be absolutely sure we delete secure storage keys before writing them (#1182)

* be absolutely sure we delete secure storage keys before writing them * sync with other PR --------- Co-authored-by: fossephate <fosse@book.local> Co-authored-by: Omar Hatem <omarh.ismail1@gmail.com>
2024-11-16 17:27:37 +00:00 · 2023-11-27 08:28:34 -05:00 · 2023-11-27 08:28:34 -05:00 · 615d016dd5
commit 615d016dd5
parent 00c97c74b8
7 changed files with 15 additions and 3 deletions
--- a/lib/core/backup_service.dart
+++ b/lib/core/backup_service.dart
@ -436,6 +436,7 @@ class BackupService {
    final backupPasswordKey = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
    final backupPassword = keychainJSON[backupPasswordKey] as String;

+    await _flutterSecureStorage.delete(key: backupPasswordKey);
    await _flutterSecureStorage.write(key: backupPasswordKey, value: backupPassword);

    keychainWalletsInfo.forEach((dynamic rawInfo) async {
@ -443,6 +444,7 @@ class BackupService {
      await importWalletKeychainInfo(info);
    });

+    await _flutterSecureStorage.delete(key: pinCodeKey);
    await _flutterSecureStorage.write(key: pinCodeKey, value: encodedPinCode(pin: decodedPin));

    keychainDumpFile.deleteSync();
@ -462,6 +464,7 @@ class BackupService {
    final backupPasswordKey = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
    final backupPassword = keychainJSON[backupPasswordKey] as String;

+    await _flutterSecureStorage.delete(key: backupPasswordKey);
    await _flutterSecureStorage.write(key: backupPasswordKey, value: backupPassword);

    keychainWalletsInfo.forEach((dynamic rawInfo) async {
@ -469,6 +472,7 @@ class BackupService {
      await importWalletKeychainInfo(info);
    });

+    await _flutterSecureStorage.delete(key: pinCodeKey);
    await _flutterSecureStorage.write(key: pinCodeKey, value: encodedPinCode(pin: decodedPin));

    keychainDumpFile.deleteSync();
--- a/lib/core/key_service.dart
+++ b/lib/core/key_service.dart
@ -19,6 +19,7 @@ class KeyService {
        key: SecretStoreKey.moneroWalletPassword, walletName: walletName);
    final encodedPassword = encodeWalletPassword(password: password);

+    await _secureStorage.delete(key: key);
    await _secureStorage.write(key: key, value: encodedPassword);
  }

--- a/lib/entities/default_settings_migration.dart
+++ b/lib/entities/default_settings_migration.dart
@ -496,6 +496,7 @@ Future<void> generateBackupPassword(FlutterSecureStorage secureStorage) async {
  }

  final password = encrypt.Key.fromSecureRandom(32).base16;
+  await secureStorage.delete(key: key);
  await secureStorage.write(key: key, value: password);
 }

--- a/lib/entities/fs_migration.dart
+++ b/lib/entities/fs_migration.dart
@ -147,6 +147,7 @@ Future<void> ios_migrate_pin() async {

  final key = generateStoreKeyFor(key: SecretStoreKey.pinCodePassword);
  final encodedPassword = encodedPinCode(pin: pinPassword);
+  await flutterSecureStorage.delete(key: key);
  await flutterSecureStorage.write(key: key, value: encodedPassword);
  await prefs.setBool('ios_migration_pin_completed', true);
 }
--- a/lib/entities/get_encryption_key.dart
+++ b/lib/entities/get_encryption_key.dart
@ -9,7 +9,9 @@ Future<List<int>> getEncryptionKey(
  if (stringifiedKey == null) {
    key = CakeHive.generateSecureKey();
    final keyStringified = key.join(',');
-    await secureStorage.write(key: 'transactionDescriptionsBoxKey', value: keyStringified);
+    String storageKey = 'transactionDescriptionsBoxKey';
+    await secureStorage.delete(key: storageKey);
+    await secureStorage.write(key: storageKey, value: keyStringified);
  } else {
    key = stringifiedKey.split(',').map((i) => int.parse(i)).toList();
  }
--- a/lib/src/screens/support_chat/widgets/chatwoot_widget.dart
+++ b/lib/src/screens/support_chat/widgets/chatwoot_widget.dart
@ -57,6 +57,8 @@ class ChatwootWidgetState extends State<ChatwootWidget> {
    return true;
  }

-  Future<void> storeCookie(String value) async =>
-      await widget.secureStorage.write(key: COOKIE_KEY, value: value);
+  Future<void> storeCookie(String value) async {
+    await widget.secureStorage.delete(key: COOKIE_KEY);
+    await widget.secureStorage.write(key: COOKIE_KEY, value: value);
+  }
 }
--- a/lib/view_model/edit_backup_password_view_model.dart
+++ b/lib/view_model/edit_backup_password_view_model.dart
@ -37,6 +37,7 @@ abstract class EditBackupPasswordViewModelBase with Store {
  @action
  Future<void> save() async {
    final key = generateStoreKeyFor(key: SecretStoreKey.backupPassword);
+    await secureStorage.delete(key: key);
    await secureStorage.write(key: key, value: backupPassword);
    secretStore.write(key: key, value: backupPassword);
  }