e2e

iOSClient/Database/NCDatabase.swift

@@ -100,7 +100,6 @@ class tableDirectory: Object {
     @objc dynamic var dateReadDirectory: NSDate? = nil
     @objc dynamic var directoryID = ""
     @objc dynamic var e2eEncrypted: Bool = false
-    @objc dynamic var e2eMetadataKey = ""
     @objc dynamic var etag = ""
     @objc dynamic var favorite: Bool = false
     @objc dynamic var fileID = ""
@@ -123,6 +122,8 @@ class tableE2eEncryption: Object {
     @objc dynamic var fileNameIdentifierPath = ""
     @objc dynamic var key = ""
     @objc dynamic var initializationVector = ""
+    @objc dynamic var metadataKey = ""
+    @objc dynamic var metadataKeyIndex: Int = 0
     @objc dynamic var mimeType = ""
     @objc dynamic var serverUrl = ""
     @objc dynamic var version: Int = 1

iOSClient/Database/NCManageDatabase.swift

@@ -1041,33 +1041,6 @@ class NCManageDatabase: NSObject {
         }
     }
     
-    @objc func setDirectoryE2EMetadataKey(serverUrl: String, metadataKey: String) -> Bool {
-        
-        guard let tableAccount = self.getAccountActive() else {
-            return false
-        }
-        
-        let realm = try! Realm()
-        
-        realm.beginWrite()
-        
-        guard let result = realm.objects(tableDirectory.self).filter("account = %@ AND serverUrl = %@", tableAccount.account, serverUrl).first else {
-            realm.cancelWrite()
-            return false
-        }
-        
-        result.e2eMetadataKey = metadataKey
-        
-        do {
-            try realm.commitWrite()
-        } catch let error {
-            print("[LOG] Could not write to database: ", error)
-            return false
-        }
-        
-        return true
-    }
-    
     //MARK: -
     //MARK: Table e2e Encryption
     
@@ -1119,7 +1092,7 @@ class NCManageDatabase: NSObject {
         
         let realm = try! Realm()
         
-        guard let result = realm.objects(tableE2eEncryption.self).filter(predicate).first else {
+        guard let result = realm.objects(tableE2eEncryption.self).filter(predicate).sorted(byKeyPath: "metadataKeyIndex", ascending: false).first else {
             return nil
         }
         

iOSClient/Main/CCMain.m

@@ -1287,7 +1287,7 @@
     if (e2eEncryption) {
         metadata.e2eEncrypted = true;
         metadata.fileNameView = e2eEncryption.fileName;
-        [CCUtility insertTypeFileIconName:metadata.fileName metadata:metadata];
+        [CCUtility insertTypeFileIconName:e2eEncryption.fileName metadata:metadata];
     }
     
     // Download

iOSClient/Networking/CCNetworking.m

@@ -1121,9 +1121,8 @@
         if ([CCUtility isFolderEncrypted:serverUrl account:_activeAccount]) {
             
             NSArray *tableE2eEncryption = [[NCManageDatabase sharedInstance] getE2eEncryptionsWithPredicate:[NSPredicate predicateWithFormat:@"account = %@ AND serverUrl = %@", _activeAccount, serverUrl]];
-            tableDirectory *tableDirectory = [[NCManageDatabase sharedInstance] getTableDirectoryWithPredicate:[NSPredicate predicateWithFormat:@"account = %@ AND serverUrl = %@", _activeAccount, serverUrl]];
             
-            NSString *e2eMetadataJSON = [[NCEndToEndMetadata sharedInstance] encoderMetadata:tableE2eEncryption privateKey:[CCUtility getEndToEndPrivateKey:_activeAccount] serverUrl:serverUrl metadataKey:tableDirectory.e2eMetadataKey];
+            NSString *e2eMetadataJSON = [[NCEndToEndMetadata sharedInstance] encoderMetadata:tableE2eEncryption privateKey:[CCUtility getEndToEndPrivateKey:_activeAccount] serverUrl:serverUrl];
 
             dispatch_async(dispatch_get_global_queue(DISPATCH_QUEUE_PRIORITY_HIGH, 0), ^{
                 
@@ -1627,12 +1626,23 @@
     NSString *key;
     NSString *initializationVector;
     NSString *authenticationTag;
+    NSString *metadataKey;
+    NSInteger metadataKeyIndex;
     
