Browse Source

Re-enable authenticated retrieval

authentication
Niels Andriesse 6 months ago
parent
commit
52c696c2ed
  1. 8
      SessionMessagingKit/Database/Storage+Shared.swift
  2. 2
      SessionMessagingKit/Storage.swift
  3. 22
      SessionSnodeKit/SnodeAPI.swift
  4. 4
      SessionSnodeKit/Storage.swift

8
SessionMessagingKit/Database/Storage+Shared.swift

@ -25,14 +25,14 @@ extension Storage {
return OWSIdentityManager.shared().identityKeyPair()
}
public func getUserED25519KeyPair() -> Box.KeyPair? {
public func getUserED25519KeyPair() -> Sign.KeyPair? {
let dbConnection = OWSIdentityManager.shared().dbConnection
let collection = OWSPrimaryStorageIdentityKeyStoreCollection
guard let hexEncodedPublicKey = dbConnection.object(forKey: LKED25519PublicKey, inCollection: collection) as? String,
let hexEncodedSecretKey = dbConnection.object(forKey: LKED25519SecretKey, inCollection: collection) as? String else { return nil }
let publicKey = Box.KeyPair.PublicKey(hex: hexEncodedPublicKey)
let secretKey = Box.KeyPair.SecretKey(hex: hexEncodedSecretKey)
return Box.KeyPair(publicKey: publicKey, secretKey: secretKey)
let publicKey = Sign.KeyPair.PublicKey(hex: hexEncodedPublicKey)
let secretKey = Sign.KeyPair.SecretKey(hex: hexEncodedSecretKey)
return Sign.KeyPair(publicKey: publicKey, secretKey: secretKey)
}
@objc public func getUser() -> Contact? {

2
SessionMessagingKit/Storage.swift

@ -15,7 +15,7 @@ public protocol SessionMessagingKitStorageProtocol {
func getUserPublicKey() -> String?
func getUserKeyPair() -> ECKeyPair?
func getUserED25519KeyPair() -> Box.KeyPair?
func getUserED25519KeyPair() -> Sign.KeyPair?
func getUser() -> Contact?
func getAllContacts() -> Set<Contact>

22
SessionSnodeKit/SnodeAPI.swift

@ -413,22 +413,28 @@ public final class SnodeAPI : NSObject {
private static func getMessagesInternal(from snode: Snode, associatedWith publicKey: String) -> RawResponsePromise {
let storage = SNSnodeKitConfiguration.shared.storage
// guard let userED25519KeyPair = storage.getUserED25519KeyPair() else { return Promise(error: Error.noKeyPair) }
let ed25519KeyPair: Sign.KeyPair?
if storage.isClosedGroup(publicKey) {
ed25519KeyPair = storage.getLatestClosedGroupAuthenticationKeyPair(for: publicKey)
} else {
ed25519KeyPair = storage.getUserED25519KeyPair()
}
guard let ed25519KeyPair = ed25519KeyPair else { return Promise(error: Error.noKeyPair) }
// Get last message hash
storage.pruneLastMessageHashInfoIfExpired(for: snode, associatedWith: publicKey)
let lastHash = storage.getLastMessageHash(for: snode, associatedWith: publicKey) ?? ""
// Construct signature
// let timestamp = UInt64(Int64(NSDate.millisecondTimestamp()) + SnodeAPI.clockOffset)
// let ed25519PublicKey = userED25519KeyPair.publicKey.toHexString()
// let verificationData = ("retrieve" + String(timestamp)).data(using: String.Encoding.utf8)!
// let signature = sodium.sign.signature(message: Bytes(verificationData), secretKey: userED25519KeyPair.secretKey)!
let timestamp = UInt64(Int64(NSDate.millisecondTimestamp()) + SnodeAPI.clockOffset)
let ed25519PublicKey = ed25519KeyPair.publicKey.toHexString()
let verificationData = ("retrieve" + String(timestamp)).data(using: String.Encoding.utf8)!
let signature = sodium.sign.signature(message: Bytes(verificationData), secretKey: ed25519KeyPair.secretKey)!
// Make the request
let parameters: JSON = [
"pubKey" : Features.useTestnet ? publicKey.removing05PrefixIfNeeded() : publicKey,
"lastHash" : lastHash,
// "timestamp" : timestamp,
// "pubkey_ed25519" : ed25519PublicKey,
// "signature" : signature.toBase64()!
"timestamp" : timestamp,
"pubkey_ed25519" : ed25519PublicKey,
"signature" : signature.toBase64()!
]
return invoke(.getMessages, on: snode, associatedWith: publicKey, parameters: parameters)
}

4
SessionSnodeKit/Storage.swift

@ -11,7 +11,7 @@ public protocol SessionSnodeKitStorageProtocol {
func writeSync(with block: @escaping (Any) -> Void)
func getUserPublicKey() -> String?
func getUserED25519KeyPair() -> Box.KeyPair?
func getUserED25519KeyPair() -> Sign.KeyPair?
func getOnionRequestPaths() -> [OnionRequestAPI.Path]
func setOnionRequestPaths(to paths: [OnionRequestAPI.Path], using transaction: Any)
func getSnodePool() -> Set<Snode>
@ -25,4 +25,6 @@ public protocol SessionSnodeKitStorageProtocol {
func pruneLastMessageHashInfoIfExpired(for snode: Snode, associatedWith publicKey: String)
func getReceivedMessages(for publicKey: String) -> Set<String>
func setReceivedMessages(to receivedMessages: Set<String>, for publicKey: String, using transaction: Any)
func getLatestClosedGroupAuthenticationKeyPair(for groupPublicKey: String) -> Sign.KeyPair?
func isClosedGroup(_ publicKey: String) -> Bool
}

Loading…
Cancel
Save