getEndToEndCertificate

iOSClient/Networking/E2EE/NCEndToEndMetadataV20.swift

@@ -100,7 +100,7 @@ extension NCEndToEndMetadata {
 
     func encodeMetadataV20(account: String, serverUrl: String, ocIdServerUrl: String, userId: String, addUserId: String?, addCertificate: String?, removeUserId: String?) -> (metadata: String?, signature: String?, counter: Int, error: NKError) {
 
-        guard let directoryTop = NCUtility.shared.getDirectoryE2EETop(serverUrl: serverUrl, account: account) else {
+        guard let directoryTop = NCUtility.shared.getDirectoryE2EETop(serverUrl: serverUrl, account: account), let certificate = NCKeychain().getEndToEndCertificate(account: account) else {
             return (nil, nil, 0, NKError(errorCode: NCGlobal.shared.errorUnexpectedResponseFromDB, errorDescription: "_e2e_error_"))
         }
 
@@ -134,7 +134,7 @@ extension NCEndToEndMetadata {
                let metadataKey = tableUserId.metadataKey {
                 key = metadataKey
             } else {
-                addUser(userId: userId, certificate: CCUtility.getEndToEndCertificate(account), key: key)
+                addUser(userId: userId, certificate: certificate, key: key)
             }
             // ADDUSERID
             if let addUserId {
@@ -237,7 +237,7 @@ extension NCEndToEndMetadata {
             e2eeData.printJson()
 
             let e2eeJson = String(data: e2eeData, encoding: .utf8)
-            let signature = createSignature(account: account, userId: userId, metadata: metadataCodable, users: usersCodable, version: NCGlobal.shared.e2eeVersionV20, certificate: CCUtility.getEndToEndCertificate(account))
+            let signature = createSignature(account: account, userId: userId, metadata: metadataCodable, users: usersCodable, version: NCGlobal.shared.e2eeVersionV20, certificate: certificate)
 
             return (e2eeJson, signature, counter, NKError())
 

iOSClient/Settings/NCEndToEndInitialize.swift

@@ -65,9 +65,9 @@ class NCEndToEndInitialize: NSObject {
 
         NextcloudKit.shared.getE2EECertificate { account, certificate, _, _, error in
 
-            if error == .success && account == self.appDelegate.account {
+            if error == .success, account == self.appDelegate.account, let certificate {
 
-                CCUtility.setEndToEndCertificate(account, certificate: certificate)
+                NCKeychain().setEndToEndCertificate(account: account, certificate: certificate)
 
                 self.extractedPublicKey = NCEndToEndEncryption.sharedManager().extractPublicKey(fromCertificate: certificate)
 
@@ -92,7 +92,7 @@ class NCEndToEndInitialize: NSObject {
 
                     NextcloudKit.shared.signE2EECertificate(certificate: csr) { account, certificate, _, error in
 
-                        if error == .success && account == self.appDelegate.account {
+                        if error == .success, account == self.appDelegate.account, let certificate {
 
                             // TEST publicKey
                             let extractedPublicKey = NCEndToEndEncryption.sharedManager().extractPublicKey(fromCertificate: certificate)
@@ -102,7 +102,7 @@ class NCEndToEndInitialize: NSObject {
 
                             } else {
 
-                                CCUtility.setEndToEndCertificate(account, certificate: certificate)
+                                NCKeychain().setEndToEndCertificate(account: account, certificate: certificate)
 
                                 // Request PrivateKey chiper to Server
                                 self.getPrivateKeyCipher()
@@ -154,7 +154,7 @@ class NCEndToEndInitialize: NSObject {
 
                     let passphrase = passphraseTextField?.text
 
-                    let publicKey = CCUtility.getEndToEndCertificate(self.appDelegate.account)
+                    let publicKey = NCKeychain().getEndToEndCertificate(account: self.appDelegate.account)
 
                     if let privateKeyData = (NCEndToEndEncryption.sharedManager().decryptPrivateKey(privateKeyChiper, passphrase: passphrase, publicKey: publicKey, iterationCount: 1024)),
                        let keyData = Data(base64Encoded: privateKeyData) {

iOSClient/Utility/CCUtility.h

@@ -43,9 +43,6 @@
 
 // E2EE -------------------------------------------
 
-+ (NSString *)getEndToEndCertificate:(NSString *)account;
-+ (void)setEndToEndCertificate:(NSString *)account certificate:(NSString *)certificate;
-
 + (NSString *)getEndToEndPrivateKey:(NSString *)account;
 + (void)setEndToEndPrivateKey:(NSString *)account privateKey:(NSString *)privateKey;
 

iOSClient/Utility/CCUtility.m

@@ -50,28 +50,6 @@
 
 #pragma ------------------------------ GET/SET
 
-+ (NSString *)getEndToEndCertificate:(NSString *)account
-{
-    NSString *key, *certificate;
-
-    key = [E2E_certificate stringByAppendingString:account];
-    certificate = [UICKeyChainStore stringForKey:key service:NCGlobal.shared.serviceShareKeyChain];
-
-    // OLD VERSION
-    if (certificate == nil) {
-        key = [@"EndToEndPublicKey_" stringByAppendingString:account];
-        certificate = [UICKeyChainStore stringForKey:key service:NCGlobal.shared.serviceShareKeyChain];
-    }
-
-    return certificate;
-}
-
-+ (void)setEndToEndCertificate:(NSString *)account certificate:(NSString *)certificate
-{
-    NSString *key = [E2E_certificate stringByAppendingString:account];
-    [UICKeyChainStore setString:certificate forKey:key service:NCGlobal.shared.serviceShareKeyChain];
-}
-
 + (NSString *)getEndToEndPrivateKey:(NSString *)account
 {
     NSString *key = [E2E_PrivateKey stringByAppendingString:account];

iOSClient/Utility/NCKeychain.swift

@@ -28,6 +28,13 @@ import KeychainAccess
 
     let keychain = Keychain(service: "com.nextcloud.keychain")
 
+    // swiftlint:disable identifier_name
+    let E2E_certificate = "EndToEndCertificate_"
+    let E2E_PrivateKey = "EndToEndPrivateKey_"
+    let E2E_Passphrase = "EndToEndPassphrase_"
+    let E2E_PublicKey = "EndToEndPublicKeyServer_"
+    // swiftlint:enable identifier_name
+
     var typeFilterScanDocument: NCGlobal.TypeFilterScanDocument {
         get {
             if let rawValue = try? keychain.get("ScanDocumentTypeFilter"), let value = NCGlobal.TypeFilterScanDocument(rawValue: rawValue) {
@@ -189,4 +196,19 @@ import KeychainAccess
     @objc func setFileNameType(key: String, prefix: Bool) {
         keychain[key] = String(prefix)
     }
+
+    func getEndToEndCertificate(account: String) -> String? {
+
+        let key = E2E_certificate + account
+        migrate(key: key)
+
+        let certificate = try? keychain.get(key)
+        return certificate
+    }
+
+    func setEndToEndCertificate(account: String, certificate: String) {
+
+        let key = E2E_certificate + account
+        keychain[key] = certificate
+    }
 }