getAllPasswordData and various fixes.
GitOrigin-RevId: e423dfdaf97b06f0067bda3d1fb847869697234f
This commit is contained in:
levlam
parent
0eee63b723
commit
775c2eea25
@ -836,9 +836,12 @@ passportData type:PassportDataType data:string files:vector<file> selfie:file =
|
||||
//@description Contains information about a Telegram Passport data to save @type Telegram Passport data type @data TODO data should be typed @files List of attached files with a document @selfie Selfie with the document
|
||||
inputPassportData type:PassportDataType data:string files:vector<InputFile> selfie:InputFile = InputPassportData;
|
||||
|
||||
//@description Contains information about all filled Telegram Passport data @data All filled Telegram Passport data
|
||||
allPassportData data:vector<passportData> = AllPassportData;
|
||||
|
||||
//@description Contains information about requested Telegram Passport authorization form @id Authorization form unique identifier @data Available data
|
||||
passportAuthorizationForm id:int32 data:vector<passportData> selfie_required:Bool privacy_policy_url:string = PassportAuthorizationForm;
|
||||
|
||||
//@description Contains information about requested Telegram Passport authorization form @id Authorization form unique identifier @data Available data @is_selfie_required True, if selfie is required with a document @privacy_policy_url URL with the service privacy policy
|
||||
passportAuthorizationForm id:int32 data:vector<passportData> is_selfie_required:Bool privacy_policy_url:string = PassportAuthorizationForm;
|
||||
|
||||
|
||||
//@description Contains an encrypted Telegram Passport data credentials @data The encrypted credentials @hash The decrypted data hash @secret Encrypted by service public key secret for data decryption
|
||||
@ -2881,6 +2884,9 @@ resetNetworkStatistics = Ok;
|
||||
//@description Returns filled Telegram Passport data @type Data type @password Password of the current user
|
||||
getPassportData type:PassportDataType password:string = PassportData;
|
||||
|
||||
//@description Returns all filled Telegram Passport data @password Password of the current user
|
||||
getAllPassportData password:string = AllPassportData;
|
||||
|
||||
//@description Sets Telegram Passport data @data Input Telegram Passport data @password Password of the current user
|
||||
setPassportData data:inputPassportData password:string = PassportData;
|
||||
|
||||
@ -2909,10 +2915,10 @@ resendEmailAddressVerificationCode = EmailAddressAuthenticationCodeInfo;
|
||||
checkEmailAddressVerificationCode code:string = Ok;
|
||||
|
||||
|
||||
//@description Returns Telegram Passport authorization form for sharing data with a service @bot_id Service's bot identifier @scope Telegram Passport data types requested by the service @public_key Service's public_key @password Password of the current user
|
||||
getPassportAuthorizationForm bot_id:int32 scope:string public_key:string payload:string password:string = PassportAuthorizationForm;
|
||||
//@description Returns Telegram Passport authorization form for sharing data with a service @bot_user_id Service's bot user identifier @scope Telegram Passport data types requested by the service @public_key Service's public_key @payload Authorization form payload provided by the service @password Password of the current user
|
||||
getPassportAuthorizationForm bot_user_id:int32 scope:string public_key:string payload:string password:string = PassportAuthorizationForm;
|
||||
|
||||
//@description Sends Telegram Passport authorization form, effectively sharing data with the service @autorization_form_id Authorization form identifier
|
||||
//@description Sends Telegram Passport authorization form, effectively sharing data with the service @autorization_form_id Authorization form identifier @types Types of Telegram Passport data chosen by user to complete the authorization form @password Password of the current user
|
||||
sendPassportAuthorizationForm autorization_form_id:int32 types:vector<PassportDataType> password:string = Ok;
|
||||
|
||||
|
||||
|
||||
Binary file not shown.
@ -932,6 +932,7 @@ account.getTmpPassword#4a82327e password_hash:bytes period:int = account.TmpPass
|
||||
account.getWebAuthorizations#182e6d6f = account.WebAuthorizations;
|
||||
account.resetWebAuthorization#2d01b9ef hash:long = Bool;
|
||||
account.resetWebAuthorizations#682d2594 = Bool;
|
||||
account.getAllSecureValues#b288bc7d = Vector<SecureValue>;
|
||||
account.getSecureValue#73665bc2 types:Vector<SecureValueType> = Vector<SecureValue>;
|
||||
account.saveSecureValue#899fe31d value:InputSecureValue secure_secret_id:long = SecureValue;
|
||||
account.deleteSecureValue#b880bc4b types:Vector<SecureValueType> = Bool;
|
||||
|
||||
Binary file not shown.
