lysann/passforios
1
0
Fork 0
Code Issues Pull requests Activity

Move codes to an embed framework

Browse source 
- Move bundle/group identifiers to passKit/Global
- Fix Core Data
- Change Defaults to SharedDefaults
This commit is contained in:
Yishi Lin 2017-06-13 11:42:49 +08:00
parent 850dc75820
commit d2ba620ae4
45 changed files with 1062 additions and 523 deletions
Download patch file Download diff file Expand all files Collapse all files

40
passKit/Helpers/AppError.swift Normal file
View file

@ -0,0 +1,40 @@
//
// AppError.swift
// pass
//
// Created by Mingshen Sun on 30/4/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
enum AppError: Error {
case RepositoryNotSetError
case RepositoryRemoteMasterNotFoundError
case KeyImportError
case PasswordDuplicatedError
case GitResetError
case PGPPublicKeyNotExistError
case UnknownError
}
extension AppError: LocalizedError {
public var errorDescription: String? {
switch self {
case .RepositoryNotSetError:
return "Git repository is not set."
case .RepositoryRemoteMasterNotFoundError:
return "Cannot find remote branch origin/master."
case .KeyImportError:
return "Cannot import the key."
case .PasswordDuplicatedError:
return "Cannot add the password: password duplicated."
case .GitResetError:
return "Cannot identify the latest synced commit."
case .PGPPublicKeyNotExistError:
return "PGP public key doesn't exist."
case .UnknownError:
return "Unknown error."
}
}
}

43
passKit/Helpers/DefaultsKeys.swift Normal file
View file

@ -0,0 +1,43 @@
//
// DefaultKeys.swift
// pass
//
// Created by Mingshen Sun on 21/1/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import SwiftyUserDefaults
public var SharedDefaults = UserDefaults(suiteName: Globals.groupIdentifier)!
public extension DefaultsKeys {
static let pgpKeySource = DefaultsKey<String?>("pgpKeySource")
static let pgpPublicKeyURL = DefaultsKey<URL?>("pgpPublicKeyURL")
static let pgpPrivateKeyURL = DefaultsKey<URL?>("pgpPrivateKeyURL")
static let pgpPublicKeyArmor = DefaultsKey<String?>("pgpPublicKeyArmor")
static let pgpPrivateKeyArmor = DefaultsKey<String?>("pgpPrivateKeyArmor")
static let gitURL = DefaultsKey<URL?>("gitURL")
static let gitAuthenticationMethod = DefaultsKey<String?>("gitAuthenticationMethod")
static let gitUsername = DefaultsKey<String?>("gitUsername")
static let gitSSHPrivateKeyURL = DefaultsKey<URL?>("gitSSHPrivateKeyURL")
static let gitSSHKeySource = DefaultsKey<String?>("gitSSHKeySource")
static let gitSSHPrivateKeyArmor = DefaultsKey<String?>("gitSSHPrivateKeyArmor")
static let gitSignatureName = DefaultsKey<String?>("gitSignatureName")
static let gitSignatureEmail = DefaultsKey<String?>("gitSignatureEmail")
static let lastSyncedTime = DefaultsKey<Date?>("lastSyncedTime")
static let isTouchIDOn = DefaultsKey<Bool>("isTouchIDOn")
static let passcodeKey = DefaultsKey<String?>("passcodeKey")
static let isHideUnknownOn = DefaultsKey<Bool>("isHideUnknownOn")
static let isHideOTPOn = DefaultsKey<Bool>("isHideOTPOn")
static let isRememberPassphraseOn = DefaultsKey<Bool>("isRememberPassphraseOn")
static let isShowFolderOn = DefaultsKey<Bool>("isShowFolderOn")
static let passwordGeneratorFlavor = DefaultsKey<String>("passwordGeneratorFlavor")
static let encryptInArmored = DefaultsKey<Bool>("encryptInArmored")
}

61
passKit/Helpers/Globals.swift Normal file
View file

@ -0,0 +1,61 @@
//
// Globals.swift
// pass
//
// Created by Mingshen Sun on 21/1/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import UIKit
public class Globals {
// Legacy paths (not shared)
public static let documentPathLegacy = NSSearchPathForDirectoriesInDomains(.documentDirectory, .userDomainMask, true)[0];
public static let libraryPathLegacy = NSSearchPathForDirectoriesInDomains(.libraryDirectory, .userDomainMask, true)[0];
public static let pgpPublicKeyPathLegacy = "\(documentPathLegacy)/gpg_key.pub"
public static let pgpPrivateKeyPathLegacy = "\(documentPathLegacy)/gpg_key"
public static let gitSSHPrivateKeyPathLegacy = "\(documentPathLegacy)/ssh_key"
public static let gitSSHPrivateKeyURLLegacy = URL(fileURLWithPath: gitSSHPrivateKeyPathLegacy)
public static let repositoryPathLegacy = "\(libraryPathLegacy)/password-store"
public static let bundleIdentifier = "me.mssun.passforios"
public static let groupIdentifier = "group." + bundleIdentifier
public static let passKitBundleIdentifier = bundleIdentifier + ".passKit"
public static let sharedContainerURL = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: groupIdentifier)!
public static let documentPath = sharedContainerURL.appendingPathComponent("Documents").path
public static let libraryPath = sharedContainerURL.appendingPathComponent("Library").path
public static let pgpPublicKeyPath = documentPath + "/gpg_key.pub"
public static let pgpPrivateKeyPath = documentPath + "/gpg_key"
public static let gitSSHPrivateKeyPath = documentPath + "/ssh_key"
public static let gitSSHPrivateKeyURL = URL(fileURLWithPath: gitSSHPrivateKeyPath)
public static let repositoryPath = libraryPath + "/password-store"
public static let passwordDefaultLength = ["Random": (min: 4, max: 64, def: 16),
"Apple": (min: 15, max: 15, def: 15)]
public static let gitSignatureDefaultName = "Pass for iOS"
public static let gitSignatureDefaultEmail = "user@passforios"
public static let passwordDots = "••••••••••••"
public static let oneTimePasswordDots = "••••••"
public static let passwordFonts = "Menlo"
// UI related
public static let red = UIColor(red:1.00, green:0.23, blue:0.19, alpha:1.0)
public static let blue = UIColor(red:0.00, green:0.48, blue:1.00, alpha:1.0)
public static let tableCellButtonSize = CGFloat(20.0)
private init() { }
}
public extension Bundle {
var releaseVersionNumber: String? {
return infoDictionary?["CFBundleShortVersionString"] as? String
}
var buildVersionNumber: String? {
return infoDictionary?["CFBundleVersion"] as? String
}
}

19
passKit/Helpers/NotificationNames.swift Normal file
View file

@ -0,0 +1,19 @@
//
// NotificationNames.swift
// pass
//
// Created by Yishi Lin on 17/3/17.
// Copyright © 2017 Yishi Lin, Bob Sun. All rights reserved.
//
import Foundation
public extension Notification.Name {
static let passwordStoreUpdated = Notification.Name("passwordStoreUpdated")
static let passwordStoreErased = Notification.Name("passwordStoreErased")
static let passwordStoreChangeDiscarded = Notification.Name("passwordStoreChangeDiscarded")
static let passwordSearch = Notification.Name("passwordSearch")
static let passwordDisplaySettingChanged = Notification.Name("passwordDisplaySettingChanged")
static let passwordDetailDisplaySettingChanged = Notification.Name("passwordDetailDisplaySettingChanged")
}

