Skip to content

Commit 4e5a448

Browse files
NMC 1937 - E2EE customisation changes
1 parent 394f0e2 commit 4e5a448

2 files changed

Lines changed: 99 additions & 310 deletions

File tree

iOSClient/Settings/E2EE/NCEndToEndInitialize.swift

Lines changed: 84 additions & 45 deletions
Original file line numberDiff line numberDiff line change
@@ -1,25 +1,6 @@
1-
//
2-
// NCEndToEndInitialize.swift
3-
// Nextcloud
4-
//
5-
// Created by Marino Faggiana on 03/04/17.
6-
// Copyright © 2017 Marino Faggiana. All rights reserved.
7-
//
8-
// Author Marino Faggiana <marino.faggiana@nextcloud.com>
9-
//
10-
// This program is free software: you can redistribute it and/or modify
11-
// it under the terms of the GNU General Public License as published by
12-
// the Free Software Foundation, either version 3 of the License, or
13-
// (at your option) any later version.
14-
//
15-
// This program is distributed in the hope that it will be useful,
16-
// but WITHOUT ANY WARRANTY; without even the implied warranty of
17-
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18-
// GNU General Public License for more details.
19-
//
20-
// You should have received a copy of the GNU General Public License
21-
// along with this program. If not, see <http://www.gnu.org/licenses/>.
22-
//
1+
// SPDX-FileCopyrightText: Nextcloud GmbH
2+
// SPDX-FileCopyrightText: 2017 Marino Faggiana
3+
// SPDX-License-Identifier: GPL-3.0-or-later
234

245
import UIKit
256
import NextcloudKit
@@ -47,21 +28,32 @@ class NCEndToEndInitialize: NSObject {
4728
self.metadata = metadata
4829

4930
// Clear all keys
50-
NCKeychain().clearAllKeysEndToEnd(account: session.account)
31+
NCPreferences().clearAllKeysEndToEnd(account: session.account)
5132
self.getPublicKey()
5233
}
5334

5435
func statusOfService(session: NCSession.Session, completion: @escaping (_ error: NKError?) -> Void) {
55-
NextcloudKit.shared.getE2EECertificate(account: session.account) { _, _, _, _, error in
36+
NextcloudKit.shared.getE2EECertificate(account: session.account) { task in
37+
Task {
38+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: session.account,
39+
name: "getE2EECertificate")
40+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
41+
}
42+
} completion: { _, _, _, _, error in
5643
completion(error)
5744
}
5845
}
5946

6047
private func getPublicKey() {
61-
62-
NextcloudKit.shared.getE2EECertificate(account: session.account) { account, certificate, _, _, error in
48+
NextcloudKit.shared.getE2EECertificate(account: session.account) { task in
49+
Task {
50+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: self.session.account,
51+
name: "getE2EECertificate")
52+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
53+
}
54+
} completion: { account, certificate, _, _, error in
6355
if error == .success, let certificate {
64-
NCKeychain().setEndToEndCertificate(account: account, certificate: certificate)
56+
NCPreferences().setEndToEndCertificate(account: account, certificate: certificate)
6557
self.extractedPublicKey = NCEndToEndEncryption.shared().extractPublicKey(fromCertificate: certificate)
6658
// Request PrivateKey chiper to Server
6759
self.getPrivateKeyCipher()
@@ -78,15 +70,21 @@ class NCEndToEndInitialize: NSObject {
7870
return
7971
}
8072

81-
NextcloudKit.shared.signE2EECertificate(certificate: csr, account: account) { account, certificate, _, error in
73+
NextcloudKit.shared.signE2EECertificate(certificate: csr, account: account) {task in
74+
Task {
75+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: account,
76+
name: "signE2EECertificate")
77+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
78+
}
79+
} completion: { account, certificate, _, error in
8280
if error == .success, let certificate {
8381
// TEST publicKey
8482
let extractedPublicKey = NCEndToEndEncryption.shared().extractPublicKey(fromCertificate: certificate)
8583
if extractedPublicKey != NCEndToEndEncryption.shared().generatedPublicKey {
8684
let error = NKError(errorCode: error.errorCode, errorDescription: "error: the public key is incorrect")
8785
NCContentPresenter().messageNotification("E2E sign publicKey", error: error, delay: NCGlobal.shared.dismissAfterSecond, type: NCContentPresenter.messageType.error, priority: .max)
8886
} else {
89-
NCKeychain().setEndToEndCertificate(account: account, certificate: certificate)
87+
NCPreferences().setEndToEndCertificate(account: account, certificate: certificate)
9088
// Request PrivateKey chiper to Server
9189
self.getPrivateKeyCipher()
9290
}
@@ -113,30 +111,61 @@ class NCEndToEndInitialize: NSObject {
113111
}
114112
}
115113