@ -21554,7 +21554,7 @@ unique_ptr<MessageContent> MessagesManager::get_message_action_content(
|
||||
auto secure_values = move_tl_object_as<telegram_api::messageActionSecureValuesSentMe>(action);
|
||||
return make_unique<MessagePassportDataReceived>(
|
||||
get_encrypted_secure_values(td_->file_manager_.get(), std::move(secure_values->values_)),
|
||||
get_secure_credentials(std::move(secure_values->credentials_)));
|
||||
get_encrypted_secure_credentials(std::move(secure_values->credentials_)));
|
||||
}
|
||||
default:
|
||||
UNREACHABLE();
|
||||
|
||||
@ -6,11 +6,14 @@
|
||||
//
|
||||
#include "td/telegram/SecureManager.h"
|
||||
|
||||
#include "td/telegram/files/FileManager.h"
|
||||
#include "td/telegram/Global.h"
|
||||
#include "td/telegram/PasswordManager.h"
|
||||
#include "td/telegram/net/NetQueryDispatcher.h"
|
||||
#include "td/telegram/PasswordManager.h"
|
||||
#include "td/telegram/Td.h"
|
||||
|
||||
namespace td {
|
||||
|
||||
GetSecureValue::GetSecureValue(ActorShared<> parent, std::string password, SecureValueType type,
|
||||
Promise<SecureValueWithCredentials> promise)
|
||||
: parent_(std::move(parent)), password_(std::move(password)), type_(type), promise_(std::move(promise)) {
|
||||
@ -35,7 +38,8 @@ void GetSecureValue::loop() {
|
||||
if (!encrypted_secure_value_ || !secret_) {
|
||||
return;
|
||||
}
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
auto r_secure_value = decrypt_encrypted_secure_value(file_manager, *secret_, *encrypted_secure_value_);
|
||||
if (r_secure_value.is_error()) {
|
||||
return on_error(r_secure_value.move_as_error());
|
||||
@ -64,11 +68,72 @@ void GetSecureValue::on_result(NetQueryPtr query) {
|
||||
return on_error(r_result.move_as_error());
|
||||
}
|
||||
auto result = r_result.move_as_ok();
|
||||
if (result.empty()) {
|
||||
return on_error(Status::Error(404, "Not Found"));
|
||||
}
|
||||
if (result.size() != 1) {
|
||||
return on_error(Status::Error(PSLICE() << "Expected vector of size 1 got " << result.size()));
|
||||
}
|
||||
LOG(ERROR) << to_string(result[0]);
|
||||
encrypted_secure_value_ = get_encrypted_secure_value(G()->file_manager().get_actor_unsafe(), std::move(result[0]));
|
||||
encrypted_secure_value_ =
|
||||
get_encrypted_secure_value(G()->td().get_actor_unsafe()->file_manager_.get(), std::move(result[0]));
|
||||
loop();
|
||||
}
|
||||
|
||||
GetAllSecureValues::GetAllSecureValues(ActorShared<> parent, std::string password,
|
||||
Promise<TdApiAllSecureValues> promise)
|
||||
: parent_(std::move(parent)), password_(std::move(password)), promise_(std::move(promise)) {
|
||||
}
|
||||
|
||||
void GetAllSecureValues::on_error(Status status) {
|
||||
promise_.set_error(std::move(status));
|
||||
stop();
|
||||
}
|
||||
|
||||
void GetAllSecureValues::on_secret(Result<secure_storage::Secret> r_secret, bool dummy) {
|
||||
LOG_IF(ERROR, r_secret.is_error()) << r_secret.error();
|
||||
LOG_IF(ERROR, r_secret.is_ok()) << r_secret.ok().get_hash();
|
||||
if (r_secret.is_error()) {
|
||||
return on_error(r_secret.move_as_error());
|
||||
}
|
||||
secret_ = r_secret.move_as_ok();
|
||||
loop();
|
||||
}
|
||||
|
||||
void GetAllSecureValues::loop() {
|
||||
if (!encrypted_secure_values_ || !secret_) {
|
||||
return;
|
||||
}
|
||||
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
auto r_secure_values = decrypt_encrypted_secure_values(file_manager, *secret_, *encrypted_secure_values_);
|
||||
if (r_secure_values.is_error()) {
|
||||
return on_error(r_secure_values.move_as_error());
|
||||
}
|
||||
auto secure_values = transform(r_secure_values.move_as_ok(),
|
||||
[](SecureValueWithCredentials &&value) { return std::move(value.value); });
|
||||
promise_.set_result(get_all_passport_data_object(file_manager, std::move(secure_values)));
|
||||
stop();
|
||||
}
|
||||
|
||||
void GetAllSecureValues::start_up() {
|
||||
auto query = G()->net_query_creator().create(create_storer(telegram_api::account_getAllSecureValues()));
|
||||
|
||||
G()->net_query_dispatcher().dispatch_with_callback(std::move(query), actor_shared(this));
|
||||
|
||||
send_closure(G()->password_manager(), &PasswordManager::get_secure_secret, password_, optional<int64>(),
|
||||
PromiseCreator::lambda([actor_id = actor_id(this)](Result<secure_storage::Secret> r_secret) {
|
||||
send_closure(actor_id, &GetAllSecureValues::on_secret, std::move(r_secret), true);
|
