feature(touchIdSettings): Migrate touchID settings correctly to hashed databasefilenames

2025-12-13 08:52:20 +00:00 · 2023-02-23 14:44:18 +01:00
parent fb7c55b651
commit 78f2de9393
6 changed files with 87 additions and 87 deletions
--- a/MacPass/Base.lproj/IntegrationPreferences.xib
+++ b/MacPass/Base.lproj/IntegrationPreferences.xib
@@ -1,8 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="17701" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES">
+<document type="com.apple.InterfaceBuilder3.Cocoa.XIB" version="3.0" toolsVersion="21225" targetRuntime="MacOSX.Cocoa" propertyAccessControl="none" useAutolayout="YES">
    <dependencies>
-        <deployment identifier="macosx"/>
-        <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="17701"/>
+        <plugIn identifier="com.apple.InterfaceBuilder.CocoaPlugin" version="21225"/>
        <capability name="documents saved in the Xcode 8 format" minToolsVersion="8.0"/>
    </dependencies>
    <objects>
@@ -48,7 +47,7 @@
                                        </textFieldCell>
                                    </textField>
                                    <button horizontalHuggingPriority="251" verticalHuggingPriority="750" translatesAutoresizingMaskIntoConstraints="NO" id="jai-b6-Qv4">
-                                        <rect key="frame" x="-7" y="276" width="171" height="32"/>
+                                        <rect key="frame" x="-7" y="276" width="172" height="32"/>
                                        <buttonCell key="cell" type="push" title="Run Autotype Doctor…" bezelStyle="rounded" alignment="center" borderStyle="border" inset="2" id="NP0-R3-m6n">
                                            <behavior key="behavior" pushIn="YES" lightByBackground="YES" lightByGray="YES"/>
                                            <font key="font" metaFont="system"/>
@@ -252,7 +251,7 @@
                                    <font key="font" metaFont="system"/>
                                </buttonCell>
                                <connections>
-                                    <action selector="RenewTouchIdKey:" target="-2" id="dl7-WD-Abu"/>
+                                    <action selector="renewTouchIdKey:" target="-2" id="dl7-WD-Abu"/>
                                </connections>
                            </button>
                            <textField verticalHuggingPriority="750" horizontalCompressionResistancePriority="250" translatesAutoresizingMaskIntoConstraints="NO" id="9kv-ns-mQx">
--- a/MacPass/MPDocument+BiometricEncryptionSupport.m
+++ b/MacPass/MPDocument+BiometricEncryptionSupport.m
@@ -7,8 +7,9 @@
 //

 #import "MPDocument+BiometricEncryptionSupport.h"
-#import "MPSettingsHelper.h"
 #import "MPTouchIdCompositeKeyStore.h"
+#import "NSString+MPHash.h"
+

@implementation MPDocument (BiometricEncryptionSupport)

@@ -18,7 +19,8 @@
  if(nil == self.fileURL || nil == self.fileURL.lastPathComponent) {
    return nil;
  }
-  return [NSString stringWithFormat:kMPSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat, self.fileURL.lastPathComponent];
+  
+  return [self.fileURL.lastPathComponent sha1HexDigest];
 }

 - (NSData *)encryptedKeyData {
--- a/MacPass/MPIntegrationPreferencesController.m
+++ b/MacPass/MPIntegrationPreferencesController.m
@@ -137,7 +137,7 @@

 #pragma mark -
 #pragma mark Keychain Actions
- (IBAction)RenewTouchIdKey:(id)sender {
+- (IBAction)renewTouchIdKey:(id)sender {
    NSData* publicKeyTag = [MPTouchIdUnlockPublicKeyTag dataUsingEncoding:NSUTF8StringEncoding];
    NSDictionary *publicKeyQuery = @{
      (id)kSecClass: (id)kSecClassKey,
--- a/MacPass/MPSettingsHelper.h
+++ b/MacPass/MPSettingsHelper.h
@@ -25,7 +25,6 @@
 /* TouchID */
 APPKIT_EXTERN NSString *const kMPSettingsKeyTouchIdEnabled;
 APPKIT_EXTERN NSString *const kMPSettingsKeyTouchIdEncryptedKeyStore;       // NSDictionary with hased file names mapped to keys
-APPKIT_EXTERN NSString *const kMPSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat;

