From cbcf99c12ea492f18699e0d64a49895e7d181bd0 Mon Sep 17 00:00:00 2001
From: paw <paw-hub@users.noreply.github.com>
Date: Fri, 9 Aug 2024 11:52:38 +0200
Subject: [PATCH] Change ipc schema to not pass argon2id parameters

The SDK does not support custom parameters, not that it matters because
they will always be the same.

Also, SDK takes string for passphrase, so we can avoid doing conversion
by just passing the passphrase as a string.
---
 .../generated_ipc/NativeCryptoFacade.kt       |  8 ++------
 .../NativeCryptoFacadeReceiveDispatcher.kt    | 16 ++++-----------
 .../GeneratedIpc/NativeCryptoFacade.swift     | 10 +++-------
 .../NativeCryptoFacadeReceiveDispatcher.swift | 18 +++++------------
 ipc-schema/facades/NativeCryptoFacade.json    | 16 ++-------------
 .../api/worker/facades/Argon2idFacade.ts      | 20 ++-----------------
 .../desktop/DesktopNativeCryptoFacade.ts      | 11 ++--------
 .../common/generatedipc/NativeCryptoFacade.ts |  2 +-
 .../NativeCryptoFacadeReceiveDispatcher.ts    | 10 +++-------
 .../NativeCryptoFacadeSendDispatcher.ts       |  4 ++--
 10 files changed, 26 insertions(+), 89 deletions(-)

