Fix incorrect GCM tag size
This commit is contained in:
parent
245033dbc4
commit
c67e2af9a6
|
@ -2,7 +2,7 @@ import CryptoSwift
|
|||
import PromiseKit
|
||||
|
||||
extension OnionRequestAPI {
|
||||
internal static let gcmTagLength: UInt = 128
|
||||
internal static let gcmTagSize: UInt = 16
|
||||
internal static let ivSize: UInt = 12
|
||||
|
||||
internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)
|
||||
|
@ -24,7 +24,7 @@ extension OnionRequestAPI {
|
|||
private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {
|
||||
guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }
|
||||
let iv = try getSecureRandomData(ofSize: ivSize)
|
||||
let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined)
|
||||
let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
|
||||
let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7)
|
||||
let ciphertext = try aes.encrypt(plaintext.bytes)
|
||||
return iv + Data(bytes: ciphertext)
|
||||
|
|
|
@ -272,12 +272,12 @@ internal enum OnionRequestAPI {
|
|||
guard let json = rawResponse as? JSON, let base64EncodedIVAndCiphertext = json["result"] as? String,
|
||||
let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext) else { return seal.reject(Error.invalidJSON) }
|
||||
let iv = ivAndCiphertext[0..<Int(ivSize)]
|
||||
let ciphertext = ivAndCiphertext[Int(ivSize)..<ivAndCiphertext.endIndex]
|
||||
let ciphertext = ivAndCiphertext[Int(ivSize)...]
|
||||
do {
|
||||
let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined)
|
||||
let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
|
||||
let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7)
|
||||
let result = try aes.decrypt(ciphertext.bytes)
|
||||
seal.fulfill(result)
|
||||
seal.fulfill(Data(bytes: result))
|
||||
} catch (let error) {
|
||||
seal.reject(error)
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue