keychain/ckks/CKKSPeer.m

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25
  26 #import "keychain/ckks/CKKSPeer.h"
  27 #import "keychain/ckks/CKKSViewManager.h"
  28
  29 NSString* const CKKSSOSPeerPrefix = @"spid-";
  30
  31 @implementation CKKSSelves
  32 - (instancetype)initWithCurrent:(id<CKKSSelfPeer>)selfPeer
  33                       allSelves:(NSSet<id<CKKSSelfPeer>>*)allSelves {
  34     if((self = [super init])) {
  35         _currentSelf = selfPeer;
  36
  37         // Ensure allSelves contains selfPeer
  38         _allSelves = allSelves ? [allSelves setByAddingObject:selfPeer] :
  39                         (selfPeer ? [NSSet setWithObject:selfPeer] : [NSSet set]);
  40     }
  41     return self;
  42 }
  43
  44 - (NSString*)description {
  45     NSMutableSet* pastSelves = [self.allSelves mutableCopy];
  46     [pastSelves removeObject:self.currentSelf];
  47     return [NSString stringWithFormat:@"<CKKSSelves: %@ %@>", self.currentSelf, pastSelves.count == 0u ? @"(no past selves)" : pastSelves ];
  48 }
  49
  50 @end
  51
  52 #pragma mark - CKKSActualPeer
  53
  54 @implementation CKKSActualPeer
  55 - (NSString*)description {
  56     // Return the first 16 bytes of the public keys (for reading purposes)
  57     return [NSString stringWithFormat:@"<CKKSActualPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
  58            self.peerID,
  59            [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
  60            [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
  61            (int)self.viewList.count];
  62 }
  63
  64 - (instancetype)initWithPeerID:(NSString*)syncingPeerID
  65            encryptionPublicKey:(SFECPublicKey*)encryptionKey
  66               signingPublicKey:(SFECPublicKey*)signingKey
  67                       viewList:(NSSet<NSString*>*)viewList
  68 {
  69     if((self = [super init])) {
  70         _peerID = syncingPeerID;
  71
  72         _publicEncryptionKey = encryptionKey;
  73         _publicSigningKey = signingKey;
  74         _viewList = viewList;
  75     }
  76     return self;
  77 }
  78
  79 - (bool)matchesPeer:(id<CKKSPeer>)peer {
  80     return (self.peerID == nil && peer.peerID == nil) ||
  81             [self.peerID isEqualToString:peer.peerID];
  82 }
  83
  84 - (BOOL)shouldHaveView:(NSString *)viewName
  85 {
  86     return [self.viewList containsObject:viewName];
  87 }
  88
  89 + (BOOL)supportsSecureCoding {
  90     return YES;
  91 }
  92
  93 - (void)encodeWithCoder:(nonnull NSCoder*)coder
  94 {
  95     [coder encodeObject:self.peerID forKey:@"peerID"];
  96     [coder encodeObject:self.publicEncryptionKey.encodeSubjectPublicKeyInfo forKey:@"encryptionKey"];
  97     [coder encodeObject:self.publicSigningKey.encodeSubjectPublicKeyInfo forKey:@"signingKey"];
  98     [coder encodeObject:self.viewList forKey:@"viewList"];
  99 }
 100
 101 - (nullable instancetype)initWithCoder:(nonnull NSCoder*)decoder
 102 {
 103     self = [super init];
 104     if(self) {
 105         _peerID = [decoder decodeObjectOfClass:[NSString class] forKey:@"peerID"];
 106
 107         NSData* encryptionSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"encryptionKey"];
 108         if(encryptionSPKI) {
 109             _publicEncryptionKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:encryptionSPKI];
 110         }
 111
 112         NSData* signingSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"signingKey"];
 113         if(signingSPKI) {
 114             _publicSigningKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:signingSPKI];
 115         }
 116
 117         _viewList = [decoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSSet class], [NSString class]]] forKey:@"viewList"];
 118     }
 119     return self;
 120 }
 121 @end
 122
 123 #pragma mark - CKKSSOSPeer
 124
 125 @interface CKKSSOSPeer ()
 126 @property NSString* spid;
 127 @property NSSet<NSString*>* viewList;
 128 @end
 129
 130 @implementation CKKSSOSPeer
 131 @synthesize publicEncryptionKey = _publicEncryptionKey;
 132 @synthesize publicSigningKey = _publicSigningKey;
 133
 134 - (NSString*)description {
 135     // Return the first 16 bytes of the public keys (for reading purposes)
 136     return [NSString stringWithFormat:@"<CKKSSOSPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
 137            self.peerID,
 138            [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