||||
}));
|
||||
}
|
||||
|
||||
void GetAllSecureValues::on_result(NetQueryPtr query) {
|
||||
auto r_result = fetch_result<telegram_api::account_getAllSecureValues>(std::move(query));
|
||||
if (r_result.is_error()) {
|
||||
return on_error(r_result.move_as_error());
|
||||
}
|
||||
encrypted_secure_values_ =
|
||||
get_encrypted_secure_values(G()->td().get_actor_unsafe()->file_manager_.get(), r_result.move_as_ok());
|
||||
loop();
|
||||
}
|
||||
|
||||
@ -188,7 +253,7 @@ void SetSecureValue::loop() {
|
||||
if (files_left_to_upload_ != 0) {
|
||||
return;
|
||||
}
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
auto input_secure_value = get_input_secure_value_object(
|
||||
file_manager, encrypt_secure_value(file_manager, *secret_, secure_value_), to_upload_, selfie_);
|
||||
auto save_secure_value =
|
||||
@ -202,7 +267,7 @@ void SetSecureValue::loop() {
|
||||
}
|
||||
|
||||
void SetSecureValue::tear_down() {
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
for (auto &file_info : to_upload_) {
|
||||
file_manager->upload(file_info.file_id, nullptr, 0, 0);
|
||||
}
|
||||
@ -215,7 +280,7 @@ void SetSecureValue::on_result(NetQueryPtr query) {
|
||||
}
|
||||
auto result = r_result.move_as_ok();
|
||||
LOG(ERROR) << to_string(result);
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
auto encrypted_secure_value = get_encrypted_secure_value(file_manager, std::move(result));
|
||||
if (secure_value_.files.size() != encrypted_secure_value.files.size()) {
|
||||
return on_error(Status::Error("Different files count"));
|
||||
@ -248,12 +313,12 @@ void SetSecureValue::merge(FileManager *file_manager, FileId file_id, EncryptedS
|
||||
|
||||
class GetPassportAuthorizationForm : public NetQueryCallback {
|
||||
public:
|
||||
GetPassportAuthorizationForm(ActorShared<> parent, string password, int32 authorization_form_id, int32 bot_id,
|
||||
GetPassportAuthorizationForm(ActorShared<> parent, string password, int32 authorization_form_id, UserId bot_user_id,
|
||||
string scope, string public_key, Promise<TdApiAuthorizationForm> promise)
|
||||
: parent_(std::move(parent))
|
||||
, password_(std::move(password))
|
||||
, authorization_form_id_(authorization_form_id)
|
||||
, bot_id_(bot_id)
|
||||
, bot_user_id_(bot_user_id)
|
||||
, scope_(std::move(scope))
|
||||
, public_key_(std::move(public_key))
|
||||
, promise_(std::move(promise)) {
|
||||
@ -263,7 +328,7 @@ class GetPassportAuthorizationForm : public NetQueryCallback {
|
||||
ActorShared<> parent_;
|
||||
string password_;
|
||||
int32 authorization_form_id_;
|
||||
int32 bot_id_;
|
||||
UserId bot_user_id_;
|
||||
string scope_;
|
||||
string public_key_;
|
||||
Promise<TdApiAuthorizationForm> promise_;
|
||||
@ -287,7 +352,7 @@ class GetPassportAuthorizationForm : public NetQueryCallback {
|
||||
|
||||
void start_up() override {
|
||||
auto account_get_authorization_form =
|
||||
telegram_api::account_getAuthorizationForm(bot_id_, std::move(scope_), std::move(public_key_));
|
||||
telegram_api::account_getAuthorizationForm(bot_user_id_.get(), std::move(scope_), std::move(public_key_));
|
||||
auto query = G()->net_query_creator().create(create_storer(account_get_authorization_form));
|
||||
G()->net_query_dispatcher().dispatch_with_callback(std::move(query), actor_shared(this));
|
||||
|
||||
@ -310,7 +375,7 @@ class GetPassportAuthorizationForm : public NetQueryCallback {
|
||||
if (!secret_ || !authorization_form_) {
|
||||
return;
|
||||
}
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
std::vector<TdApiSecureValue> values;
|
||||
auto types = get_secure_value_types(std::move(authorization_form_->required_types_));
|
||||
for (auto type : types) {
|
||||
@ -353,7 +418,7 @@ void SecureManager::get_secure_value(std::string password, SecureValueType type,
|
||||
if (r_secure_value.is_error()) {
|
||||
return promise.set_error(r_secure_value.move_as_error());
|
||||
}
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
promise.set_value(get_passport_data_object(file_manager, r_secure_value.move_as_ok().value));
|
||||
});
|
||||
do_get_secure_value(std::move(password), type, std::move(new_promise));
|
||||
@ -366,6 +431,12 @@ void SecureManager::do_get_secure_value(std::string password, SecureValueType ty
|
||||
.release();
|
||||
}
|
||||
|
||||
void SecureManager::get_all_secure_values(std::string password, Promise<TdApiAllSecureValues> promise) {
