | }
44 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/generator.udl:
--------------------------------------------------------------------------------
 1 | /// Callback that will be invoked when new TOTP codes are generated.
 2 | [Trait, WithForeign]
 3 | interface MobileTotpGeneratorCallback {
 4 |   void on_codes(sequence<AuthenticatorCodeResponse> codes);
 5 | };
 6 | 
 7 | 
 8 | /// Handle returned when calling start. It can be used to cancel the generator.
 9 | /// Make sure to cancel the generator when it's not used, in order not to leave a dangling generator.
10 | [Trait, WithForeign]
11 | interface MobileTotpGenerationHandle {
12 |   void cancel();
13 | };
14 | 
15 | /// Trait that the client must implement in order to provide the current time
16 | [Trait, WithForeign]
17 | interface MobileCurrentTimeProvider {
18 |     u64 now();
19 | };
20 | 
21 | /// Callback-based TOTP generator that allows the caller to subscribe to TOTP code changes, and
22 | /// to get notified of changes in a configurable manner
23 | interface MobileTotpGenerator {
24 | 
25 |   /// Create a new instance of the TOTP generator
26 |   /// - period_ms: how often the generator should check if the codes have changed. Time in ms
27 |   /// - only_on_code_change: if true, only invoke the callback if the codes have changed. If false, it will always be called
28 |   /// - current_time_provider: callback that will be invoked to get the current time
29 |   [Throws=AuthenticatorError]
30 |   constructor(u32 period_ms, boolean only_on_code_change, MobileCurrentTimeProvider current_time);
31 | 
32 |   /// Start generating the codes.
33 |   ///  - entries: Entries to generate codes for
34 |   ///  - callback: callback that will be invoked when new codes are generated
35 |   [Throws=AuthenticatorError]
36 |   MobileTotpGenerationHandle start(sequence<AuthenticatorEntryModel> entries, MobileTotpGeneratorCallback callback);
37 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/import.udl:
--------------------------------------------------------------------------------
 1 | dictionary AuthenticatorImportError {
 2 |   string context;
 3 |   string message;
 4 | };
 5 | 
 6 | dictionary AuthenticatorImportResult {
 7 |   sequence<AuthenticatorEntryModel> entries;
 8 |   sequence<AuthenticatorImportError> errors;
 9 | };
10 | 
11 | [Error]
12 | enum AuthenticatorImportException {
13 |   "BadContent",
14 |   "BadPassword",
15 |   "MissingPassword",
16 |   "DecryptionFailed",
17 | };
18 | 
19 | interface AuthenticatorImporter {
20 |   constructor();
21 | 
22 |   [Throws=AuthenticatorImportException]
23 |   AuthenticatorImportResult import_from_aegis_json(string contents, string? password);
24 | 
25 |   [Throws=AuthenticatorImportException]
26 |   AuthenticatorImportResult import_from_aegis_txt(string contents);
27 | 
28 |   [Throws=AuthenticatorImportException]
29 |   AuthenticatorImportResult import_from_bitwarden_json(string contents);
30 | 
31 |   [Throws=AuthenticatorImportException]
32 |   AuthenticatorImportResult import_from_bitwarden_csv(string contents);
33 | 
34 |   [Throws=AuthenticatorImportException]
35 |   AuthenticatorImportResult import_from_ente_txt(string contents);
36 | 
37 |   [Throws=AuthenticatorImportException]
38 |   AuthenticatorImportResult import_from_google_qr(string contents);
39 | 
40 |   [Throws=AuthenticatorImportException]
41 |   AuthenticatorImportResult import_from_lastpass_json(string contents);
42 | 
43 |   [Throws=AuthenticatorImportException]
44 |   AuthenticatorImportResult import_from_proton_authenticator(string contents);
45 | 
46 |   [Throws=AuthenticatorImportException]
47 |   AuthenticatorImportResult import_from_2fas(string contents, string? password);
48 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/issuer_mapper.rs:
--------------------------------------------------------------------------------
 1 | use proton_authenticator::TOTPIssuerMapper;
 2 | pub struct AuthenticatorIssuerMapper {
 3 |     inner: TOTPIssuerMapper,
 4 | }
 5 | 
 6 | pub struct IssuerInfo {
 7 |     pub domain: String,
 8 |     pub icon_url: String,
 9 | }
10 | 
11 | impl From<proton_authenticator::issuer_mapper::IssuerInfo> for IssuerInfo {
12 |     fn from(value: proton_authenticator::issuer_mapper::IssuerInfo) -> Self {
13 |         Self {
14 |             domain: value.domain,
15 |             icon_url: value.icon_url,
16 |         }
17 |     }
18 | }
19 | 
20 | impl AuthenticatorIssuerMapper {
21 |     pub fn new() -> Self {
22 |         Self {
23 |             inner: TOTPIssuerMapper::new(),
24 |         }
25 |     }
26 | 
27 |     pub fn lookup(&self, issuer: String) -> Option<IssuerInfo> {
28 |         self.inner.lookup(&issuer).map(IssuerInfo::from)
29 |     }
30 | }
31 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/issuer_mapper.udl:
--------------------------------------------------------------------------------
1 | dictionary IssuerInfo { 
2 |     string domain;
3 |     string icon_url;
4 | };
5 | 
6 | interface AuthenticatorIssuerMapper {
7 |     constructor();
8 |     IssuerInfo? lookup(string issuer);
9 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/lib.rs:
--------------------------------------------------------------------------------
 1 | #![allow(clippy::new_without_default)]
 2 | 
 3 | mod authenticator;
 4 | mod benchmark;
 5 | mod crypto;
 6 | mod entry;
 7 | mod generator;
 8 | mod import;
 9 | mod issuer_mapper;
10 | mod log;
11 | mod operations;
12 | mod ordering;
13 | 
14 | uniffi::include_scaffolding!("common");
15 | 
16 | pub fn library_version() -> String {
17 |     proton_authenticator::library_version()
18 | }
19 | 
20 | pub use authenticator::*;
21 | pub use benchmark::*;
22 | pub use crypto::*;
23 | pub use entry::*;
24 | pub use generator::*;
25 | pub use import::*;
26 | pub use issuer_mapper::*;
27 | pub use log::*;
28 | pub use operations::*;
29 | pub use ordering::*;
30 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/log.rs:
--------------------------------------------------------------------------------
 1 | use proton_authenticator::{
 2 |     emit_log_message, register_authenticator_logger as common_register, LogLevel as CommonLogLevel, Logger,
 3 | };
 4 | use std::sync::Arc;
 5 | 
 6 | #[derive(Debug, Clone)]
 7 | pub enum AuthenticatorLogLevel {
 8 |     Trace,
 9 |     Debug,
10 |     Info,
11 |     Warn,
12 |     Error,
13 | }
14 | 
15 | impl From<CommonLogLevel> for AuthenticatorLogLevel {
16 |     fn from(log_level: CommonLogLevel) -> Self {
17 |         match log_level {
18 |             CommonLogLevel::Trace => AuthenticatorLogLevel::Trace,
19 |             CommonLogLevel::Debug => AuthenticatorLogLevel::Debug,
20 |             CommonLogLevel::Info => AuthenticatorLogLevel::Info,
21 |             CommonLogLevel::Warn => AuthenticatorLogLevel::Warn,
22 |             CommonLogLevel::Error => AuthenticatorLogLevel::Error,
23 |         }
24 |     }
25 | }
26 | 
27 | impl From<AuthenticatorLogLevel> for CommonLogLevel {
28 |     fn from(log_level: AuthenticatorLogLevel) -> Self {
29 |         match log_level {
30 |             AuthenticatorLogLevel::Trace => CommonLogLevel::Trace,
31 |             AuthenticatorLogLevel::Debug => CommonLogLevel::Debug,
32 |             AuthenticatorLogLevel::Info => CommonLogLevel::Info,
33 |             AuthenticatorLogLevel::Warn => CommonLogLevel::Warn,
34 |             AuthenticatorLogLevel::Error => CommonLogLevel::Error,
35 |         }
36 |     }
37 | }
38 | 
39 | pub trait AuthenticatorLogger: Send + Sync {
40 |     fn log(&self, level: AuthenticatorLogLevel, msg: String);
41 | }
42 | 
43 | struct LoggerAdapter {
44 |     mobile: Arc<dyn AuthenticatorLogger>,
45 | }
46 | 
47 | impl Logger for LoggerAdapter {
48 |     fn log(&self, level: CommonLogLevel, msg: String) {
49 |         self.mobile.log(level.into(), msg);
50 |     }
51 | }
52 | 
53 | pub fn register_authenticator_logger(logger: Arc<dyn AuthenticatorLogger>) {
54 |     let adapter = LoggerAdapter { mobile: logger };
55 |     common_register(Arc::new(adapter));
56 | }
57 | 
58 | pub fn emit_log(level: AuthenticatorLogLevel, message: String) {
59 |     emit_log_message(level.into(), message)
60 | }
61 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/log.udl:
--------------------------------------------------------------------------------
 1 | enum AuthenticatorLogLevel {
 2 |   "Trace",
 3 |   "Debug",
 4 |   "Info",
 5 |   "Warn",
 6 |   "Error",
 7 | };
 8 | 
 9 | [Trait, WithForeign]
10 | interface AuthenticatorLogger {
11 |     void log(AuthenticatorLogLevel level, string message);
12 | };
13 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/namespace.udl:
--------------------------------------------------------------------------------
1 | namespace proton_authenticator_common_mobile {
2 |     string library_version();
3 |     void register_authenticator_logger(AuthenticatorLogger logger);
4 |     void emit_log(AuthenticatorLogLevel level, string message);
5 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/operations.udl:
--------------------------------------------------------------------------------
 1 | dictionary RemoteEntry {
 2 |   string remote_id;
 3 |   AuthenticatorEntryModel entry;
 4 |   i64 modify_time;
 5 | };
 6 | 
 7 | enum LocalEntryState {
 8 |   "Synced",
 9 |   "PendingSync",
10 |   "PendingToDelete",
11 | };
12 | 
13 | dictionary LocalEntry {
14 |   AuthenticatorEntryModel entry;
15 |   LocalEntryState state;
16 |   i64 modify_time;
17 |   i64? local_modify_time;
18 | };
19 | 
20 | enum OperationType {
21 |   "Upsert",
22 |   "DeleteLocal",
23 |   "DeleteLocalAndRemote",
24 |   "Push",
25 |   "Conflict",
26 | };
27 | 
28 | dictionary EntryOperation {
29 |   string? remote_id;
30 |   AuthenticatorEntryModel entry;
31 |   OperationType operation;
32 | };
33 | 
34 | interface SyncOperationChecker {
35 |   constructor();
36 | 
37 |   [Throws=AuthenticatorError]
38 |   sequence<EntryOperation> calculate_operations(sequence<RemoteEntry> remote, sequence<LocalEntry> local);
39 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/ordering.rs:
--------------------------------------------------------------------------------
 1 | use crate::{AuthenticatorEntryModel, AuthenticatorError};
 2 | use proton_authenticator::ordering::{reorder_items, EntryWithOrder};
 3 | 
 4 | pub struct AuthenticatorEntryWithOrder {
 5 |     pub entry: AuthenticatorEntryModel,
 6 |     pub modify_time: i64,
 7 |     pub order: i32,
 8 | }
 9 | 
10 | impl TryFrom<AuthenticatorEntryWithOrder> for EntryWithOrder {
11 |     type Error = AuthenticatorError;
12 | 
13 |     fn try_from(value: AuthenticatorEntryWithOrder) -> Result<Self, Self::Error> {
14 |         let as_entry = value.entry.to_entry()?;
15 |         Ok(Self {
16 |             entry: as_entry,
17 |             modify_time: value.modify_time,
18 |             order: value.order,
19 |         })
20 |     }
21 | }
22 | 
23 | impl From<EntryWithOrder> for AuthenticatorEntryWithOrder {
24 |     fn from(value: EntryWithOrder) -> Self {
25 |         Self {
26 |             entry: AuthenticatorEntryModel::from(value.entry),
27 |             modify_time: value.modify_time,
28 |             order: value.order,
29 |         }
30 |     }
31 | }
32 | 
33 | pub struct AuthenticatorEntrySorter;
34 | 
35 | impl AuthenticatorEntrySorter {
36 |     pub fn new() -> Self {
37 |         Self
38 |     }
39 | 
40 |     pub fn sort(
41 |         &self,
42 |         local: Vec<AuthenticatorEntryWithOrder>,
43 |         remote: Vec<AuthenticatorEntryWithOrder>,
44 |     ) -> Result<Vec<AuthenticatorEntryWithOrder>, AuthenticatorError> {
45 |         let mut local_mapped = vec![];
46 |         for entry in local {
47 |             local_mapped.push(EntryWithOrder::try_from(entry)?);
48 |         }
49 |         let mut remote_mapped = vec![];
50 |         for entry in remote {
51 |             remote_mapped.push(EntryWithOrder::try_from(entry)?);
52 |         }
53 | 
54 |         let res = reorder_items(&local_mapped, &remote_mapped);
55 | 
56 |         let mut res_mapped = Vec::new();
57 |         for entry in res {
58 |             res_mapped.push(AuthenticatorEntryWithOrder::from(entry));
59 |         }
60 | 
61 |         Ok(res_mapped)
62 |     }
63 | }
64 | 


--------------------------------------------------------------------------------
/proton-authenticator-mobile/src/ordering.udl:
--------------------------------------------------------------------------------
 1 | dictionary AuthenticatorEntryWithOrder {
 2 |   AuthenticatorEntryModel entry;
 3 |   i64 modify_time;
 4 |   i32 order;
 5 | };
 6 | 
 7 | interface AuthenticatorEntrySorter {
 8 |   constructor();
 9 | 
10 |   [Throws=AuthenticatorError]
11 |   sequence<AuthenticatorEntryWithOrder> sort(sequence<AuthenticatorEntryWithOrder> local, sequence<AuthenticatorEntryWithOrder> remote);
12 | };


--------------------------------------------------------------------------------
/proton-authenticator-mobile/uniffi.toml:
--------------------------------------------------------------------------------
 1 | # For Gobley
 2 | kotlin_multiplatform = false
 3 | kotlin_targets = ["jvm"]
 4 | kotlin_target_version = "2.0.21"
 5 | generate_serializable_types = true
 6 | 
 7 | [bindings.kotlin]
 8 | package_name = "proton.android.authenticator.commonrust"
 9 | cdylib_name = "proton_authenticator_common_mobile"
10 | 
11 | [bindings.swift]
12 | module_name = "RustFramework"
13 | cdylib_name = "proton_authenticator_common_mobile"
14 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-authenticator-web"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | # Flags for cargo-release
 7 | [package.metadata.release]
 8 | pre-release-replacements = [
 9 |     {file="package.json", search="  \"version\":.*", replace="  \"version\": \"{{version}}\","}
10 | ]
11 | 
12 | # Needed since rust 1.87+
13 | # https://github.com/rustwasm/wasm-pack/issues/1501
14 | [package.metadata.wasm-pack.profile.release]
15 | wasm-opt = ["--enable-bulk-memory", "--enable-nontrapping-float-to-int"]
16 | 
17 | [lib]
18 | doctest = false
19 | crate-type = ["cdylib", "rlib"]
20 | 
21 | [dependencies]
22 | proton-authenticator = { path = "../proton-authenticator" }
23 | 
24 | js-sys.workspace = true
25 | serde.workspace = true
26 | tsify-next.workspace = true
27 | wasm-bindgen.workspace = true
28 | wasm-bindgen-futures.workspace = true
29 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/asm.js:
--------------------------------------------------------------------------------
 1 | /**
 2 |  * Runtime initialization for ASM.js compilation of WebAssembly modules
 3 |  *
 4 |  * This template serves as the entry point for ASM.js fallback when WebAssembly
 5 |  * is not available. It maintains API compatibility with the WASM version by using
 6 |  * the same wasm-bindgen generated glue code.
 7 |  *
 8 |  * This maintains the same external API as the WASM version while substituting
 9 |  * the WASM backend with an ASM.js implementation, allowing the code to run in
10 |  * environments where WebAssembly is not supported.
11 |  */
12 | 
13 | import asm from "./proton_authenticator_web_bg.asm.js";
14 | import * as $_proton_authenticator_web_bg_js from "./proton_authenticator_web_bg.js";
15 | const wasm = asm({ "./proton_authenticator_web_bg.js": $_proton_authenticator_web_bg_js });
16 | export * from "./proton_authenticator_web_bg.js";
17 | $_proton_authenticator_web_bg_js.__wbg_set_wasm(wasm);
18 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/package.json:
--------------------------------------------------------------------------------
1 | {
2 |   "name": "@protontech/authenticator-rust-core",
3 |   "version": "0.22.0",
4 |   "workspaces": [
5 |     "worker"
6 |   ]
7 | }
8 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/common.rs:
--------------------------------------------------------------------------------
 1 | use serde::{Deserialize, Serialize};
 2 | use tsify_next::Tsify;
 3 | use wasm_bindgen::prelude::*;
 4 | 
 5 | #[derive(Tsify, Deserialize, Serialize)]
 6 | #[tsify(into_wasm_abi, from_wasm_abi)]
 7 | pub struct WasmBoolDict(pub std::collections::HashMap<String, bool>);
 8 | 
 9 | #[allow(dead_code)]
10 | pub fn vec_to_uint8_array(source: Vec<u8>) -> js_sys::Uint8Array {
11 |     let js_res = js_sys::Uint8Array::new_with_length(source.len() as u32);
12 |     for (idx, value) in source.into_iter().enumerate() {
13 |         js_res.set_index(idx as u32, value);
14 |     }
15 | 
16 |     js_res
17 | }
18 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/entry.rs:
--------------------------------------------------------------------------------
 1 | use proton_authenticator::{AuthenticatorEntry, AuthenticatorEntryContent, AuthenticatorEntryType};
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Debug, Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub struct WasmAuthenticatorEntryModel {
 9 |     id: String,
10 |     name: String,
11 |     uri: String,
12 |     period: u16,
13 |     issuer: String,
14 |     secret: String,
15 |     note: Option<String>,
16 |     entry_type: WasmAuthenticatorEntryType,
17 | }
18 | 
19 | impl WasmAuthenticatorEntryModel {
20 |     pub fn to_entry(&self) -> Result<AuthenticatorEntry, JsError> {
21 |         let mut entry = AuthenticatorEntry::from_uri_and_id(&self.uri, self.note.clone(), self.id.clone())
22 |             .map_err(|e| proton_authenticator::AuthenticatorError::Unknown(format!("cannot parse uri: {:?}", e)))?;
23 | 
24 |         if let AuthenticatorEntryContent::Steam(ref mut steam) = entry.content {
25 |             if !self.name.trim().is_empty() {
26 |                 steam.set_name(Some(self.name.trim().to_string()));
27 |             }
28 |         }
29 | 
30 |         Ok(entry)
31 |     }
32 | }
33 | 
34 | impl From<AuthenticatorEntry> for WasmAuthenticatorEntryModel {
35 |     fn from(entry: AuthenticatorEntry) -> Self {
36 |         Self {
37 |             id: entry.id.to_string(),
38 |             name: entry.name(),
39 |             uri: entry.uri(),
40 |             issuer: entry.issuer(),
41 |             period: entry.period(),
42 |             secret: entry.secret(),
43 |             note: entry.note,
44 |             entry_type: WasmAuthenticatorEntryType::from(entry.content),
45 |         }
46 |     }
47 | }
48 | 
49 | #[derive(Debug, Tsify, Deserialize, Serialize)]
50 | #[tsify(into_wasm_abi, from_wasm_abi)]
51 | pub enum WasmAuthenticatorEntryType {
52 |     Totp,
53 |     Steam,
54 | }
55 | 
56 | impl From<AuthenticatorEntryContent> for WasmAuthenticatorEntryType {
57 |     fn from(value: AuthenticatorEntryContent) -> Self {
58 |         match value {
59 |             AuthenticatorEntryContent::Totp(_) => WasmAuthenticatorEntryType::Totp,
60 |             AuthenticatorEntryContent::Steam(_) => WasmAuthenticatorEntryType::Steam,
61 |         }
62 |     }
63 | }
64 | 
65 | impl From<WasmAuthenticatorEntryType> for AuthenticatorEntryType {
66 |     fn from(value: WasmAuthenticatorEntryType) -> Self {
67 |         match value {
68 |             WasmAuthenticatorEntryType::Totp => Self::Totp,
69 |             WasmAuthenticatorEntryType::Steam => Self::Steam,
70 |         }
71 |     }
72 | }
73 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/lib.rs:
--------------------------------------------------------------------------------
 1 | use wasm_bindgen::prelude::*;
 2 | 
 3 | mod common;
 4 | mod entry;
 5 | mod log;
 6 | mod worker;
 7 | 
 8 | #[wasm_bindgen]
 9 | pub fn library_version() -> String {
10 |     proton_authenticator::library_version()
11 | }
12 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/worker/crypto.rs:
--------------------------------------------------------------------------------
 1 | use super::JsResult;
 2 | use crate::common::*;
 3 | use crate::entry::*;
 4 | use js_sys::Uint8Array;
 5 | use proton_authenticator::crypto::EncryptionTag;
 6 | use proton_authenticator::AuthenticatorEntry;
 7 | use wasm_bindgen::prelude::*;
 8 | 
 9 | #[wasm_bindgen]
10 | pub fn generate_key() -> Uint8Array {
11 |     let key = proton_authenticator::crypto::generate_encryption_key();
12 |     vec_to_uint8_array(key)
13 | }
14 | 
15 | #[wasm_bindgen]
16 | pub fn encrypt_entries(models: Vec<WasmAuthenticatorEntryModel>, key: Uint8Array) -> JsResult<Vec<Uint8Array>> {
17 |     let key_as_array = key.to_vec();
18 |     let mut encrypted_entries = Vec::with_capacity(models.len());
19 |     for model in models {
20 |         let as_entry = model.to_entry()?;
21 |         let serialized = as_entry.serialize()?;
22 |         let encrypted = proton_authenticator::crypto::encrypt(&serialized, &key_as_array, EncryptionTag::Entry)
23 |             .map_err(|e| JsError::new(&format!("failed to encrypt entry: {:?}", e)))?;
24 |         encrypted_entries.push(vec_to_uint8_array(encrypted));
25 |     }
26 | 
27 |     Ok(encrypted_entries)
28 | }
29 | 
30 | #[wasm_bindgen]
31 | pub fn decrypt_entries(
32 |     encrypted_entries: Vec<Uint8Array>,
33 |     key: Uint8Array,
34 | ) -> JsResult<Vec<WasmAuthenticatorEntryModel>> {
35 |     let key_as_array = key.to_vec();
36 |     let mut decrypted_entries = Vec::with_capacity(encrypted_entries.len());
37 |     for entry in encrypted_entries {
38 |         let entry_as_bytes = entry.to_vec();
39 |         let decrypted = proton_authenticator::crypto::decrypt(&entry_as_bytes, &key_as_array, EncryptionTag::Entry)
40 |             .map_err(|e| JsError::new(&format!("failed to decrypt entry: {:?}", e)))?;
41 | 
42 |         let as_entry = AuthenticatorEntry::deserialize(&decrypted)
43 |             .map_err(|e| JsError::new(&format!("failed to deserialize entry: {:?}", e)))?;
44 | 
45 |         let as_model = WasmAuthenticatorEntryModel::from(as_entry);
46 |         decrypted_entries.push(as_model);
47 |     }
48 | 
49 |     Ok(decrypted_entries)
50 | }
51 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/worker/issuer.rs:
--------------------------------------------------------------------------------
 1 | use proton_authenticator::{IssuerInfo, TOTPIssuerMapper};
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub struct WasmIssuerInfo {
 9 |     pub domain: String,
10 |     pub icon_url: String,
11 | }
12 | 
13 | impl From<IssuerInfo> for WasmIssuerInfo {
14 |     fn from(value: IssuerInfo) -> Self {
15 |         Self {
16 |             domain: value.domain,
17 |             icon_url: value.icon_url,
18 |         }
19 |     }
20 | }
21 | 
22 | #[wasm_bindgen]
23 | pub struct WasmIssuerMapper {
24 |     inner: TOTPIssuerMapper,
25 | }
26 | 
27 | impl Default for WasmIssuerMapper {
28 |     fn default() -> Self {
29 |         Self::new()
30 |     }
31 | }
32 | 
33 | #[wasm_bindgen]
34 | impl WasmIssuerMapper {
35 |     #[wasm_bindgen(constructor)]
36 |     pub fn new() -> Self {
37 |         Self {
38 |             inner: TOTPIssuerMapper::new(),
39 |         }
40 |     }
41 | 
42 |     #[wasm_bindgen]
43 |     pub fn get_issuer_info(&self, issuer: String) -> Option<WasmIssuerInfo> {
44 |         self.inner.lookup(&issuer).map(WasmIssuerInfo::from)
45 |     }
46 | }
47 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/worker/mod.rs:
--------------------------------------------------------------------------------
 1 | use wasm_bindgen::JsError;
 2 | 
 3 | mod client;
 4 | mod crypto;
 5 | mod generator;
 6 | mod import;
 7 | mod issuer;
 8 | mod operations;
 9 | mod ordering;
10 | 
11 | pub type JsResult<T> = Result<T, JsError>;
12 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/src/worker/ordering.rs:
--------------------------------------------------------------------------------
 1 | use crate::entry::WasmAuthenticatorEntryModel;
 2 | use proton_authenticator::ordering::{reorder_items, EntryWithOrder};
 3 | use serde::{Deserialize, Serialize};
 4 | use tsify_next::Tsify;
 5 | use wasm_bindgen::prelude::wasm_bindgen;
 6 | use wasm_bindgen::JsError;
 7 | 
 8 | #[derive(Tsify, Deserialize, Serialize)]
 9 | #[tsify(into_wasm_abi, from_wasm_abi)]
10 | pub struct AuthenticatorEntryWithOrder {
11 |     pub entry: WasmAuthenticatorEntryModel,
12 |     pub modify_time: i64,
13 |     pub order: i32,
14 | }
15 | 
16 | impl TryFrom<AuthenticatorEntryWithOrder> for EntryWithOrder {
17 |     type Error = JsError;
18 | 
19 |     fn try_from(value: AuthenticatorEntryWithOrder) -> Result<Self, Self::Error> {
20 |         let as_entry = value.entry.to_entry()?;
21 |         Ok(Self {
22 |             entry: as_entry,
23 |             modify_time: value.modify_time,
24 |             order: value.order,
25 |         })
26 |     }
27 | }
28 | 
29 | impl From<EntryWithOrder> for AuthenticatorEntryWithOrder {
30 |     fn from(value: EntryWithOrder) -> Self {
31 |         Self {
32 |             entry: WasmAuthenticatorEntryModel::from(value.entry),
33 |             modify_time: value.modify_time,
34 |             order: value.order,
35 |         }
36 |     }
37 | }
38 | 
39 | #[wasm_bindgen]
40 | pub fn sort_entries(
41 |     local: Vec<AuthenticatorEntryWithOrder>,
42 |     remote: Vec<AuthenticatorEntryWithOrder>,
43 | ) -> Result<Vec<AuthenticatorEntryWithOrder>, JsError> {
44 |     let mut local_mapped = vec![];
45 |     for entry in local {
46 |         local_mapped.push(EntryWithOrder::try_from(entry)?);
47 |     }
48 |     let mut remote_mapped = vec![];
49 |     for entry in remote {
50 |         remote_mapped.push(EntryWithOrder::try_from(entry)?);
51 |     }
52 | 
53 |     let res = reorder_items(&local_mapped, &remote_mapped);
54 | 
55 |     let mut res_mapped = Vec::new();
56 |     for entry in res {
57 |         res_mapped.push(AuthenticatorEntryWithOrder::from(entry));
58 |     }
59 | 
60 |     Ok(res_mapped)
61 | }
62 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/test/README.md:
--------------------------------------------------------------------------------
 1 | # protonauthenticatorwebtest
 2 | 
 3 | To install dependencies:
 4 | 
 5 | ```bash
 6 | bun install
 7 | ```
 8 | 
 9 | To run:
10 | 
11 | ```bash
12 | bun run index.ts
13 | ```
14 | 
15 | This project was created using `bun init` in bun v1.0.18. [Bun](https://bun.sh) is a fast all-in-one JavaScript runtime.
16 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/test/bun.lockb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-authenticator-web/test/bun.lockb


