import CryptoSwift import PromiseKit /// See the "Onion Requests" section of [The Session Whitepaper](https://arxiv.org/pdf/2002.04609.pdf) for more information. internal enum OnionRequestAPI { private static let urlSession = URLSession(configuration: .ephemeral, delegate: urlSessionDelegate, delegateQueue: nil) private static let urlSessionDelegate = URLSessionDelegateImplementation() internal static var guardSnodes: Set = [] internal static var paths: Set = [] /// - Note: Exposed for testing purposes. internal static let workQueue = DispatchQueue(label: "OnionRequestAPI.workQueue", qos: .userInitiated) // MARK: Settings private static let pathCount: UInt = 3 /// The number of snodes (including the guard snode) in a path. private static let pathSize: UInt = 3 private static let timeout: TimeInterval = 20 private static var guardSnodeCount: UInt { return pathCount } // One per path // MARK: HTTP Verb private enum HTTPVerb : String { case get = "GET" case put = "PUT" case post = "POST" case delete = "DELETE" } // MARK: URL Session Delegate Implementation private final class URLSessionDelegateImplementation : NSObject, URLSessionDelegate { func urlSession(_ session: URLSession, didReceive challenge: URLAuthenticationChallenge, completionHandler: @escaping (URLSession.AuthChallengeDisposition, URLCredential?) -> Void) { // Snode to snode communication uses self-signed certificates but clients can safely ignore this completionHandler(.useCredential, URLCredential(trust: challenge.protectionSpace.serverTrust!)) } } // MARK: Error internal enum Error : LocalizedError { case generic case httpRequestFailed(statusCode: UInt, json: JSON?) case insufficientSnodes case invalidJSON case missingSnodeVersion case randomDataGenerationFailed case snodePublicKeySetMissing case unsupportedSnodeVersion(String) var errorDescription: String? { switch self { case .generic: return "An error occurred." case .httpRequestFailed(let statusCode, _): return "HTTP request failed with status code: \(statusCode)." case .insufficientSnodes: return "Couldn't find enough snodes to build a path." case .invalidJSON: return "Invalid JSON." case .missingSnodeVersion: return "Missing snode version." case .randomDataGenerationFailed: return "Couldn't generate random data." case .snodePublicKeySetMissing: return "Missing snode public key set." case .unsupportedSnodeVersion(let version): return "Unsupported snode version: \(version)." } } } // MARK: Path internal typealias Path = [LokiAPITarget] // MARK: Onion Building Result private typealias OnionBuildingResult = (guardSnode: LokiAPITarget, encryptionResult: EncryptionResult, symmetricKey: Data) // MARK: Private API private static func execute(_ verb: HTTPVerb, _ url: String, parameters: JSON? = nil, timeout: TimeInterval = OnionRequestAPI.timeout) -> Promise { return Promise { seal in let url = URL(string: url)! var request = URLRequest(url: url) request.httpMethod = verb.rawValue if let parameters = parameters { do { guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(Error.invalidJSON) } request.httpBody = try JSONSerialization.data(withJSONObject: parameters) } catch (let error) { return seal.reject(error) } } request.timeoutInterval = timeout let task = urlSession.dataTask(with: request) { data, response, error in guard let data = data, let response = response as? HTTPURLResponse else { print("[Loki] [Onion Request API] \(verb.rawValue) request to \(url) failed.") return seal.reject(Error.generic) } if let error = error { print("[Loki] [Onion Request API] \(verb.rawValue) request to \(url) failed due to error: \(error).") return seal.reject(error) } let statusCode = UInt(response.statusCode) var json: JSON? = nil if let j = try? JSONSerialization.jsonObject(with: data, options: []) as? JSON { json = j } else if let result = String(data: data, encoding: .utf8) { json = [ "result" : result ] } guard 200...299 ~= statusCode else { let jsonDescription = json?.prettifiedDescription ?? "no debugging info provided" print("[Loki] [Onion Request API] \(verb.rawValue) request to \(url) failed with status code: \(statusCode) (\(jsonDescription)).") return seal.reject(Error.httpRequestFailed(statusCode: statusCode, json: json)) } if let json = json { seal.fulfill(json) } else { print("[Loki] [Onion Request API] Couldn't parse JSON returned by \(verb.rawValue) request to \(url).") return seal.reject(Error.invalidJSON) } } task.resume() } } /// Tests the given snode. The returned promise errors out if the snode is faulty; the promise is fulfilled otherwise. private static func testSnode(_ snode: LokiAPITarget) -> Promise { let (promise, seal) = Promise.pending() let queue = DispatchQueue(label: UUID().uuidString, qos: .userInitiated) // No need to block the work queue for this queue.async { let url = "\(snode.address):\(snode.port)/get_stats/v1" let timeout: TimeInterval = 6 // Use a shorter timeout for testing execute(.get, url, timeout: timeout).done(on: queue) { rawResponse in guard let json = rawResponse as? JSON, let version = json["version"] as? String else { return seal.reject(Error.missingSnodeVersion) } if