GODT-1609: use byte array for password

internal/frontend/bridge-gui/bridgepp/bridgepp/GRPC/bridge.pb.cc

@@ -1336,7 +1336,7 @@ const char descriptor_table_protodef_bridge_2eproto[] PROTOBUF_SECTION_VARIABLE(
   "\001 \001(\t\022\021\n\tosVersion\030\002 \001(\t\022\023\n\013description\030"
   "\003 \001(\t\022\017\n\007address\030\004 \001(\t\022\023\n\013emailClient\030\005 "
   "\001(\t\022\023\n\013includeLogs\030\006 \001(\010\"2\n\014LoginRequest"
-  "\022\020\n\010username\030\001 \001(\t\022\020\n\010password\030\002 \001(\t\"%\n\021"
+  "\022\020\n\010username\030\001 \001(\t\022\020\n\010password\030\002 \001(\014\"%\n\021"
   "LoginAbortRequest\022\020\n\010username\030\001 \001(\t\"0\n\027C"
   "hangeLocalCacheRequest\022\025\n\rdiskCachePath\030"
   "\002 \001(\t\"8\n\022ChangePortsRequest\022\020\n\010imapPort\030"
@@ -1346,7 +1346,7 @@ const char descriptor_table_protodef_bridge_2eproto[] PROTOBUF_SECTION_VARIABLE(
   "rText\030\003 \001(\t\022\020\n\010loggedIn\030\004 \001(\010\022\021\n\tsplitMo"
   "de\030\005 \001(\010\022\026\n\016setupGuideSeen\030\006 \001(\010\022\021\n\tused"
   "Bytes\030\007 \001(\003\022\022\n\ntotalBytes\030\010 \001(\003\022\020\n\010passw"
-  "ord\030\t \001(\t\022\021\n\taddresses\030\n \003(\t\"6\n\024UserSpli"
+  "ord\030\t \001(\014\022\021\n\taddresses\030\n \003(\t\"6\n\024UserSpli"
   "tModeRequest\022\016\n\006userID\030\001 \001(\t\022\016\n\006active\030\002"
   " \001(\010\"-\n\020UserListResponse\022\031\n\005users\030\001 \003(\0132"
   "\n.grpc.User\"<\n\031ConfigureAppleMailRequest"
@@ -2488,13 +2488,12 @@ const char* LoginRequest::_InternalParse(const char* ptr, ::_pbi::ParseContext*
         } else
           goto handle_unusual;
         continue;
-      // string password = 2;
+      // bytes password = 2;
       case 2:
         if (PROTOBUF_PREDICT_TRUE(static_cast<uint8_t>(tag) == 18)) {
           auto str = _internal_mutable_password();
           ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx);
           CHK_(ptr);
-          CHK_(::_pbi::VerifyUTF8(str, "grpc.LoginRequest.password"));
         } else
           goto handle_unusual;
         continue;
@@ -2537,13 +2536,9 @@ uint8_t* LoginRequest::_InternalSerialize(
         1, this->_internal_username(), target);
   }
 
-  // string password = 2;
+  // bytes password = 2;
   if (!this->_internal_password().empty()) {
-    ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String(
-      this->_internal_password().data(), static_cast<int>(this->_internal_password().length()),
-      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE,
-      "grpc.LoginRequest.password");
-    target = stream->WriteStringMaybeAliased(
+    target = stream->WriteBytesMaybeAliased(
         2, this->_internal_password(), target);
   }
 
@@ -2570,10 +2565,10 @@ size_t LoginRequest::ByteSizeLong() const {
         this->_internal_username());
   }
 
-  // string password = 2;
+  // bytes password = 2;
   if (!this->_internal_password().empty()) {
     total_size += 1 +
-      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize(
+      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::BytesSize(
         this->_internal_password());
   }
 
@@ -3660,13 +3655,12 @@ const char* User::_InternalParse(const char* ptr, ::_pbi::ParseContext* ctx) {
         } else
           goto handle_unusual;
         continue;
-      // string password = 9;
+      // bytes password = 9;
       case 9:
         if (PROTOBUF_PREDICT_TRUE(static_cast<uint8_t>(tag) == 74)) {
           auto str = _internal_mutable_password();
           ptr = ::_pbi::InlineGreedyStringParser(str, ptr, ctx);
           CHK_(ptr);
-          CHK_(::_pbi::VerifyUTF8(str, "grpc.User.password"));
         } else
           goto handle_unusual;
         continue;
@@ -3774,13 +3768,9 @@ uint8_t* User::_InternalSerialize(
     target = ::_pbi::WireFormatLite::WriteInt64ToArray(8, this->_internal_totalbytes(), target);
   }
 
