ThePain/Swiftgram
1
0
Fork 0
mirror of https://github.com/Swiftgram/Telegram-iOS.git synced 2025-12-17 03:40:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

no message

Browse Source
This commit is contained in:
Peter Iakovlev 2018-03-30 00:09:24 +04:00
parent 9fa93177cf
commit efc5ff8e98
12 changed files with 72 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
TelegramCore/AccessSecureId.swift
View File

@ -62,7 +62,7 @@ func verifySecureSecret(_ data: Data) -> Bool {
return true return true
} }
func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Data, hash: Int64) -> Data? { func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Data, id: Int64) -> Data? {
guard let passwordData = password.data(using: .utf8) else { guard let passwordData = password.data(using: .utf8) else {
return nil return nil
} }
@ -97,23 +97,23 @@ func decryptedSecureSecret(encryptedSecretData: Data, password: String, salt: Da
} }
let secretHashData = sha256Digest(decryptedSecret) let secretHashData = sha256Digest(decryptedSecret)
var secretHash: Int64 = 0 var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8) memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
} }
if secretHash != hash { if secretId != id {
return nil return nil
} }
return decryptedSecret return decryptedSecret
} }
func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data) -> (data: Data, salt: Data, hash: Int64)? { func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data) -> (data: Data, salt: Data, id: Int64)? {
let secretHashData = sha256Digest(secretData) let secretHashData = sha256Digest(secretData)
var secretHash: Int64 = 0 var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8) memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
} }
guard let passwordData = password.data(using: .utf8) else { guard let passwordData = password.data(using: .utf8) else {
@ -156,11 +156,11 @@ func encryptedSecureSecret(secretData: Data, password: String, inputSalt: Data)
return nil return nil
} }
if decryptedSecureSecret(encryptedSecretData: encryptedSecret, password: password, salt: secretSalt, hash: secretHash) != secretData { if decryptedSecureSecret(encryptedSecretData: encryptedSecret, password: password, salt: secretSalt, id: secretId) != secretData {
return nil return nil
} }
return (encryptedSecret, secretSalt, secretHash) return (encryptedSecret, secretSalt, secretId)
} }
func generateSecureSecretData() -> Data? { func generateSecureSecretData() -> Data? {
@ -217,7 +217,7 @@ private func generateSecureSecret(network: Network, password: String) -> Signal<
public struct SecureIdAccessContext { public struct SecureIdAccessContext {
let secret: Data let secret: Data
let hash: Int64 let id: Int64
} }
public enum SecureIdAccessError { public enum SecureIdAccessError {
@ -233,8 +233,8 @@ public func accessSecureId(network: Network, password: String) -> Signal<SecureI
} }
|> mapToSignal { settings -> Signal<SecureIdAccessContext, SecureIdAccessError> in |> mapToSignal { settings -> Signal<SecureIdAccessContext, SecureIdAccessError> in
if let secureSecret = settings.secureSecret { if let secureSecret = settings.secureSecret {
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: secureSecret.data, password: password, salt: secureSecret.salt, hash: secureSecret.hash) { if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: secureSecret.data, password: password, salt: secureSecret.salt, id: secureSecret.id) {
return .single(SecureIdAccessContext(secret: decryptedSecret, hash: secureSecret.hash)) return .single(SecureIdAccessContext(secret: decryptedSecret, id: secureSecret.id))
} else { } else {
return .fail(.secretPasswordMismatch) return .fail(.secretPasswordMismatch)
} }
@ -245,11 +245,11 @@ public func accessSecureId(network: Network, password: String) -> Signal<SecureI
} }
|> map { decryptedSecret in |> map { decryptedSecret in
let secretHashData = sha256Digest(decryptedSecret) let secretHashData = sha256Digest(decryptedSecret)
var secretHash: Int64 = 0 var secretId: Int64 = 0
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8) memcpy(&secretId, bytes.advanced(by: secretHashData.count - 8), 8)
} }
return SecureIdAccessContext(secret: decryptedSecret, hash: secretHash) return SecureIdAccessContext(secret: decryptedSecret, id: secretId)
} }
} }
} }

