diff --git a/td/telegram/SecureManager.cpp b/td/telegram/SecureManager.cpp index a897a2038..827ea361c 100644 --- a/td/telegram/SecureManager.cpp +++ b/td/telegram/SecureManager.cpp @@ -78,7 +78,7 @@ void GetSecureValue::loop() { } auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get(); - auto r_secure_value = decrypt_encrypted_secure_value(file_manager, *secret_, *encrypted_secure_value_); + auto r_secure_value = decrypt_secure_value(file_manager, *secret_, *encrypted_secure_value_); if (r_secure_value.is_error()) { return on_error(r_secure_value.move_as_error()); } @@ -144,7 +144,7 @@ void GetAllSecureValues::loop() { } auto *file_manager = G()->td().get_actor_unsafe()->file_manager_.get(); - auto r_secure_values = decrypt_encrypted_secure_values(file_manager, *secret_, *encrypted_secure_values_); + auto r_secure_values = decrypt_secure_values(file_manager, *secret_, *encrypted_secure_values_); if (r_secure_values.is_error()) { return on_error(r_secure_values.move_as_error()); } @@ -329,7 +329,7 @@ void SetSecureValue::on_result(NetQueryPtr query) { if (secure_value_.selfie.is_valid()) { merge(file_manager, secure_value_.selfie, encrypted_secure_value.selfie); } - auto r_secure_value = decrypt_encrypted_secure_value(file_manager, *secret_, encrypted_secure_value); + auto r_secure_value = decrypt_secure_value(file_manager, *secret_, encrypted_secure_value); if (r_secure_value.is_error()) { return on_error(r_secure_value.move_as_error()); } @@ -431,8 +431,8 @@ class GetPassportAuthorizationForm : public NetQueryCallback { continue; } - auto r_secure_value = decrypt_encrypted_secure_value( - file_manager, *secret_, get_encrypted_secure_value(file_manager, std::move(value))); + auto r_secure_value = + decrypt_secure_value(file_manager, *secret_, get_encrypted_secure_value(file_manager, std::move(value))); value = nullptr; if (r_secure_value.is_error()) { LOG(ERROR) << "Failed to decrypt secure value: " << r_secure_value.error(); diff --git a/td/telegram/SecureValue.cpp b/td/telegram/SecureValue.cpp index 769d5cae4..d0d0b58ea 100644 --- a/td/telegram/SecureValue.cpp +++ b/td/telegram/SecureValue.cpp @@ -247,7 +247,8 @@ string get_secure_value_data_field_name(SecureValueType type, string field_name) } bool operator==(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs) { - return lhs.file_id == rhs.file_id && lhs.file_hash == rhs.file_hash && lhs.encrypted_secret == rhs.encrypted_secret; + return lhs.file_id == rhs.file_id && lhs.date == rhs.date && lhs.file_hash == rhs.file_hash && + lhs.encrypted_secret == rhs.encrypted_secret; } bool operator!=(const EncryptedSecureFile &lhs, const EncryptedSecureFile &rhs) { @@ -271,6 +272,11 @@ EncryptedSecureFile get_encrypted_secure_file(FileManager *file_manager, result.file_id = file_manager->register_remote( FullRemoteFileLocation(FileType::Secure, secure_file->id_, secure_file->access_hash_, DcId::internal(dc_id)), FileLocationSource::FromServer, {}, 0, 0, ""); + result.date = secure_file->date_; + if (result.date < 0) { + LOG(ERROR) << "Receive wrong date " << result.date; + result.date = 0; + } result.encrypted_secret = secure_file->secret_.as_slice().str(); result.file_hash = secure_file->file_hash_.as_slice().str(); break; @@ -865,9 +871,9 @@ td_api::object_ptr get_all_passport_data_object(FileMan return td_api::make_object(std::move(result)); } -Result> decrypt_secure_file(FileManager *file_manager, - const secure_storage::Secret &master_secret, - const EncryptedSecureFile &secure_file) { +static Result> decrypt_secure_file(FileManager *file_manager, + const secure_storage::Secret &master_secret, + const EncryptedSecureFile &secure_file) { if (!secure_file.file_id.is_valid()) { return std::make_pair(FileId(), SecureFileCredentials()); } @@ -880,7 +886,7 @@ Result> decrypt_secure_file(FileManager return std::make_pair(secure_file.file_id, SecureFileCredentials{secret.as_slice().str(), hash.as_slice().str()}); } -Result, vector>> decrypt_secure_files( +static Result, vector>> decrypt_secure_files( FileManager *file_manager, const secure_storage::Secret &secret, const vector &secure_files) { vector res; vector credentials; @@ -894,8 +900,8 @@ Result, vector>> decrypt_secure_ return std::make_pair(std::move(res), std::move(credentials)); } -Result> decrypt_secure_data(const secure_storage::Secret &master_secret, - const EncryptedSecureData &secure_data) { +static Result> decrypt_secure_data(const secure_storage::Secret &master_secret, + const EncryptedSecureData &secure_data) { TRY_RESULT(hash, secure_storage::ValueHash::create(secure_data.hash)); TRY_RESULT(encrypted_secret, secure_storage::EncryptedSecret::create(secure_data.encrypted_secret)); TRY_RESULT(secret, encrypted_secret.decrypt(PSLICE() << master_secret.as_slice() << hash.as_slice())); @@ -903,9 +909,8 @@ Result> decrypt_secure_data(const secur return std::make_pair(value.as_slice().str(), SecureDataCredentials{secret.as_slice().str(), hash.as_slice().str()}); } -Result