passwordfile.cpp

Go to the documentation of this file.

#include "./passwordfile.h"
#include "./cryptoexception.h"
#include "./entry.h"
#include "./parsingexception.h"
 
#include "../util/openssl.h"
 
#include <c++utilities/conversion/stringbuilder.h>
#include <c++utilities/conversion/stringconversion.h>
#include <c++utilities/io/path.h>
 
#include <openssl/conf.h>
#include <openssl/crypto.h>
#include <openssl/err.h>
#include <openssl/evp.h>
#include <openssl/rand.h>
 
#include <zlib.h>
 
#include <cstring>
#include <filesystem>
#include <fstream>
#include <functional>
#include <iostream>
#include <limits>
#include <memory>
#include <sstream>
#include <type_traits>
 
using namespace std;
using namespace CppUtilities;
 
namespace Io {
 
constexpr auto aes256cbcIvSize = 16U;
constexpr auto aes256blockSize = 32U;
constexpr auto aes256additionalBufferSize = aes256blockSize * 2U;
 
enum class ExtendedHeaderFieldIds : std::uint32_t {
    AuthTag = 0x686D6163U,
};
 
constexpr auto authTagSize = Util::OpenSsl::Sha256Sum::size; // HMAC-SHA256
constexpr auto extendedHeaderFieldIdSize = sizeof(std::underlying_type<ExtendedHeaderFieldIds>::type);
constexpr auto extendedAuthTagSize = extendedHeaderFieldIdSize + authTagSize;


PasswordFile::PasswordFile()
    : m_freader(BinaryReader(&m_file))
    , m_fwriter(BinaryWriter(&m_file))
    , m_version(0)
    , m_openOptions(PasswordFileOpenFlags::None)
    , m_saveOptions(PasswordFileSaveFlags::None)
{
    m_file.exceptions(ios_base::failbit | ios_base::badbit);
    clearPassword();
}

PasswordFile::PasswordFile(const string &path, const string &password)
    : m_freader(BinaryReader(&m_file))
    , m_fwriter(BinaryWriter(&m_file))
    , m_version(0)
    , m_openOptions(PasswordFileOpenFlags::None)
    , m_saveOptions(PasswordFileSaveFlags::None)
{
    m_file.exceptions(ios_base::failbit | ios_base::badbit);
    setPath(path);
    setPassword(password);
}

PasswordFile::PasswordFile(const PasswordFile &other)
    : m_path(other.m_path)
    , m_password(other.m_password)
    , m_rootEntry(other.m_rootEntry ? make_unique<NodeEntry>(*other.m_rootEntry) : nullptr)
    , m_extendedHeader(other.m_extendedHeader)
    , m_encryptedExtendedHeader(other.m_encryptedExtendedHeader)
    , m_freader(BinaryReader(&m_file))
    , m_fwriter(BinaryWriter(&m_file))
    , m_version(other.m_version)
    , m_openOptions(other.m_openOptions)
    , m_saveOptions(other.m_saveOptions)
{
    m_file.exceptions(ios_base::failbit | ios_base::badbit);
}

PasswordFile::PasswordFile(PasswordFile &&other)
    : m_path(std::move(other.m_path))
    , m_password(std::move(other.m_password))
    , m_rootEntry(std::move(other.m_rootEntry))
    , m_extendedHeader(std::move(other.m_extendedHeader))
    , m_encryptedExtendedHeader(std::move(other.m_encryptedExtendedHeader))
    , m_file(std::move(other.m_file))
    , m_freader(BinaryReader(&m_file))
    , m_fwriter(BinaryWriter(&m_file))
    , m_version(other.m_version)
    , m_openOptions(other.m_openOptions)
    , m_saveOptions(other.m_saveOptions)
{
}

PasswordFile::~PasswordFile()
{
}

void PasswordFile::open(PasswordFileOpenFlags options)
{
    if (options & PasswordFileOpenFlags::New) {
        return create();
    }
    close();
    if (m_path.empty()) {
        throw std::ios_base::failure("Unable to open file because path is empty.");
    }
    m_file.open(
        m_path, options & PasswordFileOpenFlags::ReadOnly ? ios_base::in | ios_base::binary : ios_base::in | ios_base::out | ios_base::binary);
    m_openOptions = options;
    opened();
}

void PasswordFile::opened()
{
    m_file.seekg(0, ios_base::end);
    if (m_file.tellg() == 0) {
        throw std::ios_base::failure("File is empty.");
    } else {
        m_file.seekg(0);
    }
}

