change generate database encryption key

iOSClient/Brand/NCBrand.swift

@@ -91,9 +91,6 @@ class NCBrandColor: NSObject {
     // Capabilities Group
     @objc public let capabilitiesGroups:                String = "group.it.twsweb.Crypto-Cloud"
     
-    // Database key 64 char ASCII (for encryption AES-256+SHA2)
-    @objc public var databaseEncryptionKey:             String = "1234567890123456789012345678901234567890123456789012345678901234"
-    
     // User Agent
     @objc public var userAgent:                         String = "Nextcloud-iOS"                                    // Don't touch me !!
     

iOSClient/Database/NCManageDatabase.swift

@@ -49,9 +49,10 @@ class NCManageDatabase: NSObject {
         
         // Encrypting the database file on disk with AES-256+SHA2 by supplying a 64-byte encryption key
         if NCBrandOptions.sharedInstance.use_database_encryption {
-            if let keyData = NCBrandOptions.sharedInstance.databaseEncryptionKey.data(using: String.Encoding.utf8, allowLossyConversion: false) {
-                configCompact.encryptionKey = keyData
-            }
+            configCompact.encryptionKey = CCUtility.getDatabaseEncryptionKey()
+            //if let keyData = NCBrandOptions.sharedInstance.databaseEncryptionKey.data(using: String.Encoding.utf8, allowLossyConversion: false) {
+            //    configCompact.encryptionKey = keyData
+            //}
         }
         
         do {
@@ -139,12 +140,9 @@ class NCManageDatabase: NSObject {
                 }
         })
 
-        
         // Encrypting the database file on disk with AES-256+SHA2 by supplying a 64-byte encryption key
         if NCBrandOptions.sharedInstance.use_database_encryption {
-            if let keyData = NCBrandOptions.sharedInstance.databaseEncryptionKey.data(using: String.Encoding.utf8, allowLossyConversion: false) {
-                config.encryptionKey = keyData
-            }
+            config.encryptionKey = CCUtility.getDatabaseEncryptionKey()
         }
         
         Realm.Configuration.defaultConfiguration = config

iOSClient/Utility/CCUtility.h

@@ -159,6 +159,8 @@
 + (void)setHCBusinessType:(NSString *)professions;
 + (NSString *)getHCBusinessType;
 
++ (NSData *)getDatabaseEncryptionKey;
+
 // ===== Varius =====
 
 + (BOOL)addSkipBackupAttributeToItemAtURL:(NSURL *)URL;

iOSClient/Utility/CCUtility.m

@@ -601,6 +601,24 @@
     return [UICKeyChainStore stringForKey:@"businessType" service:k_serviceShareKeyChain];
 }
 
++ (NSData *)getDatabaseEncryptionKey
+{
+    NSData *key = [UICKeyChainStore dataForKey:@"databaseEncryptionKey" service:k_serviceShareKeyChain];
+    if (key == nil) {
+        NSMutableData *key = [NSMutableData dataWithLength:64];
+        (void)SecRandomCopyBytes(kSecRandomDefault, key.length, (uint8_t *)key.mutableBytes);
+        [UICKeyChainStore setData:key forKey:@"databaseEncryptionKey" service:k_serviceShareKeyChain];
+        return key;
+    } else {
+        return key;
+    }
+}
+
++ (void)setDatabaseEncryptionKey:(NSData *)data
+{
+    [UICKeyChainStore setData:data forKey:@"databaseEncryptionKey" service:k_serviceShareKeyChain];
+}
+
 #pragma --------------------------------------------------------------------------------------------
 #pragma mark ===== Various =====
 #pragma --------------------------------------------------------------------------------------------