e2ee

Share/NCShareExtension+DataSource.swift

@@ -34,7 +34,7 @@ extension NCShareExtension: UICollectionViewDelegate {
                   return showAlert(description: "_invalid_url_")
               }
 
-        if metadata.e2eEncrypted && !CCUtility.isEnd(toEndEnabled: activeAccount.account) {
+        if metadata.e2eEncrypted && !NCKeychain().isEndToEndEnabled(account: activeAccount.account) {
             showAlert(title: "_info_", description: "_e2e_goto_settings_for_enable_")
         }
 

iOSClient/AppDelegate.swift

@@ -622,7 +622,7 @@ class AppDelegate: UIResponder, UIApplicationDelegate, UNUserNotificationCenterD
         }
         NCManageDatabase.shared.clearDatabase(account: account, removeAccount: true)
 
-        CCUtility.clearAllKeysEnd(toEnd: account)
+        NCKeychain().clearAllKeysEndToEnd(account: account)
         CCUtility.clearAllKeysPushNotification(account)
         CCUtility.setPassword(account, password: nil)
 

iOSClient/Data/NCManageDatabase+Metadata.swift

@@ -202,11 +202,11 @@ extension tableMetadata {
     }
 
     var isDirectoySettableE2EE: Bool {
-        return directory && size == 0 && !e2eEncrypted && CCUtility.isEnd(toEndEnabled: account)
+        return directory && size == 0 && !e2eEncrypted && NCKeychain().isEndToEndEnabled(account: account)
     }
 
     var isDirectoryUnsettableE2EE: Bool {
-        return !isDirectoryE2EE && directory && size == 0 && e2eEncrypted && CCUtility.isEnd(toEndEnabled: account)
+        return !isDirectoryE2EE && directory && size == 0 && e2eEncrypted && NCKeychain().isEndToEndEnabled(account: account)
     }
 
     var canOpenExternalEditor: Bool {

iOSClient/Main/Collection Common/NCCollectionViewCommon.swift

@@ -1012,8 +1012,8 @@ class NCCollectionViewCommon: UIViewController, UIGestureRecognizerDelegate, UIS
                     self.metadataFolder = metadataFolder
                     // E2EE
                     if let metadataFolder = metadataFolder,
-                        metadataFolder.e2eEncrypted,
-                        CCUtility.isEnd(toEndEnabled: self.appDelegate.account),
+                       metadataFolder.e2eEncrypted,
+                       NCKeychain().isEndToEndEnabled(account: self.appDelegate.account),
                        !NCNetworkingE2EE.shared.isInUpload(account: self.appDelegate.account, serverUrl: self.serverUrl) {
                         let lock = NCManageDatabase.shared.getE2ETokenLock(account: self.appDelegate.account, serverUrl: self.serverUrl)
                         NextcloudKit.shared.getE2EEMetadata(fileId: metadataFolder.ocId, e2eToken: lock?.e2eToken) { _, e2eMetadata, signature, _, error in
@@ -1105,7 +1105,7 @@ extension NCCollectionViewCommon: UICollectionViewDelegate {
 
         if metadata.e2eEncrypted {
             if NCGlobal.shared.capabilityE2EEEnabled {
-                if !CCUtility.isEnd(toEndEnabled: appDelegate.account) {
+                if !NCKeychain().isEndToEndEnabled(account: appDelegate.account) {
                     let e2ee = NCEndToEndInitialize()
                     e2ee.delegate = self
                     e2ee.initEndToEndEncryption()

iOSClient/Menu/AppDelegate+Menu.swift

@@ -111,7 +111,7 @@ extension AppDelegate {
             )
         )
 
-        if CCUtility.isEnd(toEndEnabled: appDelegate.account) {
+        if NCKeychain().isEndToEndEnabled(account: appDelegate.account) {
             actions.append(.seperator(order: 0))
         }
 
@@ -128,7 +128,7 @@ extension AppDelegate {
         )
 