decrypt_encrypted_secure_value(FileManager *file_manager, - const secure_storage::Secret &secret, - const EncryptedSecureValue &encrypted_secure_value) { +Result decrypt_secure_value(FileManager *file_manager, const secure_storage::Secret &secret, + const EncryptedSecureValue &encrypted_secure_value) { SecureValue res; SecureValueCredentials res_credentials; res.type = encrypted_secure_value.type; @@ -936,13 +941,13 @@ Result decrypt_encrypted_secure_value(FileManager *f return SecureValueWithCredentials{std::move(res), std::move(res_credentials)}; } -Result> decrypt_encrypted_secure_values( +Result> decrypt_secure_values( FileManager *file_manager, const secure_storage::Secret &secret, const vector &encrypted_secure_values) { vector result; result.reserve(encrypted_secure_values.size()); for (auto &encrypted_secure_value : encrypted_secure_values) { - auto r_secure_value_with_credentials = decrypt_encrypted_secure_value(file_manager, secret, encrypted_secure_value); + auto r_secure_value_with_credentials = decrypt_secure_value(file_manager, secret, encrypted_secure_value); if (r_secure_value_with_credentials.is_ok()) { result.push_back(r_secure_value_with_credentials.move_as_ok()); } else { @@ -952,8 +957,8 @@ Result> decrypt_encrypted_secure_values( return std::move(result); } -EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, - FileId file, string &to_hash) { +static EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, + FileId file, string &to_hash) { auto file_view = file_manager->get_file_view(file); if (file_view.empty()) { return EncryptedSecureFile(); @@ -978,14 +983,15 @@ EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_ return res; } -vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, - vector files, string &to_hash) { +static vector encrypt_secure_files(FileManager *file_manager, + const secure_storage::Secret &master_secret, + vector files, string &to_hash) { return transform(files, [&](auto file_id) { return encrypt_secure_file(file_manager, master_secret, file_id, to_hash); }); } -EncryptedSecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash) { - namespace ss = secure_storage; +static EncryptedSecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, + string &to_hash) { auto secret = secure_storage::Secret::create_new(); auto encrypted = encrypt_value(secret, data).move_as_ok(); EncryptedSecureData res; diff --git a/td/telegram/SecureValue.h b/td/telegram/SecureValue.h index 199c6ea06..ece0a7062 100644 --- a/td/telegram/SecureValue.h +++ b/td/telegram/SecureValue.h @@ -57,6 +57,7 @@ string get_secure_value_data_field_name(SecureValueType type, string field_name) struct EncryptedSecureFile { FileId file_id; + int32 date = 0; string file_hash; string encrypted_secret; }; @@ -184,25 +185,12 @@ Result> get_passport_data_object(FileMa td_api::object_ptr get_all_passport_data_object(FileManager *file_manager, const vector &values); -Result> decrypt_secure_file(FileManager *file_manager, - const secure_storage::Secret &secret, - const EncryptedSecureFile &secure_file); -Result, vector>> decrypt_secure_files( - FileManager *file_manager, const secure_storage::Secret &secret, const vector &secure_file); -Result> decrypt_secure_data(const secure_storage::Secret &secret, - const EncryptedSecureData &secure_data); -Result decrypt_encrypted_secure_value(FileManager *file_manager, - const secure_storage::Secret &secret, - const EncryptedSecureValue &encrypted_secure_value); -Result> decrypt_encrypted_secure_values( +Result decrypt_secure_value(FileManager *file_manager, const secure_storage::Secret &secret, + const EncryptedSecureValue &encrypted_secure_value); +Result> decrypt_secure_values( FileManager *file_manager, const secure_storage::Secret &secret, const vector &encrypted_secure_values); -EncryptedSecureFile encrypt_secure_file(FileManager *file_manager, const secure_storage::Secret &master_secret, - FileId file, string &to_hash); -vector encrypt_secure_files(FileManager *file_manager, const secure_storage::Secret &master_secret, - vector files, string &to_hash); -EncryptedSecureData encrypt_secure_data(const secure_storage::Secret &master_secret, Slice data, string &to_hash); EncryptedSecureValue encrypt_secure_value(FileManager *file_manager, const secure_storage::Secret &master_secret, const SecureValue &secure_value); diff --git a/td/telegram/SecureValue.hpp b/td/telegram/SecureValue.hpp index d1105d4eb..fe61b038a 100644 --- a/td/telegram/SecureValue.hpp +++ b/td/telegram/SecureValue.hpp @@ -17,6 +17,7 @@ namespace td { template void store(EncryptedSecureFile file, StorerT &storer) { store(file.file_id, storer); + store(file.date, storer); store(file.file_hash, storer); store(file.encrypted_secret, storer); } @@ -24,6 +25,7 @@ void store(EncryptedSecureFile file, StorerT &storer) { template void parse(EncryptedSecureFile &file, ParserT &parser) { parse(file.file_id, parser); + parse(file.date, parser); parse(file.file_hash, parser); parse(file.encrypted_secret, parser); }