!!! Replace Pythia BrainKey with Hash BrainKey

INCOMPATIBLE IMPACT - CloudKeyManager is not backward compatible!
VirgilSecurity · Aug 9, 2023 · 29d6659 · 29d6659
1 parent 8a13998
commit 29d6659
Show file tree

Hide file tree

Showing 11 changed files with 89 additions and 101 deletions.
diff --git a/Package.resolved b/Package.resolved
@@ -18,15 +18,6 @@
         "version" : "7.0.0"
       }
     },
-    {
-      "identity" : "virgil-pythia-x",
-      "kind" : "remoteSourceControl",
-      "location" : "https://github.com/VirgilSecurity/virgil-pythia-x.git",
-      "state" : {
-        "revision" : "5b8eb3a4a8e891826d8a2c0d00e13a4b246aa596",
-        "version" : "0.12.0-dev.1"
-      }
-    },
     {
       "identity" : "virgil-ratchet-x",
       "kind" : "remoteSourceControl",

diff --git a/Package.swift b/Package.swift
@@ -16,19 +16,14 @@ let package = Package(
     ],
 
     dependencies: [
-        .package(
-            url: "https://github.com/VirgilSecurity/virgil-pythia-x.git",
-            exact: .init(0, 12, 0, prereleaseIdentifiers: ["dev", "1"])
-        ),
-        .package(url: "https://github.com/VirgilSecurity/virgil-ratchet-x.git", exact: .init(0, 10, 0)),
+        .package(url: "https://github.com/VirgilSecurity/virgil-ratchet-x.git", exact: .init(0, 10, 0))
     ],
 
     targets: [
         .target(
             name: "VirgilE3Kit",
             dependencies: [
-                .product(name: "VirgilSDKRatchet", package: "virgil-ratchet-x"),
-                .product(name: "VirgilSDKPythia", package: "virgil-pythia-x"),
+                .product(name: "VirgilSDKRatchet", package: "virgil-ratchet-x")
             ],
             path: "Source"
         ),

diff --git a/Source/EThree.swift b/Source/EThree.swift
@@ -196,8 +196,7 @@ import VirgilSDKRatchet
             identity: params.identity,
             crypto: crypto,
             accessTokenProvider: accessTokenProvider,
-            keyknoxServiceUrl: params.serviceUrls.keyknoxServiceUrl,
-            pythiaServiceUrl: params.serviceUrls.pythiaServiceUrl
+            keyknoxServiceUrl: params.serviceUrls.keyknoxServiceUrl
         )
 
         let sqliteCardStorage = try SQLiteCardStorage(

diff --git a/Source/Models/EThreeParams.swift b/Source/Models/EThreeParams.swift
@@ -37,7 +37,6 @@
 import Foundation
 import VirgilCrypto
 import VirgilSDK
-import VirgilSDKPythia
 import VirgilSDKRatchet
 
 /// Contains parameters for initializing EThree
@@ -73,9 +72,6 @@ import VirgilSDKRatchet
         /// Card service URL
         @objc public var cardServiceUrl: URL
 
-        /// Pythia service URL
-        @objc public var pythiaServiceUrl: URL
-
         /// Keyknox service URL
         @objc public var keyknoxServiceUrl: URL
 
@@ -85,17 +81,14 @@ import VirgilSDKRatchet
         /// Init
         /// - Parameters:
         ///   - cardServiceUrl: Card service URL
-        ///   - pythiaServiceUrl: Pythia service URL
         ///   - keyknoxServiceUrl: Keyknox service URL
         ///   - ratchetServiceUrl: Ratchet service URL
         @objc public init(
             cardServiceUrl: URL,
-            pythiaServiceUrl: URL,
             keyknoxServiceUrl: URL,
             ratchetServiceUrl: URL
         ) {
             self.cardServiceUrl = cardServiceUrl
-            self.pythiaServiceUrl = pythiaServiceUrl
             self.keyknoxServiceUrl = keyknoxServiceUrl
             self.ratchetServiceUrl = ratchetServiceUrl
         }
@@ -222,7 +215,6 @@ import VirgilSDKRatchet
         self.tokenCallback = tokenCallback
         self.serviceUrls = ServiceUrls(
             cardServiceUrl: CardClient.defaultURL,
-            pythiaServiceUrl: PythiaClient.defaultURL,
             keyknoxServiceUrl: KeyknoxClient.defaultURL,
             ratchetServiceUrl: RatchetClient.defaultURL
         )

