keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'charlesmchen/signalingKey'

Browse Source
pull/1/head
Matthew Chen 7 years ago
parent b29f55b99c 951f0dab22
commit befe37a8d8
5 changed files with 25 additions and 32 deletions
Show Stats Download Patch File Download Diff File

9
Signal/src/AppDelegate.m
Unescape Escape View File

@ -1215,6 +1215,15 @@ static NSTimeInterval launchStartedAt;
[self.udManager setup]; [self.udManager setup];
[self preheatDatabaseViews]; [self preheatDatabaseViews];
// Try to update account attributes every time we upgrade.
if ([self.tsAccountManager isRegistered]) {
AppVersion *appVersion = AppVersion.sharedInstance;
if (appVersion.lastAppVersion.length > 0
&& ![appVersion.lastAppVersion isEqualToString:appVersion.currentAppVersion]) {
[[self.tsAccountManager updateAccountAttributes] retainUntilComplete];
}
}
} }
- (void)preheatDatabaseViews - (void)preheatDatabaseViews

19
SignalServiceKit/src/Account/TSAccountManager.m
Unescape Escape View File

@ -379,17 +379,14 @@ NSString *const TSAccountManager_NeedsAccountAttributesUpdateKey = @"TSAccountMa
failure:(void (^)(NSError *error))failureBlock failure:(void (^)(NSError *error))failureBlock
{ {
NSString *authToken = [[self class] generateNewAccountAuthenticationToken]; NSString *authToken = [[self class] generateNewAccountAuthenticationToken];
NSString *signalingKey = [[self class] generateNewSignalingKeyToken];
NSString *phoneNumber = self.phoneNumberAwaitingVerification; NSString *phoneNumber = self.phoneNumberAwaitingVerification;
OWSAssertDebug(signalingKey);
OWSAssertDebug(authToken); OWSAssertDebug(authToken);
OWSAssertDebug(phoneNumber); OWSAssertDebug(phoneNumber);
TSRequest *request = [OWSRequestFactory verifyCodeRequestWithVerificationCode:verificationCode TSRequest *request = [OWSRequestFactory verifyCodeRequestWithVerificationCode:verificationCode
forNumber:phoneNumber forNumber:phoneNumber
pin:pin pin:pin
signalingKey:signalingKey
authKey:authToken]; authKey:authToken];
[self.networkManager makeRequest:request [self.networkManager makeRequest:request
@ -401,7 +398,6 @@ NSString *const TSAccountManager_NeedsAccountAttributesUpdateKey = @"TSAccountMa
case 200: case 200:
case 204: { case 204: {
OWSLogInfo(@"Verification code accepted."); OWSLogInfo(@"Verification code accepted.");
[self storeServerAuthToken:authToken signalingKey:signalingKey];
[TSPreKeyManager createPreKeysWithSuccess:successBlock failure:failureBlock]; [TSPreKeyManager createPreKeysWithSuccess:successBlock failure:failureBlock];
[self.profileManager fetchLocalUsersProfile]; [self.profileManager fetchLocalUsersProfile];
break; break;
@ -465,15 +461,6 @@ NSString *const TSAccountManager_NeedsAccountAttributesUpdateKey = @"TSAccountMa
return authTokenPrint; return authTokenPrint;
} }
+ (NSString *)generateNewSignalingKeyToken {
/*The signalingKey is 32 bytes of AES material (256bit AES) and 20 bytes of
* Hmac key material (HmacSHA1) concatenated into a 52 byte slug that is
* base64 encoded. */
NSData *signalingKeyToken = [Randomness generateRandomBytes:52];
NSString *signalingKeyTokenPrint = [[NSData dataWithData:signalingKeyToken] base64EncodedString];
return signalingKeyTokenPrint;
}
+ (nullable NSString *)signalingKey + (nullable NSString *)signalingKey
{ {
return [[self sharedInstance] signalingKey]; return [[self sharedInstance] signalingKey];
@ -496,16 +483,12 @@ NSString *const TSAccountManager_NeedsAccountAttributesUpdateKey = @"TSAccountMa
inCollection:TSAccountManager_UserAccountCollection]; inCollection:TSAccountManager_UserAccountCollection];
} }
- (void)storeServerAuthToken:(NSString *)authToken signalingKey:(NSString *)signalingKey - (void)storeServerAuthToken:(NSString *)authToken
{ {
[self.dbConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) { [self.dbConnection readWriteWithBlock:^(YapDatabaseReadWriteTransaction *transaction) {
[transaction setObject:authToken [transaction setObject:authToken
forKey:TSAccountManager_ServerAuthToken forKey:TSAccountManager_ServerAuthToken
inCollection:TSAccountManager_UserAccountCollection]; inCollection:TSAccountManager_UserAccountCollection];
[transaction setObject:signalingKey
forKey:TSAccountManager_ServerSignalingKey
inCollection:TSAccountManager_UserAccountCollection];
}]; }];
} }

1
SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.h
Unescape Escape View File

@ -66,7 +66,6 @@ typedef NS_ENUM(NSUInteger, TSVerificationTransport) { TSVerificationTransportVo
+ (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode + (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode
forNumber:(NSString *)phoneNumber forNumber:(NSString *)phoneNumber
pin:(nullable NSString *)pin pin:(nullable NSString *)pin
signalingKey:(NSString *)signalingKey
authKey:(NSString *)authKey; authKey:(NSString *)authKey;
#pragma mark - Prekeys #pragma mark - Prekeys