 /* Clipboard */
 APPKIT_EXTERN NSString *const kMPSettingsKeyPasteboardClearTimeout;
--- a/MacPass/MPSettingsHelper.m
+++ b/MacPass/MPSettingsHelper.m
@@ -26,93 +26,95 @@
 #import "MPEntrySearchContext.h"
 #import "DDHotKey+MacPassAdditions.h" // Default hotkey;

-NSString *const kMPSettingsKeyPasteboardClearTimeout                      = @"ClipboardClearTimeout";
-NSString *const kMPSettingsKeyClearPasteboardOnQuit                       = @"ClearClipboardOnQuit";
-NSString *const kMPSettingsKeyPreventUniversalClipboard                   = @"PreventUniversalClipboard";
-NSString *const kMPSettingsKeyBrowserBundleId                             = @"BrowserBundleId";
-NSString *const kMPSettingsKeyUsePrivateBrowsingWhenOpeningURLs           = @"UsePrivateBrowsingWhenOpeningURLs";
-NSString *const kMPSettingsKeyOpenEmptyDatabaseOnLaunch                   = @"OpenEmptyDatabaseOnLaunch";
-NSString *const kMPSettingsKeyReopenLastDatabaseOnLaunch                  = @"ReopenLastDatabaseOnLaunch";
-NSString *const kMPSettingsKeyQuitOnLastWindowClose                       = @"QuitOnLastWindowClose";
-NSString *const kMPSettingsKeyFileChangeStrategy                          = @"FileChangeStrategy";
-NSString *const kMPSettingsKeyEnableAutosave                              = @"EnableAutosave";
-NSString *const kMPSettingsKeyFocusSearchAfterUnlock                      = @"FocusSearchAfterUnlock";
+#import "NSString+MPHash.h"

-NSString *const kMPSettingsKeyDisplayClearTextPasswordsInEntryList        = @"DisplayClearTextPasswordsInEntryList";
+NSString *const kMPSettingsKeyPasteboardClearTimeout                            = @"ClipboardClearTimeout";
+NSString *const kMPSettingsKeyClearPasteboardOnQuit                             = @"ClearClipboardOnQuit";
+NSString *const kMPSettingsKeyPreventUniversalClipboard                         = @"PreventUniversalClipboard";
+NSString *const kMPSettingsKeyBrowserBundleId                                   = @"BrowserBundleId";
+NSString *const kMPSettingsKeyUsePrivateBrowsingWhenOpeningURLs                 = @"UsePrivateBrowsingWhenOpeningURLs";
+NSString *const kMPSettingsKeyOpenEmptyDatabaseOnLaunch                         = @"OpenEmptyDatabaseOnLaunch";
+NSString *const kMPSettingsKeyReopenLastDatabaseOnLaunch                        = @"ReopenLastDatabaseOnLaunch";
+NSString *const kMPSettingsKeyQuitOnLastWindowClose                             = @"QuitOnLastWindowClose";
+NSString *const kMPSettingsKeyFileChangeStrategy                                = @"FileChangeStrategy";
+NSString *const kMPSettingsKeyEnableAutosave                                    = @"EnableAutosave";
+NSString *const kMPSettingsKeyFocusSearchAfterUnlock                            = @"FocusSearchAfterUnlock";