--------------------------------------------------------------------------------
/proton-authenticator-web/test/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "protonauthenticatorwebtest",
 3 |   "module": "index.ts",
 4 |   "type": "module",
 5 |   "devDependencies": {
 6 |     "@types/node": "^22.13.1",
 7 |     "bun-types": "latest"
 8 |   },
 9 |   "peerDependencies": {
10 |     "typescript": "^5.0.0"
11 |   }
12 | }
13 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/test/proton-authenticator-web-worker-generator.spec.ts:
--------------------------------------------------------------------------------
 1 | import { describe, expect, test } from "bun:test";
 2 | 
 3 | 
 4 | import {
 5 |     entry_from_uri,
 6 |     WebTotpGenerator,
 7 |     WasmAuthenticatorCodeResponse,
 8 | } from "./pkg/worker";
 9 | 
10 | 
11 | const delay = async (time: number) => await new Promise(resolve => setTimeout(resolve, time))
12 | 
13 | describe("ProtonAuthenticatorWeb WASM generator", () => {
14 |     test("Can generate codes", async () => {
15 |         const uri = "otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15";
16 |         const entry = entry_from_uri(uri);
17 | 
18 |         const period = 50;
19 |         const timeProvider = () => BigInt(1739284795);
20 |         const generator = new WebTotpGenerator(period, false, timeProvider);
21 | 
22 |         const generated = [];
23 |         const handle = await generator.start([entry], (codes: [WasmAuthenticatorCodeResponse]) => {
24 |             generated.push(codes);
25 |         });
26 | 
27 |         const times = 3;
28 |         await delay(period * times);
29 |         expect(generated.length).toEqual(times);
30 |         handle.cancel();
31 |         await delay(period * 2);
32 |         expect(generated.length).toEqual(times);
33 |     });
34 | });
35 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/test/proton-authenticator-web-worker-importer.spec.ts:
--------------------------------------------------------------------------------
 1 | import { describe, expect, test } from "bun:test";
 2 | 
 3 | import {
 4 |     import_from_2fas, WasmAuthenticatorEntryModel
 5 | } from "./pkg/worker";
 6 | 
 7 | import { readFileSync } from "fs";
 8 | import { fileURLToPath } from "url";
 9 | import path from "path";
10 | 
11 | function loadFile(filename: string): string {
12 |     // @ts-ignore
13 |     const __filename = fileURLToPath(import.meta.url);
14 |     const __dirname = path.dirname(__filename);
15 |     const basePath = path.resolve(__dirname, "../../proton-authenticator/test_data/authenticator");
16 |     const filePath = path.join(basePath, filename);
17 |     return readFileSync(filePath, "utf8");
18 | }
19 | 
20 | describe("ProtonAuthenticatorWeb WASM importer", () => {
21 |     describe("2FAS", () => {
22 |         const validate = (entries: WasmAuthenticatorEntryModel[]): void => {
23 |             expect(entries.length).toEqual(2);
24 | 
25 |             expect(entries[0].entry_type).toEqual("Totp");
26 |             expect(entries[0].name).toEqual("mylabeldefault");
27 |             expect(entries[0].period).toEqual(30);
28 | 
29 |             expect(entries[1].entry_type).toEqual("Steam");
30 |             expect(entries[1].name).toEqual("Steam");
31 |             expect(entries[1].period).toEqual(30);
32 |         };
33 | 
34 |         test("Can import decrypted", () => {
35 |             const contents = loadFile("2fas/decrypted.2fas");
36 |             const imported = import_from_2fas(contents, null);
37 | 
38 |             expect(imported.errors).toBeEmpty();
39 |             validate(imported.entries);
40 |         });
41 |         test("Can import encrypted", () => {
42 |             const contents = loadFile("2fas/encrypted.2fas");
43 |             const imported = import_from_2fas(contents, "test");
44 | 
45 |             expect(imported.errors).toBeEmpty();
46 |             validate(imported.entries);
47 |         });
48 |         test("Throws error with incorrect password", () => {
49 |             const contents = loadFile("2fas/encrypted.2fas");
50 | 
51 |             try {
52 |                 import_from_2fas(contents, "WRONG_PASSWORD");
53 |             } catch (e) {
54 |                 expect(e.message).toEqual("BadPassword");
55 |             }
56 |         });
57 |     });
58 | });
59 | 


--------------------------------------------------------------------------------
/proton-authenticator-web/test/proton-authenticator-web-worker-operations.spec.ts:
--------------------------------------------------------------------------------
 1 | import { describe, expect, test } from "bun:test";
 2 | import * as packageJSON from "./pkg/package.json";
 3 | 
 4 | import {
 5 |     calculate_operations,
 6 |     entry_from_uri,
 7 |     WasmRemoteEntry,
 8 |     WasmLocalEntry,
 9 | } from "./pkg/worker";
10 | 
11 | const NOW = 1_700_000_000;
12 | 
13 | const newEntry = (label: string, secret: string) =>
14 |     entry_from_uri(`otpauth://totp/${label}?secret=${secret}&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15`);
15 | 
16 | describe("ProtonAuthenticatorWeb WASM diff", () => {
17 |     test("Can handle empty lists", () => {
18 |         const res = calculate_operations([], []);
19 |         expect(res).toBeEmpty();
20 |     });
21 | 
22 |     test("Does not return anything in case no differences", () => {
23 |         const entry = newEntry("LABEL", "SECRET");
24 |         const remote: WasmRemoteEntry[] = [
25 |             {entry: entry, remote_id: "ID", modify_time: NOW}
26 |         ];
27 |         const local: WasmLocalEntry[] = [
28 |             {entry: entry, state: "Synced", modify_time: NOW, local_modify_time: undefined}
29 |         ];
30 | 
31 |         const res = calculate_operations(remote, local);
32 |         expect(res).toBeEmpty();
33 |     });
34 | 
35 |     test("Remote entry not present in local returns upsert", () => {
36 |         const entry = newEntry("LABEL", "SECRET");
37 |         const remoteId = "REMOTE_ID";
38 |         const remote: WasmRemoteEntry[] = [
39 |             {entry: entry, remote_id: remoteId, modify_time: NOW}
40 |         ];
41 |         const local: WasmLocalEntry[] = [];
42 | 
43 |         const res = calculate_operations(remote, local);
44 |         expect(res.length).toEqual(1);
45 |         expect(res[0].entry).toEqual(entry);
46 |         expect(res[0].operation).toEqual("Upsert");
47 |         expect(res[0].remote_id).toEqual(remoteId);
48 |     });
49 | 
50 |     test("Local entry pending to be pushed not present in remote returns push", () => {
51 |         const entry = newEntry("LABEL", "SECRET");
52 |         const remote: WasmRemoteEntry[] = [];
53 |         const local: WasmLocalEntry[] = [
54 |             {entry: entry, state: "PendingSync", modify_time: NOW, local_modify_time: undefined}
55 |         ];
56 | 
57 |         const res = calculate_operations(remote, local);
58 |         expect(res.length).toEqual(1);
59 |         expect(res[0].entry).toEqual(entry);
60 |         expect(res[0].operation).toEqual("Push");
61 |         expect(res[0].remote_id).toBeUndefined();
62 |     });
63 | });


--------------------------------------------------------------------------------
/proton-authenticator-web/test/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "compilerOptions": {
 3 |     "lib": ["ESNext"],
 4 |     "module": "esnext",
 5 |     "target": "esnext",
 6 |     "moduleResolution": "bundler",
 7 |     "moduleDetection": "force",
 8 |     "allowImportingTsExtensions": true,
 9 |     "noEmit": true,
10 |     "composite": true,
11 |     "strict": true,
12 |     "downlevelIteration": true,
13 |     "skipLibCheck": true,
14 |     "jsx": "react-jsx",
15 |     "allowSyntheticDefaultImports": true,
16 |     "forceConsistentCasingInFileNames": true,
17 |     "allowJs": true,
18 |     "types": ["bun-types"]
19 |   },
20 |   "include": ["./pkg/**/*"]
21 | }
22 | 


--------------------------------------------------------------------------------
/proton-authenticator/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-authenticator"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | [lib]
 7 | doctest = false
 8 | 
 9 | [dependencies]
10 | proton-pass-derive = { path = "../proton-pass-derive" }
11 | proton-pass-totp = { path = "../proton-pass-totp" }
12 | 
13 | serde.workspace = true
14 | serde_json.workspace = true
15 | 
16 | aes-gcm = "0.10.3"
17 | base32 = "0.5.1"
18 | base64 = "0.22.0"
19 | csv = "1.3.1"
20 | hex = "0.4.3"
21 | hmac-sha1 = "0.2.2"
22 | hmac = "0.12"
23 | pbkdf2 = "0.12.2"
24 | protobuf = "3.7.1"
25 | rand = "0.8"
26 | scrypt = "0.11.0"
27 | sha2 = "0.10"
28 | url = "2.5.4"
29 | 
30 | [target.'cfg(not(target_arch = "wasm32"))'.dependencies]
31 | tokio.workspace = true
32 | 
33 | uuid = { version = "1.15.1", features = ["v4"] }
34 | 
35 | [target.'cfg(target_arch = "wasm32")'.dependencies]
36 | wasm-bindgen-futures.workspace = true
37 | 
38 | getrandom = { version = "0.2.15", features = ["js"] }
39 | gloo-timers = { version = "0.3.0", features = ["futures"] }
40 | uuid = { version = "1.15.1", features = ["v4", "js"] }
41 | 
42 | [build-dependencies]
43 | protobuf-codegen = "3.7.1"
44 | protoc-bin-vendored = "3.1.0"
45 | 
46 | 


--------------------------------------------------------------------------------
/proton-authenticator/build.rs:
--------------------------------------------------------------------------------
 1 | use std::path::{Path, PathBuf};
 2 | 
 3 | fn main() {
 4 |     generate_protos();
 5 | }
 6 | 
 7 | fn generate_protos() {
 8 |     generate_google_authenticator_proto();
 9 |     generate_authenticator_entry_proto();
10 | }
11 | 
12 | fn generate_google_authenticator_proto() {
13 |     let out_dir = Path::new(env!("CARGO_MANIFEST_DIR"))
14 |         .join("src")
15 |         .join("parser")
16 |         .join("google")
17 |         .join("gen");
18 |     generate_proto("google_authenticator.proto", out_dir)
19 | }
20 | 
21 | fn generate_authenticator_entry_proto() {
22 |     let out_dir = Path::new(env!("CARGO_MANIFEST_DIR"))
23 |         .join("src")
24 |         .join("entry")
25 |         .join("gen");
26 |     generate_proto("authenticator_entry.proto", out_dir)
27 | }
28 | 
29 | fn generate_proto(filename: &str, out_dir: PathBuf) {
30 |     println!("cargo:rerun-if-changed=proto/{filename}");
31 |     let proto_dir = Path::new(env!("CARGO_MANIFEST_DIR")).join("proto");
32 |     let proto_path = proto_dir.join(filename);
33 |     if !out_dir.exists() {
34 |         std::fs::DirBuilder::new()
35 |             .recursive(true)
36 |             .create(&out_dir)
37 |             .expect("error creating out dir");
38 |     }
39 | 
40 |     protobuf_codegen::Codegen::new()
41 |         .protoc()
42 |         .protoc_path(&protoc_bin_vendored::protoc_bin_path().unwrap())
43 |         .include(proto_dir)
44 |         .input(proto_path)
45 |         .out_dir(out_dir)
46 |         .run()
47 |         .expect("failed to generate rust from proto");
48 | }
49 | 


--------------------------------------------------------------------------------
/proton-authenticator/proto/authenticator_entry.proto:
--------------------------------------------------------------------------------
 1 | syntax = "proto3";
 2 | 
 3 | message AuthenticatorEntryContentTotp {
 4 |   string uri = 1;
 5 | }
 6 | 
 7 | message AuthenticatorEntryContentSteam {
 8 |   string secret = 1;
 9 | }
10 | 
11 | message AuthenticatorEntryContent {
12 |   oneof content {
13 |       AuthenticatorEntryContentTotp totp = 1;
14 |       AuthenticatorEntryContentSteam steam = 2;
15 |   }
16 | }
17 | 
18 | message AuthenticatorEntryMetadata {
19 |   string name = 1;
20 |   string note = 2;
21 |   string id = 3;
22 | }
23 | 
24 | message AuthenticatorEntry {
25 |   AuthenticatorEntryMetadata metadata = 1;
26 |   AuthenticatorEntryContent content = 2;
27 | }


--------------------------------------------------------------------------------
/proton-authenticator/proto/google_authenticator.proto:
--------------------------------------------------------------------------------
 1 | // Got it from https://github.com/beemdevelopment/Aegis/blob/9ab949a59e75079897b80c89cf388b8e4993b5b8/app/src/main/proto/google_auth.proto
 2 | 
 3 | syntax = "proto3";
 4 | 
 5 | message MigrationPayload {
 6 |   enum Algorithm {
 7 |     ALGORITHM_UNSPECIFIED = 0;
 8 |     ALGORITHM_SHA1 = 1;
 9 |     ALGORITHM_SHA256 = 2;
10 |     ALGORITHM_SHA512 = 3;
11 |     ALGORITHM_MD5 = 4;
12 |   }
13 | 
14 |   enum DigitCount {
15 |     DIGIT_COUNT_UNSPECIFIED = 0;
16 |     DIGIT_COUNT_SIX = 1;
17 |     DIGIT_COUNT_EIGHT = 2;
18 |   }
19 | 
20 |   enum OtpType {
21 |     OTP_TYPE_UNSPECIFIED = 0;
22 |     OTP_TYPE_HOTP = 1;
23 |     OTP_TYPE_TOTP = 2;
24 |   }
25 | 
26 |   message OtpParameters {
27 |     bytes secret = 1;
28 |     string name = 2;
29 |     string issuer = 3;
30 |     Algorithm algorithm = 4;
31 |     DigitCount digits = 5;
32 |     OtpType type = 6;
33 |     optional int64 counter = 7;
34 |   }
35 | 
36 |   repeated OtpParameters otp_parameters = 1;
37 |   int32 version = 2;
38 |   int32 batch_size = 3;
39 |   optional int32 batch_index = 4;
40 |   int32 batch_id = 5;
41 | }


--------------------------------------------------------------------------------
/proton-authenticator/resources/issuerManualOverrides.txt:
--------------------------------------------------------------------------------
1 | protonmail;proton.me;https://proton.me/favicons/apple-touch-icon.png
2 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/entry/gen/mod.rs:
--------------------------------------------------------------------------------
1 | // @generated
2 | 
3 | pub mod authenticator_entry;
4 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/lib.rs:
--------------------------------------------------------------------------------
 1 | #[macro_use]
 2 | pub mod log;
 3 | 
 4 | pub mod crypto;
 5 | pub mod entry;
 6 | pub mod generator;
 7 | pub mod issuer_mapper;
 8 | pub mod operations;
 9 | pub mod ordering;
10 | pub mod parser;
11 | pub mod steam;
12 | 
13 | mod client;
14 | mod utils;
15 | 
16 | #[cfg(test)]
17 | pub mod test_utils;
18 | 
19 | pub use client::{AuthenticatorClient, AuthenticatorCodeResponse, AuthenticatorError};
20 | pub use entry::{
21 |     AuthenticatorEntry, AuthenticatorEntryContent, AuthenticatorEntryError, AuthenticatorEntrySteamCreateParameters,
22 |     AuthenticatorEntryTotpCreateParameters, AuthenticatorEntryTotpParameters, AuthenticatorEntryType,
23 |     AuthenticatorEntryUpdateContents,
24 | };
25 | pub use issuer_mapper::{IssuerInfo, TOTPIssuerMapper};
26 | pub use log::{emit_log_message, register_authenticator_logger, LogLevel, Logger};
27 | pub use parser::aegis::{parse_aegis_json, parse_aegis_txt};
28 | pub use parser::bitwarden::{parse_bitwarden_csv, parse_bitwarden_json};
29 | pub use parser::ente::parse_ente_txt;
30 | pub use parser::google::parse_google_authenticator_totp;
31 | pub use parser::lastpass::parse_lastpass_json;
32 | pub use parser::proton_authenticator::parse_proton_authenticator_export;
33 | pub use parser::twofas::parse_2fas_file;
34 | pub use parser::{ImportError, ImportResult, ThirdPartyImportError};
35 | 
36 | pub fn library_version() -> String {
37 |     env!("CARGO_PKG_VERSION").to_string()
38 | }
39 | 
40 | pub use proton_pass_totp::{Algorithm, TOTP};
41 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/log.rs:
--------------------------------------------------------------------------------
 1 | use std::sync::{Arc, RwLock};
 2 | 
 3 | #[derive(Clone, Debug)]
 4 | pub enum LogLevel {
 5 |     Trace,
 6 |     Debug,
 7 |     Info,
 8 |     Warn,
 9 |     Error,
10 | }
11 | 
12 | pub trait Logger: Send + Sync {
13 |     fn log(&self, level: LogLevel, msg: String);
14 | }
15 | 
16 | static LOGGER: RwLock<Option<Arc<dyn Logger>>> = RwLock::new(None);
17 | 
18 | pub fn register_authenticator_logger(logger: Arc<dyn Logger>) {
19 |     if let Ok(mut r) = LOGGER.write() {
20 |         *r = Some(logger);
21 |     }
22 | }
23 | 
24 | pub fn emit_log_message(level: LogLevel, msg: String) {
25 |     with_logger(|logger| logger.log(level, msg));
26 | }
27 | 
28 | pub fn with_logger<F>(cb: F)
29 | where
30 |     F: FnOnce(Arc<dyn Logger>),
31 | {
32 |     if let Ok(ref logger) = LOGGER.read() {
33 |         if let Some(logger) = logger.as_ref() {
34 |             cb(logger.clone());
35 |         }
36 |     }
37 | }
38 | 
39 | #[macro_export]
40 | macro_rules! trace {
41 |     ($($args:tt)*) => {
42 |         $crate::log::with_logger(|logger| logger.log($crate::log::LogLevel::Trace, format_args!($($args)*).to_string(),));
43 |     }
44 | }
45 | 
46 | #[macro_export]
47 | macro_rules! debug {
48 |     ($($args:tt)*) => {
49 |         $crate::log::with_logger(|logger| logger.log($crate::log::LogLevel::Debug, format_args!($($args)*).to_string(),));
50 |     }
51 | }
52 | 
53 | #[macro_export]
54 | macro_rules! info {
55 |     ($($args:tt)*) => {
56 |         $crate::log::with_logger(|logger| logger.log($crate::log::LogLevel::Info, format_args!($($args)*).to_string(),));
57 |     }
58 | }
59 | 
60 | #[macro_export]
61 | macro_rules! warn {
62 |     ($($args:tt)*) => {
63 |         $crate::log::with_logger(|logger| logger.log($crate::log::LogLevel::Warn, format_args!($($args)*).to_string(),));
64 |     }
65 | }
66 | 
67 | #[macro_export]
68 | macro_rules! error {
69 |     ($($args:tt)*) => {
70 |         $crate::log::with_logger(|logger| logger.log($crate::log::LogLevel::Error, format_args!($($args)*).to_string(),));
71 |     }
72 | }
73 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/aegis/mod.rs:
--------------------------------------------------------------------------------
 1 | mod db;
 2 | mod encrypted;
 3 | mod json;
 4 | mod txt;
 5 | 
 6 | #[derive(Clone, Debug)]
 7 | pub enum AegisImportError {
 8 |     Unsupported(String),
 9 |     BadContent,
10 |     BadPassword,
11 |     NotEncryptedBackupWithPassword,
12 |     EncryptedBackupWithNoPassword,
13 |     UnableToDecrypt,
14 | }
15 | 
16 | impl From<AegisImportError> for ThirdPartyImportError {
17 |     fn from(value: AegisImportError) -> Self {
18 |         match value {
19 |             AegisImportError::Unsupported(_) => Self::BadContent,
20 |             AegisImportError::BadContent => Self::BadContent,
21 |             AegisImportError::BadPassword => Self::BadPassword,
22 |             AegisImportError::NotEncryptedBackupWithPassword => Self::BadPassword,
23 |             AegisImportError::EncryptedBackupWithNoPassword => Self::MissingPassword,
24 |             AegisImportError::UnableToDecrypt => Self::DecryptionFailed,
25 |         }
26 |     }
27 | }
28 | 
29 | use crate::parser::ThirdPartyImportError;
30 | pub use json::parse_aegis_json;
31 | pub use txt::parse_aegis_txt;
32 | 
33 | #[cfg(test)]
34 | mod test {
35 |     use crate::{AuthenticatorEntry, AuthenticatorEntryContent};
36 |     use proton_pass_totp::algorithm::Algorithm;
37 | 
38 |     pub fn check_export_matches(entries: Vec<AuthenticatorEntry>, check_steam_name: bool) {
39 |         assert_eq!(entries.len(), 3);
40 |         check_totp(&entries[0].content, 15, 8, Algorithm::SHA256);
41 |         check_totp(&entries[1].content, 30, 6, Algorithm::SHA1);
42 | 
43 |         let name = if check_steam_name {
44 |             Some("Steam".to_string())
45 |         } else {
46 |             None
47 |         };
48 |         check_steam(&entries[2].content, name);
49 |     }
50 | 
51 |     fn check_totp(entry: &AuthenticatorEntryContent, period: u16, digits: u8, algorithm: Algorithm) {
52 |         match entry {
53 |             AuthenticatorEntryContent::Totp(totp) => {
54 |                 assert_eq!(totp.period.expect("should have period"), period);
55 |                 assert_eq!(totp.digits.expect("should have digits"), digits);
56 |                 assert_eq!(totp.algorithm.expect("should have algorithm"), algorithm);
57 |             }
58 |             _ => panic!("Should be AuthenticatorEntryContent::Totp"),
59 |         };
60 |     }
61 | 
62 |     fn check_steam(entry: &AuthenticatorEntryContent, name: Option<String>) {
63 |         match entry {
64 |             AuthenticatorEntryContent::Steam(entry) => {
65 |                 assert_eq!(entry.name, name);
66 |             }
67 |             _ => panic!("Should be AuthenticatorEntryContent::Steam"),
68 |         };
69 |     }
70 | }
71 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/aegis/txt.rs:
--------------------------------------------------------------------------------
 1 | use crate::parser::aegis::AegisImportError;
 2 | use crate::parser::{ImportError, ImportResult};
 3 | use crate::AuthenticatorEntry;
 4 | 
 5 | pub fn parse_aegis_txt(input: &str) -> Result<ImportResult, AegisImportError> {
 6 |     let mut entries = Vec::new();
 7 |     let mut errors = Vec::new();
 8 |     for (idx, line) in input.lines().enumerate() {
 9 |         let trimmed = line.trim();
10 |         if !trimmed.is_empty() {
11 |             match AuthenticatorEntry::from_uri(trimmed, None) {
12 |                 Ok(entry) => entries.push(entry),
13 |                 Err(e) => {
14 |                     errors.push(ImportError {
15 |                         context: format!("Error in line {idx}"),
16 |                         message: format!("Error in line [{}] : {:?}", trimmed, e),
17 |                     });
18 |                 }
19 |             }
20 |         }
21 |     }
22 | 
23 |     Ok(ImportResult { entries, errors })
24 | }
25 | 
26 | #[cfg(test)]
27 | mod tests {
28 |     use super::*;
29 |     use crate::parser::aegis::test::check_export_matches;
30 |     use crate::test_utils::get_file_contents;
31 |     use crate::AuthenticatorEntryContent;
32 | 
33 |     #[test]
34 |     fn can_parse_aegis_txt() {
35 |         let content = get_file_contents("aegis/aegis-txt.txt");
36 |         let parsed = parse_aegis_txt(&content).expect("should be able to parse");
37 |         check_export_matches(parsed.entries, false);
38 |         assert!(parsed.errors.is_empty());
39 |     }
40 | 
41 |     #[test]
42 |     fn steam_entry_imported_from_aegis_txt_generates_correct_code() {
43 |         let content = get_file_contents("aegis/aegis-txt.txt");
44 |         let parsed = parse_aegis_txt(&content).expect("should be able to parse");
45 | 
46 |         let steam_entry = parsed
47 |             .entries
48 |             .iter()
49 |             .find(|e| matches!(&e.content, AuthenticatorEntryContent::Steam(_)))
50 |             .expect("entry should exist");
51 | 
52 |         let now = 1742298622;
53 |         let code = crate::AuthenticatorClient::generate_code(steam_entry, now).expect("should generate code");
54 |         assert_eq!("NTK5M", code.current_code);
55 |     }
56 | }
57 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/bitwarden/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::parser::ThirdPartyImportError;
 2 | 
 3 | mod csv;
 4 | mod json;
 5 | 
 6 | #[derive(Clone, Debug, PartialEq, Eq)]
 7 | pub enum BitwardenImportError {
 8 |     BadContent,
 9 |     Unsupported,
10 |     MissingPassword,
11 | }
12 | 
13 | impl From<BitwardenImportError> for ThirdPartyImportError {
14 |     fn from(value: BitwardenImportError) -> Self {
15 |         match value {
16 |             BitwardenImportError::BadContent => Self::BadContent,
17 |             BitwardenImportError::Unsupported => Self::BadContent,
18 |             BitwardenImportError::MissingPassword => Self::MissingPassword,
19 |         }
20 |     }
21 | }
22 | 
23 | pub use csv::parse_bitwarden_csv;
24 | pub use json::parse_bitwarden_json;
25 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/ente/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::parser::ThirdPartyImportError;
 2 | 
 3 | mod txt;
 4 | 
 5 | #[derive(Clone, Debug)]
 6 | pub enum EnteImportError {
 7 |     BadContent,
 8 |     Unsupported,
 9 | }
10 | 
11 | impl From<EnteImportError> for ThirdPartyImportError {
12 |     fn from(value: EnteImportError) -> Self {
13 |         match value {
14 |             EnteImportError::BadContent => Self::BadContent,
15 |             EnteImportError::Unsupported => Self::BadContent,
16 |         }
17 |     }
18 | }
19 | 
20 | pub use txt::parse_ente_txt;
21 | 
22 | #[cfg(test)]
23 | mod test {
24 |     use crate::{AuthenticatorEntry, AuthenticatorEntryContent};
25 |     use proton_pass_totp::algorithm::Algorithm;
26 | 
27 |     pub fn check_ente_entries(entries: Vec<AuthenticatorEntry>) {
28 |         assert_eq!(entries.len(), 2);
29 |         check_totp(
30 |             &entries[0],
31 |             "MyLabel256_8_15",
32 |             "JVMVGRKDKJCVI===",
33 |             "MyIssuer",
34 |             Algorithm::SHA256,
35 |             8,
36 |             15,
37 |         );
38 |         check_totp(
39 |             &entries[1],
40 |             "MyLabelDefault",
41 |             "JVMVGRKDKJCVI===",
42 |             "MyIssuer",
43 |             Algorithm::SHA1,
44 |             6,
45 |             30,
46 |         );
47 |     }
48 | 
49 |     fn check_totp(
50 |         entry: &AuthenticatorEntry,
51 |         label: &str,
52 |         secret: &str,
53 |         issuer: &str,
54 |         algorithm: Algorithm,
55 |         digits: u8,
56 |         period: u16,
57 |     ) {
58 |         match &entry.content {
59 |             AuthenticatorEntryContent::Totp(totp) => {
60 |                 assert_eq!(totp.digits.expect("should have digits"), digits);
61 |                 assert_eq!(totp.period.expect("should have period"), period);
62 |                 assert_eq!(totp.algorithm.expect("should have algorithm"), algorithm);
63 |                 assert_eq!(totp.secret, secret);
64 |                 assert_eq!(totp.label.clone().expect("should have label"), label);
65 |                 assert_eq!(totp.issuer.clone().expect("should have issuer"), issuer);
66 |             }
67 |             _ => panic!("should be AuthenticatorEntryContent::Totp"),
68 |         }
69 |     }
70 | }
71 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/google/gen/mod.rs:
--------------------------------------------------------------------------------
1 | // @generated
2 | 
3 | pub mod google_authenticator;
4 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/lastpass/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::parser::ThirdPartyImportError;
 2 | 
 3 | mod json;
 4 | 
 5 | #[derive(Clone, Debug)]
 6 | pub enum LastPassImportError {
 7 |     BadContent(String),
 8 | }
 9 | 
10 | impl From<LastPassImportError> for ThirdPartyImportError {
11 |     fn from(e: LastPassImportError) -> Self {
12 |         match e {
13 |             LastPassImportError::BadContent(_) => Self::BadContent,
14 |         }
15 |     }
16 | }
17 | 
18 | pub use json::parse_lastpass_json;
19 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::AuthenticatorEntry;
 2 | 
 3 | pub mod aegis;
 4 | pub mod bitwarden;
 5 | pub mod ente;
 6 | pub mod google;
 7 | pub mod lastpass;
 8 | pub mod proton_authenticator;
 9 | pub mod twofas;
10 | 
11 | #[derive(Clone, Debug)]
12 | pub struct ImportError {
13 |     pub context: String,
14 |     pub message: String,
15 | }
16 | 
17 | #[derive(Clone, Debug)]
18 | pub struct ImportResult {
19 |     pub entries: Vec<AuthenticatorEntry>,
20 |     pub errors: Vec<ImportError>,
21 | }
22 | 
23 | #[derive(Clone, Debug, proton_pass_derive::Error)]
24 | pub enum ThirdPartyImportError {
25 |     BadContent,
26 |     BadPassword,
27 |     MissingPassword,
28 |     DecryptionFailed,
29 | }
30 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/proton_authenticator/mod.rs:
--------------------------------------------------------------------------------
1 | use crate::parser::ImportResult;
2 | use crate::ThirdPartyImportError;
3 | 
4 | pub fn parse_proton_authenticator_export(input: &str) -> Result<ImportResult, ThirdPartyImportError> {
5 |     crate::entry::import_authenticator_entries(input).map_err(|_| ThirdPartyImportError::BadContent)
6 | }
7 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/parser/twofas/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::parser::ThirdPartyImportError;
 2 | 
 3 | mod parser;
 4 | 
 5 | #[derive(Clone, Debug)]
 6 | pub enum TwoFasImportError {
 7 |     BadContent,
 8 |     Unsupported,
 9 |     UnableToDecrypt,
10 |     WrongPassword,
11 |     MissingPassword,
12 | }
13 | 
14 | impl From<TwoFasImportError> for ThirdPartyImportError {
15 |     fn from(e: TwoFasImportError) -> Self {
16 |         match e {
17 |             TwoFasImportError::BadContent => Self::BadContent,
18 |             TwoFasImportError::Unsupported => Self::BadContent,
19 |             TwoFasImportError::UnableToDecrypt => Self::DecryptionFailed,
20 |             TwoFasImportError::WrongPassword => Self::BadPassword,
21 |             TwoFasImportError::MissingPassword => Self::MissingPassword,
22 |         }
23 |     }
24 | }
25 | 
26 | pub use parser::parse_2fas_file;
27 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/test_utils.rs:
--------------------------------------------------------------------------------
 1 | pub fn get_file_contents_raw(name: &str) -> Vec<u8> {
 2 |     let crate_path = std::path::Path::new(env!("CARGO_MANIFEST_DIR"));
 3 |     let file_path = crate_path.join("test_data").join("authenticator").join(name);
 4 | 
 5 |     std::fs::read(&file_path).unwrap_or_else(|_| panic!("cannot open {}", file_path.display()))
 6 | }
 7 | 
 8 | pub fn get_file_contents(name: &str) -> String {
 9 |     String::from_utf8(get_file_contents_raw(name)).unwrap_or_else(|e| panic!("cannot read {}: {:?}", name, e))
10 | }
11 | 


