From d1690d76d13f7957be76d94e77a8142c91afe417 Mon Sep 17 00:00:00 2001 From: Julius Zint Date: Sun, 14 Mar 2021 15:43:11 +0100 Subject: [PATCH] Extracted the logic for storing the encrypted compositekey into a seperate class --- MacPass.xcodeproj/project.pbxproj | 6 +++ MacPass/MPPasswordInputController.m | 40 ++--------------- MacPass/MPTouchIdCompositeKeyStore.h | 21 +++++++++ MacPass/MPTouchIdCompositeKeyStore.m | 64 ++++++++++++++++++++++++++++ 4 files changed, 94 insertions(+), 37 deletions(-) create mode 100644 MacPass/MPTouchIdCompositeKeyStore.h create mode 100644 MacPass/MPTouchIdCompositeKeyStore.m diff --git a/MacPass.xcodeproj/project.pbxproj b/MacPass.xcodeproj/project.pbxproj index e2934065..94523232 100644 --- a/MacPass.xcodeproj/project.pbxproj +++ b/MacPass.xcodeproj/project.pbxproj @@ -306,6 +306,7 @@ 6021FE9818E1650F00C3BC51 /* DatabaseSettingsWindow.xib in Resources */ = {isa = PBXBuildFile; fileRef = 6021FE9A18E1650F00C3BC51 /* DatabaseSettingsWindow.xib */; }; 7837112C225540D1009BD28D /* PluginRepositoryBrowserView.xib in Resources */ = {isa = PBXBuildFile; fileRef = 7837112E225540D1009BD28D /* PluginRepositoryBrowserView.xib */; }; 78E1F8B022E3A5D600E738AE /* AutotypeDoctorReportViewController.xib in Resources */ = {isa = PBXBuildFile; fileRef = 78E1F8B222E3A5D600E738AE /* AutotypeDoctorReportViewController.xib */; }; + AF105CF325FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.m in Sources */ = {isa = PBXBuildFile; fileRef = AF105CF125FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.m */; }; FA13910C1F9CD9EB0033D256 /* Localizable.stringsdict in Resources */ = {isa = PBXBuildFile; fileRef = FA13910A1F9CD9EB0033D256 /* Localizable.stringsdict */; }; FA9FD3271FB5E8F4003CEDD6 /* AutotypeCandidateSelectionView.xib in Resources */ = {isa = PBXBuildFile; fileRef = FA9FD3291FB5E8F4003CEDD6 /* AutotypeCandidateSelectionView.xib */; }; FA9FD32C1FB5EDD3003CEDD6 /* AutotypeBuilderView.xib in Resources */ = {isa = PBXBuildFile; fileRef = FA9FD32E1FB5EDD3003CEDD6 /* AutotypeBuilderView.xib */; }; @@ -1043,6 +1044,8 @@ ABE8662E2316617500201125 /* zh-Hans */ = {isa = PBXFileReference; lastKnownFileType = text.plist.stringsdict; name = "zh-Hans"; path = "zh-Hans.lproj/Localizable.stringsdict"; sourceTree = ""; }; ABE8662F2316617500201125 /* zh-Hans */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = "zh-Hans"; path = "zh-Hans.lproj/AutotypeDoctorReportViewController.strings"; sourceTree = ""; }; ABE86630231662D200201125 /* zh-Hans */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = "zh-Hans"; path = "zh-Hans.lproj/PluginDataView.strings"; sourceTree = ""; }; + AF105CF125FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.m */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.objc; path = MPTouchIdCompositeKeyStore.m; sourceTree = ""; }; + AF105CF225FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.h */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.h; path = MPTouchIdCompositeKeyStore.h; sourceTree = ""; }; BB3E050C1FE9D1CA00F0B46F /* nl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = nl; path = nl.lproj/AutotypeCandidateSelectionView.strings; sourceTree = ""; }; BB3E050D1FE9D1CB00F0B46F /* nl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.stringsdict; name = nl; path = nl.lproj/Localizable.stringsdict; sourceTree = ""; }; BB3E050E1FE9D1CC00F0B46F /* nl */ = {isa = PBXFileReference; lastKnownFileType = text.plist.strings; name = nl; path = nl.lproj/ReferenceBuilderView.strings; sourceTree = ""; }; @@ -1298,6 +1301,8 @@ 4C4B7EF717A4B335000234C7 /* MPUniqueCharactersFormatter.m */, 4C3C4EAD18D7039300153127 /* MPValueTransformerHelper.h */, 4C3C4EAE18D7039300153127 /* MPValueTransformerHelper.m */, + AF105CF225FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.h */, + AF105CF125FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.m */, ); name = Helper; sourceTree = ""; @@ -2215,6 +2220,7 @@ 4C978E0D19AE54AB003067DF /* MPFlagsHelper.m in Sources */, 4C6F228919A4A7F90012310C /* MPAutotypeClear.m in Sources */, 4C0B038C18E36DA400B9F9C9 /* MPFixAutotypeWindowController.m in Sources */, + AF105CF325FE5B2000C4FD3C /* MPTouchIdCompositeKeyStore.m in Sources */, 4C7679BF1D76D6D8001F33D6 /* MPErrorRecoveryAttempter.m in Sources */, 4CAD338F205169D30068587E /* MPPluginRepositoryItem.m in Sources */, 4C9BFFFB1FD19B5400264B16 /* MPPrettyPasswordTransformer.m in Sources */, diff --git a/MacPass/MPPasswordInputController.m b/MacPass/MPPasswordInputController.m index 679aae9d..bfc8851f 100644 --- a/MacPass/MPPasswordInputController.m +++ b/MacPass/MPPasswordInputController.m @@ -29,14 +29,12 @@ #import "MPTouchBarButtonCreator.h" #import "MPSettingsHelper.h" #import "MPConstants.h" -#import "MPSettingsHelper.h" +#import "MPTouchIdCompositeKeyStore.h" #import "HNHUi/HNHUi.h" #import "NSError+Messages.h" -static NSMutableDictionary* touchIDSecuredPasswords; - @interface MPPasswordInputController () @property (strong) NSButton *showPasswordButton; @@ -71,9 +69,6 @@ static NSMutableDictionary* touchIDSecuredPasswords; self = [super initWithNibName:nibNameOrNil bundle:nibBundleOrNil]; if(self) { _enablePassword = YES; - if(touchIDSecuredPasswords == NULL) { - touchIDSecuredPasswords = [[NSMutableDictionary alloc]init]; - } [NSNotificationCenter.defaultCenter addObserver:self selector:@selector(_selectKeyURL) name:MPDidChangeStoredKeyFilesSettings object:nil]; } return self; @@ -169,22 +164,7 @@ static NSMutableDictionary* touchIDSecuredPasswords; - (void) _touchIdUpdateKeyForCurrentDocument: (KPKCompositeKey*)compositeKey forDocumentKey: (NSString*) documentKey{ NSData* encryptedKey = [self _touchIdEncryptCompositeKey:compositeKey]; - if (self.touchIdEnabledButton.state == NSControlStateValueMixed) { - [NSUserDefaults.standardUserDefaults removeObjectForKey:documentKey]; - if(encryptedKey != NULL) { - [touchIDSecuredPasswords setObject:encryptedKey forKey:documentKey]; - } - } - else if(self.touchIdEnabledButton.state == NSControlStateValueOn) { - [touchIDSecuredPasswords removeObjectForKey:documentKey]; - if(encryptedKey != NULL) { - [NSUserDefaults.standardUserDefaults setObject:encryptedKey forKey:documentKey]; - } - } - else { - [NSUserDefaults.standardUserDefaults removeObjectForKey:documentKey]; - [touchIDSecuredPasswords removeObjectForKey:documentKey]; - } + [MPTouchIdCompositeKeyStore.defaultStore save:encryptedKey forDocumentKey:documentKey]; } - (void) _touchIdCreateAndAddRSAKeyPair { @@ -340,21 +320,7 @@ static NSMutableDictionary* touchIDSecuredPasswords; if(![self _touchIdGetKeyForCurrentDocument:&documentKey]) { return false; } - NSData* transientKey = [touchIDSecuredPasswords valueForKey:documentKey]; - NSData* persistentKey =[NSUserDefaults.standardUserDefaults dataForKey:documentKey]; - if(transientKey == NULL && persistentKey == NULL) { - return false; - } - if(transientKey == NULL || persistentKey == NULL) { - *result = transientKey == NULL ? persistentKey : transientKey; - return true; - } - if(self.touchIdEnabledButton.state == NSControlStateValueOn) { - *result = persistentKey; - return true; - } - *result = transientKey; - return true; + return [MPTouchIdCompositeKeyStore.defaultStore load:result forDocumentKey:documentKey]; } - (IBAction)unlockWithTouchID:(id)sender { diff --git a/MacPass/MPTouchIdCompositeKeyStore.h b/MacPass/MPTouchIdCompositeKeyStore.h new file mode 100644 index 00000000..e7957cea --- /dev/null +++ b/MacPass/MPTouchIdCompositeKeyStore.h @@ -0,0 +1,21 @@ +// +// MPTouchIdCompositeKeyStore.h +// MacPass +// +// Created by Julius Zint on 14.03.21. +// Copyright © 2021 HicknHack Software GmbH. All rights reserved. +// + +#ifndef MPTouchIdCompositeKeyStore_h +#define MPTouchIdCompositeKeyStore_h + +static NSMutableDictionary* touchIDSecuredPasswords; + +@interface MPTouchIdCompositeKeyStore : NSObject + @property (class, strong, readonly) MPTouchIdCompositeKeyStore *defaultStore; + + - (void) save:(NSData*) encryptedCompositeKey forDocumentKey:(NSString*) documentKey; + - (bool) load:(NSData**) encryptedCompositeKey forDocumentKey:(NSString*) documentKey; +@end + +#endif /* MPTouchIdCompositeKeyStore_h */ diff --git a/MacPass/MPTouchIdCompositeKeyStore.m b/MacPass/MPTouchIdCompositeKeyStore.m new file mode 100644 index 00000000..c265ee8c --- /dev/null +++ b/MacPass/MPTouchIdCompositeKeyStore.m @@ -0,0 +1,64 @@ +// +// MPTouchIdCompositeKeyStore.m +// MacPass +// +// Created by Julius Zint on 14.03.21. +// Copyright © 2021 HicknHack Software GmbH. All rights reserved. +// +#import "MPSettingsHelper.h" +#import "MPTouchIdCompositeKeyStore.h" + +@implementation MPTouchIdCompositeKeyStore + ++ (instancetype)defaultStore { + static MPTouchIdCompositeKeyStore *instance; + static dispatch_once_t onceToken; + dispatch_once(&onceToken, ^{ + instance = [[MPTouchIdCompositeKeyStore alloc] init]; + if(touchIDSecuredPasswords == NULL) { + touchIDSecuredPasswords = [[NSMutableDictionary alloc]init]; + } + }); + return instance; +} + +- (void) save: (NSData*) encryptedCompositeKey forDocumentKey:(NSString*) documentKey { + long touchIdMode = [NSUserDefaults.standardUserDefaults integerForKey:kMPSettingsKeyEntryTouchIdEnabled]; + if (touchIdMode == NSControlStateValueMixed) { + [NSUserDefaults.standardUserDefaults removeObjectForKey:documentKey]; + if(encryptedCompositeKey != NULL) { + [touchIDSecuredPasswords setObject:encryptedCompositeKey forKey:documentKey]; + } + } + else if(touchIdMode == NSControlStateValueOn) { + [touchIDSecuredPasswords removeObjectForKey:documentKey]; + if(encryptedCompositeKey != NULL) { + [NSUserDefaults.standardUserDefaults setObject:encryptedCompositeKey forKey:documentKey]; + } + } + else { + [NSUserDefaults.standardUserDefaults removeObjectForKey:documentKey]; + [touchIDSecuredPasswords removeObjectForKey:documentKey]; + } +} + +- (bool) load: (NSData**) encryptedCompositeKey forDocumentKey: (NSString*) documentKey { + long touchIdMode = [NSUserDefaults.standardUserDefaults integerForKey:kMPSettingsKeyEntryTouchIdEnabled]; + NSData* transientKey = [touchIDSecuredPasswords valueForKey:documentKey]; + NSData* persistentKey =[NSUserDefaults.standardUserDefaults dataForKey:documentKey]; + if(transientKey == NULL && persistentKey == NULL) { + return false; + } + if(transientKey == NULL || persistentKey == NULL) { + *encryptedCompositeKey = transientKey == NULL ? persistentKey : transientKey; + return true; + } + if(touchIdMode == NSControlStateValueOn) { + *encryptedCompositeKey = persistentKey; + return true; + } + *encryptedCompositeKey = transientKey; + return true; +} + +@end