keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c475f895e8'
${ noResults }
session-ios/SignalUtilitiesKit/OWSProvisioningCipher.m

158 lines
4.8 KiB
Matlab
Raw Normal View History Unescape Escape

Create SignalUtilitiesKit
5 years ago
//
// Copyright (c) 2018 Open Whisper Systems. All rights reserved.
//
#import "OWSProvisioningCipher.h"
#import <CommonCrypto/CommonCrypto.h>
#import <Curve25519Kit/Curve25519.h>
#import <HKDFKit/HKDFKit.h>
#import <SessionProtocolKit/SessionProtocolKit.h>
NS_ASSUME_NONNULL_BEGIN
@interface OWSProvisioningCipher ()
@property (nonatomic, readonly) NSData *theirPublicKey;
@property (nonatomic, readonly) ECKeyPair *ourKeyPair;
@property (nonatomic, readonly) NSData *initializationVector;
@end
#pragma mark -
@implementation OWSProvisioningCipher
- (instancetype)initWithTheirPublicKey:(NSData *)theirPublicKey
{
return [self initWithTheirPublicKey:theirPublicKey
ourKeyPair:[Curve25519 generateKeyPair]
initializationVector:[Cryptography generateRandomBytes:kCCBlockSizeAES128]];
}
// Private method which exposes dependencies for testing
- (instancetype)initWithTheirPublicKey:(NSData *)theirPublicKey
ourKeyPair:(ECKeyPair *)ourKeyPair
initializationVector:(NSData *)initializationVector
{
self = [super init];
if (!self) {
return self;
}
_theirPublicKey = theirPublicKey;
_ourKeyPair = ourKeyPair;
_initializationVector = initializationVector;
return self;
}
- (NSData *)ourPublicKey
{
return self.ourKeyPair.publicKey;
}
- (nullable NSData *)encrypt:(NSData *)dataToEncrypt
{
@try {
return [self throws_encryptWithData:dataToEncrypt];
} @catch (NSException *exception) {
OWSFailDebug(@"exception: %@ of type: %@ with reason: %@, user info: %@.",
exception.description,
exception.name,
exception.reason,
exception.userInfo);
return nil;
}
}
- (nullable NSData *)throws_encryptWithData:(NSData *)dataToEncrypt
{
NSData *sharedSecret =
[Curve25519 generateSharedSecretFromPublicKey:self.theirPublicKey andKeyPair:self.ourKeyPair];
NSData *infoData = [@"TextSecure Provisioning Message" dataUsingEncoding:NSASCIIStringEncoding];
NSData *nullSalt = [[NSMutableData dataWithLength:32] copy];
NSData *derivedSecret = [HKDFKit deriveKey:sharedSecret info:infoData salt:nullSalt outputSize:64];
NSData *cipherKey = [derivedSecret subdataWithRange:NSMakeRange(0, 32)];
NSData *macKey = [derivedSecret subdataWithRange:NSMakeRange(32, 32)];
if (cipherKey.length != 32) {
OWSFailDebug(@"Cipher Key must be 32 bytes");
return nil;
}
if (macKey.length != 32) {
OWSFailDebug(@"Mac Key must be 32 bytes");
return nil;
}
u_int8_t versionByte[] = { 0x01 };
NSMutableData *message = [NSMutableData dataWithBytes:&versionByte length:1];
NSData *_Nullable cipherText = [self encrypt:dataToEncrypt withKey:cipherKey];
if (cipherText == nil) {
OWSFailDebug(@"Provisioning cipher failed.");
return nil;
}
[message appendData:cipherText];
NSData *_Nullable mac = [self macForMessage:message withKey:macKey];
if (mac == nil) {
OWSFailDebug(@"mac failed.");
return nil;
}
[message appendData:mac];
return [message copy];
}
- (nullable NSData *)encrypt:(NSData *)dataToEncrypt withKey:(NSData *)cipherKey
{
NSData *iv = self.initializationVector;
if (iv.length != kCCBlockSizeAES128) {
OWSFailDebug(@"Unexpected length for iv");
return nil;
}
if (dataToEncrypt.length >= SIZE_MAX - (kCCBlockSizeAES128 + iv.length)) {
OWSFailDebug(@"data is too long to encrypt.");
return nil;
}
// allow space for message + padding any incomplete block. PKCS7 padding will always add at least one byte.
size_t ciphertextBufferSize = dataToEncrypt.length + kCCBlockSizeAES128;
NSMutableData *ciphertextData = [[NSMutableData alloc] initWithLength:ciphertextBufferSize];
size_t bytesEncrypted = 0;
CCCryptorStatus cryptStatus = CCCrypt(kCCEncrypt,
kCCAlgorithmAES,
kCCOptionPKCS7Padding,
cipherKey.bytes,
cipherKey.length,
iv.bytes,
dataToEncrypt.bytes,
dataToEncrypt.length,
ciphertextData.mutableBytes,
ciphertextBufferSize,
&bytesEncrypted);
if (cryptStatus != kCCSuccess) {
OWSFailDebug(@"Encryption failed with status: %d", cryptStatus);
return nil;
}
// message format is (iv || ciphertext)
NSMutableData *encryptedMessage = [NSMutableData new];
[encryptedMessage appendData:iv];
[encryptedMessage appendData:[ciphertextData subdataWithRange:NSMakeRange(0, bytesEncrypted)]];
return [encryptedMessage copy];
}
- (nullable NSData *)macForMessage:(NSData *)message withKey:(NSData *)macKey
{
return [Cryptography computeSHA256HMAC:message withHMACKey:macKey];
}
@end
NS_ASSUME_NONNULL_END