114+
func detectPrivateKeyFormat(from data: Data) -> String {
115+
print("🔍 Hex dump:", data.prefix(32).map { String(format: "%02X", $0) }.joined(separator: " "))
116+
117+
// PKCS#8 has OBJECT IDENTIFIER for RSA
118+
let oidRsaPrefix: [UInt8] = [0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01]
119+
120+
if data.range(of: Data(oidRsaPrefix)) != nil {
121+
print("🔐 Format: PKCS#8 (BEGIN PRIVATE KEY)")
122+
return "PKCS#8"
123+
} else if data.starts(with: [0x30, 0x82]) {
124+
print("🔐 Format: PKCS#1 (BEGIN RSA PRIVATE KEY)")
125+
return "PKCS#1"
126+
} else {
127+
print("❌ Unknown key format")
128+
return "Unknown"
129+
}
130+
}
131+
116132
private func getPrivateKeyCipher() {
117133
// Request PrivateKey chiper to Server
118-
NextcloudKit.shared.getE2EEPrivateKey(account: session.account) { account, privateKeyChiper, _, error in
134+
NextcloudKit.shared.getE2EEPrivateKey(account: session.account) { task in
135+
Task {
136+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: self.session.account,
137+
name: "getE2EEPrivateKey")
138+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
139+
}
140+
} completion: { account, privateKeyChiper, _, error in
119141
if error == .success {
120142
// request Passphrase
121143
var passphraseTextField: UITextField?
122144
let alertController = UIAlertController(title: NSLocalizedString("_e2e_passphrase_request_title_", comment: ""), message: NSLocalizedString("_e2e_passphrase_request_message_", comment: ""), preferredStyle: .alert)
123145
let ok = UIAlertAction(title: "OK", style: .default, handler: { _ in
124146
let passphrase = passphraseTextField?.text ?? ""
125-
let publicKey = NCKeychain().getEndToEndCertificate(account: account)
126-
if let privateKeyData = (NCEndToEndEncryption.shared().decryptPrivateKey(privateKeyChiper, passphrase: passphrase)),
147+
if let privateKeyData = NCEndToEndEncryption.shared().decryptPrivateKey(privateKeyChiper, passphrase: passphrase),
127148
let keyData = Data(base64Encoded: privateKeyData),
128149
let privateKey = String(data: keyData, encoding: .utf8) {
129-
NCKeychain().setEndToEndPrivateKey(account: account, privateKey: privateKey)
150+
NCPreferences().setEndToEndPrivateKey(account: account, privateKey: privateKey)
130151
} else {
152+
// // Fix here for https://jira.telekom.de/browse/NMC-5056
153+
// let error = NKError(errorCode: NCGlobal.shared.errorInternalError, errorDescription: "Passphrase ist nicht korrekt")
154+
let error = NKError(errorCode: NCGlobal.shared.errorInternalError, errorDescription: "Serious internal error to decrypt Private Key")
155+
NCContentPresenter().messageNotification("E2E decrypt privateKey", error: error, delay: NCGlobal.shared.dismissAfterSecond, type: NCContentPresenter.messageType.error, priority: .max)
131156

132-
let error = NKError(errorCode: NCGlobal.shared.errorInternalError, errorDescription: NSLocalizedString("_e2e_error_incorrect_passphrase_", comment: ""))
133-
NCContentPresenter().messageNotification(NSLocalizedString("_e2e_error_passphrase_title", comment: ""), error: error, delay: NCGlobal.shared.dismissAfterSecond, type: NCContentPresenter.messageType.error, priority: .max)
134157
return
135158
}
136159
// Save to keychain
137-
NCKeychain().setEndToEndPassphrase(account: account, passphrase: passphrase)
160+
NCPreferences().setEndToEndPassphrase(account: account, passphrase: passphrase)
138161
// request server publicKey
139-
NextcloudKit.shared.getE2EEPublicKey(account: account) { account, publicKey, _, error in
162+
NextcloudKit.shared.getE2EEPublicKey(account: account) { task in
163+
Task {
164+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: self.session.account,
165+
name: "getE2EEPublicKey")
166+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
167+
}
168+
} completion: { account, publicKey, _, error in
140169
if error == .success, let publicKey {
141170

142171
// Verify Certificate
@@ -173,12 +202,10 @@ class NCEndToEndInitialize: NSObject {
173202
}
174203
})
175204

176-
let cancel = UIAlertAction(title: NSLocalizedString("_cancel_", comment: ""), style: .cancel) { _ -> Void in
177-
}
178-
205+
let cancel = UIAlertAction(title: NSLocalizedString("_cancel_", comment: ""), style: .cancel)
179206
alertController.addAction(ok)
180207
alertController.addAction(cancel)
181-
alertController.addTextField { textField -> Void in
208+
alertController.addTextField { textField in
182209
passphraseTextField = textField
183210
passphraseTextField?.placeholder = NSLocalizedString("_enter_passphrase_", comment: "")
184211
}
@@ -226,14 +253,26 @@ class NCEndToEndInitialize: NSObject {
226253
// privateKeyChiper
227254
print(privateKeyCipher)
228255

229-
NextcloudKit.shared.storeE2EEPrivateKey(privateKey: privateKeyCipher, account: session.account) { account, _, _, error in
256+
NextcloudKit.shared.storeE2EEPrivateKey(privateKey: privateKeyCipher, account: session.account) { task in
257+
Task {
258+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: self.session.account,
259+
name: "storeE2EEPrivateKey")
260+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
261+
}
262+
} completion: { account, _, _, error in
230263
if error == .success, let privateKey = privateKeyString {
231264

232-
NCKeychain().setEndToEndPrivateKey(account: account, privateKey: String(privateKey))
233-
NCKeychain().setEndToEndPassphrase(account: account, passphrase: e2ePassphrase)
265+
NCPreferences().setEndToEndPrivateKey(account: account, privateKey: String(privateKey))
266+
NCPreferences().setEndToEndPassphrase(account: account, passphrase: e2ePassphrase)
234267

235268
// request server publicKey
236-
NextcloudKit.shared.getE2EEPublicKey(account: account) { account, publicKey, _, error in
269+
NextcloudKit.shared.getE2EEPublicKey(account: account) { task in
270+
Task {
271+
let identifier = await NCNetworking.shared.networkingTasks.createIdentifier(account: self.session.account,
272+
name: "getE2EEPublicKey")
273+
await NCNetworking.shared.networkingTasks.track(identifier: identifier, task: task)
274+
}
275+
} completion: { account, publicKey, _, error in
237276
if error == .success, let publicKey {
238277

239278
var verifyCertificate: Bool = false

0 commit comments

Comments
 (0)