From 4c72ef2a18b52502cca85d6fe53b67b82c7fce2a Mon Sep 17 00:00:00 2001 From: Mauro Romito Date: Wed, 23 Oct 2024 12:07:36 +0200 Subject: [PATCH 1/3] restored function --- .../Crypto/SecretStorage/MXSecretStorage.m | 99 +++++++++++++++++++ 1 file changed, 99 insertions(+) diff --git a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m index 1f4bfcca6..3ffb6c6de 100644 --- a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m +++ b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m @@ -18,6 +18,7 @@ #import "MXSession.h" #import "MXTools.h" +#import "MXKeyBackupPassword.h" #import "MXRecoveryKey.h" #import "MXHkdfSha256.h" #import "MXAesHmacSha2.h" @@ -126,6 +127,104 @@ - (MXHTTPOperation*)createKeyWithKeyId:(nullable NSString*)keyId return operation; } +- (MXHTTPOperation*)createKeyWithKeyId:(nullable NSString*)keyId + keyName:(nullable NSString*)keyName + passphrase:(nullable NSString*)passphrase + success:(void (^)(MXSecretStorageKeyCreationInfo *keyCreationInfo))success + failure:(void (^)(NSError *error))failure +{ + MXLogDebug(@"[MXSecretStorage] createKeyWithKeyId: Creating new key with passphrase"); + keyId = keyId ?: [[NSUUID UUID] UUIDString]; + + MXHTTPOperation *operation = [MXHTTPOperation new]; + + MXWeakify(self); + dispatch_async(processingQueue, ^{ + MXStrongifyAndReturnIfNil(self); + + NSError *error; + + NSData *privateKey; + MXSecretStoragePassphrase *passphraseInfo; + + if (passphrase) + { + // Generate a private key from the passphrase + NSString *salt; + NSUInteger iterations; + privateKey = [MXKeyBackupPassword generatePrivateKeyWithPassword:passphrase + salt:&salt + iterations:&iterations + error:&error]; + if (!error) + { + passphraseInfo = [MXSecretStoragePassphrase new]; + passphraseInfo.algorithm = @"m.pbkdf2"; + passphraseInfo.salt = salt; + passphraseInfo.iterations = iterations; + } + } + else + { + OLMPkDecryption *decryption = [OLMPkDecryption new]; + [decryption generateKey:&error]; + privateKey = decryption.privateKey; + } + + if (error) + { + dispatch_async(dispatch_get_main_queue(), ^{ + MXLogDebug(@"[MXSecretStorage] createKeyWithKeyId: Failed to create a new key - %@", error); + failure(error); + }); + return; + } + + // Build iv and mac + MXEncryptedSecretContent *encryptedZeroString = [self encryptedZeroStringWithPrivateKey:privateKey iv:nil error:&error]; + if (error) + { + dispatch_async(dispatch_get_main_queue(), ^{ + MXLogDebug(@"[MXSecretStorage] createKeyWithKeyId: Failed to create a new key - %@", error); + failure(error); + }); + return; + } + + MXSecretStorageKeyContent *ssssKeyContent = [MXSecretStorageKeyContent new]; + ssssKeyContent.name = keyName; + ssssKeyContent.algorithm = MXSecretStorageKeyAlgorithm.aesHmacSha2; + ssssKeyContent.passphrase = passphraseInfo; + ssssKeyContent.iv = encryptedZeroString.iv; + ssssKeyContent.mac = encryptedZeroString.mac; + + NSString *accountDataId = [self storageKeyIdForKey:keyId]; + MXHTTPOperation *operation2 = [self setAccountData:ssssKeyContent.JSONDictionary forType:accountDataId success:^{ + + MXSecretStorageKeyCreationInfo *keyCreationInfo = [MXSecretStorageKeyCreationInfo new]; + keyCreationInfo.keyId = keyId; + keyCreationInfo.content = ssssKeyContent; + keyCreationInfo.privateKey = privateKey; + keyCreationInfo.recoveryKey = [MXRecoveryKey encode:privateKey]; + + dispatch_async(dispatch_get_main_queue(), ^{ + MXLogDebug(@"[MXSecretStorage] createKeyWithKeyId: Successfully created a new key"); + success(keyCreationInfo); + }); + + } failure:^(NSError *error) { + dispatch_async(dispatch_get_main_queue(), ^{ + MXLogDebug(@"[MXSecretStorage] createKeyWithKeyId: Failed to create a new key - %@", error); + failure(error); + }); + }]; + + [operation mutateTo:operation2]; + }); + + return operation; +} + - (MXHTTPOperation*)deleteKeyWithKeyId:(nullable NSString*)keyId success:(void (^)(void))success failure:(void (^)(NSError *error))failure From a826fd1831c3f519301a8fe13512ccdf8ca22835 Mon Sep 17 00:00:00 2001 From: Mauro Romito Date: Thu, 14 Nov 2024 17:40:51 +0100 Subject: [PATCH 2/3] possible way to generate randomBytes --- MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m index 3ffb6c6de..014c15215 100644 --- a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m +++ b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m @@ -25,6 +25,7 @@ #import "MXBase64Tools.h" #import "MXEncryptedSecretContent.h" +#import #pragma mark - Constants @@ -166,9 +167,14 @@ - (MXHTTPOperation*)createKeyWithKeyId:(nullable NSString*)keyId } else { - OLMPkDecryption *decryption = [OLMPkDecryption new]; - [decryption generateKey:&error]; - privateKey = decryption.privateKey; + uint8_t randomBytes[32]; + OSStatus status = SecRandomCopyBytes(kSecRandomDefault, sizeof(randomBytes), randomBytes); + + if (status == errSecSuccess) { + privateKey = [NSData dataWithBytes:randomBytes length:sizeof(randomBytes)]; + } else { + MXLogDebug(@"Failed to generate random bytes with error: %d", (int)status); + } } if (error) From 4dfef2254e4ca26e3859750e3dcedc591416134f Mon Sep 17 00:00:00 2001 From: Mauro Romito Date: Thu, 14 Nov 2024 17:53:42 +0100 Subject: [PATCH 3/3] objc indentation --- MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m index 014c15215..69b2124d0 100644 --- a/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m +++ b/MatrixSDK/Crypto/SecretStorage/MXSecretStorage.m @@ -169,10 +169,13 @@ - (MXHTTPOperation*)createKeyWithKeyId:(nullable NSString*)keyId { uint8_t randomBytes[32]; OSStatus status = SecRandomCopyBytes(kSecRandomDefault, sizeof(randomBytes), randomBytes); - - if (status == errSecSuccess) { + + if (status == errSecSuccess) + { privateKey = [NSData dataWithBytes:randomBytes length:sizeof(randomBytes)]; - } else { + } + else + { MXLogDebug(@"Failed to generate random bytes with error: %d", (int)status); } }