48
TelegramCore/Api.swift
View File

@ -92,7 +92,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[-292807034] = { return Api.InputChannel.parse_inputChannelEmpty($0) } dict[-292807034] = { return Api.InputChannel.parse_inputChannelEmpty($0) }
dict[-1343524562] = { return Api.InputChannel.parse_inputChannel($0) } dict[-1343524562] = { return Api.InputChannel.parse_inputChannel($0) }
dict[98092748] = { return Api.DcOption.parse_dcOption($0) } dict[98092748] = { return Api.DcOption.parse_dcOption($0) }
dict[1223432016] = { return Api.account.PasswordSettings.parse_passwordSettings($0) } dict[2077869041] = { return Api.account.PasswordSettings.parse_passwordSettings($0) }
dict[292985073] = { return Api.LangPackLanguage.parse_langPackLanguage($0) } dict[292985073] = { return Api.LangPackLanguage.parse_langPackLanguage($0) }
dict[-1987579119] = { return Api.help.AppUpdate.parse_appUpdate($0) } dict[-1987579119] = { return Api.help.AppUpdate.parse_appUpdate($0) }
dict[-1000708810] = { return Api.help.AppUpdate.parse_noAppUpdate($0) } dict[-1000708810] = { return Api.help.AppUpdate.parse_noAppUpdate($0) }
@ -343,7 +343,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[747528674] = { return Api.SecureValueVerified.parse_secureValueVerified($0) } dict[747528674] = { return Api.SecureValueVerified.parse_secureValueVerified($0) }
dict[-543777747] = { return Api.auth.ExportedAuthorization.parse_exportedAuthorization($0) } dict[-543777747] = { return Api.auth.ExportedAuthorization.parse_exportedAuthorization($0) }
dict[-1269012015] = { return Api.messages.AffectedHistory.parse_affectedHistory($0) } dict[-1269012015] = { return Api.messages.AffectedHistory.parse_affectedHistory($0) }
dict[-447502641] = { return Api.account.PasswordInputSettings.parse_passwordInputSettings($0) } dict[570402317] = { return Api.account.PasswordInputSettings.parse_passwordInputSettings($0) }
dict[649453030] = { return Api.messages.MessageEditData.parse_messageEditData($0) } dict[649453030] = { return Api.messages.MessageEditData.parse_messageEditData($0) }
dict[-886477832] = { return Api.LabeledPrice.parse_labeledPrice($0) } dict[-886477832] = { return Api.LabeledPrice.parse_labeledPrice($0) }
dict[-438840932] = { return Api.messages.ChatFull.parse_chatFull($0) } dict[-438840932] = { return Api.messages.ChatFull.parse_chatFull($0) }
@ -491,7 +491,7 @@ fileprivate let parsers: [Int32 : (BufferReader) -> Any?] = {
dict[178373535] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsApplePay($0) } dict[178373535] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsApplePay($0) }
dict[-905587442] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsAndroidPay($0) } dict[-905587442] = { return Api.InputPaymentCredentials.parse_inputPaymentCredentialsAndroidPay($0) }
dict[-1239335713] = { return Api.ShippingOption.parse_shippingOption($0) } dict[-1239335713] = { return Api.ShippingOption.parse_shippingOption($0) }
dict[-822647097] = { return Api.InputSecureFile.parse_inputSecureFileUploaded($0) } dict[859091184] = { return Api.InputSecureFile.parse_inputSecureFileUploaded($0) }
dict[1399317950] = { return Api.InputSecureFile.parse_inputSecureFile($0) } dict[1399317950] = { return Api.InputSecureFile.parse_inputSecureFile($0) }
dict[512535275] = { return Api.PostAddress.parse_postAddress($0) } dict[512535275] = { return Api.PostAddress.parse_postAddress($0) }
dict[2104790276] = { return Api.DataJSON.parse_dataJSON($0) } dict[2104790276] = { return Api.DataJSON.parse_dataJSON($0) }
@ -13376,21 +13376,20 @@ public struct Api {
} }
public enum InputSecureFile { public enum InputSecureFile {
case inputSecureFileUploaded(id: Int64, parts: Int32, md5Checksum: String, fileHash: Buffer, secret: Buffer, secureSecretHash: Int64) case inputSecureFileUploaded(id: Int64, parts: Int32, md5Checksum: String, fileHash: Buffer, secret: Buffer)
case inputSecureFile(id: Int64, accessHash: Int64) case inputSecureFile(id: Int64, accessHash: Int64)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) { public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self { switch self {
case .inputSecureFileUploaded(let id, let parts, let md5Checksum, let fileHash, let secret, let secureSecretHash): case .inputSecureFileUploaded(let id, let parts, let md5Checksum, let fileHash, let secret):
if boxed { if boxed {
buffer.appendInt32(-822647097) buffer.appendInt32(859091184)
} }
serializeInt64(id, buffer: buffer, boxed: false) serializeInt64(id, buffer: buffer, boxed: false)
serializeInt32(parts, buffer: buffer, boxed: false) serializeInt32(parts, buffer: buffer, boxed: false)
serializeString(md5Checksum, buffer: buffer, boxed: false) serializeString(md5Checksum, buffer: buffer, boxed: false)
serializeBytes(fileHash, buffer: buffer, boxed: false) serializeBytes(fileHash, buffer: buffer, boxed: false)
serializeBytes(secret, buffer: buffer, boxed: false) serializeBytes(secret, buffer: buffer, boxed: false)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false)
break break
case .inputSecureFile(let id, let accessHash): case .inputSecureFile(let id, let accessHash):
if boxed { if boxed {
@ -13412,16 +13411,13 @@ public struct Api {
_4 = parseBytes(reader) _4 = parseBytes(reader)
var _5: Buffer? var _5: Buffer?
_5 = parseBytes(reader) _5 = parseBytes(reader)
var _6: Int64?
_6 = reader.readInt64()
let _c1 = _1 != nil let _c1 = _1 != nil
let _c2 = _2 != nil let _c2 = _2 != nil
let _c3 = _3 != nil let _c3 = _3 != nil
let _c4 = _4 != nil let _c4 = _4 != nil
let _c5 = _5 != nil let _c5 = _5 != nil
let _c6 = _6 != nil if _c1 && _c2 && _c3 && _c4 && _c5 {
if _c1 && _c2 && _c3 && _c4 && _c5 && _c6 { return Api.InputSecureFile.inputSecureFileUploaded(id: _1!, parts: _2!, md5Checksum: _3!, fileHash: _4!, secret: _5!)
return Api.InputSecureFile.inputSecureFileUploaded(id: _1!, parts: _2!, md5Checksum: _3!, fileHash: _4!, secret: _5!, secureSecretHash: _6!)
