-
Notifications
You must be signed in to change notification settings - Fork 210
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create MXSecretStorage to support SSSS #851
Conversation
RiotX did not create the key with them
Go directly to the symmetric encryption defined at https://github.com/uhoreg/matrix-doc/blob/symmetric_ssss/proposals/2472-symmetric-ssss.md
Start with the secret storage key management
This will help to chain requests
from NSData * keys
#pragma mark - Constants | ||
|
||
FOUNDATION_EXPORT NSString *const MXSecretStorageErrorDomain; | ||
typedef enum : NSUInteger |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prefer typedef NS_ENUM(NSUInteger, MXSecretStorageErrorCode) {
for Swift usage.
*/ | ||
- (MXHTTPOperation *)storeSecret:(NSString*)unpaddedBase64Secret | ||
withSecretId:(nullable NSString*)secretId | ||
withSecretStorageKeys:(NSDictionary<NSString*, NSData*> *)keys |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
with
prefix can be replaced by and
or removed.
@param failure A block object called when the operation fails. | ||
*/ | ||
- (void)secretWithSecretId:(NSString*)secretId | ||
withSecretStorageKeyId:(nullable NSString*)keyId |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
with
prefix can be removed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
why? SecretId and SecretStorageKeyId are 2 different things. This makes a sentence in objc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Only the second one
dispatch_async(processingQueue, ^{ | ||
MXStrongifyAndReturnIfNil(self); | ||
|
||
NSData *iv = [MXBase64Tools dataFromBase64:key.iv]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MXSecretStorageKeyContent.iv
is nullable. Crash can occurs here.
NSData *keyMac = [MXBase64Tools dataFromBase64:key.mac]; | ||
NSData *encryptedZeroStringMac = [MXBase64Tools dataFromBase64:encryptedZeroString.mac]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MXSecretStorageKeyContent.mac is nullable. Crash can occurs here.
|
||
NSData *iv = secretContent.iv ? [MXBase64Tools dataFromBase64:secretContent.iv] : [NSMutableData dataWithLength:16]; | ||
|
||
NSData *hmac = [MXBase64Tools dataFromBase64:secretContent.mac]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MXEncryptedSecretContent.mac is nullable. Crash can occurs here.
return nil; | ||
} | ||
|
||
NSData *cipher = [MXBase64Tools dataFromBase64:secretContent.ciphertext]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
MXEncryptedSecretContent.cipherText is nullable. Crash can occurs here.
Fix element-hq/element-ios#2926
Spec: ([MSC1946(]matrix-org/matrix-spec-proposals#1946)
This module will be used for bootstrap and account keys recovery.