-NSString *const kMPSettingsKeyLockOnSleep                                 = @"LockOnSleep";
-NSString *const kMPSettingskeyLockOnLogout                                = @"LockOnLogout";
-NSString *const kMPSettingskeyLockOnScreenSleep                           = @"LockOnScreenSleep";
-NSString *const kMPSettingsKeyIdleLockTimeOut                             = @"IdleLockTimeOut";
-NSString *const kMPSettingsKeyShowInspector                               = @"ShowInspector";
-NSString *const kMPSettingsKeyEntryTableSortDescriptors                   = @"EntryTableSortDescriptors";
+NSString *const kMPSettingsKeyDisplayClearTextPasswordsInEntryList              = @"DisplayClearTextPasswordsInEntryList";

-NSString *const kMPSettingsKeyLegacyHideTitle                             = @"LegacyHideTitle";
-NSString *const kMPSettingsKeyLegacyHideUsername                          = @"LegacyHideUsername ";
-NSString *const kMPSettingsKeyLegacyHidePassword                          = @"LegacyHidePassword";
-NSString *const kMPSettingsKeyLegacyHideNotes                             = @"LegacyHideNotes";
-NSString *const kMPSettingsKeyLegacyHideURL                               = @"LegacyHideURL";
+NSString *const kMPSettingsKeyLockOnSleep                                       = @"LockOnSleep";
+NSString *const kMPSettingskeyLockOnLogout                                      = @"LockOnLogout";
+NSString *const kMPSettingskeyLockOnScreenSleep                                 = @"LockOnScreenSleep";
+NSString *const kMPSettingsKeyIdleLockTimeOut                                   = @"IdleLockTimeOut";
+NSString *const kMPSettingsKeyShowInspector                                     = @"ShowInspector";
+NSString *const kMPSettingsKeyEntryTableSortDescriptors                         = @"EntryTableSortDescriptors";

-NSString *const kMPSettingsKeyLastDatabasePath                            = @"LastDatabasePath";
-NSString *const kMPSettingsKeyRememberKeyFilesForDatabases                = @"RememberKeyFilesForDatabases";
-NSString *const kMPSettingsKeyRememeberdKeysForDatabases                  = @"RememeberdKeysForDatabases";
+NSString *const kMPSettingsKeyLegacyHideTitle                                   = @"LegacyHideTitle";
+NSString *const kMPSettingsKeyLegacyHideUsername                                = @"LegacyHideUsername ";
+NSString *const kMPSettingsKeyLegacyHidePassword                                = @"LegacyHidePassword";
+NSString *const kMPSettingsKeyLegacyHideNotes                                   = @"LegacyHideNotes";
+NSString *const kMPSettingsKeyLegacyHideURL                                     = @"LegacyHideURL";

-NSString *const kMPSettingsKeySendCommandForControlKey                    = @"SendCommandKeyForControlKey";
-NSString *const kMPSettingsKeyEnableGlobalAutotype                        = @"EnableGlobalAutotype";
-NSString *const kMPSettingsKeyGlobalAutotypeKeyDataKey                    = @"GlobalAutotypeKeyDataKey";
-NSString *const kMPSettingsKeyDefaultGlobalAutotypeSequence               = @"DefaultGlobalAutotypeSequence";
-NSString *const kMPSettingsKeyAutotypeMatchTitle                          = @"AutotypeMatchTitle";
-NSString *const kMPSettingsKeyAutotypeMatchURL                            = @"AutotypeMatchURL";
-NSString *const kMPSettingsKeyAutotypeMatchHost                           = @"AutotypeMatchHost";
-NSString *const kMPSettingsKeyAutotypeMatchTags                           = @"AutotypeMatchTags";
-NSString *const kMPSettingsKeyGloablAutotypeAlwaysShowCandidateSelection  = @"GloablAutotypeAlwaysShowCandidateSelection";
+NSString *const kMPSettingsKeyLastDatabasePath                                  = @"LastDatabasePath";
+NSString *const kMPSettingsKeyRememberKeyFilesForDatabases                      = @"RememberKeyFilesForDatabases";
+NSString *const kMPSettingsKeyRememeberdKeysForDatabases                        = @"RememeberdKeysForDatabases";

