Sketch out sticker management views.
This commit is contained in:
parent
344f036ee5
commit
b57fdaddba
@ -439,29 +439,7 @@ public class StickerManager: NSObject {
|
||||
owsFailDebug("Could not derive sticker key.")
|
||||
throw StickerError.invalidInput
|
||||
}
|
||||
guard let key = OWSAES256Key(data: packKey) else {
|
||||
owsFailDebug("Invalid pack key.")
|
||||
throw StickerError.invalidInput
|
||||
}
|
||||
|
||||
// TODO: We might want to rename this method if we end up using it for more than
|
||||
// profile data.
|
||||
Logger.verbose("key: \(packKey.count), \(packKey.hexadecimalString)")
|
||||
Logger.verbose("key: \(stickerKey.count), \(stickerKey.hexadecimalString)")
|
||||
// + (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
|
||||
// withKey:(NSData *)key
|
||||
// digest:(nullable NSData *)digest
|
||||
// unpaddedSize:(UInt32)unpaddedSize
|
||||
// error:(NSError **)error
|
||||
|
||||
let plaintext = try StickerUtils.decryptAttachment(ciphertext, withKey: stickerKey)
|
||||
// let plaintext = try Cryptography.decryptAttachment(ciphertext, withKey: stickerKey, digest: nil, unpaddedSize: 0)
|
||||
// guard let plaintext = Cryptography.decryptAESGCMProfileData(encryptedData: ciphertext, key: key) else {
|
||||
// owsFailDebug("Decryption failed.")
|
||||
// throw StickerError.invalidInput
|
||||
// }
|
||||
|
||||
return plaintext
|
||||
return try StickerUtils.decryptStickerData(ciphertext, withKey: stickerKey)
|
||||
}
|
||||
|
||||
private class func enqueueAllStickerDownloads() {
|
||||
|
||||
@ -10,9 +10,9 @@ NS_ASSUME_NONNULL_BEGIN
|
||||
|
||||
+ (nullable NSData *)stickerKeyForPackKey:(NSData *)packKey;
|
||||
|
||||
+ (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
|
||||
withKey:(NSData *)key
|
||||
error:(NSError **)error;
|
||||
+ (nullable NSData *)decryptStickerData:(NSData *)dataToDecrypt
|
||||
withKey:(NSData *)key
|
||||
error:(NSError **)error;
|
||||
|
||||
@end
|
||||
|
||||
|
||||
@ -39,62 +39,14 @@ NS_ASSUME_NONNULL_BEGIN
|
||||
return stickerKey;
|
||||
}
|
||||
|
||||
#define HMAC256_KEY_LENGTH 32
|
||||
#define HMAC256_OUTPUT_LENGTH 32
|
||||
#define AES_CBC_IV_LENGTH 16
|
||||
#define AES_KEY_SIZE 32
|
||||
|
||||
+ (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
|
||||
withKey:(NSData *)key
|
||||
error:(NSError **)error
|
||||
+ (nullable NSData *)decryptStickerData:(NSData *)dataToDecrypt
|
||||
withKey:(NSData *)key
|
||||
error:(NSError **)error
|
||||
{
|
||||
NSData *_Nullable digest = nil;
|
||||
// if (digest.length <= 0) {
|
||||
// // This *could* happen with sufficiently outdated clients.
|
||||
// OWSLogError(@"Refusing to decrypt attachment without a digest.");
|
||||
// *error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
|
||||
// NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
|
||||
// return nil;
|
||||
// }
|
||||
|
||||
if (([dataToDecrypt length] < AES_CBC_IV_LENGTH + HMAC256_OUTPUT_LENGTH) ||
|
||||
([key length] < AES_KEY_SIZE + HMAC256_KEY_LENGTH)) {
|
||||
OWSLogError(@"Message shorter than crypto overhead!");
|
||||
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
|
||||
NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
|
||||
return nil;
|
||||
}
|
||||
|
||||
// key: 32 byte AES key || 32 byte Hmac-SHA256 key.
|
||||
NSData *encryptionKey = [key subdataWithRange:NSMakeRange(0, AES_KEY_SIZE)];
|
||||
NSData *hmacKey = [key subdataWithRange:NSMakeRange(AES_KEY_SIZE, HMAC256_KEY_LENGTH)];
|
||||
|
||||
// dataToDecrypt: IV || Ciphertext || truncated MAC(IV||Ciphertext)
|
||||
NSData *iv = [dataToDecrypt subdataWithRange:NSMakeRange(0, AES_CBC_IV_LENGTH)];
|
||||
|
||||
NSUInteger cipherTextLength;
|
||||
ows_sub_overflow(dataToDecrypt.length, (AES_CBC_IV_LENGTH + HMAC256_OUTPUT_LENGTH), &cipherTextLength);
|
||||
NSData *encryptedAttachment = [dataToDecrypt subdataWithRange:NSMakeRange(AES_CBC_IV_LENGTH, cipherTextLength)];
|
||||
|
||||
NSUInteger hmacOffset;
|
||||
ows_sub_overflow(dataToDecrypt.length, HMAC256_OUTPUT_LENGTH, &hmacOffset);
|
||||
NSData *hmac = [dataToDecrypt subdataWithRange:NSMakeRange(hmacOffset, HMAC256_OUTPUT_LENGTH)];
|
||||
|
||||
NSData *_Nullable paddedPlainText = [Cryptography decryptCBCMode:encryptedAttachment
|
||||
key:encryptionKey
|
||||
IV:iv
|
||||
version:nil
|
||||
HMACKey:hmacKey
|
||||
HMACType:TSHMACSHA256AttachementType
|
||||
matchingHMAC:hmac
|
||||
digest:digest];
|
||||
if (!paddedPlainText) {
|
||||
OWSFailDebug(@"couldn't decrypt attachment.");
|
||||
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData, NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
|
||||
return nil;
|
||||
} else {
|
||||
return paddedPlainText;
|
||||
}
|
||||
// TODO:
|
||||
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
|
||||
NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
|
||||
return nil;
|
||||
}
|
||||
|
||||
@end
|
||||
|
||||
Loading…
Reference in New Issue
Block a user