 139            [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
 140            (int)self.viewList.count];
 141 }
 142
 143 - (instancetype)initWithSOSPeerID:(NSString*)syncingPeerID
 144               encryptionPublicKey:(SFECPublicKey*)encryptionKey
 145                  signingPublicKey:(SFECPublicKey*)signingKey
 146                          viewList:(NSSet<NSString*>* _Nullable)viewList
 147 {
 148     if((self = [super init])) {
 149         if([syncingPeerID hasPrefix:CKKSSOSPeerPrefix]) {
 150             _spid = [syncingPeerID  substringFromIndex:CKKSSOSPeerPrefix.length];
 151         } else {
 152             _spid = syncingPeerID;
 153         }
 154         _publicEncryptionKey = encryptionKey;
 155         _publicSigningKey = signingKey;
 156         _viewList = viewList;
 157     }
 158     return self;
 159 }
 160
 161 - (NSString*)peerID {
 162     return [NSString stringWithFormat:@"%@%@", CKKSSOSPeerPrefix, self.spid];
 163 }
 164
 165 - (bool)matchesPeer:(id<CKKSPeer>)peer {
 166     return (self.peerID == nil && peer.peerID == nil) ||
 167             [self.peerID isEqualToString:peer.peerID];
 168 }
 169
 170 - (BOOL)shouldHaveView:(NSString *)viewName
 171 {
 172     return [self.viewList containsObject:viewName];
 173 }
 174
 175 + (BOOL)supportsSecureCoding {
 176     return YES;
 177 }
 178
 179 - (void)encodeWithCoder:(nonnull NSCoder*)coder
 180 {
 181     [coder encodeObject:self.spid forKey:@"spid"];
 182     [coder encodeObject:self.publicEncryptionKey.encodeSubjectPublicKeyInfo forKey:@"encryptionKey"];
 183     [coder encodeObject:self.publicSigningKey.encodeSubjectPublicKeyInfo forKey:@"signingKey"];
 184 }
 185
 186 - (nullable instancetype)initWithCoder:(nonnull NSCoder*)decoder
 187 {
 188     self = [super init];
 189     if(self) {
 190         _spid = [decoder decodeObjectOfClass:[NSString class] forKey:@"spid"];
 191
 192         NSData* encryptionSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"encryptionKey"];
 193         if(encryptionSPKI) {
 194             _publicEncryptionKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:encryptionSPKI];
 195         }
 196
 197         NSData* signingSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"signingKey"];
 198         if(signingSPKI) {
 199             _publicSigningKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:signingSPKI];
 200         }
 201     }
 202     return self;
 203 }
 204 @end
 205
 206 @interface CKKSSOSSelfPeer ()
 207 @property NSString* spid;
 208 @end
 209
 210 @implementation CKKSSOSSelfPeer
 211 - (NSString*)description {
 212     return [NSString stringWithFormat:@"<CKKSSOSSelfPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
 213             self.peerID,
 214             [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
 215             [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
 216             (int)self.viewList.count];
 217 }
 218
 219 - (instancetype)initWithSOSPeerID:(NSString*)syncingPeerID
 220                     encryptionKey:(SFECKeyPair*)encryptionKey
 221                        signingKey:(SFECKeyPair*)signingKey
 222                          viewList:(NSSet<NSString*>* _Nullable)viewList
 223 {
 224     if((self = [super init])) {
 225         if([syncingPeerID hasPrefix:CKKSSOSPeerPrefix]) {
 226             _spid = [syncingPeerID  substringFromIndex:CKKSSOSPeerPrefix.length];
 227         } else {
 228             _spid = syncingPeerID;
 229         }
 230         _encryptionKey = encryptionKey;
 231         _signingKey = signingKey;
 232         _viewList = viewList;
 233     }
 234     return self;
 235 }
 236
 237 -(SFECPublicKey*)publicEncryptionKey {
 238     return self.encryptionKey.publicKey;
 239 }
 240 -(SFECPublicKey*)publicSigningKey {
 241     return self.signingKey.publicKey;
 242 }
 243 - (NSString*)peerID {
 244     return [NSString stringWithFormat:@"%@%@", CKKSSOSPeerPrefix, self.spid];
 245 }
 246
 247 - (bool)matchesPeer:(id<CKKSPeer>)peer {
 248     return (self.peerID == nil && peer.peerID == nil) ||
 249     [self.peerID isEqualToString:peer.peerID];
 250 }
 251
 252 - (BOOL)shouldHaveView:(NSString *)viewName
 253 {
 254     return [self.viewList containsObject:viewName];
 255 }
 256 @end
 257
 258 NSSet<Class>* CKKSPeerClasses(void)
 259 {
 260     return [NSSet setWithArray:@[[CKKSSOSPeer class], [CKKSActualPeer class]]];
 261 }
 262
 263 #endif // OCTAGON