--------------------------------------------------------------------------------
/proton-authenticator/src/utils.rs:
--------------------------------------------------------------------------------
 1 | use std::collections::HashMap;
 2 | use std::hash::Hash;
 3 | 
 4 | pub fn list_to_map<T, K: Eq + Hash, F: Fn(&T) -> K>(input: Vec<T>, f: F) -> HashMap<K, T> {
 5 |     let mut map = HashMap::new();
 6 |     for item in input {
 7 |         let key = f(&item);
 8 |         map.insert(key, item);
 9 |     }
10 |     map
11 | }
12 | 


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/2fas/decrypted.2fas:
--------------------------------------------------------------------------------
 1 | {
 2 |   "services": [
 3 |     {
 4 |       "name": "myissuer",
 5 |       "secret": "MYSECRET",
 6 |       "updatedAt": 1738059994570,
 7 |       "otp": {
 8 |         "label": "mylabeldefault",
 9 |         "account": "mylabeldefault",
10 |         "issuer": "myissuer",
11 |         "digits": 6,
12 |         "period": 30,
13 |         "algorithm": "SHA1",
14 |         "tokenType": "TOTP",
15 |         "source": "Link"
16 |       },
17 |       "order": {
18 |         "position": 0
19 |       },
20 |       "icon": {
21 |         "selected": "Label",
22 |         "label": {
23 |           "text": "MY",
24 |           "backgroundColor": "Indigo"
25 |         },
26 |         "iconCollection": {
27 |           "id": "a5b3fb65-4ec5-43e6-8ec1-49e24ca9e7ad"
28 |         }
29 |       }
30 |     },
31 |     {
32 |       "name": "Steam",
33 |       "secret": "STEAMKEY",
34 |       "updatedAt": 1738059994575,
35 |       "serviceTypeID": "d241edff-480f-4201-840a-5a1c1d1323c2",
36 |       "otp": {
37 |         "issuer": "Steam",
38 |         "digits": 5,
39 |         "period": 30,
40 |         "algorithm": "SHA1",
41 |         "tokenType": "STEAM",
42 |         "source": "Link"
43 |       },
44 |       "order": {
45 |         "position": 1
46 |       },
47 |       "icon": {
48 |         "selected": "IconCollection",
49 |         "iconCollection": {
50 |           "id": "d5fd5765-bc30-407a-923f-e1dfd5cec49f"
51 |         }
52 |       }
53 |     }
54 |   ],
55 |   "groups": [],
56 |   "updatedAt": 1738060509269,
57 |   "schemaVersion": 4,
58 |   "appVersionCode": 5000029,
59 |   "appVersionName": "5.4.8",
60 |   "appOrigin": "android"
61 | }


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/2fas/decrypted_ios.2fas:
--------------------------------------------------------------------------------
1 | {"appVersionCode":50313,"appVersionName":"5.3.13","schemaVersion":4,"groups":[],"appOrigin":"ios","services":[{"name":"Code1 2FAS","badge":{"color":"Default"},"otp":{"digits":6,"counter":0,"tokenType":"TOTP","period":30,"source":"manual","algorithm":"SHA1"},"secret":"JDJDBDBDDBDBBXBXB","icon":{"selected":"Label","label":{"text":"CO","backgroundColor":"Brown"},"iconCollection":{"id":"A5B3FB65-4EC5-43E6-8EC1-49E24CA9E7AD"}},"order":{"position":0},"updatedAt":1746698149000},{"name":"Code2 2FAS","badge":{"color":"Default"},"otp":{"digits":6,"counter":0,"tokenType":"TOTP","period":30,"source":"manual","algorithm":"SHA1"},"secret":"JDJDUZBXHSHDBXBXHBB","icon":{"selected":"Label","label":{"text":"CO","backgroundColor":"Yellow"},"iconCollection":{"id":"A5B3FB65-4EC5-43E6-8EC1-49E24CA9E7AD"}},"order":{"position":1},"updatedAt":1746698163000}]}


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/2fas/encrypted.2fas:
--------------------------------------------------------------------------------
 1 | {
 2 |   "services": [],
 3 |   "groups": [],
 4 |   "updatedAt": 1738060518498,
 5 |   "schemaVersion": 4,
 6 |   "appVersionCode": 5000029,
 7 |   "appVersionName": "5.4.8",
 8 |   "appOrigin": "android",
 9 |   "servicesEncrypted": "vHaJlrtehS0Si1YIFI+DsdZMirSjqi3P+KtY+sHZCjVFg2YdJTftO6iCdQFLSYP9r7rNG8DBWFx4FUBMm9sMGdEB8D+GZ6RikXDGhdm4jUUb0Nl3fVQJzivmeHPe8e73j49qqsqRicTH1IilMpRbgN33DaxoNYI/ziJNtCaYlKS+Y7XVMsaZuPR9cQSmPZhLUc68uU3KMYNHEqQd8Om/+LWOvKb1V4rq4QPWHZyh+JzBGQ3QbkhlQf9y+VND0bwM5cTKzhs/jnudpAiQU8acOJSNq5OyA2vaschYJs3kvg41i7k/dYku/TeoGpSwbnomE6JIHkSX08OrV4RxibHt1+DEyruU3HaCMSdJ3FtfY8SsU8tzgTMbxqyQwkDJ6RdXiKtLgGsy7PSwo5JCDn5+akALpuI0UYlbwgP1B0UKfR/kc11r/sfzp9+jISzU3FPhkx205aKn03g3VcTNFBdIakl3sqWDDjKJJ1uprg2AsvVNk7AJJIUPiOVQ2b51JJmMCmq1PdJrK1DxJz3ZkXkt26C/Z36gdzMJYkHnZWpQh2umbqhd7PtTWnUSBQiIF9SVA0kQx7hjax5hCssrqBARWWskvr/rBTgbeWrHMhjknS084gLK/DFsvKSrNplKAbQNaLV40OV0EYOhD8G1Ikgk/bivlb0Yp28I8oQFyIetNZnYWHNUAYDjZpFHjK9DKhEuBUIi8yZhhdG0Fgx3K8TUzDSjJ+TujI9PTqL7mBFedDv1SWll9b/9FYff8O8mF2+B6cnRd7pLFHMcI4grB8eDhIO2nZuzObnAw/niJxvbbmFkPLHQnUHsQs7OroOox0hqj7VFgalEHrVAi1DbOgRnAou38n+APEQy3PJiHTPZk54gZ7jWrEkk+K/w3GbXvyzCnACTOSmDmOyaIdv5FA1gmm5OExwN9ltrm11yh7NWsofQDI+QGrrB7V4aksqwS0qz8il/1vhSH4P6/EhuC92h0ky2zud5NdOfBsJ8:JFpdtsTBX31A+tYxmLikSmPM/amVh7rOZL0gTu2iUBzO12cBBMIm/t+VCSGacSMS4lluwQjlSWFE4lJ7sCmZxTGxDh1GcQd31speMzWxWPu6FSnt4kD1N16NX9yqKd3hkxbKZ0jyK04IW+uNBItMoH2GvmZF2p9NZ3Xs9oRljXoffrq8fLD7Are/J+N2PGekbT/XY9CEKgBWfi04xFfMKJ8lZy8DEmR013F8PbOTEEmujnXznoiltfWKy1z8x25IRL30Ak86EJgtmQ6qRCY74iU59T/MW5EBKBWStqdYlOBtnHzZ8KSGEkpy9TK2MiSQeSRX9oLKpzAqUPKLu4G4Xg==:pYsYDrS0dv9uWJPU",
10 |   "reference": "vwIh3XpwPDbXX4aGXV9T6k3WFVbPlwd9/DYTQEEabLWdsGAOfuNJrt5gJbXPjAP88rF/g7X6hYm+Ib89dveDRhmixF6N4KdjOswePkgi2nUZCFH5cwkGh7UmdbrbIBw/60EDmPvYO+koJYQSZVXYIBsBnYCEVc6/JoxcOcWi9YcYVWAA02+bChDqQ6GrNW78O4eh+TRz7ZxF2VuN23I2sA4Z2ccIlPTK2LhZchOCFO2UVFgvUlZzAB6vv78Kf4cCxWrlYh2NmaEGNRfY6zB7G/L2WYRL3pkXe4HgTYltjDJlQjfV6YP0e8cDvAbY+kFtfgE2fyjy0o/SrDaTJ5GaTAuJT1/TfURPPepntF2vM9M=:JFpdtsTBX31A+tYxmLikSmPM/amVh7rOZL0gTu2iUBzO12cBBMIm/t+VCSGacSMS4lluwQjlSWFE4lJ7sCmZxTGxDh1GcQd31speMzWxWPu6FSnt4kD1N16NX9yqKd3hkxbKZ0jyK04IW+uNBItMoH2GvmZF2p9NZ3Xs9oRljXoffrq8fLD7Are/J+N2PGekbT/XY9CEKgBWfi04xFfMKJ8lZy8DEmR013F8PbOTEEmujnXznoiltfWKy1z8x25IRL30Ak86EJgtmQ6qRCY74iU59T/MW5EBKBWStqdYlOBtnHzZ8KSGEkpy9TK2MiSQeSRX9oLKpzAqUPKLu4G4Xg==:DJtLQp1wy4PbZufx"
11 | }


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/2fas/password:
--------------------------------------------------------------------------------
1 | test


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/aegis/aegis-json-encrypted-test.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "version": 1,
 3 |     "header": {
 4 |         "slots": [
 5 |             {
 6 |                 "type": 1,
 7 |                 "uuid": "12dc9537-e949-4a74-81ed-9a9d1dd627a1",
 8 |                 "key": "4b12b03b214c6a50fbdecf29463f43e3b68f9d14536ceba418f65f6d03a25e31",
 9 |                 "key_params": {
10 |                     "nonce": "e5c83664c38a64175b021edb",
11 |                     "tag": "847f4dd400614f21cd81c9b9793f89ea"
12 |                 },
13 |                 "n": 32768,
14 |                 "r": 8,
15 |                 "p": 1,
16 |                 "salt": "133b37b6b6ce7e8bbd7980e520a94bf9ba041ac5dfbf8bb6df07728c5f57f0d7",
17 |                 "repaired": true,
18 |                 "is_backup": false
19 |             }
20 |         ],
21 |         "params": {
22 |             "nonce": "795324d644a585e5ff6d11a1",
23 |             "tag": "8097bfbb663b97bbaca30912df65cbe4"
24 |         }
25 |     },
26 |     "db": "IvZKCAJ69YeNwkMtNEDXP2jfsTdLkYz3QU+wiXrcOyXTKumGySOlm987eQNnNVxpXcKkRNJwOFVZOk\/8dYCDYYYjmFwpWwlmBwJ8oa1GyXw+hhY0V6x22a\/yHrEnfsibJxnI27w8Rl2ThjRi68+ts43jpoR72VVCDb559m5Xb5cOWdTX2hE0Doj73OanKV2hlXY6kE2CWR41oA4l17MRiv\/iCBvHszMd2Xkt7q8gjG17\/zvvuM4Vrn2zDFnE\/OPUSm3NBx0fOk+PjDvfHLPFqPSbRh6+ozj8NTFZrsi8QNPjKSvhjjnH56DOoSOm7bZ\/9BsCHd+n6sZegtC50atOo5Ar5Q3x9Ssb3jwXtkYGU1uxYnbUrHz+eBlCuZrt1dVoy3Y4XWWN7ti2F0TwMPWECqwytxHDqIAFFWsQUDoUNMDFdJX7n0U7IlRfCm5DUGyo2UlSSViIKlDTSXGFuzvz5Kag4fDVYi2oxvCef4LiS5our4+48kcj8ZomW\/dt5F5HtnlydxhiLlrKeOfl9jKPuTSp2Z2vnAPjBh9dt9gElQxEQHUfh6XjAZIV8sAV0kbp8O5DtHidi9iB1JgsJ+YgX6ii9XIqWBiEOxf0iUUZZmFstFptcfCu2gbvRaXxNHp378B5PyAmXThYVEjOAL\/Nr8Kx3UQrg2Eu+YTT5hzCNoEXLnzoSRPWzj77OilWRLWL4Bc\/46F1OE+wJUWlx+bVov80G5mzSE7TSRl5xGZTXwzQ7m+A2m6sTByhi6U2DxX1pyuqOVzom5GIXvxW7TEwUDp5bxAzP\/Y\/MV1Lor+HhDoVdTScuwXeFIadRJBzwkPh+d++UYajomgEsoOpSF3iak54vM\/V54mCF8Lk4OE5vh7LPyJTls4fECGbpR0WSX8ummkbeNqZ6FVbuh+BvMN+U4An4+22HxGGgaLAIfqsxZnvOnis9lQa54zFd9i0XhiBylfC33hcmRbPBZAiApvjkrnvwA\/fnH3XGz\/zcCxbdjmQFGAwXdRbJhSKPjsEQB0F7LlAbjeHmTDOXUYgbhEyFqo3Qn0EIQr4jn9wjyyJz7oll0iA+wyugT\/\/o1I33R+wYL5xYPMqueriQ1U0Zifrf7vyGrF6LBDsoy+0f2qVDZo1NpEJntWcmNBJ1FciO9+xvuJnfOXBTEflbK5439qBPzn6Zr5bWaUopqwUChzSqrEQjIRzHsGXsr5FxXkMRlQKm\/w1B+juywe\/LlbVzots2XPPPq\/aW90Rl149GrXL5H6qDKISEbwCXreEp\/Hw0MvYLux29piMo+NBy6SrY3WoSBAvKeqFaOdtO+Ci5oU6ri\/QhjtHqABgybudZItcjHK1iPDI+d5TZtiIjHoWyLv1UTdNxDBYNXTa80oS0aWYDJtF+eIt6Fzr\/vzfQQ1p5kD8idAAGFX8buP0zo9hQClHUDFvEDyEetL4KujAOz3YBIfAlyocBozusdFwbAf7uGC6uQrWWiDVeBf3OAxmjHm9Vp9QYFjTAT8wwZKsjNKxPswTPKjCrcQMOeuc+6VjM6TAv4vHdUsTOBt0FCkaFREpsMSnep3WiKdcS7aXX91YuM8CWm\/\/mc1oGzMHHt9jNGC1le4M\/QiPJRSL4fpcbhHCoiFuuj9PhgG6fs41dt6LMuaqfUJoRkjraCPIKWbcYjMzbwp3B1YkPdjJ681JNCw4Hx63mFl7Uc9hoiyY3GRHolVccsJL0SivUtYEsYnsLomdTBVcQ1KhHpDAYpHuWNw57RY25XnewLMrkNHe\/xMKkEy6qbvq+Y2izALgD+VUvN\/s9BFpLt3w9iCz9+DaJT4dTkGvI19FclXzCYxGWobU2WgFNkcGeCI\/ljhuVcg0m17q5H24r4fpeD0uqWoGmeYV37JWefxxJBhnfDrZwaWIc0c5OU4EohW8xqob9JE="
27 | }


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/aegis/aegis-json-unencrypted.json:
--------------------------------------------------------------------------------
 1 | {
 2 |     "version": 1,
 3 |     "header": {
 4 |         "slots": null,
 5 |         "params": null
 6 |     },
 7 |     "db": {
 8 |         "version": 3,
 9 |         "entries": [
10 |             {
11 |                 "type": "totp",
12 |                 "uuid": "641e6db3-296a-49ad-ab75-9f4069ba0e53",
13 |                 "name": "mylabel815256",
14 |                 "issuer": "myissuer",
15 |                 "note": "",
16 |                 "favorite": false,
17 |                 "icon": null,
18 |                 "info": {
19 |                     "secret": "MYSECRET",
20 |                     "algo": "SHA256",
21 |                     "digits": 8,
22 |                     "period": 15
23 |                 },
24 |                 "groups": []
25 |             },
26 |             {
27 |                 "type": "totp",
28 |                 "uuid": "c3d22748-1cd9-4a3e-a655-23a872e3eee2",
29 |                 "name": "mylabeldefault",
30 |                 "issuer": "myissuer",
31 |                 "note": "",
32 |                 "favorite": false,
33 |                 "icon": null,
34 |                 "info": {
35 |                     "secret": "MYSECRET",
36 |                     "algo": "SHA1",
37 |                     "digits": 6,
38 |                     "period": 30
39 |                 },
40 |                 "groups": []
41 |             },
42 |             {
43 |                 "type": "steam",
44 |                 "uuid": "776e9abf-a0b5-4d60-98ae-6e06664e5b1e",
45 |                 "name": "Steam",
46 |                 "issuer": "Steam",
47 |                 "note": "",
48 |                 "favorite": false,
49 |                 "icon": null,
50 |                 "info": {
51 |                     "secret": "STEAMKEY",
52 |                     "algo": "SHA1",
53 |                     "digits": 5,
54 |                     "period": 30
55 |                 },
56 |                 "groups": []
57 |             }
58 |         ],
59 |         "groups": [],
60 |         "icons_optimized": true
61 |     }
62 | }


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/aegis/aegis-txt.txt:
--------------------------------------------------------------------------------
1 | otpauth://totp/myissuer%3Amylabel815256?period=15&digits=8&algorithm=SHA256&secret=MYSECRET&issuer=myissuer
2 | otpauth://totp/myissuer%3Amylabeldefault?period=30&digits=6&algorithm=SHA1&secret=MYSECRET&issuer=myissuer
3 | otpauth://steam/Steam%3ASteam?period=30&digits=5&algorithm=SHA1&secret=STEAMKEY&issuer=Steam
4 | 


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/aegis/password:
--------------------------------------------------------------------------------
1 | test


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/bitwarden/bitwarden.csv:
--------------------------------------------------------------------------------
1 | folder,favorite,type,name,login_uri,login_totp
2 | ,,1,ISSUER,,otpauth://totp/ISSUER%3ALABEL_256_8_15?secret=SECRETDATA&algorithm=SHA256&digits=8&period=15&issuer=ISSUER,ISSUER,15,8
3 | ,,1,ISSUER_DEFAULT,,otpauth://totp/ISSUER_DEFAULT%3ALABEL_DEFAULT?secret=SOMESECRET&algorithm=SHA1&digits=6&period=30&issuer=ISSUER_DEFAULT,ISSUER_DEFAULT,30,6
4 | ,,1,SteamName,,steam://STEAMKEY,SteamName,30,6
5 | ,,1,SevenDigits,,otpauth://totp/SevenDigits%3ASeven%20digit%20username?secret=SEVENDIGITSECRET&algorithm=SHA1&digits=7&period=30&issuer=SevenDigits,SevenDigits,30,7