34
passKit/Helpers/UITextFieldExtension.swift Normal file
View file

@ -0,0 +1,34 @@
//
// UIViewControllerExtionsion.swift
// pass
//
// Created by Yishi Lin on 5/4/17.
// Copyright © 2017 Yishi Lin. All rights reserved.
//
import Foundation
import UIKit
private var kAssociationKeyNextField: UInt8 = 0
extension UITextField {
@IBOutlet var nextField: UITextField? {
get {
return objc_getAssociatedObject(self, &kAssociationKeyNextField) as? UITextField
}
set(newField) {
objc_setAssociatedObject(self, &kAssociationKeyNextField, newField, .OBJC_ASSOCIATION_RETAIN)
}
}
}
extension UIViewController {
func textFieldShouldReturn(_ textField: UITextField) -> Bool {
if textField.nextField != nil {
textField.nextField?.becomeFirstResponder()
} else {
textField.resignFirstResponder()
}
return true
}
}

227
passKit/Helpers/Utils.swift Normal file
View file

@ -0,0 +1,227 @@
//
// Utils.swift
// pass
//
// Created by Mingshen Sun on 8/2/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import SwiftyUserDefaults
import KeychainAccess
import UIKit
import SVProgressHUD
public class Utils {
public static func removeFileIfExists(atPath path: String) {
let fm = FileManager.default
do {
if fm.fileExists(atPath: path) {
try fm.removeItem(atPath: path)
}
} catch {
print(error)
}
}
public static func removeFileIfExists(at url: URL) {
removeFileIfExists(atPath: url.path)
}
public static func getLastSyncedTimeString() -> String {
guard let lastSyncedTime = SharedDefaults[.lastSyncedTime] else {
return "Oops! Sync again?"
}
let formatter = DateFormatter()
formatter.dateStyle = .medium
formatter.timeStyle = .short
return formatter.string(from: lastSyncedTime)
}
public static func generatePassword(length: Int) -> String{
switch SharedDefaults[.passwordGeneratorFlavor] {
case "Random":
return randomString(length: length)
case "Apple":
return Keychain.generatePassword()
default:
return randomString(length: length)
}
}
public static func randomString(length: Int) -> String {
let letters : NSString = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*_+-="
let len = UInt32(letters.length)
var randomString = ""
for _ in 0 ..< length {
let rand = arc4random_uniform(len)
var nextChar = letters.character(at: Int(rand))
randomString += NSString(characters: &nextChar, length: 1) as String
}
return randomString
}
public static func alert(title: String, message: String, controller: UIViewController, handler: ((UIAlertAction) -> Void)? = nil, completion: (() -> Void)? = nil) {
SVProgressHUD.dismiss()
let alert = UIAlertController(title: title, message: message, preferredStyle: UIAlertControllerStyle.alert)
alert.addAction(UIAlertAction(title: "OK", style: UIAlertActionStyle.default, handler: handler))
controller.present(alert, animated: true, completion: completion)
}
public static func getPasswordFromKeychain(name: String) -> String? {
let keychain = Keychain(service: Globals.bundleIdentifier)
do {
return try keychain.getString(name)
} catch {
print(error)
}
return nil
}
public static func addPasswordToKeychain(name: String, password: String?) {
let keychain = Keychain(service: Globals.bundleIdentifier)
keychain[name] = password
}
public static func removeKeychain(name: String) {
let keychain = Keychain(service: Globals.bundleIdentifier)
do {
try keychain.remove(name)
} catch {
print(error)
}
}
public static func removeAllKeychain() {
let keychain = Keychain(service: Globals.bundleIdentifier)
do {
try keychain.removeAll()
} catch {
print(error)
}
}
public static func copyToPasteboard(textToCopy: String?, expirationTime: Double = 45) {
guard textToCopy != nil else {
return
}
UIPasteboard.general.string = textToCopy
DispatchQueue.global(qos: .background).asyncAfter(deadline: DispatchTime.now() + expirationTime) {
let pasteboardString: String? = UIPasteboard.general.string
if textToCopy == pasteboardString {
UIPasteboard.general.string = ""
}
}
}
public static func attributedPassword(plainPassword: String) -> NSAttributedString{
let attributedPassword = NSMutableAttributedString.init(string: plainPassword)
// draw all digits in the password into red
// draw all punctuation characters in the password into blue
for (index, element) in plainPassword.unicodeScalars.enumerated() {
if NSCharacterSet.decimalDigits.contains(element) {
attributedPassword.addAttribute(NSForegroundColorAttributeName, value: Globals.red, range: NSRange(location: index, length: 1))
} else if !NSCharacterSet.letters.contains(element) {
attributedPassword.addAttribute(NSForegroundColorAttributeName, value: Globals.blue, range: NSRange(location: index, length: 1))
}
}
return attributedPassword
}
public static func initDefaultKeys() {
if SharedDefaults[.passwordGeneratorFlavor] == "" {
SharedDefaults[.passwordGeneratorFlavor] = "Random"
}
}
}
// https://gist.github.com/NikolaiRuhe/eeb135d20c84a7097516
public extension FileManager {
/// This method calculates the accumulated size of a directory on the volume in bytes.
///
/// As there's no simple way to get this information from the file system it has to crawl the entire hierarchy,
/// accumulating the overall sum on the way. The resulting value is roughly equivalent with the amount of bytes
/// that would become available on the volume if the directory would be deleted.
///
/// - note: There are a couple of oddities that are not taken into account (like symbolic links, meta data of
/// directories, hard links, ...).
func allocatedSizeOfDirectoryAtURL(directoryURL : URL) throws -> UInt64 {
// We'll sum up content size here:
var accumulatedSize = UInt64(0)
// prefetching some properties during traversal will speed up things a bit.
let prefetchedProperties = [
URLResourceKey.isRegularFileKey,
URLResourceKey.fileAllocatedSizeKey,
URLResourceKey.totalFileAllocatedSizeKey,
]
// The error handler simply signals errors to outside code.
var errorDidOccur: Error?
let errorHandler: (URL, Error) -> Bool = { _, error in
errorDidOccur = error
return false
}
// We have to enumerate all directory contents, including subdirectories.
let enumerator = self.enumerator(at: directoryURL,
includingPropertiesForKeys: prefetchedProperties,
options: FileManager.DirectoryEnumerationOptions(),
errorHandler: errorHandler)
precondition(enumerator != nil)
// Start the traversal:
for item in enumerator! {
let contentItemURL = item as! NSURL
// Bail out on errors from the errorHandler.
if let error = errorDidOccur { throw error }
let resourceValueForKey: (URLResourceKey) throws -> NSNumber? = { key in
var value: AnyObject?
try contentItemURL.getResourceValue(&value, forKey: key)
return value as? NSNumber
}
// Get the type of this item, making sure we only sum up sizes of regular files.
guard let isRegularFile = try resourceValueForKey(URLResourceKey.isRegularFileKey) else {
preconditionFailure()
}
guard isRegularFile.boolValue else {
continue
}
// To get the file's size we first try the most comprehensive value in terms of what the file may use on disk.
// This includes metadata, compression (on file system level) and block size.
var fileSize = try resourceValueForKey(URLResourceKey.totalFileAllocatedSizeKey)
// In case the value is unavailable we use the fallback value (excluding meta data and compression)
// This value should always be available.
fileSize = try fileSize ?? resourceValueForKey(URLResourceKey.fileAllocatedSizeKey)
guard let size = fileSize else {
preconditionFailure("huh? NSURLFileAllocatedSizeKey should always return a value")
}
// We're good, add up the value.
accumulatedSize += size.uint64Value
}
// Bail out on errors from the errorHandler.
if let error = errorDidOccur { throw error }
// We finally got it.
return accumulatedSize
}
}
public extension String {
func stringByAddingPercentEncodingForRFC3986() -> String? {
let unreserved = "-._~/?"
var allowed = CharacterSet.alphanumerics
allowed.insert(charactersIn: unreserved)
return addingPercentEncoding(withAllowedCharacters: allowed)
}
}