|
||||
refcnt_++;
|
||||
create_actor<GetAllSecureValues>("GetAllSecureValues", actor_shared(), std::move(password), std::move(promise))
|
||||
.release();
|
||||
}
|
||||
|
||||
void SecureManager::set_secure_value(string password, SecureValue secure_value, Promise<TdApiSecureValue> promise) {
|
||||
refcnt_++;
|
||||
auto type = secure_value.type;
|
||||
@ -374,21 +445,22 @@ void SecureManager::set_secure_value(string password, SecureValue secure_value,
|
||||
if (r_secure_value.is_error()) {
|
||||
return promise.set_error(r_secure_value.move_as_error());
|
||||
}
|
||||
auto *file_manager = G()->file_manager().get_actor_unsafe();
|
||||
auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get();
|
||||
promise.set_value(get_passport_data_object(file_manager, r_secure_value.move_as_ok().value));
|
||||
});
|
||||
set_secure_value_queries_[type] = create_actor<SetSecureValue>("SetSecureValue", actor_shared(), std::move(password),
|
||||
std::move(secure_value), std::move(new_promise));
|
||||
}
|
||||
|
||||
void SecureManager::get_passport_authorization_form(string password, int32 bot_id, string scope, string public_key,
|
||||
string payload, Promise<TdApiAuthorizationForm> promise) {
|
||||
void SecureManager::get_passport_authorization_form(string password, UserId bot_user_id, string scope,
|
||||
string public_key, string payload,
|
||||
Promise<TdApiAuthorizationForm> promise) {
|
||||
refcnt_++;
|
||||
auto authorization_form_id = ++authorization_form_id_;
|
||||
authorization_forms_[authorization_form_id] = AuthorizationForm{bot_id, scope, public_key, payload};
|
||||
authorization_forms_[authorization_form_id] = AuthorizationForm{bot_user_id, scope, public_key, payload};
|
||||
create_actor<GetPassportAuthorizationForm>("GetPassportAuthorizationForm", actor_shared(), std::move(password),
|
||||
authorization_form_id, bot_id, std::move(scope), std::move(public_key),
|
||||
std::move(promise))
|
||||
authorization_form_id, bot_user_id, std::move(scope),
|
||||
std::move(public_key), std::move(promise))
|
||||
.release();
|
||||
}
|
||||
|
||||
@ -465,7 +537,7 @@ void SecureManager::do_send_passport_authorization_form(int32 authorization_form
|
||||
}
|
||||
|
||||
auto td_query = telegram_api::account_acceptAuthorization(
|
||||
it->second.bot_id, it->second.scope, it->second.public_key, std::move(hashes),
|
||||
it->second.bot_user_id.get(), it->second.scope, it->second.public_key, std::move(hashes),
|
||||
get_secure_credentials_encrypted_object(r_encrypted_credentials.move_as_ok()));
|
||||
LOG(ERROR) << to_string(td_query);
|
||||
auto query = G()->net_query_creator().create(create_storer(td_query));
|
||||
@ -490,12 +562,14 @@ void SecureManager::hangup() {
|
||||
void SecureManager::hangup_shared() {
|
||||
dec_refcnt();
|
||||
}
|
||||
|
||||
void SecureManager::dec_refcnt() {
|
||||
refcnt_--;
|
||||
if (refcnt_ == 0) {
|
||||
stop();
|
||||
}
|
||||
}
|
||||
|
||||
void SecureManager::on_result(NetQueryPtr query) {
|
||||
auto token = get_link_token();
|
||||
container_.extract(token).set_value(std::move(query));
|
||||
@ -505,4 +579,5 @@ void SecureManager::send_with_promise(NetQueryPtr query, Promise<NetQueryPtr> pr
|
||||
auto id = container_.create(std::move(promise));
|
||||
G()->net_query_dispatcher().dispatch_with_callback(std::move(query), actor_shared(this, id));
|
||||
}
|
||||
|
||||
} // namespace td
|
||||
|
||||
@ -5,19 +5,24 @@
|
||||
// file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
|
||||
//
|
||||
#pragma once
|
||||
|
||||
#include "td/actor/actor.h"
|
||||
|
||||
#include "td/telegram/files/FileManager.h"
|
||||
#include "td/telegram/net/NetQuery.h"
|
||||
#include "td/telegram/SecureValue.h"
|
||||
#include "td/telegram/files/FileManager.h"
|
||||
#include "td/telegram/UserId.h"
|
||||
|
||||
#include "td/telegram/td_api.h"
|
||||
|
||||
#include "td/utils/optional.h"
|
||||
|
||||
namespace td {
|
||||
|
||||
using TdApiSecureValue = td_api::object_ptr<td_api::passportData>;
|
||||
using TdApiAllSecureValues = td_api::object_ptr<td_api::allPassportData>;
|
||||
using TdApiAuthorizationForm = td_api::object_ptr<td_api::passportAuthorizationForm>;
|
||||
|
||||
class GetSecureValue : public NetQueryCallback {
|
||||
public:
|
||||
GetSecureValue(ActorShared<> parent, std::string password, SecureValueType type,
|
||||