diff --git a/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacade.kt b/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacade.kt
index af516d9cebe4..7bc4d0d5a817 100644
--- a/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacade.kt
+++ b/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacade.kt
@@ -31,13 +31,9 @@ interface NativeCryptoFacade {
 		key: DataWrapper,
 		fileUri: String,
 	): String
-	suspend fun argon2idHashRaw(
-		password: DataWrapper,
+	suspend fun argon2idGeneratePassphraseKey(
+		passphrase: String,
 		salt: DataWrapper,
-		timeCost: Int,
-		memoryCost: Int,
-		parallelism: Int,
-		hashLength: Int,
 	): DataWrapper
 	suspend fun generateKyberKeypair(
 		seed: DataWrapper,
diff --git a/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacadeReceiveDispatcher.kt b/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacadeReceiveDispatcher.kt
index b051ff525ecd..de7e25e663d6 100644
--- a/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacadeReceiveDispatcher.kt
+++ b/app-android/app/src/main/java/de/tutao/tutanota/generated_ipc/NativeCryptoFacadeReceiveDispatcher.kt
@@ -54,20 +54,12 @@ class NativeCryptoFacadeReceiveDispatcher(
 				)
 				return json.encodeToString(result)
 			}
-			"argon2idHashRaw" -> {
-				val password: DataWrapper = json.decodeFromString(arg[0])
+			"argon2idGeneratePassphraseKey" -> {
+				val passphrase: String = json.decodeFromString(arg[0])
 				val salt: DataWrapper = json.decodeFromString(arg[1])
-				val timeCost: Int = json.decodeFromString(arg[2])
-				val memoryCost: Int = json.decodeFromString(arg[3])
-				val parallelism: Int = json.decodeFromString(arg[4])
-				val hashLength: Int = json.decodeFromString(arg[5])
-				val result: DataWrapper = this.facade.argon2idHashRaw(
-					password,
+				val result: DataWrapper = this.facade.argon2idGeneratePassphraseKey(
+					passphrase,
 					salt,
-					timeCost,
-					memoryCost,
-					parallelism,
-					hashLength,
 				)
 				return json.encodeToString(result)
 			}
diff --git a/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacade.swift b/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacade.swift
index f645056ed98a..33f64f93e024 100644
--- a/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacade.swift
+++ b/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacade.swift
@@ -28,13 +28,9 @@ public protocol NativeCryptoFacade {
 		_ key: DataWrapper,
 		_ fileUri: String
 	) async throws -> String
-	func argon2idHashRaw(
-		_ password: DataWrapper,
-		_ salt: DataWrapper,
-		_ timeCost: Int,
-		_ memoryCost: Int,
-		_ parallelism: Int,
-		_ hashLength: Int
+	func argon2idGeneratePassphraseKey(
+		_ passphrase: String,
+		_ salt: DataWrapper
 	) async throws -> DataWrapper
 	func generateKyberKeypair(
 		_ seed: DataWrapper
diff --git a/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacadeReceiveDispatcher.swift b/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacadeReceiveDispatcher.swift
index 8d956e01b563..4f2c1909d3fc 100644
--- a/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacadeReceiveDispatcher.swift
+++ b/app-ios/TutanotaSharedFramework/GeneratedIpc/NativeCryptoFacadeReceiveDispatcher.swift
@@ -46,20 +46,12 @@ public class NativeCryptoFacadeReceiveDispatcher {
 				fileUri
 			)
 			return toJson(result)
-		case "argon2idHashRaw":
-			let password = try! JSONDecoder().decode(DataWrapper.self, from: arg[0].data(using: .utf8)!)
+		case "argon2idGeneratePassphraseKey":
+			let passphrase = try! JSONDecoder().decode(String.self, from: arg[0].data(using: .utf8)!)
 			let salt = try! JSONDecoder().decode(DataWrapper.self, from: arg[1].data(using: .utf8)!)
-			let timeCost = try! JSONDecoder().decode(Int.self, from: arg[2].data(using: .utf8)!)
-			let memoryCost = try! JSONDecoder().decode(Int.self, from: arg[3].data(using: .utf8)!)
-			let parallelism = try! JSONDecoder().decode(Int.self, from: arg[4].data(using: .utf8)!)
-			let hashLength = try! JSONDecoder().decode(Int.self, from: arg[5].data(using: .utf8)!)
-			let result = try await self.facade.argon2idHashRaw(
-				password,
-				salt,
-				timeCost,
-				memoryCost,
-				parallelism,
-				hashLength
+			let result = try await self.facade.argon2idGeneratePassphraseKey(
+				passphrase,
+				salt
 			)
 			return toJson(result)
 		case "generateKyberKeypair":
diff --git a/ipc-schema/facades/NativeCryptoFacade.json b/ipc-schema/facades/NativeCryptoFacade.json
index 22d9f68202db..064e5ce65c0c 100644
--- a/ipc-schema/facades/NativeCryptoFacade.json
+++ b/ipc-schema/facades/NativeCryptoFacade.json
@@ -56,25 +56,13 @@
 			],
 			"ret": "string"
 		},
-		"argon2idHashRaw": {
+		"argon2idGeneratePassphraseKey": {
 			"arg": [
 				{
-					"password": "bytes"
+					"passphrase": "string"
 				},
 				{
 					"salt": "bytes"
-				},
-				{
-					"timeCost": "number"
-				},
-				{
-					"memoryCost": "number"
-				},
-				{
-					"parallelism": "number"
-				},
-				{
-					"hashLength": "number"
 				}
 			],
 			"ret": "bytes"
diff --git a/src/common/api/worker/facades/Argon2idFacade.ts b/src/common/api/worker/facades/Argon2idFacade.ts
index b70b9796e481..b7838dd50c31 100644
--- a/src/common/api/worker/facades/Argon2idFacade.ts
+++ b/src/common/api/worker/facades/Argon2idFacade.ts
@@ -1,13 +1,4 @@
-import {
-	Aes256Key,
-	ARGON2ID_ITERATIONS,
-	ARGON2ID_KEY_LENGTH,
-	ARGON2ID_MEMORY_IN_KiB,
-	ARGON2ID_PARALLELISM,
-	Argon2IDExports,
-	generateKeyFromPassphraseArgon2id,
-	uint8ArrayToBitArray,
-} from "@tutao/tutanota-crypto"
+import { Aes256Key, Argon2IDExports, generateKeyFromPassphraseArgon2id, uint8ArrayToBitArray } from "@tutao/tutanota-crypto"
 import { LazyLoaded, stringToUtf8Uint8Array } from "@tutao/tutanota-utils"
 import { NativeCryptoFacade } from "../../../native/common/generatedipc/NativeCryptoFacade.js"
 import { assertWorkerOrNode } from "../../common/Env.js"
@@ -49,14 +40,7 @@ export class NativeArgon2idFacade implements Argon2idFacade {
 	constructor(private readonly nativeCryptoFacade: NativeCryptoFacade) {}
 
 	async generateKeyFromPassphrase(passphrase: string, salt: Uint8Array): Promise<Aes256Key> {
-		const hash = await this.nativeCryptoFacade.argon2idHashRaw(
-			stringToUtf8Uint8Array(passphrase),
-			salt,
-			ARGON2ID_ITERATIONS,
-			ARGON2ID_MEMORY_IN_KiB,
-			ARGON2ID_PARALLELISM,
-			ARGON2ID_KEY_LENGTH,
-		)
+		const hash = await this.nativeCryptoFacade.argon2idGeneratePassphraseKey(passphrase, salt)
 		return uint8ArrayToBitArray(hash)
 	}
 }
diff --git a/src/common/desktop/DesktopNativeCryptoFacade.ts b/src/common/desktop/DesktopNativeCryptoFacade.ts
index 9cc2ee3af7fb..91c2f6aceacc 100644
--- a/src/common/desktop/DesktopNativeCryptoFacade.ts
+++ b/src/common/desktop/DesktopNativeCryptoFacade.ts
@@ -124,15 +124,8 @@ export class DesktopNativeCryptoFacade implements NativeCryptoFacade {
 		throw new Error("not implemented for this platform")
 	}
 