26
passKit/Info.plist Normal file
View file

@ -0,0 +1,26 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CFBundleDevelopmentRegion</key>
<string>en</string>
<key>CFBundleDisplayName</key>
<string>PassKit</string>
<key>CFBundleExecutable</key>
<string>$(EXECUTABLE_NAME)</string>
<key>CFBundleIdentifier</key>
<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
<key>CFBundleInfoDictionaryVersion</key>
<string>6.0</string>
<key>CFBundleName</key>
<string>$(PRODUCT_NAME)</string>
<key>CFBundlePackageType</key>
<string>FMWK</string>
<key>CFBundleShortVersionString</key>
<string>1.0</string>
<key>CFBundleVersion</key>
<string>$(CURRENT_PROJECT_VERSION)</string>
<key>NSPrincipalClass</key>
<string></string>
</dict>
</plist>

108
passKit/Models/GitCredential.swift Normal file
View file

@ -0,0 +1,108 @@
//
// GitCredential.swift
// pass
//
// Created by Mingshen Sun on 30/4/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import UIKit
import SwiftyUserDefaults
import ObjectiveGit
import SVProgressHUD
public struct GitCredential {
public var credential: Credential
public enum Credential {
case http(userName: String, controller: UIViewController)
case ssh(userName: String, privateKeyFile: URL, controller: UIViewController)
}
public init(credential: Credential) {
self.credential = credential
}
public func credentialProvider() throws -> GTCredentialProvider {
var attempts = 0
var lastPassword: String? = nil
return GTCredentialProvider { (_, _, _) -> (GTCredential?) in
var credential: GTCredential? = nil
switch self.credential {
case let .http(userName, controller):
var newPassword = Utils.getPasswordFromKeychain(name: "gitPassword")
if newPassword == nil || attempts != 0 {
if let requestedPassword = self.requestGitPassword(controller, lastPassword) {
newPassword = requestedPassword
Utils.addPasswordToKeychain(name: "gitPassword", password: newPassword)
} else {
return nil
}
}
attempts += 1
lastPassword = newPassword
credential = try? GTCredential(userName: userName, password: newPassword!)
case let .ssh(userName, privateKeyFile, controller):
var newPassword = Utils.getPasswordFromKeychain(name: "gitSSHKeyPassphrase")
if newPassword == nil || attempts != 0 {
if let requestedPassword = self.requestGitPassword(controller, lastPassword) {
newPassword = requestedPassword
Utils.addPasswordToKeychain(name: "gitSSHKeyPassphrase", password: newPassword)
} else {
return nil
}
}
attempts += 1
lastPassword = newPassword
credential = try? GTCredential(userName: userName, publicKeyURL: nil, privateKeyURL: privateKeyFile, passphrase: newPassword!)
print(privateKeyFile)
}
return credential
}
}
public func delete() {
switch credential {
case .http:
Utils.removeKeychain(name: "gitPassword")
case .ssh:
Utils.removeKeychain(name: "gitSSHKeyPassphrase")
}
}
private func requestGitPassword(_ controller: UIViewController, _ lastPassword: String?) -> String? {
let sem = DispatchSemaphore(value: 0)
var password: String?
var message = ""
switch credential {
case .http:
message = "Please fill in the password of your Git account."
case .ssh:
message = "Please fill in the password of your SSH key."
}
DispatchQueue.main.async {
SVProgressHUD.dismiss()
let alert = UIAlertController(title: "Password", message: message, preferredStyle: UIAlertControllerStyle.alert)
alert.addTextField(configurationHandler: {(textField: UITextField!) in
textField.text = lastPassword ?? ""
textField.isSecureTextEntry = true
})
alert.addAction(UIAlertAction(title: "OK", style: UIAlertActionStyle.default, handler: {_ in
password = alert.textFields!.first!.text
sem.signal()
}))
alert.addAction(UIAlertAction(title: "Cancel", style: .cancel) { _ in
password = nil
sem.signal()
})
controller.present(alert, animated: true, completion: nil)
}
let _ = sem.wait(timeout: .distantFuture)
return password
}
}

