ThePain/Swiftgram
1
0
Fork 0
mirror of https://github.com/Swiftgram/Telegram-iOS.git synced 2025-12-16 03:09:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

no message

Browse Source
This commit is contained in:
Peter Iakovlev 2018-03-30 00:09:24 +04:00
parent 9fa93177cf
commit efc5ff8e98
12 changed files with 72 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
TelegramCore/AccessSecureId.swift
View File

@ -62,7 +62,7 @@ func verifySecureSecret(_ data: Data) -> Bool {
return true
}
func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Data, hash: Int64) -> Data? {
func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Data, id: Int64) -> Data? {
guard let passwordData = password.data(using: .utf8) else {
return nil
}
@ -97,23 +97,23 @@ func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Da
}
let secretHashData = sha256Digest(decryptedSecret)
var secretHash: Int64 = 0
var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8)
memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
}
if secretHash != hash {
if secretId != id {
return nil
}
return decryptedSecret
}
func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data) -> (data: Data, salt: Data, hash: Int64)? {
func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data) -> (data: Data, salt: Data, id: Int64)? {
let secretHashData = sha256Digest(secretData)
var secretHash: Int64 = 0
var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8)
memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
}
guard let passwordData = password.data(using: .utf8) else {
@ -156,11 +156,11 @@ func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data)
return nil
}
if decryptedSecureSecret(encryptedSecretData: encryptedSecret, password: password, salt: secretSalt, hash: secretHash) != secretData {
if decryptedSecureSecret(encryptedSecretData: encryptedSecret, password: password, salt: secretSalt, id: secretId) != secretData {
return nil
}
return (encryptedSecret, secretSalt, secretHash)
return (encryptedSecret, secretSalt, secretId)
}
func generateSecureSecretData() -> Data? {
@ -217,7 +217,7 @@ private func generateSecureSecret(network: Network, password: String) -> Signal<
public struct SecureIdAccessContext {
let secret: Data
let hash: Int64
let id: Int64
}
public enum SecureIdAccessError {
@ -233,8 +233,8 @@ public func accessSecureId(network: Network, password: String) -> Signal<SecureI
}
|> mapToSignal { settings -> Signal<SecureIdAccessContext, SecureIdAccessError> in
if let secureSecret = settings.secureSecret {
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: secureSecret.data, password: password, salt: secureSecret.salt, hash: secureSecret.hash) {
return .single(SecureIdAccessContext(secret: decryptedSecret, hash: secureSecret.hash))
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: secureSecret.data, password: password, salt: secureSecret.salt, id: secureSecret.id) {
return .single(SecureIdAccessContext(secret: decryptedSecret, id: secureSecret.id))
} else {
return .fail(.secretPasswordMismatch)
}
@ -245,11 +245,11 @@ public func accessSecureId(network: Network, password: String) -> Signal<SecureI
}
|> map { decryptedSecret in
let secretHashData = sha256Digest(decryptedSecret)
var secretHash: Int64 = 0
var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8)
memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
}
return SecureIdAccessContext(secret: decryptedSecret, hash: secretHash)
return SecureIdAccessContext(secret: decryptedSecret, id: secretId)
}
}
}