void PasswordFile::generateRootEntry()
{
    if (!m_rootEntry) {
        m_rootEntry.reset(new NodeEntry("accounts"));
    }
}

void PasswordFile::create()
{
    close();
    if (m_path.empty()) {
        throw std::ios_base::failure("Unable to create file because path is empty.");
    }
    m_file.open(m_path, fstream::out | fstream::trunc | fstream::binary);
    m_openOptions += PasswordFileOpenFlags::New;
}

void PasswordFile::load()
{
    if (!m_file.is_open()) {
        open();
    }
    m_file.seekg(0);
    m_version = 0;
    m_saveOptions = PasswordFileSaveFlags::None;
 
    // check magic number
    if (m_freader.readUInt32LE() != 0x7770616DU) {
        throw ParsingException("Signature not present.");
    }
 
    // check version and flags (used in version 0x3 only)
    m_version = m_freader.readUInt32LE();
    if (m_version > 0x6U) {
        throw ParsingException(argsToString("Version \"", m_version, "\" is unknown. Only versions 0 to 6 are supported."));
    }
    auto decrypterUsed = false, ivUsed = false, compressionUsed = false, hmacUsed = false;
    if (m_version >= 0x3U) {
        const auto flags = m_freader.readByte();
        if ((decrypterUsed = flags & 0x80)) {
            m_saveOptions |= PasswordFileSaveFlags::Encryption;
        }
        if ((compressionUsed = flags & 0x20)) {
            m_saveOptions |= PasswordFileSaveFlags::Compression;
        }
        if ((hmacUsed = flags & 0x10)) {
            m_saveOptions |= PasswordFileSaveFlags::AuthenticationTag;
        }
        ivUsed = flags & 0x40;
    } else {
        if ((decrypterUsed = m_version >= 0x1U)) {
            m_saveOptions |= PasswordFileSaveFlags::Encryption;
        }
        ivUsed = m_version == 0x2U;
    }
 
    // read extended header
    auto authTag = std::vector<char>();
    if (m_version >= 0x4U) {
        auto extendedHeaderSize = static_cast<std::size_t>(m_freader.readUInt16BE());
        if (extendedHeaderSize >= extendedHeaderFieldIdSize) {
            switch (static_cast<ExtendedHeaderFieldIds>(m_freader.readUInt32BE())) {
            case ExtendedHeaderFieldIds::AuthTag:
                // read authentication tag which will always be written as first extended field if present
                // note: A stale auth tag might be present if `!hmacUsed`. This can happen if a file is saved with a tag and
                //       then re-saved with a version of this library that does not support tags yet. Then the tag is preserved
                //       as unknown extended data when re-saving but not updated. In this case the tag is ignored and discared
                //       when re-saving with this version of the code. The file is treated as if no tag was present at all.
                if ((extendedHeaderSize -= extendedHeaderFieldIdSize) < authTagSize) {
                    throw ParsingException("Authentication tag is truncated.");
                }
                authTag.resize(authTagSize);
                m_file.read(authTag.data(), authTagSize);
                extendedHeaderSize -= authTagSize;
                break;
            default:
                // ignore unknown field (probably written by a future version of this library)
                m_file.seekg(-static_cast<std::streamoff>(extendedHeaderFieldIdSize));
                break;
            }
        }
        // read remaining unknown fields to preserve them
        m_extendedHeader = m_freader.readString(extendedHeaderSize);
    } else {
        m_extendedHeader.clear();
    }
 
    // verify whether auth tag is present if flags indicate presence
    if (hmacUsed && authTag.empty()) {
        throw ParsingException("Authentication tag is missing.");
    }
 
    // get length
    const auto headerSize = static_cast<size_t>(m_file.tellg());
    m_file.seekg(0, ios_base::end);
    auto remainingSize = static_cast<size_t>(m_file.tellg()) - headerSize;
    m_file.seekg(static_cast<streamoff>(headerSize), ios_base::beg);
 
    // read hash count (always present for version >= 6 when encrypted)
    auto hashCount = std::uint32_t();
    if (m_version >= 0x6U && decrypterUsed) {
        if (remainingSize < 4) {
            throw ParsingException("Hash count truncated.");
        }
        hashCount = m_freader.readUInt32BE();
        remainingSize -= 4;
        if (hashCount) {
            m_saveOptions |= PasswordFileSaveFlags::PasswordHashing;
        }
    }
 
