lysann/passforios
1
0
Fork 0
Code Issues Pull requests Activity

Change logic of passphrass for multikeys

Browse source
This commit is contained in:
Mingshen Sun 2020-04-13 19:15:52 -07:00
parent e9c5b63c4b
commit eb6e854d92
15 changed files with 95 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pass/Controllers/GeneralSettingsTableViewController.swift
View file

@ -176,7 +176,7 @@ class GeneralSettingsTableViewController: BasicStaticTableViewController {
@objc func rememberPGPPassphraseSwitchAction(_ sender: Any?) {
Defaults.isRememberPGPPassphraseOn = rememberPGPPassphraseSwitch.isOn
if rememberPGPPassphraseSwitch.isOn == false {
AppKeychain.shared.removeContent(for: Globals.pgpKeyPassphrase)
AppKeychain.shared.removeAllContent(withPrefix: Globals.pgpKeyPassphrase)
}
}

11
pass/Controllers/PGPKeyArmorImportTableViewController.swift
View file

@ -16,6 +16,9 @@ class PGPKeyArmorImportTableViewController: AutoCellHeightUITableViewController,
@IBOutlet weak var scanPublicKeyCell: UITableViewCell!
@IBOutlet weak var scanPrivateKeyCell: UITableViewCell!
var armorPublicKey: String?
var armorPrivateKey: String?
class ScannedPGPKey {
enum KeyType {
case publicKey, privateKey
@ -74,7 +77,9 @@ class PGPKeyArmorImportTableViewController: AutoCellHeightUITableViewController,
}
@IBAction func save(_ sender: Any) {
savePassphraseDialog()
armorPublicKey = armorPublicKeyTextView.text
armorPrivateKey = armorPrivateKeyTextView.text
self.saveImportedKeys()
}
func textView(_ textView: UITextView, shouldChangeTextIn range: NSRange, replacementText text: String) -> Bool {
@ -144,8 +149,8 @@ extension PGPKeyArmorImportTableViewController: PGPKeyImporter {
}
func importKeys() throws {
try KeyFileManager.PublicPgp.importKey(from: armorPublicKeyTextView.text ?? "")
try KeyFileManager.PrivatePgp.importKey(from: armorPrivateKeyTextView.text ?? "")
try KeyFileManager.PublicPgp.importKey(from: armorPublicKey ?? "")
try KeyFileManager.PrivatePgp.importKey(from: armorPrivateKey ?? "")
}
func saveImportedKeys() {

2
pass/Controllers/PGPKeyFIleImportTableViewController.swift
View file

@ -20,7 +20,7 @@ class PGPKeyFileImportTableViewController: AutoCellHeightUITableViewController {
private var currentlyPicking = KeyType.none
@IBAction func save(_ sender: Any) {
savePassphraseDialog()
self.saveImportedKeys()
}
override func tableView(_ tableView: UITableView, didSelectRowAt indexPath: IndexPath) {

32
pass/Controllers/PGPKeyImporter.swift
View file

@ -25,35 +25,3 @@ extension PGPKeyImporter {
}
}
extension PGPKeyImporter where Self: UIViewController {
func savePassphraseDialog() {
guard self.isReadyToUse() else {
return
}
let savePassphraseAlert = UIAlertController(title: "Passphrase".localize(), message: "WantToSavePassphrase?".localize(), preferredStyle: .alert)
// Do not save the key's passphrase.
savePassphraseAlert.addAction(UIAlertAction(title: "No".localize(), style: .default) { _ in
AppKeychain.shared.removeContent(for: Globals.pgpKeyPassphrase)
Defaults.isRememberPGPPassphraseOn = false
self.saveImportedKeys()
})
// Save the key's passphrase.
savePassphraseAlert.addAction(UIAlertAction(title: "Yes".localize(), style: .destructive) { _ in
// Ask for the passphrase.
let alert = UIAlertController(title: "Passphrase".localize(), message: "FillInPgpPassphrase.".localize(), preferredStyle: .alert)
alert.addAction(UIAlertAction(title: "Ok".localize(), style: .default) { _ in
AppKeychain.shared.add(string: alert.textFields?.first?.text, for: Globals.pgpKeyPassphrase)
Defaults.isRememberPGPPassphraseOn = true
self.saveImportedKeys()
})
alert.addTextField { textField in
textField.text = AppKeychain.shared.get(for: Globals.pgpKeyPassphrase)
textField.isSecureTextEntry = true
}
self.present(alert, animated: true)
})
present(savePassphraseAlert, animated: true)
}
}

