Domů Procházet Nápověda
Registrovat se Přihlásit se
chenwenyi
/
firebase-ios-sdk
1
0
Rozštěpit 0
Soubory Úkoly 0 Pull Requesty 0 Wiki
Větev: AppCheckAuthTestonly
Větve Značky
firebase-ios-sd...
/
FirebaseInstallations
/
Source
/
Library
/
IIDMigration
/
FIRInstallationsIIDStore.m

FIRInstallationsIIDStore.m 8.1 KB
Trvalý odkaz Historie Surový

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242 
  1. /*
    2. 

  2.  * Copyright 2019 Google
    3. 

  3.  *
    4. 

  4.  * Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5.  * you may not use this file except in compliance with the License.
    6. 

  6.  * You may obtain a copy of the License at
    7. 

  7.  *
    8. 

  8.  *      http://www.apache.org/licenses/LICENSE-2.0
    9. 

  9.  *
    10. 

  10.  * Unless required by applicable law or agreed to in writing, software
    11. 

  11.  * distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13.  * See the License for the specific language governing permissions and
    14. 

  14.  * limitations under the License.
    15. 

  15.  */
    16. 

  16. 

  17. #import "FirebaseInstallations/Source/Library/IIDMigration/FIRInstallationsIIDStore.h"
    18. 

  18. 

  19. #if __has_include(<FBLPromises/FBLPromises.h>)
    20. 

  20. #import <FBLPromises/FBLPromises.h>
    21. 

  21. #else
    22. 

  22. #import "FBLPromises.h"
    23. 

  23. #endif
    24. 

  24. 

  25. #import <CommonCrypto/CommonDigest.h>
    26. 

  26. #import "FirebaseInstallations/Source/Library/Errors/FIRInstallationsErrorUtil.h"
    27. 

  27. 

  28. static NSString *const kFIRInstallationsIIDKeyPairPublicTagPrefix =
    29. 

  29.     @"com.google.iid.keypair.public-";
    30. 

  30. static NSString *const kFIRInstallationsIIDKeyPairPrivateTagPrefix =
    31. 

  31.     @"com.google.iid.keypair.private-";
    32. 

  32. static NSString *const kFIRInstallationsIIDCreationTimePlistKey = @"|S|cre";
    33. 

  33. 

  34. @implementation FIRInstallationsIIDStore
    35. 

  35. 

  36. - (FBLPromise<NSString *> *)existingIID {
    37. 

  37.   return [FBLPromise onQueue:dispatch_get_global_queue(QOS_CLASS_UTILITY, 0)
    38. 

  38.                           do:^id _Nullable {
    39. 

  39.                             if (![self hasPlistIIDFlag]) {
    40. 

  40.                               return nil;
    41. 

  41.                             }
    42. 

  42. 

  43.                             NSData *IIDPublicKeyData = [self IIDPublicKeyData];
    44. 

  44.                             return [self IIDWithPublicKeyData:IIDPublicKeyData];
    45. 

  45.                           }]
    46. 

  46.       .validate(^BOOL(NSString *_Nullable IID) {
    47. 

  47.         return IID.length > 0;
    48. 

  48.       });
    49. 

  49. }
    50. 

  50. 

  51. - (FBLPromise<NSNull *> *)deleteExistingIID {
    52. 

  52.   return [FBLPromise onQueue:dispatch_get_global_queue(QOS_CLASS_UTILITY, 0)
    53. 

  53.                           do:^id _Nullable {
    54. 

  54.                             NSError *error;
    55. 

  55.                             if (![self deleteIIDFlagFromPlist:&error]) {
    56. 

  56.                               return error;
    57. 

  57.                             }
    58. 

  58. 

  59.                             if (![self deleteIID:&error]) {
    60. 

  60.                               return error;
    61. 

  61.                             }
    62. 

  62. 

  63.                             return [NSNull null];
    64. 

  64.                           }];
    65. 

  65. }
    66. 

  66. 

  67. #pragma mark - IID decoding
    68. 

  68. 

  69. - (NSString *)IIDWithPublicKeyData:(NSData *)publicKeyData {
    70. 

  70.   NSData *publicKeySHA1 = [self sha1WithData:publicKeyData];
    71. 

  71. 

  72.   const uint8_t *bytes = publicKeySHA1.bytes;
    73. 

  73.   NSMutableData *identityData = [NSMutableData dataWithData:publicKeySHA1];
    74. 

  74. 

  75.   uint8_t b0 = bytes[0];
    76. 

  76.   // Take the first byte and make the initial four 7 by initially making the initial 4 bits 0
    77. 

  77.   // and then adding 0x70 to it.
    78. 

  78.   b0 = 0x70 + (0xF & b0);
    79. 

  79.   // failsafe should give you back b0 itself
    80. 