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/bitwarden/bitwarden.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "encrypted": false,
 3 |   "items": [
 4 |     {
 5 |       "id": "37bf650d-2154-4d92-9547-d96b75a5317e",
 6 |       "name": "ISSUER",
 7 |       "folderId": null,
 8 |       "organizationId": null,
 9 |       "collectionIds": null,
10 |       "notes": null,
11 |       "type": 1,
12 |       "login": {
13 |         "totp": "otpauth://totp/ISSUER%3ALABEL_256_8_15?secret=SECRETDATA&algorithm=SHA256&digits=8&period=15&issuer=ISSUER"
14 |       },
15 |       "favorite": false
16 |     },
17 |     {
18 |       "id": "847dd7e4-22f5-4206-babb-4769539ec8ff",
19 |       "name": "ISSUER_DEFAULT",
20 |       "folderId": null,
21 |       "organizationId": null,
22 |       "collectionIds": null,
23 |       "notes": null,
24 |       "type": 1,
25 |       "login": {
26 |         "totp": "otpauth://totp/ISSUER_DEFAULT%3ALABEL_DEFAULT?secret=SOMESECRET&algorithm=SHA1&digits=6&period=30&issuer=ISSUER_DEFAULT"
27 |       },
28 |       "favorite": false
29 |     },
30 |     {
31 |       "id": "b1315dd9-28f8-4fd2-afa4-37aed632c90e",
32 |       "name": "SteamName",
33 |       "folderId": null,
34 |       "organizationId": null,
35 |       "collectionIds": null,
36 |       "notes": null,
37 |       "type": 1,
38 |       "login": {
39 |         "totp": "steam://STEAMKEY"
40 |       },
41 |       "favorite": false
42 |     },
43 |     {
44 |       "id": "72bb3758-174a-40c3-a9ea-c82cae9f5c22",
45 |       "name": "SevenDigits",
46 |       "folderId": null,
47 |       "organizationId": null,
48 |       "collectionIds": null,
49 |       "notes": null,
50 |       "type": 1,
51 |       "login": {
52 |         "totp": "otpauth://totp/SevenDigits%3ASeven%20digit%20username?secret=SEVENDIGITSECRET&algorithm=SHA1&digits=7&period=30&issuer=SevenDigits"
53 |       },
54 |       "favorite": false
55 |     }
56 |   ]
57 | }


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/bitwarden/bitwarden_sample.csv:
--------------------------------------------------------------------------------
1 | folder,favorite,type,name,notes,fields,reprompt,login_uri,login_username,login_password,login_totp
2 | ,,login,Code 2 ,,,0,,,,otpauth://totp/?secret=NDSKXJHDJNDBDBBB&issuer=Code%202%20&algorithm=SHA1&digits=6&period=30
3 | 
4 | ,,login,Code 3 ,,,0,,,,otpauth://totp/?secret=JSJZJFBBDK&issuer=Code%203%20&algorithm=SHA1&digits=6&period=30
5 | 
6 | ,,login,Code1,,,0,,,,otpauth://totp/?secret=JDKSNDJJDNDJJDBXB&issuer=Code1&algorithm=SHA1&digits=6&period=30
7 | 


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/ente/plain.txt:
--------------------------------------------------------------------------------
1 | otpauth://totp/MyLabel256_8_15?secret=JVMVGRKDKJCVI%3D%3D%3D&issuer=MyIssuer&algorithm=SHA256&digits=8&period=15&codeDisplay=%7B%22pinned%22%3Afalse%2C%22trashed%22%3Afalse%2C%22lastUsedAt%22%3A0%2C%22tapCount%22%3A0%2C%22tags%22%3A%5B%5D%2C%22note%22%3A%22%22%2C%22position%22%3A0%2C%22iconSrc%22%3A%22%22%2C%22iconID%22%3A%22%22%7D
2 | otpauth://totp/MyIssuer:MyLabelDefault?algorithm=sha1&digits=6&issuer=MyIssuer&period=30&secret=JVMVGRKDKJCVI%3D%3D%3D&codeDisplay=%7B%22pinned%22%3Afalse%2C%22trashed%22%3Afalse%2C%22lastUsedAt%22%3A0%2C%22tapCount%22%3A0%2C%22tags%22%3A%5B%5D%2C%22note%22%3A%22a+note%22%2C%22position%22%3A0%2C%22iconSrc%22%3A%22customIcon%22%2C%22iconID%22%3A%22proton%22%7D
3 | 


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/lastpass/lastpass.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "deviceId": "",
 3 |   "deviceSecret": "",
 4 |   "localDeviceId": "9dae8be5-83f1-4600-aefb-d50bafb071d1",
 5 |   "deviceName": "Google Pixel 6a",
 6 |   "version": 3,
 7 |   "accounts": [
 8 |     {
 9 |       "accountID": "c9ebcb42-6d85-4bf0-8bb4-414138c4660d",
10 |       "lmiUserId": "",
11 |       "issuerName": "issuer",
12 |       "originalIssuerName": "kekdj",
13 |       "userName": "account name default",
14 |       "originalUserName": "didjsbbidjdbdusj",
15 |       "pushNotification": false,
16 |       "secret": "BDKSIEHWBDBBDBDZBZJ",
17 |       "timeStep": 30,
18 |       "digits": 6,
19 |       "creationTimestamp": 1738075355820,
20 |       "isFavorite": false,
21 |       "algorithm": "SHA1",
22 |       "folderData": {
23 |         "folderId": 0,
24 |         "position": 0
25 |       }
26 |     },
27 |     {
28 |       "accountID": "de8cb856-d13a-4b75-a44e-2347300d7c54",
29 |       "lmiUserId": "",
30 |       "issuerName": "other",
31 |       "originalIssuerName": "other",
32 |       "userName": "",
33 |       "originalUserName": "sha256",
34 |       "pushNotification": false,
35 |       "secret": "JDJSKDKDKDKDKDKDK",
36 |       "timeStep": 20,
37 |       "digits": 8,
38 |       "creationTimestamp": 1738083300789,
39 |       "isFavorite": false,
40 |       "algorithm": "SHA256",
41 |       "folderData": {
42 |         "folderId": 0,
43 |         "position": 1
44 |       }
45 |     },
46 |     {
47 |       "accountID": "80cb78ed-46a2-4fca-bd2c-11523b1eb647",
48 |       "lmiUserId": "",
49 |       "issuerName": "",
50 |       "originalIssuerName": "",
51 |       "userName": "sha512 name",
52 |       "originalUserName": "sha512 name",
53 |       "pushNotification": false,
54 |       "secret": "JDJDDJDJUEJEBDBFNF",
55 |       "timeStep": 30,
56 |       "digits": 6,
57 |       "creationTimestamp": 1738083337090,
58 |       "isFavorite": false,
59 |       "algorithm": "SHA512",
60 |       "folderData": {
61 |         "folderId": 0,
62 |         "position": 2
63 |       }
64 |     }
65 |   ],
66 |   "folders": [
67 |     {
68 |       "id": 1,
69 |       "name": "Favorites",
70 |       "isOpened": true
71 |     },
72 |     {
73 |       "id": 0,
74 |       "name": "Other accounts",
75 |       "isOpened": true
76 |     }
77 |   ],
78 |   "backupInfo": {
79 |     "creationDate": "2025-01-28T16:55:54.040",
80 |     "deviceOS": "android",
81 |     "appVersion": "2.21.3"
82 |   }
83 | }
84 | 


--------------------------------------------------------------------------------
/proton-authenticator/test_data/authenticator/lastpass/lastpass_ios_export.json:
--------------------------------------------------------------------------------
1 | {"deviceName":"iPhone16,1","localDeviceId":null,"accounts":[{"originalIssuerName":"code 1 lastpass","isFavorite":false,"lmiUserId":"","digits":6,"accountID":"","creationTimestamp":1746694099,"algorithm":"SHA1","originalUserName":"snjxxndjbdbdb","folderData":{"folderId":0,"position":0},"timeStep":30,"userName":"snjxxndjbdbdb","issuerName":"code 1 lastpass","secret":"MDLAXBJJZBXBXZJZBBZBB"},{"accountID":"","userName":"ndjdbxxnbcb","creationTimestamp":1746694123,"originalIssuerName":"code2 lastpass","isFavorite":false,"timeStep":30,"issuerName":"code2 lastpass","folderData":{"folderId":0,"position":1},"originalUserName":"ndjdbxxnbcb","lmiUserId":"","secret":"KSJFBDJDBXJBXJXBXJ","digits":6,"algorithm":"SHA1"}],"folders":[{"id":1,"isOpened":true,"name":"Favorites"},{"isOpened":true,"name":"Other Accounts","id":0}],"version":1}


--------------------------------------------------------------------------------
/proton-pass-common/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-pass-common"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | [lib]
 7 | doctest = false
 8 | 
 9 | [dependencies]
10 | proton-pass-derive = { path = "../proton-pass-derive" }
11 | proton-pass-totp = { path = "../proton-pass-totp" }
12 | 
13 | serde.workspace = true
14 | serde_json.workspace = true
15 | 
16 | async-trait = "0.1.87"
17 | coset = "0.3.8"
18 | email_address = "0.2.9"
19 | file-format = { version = "0.26.0", features = ["reader"] }
20 | lazy_static = "1.5.0"
21 | luhn = "1.0.1"
22 | passkey = "0.4.0"
23 | passkey-authenticator = "0.4.0"
24 | passkey-types = { version = "0.4.0", features = ["serialize_bytes_as_base64_string"] }
25 | public-suffix = "0.1.2"
26 | rand = "0.9.0"
27 | regex-lite = "0.1.6"
28 | rmp-serde = "1.3.0"
29 | url = "2.5.4"
30 | qrcode = "0.14.1"
31 | 
32 | [target.'cfg(target_arch = "wasm32")'.dependencies]
33 | getrandom = { version = "0.3.1", features = ["wasm_js"] }
34 | 
35 | [dev-dependencies]
36 | criterion.workspace = true
37 | tokio.workspace = true
38 | 
39 | [[bench]]
40 | name = "card_detector"
41 | harness = false
42 | 
43 | [[bench]]
44 | name = "password_scorer"
45 | harness = false
46 | 


--------------------------------------------------------------------------------
/proton-pass-common/benches/card_detector.rs:
--------------------------------------------------------------------------------
 1 | use criterion::{black_box, criterion_group, criterion_main, Criterion};
 2 | use proton_pass_common::creditcard::CreditCardDetector;
 3 | 
 4 | fn card_detector(c: &mut Criterion) {
 5 |     let detector = CreditCardDetector::default();
 6 |     c.bench_function("detect unknown card", |b| b.iter(|| black_box(detector.detect("1"))));
 7 |     c.bench_function("detect visa card", |b| {
 8 |         b.iter(|| black_box(detector.detect("4111111111111111")))
 9 |     });
10 | }
11 | 
12 | criterion_group!(benches, card_detector);
13 | criterion_main!(benches);
14 | 


--------------------------------------------------------------------------------
/proton-pass-common/benches/password_scorer.rs:
--------------------------------------------------------------------------------
 1 | use criterion::{black_box, criterion_group, criterion_main, Criterion};
 2 | use proton_pass_common::password::check_score;
 3 | 
 4 | fn password_scorer(c: &mut Criterion) {
 5 |     c.bench_function("score weak password", |b| b.iter(|| black_box(check_score("qwerty"))));
 6 |     c.bench_function("score strong password", |b| {
 7 |         b.iter(|| black_box(check_score("o4L7^_*[Ai!9Hf4-_5g^T")))
 8 |     });
 9 | }
10 | 
11 | criterion_group!(benches, password_scorer);
12 | criterion_main!(benches);
13 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/alias_prefix.rs:
--------------------------------------------------------------------------------
 1 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 2 | pub enum AliasPrefixError {
 3 |     TwoConsecutiveDots,
 4 |     InvalidCharacter,
 5 |     DotAtTheBeginning,
 6 |     DotAtTheEnd,
 7 |     PrefixTooLong,
 8 |     PrefixEmpty,
 9 | }
10 | pub const MAX_PREFIX_LENGTH: usize = 40;
11 | 
12 | pub fn validate_alias_prefix(prefix: &str) -> Result<(), AliasPrefixError> {
13 |     if prefix.is_empty() {
14 |         return Err(AliasPrefixError::PrefixEmpty);
15 |     }
16 | 
17 |     if prefix.len() >= MAX_PREFIX_LENGTH {
18 |         return Err(AliasPrefixError::PrefixTooLong);
19 |     }
20 | 
21 |     if prefix.contains("..") {
22 |         return Err(AliasPrefixError::TwoConsecutiveDots);
23 |     }
24 | 
25 |     if prefix.starts_with('.') {
26 |         return Err(AliasPrefixError::DotAtTheBeginning);
27 |     }
28 | 
29 |     if prefix.ends_with('.') {
30 |         return Err(AliasPrefixError::DotAtTheEnd);
31 |     }
32 | 
33 |     let valid_characters = [
34 |         '_', '-', '.', 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', 'q', 'r', 's',
35 |         't', 'u', 'v', 'w', 'x', 'y', 'z', '0', '1', '2', '3', '4', '5', '6', '7', '8', '9',
36 |     ];
37 | 
38 |     if !prefix.chars().all(|c| valid_characters.contains(&c)) {
39 |         Err(AliasPrefixError::InvalidCharacter)
40 |     } else {
41 |         Ok(())
42 |     }
43 | }
44 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/creditcard/mod.rs:
--------------------------------------------------------------------------------
1 | pub mod detector;
2 | 
3 | pub use detector::*;
4 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/domain.rs:
--------------------------------------------------------------------------------
 1 | use public_suffix::{EffectiveTLDProvider, Error, DEFAULT_PROVIDER};
 2 | 
 3 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 4 | pub enum GetRootDomainError {
 5 |     CannotGetDomain,
 6 |     EmptyLabel,
 7 |     InvalidPublicSuffix,
 8 | }
 9 | 
10 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
11 | pub enum GetDomainError {
12 |     ParseError,
13 |     UrlHasNoDomain,
14 | }
15 | 
16 | pub fn get_domain(input: &str) -> Result<String, GetDomainError> {
17 |     match url::Url::parse(input) {
18 |         Ok(u) => match u.domain() {
19 |             Some(d) => Ok(d.to_string()),
20 |             None => Err(GetDomainError::UrlHasNoDomain),
21 |         },
22 |         Err(e) => match e {
23 |             url::ParseError::RelativeUrlWithoutBase => get_domain(&format!("https://{input}")),
24 |             _ => Err(GetDomainError::ParseError),
25 |         },
26 |     }
27 | }
28 | 
29 | pub fn get_root_domain(input: &str) -> Result<String, GetRootDomainError> {
30 |     match get_domain(input) {
31 |         Ok(domain) => match DEFAULT_PROVIDER.effective_tld_plus_one(&domain) {
32 |             Ok(d) => Ok(d.to_string()),
33 |             Err(e) => match e {
34 |                 Error::CannotDeriveETldPlus1 => Err(GetRootDomainError::CannotGetDomain),
35 |                 Error::EmptyLabel => Err(GetRootDomainError::EmptyLabel),
36 |                 Error::InvalidPublicSuffix => Err(GetRootDomainError::InvalidPublicSuffix),
37 |                 _ => Err(GetRootDomainError::CannotGetDomain),
38 |             },
39 |         },
40 |         Err(_) => Err(GetRootDomainError::CannotGetDomain),
41 |     }
42 | }
43 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/email.rs:
--------------------------------------------------------------------------------
1 | pub fn is_email_valid(email: &str) -> bool {
2 |     email_address::EmailAddress::is_valid(email)
3 | }
4 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/file/mod.rs:
--------------------------------------------------------------------------------
 1 | use file_format::FileFormat;
 2 | 
 3 | mod associations;
 4 | 
 5 | // External file, do not complain about lint
 6 | #[allow(dead_code)]
 7 | mod sanitize_filename;
 8 | 
 9 | #[derive(Clone, Copy, Debug, PartialEq, Eq, serde::Deserialize, serde::Serialize)]
10 | pub enum FileGroup {
11 |     Image,
12 |     Photo,
13 |     VectorImage,
14 |     Video,
15 |     Audio,
16 |     Key,
17 |     Text,
18 |     Calendar,
19 |     Pdf,
20 |     Word,
21 |     PowerPoint,
22 |     Excel,
23 |     Document,
24 |     Unknown,
25 | }
26 | 
27 | pub fn get_mime_type_from_content(input: &[u8]) -> String {
28 |     let format = FileFormat::from_bytes(input);
29 |     adapt(format.media_type())
30 | }
31 | 
32 | pub fn get_file_group_from_mime_type(mime_type: &str) -> FileGroup {
33 |     let as_lower = mime_type.to_lowercase();
34 |     let decoded = associations::FILE_GROUP_MAP
35 |         .get(&as_lower)
36 |         .cloned()
37 |         .unwrap_or(FileGroup::Unknown);
38 | 
39 |     if FileGroup::Unknown == decoded {
40 |         get_file_group_from_heuristics(&as_lower)
41 |     } else {
42 |         decoded
43 |     }
44 | }
45 | 
46 | fn adapt(media_type: &str) -> String {
47 |     match media_type {
48 |         "application/mp4" => "video/mp4",
49 |         _ => media_type,
50 |     }
51 |     .to_string()
52 | }
53 | 
54 | fn get_file_group_from_heuristics(mime_type: &str) -> FileGroup {
55 |     let first_part = mime_type.split('/').next().unwrap_or("");
56 |     match first_part {
57 |         "image" => FileGroup::Image,
58 |         "video" => FileGroup::Video,
59 |         "audio" => FileGroup::Audio,
60 |         "text" => FileGroup::Text,
61 |         _ => FileGroup::Unknown,
62 |     }
63 | }
64 | 
65 | pub fn sanitize_name(name: &str, windows: bool) -> String {
66 |     let options = sanitize_filename::Options {
67 |         windows,
68 |         truncate: true, // Truncates to 255 bytes
69 |         replacement: "",
70 |     };
71 |     sanitize_filename::sanitize_with_options(name, options)
72 | }
73 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/invite.rs:
--------------------------------------------------------------------------------
 1 | pub fn create_signature_body(email: &str, vault_key: Vec<u8>) -> Vec<u8> {
 2 |     let mut res = Vec::new();
 3 | 
 4 |     let email_as_bytes = email.as_bytes().to_vec();
 5 |     res.extend(&email_as_bytes);
 6 |     res.push(b'|');
 7 |     res.extend(&vault_key);
 8 | 
 9 |     res
10 | }
11 | 
12 | #[cfg(test)]
13 | mod test {
14 |     use super::*;
15 | 
16 |     #[test]
17 |     fn happy_path() {
18 |         let res = create_signature_body("test", vec![0x12, 0x34, 0x56]);
19 |         assert_eq!(vec![b't', b'e', b's', b't', b'|', 0x12, 0x34, 0x56], res);
20 |     }
21 | 
22 |     #[test]
23 |     fn empty_email() {
24 |         let vault_key = 0x12;
25 |         let res = create_signature_body("", vec![vault_key]);
26 |         assert_eq!(vec![b'|', vault_key], res);
27 |     }
28 | 
29 |     #[test]
30 |     fn empty_vault_key() {
31 |         let email = "test@test.test";
32 |         let res = create_signature_body(email, vec![]);
33 |         let mut expected = email.as_bytes().to_vec();
34 |         expected.push(b'|');
35 |         assert_eq!(expected, res);
36 |     }
37 | 
38 |     #[test]
39 |     fn empty_email_and_vault_key() {
40 |         let res = create_signature_body("", vec![]);
41 |         assert_eq!(vec![b'|'], res);
42 |     }
43 | }
44 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/lib.rs:
--------------------------------------------------------------------------------
 1 | pub mod alias_prefix;
 2 | pub mod creditcard;
 3 | pub mod domain;
 4 | pub mod email;
 5 | pub mod file;
 6 | pub mod host;
 7 | pub mod invite;
 8 | pub mod login;
 9 | pub mod passkey;
10 | pub use passkey_types;
11 | pub mod password;
12 | pub mod qr;
13 | pub mod twofa;
14 | pub mod wifi;
15 | 
16 | pub fn library_version() -> String {
17 |     env!("CARGO_PKG_VERSION").to_string()
18 | }
19 | 
20 | pub use proton_pass_totp as totp;
21 | pub use qrcode;
22 | pub use url;
23 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/login.rs:
--------------------------------------------------------------------------------
 1 | #![allow(dead_code, unused_variables)]
 2 | 
 3 | use proton_pass_derive::Error;
 4 | 
 5 | pub struct Login {
 6 |     pub title: String,
 7 |     pub username: String,
 8 |     pub password: String,
 9 |     pub totp: Option<String>,
10 |     pub urls: Vec<String>,
11 | }
12 | 
13 | #[derive(Debug, Error, PartialEq, Eq)]
14 | pub enum LoginError {
15 |     InvalidTOTP,
16 |     InvalidURL,
17 | }
18 | 
19 | pub fn validate_login(login: Login) -> Result<(), LoginError> {
20 |     Err(LoginError::InvalidTOTP)
21 | }
22 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/passkey/mod.rs:
--------------------------------------------------------------------------------
 1 | mod generate;
 2 | mod parser;
 3 | mod passkey_handling;
 4 | mod protonpasskey;
 5 | mod protonpasskeydeserializer;
 6 | mod protonpasskeyserializer;
 7 | mod resolve;
 8 | 
 9 | pub use generate::{
10 |     generate_passkey_for_domain, generate_passkey_for_ios, parse_create_passkey_data, CreatePasskeyData,
11 |     CreatePasskeyIosRequest, CreatePasskeyResponse,
12 | };
13 | pub use protonpasskey::ProtonPassKey;
14 | pub use resolve::{
15 |     resolve_challenge_for_android, resolve_challenge_for_domain, resolve_challenge_for_ios,
16 |     AuthenticateWithPasskeyAndroidRequest, AuthenticateWithPasskeyIosRequest, AuthenticateWithPasskeyIosResponse,
17 |     ResolveChallengeResponse,
18 | };
19 | 
20 | pub type PasskeyResult<T> = Result<T, PasskeyError>;
21 | 
22 | #[derive(Clone, Debug, proton_pass_derive::Error)]
23 | pub enum PasskeyError {
24 |     InvalidUri(String),
25 |     RuntimeError(String),
26 |     GenerationError(String),
27 |     ResolveChallengeError(String),
28 |     SerializationError(String),
29 | }
30 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/passkey/parser/equal_sign.rs:
--------------------------------------------------------------------------------
 1 | use super::PasskeySanitizer;
 2 | 
 3 | pub struct EqualSignSanitizer;
 4 | 
 5 | impl PasskeySanitizer for EqualSignSanitizer {
 6 |     fn should_sanitize(&self, _: Option<&str>, request: &str) -> bool {
 7 |         request.contains("\\u003d")
 8 |     }
 9 | 
10 |     fn sanitize(&self, request: &str) -> String {
11 |         request.replace("\\u003d", "=")
12 |     }
13 | }
14 | 
15 | #[cfg(test)]
16 | mod tests {
17 |     use super::*;
18 |     #[test]
19 |     fn performs_replace() {
20 |         let input = "ABC\\u003dABC";
21 |         let expected = "ABC=ABC";
22 |         assert_ne!(input, expected);
23 | 
24 |         let res = EqualSignSanitizer.sanitize(input);
25 |         assert_eq!("ABC=ABC", res);
26 |     }
27 | }
28 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/passkey/parser/sanitize.rs:
--------------------------------------------------------------------------------
 1 | use super::{cvs, ebay, equal_sign, paypal, swissid};
 2 | 
 3 | pub trait PasskeySanitizer {
 4 |     fn should_sanitize(&self, url: Option<&str>, request: &str) -> bool;
 5 |     fn sanitize(&self, request: &str) -> String;
 6 | }
 7 | 
 8 | lazy_static::lazy_static! {
 9 |     static ref SANITIZERS: Vec<Box<dyn PasskeySanitizer + Send + Sync>> = vec![
10 |         Box::new(equal_sign::EqualSignSanitizer),
11 |         Box::new(paypal::PaypalSanitizer),
12 |         Box::new(ebay::EbaySanitizer),
13 |         Box::new(cvs::CvsSanitizer),
14 |         Box::new(swissid::SwissIdSanitizer)
15 |     ];
16 | }
17 | 
18 | pub fn sanitize_request(request: &str, url: Option<&str>) -> String {
19 |     let mut content = request.to_string();
20 |     for sanitizer in SANITIZERS.iter() {
21 |         if sanitizer.should_sanitize(url, &content) {
22 |             content = sanitizer.sanitize(&content);
23 |         }
24 |     }
25 |     content
26 | }
27 | 
28 | #[cfg(test)]
29 | mod test {
30 |     use super::*;
31 | 
32 |     #[test]
33 |     fn test_can_sanitize_empty_request() {
34 |         assert_eq!("", sanitize_request("", None));
35 |     }
36 | 
37 |     #[test]
38 |     fn test_sanitize_leaves_correct_request_as_is() {
39 |         let input = r#"
40 |         {"attestation":"none","authenticatorSelection":{"residentKey":"preferred","userVerification":"preferred"},"challenge":"qEb-L-3-cp65J8-VJlZACfzVeB98j2AUY-JexPTBiqBrLyec9XozWpy3SHo84UTtEAztuUVuRCwg0aF9zaE1JA","excludeCredentials":[],"extensions":{"credProps":true},"pubKeyCredParams":[{"alg":-7,"type":"public-key"},{"alg":-257,"type":"public-key"}],"rp":{"id":"protonpass.github.io","name":"protonpass.github.io"},"user":{"displayName":"test","id":"Y21WeVpYSmw","name":"test"}}
41 |         "#;
42 |         let sanitized = sanitize_request(input, None);
43 |         assert_eq!(sanitized, input);
44 |     }
45 | }
46 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/password/mod.rs:
--------------------------------------------------------------------------------
 1 | mod analyzer;
 2 | mod password_generator;
 3 | mod scorer;
 4 | 
 5 | use password_generator::PasswordGenerator;
 6 | use proton_pass_derive::Error;
 7 | use rand::{rng, rngs::ThreadRng};
 8 | pub use scorer::*;
 9 | 
10 | type ProductionPasswordGenerator = PasswordGenerator<ThreadRng>;
11 | 
12 | #[derive(Debug, Error)]
13 | pub enum PasswordGeneratorError {
14 |     FailToGenerate(String),
15 | }
16 | 
17 | pub struct RandomPasswordConfig {
18 |     pub length: u32,
19 |     pub numbers: bool,
20 |     pub uppercase_letters: bool,
21 |     pub symbols: bool,
22 | }
23 | 
24 | pub struct PassphraseConfig {
25 |     pub separator: WordSeparator,
26 |     pub capitalise: bool,
27 |     pub include_numbers: bool,
28 |     pub count: u32,
29 | }
30 | 
31 | pub enum WordSeparator {
32 |     Hyphens,
33 |     Spaces,
34 |     Periods,
35 |     Commas,
36 |     Underscores,
37 |     Numbers,
38 |     NumbersAndSymbols,
39 | }
40 | 
41 | impl WordSeparator {
42 |     pub fn all() -> Vec<WordSeparator> {
43 |         vec![
44 |             WordSeparator::Hyphens,
45 |             WordSeparator::Spaces,
46 |             WordSeparator::Periods,
47 |             WordSeparator::Commas,
48 |             WordSeparator::Underscores,
49 |             WordSeparator::Numbers,
50 |             WordSeparator::NumbersAndSymbols,
51 |         ]
52 |     }
53 | }
54 | 
55 | pub fn get_generator() -> ProductionPasswordGenerator {
56 |     PasswordGenerator::new(rng())
57 | }
58 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/qr.rs:
--------------------------------------------------------------------------------
1 | use qrcode::render::svg;
2 | use qrcode::QrResult;
3 | 
4 | pub fn generate_svg_qr_code(value: &str) -> QrResult<String> {
5 |     let code = qrcode::QrCode::new(value)?;
6 |     let svg = code.render::<svg::Color>().build();
7 |     Ok(svg)
8 | }
9 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/twofa.rs:
--------------------------------------------------------------------------------
 1 | use public_suffix::{EffectiveTLDProvider, DEFAULT_PROVIDER};
 2 | use std::collections::HashSet;
 3 | use std::env;
 4 | 
 5 | include!(concat!(env!("OUT_DIR"), "/twofa_domains.rs"));
 6 | 
 7 | lazy_static::lazy_static! {
 8 |     static ref DOMAINS: HashSet<String> = {
 9 |         let mut set = HashSet::new();
10 |         TWOFA_DOMAINS.iter().for_each(|s| {
11 |             set.insert(s.to_string());
12 |         });
13 |         set
14 |     };
15 | }
16 | 
17 | pub struct TwofaDomainChecker;
18 | 
19 | impl TwofaDomainChecker {
20 |     pub fn twofa_domain_eligible(term: &str) -> bool {
21 |         if DOMAINS.contains(term) {
22 |             true
23 |         } else {
24 |             match crate::domain::get_root_domain(term) {
25 |                 Ok(domain) => match DEFAULT_PROVIDER.effective_tld_plus_one(&domain) {
26 |                     Ok(d) => DOMAINS.contains(d),
27 |                     Err(_) => false,
28 |                 },
29 |                 Err(_) => false,
30 |             }
31 |         }
32 |     }
33 | }
34 | 


