From bfd9757a37ebefe0d6c3a6ce29cd03de24c7e787 Mon Sep 17 00:00:00 2001 From: fmodf Date: Sun, 8 Sep 2024 19:28:17 +0200 Subject: [PATCH] aes-gsm for attachments --- .../AppData/Client/Client.swift | 24 ++++++++----------- .../AppData/Services/AESGSMEngine.swift | 4 ++-- 2 files changed, 12 insertions(+), 16 deletions(-) diff --git a/ConversationsClassic/AppData/Client/Client.swift b/ConversationsClassic/AppData/Client/Client.swift index d355b05..3f2b6a6 100644 --- a/ConversationsClassic/AppData/Client/Client.swift +++ b/ConversationsClassic/AppData/Client/Client.swift @@ -115,7 +115,16 @@ extension Client { } // encrypt data if needed - let ((key, iv), encrypted) = try await encryptFile(data) + let key = try AESGSMEngine.generateKey() + let iv = try AESGSMEngine.generateIV() + var encrypted = Data() + var tag = Data() + guard AESGSMEngine.shared.encrypt(iv: iv, key: key, message: data, output: &encrypted, tag: &tag) else { + throw AppError.securityError + } + + // attach tag to end of encrypted data + encrypted.append(tag) data = encrypted // upload @@ -192,19 +201,6 @@ private extension Client { }) } } - - func encryptFile(_ data: Data) async throws -> ((Data, Data), Data) { - guard let iv = try? AESGSMEngine.generateIV(), let key = try? AESGSMEngine.generateKey() else { - throw AppError.securityError - } - var encrypted = Data() - var tag = Data() - guard AESGSMEngine.shared.encrypt(iv: iv, key: key, message: data, output: &encrypted, tag: &tag) else { - throw AppError.securityError - } - - return ((key, iv), encrypted) - } } extension Client { diff --git a/ConversationsClassic/AppData/Services/AESGSMEngine.swift b/ConversationsClassic/AppData/Services/AESGSMEngine.swift index 2c0689c..ef1842f 100644 --- a/ConversationsClassic/AppData/Services/AESGSMEngine.swift +++ b/ConversationsClassic/AppData/Services/AESGSMEngine.swift @@ -12,8 +12,8 @@ final class AESGSMEngine: AES_GCM_Engine { let symmetricKey = SymmetricKey(data: key) let sealedBox = try AES.GCM.seal(message, using: symmetricKey, nonce: AES.GCM.Nonce(data: iv)) - if let output = output, let data = sealedBox.combined { - output.pointee = data + if let output = output { + output.pointee = sealedBox.ciphertext } if let tag = tag { tag.pointee = sealedBox.tag