356
passKit/Models/Password.swift Normal file
View file

@ -0,0 +1,356 @@
//
// Password.swift
// pass
//
// Created by Mingshen Sun on 2/2/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import SwiftyUserDefaults
import OneTimePassword
import Base32
struct AdditionField {
var title: String
var content: String
}
enum PasswordChange: Int {
case path = 0x01
case content = 0x02
case none = 0x00
}
public class Password {
public static let otpKeywords = ["otp_secret", "otp_type", "otp_algorithm", "otp_period", "otp_digits", "otp_counter", "otpauth"]
public var name = ""
public var url: URL?
public var namePath: String {
get {
if url == nil {
return ""
}
return url!.deletingPathExtension().path
}
}
public var password = ""
public var additions = [String: String]()
public var additionKeys = [String]()
public var changed: Int = 0
public var plainText = ""
private var firstLineIsOTPField = false
private var otpToken: Token?
public enum OtpType {
case totp, hotp, none
}
public var otpType: OtpType {
get {
guard let token = self.otpToken else {
return OtpType.none
}
switch token.generator.factor {
case .counter:
return OtpType.hotp
case .timer:
return OtpType.totp
}
}
}
public init(name: String, url: URL?, plainText: String) {
self.initEverything(name: name, url: url, plainText: plainText)
}
public func updatePassword(name: String, url: URL?, plainText: String) {
if self.plainText != plainText || self.url != url {
if self.plainText != plainText {
changed = changed|PasswordChange.content.rawValue
}
if self.url != url {
changed = changed|PasswordChange.path.rawValue
}
self.initEverything(name: name, url: url, plainText: plainText)
}
}
private func initEverything(name: String, url: URL?, plainText: String) {
self.name = name
self.url = url
self.plainText = plainText
self.additions.removeAll()
self.additionKeys.removeAll()
// get password and additional fields
let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {
$0 == "\n" || $0 == "\r\n"
}.map(String.init)
self.password = plainTextSplit.first ?? ""
if plainTextSplit.count == 2 {
(self.additions, self.additionKeys) = Password.getAdditionFields(from: plainTextSplit[1])
}
// check whether the first line of the plainText looks like an otp entry
let (key, value) = Password.getKeyValuePair(from: self.password)
if Password.otpKeywords.contains(key ?? "") {
firstLineIsOTPField = true
self.additions[key!] = value
self.additionKeys.insert(key!, at: 0)
} else {
firstLineIsOTPField = false
}
// construct the otp token
self.updateOtpToken()
}
public func getUsername() -> String? {
return getAdditionValue(withKey: "Username") ?? getAdditionValue(withKey: "username")
}
public func getURLString() -> String? {
return getAdditionValue(withKey: "URL") ?? getAdditionValue(withKey: "url") ?? getAdditionValue(withKey: "Url")
}
// return a key-value pair from the line
// key might be nil, if there is no ":" in the line
private static func getKeyValuePair(from line: String) -> (key: String?, value: String) {
let items = line.components(separatedBy: ": ").map{String($0).trimmingCharacters(in: .whitespaces)}
var key : String? = nil
var value = ""
if items.count == 1 || (items[0].isEmpty && items[1].isEmpty) {
// no ": " found, or empty on both sides of ": "
value = line
// otpauth special case
if value.hasPrefix("otpauth://") {
key = "otpauth"
}
} else {
if !items[0].isEmpty {
key = items[0]
}
value = items[1]
}
return (key, value)
}
private static func getAdditionFields(from additionFieldsPlainText: String) -> ([String: String], [String]){
var additions = [String: String]()
var additionKeys = [String]()
var unknownIndex = 0
additionFieldsPlainText.enumerateLines() { line, _ in
if line == "" {
return
}
var (key, value) = getKeyValuePair(from: line)
if key == nil {
unknownIndex += 1
key = "unknown \(unknownIndex)"
}
additions[key!] = value
additionKeys.append(key!)
}
return (additions, additionKeys)
}
public func getAdditionsPlainText() -> String {
// lines starting from the second
let plainTextSplit = plainText.characters.split(maxSplits: 1, omittingEmptySubsequences: false) {
$0 == "\n" || $0 == "\r\n"
}.map(String.init)
if plainTextSplit.count == 1 {
return ""
} else {
return plainTextSplit[1]
}
}
private func getPlainText() -> String {
return self.plainText
}
public func getPlainData() -> Data {
return getPlainText().data(using: .utf8)!
}
private func getAdditionValue(withKey key: String) -> String? {
return self.additions[key]
}
/*
Set otpType and otpToken, if we are able to construct a valid token.
Example of TOTP otpauth
(Key Uri Format: https://github.com/google/google-authenticator/wiki/Key-Uri-Format)
otpauth://totp/totp-secret?secret=AAAAAAAAAAAAAAAA&issuer=totp-secret
Example of TOTP fields [Legacy, lower priority]
otp_secret: secretsecretsecretsecretsecretsecret
otp_type: totp
otp_algorithm: sha1 (default: sha1, optional)
otp_period: 30 (default: 30, optional)
otp_digits: 6 (default: 6, optional)
Example of HOTP fields [Legacy, lower priority]
otp_secret: secretsecretsecretsecretsecretsecret
otp_type: hotp
otp_counter: 1
otp_digits: 6 (default: 6, optional)
*/
private func updateOtpToken() {
self.otpToken = nil
// get otpauth, if we are able to generate a token, return
if var otpauthString = getAdditionValue(withKey: "otpauth") {
if !otpauthString.hasPrefix("otpauth:") {
otpauthString = "otpauth:\(otpauthString)"
}
if let otpauthUrl = URL(string: otpauthString),
let token = Token(url: otpauthUrl) {
self.otpToken = token
return
}
}
// get secret data
guard let secretString = getAdditionValue(withKey: "otp_secret"),
let secretData = MF_Base32Codec.data(fromBase32String: secretString),
!secretData.isEmpty else {
// print("Missing / Invalid otp secret")
return
}
// get type
guard let type = getAdditionValue(withKey: "otp_type")?.lowercased(),
(type == "totp" || type == "hotp") else {
// print("Missing / Invalid otp type")
return
}
// get algorithm (optional)
var algorithm = Generator.Algorithm.sha1
if let algoString = getAdditionValue(withKey: "otp_algorithm") {
switch algoString.lowercased() {
case "sha256":
algorithm = .sha256
case "sha512":
algorithm = .sha512
default:
algorithm = .sha1
}
}
// construct the token
if type == "totp" {
// HOTP
// default: 6 digits, 30 seconds
guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),
let period = Double(getAdditionValue(withKey: "otp_period") ?? "30.0") else {
let alertMessage = "Invalid otp_digits or otp_period."
print(alertMessage)
return
}
guard let generator = Generator(
factor: .timer(period: period),
secret: secretData,
algorithm: algorithm,
digits: digits) else {
let alertMessage = "Invalid OTP generator parameters."
print(alertMessage)
return
}
self.otpToken = Token(name: self.name, issuer: "", generator: generator)
} else {
// HOTP
// default: 6 digits
guard let digits = Int(getAdditionValue(withKey: "otp_digits") ?? "6"),
let counter = UInt64(getAdditionValue(withKey: "otp_counter") ?? "") else {
let alertMessage = "Invalid otp_digits or otp_counter."
print(alertMessage)
return
}
guard let generator = Generator(
factor: .counter(counter),
secret: secretData,
algorithm: algorithm,
digits: digits) else {
let alertMessage = "Invalid OTP generator parameters."
print(alertMessage)
return
}
self.otpToken = Token(name: self.name, issuer: "", generator: generator)
}
}
// return the description and the password strings
public func getOtpStrings() -> (description: String, otp: String)? {
guard let token = self.otpToken else {
return nil
}
var description : String
switch token.generator.factor {
case .counter:
// htop
description = "HMAC-based"
case .timer(let period):
// totp
let timeSinceEpoch = Date().timeIntervalSince1970
let validTime = Int(period - timeSinceEpoch.truncatingRemainder(dividingBy: period))
description = "time-based (expiring in \(validTime)s)"
}
let otp = self.otpToken?.currentPassword ?? "error"
return (description, otp)
}
// return the password strings
public func getOtp() -> String? {
if let otp = self.otpToken?.currentPassword {
return otp
} else {
return nil
}
}
// return the password strings
// it is guaranteed that it is a HOTP password when we call this
public func getNextHotp() -> String? {
// increase the counter
otpToken = otpToken?.updatedToken()
// replace old HOTP settings with the new otpauth
var newOtpauth = try! otpToken?.toURL().absoluteString
newOtpauth?.append("&secret=")
newOtpauth?.append(MF_Base32Codec.base32String(from: otpToken?.generator.secret))
var lines : [String] = []
self.plainText.enumerateLines() { line, _ in
let (key, _) = Password.getKeyValuePair(from: line)
if !Password.otpKeywords.contains(key ?? "") {
lines.append(line)
} else if key == "otpauth" && newOtpauth != nil {
lines.append(newOtpauth!)
// set to nil to prevent duplication
newOtpauth = nil
}
}
if newOtpauth != nil {
lines.append(newOtpauth!)
}
self.updatePassword(name: self.name, url: self.url, plainText: lines.joined(separator: "\n"))
// get and return the password
return self.otpToken?.currentPassword
}
public static func LooksLikeOTP(line: String) -> Bool {
let (key, _) = getKeyValuePair(from: line)
return Password.otpKeywords.contains(key ?? "")
}
}

41
passKit/Models/PasswordEntity.swift Normal file
View file

@ -0,0 +1,41 @@
//
// PasswordEntity.swift
// pass
//
// Created by Mingshen Sun on 11/2/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import SwiftyUserDefaults
extension PasswordEntity {
public var nameWithCategory: String {
get {
if let p = path, p.hasSuffix(".gpg") {
return p.substring(to: p.index(p.endIndex, offsetBy: -4))
} else {
return ""
}
}
}
public func getCategoryText() -> String {
var parentEntity = parent
var passwordCategoryArray: [String] = []
while parentEntity != nil {
passwordCategoryArray.append(parentEntity!.name!)
parentEntity = parentEntity!.parent
}
passwordCategoryArray.reverse()
return passwordCategoryArray.joined(separator: " > ")
}
public func getURL() -> URL? {
if let p = path {
return URL(string: p.stringByAddingPercentEncodingForRFC3986()!)
}
return nil
}
}

