133e25849d
Sources reorganized (client: Home/Session/Settings/Stores/Support/Trust; kit: Audio/Connection/Gamepad/Input/Support/Video/Views) with the big files split along the same seams. The gamepad mode is couch-complete, and now on macOS too (the living-room Mac case), not just iOS/iPadOS: - GamepadSettingsView: a console-style, fully controller-navigable settings screen (X from the launcher) — up/down moves focus, left/right steps values (clamped, boundary thud), A cycles/toggles, B closes; the focused row shows a one-line description. Backed by GamepadMenuList, the vertical sibling of GamepadCarousel, and SettingsOptions — the option lists hoisted out of SettingsView statics and shared by the touch, tvOS and gamepad settings. - GamepadAddHostView + GamepadKeyboard: register a host end to end with a pad — field rows open an on-screen controller keyboard (dpad grid, A types, X backspaces, B done); the launcher carousel ends in an Add Host tile, so the dead-end "add one with touch first" empty state is gone. - Launcher polish: contextual hint bar with the pad's real button glyphs, controller name + battery chip, one shared console chrome. - GamepadScreenBackground: an animated aurora (TimelineView-driven drifting blobs in the brand's violet family, breathing radii, slow hue shift, legibility scrim; freezes under Reduce Motion). Pure SwiftUI on purpose — a .metal library only bundles reliably in one of the two build systems (SPM vs the xcodeproj's synced folders) these sources compile under. - macOS port: settings/add-host/library present as sized sheets (a macOS sheet takes its content's IDEAL size, and the GeometryReader-driven screens collapsed to nothing), NSScreen-based mode lists, scroll indicators .never (the "always show scroll bars" setting overrides .hidden), tray scrims so scrolled rows dim under the pinned title/hints, extra title clearance, and a PUNKTFUNK_FORCE_GAMEPAD_UI=1 dev hook — launcher/settings/add-host/keyboard/ library render-verified live on a real Mac + LAN hosts. - GamepadMenuInput: X button support, and (re)start now snapshots held buttons so a controller handoff press never fires twice (the B that closed the keyboard no longer also cancels the screen underneath). - Cleanups: one "Connection failed" alert in ContentView instead of one per home screen; HostDiscovery.advertises/unsaved shared by both home screens. - host: can_encode_444 stub for the non-Linux/Windows host build (the macOS synthetic-source loopback used by the Swift tests). Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
60 lines
2.5 KiB
Swift
60 lines
2.5 KiB
Swift
// The client's persistent identity + the SPAKE2 PIN pairing ceremony — the trust
|
|
// bootstrap that precedes any pinned PunktfunkConnection.
|
|
|
|
import Foundation
|
|
import PunktfunkCore
|
|
|
|
/// This client's persistent self-signed identity. Generate ONCE with `generateIdentity()`,
|
|
/// store both PEMs (Keychain), present on every connect — the certificate's fingerprint is
|
|
/// how hosts recognize this client after pairing.
|
|
public struct ClientIdentity: Sendable {
|
|
public let certPEM: String
|
|
public let keyPEM: String
|
|
public init(certPEM: String, keyPEM: String) {
|
|
self.certPEM = certPEM
|
|
self.keyPEM = keyPEM
|
|
}
|
|
}
|
|
|
|
/// Generate a fresh client identity (self-signed cert + key, PEM).
|
|
public func generateIdentity() throws -> ClientIdentity {
|
|
var cert = [CChar](repeating: 0, count: 4096)
|
|
var key = [CChar](repeating: 0, count: 4096)
|
|
let rc = punktfunk_generate_identity(&cert, UInt(cert.count), &key, UInt(key.count))
|
|
guard rc == PUNKTFUNK_STATUS_OK.rawValue else {
|
|
throw PunktfunkClientError.status(rc)
|
|
}
|
|
return ClientIdentity(certPEM: String(cString: cert), keyPEM: String(cString: key))
|
|
}
|
|
|
|
/// Run the PIN pairing ceremony: the host displays a 4-digit PIN (its log/UI), the user
|
|
/// types it here. On success the host stores this client's identity and the returned
|
|
/// fingerprint is the host's now-VERIFIED identity — persist it and pass it as `pinSHA256`
|
|
/// to every later connect. Throws `.wrongPIN` when the proof is rejected.
|
|
public func pair(
|
|
host: String, port: UInt16 = 9777,
|
|
identity: ClientIdentity, pin: String, name: String,
|
|
timeoutMs: UInt32 = 90_000
|
|
) throws -> Data {
|
|
var observed = [UInt8](repeating: 0, count: 32)
|
|
// The C header types PunktfunkStatus as a bare int32 (C17, no enum import), so the ABI
|
|
// functions return Int32 directly — compare against the enum constants' rawValue, the
|
|
// same bridging the connection methods use (statusOK etc.).
|
|
let rc = host.withCString { cs in
|
|
identity.certPEM.withCString { cert in
|
|
identity.keyPEM.withCString { key in
|
|
pin.withCString { p in
|
|
name.withCString { n in
|
|
punktfunk_pair(cs, port, cert, key, p, n, &observed, timeoutMs)
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
switch rc {
|
|
case PUNKTFUNK_STATUS_OK.rawValue: return Data(observed)
|
|
case PUNKTFUNK_STATUS_CRYPTO.rawValue: throw PunktfunkClientError.wrongPIN
|
|
default: throw PunktfunkClientError.status(rc)
|
|
}
|
|
}
|