} }
else { else {
return nil return nil
@ -18935,18 +18931,18 @@ public struct Api {
} }
public enum PasswordSettings { public enum PasswordSettings {
case passwordSettings(email: String, secureSalt: Buffer, secureSecret: Buffer, secureSecretHash: Int64) case passwordSettings(email: String, secureSalt: Buffer, secureSecret: Buffer, secureSecretId: Int64)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) { public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self { switch self {
case .passwordSettings(let email, let secureSalt, let secureSecret, let secureSecretHash): case .passwordSettings(let email, let secureSalt, let secureSecret, let secureSecretId):
if boxed { if boxed {
buffer.appendInt32(1223432016) buffer.appendInt32(2077869041)
} }
serializeString(email, buffer: buffer, boxed: false) serializeString(email, buffer: buffer, boxed: false)
serializeBytes(secureSalt, buffer: buffer, boxed: false) serializeBytes(secureSalt, buffer: buffer, boxed: false)
serializeBytes(secureSecret, buffer: buffer, boxed: false) serializeBytes(secureSecret, buffer: buffer, boxed: false)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false) serializeInt64(secureSecretId, buffer: buffer, boxed: false)
break break
} }
} }
@ -18964,7 +18960,7 @@ public struct Api {
let _c3 = _3 != nil let _c3 = _3 != nil
let _c4 = _4 != nil let _c4 = _4 != nil
if _c1 && _c2 && _c3 && _c4 { if _c1 && _c2 && _c3 && _c4 {
return Api.account.PasswordSettings.passwordSettings(email: _1!, secureSalt: _2!, secureSecret: _3!, secureSecretHash: _4!) return Api.account.PasswordSettings.passwordSettings(email: _1!, secureSalt: _2!, secureSecret: _3!, secureSecretId: _4!)
} }
else { else {
return nil return nil
@ -18975,13 +18971,13 @@ public struct Api {
} }
public enum PasswordInputSettings { public enum PasswordInputSettings {
case passwordInputSettings(flags: Int32, newSalt: Buffer?, newPasswordHash: Buffer?, hint: String?, email: String?, newSecureSalt: Buffer?, newSecureSecret: Buffer?, newSecureSecretHash: Int64?) case passwordInputSettings(flags: Int32, newSalt: Buffer?, newPasswordHash: Buffer?, hint: String?, email: String?, newSecureSalt: Buffer?, newSecureSecret: Buffer?, newSecureSecretId: Int64?)
public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) { public func serialize(_ buffer: Buffer, _ boxed: Swift.Bool) {
switch self { switch self {
case .passwordInputSettings(let flags, let newSalt, let newPasswordHash, let hint, let email, let newSecureSalt, let newSecureSecret, let newSecureSecretHash): case .passwordInputSettings(let flags, let newSalt, let newPasswordHash, let hint, let email, let newSecureSalt, let newSecureSecret, let newSecureSecretId):
if boxed { if boxed {
buffer.appendInt32(-447502641) buffer.appendInt32(570402317)
} }
serializeInt32(flags, buffer: buffer, boxed: false) serializeInt32(flags, buffer: buffer, boxed: false)
if Int(flags) & Int(1 << 0) != 0 {serializeBytes(newSalt!, buffer: buffer, boxed: false)} if Int(flags) & Int(1 << 0) != 0 {serializeBytes(newSalt!, buffer: buffer, boxed: false)}
@ -18990,7 +18986,7 @@ public struct Api {
if Int(flags) & Int(1 << 1) != 0 {serializeString(email!, buffer: buffer, boxed: false)} if Int(flags) & Int(1 << 1) != 0 {serializeString(email!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSalt!, buffer: buffer, boxed: false)} if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSalt!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSecret!, buffer: buffer, boxed: false)} if Int(flags) & Int(1 << 2) != 0 {serializeBytes(newSecureSecret!, buffer: buffer, boxed: false)}
if Int(flags) & Int(1 << 2) != 0 {serializeInt64(newSecureSecretHash!, buffer: buffer, boxed: false)} if Int(flags) & Int(1 << 2) != 0 {serializeInt64(newSecureSecretId!, buffer: buffer, boxed: false)}
break break
} }
} }
@ -19020,7 +19016,7 @@ public struct Api {
let _c7 = (Int(_1!) & Int(1 << 2) == 0) || _7 != nil let _c7 = (Int(_1!) & Int(1 << 2) == 0) || _7 != nil
let _c8 = (Int(_1!) & Int(1 << 2) == 0) || _8 != nil let _c8 = (Int(_1!) & Int(1 << 2) == 0) || _8 != nil
if _c1 && _c2 && _c3 && _c4 && _c5 && _c6 && _c7 && _c8 { if _c1 && _c2 && _c3 && _c4 && _c5 && _c6 && _c7 && _c8 {
return Api.account.PasswordInputSettings.passwordInputSettings(flags: _1!, newSalt: _2, newPasswordHash: _3, hint: _4, email: _5, newSecureSalt: _6, newSecureSecret: _7, newSecureSecretHash: _8) return Api.account.PasswordInputSettings.passwordInputSettings(flags: _1!, newSalt: _2, newPasswordHash: _3, hint: _4, email: _5, newSecureSalt: _6, newSecureSecret: _7, newSecureSecretId: _8)
} }
else { else {
return nil return nil
@ -23132,12 +23128,12 @@ public struct Api {
}) })
} }
public static func saveSecureValue(value: Api.InputSecureValue, secureSecretHash: Int64) -> (CustomStringConvertible, Buffer, (Buffer) -> Api.SecureValueSaved?) { public static func saveSecureValue(value: Api.InputSecureValue, secureSecretId: Int64) -> (CustomStringConvertible, Buffer, (Buffer) -> Api.SecureValueSaved?) {
let buffer = Buffer() let buffer = Buffer()
buffer.appendInt32(-2077861467) buffer.appendInt32(2023136523)
value.serialize(buffer, true) value.serialize(buffer, true)
serializeInt64(secureSecretHash, buffer: buffer, boxed: false) serializeInt64(secureSecretId, buffer: buffer, boxed: false)
return (FunctionDescription({return "(account.saveSecureValue value: \(value), secureSecretHash: \(secureSecretHash))"}), buffer, { (buffer: Buffer) -> Api.SecureValueSaved? in return (FunctionDescription({return "(account.saveSecureValue value: \(value), secureSecretId: \(secureSecretId))"}), buffer, { (buffer: Buffer) -> Api.SecureValueSaved? in
let reader = BufferReader(buffer) let reader = BufferReader(buffer)
var result: Api.SecureValueSaved? var result: Api.SecureValueSaved?
if let signature = reader.readInt32() { if let signature = reader.readInt32() {

