From 1117769484a55fe4a5b4d3d08aec79b59152dd3a Mon Sep 17 00:00:00 2001 From: Peter <> Date: Tue, 2 Apr 2019 01:30:25 +0400 Subject: [PATCH] Update submodules --- .../NotificationViewController.swift | 5 +++- Share/ShareRootController.swift | 5 +++- SiriIntents/IntentHandler.swift | 5 +++- Telegram-iOS/AppDelegate.swift | 10 +++---- Telegram-iOS/BuildConfig.h | 9 +++++- Telegram-iOS/BuildConfig.m | 30 +++++++++++++++---- Telegram-iOS/LegacyDataImport.swift | 4 +-- Widget/TodayViewController.swift | 6 +++- submodules/Postbox | 2 +- submodules/TelegramCore | 2 +- submodules/TelegramUI | 2 +- 11 files changed, 60 insertions(+), 20 deletions(-) diff --git a/NotificationContent/NotificationViewController.swift b/NotificationContent/NotificationViewController.swift index d53b74a556..6d68bb336e 100644 --- a/NotificationContent/NotificationViewController.swift +++ b/NotificationContent/NotificationViewController.swift @@ -117,7 +117,10 @@ class NotificationViewController: UIViewController, UNNotificationContentExtensi let appVersion = (Bundle.main.infoDictionary?["CFBundleShortVersionString"] as? String) ?? "unknown" - sharedAccountContext = SharedAccountContext(mainWindow: nil, basePath: rootPath, encryptionKey: BuildConfig.encryptionKey(rootPath), accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), rootPath: rootPath, legacyBasePath: nil, legacyCache: nil, apsNotificationToken: .never(), voipNotificationToken: .never(), setNotificationCall: { _ in }, navigateToChat: { _, _, _ in }) + let deviceSpecificEncryptionParameters = BuildConfig.deviceSpecificEncryptionParameters(rootPath) + let encryptionParameters = ValueBoxEncryptionParameters(key: ValueBoxEncryptionParameters.Key(data: deviceSpecificEncryptionParameters.key)!, salt: ValueBoxEncryptionParameters.Salt(data: deviceSpecificEncryptionParameters.salt)!) + + sharedAccountContext = SharedAccountContext(mainWindow: nil, basePath: rootPath, encryptionParameters: encryptionParameters, accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), rootPath: rootPath, legacyBasePath: nil, legacyCache: nil, apsNotificationToken: .never(), voipNotificationToken: .never(), setNotificationCall: { _ in }, navigateToChat: { _, _, _ in }) } } diff --git a/Share/ShareRootController.swift b/Share/ShareRootController.swift index 4a2918b73f..8323619980 100644 --- a/Share/ShareRootController.swift +++ b/Share/ShareRootController.swift @@ -160,7 +160,10 @@ class ShareRootController: UIViewController { }) semaphore.wait() - let sharedContext = SharedAccountContext(mainWindow: nil, basePath: rootPath, encryptionKey: BuildConfig.encryptionKey(rootPath), accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), rootPath: rootPath, legacyBasePath: nil, legacyCache: nil, apsNotificationToken: .never(), voipNotificationToken: .never(), setNotificationCall: { _ in }, navigateToChat: { _, _, _ in }) + let deviceSpecificEncryptionParameters = BuildConfig.deviceSpecificEncryptionParameters(rootPath) + let encryptionParameters = ValueBoxEncryptionParameters(key: ValueBoxEncryptionParameters.Key(data: deviceSpecificEncryptionParameters.key)!, salt: ValueBoxEncryptionParameters.Salt(data: deviceSpecificEncryptionParameters.salt)!) + + let sharedContext = SharedAccountContext(mainWindow: nil, basePath: rootPath, encryptionParameters: encryptionParameters, accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), rootPath: rootPath, legacyBasePath: nil, legacyCache: nil, apsNotificationToken: .never(), voipNotificationToken: .never(), setNotificationCall: { _ in }, navigateToChat: { _, _, _ in }) sharedExtensionContext = SharedExtensionContext(sharedContext: sharedContext) globalSharedExtensionContext = sharedExtensionContext } diff --git a/SiriIntents/IntentHandler.swift b/SiriIntents/IntentHandler.swift