-NSString *const kMPSettingsKeyTouchIdEnabled                              = @"EnableSubsequentUnlocksWithTouchID";
-NSString *const kMPSettingsKeyTouchIdEncryptedKeyStore                    = @"TouchIdEncryptedKeyStore";
-NSString *const kMPSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat      = @"EncryptedDatabaseKeyForTouchID-%@";
+NSString *const kMPSettingsKeySendCommandForControlKey                          = @"SendCommandKeyForControlKey";
+NSString *const kMPSettingsKeyEnableGlobalAutotype                              = @"EnableGlobalAutotype";
+NSString *const kMPSettingsKeyGlobalAutotypeKeyDataKey                          = @"GlobalAutotypeKeyDataKey";
+NSString *const kMPSettingsKeyDefaultGlobalAutotypeSequence                     = @"DefaultGlobalAutotypeSequence";
+NSString *const kMPSettingsKeyAutotypeMatchTitle                                = @"AutotypeMatchTitle";
+NSString *const kMPSettingsKeyAutotypeMatchURL                                  = @"AutotypeMatchURL";
+NSString *const kMPSettingsKeyAutotypeMatchHost                                 = @"AutotypeMatchHost";
+NSString *const kMPSettingsKeyAutotypeMatchTags                                 = @"AutotypeMatchTags";
+NSString *const kMPSettingsKeyGloablAutotypeAlwaysShowCandidateSelection        = @"GloablAutotypeAlwaysShowCandidateSelection";

-NSString *const kMPSettingsKeyEntrySearchFilterContext                    = @"EntrySearchFilterContext";
+NSString *const kMPSettingsKeyTouchIdEnabled                                    = @"EnableSubsequentUnlocksWithTouchID";
+NSString *const kMPSettingsKeyTouchIdEncryptedKeyStore                          = @"TouchIdEncryptedKeyStore";

-NSString *const kMPSettingsKeyEnableQuicklookPreview                      = @"EnableQuicklookPreview";
+NSString *const kMPSettingsKeyEntrySearchFilterContext                          = @"EntrySearchFilterContext";

-NSString *const kMPSettingsKeyCopyGeneratedPasswordToClipboard            = @"CopyGeneratedPasswordToClipboard";
+NSString *const kMPSettingsKeyEnableQuicklookPreview                            = @"EnableQuicklookPreview";

-NSString *const kMPSettingsKeyDefaultPasswordLength                       = @"DefaultPasswordLength";
-NSString *const kMPSettingsKeyPasswordCharacterFlags                      = @"PasswordCharacterFlags";
-NSString *const kMPSettingsKeyPasswordEnsureOccurance                     = @"PasswordEnsureOccurance";
-NSString *const kMPSettingsKeyPasswordUseCustomString                     = @"PasswordUseCustomString";
-NSString *const kMPSettingsKeyPasswordCustomString                        = @"PasswordCustomString";
+NSString *const kMPSettingsKeyCopyGeneratedPasswordToClipboard                  = @"CopyGeneratedPasswordToClipboard";

-NSString *const kMPSettingsKeyPasswordDefaultsForEntry                    = @"PasswordDefaultsForEntry";
+NSString *const kMPSettingsKeyDefaultPasswordLength                             = @"DefaultPasswordLength";
+NSString *const kMPSettingsKeyPasswordCharacterFlags                            = @"PasswordCharacterFlags";
+NSString *const kMPSettingsKeyPasswordEnsureOccurance                           = @"PasswordEnsureOccurance";
+NSString *const kMPSettingsKeyPasswordUseCustomString                           = @"PasswordUseCustomString";
+NSString *const kMPSettingsKeyPasswordCustomString                              = @"PasswordCustomString";