4
TelegramCore/RequestSecureIdForm.swift
View File

@ -81,7 +81,7 @@ func parseSecureValue(context: SecureIdAccessContext, value: Api.SecureValue) ->
if sha256Digest(phoneData) != hash.makeData() { if sha256Digest(phoneData) != hash.makeData() {
return nil return nil
} }
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .phone(SecureIdPhoneValue(phone: phone)), context: SecureIdValueAccessContext(secret: Data(), hash: 0), encryptedMetadata: nil), hash: hash.makeData()) return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .phone(SecureIdPhoneValue(phone: phone)), context: SecureIdValueAccessContext(secret: Data(), id: 0), encryptedMetadata: nil), hash: hash.makeData())
case let .secureValueEmail(_, email, hash, verified): case let .secureValueEmail(_, email, hash, verified):
guard let emailData = email.data(using: .utf8) else { guard let emailData = email.data(using: .utf8) else {
return nil return nil
@ -89,7 +89,7 @@ func parseSecureValue(context: SecureIdAccessContext, value: Api.SecureValue) ->
if sha256Digest(emailData) != hash.makeData() { if sha256Digest(emailData) != hash.makeData() {
return nil return nil
} }
return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .email(SecureIdEmailValue(email: email)), context: SecureIdValueAccessContext(secret: Data(), hash: 0), encryptedMetadata: nil), hash: hash.makeData()) return ParsedSecureValue(valueWithContext: SecureIdValueWithContext(value: .email(SecureIdEmailValue(email: email)), context: SecureIdValueAccessContext(secret: Data(), id: 0), encryptedMetadata: nil), hash: hash.makeData())
} }
} }