43
pass/Controllers/PGPKeyUrlImportTableViewController.swift
View file

@ -14,6 +14,9 @@ class PGPKeyUrlImportTableViewController: AutoCellHeightUITableViewController {
@IBOutlet weak var pgpPublicKeyURLTextField: UITextField!
@IBOutlet weak var pgpPrivateKeyURLTextField: UITextField!
var pgpPrivateKeyURL: URL?
var pgpPublicKeyURL: URL?
override func viewDidLoad() {
super.viewDidLoad()
pgpPublicKeyURLTextField.text = Defaults.pgpPublicKeyURL?.absoluteString
@ -21,23 +24,19 @@ class PGPKeyUrlImportTableViewController: AutoCellHeightUITableViewController {
}
@IBAction func save(_ sender: Any) {
let publicKeyUrl = pgpPublicKeyURLTextField.text
if publicKeyUrl == nil || publicKeyUrl!.trimmed.isEmpty {
return savePassphraseDialog()
guard let publicKeyURLText = pgpPublicKeyURLTextField.text,
let publicKeyURL = URL(string: publicKeyURLText),
let privateKeyURLText = pgpPrivateKeyURLTextField.text,
let privateKeyURL = URL(string: privateKeyURLText) else {
Utils.alert(title: "CannotSavePgpKey".localize(), message: "SetPgpKeyUrlsFirst.".localize(), controller: self)
return
}
if getScheme(from: pgpPrivateKeyURLTextField.text?.trimmed) == "http" {
let savePassphraseAlert = UIAlertController(title: "HttpNotSecure".localize(), message: "ReallyUseHttp?".localize(), preferredStyle: .alert)
savePassphraseAlert.addAction(UIAlertAction(title: "No".localize(), style: .default) { _ in })
savePassphraseAlert.addAction(UIAlertAction(title: "Yes".localize(), style: .destructive) { _ in
self.savePassphraseDialog()
})
return present(savePassphraseAlert, animated: true)
if privateKeyURL.scheme?.lowercased() == "http" || publicKeyURL.scheme?.lowercased() == "http" {
Utils.alert(title: "HttpNotSecure".localize(), message: "ReallyUseHttp.".localize(), controller: self)
}
return savePassphraseDialog()
}
private func getScheme(from url: String?) -> String? {
return url.flatMap(URL.init(string:))?.scheme
pgpPrivateKeyURL = privateKeyURL
pgpPublicKeyURL = publicKeyURL
self.saveImportedKeys()
}
}
@ -47,13 +46,13 @@ extension PGPKeyUrlImportTableViewController: PGPKeyImporter {
static let label = "DownloadFromUrl".localize()
func isReadyToUse() -> Bool {
return validate(pgpKeyUrl: pgpPublicKeyURLTextField.text)
&& validate(pgpKeyUrl: pgpPrivateKeyURLTextField.text)
return validate(pgpKeyUrl: pgpPublicKeyURLTextField.text ?? "")
&& validate(pgpKeyUrl: pgpPrivateKeyURLTextField.text ?? "")
}
func importKeys() throws {
Defaults.pgpPrivateKeyURL = URL(string: pgpPrivateKeyURLTextField.text!.trimmed)
Defaults.pgpPublicKeyURL = URL(string: pgpPublicKeyURLTextField.text!.trimmed)
Defaults.pgpPrivateKeyURL = pgpPrivateKeyURL
Defaults.pgpPublicKeyURL = pgpPublicKeyURL
try KeyFileManager.PublicPgp.importKey(from: Defaults.pgpPublicKeyURL!)
try KeyFileManager.PrivatePgp.importKey(from: Defaults.pgpPrivateKeyURL!)
@ -67,12 +66,12 @@ extension PGPKeyUrlImportTableViewController: PGPKeyImporter {
performSegue(withIdentifier: "savePGPKeySegue", sender: self)
}
private func validate(pgpKeyUrl: String?) -> Bool {
guard let scheme = getScheme(from: pgpKeyUrl) else {
private func validate(pgpKeyUrl: String) -> Bool {
guard let url = URL(string: pgpKeyUrl) else {
Utils.alert(title: "CannotSavePgpKey".localize(), message: "SetPgpKeyUrlsFirst.".localize(), controller: self)
return false
}
guard scheme == "https" || scheme == "http" else {
guard url.scheme == "https" || url.scheme == "http" else {
Utils.alert(title: "CannotSavePgpKey".localize(), message: "UseEitherHttpsOrHttp.".localize(), controller: self)
return false
}