48
TelegramCore/Api.swift
View File

@ -92,7 +92,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[-292807034] = { return Api.InputChannel.parse_inputChannelEmpty($0) }
dict[-1343524562] = { return Api.InputChannel.parse_inputChannel($0) }
dict[98092748] = { return Api.DcOption.parse_dcOption($0) }
dict[1223432016] = { return Api.account.PasswordSettings.parse_passwordSettings($0) }
dict[2077869041] = { return Api.account.PasswordSettings.parse_passwordSettings($0) }
dict[292985073] = { return Api.LangPackLanguage.parse_langPackLanguage($0) }
dict[-1987579119] = { return Api.help.AppUpdate.parse_appUpdate($0) }
dict[-1000708810] = { return Api.help.AppUpdate.parse_noAppUpdate($0) }
@ -343,7 +343,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[747528674] = { return Api.SecureValueVerified.parse_secureValueVerified($0) }
dict[-543777747] = { return Api.auth.ExportedAuthorization.parse_exportedAuthorization($0) }
dict[-1269012015] = { return Api.messages.AffectedHistory.parse_affectedHistory($0) }
dict[-447502641] = { return Api.account.PasswordInputSettings.parse_passwordInputSettings($0) }
dict[570402317] = { return Api.account.PasswordInputSettings.parse_passwordInputSettings($0) }
dict[649453030] = { return Api.messages.MessageEditData.parse_messageEditData($0) }
dict[-886477832] = { return Api.LabeledPrice.parse_labeledPrice($0) }
dict[-438840932] = { return Api.messages.ChatFull.parse_chatFull($0) }
@ -491,7 +491,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[178373535] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsApplePay($0) }
dict[-905587442] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsAndroidPay($0) }
dict[-1239335713] = { return Api.ShippingOption.parse_shippingOption($0) }
dict[-822647097] = { return Api.InputSecureFile.parse_inputSecureFileUploaded($0) }
dict[859091184] = { return Api.InputSecureFile.parse_inputSecureFileUploaded($0) }
dict[1399317950] = { return Api.InputSecureFile.parse_inputSecureFile($0) }
dict[512535275] = { return Api.PostAddress.parse_postAddress($0) }
dict[2104790276] = { return Api.DataJSON.parse_dataJSON($0) }
@ -13376,21 +13376,20 @@ public struct Api {
}
public enum InputSecureFile {
case inputSecureFileUploaded(id: Int64, parts: Int32, md5Checksum: String, fileHash: Buffer, secret: Buffer, secureSecretHash: Int64)
case inputSecureFileUploaded(id: Int64, parts: Int32, md5Checksum: String, fileHash: Buffer, secret: Buffer)
case inputSecureFile(id: Int64, accessHash: Int64)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self {
case .inputSecureFileUploaded(let id, let parts, let md5Checksum, let fileHash, let secret, let secureSecretHash):
case .inputSecureFileUploaded(let id, let parts, let md5Checksum, let fileHash, let secret):
if boxed {
buffer.appendInt32(-822647097)
buffer.appendInt32(859091184)
}
serializeInt64(id, buffer: buffer, boxed: false)
serializeInt32(parts, buffer: buffer, boxed: false)
serializeString(md5Checksum, buffer: buffer, boxed: false)
serializeBytes(fileHash, buffer: buffer, boxed: false)
serializeBytes(secret, buffer: buffer, boxed: false)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false)
break
case .inputSecureFile(let id, let accessHash):
if boxed {
@ -13412,16 +13411,13 @@ public struct Api {
_4 = parseBytes(reader)
var _5: Buffer?
_5 = parseBytes(reader)
var _6: Int64?
_6 = reader.readInt64()
let _c1 = _1 != nil
let _c2 = _2 != nil
let _c3 = _3 != nil
let _c4 = _4 != nil
let _c5 = _5 != nil
let _c6 = _6 != nil
if _c1 && _c2 && _c3 && _c4 && _c5 && _c6 {
return Api.InputSecureFile.inputSecureFileUploaded(id: _1!, parts: _2!, md5Checksum: _3!, fileHash: _4!, secret: _5!, secureSecretHash: _6!)
if _c1 && _c2 && _c3 && _c4 && _c5 {
return Api.InputSecureFile.inputSecureFileUploaded(id: _1!, parts: _2!, md5Checksum: _3!, fileHash: _4!, secret: _5!)
}
else {
return nil
@ -18935,18 +18931,18 @@ public struct Api {
}
public enum PasswordSettings {
case passwordSettings(email: String, secureSalt: Buffer, secureSecret: Buffer, secureSecretHash: Int64)
case passwordSettings(email: String, secureSalt: Buffer, secureSecret: Buffer, secureSecretId: Int64)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self {