  80.   b0 = (b0 & 0xFF);
    81. 

  81.   [identityData replaceBytesInRange:NSMakeRange(0, 1) withBytes:&b0];
    82. 

  82.   NSData *data = [identityData subdataWithRange:NSMakeRange(0, 8 * sizeof(Byte))];
    83. 

  83.   return [self base64URLEncodedStringWithData:data];
    84. 

  84. }
    85. 

  85. 

  86. /** FirebaseInstallations SDK uses the SHA1 hash for backwards compatibility with the legacy
    87. 

  87.  * FirebaseInstanceID SDK. The SHA1 hash is used to access Instance IDs stored on the device and not
    88. 

  88.  * for any security-relevant process. This is a one-time step that allows migration of old client
    89. 

  89.  * identifiers. Cryptographic security is not needed here, so potential hash collisions are not a
    90. 

  90.  * problem.
    91. 

  91.  */
    92. 

  92. - (NSData *)sha1WithData:(NSData *)data {
    93. 

  93.   unsigned char output[CC_SHA1_DIGEST_LENGTH];
    94. 

  94.   unsigned int length = (unsigned int)[data length];
    95. 

  95. 

  96.   CC_SHA1(data.bytes, length, output);
    97. 

  97.   return [NSData dataWithBytes:output length:CC_SHA1_DIGEST_LENGTH];
    98. 

  98. }
    99. 

  99. 

  100. - (NSString *)base64URLEncodedStringWithData:(NSData *)data {
    101. 

  101.   NSString *string = [data base64EncodedStringWithOptions:0];
    102. 

  102.   string = [string stringByReplacingOccurrencesOfString:@"/" withString:@"_"];
    103. 

  103.   string = [string stringByReplacingOccurrencesOfString:@"+" withString:@"-"];
    104. 

  104.   string = [string stringByReplacingOccurrencesOfString:@"=" withString:@""];
    105. 

  105.   return string;
    106. 

  106. }
    107. 

  107. 

  108. #pragma mark - Keychain
    109. 

  109. 

  110. - (NSData *)IIDPublicKeyData {
    111. 

  111.   NSString *tag = [self keychainKeyTagWithPrefix:kFIRInstallationsIIDKeyPairPublicTagPrefix];
    112. 

  112.   NSDictionary *query = [self keyPairQueryWithTag:tag returnData:YES];
    113. 

  113. 

  114.   CFTypeRef keyRef = NULL;
    115. 

  115.   OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)query, (CFTypeRef *)&keyRef);
    116. 

  116. 

  117.   if (status != noErr) {
    118. 

  118.     if (keyRef) {
    119. 

  119.       CFRelease(keyRef);
    120. 

  120.     }
    121. 

  121.     return nil;
    122. 

  122.   }
    123. 

  123. 

  124.   return (__bridge NSData *)keyRef;
    125. 

  125. }
    126. 

  126. 

  127. - (BOOL)deleteIID:(NSError **)outError {
    128. 

  128.   if (![self deleteKeychainKeyWithTagPrefix:kFIRInstallationsIIDKeyPairPublicTagPrefix
    129. 

  129.                                       error:outError]) {
    130. 

  130.     return NO;
    131. 

  131.   }
    132. 

  132. 

  133.   if (![self deleteKeychainKeyWithTagPrefix:kFIRInstallationsIIDKeyPairPrivateTagPrefix
    134. 

  134.                                       error:outError]) {
    135. 

  135.     return NO;
    136. 

  136.   }
    137. 

  137. 

  138.   return YES;
    139. 

  139. }
    140. 

  140. 

  141. - (BOOL)deleteKeychainKeyWithTagPrefix:(NSString *)tagPrefix error:(NSError **)outError {
    142. 

  142.   NSString *keyTag = [self keychainKeyTagWithPrefix:kFIRInstallationsIIDKeyPairPublicTagPrefix];
    143. 

  143.   NSDictionary *keyQuery = [self keyPairQueryWithTag:keyTag returnData:NO];
    144. 

  144. 

  145.   OSStatus status = SecItemDelete((__bridge CFDictionaryRef)keyQuery);
    146. 

  146. 

  147.   // When item is not found, it should NOT be considered as an error. The operation should
    148. 

  148.   // continue.
    149. 

  149.   if (status != noErr && status != errSecItemNotFound) {
    150. 

  150.     FIRInstallationsItemSetErrorToPointer(
    151. 

  151.         [FIRInstallationsErrorUtil keychainErrorWithFunction:@"SecItemDelete" status:status],
    152. 

  152.         outError);
    153. 

  153.     return NO;
    154. 

  154.   }
    155. 

  155. 

  156.   return YES;
    157. 

  157. }
    158. 

  158. 