846
passKit/Models/PasswordStore.swift Normal file
View file

@ -0,0 +1,846 @@
//
// PasswordStore.swift
// pass
//
// Created by Mingshen Sun on 19/1/2017.
// Copyright © 2017 Bob Sun. All rights reserved.
//
import Foundation
import CoreData
import UIKit
import SwiftyUserDefaults
import ObjectiveGit
import SVProgressHUD
import ObjectivePGP
public class PasswordStore {
public static let shared = PasswordStore()
public let storeURL = URL(fileURLWithPath: "\(Globals.repositoryPath)")
public let tempStoreURL = URL(fileURLWithPath: "\(Globals.repositoryPath)-temp")
public var storeRepository: GTRepository?
public var pgpKeyID: String?
public var publicKey: PGPKey? {
didSet {
if publicKey != nil {
pgpKeyID = publicKey!.keyID!.shortKeyString
} else {
pgpKeyID = nil
}
}
}
public var privateKey: PGPKey?
public var gitSignatureForNow: GTSignature {
get {
let gitSignatureName = SharedDefaults[.gitSignatureName] ?? Globals.gitSignatureDefaultName
let gitSignatureEmail = SharedDefaults[.gitSignatureEmail] ?? Globals.gitSignatureDefaultEmail
return GTSignature(name: gitSignatureName, email: gitSignatureEmail, time: Date())!
}
}
public var pgp: ObjectivePGP = ObjectivePGP()
public var pgpKeyPassphrase: String? {
set {
Utils.addPasswordToKeychain(name: "pgpKeyPassphrase", password: newValue)
}
get {
return Utils.getPasswordFromKeychain(name: "pgpKeyPassphrase")
}
}
public var gitPassword: String? {
set {
Utils.addPasswordToKeychain(name: "gitPassword", password: newValue)
}
get {
return Utils.getPasswordFromKeychain(name: "gitPassword")
}
}
public var gitSSHPrivateKeyPassphrase: String? {
set {
Utils.addPasswordToKeychain(name: "gitSSHPrivateKeyPassphrase", password: newValue)
}
get {
return Utils.getPasswordFromKeychain(name: "gitSSHPrivateKeyPassphrase")
}
}
private let fm = FileManager.default
lazy private var context: NSManagedObjectContext = {
let modelURL = Bundle(identifier: Globals.passKitBundleIdentifier)!.url(forResource: "pass", withExtension: "momd")!
let managedObjectModel = NSManagedObjectModel(contentsOf: modelURL)
let container = NSPersistentContainer(name: "pass", managedObjectModel: managedObjectModel!)
container.persistentStoreDescriptions = [NSPersistentStoreDescription(url: Globals.sharedContainerURL.appendingPathComponent("Documents/pass.sqlite"))]
container.loadPersistentStores(completionHandler: { (storeDescription, error) in
if let error = error as NSError? {
// Replace this implementation with code to handle the error appropriately.
// fatalError() causes the application to generate a crash log and terminate. You should not use this function in a shipping application, although it may be useful during development.
/*
Typical reasons for an error here include:
* The parent directory does not exist, cannot be created, or disallows writing.
* The persistent store is not accessible, due to permissions or data protection when the device is locked.
* The device is out of space.
* The store could not be migrated to the current model version.
Check the error message to determine what the actual problem was.
*/
fatalError("Unresolved error \(error), \(error.userInfo)")
}
})
return container.viewContext
}()
public var numberOfPasswords : Int {
return self.fetchPasswordEntityCoreData(withDir: false).count
}
public var sizeOfRepositoryByteCount : UInt64 {
var size = UInt64(0)
do {
if fm.fileExists(atPath: self.storeURL.path) {
size = try fm.allocatedSizeOfDirectoryAtURL(directoryURL: self.storeURL)
}
} catch {
print(error)
}
return size
}
private init() {
// File migration to group
print(Globals.documentPath)
print(Globals.libraryPath)
print(Globals.documentPathLegacy)
print(Globals.libraryPathLegacy)
migration()
do {
if fm.fileExists(atPath: storeURL.path) {
try storeRepository = GTRepository.init(url: storeURL)
}
try initPGPKeys()
} catch {
print(error)
}
}
private func migration() {
let needMigration = fm.fileExists(atPath: Globals.documentPathLegacy) && !fm.fileExists(atPath: Globals.documentPath) && fm.fileExists(atPath: Globals.libraryPathLegacy) && !fm.fileExists(atPath: Globals.libraryPath)
guard needMigration == true else {
return
}
do {
try fm.moveItem(atPath: Globals.documentPathLegacy, toPath: Globals.documentPath)
try fm.moveItem(atPath: Globals.libraryPathLegacy, toPath: Globals.libraryPath)
SharedDefaults = Defaults
} catch {
print("Cannot migrate: \(error)")
}
updatePasswordEntityCoreData()
}
enum SSHKeyType {
case `public`, secret
}
public func initGitSSHKey(with armorKey: String) throws {
let keyPath = Globals.gitSSHPrivateKeyPath
try armorKey.write(toFile: keyPath, atomically: true, encoding: .ascii)
}
public func initPGPKeys() throws {
try initPGPKey(.public)
try initPGPKey(.secret)
}
public func initPGPKey(_ keyType: PGPKeyType) throws {
switch keyType {
case .public:
let keyPath = Globals.pgpPublicKeyPath
self.publicKey = importKey(from: keyPath)
if self.publicKey == nil {
throw AppError.KeyImportError
}
case .secret:
let keyPath = Globals.pgpPrivateKeyPath
self.privateKey = importKey(from: keyPath)
if self.privateKey == nil {
throw AppError.KeyImportError
}
default:
throw AppError.UnknownError
}
}
public func initPGPKey(from url: URL, keyType: PGPKeyType) throws {
var pgpKeyLocalPath = ""
if keyType == .public {
pgpKeyLocalPath = Globals.pgpPublicKeyPath
} else {
pgpKeyLocalPath = Globals.pgpPrivateKeyPath
}
let pgpKeyData = try Data(contentsOf: url)
try pgpKeyData.write(to: URL(fileURLWithPath: pgpKeyLocalPath), options: .atomic)
try initPGPKey(keyType)
}
public func initPGPKey(with armorKey: String, keyType: PGPKeyType) throws {
var pgpKeyLocalPath = ""
if keyType == .public {
pgpKeyLocalPath = Globals.pgpPublicKeyPath
} else {
pgpKeyLocalPath = Globals.pgpPrivateKeyPath
}
try armorKey.write(toFile: pgpKeyLocalPath, atomically: true, encoding: .ascii)
try initPGPKey(keyType)
}
private func importKey(from keyPath: String) -> PGPKey? {
if fm.fileExists(atPath: keyPath) {
if let keys = pgp.importKeys(fromFile: keyPath, allowDuplicates: false) as? [PGPKey] {
return keys.first
}
}
return nil
}
public func getPgpPrivateKey() -> PGPKey {
return pgp.getKeysOf(.secret)[0]
}
public func repositoryExisted() -> Bool {
let fm = FileManager()
return fm.fileExists(atPath: Globals.repositoryPath)
}
public func passwordExisted(password: Password) -> Bool {
let passwordEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
passwordEntityFetchRequest.predicate = NSPredicate(format: "name = %@ and path = %@", password.name, password.url!.path)
let count = try context.count(for: passwordEntityFetchRequest)
if count > 0 {
return true
} else {
return false
}
} catch {
fatalError("Failed to fetch password entities: \(error)")
}
return true
}
public func passwordEntityExisted(path: String) -> Bool {
let passwordEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
passwordEntityFetchRequest.predicate = NSPredicate(format: "path = %@", path)
let count = try context.count(for: passwordEntityFetchRequest)
if count > 0 {
return true
} else {
return false
}
} catch {
fatalError("Failed to fetch password entities: \(error)")
}
return true
}
public func getPasswordEntity(by path: String, isDir: Bool) -> PasswordEntity? {
let passwordEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
passwordEntityFetchRequest.predicate = NSPredicate(format: "path = %@ and isDir = %@", path, isDir.description)
return try context.fetch(passwordEntityFetchRequest).first as? PasswordEntity
} catch {
fatalError("Failed to fetch password entities: \(error)")
}
}
public func cloneRepository(remoteRepoURL: URL,
credential: GitCredential,
transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void,
checkoutProgressBlock: @escaping (String?, UInt, UInt) -> Void) throws {
Utils.removeFileIfExists(at: storeURL)
Utils.removeFileIfExists(at: tempStoreURL)
do {
let credentialProvider = try credential.credentialProvider()
let options = [GTRepositoryCloneOptionsCredentialProvider: credentialProvider]
storeRepository = try GTRepository.clone(from: remoteRepoURL, toWorkingDirectory: tempStoreURL, options: options, transferProgressBlock:transferProgressBlock)
if fm.fileExists(atPath: storeURL.path) {
try fm.removeItem(at: storeURL)
}
try fm.copyItem(at: tempStoreURL, to: storeURL)
try fm.removeItem(at: tempStoreURL)
storeRepository = try GTRepository(url: storeURL)
} catch {
credential.delete()
throw(error)
}
DispatchQueue.main.async {
SharedDefaults[.lastSyncedTime] = Date()
self.updatePasswordEntityCoreData()
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
}
}
public func pullRepository(credential: GitCredential, transferProgressBlock: @escaping (UnsafePointer<git_transfer_progress>, UnsafeMutablePointer<ObjCBool>) -> Void) throws {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
do {
let credentialProvider = try credential.credentialProvider()
let options = [GTRepositoryRemoteOptionsCredentialProvider: credentialProvider]
let remote = try GTRemote(name: "origin", in: storeRepository)