case .passwordSettings(let email, let secureSalt, let secureSecret, let secureSecretHash):
case .passwordSettings(let email, let secureSalt, let secureSecret, let secureSecretId):
if boxed {
buffer.appendInt32(1223432016)
buffer.appendInt32(2077869041)
}
serializeString(email, buffer: buffer, boxed: false)
serializeBytes(secureSalt, buffer: buffer, boxed: false)
serializeBytes(secureSecret, buffer: buffer, boxed: false)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false)
serializeInt64(secureSecretId, buffer: buffer, boxed: false)
break
}
}
@ -18964,7 +18960,7 @@ public struct Api {
let _c3 = _3 != nil
let _c4 = _4 != nil
if _c1 && _c2 && _c3 && _c4 {
return Api.account.PasswordSettings.passwordSettings(email: _1!, secureSalt: _2!, secureSecret: _3!, secureSecretHash: _4!)
return Api.account.PasswordSettings.passwordSettings(email: _1!, secureSalt: _2!, secureSecret: _3!, secureSecretId: _4!)
}
else {
return nil
@ -18975,13 +18971,13 @@ public struct Api {
}
public enum PasswordInputSettings {
case passwordInputSettings(flags: Int32, newSalt: Buffer?, newPasswordHash: Buffer?, hint: String?, email: String?, newSecureSalt: Buffer?, newSecureSecret: Buffer?, newSecureSecretHash: Int64?)
case passwordInputSettings(flags: Int32, newSalt: Buffer?, newPasswordHash: Buffer?, hint: String?, email: String?, newSecureSalt: Buffer?, newSecureSecret: Buffer?, newSecureSecretId: Int64?)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self {
case .passwordInputSettings(let flags, let newSalt, let newPasswordHash, let hint, let email, let newSecureSalt, let newSecureSecret, let newSecureSecretHash):
case .passwordInputSettings(let flags, let newSalt, let newPasswordHash, let hint, let email, let newSecureSalt, let newSecureSecret, let newSecureSecretId):
if boxed {
buffer.appendInt32(-447502641)
buffer.appendInt32(570402317)
}
serializeInt32(flags, buffer: buffer, boxed: false)
if Int(flags) & Int(1 << 0) != 0 {serializeBytes(newSalt!, buffer: buffer, boxed: false)}
@ -18990,7 +18986,7 @@ public struct Api {
if Int(flags) & Int(1 << 1) != 0 {serializeString(email!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSalt!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSecret!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeInt64(newSecureSecretHash!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeInt64(newSecureSecretId!, buffer: buffer, boxed: false)}
break
}
}
@ -19020,7 +19016,7 @@ public struct Api {
let _c7 = (Int(_1!) & Int(1 << 2) == 0) || _7 != nil
let _c8 = (Int(_1!) & Int(1 << 2) == 0) || _8 != nil
if _c1 && _c2 && _c3 && _c4 && _c5 && _c6 && _c7 && _c8 {
return Api.account.PasswordInputSettings.passwordInputSettings(flags: _1!, newSalt: _2, newPasswordHash: _3, hint: _4, email: _5, newSecureSalt: _6, newSecureSecret: _7, newSecureSecretHash: _8)
return Api.account.PasswordInputSettings.passwordInputSettings(flags: _1!, newSalt: _2, newPasswordHash: _3, hint: _4, email: _5, newSecureSalt: _6, newSecureSecret: _7, newSecureSecretId: _8)
}
else {
return nil
@ -23132,12 +23128,12 @@ public struct Api {
})
}
public static func saveSecureValue(value: Api.InputSecureValue, secureSecretHash: Int64) -> (CustomStringConvertible, Buffer, (Buffer) -> Api.SecureValueSaved?) {
public static func saveSecureValue(value: Api.InputSecureValue, secureSecretId: Int64) -> (CustomStringConvertible, Buffer, (Buffer) -> Api.SecureValueSaved?) {
let buffer = Buffer()
buffer.appendInt32(-2077861467)
buffer.appendInt32(2023136523)
value.serialize(buffer, true)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false)
return (FunctionDescription({return "(account.saveSecureValue value: \(value), secureSecretHash: \(secureSecretHash))"}), buffer, { (buffer: Buffer) -> Api.SecureValueSaved? in
serializeInt64(secureSecretId, buffer: buffer, boxed: false)
return (FunctionDescription({return "(account.saveSecureValue value: \(value), secureSecretId: \(secureSecretId))"}), buffer, { (buffer: Buffer) -> Api.SecureValueSaved? in
let reader = BufferReader(buffer)
var result: Api.SecureValueSaved?
if let signature = reader.readInt32() {

