keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '921e2bced6'
${ noResults }
session-ios/SessionProtocolKit/Signal/Sessions/SessionBuilder.m

264 lines
10 KiB
Objective-C
Raw Blame History

//
// Copyright (c) 2018 Open Whisper Systems. All rights reserved.
//
#import "SessionBuilder.h"
#import "AliceAxolotlParameters.h"
#import "AxolotlExceptions.h"
#import "AxolotlParameters.h"
#import "AxolotlStore.h"
#import "BobAxolotlParameters.h"
#import "NSData+keyVersionByte.h"
#import "PreKeyWhisperMessage.h"
#import "PrekeyBundle.h"
#import "RatchetingSession.h"
#import "SessionState.h"
#import <Curve25519Kit/Curve25519.h>
#import <Curve25519Kit/Ed25519.h>
#import <SignalCoreKit/NSData+OWS.h>
#import <SignalCoreKit/SCKExceptionWrapper.h>
#import <SignalCoreKit/OWSAsserts.h>
NS_ASSUME_NONNULL_BEGIN
#define CURRENT_VERSION 3
#define MINUMUM_VERSION 3
const int kPreKeyOfLastResortId = 0xFFFFFF;
@interface SessionBuilder ()
@property (nonatomic, readonly)NSString* recipientId;
@property (nonatomic, readonly)int deviceId;
@property(nonatomic, readonly)id<SessionStore> sessionStore;
@property(nonatomic, readonly)id<PreKeyStore> prekeyStore ;
@property(nonatomic, readonly)id<SignedPreKeyStore> signedPreKeyStore;
@property(nonatomic, readonly)id<IdentityKeyStore> identityStore;
@end
@implementation SessionBuilder
- (instancetype)initWithAxolotlStore:(id<AxolotlStore>)sessionStore recipientId:(NSString*)recipientId deviceId:(int)deviceId{
OWSAssert(sessionStore);
OWSAssert(recipientId);
return [self initWithSessionStore:sessionStore
preKeyStore:sessionStore
signedPreKeyStore:sessionStore
identityKeyStore:sessionStore
recipientId:recipientId
deviceId:deviceId];
}
- (instancetype)initWithSessionStore:(id<SessionStore>)sessionStore
preKeyStore:(id<PreKeyStore>)preKeyStore
signedPreKeyStore:(id<SignedPreKeyStore>)signedPreKeyStore
identityKeyStore:(id<IdentityKeyStore>)identityKeyStore
recipientId:(NSString*)recipientId
deviceId:(int)deviceId{
OWSAssert(sessionStore);
OWSAssert(preKeyStore);
OWSAssert(signedPreKeyStore);
OWSAssert(identityKeyStore);
OWSAssert(recipientId);
self = [super init];
if (self) {
_sessionStore = sessionStore;
_prekeyStore = preKeyStore;
_signedPreKeyStore = signedPreKeyStore;
_identityStore = identityKeyStore;
_recipientId = recipientId;
_deviceId = deviceId;
}
return self;
}
- (BOOL)processPrekeyBundle:(PreKeyBundle *)preKeyBundle
protocolContext:(nullable id)protocolContext
error:(NSError **)outError
{
return [SCKExceptionWrapper
tryBlock:^{
[self throws_processPrekeyBundle:preKeyBundle protocolContext:protocolContext];
}
error:outError];
}
- (void)throws_processPrekeyBundle:(PreKeyBundle *)preKeyBundle protocolContext:(nullable id)protocolContext
{
OWSAssert(preKeyBundle);
NSData *theirIdentityKey = preKeyBundle.identityKey.throws_removeKeyType;
NSData *theirSignedPreKey = preKeyBundle.signedPreKeyPublic.throws_removeKeyType;
if (![self.identityStore isTrustedIdentityKey:theirIdentityKey
recipientId:self.recipientId
direction:TSMessageDirectionOutgoing
protocolContext:protocolContext]) {
@throw [NSException exceptionWithName:UntrustedIdentityKeyException reason:@"Identity key is not valid" userInfo:@{}];
}
// NOTE: we use preKeyBundle.signedPreKeyPublic which has the key type byte.