index c7bf7f8b17..4309c44625 100644 --- a/SiriIntents/IntentHandler.swift +++ b/SiriIntents/IntentHandler.swift @@ -84,7 +84,10 @@ class IntentHandler: INExtension, INSendMessageIntentHandling, INSearchForMessag initializeAccountManagement() let accountManager = AccountManager(basePath: rootPath + "/accounts-metadata") - account = currentAccount(allocateIfNotExists: false, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), supplementary: true, manager: accountManager, rootPath: rootPath, auxiliaryMethods: accountAuxiliaryMethods, encryptionKey: BuildConfig.encryptionKey(rootPath)) + let deviceSpecificEncryptionParameters = BuildConfig.deviceSpecificEncryptionParameters(rootPath) + let encryptionParameters = ValueBoxEncryptionParameters(key: ValueBoxEncryptionParameters.Key(data: deviceSpecificEncryptionParameters.key)!, salt: ValueBoxEncryptionParameters.Salt(data: deviceSpecificEncryptionParameters.salt)!) + + account = currentAccount(allocateIfNotExists: false, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), supplementary: true, manager: accountManager, rootPath: rootPath, auxiliaryMethods: accountAuxiliaryMethods, encryptionParameters: encryptionParameters) |> mapToSignal { account -> Signal in if let account = account { switch account { diff --git a/Telegram-iOS/AppDelegate.swift b/Telegram-iOS/AppDelegate.swift index 34321da6ed..ccce9296d2 100644 --- a/Telegram-iOS/AppDelegate.swift +++ b/Telegram-iOS/AppDelegate.swift @@ -372,7 +372,8 @@ final class SharedApplicationContext { let rootPath = rootPathForBasePath(appGroupUrl.path) performAppGroupUpgrades(appGroupPath: appGroupUrl.path, rootPath: rootPath) - let encryptionKey = BuildConfig.encryptionKey(rootPath) + let deviceSpecificEncryptionParameters = BuildConfig.deviceSpecificEncryptionParameters(rootPath) + let encryptionParameters = ValueBoxEncryptionParameters(key: ValueBoxEncryptionParameters.Key(data: deviceSpecificEncryptionParameters.key)!, salt: ValueBoxEncryptionParameters.Salt(data: deviceSpecificEncryptionParameters.salt)!) TempBox.initializeShared(basePath: rootPath, processType: "app", launchSpecificId: arc4random64()) @@ -575,11 +576,10 @@ final class SharedApplicationContext { let accountManagerSignal = Signal { subscriber in let accountManager = AccountManager(basePath: rootPath + "/accounts-metadata") - return upgradedAccounts(accountManager: accountManager, rootPath: rootPath, encryptionKey: encryptionKey).start(completed: { + return upgradedAccounts(accountManager: accountManager, rootPath: rootPath, encryptionParameters: encryptionParameters).start(completed: { subscriber.putNext(accountManager) subscriber.putCompletion() }) - return EmptyDisposable } let sharedContextSignal = accountManagerSignal @@ -601,7 +601,7 @@ final class SharedApplicationContext { let legacyCache = LegacyCache(path: legacyBasePath + "/Caches") var setPresentationCall: ((PresentationCall?) -> Void)? - let sharedContext = SharedAccountContext(mainWindow: self.mainWindow, basePath: rootPath, encryptionKey: encryptionKey, accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: networkArguments, rootPath: rootPath, legacyBasePath: legacyBasePath, legacyCache: legacyCache, apsNotificationToken: self.notificationTokenPromise.get() |> map(Optional.init), voipNotificationToken: self.voipTokenPromise.get() |> map(Optional.init), setNotificationCall: { call in + let sharedContext = SharedAccountContext(mainWindow: self.mainWindow, basePath: rootPath, encryptionParameters: encryptionParameters, accountManager: accountManager, applicationBindings: applicationBindings, initialPresentationDataAndSettings: initialPresentationDataAndSettings!, networkArguments: networkArguments, rootPath: rootPath, legacyBasePath: legacyBasePath, legacyCache: legacyCache, apsNotificationToken: self.notificationTokenPromise.get() |> map(Optional.init), voipNotificationToken: self.voipTokenPromise.get() |> map(Optional.init), setNotificationCall: { call in setPresentationCall?