4
TelegramCore/RequestSecureIdForm.swift
View File

@ -81,7 +81,7 @@ func parseSecureValue(context: SecureIdAccessContext, value: Api.SecureValue) ->
if sha256Digest(phoneData) != hash.makeData() {
return nil
}
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .phone(SecureIdPhoneValue(phone: phone)), context: SecureIdValueAccessContext(secret: Data(), hash: 0), encryptedMetadata: nil), hash: hash.makeData())
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .phone(SecureIdPhoneValue(phone: phone)), context: SecureIdValueAccessContext(secret: Data(), id: 0), encryptedMetadata: nil), hash: hash.makeData())
case let .secureValueEmail(_, email, hash, verified):
guard let emailData = email.data(using: .utf8) else {
return nil
@ -89,7 +89,7 @@ func parseSecureValue(context: SecureIdAccessContext, value: Api.SecureValue) ->
if sha256Digest(emailData) != hash.makeData() {
return nil
}
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .email(SecureIdEmailValue(email: email)), context: SecureIdValueAccessContext(secret: Data(), hash: 0), encryptedMetadata: nil), hash: hash.makeData())
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .email(SecureIdEmailValue(email: email)), context: SecureIdValueAccessContext(secret: Data(), id: 0), encryptedMetadata: nil), hash: hash.makeData())
}
}

12
TelegramCore/SaveSecureIdValue.swift
View File

@ -103,12 +103,12 @@ func decryptedSecureValueAccessContext(context: SecureIdAccessContext, encrypted
}
let valueSecretHash = sha512Digest(valueSecret)
var valueSecretHashValue: Int64 = 0
var valueSecretIdValue: Int64 = 0
valueSecretHash.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&valueSecretHashValue, bytes.advanced(by: valueSecretHash.count - 8), 8)
memcpy(&valueSecretIdValue, bytes.advanced(by: valueSecretHash.count - 8), 8)
}
return SecureIdValueAccessContext(secret: valueSecret, hash: valueSecretHashValue)
return SecureIdValueAccessContext(secret: valueSecret, id: valueSecretIdValue)
}
func decryptedSecureValueData(context: SecureIdValueAccessContext, encryptedData: Data, decryptedDataHash: Data) -> Data? {
@ -162,7 +162,7 @@ private func makeInputSecureValue(context: SecureIdAccessContext, valueContext:
case let .remote(file):
return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash)
case let .uploaded(file):
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret), secureSecretHash: context.hash)
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret))
}
}
@ -194,7 +194,7 @@ private func makeInputSecureValue(context: SecureIdAccessContext, valueContext:
case let .remote(file):
return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash)
case let .uploaded(file):
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret), secureSecretHash: context.hash)
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret))
}
}
@ -231,7 +231,7 @@ public func saveSecureIdValue(network: Network, context: SecureIdAccessContext,
guard let (inputValue, inputHash) = makeInputSecureValue(context: context, valueContext: valueContext, value: value) else {
return .fail(.generic)
}
return network.request(Api.functions.account.saveSecureValue(value: inputValue, secureSecretHash: context.hash))
return network.request(Api.functions.account.saveSecureValue(value: inputValue, secureSecretId: context.id))
|> mapError { error -> SaveSecureIdValueError in
if error.errorDescription == "PHONE_VERIFICATION_NEEDED" || error.errorDescription == "EMAIL_VERIFICATION_NEEDED" {
return .verificationRequired

6
TelegramCore/SecureIdAddressValue.swift
View File

@ -103,10 +103,10 @@ extension SecureIdAddressValue {
guard let region = dict["region"] as? String else {
return nil
}
guard let countryCode = dict["country_code"] as? String else {
guard let countryCode = dict["country_iso2"] as? String else {
return nil
}
guard let postcode = dict["postcode"] as? String else {
guard let postcode = dict["post_code"] as? String else {
return nil
}
@ -124,7 +124,7 @@ extension SecureIdAddressValue {
}
dict["city"] = self.city
dict["region"] = self.region
dict["country_code"] = self.countryCode
dict["country_iso2"] = self.countryCode
dict["postcode"] = self.postcode
guard let data = try? JSONSerialization.data(withJSONObject: dict, options: []) else {

4
TelegramCore/SecureIdIdentityDriversLicenseValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityDriversLicenseValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil
}
guard let countryCode = dict["country_code"] as? String else {
guard let countryCode = dict["country_iso2"] as? String else {
return nil
}
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityDriversLicenseValue {
dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode
dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityIDCardValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityIDCardValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil
}
guard let countryCode = dict["country_code"] as? String else {
guard let countryCode = dict["country_iso2"] as? String else {
return nil
}
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityIDCardValue {
dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode
dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityInternationalPassportValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityInternationalPassportValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil
}
guard let countryCode = dict["country_code"] as? String else {
guard let countryCode = dict["country_iso2"] as? String else {
return nil
}
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityInternationalPassportValue {
dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode
dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityPassportValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityPassportValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil
}
guard let countryCode = dict["country_code"] as? String else {
guard let countryCode = dict["country_iso2"] as? String else {
return nil
}
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityPassportValue {
dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode
dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize()