    // read IV
    unsigned char iv[aes256cbcIvSize] = { 0 };
    if (decrypterUsed && ivUsed) {
        if (remainingSize < aes256cbcIvSize) {
            throw ParsingException("Initiation vector is truncated.");
        }
        m_file.read(reinterpret_cast<char *>(iv), aes256cbcIvSize);
        remainingSize -= aes256cbcIvSize;
    }
    if (!remainingSize) {
        throw ParsingException("No contents found.");
    }
 
    // decrypt contents
    auto rawData = std::vector<char>();
    m_freader.read(rawData, static_cast<streamoff>(remainingSize));
    auto decryptedData = std::vector<char>();
 
    if (decrypterUsed) {
        if (remainingSize > numeric_limits<int>::max()) {
            throw CryptoException("Size exceeds limit.");
        }
 
        // prepare password
        auto password = Util::OpenSsl::Sha256Sum();
        if (hashCount) {
            // hash the password as often as it has been hashed when writing the file
            password = Util::OpenSsl::computeSha256Sum(reinterpret_cast<unsigned const char *>(m_password.data()), m_password.size());
            for (uint32_t i = 1; i < hashCount; ++i) {
                password = Util::OpenSsl::computeSha256Sum(password.data, Util::OpenSsl::Sha256Sum::size);
            }
        } else {
            m_password.copy(reinterpret_cast<char *>(password.data), Util::OpenSsl::Sha256Sum::size);
        }
 
        // verify HMAC-SHA256 authentication tag (version >= 7)
        if (hmacUsed) {
            auto hmacInput = std::vector<unsigned char>();
            hmacInput.reserve(static_cast<std::size_t>(aes256cbcIvSize) + rawData.size());
            hmacInput.insert(hmacInput.end(), iv, iv + aes256cbcIvSize);
            hmacInput.insert(hmacInput.end(), rawData.begin(), rawData.end());
            const auto expectedTag = Util::OpenSsl::computeHmacSha256(
                password.data, Util::OpenSsl::Sha256Sum::size, hmacInput.data(), hmacInput.size());
            if (CRYPTO_memcmp(authTag.data(), expectedTag.data, authTagSize) != 0) {
                throw CryptoException("Authentication failed: data integrity check failed (wrong password or file corrupted).");
            }
        }
 
        // initiate ctx, decrypt data
        EVP_CIPHER_CTX *ctx = nullptr;
        decryptedData.resize(remainingSize + aes256additionalBufferSize);
        auto outlen1 = int(), outlen2 = int();
        if ((ctx = EVP_CIPHER_CTX_new()) == nullptr || EVP_DecryptInit_ex(ctx, EVP_aes_256_cbc(), nullptr, password.data, iv) != 1
            || EVP_DecryptUpdate(ctx, reinterpret_cast<unsigned char *>(decryptedData.data()), &outlen1,
                   reinterpret_cast<unsigned char *>(rawData.data()), static_cast<int>(remainingSize))
                != 1
            || EVP_DecryptFinal_ex(ctx, reinterpret_cast<unsigned char *>(decryptedData.data()) + outlen1, &outlen2) != 1) {
            // handle decryption error
            if (ctx) {
                EVP_CIPHER_CTX_free(ctx);
            }
            auto msg = std::string();
            auto errorCode = ERR_get_error();
            while (errorCode) {
                if (!msg.empty()) {
                    msg += "\n";
                }
                msg += ERR_error_string(errorCode, nullptr);
                errorCode = ERR_get_error();
            }
            throw CryptoException(std::move(msg));
        }
 
        if (ctx) {
            EVP_CIPHER_CTX_free(ctx);
        }
        const auto decryptedSize = outlen1 + outlen2;
        if (decryptedSize < 0) {
            throw CryptoException("Decrypted size is negative.");
        }
        remainingSize = static_cast<size_t>(decryptedSize);
        if (!remainingSize) {
            throw ParsingException("Decrypted buffer is empty.");
        }
 
    } else {
        // use raw data directly if not encrypted
        decryptedData.swap(rawData);
    }
 
