RogueMaster
diff --git a/‎cli/commands/add/add.c‎
Lines changed: 3 additions & 11 deletions b/‎cli/commands/add/add.c‎
Lines changed: 3 additions & 11 deletions
diff --git a/‎cli/commands/pin/pin.c‎
Lines changed: 1 addition & 1 deletion b/‎cli/commands/pin/pin.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎cli/commands/update/update.c‎
Lines changed: 3 additions & 11 deletions b/‎cli/commands/update/update.c‎
Lines changed: 3 additions & 11 deletions
diff --git a/‎services/config/config.c‎
Lines changed: 45 additions & 48 deletions b/‎services/config/config.c‎
Lines changed: 45 additions & 48 deletions
diff --git a/‎services/config/token_info_iterator.c‎
Lines changed: 5 additions & 12 deletions b/‎services/config/token_info_iterator.c‎
Lines changed: 5 additions & 12 deletions
diff --git a/‎services/config/token_info_iterator.h‎
Lines changed: 2 additions & 6 deletions b/‎services/config/token_info_iterator.h‎
Lines changed: 2 additions & 6 deletions
@@ -11,9 +11,7 @@
 struct TotpAddContext {
     FuriString* args;
     Cli* cli;
-    uint8_t* iv;
-    uint8_t crypto_version;
-    uint8_t crypto_key_slot;
+    const CryptoSettings* crypto_settings;
 };
 
 enum TotpIteratorUpdateTokenResultsEx {
@@ -70,9 +68,7 @@ static TotpIteratorUpdateTokenResult
         furi_string_get_cstr(temp_str),
         furi_string_size(temp_str),
         token_secret_encoding,
-        context_t->iv,
-        context_t->crypto_version,
-        context_t->crypto_key_slot);
+        context_t->crypto_settings);
 
     furi_string_secure_free(temp_str);
 
@@ -171,11 +167,7 @@ void totp_cli_command_add_handle(PluginState* plugin_state, FuriString* args, Cl
     TOTP_CLI_LOCK_UI(plugin_state);
 
     struct TotpAddContext add_context = {
-        .args = args,
-        .cli = cli,
-        .iv = &plugin_state->iv[0],
-        .crypto_version = plugin_state->crypto_version,
-        .crypto_key_slot = plugin_state->crypto_key_slot};
+        .args = args, .cli = cli, .crypto_settings = &plugin_state->crypto_settings};
     TotpIteratorUpdateTokenResult add_result =
         totp_token_info_iterator_add_new_token(iterator_context, &add_token_handler, &add_context);
 
 
@@ -105,7 +105,7 @@ void totp_cli_command_pin_handle(PluginState* plugin_state, FuriString* args, Cl
 
     bool do_change = false;
     bool do_remove = false;
-    uint8_t crypto_key_slot = plugin_state->crypto_key_slot;
+    uint8_t crypto_key_slot = plugin_state->crypto_settings.crypto_key_slot;
 
     bool arguments_parsed = true;
     while(args_read_string_and_trim(args, temp_str)) {
 
@@ -13,9 +13,7 @@
 struct TotpUpdateContext {
     FuriString* args;
     Cli* cli;
-    uint8_t* iv;
-    uint8_t crypto_version;
-    uint8_t crypto_key_slot;
+    const CryptoSettings* crypto_settings;
 };
 
 enum TotpIteratorUpdateTokenResultsEx {
@@ -98,9 +96,7 @@ static TotpIteratorUpdateTokenResult
                furi_string_get_cstr(temp_str),
                furi_string_size(temp_str),
                token_secret_encoding,
-               context_t->iv,
-               context_t->crypto_version,
-               context_t->crypto_key_slot)) {
+               context_t->crypto_settings)) {
             furi_string_secure_free(temp_str);
             return TotpIteratorUpdateTokenResultInvalidSecret;
         }
@@ -155,11 +151,7 @@ void totp_cli_command_update_handle(PluginState* plugin_state, FuriString* args,
     totp_token_info_iterator_go_to(iterator_context, token_number - 1);
 
     struct TotpUpdateContext update_context = {
-        .args = args,
-        .cli = cli,
-        .iv = &plugin_state->iv[0],
-        .crypto_version = plugin_state->crypto_version,
-        .crypto_key_slot = plugin_state->crypto_key_slot};
+        .args = args, .cli = cli, .crypto_settings = &plugin_state->crypto_settings};
     TotpIteratorUpdateTokenResult update_result = totp_token_info_iterator_update_current_token(
         iterator_context, &update_token_handler, &update_context);
 