4
pass/Controllers/SSHKeyArmorImportTableViewController.swift
View file

@ -15,6 +15,7 @@ class SSHKeyArmorImportTableViewController: AutoCellHeightUITableViewController,
@IBOutlet weak var scanPrivateKeyCell: UITableViewCell!
var gitSSHPrivateKeyPassphrase: String?
var armorPrivateKey: String?
class ScannedSSHKey {
var segments = [String]()
@ -59,6 +60,7 @@ class SSHKeyArmorImportTableViewController: AutoCellHeightUITableViewController,
}
@IBAction func doneButtonTapped(_ sender: Any) {
armorPrivateKey = armorPrivateKeyTextView.text
performSegue(withIdentifier: "importSSHKeySegue", sender: self)
}
@ -121,6 +123,6 @@ extension SSHKeyArmorImportTableViewController: KeyImporter {
}
func importKeys() throws {
try KeyFileManager.PrivateSsh.importKey(from: armorPrivateKeyTextView.text ?? "")
try KeyFileManager.PrivateSsh.importKey(from: armorPrivateKey ?? "")
}
}

22
pass/Controllers/SSHKeyUrlImportTableViewController.swift
View file

@ -13,13 +13,21 @@ class SSHKeyUrlImportTableViewController: AutoCellHeightUITableViewController {
@IBOutlet weak var privateKeyURLTextField: UITextField!
var sshPrivateKeyURL: URL?
override func viewDidLoad() {
super.viewDidLoad()
privateKeyURLTextField.text = Defaults.gitSSHPrivateKeyURL?.absoluteString
}
@IBAction func doneButtonTapped(_ sender: UIButton) {
if getScheme(from: privateKeyURLTextField.text?.trimmed) == "http" {
guard let text = privateKeyURLTextField.text,
let privateKeyURL = URL(string: text) else {
Utils.alert(title: "CannotSave".localize(), message: "SetPrivateKeyUrl.".localize(), controller: self)
return
}
if privateKeyURL.scheme?.lowercased() == "http" {
let savePassphraseAlert = UIAlertController(title: "HttpNotSecure".localize(), message: "ReallyUseHttp?".localize(), preferredStyle: .alert)
savePassphraseAlert.addAction(UIAlertAction(title: "No".localize(), style: .default) { _ in })
savePassphraseAlert.addAction(UIAlertAction(title: "Yes".localize(), style: .destructive) { _ in
@ -27,12 +35,9 @@ class SSHKeyUrlImportTableViewController: AutoCellHeightUITableViewController {
})
return present(savePassphraseAlert, animated: true)
}
sshPrivateKeyURL = privateKeyURL
performSegue(withIdentifier: "importSSHKeySegue", sender: self)
}
private func getScheme(from url: String?) -> String? {
return url.flatMap(URL.init(string:))?.scheme
}
}
extension SSHKeyUrlImportTableViewController: KeyImporter {
@ -41,11 +46,11 @@ extension SSHKeyUrlImportTableViewController: KeyImporter {
static let label = "DownloadFromUrl".localize()
func isReadyToUse() -> Bool {
guard let scheme = getScheme(from: privateKeyURLTextField.text?.trimmed) else {
guard let url = sshPrivateKeyURL else {
Utils.alert(title: "CannotSave".localize(), message: "SetPrivateKeyUrl.".localize(), controller: self)
return false
}
guard scheme == "https" || scheme == "http" else {
guard url.scheme == "https" || url.scheme == "http" else {
Utils.alert(title: "CannotSave".localize(), message: "UseEitherHttpsOrHttp.".localize(), controller: self)
return false
}
@ -53,8 +58,7 @@ extension SSHKeyUrlImportTableViewController: KeyImporter {
}
func importKeys() throws {
Defaults.gitSSHPrivateKeyURL = URL(string: privateKeyURLTextField.text!.trimmed)
Defaults.gitSSHPrivateKeyURL = sshPrivateKeyURL
try KeyFileManager.PrivateSsh.importKey(from: Defaults.gitSSHPrivateKeyURL!)
}
}