    // decompress
    if (compressionUsed) {
        if (remainingSize < 8) {
            throw ParsingException("File is truncated (decompressed size expected).");
        }
        if (remainingSize > numeric_limits<uLongf>::max()) {
            throw CryptoException("Size exceeds limit.");
        }
        const auto rawDecompressedSize = LE::toUInt64(decryptedData.data());
        if (rawDecompressedSize > numeric_limits<uLongf>::max()) {
            throw ParsingException("Decompressed size exceeds limit.");
        }
        auto decompressedSize = static_cast<uLongf>(rawDecompressedSize);
        rawData.resize(decompressedSize);
        switch (uncompress(reinterpret_cast<Bytef *>(rawData.data()), &decompressedSize, reinterpret_cast<Bytef *>(decryptedData.data() + 8),
            static_cast<uLongf>(remainingSize - 8))) {
        case Z_MEM_ERROR:
            throw ParsingException("Decompressing failed. The source buffer was too small.");
        case Z_BUF_ERROR:
            throw ParsingException("Decompressing failed. The destination buffer was too small.");
        case Z_DATA_ERROR:
            throw ParsingException("Decompressing failed. The input data was corrupted or incomplete.");
        case Z_OK:
            decryptedData.swap(rawData);
            remainingSize = decompressedSize;
        }
    }
    if (!remainingSize) {
        throw ParsingException("Decompressed buffer is empty.");
    }
 
    // parse contents
    auto decryptedStream = std::stringstream(stringstream::in | stringstream::out | stringstream::binary);
    decryptedStream.exceptions(ios_base::failbit | ios_base::badbit);
    try {
#if defined(__GLIBCXX__) && !defined(_LIBCPP_VERSION)
        decryptedStream.rdbuf()->pubsetbuf(decryptedData.data(), static_cast<streamsize>(remainingSize));
#else
        decryptedStream.write(decryptedData.data(), static_cast<streamsize>(remainingSize));
#endif
        if (m_version >= 0x5u) {
            BinaryReader reader(&decryptedStream);
            const auto extendedHeaderSize = reader.readUInt16BE();
            m_encryptedExtendedHeader = reader.readString(extendedHeaderSize);
        } else {
            m_encryptedExtendedHeader.clear();
        }
        m_rootEntry.reset(new NodeEntry(decryptedStream));
    } catch (const std::ios_base::failure &failure) {
        if (decryptedStream.eof()) {
            throw ParsingException("The file seems to be truncated.");
        }
        throw ParsingException(argsToString("An IO error occurred when reading internal buffer: ", failure.what()));
    }
}

std::uint32_t PasswordFile::mininumVersion(PasswordFileSaveFlags options) const
{
    if (options & PasswordFileSaveFlags::PasswordHashing) {
        return 0x6U; // password hashing requires at least version 6
    }
    if (!m_encryptedExtendedHeader.empty()) {
        return 0x5U; // encrypted extended header requires at least version 5
    }
    if (!m_extendedHeader.empty() || (options & PasswordFileSaveFlags::AuthenticationTag)) {
        return 0x4U; // regular extended header requires at least version 4
    }
    return 0x3U; // lowest supported version by the serializer
}

void PasswordFile::save(PasswordFileSaveFlags options)
{
    if (!m_rootEntry) {
        throw runtime_error("Root entry has not been created.");
    }
 
    // use already opened and writable file; otherwise re-open the file
    auto fileSize = std::size_t();
    if (m_file.good() && m_file.is_open() && !(m_openOptions & PasswordFileOpenFlags::ReadOnly)) {
        fileSize = size();
        m_file.seekp(0);
    } else {
        m_file.clear();
        if (m_file.is_open()) {
            m_file.close();
        }
        try {
            m_file.open(m_path, ios_base::in | ios_base::out | ios_base::trunc | ios_base::binary);
        } catch (const ios_base::failure &) {
            // try to create a new file if configured via \a options
            if (!(options & PasswordFileSaveFlags::AllowToCreateNewFile)) {
                throw;
            }
            m_file.open(m_path, ios_base::out | ios_base::trunc | ios_base::binary);
        }
    }
 
    // write entries
    write(options);
    m_file.flush();
 
    // truncate file if it became smaller
    const auto newSize = static_cast<std::size_t>(m_file.tellp());
    if (fileSize && newSize < fileSize) {
        m_file.close();
        std::filesystem::resize_file(makeNativePath(m_path), newSize);
    }
}

void PasswordFile::write(PasswordFileSaveFlags options)
{
    if (!m_rootEntry) {
        throw runtime_error("Root entry has not been created.");
    }
 
