77 lines
2.2 KiB
Swift
77 lines
2.2 KiB
Swift
|
//
|
||
|
// MLCrypto.swift
|
||
|
// monalxmpp
|
||
|
//
|
||
|
// Created by Anurodh Pokharel on 1/7/20.
|
||
|
// Copyright © 2020 Monal.im. All rights reserved.
|
||
|
//
|
||
|
|
||
|
import UIKit
|
||
|
import CryptoKit
|
||
|
import ASN1Decoder
|
||
|
|
||
|
@objcMembers
|
||
|
public class MLCrypto: NSObject {
|
||
|
|
||
|
public func encryptGCM (key: Data, decryptedContent:Data) -> EncryptedPayload?
|
||
|
{
|
||
|
let gcmKey = SymmetricKey.init(data: key)
|
||
|
|
||
|
let iv = AES.GCM.Nonce()
|
||
|
|
||
|
do {
|
||
|
let encrypted = try AES.GCM.seal(decryptedContent, using: gcmKey, nonce: iv)
|
||
|
let encryptedPayload = EncryptedPayload()
|
||
|
let combined = encrypted.combined
|
||
|
let ciphertext = encrypted.ciphertext
|
||
|
|
||
|
if let combined = combined {
|
||
|
let ivData = combined.subdata(in: 0..<12)
|
||
|
//combined is in the format
|
||
|
//iv+body+auth
|
||
|
let range = 12+ciphertext.count..<combined.count //16 is gnereally tag size apple uses
|
||
|
let tagData = combined.subdata(in:range)
|
||
|
|
||
|
encryptedPayload.updateValues(body:ciphertext, iv: ivData, key:key, tag:tagData)
|
||
|
encryptedPayload.combined = combined
|
||
|
return encryptedPayload
|
||
|
} else {
|
||
|
return nil;
|
||
|
}
|
||
|
} catch {
|
||
|
return nil
|
||
|
}
|
||
|
}
|
||
|
|
||
|
// generate 12 byte nonce
|
||
|
public func genIV() -> Data?
|
||
|
{
|
||
|
return Data(AES.GCM.Nonce())
|
||
|
}
|
||
|
|
||
|
public func decryptGCM (key: Data, encryptedContent:Data) -> Data?
|
||
|
{
|
||
|
do {
|
||
|
let sealedBoxToOpen = try AES.GCM.SealedBox(combined: encryptedContent)
|
||
|
let gcmKey = SymmetricKey.init(data: key)
|
||
|
let decryptedData = try AES.GCM.open(sealedBoxToOpen, using: gcmKey)
|
||
|
return decryptedData
|
||
|
} catch {
|
||
|
DDLogWarn("Could not decrypt GCM. Returning nil instead: \(String(describing:error))")
|
||
|
return nil;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
public func getSignatureAlgo(ofCert certData:Data) -> String?
|
||
|
{
|
||
|
do {
|
||
|
let x509 = try X509Certificate(data:certData)
|
||
|
DDLogVerbose("ASN1 decoded cert: \(x509.description)")
|
||
|
return x509.sigAlgOID
|
||
|
} catch {
|
||
|
DDLogError("ASN1 error: \(error)")
|
||
|
return nil
|
||
|
}
|
||
|
}
|
||
|
}
|