13
pass/Controllers/SettingsTableViewController.swift
View file

@ -83,7 +83,14 @@ class SettingsTableViewController: UITableViewController, UITabBarControllerDele
}
private func setPGPKeyTableViewCellDetailText() {
pgpKeyTableViewCell.detailTextLabel?.text = try? PGPAgent.shared.getShortKeyId() ?? "NotSet".localize()
var label = "NotSet".localize()
let keyID = (try? PGPAgent.shared.getShortKeyID()) ?? []
if keyID.count == 1 {
label = keyID.first ?? ""
} else if keyID.count > 1 {
label = "Multiple"
}
pgpKeyTableViewCell.detailTextLabel?.text = label
}
private func setPasswordRepositoryTableViewCellDetailText() {
@ -141,9 +148,7 @@ class SettingsTableViewController: UITableViewController, UITabBarControllerDele
})
if isReadyToUse() {
optionMenu.addAction(UIAlertAction(title: "\(Self.menuLabel) (\("Import".localize()))", style: .default) { _ in
self.savePassphraseDialog()
})
optionMenu.addAction(UIAlertAction(title: "\(Self.menuLabel) (\("Import".localize()))", style: .default))
} else {
optionMenu.addAction(UIAlertAction(title: "\(Self.menuLabel) (\("Tips".localize()))", style: .default) { _ in
let title = "Tips".localize()

15
passKit/Crypto/GopenPgp.swift
View file

@ -52,13 +52,14 @@ struct GopenPgp: PgpInterface {
for line in str.splitByNewline() {
if line.trimmed.uppercased().hasPrefix("-----BEGIN PGP") {
key = ""
key += line + "\n"
key += line
} else if line.trimmed.uppercased().hasPrefix("-----END PGP") {
key += line
keys.append(key)
} else {
key += line + "\n"
key += line
}
key += "\n"
}
return keys
}
@ -114,14 +115,12 @@ struct GopenPgp: PgpInterface {
return encryptedData.getBinary()!
}
var keyId: String {
let fingerprint = publicKeys.first?.key ?? ""
return String(fingerprint).uppercased()
var keyID: [String] {
return publicKeys.keys.map({ $0.uppercased() })
}
var shortKeyId: String {
let fingerprint = publicKeys.first?.key ?? ""
return String(fingerprint.suffix(8)).uppercased()
var shortKeyID: [String] {
return publicKeys.keys.map({ $0.suffix(8).uppercased()})
}
private func createPgpMessage(from encryptedData: Data) -> CryptoPGPMessage? {

8
passKit/Crypto/ObjectivePgp.swift
View file

@ -42,11 +42,11 @@ struct ObjectivePgp: PgpInterface {
return encryptedData
}
var keyId: String {
return publicKey.keyID.longIdentifier
var keyID: [String] {
return keyring.keys.map({ $0.keyID.longIdentifier })
}
var shortKeyId: String {
return publicKey.keyID.shortIdentifier
var shortKeyID: [String] {
return keyring.keys.map({ $0.keyID.shortIdentifier })
}
}