-	async argon2idHashRaw(
-		password: Uint8Array,
-		salt: Uint8Array,
-		timeCost: number,
-		memoryCost: number,
-		parallelism: number,
-		hashLength: number,
-	): Promise<Uint8Array> {
-		const hash = await generateKeyFromPassphraseArgon2id(await this.argon2, utf8Uint8ArrayToString(password), salt)
+	async argon2idGeneratePassphraseKey(passphrase: string, salt: Uint8Array): Promise<Uint8Array> {
+		const hash = await generateKeyFromPassphraseArgon2id(await this.argon2, passphrase, salt)
 		return bitArrayToUint8Array(hash)
 	}
 
diff --git a/src/common/native/common/generatedipc/NativeCryptoFacade.ts b/src/common/native/common/generatedipc/NativeCryptoFacade.ts
index 5e43341acff5..5c5001731ff9 100644
--- a/src/common/native/common/generatedipc/NativeCryptoFacade.ts
+++ b/src/common/native/common/generatedipc/NativeCryptoFacade.ts
@@ -22,7 +22,7 @@ export interface NativeCryptoFacade {
 	 */
 	aesDecryptFile(key: Uint8Array, fileUri: string): Promise<string>
 
-	argon2idHashRaw(password: Uint8Array, salt: Uint8Array, timeCost: number, memoryCost: number, parallelism: number, hashLength: number): Promise<Uint8Array>
+	argon2idGeneratePassphraseKey(passphrase: string, salt: Uint8Array): Promise<Uint8Array>
 
 	generateKyberKeypair(seed: Uint8Array): Promise<KyberKeyPair>
 
diff --git a/src/common/native/common/generatedipc/NativeCryptoFacadeReceiveDispatcher.ts b/src/common/native/common/generatedipc/NativeCryptoFacadeReceiveDispatcher.ts
index 76699fe0859b..012542e538f3 100644
--- a/src/common/native/common/generatedipc/NativeCryptoFacadeReceiveDispatcher.ts
+++ b/src/common/native/common/generatedipc/NativeCryptoFacadeReceiveDispatcher.ts
@@ -32,14 +32,10 @@ export class NativeCryptoFacadeReceiveDispatcher {
 				const fileUri: string = arg[1]
 				return this.facade.aesDecryptFile(key, fileUri)
 			}
-			case "argon2idHashRaw": {
-				const password: Uint8Array = arg[0]
+			case "argon2idGeneratePassphraseKey": {
+				const passphrase: string = arg[0]
 				const salt: Uint8Array = arg[1]
-				const timeCost: number = arg[2]
-				const memoryCost: number = arg[3]
-				const parallelism: number = arg[4]
-				const hashLength: number = arg[5]
-				return this.facade.argon2idHashRaw(password, salt, timeCost, memoryCost, parallelism, hashLength)
+				return this.facade.argon2idGeneratePassphraseKey(passphrase, salt)
 			}
 			case "generateKyberKeypair": {
 				const seed: Uint8Array = arg[0]
diff --git a/src/common/native/common/generatedipc/NativeCryptoFacadeSendDispatcher.ts b/src/common/native/common/generatedipc/NativeCryptoFacadeSendDispatcher.ts
index d693bd233c43..09008ea40aed 100644
--- a/src/common/native/common/generatedipc/NativeCryptoFacadeSendDispatcher.ts
+++ b/src/common/native/common/generatedipc/NativeCryptoFacadeSendDispatcher.ts
@@ -19,8 +19,8 @@ export class NativeCryptoFacadeSendDispatcher implements NativeCryptoFacade {
 	async aesDecryptFile(...args: Parameters<NativeCryptoFacade["aesDecryptFile"]>) {
 		return this.transport.invokeNative("ipc", ["NativeCryptoFacade", "aesDecryptFile", ...args])
 	}
-	async argon2idHashRaw(...args: Parameters<NativeCryptoFacade["argon2idHashRaw"]>) {
-		return this.transport.invokeNative("ipc", ["NativeCryptoFacade", "argon2idHashRaw", ...args])
+	async argon2idGeneratePassphraseKey(...args: Parameters<NativeCryptoFacade["argon2idGeneratePassphraseKey"]>) {
+		return this.transport.invokeNative("ipc", ["NativeCryptoFacade", "argon2idGeneratePassphraseKey", ...args])
 	}
 	async generateKyberKeypair(...args: Parameters<NativeCryptoFacade["generateKyberKeypair"]>) {
 		return this.transport.invokeNative("ipc", ["NativeCryptoFacade", "generateKyberKeypair", ...args])