-NSString *const kMPSettingsKeyDoubleClickURLAction                        = @"DoubleClickURLAction";
-NSString *const kMPSettingsKeyDoubleClickTitleAction                      = @"DoubleClickTitleAction";
-NSString *const kMPSettingsKeyUpdatePasswordOnTemplateEntries             = @"UpdatePasswordOnTemplateEntries";
-NSString *const kMPSettingsKeyGeneratePasswordForNewEntires               = @"GeneratePasswordForNewEntires";
-NSString *const kMPSettingsKeyHideAfterCopyToClipboard                    = @"HideAfterCopyToClipboard";
+NSString *const kMPSettingsKeyPasswordDefaultsForEntry                          = @"PasswordDefaultsForEntry";

-NSString *const kMPSettingsKeyLoadUnsecurePlugins                         = @"LoadUnsecurePlugins";
-NSString *const kMPSettingsKeyLoadIncompatiblePlugins                     = @"LoadIncompatiblePlugins";
-NSString *const kMPSettingsKeyDisabledPlugins                             = @"DisabledPlugins";
-NSString *const kMPSettingsKeyHideIncopatiblePluginsWarning               = @"HideIncopatiblePluginsWarning";
-NSString *const kMPSettingsKeyAllowRemoteFetchOfPluginRepository          = @"AllowRemoteFetchOfPluginRepository";
+NSString *const kMPSettingsKeyDoubleClickURLAction                              = @"DoubleClickURLAction";
+NSString *const kMPSettingsKeyDoubleClickTitleAction                            = @"DoubleClickTitleAction";
+NSString *const kMPSettingsKeyUpdatePasswordOnTemplateEntries                   = @"UpdatePasswordOnTemplateEntries";
+NSString *const kMPSettingsKeyGeneratePasswordForNewEntires                     = @"GeneratePasswordForNewEntires";
+NSString *const kMPSettingsKeyHideAfterCopyToClipboard                          = @"HideAfterCopyToClipboard";

-NSString *const kMPSettingsKeyFaviconDownloadMethod                       = @"FaviconDownloadMethod";
+NSString *const kMPSettingsKeyLoadUnsecurePlugins                               = @"LoadUnsecurePlugins";
+NSString *const kMPSettingsKeyLoadIncompatiblePlugins                           = @"LoadIncompatiblePlugins";
+NSString *const kMPSettingsKeyDisabledPlugins                                   = @"DisabledPlugins";
+NSString *const kMPSettingsKeyHideIncopatiblePluginsWarning                     = @"HideIncopatiblePluginsWarning";
+NSString *const kMPSettingsKeyAllowRemoteFetchOfPluginRepository                = @"AllowRemoteFetchOfPluginRepository";

-NSString *const kMPSettingsKeyUseUnifiedToolbar                            =@"UseUnifiedToolbar";
+NSString *const kMPSettingsKeyFaviconDownloadMethod                             = @"FaviconDownloadMethod";
+
+NSString *const kMPSettingsKeyUseUnifiedToolbar                                 = @"UseUnifiedToolbar";

 /* Deprecated */
-NSString *const kMPDeprecatedSettingsKeyRememberKeyFilesForDatabases      = @"kMPSettingsKeyRememberKeyFilesForDatabases";
-NSString *const kMPDeprecatedSettingsKeyLastDatabasePath                  = @"MPLastDatabasePath";
-NSString *const kMPDeprecatedSettingsKeyDocumentsAutotypeFixNoteWasShown  = @"DocumentsAutotypeFixNoteWasShown";
-NSString *const kMPDeprecatedSettingsKeyDoubleClickURLToLaunch            = @"DoubleClickURLToLaunch";
-NSString *const kMPDeprecatedSettingsKeyEntrySearchFilterMode             = @"EntrySearchFilterMode";
-NSString *const kMPDeprecatedSettingsKeyHttpPort                          = @"HttpPort";
-NSString *const kMPDeprecatedSettingsKeyEnableHttpServer                  = @"EnableHttpServer";
-NSString *const kMPDeprecatedSettingsKeyShowMenuItem                      = @"ShowMenuItem";
-NSString *const kMPDeprecatedSettingsKeyDefaultPasswordRounds             = @"KeyDefaultPasswordRounds";
-NSString *const kMPDepricatedSettingsKeyLoadUnsecurePlugins               = @"MPLoadUnsecurePlugins";
-NSString *const kMPDepricatedSettingsKeyAutotypeHideAccessibiltyWarning   = @"AutotypeHideAccessibiltyWarning";
+NSString *const kMPDeprecatedSettingsKeyRememberKeyFilesForDatabases            = @"kMPSettingsKeyRememberKeyFilesForDatabases";
+NSString *const kMPDeprecatedSettingsKeyLastDatabasePath                        = @"MPLastDatabasePath";
+NSString *const kMPDeprecatedSettingsKeyDocumentsAutotypeFixNoteWasShown        = @"DocumentsAutotypeFixNoteWasShown";
+NSString *const kMPDeprecatedSettingsKeyDoubleClickURLToLaunch                  = @"DoubleClickURLToLaunch";
+NSString *const kMPDeprecatedSettingsKeyEntrySearchFilterMode                   = @"EntrySearchFilterMode";
+NSString *const kMPDeprecatedSettingsKeyHttpPort                                = @"HttpPort";
+NSString *const kMPDeprecatedSettingsKeyEnableHttpServer                        = @"EnableHttpServer";
+NSString *const kMPDeprecatedSettingsKeyShowMenuItem                            = @"ShowMenuItem";
+NSString *const kMPDeprecatedSettingsKeyDefaultPasswordRounds                   = @"KeyDefaultPasswordRounds";
+NSString *const kMPDepricatedSettingsKeyLoadUnsecurePlugins                     = @"MPLoadUnsecurePlugins";
+NSString *const kMPDepricatedSettingsKeyAutotypeHideAccessibiltyWarning         = @"AutotypeHideAccessibiltyWarning";
+NSString *const kMPDepricatedSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat  = @"EncryptedDatabaseKeyForTouchID-%@";

@implementation MPSettingsHelper

@@ -320,13 +322,13 @@ return deprecatedSettings;
  NSArray *defaultKeys = [NSUserDefaults.standardUserDefaults dictionaryRepresentation].allKeys;
  // find all keys in old format
  for(NSString *key in defaultKeys) {
-    NSString *prefix = [NSString stringWithFormat:kMPSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat, @""];
+    NSString *prefix = [NSString stringWithFormat:kMPDepricatedSettingsKeyEntryTouchIdDatabaseEncryptedKeyFormat, @""];
    if([key hasPrefix:prefix]) {
-      // database name was adde
-      NSString *databaseName = [key substringFromIndex:prefix.length];
+      // database name was added
+      NSString *databaseNameHash = [key substringFromIndex:prefix.length].sha1HexDigest;
      NSData *encryptedKey = [NSUserDefaults.standardUserDefaults dataForKey:key];
-      if(!storedKeys[databaseName] && encryptedKey) {
-        storedKeys[databaseName] = encryptedKey;
+      if(!storedKeys[databaseNameHash] && encryptedKey) {
+        storedKeys[databaseNameHash] = encryptedKey;
      }
      [NSUserDefaults.standardUserDefaults removeObjectForKey:key];
    }
--- a/MacPass/MPTouchIdCompositeKeyStore.m
+++ b/MacPass/MPTouchIdCompositeKeyStore.m
@@ -66,9 +66,7 @@
  }
  
  /* FIXME this behavour is wrong. Old keys do not get cleared so this leaves a lot of data behind that should be cleaned up*/
-  
-  MPTouchIDKeyStorage touchIdMode = [NSUserDefaults.standardUserDefaults integerForKey:kMPSettingsKeyTouchIdEnabled];
-  switch(touchIdMode) {
+  switch(self.touchIdEnabledState) {
    case MPTouchIDKeyStorageTransient:
      [NSUserDefaults.standardUserDefaults removeObjectForKey:documentKey];
      if(nil != encryptedCompositeKey) {