try storeRepository.pull(storeRepository.currentBranch(), from: remote, withOptions: options, progress: transferProgressBlock)
} catch {
credential.delete()
throw(error)
}
DispatchQueue.main.async {
SharedDefaults[.lastSyncedTime] = Date()
self.setAllSynced()
self.updatePasswordEntityCoreData()
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
}
}
private func updatePasswordEntityCoreData() {
deleteCoreData(entityName: "PasswordEntity")
do {
var q = try fm.contentsOfDirectory(atPath: self.storeURL.path).filter{
!$0.hasPrefix(".")
}.map { (filename) -> PasswordEntity in
let passwordEntity = NSEntityDescription.insertNewObject(forEntityName: "PasswordEntity", into: context) as! PasswordEntity
if filename.hasSuffix(".gpg") {
passwordEntity.name = filename.substring(to: filename.index(filename.endIndex, offsetBy: -4))
} else {
passwordEntity.name = filename
}
passwordEntity.path = filename
passwordEntity.parent = nil
return passwordEntity
}
while q.count > 0 {
let e = q.first!
q.remove(at: 0)
guard !e.name!.hasPrefix(".") else {
continue
}
var isDirectory: ObjCBool = false
let filePath = storeURL.appendingPathComponent(e.path!).path
if fm.fileExists(atPath: filePath, isDirectory: &isDirectory) {
if isDirectory.boolValue {
e.isDir = true
let files = try fm.contentsOfDirectory(atPath: filePath).map { (filename) -> PasswordEntity in
let passwordEntity = NSEntityDescription.insertNewObject(forEntityName: "PasswordEntity", into: context) as! PasswordEntity
if filename.hasSuffix(".gpg") {
passwordEntity.name = filename.substring(to: filename.index(filename.endIndex, offsetBy: -4))
} else {
passwordEntity.name = filename
}
passwordEntity.path = "\(e.path!)/\(filename)"
passwordEntity.parent = e
return passwordEntity
}
q += files
} else {
e.isDir = false
}
}
}
} catch {
print(error)
}
do {
try context.save()
} catch {
print("Error with save: \(error)")
}
}
public func getRecentCommits(count: Int) throws -> [GTCommit] {
guard let storeRepository = storeRepository else {
return []
}
var commits = [GTCommit]()
let enumerator = try GTEnumerator(repository: storeRepository)
if let sha = try storeRepository.headReference().targetOID.sha {
try enumerator.pushSHA(sha)
}
for _ in 0 ..< count {
let commit = try enumerator.nextObject(withSuccess: nil)
commits.append(commit)
}
return commits
}
public func fetchPasswordEntityCoreData(parent: PasswordEntity?) -> [PasswordEntity] {
let passwordEntityFetch = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
passwordEntityFetch.predicate = NSPredicate(format: "parent = %@", parent ?? 0)
let fetchedPasswordEntities = try context.fetch(passwordEntityFetch) as! [PasswordEntity]
return fetchedPasswordEntities.sorted { $0.name!.caseInsensitiveCompare($1.name!) == .orderedAscending }
} catch {
fatalError("Failed to fetch passwords: \(error)")
}
}
public func fetchPasswordEntityCoreData(withDir: Bool) -> [PasswordEntity] {
let passwordEntityFetch = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
if !withDir {
passwordEntityFetch.predicate = NSPredicate(format: "isDir = false")
}
let fetchedPasswordEntities = try context.fetch(passwordEntityFetch) as! [PasswordEntity]
return fetchedPasswordEntities.sorted { $0.name!.caseInsensitiveCompare($1.name!) == .orderedAscending }
} catch {
fatalError("Failed to fetch passwords: \(error)")
}
}
public func fetchUnsyncedPasswords() -> [PasswordEntity] {
let passwordEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
passwordEntityFetchRequest.predicate = NSPredicate(format: "synced = %i", 0)
do {
let passwordEntities = try context.fetch(passwordEntityFetchRequest) as! [PasswordEntity]
return passwordEntities
} catch {
fatalError("Failed to fetch passwords: \(error)")
}
}
public func setAllSynced() {
let passwordEntities = fetchUnsyncedPasswords()
for passwordEntity in passwordEntities {
passwordEntity.synced = true
}
do {
if context.hasChanges {
try context.save()
}
} catch {
fatalError("Failed to save: \(error)")
}
}
public func getNumberOfUnsyncedPasswords() -> Int {
let passwordEntityFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: "PasswordEntity")
do {
passwordEntityFetchRequest.predicate = NSPredicate(format: "synced = %i", 0)
return try context.count(for: passwordEntityFetchRequest)
} catch {
fatalError("Failed to fetch unsynced passwords: \(error)")
}
}
public func getLatestUpdateInfo(filename: String) -> String {
guard let storeRepository = storeRepository else {
return "Unknown"
}
guard let blameHunks = try? storeRepository.blame(withFile: filename, options: nil).hunks,
let latestCommitTime = blameHunks.map({
$0.finalSignature?.time?.timeIntervalSince1970 ?? 0
}).max() else {
return "Unknown"
}
let lastCommitDate = Date(timeIntervalSince1970: latestCommitTime)
let currentDate = Date()
var autoFormattedDifference: String
if currentDate.timeIntervalSince(lastCommitDate) <= 60 {
autoFormattedDifference = "Just now"
} else {
let diffDate = Calendar.current.dateComponents([.year, .month, .day, .hour, .minute], from: lastCommitDate, to: currentDate)
let dateComponentsFormatter = DateComponentsFormatter()
dateComponentsFormatter.unitsStyle = .full
dateComponentsFormatter.maximumUnitCount = 2
dateComponentsFormatter.includesApproximationPhrase = true
autoFormattedDifference = dateComponentsFormatter.string(from: diffDate)!.appending(" ago")
}
return autoFormattedDifference
}
public func updateRemoteRepo() {
}
private func gitAdd(path: String) throws {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
try storeRepository.index().addFile(path)
try storeRepository.index().write()
}
private func gitRm(path: String) throws {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
let url = storeURL.appendingPathComponent(path)
if fm.fileExists(atPath: url.path) {
try fm.removeItem(at: url)
}
try storeRepository.index().removeFile(path)
try storeRepository.index().write()
}
private func deleteDirectoryTree(at url: URL) throws {
var tempURL = storeURL.appendingPathComponent(url.deletingLastPathComponent().path)
var count = try fm.contentsOfDirectory(atPath: tempURL.path).count
while count == 0 {
try fm.removeItem(at: tempURL)
tempURL.deleteLastPathComponent()
count = try fm.contentsOfDirectory(atPath: tempURL.path).count
}
}
private func createDirectoryTree(at url: URL) throws {
let tempURL = storeURL.appendingPathComponent(url.deletingLastPathComponent().path)
try fm.createDirectory(at: tempURL, withIntermediateDirectories: true, attributes: nil)
}
private func gitMv(from: String, to: String) throws {
let fromURL = storeURL.appendingPathComponent(from)
let toURL = storeURL.appendingPathComponent(to)
guard fm.fileExists(atPath: fromURL.path) else {
print("\(from) not exist")
return
}
try fm.moveItem(at: fromURL, to: toURL)
try gitAdd(path: to)
try gitRm(path: from)
}
private func gitCommit(message: String) throws -> GTCommit? {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
let newTree = try storeRepository.index().writeTree()
let headReference = try storeRepository.headReference()
let commitEnum = try GTEnumerator(repository: storeRepository)
try commitEnum.pushSHA(headReference.targetOID.sha!)
let parent = commitEnum.nextObject() as! GTCommit
let signature = gitSignatureForNow
let commit = try storeRepository.createCommit(with: newTree, message: message, author: signature, committer: signature, parents: [parent], updatingReferenceNamed: headReference.name)
return commit
}
private func getLocalBranch(withName branchName: String) throws -> GTBranch? {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
let reference = GTBranch.localNamePrefix().appending(branchName)
let branches = try storeRepository.branches(withPrefix: reference)
return branches.first
}
public func pushRepository(credential: GitCredential, transferProgressBlock: @escaping (UInt32, UInt32, Int, UnsafeMutablePointer<ObjCBool>) -> Void) throws {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
do {
let credentialProvider = try credential.credentialProvider()
let options = [GTRepositoryRemoteOptionsCredentialProvider: credentialProvider]
if let masterBranch = try getLocalBranch(withName: "master") {
let remote = try GTRemote(name: "origin", in: storeRepository)
try storeRepository.push(masterBranch, to: remote, withOptions: options, progress: transferProgressBlock)
}
} catch {
credential.delete()
throw(error)
}
}
private func addPasswordEntities(password: Password) throws -> PasswordEntity? {
guard !passwordExisted(password: password) else {
throw AppError.PasswordDuplicatedError
}
var passwordURL = password.url!
var paths: [String] = []
while passwordURL.path != "." {
paths.append(passwordURL.path)
passwordURL = passwordURL.deletingLastPathComponent()
}
paths.reverse()
var parentPasswordEntity: PasswordEntity? = nil
for path in paths {
let isDir = !path.hasSuffix(".gpg")
if let passwordEntity = getPasswordEntity(by: path, isDir: isDir) {
print(passwordEntity.path!)
