coding

File Provider Extension/FileProviderExtension.swift

@@ -78,7 +78,7 @@ class FileProviderExtension: NSFileProviderExtension, NCNetworkingDelegate {
         if containerItemIdentifier != NSFileProviderItemIdentifier.workingSet {
             if fileProviderData.shared.setupAccount(domain: domain, providerExtension: self) == nil {
                 throw NSError(domain: NSFileProviderErrorDomain, code: NSFileProviderError.notAuthenticated.rawValue, userInfo: [:])
-            } else if let passcode = CCUtility.getPasscode(), !passcode.isEmpty, CCUtility.isPasscodeAtStartEnabled() {
+            } else if NCKeychain().passcode != nil, NCKeychain().requestPasscodeAtStart {
                 throw NSError(domain: NSFileProviderErrorDomain, code: NSFileProviderError.notAuthenticated.rawValue, userInfo: ["code": NSNumber(value: NCGlobal.shared.errorUnauthorizedFilesPasscode)])
             } else if CCUtility.getDisableFilesApp() || NCBrandOptions.shared.disable_openin_file {
                 throw NSError(domain: NSFileProviderErrorDomain, code: NSFileProviderError.notAuthenticated.rawValue, userInfo: ["code": NSNumber(value: NCGlobal.shared.errorDisableFilesApp)])

iOSClient/AppDelegate.swift

@@ -714,7 +714,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         defer { self.requestAccount() }
 
         let presentedViewController = window?.rootViewController?.presentedViewController
-        guard !account.isEmpty, CCUtility.isPasscodeAtStartEnabled(), !(presentedViewController is NCLoginNavigationController) else { return }
+        guard !account.isEmpty, NCKeychain().passcode != nil, NCKeychain().requestPasscodeAtStart, !(presentedViewController is NCLoginNavigationController) else { return }
 
         // Make sure we have a privacy window (in case it's not enabled)
         showPrivacyProtectionWindow()
@@ -747,7 +747,8 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
     func enableTouchFaceID() {
         guard !account.isEmpty,
               CCUtility.getEnableTouchFaceID(),
-              CCUtility.isPasscodeAtStartEnabled(),
+              NCKeychain().passcode != nil,
+              NCKeychain().requestPasscodeAtStart,
               let passcodeViewController = privacyProtectionWindow?.rootViewController?.presentedViewController as? TOPasscodeViewController
         else { return }
 
@@ -775,7 +776,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
     }
 
     func passcodeViewController(_ passcodeViewController: TOPasscodeViewController, isCorrectCode code: String) -> Bool {
-        return code == CCUtility.getPasscode()
+        return code == NCKeychain().passcode
     }
 
     func didPerformBiometricValidationRequest(in passcodeViewController: TOPasscodeViewController) {

iOSClient/Settings/NCManageE2EE.swift

@@ -136,7 +136,7 @@ class NCManageE2EE: NSObject, ObservableObject, NCEndToEndInitializeDelegate, TO
 
     func passcodeViewController(_ passcodeViewController: TOPasscodeViewController, isCorrectCode code: String) -> Bool {
 
-        if code == CCUtility.getPasscode() {
+        if code == NCKeychain().passcode {
             DispatchQueue.main.asyncAfter(deadline: .now() + 0.3) {
                 self.correctPasscode()
             }
@@ -202,7 +202,7 @@ struct NCViewE2EE: View {
                     }
                     .contentShape(Rectangle())
                     .onTapGesture {
-                        if let passcode = CCUtility.getPasscode(), !passcode.isEmpty {
+                        if let passcode = NCKeychain().passcode {
                             manageE2EE.requestPasscodeType("readPassphrase")
                         } else {
                             NCContentPresenter.shared.showInfo(error: NKError(errorCode: 0, errorDescription: "_e2e_settings_lock_not_active_"))
@@ -222,7 +222,7 @@ struct NCViewE2EE: View {
                     }
                     .contentShape(Rectangle())
                     .onTapGesture {
-                        if let passcode = CCUtility.getPasscode(), !passcode.isEmpty {
+                        if let passcode = NCKeychain().passcode {
                             manageE2EE.requestPasscodeType("removeLocallyEncryption")
                         } else {
                             NCContentPresenter.shared.showInfo(error: NKError(errorCode: 0, errorDescription: "_e2e_settings_lock_not_active_"))
@@ -252,7 +252,7 @@ struct NCViewE2EE: View {
                         }
                         .contentShape(Rectangle())
                         .onTapGesture {
-                            if let passcode = CCUtility.getPasscode(), !passcode.isEmpty {
+                            if let passcode = NCKeychain().passcode {
                                 manageE2EE.requestPasscodeType("startE2E")
                             } else {
                                 NCContentPresenter.shared.showInfo(error: NKError(errorCode: 0, errorDescription: "_e2e_settings_lock_not_active_"))

