KeysRotator
@objc(VSRKeysRotator)
public class KeysRotator : NSObject, KeysRotatorProtocol
Default implementation of KeysRotatorProtocol
-
init(crypto:
identityPrivateKey: identityCardId: orphanedOneTimeKeyTtl: longTermKeyTtl: outdatedLongTermKeyTtl: desiredNumberOfOneTimeKeys: enablePostQuantum: longTermKeysStorage: oneTimeKeysStorage: client: ) Initializer
Declaration
Swift
@objc public init(crypto: VirgilCrypto, identityPrivateKey: VirgilPrivateKey, identityCardId: String, orphanedOneTimeKeyTtl: TimeInterval, longTermKeyTtl: TimeInterval, outdatedLongTermKeyTtl: TimeInterval, desiredNumberOfOneTimeKeys: Int, enablePostQuantum: Bool, longTermKeysStorage: LongTermKeysStorage, oneTimeKeysStorage: OneTimeKeysStorage, client: RatchetClientProtocol)
Parameters
crypto
VirgilCrypto instance
identityPrivateKey
identity private key
identityCardId
identity card id
orphanedOneTimeKeyTtl
time that one-time key lives in the storage after been marked as orphaned. Seconds
longTermKeyTtl
time that long-term key is been used before rotation. Seconds
outdatedLongTermKeyTtl
time that long-term key lives in the storage after been marked as outdated. Seconds
desiredNumberOfOneTimeKeys
desired number of one-time keys
longTermKeysStorage
long-term keys storage
oneTimeKeysStorage
one-time keys storage
client
-
Rotates keys
Rotation process:
- Retrieve all one-time keys
- Delete one-time keys that were marked as orphaned more than orphanedOneTimeKeyTtl seconds ago
- Retrieve all long-term keys
- Delete long-term keys that were marked as outdated more than outdatedLongTermKeyTtl seconds ago
- Check that all relevant long-term and one-time keys are in the cloud (still persistent in the cloud and were not used)
- Mark used one-time keys as used
- Decide on long-term key roration
- Generate needed number of one-time keys
Upload keys to the cloud
Declaration
Swift
public func rotateKeysOperation() -> GenericOperation<RotationLog>
Return Value
GenericOperation
-
Rotates keys
Rotation process:
- Retrieve all one-time keys
- Delete one-time keys that were marked as orphaned more than orphanedOneTimeKeyTtl seconds ago
- Retrieve all long-term keys
- Delete long-term keys that were marked as outdated more than outdatedLongTermKeyTtl seconds ago
- Check that all relevant long-term and one-time keys are in the cloud (still persistent in the cloud and were not used)
- Mark used one-time keys as used
- Decide on long-term key roration
- Generate needed number of one-time keys
Upload keys to the cloud
completion: completion handler
rotationLog: represents the result of rotateKeys operation
error: corresponding error
Declaration
Swift
@objc func rotateKeysOperation(completion: @escaping (_ rotationLog: RotationLog?, _ error: Error?) -> Void)
Parameters
completion
completion handler
rotationLog
represents the result of rotateKeys operation
error
corresponding error