 
@@ -375,7 +375,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
             break;
         }
 
-        plugin_state->crypto_version = tmp_uint32;
+        plugin_state->crypto_settings.crypto_version = tmp_uint32;
 
         if(!flipper_format_rewind(fff_data_file)) {
             break;
@@ -388,7 +388,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
             break;
         }
 
-        plugin_state->crypto_key_slot = tmp_uint32;
+        plugin_state->crypto_settings.crypto_key_slot = tmp_uint32;
 
         if(!flipper_format_rewind(fff_data_file)) {
             break;
@@ -397,7 +397,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
         if(!flipper_format_read_hex(
                fff_data_file,
                TOTP_CONFIG_KEY_BASE_IV,
-               &plugin_state->base_iv[0],
+               &plugin_state->crypto_settings.base_iv[0],
                CRYPTO_IV_LENGTH)) {
             FURI_LOG_D(LOGGING_TAG, "Missing base IV");
         }
@@ -410,22 +410,23 @@ bool totp_config_file_load(PluginState* const plugin_state) {
         if(flipper_format_get_value_count(
                fff_data_file, TOTP_CONFIG_KEY_CRYPTO_VERIFY, &crypto_size) &&
            crypto_size > 0) {
-            plugin_state->crypto_verify_data = malloc(sizeof(uint8_t) * crypto_size);
-            furi_check(plugin_state->crypto_verify_data != NULL);
-            plugin_state->crypto_verify_data_length = crypto_size;
+            plugin_state->crypto_settings.crypto_verify_data =
+                malloc(sizeof(uint8_t) * crypto_size);
+            furi_check(plugin_state->crypto_settings.crypto_verify_data != NULL);
+            plugin_state->crypto_settings.crypto_verify_data_length = crypto_size;
             if(!flipper_format_read_hex(
                    fff_data_file,
                    TOTP_CONFIG_KEY_CRYPTO_VERIFY,
-                   plugin_state->crypto_verify_data,
+                   plugin_state->crypto_settings.crypto_verify_data,
                    crypto_size)) {
                 FURI_LOG_D(LOGGING_TAG, "Missing crypto verify token");
-                free(plugin_state->crypto_verify_data);
-                plugin_state->crypto_verify_data = NULL;
-                plugin_state->crypto_verify_data_length = 0;
+                free(plugin_state->crypto_settings.crypto_verify_data);
+                plugin_state->crypto_settings.crypto_verify_data = NULL;
+                plugin_state->crypto_settings.crypto_verify_data_length = 0;
             }
         } else {
-            plugin_state->crypto_verify_data = NULL;
-            plugin_state->crypto_verify_data_length = 0;
+            plugin_state->crypto_settings.crypto_verify_data = NULL;
+            plugin_state->crypto_settings.crypto_verify_data_length = 0;
         }
 
         if(!flipper_format_rewind(fff_data_file)) {
@@ -443,8 +444,11 @@ bool totp_config_file_load(PluginState* const plugin_state) {
         }
 
         if(!flipper_format_read_bool(
-               fff_data_file, TOTP_CONFIG_KEY_PINSET, &plugin_state->pin_set, 1)) {
-            plugin_state->pin_set = true;
+               fff_data_file,
+               TOTP_CONFIG_KEY_PINSET,
+               &plugin_state->crypto_settings.pin_required,
+               1)) {
+            plugin_state->crypto_settings.pin_required = true;
         }
 
         if(!flipper_format_rewind(fff_data_file)) {
@@ -498,9 +502,7 @@ bool totp_config_file_load(PluginState* const plugin_state) {
             totp_token_info_iterator_alloc(
                 storage,
                 plugin_state->config_file_context->config_file,
-                plugin_state->iv,
-                plugin_state->crypto_version,
-                plugin_state->crypto_key_slot);
+                &plugin_state->crypto_settings);
         result = true;
     } while(false);
 
@@ -513,33 +515,39 @@ bool totp_config_file_update_crypto_signatures(const PluginState* plugin_state)
     flipper_format_rewind(config_file);
     bool update_result = false;
     do {
-        uint32_t tmp_uint32 = plugin_state->crypto_version;
+        uint32_t tmp_uint32 = plugin_state->crypto_settings.crypto_version;
         if(!flipper_format_insert_or_update_uint32(
                config_file, TOTP_CONFIG_KEY_CRYPTO_VERSION, &tmp_uint32, 1)) {
             break;
         }
 
