Home Explore Help
Sign In
SX_Cloud
/
space-ios
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

dev e2e

Marino Faggiana 7 years ago
parent
b851ff2a93
commit
2f6f7bdb89
3 changed files with 42 additions and 18 deletions
Split View Show Diff Stats
  1. 4 1
      iOSClient/Security/NCEndToEndEncryption.h
  2. 2 12
      iOSClient/Security/NCEndToEndEncryption.m
  3. 36 5
      iOSClient/Security/NCEntoToEndInterface.swift

+ 4 - 1
iOSClient/Security/NCEndToEndEncryption.h
View File 

@@ -34,7 +34,10 @@
 
 
 - (NSString *)createCSR:(NSString *)userID directoryUser:(NSString *)directoryUser;
 
 - (NSString *)encryptPrivateKey:(NSString *)userID directoryUser: (NSString *)directoryUser passphrase:(NSString *)passphrase;
 
-- (NSString *)decryptPrivateKey:(NSString *)privateKeyCipher passphrase:(NSString *)passphrase publicKey:(NSString *)publicKey;
 
+- (NSString *)decryptPrivateKey:(NSString *)privateKeyCipher passphrase:(NSString *)passphrase;
 
+
 
+- (NSData *)encryptAsymmetricString:(NSString *)plain publicKey:(NSString *)publicKey;
 
+- (NSString *)decryptAsymmetricData:(NSData *)chiperData privateKey:(NSString *)privateKey;
 
 
 
 - (NSString *)createSHA512:(NSString *)string;

+ 2 - 12
iOSClient/Security/NCEndToEndEncryption.m
View File 

@@ -47,7 +47,6 @@
 
 #define PBKDF2_SALT                 @"$4$YmBjm3hk$Qb74D5IUYwghUmzsMqeNFx5z0/8$"
 
 
 #define RSA_CIPHER                  RSA_PKCS1_PADDING
 
-#define ASYMMETRIC_STRING_TEST      @"Nextcloud a safe home for all your data"
 
 
 #define fileNameCertificate         @"cert.pem"
 
 #define fileNameCSR                 @"csr.pem"
 
@@ -376,7 +375,7 @@ cleanup:
 
 #pragma mark - No key pair exists on the server
 
 #
 
 
-- (NSString *)decryptPrivateKey:(NSString *)privateKeyCipher passphrase:(NSString *)passphrase publicKey:(NSString *)publicKey
 
+- (NSString *)decryptPrivateKey:(NSString *)privateKeyCipher passphrase:(NSString *)passphrase
 
 {
 
     NSMutableData *privateKeyData = [NSMutableData new];
 
     
@@ -406,16 +405,7 @@ cleanup:
 
     if (result && privateKeyData) {
 
         
         NSString *privateKey = [[NSString alloc] initWithData:privateKeyData encoding:NSUTF8StringEncoding];
 
-
 
-        NSData *encryptData = [self encryptAsymmetricString:ASYMMETRIC_STRING_TEST publicKey:publicKey];
 
-        if (!encryptData)
 
-            return nil;
 
-        NSString *decryptString = [self decryptAsymmetricData:encryptData privateKey:privateKey];
 
-        
-        if (decryptString && [decryptString isEqualToString:ASYMMETRIC_STRING_TEST])
 
-            return privateKey;
 
-        else
 
-            return nil;
 
+        return privateKey;
 
         
     } else {

+ 36 - 5
iOSClient/Security/NCEntoToEndInterface.swift
View File 

@@ -27,6 +27,8 @@ class NCEntoToEndInterface : NSObject, OCNetworkingDelegate  {
 
 
     let appDelegate = UIApplication.shared.delegate as! AppDelegate
 
     
+    let ASYMMETRIC_STRING_TEST = "Nextcloud a safe home for all your data"
 
+    
     override init() {
 
     }
 
     
@@ -89,7 +91,7 @@ class NCEntoToEndInterface : NSObject, OCNetworkingDelegate  {
 
             
             guard let csr = NCEndToEndEncryption.sharedManager().createCSR(appDelegate.activeUserID, directoryUser: appDelegate.directoryUser) else {
 
                 
-                appDelegate.messageNotification("E2E Csr", description: "E2E Error to create Csr", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
 
+                appDelegate.messageNotification("E2E Csr", description: "Error to create Csr", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
 