         // Folder encrypted
-        if !isDirectoryE2EE && CCUtility.isEnd(toEndEnabled: appDelegate.account) {
+        if !isDirectoryE2EE && NCKeychain().isEndToEndEnabled(account: appDelegate.account) {
             actions.append(
                 NCMenuAction(title: NSLocalizedString("_create_folder_e2ee_", comment: ""),
                              icon: UIImage(named: "folderEncrypted")!.image(color: NCBrandColor.shared.brandElement, size: 50),
@@ -140,7 +140,7 @@ extension AppDelegate {
             )
         }
 
-        if CCUtility.isEnd(toEndEnabled: appDelegate.account) {
+        if NCKeychain().isEndToEndEnabled(account: appDelegate.account) {
             actions.append(.seperator(order: 0))
         }
 

iOSClient/Networking/E2EE/NCEndToEndMetadataV1.swift

@@ -166,7 +166,7 @@ extension NCEndToEndMetadata {
         }
 
         // Create checksum
-        let passphrase = CCUtility.getEndToEndPassphrase(account).replacingOccurrences(of: " ", with: "")
+        let passphrase = NCKeychain().getEndToEndPassphrase(account: account)?.replacingOccurrences(of: " ", with: "") ?? ""
         let dataChecksum = (passphrase + fileNameIdentifiers.sorted().joined() + metadataKey).data(using: .utf8)
         let checksum = NCEndToEndEncryption.sharedManager().createSHA256(dataChecksum)
 
@@ -345,7 +345,7 @@ extension NCEndToEndMetadata {
             }
 
             // verify checksum
-            let passphrase = CCUtility.getEndToEndPassphrase(account).replacingOccurrences(of: " ", with: "")
+            let passphrase = NCKeychain().getEndToEndPassphrase(account: account)?.replacingOccurrences(of: " ", with: "") ?? ""
             let dataChecksum = (passphrase + fileNameIdentifiers.sorted().joined() + metadata.metadataKey).data(using: .utf8)
             let checksum = NCEndToEndEncryption.sharedManager().createSHA256(dataChecksum)
             if metadata.checksum != checksum {

iOSClient/Networking/E2EE/NCNetworkingE2EE.swift

@@ -191,7 +191,7 @@ class NCNetworkingE2EE: NSObject {
 
     func unlockAll(account: String) {
 
-        guard CCUtility.isEnd(toEndEnabled: account) else { return }
+        guard NCKeychain().isEndToEndEnabled(account: account) else { return }
 
         Task {
             for result in NCManageDatabase.shared.getE2EAllTokenLock(account: account) {

iOSClient/Settings/NCEndToEndInitialize.swift

@@ -45,7 +45,7 @@ class NCEndToEndInitialize: NSObject {
     @objc func initEndToEndEncryption() {
 
         // Clear all keys
-        CCUtility.clearAllKeysEnd(toEnd: appDelegate.account)
+        NCKeychain().clearAllKeysEndToEnd(account: appDelegate.account)
 
         self.getPublicKey()
     }
@@ -148,7 +148,7 @@ class NCEndToEndInitialize: NSObject {
 
                 let ok = UIAlertAction(title: "OK", style: .default, handler: { _ -> Void in
 
-                    let passphrase = passphraseTextField?.text
+                    let passphrase = passphraseTextField?.text ?? ""
 
                     let publicKey = NCKeychain().getEndToEndCertificate(account: self.appDelegate.account)
 
@@ -165,7 +165,7 @@ class NCEndToEndInitialize: NSObject {
                     }
 
                     // Save to keychain
-                    CCUtility.setEndToEndPassphrase(self.appDelegate.account, passphrase: passphrase)
+                    NCKeychain().setEndToEndPassphrase(account: self.appDelegate.account, passphrase: passphrase)
 
                     // request server publicKey
                     NextcloudKit.shared.getE2EEPublicKey { account, publicKey, _, error in
@@ -269,7 +269,7 @@ class NCEndToEndInitialize: NSObject {
             if error == .success, account == self.appDelegate.account, let privateKey = privateKeyString {
 
                 NCKeychain().setEndToEndPrivateKey(account: account, privateKey: String(privateKey))
-                CCUtility.setEndToEndPassphrase(account, passphrase: e2ePassphrase)
+                NCKeychain().setEndToEndPassphrase(account: account, passphrase: e2ePassphrase)
 
