keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4e8859250e'
${ noResults }
session-ios/SessionMessagingKit/Database/Models/BlindedIdLookup.swift

183 lines
7.1 KiB
Swift
Raw Blame History Unescape Escape

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

// Copyright © 2022 Rangeproof Pty Ltd. All rights reserved.
import Foundation
import GRDB
import SessionUtilitiesKit
/// This lookup is created when the user interacts with a blinded id
public struct BlindedIdLookup: Codable, Identifiable, FetchableRecord, PersistableRecord, TableRecord, ColumnExpressible {
public static var databaseTableName: String { "blindedIdLookup" }
public typealias Columns = CodingKeys
public enum CodingKeys: String, CodingKey, ColumnExpression {
case blindedId
case sessionId
case openGroupServer
case openGroupPublicKey
}
public var id: String { blindedId }
/// The blinded id for the user on this open group server
public let blindedId: String
/// The standard sessionId which can be used to generate this blindedId on this open group server
///
/// **Note:** This value will be null if the user owning the blinded id hasnt accepted the message request
public let sessionId: String?
/// The server for the Open Group server this blinded id belongs to
public let openGroupServer: String
/// The public key for the Open Group server this blinded id belongs to
public let openGroupPublicKey: String
// MARK: - Initialization
public init(
blindedId: String,
sessionId: String? = nil,
openGroupServer: String,
openGroupPublicKey: String
) {
self.blindedId = blindedId
self.sessionId = sessionId
self.openGroupServer = openGroupServer
self.openGroupPublicKey = openGroupPublicKey
}
}
// MARK: - Mutation
public extension BlindedIdLookup {
func with(sessionId: String) -> BlindedIdLookup {
return BlindedIdLookup(
blindedId: self.blindedId,
sessionId: sessionId,
openGroupServer: self.openGroupServer,
openGroupPublicKey: self.openGroupPublicKey
)
}
}
// MARK: - GRDB Interactions
public extension BlindedIdLookup {
/// Unfortunately the whole point of id-blinding is to make it hard to reverse-engineer a standard sessionId, as a result in order
/// to see if there is an unblinded contact for this blindedId we can only really generate blinded ids for each contact and check
/// if any match
///
/// If we can't find a match this method will still store a lookup, just with no standard sessionId value (this gives us a method to
/// link back to the open group the blindedId originated from)
static func fetchOrCreate(
_ db: Database,
blindedId: String,
sessionId: String? = nil,
openGroupServer: String,
openGroupPublicKey: String,
isCheckingForOutbox: Bool,
using dependencies: Dependencies = Dependencies()
) throws -> BlindedIdLookup {
var lookup: BlindedIdLookup = (try? BlindedIdLookup
.fetchOne(db, id: blindedId))
.defaulting(
to: BlindedIdLookup(
blindedId: blindedId,
openGroupServer: openGroupServer.lowercased(),
openGroupPublicKey: openGroupPublicKey
)
)
// If the lookup already has a resolved sessionId then just return it immediately
guard lookup.sessionId == nil else { return lookup }
// If we we given a sessionId then validate it is correct and if so save it
if
let sessionId: String = sessionId,
dependencies.crypto.verify(
.sessionId(
sessionId,
matchesBlindedId: blindedId,
serverPublicKey: openGroupPublicKey
)
)
{
lookup = try lookup
.with(sessionId: sessionId)
.saved(db)
return lookup
}
// We now need to try to match the blinded id to an existing contact, this can only be done by looping
// through all approved contacts and generating a blinded id for the provided open group for each to
// see if it matches the provided blindedId
let contactsThatApprovedMeCursor: RecordCursor<Contact> = try Contact
.filter(Contact.Columns.didApproveMe == true)
.fetchCursor(db)
while let contact: Contact = try contactsThatApprovedMeCursor.next() {
guard
dependencies.crypto.verify(
.sessionId(
contact.id,
matchesBlindedId: blindedId,
serverPublicKey: openGroupPublicKey
)
)
else { continue }
// We found a match so update the lookup and leave the loop
lookup = try lookup
.with(sessionId: contact.id)
.saved(db)
// There is an edge-case where the contact might not have their 'isApproved' flag set to true
// but if we have a `BlindedIdLookup` for them and are performing the lookup from the outbox
// then that means we sent them a message request and the 'isApproved' flag should be true
if isCheckingForOutbox && !contact.isApproved {
try Contact
.filter(id: contact.id)
.updateAllAndConfig(db, Contact.Columns.isApproved.set(to: true))
}
break
}
// Finish if we have a result
guard lookup.sessionId == nil else { return lookup }
// Lastly loop through existing id lookups (in case the user is looking at a different SOGS but once had
// a thread with this contact in a different SOGS and had cached the lookup) - we really should never hit
// this case since the contact approval status is sync'ed (the only situation I can think of is a config
// message hasn't been handled correctly?)
let blindedIdLookupCursor: RecordCursor<BlindedIdLookup> = try BlindedIdLookup
.filter(BlindedIdLookup.Columns.sessionId != nil)
.filter(BlindedIdLookup.Columns.openGroupServer != openGroupServer.lowercased())
.fetchCursor(db)
while let otherLookup: BlindedIdLookup = try blindedIdLookupCursor.next() {
guard
let sessionId: String = otherLookup.sessionId,
dependencies.crypto.verify(
.sessionId(
sessionId,
matchesBlindedId: blindedId,
serverPublicKey: openGroupPublicKey
)
)
else { continue }
// We found a match so update the lookup and leave the loop
lookup = try lookup
.with(sessionId: sessionId)
.saved(db)
break
}
// Want to save the lookup even if it doesn't have a sessionId so it can be used when handling
// MessageRequestResponse messages
return try lookup
.saved(db)
}
}
Reference in New Issue View Git Blame Copy Permalink