version >= "2.0.0" { seal.fulfill(()) } else { print("[Loki] [Onion Request API] Unsupported snode version: \(version).") seal.reject(Error.unsupportedSnodeVersion(version)) } }.catch(on: queue) { error in seal.reject(error) } } return promise } /// Finds `guardSnodeCount` guard snodes to use for path building. The returned promise errors out with `Error.insufficientSnodes` /// if not enough (reliable) snodes are available. private static func getGuardSnodes() -> Promise> { if guardSnodes.count >= guardSnodeCount { return Promise> { $0.fulfill(guardSnodes) } } else { print("[Loki] [Onion Request API] Populating guard snode cache.") return LokiAPI.getRandomSnode().then(on: workQueue) { _ -> Promise> in // Just used to populate the snode pool var unusedSnodes = LokiAPI.randomSnodePool // Sync on workQueue guard unusedSnodes.count >= guardSnodeCount else { throw Error.insufficientSnodes } func getGuardSnode() -> Promise { // randomElement() uses the system's default random generator, which is cryptographically secure guard let candidate = unusedSnodes.randomElement() else { return Promise { $0.reject(Error.insufficientSnodes) } } unusedSnodes.remove(candidate) print("[Loki] [Onion Request API] Testing guard snode: \(candidate).") // Loop until a reliable guard snode is found return testSnode(candidate).map(on: workQueue) { candidate }.recover(on: workQueue) { _ in getGuardSnode() } } let promises = (0.. Promise> { print("[Loki] [Onion Request API] Building onion request paths.") return LokiAPI.getRandomSnode().then(on: workQueue) { _ -> Promise> in // Just used to populate the snode pool let snodePool = LokiAPI.randomSnodePool return getGuardSnodes().then(on: workQueue) { guardSnodes -> Promise> in var unusedSnodes = snodePool.subtracting(guardSnodes) // Sync on workQueue let pathSnodeCount = guardSnodeCount * pathSize - guardSnodeCount guard unusedSnodes.count >= pathSnodeCount else { throw Error.insufficientSnodes } func getPathSnode() -> Promise { // randomElement() uses the system's default random generator, which is cryptographically secure guard let candidate = unusedSnodes.randomElement() else { return Promise { $0.reject(Error.insufficientSnodes) } } unusedSnodes.remove(candidate) print("[Loki] [Onion Request API] Testing path snode: \(candidate).") // Loop until a reliable guard snode is found return testSnode(candidate).map(on: workQueue) { candidate }.recover(on: workQueue) { _ in getPathSnode() } } let promises = (0.. Promise { // randomElement() uses the system's default random generator, which is cryptographically secure if paths.count >= pathCount { return Promise { $0.fulfill(paths.randomElement()!) } } else { return buildPaths().map(on: workQueue) { paths in let path = paths.randomElement()! OnionRequestAPI.paths = paths return path } } } /// Builds an onion around `payload` and returns the result. private static func buildOnion(around payload: Data, targetedAt snode: LokiAPITarget) -> Promise { var guardSnode: LokiAPITarget! var encryptionResult: EncryptionResult! var symmetricKey: Data! return getPath().then(on: workQueue) { path -> Promise in guardSnode = path.first! return encrypt(payload, forTargetSnode: snode).then(on: workQueue) { r -> Promise in encryptionResult = r symmetricKey = r.symmetricKey var path = path var rhs = snode func addLayer() -> Promise { if path.isEmpty { return Promise { $0.fulfill(encryptionResult) } } else { let lhs = path.removeLast() return OnionRequestAPI.encryptHop(from: lhs, to: rhs, using: encryptionResult).then(on: workQueue) { r -> Promise in encryptionResult = r rhs = lhs return addLayer() } } } return addLayer() } }.map(on: workQueue) { _ in (guardSnode: guardSnode, encryptionResult: encryptionResult, symmetricKey: symmetricKey) } } // MARK: Internal API /// Sends an onion request to `snode`. Builds new paths as needed. internal static func invoke(_ method: LokiAPITarget.Method, on snode: LokiAPITarget, parameters: JSON) -> Promise { let (promise, seal) = Promise.pending() workQueue.async { let parameters: JSON = [ "method" : method.rawValue, "params" : parameters ] let payload: Data do { guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(Error.invalidJSON) } payload = try JSONSerialization.data(withJSONObject: parameters, options: []) } catch (let error) { return seal.reject(error) } buildOnion(around: payload, targetedAt: snode).done(on: workQueue) { intermediate in let guardSnode = intermediate.guardSnode let url = "\(guardSnode.address):\(guardSnode.port)/onion_req" let encryptionResult = intermediate.encryptionResult let onion = encryptionResult.ciphertext let parameters: JSON = [ "ciphertext" : onion.base64EncodedString(), "ephemeral_key" : encryptionResult.ephemeralPublicKey.toHexString() ] let symmetricKey = intermediate.symmetricKey execute(.post, url, parameters: parameters).done(on: workQueue) { rawResponse in guard let json = rawResponse as? JSON, let base64EncodedIVAndCiphertext = json["result"] as? String, let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext) else { return seal.reject(Error.invalidJSON) } let iv = ivAndCiphertext[0..