@ -39,6 +44,25 @@ class GetSecureValue : public NetQueryCallback {
|
||||
void on_result(NetQueryPtr query) override;
|
||||
};
|
||||
|
||||
class GetAllSecureValues : public NetQueryCallback {
|
||||
public:
|
||||
GetAllSecureValues(ActorShared<> parent, std::string password, Promise<TdApiAllSecureValues> promise);
|
||||
|
||||
private:
|
||||
ActorShared<> parent_;
|
||||
string password_;
|
||||
Promise<TdApiAllSecureValues> promise_;
|
||||
optional<vector<EncryptedSecureValue>> encrypted_secure_values_;
|
||||
optional<secure_storage::Secret> secret_;
|
||||
|
||||
void on_error(Status status);
|
||||
void on_secret(Result<secure_storage::Secret> r_secret, bool dummy);
|
||||
void loop() override;
|
||||
void start_up() override;
|
||||
|
||||
void on_result(NetQueryPtr query) override;
|
||||
};
|
||||
|
||||
class SetSecureValue : public NetQueryCallback {
|
||||
public:
|
||||
SetSecureValue(ActorShared<> parent, string password, SecureValue secure_value,
|
||||
@ -91,13 +115,14 @@ class SetSecureValue : public NetQueryCallback {
|
||||
|
||||
class SecureManager : public NetQueryCallback {
|
||||
public:
|
||||
SecureManager(ActorShared<> parent);
|
||||
explicit SecureManager(ActorShared<> parent);
|
||||
|
||||
void get_secure_value(std::string password, SecureValueType type, Promise<TdApiSecureValue> promise);
|
||||
void get_all_secure_values(std::string password, Promise<TdApiAllSecureValues> promise);
|
||||
void set_secure_value(string password, SecureValue secure_value, Promise<TdApiSecureValue> promise);
|
||||
|
||||
void get_passport_authorization_form(string password, int32 bot_id, string scope, string public_key, string payload,
|
||||
Promise<TdApiAuthorizationForm> promise);
|
||||
void get_passport_authorization_form(string password, UserId bot_user_id, string scope, string public_key,
|
||||
string payload, Promise<TdApiAuthorizationForm> promise);
|
||||
void send_passport_authorization_form(string password, int32 authorization_form_id,
|
||||
std::vector<SecureValueType> types, Promise<> promise);
|
||||
|
||||
@ -107,7 +132,7 @@ class SecureManager : public NetQueryCallback {
|
||||
std::map<SecureValueType, ActorOwn<>> set_secure_value_queries_;
|
||||
|
||||
struct AuthorizationForm {
|
||||
int32 bot_id;
|
||||
UserId bot_user_id;
|
||||
string scope;
|
||||
string public_key;
|
||||
string payload;
|
||||
@ -127,4 +152,5 @@ class SecureManager : public NetQueryCallback {
|
||||
Container<Promise<NetQueryPtr>> container_;
|
||||
void send_with_promise(NetQueryPtr query, Promise<NetQueryPtr> promise);
|
||||
};
|
||||
|
||||
} // namespace td
|
||||
|
||||
@ -7,14 +7,17 @@
|
||||
#include "td/telegram/SecureValue.h"
|
||||
|
||||
#include "td/telegram/files/FileManager.h"
|
||||
|
||||
#include "td/telegram/td_api.h"
|
||||
#include "td/telegram/telegram_api.h"
|
||||
#include "td/telegram/telegram_api.hpp"
|
||||
|
||||
#include "td/utils/base64.h"
|
||||
#include "td/utils/JsonBuilder.h"
|
||||
#include "td/utils/misc.h"
|
||||
#include "td/utils/overloaded.h"
|
||||
#include "td/utils/JsonBuilder.h"
|
||||
#include "td/utils/base64.h"
|
||||
|
||||
#include <tuple>
|
||||
|
||||
namespace td {
|
||||
|
||||
@ -157,8 +160,8 @@ bool operator!=(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs)
|
||||
return !(lhs == rhs);
|
||||
}
|
||||
|
||||
EncryptedSecureFile get_secure_file(FileManager *file_manager,
|
||||
tl_object_ptr<telegram_api::SecureFile> &&secure_file_ptr) {
|
||||
EncryptedSecureFile get_encrypted_secure_file(FileManager *file_manager,
|
||||
tl_object_ptr<telegram_api::SecureFile> &&secure_file_ptr) {
|
||||
CHECK(secure_file_ptr != nullptr);
|
||||
EncryptedSecureFile result;
|
||||
switch (secure_file_ptr->get_id()) {
|
||||
@ -184,12 +187,12 @@ EncryptedSecureFile get_secure_file(FileManager *file_manager,
|
||||
return result;
|
||||
}
|
||||
|
||||
vector<EncryptedSecureFile> get_secure_files(FileManager *file_manager,
|
||||
vector<tl_object_ptr<telegram_api::SecureFile>> &&secure_files) {
|
||||
vector<EncryptedSecureFile> get_encrypted_secure_files(FileManager *file_manager,
|
||||
vector<tl_object_ptr<telegram_api::SecureFile>> &&secure_files) {
|
||||
vector<EncryptedSecureFile> results;
|
||||
results.reserve(secure_files.size());
|
||||
for (auto &secure_file : secure_files) {
|
||||
auto result = get_secure_file(file_manager, std::move(secure_file));
|
||||
