Fix incorrect GCM tag size

2020-04-01 14:40:15 +11:00 · 2020-04-01 14:40:15 +11:00 · c67e2af9a6
parent 245033dbc4
commit c67e2af9a6
2 changed files with 5 additions and 5 deletions
--- a/Requests/OnionRequestAPI+Encryption.swift
+++ b/Requests/OnionRequestAPI+Encryption.swift
@ -2,7 +2,7 @@ import CryptoSwift
 import PromiseKit

 extension OnionRequestAPI {
-    internal static let gcmTagLength: UInt = 128
+    internal static let gcmTagSize: UInt = 16
    internal static let ivSize: UInt = 12

    internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)
@ -24,7 +24,7 @@ extension OnionRequestAPI {
    private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {
        guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }
        let iv = try getSecureRandomData(ofSize: ivSize)
-        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined)
+        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7)
        let ciphertext = try aes.encrypt(plaintext.bytes)
        return iv + Data(bytes: ciphertext)
--- a/SignalServiceKit/src/Loki/API/Onion
+++ b/SignalServiceKit/src/Loki/API/Onion
@ -272,12 +272,12 @@ internal enum OnionRequestAPI {
                    guard let json = rawResponse as? JSON, let base64EncodedIVAndCiphertext = json["result"] as? String,
                        let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext) else { return seal.reject(Error.invalidJSON) }
                    let iv = ivAndCiphertext[0..<Int(ivSize)]
-                    let ciphertext = ivAndCiphertext[Int(ivSize)..<ivAndCiphertext.endIndex]
+                    let ciphertext = ivAndCiphertext[Int(ivSize)...]
                    do {
-                        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined)
+                        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
                        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7)
                        let result = try aes.decrypt(ciphertext.bytes)
-                        seal.fulfill(result)
+                        seal.fulfill(Data(bytes: result))
                    } catch (let error) {
                        seal.reject(error)
                    }