if (![Ed25519 throws_verifySignature:preKeyBundle.signedPreKeySignature
publicKey:theirIdentityKey
data:preKeyBundle.signedPreKeyPublic]) {
@throw [NSException exceptionWithName:InvalidKeyException reason:@"KeyIsNotValidlySigned" userInfo:nil];
}
SessionRecord *sessionRecord =
[self.sessionStore loadSession:self.recipientId deviceId:preKeyBundle.deviceId protocolContext:protocolContext];
ECKeyPair *ourBaseKey = [Curve25519 generateKeyPair];
NSData *theirOneTimePreKey = preKeyBundle.preKeyPublic.throws_removeKeyType;
int theirOneTimePreKeyId = preKeyBundle.preKeyId;
int theirSignedPreKeyId = preKeyBundle.signedPreKeyId;
AliceAxolotlParameters *params =
[[AliceAxolotlParameters alloc] initWithIdentityKey:[self.identityStore identityKeyPair:protocolContext]
theirIdentityKey:theirIdentityKey
ourBaseKey:ourBaseKey
theirSignedPreKey:theirSignedPreKey
theirOneTimePreKey:theirOneTimePreKey
theirRatchetKey:theirSignedPreKey];
if (!sessionRecord.isFresh) {
[sessionRecord archiveCurrentState];
}
[RatchetingSession throws_initializeSession:[sessionRecord sessionState]
sessionVersion:CURRENT_VERSION
AliceParameters:params];
DDLogInfo(@"setUnacknowledgedPreKeyMessage for: %@ with preKeyId: %d", self.recipientId, theirOneTimePreKeyId);
[sessionRecord.sessionState setUnacknowledgedPreKeyMessage:theirOneTimePreKeyId signedPreKey:theirSignedPreKeyId baseKey:ourBaseKey.publicKey];
[sessionRecord.sessionState setLocalRegistrationId:[self.identityStore localRegistrationId:protocolContext]];
[sessionRecord.sessionState setRemoteRegistrationId:preKeyBundle.registrationId];
[sessionRecord.sessionState setAliceBaseKey:ourBaseKey.publicKey];
// Saving invalidates any existing sessions, so be sure to save *before* storing the new session.
BOOL previousIdentityExisted = [self.identityStore saveRemoteIdentity:theirIdentityKey
recipientId:self.recipientId
protocolContext:protocolContext];
if (previousIdentityExisted) {
DDLogInfo(@"%@ PKBundle removing previous session states for changed identity for recipient:%@",
self.tag,
self.recipientId);
[sessionRecord removePreviousSessionStates];
}
[self.sessionStore storeSession:self.recipientId
deviceId:self.deviceId
session:sessionRecord
protocolContext:protocolContext];
}
- (int)throws_processPrekeyWhisperMessage:(PreKeyWhisperMessage *)message
withSession:(SessionRecord *)sessionRecord
protocolContext:(nullable id)protocolContext
{
OWSAssert(message);
OWSAssert(sessionRecord);
int messageVersion = message.version;
NSData *theirIdentityKey = message.identityKey.throws_removeKeyType;
if (![self.identityStore isTrustedIdentityKey:theirIdentityKey
recipientId:self.recipientId
direction:TSMessageDirectionIncoming
protocolContext:protocolContext]) {
@throw [NSException exceptionWithName:UntrustedIdentityKeyException reason:@"There is a previously known identity key." userInfo:@{}];
}
int unSignedPrekeyId = -1;
switch (messageVersion) {
case 3:
unSignedPrekeyId =
[self throws_processPrekeyV3:message withSession:sessionRecord protocolContext:protocolContext];
break;
default:
@throw [NSException exceptionWithName:InvalidVersionException reason:@"Trying to initialize with unknown version" userInfo:@{}];
break;
}
[self.identityStore saveRemoteIdentity:theirIdentityKey
recipientId:self.recipientId
protocolContext:protocolContext];
return unSignedPrekeyId;
}
- (int)throws_processPrekeyV3:(PreKeyWhisperMessage *)message
withSession:(SessionRecord *)sessionRecord
protocolContext:(nullable id)protocolContext
{
OWSAssert(message);
OWSAssert(sessionRecord);
NSData *baseKey = message.baseKey.throws_removeKeyType;
if ([sessionRecord hasSessionState:message.version baseKey:baseKey]) {
return -1;
}
ECKeyPair *ourSignedPrekey = [self.signedPreKeyStore throws_loadSignedPrekey:message.signedPrekeyId].keyPair;
ECKeyPair *_Nullable ourOneTimePreKey;
if (message.prekeyID >= 0) {
ourOneTimePreKey = [self.prekeyStore throws_loadPreKey:message.prekeyID].keyPair;
} else {
DDLogWarn(@"%@ Processing PreKey message which had no one-time prekey.", self.tag);
}
BobAxolotlParameters *params =
[[BobAxolotlParameters alloc] initWithMyIdentityKeyPair:[self.identityStore identityKeyPair:protocolContext]
theirIdentityKey:message.identityKey.throws_removeKeyType
ourSignedPrekey:ourSignedPrekey
ourRatchetKey:ourSignedPrekey
ourOneTimePrekey:ourOneTimePreKey
theirBaseKey:baseKey];
if (!sessionRecord.isFresh) {
[sessionRecord archiveCurrentState];
}
[RatchetingSession throws_initializeSession:sessionRecord.sessionState
sessionVersion:message.version
BobParameters:params];
[sessionRecord.sessionState setLocalRegistrationId:[self.identityStore localRegistrationId:protocolContext]];
[sessionRecord.sessionState setRemoteRegistrationId:message.registrationId];
[sessionRecord.sessionState setAliceBaseKey:baseKey];
// If we used a prekey and it wasn't the prekey of last resort
if (message.prekeyID >= 0 && message.prekeyID != kPreKeyOfLastResortId) {
return message.prekeyID;
} else {
return -1;
}
}
#pragma mark - Logging
+ (NSString *)tag
{
return [NSString stringWithFormat:@"[%@]", self.class];
}
- (NSString *)tag
{
return self.class.tag;
}
@end
NS_ASSUME_NONNULL_END
Reference in New Issue View Git Blame Copy Permalink