auto result = get_encrypted_secure_file(file_manager, std::move(secure_file));
|
||||
if (result.file_id.is_valid()) {
|
||||
results.push_back(std::move(result));
|
||||
}
|
||||
@ -250,7 +253,7 @@ bool operator!=(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs)
|
||||
return !(lhs == rhs);
|
||||
}
|
||||
|
||||
EncryptedSecureData get_secure_data(tl_object_ptr<telegram_api::secureData> &&secure_data) {
|
||||
EncryptedSecureData get_encrypted_secure_data(tl_object_ptr<telegram_api::secureData> &&secure_data) {
|
||||
CHECK(secure_data != nullptr);
|
||||
EncryptedSecureData result;
|
||||
result.data = secure_data->data_.as_slice().str();
|
||||
@ -292,11 +295,11 @@ EncryptedSecureValue get_encrypted_secure_value(FileManager *file_manager,
|
||||
}
|
||||
}
|
||||
if (secure_value->data_ != nullptr) {
|
||||
result.data = get_secure_data(std::move(secure_value->data_));
|
||||
result.data = get_encrypted_secure_data(std::move(secure_value->data_));
|
||||
}
|
||||
result.files = get_secure_files(file_manager, std::move(secure_value->files_));
|
||||
result.files = get_encrypted_secure_files(file_manager, std::move(secure_value->files_));
|
||||
if (secure_value->selfie_ != nullptr) {
|
||||
result.selfie = get_secure_file(file_manager, std::move(secure_value->selfie_));
|
||||
result.selfie = get_encrypted_secure_file(file_manager, std::move(secure_value->selfie_));
|
||||
}
|
||||
result.hash = secure_value->hash_.as_slice().str();
|
||||
return result;
|
||||
@ -369,7 +372,7 @@ telegram_api::object_ptr<telegram_api::secureCredentialsEncrypted> get_secure_cr
|
||||
BufferSlice(credentials.data), BufferSlice(credentials.hash), BufferSlice(credentials.encrypted_secret));
|
||||
}
|
||||
|
||||
EncryptedSecureCredentials get_secure_credentials(
|
||||
EncryptedSecureCredentials get_encrypted_secure_credentials(
|
||||
tl_object_ptr<telegram_api::secureCredentialsEncrypted> &&credentials) {
|
||||
CHECK(credentials != nullptr);
|
||||
EncryptedSecureCredentials result;
|
||||
@ -419,6 +422,12 @@ td_api::object_ptr<td_api::passportData> get_passport_data_object(FileManager *f
|
||||
std::move(files), std::move(selfie));
|
||||
}
|
||||
|
||||
td_api::object_ptr<td_api::allPassportData> get_all_passport_data_object(FileManager *file_manager,
|
||||
const vector<SecureValue> &value) {
|
||||
return td_api::make_object<td_api::allPassportData>(transform(
|
||||
value, [file_manager](const SecureValue &value) { return get_passport_data_object(file_manager, value); }));
|
||||
}
|
||||
|
||||
Result<std::pair<FileId, SecureFileCredentials>> decrypt_secure_file(FileManager *file_manager,
|
||||
const secure_storage::Secret &master_secret,
|
||||
const EncryptedSecureFile &secure_file) {
|
||||
@ -447,6 +456,7 @@ Result<std::pair<vector<FileId>, vector<SecureFileCredentials>>> decrypt_secure_
|
||||
|
||||
return std::make_pair(std::move(res), std::move(credentials));
|
||||
}
|
||||
|
||||
Result<std::pair<string, SecureDataCredentials>> decrypt_secure_data(const secure_storage::Secret &master_secret,
|
||||
const EncryptedSecureData &secure_data) {
|
||||
TRY_RESULT(hash, secure_storage::ValueHash::create(secure_data.hash));
|
||||
@ -489,6 +499,19 @@ Result<SecureValueWithCredentials> decrypt_encrypted_secure_value(FileManager *f
|
||||
return SecureValueWithCredentials{std::move(res), std::move(res_credentials)};
|
||||
}
|
||||
|
||||
Result<vector<SecureValueWithCredentials>> decrypt_encrypted_secure_values(
|
||||
FileManager *file_manager, const secure_storage::Secret &secret,
|
||||
const vector<EncryptedSecureValue> &encrypted_secure_values) {
|
||||
vector<SecureValueWithCredentials> result;
|
||||
result.reserve(encrypted_secure_values.size());
|
||||
for (auto &encrypted_secure_value : encrypted_secure_values) {
|
||||
TRY_RESULT(secure_value_with_credentials,
|
||||
decrypt_encrypted_secure_value(file_manager, secret, encrypted_secure_value));
|
||||
result.push_back(std::move(secure_value_with_credentials));
|
||||
}
|
||||
return std::move(result);
|
||||
}
|
||||
|
||||
EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret,
|
||||
FileId file, string &to_hash) {
|
||||
auto file_view = file_manager->get_file_view(file);
|
||||
@ -560,7 +583,7 @@ EncryptedSecureValue encrypt_secure_value(FileManager *file_manager, const secur
|
||||
template <class T>
|
||||
class AsJsonable : public Jsonable {
|
||||