13
SignalServiceKit/src/Network/API/Requests/OWSRequestFactory.m
Unescape Escape View File

@ -219,14 +219,11 @@ NS_ASSUME_NONNULL_BEGIN
{ {
NSString *path = [textSecureAccountsAPI stringByAppendingString:textSecureAttributesAPI]; NSString *path = [textSecureAccountsAPI stringByAppendingString:textSecureAttributesAPI];
NSString *signalingKey = self.tsAccountManager.signalingKey;
OWSAssertDebug(signalingKey.length > 0);
NSString *authKey = self.tsAccountManager.serverAuthToken; NSString *authKey = self.tsAccountManager.serverAuthToken;
OWSAssertDebug(authKey.length > 0); OWSAssertDebug(authKey.length > 0);
NSString *_Nullable pin = [self.ows2FAManager pinCode]; NSString *_Nullable pin = [self.ows2FAManager pinCode];
NSDictionary<NSString *, id> *accountAttributes = NSDictionary<NSString *, id> *accountAttributes = [self accountAttributesWithPin:pin authKey:authKey];
[self accountAttributesWithPin:pin signalingKey:signalingKey authKey:authKey];
return [TSRequest requestWithUrl:[NSURL URLWithString:path] method:@"PUT" parameters:accountAttributes]; return [TSRequest requestWithUrl:[NSURL URLWithString:path] method:@"PUT" parameters:accountAttributes];
} }
@ -293,18 +290,16 @@ NS_ASSUME_NONNULL_BEGIN
+ (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode + (TSRequest *)verifyCodeRequestWithVerificationCode:(NSString *)verificationCode
forNumber:(NSString *)phoneNumber forNumber:(NSString *)phoneNumber
pin:(nullable NSString *)pin pin:(nullable NSString *)pin
signalingKey:(NSString *)signalingKey
authKey:(NSString *)authKey authKey:(NSString *)authKey
{ {
OWSAssertDebug(verificationCode.length > 0); OWSAssertDebug(verificationCode.length > 0);
OWSAssertDebug(phoneNumber.length > 0); OWSAssertDebug(phoneNumber.length > 0);
OWSAssertDebug(signalingKey.length > 0);
OWSAssertDebug(authKey.length > 0); OWSAssertDebug(authKey.length > 0);
NSString *path = [NSString stringWithFormat:@"%@/code/%@", textSecureAccountsAPI, verificationCode]; NSString *path = [NSString stringWithFormat:@"%@/code/%@", textSecureAccountsAPI, verificationCode];
NSMutableDictionary<NSString *, id> *accountAttributes = NSMutableDictionary<NSString *, id> *accountAttributes =
[[self accountAttributesWithPin:pin signalingKey:signalingKey authKey:authKey] mutableCopy]; [[self accountAttributesWithPin:pin authKey:authKey] mutableCopy];
[accountAttributes removeObjectForKey:@"AuthKey"]; [accountAttributes removeObjectForKey:@"AuthKey"];
TSRequest *request = TSRequest *request =
@ -316,10 +311,8 @@ NS_ASSUME_NONNULL_BEGIN
} }
+ (NSDictionary<NSString *, id> *)accountAttributesWithPin:(nullable NSString *)pin + (NSDictionary<NSString *, id> *)accountAttributesWithPin:(nullable NSString *)pin
signalingKey:(NSString *)signalingKey
authKey:(NSString *)authKey authKey:(NSString *)authKey
{ {
OWSAssertDebug(signalingKey.length > 0);
OWSAssertDebug(authKey.length > 0); OWSAssertDebug(authKey.length > 0);
uint32_t registrationId = [self.tsAccountManager getOrGenerateRegistrationId]; uint32_t registrationId = [self.tsAccountManager getOrGenerateRegistrationId];
@ -334,8 +327,8 @@ NS_ASSUME_NONNULL_BEGIN
} }
BOOL allowUnrestrictedUD = [self.udManager shouldAllowUnrestrictedAccessLocal] && udAccessKey != nil; BOOL allowUnrestrictedUD = [self.udManager shouldAllowUnrestrictedAccessLocal] && udAccessKey != nil;
// We no longer include the signalingKey.
NSMutableDictionary *accountAttributes = [@{ NSMutableDictionary *accountAttributes = [@{
@"signalingKey" : signalingKey,
@"AuthKey" : authKey, @"AuthKey" : authKey,
@"voice" : @(YES), // all Signal-iOS clients support voice @"voice" : @(YES), // all Signal-iOS clients support voice
@"video" : @(YES), // all Signal-iOS clients support WebRTC-based voice and video calls. @"video" : @(YES), // all Signal-iOS clients support WebRTC-based voice and video calls.

15
SignalServiceKit/src/Network/WebSockets/OWSWebSocket.m
Unescape Escape View File

@ -770,9 +770,18 @@ NSString *const kNSNotification_OWSWebSocketStateDidChange = @"kNSNotification_O
dispatch_async(self.serialQueue, ^{ dispatch_async(self.serialQueue, ^{
BOOL success = NO; BOOL success = NO;
@try { @try {
NSData *_Nullable decryptedPayload = BOOL useSignalingKey = [message.headers containsObject:@"X-Signal-Key: true"];
[Cryptography decryptAppleMessagePayload:message.body NSData *_Nullable decryptedPayload;
withSignalingKey:TSAccountManager.signalingKey]; if (useSignalingKey) {
NSString *_Nullable signalingKey = TSAccountManager.signalingKey;
OWSAssertDebug(signalingKey);
decryptedPayload =
[Cryptography decryptAppleMessagePayload:message.body withSignalingKey:signalingKey];
} else {
OWSAssertDebug([message.headers containsObject:@"X-Signal-Key: false"]);
decryptedPayload = message.body;
}
if (!decryptedPayload) { if (!decryptedPayload) {
OWSLogWarn(@"Failed to decrypt incoming payload or bad HMAC"); OWSLogWarn(@"Failed to decrypt incoming payload or bad HMAC");

Write Preview
Loading…
Cancel
Save