keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a8633ff739'
${ noResults }
session-ios/SignalServiceKit/src/Loki/Extensions/SessionCipher+Loki.m

182 lines
7.1 KiB
Matlab
Raw Normal View History Unescape Escape

Loki session reset (#14) * Added session reset. * Hooked up session reset internals to UI. * Send empty message when we have received an end session message. * Verify incoming PreKeyWhisperMessage. * Fix indentations in SessionReset.md
6 years ago
/// Loki: Refer to Docs/SessionReset.md for explanations
#import "SessionCipher+Loki.h"
#import "NSNotificationCenter+OWS.h"
#import "PreKeyWhisperMessage.h"
#import "OWSPrimaryStorage+Loki.h"
#import "TSContactThread.h"
#import <YapDatabase/YapDatabase.h>
NSString *const kNSNotificationName_SessionAdopted = @"kNSNotificationName_SessionAdopted";
NSString *const kNSNotificationKey_ContactPubKey = @"kNSNotificationKey_ContactPubKey";
@interface SessionCipher ()
@property (nonatomic, readonly) NSString *recipientId;
@property (nonatomic, readonly) int deviceId;
@property (nonatomic, readonly) id<SessionStore> sessionStore;
@property (nonatomic, readonly) id<PreKeyStore> prekeyStore;
@end
@implementation SessionCipher (Loki)
- (NSData *)throws_lokiDecrypt:(id<CipherMessage>)whisperMessage protocolContext:(nullable id)protocolContext
{
// Our state before we decrypt the message
SessionState *_Nullable state = [self getCurrentState:protocolContext];
// While decrypting our state may change internally
NSData *plainText = [self throws_decrypt:whisperMessage protocolContext:protocolContext];
// Loki: Verify incoming friend request messages
if (!state) {
[self throws_verifyFriendRequestAcceptPreKeyForMessage:whisperMessage protocolContext:protocolContext];
}
// Loki: Handle any session resets
[self handleSessionReset:whisperMessage previousState:state protocolContext:protocolContext];
return plainText;
}
/// Get the current session state
- (SessionState *_Nullable)getCurrentState:(nullable id)protocolContext {
SessionRecord *record = [self.sessionStore loadSession:self.recipientId deviceId:self.deviceId protocolContext:protocolContext];
SessionState *state = record.sessionState;
// Check if session is initialized
if (!state.hasSenderChain) {
return nil;
}
return state;
}
/// Handle any loki session reset stuff
- (void)handleSessionReset:(id<CipherMessage>)whisperMessage
previousState:(SessionState *_Nullable)previousState
protocolContext:(nullable id)protocolContext
{
// Don't bother doing anything if we didn't have a session before
if (!previousState) {
return;
}
OWSAssertDebug([protocolContext isKindOfClass:[YapDatabaseReadWriteTransaction class]]);
YapDatabaseReadWriteTransaction *transaction = protocolContext;
// Get the thread
TSContactThread *thread = [TSContactThread getThreadWithContactId:self.recipientId transaction:transaction];
if (!thread) {
return;
}
// Bail early if no session reset is in progress
if (thread.sessionResetState == TSContactThreadSessionResetStateNone) {
return;
}
BOOL sessionResetReceived = thread.sessionResetState == TSContactThreadSessionResetStateRequestReceived;
SessionState *_Nullable currentState = [self getCurrentState:protocolContext];
// Check if our previous state and our current state differ
if (!currentState || ![currentState.aliceBaseKey isEqualToData:previousState.aliceBaseKey]) {
if (sessionResetReceived) {
// The other user used an old session to contact us.
// Wait for them to use a new one
[self restoreSession:previousState protocolContext:protocolContext];
} else {
// Our session reset went through successfully
// We had initiated a session reset and got a different session back from the user
[self deleteAllSessionsExcept:currentState protocolContext:protocolContext];
[self notifySessionAdopted];
}
} else if (sessionResetReceived) {
// Our session reset went through successfully
// We got a message with the same session from the other user
[self deleteAllSessionsExcept:previousState protocolContext:protocolContext];
[self notifySessionAdopted];
}
}
/// Send a notification about a new session being adopted
- (void)notifySessionAdopted
{
[[NSNotificationCenter defaultCenter]
postNotificationNameAsync:kNSNotificationName_SessionAdopted
object:nil
userInfo:@{
kNSNotificationKey_ContactPubKey : self.recipientId,
}];
}
/// Delete all other sessions except the given one
- (void)deleteAllSessionsExcept:(SessionState *)state protocolContext:(nullable id)protocolContext
{
SessionRecord *record = [self.sessionStore loadSession:self.recipientId deviceId:self.deviceId protocolContext:protocolContext];
[record removePreviousSessionStates];
[record setState:state];
[self.sessionStore storeSession:self.recipientId
deviceId:self.deviceId
session:record
protocolContext:protocolContext];
}
/// Set the given session as the active one while archiving the old one
- (void)restoreSession:(SessionState *)state protocolContext:(nullable id)protocolContext
{
SessionRecord *record = [self.sessionStore loadSession:self.recipientId deviceId:self.deviceId protocolContext:protocolContext];
// Remove the state from previous session states
[record.previousSessionStates enumerateObjectsWithOptions:NSEnumerationReverse usingBlock:^(SessionState *obj, NSUInteger idx, BOOL *stop) {
if ([state.aliceBaseKey isEqualToData:obj.aliceBaseKey]) {
[record.previousSessionStates removeObjectAtIndex:idx];
*stop = true;
}
}];
// Promote it so the previous state gets archived
[record promoteState:state];
[self.sessionStore storeSession:self.recipientId
deviceId:self.deviceId
session:record
protocolContext:protocolContext];
}
/// Check that we have matching prekeys in the case of a `PreKeyWhisperMessage`
/// This is so that we don't trigger a false friend request accept on unknown contacts
- (void)throws_verifyFriendRequestAcceptPreKeyForMessage:(id<CipherMessage>)whisperMessage protocolContext:(nullable id)protocolContext {
OWSAssertDebug([protocolContext isKindOfClass:[YapDatabaseReadTransaction class]]);
YapDatabaseReadTransaction *transaction = protocolContext;
/// We only want to look at `PreKeyWhisperMessage`
if (![whisperMessage isKindOfClass:[PreKeyWhisperMessage class]]) {
return;
}
/// We need the primary storage to access contact prekeys
if (![self.prekeyStore isKindOfClass:[OWSPrimaryStorage class]]) {
return;
}
PreKeyWhisperMessage *preKeyMessage = whisperMessage;
OWSPrimaryStorage *primaryStorage = self.prekeyStore;
PreKeyRecord *_Nullable storedPreKey = [primaryStorage getPreKeyForContact:self.recipientId transaction:transaction];
if(!storedPreKey) {
OWSRaiseException(@"LokiInvalidPreKey", @"Received a friend request from a pubkey for which no prekey bundle was created");
}
if (storedPreKey.Id != preKeyMessage.prekeyID) {
OWSRaiseException(@"LokiPreKeyIdsDontMatch", @"Received a preKeyWhisperMessage (friend request accept) from an unknown source");
}
}
@end