iOSClient/Settings/NCSettings.m

@@ -265,7 +265,7 @@
 
     // ------------------------------------------------------------------
     
-    if ([[CCUtility getPasscode] length]) {
+    if ([[NCKeychain alloc] init].passcode) {
         rowBloccoPasscode.title = NSLocalizedString(@"_lock_active_", nil);
         [rowBloccoPasscode.cellConfig setObject:[[UIImage imageNamed:@"lock"] imageWithColor:UIColor.systemGrayColor size:25] forKey:@"imageView.image"];
     } else {
@@ -274,7 +274,7 @@
     }
     
     if ([CCUtility getEnableTouchFaceID]) [rowEnableTouchDaceID setValue:@1]; else [rowEnableTouchDaceID setValue:@0];
-    if ([CCUtility getNotPasscodeAtStart]) [rowNotPasscodeAtStart setValue:@1]; else [rowNotPasscodeAtStart setValue:@0];
+    if ([[NCKeychain alloc] init].requestPasscodeAtStart) [rowNotPasscodeAtStart setValue:@0]; else [rowNotPasscodeAtStart setValue:@1];
     if ([CCUtility getPrivacyScreenEnabled]) [rowPrivacyScreen setValue:@1]; else [rowPrivacyScreen setValue:@0];
 
 
@@ -292,9 +292,9 @@
     if ([rowDescriptor.tag isEqualToString:@"notPasscodeAtStart"]) {
         
         if ([[rowDescriptor.value valueData] boolValue] == YES) {
-            [CCUtility setNotPasscodeAtStart:true];
+            [[NCKeychain alloc] init].requestPasscodeAtStart = false;
         } else {
-            [CCUtility setNotPasscodeAtStart:false];
+            [[NCKeychain alloc] init].requestPasscodeAtStart = true;
         }
     }
     
@@ -370,7 +370,7 @@
     [[LAContext new] evaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics localizedReason:[[NCBrandOptions shared] brand] reply:^(BOOL success, NSError * _Nullable error) {
         if (success) {
             dispatch_after(dispatch_time(DISPATCH_TIME_NOW, 0.5 * NSEC_PER_SEC), dispatch_get_main_queue(), ^(void) {
-                [CCUtility setPasscode:@""];
+                [[NCKeychain alloc] init].passcode = nil;
                 [passcodeViewController dismissViewControllerAnimated:YES completion:nil];
                 [self reloadForm];
             });
@@ -380,7 +380,7 @@
 
 - (void)passcodeSettingsViewController:(TOPasscodeSettingsViewController *)passcodeSettingsViewController didChangeToNewPasscode:(NSString *)passcode ofType:(TOPasscodeType)type
 {
-    [CCUtility setPasscode:passcode];
+    [[NCKeychain alloc] init].passcode = passcode;
     [passcodeSettingsViewController dismissViewControllerAnimated:YES completion:nil];
     
     [self reloadForm];
@@ -393,8 +393,8 @@
 
 - (BOOL)passcodeViewController:(TOPasscodeViewController *)passcodeViewController isCorrectCode:(NSString *)code
 {
-    if ([code isEqualToString:[CCUtility getPasscode]]) {
-        [CCUtility setPasscode:@""];
+    if ([code isEqualToString:[[NCKeychain alloc] init].passcode]) {
+        [[NCKeychain alloc] init].passcode = nil;
         [self reloadForm];
         
         return YES;
@@ -410,22 +410,12 @@
     
     [self deselectFormRow:sender];
 
-    if ([[CCUtility getPasscode] length] == 0) {
-        
-        passcodeSettingsViewController = [[TOPasscodeSettingsViewController alloc] init];
-        passcodeSettingsViewController.hideOptionsButton = YES;
-        passcodeSettingsViewController.requireCurrentPasscode = NO;
-        passcodeSettingsViewController.passcodeType = TOPasscodeTypeSixDigits;
-        passcodeSettingsViewController.delegate = self;
-        
-        [self presentViewController:passcodeSettingsViewController animated:YES completion:nil];
-        
-    } else {
-     
+    if ([[NCKeychain alloc] init].passcode) {
+
         passcodeViewController = [[TOPasscodeViewController alloc] initPasscodeType:TOPasscodeTypeSixDigits allowCancel:true];
         passcodeViewController.delegate = self;
         passcodeViewController.keypadButtonShowLettering = false;
-        
+
         if (CCUtility.getEnableTouchFaceID && [laContext canEvaluatePolicy:LAPolicyDeviceOwnerAuthenticationWithBiometrics error:&error]) {
             if (error == NULL) {
                 if (laContext.biometryType == LABiometryTypeFaceID) {
@@ -443,6 +433,16 @@
         }
 
