IOSAD-172 Check number of code points for passphrases IOSAD-172
authorDirk Zimmermann <dz@pep.security>
Sat, 27 Jun 2020 12:04:18 +0200
branchIOSAD-172
changeset 14957e83c9bcc0a2
parent 1494 bb73b3f4273c
child 1496 bcf11f44c719
IOSAD-172 Check number of code points for passphrases
pEpObjCAdapter/PEPInternalSession.m
     1.1 --- a/pEpObjCAdapter/PEPInternalSession.m	Sat Jun 27 11:53:04 2020 +0200
     1.2 +++ b/pEpObjCAdapter/PEPInternalSession.m	Sat Jun 27 12:04:18 2020 +0200
     1.3 @@ -27,6 +27,7 @@
     1.4  #import "PEPSync.h"
     1.5  #import "PEPSync_Internal.h" // for [PEPSync createSession:]
     1.6  #import "PEPInternalConstants.h"
     1.7 +#import "PEPPassphraseCache.h"
     1.8  
     1.9  #import "key_reset.h"
    1.10  
    1.11 @@ -1050,6 +1051,9 @@
    1.12      }
    1.13  }
    1.14  
    1.15 +/// The maximum number of code points allowed in a passphrase
    1.16 +static NSUInteger s_passPhraseMaxNumberOfCodePoints = 250;
    1.17 +
    1.18  - (BOOL)configurePassphrase:(NSString * _Nonnull)passphrase
    1.19                        error:(NSError * _Nullable * _Nullable)error
    1.20  {
    1.21 @@ -1057,6 +1061,17 @@
    1.22          *error = nil;
    1.23      }
    1.24  
    1.25 +    NSString *normalized = [passphrase precomposedStringWithCanonicalMapping];
    1.26 +
    1.27 +    if ([normalized length] > s_passPhraseMaxNumberOfCodePoints) {
    1.28 +        if (error) {
    1.29 +            *error = [NSError errorWithDomain:PEPObjCAdapterEngineStatusErrorDomain
    1.30 +                                         code:PEPAdapterErrorPassphraseTooLong
    1.31 +                                     userInfo:nil];
    1.32 +            return NO;
    1.33 +        }
    1.34 +    }
    1.35 +
    1.36      return YES;
    1.37  }
    1.38