Sketch out sticker management views.

This commit is contained in:
Matthew Chen 2019-04-23 14:20:47 -04:00
parent 344f036ee5
commit b57fdaddba
3 changed files with 11 additions and 81 deletions

View File

@ -439,29 +439,7 @@ public class StickerManager: NSObject {
owsFailDebug("Could not derive sticker key.")
throw StickerError.invalidInput
}
guard let key = OWSAES256Key(data: packKey) else {
owsFailDebug("Invalid pack key.")
throw StickerError.invalidInput
}
// TODO: We might want to rename this method if we end up using it for more than
// profile data.
Logger.verbose("key: \(packKey.count), \(packKey.hexadecimalString)")
Logger.verbose("key: \(stickerKey.count), \(stickerKey.hexadecimalString)")
// + (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
// withKey:(NSData *)key
// digest:(nullable NSData *)digest
// unpaddedSize:(UInt32)unpaddedSize
// error:(NSError **)error
let plaintext = try StickerUtils.decryptAttachment(ciphertext, withKey: stickerKey)
// let plaintext = try Cryptography.decryptAttachment(ciphertext, withKey: stickerKey, digest: nil, unpaddedSize: 0)
// guard let plaintext = Cryptography.decryptAESGCMProfileData(encryptedData: ciphertext, key: key) else {
// owsFailDebug("Decryption failed.")
// throw StickerError.invalidInput
// }
return plaintext
return try StickerUtils.decryptStickerData(ciphertext, withKey: stickerKey)
}
private class func enqueueAllStickerDownloads() {

View File

@ -10,9 +10,9 @@ NS_ASSUME_NONNULL_BEGIN
+ (nullable NSData *)stickerKeyForPackKey:(NSData *)packKey;
+ (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
withKey:(NSData *)key
error:(NSError **)error;
+ (nullable NSData *)decryptStickerData:(NSData *)dataToDecrypt
withKey:(NSData *)key
error:(NSError **)error;
@end

View File

@ -39,62 +39,14 @@ NS_ASSUME_NONNULL_BEGIN
return stickerKey;
}
#define HMAC256_KEY_LENGTH 32
#define HMAC256_OUTPUT_LENGTH 32
#define AES_CBC_IV_LENGTH 16
#define AES_KEY_SIZE 32
+ (nullable NSData *)decryptAttachment:(NSData *)dataToDecrypt
withKey:(NSData *)key
error:(NSError **)error
+ (nullable NSData *)decryptStickerData:(NSData *)dataToDecrypt
withKey:(NSData *)key
error:(NSError **)error
{
NSData *_Nullable digest = nil;
// if (digest.length <= 0) {
// // This *could* happen with sufficiently outdated clients.
// OWSLogError(@"Refusing to decrypt attachment without a digest.");
// *error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
// NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
// return nil;
// }
if (([dataToDecrypt length] < AES_CBC_IV_LENGTH + HMAC256_OUTPUT_LENGTH) ||
([key length] < AES_KEY_SIZE + HMAC256_KEY_LENGTH)) {
OWSLogError(@"Message shorter than crypto overhead!");
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
return nil;
}
// key: 32 byte AES key || 32 byte Hmac-SHA256 key.
NSData *encryptionKey = [key subdataWithRange:NSMakeRange(0, AES_KEY_SIZE)];
NSData *hmacKey = [key subdataWithRange:NSMakeRange(AES_KEY_SIZE, HMAC256_KEY_LENGTH)];
// dataToDecrypt: IV || Ciphertext || truncated MAC(IV||Ciphertext)
NSData *iv = [dataToDecrypt subdataWithRange:NSMakeRange(0, AES_CBC_IV_LENGTH)];
NSUInteger cipherTextLength;
ows_sub_overflow(dataToDecrypt.length, (AES_CBC_IV_LENGTH + HMAC256_OUTPUT_LENGTH), &cipherTextLength);
NSData *encryptedAttachment = [dataToDecrypt subdataWithRange:NSMakeRange(AES_CBC_IV_LENGTH, cipherTextLength)];
NSUInteger hmacOffset;
ows_sub_overflow(dataToDecrypt.length, HMAC256_OUTPUT_LENGTH, &hmacOffset);
NSData *hmac = [dataToDecrypt subdataWithRange:NSMakeRange(hmacOffset, HMAC256_OUTPUT_LENGTH)];
NSData *_Nullable paddedPlainText = [Cryptography decryptCBCMode:encryptedAttachment
key:encryptionKey
IV:iv
version:nil
HMACKey:hmacKey
HMACType:TSHMACSHA256AttachementType
matchingHMAC:hmac
digest:digest];
if (!paddedPlainText) {
OWSFailDebug(@"couldn't decrypt attachment.");
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData, NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
return nil;
} else {
return paddedPlainText;
}
// TODO:
*error = OWSErrorWithCodeDescription(OWSErrorCodeInvalidStickerData,
NSLocalizedString(@"ERROR_MESSAGE_INVALID_MESSAGE", @""));
return nil;
}
@end