         [self presentViewController:passcodeViewController animated:YES completion:nil];
+
+    } else {
+     
+        passcodeSettingsViewController = [[TOPasscodeSettingsViewController alloc] init];
+        passcodeSettingsViewController.hideOptionsButton = YES;
+        passcodeSettingsViewController.requireCurrentPasscode = NO;
+        passcodeSettingsViewController.passcodeType = TOPasscodeTypeSixDigits;
+        passcodeSettingsViewController.delegate = self;
+
+        [self presentViewController:passcodeSettingsViewController animated:YES completion:nil];
     }
 }
 

iOSClient/Utility/CCUtility.h

@@ -42,17 +42,9 @@
 + (void)deleteAllChainStore;
 + (void)storeAllChainInService;
 
-+ (NSString *)getPasscode;
-+ (void)setPasscode:(NSString *)passcode;
-
-+ (BOOL)getNotPasscodeAtStart;
-+ (void)setNotPasscodeAtStart:(BOOL)set;
-
 + (BOOL)getEnableTouchFaceID;
 + (void)setEnableTouchFaceID:(BOOL)set;
 
-+ (BOOL)isPasscodeAtStartEnabled;
-
 + (NSString *)getGroupBySettings;
 + (void)setGroupBySettings:(NSString *)groupby;
 

iOSClient/Utility/CCUtility.m

@@ -82,12 +82,6 @@
     [UICKeyChainStore setString:sSet forKey:@"enableTouchFaceID" service:NCGlobal.shared.serviceShareKeyChain];
 }
 
-+ (BOOL)isPasscodeAtStartEnabled
-{
-    if ([self getPasscode].length > 0 && ![self getNotPasscodeAtStart]) return true;
-    else return false;
-}
-
 + (NSString *)getGroupBySettings
 {
     NSString *groupby = [UICKeyChainStore stringForKey:@"groupby" service:NCGlobal.shared.serviceShareKeyChain];

iOSClient/Utility/NCKeychain.swift

@@ -24,10 +24,17 @@
 import Foundation
 import KeychainAccess
 
-class NCKeychain {
+@objc class NCKeychain: NSObject {
 
     let keychain = Keychain(service: "com.nextcloud.keychain")
-    let keychainOLD = Keychain(service: NCGlobal.shared.serviceShareKeyChain)
+
+    private func migrate(key: String) {
+        let keychainOLD = Keychain(service: NCGlobal.shared.serviceShareKeyChain)
+        if let value = keychainOLD[key], !value.isEmpty {
+            keychain[key] = value
+            keychainOLD[key] = nil
+        }
+    }
 
     var typeFilterScanDocument: NCGlobal.TypeFilterScanDocument {
         get {
@@ -42,21 +49,37 @@ class NCKeychain {
         }
     }
 
-    var passcode: String {
+    @objc var passcode: String? {
         get {
-            /* MIGRATION OLD */
-            if let value = keychainOLD["passcodeBlock"], !value.isEmpty {
-                keychain["passcodeBlock"] = value
-                keychainOLD["passcodeBlock"] = nil
-            }
+            migrate(key: "passcodeBlock")
             if let value = try? keychain.get("passcodeBlock") {
                 return value
-            } else {
-                return ""
             }
+            return nil
         }
         set {
             keychain["passcodeBlock"] = newValue
         }
     }
+
+    @objc var requestPasscodeAtStart: Bool {
+        get {
+            let keychainOLD = Keychain(service: NCGlobal.shared.serviceShareKeyChain)
+            if let value = keychainOLD["notPasscodeAtStart"], !value.isEmpty {
+                if value == "true" {
+                    keychain["requestPasscodeAtStart"] = "false"
+                } else if value == "false" {
+                    keychain["requestPasscodeAtStart"] = "true"
+                }
+                keychainOLD["notPasscodeAtStart"] = nil
+            }
+            if let value = try? keychain.get("requestPasscodeAtStart"), let result = Bool(value) {
+                return result
+            }
+            return false
+        }
+        set {
+            keychain["requestPasscodeAtStart"] = String(newValue)
+        }
+    }
 }