--------------------------------------------------------------------------------
/proton-pass-common/src/wifi.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_derive::Error;
 2 | 
 3 | #[derive(Debug, Error, PartialEq, Eq)]
 4 | pub enum WifiSecurity {
 5 |     Unspecified,
 6 |     WPA,
 7 |     WPA2,
 8 |     WPA3,
 9 |     WEP,
10 | }
11 | 
12 | impl WifiSecurity {
13 |     fn value(&self) -> &'static str {
14 |         match self {
15 |             WifiSecurity::Unspecified => "WPA2", // Defaulting to WPA2
16 |             WifiSecurity::WPA => "WPA",
17 |             WifiSecurity::WPA2 => "WPA2",
18 |             WifiSecurity::WPA3 => "WPA3",
19 |             WifiSecurity::WEP => "WEP",
20 |         }
21 |     }
22 | }
23 | 
24 | #[derive(Debug, Error, PartialEq, Eq)]
25 | pub enum WifiError {
26 |     EmptySSID,
27 | }
28 | 
29 | pub fn generate_wifi_uri(ssid: &str, password: &str, security: WifiSecurity) -> Result<String, WifiError> {
30 |     if ssid.is_empty() {
31 |         return Err(WifiError::EmptySSID);
32 |     }
33 | 
34 |     if password.is_empty() {
35 |         return Ok(format!("WIFI:S:{};T:nopass;;", ssid));
36 |     }
37 |     Ok(format!("WIFI:S:{};T:{};P:{};;", ssid, security.value(), password))
38 | }
39 | 
40 | #[cfg(test)]
41 | mod test {
42 |     use super::*;
43 | 
44 |     #[test]
45 |     fn empty_ssid() {
46 |         let result = generate_wifi_uri("", "some password", WifiSecurity::WPA);
47 |         assert_eq!(result, Err(WifiError::EmptySSID))
48 |     }
49 | 
50 |     #[test]
51 |     fn empty_password() {
52 |         let result = generate_wifi_uri("my_ssid", "", WifiSecurity::WPA2);
53 |         assert_eq!(result, Ok("WIFI:S:my_ssid;T:nopass;;".to_string()));
54 |     }
55 | 
56 |     #[test]
57 |     fn securities() {
58 |         let unspecified = generate_wifi_uri("my_ssid", "my_password", WifiSecurity::Unspecified);
59 |         assert_eq!(unspecified, Ok("WIFI:S:my_ssid;T:WPA2;P:my_password;;".to_string()));
60 | 
61 |         let wpa = generate_wifi_uri("my_ssid", "my_password", WifiSecurity::WPA);
62 |         assert_eq!(wpa, Ok("WIFI:S:my_ssid;T:WPA;P:my_password;;".to_string()));
63 | 
64 |         let wpa2 = generate_wifi_uri("my_ssid", "my_password", WifiSecurity::WPA2);
65 |         assert_eq!(wpa2, Ok("WIFI:S:my_ssid;T:WPA2;P:my_password;;".to_string()));
66 | 
67 |         let wpa3 = generate_wifi_uri("my_ssid", "my_password", WifiSecurity::WPA3);
68 |         assert_eq!(wpa3, Ok("WIFI:S:my_ssid;T:WPA3;P:my_password;;".to_string()));
69 | 
70 |         let wep = generate_wifi_uri("my_ssid", "my_password", WifiSecurity::WEP);
71 |         assert_eq!(wep, Ok("WIFI:S:my_ssid;T:WEP;P:my_password;;".to_string()));
72 |     }
73 | }
74 | 


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/pgpkey.private:
--------------------------------------------------------------------------------
 1 | -----BEGIN PGP PRIVATE KEY BLOCK-----
 2 | 
 3 | lFgEZ0W4vxYJKwYBBAHaRw8BAQdAcssmzg1BEPggAIuOkyzhDB1SRXMacevY7DgV
 4 | XQB1YiQAAPwLdSYoKGrfVYARdMkH1alTkKcqBu+3wqhTfQIumSh9Jg4RtBpUZXN0
 5 | aW5nIDx0ZXN0QGV4YW1wbGUuY29tPoiQBBMWCAA4FiEE7YkTqIjTh7ci1Vy6lIuC
 6 | FuWtEqQFAmdFuL8CGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQlIuCFuWt
 7 | EqRqCQEAyLFgtSi+T1Kg3770k/f/UIX/T2KLI3i6vzfjB9YzhTIBAI1VskwApqQz
 8 | BoD5Cux5Sex5xxe/J5xNErALr0VmVRkNnF0EZ0W4vxIKKwYBBAGXVQEFAQEHQB4t
 9 | nlTTM4C7mQ9JvejnCE0R7RxoxkemB261y3rS0b9qAwEIBwAA/31Kt9dB784pnt32
10 | EW9igsW5WgnfGoyt7pH950lJmoI4EqyIeAQYFggAIBYhBO2JE6iI04e3ItVcupSL
11 | ghblrRKkBQJnRbi/AhsMAAoJEJSLghblrRKkUn4BAKy8VH1tXZx49C2MfjxngpKC
12 | oKz54gjkExvK5mUWAymxAQC63OP7iMWlk544xMdQbQqPQ4kiPJhYBscXaHTs/UID
13 | Aw==
14 | =T80T
15 | -----END PGP PRIVATE KEY BLOCK-----
16 | 


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/pgpkey.pub:
--------------------------------------------------------------------------------
 1 | -----BEGIN PGP PUBLIC KEY BLOCK-----
 2 | 
 3 | mDMEZ0W4vxYJKwYBBAHaRw8BAQdAcssmzg1BEPggAIuOkyzhDB1SRXMacevY7DgV
 4 | XQB1YiS0GlRlc3RpbmcgPHRlc3RAZXhhbXBsZS5jb20+iJAEExYIADgWIQTtiROo
 5 | iNOHtyLVXLqUi4IW5a0SpAUCZ0W4vwIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIX
 6 | gAAKCRCUi4IW5a0SpGoJAQDIsWC1KL5PUqDfvvST9/9Qhf9PYosjeLq/N+MH1jOF
 7 | MgEAjVWyTACmpDMGgPkK7HlJ7HnHF78nnE0SsAuvRWZVGQ24OARnRbi/EgorBgEE
 8 | AZdVAQUBAQdAHi2eVNMzgLuZD0m96OcITRHtHGjGR6YHbrXLetLRv2oDAQgHiHgE
 9 | GBYIACAWIQTtiROoiNOHtyLVXLqUi4IW5a0SpAUCZ0W4vwIbDAAKCRCUi4IW5a0S
10 | pFJ+AQCsvFR9bV2cePQtjH48Z4KSgqCs+eII5BMbyuZlFgMpsQEAutzj+4jFpZOe
11 | OMTHUG0Kj0OJIjyYWAbHF2h07P1CAwM=
12 | =/YZP
13 | -----END PGP PUBLIC KEY BLOCK-----
14 | 


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample-unclosed.svg:
--------------------------------------------------------------------------------
1 | <?xml version="1.0"?><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1700 1700"><path d="m560.95 1412.7h74.09l247.37-479.88 203.5 479.88h71.33l422.78-972.73c23.7-54.57 69.9-87.34 119-94
2 | 


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.avi:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.avi


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.docx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.docx


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.garbage:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.garbage


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.ics:
--------------------------------------------------------------------------------
 1 | BEGIN:VCALENDAR
 2 | VERSION:2.0
 3 | PRODID:Calendar
 4 | CALSCALE:GREGORIAN
 5 | METHOD:PUBLISH
 6 | BEGIN:VTIMEZONE
 7 | TZID:America/Los_Angeles
 8 | END:VTIMEZONE
 9 | BEGIN:VEVENT
10 | SUMMARY:Example Event
11 | UID:@Default
12 | SEQUENCE:0
13 | STATUS:CONFIRMED
14 | TRANSP:TRANSPARENT
15 | DTSTART;TZID=America/Los_Angeles:20200101T170000
16 | DTEND;TZID=America/Los_Angeles:20200105T020000
17 | DTSTAMP:20241126T132600
18 | LOCATION:Washington State Convention Center\n705 Pike St, Seattle, WA
19 | DESCRIPTION:This is the event description
20 | END:VEVENT
21 | END:VCALENDAR
22 | 


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.jpg


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.mp3:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.mp3


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.mp4:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.mp4


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.pages:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.pages


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.pdf:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.pdf


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.png


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.rar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.rar


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.svg:
--------------------------------------------------------------------------------
1 | <?xml version="1.0"?><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 1700 1700"><path d="m560.95 1412.7h74.09l247.37-479.88 203.5 479.88h71.33l422.78-972.73c23.7-54.57 69.9-87.34 119-94.76v-57.933h-341.86v57.953c45.36 10.09 93.51 27.09 114.92 74.961l-310.44 716.06c-56.12-119.35-113.66-249.77-168.58-379.92 56.685-120.43 102.98-232.29 172.52-342.22 40.656-64.68 106.63-66.2 140.63-69.38v-57.45h-363.4v57.45c45.34.045 139.69 4.078 97.62 92.49l-105.39 221.59-111.63-246.49c-17.379-38.38 16.38-63.95 71.49-66.997l-.405-57.993h-408.98v57.45c48.728 1.601 117.43 1.34 142.79 42.655 78.09 143.45 130.3 292.46 201.49 438.72l-184.22 344.49-309.64-711.78c-34.892-80.21 47.945-106.05 101.76-112.75l-.605-58.794h-436.06v57.45c60.21 19.908 137.88 109.48 159.56 154.81 162.89 340.7 244.91 569.12 400.39 913.18z"/></svg>


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.txt:
--------------------------------------------------------------------------------
1 | some text


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.wav:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.wav


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.xlsx:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.xlsx


--------------------------------------------------------------------------------
/proton-pass-common/test_data/file_format/sample.zip:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-common/test_data/file_format/sample.zip


--------------------------------------------------------------------------------
/proton-pass-common/tests/alias_prefix_valid.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::alias_prefix::*;
 2 | 
 3 | fn verify(prefix: &str) {
 4 |     let result = validate_alias_prefix(prefix);
 5 |     if result.is_err() {
 6 |         panic!("{} should be valid", prefix);
 7 |     }
 8 | }
 9 | fn verify_error(prefix: &str, expected: AliasPrefixError) {
10 |     let err = validate_alias_prefix(prefix).unwrap_err();
11 |     assert_eq!(expected, err);
12 | }
13 | 
14 | #[test]
15 | fn valid() {
16 |     verify("abc");
17 |     verify("ab.c");
18 |     verify("a_1-b.c");
19 | }
20 | #[test]
21 | fn empty() {
22 |     verify_error("", AliasPrefixError::PrefixEmpty);
23 | }
24 | 
25 | #[test]
26 | fn dot_at_the_beginning() {
27 |     verify_error(".a.b.c", AliasPrefixError::DotAtTheBeginning);
28 | }
29 | 
30 | #[test]
31 | fn dot_at_the_end() {
32 |     verify_error("a.b.c.", AliasPrefixError::DotAtTheEnd);
33 | }
34 | 
35 | #[test]
36 | fn too_long() {
37 |     verify_error(
38 |         "abchduwjqkiduthqjcmdutiepqkajcmdhutjfij2",
39 |         AliasPrefixError::PrefixTooLong,
40 |     );
41 | }
42 | 
43 | #[test]
44 | fn two_consecutive_dots() {
45 |     verify_error("a..b.c", AliasPrefixError::TwoConsecutiveDots);
46 | }
47 | 
48 | #[test]
49 | fn invalid_character() {
50 |     verify_error("8a^ka", AliasPrefixError::InvalidCharacter);
51 | }
52 | 


--------------------------------------------------------------------------------
/proton-pass-common/tests/domain.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::domain::{get_domain, get_root_domain, GetRootDomainError};
 2 | 
 3 | #[macro_export]
 4 | macro_rules! map (
 5 |     {$($key:expr => $value:expr), + } => {
 6 |         {
 7 |             let mut m = std::collections::HashMap::new();
 8 |             $(
 9 |                 m.insert($key, $value);
10 |              )+
11 |             m
12 |         }
13 |     };
14 | );
15 | 
16 | #[test]
17 | fn can_extract_root_domain() {
18 |     let input = "test.proton.me";
19 |     let res = get_root_domain(input).expect("should be able to extract domain");
20 |     assert_eq!("proton.me", res);
21 | }
22 | 
23 | #[test]
24 | fn can_extract_root_domain_from_url() {
25 |     let input = "https://test.proton.me";
26 |     let res = get_root_domain(input).expect("should be able to extract domain");
27 |     assert_eq!("proton.me", res);
28 | }
29 | 
30 | #[test]
31 | fn returns_error_on_empty_string() {
32 |     let err = get_root_domain("").expect_err("should return an error");
33 |     assert!(matches!(err, GetRootDomainError::CannotGetDomain));
34 | }
35 | 
36 | #[test]
37 | fn does_not_return_error_on_unknown_tld() {
38 |     let input = "random.abcdefghijkl";
39 |     let res = get_root_domain(input).expect("sohuld not return an error");
40 |     assert_eq!(input, res);
41 | }
42 | 
43 | #[test]
44 | fn can_extract_root_domain_without_path() {
45 |     let input = "https://test.some.subdomain.proton.me/path?key=value";
46 |     let res = get_root_domain(input).expect("should be able to extract domain");
47 |     assert_eq!("proton.me", res);
48 | }
49 | 
50 | #[test]
51 | fn can_extract_domain() {
52 |     let cases = map!(
53 |         "proton.me" => "proton.me",
54 |         "www.proton.me" => "www.proton.me",
55 |         "https://proton.me" => "proton.me",
56 |         "https://www.proton.me" => "www.proton.me",
57 |         "https://some.random.domain.proton.me" => "some.random.domain.proton.me",
58 |         "proton.me/path?key=value" => "proton.me",
59 |         "random.domain.proton.me/path?key=value" => "random.domain.proton.me"
60 |     );
61 | 
62 |     for (case, expected) in cases {
63 |         let res = get_domain(case).unwrap_or_else(|e| panic!("should be able to get domain for {case}: {:?}", e));
64 |         assert_eq!(expected, res, "expected {expected} got {res}");
65 |     }
66 | }
67 | 


--------------------------------------------------------------------------------
/proton-pass-common/tests/email_valid.rs:
--------------------------------------------------------------------------------
1 | use proton_pass_common::email;
2 | 
3 | #[test]
4 | fn without_at() {
5 |     assert!(!email::is_email_valid("test.com"))
6 | }
7 | 


--------------------------------------------------------------------------------
/proton-pass-common/tests/file.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::file::get_mime_type_from_content;
 2 | 
 3 | fn get_file_contents(name: &str) -> Vec<u8> {
 4 |     let crate_path = std::path::Path::new(env!("CARGO_MANIFEST_DIR"));
 5 |     let file_path = crate_path.join("test_data").join("file_format").join(name);
 6 | 
 7 |     std::fs::read(&file_path).unwrap_or_else(|_| panic!("cannot open {}", file_path.display()))
 8 | }
 9 | 
10 | macro_rules! mime_type_test {
11 |     ($($name:ident: $value:expr,)*) => {
12 |     $(
13 |         #[test]
14 |         fn $name() {
15 |             let (path, expected) = $value;
16 |             let contents = get_file_contents(path);
17 |             let res = get_mime_type_from_content(&contents);
18 |             assert_eq!(res, expected);
19 |         }
20 |     )*
21 |     }
22 | }
23 | 
24 | mime_type_test! {
25 |     txt: ("sample.txt", "text/plain"),
26 |     wav: ("sample.wav", "audio/vnd.wave"),
27 |     jpg: ("sample.jpg", "image/jpeg"),
28 |     png: ("sample.png", "image/png"),
29 |     svg: ("sample.svg", "image/svg+xml"),
30 |     unclosed_svg: ("sample-unclosed.svg", "image/svg+xml"),
31 |     mp3: ("sample.mp3", "audio/mpeg"),
32 |     pgp_public: ("pgpkey.pub", "application/pgp-keys"),
33 |     pgp_private: ("pgpkey.private", "application/pgp-keys"),
34 |     zip: ("sample.zip", "application/zip"),
35 |     rar: ("sample.rar", "application/vnd.rar"),
36 |     docx: ("sample.docx", "application/vnd.openxmlformats-officedocument.wordprocessingml.document"),
37 |     pdf: ("sample.pdf", "application/pdf"),
38 |     xlsx: ("sample.xlsx", "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet"),
39 |     garbage: ("sample.garbage", "application/octet-stream"),
40 |     ics: ("sample.ics", "text/calendar"),
41 |     mp4: ("sample.mp4", "video/mp4"),
42 |     avi: ("sample.avi", "video/avi"),
43 | }
44 | 


--------------------------------------------------------------------------------
/proton-pass-common/tests/passkey.rs:
--------------------------------------------------------------------------------
 1 | const EXAMPLE_JSON: &str = r#"
 2 | {"attestation":"none","authenticatorSelection":{"residentKey":"preferred","userVerification":"preferred"},"challenge":"D-5y7y_E4V8NQBJrFnnhd7NCvRGhO5sBGwzfh23y8D4a_hSMyRRuTAp0hmSm6_eimM71XoYF84VUiY8e9kqavA","excludeCredentials":[],"extensions":{"credProps":true},"pubKeyCredParams":[{"alg":-7,"type":"public-key"},{"alg":-257,"type":"public-key"}],"rp":{"id":"webauthn.io","name":"webauthn.io"},"user":{"displayName":"uyguyhj","id":"ZFhsbmRYbG9hZw","name":"uyguyhj"}}
 3 | "#;
 4 | 
 5 | fn get_runtime() -> tokio::runtime::Runtime {
 6 |     tokio::runtime::Builder::new_current_thread().build().unwrap()
 7 | }
 8 | 
 9 | #[test]
10 | fn can_generate_passkey() {
11 |     let rt = get_runtime();
12 |     let res = rt.block_on(async move {
13 |         proton_pass_common::passkey::generate_passkey_for_domain("https://webauthn.io", EXAMPLE_JSON).await
14 |     });
15 | 
16 |     assert!(res.is_ok());
17 |     let value = res.unwrap();
18 |     assert!(!value.passkey.is_empty());
19 | 
20 |     let credential_serialized = value.response().unwrap();
21 |     assert!(!credential_serialized.is_empty());
22 | }
23 | 


--------------------------------------------------------------------------------
/proton-pass-common/tests/twofa_valid.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::twofa::TwofaDomainChecker;
 2 | 
 3 | #[test]
 4 | fn domain_exist_in_set() {
 5 |     let domain = "google.com";
 6 | 
 7 |     assert!(TwofaDomainChecker::twofa_domain_eligible(domain));
 8 | }
 9 | 
10 | #[test]
11 | fn domain_doesnt_exist_in_set() {
12 |     let domain = "testNonExistingDomain.com";
13 | 
14 |     assert!(!TwofaDomainChecker::twofa_domain_eligible(domain));
15 | }
16 | 
17 | #[test]
18 | fn can_match_subdomain() {
19 |     let domain = "test.amazon.com";
20 |     assert!(TwofaDomainChecker::twofa_domain_eligible(domain));
21 | }
22 | 
23 | #[test]
24 | fn can_match_all_test() {
25 |     let domains = vec![
26 |         "https://www.amazon.com/ap/signin?openid.pape.max_auth_age=0&openid.return_to=https%3A%2F%2Fwww.amazon.com%2F%3Fref_%3Dnav_signin&openid.identity=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.assoc_handle=usflex&openid.mode=checkid_setup&openid.claimed_id=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0%2Fidentifier_select&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0",
27 |         "https://www.amazon.com/",
28 |         "https://amazon.com/",
29 |         "https://www.amazon.com",
30 |         "https://amazon.com",
31 |         "amazon.com",
32 |         "www.amazon.com",
33 |         "amazon.com/some?path=extra",
34 |         "www.amazon.com/some?path=extra"
35 |     ];
36 | 
37 |     for domain in domains {
38 |         assert!(TwofaDomainChecker::twofa_domain_eligible(domain));
39 |     }
40 | }
41 | 


--------------------------------------------------------------------------------
/proton-pass-derive/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-pass-derive"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | [lib]
 7 | doctest = false
 8 | proc-macro = true
 9 | 
10 | [dependencies]
11 | quote = "1.0"
12 | syn = "2.0"
13 | 


--------------------------------------------------------------------------------
/proton-pass-derive/src/lib.rs:
--------------------------------------------------------------------------------
 1 | use proc_macro::TokenStream;
 2 | use quote::quote;
 3 | use syn::{parse_macro_input, DeriveInput};
 4 | 
 5 | #[proc_macro_derive(Error)]
 6 | pub fn derive_error(input: TokenStream) -> TokenStream {
 7 |     // Parse the input tokens into a syntax tree
 8 |     let input = parse_macro_input!(input as DeriveInput);
 9 | 
10 |     let name = &input.ident;
11 |     let expanded = quote! {
12 |         impl std::error::Error for #name {}
13 |         impl std::fmt::Display for #name {
14 |             fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
15 |                 write!(f, "{:?}", self)
16 |             }
17 |         }
18 |     };
19 | 
20 |     // Hand the output tokens back to the compiler
21 |     TokenStream::from(expanded)
22 | }
23 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-pass-mobile"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | # Flags for cargo-release
 7 | [package.metadata.release]
 8 | pre-release-replacements = [
 9 |     # Yes, we are relying on the number of whitespaces
10 |     {file="android/lib/build.gradle.kts", search="    version = .*", replace="    version = \"{{version}}\""}
11 | ]
12 | 
13 | 
14 | [lib]
15 | doctest = false
16 | crate-type = ["cdylib", "staticlib"]
17 | name = "proton_pass_common_mobile"
18 | 
19 | [dependencies]
20 | proton-pass-common = { path = "../proton-pass-common" }
21 | proton-pass-derive = { path = "../proton-pass-derive" }
22 | 
23 | tokio.workspace = true
24 | 
25 | uniffi = { version = "0.29.2" }
26 | 
27 | [build-dependencies]
28 | uniffi = { version = "0.29.2", features = [ "build" ] }
29 | 
30 | [[bin]]
31 | name = "uniffi-bindgen"
32 | path = "./bindgen.rs"
33 | required-features = [ "uniffi/cli" ]
34 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/android/.gitignore:
--------------------------------------------------------------------------------
 1 | *.iml
 2 | .gradle
 3 | /local.properties
 4 | /.idea/caches
 5 | /.idea/libraries
 6 | /.idea/modules.xml
 7 | /.idea/workspace.xml
 8 | /.idea/navEditor.xml
 9 | /.idea/assetWizardSettings.xml
10 | .DS_Store
11 | /build
12 | /captures
13 | .externalNativeBuild
14 | .cxx
15 | local.properties
16 | *.so


--------------------------------------------------------------------------------
/proton-pass-mobile/android/build.gradle.kts:
--------------------------------------------------------------------------------
1 | // Top-level build file where you can add configuration options common to all sub-projects/modules.
2 | plugins {
3 |     id("com.android.application") version "8.1.1" apply false
4 |     id("org.jetbrains.kotlin.android") version "1.8.10" apply false
5 |     id("com.vanniktech.maven.publish") version "0.22.0" apply false
6 | }