(call) }, navigateToChat: { accountId, peerId, messageId in self.openChatWhenReady(accountId: accountId, peerId: peerId, messageId: messageId) @@ -720,7 +720,7 @@ final class SharedApplicationContext { Logger.shared.logToConsole = loggingSettings.logToConsole Logger.shared.redactSensitiveData = loggingSettings.redactSensitiveData - return importedLegacyAccount(basePath: appGroupUrl.path, accountManager: sharedApplicationContext.sharedContext.accountManager, encryptionKey: encryptionKey, present: { controller in + return importedLegacyAccount(basePath: appGroupUrl.path, accountManager: sharedApplicationContext.sharedContext.accountManager, encryptionParameters: encryptionParameters, present: { controller in self.window?.rootViewController?.present(controller, animated: true, completion: nil) }) |> `catch` { _ -> Signal in diff --git a/Telegram-iOS/BuildConfig.h b/Telegram-iOS/BuildConfig.h index f0e898e28a..c844c6b9e5 100644 --- a/Telegram-iOS/BuildConfig.h +++ b/Telegram-iOS/BuildConfig.h @@ -1,5 +1,12 @@ #import +@interface DeviceSpecificEncryptionParameters : NSObject + +@property (nonatomic, strong) NSData * _Nonnull key; +@property (nonatomic, strong) NSData * _Nonnull salt; + +@end + @interface BuildConfig : NSObject + (instancetype _Nonnull)sharedBuildConfig; @@ -13,6 +20,6 @@ @property (nonatomic, readonly) int64_t appStoreId; @property (nonatomic, strong, readonly) NSString * _Nonnull appSpecificUrlScheme; -+ (NSData * _Nonnull)encryptionKey:(NSString * _Nonnull)rootPath; ++ (DeviceSpecificEncryptionParameters * _Nonnull)deviceSpecificEncryptionParameters:(NSString * _Nonnull)rootPath; @end diff --git a/Telegram-iOS/BuildConfig.m b/Telegram-iOS/BuildConfig.m index 08b5d8102a..22b13eecbc 100644 --- a/Telegram-iOS/BuildConfig.m +++ b/Telegram-iOS/BuildConfig.m @@ -236,6 +236,19 @@ static MTPKCS * _Nullable checkSignature(const char *filename) { @end +@implementation DeviceSpecificEncryptionParameters + +- (instancetype)initWithKey:(NSData * _Nonnull)key salt:(NSData * _Nonnull)salt { + self = [super init]; + if (self != nil) { + _key = key; + _salt = salt; + } + return self; +} + +@end + @implementation BuildConfig + (NSString *)bundleId { @@ -382,17 +395,24 @@ static MTPKCS * _Nullable checkSignature(const char *filename) { return @(APP_SPECIFIC_URL_SCHEME); } -+ (NSData * _Nonnull)encryptionKey:(NSString * _Nonnull)rootPath { ++ (DeviceSpecificEncryptionParameters * _Nonnull)deviceSpecificEncryptionParameters:(NSString * _Nonnull)rootPath { NSString *filePath = [rootPath stringByAppendingPathComponent:@".tempkey"]; NSData *data = [NSData dataWithContentsOfFile:filePath]; - if (data != nil) { - return data; + if (data != nil && data.length == 32 + 16) { + NSData *key = [data subdataWithRange:NSMakeRange(0, 32)]; + NSData *salt = [data subdataWithRange:NSMakeRange(32, 16)]; + return [[DeviceSpecificEncryptionParameters alloc] initWithKey:key salt:salt]; } - NSMutableData *randomData = [[NSMutableData alloc] initWithLength:32]; + NSMutableData *randomData = [[NSMutableData alloc] initWithLength:32 + 16]; int result = SecRandomCopyBytes(kSecRandomDefault, randomData.length, [randomData mutableBytes]); + if (data != nil && data.length == 32) { // upgrade key with salt + [data getBytes:randomData.mutableBytes length:32]; + } assert(result == 0); [randomData writeToFile:filePath atomically:false]; - return randomData; + NSData *key = [randomData subdataWithRange:NSMakeRange(0, 32)]; + NSData *salt = [randomData subdataWithRange:NSMakeRange(32, 16)]; + return [[DeviceSpecificEncryptionParameters