12
TelegramCore/SaveSecureIdValue.swift
View File

@ -103,12 +103,12 @@ func decryptedSecureValueAccessContext(context: SecureIdAccessContext, encrypted
} }
let valueSecretHash = sha512Digest(valueSecret) let valueSecretHash = sha512Digest(valueSecret)
var valueSecretHashValue: Int64 = 0 var valueSecretIdValue: Int64 = 0
valueSecretHash.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in valueSecretHash.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&valueSecretHashValue, bytes.advanced(by: valueSecretHash.count - 8), 8) memcpy(&valueSecretIdValue, bytes.advanced(by: valueSecretHash.count - 8), 8)
} }
return SecureIdValueAccessContext(secret: valueSecret, hash: valueSecretHashValue) return SecureIdValueAccessContext(secret: valueSecret, id: valueSecretIdValue)
} }
func decryptedSecureValueData(context: SecureIdValueAccessContext, encryptedData: Data, decryptedDataHash: Data) -> Data? { func decryptedSecureValueData(context: SecureIdValueAccessContext, encryptedData: Data, decryptedDataHash: Data) -> Data? {
@ -162,7 +162,7 @@ private func makeInputSecureValue(context: SecureIdAccessContext, valueContext:
case let .remote(file): case let .remote(file):
return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash) return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash)
case let .uploaded(file): case let .uploaded(file):
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret), secureSecretHash: context.hash) return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret))
} }
} }
@ -194,7 +194,7 @@ private func makeInputSecureValue(context: SecureIdAccessContext, valueContext:
case let .remote(file): case let .remote(file):
return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash) return Api.InputSecureFile.inputSecureFile(id: file.id, accessHash: file.accessHash)
case let .uploaded(file): case let .uploaded(file):
return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret), secureSecretHash: context.hash) return Api.InputSecureFile.inputSecureFileUploaded(id: file.id, parts: file.parts, md5Checksum: file.md5Checksum, fileHash: Buffer(data: file.fileHash), secret: Buffer(data: file.encryptedSecret))
} }
} }
@ -231,7 +231,7 @@ public func saveSecureIdValue(network: Network, context: SecureIdAccessContext,
guard let (inputValue, inputHash) = makeInputSecureValue(context: context, valueContext: valueContext, value: value) else { guard let (inputValue, inputHash) = makeInputSecureValue(context: context, valueContext: valueContext, value: value) else {
return .fail(.generic) return .fail(.generic)
} }
return network.request(Api.functions.account.saveSecureValue(value: inputValue, secureSecretHash: context.hash)) return network.request(Api.functions.account.saveSecureValue(value: inputValue, secureSecretId: context.id))
|> mapError { error -> SaveSecureIdValueError in |> mapError { error -> SaveSecureIdValueError in
if error.errorDescription == "PHONE_VERIFICATION_NEEDED" || error.errorDescription == "EMAIL_VERIFICATION_NEEDED" { if error.errorDescription == "PHONE_VERIFICATION_NEEDED" || error.errorDescription == "EMAIL_VERIFICATION_NEEDED" {
return .verificationRequired return .verificationRequired

6
TelegramCore/SecureIdAddressValue.swift
View File

@ -103,10 +103,10 @@ extension SecureIdAddressValue {
guard let region = dict["region"] as? String else { guard let region = dict["region"] as? String else {
return nil return nil
} }
guard let countryCode = dict["country_code"] as? String else { guard let countryCode = dict["country_iso2"] as? String else {
return nil return nil
} }
guard let postcode = dict["postcode"] as? String else { guard let postcode = dict["post_code"] as? String else {
return nil return nil
} }
@ -124,7 +124,7 @@ extension SecureIdAddressValue {
} }
dict["city"] = self.city dict["city"] = self.city
dict["region"] = self.region dict["region"] = self.region
dict["country_code"] = self.countryCode dict["country_iso2"] = self.countryCode
dict["postcode"] = self.postcode dict["postcode"] = self.postcode
guard let data = try? JSONSerialization.data(withJSONObject: dict, options: []) else { guard let data = try? JSONSerialization.data(withJSONObject: dict, options: []) else {