public:
|
||||
AsJsonable(const T &value) : value_(value) {
|
||||
explicit AsJsonable(const T &value) : value_(value) {
|
||||
}
|
||||
void store(JsonValueScope *scope) const {
|
||||
*scope + value_;
|
||||
@ -630,9 +653,9 @@ Slice secure_value_type_as_slice(SecureValueType type) {
|
||||
case SecureValueType::RentalAgreement:
|
||||
return "rental_agreement";
|
||||
case SecureValueType::PhoneNumber:
|
||||
return "phone_number";
|
||||
return "phone";
|
||||
case SecureValueType::EmailAddress:
|
||||
return "email_address";
|
||||
return "email";
|
||||
default:
|
||||
case SecureValueType::None:
|
||||
UNREACHABLE();
|
||||
@ -649,10 +672,10 @@ JsonScope &operator+(JsonValueScope &scope, const std::vector<SecureValueCredent
|
||||
}
|
||||
|
||||
JsonScope &operator+(JsonValueScope &scope,
|
||||
const std::pair<const std::vector<SecureValueCredentials> &, const Slice &> &credentials) {
|
||||
const std::tuple<const std::vector<SecureValueCredentials> &, const Slice &> &credentials) {
|
||||
auto object = scope.enter_object();
|
||||
object << ctie("secure_data", as_jsonable(credentials.first));
|
||||
object << ctie("payload", credentials.second);
|
||||
object << ctie("secure_data", as_jsonable(std::get<0>(credentials)));
|
||||
object << ctie("payload", std::get<1>(credentials));
|
||||
return scope;
|
||||
}
|
||||
|
||||
@ -665,7 +688,7 @@ Result<EncryptedSecureCredentials> encrypted_credentials(std::vector<SecureValue
|
||||
auto encrypted_value = secure_storage::encrypt_value(secret, encoded_credentials).move_as_ok();
|
||||
EncryptedSecureCredentials res;
|
||||
res.data = encrypted_value.data.as_slice().str();
|
||||
res.hash = encrypted_value.data.as_slice().str();
|
||||
res.hash = encrypted_value.hash.as_slice().str();
|
||||
TRY_RESULT(encrypted_secret, rsa_encrypt_pkcs1_oaep(public_key, secret.as_slice()));
|
||||
res.encrypted_secret = encrypted_secret.as_slice().str();
|
||||
return res;
|
||||
|
||||
@ -13,7 +13,6 @@
|
||||
#include "td/telegram/SecureStorage.h"
|
||||
|
||||
#include "td/utils/common.h"
|
||||
#include "td/utils/JsonBuilder.h"
|
||||
#include "td/utils/optional.h"
|
||||
#include "td/utils/Status.h"
|
||||
|
||||
@ -58,11 +57,11 @@ struct EncryptedSecureFile {
|
||||
bool operator==(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs);
|
||||
bool operator!=(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs);
|
||||
|
||||
EncryptedSecureFile get_secure_file(FileManager *file_manager,
|
||||
tl_object_ptr<telegram_api::SecureFile> &&secure_file_ptr);
|
||||
EncryptedSecureFile get_encrypted_secure_file(FileManager *file_manager,
|
||||
tl_object_ptr<telegram_api::SecureFile> &&secure_file_ptr);
|
||||
|
||||
vector<EncryptedSecureFile> get_secure_files(FileManager *file_manager,
|
||||
vector<tl_object_ptr<telegram_api::SecureFile>> &&secure_files);
|
||||
vector<EncryptedSecureFile> get_encrypted_secure_files(FileManager *file_manager,
|
||||
vector<tl_object_ptr<telegram_api::SecureFile>> &&secure_files);
|
||||
|
||||
struct SecureInputFile {
|
||||
FileId file_id;
|
||||
@ -89,7 +88,7 @@ struct EncryptedSecureData {
|
||||
bool operator==(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs);
|
||||
bool operator!=(const EncryptedSecureData &lhs, const EncryptedSecureData &rhs);
|
||||
|
||||
EncryptedSecureData get_secure_data(tl_object_ptr<telegram_api::secureData> &&secure_data);
|
||||
EncryptedSecureData get_encrypted_secure_data(tl_object_ptr<telegram_api::secureData> &&secure_data);
|
||||
|
||||
telegram_api::object_ptr<telegram_api::secureData> get_secure_data_object(const EncryptedSecureData &data);
|
||||
|
||||
@ -128,7 +127,7 @@ struct EncryptedSecureCredentials {
|
||||
bool operator==(const EncryptedSecureCredentials &lhs, const EncryptedSecureCredentials &rhs);
|
||||
bool operator!=(const EncryptedSecureCredentials &lhs, const EncryptedSecureCredentials &rhs);
|
||||
|
||||
EncryptedSecureCredentials get_secure_credentials(
|
||||
EncryptedSecureCredentials get_encrypted_secure_credentials(
|
||||
tl_object_ptr<telegram_api::secureCredentialsEncrypted> &&credentials);
|
||||
|
||||
telegram_api::object_ptr<telegram_api::secureCredentialsEncrypted> get_secure_credentials_encrypted_object(
|
||||
@ -174,6 +173,9 @@ Result<SecureValue> get_secure_value(FileManager *file_manager,
|
||||
|
||||
