keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'addc859c84'
${ noResults }
session-ios/SessionProtocolKit/Signal/Ratchet/RatchetingSession.m

189 lines
7.4 KiB
Objective-C
Raw Blame History

//
// Copyright (c) 2018 Open Whisper Systems. All rights reserved.
//
#import "RatchetingSession.h"
#import "AliceAxolotlParameters.h"
#import "BobAxolotlParameters.h"
#import "ChainKey.h"
#import "RootKey.h"
#import "SessionState.h"
#import <Curve25519Kit/Curve25519.h>
#import <HKDFKit/HKDFKit.h>
#import <SignalCoreKit/SCKExceptionWrapper.h>
#import <SignalCoreKit/OWSAsserts.h>
@interface DHEResult : NSObject
@property (nonatomic, readonly) RootKey *rootKey;
@property (nonatomic, readonly) NSData *chainKey;
- (instancetype)init_throws_withMasterKey:(NSData *)data NS_SWIFT_UNAVAILABLE("throws objc exceptions");
@end
@implementation DHEResult
- (instancetype)init_throws_withMasterKey:(NSData *)data
{
// DHE Result is expected to be the result of 3 or 4 DHEs outputting 32 bytes each,
// plus the 32 discontinuity bytes added to make V3 incompatible with V2
OWSAssert([data length] == 32 * 4 || [data length] == 32 * 5);
self = [super init];
const char *HKDFDefaultSalt[4] = {0};
NSData *salt = [NSData dataWithBytes:HKDFDefaultSalt length:sizeof(HKDFDefaultSalt)];
NSData *info = [@"WhisperText" dataUsingEncoding:NSUTF8StringEncoding];
NSData *derivedMaterial = [HKDFKit deriveKey:data info:info salt:salt outputSize:64];
OWSAssert(derivedMaterial.length == 64);
_rootKey = [[RootKey alloc] initWithData:[derivedMaterial subdataWithRange:NSMakeRange(0, 32)]];
_chainKey = [derivedMaterial subdataWithRange:NSMakeRange(32, 32)];
return self;
}
@end
@implementation RatchetingSession
+ (void)throws_initializeSession:(SessionState *)session
sessionVersion:(int)sessionVersion
AliceParameters:(AliceAxolotlParameters *)parameters
{
OWSAssert(session);
OWSAssert(parameters);
ECKeyPair *sendingRatchetKey = [Curve25519 generateKeyPair];
OWSAssert(sendingRatchetKey);
[self throws_initializeSession:session
sessionVersion:sessionVersion
AliceParameters:parameters
senderRatchet:sendingRatchetKey];
}
+ (BOOL)initializeSession:(SessionState *)session
sessionVersion:(int)sessionVersion
bobParameters:(BobAxolotlParameters *)bobParameters
error:(NSError **)outError
{
return [SCKExceptionWrapper
tryBlock:^{
[self throws_initializeSession:session sessionVersion:sessionVersion BobParameters:bobParameters];
}
error:outError];
}
+ (void)throws_initializeSession:(SessionState *)session
sessionVersion:(int)sessionVersion
BobParameters:(BobAxolotlParameters *)parameters
{
OWSAssert(session);
OWSAssert(parameters);
[session setVersion:sessionVersion];
[session setRemoteIdentityKey:parameters.theirIdentityKey];
[session setLocalIdentityKey:parameters.ourIdentityKeyPair.publicKey];
DHEResult *result = [self throws_DHEKeyAgreement:parameters];
OWSAssert(result);
[session setSenderChain:parameters.ourRatchetKey chainKey:[[ChainKey alloc]initWithData:result.chainKey index:0]];
[session setRootKey:result.rootKey];
}
+ (BOOL)initializeSession:(SessionState *)session
sessionVersion:(int)sessionVersion
aliceParameters:(AliceAxolotlParameters *)aliceParameters
error:(NSError **)outError
{
return [SCKExceptionWrapper
tryBlock:^{
[self throws_initializeSession:session sessionVersion:sessionVersion AliceParameters:aliceParameters];
}
error:outError];
}
+ (void)throws_initializeSession:(SessionState *)session
sessionVersion:(int)sessionVersion
AliceParameters:(AliceAxolotlParameters *)parameters
senderRatchet:(ECKeyPair *)sendingRatchet
{
OWSAssert(session);
OWSAssert(parameters);
OWSAssert(sendingRatchet);
[session setVersion:sessionVersion];
[session setRemoteIdentityKey:parameters.theirIdentityKey];
[session setLocalIdentityKey:parameters.ourIdentityKeyPair.publicKey];
DHEResult *result = [self throws_DHEKeyAgreement:parameters];
OWSAssert(result);
RKCK *sendingChain =
[result.rootKey throws_createChainWithTheirEphemeral:parameters.theirRatchetKey ourEphemeral:sendingRatchet];
OWSAssert(sendingChain);
[session addReceiverChain:parameters.theirRatchetKey chainKey:[[ChainKey alloc]initWithData:result.chainKey index:0]];
[session setSenderChain:sendingRatchet chainKey:sendingChain.chainKey];
[session setRootKey:sendingChain.rootKey];
}
+ (DHEResult *)throws_DHEKeyAgreement:(id<AxolotlParameters>)parameters
{
OWSAssert(parameters);
NSMutableData *masterKey = [NSMutableData data];
[masterKey appendData:[self discontinuityBytes]];
if ([parameters isKindOfClass:[AliceAxolotlParameters class]]) {
AliceAxolotlParameters *params = (AliceAxolotlParameters*)parameters;
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirSignedPreKey
andKeyPair:params.ourIdentityKeyPair]];
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirIdentityKey
andKeyPair:params.ourBaseKey]];
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirSignedPreKey
andKeyPair:params.ourBaseKey]];
if (params.theirOneTimePrekey) {
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirOneTimePrekey
andKeyPair:params.ourBaseKey]];
}
} else if ([parameters isKindOfClass:[BobAxolotlParameters class]]){
BobAxolotlParameters *params = (BobAxolotlParameters*)parameters;
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirIdentityKey
andKeyPair:params.ourSignedPrekey]];
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirBaseKey
andKeyPair:params.ourIdentityKeyPair]];
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirBaseKey
andKeyPair:params.ourSignedPrekey]];
if (params.ourOneTimePrekey) {
[masterKey appendData:[Curve25519 throws_generateSharedSecretFromPublicKey:params.theirBaseKey
andKeyPair:params.ourOneTimePrekey]];
}
}
return [[DHEResult alloc] init_throws_withMasterKey:masterKey];
}
/**
* The discontinuity bytes enforce that the session initialization is different between protocol V2 and V3.
*
* @return Returns 32-bytes of 0xFF
*/
+ (NSData*)discontinuityBytes{
NSMutableData *discontinuity = [NSMutableData data];
int8_t byte = 0xFF;
for (int i = 0; i < 32; i++) {
[discontinuity appendBytes:&byte length:sizeof(int8_t)];
}
return [NSData dataWithData:discontinuity];
}
@end
Reference in New Issue View Git Blame Copy Permalink