lysann/passforios
1
0
Fork 0
Code Issues Pull requests Activity

streamline gpg-id handing

Browse source 
* decrypt should not care about it at all
* PasswordStore.decrypt always forwards the passed in keyID, even when
  gpg-id handling is disabled
* PasswordStore.encrypt: streamlined, but should be same behavior
This commit is contained in:
Lysann Tranvouez 2026-03-11 22:56:21 +01:00
parent 054f333bac
commit e32402b807
1 changed files with 14 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

32
passKit/Models/PasswordStore.swift
View file

@ -395,13 +395,7 @@ public class PasswordStore {
public func decrypt(passwordEntity: PasswordEntity, keyID: String? = nil, requestPGPKeyPassphrase: @escaping (String) -> String) throws -> Password { public func decrypt(passwordEntity: PasswordEntity, keyID: String? = nil, requestPGPKeyPassphrase: @escaping (String) -> String) throws -> Password {
let url = passwordEntity.fileURL(in: storeURL) let url = passwordEntity.fileURL(in: storeURL)
let encryptedData = try Data(contentsOf: url) let encryptedData = try Data(contentsOf: url)
let data: Data? = try { let data: Data? = try PGPAgent.shared.decrypt(encryptedData: encryptedData, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
if Defaults.isEnableGPGIDOn {
let keyID = keyID ?? findGPGID(from: url)
return try PGPAgent.shared.decrypt(encryptedData: encryptedData, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
}
return try PGPAgent.shared.decrypt(encryptedData: encryptedData, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
}()
guard let decryptedData = data else { guard let decryptedData = data else {
throw AppError.decryption throw AppError.decryption
} }
@ -413,20 +407,22 @@ public class PasswordStore {
guard let passwordEntity = fetchPasswordEntity(with: path) else { guard let passwordEntity = fetchPasswordEntity(with: path) else {
throw AppError.decryption throw AppError.decryption
} }
if Defaults.isEnableGPGIDOn { return try decrypt(passwordEntity: passwordEntity, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
return try decrypt(passwordEntity: passwordEntity, keyID: keyID, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
}
return try decrypt(passwordEntity: passwordEntity, requestPGPKeyPassphrase: requestPGPKeyPassphrase)
} }
public func encrypt(password: Password, keyID: String? = nil) throws -> Data { public func encrypt(password: Password, keyID: String? = nil) throws -> Data {
var keyID = keyID let keyIDs: [String] = {
if Defaults.isEnableGPGIDOn { if let keyID {
let encryptedDataPath = password.fileURL(in: storeURL) return [keyID]
keyID = keyID ?? findGPGID(from: encryptedDataPath) }
} if Defaults.isEnableGPGIDOn {
if let keyID { let encryptedDataPath = password.fileURL(in: storeURL)
return try PGPAgent.shared.encrypt(plainData: password.plainData, keyIDs: [keyID]) return [findGPGID(from: encryptedDataPath)]
}
return []
}()
if !keyIDs.isEmpty {
return try PGPAgent.shared.encrypt(plainData: password.plainData, keyIDs: keyIDs)
} }
return try PGPAgent.shared.encryptWithAllKeys(plainData: password.plainData) return try PGPAgent.shared.encryptWithAllKeys(plainData: password.plainData)
} }