    // write magic number
    m_fwriter.writeUInt32LE(0x7770616DU);
 
    // write version
    const auto version = mininumVersion(options);
    m_fwriter.writeUInt32LE(version);
 
    // write flags
    auto flags = std::uint8_t{0x00};
    if (options & PasswordFileSaveFlags::Encryption) {
        flags |= 0x80 | 0x40;
    }
    if (options & PasswordFileSaveFlags::Compression) {
        flags |= 0x20;
    }
    if (options & PasswordFileSaveFlags::AuthenticationTag) {
        flags |= 0x10;
    }
    m_fwriter.writeByte(flags);
 
    // serialize root entry and descendants
    stringstream buffstr(stringstream::in | stringstream::out | stringstream::binary);
    buffstr.exceptions(ios_base::failbit | ios_base::badbit);
 
    // write encrypted extended header
    if (version >= 0x5U) {
        if (m_encryptedExtendedHeader.size() > numeric_limits<std::uint16_t>::max()) {
            throw runtime_error("Encrypted extended header exceeds maximum size.");
        }
        BinaryWriter buffstrWriter(&buffstr);
        buffstrWriter.writeUInt16BE(static_cast<std::uint16_t>(m_encryptedExtendedHeader.size()));
        buffstrWriter.writeString(m_encryptedExtendedHeader);
    }
    m_rootEntry->make(buffstr);
    buffstr.seekp(0, ios_base::end);
    auto size = static_cast<std::size_t>(buffstr.tellp());
    if (size > std::numeric_limits<uLong>::max()) {
        throw std::runtime_error("File size exceeds maximum size.");
    }
 
    // write the data to a buffer
    buffstr.seekg(0);
    auto decryptedData = std::vector<char>(size, 0);
    buffstr.read(decryptedData.data(), static_cast<streamoff>(size));
    auto encryptedData = std::vector<char>();
 
    // compress data
    if (options & PasswordFileSaveFlags::Compression) {
        auto compressedSize = static_cast<uLongf>(compressBound(static_cast<uLong>(size)));
        encryptedData.resize(8 + compressedSize);
        LE::getBytes(static_cast<std::uint64_t>(size), encryptedData.data());
        switch (compress(reinterpret_cast<Bytef *>(encryptedData.data() + 8), &compressedSize, reinterpret_cast<Bytef *>(decryptedData.data()),
            static_cast<uLong>(size))) {
        case Z_MEM_ERROR:
            throw runtime_error("Compressing failed. The source buffer was too small.");
        case Z_BUF_ERROR:
            throw runtime_error("Compressing failed. The destination buffer was too small.");
        case Z_OK:
            encryptedData.swap(decryptedData); // compression successful
            size = 8 + compressedSize;
        }
    }
 
    if (size > numeric_limits<int>::max()) {
        throw CryptoException("size exceeds limit");
    }
 
    // define variables for encryption
    auto password = Util::OpenSsl::Sha256Sum();
    const auto hashCount = (options & PasswordFileSaveFlags::PasswordHashing) ? Util::OpenSsl::generateRandomNumber(100000, 500000) : 0u;
    EVP_CIPHER_CTX *ctx = nullptr;
    unsigned char iv[aes256cbcIvSize];
    auto ciphertextSize = std::size_t();
 
    if (options & PasswordFileSaveFlags::Encryption) {
        // prepare password
        if (hashCount) {
            // hash password a few times
            password = Util::OpenSsl::computeSha256Sum(reinterpret_cast<unsigned const char *>(m_password.data()), m_password.size());
            for (uint32_t i = 1; i < hashCount; ++i) {
                password = Util::OpenSsl::computeSha256Sum(password.data, Util::OpenSsl::Sha256Sum::size);
            }
        } else {
            m_password.copy(reinterpret_cast<char *>(password.data), Util::OpenSsl::Sha256Sum::size);
        }
 