parentPasswordEntity = passwordEntity
} else {
if !isDir {
return insertPasswordEntity(name: URL(string: path.stringByAddingPercentEncodingForRFC3986()!)!.deletingPathExtension().lastPathComponent, path: path, parent: parentPasswordEntity, synced: false, isDir: false)
} else {
parentPasswordEntity = insertPasswordEntity(name: URL(string: path.stringByAddingPercentEncodingForRFC3986()!)!.lastPathComponent, path: path, parent: parentPasswordEntity, synced: false, isDir: true)
}
}
}
return nil
}
private func insertPasswordEntity(name: String, path: String, parent: PasswordEntity?, synced: Bool = false, isDir: Bool = false) -> PasswordEntity? {
var ret: PasswordEntity? = nil
if let passwordEntity = NSEntityDescription.insertNewObject(forEntityName: "PasswordEntity", into: self.context) as? PasswordEntity {
passwordEntity.name = name
passwordEntity.path = path
passwordEntity.parent = parent
passwordEntity.synced = synced
passwordEntity.isDir = isDir
do {
try self.context.save()
ret = passwordEntity
} catch {
fatalError("Failed to insert a PasswordEntity: \(error)")
}
}
return ret
}
public func add(password: Password) throws -> PasswordEntity? {
try createDirectoryTree(at: password.url!)
let newPasswordEntity = try addPasswordEntities(password: password)
let saveURL = storeURL.appendingPathComponent(password.url!.path)
try self.encrypt(password: password).write(to: saveURL)
try gitAdd(path: password.url!.path)
let _ = try gitCommit(message: "Add password for \(password.url!.deletingPathExtension().path) to store using Pass for iOS.")
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
return newPasswordEntity
}
public func delete(passwordEntity: PasswordEntity) throws {
let deletedFileURL = passwordEntity.getURL()!
try deleteDirectoryTree(at: passwordEntity.getURL()!)
try deletePasswordEntities(passwordEntity: passwordEntity)
try gitRm(path: deletedFileURL.path)
let _ = try gitCommit(message: "Remove \(deletedFileURL.deletingPathExtension().path.removingPercentEncoding!) from store using Pass for iOS.")
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
}
public func edit(passwordEntity: PasswordEntity, password: Password) throws -> PasswordEntity? {
var newPasswordEntity: PasswordEntity? = passwordEntity
if password.changed&PasswordChange.content.rawValue != 0 {
print("chagne content")
let saveURL = storeURL.appendingPathComponent(passwordEntity.getURL()!.path)
try self.encrypt(password: password).write(to: saveURL)
try gitAdd(path: passwordEntity.getURL()!.path)
let _ = try gitCommit(message: "Edit password for \(passwordEntity.getURL()!.deletingPathExtension().path.removingPercentEncoding!) to store using Pass for iOS.")
newPasswordEntity = passwordEntity
}
if password.changed&PasswordChange.path.rawValue != 0 {
print("change path")
let deletedFileURL = passwordEntity.getURL()!
// add
try createDirectoryTree(at: password.url!)
newPasswordEntity = try addPasswordEntities(password: password)
// mv
try gitMv(from: deletedFileURL.path, to: password.url!.path)
// delete
try deleteDirectoryTree(at: deletedFileURL)
try deletePasswordEntities(passwordEntity: passwordEntity)
let _ = try gitCommit(message: "Rename \(deletedFileURL.deletingPathExtension().path.removingPercentEncoding!) to \(password.url!.deletingPathExtension().path.removingPercentEncoding!) using Pass for iOS.")
}
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
return newPasswordEntity
}
private func deletePasswordEntities(passwordEntity: PasswordEntity) throws {
var current: PasswordEntity? = passwordEntity
while current != nil && (current!.children!.count == 0 || !current!.isDir) {
let parent = current!.parent
self.context.delete(current!)
current = parent
do {
try self.context.save()
} catch {
fatalError("Failed to delete a PasswordEntity: \(error)")
}
}
}
public func saveUpdated(passwordEntity: PasswordEntity) {
do {
try context.save()
} catch {
fatalError("Failed to save a PasswordEntity: \(error)")
}
}
public func deleteCoreData(entityName: String) {
let deleteFetchRequest = NSFetchRequest<NSFetchRequestResult>(entityName: entityName)
let deleteRequest = NSBatchDeleteRequest(fetchRequest: deleteFetchRequest)
do {
try context.execute(deleteRequest)
try context.save()
context.reset()
} catch let error as NSError {
print(error)
}
}
public func updateImage(passwordEntity: PasswordEntity, image: Data?) {
guard let image = image else {
return
}
let privateMOC = NSManagedObjectContext(concurrencyType: .privateQueueConcurrencyType)
privateMOC.parent = context
privateMOC.perform {
passwordEntity.image = NSData(data: image)
do {
try privateMOC.save()
self.context.performAndWait {
do {
try self.context.save()
} catch {
fatalError("Failure to save context: \(error)")
}
}
} catch {
fatalError("Failure to save context: \(error)")
}
}
}
public func erase() {
publicKey = nil
privateKey = nil
Utils.removeFileIfExists(at: storeURL)
Utils.removeFileIfExists(at: tempStoreURL)
Utils.removeFileIfExists(atPath: Globals.pgpPublicKeyPath)
Utils.removeFileIfExists(atPath: Globals.pgpPrivateKeyPath)
Utils.removeFileIfExists(atPath: Globals.gitSSHPrivateKeyPath)
Utils.removeAllKeychain()
deleteCoreData(entityName: "PasswordEntity")
Defaults.removeAll()
storeRepository = nil
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
NotificationCenter.default.post(name: .passwordStoreErased, object: nil)
}
// return the number of discarded commits
public func reset() throws -> Int {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
// get a list of local commits
if let localCommits = try getLocalCommits(),
localCommits.count > 0 {
// get the oldest local commit
guard let firstLocalCommit = localCommits.last,
firstLocalCommit.parents.count == 1,
let newHead = firstLocalCommit.parents.first else {
throw AppError.GitResetError
}
try storeRepository.reset(to: newHead, resetType: .hard)
self.setAllSynced()
self.updatePasswordEntityCoreData()
NotificationCenter.default.post(name: .passwordStoreUpdated, object: nil)
NotificationCenter.default.post(name: .passwordStoreChangeDiscarded, object: nil)
return localCommits.count
} else {
return 0 // no new commit
}
}
public func numberOfLocalCommits() -> Int {
do {
if let localCommits = try getLocalCommits() {
return localCommits.count
} else {
return 0
}
} catch {
print(error)
}
return 0
}
private func getLocalCommits() throws -> [GTCommit]? {
guard let storeRepository = storeRepository else {
throw AppError.RepositoryNotSetError
}
// get the remote origin/master branch
guard let index = try storeRepository.remoteBranches().index(where: { $0.shortName == "master" }) else {
throw AppError.RepositoryRemoteMasterNotFoundError
}
let remoteMasterBranch = try storeRepository.remoteBranches()[index]
// check oid before calling localCommitsRelative
guard remoteMasterBranch.oid != nil else {
throw AppError.RepositoryRemoteMasterNotFoundError
}
// get a list of local commits
return try storeRepository.localCommitsRelative(toRemoteBranch: remoteMasterBranch)
}
public func decrypt(passwordEntity: PasswordEntity, requestPGPKeyPassphrase: () -> String) throws -> Password? {
let encryptedDataPath = storeURL.appendingPathComponent(passwordEntity.path!)
let encryptedData = try Data(contentsOf: encryptedDataPath)
var passphrase = self.pgpKeyPassphrase
if passphrase == nil {
passphrase = requestPGPKeyPassphrase()
}
let decryptedData = try PasswordStore.shared.pgp.decryptData(encryptedData, passphrase: passphrase)
let plainText = String(data: decryptedData, encoding: .utf8) ?? ""
let escapedPath = passwordEntity.path!.stringByAddingPercentEncodingForRFC3986() ?? ""
return Password(name: passwordEntity.name!, url: URL(string: escapedPath), plainText: plainText)
}
public func encrypt(password: Password) throws -> Data {
guard let publicKey = pgp.getKeysOf(.public).first else {
throw AppError.PGPPublicKeyNotExistError
}
let plainData = password.getPlainData()
let encryptedData = try pgp.encryptData(plainData, usingPublicKey: publicKey, armored: SharedDefaults[.encryptInArmored])
return encryptedData
}
public func removePGPKeys() {
Utils.removeFileIfExists(atPath: Globals.pgpPublicKeyPath)
Utils.removeFileIfExists(atPath: Globals.pgpPrivateKeyPath)
Defaults.remove(.pgpKeySource)
Defaults.remove(.pgpPublicKeyArmor)
Defaults.remove(.pgpPrivateKeyArmor)
Defaults.remove(.pgpPrivateKeyURL)
Defaults.remove(.pgpPublicKeyURL)
Utils.removeKeychain(name: ".pgpKeyPassphrase")
pgp = ObjectivePGP()
publicKey = nil
privateKey = nil
}
public func removeGitSSHKeys() {
Utils.removeFileIfExists(atPath: Globals.gitSSHPrivateKeyPath)
Defaults.remove(.gitSSHPrivateKeyArmor)
Defaults.remove(.gitSSHPrivateKeyURL)
Utils.removeKeychain(name: ".gitSSHPrivateKeyPassphrase")
}
public func gitSSHKeyExists() -> Bool {
return fm.fileExists(atPath: Globals.gitSSHPrivateKeyPath)
}
public func pgpKeyExists() -> Bool {
return fm.fileExists(atPath: Globals.pgpPublicKeyPath) && fm.fileExists(atPath: Globals.pgpPrivateKeyPath)
}
}

