2017-03-10 18:10:52 +01:00
|
|
|
//
|
2018-05-21 23:02:59 +02:00
|
|
|
// Copyright (c) 2018 Open Whisper Systems. All rights reserved.
|
2017-03-10 18:10:52 +01:00
|
|
|
//
|
|
|
|
|
|
|
|
NS_ASSUME_NONNULL_BEGIN
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2017-08-21 17:21:23 +02:00
|
|
|
extern const NSUInteger kAES256_KeyByteLength;
|
2017-08-14 17:31:43 +02:00
|
|
|
|
2018-07-20 16:45:46 +02:00
|
|
|
/// Key appropriate for use in AES256-GCM
|
2017-08-21 17:21:23 +02:00
|
|
|
@interface OWSAES256Key : NSObject <NSSecureCoding>
|
2017-08-14 17:31:43 +02:00
|
|
|
|
|
|
|
/// Generates new secure random key
|
|
|
|
- (instancetype)init;
|
|
|
|
+ (instancetype)generateRandomKey;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param data representing the raw key bytes
|
|
|
|
*
|
2018-07-20 16:45:46 +02:00
|
|
|
* @returns a new instance if key is of appropriate length for AES256-GCM
|
2017-08-14 17:31:43 +02:00
|
|
|
* else returns nil.
|
|
|
|
*/
|
|
|
|
+ (nullable instancetype)keyWithData:(NSData *)data;
|
|
|
|
|
|
|
|
/// The raw key material
|
|
|
|
@property (nonatomic, readonly) NSData *keyData;
|
|
|
|
|
|
|
|
@end
|
|
|
|
|
2018-07-25 20:02:25 +02:00
|
|
|
#pragma mark -
|
|
|
|
|
2018-07-20 16:45:46 +02:00
|
|
|
@interface AES25GCMEncryptionResult : NSObject
|
|
|
|
|
|
|
|
@property (nonatomic, readonly) NSData *ciphertext;
|
|
|
|
@property (nonatomic, readonly) NSData *initializationVector;
|
|
|
|
@property (nonatomic, readonly) NSData *authTag;
|
|
|
|
|
2018-07-23 18:35:35 +02:00
|
|
|
- (instancetype)init NS_UNAVAILABLE;
|
2018-07-20 16:45:46 +02:00
|
|
|
- (nullable instancetype)initWithCipherText:(NSData *)cipherText
|
|
|
|
initializationVector:(NSData *)initializationVector
|
|
|
|
authTag:(NSData *)authTag NS_DESIGNATED_INITIALIZER;
|
|
|
|
|
|
|
|
@end
|
|
|
|
|
2018-07-25 20:02:25 +02:00
|
|
|
#pragma mark -
|
|
|
|
|
2015-12-07 03:31:43 +01:00
|
|
|
@interface Cryptography : NSObject
|
|
|
|
|
|
|
|
typedef NS_ENUM(NSInteger, TSMACType) {
|
|
|
|
TSHMACSHA256Truncated10Bytes = 2,
|
|
|
|
TSHMACSHA256AttachementType = 3
|
|
|
|
};
|
|
|
|
|
2017-12-19 03:17:11 +01:00
|
|
|
+ (NSData *)generateRandomBytes:(NSUInteger)numberBytes;
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2018-05-21 23:02:59 +02:00
|
|
|
+ (uint32_t)randomUInt32;
|
|
|
|
+ (uint64_t)randomUInt64;
|
2018-08-03 01:21:01 +02:00
|
|
|
+ (unsigned)randomUnsigned;
|
2018-05-21 23:02:59 +02:00
|
|
|
|
2018-07-25 20:02:25 +02:00
|
|
|
#pragma mark - SHA and HMAC methods
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2017-03-10 18:10:52 +01:00
|
|
|
// Full length SHA256 digest for `data`
|
2018-07-25 20:02:25 +02:00
|
|
|
+ (nullable NSData *)computeSHA256Digest:(NSData *)data;
|
2017-03-10 18:10:52 +01:00
|
|
|
|
|
|
|
// Truncated SHA256 digest for `data`
|
2018-07-25 20:02:25 +02:00
|
|
|
+ (nullable NSData *)computeSHA256Digest:(NSData *)data truncatedToBytes:(NSUInteger)truncatedBytes;
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2018-07-25 20:02:25 +02:00
|
|
|
+ (nullable NSString *)truncatedSHA1Base64EncodedWithoutPadding:(NSString *)string;
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2018-07-25 20:02:25 +02:00
|
|
|
+ (nullable NSData *)decryptAppleMessagePayload:(NSData *)payload withSignalingKey:(NSString *)signalingKeyString;
|
2015-12-07 03:31:43 +01:00
|
|
|
|
2018-07-26 21:22:20 +02:00
|
|
|
+ (nullable NSData *)computeSHA256HMAC:(NSData *)data withHMACKey:(NSData *)HMACKey;
|
|
|
|
|
2015-12-07 03:31:43 +01:00
|
|
|
#pragma mark encrypt and decrypt attachment data
|
2017-10-27 02:25:07 +02:00
|
|
|
|
|
|
|
// Though digest can and will be nil for legacy clients, we now reject attachments lacking a digest.
|
2018-07-25 20:02:25 +02:00
|
|
|
+ (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
|
|
|
|
withKey:(NSData *)key
|
|
|
|
digest:(nullable NSData *)digest
|
|
|
|
unpaddedSize:(UInt32)unpaddedSize
|
|
|
|
error:(NSError **)error;
|
|
|
|
|
|
|
|
+ (nullable NSData *)encryptAttachmentData:(NSData *)attachmentData
|
|
|
|
outKey:(NSData *_Nonnull *_Nullable)outKey
|
|
|
|
outDigest:(NSData *_Nonnull *_Nullable)outDigest;
|
2016-10-14 23:00:29 +02:00
|
|
|
|
2018-07-20 16:45:46 +02:00
|
|
|
+ (nullable AES25GCMEncryptionResult *)encryptAESGCMWithData:(NSData *)plaintext
|
|
|
|
additionalAuthenticatedData:(nullable NSData *)additionalAuthenticatedData
|
|
|
|
key:(OWSAES256Key *)key
|
|
|
|
NS_SWIFT_NAME(encryptAESGCM(plainTextData:additionalAuthenticatedData:key:));
|
2017-08-14 17:31:43 +02:00
|
|
|
|
2018-07-18 19:42:33 +02:00
|
|
|
+ (nullable NSData *)decryptAESGCMWithInitializationVector:(NSData *)initializationVector
|
|
|
|
ciphertext:(NSData *)ciphertext
|
2018-07-20 16:45:46 +02:00
|
|
|
additionalAuthenticatedData:(nullable NSData *)additionalAuthenticatedData
|
2018-07-18 19:42:33 +02:00
|
|
|
authTag:(NSData *)authTagFromEncrypt
|
|
|
|
key:(OWSAES256Key *)key;
|
|
|
|
|
2018-07-20 16:45:46 +02:00
|
|
|
+ (nullable NSData *)encryptAESGCMWithProfileData:(NSData *)plaintextData key:(OWSAES256Key *)key;
|
|
|
|
+ (nullable NSData *)decryptAESGCMWithProfileData:(NSData *)encryptedData key:(OWSAES256Key *)key;
|
|
|
|
|
2018-08-03 01:21:01 +02:00
|
|
|
+ (void)seedRandom;
|
|
|
|
|
2015-12-07 03:31:43 +01:00
|
|
|
@end
|
2017-03-10 18:10:52 +01:00
|
|
|
|
|
|
|
NS_ASSUME_NONNULL_END
|