--------------------------------------------------------------------------------
/proton-pass-mobile/android/gradle.properties:
--------------------------------------------------------------------------------
 1 | org.gradle.jvmargs=-Xmx2048m -Dfile.encoding=UTF-8
 2 | android.useAndroidX=true
 3 | kotlin.code.style=official
 4 | android.nonTransitiveRClass=true
 5 | 
 6 | # --- MAVEN PUBLISHING CONFIG
 7 | RELEASE_SIGNING_ENABLED=true
 8 | 
 9 | # or when publishing to https://s01.oss.sonatype.org
10 | SONATYPE_HOST=S01
11 | 
12 | POM_NAME=Proton Pass Common
13 | POM_DESCRIPTION=A shared library for Proton Pass clients that implements common operations.
14 | POM_URL=https://github.com/ProtonPass
15 | POM_INCEPTION_YEAR=2023
16 | POM_LICENSE_NAME=GNU GENERAL PUBLIC LICENSE, Version 3.0
17 | POM_LICENSE_URL=https://www.gnu.org/licenses/gpl-3.0.en.html
18 | POM_LICENSE_DIST=repo
19 | POM_DEVELOPER_ID=opensource@proton.me
20 | POM_DEVELOPER_NAME=Open Source Proton
21 | POM_DEVELOPER_URL=opensource@proton.me
22 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/android/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-mobile/android/gradle/wrapper/gradle-wrapper.jar


--------------------------------------------------------------------------------
/proton-pass-mobile/android/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Wed Sep 20 13:19:37 CEST 2023
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | distributionUrl=https\://services.gradle.org/distributions/gradle-8.0-bin.zip
5 | zipStoreBase=GRADLE_USER_HOME
6 | zipStorePath=wrapper/dists
7 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/android/lib/.gitignore:
--------------------------------------------------------------------------------
1 | /build


--------------------------------------------------------------------------------
/proton-pass-mobile/android/lib/build.gradle.kts:
--------------------------------------------------------------------------------
 1 | import java.util.Properties
 2 | import java.io.FileInputStream
 3 | import java.io.IOException
 4 | 
 5 | 
 6 | plugins {
 7 |     id("com.android.library")
 8 |     id("org.jetbrains.kotlin.android")
 9 |     id("signing")
10 |     id("com.vanniktech.maven.publish") version "0.22.0"
11 | }
12 | 
13 | val privateProperties = Properties().apply {
14 |     try {
15 |         load(FileInputStream("${rootProject.projectDir}/private.properties"))
16 |     } catch (e: IOException) {
17 |         logger.warn("private.properties file doesn't exist. Full error message: $e")
18 |     }
19 | }
20 | 
21 | val gitHubDomain = "GITHUB_PROTONMAIL_DOMAIN".fromVariable()
22 | val mavenUrl = "MAVEN_URL".fromVariable()
23 | val mavenUser = "mavenCentralUsername".fromVariable()
24 | val mavenPassword = "mavenCentralPassword".fromVariable()
25 | val mavenSigningKey = "MAVEN_SIGNING_KEY".fromVariable()
26 | val mavenSigningKeyPassword = "MAVEN_SIGNING_KEY_PASSWORD".fromVariable()
27 | 
28 | 
29 | android {
30 |     namespace = "proton.android.pass.commonrust"
31 |     compileSdk = 33
32 | 
33 |     defaultConfig {
34 |         minSdk = 24
35 |         targetSdk = 33
36 | 
37 |         testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
38 |         proguardFiles(
39 |             getDefaultProguardFile("proguard-android-optimize.txt"),
40 |             "proguard-rules.pro"
41 |         )
42 |     }
43 | 
44 |     buildTypes {
45 |         release {
46 |             isMinifyEnabled = false
47 |             proguardFiles(
48 |                 getDefaultProguardFile("proguard-android-optimize.txt"),
49 |                 "proguard-rules.pro"
50 |             )
51 |         }
52 |     }
53 |     compileOptions {
54 |         sourceCompatibility = JavaVersion.VERSION_1_8
55 |         targetCompatibility = JavaVersion.VERSION_1_8
56 |     }
57 |     kotlinOptions {
58 |         jvmTarget = "1.8"
59 |     }
60 | }
61 | 
62 | mavenPublishing {
63 |     group = "me.proton.pass.common"
64 |     version = "0.22.0"
65 |     pom {
66 |         scm {
67 |             connection.set(gitHubDomain)
68 |             developerConnection.set(gitHubDomain)
69 |             url.set(gitHubDomain)
70 |         }
71 |     }
72 | }
73 | 
74 | signing {
75 |     useInMemoryPgpKeys(mavenSigningKey, mavenSigningKeyPassword)
76 | }
77 | 
78 | 
79 | dependencies {
80 |     val COROUTINES = "1.6.4"
81 |     val JNA = "5.15.0"
82 | 
83 |     implementation("org.jetbrains.kotlinx:kotlinx-coroutines-core:${COROUTINES}")
84 |     implementation("net.java.dev.jna:jna:${JNA}@aar")
85 | }
86 | 
87 | fun String.fromVariable(): String {
88 |     val value = System.getenv(this) ?: "${privateProperties[this]}"
89 |     if (value.isEmpty()) {
90 |         logger.warn("Variable $this is not set!")
91 |     }
92 |     return value
93 | }
94 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/android/lib/proguard-rules.pro:
--------------------------------------------------------------------------------
 1 | # Add project specific ProGuard rules here.
 2 | # You can control the set of applied configuration files using the
 3 | # proguardFiles setting in build.gradle.
 4 | #
 5 | # For more details, see
 6 | #   http://developer.android.com/guide/developing/tools/proguard.html
 7 | 
 8 | # If your project uses WebView with JS, uncomment the following
 9 | # and specify the fully qualified class name to the JavaScript interface
10 | # class:
11 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
12 | #   public *;
13 | #}
14 | 
15 | # Uncomment this to preserve the line number information for
16 | # debugging stack traces.
17 | #-keepattributes SourceFile,LineNumberTable
18 | 
19 | # If you keep the line number information, uncomment this to
20 | # hide the original source file name.
21 | #-renamesourcefileattribute SourceFile


--------------------------------------------------------------------------------
/proton-pass-mobile/android/lib/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="utf-8"?>
2 | <manifest/>


--------------------------------------------------------------------------------
/proton-pass-mobile/android/settings.gradle.kts:
--------------------------------------------------------------------------------
 1 | pluginManagement {
 2 |     repositories {
 3 |         google()
 4 |         mavenCentral()
 5 |         gradlePluginPortal()
 6 |     }
 7 | }
 8 | dependencyResolutionManagement {
 9 |     repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
10 |     repositories {
11 |         google()
12 |         mavenCentral()
13 |     }
14 | }
15 | 
16 | rootProject.name = "ProtonPassCommonRust"
17 | include(":lib")
18 |  


--------------------------------------------------------------------------------
/proton-pass-mobile/bindgen.rs:
--------------------------------------------------------------------------------
1 | fn main() {
2 |     uniffi::uniffi_bindgen_main()
3 | }
4 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/iOS/PassRustCore/.gitignore:
--------------------------------------------------------------------------------
1 | .DS_Store
2 | /.build
3 | /Packages
4 | xcuserdata/
5 | DerivedData/
6 | .swiftpm/configuration/registries.json
7 | .swiftpm/xcode/package.xcworkspace/contents.xcworkspacedata
8 | .netrc
9 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/iOS/PassRustCore/.swiftpm/xcode/package.xcworkspace/xcshareddata/IDEWorkspaceChecks.plist:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
3 | <plist version="1.0">
4 | <dict>
5 | 	<key>IDEDidComputeMac32BitWarning</key>
6 | 	<true/>
7 | </dict>
8 | </plist>
9 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/iOS/PassRustCore/Package.swift:
--------------------------------------------------------------------------------
 1 | // swift-tools-version: 5.9
 2 | // The swift-tools-version declares the minimum version of Swift required to build this package.
 3 | 
 4 | import PackageDescription
 5 | 
 6 | let package = Package(
 7 |     name: "PassRustCore",
 8 |     platforms: [
 9 |         .iOS(.v15),
10 |         .macOS(.v13)
11 |     ],
12 |     products: [
13 |         // Products define the executables and libraries a package produces, making them visible to other packages.
14 |         .library(
15 |             name: "PassRustCore",
16 |             targets: ["PassRustCore"]),
17 |     ],
18 |     targets: [
19 |         .binaryTarget(name: "RustFrameworkFFI", path: "./RustFramework.xcframework"),
20 | 
21 |         // Targets are the basic building blocks of a package, defining a module or a test suite.
22 |         // Targets can depend on other targets in this package and products from dependencies.
23 |         .target(
24 |             name: "PassRustCore",
25 |             dependencies: [
26 |                 .target(name: "RustFrameworkFFI")
27 |             ],
28 |             swiftSettings: [
29 |                 .unsafeFlags(["-suppress-warnings"]),
30 |             ]
31 |         )
32 |     ]
33 | )
34 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/iOS/PassRustCore/README.md:
--------------------------------------------------------------------------------
 1 | # Pass Rust Core
 2 | 
 3 | This package expose the common rust validation functions used by all Pass clients.
 4 | It enable a clear validation process between client and no surprises in the long run. 
 5 | 
 6 | To update the package please execute the following command at the root of the repository.
 7 | 
 8 | ```bash
 9 | make ios-package
10 | ```
11 | 
12 | You can then copy the updated package into the Pass application
13 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/alias.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::alias_prefix::AliasPrefixError as CommonAliasPrefixError;
 2 | 
 3 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 4 | pub enum AliasPrefixError {
 5 |     TwoConsecutiveDots,
 6 |     InvalidCharacter,
 7 |     DotAtTheBeginning,
 8 |     DotAtTheEnd,
 9 |     PrefixTooLong,
10 |     PrefixEmpty,
11 | }
12 | 
13 | impl From<CommonAliasPrefixError> for AliasPrefixError {
14 |     fn from(e: CommonAliasPrefixError) -> Self {
15 |         match e {
16 |             CommonAliasPrefixError::TwoConsecutiveDots => Self::TwoConsecutiveDots,
17 |             CommonAliasPrefixError::InvalidCharacter => Self::InvalidCharacter,
18 |             CommonAliasPrefixError::DotAtTheBeginning => Self::DotAtTheBeginning,
19 |             CommonAliasPrefixError::DotAtTheEnd => Self::DotAtTheEnd,
20 |             CommonAliasPrefixError::PrefixTooLong => Self::PrefixTooLong,
21 |             CommonAliasPrefixError::PrefixEmpty => Self::PrefixEmpty,
22 |         }
23 |     }
24 | }
25 | 
26 | pub struct AliasPrefixValidator;
27 | 
28 | impl AliasPrefixValidator {
29 |     pub fn new() -> Self {
30 |         Self
31 |     }
32 | 
33 |     pub fn validate(&self, prefix: String) -> Result<(), AliasPrefixError> {
34 |         Ok(proton_pass_common::alias_prefix::validate_alias_prefix(&prefix)?)
35 |     }
36 | }
37 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/alias.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum AliasPrefixError {
 3 |     "TwoConsecutiveDots",
 4 |     "InvalidCharacter",
 5 |     "DotAtTheEnd",
 6 |     "PrefixTooLong",
 7 |     "PrefixEmpty",
 8 |     "DotAtTheBeginning"
 9 | };
10 | 
11 | interface AliasPrefixValidator {
12 |     constructor();
13 |     [Throws=AliasPrefixError]
14 |     void validate(string prefix);
15 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/creditcard.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::creditcard::detector::{
 2 |     CreditCardDetector as CommonCreditCardDetector, CreditCardType as CommonCreditCardType,
 3 | };
 4 | 
 5 | #[derive(Debug, PartialEq, Eq, Clone)]
 6 | pub enum CreditCardType {
 7 |     Visa,
 8 |     Mastercard,
 9 |     AmericanExpress,
10 |     DinersClub,
11 |     Discover,
12 |     JCB,
13 |     UnionPay,
14 |     Maestro,
15 |     Elo,
16 |     Mir,
17 |     Hiper,
18 |     Hipercard,
19 |     Unknown,
20 | }
21 | 
22 | impl From<CommonCreditCardType> for CreditCardType {
23 |     fn from(value: CommonCreditCardType) -> Self {
24 |         match value {
25 |             CommonCreditCardType::Visa => Self::Visa,
26 |             CommonCreditCardType::Mastercard => Self::Mastercard,
27 |             CommonCreditCardType::AmericanExpress => Self::AmericanExpress,
28 |             CommonCreditCardType::DinersClub => Self::DinersClub,
29 |             CommonCreditCardType::Discover => Self::Discover,
30 |             CommonCreditCardType::JCB => Self::JCB,
31 |             CommonCreditCardType::UnionPay => Self::UnionPay,
32 |             CommonCreditCardType::Maestro => Self::Maestro,
33 |             CommonCreditCardType::Elo => Self::Elo,
34 |             CommonCreditCardType::Mir => Self::Mir,
35 |             CommonCreditCardType::Hiper => Self::Hiper,
36 |             CommonCreditCardType::Hipercard => Self::Hipercard,
37 |             CommonCreditCardType::Unknown => Self::Unknown,
38 |         }
39 |     }
40 | }
41 | 
42 | pub struct CreditCardDetector {
43 |     inner: CommonCreditCardDetector,
44 | }
45 | 
46 | impl CreditCardDetector {
47 |     pub fn new() -> Self {
48 |         Self {
49 |             inner: CommonCreditCardDetector::default(),
50 |         }
51 |     }
52 | 
53 |     pub fn detect(&self, number: String) -> CreditCardType {
54 |         CreditCardType::from(self.inner.detect(&number))
55 |     }
56 | }
57 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/creditcard.udl:
--------------------------------------------------------------------------------
 1 | enum CreditCardType {
 2 |     "Visa",
 3 |     "Mastercard",
 4 |     "AmericanExpress",
 5 |     "DinersClub",
 6 |     "Discover",
 7 |     "JCB",
 8 |     "UnionPay",
 9 |     "Maestro",
10 |     "Elo",
11 |     "Mir",
12 |     "Hiper",
13 |     "Hipercard",
14 |     "Unknown",
15 | };
16 | 
17 | interface CreditCardDetector {
18 |     constructor();
19 |     CreditCardType detect(string number);
20 | };
21 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/domain.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::domain::{
 2 |     get_domain, get_root_domain, GetDomainError as CommonGetDomainError, GetRootDomainError as CommonGetRootDomainError,
 3 | };
 4 | 
 5 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 6 | pub enum GetRootDomainError {
 7 |     CannotGetDomain,
 8 |     EmptyLabel,
 9 |     InvalidPublicSuffix,
10 | }
11 | 
12 | impl From<CommonGetRootDomainError> for GetRootDomainError {
13 |     fn from(e: CommonGetRootDomainError) -> Self {
14 |         match e {
15 |             CommonGetRootDomainError::CannotGetDomain => Self::CannotGetDomain,
16 |             CommonGetRootDomainError::EmptyLabel => Self::EmptyLabel,
17 |             CommonGetRootDomainError::InvalidPublicSuffix => Self::InvalidPublicSuffix,
18 |         }
19 |     }
20 | }
21 | 
22 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
23 | pub enum GetDomainError {
24 |     ParseError,
25 |     UrlHasNoDomain,
26 | }
27 | 
28 | impl From<CommonGetDomainError> for GetDomainError {
29 |     fn from(e: CommonGetDomainError) -> Self {
30 |         match e {
31 |             CommonGetDomainError::ParseError => Self::ParseError,
32 |             CommonGetDomainError::UrlHasNoDomain => Self::UrlHasNoDomain,
33 |         }
34 |     }
35 | }
36 | 
37 | pub struct DomainManager;
38 | 
39 | impl DomainManager {
40 |     pub fn new() -> Self {
41 |         Self
42 |     }
43 | 
44 |     pub fn get_root_domain(&self, input: String) -> Result<String, GetRootDomainError> {
45 |         Ok(get_root_domain(&input)?)
46 |     }
47 | 
48 |     pub fn get_domain(&self, input: String) -> Result<String, GetDomainError> {
49 |         Ok(get_domain(&input)?)
50 |     }
51 | }
52 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/domain.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum GetRootDomainError {
 3 |     "CannotGetDomain",
 4 |     "EmptyLabel",
 5 |     "InvalidPublicSuffix"
 6 | };
 7 | 
 8 | [Error]
 9 | enum GetDomainError {
10 |     "ParseError",
11 |     "UrlHasNoDomain"
12 | };
13 | 
14 | interface DomainManager {
15 |     constructor();
16 |     [Throws=GetRootDomainError]
17 |     string get_root_domain(string input);
18 | 
19 |     [Throws=GetDomainError]
20 |     string get_domain(string input);
21 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/email.rs:
--------------------------------------------------------------------------------
 1 | pub struct EmailValidator;
 2 | 
 3 | impl EmailValidator {
 4 |     pub fn new() -> Self {
 5 |         Self
 6 |     }
 7 | 
 8 |     pub fn is_email_valid(&self, email: String) -> bool {
 9 |         proton_pass_common::email::is_email_valid(&email)
10 |     }
11 | }
12 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/email.udl:
--------------------------------------------------------------------------------
1 | interface EmailValidator {
2 |     constructor();
3 |     boolean is_email_valid(string email);
4 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/file.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::file::FileGroup as CommonFileGroup;
 2 | use proton_pass_common::file::{get_file_group_from_mime_type, get_mime_type_from_content, sanitize_name};
 3 | 
 4 | // START MAPPING TYPES
 5 | 
 6 | #[derive(Clone, Copy, Debug, PartialEq, Eq)]
 7 | pub enum FileGroup {
 8 |     Image,
 9 |     Photo,
10 |     VectorImage,
11 |     Video,
12 |     Audio,
13 |     Key,
14 |     Text,
15 |     Calendar,
16 |     Pdf,
17 |     Word,
18 |     PowerPoint,
19 |     Excel,
20 |     Document,
21 |     Unknown,
22 | }
23 | 
24 | impl From<CommonFileGroup> for FileGroup {
25 |     fn from(group: CommonFileGroup) -> Self {
26 |         match group {
27 |             CommonFileGroup::Image => FileGroup::Image,
28 |             CommonFileGroup::Photo => FileGroup::Photo,
29 |             CommonFileGroup::VectorImage => FileGroup::VectorImage,
30 |             CommonFileGroup::Video => FileGroup::Video,
31 |             CommonFileGroup::Audio => FileGroup::Audio,
32 |             CommonFileGroup::Key => FileGroup::Key,
33 |             CommonFileGroup::Text => FileGroup::Text,
34 |             CommonFileGroup::Calendar => FileGroup::Calendar,
35 |             CommonFileGroup::Pdf => FileGroup::Pdf,
36 |             CommonFileGroup::Word => FileGroup::Word,
37 |             CommonFileGroup::PowerPoint => FileGroup::PowerPoint,
38 |             CommonFileGroup::Excel => FileGroup::Excel,
39 |             CommonFileGroup::Document => FileGroup::Document,
40 |             CommonFileGroup::Unknown => FileGroup::Unknown,
41 |         }
42 |     }
43 | }
44 | 
45 | // END MAPPING TYPES
46 | 
47 | pub struct FileDecoder;
48 | 
49 | impl FileDecoder {
50 |     pub fn new() -> Self {
51 |         Self
52 |     }
53 | 
54 |     pub fn get_mimetype_from_content(&self, content: Vec<u8>) -> String {
55 |         get_mime_type_from_content(&content)
56 |     }
57 | 
58 |     pub fn get_filegroup_from_mimetype(&self, mimetype: String) -> FileGroup {
59 |         FileGroup::from(get_file_group_from_mime_type(&mimetype))
60 |     }
61 | 
62 |     pub fn sanitize_filename(&self, name: String, windows: bool) -> String {
63 |         sanitize_name(&name, windows)
64 |     }
65 | }
66 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/file.udl:
--------------------------------------------------------------------------------
 1 | enum FileGroup {
 2 |     "Image",
 3 |     "Photo",
 4 |     "VectorImage",
 5 |     "Video",
 6 |     "Audio",
 7 |     "Key",
 8 |     "Text",
 9 |     "Calendar",
10 |     "Pdf",
11 |     "Word",
12 |     "PowerPoint",
13 |     "Excel",
14 |     "Document",
15 |     "Unknown",
16 | };
17 | 
18 | interface FileDecoder {
19 |     constructor();
20 |     string get_mimetype_from_content(bytes content);
21 |     FileGroup get_filegroup_from_mimetype(string mimetype);
22 |     string sanitize_filename(string name, boolean windows);
23 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/host.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::host::{parse, HostInfo as CommonHostInfo, ParseHostError as CommonParseHostError};
 2 | 
 3 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 4 | pub enum ParseHostError {
 5 |     CannotGetDomainFromUrl,
 6 |     EmptyHost,
 7 |     EmptyUrl,
 8 |     HostIsTld,
 9 |     ParseUrlError,
10 |     InvalidUrlError,
11 | }
12 | 
13 | impl From<CommonParseHostError> for ParseHostError {
14 |     fn from(e: CommonParseHostError) -> Self {
15 |         match e {
16 |             CommonParseHostError::CannotGetDomainFromUrl => Self::CannotGetDomainFromUrl,
17 |             CommonParseHostError::EmptyHost => Self::EmptyHost,
18 |             CommonParseHostError::EmptyUrl => Self::EmptyUrl,
19 |             CommonParseHostError::HostIsTld => Self::HostIsTld,
20 |             CommonParseHostError::ParseUrlError => Self::ParseUrlError,
21 |             CommonParseHostError::InvalidUrlError => Self::InvalidUrlError,
22 |         }
23 |     }
24 | }
25 | 
26 | #[derive(Clone, Debug, PartialEq, Eq)]
27 | pub enum HostInfo {
28 |     Host {
29 |         protocol: String,
30 |         subdomain: Option<String>,
31 |         domain: String,
32 |         tld: Option<String>,
33 |     },
34 |     Ip {
35 |         ip: String,
36 |     },
37 | }
38 | 
39 | impl From<CommonHostInfo> for HostInfo {
40 |     fn from(info: CommonHostInfo) -> Self {
41 |         match info {
42 |             CommonHostInfo::Host {
43 |                 protocol,
44 |                 subdomain,
45 |                 domain,
46 |                 tld,
47 |             } => HostInfo::Host {
48 |                 protocol,
49 |                 subdomain,
50 |                 domain,
51 |                 tld,
52 |             },
53 |             CommonHostInfo::Ip { ip } => Self::Ip { ip },
54 |         }
55 |     }
56 | }
57 | 
58 | pub struct HostParser;
59 | 
60 | impl HostParser {
61 |     pub fn new() -> Self {
62 |         Self
63 |     }
64 | 
65 |     pub fn parse(&self, url: String) -> Result<HostInfo, ParseHostError> {
66 |         let parsed = parse(&url)?;
67 |         Ok(HostInfo::from(parsed))
68 |     }
69 | }
70 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/host.udl:
--------------------------------------------------------------------------------
 1 | [Enum]
 2 | interface HostInfo {
 3 |     Host(string protocol, string? subdomain, string domain, string? tld);
 4 |     Ip(string ip);
 5 | };
 6 | 
 7 | [Error]
 8 | enum ParseHostError {
 9 |     "CannotGetDomainFromUrl",
10 |     "EmptyHost",
11 |     "EmptyUrl",
12 |     "HostIsTld",
13 |     "ParseUrlError",
14 |     "InvalidUrlError"
15 | };
16 | 
17 | interface HostParser {
18 |     constructor();
19 | 
20 |     [Throws=ParseHostError]
21 |     HostInfo parse(string url);
22 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/invite.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::invite::create_signature_body;
 2 | 
 3 | pub struct NewUserInviteCreator;
 4 | 
 5 | impl NewUserInviteCreator {
 6 |     pub fn new() -> Self {
 7 |         Self
 8 |     }
 9 | 
10 |     pub fn create_signature_body(&self, email: String, vault_key: Vec<u8>) -> Vec<u8> {
11 |         create_signature_body(&email, vault_key)
12 |     }
13 | }
14 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/invite.udl:
--------------------------------------------------------------------------------
1 | interface NewUserInviteCreator {
2 |     constructor();
3 |     bytes create_signature_body(string email, bytes vault_key);
4 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/lib.rs:
--------------------------------------------------------------------------------
 1 | #![allow(clippy::new_without_default)]
 2 | 
 3 | mod alias;
 4 | mod creditcard;
 5 | mod domain;
 6 | mod email;
 7 | mod file;
 8 | mod host;
 9 | mod invite;
10 | mod login;
11 | mod passkey;
12 | mod password;
13 | mod qr;
14 | mod totp;
15 | mod twofa;
16 | mod wifi;
17 | 
18 | uniffi::include_scaffolding!("common");
19 | 
20 | pub fn library_version() -> String {
21 |     proton_pass_common::library_version()
22 | }
23 | 
24 | pub use alias::*;
25 | pub use creditcard::*;
26 | pub use domain::*;
27 | pub use email::*;
28 | pub use file::*;
29 | pub use host::*;
30 | pub use invite::*;
31 | pub use login::*;
32 | pub use passkey::*;
33 | pub use password::*;
34 | pub use qr::*;
35 | pub use totp::*;
36 | pub use twofa::*;
37 | pub use wifi::*;
38 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/login.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::login::{Login as CommonLogin, LoginError as CommonLoginError};
 2 | 
 3 | pub struct Login {
 4 |     pub title: String,
 5 |     pub username: String,
 6 |     pub password: String,
 7 |     pub totp: Option<String>,
 8 |     pub urls: Vec<String>,
 9 | }
10 | 
11 | impl From<Login> for CommonLogin {
12 |     fn from(login: Login) -> Self {
13 |         Self {
14 |             title: login.title,
15 |             username: login.username,
16 |             password: login.password,
17 |             totp: login.totp,
18 |             urls: login.urls,
19 |         }
20 |     }
21 | }
22 | 
23 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
24 | pub enum LoginError {
25 |     InvalidTOTP,
26 |     InvalidURL,
27 | }
28 | 
29 | impl From<CommonLoginError> for LoginError {
30 |     fn from(error: CommonLoginError) -> Self {
31 |         match error {
32 |             CommonLoginError::InvalidTOTP => LoginError::InvalidTOTP,
33 |             CommonLoginError::InvalidURL => LoginError::InvalidURL,
34 |         }
35 |     }
36 | }
37 | 
38 | pub struct LoginValidator;
39 | 
40 | impl LoginValidator {
41 |     pub fn new() -> Self {
42 |         Self
43 |     }
44 | 
45 |     pub fn validate(&self, login: Login) -> Result<(), LoginError> {
46 |         Ok(proton_pass_common::login::validate_login(CommonLogin::from(login))?)
47 |     }
48 | }
49 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/login.udl:
--------------------------------------------------------------------------------
 1 | dictionary Login {
 2 |     string title;
 3 |     string username;
 4 |     string password;
 5 |     string? totp;
 6 |     sequence<string> urls;
 7 | };
 8 | 
 9 | [Error]
10 | enum LoginError {
11 |     "InvalidTOTP",
12 |     "InvalidURL",
13 | };
14 | 
15 | interface LoginValidator {
16 |     constructor();
17 |     [Throws=LoginError]
18 |     void validate(Login login);
19 | };
20 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/namespace.udl:
--------------------------------------------------------------------------------
1 | namespace proton_pass_common_mobile {
2 |     string library_version();
3 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/passkey.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum PasskeyError {
 3 |     "InvalidUri",
 4 |     "RuntimeError",
 5 |     "GenerationError",
 6 |     "ResolveChallengeError",
 7 |     "SerializationError"
 8 | };
 9 | 
10 | dictionary CreatePasskeyResponse {
11 |     string response;
12 |     bytes passkey;
13 |     string key_id;
14 |     string domain;
15 |     string? rp_id;
16 |     string rp_name;
17 |     string user_name;
18 |     string user_display_name;
19 |     bytes user_id;
20 |     bytes credential_id;
21 |     bytes? user_handle;
22 | };
23 | 
24 | dictionary CreatePasskeyIosResponse {
25 |     bytes passkey;
26 |     string key_id;
27 |     string domain;
28 |     string? rp_id;
29 |     string rp_name;
30 |     string user_name;
31 |     string user_display_name;
32 |     bytes user_id;
33 |     bytes credential_id;
34 |     bytes client_data_hash;
35 |     bytes? user_handle;
36 |     bytes attestation_object;
37 | };
38 | 
39 | dictionary CreatePasskeyData {
40 |     string? rp_id;
41 |     string rp_name;
42 |     string user_name;
43 |     string user_display_name;
44 | };
45 | 
46 | dictionary CreatePasskeyIosRequest {
47 |     string service_identifier;
48 |     string rp_id;
49 |     string user_name;
50 |     bytes user_handle;
51 |     bytes client_data_hash;
52 |     sequence<i64> supported_algorithms;
53 | };
54 | 
55 | dictionary AuthenticateWithPasskeyIosRequest {
56 |     string service_identifier;
57 |     bytes passkey;
58 |     bytes client_data_hash;
59 | };
60 | 
61 | dictionary AuthenticateWithPasskeyIosResponse {
62 |     bytes user_handle;
63 |     string relying_party;
64 |     bytes signature;
65 |     bytes client_data_hash;
66 |     bytes authenticator_data;
67 |     bytes credential_id;
68 | };
69 | 
70 | dictionary AuthenticateWithPasskeyAndroidRequest {
71 |     string origin;
72 |     string request;
73 |     bytes passkey;
74 |     bytes? client_data_hash;
75 | };
76 | 
77 | interface PasskeyManager {
78 |     [Throws=PasskeyError]
79 |     constructor();
80 | 
81 |     [Throws=PasskeyError]
82 |     CreatePasskeyResponse generate_passkey(string url, string request);
83 | 
84 |     [Throws=PasskeyError]
85 |     CreatePasskeyIosResponse generate_ios_passkey(CreatePasskeyIosRequest request);
86 | 
87 |     [Throws=PasskeyError]
88 |     string resolve_challenge_for_android(AuthenticateWithPasskeyAndroidRequest request);
89 | 
90 |     [Throws=PasskeyError]
91 |     AuthenticateWithPasskeyIosResponse resolve_challenge_for_ios(AuthenticateWithPasskeyIosRequest request);
92 | 
93 |     [Throws=PasskeyError]
94 |     CreatePasskeyData parse_create_request(string request);
95 | };
96 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/password.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum PasswordGeneratorError {
 3 |     "FailToGenerate",
 4 | };
 5 | 
 6 | dictionary RandomPasswordConfig {
 7 |     u32 length;
 8 |     boolean numbers;
 9 |     boolean uppercase_letters;
10 |     boolean symbols;
11 | };
12 | 
13 | interface RandomPasswordGenerator {
14 |     constructor();
15 |     [Throws=PasswordGeneratorError]
16 |     string generate(RandomPasswordConfig config);
17 | };
18 | 
19 | enum WordSeparator {
20 |     "Hyphens",
21 |     "Spaces",
22 |     "Periods",
23 |     "Commas",
24 |     "Underscores",
25 |     "Numbers",
26 |     "NumbersAndSymbols",
27 | };
28 | 
29 | dictionary PassphraseConfig {
30 |     WordSeparator separator;
31 |     boolean capitalise;
32 |     boolean include_numbers;
33 |     u32 count;
34 | };
35 | 
36 | interface PassphraseGenerator {
37 |     constructor();
38 |     [Throws=PasswordGeneratorError]
39 |     sequence<string> random_words(u32 word_count);
40 |     [Throws=PasswordGeneratorError]
41 |     string generate_passphrase(sequence<string> words, PassphraseConfig config);
42 |     [Throws=PasswordGeneratorError]
43 |     string generate_random_passphrase(PassphraseConfig config);
44 | };
45 | 
46 | enum PasswordScore {
47 |     "Vulnerable",
48 |     "Weak",
49 |     "Strong",
50 | };
51 | 
52 | enum PasswordPenalty {
53 |     "NoLowercase",
54 |     "NoUppercase",
55 |     "NoNumbers",
56 |     "NoSymbols",
57 |     "Short",
58 |     "Consecutive",
59 |     "Progressive",
60 |     "ContainsCommonPassword",
61 |     "ShortWordList",
62 | };
63 | 
64 | dictionary PasswordScoreResult {
65 |     f64 numeric_score;
66 |     PasswordScore password_score;
67 |     sequence<PasswordPenalty> penalties;
68 | };
69 | 
70 | interface PasswordScorer {
71 |     constructor();
72 |     PasswordScore check_score(string password);
73 |     PasswordScoreResult score_password(string password);
74 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/qr.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::qr::generate_svg_qr_code;
 2 | use proton_pass_common::qrcode::types::QrError as CommonQrError;
 3 | 
 4 | #[derive(Debug, proton_pass_derive::Error, PartialEq, Eq)]
 5 | pub enum QrCodeError {
 6 |     DataTooLong,
 7 |     InvalidVersion,
 8 |     UnsupportedCharacterSet,
 9 |     InvalidEciDesignator,
10 |     InvalidCharacter,
11 | }
12 | 
13 | impl From<CommonQrError> for QrCodeError {
14 |     fn from(value: CommonQrError) -> Self {
15 |         match value {
16 |             CommonQrError::DataTooLong => Self::DataTooLong,
17 |             CommonQrError::InvalidVersion => Self::InvalidVersion,
18 |             CommonQrError::UnsupportedCharacterSet => Self::UnsupportedCharacterSet,
19 |             CommonQrError::InvalidEciDesignator => Self::InvalidEciDesignator,
20 |             CommonQrError::InvalidCharacter => Self::InvalidCharacter,
21 |         }
22 |     }
23 | }
24 | 
25 | pub struct QrCodeGenerator;
26 | 
27 | impl QrCodeGenerator {
28 |     pub fn new() -> Self {
29 |         Self
30 |     }
31 | 
32 |     pub fn generate_svg_qr_code(&self, value: String) -> Result<String, QrCodeError> {
33 |         generate_svg_qr_code(&value).map_err(|e| e.into())
34 |     }
35 | }
36 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/qr.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum QrCodeError {
 3 |     "DataTooLong",
 4 |     "InvalidVersion",
 5 |     "UnsupportedCharacterSet",
 6 |     "InvalidEciDesignator",
 7 |     "InvalidCharacter",
 8 | };
 9 | 
10 | interface QrCodeGenerator {
11 |     constructor();
12 |     [Throws=QrCodeError]
13 |     string generate_svg_qr_code(string value);
14 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/totp.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum TOTPError {
 3 |     "NotTotpUri",
 4 |     "InvalidAuthority",
 5 |     "NoAuthority",
 6 |     "InvalidAlgorithm",
 7 |     "InvalidScheme",
 8 |     "URLParseError",
 9 |     "NoSecret",
10 |     "EmptySecret",
11 |     "NoQueries",
12 |     "SecretParseError",
13 |     "InvalidDigitsError",
14 |     "InvalidPeriodError",
15 | };
16 | 
17 | enum TOTPAlgorithm {
18 |     "SHA1",
19 |     "SHA256",
20 |     "SHA512"
21 | };
22 | 
23 | dictionary TOTP {
24 |     string? label;
25 |     string secret;
26 |     string? issuer;
27 |     TOTPAlgorithm? algorithm;
28 |     u8? digits;
29 |     u16? period;
30 | };
31 | 
32 | interface TotpUriSanitizer {
33 |     constructor();
34 |     string uri_for_editing(string original_uri);
35 |     [Throws=TOTPError]
36 |     string uri_for_saving(string original_uri, string edited_uri);
37 | };
38 | 
39 | interface TotpHandler {
40 |     constructor();
41 |     TOTPAlgorithm get_algorithm(TOTP totp);
42 |     u8 get_digits(TOTP totp);
43 |     u16 get_period(TOTP totp);
44 | };
45 | 
46 | dictionary TotpTokenResult {
47 |     TOTP totp;
48 |     string token;
49 |     u64 timestamp;
50 | };
51 | 
52 | interface TotpTokenGenerator {
53 |     constructor();
54 |     [Throws=TOTPError]
55 |     TotpTokenResult generate_token(string uri, u64 current_time);
56 | };
57 | 
58 | interface TotpUriParser {
59 |     constructor();
60 |     [Throws=TOTPError]
61 |     TOTP parse(string uri_string);
62 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/twofa.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::twofa::TwofaDomainChecker as CommonTwofaDomainChecker;
 2 | 
 3 | pub struct TwofaDomainChecker;
 4 | 
 5 | impl TwofaDomainChecker {
 6 |     pub fn new() -> Self {
 7 |         Self
 8 |     }
 9 | 
10 |     pub fn twofa_domain_eligible(&self, domain: String) -> bool {
11 |         CommonTwofaDomainChecker::twofa_domain_eligible(&domain)
12 |     }
13 | }
14 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/twofa.udl:
--------------------------------------------------------------------------------
1 | interface TwofaDomainChecker {
2 |     constructor();
3 |     boolean twofa_domain_eligible(string domain);
4 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/src/wifi.rs:
--------------------------------------------------------------------------------
 1 | use crate::QrCodeError;
 2 | use proton_pass_common::qr::generate_svg_qr_code;
 3 | use proton_pass_common::wifi::{generate_wifi_uri, WifiError as CommonWifiError, WifiSecurity as CommonWifiSecurity};
 4 | use proton_pass_derive::Error;
 5 | 
 6 | pub struct WifiQrCodeGenerator;
 7 | 
 8 | pub enum WifiSecurity {
 9 |     Unspecified,
10 |     WPA,
11 |     WPA2,
12 |     WPA3,
13 |     WEP,
14 | }
15 | 
16 | impl From<WifiSecurity> for CommonWifiSecurity {
17 |     fn from(value: WifiSecurity) -> Self {
18 |         match value {
19 |             WifiSecurity::Unspecified => Self::Unspecified,
20 |             WifiSecurity::WPA => Self::WPA,
21 |             WifiSecurity::WPA2 => Self::WPA2,
22 |             WifiSecurity::WPA3 => Self::WPA3,
23 |             WifiSecurity::WEP => Self::WEP,
24 |         }
25 |     }
26 | }
27 | 
28 | #[derive(Debug, Error, PartialEq, Eq)]
29 | pub enum WifiError {
30 |     EmptySSID,
31 | }
32 | 
33 | impl From<CommonWifiError> for WifiError {
34 |     fn from(value: CommonWifiError) -> Self {
35 |         match value {
36 |             CommonWifiError::EmptySSID => Self::EmptySSID,
37 |         }
38 |     }
39 | }
40 | 
41 | #[derive(Debug, Error, PartialEq, Eq)]
42 | pub enum WifiQrCodeGeneratorError {
43 |     Wifi(WifiError),
44 |     QrCode(QrCodeError),
45 | }
46 | 
47 | impl WifiQrCodeGenerator {
48 |     pub fn new() -> Self {
49 |         Self
50 |     }
51 | 
52 |     pub fn generate_svg_qr_code(
53 |         &self,
54 |         ssid: String,
55 |         password: String,
56 |         security: WifiSecurity,
57 |     ) -> Result<String, WifiQrCodeGeneratorError> {
58 |         let uri = generate_wifi_uri(&ssid, &password, security.into())
59 |             .map_err(|e| WifiQrCodeGeneratorError::Wifi(e.into()))?;
60 | 
61 |         generate_svg_qr_code(&uri).map_err(|e| WifiQrCodeGeneratorError::QrCode(e.into()))
62 |     }
63 | }
64 | 