        // initiate ctx, encrypt data
        int outlen1, outlen2;
        encryptedData.resize(size + aes256additionalBufferSize);
        if (RAND_bytes(iv, aes256cbcIvSize) != 1 || (ctx = EVP_CIPHER_CTX_new()) == nullptr
            || EVP_EncryptInit_ex(ctx, EVP_aes_256_cbc(), nullptr, password.data, iv) != 1
            || EVP_EncryptUpdate(ctx, reinterpret_cast<unsigned char *>(encryptedData.data()), &outlen1,
                   reinterpret_cast<unsigned char *>(decryptedData.data()), static_cast<int>(size))
                != 1
            || EVP_EncryptFinal_ex(ctx, reinterpret_cast<unsigned char *>(encryptedData.data()) + outlen1, &outlen2) != 1) {
            // handle encryption error
            if (ctx) {
                EVP_CIPHER_CTX_free(ctx);
            }
            string msg;
            auto errorCode = ERR_get_error();
            while (errorCode) {
                if (!msg.empty()) {
                    msg += "\n";
                }
                msg += ERR_error_string(errorCode, nullptr);
                errorCode = ERR_get_error();
            }
            throw CryptoException(std::move(msg));
        }
        if (ctx) {
            EVP_CIPHER_CTX_free(ctx);
        }
        ciphertextSize = static_cast<std::size_t>(outlen1 + outlen2);
    }
 
    // write extended header
    if (version >= 0x4U) {
        auto extendedHeaderSize = m_extendedHeader.size();
        if (options & PasswordFileSaveFlags::AuthenticationTag) {
            extendedHeaderSize += extendedAuthTagSize;
        }
        if (extendedHeaderSize > numeric_limits<std::uint16_t>::max()) {
            throw runtime_error("Extended header exceeds maximum size.");
        }
        m_fwriter.writeUInt16BE(static_cast<std::uint16_t>(extendedHeaderSize));
 
        // write HMAC-SHA256 authentication tag
        if (options & PasswordFileSaveFlags::AuthenticationTag) {
            vector<unsigned char> hmacInput;
            hmacInput.reserve(static_cast<std::size_t>(aes256cbcIvSize) + ciphertextSize);
            hmacInput.insert(hmacInput.end(), iv, iv + aes256cbcIvSize);
            hmacInput.insert(hmacInput.end(), reinterpret_cast<const unsigned char *>(encryptedData.data()),
                reinterpret_cast<const unsigned char *>(encryptedData.data()) + ciphertextSize);
            const auto hmacTag = Util::OpenSsl::computeHmacSha256(password.data, authTagSize, hmacInput.data(), hmacInput.size());
            m_fwriter.writeUInt32BE(static_cast<std::uint32_t>(ExtendedHeaderFieldIds::AuthTag));
            m_file.write(reinterpret_cast<const char *>(hmacTag.data), authTagSize);
        }
 
        m_fwriter.writeString(m_extendedHeader);
    }
 
    // write data to file
    if (options & PasswordFileSaveFlags::Encryption) {
        if (version >= 0x6U) {
            m_fwriter.writeUInt32BE(hashCount);
        }
        m_file.write(reinterpret_cast<char *>(iv), aes256cbcIvSize);
        m_file.write(reinterpret_cast<const char *>(encryptedData.data()), static_cast<streamsize>(ciphertextSize));
    } else {
        m_file.write(decryptedData.data(), static_cast<streamsize>(size));
    }
    m_file.flush();
}

void PasswordFile::clearEntries()
{
    m_rootEntry.reset();
}

void PasswordFile::clear()
{
    close();
    clearPath();
    clearPassword();
    clearEntries();
    m_openOptions = PasswordFileOpenFlags::None;
    m_extendedHeader.clear();
    m_encryptedExtendedHeader.clear();
}

void PasswordFile::exportToTextfile(const string &targetPath) const
{
    if (!m_rootEntry) {
        throw runtime_error("Root entry has not been created.");
    }
    NativeFileStream output;
    output.exceptions(std::ios_base::failbit | std::ios_base::badbit);
    output.open(targetPath, std::ios_base::out);
    const auto printIndention = [&output](int level) {
        for (int i = 0; i < level; ++i) {
            output << "    ";
        }
    };
    auto printNode = std::function<void(const Entry *entry, int level)>();
    printNode = [&output, &printNode, &printIndention](const Entry *entry, int level) {
        printIndention(level);
        output << " - " << entry->label() << endl;
        switch (entry->type()) {
        case EntryType::Node:
            for (const Entry *child : static_cast<const NodeEntry *>(entry)->children()) {
                printNode(child, level + 1);
            }
            break;
        case EntryType::Account:
            for (const Field &field : static_cast<const AccountEntry *>(entry)->fields()) {
                printIndention(level);
                output << "    " << field.name();
                for (auto i = field.name().length(); i < 15; ++i) {
                    output << ' ';
                }
                output << field.value() << endl;
            }
        }
    };
    printNode(m_rootEntry.get(), 0);
    output.close();
}

void PasswordFile::doBackup()
{
    if (!isOpen()) {
        open();
    }
 
    // skip if the current file is empty anyways
    if (!size()) {
        return;
    }
 