diff --git a/Source/Models/Mixtec/BrainKey.swift b/Source/Models/Mixtec/BrainKey.swift
@@ -0,0 +1,73 @@
+//
+// Copyright (C) 2015-2021 Virgil Security Inc.
+//
+// All rights reserved.
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+//     (1) Redistributions of source code must retain the above copyright
+//     notice, this list of conditions and the following disclaimer.
+//
+//     (2) Redistributions in binary form must reproduce the above copyright
+//     notice, this list of conditions and the following disclaimer in
+//     the documentation and/or other materials provided with the
+//     distribution.
+//
+//     (3) Neither the name of the copyright holder nor the names of its
+//     contributors may be used to endorse or promote products derived from
+//     this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ''AS IS'' AND ANY EXPRESS OR
+// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+// DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+// INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+// (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+// SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+// IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+// POSSIBILITY OF SUCH DAMAGE.
+//
+// Lead Maintainer: Virgil Security Inc. <support@virgilsecurity.com>
+//
+
+import Foundation
+import VirgilCrypto
+import VirgilCryptoFoundation
+import VirgilSDK
+
+/// Class for HashBased BrainKey
+@objc(VSYBrainKey) open class BrainKey: NSObject {
+    /// Underlying crypto
+    @objc public let crypto: VirgilCrypto
+
+    /// Initializer
+    ///
+    /// - Parameter context: BrainKey context
+    @objc public init(crypto: VirgilCrypto) {
+        self.crypto = crypto
+    }
+
+    /// Generates key pair based on given password and brainkeyId
+    ///
+    /// - Parameters:
+    ///   - password: password from which key pair will be generated
+    ///   - brainKeyId: optional brainKey identifier (in case one wants to generate several key pairs from 1 password)
+    /// - Returns: GenericOperation with VirgilKeyPair
+    open func generateKeyPair(password: String, brainKeyId: String? = nil) -> GenericOperation<VirgilKeyPair> {
+        CallbackOperation { _, completion in
+            do {
+                let passphrase = [password, brainKeyId].compactMap { $0 }.joined()
+                let seed = self.crypto.computeHash(for: passphrase.data(using: .utf8)!, using: .sha512)
+                let keyPair = try self.crypto.generateKeyPair(usingSeed: seed)
+                completion(keyPair, nil)
+            } catch {
+                completion(nil, error)
+                return
+            }
+        }
+    }
+}
diff --git a/Source/Storages/Cloud/CloudKeyManager.swift b/Source/Storages/Cloud/CloudKeyManager.swift
@@ -37,7 +37,6 @@
 import Foundation
 import VirgilCrypto
 import VirgilSDK
-import VirgilSDKPythia
 
 internal class CloudKeyManager {
     private let identity: String
@@ -54,8 +53,7 @@ internal class CloudKeyManager {
         identity: String,
         crypto: VirgilCrypto,
         accessTokenProvider: AccessTokenProvider,
-        keyknoxServiceUrl: URL,
-        pythiaServiceUrl: URL
+        keyknoxServiceUrl: URL
     ) throws {
         self.identity = identity
         self.crypto = crypto
@@ -72,16 +70,7 @@ internal class CloudKeyManager {
 
         self.keyknoxManager = try KeyknoxManager(keyknoxClient: keyknoxClient)
 
-        let pythiaClient = PythiaClient(
-            accessTokenProvider: self.accessTokenProvider,
-            serviceUrl: pythiaServiceUrl,
-            connection: connection,
-            retryConfig: ExpBackoffRetry.Config()
-        )
-
-        let brainKeyContext = try BrainKeyContext(client: pythiaClient)
-
-        self.brainKey = BrainKey(context: brainKeyContext)
+        self.brainKey = BrainKey(crypto: self.crypto)
     }
 
     internal func setUpCloudKeyStorage(password: String) throws -> CloudKeyStorage {

diff --git a/Tests/Swift/Utils/TestConfig.swift b/Tests/Swift/Utils/TestConfig.swift
@@ -67,19 +67,16 @@ import VirgilE3Kit
 
     @objc public class ServiceUrls: NSObject, Decodable {
         public let Card: String
-        public let Pythia: String
         public let Keyknox: String
         public let Ratchet: String
 
         @objc public func get() -> EThreeParams.ServiceUrls {
             let cardServiceUrl = URL(string: self.Card)!
-            let pythiaServiceUrl = URL(string: self.Pythia)!
             let keyknoxServiceUrl = URL(string: self.Keyknox)!
             let ratchetServiceUrl = URL(string: self.Ratchet)!
 
             return EThreeParams.ServiceUrls(
                 cardServiceUrl: cardServiceUrl,
-                pythiaServiceUrl: pythiaServiceUrl,
                 keyknoxServiceUrl: keyknoxServiceUrl,
                 ratchetServiceUrl: ratchetServiceUrl
             )

diff --git a/Tests/Swift/Utils/TestUtils.swift b/Tests/Swift/Utils/TestUtils.swift
@@ -38,7 +38,6 @@ import Foundation
 import VirgilCrypto
 import VirgilE3Kit
 import VirgilSDK
-import VirgilSDKPythia
 
 @objc(VTETestUtils) public class TestUtils: NSObject {
     @objc public let crypto: VirgilCrypto
@@ -249,14 +248,8 @@ import VirgilSDKPythia
         let serviceUrls = self.config.ServiceUrls.get()
         let connection = HttpConnection()
         let retryConfig = ExpBackoffRetry.Config()
-        let pythiaClient = PythiaClient(
-            accessTokenProvider: provider,
-            serviceUrl: serviceUrls.pythiaServiceUrl,
-            connection: connection,
-            retryConfig: retryConfig
-        )
 
-        let brainKeyContext = try! BrainKeyContext(client: pythiaClient)
+        let brainKeyContext = try! BrainKeyContext()
         let brainKey = BrainKey(context: brainKeyContext)
 
         brainKey.generateKeyPair(password: password, brainKeyId: nil) { keyPair, error in

diff --git a/VirgilE3Kit.podspec b/VirgilE3Kit.podspec
@@ -12,6 +12,5 @@ Pod::Spec.new do |s|
   s.watchos.deployment_target   = "2.0"
   s.source       		= { :git => "https://github.com/VirgilSecurity/virgil-e3kit-x.git", :tag => s.version }
   s.source_files  		= 'Source/**/*.{swift}'
-  s.dependency "VirgilSDKPythia", '= 0.12.0'
   s.dependency "VirgilSDKRatchet", '= 0.10.0'
 end