keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'f6c0625c2c'
${ noResults }
session-ios/Signal/src/network/rtp/zrtp/MasterSecret.m

166 lines
7.4 KiB
Objective-C
Raw Blame History

#import "MasterSecret.h"
#import "ShortAuthenticationStringGenerator.h"
#define INITIATOR_SRTP_KEY_LABEL @"Initiator SRTP master key"
#define RESPONDER_SRTP_KEY_LABEL @"Responder SRTP master key"
#define INITIATOR_SRTP_SALT_LABEL @"Initiator SRTP master salt"
#define RESPONDER_SRTP_SALT_LABEL @"Responder SRTP master salt"
#define INITIATOR_MAC_KEY_LABEL @"Initiator HMAC key"
#define RESPONDER_MAC_KEY_LABEL @"Responder HMAC key"
#define INITIATOR_ZRTP_KEY_LABEL @"Initiator ZRTP key"
#define RESPONDER_ZRTP_KEY_LABEL @"Responder ZRTP key"
#define SAS_LABEL @"SAS"
#define INITIATOR_SRTP_KEY_LENGTH 16
#define RESPONDER_SRTP_KEY_LENGTH 16
#define INITIATOR_SRTP_SALT_LENGTH 14
#define RESPONDER_SRTP_SALT_LENGTH 14
#define INITIATOR_MAC_KEY_LENGTH 20
#define RESPONDER_MAC_KEY_LENGTH 20
#define INITIATOR_ZRTP_KEY_LENGTH 16
#define RESPONDER_ZRTP_KEY_LENGTH 16
#define SAS_LENGTH 4
@implementation MasterSecret
@synthesize initiatorMacKey, initiatorSrtpSalt, initiatorZrtpKey, initiatorSrtpKey, initiatorZid,
responderMacKey, responderSrtpSalt, responderZrtpKey, responderSrtpKey, responderZid,
shortAuthenticationStringData, sharedSecret, totalHash, counter;
+(MasterSecret*) masterSecretFromDhResult:(NSData*)dhResult
andInitiatorHello:(HelloPacket*)initiatorHello
andResponderHello:(HelloPacket*)responderHello
andCommit:(CommitPacket*)commit
andDhPart1:(DhPacket*)dhPart1
andDhPart2:(DhPacket*)dhPart2 {
require(dhResult != nil);
require(initiatorHello != nil);
require(responderHello != nil);
require(commit != nil);
require(dhPart1 != nil);
require(dhPart2 != nil);
NSData* totalHash = [self calculateTotalHashFromResponderHello:responderHello
andCommit:commit
andDhPart1:dhPart1
andDhPart2:dhPart2];
NSData* sharedSecret = [self calculateSharedSecretFromDhResult:dhResult
andTotalHash:totalHash
andInitiatorZid:[initiatorHello zid]
andResponderZid:[responderHello zid]];
return [MasterSecret masterSecretFromSharedSecret:sharedSecret
andTotalHash:totalHash
andInitiatorZid:[initiatorHello zid]
andResponderZid:[responderHello zid]];
}
+(NSData*) calculateSharedSecretFromDhResult:(NSData*)dhResult
andTotalHash:(NSData*)totalHash
andInitiatorZid:(Zid*)initiatorZid
andResponderZid:(Zid*)responderZid {
require(dhResult != nil);
require(totalHash != nil);
require(initiatorZid != nil);
require(responderZid != nil);
NSData* counter = [NSData dataWithBigEndianBytesOfUInt32:1];
NSData* s1Length = [NSData dataWithBigEndianBytesOfUInt32:0];
NSData* s2Length = [NSData dataWithBigEndianBytesOfUInt32:0];
NSData* s3Length = [NSData dataWithBigEndianBytesOfUInt32:0];
NSData* data = [@[
counter,
dhResult,
@"ZRTP-HMAC-KDF".encodedAsUtf8,
initiatorZid.getData,
