keychain/ckks/CKKSPeer.m

   1 /*
   2  * Copyright (c) 2017 Apple Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24 #if OCTAGON
  25
  26 #import "keychain/ckks/CKKSPeer.h"
  27 #import "keychain/ckks/CKKSViewManager.h"
  28
  29 NSString* const CKKSSOSPeerPrefix = @"spid-";
  30
  31 @implementation CKKSSelves
  32 - (instancetype)initWithCurrent:(id<CKKSSelfPeer>)selfPeer
  33                       allSelves:(NSSet<id<CKKSSelfPeer>>*)allSelves {
  34     if((self = [super init])) {
  35         _currentSelf = selfPeer;
  36
  37         // Ensure allSelves contains selfPeer
  38         _allSelves = allSelves ? [allSelves setByAddingObject:selfPeer] :
  39                         (selfPeer ? [NSSet setWithObject:selfPeer] : [NSSet set]);
  40     }
  41     return self;
  42 }
  43
  44 - (NSString*)description {
  45     NSMutableSet* pastSelves = [self.allSelves mutableCopy];
  46     [pastSelves removeObject:self.currentSelf];
  47     return [NSString stringWithFormat:@"<CKKSSelves: %@ %@>", self.currentSelf, pastSelves.count == 0u ? @"(no past selves)" : pastSelves ];
  48 }
  49
  50 @end
  51
  52 #pragma mark - CKKSActualPeer
  53
  54 @implementation CKKSActualPeer
  55 - (NSString*)description {
  56     // Return the first 16 bytes of the public keys (for reading purposes)
  57     return [NSString stringWithFormat:@"<CKKSActualPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
  58            self.peerID,
  59            [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
  60            [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
  61            (int)self.viewList.count];
  62 }
  63
  64 - (instancetype)initWithPeerID:(NSString*)syncingPeerID
  65            encryptionPublicKey:(SFECPublicKey*)encryptionKey
  66               signingPublicKey:(SFECPublicKey*)signingKey
  67                       viewList:(NSSet<NSString*>*)viewList
  68 {
  69     if((self = [super init])) {
  70         _peerID = syncingPeerID;
  71
  72         _publicEncryptionKey = encryptionKey;
  73         _publicSigningKey = signingKey;
  74         _viewList = viewList;
  75     }
  76     return self;
  77 }
  78
  79 - (bool)matchesPeer:(id<CKKSPeer>)peer {
  80     return (self.peerID == nil && peer.peerID == nil) ||
  81             [self.peerID isEqualToString:peer.peerID];
  82 }
  83
  84 - (BOOL)shouldHaveView:(NSString *)viewName
  85 {
  86     return [self.viewList containsObject:viewName];
  87 }
  88
  89 + (BOOL)supportsSecureCoding {
  90     return YES;
  91 }
  92
  93 - (void)encodeWithCoder:(nonnull NSCoder*)coder
  94 {
  95     [coder encodeObject:self.peerID forKey:@"peerID"];
  96     [coder encodeObject:self.publicEncryptionKey.encodeSubjectPublicKeyInfo forKey:@"encryptionKey"];
  97     [coder encodeObject:self.publicSigningKey.encodeSubjectPublicKeyInfo forKey:@"signingKey"];
  98     [coder encodeObject:self.viewList forKey:@"viewList"];
  99 }
 100
 101 - (nullable instancetype)initWithCoder:(nonnull NSCoder*)decoder
 102 {
 103     if ((self = [super init])) {
 104         _peerID = [decoder decodeObjectOfClass:[NSString class] forKey:@"peerID"];
 105
 106         NSData* encryptionSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"encryptionKey"];
 107         if(encryptionSPKI) {
 108             _publicEncryptionKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:encryptionSPKI];
 109         }
 110
 111         NSData* signingSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"signingKey"];
 112         if(signingSPKI) {
 113             _publicSigningKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:signingSPKI];
 114         }
 115
 116         _viewList = [decoder decodeObjectOfClasses:[NSSet setWithArray:@[[NSSet class], [NSString class]]] forKey:@"viewList"];
 117     }
 118     return self;
 119 }
 120 @end
 121
 122 #pragma mark - CKKSSOSPeer
 123
 124 @interface CKKSSOSPeer ()
 125 @property NSString* spid;
 126 @property NSSet<NSString*>* viewList;
 127 @end
 128
 129 @implementation CKKSSOSPeer
 130 @synthesize publicEncryptionKey = _publicEncryptionKey;
 131 @synthesize publicSigningKey = _publicSigningKey;
 132
 133 - (NSString*)description {
 134     // Return the first 16 bytes of the public keys (for reading purposes)
 135     return [NSString stringWithFormat:@"<CKKSSOSPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
 136            self.peerID,
 137            [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