10
passKit/Crypto/PGPAgent.swift
View file

@ -35,14 +35,14 @@ public class PGPAgent {
pgpInterface = nil
}
public func getKeyId() throws -> String? {
public func getKeyID() throws -> [String] {
try checkAndInit()
return pgpInterface?.keyId
return pgpInterface?.keyID ?? []
}
public func getShortKeyId() throws -> String? {
public func getShortKeyID() throws -> [String] {
try checkAndInit()
return pgpInterface?.shortKeyId
return pgpInterface?.shortKeyID ?? []
}
public func decrypt(encryptedData: Data, keyID: String, requestPGPKeyPassphrase: (String) -> String) throws -> Data? {
@ -56,7 +56,7 @@ public class PGPAgent {
if previousDecryptStatus == false {
passphrase = requestPGPKeyPassphrase(keyID)
} else {
passphrase = keyStore.get(for: Globals.pgpKeyPassphrase) ?? requestPGPKeyPassphrase(keyID)
passphrase = keyStore.get(for: AppKeychain.getPGPKeyPassphraseKey(keyID: keyID)) ?? requestPGPKeyPassphrase(keyID)
}
// Decrypt.
guard let result = try pgpInterface!.decrypt(encryptedData: encryptedData, keyID: keyID, passphrase: passphrase) else {

4
passKit/Crypto/PgpInterface.swift
View file

@ -12,7 +12,7 @@ protocol PgpInterface {
func encrypt(plainData: Data, keyID: String) throws -> Data
var keyId: String { get }
var keyID: [String] { get }
var shortKeyId: String { get }
var shortKeyID: [String] { get }
}

12
passKit/Helpers/AppKeychain.swift
View file

@ -43,4 +43,16 @@ public class AppKeychain: KeyStore {
public func removeAllContent() {
try? keychain.removeAll()
}
public func removeAllContent(withPrefix prefix: String) {
for k in keychain.allKeys() {
if k.hasPrefix(prefix) {
try? keychain.remove(k)
}
}
}
public static func getPGPKeyPassphraseKey(keyID: String) -> String {
Globals.pgpKeyPassphrase + "-" + keyID
}
}

12
passKit/Helpers/Utils.swift
View file

@ -40,24 +40,26 @@ public class Utils {
}
public static func createRequestPGPKeyPassphraseHandler(controller: UIViewController) -> (String) -> String {
return { keyID in
return { keyID in
let sem = DispatchSemaphore(value: 0)
var passphrase = ""
DispatchQueue.main.async {
let alert = UIAlertController(title: "Passphrase".localize() + " (\(keyID.suffix(8)))", message: "FillInPgpPassphrase.".localize(), preferredStyle: UIAlertController.Style.alert)
let title = "Passphrase".localize() + " (\(keyID.suffix(8)))"
let message = "FillInPgpPassphrase.".localize()
let alert = UIAlertController(title: title, message: message, preferredStyle: .alert)
alert.addAction(UIAlertAction(title: "Ok".localize(), style: UIAlertAction.Style.default, handler: {_ in
passphrase = alert.textFields!.first!.text!
passphrase = alert.textFields?.first?.text ?? ""
sem.signal()
}))
alert.addTextField(configurationHandler: {(textField: UITextField!) in
textField.text = AppKeychain.shared.get(for: Globals.pgpKeyPassphrase) ?? ""
textField.text = AppKeychain.shared.get(for: AppKeychain.getPGPKeyPassphraseKey(keyID: keyID)) ?? ""
textField.isSecureTextEntry = true
})
controller.present(alert, animated: true, completion: nil)
}
let _ = sem.wait(timeout: DispatchTime.distantFuture)
if Defaults.isRememberPGPPassphraseOn {
AppKeychain.shared.add(string: passphrase, for: Globals.pgpKeyPassphrase)
AppKeychain.shared.add(string: passphrase, for: AppKeychain.getPGPKeyPassphraseKey(keyID: keyID))
}
return passphrase
}

2
passKitTests/Crypto/PGPAgentTest.swift
View file

@ -73,7 +73,7 @@ class PGPAgentTest: XCTestCase {
try KeyFileManager(keyType: PgpKey.PRIVATE, keyPath: "", keyHandler: keychain.add).importKey(from: keyTriple.privateKey)
XCTAssert(pgpAgent.isPrepared)
try pgpAgent.initKeys()
XCTAssert(try pgpAgent.getKeyId()!.lowercased().hasSuffix(keyTriple.fingerprint))
XCTAssert(try pgpAgent.getKeyID().first!.lowercased().hasSuffix(keyTriple.fingerprint))
try [
(true, true), (true, false), (false, true), (false, false)
].forEach{ a, b in