From 3760285a64405935fafe7aeeb051fd25d850585b Mon Sep 17 00:00:00 2001 From: Matthew Fosse Date: Thu, 30 Nov 2023 16:39:09 -0500 Subject: [PATCH] ios/mac secure storage pin migration (potential fix) (#1205) * ios/mac secure storage pin migration * function call was incorrect * Update default_settings_migration.dart --------- Co-authored-by: Omar Hatem --- lib/entities/default_settings_migration.dart | 98 +++++++++++++------- lib/main.dart | 2 +- 2 files changed, 64 insertions(+), 36 deletions(-) diff --git a/lib/entities/default_settings_migration.dart b/lib/entities/default_settings_migration.dart index a65742e99..ec31b0539 100644 --- a/lib/entities/default_settings_migration.dart +++ b/lib/entities/default_settings_migration.dart @@ -1,5 +1,6 @@ import 'dart:io' show Directory, File, Platform; import 'package:cake_wallet/bitcoin/bitcoin.dart'; +import 'package:cake_wallet/entities/encrypt.dart'; import 'package:cake_wallet/entities/exchange_api_mode.dart'; import 'package:cw_core/pathForWallet.dart'; import 'package:cake_wallet/entities/secret_store_key.dart'; @@ -82,8 +83,7 @@ Future defaultSettingsMigration( sharedPreferences: sharedPreferences, nodes: nodes); await changeLitecoinCurrentElectrumServerToDefault( sharedPreferences: sharedPreferences, nodes: nodes); - await changeHavenCurrentNodeToDefault( - sharedPreferences: sharedPreferences, nodes: nodes); + await changeHavenCurrentNodeToDefault(sharedPreferences: sharedPreferences, nodes: nodes); await changeBitcoinCashCurrentNodeToDefault( sharedPreferences: sharedPreferences, nodes: nodes); @@ -175,6 +175,9 @@ Future defaultSettingsMigration( await changeBitcoinCurrentElectrumServerToDefault( sharedPreferences: sharedPreferences, nodes: nodes); break; + case 25: + await rewriteSecureStoragePin(secureStorage: secureStorage); + break; default: break; @@ -340,9 +343,9 @@ Node? getNanoDefaultPowNode({required Box nodes}) { } Node? getBitcoinCashDefaultElectrumServer({required Box nodes}) { - return nodes.values.firstWhereOrNull( - (Node node) => node.uriRaw == cakeWalletBitcoinCashDefaultNodeUri) - ?? nodes.values.firstWhereOrNull((node) => node.type == WalletType.bitcoinCash); + return nodes.values + .firstWhereOrNull((Node node) => node.uriRaw == cakeWalletBitcoinCashDefaultNodeUri) ?? + nodes.values.firstWhereOrNull((node) => node.type == WalletType.bitcoinCash); } Node getMoneroDefaultNode({required Box nodes}) { @@ -364,6 +367,37 @@ Node getMoneroDefaultNode({required Box nodes}) { } } +Future rewriteSecureStoragePin({required FlutterSecureStorage secureStorage}) async { + // the bug only affects ios/mac: + if (!Platform.isIOS && !Platform.isMacOS) { + return; + } + + // first, get the encoded pin: + final keyForPinCode = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword); + String? encodedPin; + try { + encodedPin = await secureStorage.read(key: keyForPinCode); + } catch (e) { + // either we don't have a pin, or we can't read it (maybe even because of the bug!) + // the only option here is to abort the migration or we risk losing the pin and locking the user out + return; + } + + if (encodedPin == null) { + return; + } + + // ensure we overwrite by deleting the old key first: + await secureStorage.delete(key: keyForPinCode); + await secureStorage.write( + key: keyForPinCode, + value: encodedPin, + iOptions: IOSOptions(accessibility: KeychainAccessibility.first_unlock), + mOptions: MacOsOptions(accessibility: KeychainAccessibility.first_unlock), + ); +} + Future changeBitcoinCurrentElectrumServerToDefault( {required SharedPreferences sharedPreferences, required Box nodes}) async { final server = getBitcoinDefaultElectrumServer(nodes: nodes); @@ -381,8 +415,7 @@ Future changeLitecoinCurrentElectrumServerToDefault( } Future changeBitcoinCashCurrentNodeToDefault( - {required SharedPreferences sharedPreferences, - required Box nodes}) async { + {required SharedPreferences sharedPreferences, required Box nodes}) async { final server = getBitcoinCashDefaultElectrumServer(nodes: nodes); final serverId = server?.key as int ?? 