--------------------------------------------------------------------------------
/proton-pass-mobile/src/wifi.udl:
--------------------------------------------------------------------------------
 1 | [Error]
 2 | enum WifiError {
 3 |     "EmptySSID"
 4 | };
 5 | 
 6 | [Error]
 7 | enum WifiQrCodeGeneratorError {
 8 |     "Wifi",
 9 |     "QrCode"
10 | };
11 | 
12 | enum WifiSecurity {
13 |     "Unspecified",
14 |     "WPA",
15 |     "WPA2",
16 |     "WPA3",
17 |     "WEP",
18 | };
19 | 
20 | interface WifiQrCodeGenerator {
21 |     constructor();
22 |     [Throws=WifiQrCodeGeneratorError]
23 |     string generate_svg_qr_code(string ssid, string password, WifiSecurity security);
24 | };


--------------------------------------------------------------------------------
/proton-pass-mobile/uniffi.toml:
--------------------------------------------------------------------------------
1 | [bindings.kotlin]
2 | package_name = "proton.android.pass.commonrust"
3 | cdylib_name = "proton_pass_common_mobile"
4 | 
5 | [bindings.swift]
6 | module_name = "RustFramework"
7 | cdylib_name = "proton_pass_common_mobile"
8 | 


--------------------------------------------------------------------------------
/proton-pass-totp/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-pass-totp"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | [lib]
 7 | doctest = false
 8 | 
 9 | [dependencies]
10 | proton-pass-derive = { path = "../proton-pass-derive" }
11 | 
12 | serde.workspace = true
13 | 
14 | serde-querystring = "0.3.0"
15 | totp-rs = "5.6.0"
16 | url = "2.5.4"
17 | urlencoding = "2.1.3"
18 | 
19 | [dev-dependencies]
20 | criterion.workspace = true
21 | 
22 | [[bench]]
23 | name = "totp_generation"
24 | harness = false
25 | 


--------------------------------------------------------------------------------
/proton-pass-totp/benches/totp_generation.rs:
--------------------------------------------------------------------------------
 1 | use criterion::{black_box, criterion_group, criterion_main, Criterion};
 2 | use proton_pass_totp::TOTP;
 3 | 
 4 | fn totp_generator(c: &mut Criterion) {
 5 |     let totp_sha1 =
 6 |         TOTP::from_uri("otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA1&digits=8&period=15")
 7 |             .unwrap();
 8 |     let totp_sha256 =
 9 |         TOTP::from_uri("otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA256&digits=8&period=15")
10 |             .unwrap();
11 |     let totp_sha512 =
12 |         TOTP::from_uri("otpauth://totp/MYLABEL?secret=MYSECRET&issuer=MYISSUER&algorithm=SHA512&digits=8&period=15")
13 |             .unwrap();
14 |     c.bench_function("SHA1", |b| b.iter(|| black_box(totp_sha1.generate_token(123456789))));
15 |     c.bench_function("SHA256", |b| {
16 |         b.iter(|| black_box(totp_sha256.generate_token(123456789)))
17 |     });
18 |     c.bench_function("SHA512", |b| {
19 |         b.iter(|| black_box(totp_sha512.generate_token(123456789)))
20 |     });
21 | }
22 | 
23 | criterion_group!(benches, totp_generator);
24 | criterion_main!(benches);
25 | 


--------------------------------------------------------------------------------
/proton-pass-totp/src/algorithm.rs:
--------------------------------------------------------------------------------
 1 | use crate::error::TOTPError;
 2 | 
 3 | #[derive(Copy, Clone, Debug, PartialEq, Eq)]
 4 | pub enum Algorithm {
 5 |     SHA1,
 6 |     SHA256,
 7 |     SHA512,
 8 | }
 9 | 
10 | impl<'a> TryFrom<&'a str> for Algorithm {
11 |     type Error = TOTPError;
12 | 
13 |     fn try_from(value: &'a str) -> Result<Self, Self::Error> {
14 |         match value.to_uppercase().as_str() {
15 |             "SHA1" => Ok(Self::SHA1),
16 |             "SHA256" => Ok(Self::SHA256),
17 |             "SHA512" => Ok(Self::SHA512),
18 |             _ => Err(TOTPError::InvalidAlgorithm(value.to_string())),
19 |         }
20 |     }
21 | }
22 | 
23 | impl From<Algorithm> for totp_rs::Algorithm {
24 |     fn from(value: Algorithm) -> Self {
25 |         match value {
26 |             Algorithm::SHA1 => totp_rs::Algorithm::SHA1,
27 |             Algorithm::SHA256 => totp_rs::Algorithm::SHA256,
28 |             Algorithm::SHA512 => totp_rs::Algorithm::SHA512,
29 |         }
30 |     }
31 | }
32 | 
33 | impl Algorithm {
34 |     pub fn value(&self) -> &str {
35 |         match self {
36 |             Algorithm::SHA1 => "SHA1",
37 |             Algorithm::SHA256 => "SHA256",
38 |             Algorithm::SHA512 => "SHA512",
39 |         }
40 |     }
41 | }
42 | 
43 | #[cfg(test)]
44 | mod test {
45 |     use super::*;
46 | 
47 |     #[test]
48 |     fn new_algorithm() {
49 |         assert_eq!(Algorithm::try_from("sha1"), Ok(Algorithm::SHA1));
50 |         assert_eq!(Algorithm::try_from("SHA1"), Ok(Algorithm::SHA1));
51 | 
52 |         assert_eq!(Algorithm::try_from("sha256"), Ok(Algorithm::SHA256));
53 |         assert_eq!(Algorithm::try_from("SHA256"), Ok(Algorithm::SHA256));
54 | 
55 |         assert_eq!(Algorithm::try_from("sha512"), Ok(Algorithm::SHA512));
56 |         assert_eq!(Algorithm::try_from("SHA512"), Ok(Algorithm::SHA512));
57 | 
58 |         assert_eq!(
59 |             Algorithm::try_from("sha"),
60 |             Err(TOTPError::InvalidAlgorithm("sha".to_string()))
61 |         );
62 |     }
63 | }
64 | 


--------------------------------------------------------------------------------
/proton-pass-totp/src/error.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_derive::Error;
 2 | use url::ParseError;
 3 | 
 4 | #[derive(Debug, Error, PartialEq, Eq)]
 5 | pub enum TOTPError {
 6 |     NotTotpUri,
 7 |     InvalidAuthority(String),
 8 |     NoAuthority,
 9 |     InvalidAlgorithm(String),
10 |     InvalidScheme(String),
11 |     URLParseError(ParseError),
12 |     NoSecret,
13 |     EmptySecret,
14 |     NoQueries,
15 |     SecretParseError,
16 |     InvalidPeriod,
17 |     InvalidDigits,
18 | }
19 | 


--------------------------------------------------------------------------------
/proton-pass-totp/src/lib.rs:
--------------------------------------------------------------------------------
 1 | pub mod algorithm;
 2 | pub mod error;
 3 | pub mod queries;
 4 | pub mod sanitizer;
 5 | 
 6 | #[allow(clippy::module_inception)]
 7 | pub mod totp;
 8 | 
 9 | pub use algorithm::Algorithm;
10 | pub use totp::TOTP;
11 | 


--------------------------------------------------------------------------------
/proton-pass-totp/src/queries.rs:
--------------------------------------------------------------------------------
 1 | use crate::algorithm::Algorithm;
 2 | use crate::error::TOTPError;
 3 | use serde::Deserialize;
 4 | use serde_querystring::{from_str, ParseMode};
 5 | 
 6 | #[derive(Debug, Deserialize, Default, PartialEq)]
 7 | pub struct Queries {
 8 |     pub(crate) secret: Option<String>,
 9 |     pub(crate) issuer: Option<String>,
10 |     pub(crate) algorithm: Option<String>,
11 |     pub(crate) digits: Option<String>,
12 |     pub(crate) period: Option<String>,
13 | }
14 | 
15 | impl Queries {
16 |     pub fn new(queries_string: &str) -> Self {
17 |         from_str::<Self>(queries_string, ParseMode::UrlEncoded).unwrap_or_default()
18 |     }
19 | 
20 |     pub fn get_secret(&self) -> Result<String, TOTPError> {
21 |         if let Some(value) = self.secret.clone() {
22 |             if value.is_empty() {
23 |                 Err(TOTPError::EmptySecret)
24 |             } else {
25 |                 Ok(value)
26 |             }
27 |         } else {
28 |             Err(TOTPError::NoSecret)
29 |         }
30 |     }
31 | 
32 |     pub fn get_algorithm(&self) -> Result<Option<Algorithm>, TOTPError> {
33 |         if let Some(value) = self.algorithm.clone() {
34 |             match Algorithm::try_from(&*value) {
35 |                 Ok(algo) => Ok(Some(algo)),
36 |                 Err(error) => Err(error),
37 |             }
38 |         } else {
39 |             Ok(None)
40 |         }
41 |     }
42 | 
43 |     pub fn get_digits(&self) -> Result<Option<u8>, TOTPError> {
44 |         match self.digits {
45 |             Some(ref period) => match period.parse::<u8>() {
46 |                 Ok(digits) => {
47 |                     if digits > 0 && digits <= 9 {
48 |                         Ok(Some(digits))
49 |                     } else {
50 |                         Err(TOTPError::InvalidDigits)
51 |                     }
52 |                 }
53 |                 Err(_) => Err(TOTPError::InvalidDigits),
54 |             },
55 |             None => Ok(None),
56 |         }
57 |     }
58 | 
59 |     pub fn get_period(&self) -> Result<Option<u16>, TOTPError> {
60 |         match self.period {
61 |             Some(ref period) => match period.parse::<u16>() {
62 |                 Ok(period) => {
63 |                     if period > 0 {
64 |                         Ok(Some(period))
65 |                     } else {
66 |                         Err(TOTPError::InvalidPeriod)
67 |                     }
68 |                 }
69 |                 Err(_) => Err(TOTPError::InvalidPeriod),
70 |             },
71 |             None => Ok(None),
72 |         }
73 |     }
74 | }
75 | 


--------------------------------------------------------------------------------
/proton-pass-web/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "proton-pass-web"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | # Flags for cargo-release
 7 | [package.metadata.release]
 8 | pre-release-replacements = [
 9 |     {file="package.json", search="  \"version\":.*", replace="  \"version\": \"{{version}}\","}
10 | ]
11 | 
12 | # Needed since rust 1.87+
13 | # https://github.com/rustwasm/wasm-pack/issues/1501
14 | [package.metadata.wasm-pack.profile.release]
15 | wasm-opt = ["--enable-bulk-memory", "--enable-nontrapping-float-to-int"]
16 | 
17 | [lib]
18 | doctest = false
19 | crate-type = ["cdylib", "rlib"]
20 | 
21 | [dependencies]
22 | proton-pass-common = { path = "../proton-pass-common" }
23 | 
24 | js-sys.workspace = true
25 | serde.workspace = true
26 | tsify-next.workspace = true
27 | wasm-bindgen.workspace = true
28 | wasm-bindgen-futures.workspace = true
29 | 
30 | [features]
31 | web_password = []
32 | web_ui = []
33 | web_worker = ["web_password"]
34 | 