8
TelegramCore/SecureIdValueAccessContext.swift
View File

@ -2,13 +2,13 @@ import Foundation
public struct SecureIdValueAccessContext: Equatable {
let secret: Data
let hash: Int64
let id: Int64
public static func ==(lhs: SecureIdValueAccessContext, rhs: SecureIdValueAccessContext) -> Bool {
if lhs.secret != rhs.secret {
return false
}
if lhs.hash != rhs.hash {
if lhs.id != rhs.id {
return false
}
return true
@ -16,7 +16,7 @@ public struct SecureIdValueAccessContext: Equatable {
}
public func generateSecureIdValueEmptyAccessContext() -> SecureIdValueAccessContext? {
return SecureIdValueAccessContext(secret: Data(), hash: 0)
return SecureIdValueAccessContext(secret: Data(), id: 0)
}
public func generateSecureIdValueAccessContext() -> SecureIdValueAccessContext? {
@ -28,5 +28,5 @@ public func generateSecureIdValueAccessContext() -> SecureIdValueAccessContext?
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8)
}
return SecureIdValueAccessContext(secret: secret, hash: secretHash)
return SecureIdValueAccessContext(secret: secret, id: secretHash)
}

22
TelegramCore/TwoStepVerification.swift
View File

@ -30,7 +30,7 @@ public func twoStepVerificationConfiguration(account: Account) -> Signal<TwoStep
public struct TwoStepVerificationSecureSecret {
public let data: Data
public let salt: Data
public let hash: Int64
public let id: Int64
}
public struct TwoStepVerificationSettings {
@ -62,13 +62,13 @@ public func requestTwoStepVerifiationSettings(network: Network, password: String
}
|> mapToSignal { result -> Signal<TwoStepVerificationSettings, AuthorizationPasswordVerificationError> in
switch result {
case let .passwordSettings(email, secureSalt, secureSecret, secureSecretHash):
case let .passwordSettings(email, secureSalt, secureSecret, secureSecretId):
var parsedSecureSecret: TwoStepVerificationSecureSecret?
if secureSalt.size != 0 && secureSecret.size != 0 {
if secureSecret.size != 32 {
return .fail(.generic)
}
parsedSecureSecret = TwoStepVerificationSecureSecret(data: secureSecret.makeData(), salt: secureSalt.makeData(), hash: secureSecretHash)
parsedSecureSecret = TwoStepVerificationSecureSecret(data: secureSecret.makeData(), salt: secureSalt.makeData(), id: secureSecretId)
}
return .single(TwoStepVerificationSettings(email: email, secureSecret: parsedSecureSecret))
}
@ -130,7 +130,7 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
flags |= (1 << 0)
}
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: Buffer(data: Data()), newPasswordHash: Buffer(data: Data()), hint: "", email: "", newSecureSalt: nil, newSecureSecret: nil, newSecureSecretHash: nil)), automaticFloodWait: false)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: Buffer(data: Data()), newPasswordHash: Buffer(data: Data()), hint: "", email: "", newSecureSalt: nil, newSecureSecret: nil, newSecureSecretId: nil)), automaticFloodWait: false)
|> mapError { _ -> UpdateTwoStepVerificationPasswordError in
return .generic
}
@ -159,9 +159,9 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
var updatedSecureSecret: TwoStepVerificationSecureSecret?
if let encryptedSecret = secureSecret {
flags |= 1 << 2
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: encryptedSecret.data, password: currentPassword ?? "", salt: encryptedSecret.salt, hash: encryptedSecret.hash) {
if let (data, salt, hash) = encryptedSecureSecret(secretData: decryptedSecret, password: password, inputSalt: authData.nextSecureSalt) {
updatedSecureSecret = TwoStepVerificationSecureSecret(data: data, salt: salt, hash: hash)
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: encryptedSecret.data, password: currentPassword ?? "", salt: encryptedSecret.salt, id: encryptedSecret.id) {
if let (data, salt, id) = encryptedSecureSecret(secretData: decryptedSecret, password: password, inputSalt: authData.nextSecureSalt) {
updatedSecureSecret = TwoStepVerificationSecureSecret(data: data, salt: salt, id: id)
} else {
return .fail(.generic)
}
@ -171,7 +171,7 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
}
let updatedPasswordHash = sha256Digest(updatedData)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: Buffer(data: nextSalt), newPasswordHash: Buffer(data: updatedPasswordHash), hint: hint, email: email, newSecureSalt: (updatedSecureSecret?.salt).flatMap(Buffer.init), newSecureSecret: (updatedSecureSecret?.data).flatMap(Buffer.init), newSecureSecretHash: updatedSecureSecret?.hash)), automaticFloodWait: false)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: Buffer(data: nextSalt), newPasswordHash: Buffer(data: updatedPasswordHash), hint: hint, email: email, newSecureSalt: (updatedSecureSecret?.salt).flatMap(Buffer.init), newSecureSecret: (updatedSecureSecret?.data).flatMap(Buffer.init), newSecureSecretId: updatedSecureSecret?.id)), automaticFloodWait: false)
|> map { _ -> UpdateTwoStepVerificationPasswordResult in
return .password(password: password, pendingEmailPattern: nil)
}
@ -224,12 +224,12 @@ func updateTwoStepVerificationSecureSecret(network: Network, password: String, s
data.append(currentSalt)
let currentPasswordHash = Buffer(data: sha256Digest(data))
guard let (encryptedSecret, secretSalt, secretHash) = encryptedSecureSecret(secretData: secret, password: password, inputSalt: authData.nextSecureSalt) else {
guard let (encryptedSecret, secretSalt, secretId) = encryptedSecureSecret(secretData: secret, password: password, inputSalt: authData.nextSecureSalt) else {
return .fail(.generic)
}
let flags: Int32 = (1 << 2)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: nil, newSecureSalt: Buffer(data: secretSalt), newSecureSecret: Buffer(data: encryptedSecret), newSecureSecretHash: secretHash)), automaticFloodWait: false)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: nil, newSecureSalt: Buffer(data: secretSalt), newSecureSecret: Buffer(data: encryptedSecret), newSecureSecretId: secretId)), automaticFloodWait: false)
|> mapError { _ -> UpdateTwoStepVerificationSecureSecretError in
return .generic
}
@ -257,7 +257,7 @@ public func updateTwoStepVerificationEmail(account: Account, currentPassword: St
}
let flags: Int32 = 1 << 1
return account.network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: updatedEmail, newSecureSalt: nil, newSecureSecret: nil, newSecureSecretHash: nil)), automaticFloodWait: false)
return account.network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: updatedEmail, newSecureSalt: nil, newSecureSecret: nil, newSecureSecretId: nil)), automaticFloodWait: false)
|> map { _ -> UpdateTwoStepVerificationPasswordResult in
return .password(password: currentPassword, pendingEmailPattern: nil)
}

6
TelegramCore/UploadSecureIdFile.swift
View File

@ -15,7 +15,6 @@ public struct UploadedSecureIdFile: Equatable {
let md5Checksum: String
let fileHash: Data
let encryptedSecret: Data
let masterSecretHash: Int64
public static func ==(lhs: UploadedSecureIdFile, rhs: UploadedSecureIdFile) -> Bool {
if lhs.id != rhs.id {
@ -33,9 +32,6 @@ public struct UploadedSecureIdFile: Equatable {
if lhs.encryptedSecret != rhs.encryptedSecret {
return false
}
if lhs.masterSecretHash != rhs.masterSecretHash {
return false
}
return true
}
}
@ -144,7 +140,7 @@ public func uploadSecureIdFile(context: SecureIdAccessContext, postbox: Postbox,
return .single(.progress(value))
case let .inputFile(file):
if case let .inputFile(id, parts, _, md5Checksum) = file {
return .single(.result(UploadedSecureIdFile(id: id, parts: parts, md5Checksum: md5Checksum, fileHash: encryptedData.hash, encryptedSecret: encryptedData.encryptedSecret, masterSecretHash: context.hash)))
return .single(.result(UploadedSecureIdFile(id: id, parts: parts, md5Checksum: md5Checksum, fileHash: encryptedData.hash, encryptedSecret: encryptedData.encryptedSecret)))
} else {
return .fail(.generic)
}