alloc] initWithKey:key salt:salt]; } @end diff --git a/Telegram-iOS/LegacyDataImport.swift b/Telegram-iOS/LegacyDataImport.swift index 8086706845..612dfd8c95 100644 --- a/Telegram-iOS/LegacyDataImport.swift +++ b/Telegram-iOS/LegacyDataImport.swift @@ -106,7 +106,7 @@ enum ImportedLegacyAccountEvent { case result(AccountRecordId?) } -func importedLegacyAccount(basePath: String, accountManager: AccountManager, encryptionKey: Data, present: @escaping (UIViewController) -> Void) -> Signal { +func importedLegacyAccount(basePath: String, accountManager: AccountManager, encryptionParameters: ValueBoxEncryptionParameters, present: @escaping (UIViewController) -> Void) -> Signal { let queue = Queue() return deferred { () -> Signal in let documentsPath = basePath + "/Documents" @@ -218,7 +218,7 @@ func importedLegacyAccount(basePath: String, accountManager: AccountManager, enc } } - return temporaryAccount(manager: accountManager, rootPath: rootPathForBasePath(basePath), encryptionKey: encryptionKey) + return temporaryAccount(manager: accountManager, rootPath: rootPathForBasePath(basePath), encryptionParameters: encryptionParameters) |> introduceError(AccountImportError.self) |> mapToSignal { account -> Signal in let actions = importedAccountData(basePath: basePath, documentsPath: documentsPath, accountManager: accountManager, account: account, database: database) diff --git a/Widget/TodayViewController.swift b/Widget/TodayViewController.swift index c701a44b70..9453e211d3 100644 --- a/Widget/TodayViewController.swift +++ b/Widget/TodayViewController.swift @@ -78,7 +78,11 @@ class TodayViewController: UIViewController, NCWidgetProviding { let appVersion = (Bundle.main.infoDictionary?["CFBundleShortVersionString"] as? String) ?? "unknown" initializeAccountManagement() let accountManager = AccountManager(basePath: rootPath + "/accounts-metadata") - account = currentAccount(allocateIfNotExists: false, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), supplementary: true, manager: accountManager, rootPath: rootPath, auxiliaryMethods: auxiliaryMethods, encryptionKey: BuildConfig.encryptionKey(rootPath)) + + let deviceSpecificEncryptionParameters = BuildConfig.deviceSpecificEncryptionParameters(rootPath) + let encryptionParameters = ValueBoxEncryptionParameters(key: ValueBoxEncryptionParameters.Key(data: deviceSpecificEncryptionParameters.key)!, salt: ValueBoxEncryptionParameters.Salt(data: deviceSpecificEncryptionParameters.salt)!) + + account = currentAccount(allocateIfNotExists: false, networkArguments: NetworkInitializationArguments(apiId: apiId, languagesCategory: languagesCategory, appVersion: appVersion, voipMaxLayer: 0, appData: BuildConfig.shared().bundleData), supplementary: true, manager: accountManager, rootPath: rootPath, auxiliaryMethods: auxiliaryMethods, encryptionParameters: encryptionParameters) |> mapToSignal { account -> Signal in if let account = account { switch account { diff --git a/submodules/Postbox b/submodules/Postbox index 7b23d6af52..8fe2ef0d7f 160000 --- a/submodules/Postbox +++ b/submodules/Postbox @@ -1 +1 @@ -Subproject commit 7b23d6af526e07392d1271eeb3a558cdac6fea88 +Subproject commit 8fe2ef0d7f6a49cb222798441c32a4d71181247d diff --git a/submodules/TelegramCore b/submodules/TelegramCore index 414fc5cd9f..9dd20cf011 160000 --- a/submodules/TelegramCore +++ b/submodules/TelegramCore @@ -1 +1 @@ -Subproject commit 414fc5cd9f8ae41a95af4dc72f205052313e76fd +Subproject commit 9dd20cf011c8b13b0ad451c4446e0489199d6425 diff --git a/submodules/TelegramUI b/submodules/TelegramUI index 11eaf77f43..7e5173cf32 160000 --- a/submodules/TelegramUI +++ b/submodules/TelegramUI @@ -1 +1 @@ -Subproject commit 11eaf77f43214a2dc716b17c91147e87ec8c941f +Subproject commit 7e5173cf3265468651453299e23f1d61e75a2e0b