Moved encryption/decryption functions from portfolio to rc4

1 files changed, 61 insertions, 2 deletions

diff --git a/rc4.c b/rc4.c
index 4fc722079ecb..559359a22ee5 100644
--- a/rc4.c
+++ b/rc4.c
@@ -1,6 +1,7 @@
 #include "rc4.h"
+#include "portfolio.h"
 
-char* rc4_getPassword(void) {
+char* rc4_ncurses_get_password(void) {
     unsigned char* pass = malloc(PASS_MAX + 1);
     pointer_alloc_check(pass);
     initscr();
@@ -27,7 +28,7 @@ char* rc4_getPassword(void) {
     return (char*) pass;
 }
 
-void rc4_encode_string(String* pString, char* password) {
+void rc4_encode_string(String* pString, char password[PASS_MAX]) {
     int keySchedule[256];
     size_t key_len = strlen(password);
     int j = 0, out;
@@ -55,4 +56,62 @@ void rc4_encode_string(String* pString, char* password) {
         out = (unsigned char) keySchedule[(keySchedule[i] + keySchedule[j]) % KEY_SCHEDULE_LENGTH];
         pString->data[k] ^= out; // XOR to encode/decode
     }
+}
+
+int rc4_ncurses_decrypt_string(String* pString, char** password_ref) {
+    int status = 1;
+    Json* jobj = json_tokener_parse(pString->data); // Make sure portfolio is JSON formatted
+    if (jobj == NULL || !json_object_is_type(jobj, json_type_array)) { // if not JSON array, decrypt
+        char* password = rc4_ncurses_get_password();
+        puts("Decrypting portfolio...");
+        rc4_encode_string(pString, password); // Decode using password
+        jobj = json_tokener_parse(pString->data);
+        if (jobj == NULL || !json_object_is_type(jobj, json_type_array)) { // Wrong pw if not JSON[]
+            puts("Wrong password!");
+            status = 0; // false
+            free(password);
+        } else if (password_ref != NULL) // If provided a string reference, strcpy
+            *password_ref = password; // This is used for re-encrypting the portfolio
+        else free(password);
+    }
+    json_object_put(jobj);
+    return status;
+}
+
+void portfolio_write_encrypt_decrypt(int crypt_opt) {
+    char* password = NULL;
+    String* pString = file_get_string(portfolio_file_path);
+    if (pString == NULL) // Error reading portfolio
+        return;
+
+    if (!rc4_ncurses_decrypt_string(pString, &password)) // Error decrypting
+        goto cleanup;
+
+    if (crypt_opt == ENCRYPT && password != NULL) // Trying to encrypt an encrypted portfolio
+        GOTO_CLEAN_MSG("Portfolio is already encrypted.")
+
+    if (crypt_opt == DECRYPT && password == NULL) // Trying to decrypt a plaintext portfolio
+        GOTO_CLEAN_MSG("Portfolio isn't encrypted.")
+
+    if (crypt_opt == DECRYPT) {
+        string_write_file(pString, portfolio_file_path);
+        GOTO_CLEAN_MSG("Decrypted successfully")
+    }
+
+    // ENCRYPT
+    password = rc4_ncurses_get_password();
+    puts("You will be asked to enter your password again to make sure the entries match.");
+    sleep(2); // Sleep so user can read above message before ncurses initscr()
+    char* password_check = rc4_ncurses_get_password(); // Get password a second time
+    if (strcmp(password, password_check) != 0) { // Make sure the two passwords are the same
+        free(password_check);
+        GOTO_CLEAN_MSG("Passwords do not match!")
+    }
+    rc4_encode_string(pString, password);
+    string_write_file(pString, portfolio_file_path);
+    puts("Encrypted successfully");
+    free(password_check);
+    cleanup: // CLEANUP
+    free(password);
+    string_destroy(&pString);
 }
\ No newline at end of file