                 // request server publicKey
                 NextcloudKit.shared.getE2EEPublicKey { account, publicKey, _, error in

iOSClient/Settings/NCManageE2EE.swift

@@ -50,7 +50,7 @@ class NCManageE2EE: NSObject, ObservableObject, NCEndToEndInitializeDelegate, TO
         super.init()
 
         endToEndInitialize.delegate = self
-        isEndToEndEnabled = CCUtility.isEnd(toEndEnabled: appDelegate.account)
+        isEndToEndEnabled = NCKeychain().isEndToEndEnabled(account: appDelegate.account)
         if isEndToEndEnabled {
             statusOfService = NSLocalizedString("_status_e2ee_configured_", comment: "")
         } else {
@@ -103,7 +103,7 @@ class NCManageE2EE: NSObject, ObservableObject, NCEndToEndInitializeDelegate, TO
         case "startE2E":
             endToEndInitialize.initEndToEndEncryption()
         case "readPassphrase":
-            if let e2ePassphrase = CCUtility.getEndToEndPassphrase(appDelegate.account) {
+            if let e2ePassphrase = NCKeychain().getEndToEndPassphrase(account: appDelegate.account) {
                 print("[LOG]Passphrase: " + e2ePassphrase)
                 let message = "\n" + NSLocalizedString("_e2e_settings_the_passphrase_is_", comment: "") + "\n\n\n" + e2ePassphrase
                 let alertController = UIAlertController(title: NSLocalizedString("_info_", comment: ""), message: message, preferredStyle: .alert)
@@ -116,8 +116,8 @@ class NCManageE2EE: NSObject, ObservableObject, NCEndToEndInitializeDelegate, TO
         case "removeLocallyEncryption":
             let alertController = UIAlertController(title: NSLocalizedString("_e2e_settings_remove_", comment: ""), message: NSLocalizedString("_e2e_settings_remove_message_", comment: ""), preferredStyle: .alert)
             alertController.addAction(UIAlertAction(title: NSLocalizedString("_remove_", comment: ""), style: .default, handler: { _ in
-                CCUtility.clearAllKeysEnd(toEnd: self.appDelegate.account)
-                self.isEndToEndEnabled = CCUtility.isEnd(toEndEnabled: self.appDelegate.account)
+                NCKeychain().clearAllKeysEndToEnd(account: self.appDelegate.account)
+                self.isEndToEndEnabled = NCKeychain().isEndToEndEnabled(account: self.appDelegate.account)
             }))
             alertController.addAction(UIAlertAction(title: NSLocalizedString("_cancel_", comment: ""), style: .default, handler: { _ in }))
             appDelegate.window?.rootViewController?.present(alertController, animated: true)

iOSClient/Utility/CCUtility.h

@@ -41,17 +41,6 @@
 
 + (void)deleteAllChainStore;
 
-// E2EE -------------------------------------------
-
-+ (NSString *)getEndToEndPassphrase:(NSString *)account;
-+ (void)setEndToEndPassphrase:(NSString *)account passphrase:(NSString *)passphrase;
-
-+ (BOOL)isEndToEndEnabled:(NSString *)account;
-
-// E2EE -------------------------------------------
-
-+ (void)clearAllKeysEndToEnd:(NSString *)account;
-
 + (BOOL)getDisableFilesApp;
 + (void)setDisableFilesApp:(BOOL)disable;
 