15
passKit/pass.xcdatamodeld/pass.xcdatamodel/contents Normal file
View file

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<model type="com.apple.IDECoreDataModeler.DataModel" documentVersion="1.0" lastSavedToolsVersion="12141" systemVersion="16F73" minimumToolsVersion="Automatic" sourceLanguage="Swift" userDefinedModelVersionIdentifier="">
<entity name="PasswordEntity" representedClassName="PasswordEntity" syncable="YES" codeGenerationType="class">
<attribute name="image" optional="YES" attributeType="Binary" allowsExternalBinaryDataStorage="YES" syncable="YES"/>
<attribute name="isDir" attributeType="Boolean" defaultValueString="NO" usesScalarValueType="YES" syncable="YES"/>
<attribute name="name" attributeType="String" syncable="YES"/>
<attribute name="path" attributeType="String" syncable="YES"/>
<attribute name="synced" attributeType="Boolean" defaultValueString="YES" usesScalarValueType="YES" syncable="YES"/>
<relationship name="children" optional="YES" toMany="YES" deletionRule="Nullify" destinationEntity="PasswordEntity" inverseName="parent" inverseEntity="PasswordEntity" syncable="YES"/>
<relationship name="parent" optional="YES" maxCount="1" deletionRule="Nullify" destinationEntity="PasswordEntity" inverseName="children" inverseEntity="PasswordEntity" syncable="YES"/>
</entity>
<elements>
<element name="PasswordEntity" positionX="36" positionY="81" width="128" height="150"/>
</elements>
</model>

15
passKit/passKit.h Normal file
View file

@ -0,0 +1,15 @@
//
// passKit.h
// passKit
//
// Created by Yishi Lin on 11/6/17.
// Copyright © 2017年 Bob Sun. All rights reserved.
//
#import <UIKit/UIKit.h>
//! Project version number for passKit.
FOUNDATION_EXPORT double passKitVersionNumber;
//! Project version string for passKit.
FOUNDATION_EXPORT const unsigned char passKitVersionString[];