-        tmp_uint32 = plugin_state->crypto_key_slot;
+        tmp_uint32 = plugin_state->crypto_settings.crypto_key_slot;
         if(!flipper_format_insert_or_update_uint32(
                config_file, TOTP_CONFIG_KEY_CRYPTO_KEY_SLOT, &tmp_uint32, 1)) {
             break;
         }
 
         if(!flipper_format_insert_or_update_hex(
-               config_file, TOTP_CONFIG_KEY_BASE_IV, plugin_state->base_iv, CRYPTO_IV_LENGTH)) {
+               config_file,
+               TOTP_CONFIG_KEY_BASE_IV,
+               plugin_state->crypto_settings.base_iv,
+               CRYPTO_IV_LENGTH)) {
             break;
         }
 
         if(!flipper_format_insert_or_update_hex(
                config_file,
                TOTP_CONFIG_KEY_CRYPTO_VERIFY,
-               plugin_state->crypto_verify_data,
-               plugin_state->crypto_verify_data_length)) {
+               plugin_state->crypto_settings.crypto_verify_data,
+               plugin_state->crypto_settings.crypto_verify_data_length)) {
             break;
         }
 
         if(!flipper_format_insert_or_update_bool(
-               config_file, TOTP_CONFIG_KEY_PINSET, &plugin_state->pin_set, 1)) {
+               config_file,
+               TOTP_CONFIG_KEY_PINSET,
+               &plugin_state->crypto_settings.pin_required,
+               1)) {
             break;
         }
 
@@ -581,24 +589,20 @@ bool totp_config_file_update_encryption(
         return false;
     }
 
-    uint8_t old_iv[CRYPTO_IV_LENGTH];
-    memcpy(&old_iv[0], &plugin_state->iv[0], CRYPTO_IV_LENGTH);
-
-    uint8_t old_crypto_key_slot = plugin_state->crypto_key_slot;
-    uint8_t old_crypto_version = plugin_state->crypto_version;
+    CryptoSettings old_crypto_settings = plugin_state->crypto_settings;
 
-    memset(&plugin_state->iv[0], 0, CRYPTO_IV_LENGTH);
-    memset(&plugin_state->base_iv[0], 0, CRYPTO_IV_LENGTH);
-    if(plugin_state->crypto_verify_data != NULL) {
-        free(plugin_state->crypto_verify_data);
-        plugin_state->crypto_verify_data = NULL;
+    memset(&plugin_state->crypto_settings.iv[0], 0, CRYPTO_IV_LENGTH);
+    memset(&plugin_state->crypto_settings.base_iv[0], 0, CRYPTO_IV_LENGTH);
+    if(plugin_state->crypto_settings.crypto_verify_data != NULL) {
+        free(plugin_state->crypto_settings.crypto_verify_data);
+        plugin_state->crypto_settings.crypto_verify_data = NULL;
     }
 
-    plugin_state->crypto_key_slot = new_crypto_key_slot;
-    plugin_state->crypto_version = CRYPTO_LATEST_VERSION;
+    plugin_state->crypto_settings.crypto_key_slot = new_crypto_key_slot;
+    plugin_state->crypto_settings.crypto_version = CRYPTO_LATEST_VERSION;
 
-    CryptoSeedIVResult seed_result =
-        totp_crypto_seed_iv(plugin_state, new_pin_length > 0 ? new_pin : NULL, new_pin_length);
+    CryptoSeedIVResult seed_result = totp_crypto_seed_iv(
+        &plugin_state->crypto_settings, new_pin_length > 0 ? new_pin : NULL, new_pin_length);
     if(seed_result & CryptoSeedIVResultFlagSuccess &&
        seed_result & CryptoSeedIVResultFlagNewCryptoVerifyData &&
        !totp_config_file_update_crypto_signatures(plugin_state)) {
@@ -649,21 +653,14 @@ bool totp_config_file_update_encryption(
 
                 size_t plain_token_length;
                 uint8_t* plain_token = totp_crypto_decrypt(
-                    encrypted_token,
-                    secret_bytes_count,
-                    &old_iv[0],
-                    old_crypto_version,
-                    old_crypto_key_slot,
-                    &plain_token_length);
+                    encrypted_token, secret_bytes_count, &old_crypto_settings, &plain_token_length);
 