iOSClient/Utility/CCUtility.m

@@ -50,45 +50,6 @@
 
 #pragma ------------------------------ GET/SET
 
-+ (NSString *)getEndToEndPassphrase:(NSString *)account
-{
-    NSString *key = [E2E_Passphrase stringByAppendingString:account];
-    return [UICKeyChainStore stringForKey:key service:NCGlobal.shared.serviceShareKeyChain];
-}
-
-+ (void)setEndToEndPassphrase:(NSString *)account passphrase:(NSString *)passphrase
-{
-    NSString *key = [E2E_Passphrase stringByAppendingString:account];
-    [UICKeyChainStore setString:passphrase forKey:key service:NCGlobal.shared.serviceShareKeyChain];
-}
-
-+ (BOOL)isEndToEndEnabled:(NSString *)account
-{
-    NSString* versionE2EE = [[NCGlobal shared] capabilityE2EEApiVersion];
-
-    // NSString *certificate = [self getEndToEndCertificate:account];
-    //NSString *publicKey = [self getEndToEndPublicKey:account];
-    //NSString *privateKey = [self getEndToEndPrivateKey:account];
-    // NSString *passphrase = [self getEndToEndPassphrase:account];
-
-    //if (passphrase.length > 0 && privateKey.length > 0 && certificate.length > 0 && publicKey.length > 0 && [NCGlobal.shared.e2eeVersions containsObject:versionE2EE]) {
-        return YES;
-    //} else {
-    //    return NO;
-    //}
-}
-
-+ (void)clearAllKeysEndToEnd:(NSString *)account
-{
-   // [self setEndToEndCertificate:account certificate:nil];
-    //[self setEndToEndPrivateKey:account privateKey:nil];
-    //[self setEndToEndPublicKey:account publicKey:nil];
-    //[self setEndToEndPassphrase:account passphrase:nil];
-
-    // OLD
-    [UICKeyChainStore setString:nil forKey:[@"EndToEndPublicKey_" stringByAppendingString:account] service:NCGlobal.shared.serviceShareKeyChain];
-}
-
 + (BOOL)getDisableFilesApp
 {
     return [[UICKeyChainStore stringForKey:@"disablefilesapp" service:NCGlobal.shared.serviceShareKeyChain] boolValue];

iOSClient/Utility/NCKeychain.swift

@@ -197,13 +197,15 @@ import KeychainAccess
         keychain[key] = String(prefix)
     }
 
+    // MARK: - E2EE
+
     func getEndToEndCertificate(account: String) -> String? {
         let key = E2E_certificate + account
         migrate(key: key)
         return try? keychain.get(key)
     }
 
-    func setEndToEndCertificate(account: String, certificate: String) {
+    func setEndToEndCertificate(account: String, certificate: String?) {
         let key = E2E_certificate + account
         keychain[key] = certificate
     }
@@ -214,7 +216,7 @@ import KeychainAccess
         return try? keychain.get(key)
     }
 
-    func setEndToEndPrivateKey(account: String, privateKey: String) {
+    func setEndToEndPrivateKey(account: String, privateKey: String?) {
         let key = E2E_PrivateKey + account
         keychain[key] = privateKey
     }
@@ -225,7 +227,7 @@ import KeychainAccess
         return try? keychain.get(key)
     }
 
-    func setEndToEndPublicKey(account: String, publicKey: String) {
+    func setEndToEndPublicKey(account: String, publicKey: String?) {
         let key = E2E_PublicKey + account
         keychain[key] = publicKey
     }
@@ -236,8 +238,25 @@ import KeychainAccess
         return try? keychain.get(key)
     }
 
-    func setEndToEndPassphrase(account: String, passphrase: String) {
+    func setEndToEndPassphrase(account: String, passphrase: String?) {
         let key = E2E_Passphrase + account
         keychain[key] = passphrase
     }
+
+    func isEndToEndEnabled(account: String) -> Bool {
+
+        guard let certificate = getEndToEndCertificate(account: account), !certificate.isEmpty,
+              let publicKey = getEndToEndPublicKey(account: account), !publicKey.isEmpty,
+              let privateKey = getEndToEndPrivateKey(account: account), !privateKey.isEmpty,
+              let passphrase = getEndToEndPassphrase(account: account), !passphrase.isEmpty,
+              NCGlobal.shared.e2eeVersions.contains(NCGlobal.shared.capabilityE2EEApiVersion) else { return false }
+        return true
+    }
+
+    func clearAllKeysEndToEnd(account: String) {
+        setEndToEndCertificate(account: account, certificate: nil)
+        setEndToEndPrivateKey(account: account, privateKey: nil)
+        setEndToEndPublicKey(account: account, publicKey: nil)
+        setEndToEndPassphrase(account: account, passphrase: nil)
+    }
 }