                 
                 NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPublicKeys, note: "E2E Error to create Csr", type: k_activityTypeFailure, verbose: false, activeUrl: "")
 
                 
@@ -160,17 +162,46 @@ class NCEntoToEndInterface : NSObject, OCNetworkingDelegate  {
 
         let ok = UIAlertAction(title: "OK", style: .default, handler: { (action) -> Void in
 
             
             let passphrase = passphraseTextField?.text
 
-            let publicKey = CCUtility.getEndToEndPublicKey(self.appDelegate.activeAccount)
 
             
-            guard (NCEndToEndEncryption.sharedManager().decryptPrivateKey(metadataNet.key, passphrase: passphrase, publicKey: publicKey)) != nil else {
 
+            guard let privateKey = (NCEndToEndEncryption.sharedManager().decryptPrivateKey(metadataNet.key, passphrase: passphrase)) else {
 
                 
-                self.appDelegate.messageNotification("E2E decrypt privateKey", description: "E2E Error to decrypt Private Key", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: 0)
 
+                self.appDelegate.messageNotification("E2E decrypt privateKey", description: "Error to decrypt Private Key", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: 0)
 
                 
                 NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPrivateKeyCipher, note: "E2E Error to decrypt PrivateKey", type: k_activityTypeFailure, verbose: false, activeUrl: "")
 
                 
                 return
 
             }
 
             
+            // --------- verify privateKey encrypt/decrypt asymmetric key ---------
 
+            
+            let publicKey = CCUtility.getEndToEndPublicKey(self.appDelegate.activeAccount)
 
+            guard let encryptData = NCEndToEndEncryption.sharedManager().encryptAsymmetricString(self.ASYMMETRIC_STRING_TEST, publicKey: publicKey) else {
 
+                
+                self.appDelegate.messageNotification("E2E Verify privateKey", description: "Error to encrypt asymmetric key", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: 0)
 
+                
+                NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPrivateKeyCipher, note: "E2E Verify privateKey, error to encrypt asymmetric key", type: k_activityTypeFailure, verbose: false, activeUrl: "")
 
+                
+                return
 
+            }
 
+            
+            guard let decryptString = NCEndToEndEncryption.sharedManager().decryptAsymmetricData(encryptData, privateKey: privateKey) else {
 
+                
+                self.appDelegate.messageNotification("E2E Verify privateKey", description: "Error to decrypt asymmetric key", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: 0)
 
+                
+                NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPrivateKeyCipher, note: "E2E Verify privateKey, error to decrypt asymmetric key", type: k_activityTypeFailure, verbose: false, activeUrl: "")
 
+                
+                return
 
+            }
 
+            
+            if (decryptString != self.ASYMMETRIC_STRING_TEST) {
 
+                
+                self.appDelegate.messageNotification("E2E Verify privateKey", description: "Error verify data encrypt/decrypt", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: 0)
 
+                
+                NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPrivateKeyCipher, note: "E2E Verify privateKey, error verify data encrypt/decrypt", type: k_activityTypeFailure, verbose: false, activeUrl: "")
 
+                
+                return
 
+            }
 
+            
             // Save to keychain
 
             CCUtility.setEndToEndPrivateKeyCipher(self.appDelegate.activeAccount, privateKeyCipher: metadataNet.key)
 
             CCUtility.setEndToEndPassphrase(self.appDelegate.activeAccount, passphrase:passphrase)
 
@@ -216,7 +247,7 @@ class NCEntoToEndInterface : NSObject, OCNetworkingDelegate  {
 
                                 
                 guard let privateKeyChiper = NCEndToEndEncryption.sharedManager().encryptPrivateKey(self.appDelegate.activeUserID, directoryUser: self.appDelegate.directoryUser, passphrase: e2ePassphrase) else {
 
                     
-                    self.appDelegate.messageNotification("E2E privateKey", description: "E2E Error to create PrivateKey chiper", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
 
+                    self.appDelegate.messageNotification("E2E privateKey", description: "Error to create PrivateKey chiper", visible: true, delay: TimeInterval(k_dismissAfterSecond), type: TWMessageBarMessageType.error, errorCode: errorCode)
 
                     
                     NCManageDatabase.sharedInstance.addActivityClient("", fileID: "", action: k_activityDebugActionEndToEndEncryption, selector: actionGetEndToEndPrivateKeyCipher, note: "E2E Error to create PrivateKey chiper", type: k_activityTypeFailure, verbose: false, activeUrl: "")