4
TelegramCore/SecureIdIdentityDriversLicenseValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityDriversLicenseValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else { guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil return nil
} }
guard let countryCode = dict["country_code"] as? String else { guard let countryCode = dict["country_iso2"] as? String else {
return nil return nil
} }
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else { guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityDriversLicenseValue {
dict["last_name"] = self.lastName dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize() dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize() dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize() dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate { if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize() dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityIDCardValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityIDCardValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else { guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil return nil
} }
guard let countryCode = dict["country_code"] as? String else { guard let countryCode = dict["country_iso2"] as? String else {
return nil return nil
} }
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else { guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityIDCardValue {
dict["last_name"] = self.lastName dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize() dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize() dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize() dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate { if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize() dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityInternationalPassportValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityInternationalPassportValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else { guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil return nil
} }
guard let countryCode = dict["country_code"] as? String else { guard let countryCode = dict["country_iso2"] as? String else {
return nil return nil
} }
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else { guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityInternationalPassportValue {
dict["last_name"] = self.lastName dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize() dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize() dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize() dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate { if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize() dict["expiry_date"] = expiryDate.serialize()

4
TelegramCore/SecureIdIdentityPassportValue.swift
View File

@ -72,7 +72,7 @@ extension SecureIdIdentityPassportValue {
guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else { guard let gender = (dict["gender"] as? String).flatMap(SecureIdGender.init) else {
return nil return nil
} }
guard let countryCode = dict["country_code"] as? String else { guard let countryCode = dict["country_iso2"] as? String else {
return nil return nil
} }
guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else { guard let issueDate = (dict["issue_date"] as? String).flatMap(SecureIdDate.init) else {
@ -92,7 +92,7 @@ extension SecureIdIdentityPassportValue {
dict["last_name"] = self.lastName dict["last_name"] = self.lastName
dict["date_of_birth"] = self.birthdate.serialize() dict["date_of_birth"] = self.birthdate.serialize()
dict["gender"] = self.gender.serialize() dict["gender"] = self.gender.serialize()
dict["country_code"] = self.countryCode dict["country_iso2"] = self.countryCode
dict["issue_date"] = self.issueDate.serialize() dict["issue_date"] = self.issueDate.serialize()
if let expiryDate = self.expiryDate { if let expiryDate = self.expiryDate {
dict["expiry_date"] = expiryDate.serialize() dict["expiry_date"] = expiryDate.serialize()

8
TelegramCore/SecureIdValueAccessContext.swift
View File

@ -2,13 +2,13 @@ import Foundation
public struct SecureIdValueAccessContext: Equatable { public struct SecureIdValueAccessContext: Equatable {
let secret: Data let secret: Data
let hash: Int64 let id: Int64
public static func ==(lhs: SecureIdValueAccessContext, rhs: SecureIdValueAccessContext) -> Bool { public static func ==(lhs: SecureIdValueAccessContext, rhs: SecureIdValueAccessContext) -> Bool {
if lhs.secret != rhs.secret { if lhs.secret != rhs.secret {
return false return false
} }
if lhs.hash != rhs.hash { if lhs.id != rhs.id {
return false return false
} }
return true return true
@ -16,7 +16,7 @@ public struct SecureIdValueAccessContext: Equatable {
} }
public func generateSecureIdValueEmptyAccessContext() -> SecureIdValueAccessContext? { public func generateSecureIdValueEmptyAccessContext() -> SecureIdValueAccessContext? {
return SecureIdValueAccessContext(secret: Data(), hash: 0) return SecureIdValueAccessContext(secret: Data(), id: 0)
} }
public func generateSecureIdValueAccessContext() -> SecureIdValueAccessContext? { public func generateSecureIdValueAccessContext() -> SecureIdValueAccessContext? {
@ -28,5 +28,5 @@ public func generateSecureIdValueAccessContext() -> SecureIdValueAccessContext?
secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in secretHashData.withUnsafeBytes { (bytes: UnsafePointer<Int8>) -> Void in
memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8) memcpy(&secretHash, bytes.advanced(by: secretHashData.count - 8), 8)
} }
return SecureIdValueAccessContext(secret: secret, hash: secretHash) return SecureIdValueAccessContext(secret: secret, id: secretHash)
} }

22
TelegramCore/TwoStepVerification.swift
View File

@ -30,7 +30,7 @@ public func twoStepVerificationConfiguration(account: Account) -> Signal<TwoStep
public struct TwoStepVerificationSecureSecret { public struct TwoStepVerificationSecureSecret {
public let data: Data public let data: Data
public let salt: Data public let salt: Data
public let hash: Int64 public let id: Int64
} }
public struct TwoStepVerificationSettings { public struct TwoStepVerificationSettings {
@ -62,13 +62,13 @@ public func requestTwoStepVerifiationSettings(network: Network, password: String
} }
|> mapToSignal { result -> Signal<TwoStepVerificationSettings, AuthorizationPasswordVerificationError> in |> mapToSignal { result -> Signal<TwoStepVerificationSettings, AuthorizationPasswordVerificationError> in
switch result { switch result {
case let .passwordSettings(email, secureSalt, secureSecret, secureSecretHash): case let .passwordSettings(email, secureSalt, secureSecret, secureSecretId):
var parsedSecureSecret: TwoStepVerificationSecureSecret? var parsedSecureSecret: TwoStepVerificationSecureSecret?
if secureSalt.size != 0 && secureSecret.size != 0 { if secureSalt.size != 0 && secureSecret.size != 0 {
if secureSecret.size != 32 { if secureSecret.size != 32 {
return .fail(.generic) return .fail(.generic)
} }
parsedSecureSecret = TwoStepVerificationSecureSecret(data: secureSecret.makeData(), salt: secureSalt.makeData(), hash: secureSecretHash) parsedSecureSecret = TwoStepVerificationSecureSecret(data: secureSecret.makeData(), salt: secureSalt.makeData(), id: secureSecretId)
} }
return .single(TwoStepVerificationSettings(email: email, secureSecret: parsedSecureSecret)) return .single(TwoStepVerificationSettings(email: email, secureSecret: parsedSecureSecret))
} }
@ -130,7 +130,7 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
flags |= (1 << 0) flags |= (1 << 0)
} }
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: Buffer(data: Data()), newPasswordHash: Buffer(data: Data()), hint: "", email: "", newSecureSalt: nil, newSecureSecret: nil, newSecureSecretHash: nil)), automaticFloodWait: false) return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: Buffer(data: Data()), newPasswordHash: Buffer(data: Data()), hint: "", email: "", newSecureSalt: nil, newSecureSecret: nil, newSecureSecretId: nil)), automaticFloodWait: false)
|> mapError { _ -> UpdateTwoStepVerificationPasswordError in |> mapError { _ -> UpdateTwoStepVerificationPasswordError in
return .generic return .generic
} }
@ -159,9 +159,9 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
var updatedSecureSecret: TwoStepVerificationSecureSecret? var updatedSecureSecret: TwoStepVerificationSecureSecret?
if let encryptedSecret = secureSecret { if let encryptedSecret = secureSecret {
flags |= 1 << 2 flags |= 1 << 2
if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: encryptedSecret.data, password: currentPassword ?? "", salt: encryptedSecret.salt, hash: encryptedSecret.hash) { if let decryptedSecret = decryptedSecureSecret(encryptedSecretData: encryptedSecret.data, password: currentPassword ?? "", salt: encryptedSecret.salt, id: encryptedSecret.id) {
if let (data, salt, hash) = encryptedSecureSecret(secretData: decryptedSecret, password: password, inputSalt: authData.nextSecureSalt) { if let (data, salt, id) = encryptedSecureSecret(secretData: decryptedSecret, password: password, inputSalt: authData.nextSecureSalt) {
updatedSecureSecret = TwoStepVerificationSecureSecret(data: data, salt: salt, hash: hash) updatedSecureSecret = TwoStepVerificationSecureSecret(data: data, salt: salt, id: id)
} else { } else {
return .fail(.generic) return .fail(.generic)
} }
@ -171,7 +171,7 @@ public func updateTwoStepVerificationPassword(network: Network, currentPassword:
} }
let updatedPasswordHash = sha256Digest(updatedData) let updatedPasswordHash = sha256Digest(updatedData)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: Buffer(data: nextSalt), newPasswordHash: Buffer(data: updatedPasswordHash), hint: hint, email: email, newSecureSalt: (updatedSecureSecret?.salt).flatMap(Buffer.init), newSecureSecret: (updatedSecureSecret?.data).flatMap(Buffer.init), newSecureSecretHash: updatedSecureSecret?.hash)), automaticFloodWait: false) return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: Buffer(data: nextSalt), newPasswordHash: Buffer(data: updatedPasswordHash), hint: hint, email: email, newSecureSalt: (updatedSecureSecret?.salt).flatMap(Buffer.init), newSecureSecret: (updatedSecureSecret?.data).flatMap(Buffer.init), newSecureSecretId: updatedSecureSecret?.id)), automaticFloodWait: false)
|> map { _ -> UpdateTwoStepVerificationPasswordResult in |> map { _ -> UpdateTwoStepVerificationPasswordResult in
return .password(password: password, pendingEmailPattern: nil) return .password(password: password, pendingEmailPattern: nil)
} }
@ -224,12 +224,12 @@ func updateTwoStepVerificationSecureSecret(network: Network, password: String, s
data.append(currentSalt) data.append(currentSalt)
let currentPasswordHash = Buffer(data: sha256Digest(data)) let currentPasswordHash = Buffer(data: sha256Digest(data))
guard let (encryptedSecret, secretSalt, secretHash) = encryptedSecureSecret(secretData: secret, password: password, inputSalt: authData.nextSecureSalt) else { guard let (encryptedSecret, secretSalt, secretId) = encryptedSecureSecret(secretData: secret, password: password, inputSalt: authData.nextSecureSalt) else {
return .fail(.generic) return .fail(.generic)
} }
let flags: Int32 = (1 << 2) let flags: Int32 = (1 << 2)
return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: nil, newSecureSalt: Buffer(data: secretSalt), newSecureSecret: Buffer(data: encryptedSecret), newSecureSecretHash: secretHash)), automaticFloodWait: false) return network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: .passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: nil, newSecureSalt: Buffer(data: secretSalt), newSecureSecret: Buffer(data: encryptedSecret), newSecureSecretId: secretId)), automaticFloodWait: false)
|> mapError { _ -> UpdateTwoStepVerificationSecureSecretError in |> mapError { _ -> UpdateTwoStepVerificationSecureSecretError in
return .generic return .generic
} }
@ -257,7 +257,7 @@ public func updateTwoStepVerificationEmail(account: Account, currentPassword: St
} }
let flags: Int32 = 1 << 1 let flags: Int32 = 1 << 1
return account.network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: updatedEmail, newSecureSalt: nil, newSecureSecret: nil, newSecureSecretHash: nil)), automaticFloodWait: false) return account.network.request(Api.functions.account.updatePasswordSettings(currentPasswordHash: currentPasswordHash, newSettings: Api.account.PasswordInputSettings.passwordInputSettings(flags: flags, newSalt: nil, newPasswordHash: nil, hint: nil, email: updatedEmail, newSecureSalt: nil, newSecureSecret: nil, newSecureSecretId: nil)), automaticFloodWait: false)
|> map { _ -> UpdateTwoStepVerificationPasswordResult in |> map { _ -> UpdateTwoStepVerificationPasswordResult in
return .password(password: currentPassword, pendingEmailPattern: nil) return .password(password: currentPassword, pendingEmailPattern: nil)
} }