0; @@ -538,34 +571,30 @@ Future checkCurrentNodes( final currentMoneroNodeId = sharedPreferences.getInt(PreferencesKey.currentNodeIdKey); final currentBitcoinElectrumSeverId = sharedPreferences.getInt(PreferencesKey.currentBitcoinElectrumSererIdKey); - final currentLitecoinElectrumSeverId = sharedPreferences - .getInt(PreferencesKey.currentLitecoinElectrumSererIdKey); - final currentHavenNodeId = sharedPreferences - .getInt(PreferencesKey.currentHavenNodeIdKey); - final currentEthereumNodeId = sharedPreferences - .getInt(PreferencesKey.currentEthereumNodeIdKey); - final currentNanoNodeId = sharedPreferences - .getInt(PreferencesKey.currentNanoNodeIdKey); - final currentNanoPowNodeId = sharedPreferences - .getInt(PreferencesKey.currentNanoPowNodeIdKey); - final currentBitcoinCashNodeId = sharedPreferences - .getInt(PreferencesKey.currentBitcoinCashNodeIdKey); - final currentMoneroNode = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentMoneroNodeId); - final currentBitcoinElectrumServer = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentBitcoinElectrumSeverId); - final currentLitecoinElectrumServer = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentLitecoinElectrumSeverId); - final currentHavenNodeServer = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentHavenNodeId); - final currentEthereumNodeServer = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentEthereumNodeId); + final currentLitecoinElectrumSeverId = + sharedPreferences.getInt(PreferencesKey.currentLitecoinElectrumSererIdKey); + final currentHavenNodeId = sharedPreferences.getInt(PreferencesKey.currentHavenNodeIdKey); + final currentEthereumNodeId = sharedPreferences.getInt(PreferencesKey.currentEthereumNodeIdKey); + final currentNanoNodeId = sharedPreferences.getInt(PreferencesKey.currentNanoNodeIdKey); + final currentNanoPowNodeId = sharedPreferences.getInt(PreferencesKey.currentNanoPowNodeIdKey); + final currentBitcoinCashNodeId = + sharedPreferences.getInt(PreferencesKey.currentBitcoinCashNodeIdKey); + final currentMoneroNode = + nodeSource.values.firstWhereOrNull((node) => node.key == currentMoneroNodeId); + final currentBitcoinElectrumServer = + nodeSource.values.firstWhereOrNull((node) => node.key == currentBitcoinElectrumSeverId); + final currentLitecoinElectrumServer = + nodeSource.values.firstWhereOrNull((node) => node.key == currentLitecoinElectrumSeverId); + final currentHavenNodeServer = + nodeSource.values.firstWhereOrNull((node) => node.key == currentHavenNodeId); + final currentEthereumNodeServer = + nodeSource.values.firstWhereOrNull((node) => node.key == currentEthereumNodeId); final currentNanoNodeServer = - nodeSource.values.firstWhereOrNull((node) => node.key == currentNanoNodeId); + nodeSource.values.firstWhereOrNull((node) => node.key == currentNanoNodeId); final currentNanoPowNodeServer = - powNodeSource.values.firstWhereOrNull((node) => node.key == currentNanoPowNodeId); - final currentBitcoinCashNodeServer = nodeSource.values.firstWhereOrNull( - (node) => node.key == currentBitcoinCashNodeId); + powNodeSource.values.firstWhereOrNull((node) => node.key == currentNanoPowNodeId); + final currentBitcoinCashNodeServer = + nodeSource.values.firstWhereOrNull((node) => node.key == currentBitcoinCashNodeId); if (currentMoneroNode == null) { final newCakeWalletNode = Node(uri: newCakeWalletMoneroUri, type: WalletType.monero); await nodeSource.add(newCakeWalletNode); @@ -617,8 +646,7 @@ Future checkCurrentNodes( if (currentBitcoinCashNodeServer == null) { final node = Node(uri: cakeWalletBitcoinCashDefaultNodeUri, type: WalletType.bitcoinCash); await nodeSource.add(node); - await sharedPreferences.setInt( - PreferencesKey.currentBitcoinCashNodeIdKey, node.key as int); + await sharedPreferences.setInt(PreferencesKey.currentBitcoinCashNodeIdKey, node.key as int); } } diff --git a/lib/main.dart b/lib/main.dart index 6807e9185..165db1ddd 100644 --- a/lib/main.dart +++ b/lib/main.dart @@ -163,7 +163,7 @@ Future initializeAppConfigs() async { transactionDescriptions: transactionDescriptions, secureStorage: secureStorage, anonpayInvoiceInfo: anonpayInvoiceInfo, - initialMigrationVersion: 23); + initialMigrationVersion: 25); } Future initialSetup(