responderZid.getData,
totalHash,
s1Length,
s2Length,
s3Length
] ows_concatDatas];
return [data hashWithSha256];
}
+(NSData*) calculateTotalHashFromResponderHello:(HelloPacket*)responderHello
andCommit:(CommitPacket*)commit
andDhPart1:(DhPacket*)dhPart1
andDhPart2:(DhPacket*)dhPart2 {
require(responderHello != nil);
require(commit != nil);
require(dhPart1 != nil);
require(dhPart2 != nil);
NSData* data = [@[
[[responderHello embeddedIntoHandshakePacket] dataUsedForAuthentication],
[[commit embeddedIntoHandshakePacket] dataUsedForAuthentication],
[[dhPart1 embeddedIntoHandshakePacket] dataUsedForAuthentication],
[[dhPart2 embeddedIntoHandshakePacket] dataUsedForAuthentication]
] ows_concatDatas];
return [data hashWithSha256];
}
+(MasterSecret*) masterSecretFromSharedSecret:(NSData*)sharedSecret
andTotalHash:(NSData*)totalHash
andInitiatorZid:(Zid*)initiatorZid
andResponderZid:(Zid*)responderZid {
require(sharedSecret != nil);
require(totalHash != nil);
require(initiatorZid != nil);
require(responderZid != nil);
MasterSecret* s = [MasterSecret new];
s->initiatorZid = initiatorZid;
s->responderZid = responderZid;
s->totalHash = totalHash;
s->sharedSecret = sharedSecret;
s->counter = [NSData dataWithBigEndianBytesOfUInt32:1];
s->initiatorSrtpKey = [s deriveKeyWithLabel:INITIATOR_SRTP_KEY_LABEL andTruncatedLength:INITIATOR_SRTP_KEY_LENGTH];
s->responderSrtpKey = [s deriveKeyWithLabel:RESPONDER_SRTP_KEY_LABEL andTruncatedLength:RESPONDER_SRTP_KEY_LENGTH];
s->initiatorSrtpSalt = [s deriveKeyWithLabel:INITIATOR_SRTP_SALT_LABEL andTruncatedLength:INITIATOR_SRTP_SALT_LENGTH];
s->responderSrtpSalt = [s deriveKeyWithLabel:RESPONDER_SRTP_SALT_LABEL andTruncatedLength:RESPONDER_SRTP_SALT_LENGTH];
s->initiatorMacKey = [s deriveKeyWithLabel:INITIATOR_MAC_KEY_LABEL andTruncatedLength:INITIATOR_MAC_KEY_LENGTH];
s->responderMacKey = [s deriveKeyWithLabel:RESPONDER_MAC_KEY_LABEL andTruncatedLength:RESPONDER_MAC_KEY_LENGTH];
s->initiatorZrtpKey = [s deriveKeyWithLabel:INITIATOR_ZRTP_KEY_LABEL andTruncatedLength:INITIATOR_ZRTP_KEY_LENGTH];
s->responderZrtpKey = [s deriveKeyWithLabel:RESPONDER_ZRTP_KEY_LABEL andTruncatedLength:RESPONDER_ZRTP_KEY_LENGTH];
s->shortAuthenticationStringData = [s deriveKeyWithLabel:SAS_LABEL andTruncatedLength:SAS_LENGTH];
return s;
}
-(NSData*) deriveKeyWithLabel:(NSString*)label andTruncatedLength:(uint16_t)truncatedLength {
NSData* input = @[
counter,
label.encodedAsUtf8,
[@[@0] ows_toUint8Data],
initiatorZid.getData,
responderZid.getData,
totalHash,
[NSData dataWithBigEndianBytesOfUInt32:truncatedLength]
].ows_concatDatas;
NSData* digest = [input hmacWithSha256WithKey:sharedSecret];
return [digest take:truncatedLength];
}
-(NSString*) shortAuthenticationString {
return [ShortAuthenticationStringGenerator generateFromData:shortAuthenticationStringData];
}
@end
Reference in New Issue View Git Blame Copy Permalink