6
TelegramCore/UploadSecureIdFile.swift
View File

@ -15,7 +15,6 @@ public struct UploadedSecureIdFile: Equatable {
let md5Checksum: String let md5Checksum: String
let fileHash: Data let fileHash: Data
let encryptedSecret: Data let encryptedSecret: Data
let masterSecretHash: Int64
public static func ==(lhs: UploadedSecureIdFile, rhs: UploadedSecureIdFile) -> Bool { public static func ==(lhs: UploadedSecureIdFile, rhs: UploadedSecureIdFile) -> Bool {
if lhs.id != rhs.id { if lhs.id != rhs.id {
@ -33,9 +32,6 @@ public struct UploadedSecureIdFile: Equatable {
if lhs.encryptedSecret != rhs.encryptedSecret { if lhs.encryptedSecret != rhs.encryptedSecret {
return false return false
} }
if lhs.masterSecretHash != rhs.masterSecretHash {
return false
}
return true return true
} }
} }
@ -144,7 +140,7 @@ public func uploadSecureIdFile(context: SecureIdAccessContext, postbox: Postbox,
return .single(.progress(value)) return .single(.progress(value))
case let .inputFile(file): case let .inputFile(file):
if case let .inputFile(id, parts, _, md5Checksum) = file { if case let .inputFile(id, parts, _, md5Checksum) = file {
return .single(.result(UploadedSecureIdFile(id: id, parts: parts, md5Checksum: md5Checksum, fileHash: encryptedData.hash, encryptedSecret: encryptedData.encryptedSecret, masterSecretHash: context.hash))) return .single(.result(UploadedSecureIdFile(id: id, parts: parts, md5Checksum: md5Checksum, fileHash: encryptedData.hash, encryptedSecret: encryptedData.encryptedSecret)))
} else { } else {
return .fail(.generic) return .fail(.generic)
} }