                 free(encrypted_token);
                 size_t encrypted_token_length;
                 encrypted_token = totp_crypto_encrypt(
                     plain_token,
                     plain_token_length,
-                    &plugin_state->iv[0],
-                    plugin_state->crypto_version,
-                    plugin_state->crypto_key_slot,
+                    &plugin_state->crypto_settings,
                     &encrypted_token_length);
 
                 memset_s(plain_token, plain_token_length, 0, plain_token_length);
@@ -700,12 +697,12 @@ bool totp_config_file_ensure_latest_encryption(
     const uint8_t* pin,
     uint8_t pin_length) {
     bool result = true;
-    if(plugin_state->crypto_version < CRYPTO_LATEST_VERSION) {
+    if(plugin_state->crypto_settings.crypto_version < CRYPTO_LATEST_VERSION) {
         FURI_LOG_I(LOGGING_TAG, "Migration to crypto v%d is needed", CRYPTO_LATEST_VERSION);
         char* backup_path = totp_config_file_backup(plugin_state);
         if(backup_path != NULL) {
             free(backup_path);
-            uint8_t crypto_key_slot = plugin_state->crypto_key_slot;
+            uint8_t crypto_key_slot = plugin_state->crypto_settings.crypto_key_slot;
             if(!totp_crypto_check_key_slot(crypto_key_slot)) {
                 crypto_key_slot = DEFAULT_CRYPTO_KEY_SLOT;
             }
 
@@ -4,6 +4,7 @@
 #include <flipper_format/flipper_format_stream.h>
 #include <toolbox/stream/file_stream.h>
 #include "../../types/common.h"
+#include "../../types/crypto_settings.h"
 
 #define CONFIG_FILE_PART_FILE_PATH CONFIG_FILE_DIRECTORY_PATH "/totp.conf.part"
 #define STREAM_COPY_BUFFER_SIZE 128
@@ -15,9 +16,7 @@ struct TokenInfoIteratorContext {
     size_t last_seek_index;
     TokenInfo* current_token;
     FlipperFormat* config_file;
-    uint8_t* iv;
-    uint8_t crypto_version;
-    uint8_t crypto_key_slot;
+    CryptoSettings* crypto_settings;
     Storage* storage;
 };
 
@@ -242,9 +241,7 @@ static bool
 TokenInfoIteratorContext* totp_token_info_iterator_alloc(
     Storage* storage,
     FlipperFormat* config_file,
-    uint8_t* iv,
-    uint8_t crypto_version,
-    uint8_t crypto_key_slot) {
+    CryptoSettings* crypto_settings) {
     Stream* stream = flipper_format_get_raw_stream(config_file);
     stream_rewind(stream);
     size_t tokens_count = 0;
@@ -262,9 +259,7 @@ TokenInfoIteratorContext* totp_token_info_iterator_alloc(
     context->total_count = tokens_count;
     context->current_token = token_info_alloc();
     context->config_file = config_file;
-    context->iv = iv;
-    context->crypto_version = crypto_version;
-    context->crypto_key_slot = crypto_key_slot;
+    context->crypto_settings = crypto_settings;
     context->storage = storage;
     return context;
 }
@@ -461,9 +456,7 @@ bool totp_token_info_iterator_go_to(TokenInfoIteratorContext* context, size_t to
                    furi_string_get_cstr(temp_str),
                    furi_string_size(temp_str),
                    PlainTokenSecretEncodingBase32,
-                   context->iv,
-                   context->crypto_version,
-                   context->crypto_key_slot)) {
+                   context->crypto_settings)) {
                 FURI_LOG_W(
                     LOGGING_TAG,
                     "Token \"%s\" has plain secret",
 
@@ -28,17 +28,13 @@ enum TotpIteratorUpdateTokenResults {
  * @brief Initializes a new token info iterator
  * @param storage storage reference
  * @param config_file config file to use
- * @param iv initialization vector (IV) to be used for encryption\decryption
- * @param crypto_version crypto algorithm version to be used
- * @param crypto_key_slot crypto key slot to be used
+ * @param crypto_settings crypto settings
  * @return Token info iterator context
  */
 TokenInfoIteratorContext* totp_token_info_iterator_alloc(
     Storage* storage,
     FlipperFormat* config_file,
-    uint8_t* iv,
-    uint8_t crypto_version,
-    uint8_t crypto_key_slot);
+    CryptoSettings* crypto_settings);
 
 /**
  * @brief Navigates iterator to the token with given index