  159. - (NSDictionary *)keyPairQueryWithTag:(NSString *)tag returnData:(BOOL)shouldReturnData {
    160. 

  160.   NSMutableDictionary *query = [NSMutableDictionary dictionary];
    161. 

  161.   NSData *tagData = [tag dataUsingEncoding:NSUTF8StringEncoding];
    162. 

  162. 

  163.   query[(__bridge id)kSecClass] = (__bridge id)kSecClassKey;
    164. 

  164.   query[(__bridge id)kSecAttrApplicationTag] = tagData;
    165. 

  165.   query[(__bridge id)kSecAttrKeyType] = (__bridge id)kSecAttrKeyTypeRSA;
    166. 

  166.   if (shouldReturnData) {
    167. 

  167.     query[(__bridge id)kSecReturnData] = @(YES);
    168. 

  168.   }
    169. 

  169. 

  170. #if TARGET_OS_OSX
    171. 

  171.   if (self.keychainRef) {
    172. 

  172.     query[(__bridge NSString *)kSecMatchSearchList] = @[ (__bridge id)(self.keychainRef) ];
    173. 

  173.   }
    174. 

  174. #endif  // TARGET_OSX
    175. 

  175. 

  176.   return query;
    177. 

  177. }
    178. 

  178. 

  179. - (NSString *)keychainKeyTagWithPrefix:(NSString *)prefix {
    180. 

  180.   NSString *mainAppBundleID = [[NSBundle mainBundle] bundleIdentifier];
    181. 

  181.   if (mainAppBundleID.length == 0) {
    182. 

  182.     return nil;
    183. 

  183.   }
    184. 

  184.   return [NSString stringWithFormat:@"%@%@", prefix, mainAppBundleID];
    185. 

  185. }
    186. 

  186. 

  187. - (NSString *)mainbundleIdentifier {
    188. 

  188.   NSString *bundleIdentifier = [[NSBundle mainBundle] bundleIdentifier];
    189. 

  189.   if (!bundleIdentifier.length) {
    190. 

  190.     return nil;
    191. 

  191.   }
    192. 

  192.   return bundleIdentifier;
    193. 

  193. }
    194. 

  194. 

  195. #pragma mark - Plist
    196. 

  196. 

  197. - (BOOL)deleteIIDFlagFromPlist:(NSError **)outError {
    198. 

  198.   NSString *path = [self plistPath];
    199. 

  199.   if (![[NSFileManager defaultManager] fileExistsAtPath:path]) {
    200. 

  200.     return YES;
    201. 

  201.   }
    202. 

  202. 

  203.   NSMutableDictionary *plistContent = [[NSMutableDictionary alloc] initWithContentsOfFile:path];
    204. 

  204.   plistContent[kFIRInstallationsIIDCreationTimePlistKey] = nil;
    205. 

  205. 

  206.   if (@available(macOS 10.13, iOS 11.0, tvOS 11.0, *)) {
    207. 

  207.     return [plistContent writeToURL:[NSURL fileURLWithPath:path] error:outError];
    208. 

  208.   }
    209. 

  209. 

  210.   return [plistContent writeToFile:path atomically:YES];
    211. 

  211. }
    212. 

  212. 

  213. - (BOOL)hasPlistIIDFlag {
    214. 

  214.   NSString *path = [self plistPath];
    215. 

  215.   if (![[NSFileManager defaultManager] fileExistsAtPath:path]) {
    216. 

  216.     return NO;
    217. 

  217.   }
    218. 

  218. 

  219.   NSDictionary *plistContent = [[NSDictionary alloc] initWithContentsOfFile:path];
    220. 

  220.   return plistContent[kFIRInstallationsIIDCreationTimePlistKey] != nil;
    221. 

  221. }
    222. 

  222. 

  223. - (NSString *)plistPath {
    224. 

  224.   NSString *plistNameWithExtension = @"com.google.iid-keypair.plist";
    225. 

  225.   NSString *_subDirectoryName = @"Google/FirebaseInstanceID";
    226. 

  226. 

  227.   NSArray *directoryPaths =
    228. 

  228.       NSSearchPathForDirectoriesInDomains([self supportedDirectory], NSUserDomainMask, YES);
    229. 

  229.   NSArray *components = @[ directoryPaths.lastObject, _subDirectoryName, plistNameWithExtension ];
    230. 

  230. 

  231.   return [NSString pathWithComponents:components];
    232. 

  232. }
    233. 

  233. 

  234. - (NSSearchPathDirectory)supportedDirectory {
    235. 

  235. #if TARGET_OS_TV
    236. 

  236.   return NSCachesDirectory;
    237. 

  237. #else
    238. 

  238.   return NSApplicationSupportDirectory;
    239. 

  239. #endif
    240. 

  240. }
    241. 

  241. 

  242. @end
    243.