     BOOL result = [[NCEndToEndEncryption sharedManager] encryptFileName:fileName fileNameIdentifier:fileNameIdentifier directoryUser: _directoryUser key:&key initializationVector:&initializationVector authenticationTag:&authenticationTag];
     
     // Write to DB
     if (result) {
         
+        tableE2eEncryption *object = [[NCManageDatabase sharedInstance] getE2eEncryptionWithPredicate:[NSPredicate predicateWithFormat:@"account = %@ AND serverUrl = %@", _activeAccount, serverUrl]];
+        if (object) {
+            metadataKey = object.metadataKey;
+            metadataKeyIndex = object.metadataKeyIndex;
+        } else {
+            metadataKey = [[[NCEndToEndEncryption sharedManager] generateKey:16] base64EncodedStringWithOptions:0]; // AES_KEY_128_LENGTH
+            metadataKeyIndex = 0;
+        }
+        
         tableE2eEncryption *addObject = [tableE2eEncryption new];
         
         addObject.account = _activeAccount;
@@ -1642,6 +1652,8 @@
         addObject.fileNameIdentifierPath = [NSString stringWithFormat:@"%@/%@", serverUrl, fileNameIdentifier];
         addObject.key = key;
         addObject.initializationVector = initializationVector;
+        addObject.metadataKey = metadataKey;
+        addObject.metadataKeyIndex = metadataKeyIndex;
         
         CFStringRef UTI = UTTypeCreatePreferredIdentifierForTag(kUTTagClassFilenameExtension, (__bridge CFStringRef)[fileName pathExtension], NULL);
         CFStringRef mimeTypeRef = UTTypeCopyPreferredTagWithClass (UTI, kUTTagClassMIMEType);

iOSClient/Security/NCEndToEndMetadata.swift

@@ -68,31 +68,28 @@ class NCEndToEndMetadata : NSObject  {
     // MARK: Encode / Decode JSON Metadata
     // --------------------------------------------------------------------------------------------
     
-    @objc func encoderMetadata(_ recordsE2eEncryption: [tableE2eEncryption], privateKey: String, serverUrl: String, metadataKey: String) -> String? {
+    @objc func encoderMetadata(_ recordsE2eEncryption: [tableE2eEncryption], privateKey: String, serverUrl: String) -> String? {
         
         let jsonEncoder = JSONEncoder.init()
         var files = [String: e2eMetadata.filesCodable]()
         var version = 1
-        var keyGenerated = ""
-        
-        // Generate Key
-        if (metadataKey == "") {
-            keyGenerated = NCEndToEndEncryption.sharedManager().generateKey(16).base64EncodedString() // AES_KEY_128_LENGTH
-        } else {
-            keyGenerated = metadataKey
-        }
-        
-        // Double Encode64 for Android compatibility OMG
-        let key = (keyGenerated.data(using: .utf8)?.base64EncodedString())!
-        
-        guard let metadataKeyEncryptedData = NCEndToEndEncryption.sharedManager().encryptAsymmetricString(key, publicKey: nil, privateKey: privateKey) else {
-            return nil
-        }
-        let metadataKeyBase64 = metadataKeyEncryptedData.base64EncodedString()
+        var e2eMetadataKey: e2eMetadata.metadataKeyCodable?
         
         // Create "files"
         for recordE2eEncryption in recordsE2eEncryption {
             
+            //
+            // Double Encode64 for Android compatibility
+            let metadatakey = (recordE2eEncryption.metadataKey.data(using: .utf8)?.base64EncodedString())!
+            guard let metadataKeyEncryptedData = NCEndToEndEncryption.sharedManager().encryptAsymmetricString(metadatakey, publicKey: nil, privateKey: privateKey) else {
+                return nil
+            }
+            let metadataKeyEncryptedBase64 = metadataKeyEncryptedData.base64EncodedString()
+
+            // Create "metadataKey" with encrypted maetadatakey
+            // Required a Modify
+            e2eMetadataKey = e2eMetadata.metadataKeyCodable(metadataKeys: ["0":metadataKeyEncryptedBase64], version: version)
+            
             let encrypted = e2eMetadata.encryptedFileAttributes(key: recordE2eEncryption.key, filename: recordE2eEncryption.fileName, mimetype: recordE2eEncryption.mimeType, version: recordE2eEncryption.version)
             
             do {
@@ -101,7 +98,7 @@ class NCEndToEndMetadata : NSObject  {
                 let encryptedJsonData = try jsonEncoder.encode(encrypted)
                 let encryptedJsonString = String(data: encryptedJsonData, encoding: .utf8)
                 