    // reopen the file if it is newly created and hence still in write-only mode
    if (m_openOptions & PasswordFileOpenFlags::New) {
        auto flags = m_openOptions;
        open(flags -= PasswordFileOpenFlags::New);
    }
 
    m_file.seekg(0);
    auto backupFile = NativeFileStream(m_path + ".backup", ios::out | ios::trunc | ios::binary);
    backupFile.exceptions(ios_base::failbit | ios_base::badbit);
    backupFile << m_file.rdbuf();
    backupFile.close();
}

bool PasswordFile::hasRootEntry() const
{
    return m_rootEntry != nullptr;
}

const NodeEntry *PasswordFile::rootEntry() const
{
    return m_rootEntry.get();
}

NodeEntry *PasswordFile::rootEntry()
{
    return m_rootEntry.get();
}

void PasswordFile::close()
{
    if (m_file.is_open()) {
        m_file.close();
    }
    m_file.clear();
}

void PasswordFile::setPath(const string &value)
{
    close();
    m_path = value;
 
    // support "file://" protocol
    if (startsWith(m_path, "file:")) {
        m_path = m_path.substr(5);
    }
}

bool PasswordFile::isEncryptionUsed()
{
    if (!isOpen()) {
        return false;
    }
    m_file.seekg(0);
 
    // check magic number
    if (m_freader.readUInt32LE() != 0x7770616DU) {
        return false;
    }
 
    // check version
    const auto version = m_freader.readUInt32LE();
    if (version == 0x1U || version == 0x2U) {
        return true;
    } else if (version >= 0x3U) {
        return m_freader.readByte() & 0x80;
    } else {
        return false;
    }
}

size_t PasswordFile::size()
{
    if (!isOpen()) {
        return 0;
    }
    m_file.seekg(0, ios::end);
    return static_cast<size_t>(m_file.tellg());
}

string PasswordFile::summary(PasswordFileSaveFlags saveOptions) const
{
    auto result = std::string("<table>");
    if (!m_path.empty()) {
        result += argsToString("<tr><td>Path:</td><td>", m_path, "</td></tr>");
    }
    result += argsToString("<tr><td>Version:</td><td>", m_version, "</td></tr>");
    const auto minVersion = mininumVersion(saveOptions);
    if (m_version != minVersion) {
        result += argsToString("<tr><td></td><td>(on disk, after saving: ", minVersion, ")</td></tr>");
    }
    result += argsToString("<tr><td>Features:</td><td>", flagsToString(m_saveOptions), "</td></tr>");
    if (m_saveOptions != saveOptions) {
        result += argsToString("<tr><td></td><td>(on disk, after saving: ", flagsToString(saveOptions), ")</td></tr>");
    }
    const auto stats = m_rootEntry ? m_rootEntry->computeStatistics() : EntryStatistics();
    result += argsToString("<tr><td>Number of categories:</td><td>", stats.nodeCount, "</td></tr><tr><td>Number of accounts:</td><td>",
        stats.accountCount, "</td></tr><tr><td>Number of fields:</td><td>", stats.fieldCount, "</td></tr></table>");
    return result;
}

string flagsToString(PasswordFileOpenFlags flags)
{
    auto options = std::vector<std::string>();
    if (flags & PasswordFileOpenFlags::ReadOnly) {
        options.emplace_back("read-only");
    }
    if (options.empty()) {
        options.emplace_back("none");
    }
    return joinStrings(options, ", ");
}

string flagsToString(PasswordFileSaveFlags flags)
{
    auto options = std::vector<std::string>();
    options.reserve(3);
    if (flags & PasswordFileSaveFlags::Encryption) {
        options.emplace_back("encryption");
    }
    if (flags & PasswordFileSaveFlags::Compression) {
        options.emplace_back("compression");
    }
    if (flags & PasswordFileSaveFlags::PasswordHashing) {
        options.emplace_back("password hashing");
    }
    if (flags & PasswordFileSaveFlags::AuthenticationTag) {
        options.emplace_back("HMAC");
    }
    if (options.empty()) {
        options.emplace_back("none");
    }
    return joinStrings(options, ", ");
}
 
} // namespace Io