keychain/TrustedPeersHelper/RecoveryKey/RecoveryKey.swift

   1 /*
   2  * Copyright (c) 2019 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 import Foundation
  25 import SecurityFoundation
  26
  27 class RecoveryKey: NSObject {
  28     public var recoveryKeys: RecoveryKeySet
  29     public var secret: Data
  30
  31     public var peerKeys: OctagonSelfPeerKeys
  32
  33     public init(recoveryKeyString: String, recoverySalt: String) throws {
  34         self.secret = Data(bytes: Array(recoveryKeyString.utf8), count: recoveryKeyString.utf8.count)
  35         self.recoveryKeys = try RecoveryKeySet(secret: self.secret, recoverySalt: recoverySalt)
  36
  37         let hash = try RecoveryKeySet.hashRecoveryedSigningPublicKey(keyData: self.recoveryKeys.signingKey.publicKey.keyData)
  38         let peerID = "RK-" + hash
  39
  40         try self.peerKeys = OctagonSelfPeerKeys(peerID: peerID, signingKey: self.recoveryKeys.signingKey, encryptionKey: self.recoveryKeys.encryptionKey)
  41     }
  42 }
  43
  44 extension RecoveryKey {
  45     enum Error: Swift.Error {
  46         case OTErrorDeserializationFailure
  47         case OTErrorDecryptionFailure
  48         case OTErrorKeyInstantiation
  49         case OTErrorKeyMismatch
  50         case OTErrorRecoveryCreation
  51         case OTErrorAuthCipherTextCreation
  52         case OTErrorPrivateKeyCreation
  53         case OTErrorRecoveryKeyCreation
  54         case OTErrorEntropyCreation
  55         case OTErrorEntropyKeyMismatch
  56     }
  57 }
  58
  59 extension RecoveryKey.Error: LocalizedError {
  60     public var errorDescription: String? {
  61         switch self {
  62         case .OTErrorDeserializationFailure:
  63             return "Failed to deserialize Recovery peer"
  64         case .OTErrorDecryptionFailure:
  65             return "could not decrypt Recovery contents"
  66         case .OTErrorKeyInstantiation:
  67             return "Failed to instantiate octagon peer keys"
  68         case .OTErrorKeyMismatch:
  69             return "public and private peer signing keys do not match"
  70         case .OTErrorRecoveryCreation:
  71             return "failed to create Recovery"
  72         case .OTErrorAuthCipherTextCreation:
  73             return "failed to create authenticated ciphertext"
  74         case .OTErrorPrivateKeyCreation:
  75             return "failed to create private key"
  76         case .OTErrorRecoveryKeyCreation:
  77             return "failed to create recovery keys"
  78         case .OTErrorEntropyCreation:
  79             return "failed to create entropy"
  80         case .OTErrorEntropyKeyMismatch:
  81             return "keys generated by the entropy+salt do not match the Recovery contents"
  82         }
  83     }
  84 }