refact(password): simplify

Signed-off-by: fufesou <linlong1266@gmail.com>

src/config.rs

@@ -1429,15 +1429,11 @@ impl Config {
         Self::get_salt()
     }
 
-    fn has_usable_local_permanent_password() -> bool {
+    pub fn has_local_permanent_password() -> bool {
         let (local_storage, local_salt) = Self::get_local_permanent_password_storage_and_salt();
         local_permanent_password_storage_is_usable_for_auth(&local_storage, &local_salt)
     }
 
-    pub fn has_local_permanent_password() -> bool {
-        Self::has_usable_local_permanent_password()
-    }
-
     // This shouldn't happen under normal circumstances because the salt
     // should be automatically generated when migrating to hash storage.
     // Actually, it is better to avoid calling set_salt at all.

src/config/permanent_password.rs

@@ -56,12 +56,6 @@ pub(super) fn decode_permanent_password_h1_from_hashed_storage(
     decode_password_h1_after_prefix(storage, PERMANENT_PASSWORD_HASH_PREFIX)
 }
 
-fn decode_hbbs_preset_password_h1_from_storage(
-    storage: &str,
-) -> Option<[u8; PERMANENT_PASSWORD_H1_LEN]> {
-    decode_password_h1_after_prefix(storage, HBBS_PRESET_PASSWORD_HASH_PREFIX)
-}
-
 fn decode_password_h1_after_prefix(
     storage: &str,
     prefix: &str,
@@ -102,7 +96,7 @@ pub(super) fn decrypt_permanent_password_str_or_original(storage: &str) -> (Stri
     (storage.to_owned(), false, !storage.is_empty())
 }
 
-pub(super) fn permanent_password_storage_is_usable_for_auth(storage: &str, salt: &str) -> bool {
+pub fn local_permanent_password_storage_is_usable_for_auth(storage: &str, salt: &str) -> bool {
     if storage.is_empty() {
         return false;
     }
@@ -137,27 +131,15 @@ pub fn preset_permanent_password_storage_is_usable_for_auth(storage: &str, salt:
 pub fn decode_preset_password_h1_from_storage(
     storage: &str,
 ) -> Option<[u8; PERMANENT_PASSWORD_H1_LEN]> {
-    decode_hbbs_preset_password_h1_from_storage(storage)
+    decode_password_h1_after_prefix(storage, HBBS_PRESET_PASSWORD_HASH_PREFIX)
-}
-
-pub fn local_permanent_password_storage_is_usable_for_auth(storage: &str, salt: &str) -> bool {
-    if storage.starts_with(PERMANENT_PASSWORD_ENC_VERSION)
-        && decode_permanent_password_h1_from_storage(storage).is_none()
-    {
-        log::error!(
-            "Local permanent password storage looks encrypted but cannot be decoded as a hash"
-        );
-        return false;
-    }
-    permanent_password_storage_is_usable_for_auth(storage, salt)
 }
 
 #[cfg(test)]
-fn permanent_password_storage_matches_plain(storage: &str, salt: &str, input: &str) -> bool {
+fn local_permanent_password_storage_matches_plain(storage: &str, salt: &str, input: &str) -> bool {
     if storage.is_empty() || input.is_empty() {
         return false;
     }
-    if !permanent_password_storage_is_usable_for_auth(storage, salt) {
+    if !local_permanent_password_storage_is_usable_for_auth(storage, salt) {
         return false;
     }
     if let Some(stored_h1) = decode_permanent_password_h1_from_storage(storage) {
@@ -189,14 +171,6 @@ pub(super) fn preset_permanent_password_storage_matches_plain(
     constant_time_eq_32(&h1, &stored_h1)
 }
 
-#[cfg(test)]
-fn local_permanent_password_storage_matches_plain(storage: &str, salt: &str, input: &str) -> bool {
-    if !local_permanent_password_storage_is_usable_for_auth(storage, salt) {
-        return false;
-    }
-    permanent_password_storage_matches_plain(storage, salt, input)
-}
-
 pub fn decode_permanent_password_h1_from_storage(
     storage: &str,
 ) -> Option<[u8; PERMANENT_PASSWORD_H1_LEN]> {
@@ -271,13 +245,13 @@ mod tests {
         let h1 = compute_permanent_password_h1("p@ssw0rd", salt);
         let storage = encode_permanent_password_encrypted_storage_from_h1(&h1).unwrap();
 
-        assert!(permanent_password_storage_is_usable_for_auth(
+        assert!(local_permanent_password_storage_is_usable_for_auth(
             &storage, salt
         ));
-        assert!(permanent_password_storage_matches_plain(
+        assert!(local_permanent_password_storage_matches_plain(
             &storage, salt, "p@ssw0rd"
         ));
-        assert!(!permanent_password_storage_matches_plain(
+        assert!(!local_permanent_password_storage_matches_plain(
             &storage, salt, "wrong"
         ));
     }
@@ -342,8 +316,10 @@ mod tests {
         let h1 = compute_permanent_password_h1("p@ssw0rd", "salt123");
         let storage = encode_permanent_password_storage_from_h1(&h1);
 
-        assert!(!permanent_password_storage_is_usable_for_auth(&storage, ""));
+        assert!(!local_permanent_password_storage_is_usable_for_auth(
-        assert!(!permanent_password_storage_matches_plain(
+            &storage, ""
+        ));
+        assert!(!local_permanent_password_storage_matches_plain(
             &storage, "", "p@ssw0rd"
         ));
     }
@@ -384,12 +360,6 @@ mod tests {
             + &base64::encode(encrypted, base64::Variant::Original);
 
         for storage in ["01invalid", &encrypted_non_hash] {
-            assert!(!permanent_password_storage_is_usable_for_auth(
-                storage, "salt123"
-            ));
-            assert!(!permanent_password_storage_matches_plain(
-                storage, "salt123", storage
-            ));
             assert!(!local_permanent_password_storage_is_usable_for_auth(
                 storage, "salt123"
             ));
@@ -404,8 +374,10 @@ mod tests {
         let h1 = compute_permanent_password_h1("plain-looking-hash", "salt123");
         let storage = encode_permanent_password_storage_from_h1(&h1);
 
-        assert!(!permanent_password_storage_is_usable_for_auth(&storage, ""));
+        assert!(!local_permanent_password_storage_is_usable_for_auth(
-        assert!(!permanent_password_storage_matches_plain(
+            &storage, ""
+        ));
+        assert!(!local_permanent_password_storage_matches_plain(
             &storage, "", &storage
         ));
     }