external/secretive
1
0
Fork 0
mirror of https://github.com/maxgoedjen/secretive.git synced 2025-04-04 06:37:07 +00:00
Code Issues Projects Releases Wiki Activity

Switch to monotonic time.

Browse Source
This commit is contained in:
Max Goedjen 2021-11-07 14:29:53 -08:00
parent 23fede3def
commit 6db08bce4b
No known key found for this signature in database
GPG Key ID: E58C21DD77B9B8E8
1 changed files with 11 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
SecretKit/SecureEnclave/SecureEnclaveStore.swift
View File

@ -144,7 +144,7 @@ extension SecureEnclave {
newContext.localizedCancelTitle = "Deny"
newContext.localizedReason = "unlock secret \"\(secret.name)\""
newContext.evaluatePolicy(LAPolicy.deviceOwnerAuthenticationWithBiometricsOrWatch, localizedReason: newContext.localizedReason) { [weak self] success, _ in
let context = PersistentAuthenticationContext(secret: secret, context: newContext, expiration: Date(timeIntervalSinceNow: duration))
let context = PersistentAuthenticationContext(secret: secret, context: newContext, duration: duration)
self?.persistedAuthenticationContexts[secret] = context
}
}
@ -241,11 +241,18 @@ extension SecureEnclave {
let secret: Secret
let context: LAContext
// TODO: monotonic time instead of Date() to prevent people setting the clock back.
let expiration: Date
// Monotonic time instead of Date() to prevent people setting the clock back.
let expiration: UInt64
init(secret: Secret, context: LAContext, duration: TimeInterval) {
self.secret = secret
self.context = context
let durationInNanoSeconds = Measurement(value: duration, unit: UnitDuration.seconds).converted(to: UnitDuration.nanoseconds).value
self.expiration = clock_gettime_nsec_np(CLOCK_MONOTONIC) + UInt64(durationInNanoSeconds)
}
var valid: Bool {
Date() < expiration
clock_gettime_nsec_np(CLOCK_MONOTONIC) < expiration
}
}