 138            [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
 139            (int)self.viewList.count];
 140 }
 141
 142 - (instancetype)initWithSOSPeerID:(NSString*)syncingPeerID
 143               encryptionPublicKey:(SFECPublicKey*)encryptionKey
 144                  signingPublicKey:(SFECPublicKey*)signingKey
 145                          viewList:(NSSet<NSString*>* _Nullable)viewList
 146 {
 147     if((self = [super init])) {
 148         if([syncingPeerID hasPrefix:CKKSSOSPeerPrefix]) {
 149             _spid = [syncingPeerID  substringFromIndex:CKKSSOSPeerPrefix.length];
 150         } else {
 151             _spid = syncingPeerID;
 152         }
 153         _publicEncryptionKey = encryptionKey;
 154         _publicSigningKey = signingKey;
 155         _viewList = viewList;
 156     }
 157     return self;
 158 }
 159
 160 - (NSString*)peerID {
 161     return [NSString stringWithFormat:@"%@%@", CKKSSOSPeerPrefix, self.spid];
 162 }
 163
 164 - (bool)matchesPeer:(id<CKKSPeer>)peer {
 165     return (self.peerID == nil && peer.peerID == nil) ||
 166             [self.peerID isEqualToString:peer.peerID];
 167 }
 168
 169 - (BOOL)shouldHaveView:(NSString *)viewName
 170 {
 171     return [self.viewList containsObject:viewName];
 172 }
 173
 174 + (BOOL)supportsSecureCoding {
 175     return YES;
 176 }
 177
 178 - (void)encodeWithCoder:(nonnull NSCoder*)coder
 179 {
 180     [coder encodeObject:self.spid forKey:@"spid"];
 181     [coder encodeObject:self.publicEncryptionKey.encodeSubjectPublicKeyInfo forKey:@"encryptionKey"];
 182     [coder encodeObject:self.publicSigningKey.encodeSubjectPublicKeyInfo forKey:@"signingKey"];
 183 }
 184
 185 - (nullable instancetype)initWithCoder:(nonnull NSCoder*)decoder
 186 {
 187     if ((self = [super init])) {
 188         _spid = [decoder decodeObjectOfClass:[NSString class] forKey:@"spid"];
 189
 190         NSData* encryptionSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"encryptionKey"];
 191         if(encryptionSPKI) {
 192             _publicEncryptionKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:encryptionSPKI];
 193         }
 194
 195         NSData* signingSPKI = [decoder decodeObjectOfClass:[NSData class] forKey:@"signingKey"];
 196         if(signingSPKI) {
 197             _publicSigningKey = [SFECPublicKey keyWithSubjectPublicKeyInfo:signingSPKI];
 198         }
 199     }
 200     return self;
 201 }
 202 @end
 203
 204 @interface CKKSSOSSelfPeer ()
 205 @property NSString* spid;
 206 @end
 207
 208 @implementation CKKSSOSSelfPeer
 209 - (NSString*)description {
 210     return [NSString stringWithFormat:@"<CKKSSOSSelfPeer(%@): pubEnc:%@ pubSign:%@ views:%d>",
 211             self.peerID,
 212             [self.publicEncryptionKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicEncryptionKey.keyData.length))],
 213             [self.publicSigningKey.keyData subdataWithRange:NSMakeRange(0, MIN(16u,self.publicSigningKey.keyData.length))],
 214             (int)self.viewList.count];
 215 }
 216
 217 - (instancetype)initWithSOSPeerID:(NSString*)syncingPeerID
 218                     encryptionKey:(SFECKeyPair*)encryptionKey
 219                        signingKey:(SFECKeyPair*)signingKey
 220                          viewList:(NSSet<NSString*>* _Nullable)viewList
 221 {
 222     if((self = [super init])) {
 223         if([syncingPeerID hasPrefix:CKKSSOSPeerPrefix]) {
 224             _spid = [syncingPeerID  substringFromIndex:CKKSSOSPeerPrefix.length];
 225         } else {
 226             _spid = syncingPeerID;
 227         }
 228         _encryptionKey = encryptionKey;
 229         _signingKey = signingKey;
 230         _viewList = viewList;
 231     }
 232     return self;
 233 }
 234
 235 -(SFECPublicKey*)publicEncryptionKey {
 236     return self.encryptionKey.publicKey;
 237 }
 238 -(SFECPublicKey*)publicSigningKey {
 239     return self.signingKey.publicKey;
 240 }
 241 - (NSString*)peerID {
 242     return [NSString stringWithFormat:@"%@%@", CKKSSOSPeerPrefix, self.spid];
 243 }
 244
 245 - (bool)matchesPeer:(id<CKKSPeer>)peer {
 246     return (self.peerID == nil && peer.peerID == nil) ||
 247     [self.peerID isEqualToString:peer.peerID];
 248 }
 249
 250 - (BOOL)shouldHaveView:(NSString *)viewName
 251 {
 252     return [self.viewList containsObject:viewName];
 253 }
 254 @end
 255
 256 NSSet<Class>* CKKSPeerClasses(void)
 257 {
 258     return [NSSet setWithArray:@[[CKKSSOSPeer class], [CKKSActualPeer class]]];
 259 }
 260
 261 #endif // OCTAGON