fix desktop linking for some users

// FREEBIE

SignalServiceKit/src/Devices/OWSProvisioningCipher.m

@@ -86,9 +86,8 @@ NS_ASSUME_NONNULL_BEGIN
         return nil;
     }
 
-    // allow space for message + padding any incomplete block
-    NSUInteger blockCount = ceil((double)dataToEncrypt.length / (double)kCCBlockSizeAES128);
-    size_t ciphertextBufferSize = blockCount * kCCBlockSizeAES128;
+    // allow space for message + padding any incomplete block. PKCS7 padding will always add at least one byte.
+    size_t ciphertextBufferSize = dataToEncrypt.length + kCCBlockSizeAES128;
 
     // message format is (iv || ciphertext)
     NSMutableData *encryptedMessage = [NSMutableData dataWithLength:iv.length + ciphertextBufferSize];
@@ -117,8 +116,8 @@ NS_ASSUME_NONNULL_BEGIN
         DDLogError(@"Encryption failed with status: %d", cryptStatus);
         return nil;
     }
-    
-    return [encryptedMessage copy];
+
+    return [encryptedMessage subdataWithRange:NSMakeRange(0, iv.length + bytesEncrypted)];
 }
 
 - (NSData *)macForMessage:(NSData *)message withKey:(NSData *)macKey

SignalServiceKit/src/Devices/OWSProvisioningMessage.m

@@ -61,7 +61,7 @@ NS_ASSUME_NONNULL_BEGIN
     OWSProvisioningCipher *cipher = [[OWSProvisioningCipher alloc] initWithTheirPublicKey:self.theirPublicKey];
     NSData *_Nullable encryptedProvisionMessage = [cipher encrypt:plainTextProvisionMessage];
     if (encryptedProvisionMessage == nil) {
-        DDLogError(@"Failed to encrypt provision message");
+        OWSFail(@"Failed to encrypt provision message");
         return nil;
     }
 

SignalServiceKit/tests/Devices/OWSDeviceProvisionerTest.m

@@ -1,4 +1,6 @@
-//  Copyright © 2016 Open Whisper Systems. All rights reserved.
+//
+//  Copyright (c) 2017 Open Whisper Systems. All rights reserved.
+//
 
 #import "OWSDeviceProvisioner.h"
 #import "OWSDeviceProvisioningCodeService.h"
@@ -62,6 +64,7 @@
     NSData *myPublicKey = [nullKey copy];
     NSData *myPrivateKey = [nullKey copy];
     NSData *theirPublicKey = [nullKey copy];
+    NSData *profileKey = [nullKey copy];
     NSString *accountIdentifier;
     NSString *theirEphemeralDeviceId;
 
@@ -72,6 +75,7 @@
                  theirPublicKey:theirPublicKey
          theirEphemeralDeviceId:theirEphemeralDeviceId
               accountIdentifier:accountIdentifier
+                     profileKey:profileKey
         provisioningCodeService:[[OWSFakeDeviceProvisioningCodeService alloc] initWithNetworkManager:networkManager]
             provisioningService:[[OWSFakeDeviceProvisioningService alloc] initWithNetworkManager:networkManager]];
 

SignalServiceKit/tests/Devices/OWSProvisioningCipherTest.m

@@ -131,4 +131,25 @@
     XCTAssertEqualObjects(expectedOutput, actualOutput);
 }
 
+- (void)testPadding
+{
+    NSUInteger kBlockSize = 16;
+    for (int i = 0; i <= kBlockSize; i++) {
+        NSData *message = [Cryptography generateRandomBytes:i];
+
+
+        NSData *theirPublicKey = [self knownPublicKey];
+        ECKeyPair *ourKeyPair = [self knownKeyPair];
+        NSData *initializationVector = [self knownInitializationVector];
+
+        OWSProvisioningCipher *cipher = [[OWSProvisioningCipher alloc] initWithTheirPublicKey:theirPublicKey
+                                                                                   ourKeyPair:ourKeyPair
+                                                                         initializationVector:initializationVector];
+
+
+        NSData *actualOutput = [cipher encrypt:message];
+        XCTAssertNotNil(actualOutput, @"failed for message length: %d", i);
+    }
+}
+
 @end