-                guard let encryptedEncryptedJson = NCEndToEndEncryption.sharedManager().encryptEncryptedJson(encryptedJsonString, key: keyGenerated) else {
+                guard let encryptedEncryptedJson = NCEndToEndEncryption.sharedManager().encryptEncryptedJson(encryptedJsonString, key: recordE2eEncryption.metadataKey) else {
                     print("Serious internal error in encoding metadata")
                     return nil
                 }
@@ -118,19 +115,11 @@ class NCEndToEndMetadata : NSObject  {
             version = recordE2eEncryption.version
         }
         
-        // Create "metadataKey" with encrypted maetadatakey
-        let e2eMetadataKey = e2eMetadata.metadataKeyCodable(metadataKeys: ["0":metadataKeyBase64], version: version)
-        
         // Create final Json e2emetadata
-        let e2emetadata = e2eMetadata(files: files, metadata: e2eMetadataKey, sharing: nil)
+        let e2emetadata = e2eMetadata(files: files, metadata: e2eMetadataKey!, sharing: nil)
         
         do {
             
-            // Write metadataKey on DB
-            if NCManageDatabase.sharedInstance.setDirectoryE2EMetadataKey(serverUrl: serverUrl, metadataKey: keyGenerated) == false {
-                return nil
-            }
-            
             let jsonData = try jsonEncoder.encode(e2emetadata)
             let jsonString = String(data: jsonData, encoding: .utf8)
             print("JSON String : " + jsonString!)
@@ -158,7 +147,6 @@ class NCEndToEndMetadata : NSObject  {
             let files = decode.files
             let metadata = decode.metadata
             //let sharing = decode.sharing ---> V 2.0
-            var lastMetadataKeysNum = -1
             
             var metadataKeysDictionary = [String:String]()
             
@@ -177,17 +165,6 @@ class NCEndToEndMetadata : NSObject  {
                 let metadataKey = String(data: metadataKeyBase64Data, encoding: .utf8)
                 
                 metadataKeysDictionary[metadataKeyDictionaryEncrypted.key] = metadataKey
-                
-                // Store last metadataKey on DB
-                if Int(metadataKeyDictionaryEncrypted.key)! > lastMetadataKeysNum {
-                    
-                    lastMetadataKeysNum = Int(metadataKeyDictionaryEncrypted.key)!
-                    
-                    // Write metadataKey on DB
-                    if NCManageDatabase.sharedInstance.setDirectoryE2EMetadataKey(serverUrl: serverUrl, metadataKey: metadataKey!) == false {
-                        return false
-                    }
-                }
             }
             
             for file in files {
@@ -196,9 +173,9 @@ class NCEndToEndMetadata : NSObject  {
                 let filesCodable = file.value as e2eMetadata.filesCodable
                 
                 let encrypted = filesCodable.encrypted
-                let key = metadataKeysDictionary["\(filesCodable.metadataKey)"]
+                let metadataKey = metadataKeysDictionary["\(filesCodable.metadataKey)"]
                 
-                guard let encryptedFileAttributesJson = NCEndToEndEncryption.sharedManager().decryptEncryptedJson(encrypted, key: key) else {
+                guard let encryptedFileAttributesJson = NCEndToEndEncryption.sharedManager().decryptEncryptedJson(encrypted, key: metadataKey) else {
                     return false
                 }
                 
@@ -217,6 +194,8 @@ class NCEndToEndMetadata : NSObject  {
                         object.fileNameIdentifierPath = serverUrl + "/" + fileNameIdentifier
                         object.key = encryptedFileAttributes.key
                         object.initializationVector = filesCodable.initializationVector
+                        object.metadataKey = metadataKey!
+                        object.metadataKeyIndex = filesCodable.metadataKey
                         object.mimeType = encryptedFileAttributes.mimetype
                         object.serverUrl = serverUrl
                         object.version = encryptedFileAttributes.version