-  // string password = 9;
+  // bytes password = 9;
   if (!this->_internal_password().empty()) {
-    ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::VerifyUtf8String(
-      this->_internal_password().data(), static_cast<int>(this->_internal_password().length()),
-      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::SERIALIZE,
-      "grpc.User.password");
-    target = stream->WriteStringMaybeAliased(
+    target = stream->WriteBytesMaybeAliased(
         9, this->_internal_password(), target);
   }
 
@@ -3839,10 +3829,10 @@ size_t User::ByteSizeLong() const {
         this->_internal_avatartext());
   }
 
-  // string password = 9;
+  // bytes password = 9;
   if (!this->_internal_password().empty()) {
     total_size += 1 +
-      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::StringSize(
+      ::PROTOBUF_NAMESPACE_ID::internal::WireFormatLite::BytesSize(
         this->_internal_password());
   }
 

internal/frontend/bridge-gui/bridgepp/bridgepp/GRPC/bridge.pb.h

@@ -967,7 +967,7 @@ class LoginRequest final :
   std::string* _internal_mutable_username();
   public:
 
-  // string password = 2;
+  // bytes password = 2;
   void clear_password();
   const std::string& password() const;
   template <typename ArgT0 = const std::string&, typename... ArgT>
@@ -1824,7 +1824,7 @@ class User final :
   std::string* _internal_mutable_avatartext();
   public:
 
-  // string password = 9;
+  // bytes password = 9;
   void clear_password();
   const std::string& password() const;
   template <typename ArgT0 = const std::string&, typename... ArgT>
@@ -10195,7 +10195,7 @@ inline void LoginRequest::set_allocated_username(std::string* username) {
   // @@protoc_insertion_point(field_set_allocated:grpc.LoginRequest.username)
 }
 
-// string password = 2;
+// bytes password = 2;
 inline void LoginRequest::clear_password() {
   _impl_.password_.ClearToEmpty();
 }
@@ -10207,7 +10207,7 @@ template <typename ArgT0, typename... ArgT>
 inline PROTOBUF_ALWAYS_INLINE
 void LoginRequest::set_password(ArgT0&& arg0, ArgT... args) {
  
- _impl_.password_.Set(static_cast<ArgT0 &&>(arg0), args..., GetArenaForAllocation());
+ _impl_.password_.SetBytes(static_cast<ArgT0 &&>(arg0), args..., GetArenaForAllocation());
   // @@protoc_insertion_point(field_set:grpc.LoginRequest.password)
 }
 inline std::string* LoginRequest::mutable_password() {
@@ -10730,7 +10730,7 @@ inline void User::set_totalbytes(int64_t value) {
   // @@protoc_insertion_point(field_set:grpc.User.totalBytes)
 }
 
-// string password = 9;
+// bytes password = 9;
 inline void User::clear_password() {
   _impl_.password_.ClearToEmpty();
 }
@@ -10742,7 +10742,7 @@ template <typename ArgT0, typename... ArgT>
 inline PROTOBUF_ALWAYS_INLINE
 void User::set_password(ArgT0&& arg0, ArgT... args) {
  
- _impl_.password_.Set(static_cast<ArgT0 &&>(arg0), args..., GetArenaForAllocation());
+ _impl_.password_.SetBytes(static_cast<ArgT0 &&>(arg0), args..., GetArenaForAllocation());
   // @@protoc_insertion_point(field_set:grpc.User.password)
 }
 inline std::string* User::mutable_password() {

internal/frontend/cli/accounts.go

@@ -129,7 +129,7 @@ func (f *frontendCLI) loginAccount(c *ishell.Context) { //nolint:funlen
 	userID, err := f.bridge.LoginUser(
 		context.Background(),
 		loginName,
-		password,
+		[]byte(password),
 		func() (string, error) {
 			return f.readStringInAttempts("Two factor code", c.ReadLine, isNotEmpty), nil
 		},

internal/frontend/grpc/bridge.pb.go

@@ -468,7 +468,7 @@ type LoginRequest struct {
 	unknownFields protoimpl.UnknownFields
 
 	Username string `protobuf:"bytes,1,opt,name=username,proto3" json:"username,omitempty"`
-	Password string `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"`
+	Password []byte `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"`
 }
 
 func (x *LoginRequest) Reset() {
@@ -510,11 +510,11 @@ func (x *LoginRequest) GetUsername() string {
 	return ""
 }
 