td_api::object_ptr<td_api::passportData> get_passport_data_object(FileManager *file_manager, const SecureValue &value);
|
||||
|
||||
td_api::object_ptr<td_api::allPassportData> get_all_passport_data_object(FileManager *file_manager,
|
||||
const vector<SecureValue> &value);
|
||||
|
||||
Result<std::pair<FileId, SecureFileCredentials>> decrypt_secure_file(FileManager *file_manager,
|
||||
const secure_storage::Secret &secret,
|
||||
const EncryptedSecureFile &secure_file);
|
||||
@ -184,6 +186,9 @@ Result<std::pair<string, SecureDataCredentials>> decrypt_secure_data(const secur
|
||||
Result<SecureValueWithCredentials> decrypt_encrypted_secure_value(FileManager *file_manager,
|
||||
const secure_storage::Secret &secret,
|
||||
const EncryptedSecureValue &encrypted_secure_value);
|
||||
Result<vector<SecureValueWithCredentials>> decrypt_encrypted_secure_values(
|
||||
FileManager *file_manager, const secure_storage::Secret &secret,
|
||||
const vector<EncryptedSecureValue> &encrypted_secure_values);
|
||||
|
||||
EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret,
|
||||
FileId file, string &to_hash);
|
||||
|
||||
@ -6829,14 +6829,23 @@ void Td::on_request(uint64 id, td_api::getPassportData &request) {
|
||||
CHECK_AUTH();
|
||||
CHECK_IS_USER();
|
||||
CLEAN_INPUT_STRING(request.password_);
|
||||
CREATE_REQUEST_PROMISE(promise);
|
||||
if (request.type_ == nullptr) {
|
||||
return promise.set_error(Status::Error(400, "Type must not be empty"));
|
||||
return send_error_raw(id, 400, "Type must not be empty");
|
||||
}
|
||||
CREATE_REQUEST_PROMISE(promise);
|
||||
send_closure(secure_manager_, &SecureManager::get_secure_value, std::move(request.password_),
|
||||
get_secure_value_type_td_api(std::move(request.type_)), std::move(promise));
|
||||
}
|
||||
|
||||
void Td::on_request(uint64 id, td_api::getAllPassportData &request) {
|
||||
CHECK_AUTH();
|
||||
CHECK_IS_USER();
|
||||
CLEAN_INPUT_STRING(request.password_);
|
||||
CREATE_REQUEST_PROMISE(promise);
|
||||
send_closure(secure_manager_, &SecureManager::get_all_secure_values, std::move(request.password_),
|
||||
std::move(promise));
|
||||
}
|
||||
|
||||
void Td::on_request(uint64 id, td_api::setPassportData &request) {
|
||||
CHECK_AUTH();
|
||||
CHECK_IS_USER();
|
||||
@ -6903,8 +6912,12 @@ void Td::on_request(uint64 id, td_api::getPassportAuthorizationForm &request) {
|
||||
CLEAN_INPUT_STRING(request.public_key_);
|
||||
CLEAN_INPUT_STRING(request.scope_);
|
||||
CLEAN_INPUT_STRING(request.payload_);
|
||||
UserId bot_user_id(request.bot_user_id_);
|
||||
if (!bot_user_id.is_valid()) {
|
||||
return send_error_raw(id, 400, "Bot user identifier invalid");
|
||||
}
|
||||
CREATE_REQUEST_PROMISE(promise);
|
||||
send_closure(secure_manager_, &SecureManager::get_passport_authorization_form, request.password_, request.bot_id_,
|
||||
send_closure(secure_manager_, &SecureManager::get_passport_authorization_form, request.password_, bot_user_id,
|
||||
request.scope_, request.public_key_, request.payload_, std::move(promise));
|
||||
}
|
||||
|
||||
|
||||
@ -751,6 +751,8 @@ class Td final : public NetQueryCallback {
|
||||
|
||||
void on_request(uint64 id, td_api::getPassportData &request);
|
||||
|
||||
void on_request(uint64 id, td_api::getAllPassportData &request);
|
||||
|
||||
void on_request(uint64 id, td_api::setPassportData &request);
|
||||
|
||||
void on_request(uint64 id, const td_api::deletePassportData &request);
|
||||
|
||||
@ -1078,7 +1078,7 @@ class CliClient final : public Actor {
|
||||
recovery_email_address = "";
|
||||
}
|
||||
send_request(make_tl_object<td_api::setPassword>(password, new_password, new_hint, true, recovery_email_address));
|
||||
} else if (op == "secureid") {
|
||||
} else if (op == "gpaf" || op == "secureid") {
|
||||
string password;
|
||||
std::tie(password, args) = split(args);
|
||||
ChainBufferWriter writer;
|
||||
@ -1127,6 +1127,9 @@ class CliClient final : public Actor {
|
||||
string passport_data_type;
|
||||
std::tie(password, passport_data_type) = split(args);
|
||||
send_request(make_tl_object<td_api::getPassportData>(as_passport_data_type(passport_data_type), password));
|
||||
} else if (op == "gapd") {
|
||||
string password = args;
|
||||
send_request(make_tl_object<td_api::getAllPassportData>(password));
|
||||
} else if (op == "spd") {
|
||||
string password;
|
||||
string passport_data_type;
|
||||
|
||||
Reference in New Issue
Block a user