--------------------------------------------------------------------------------
/proton-pass-web/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "@protontech/pass-rust-core",
 3 |   "version": "0.22.0",
 4 |   "workspaces": [
 5 |     "password",
 6 |     "ui",
 7 |     "worker"
 8 |   ]
 9 | }
10 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/common.rs:
--------------------------------------------------------------------------------
 1 | use serde::{Deserialize, Serialize};
 2 | use tsify_next::Tsify;
 3 | use wasm_bindgen::prelude::*;
 4 | 
 5 | #[derive(Tsify, Deserialize, Serialize)]
 6 | #[tsify(into_wasm_abi, from_wasm_abi)]
 7 | pub struct WasmBoolDict(pub std::collections::HashMap<String, bool>);
 8 | 
 9 | #[allow(dead_code)]
10 | pub fn vec_to_uint8_array(source: Vec<u8>) -> js_sys::Uint8Array {
11 |     let js_res = js_sys::Uint8Array::new_with_length(source.len() as u32);
12 |     for (idx, value) in source.into_iter().enumerate() {
13 |         js_res.set_index(idx as u32, value);
14 |     }
15 | 
16 |     js_res
17 | }
18 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/lib.rs:
--------------------------------------------------------------------------------
 1 | use wasm_bindgen::prelude::*;
 2 | 
 3 | mod common;
 4 | 
 5 | #[cfg(feature = "web_password")]
 6 | mod password;
 7 | 
 8 | #[cfg(feature = "web_ui")]
 9 | mod ui;
10 | 
11 | #[cfg(feature = "web_worker")]
12 | mod worker;
13 | 
14 | #[wasm_bindgen]
15 | pub fn library_version() -> String {
16 |     proton_pass_common::library_version()
17 | }
18 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/password/mod.rs:
--------------------------------------------------------------------------------
 1 | use password::{
 2 |     WasmPassphraseConfig, WasmPasswordScore, WasmPasswordScoreList, WasmPasswordScoreResult, WasmRandomPasswordConfig,
 3 | };
 4 | use proton_pass_common::password::{get_generator, PassphraseConfig, RandomPasswordConfig};
 5 | use wasm_bindgen::prelude::*;
 6 | 
 7 | mod password;
 8 | 
 9 | #[wasm_bindgen]
10 | pub fn generate_password(config: WasmRandomPasswordConfig) -> Result<String, JsError> {
11 |     let mut generator = get_generator();
12 |     let cfg: RandomPasswordConfig = config.into();
13 |     generator.generate_random(&cfg).map_err(|e| e.into())
14 | }
15 | 
16 | #[wasm_bindgen]
17 | pub fn random_words(word_count: u32) -> Result<Vec<String>, JsError> {
18 |     let mut generator = get_generator();
19 |     generator.random_words(word_count as usize).map_err(|e| e.into())
20 | }
21 | 
22 | #[wasm_bindgen]
23 | pub fn generate_passphrase(words: Vec<String>, config: WasmPassphraseConfig) -> Result<String, JsError> {
24 |     let mut generator = get_generator();
25 |     let cfg: PassphraseConfig = config.into();
26 | 
27 |     generator
28 |         .generate_passphrase_from_words(words, &cfg)
29 |         .map_err(|e| e.into())
30 | }
31 | 
32 | #[wasm_bindgen]
33 | pub fn generate_random_passphrase(config: WasmPassphraseConfig) -> Result<String, JsError> {
34 |     let mut generator = get_generator();
35 |     let cfg: PassphraseConfig = config.into();
36 | 
37 |     generator.generate_passphrase(&cfg).map_err(|e| e.into())
38 | }
39 | 
40 | #[wasm_bindgen]
41 | pub fn analyze_password(password: String) -> WasmPasswordScoreResult {
42 |     proton_pass_common::password::check_score(&password).into()
43 | }
44 | 
45 | #[wasm_bindgen]
46 | pub fn check_password_score(password: String) -> WasmPasswordScore {
47 |     proton_pass_common::password::check_score(&password)
48 |         .password_score
49 |         .into()
50 | }
51 | 
52 | #[wasm_bindgen]
53 | pub fn check_password_scores(passwords: Vec<String>) -> WasmPasswordScoreList {
54 |     WasmPasswordScoreList(
55 |         passwords
56 |             .iter()
57 |             .map(|password| {
58 |                 proton_pass_common::password::check_score(password)
59 |                     .password_score
60 |                     .into()
61 |             })
62 |             .collect(),
63 |     )
64 | }
65 | 
66 | #[wasm_bindgen]
67 | pub fn calculate_password_score(password: String) -> f64 {
68 |     proton_pass_common::password::numeric_score(&password)
69 | }
70 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/ui/creditcard.rs:
--------------------------------------------------------------------------------
 1 | pub use proton_pass_common::creditcard::{CreditCardDetector, CreditCardType};
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub enum WasmCreditCardType {
 9 |     Visa,
10 |     Mastercard,
11 |     AmericanExpress,
12 |     DinersClub,
13 |     Discover,
14 |     Jcb,
15 |     UnionPay,
16 |     Maestro,
17 |     Elo,
18 |     Mir,
19 |     Hiper,
20 |     Hipercard,
21 |     Unknown,
22 | }
23 | 
24 | impl From<CreditCardType> for WasmCreditCardType {
25 |     fn from(value: CreditCardType) -> Self {
26 |         match value {
27 |             CreditCardType::Visa => WasmCreditCardType::Visa,
28 |             CreditCardType::Mastercard => WasmCreditCardType::Mastercard,
29 |             CreditCardType::AmericanExpress => WasmCreditCardType::AmericanExpress,
30 |             CreditCardType::DinersClub => WasmCreditCardType::DinersClub,
31 |             CreditCardType::Discover => WasmCreditCardType::Discover,
32 |             CreditCardType::JCB => WasmCreditCardType::Jcb,
33 |             CreditCardType::UnionPay => WasmCreditCardType::UnionPay,
34 |             CreditCardType::Maestro => WasmCreditCardType::Maestro,
35 |             CreditCardType::Elo => WasmCreditCardType::Elo,
36 |             CreditCardType::Mir => WasmCreditCardType::Mir,
37 |             CreditCardType::Hiper => WasmCreditCardType::Hiper,
38 |             CreditCardType::Hipercard => WasmCreditCardType::Hipercard,
39 |             CreditCardType::Unknown => WasmCreditCardType::Unknown,
40 |         }
41 |     }
42 | }
43 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/ui/file.rs:
--------------------------------------------------------------------------------
 1 | pub use proton_pass_common::file::FileGroup;
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub enum WasmFileGroup {
 9 |     Image,
10 |     Photo,
11 |     VectorImage,
12 |     Video,
13 |     Audio,
14 |     Key,
15 |     Text,
16 |     Calendar,
17 |     Pdf,
18 |     Word,
19 |     PowerPoint,
20 |     Excel,
21 |     Document,
22 |     Unknown,
23 | }
24 | 
25 | impl From<FileGroup> for WasmFileGroup {
26 |     fn from(value: FileGroup) -> Self {
27 |         match value {
28 |             FileGroup::Image => WasmFileGroup::Image,
29 |             FileGroup::Photo => WasmFileGroup::Photo,
30 |             FileGroup::VectorImage => WasmFileGroup::VectorImage,
31 |             FileGroup::Video => WasmFileGroup::Video,
32 |             FileGroup::Audio => WasmFileGroup::Audio,
33 |             FileGroup::Key => WasmFileGroup::Key,
34 |             FileGroup::Text => WasmFileGroup::Text,
35 |             FileGroup::Calendar => WasmFileGroup::Calendar,
36 |             FileGroup::Pdf => WasmFileGroup::Pdf,
37 |             FileGroup::Word => WasmFileGroup::Word,
38 |             FileGroup::PowerPoint => WasmFileGroup::PowerPoint,
39 |             FileGroup::Excel => WasmFileGroup::Excel,
40 |             FileGroup::Document => WasmFileGroup::Document,
41 |             FileGroup::Unknown => WasmFileGroup::Unknown,
42 |         }
43 |     }
44 | }
45 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/ui/login.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::login::Login;
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub struct WasmLogin {
 9 |     title: String,
10 |     username: String,
11 |     password: String,
12 |     totp: Option<String>,
13 |     urls: Vec<String>,
14 | }
15 | 
16 | impl From<WasmLogin> for Login {
17 |     fn from(value: WasmLogin) -> Self {
18 |         Login {
19 |             title: value.title,
20 |             username: value.username,
21 |             password: value.password,
22 |             totp: value.totp,
23 |             urls: value.urls,
24 |         }
25 |     }
26 | }
27 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/ui/mod.rs:
--------------------------------------------------------------------------------
 1 | use crate::ui::file::WasmFileGroup;
 2 | use crate::ui::wifi::WasmWifiSecurity;
 3 | use creditcard::*;
 4 | use login::WasmLogin;
 5 | use proton_pass_common::file::{get_file_group_from_mime_type, get_mime_type_from_content, sanitize_name};
 6 | use proton_pass_common::wifi::generate_wifi_uri;
 7 | use wasm_bindgen::prelude::*;
 8 | 
 9 | mod creditcard;
10 | mod file;
11 | mod login;
12 | mod wifi;
13 | 
14 | #[wasm_bindgen]
15 | pub fn is_email_valid(email: String) -> bool {
16 |     proton_pass_common::email::is_email_valid(&email)
17 | }
18 | 
19 | #[wasm_bindgen]
20 | pub fn validate_alias_prefix(prefix: String) -> Result<(), JsError> {
21 |     match proton_pass_common::alias_prefix::validate_alias_prefix(&prefix) {
22 |         Ok(_) => Ok(()),
23 |         Err(e) => Err(e.into()),
24 |     }
25 | }
26 | 
27 | #[wasm_bindgen]
28 | pub fn validate_login_obj(login: WasmLogin) -> Result<(), JsError> {
29 |     match proton_pass_common::login::validate_login(login.into()) {
30 |         Ok(_) => Ok(()),
31 |         Err(e) => Err(e.into()),
32 |     }
33 | }
34 | 
35 | #[wasm_bindgen]
36 | pub fn get_root_domain(input: String) -> Result<String, JsError> {
37 |     Ok(proton_pass_common::domain::get_root_domain(&input)?)
38 | }
39 | 
40 | #[wasm_bindgen]
41 | pub fn get_domain(input: String) -> Result<String, JsError> {
42 |     Ok(proton_pass_common::domain::get_domain(&input)?)
43 | }
44 | 
45 | #[wasm_bindgen]
46 | pub fn detect_credit_card_type(card_number: String) -> WasmCreditCardType {
47 |     let detector = CreditCardDetector::default();
48 |     let detected = detector.detect(&card_number);
49 |     detected.into()
50 | }
51 | 
52 | #[wasm_bindgen]
53 | pub fn file_group_from_mime_type(mime_type: String) -> WasmFileGroup {
54 |     WasmFileGroup::from(get_file_group_from_mime_type(&mime_type))
55 | }
56 | 
57 | #[wasm_bindgen]
58 | pub fn mime_type_from_content(content: js_sys::Uint8Array) -> String {
59 |     let as_vec = content.to_vec();
60 |     get_mime_type_from_content(&as_vec)
61 | }
62 | 
63 | #[wasm_bindgen]
64 | pub fn sanitize_filename(name: String, windows: bool) -> String {
65 |     sanitize_name(&name, windows)
66 | }
67 | 
68 | #[wasm_bindgen]
69 | pub fn generate_wifi_svg_qr_code(
70 |     ssid: String,
71 |     password: String,
72 |     security: WasmWifiSecurity,
73 | ) -> Result<String, JsError> {
74 |     let uri = generate_wifi_uri(&ssid, &password, security.into()).map_err(|e| JsError::from(e))?;
75 |     generate_svg_qr_code(uri)
76 | }
77 | 
78 | #[wasm_bindgen]
79 | pub fn generate_svg_qr_code(value: String) -> Result<String, JsError> {
80 |     proton_pass_common::qr::generate_svg_qr_code(&value).map_err(|e| e.into())
81 | }
82 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/ui/wifi.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::wifi::WifiSecurity;
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | 
 5 | #[derive(Tsify, Deserialize, Serialize)]
 6 | #[tsify(into_wasm_abi, from_wasm_abi)]
 7 | pub enum WasmWifiSecurity {
 8 |     Unspecified,
 9 |     WPA,
10 |     WPA2,
11 |     WPA3,
12 |     WEP,
13 | }
14 | 
15 | impl Into<WifiSecurity> for WasmWifiSecurity {
16 |     fn into(self) -> WifiSecurity {
17 |         match self {
18 |             WasmWifiSecurity::Unspecified => WifiSecurity::Unspecified,
19 |             WasmWifiSecurity::WPA => WifiSecurity::WPA,
20 |             WasmWifiSecurity::WPA2 => WifiSecurity::WPA2,
21 |             WasmWifiSecurity::WPA3 => WifiSecurity::WPA3,
22 |             WasmWifiSecurity::WEP => WifiSecurity::WEP,
23 |         }
24 |     }
25 | }
26 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/worker/mod.rs:
--------------------------------------------------------------------------------
 1 | use std::collections::HashMap;
 2 | use wasm_bindgen::prelude::*;
 3 | 
 4 | use crate::common::{vec_to_uint8_array, WasmBoolDict};
 5 | use passkey::WasmCreatePasskeyData;
 6 | use passkey::{PasskeyManager, WasmGeneratePasskeyResponse, WasmResolvePasskeyChallengeResponse};
 7 | 
 8 | mod passkey;
 9 | mod totp;
10 | 
11 | #[wasm_bindgen]
12 | pub fn twofa_domain_eligible(domain: String) -> bool {
13 |     proton_pass_common::twofa::TwofaDomainChecker::twofa_domain_eligible(&domain)
14 | }
15 | 
16 | #[wasm_bindgen]
17 | pub fn twofa_domains_eligible(domains: Vec<String>) -> WasmBoolDict {
18 |     let mut dict: HashMap<String, bool> = HashMap::new();
19 | 
20 |     for domain in domains {
21 |         let elligible = proton_pass_common::twofa::TwofaDomainChecker::twofa_domain_eligible(&domain);
22 |         dict.insert(domain, elligible);
23 |     }
24 | 
25 |     WasmBoolDict(dict)
26 | }
27 | 
28 | #[wasm_bindgen]
29 | pub fn create_new_user_invite_signature_body(email: String, vault_key: js_sys::Uint8Array) -> js_sys::Uint8Array {
30 |     let vault_key_as_vec = vault_key.to_vec();
31 |     let res = proton_pass_common::invite::create_signature_body(&email, vault_key_as_vec);
32 |     vec_to_uint8_array(res)
33 | }
34 | 
35 | #[wasm_bindgen]
36 | pub async fn generate_passkey(domain: String, request: String) -> Result<WasmGeneratePasskeyResponse, JsError> {
37 |     Ok(PasskeyManager::generate_passkey(domain, request).await?)
38 | }
39 | 
40 | #[wasm_bindgen]
41 | pub async fn resolve_passkey_challenge(
42 |     domain: String,
43 |     passkey: js_sys::Uint8Array,
44 |     request: String,
45 | ) -> Result<WasmResolvePasskeyChallengeResponse, JsError> {
46 |     let passkey_as_vec = passkey.to_vec();
47 |     Ok(PasskeyManager::resolve_challenge(domain, passkey_as_vec, request).await?)
48 | }
49 | 
50 | #[wasm_bindgen]
51 | pub fn parse_create_passkey_data(request: String) -> Result<WasmCreatePasskeyData, JsError> {
52 |     Ok(PasskeyManager::parse_create_request(request)?)
53 | }
54 | 


--------------------------------------------------------------------------------
/proton-pass-web/src/worker/totp.rs:
--------------------------------------------------------------------------------
 1 | use proton_pass_common::totp::{algorithm::Algorithm, totp::TOTP};
 2 | use serde::{Deserialize, Serialize};
 3 | use tsify_next::Tsify;
 4 | use wasm_bindgen::prelude::*;
 5 | 
 6 | #[derive(Tsify, Deserialize, Serialize)]
 7 | #[tsify(into_wasm_abi, from_wasm_abi)]
 8 | pub enum TotpAlgorithm {
 9 |     SHA1,
10 |     SHA256,
11 |     SHA512,
12 | }
13 | 
14 | impl From<Algorithm> for TotpAlgorithm {
15 |     fn from(value: Algorithm) -> Self {
16 |         match value {
17 |             Algorithm::SHA1 => TotpAlgorithm::SHA1,
18 |             Algorithm::SHA256 => TotpAlgorithm::SHA256,
19 |             Algorithm::SHA512 => TotpAlgorithm::SHA512,
20 |         }
21 |     }
22 | }
23 | 
24 | #[derive(Tsify, Deserialize, Serialize)]
25 | #[tsify(into_wasm_abi, from_wasm_abi)]
26 | pub struct ParsedTotp {
27 |     pub label: Option<String>,
28 |     pub secret: String,
29 |     pub issuer: Option<String>,
30 |     pub algorithm: Option<TotpAlgorithm>,
31 |     pub digits: Option<u8>,
32 |     pub period: Option<u16>,
33 | }
34 | 
35 | impl From<TOTP> for ParsedTotp {
36 |     fn from(value: TOTP) -> Self {
37 |         Self {
38 |             label: value.label,
39 |             secret: value.secret,
40 |             issuer: value.issuer,
41 |             algorithm: value.algorithm.map(TotpAlgorithm::from),
42 |             digits: value.digits,
43 |             period: value.period,
44 |         }
45 |     }
46 | }
47 | 
48 | #[derive(Tsify, Deserialize, Serialize)]
49 | #[tsify(into_wasm_abi, from_wasm_abi)]
50 | pub struct TotpCode {
51 |     pub totp: ParsedTotp,
52 |     pub token: String,
53 |     pub timestamp: u64,
54 | }
55 | 
56 | #[wasm_bindgen]
57 | pub fn generate_totp(uri: String, current_time: u64) -> Result<TotpCode, JsError> {
58 |     let totp = TOTP::from_uri(&uri)?;
59 |     let token = totp.generate_token(current_time)?;
60 |     Ok(TotpCode {
61 |         totp: totp.into(),
62 |         token,
63 |         timestamp: current_time,
64 |     })
65 | }
66 | 


--------------------------------------------------------------------------------
/proton-pass-web/test/README.md:
--------------------------------------------------------------------------------
 1 | # protonpasswebtest
 2 | 
 3 | To install dependencies:
 4 | 
 5 | ```bash
 6 | bun install
 7 | ```
 8 | 
 9 | To run:
10 | 
11 | ```bash
12 | bun run index.ts
13 | ```
14 | 
15 | This project was created using `bun init` in bun v1.0.18. [Bun](https://bun.sh) is a fast all-in-one JavaScript runtime.
16 | 


--------------------------------------------------------------------------------
/proton-pass-web/test/bun.lockb:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/protonpass/proton-pass-common/bc3a39fea5a8a3553a041dc2a2560a8eb07fda7b/proton-pass-web/test/bun.lockb


--------------------------------------------------------------------------------
/proton-pass-web/test/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "protonpasswebtest",
 3 |   "module": "index.ts",
 4 |   "type": "module",
 5 |   "devDependencies": {
 6 |     "bun-types": "latest"
 7 |   },
 8 |   "peerDependencies": {
 9 |     "typescript": "^5.0.0"
10 |   }
11 | }
12 | 


--------------------------------------------------------------------------------
/proton-pass-web/test/proton-pass-web-password.spec.ts:
--------------------------------------------------------------------------------
 1 | import { describe, expect, test } from "bun:test";
 2 | import * as packageJSON from "./pkg/package.json";
 3 | 
 4 | import {
 5 |     generate_passphrase,
 6 |     library_version,
 7 |     random_words,
 8 | } from "./pkg/password";
 9 | 
10 | describe("ProtonPassWeb WASM", () => {
11 |     test("Library version", () => {
12 |         expect(library_version()).toEqual(packageJSON.version);
13 |     });
14 | 
15 |     test("Should create passphrase", () => {
16 |         const words = random_words(3);
17 |         const passphrase = generate_passphrase(words, {
18 |             separator: "Hyphens",
19 |             capitalise: true,
20 |             include_numbers: true,
21 |             count: 3,
22 |         });
23 | 
24 |         expect(passphrase).not.toBeUndefined();
25 |     });
26 | });


--------------------------------------------------------------------------------
/proton-pass-web/test/proton-pass-web-ui.spec.ts:
--------------------------------------------------------------------------------
 1 | import { describe, expect, test } from "bun:test";
 2 | import * as packageJSON from "./pkg/package.json";
 3 | 
 4 | import {
 5 |     detect_credit_card_type,
 6 |     get_domain,
 7 |     get_root_domain,
 8 |     library_version
 9 | } from "./pkg/ui";
10 | 
11 | describe("ProtonPassWeb WASM", () => {
12 |     test("Library version", () => {
13 |         expect(library_version()).toEqual(packageJSON.version);
14 |     });
15 | 
16 |     test("Should detect CC", () => {
17 |         const cardType = detect_credit_card_type("4000056655665556");
18 |         expect(cardType).toEqual("Visa");
19 |     });
20 | 
21 |     test("Can extract root domain", () => {
22 |         const response = get_root_domain("https://test.example.com");
23 |         expect(response).toEqual("example.com");
24 |     });
25 | 
26 |     test("Can extract domain domain", () => {
27 |         const response = get_domain("https://test.example.com/path?key=value");
28 |         expect(response).toEqual("test.example.com");
29 |     });
30 | });
31 | 


--------------------------------------------------------------------------------
/proton-pass-web/test/tsconfig.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "compilerOptions": {
 3 |     "lib": ["ESNext"],
 4 |     "module": "esnext",
 5 |     "target": "esnext",
 6 |     "moduleResolution": "bundler",
 7 |     "moduleDetection": "force",
 8 |     "allowImportingTsExtensions": true,
 9 |     "noEmit": true,
10 |     "composite": true,
11 |     "strict": true,
12 |     "downlevelIteration": true,
13 |     "skipLibCheck": true,
14 |     "jsx": "react-jsx",
15 |     "allowSyntheticDefaultImports": true,
16 |     "forceConsistentCasingInFileNames": true,
17 |     "allowJs": true,
18 |     "types": ["bun-types"]
19 |   },
20 |   "include": ["./pkg/**/*"]
21 | }
22 | 


--------------------------------------------------------------------------------
/release.toml:
--------------------------------------------------------------------------------
1 | push = false
2 | consolidate-commits = true
3 | pre-release-commit-message = "(cargo-release) Bump version"
4 | tag = false
5 | publish = false
6 | 


--------------------------------------------------------------------------------
/rustfmt.toml:
--------------------------------------------------------------------------------
1 | max_width = 120
2 | 


--------------------------------------------------------------------------------
/tools/custom2faDomains.txt:
--------------------------------------------------------------------------------
1 | google.com


--------------------------------------------------------------------------------
/tools/excluded2faDomains.txt:
--------------------------------------------------------------------------------
1 | proton.me
2 | 


--------------------------------------------------------------------------------
/tools/generate2FADomains.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3
 2 | 
 3 | import json
 4 | import urllib.request
 5 | from os import path
 6 | 
 7 | # URL to download the JSON data from
 8 | url = "https://api.2fa.directory/v3/totp.json"
 9 | 
10 | CUSTOM_DOMAINS_FILE = path.abspath(path.join(path.dirname(__file__), 'custom2faDomains.txt'))
11 | EXCLUDE_DOMAINS_FILE = path.abspath(path.join(path.dirname(__file__), 'excluded2faDomains.txt'))
12 | DEFAULT_DST = path.abspath(path.join(__file__, "../../proton-pass-common", "2faDomains.txt"))
13 | 
14 | # Send a GET request to the URL
15 | req = urllib.request.Request(url, headers={'Accept': 'application/json', 'User-Agent': 'curl/7.81.0'})
16 | response = urllib.request.urlopen(req)
17 | 
18 | excluded_domains = []
19 | with open(EXCLUDE_DOMAINS_FILE, 'r') as f:
20 |     excluded_domains = [domain.strip() for domain in f.readlines() if domain.strip()]
21 | 
22 | # Check if the request was successful
23 | if response.status == 200:
24 |     # Load JSON data from the response
25 | 
26 |     body = response.read()
27 |     text = body.decode('utf-8')
28 | 
29 |     data = json.loads(text)
30 | 
31 |     # Extract domains
32 |     domains = []
33 |     for item in data:
34 |         if isinstance(item, list) and len(item) > 1 and 'domain' in item[1]:
35 |             domain = item[1]['domain']
36 |             if domain not in excluded_domains:
37 |                 domains.append(domain)
38 | 
39 |     # Open the custom domains file in read mode
40 |     with open(CUSTOM_DOMAINS_FILE, 'r') as file:
41 |         for line in file.readlines():
42 |             custom_domain = line.strip()
43 |             if custom_domain not in excluded_domains:
44 |                 domains.append(custom_domain)
45 | 
46 |     clean_domains = sorted(list(set(domains)))
47 | 
48 |     # Save domains to a text file
49 |     with open(DEFAULT_DST, 'w') as file:
50 |         for domain in clean_domains:
51 |             file.write(domain + '\n')
52 | 
53 |     print("Domains have been extracted and saved to domains.txt")
54 | else:
55 |     print(f"Failed to download the JSON data. Status code: {response.status_code}")
56 | 


--------------------------------------------------------------------------------
/tools/generateCommonPasswordList.py:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env python3
 2 | 
 3 | from os import path
 4 | from typing import List
 5 | 
 6 | import urllib.request
 7 | import sys
 8 | 
 9 | 
10 | WORDLISTS = [
11 |   "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/xato-net-10-million-passwords-1000.txt",
12 |   "https://raw.githubusercontent.com/danielmiessler/SecLists/master/Passwords/darkweb2017-top10000.txt"
13 | ]
14 | 
15 | DEFAULT_DST = path.abspath(path.join(__file__, "../../proton-pass-common", "passwords.txt"))
16 | 
17 | def download_list(url: str) -> List[str]:
18 |      response = urllib.request.urlopen(url)
19 |      data = response.read()
20 |      text = data.decode('utf-8')
21 |      lines = []
22 |      for line in text.split('\n'):
23 |         stripped = line.strip().replace("'", "")
24 |         if len(stripped) > 3:
25 |             lines.append(stripped.lower())
26 |      return lines
27 | 
28 | def main(dst: str):
29 |     # Download all the wordlists
30 |     wordlists = [download_list(l) for l in WORDLISTS]
31 | 
32 |     # Combine all the words
33 |     words = [word for wordlist in wordlists for word in wordlist]
34 | 
35 |     # Dedup
36 |     deduped_words = sorted(list(set(words)))
37 | 
38 |     # Sort by length
39 |     sorted_by_length = reversed(sorted(deduped_words, key=len))
40 | 
41 |     # Write
42 |     with open(dst, 'w') as f:
43 |         f.write("\n".join(sorted_by_length))
44 | 
45 |     print(f"Wrote the passwords file to {dst}")
46 | 
47 | if __name__ == '__main__':
48 |     dst = DEFAULT_DST
49 |     if len(sys.argv) == 2:
50 |         if sys.argv[1] in ["-h", "--help"]:
51 |             print(f"{sys.argv[0]} DST_FILE")
52 |             print(f"(defaults to {DEFAULT_DST})")
53 |             sys.exit(0)
54 |         else:
55 |             dst = sys.argv[1]
56 |     if len(sys.argv) > 2:
57 |         print(f"Bad usage:\n\t{sys.argv[0]} DST_FILE")
58 |         sys.exit(1)
59 | 
60 |     main(dst)


--------------------------------------------------------------------------------
/tools/icon_fetcher/Cargo.toml:
--------------------------------------------------------------------------------
 1 | [package]
 2 | name = "icon_fetcher"
 3 | version = "0.22.0"
 4 | edition = "2021"
 5 | 
 6 | [dependencies]
 7 | 
 8 | # Async runtime
 9 | tokio = { version = "1.44.0", features = ["full"] }
10 | tokio-stream = "0.1.17"
11 | 
12 | # HTTP client
13 | reqwest = { version = "0.12.15", features = ["json", "stream", "rustls-tls", "blocking"] }
14 | 
15 | # Futures
16 | futures = "0.3.31"
17 | 
18 | # Serialization
19 | serde = { version = "1.0.219", features = ["derive"] }
20 | toml = "0.8.20"
21 | 
22 | # Progress bar
23 | indicatif = "0.17.11"
24 | once_cell = "1.21.1"
25 | regex = "1.11.1"
26 | 
27 | 


--------------------------------------------------------------------------------
/tools/icon_fetcher/config.toml:
--------------------------------------------------------------------------------
1 | output_file = "proton-authenticator/resources/issuerInfos.txt"
2 | domains_file = "proton-pass-common/2faDomains.txt"
3 | max_parallel = 10
4 | timeout_secs = 5
5 | 


--------------------------------------------------------------------------------