-func (x *LoginRequest) GetPassword() string {
+func (x *LoginRequest) GetPassword() []byte {
 	if x != nil {
 		return x.Password
 	}
-	return ""
+	return nil
 }
 
 type LoginAbortRequest struct {
@@ -738,7 +738,7 @@ type User struct {
 	SetupGuideSeen bool     `protobuf:"varint,6,opt,name=setupGuideSeen,proto3" json:"setupGuideSeen,omitempty"`
 	UsedBytes      int64    `protobuf:"varint,7,opt,name=usedBytes,proto3" json:"usedBytes,omitempty"`
 	TotalBytes     int64    `protobuf:"varint,8,opt,name=totalBytes,proto3" json:"totalBytes,omitempty"`
-	Password       string   `protobuf:"bytes,9,opt,name=password,proto3" json:"password,omitempty"`
+	Password       []byte   `protobuf:"bytes,9,opt,name=password,proto3" json:"password,omitempty"`
 	Addresses      []string `protobuf:"bytes,10,rep,name=addresses,proto3" json:"addresses,omitempty"`
 }
 
@@ -830,11 +830,11 @@ func (x *User) GetTotalBytes() int64 {
 	return 0
 }
 
-func (x *User) GetPassword() string {
+func (x *User) GetPassword() []byte {
 	if x != nil {
 		return x.Password
 	}
-	return ""
+	return nil
 }
 
 func (x *User) GetAddresses() []string {
@@ -3727,7 +3727,7 @@ var file_bridge_proto_rawDesc = []byte{
 	0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08,
 	0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08,
 	0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73,
-	0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73,
+	0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73,
 	0x77, 0x6f, 0x72, 0x64, 0x22, 0x2f, 0x0a, 0x11, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x41, 0x62, 0x6f,
 	0x72, 0x74, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65,
 	0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65,
@@ -3760,7 +3760,7 @@ var file_bridge_proto_rawDesc = []byte{
 	0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x1e, 0x0a, 0x0a, 0x74, 0x6f, 0x74, 0x61, 0x6c, 0x42, 0x79,
 	0x74, 0x65, 0x73, 0x18, 0x08, 0x20, 0x01, 0x28, 0x03, 0x52, 0x0a, 0x74, 0x6f, 0x74, 0x61, 0x6c,
 	0x42, 0x79, 0x74, 0x65, 0x73, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72,
-	0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72,
+	0x64, 0x18, 0x09, 0x20, 0x01, 0x28, 0x0c, 0x52, 0x08, 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72,
 	0x64, 0x12, 0x1c, 0x0a, 0x09, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x18, 0x0a,
 	0x20, 0x03, 0x28, 0x09, 0x52, 0x09, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x65, 0x73, 0x22,
 	0x46, 0x0a, 0x14, 0x55, 0x73, 0x65, 0x72, 0x53, 0x70, 0x6c, 0x69, 0x74, 0x4d, 0x6f, 0x64, 0x65,

internal/frontend/grpc/bridge.proto

@@ -148,7 +148,7 @@ message ReportBugRequest {
 
 message LoginRequest {
   string username = 1;
-  string password = 2;
+  bytes password = 2;
 }
 
 message LoginAbortRequest {
@@ -189,7 +189,7 @@ message User {
   bool setupGuideSeen = 6;
   int64 usedBytes = 7;
   int64 totalBytes = 8;
-  string password = 9;
+  bytes password = 9;
   repeated string addresses = 10;
 }
 

internal/frontend/grpc/service_methods.go

@@ -356,8 +356,8 @@ func (s *Service) Login(ctx context.Context, login *LoginRequest) (*emptypb.Empt
 
 	go func() {
 		defer s.panicHandler.HandlePanic()
-
-		password, err := base64.StdEncoding.DecodeString(login.Password)
+		var password []byte
+		_, err := base64.StdEncoding.Decode(password, login.Password)
 		if err != nil {
 			s.log.WithError(err).Error("Cannot decode password")
 			_ = s.SendEvent(NewLoginError(LoginErrorType_USERNAME_PASSWORD_ERROR, "Cannot decode password"))
@@ -368,7 +368,7 @@ func (s *Service) Login(ctx context.Context, login *LoginRequest) (*emptypb.Empt
 		// - bad credentials
 		// - bad proton plan
 		// - user already exists
-		userID, err := s.bridge.LoginUser(context.Background(), login.Username, string(password), nil, nil)
+		userID, err := s.bridge.LoginUser(context.Background(), login.Username, password, nil, nil)
 		if err != nil {
 			s.log.WithError(err).Error("Cannot login user")
 			_ = s.SendEvent(NewLoginError(LoginErrorType_USERNAME_PASSWORD_ERROR, "Cannot login user"))