session-ios/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption....

import CryptoSwift
import PromiseKit

extension OnionRequestAPI {
    internal static let gcmTagSize: UInt = 16
    internal static let ivSize: UInt = 12

    internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)

    /// - Note: Sync. Don't call from the main thread.
    private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {
        guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }
        guard let iv = Data.getSecureRandomData(ofSize: ivSize) else { throw Error.randomDataGenerationFailed }
        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .noPadding)
        let ciphertext = try aes.encrypt(plaintext.bytes)
        return iv + Data(bytes: ciphertext)
    }

    /// - Note: Sync. Don't call from the main thread.
    private static func encrypt(_ plaintext: Data, forSnode snode: LokiAPITarget) throws -> EncryptionResult {
        guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:forSnode:) from the main thread.") }
        guard let hexEncodedSnodeX25519PublicKey = snode.publicKeySet?.x25519Key else { throw Error.snodePublicKeySetMissing }
        let snodeX25519PublicKey = Data(hex: hexEncodedSnodeX25519PublicKey)
        let ephemeralKeyPair = Curve25519.generateKeyPair()
        let ephemeralSharedSecret = try Curve25519.generateSharedSecret(fromPublicKey: snodeX25519PublicKey, privateKey: ephemeralKeyPair.privateKey)
        let salt = "LOKI"
        let symmetricKey = try HMAC(key: salt.bytes, variant: .sha256).authenticate(ephemeralSharedSecret.bytes)
        let ciphertext = try encrypt(plaintext, usingAESGCMWithSymmetricKey: Data(bytes: symmetricKey))
        return (ciphertext, Data(bytes: symmetricKey), ephemeralKeyPair.publicKey)
    }

    /// Encrypts `payload` for `snode` and returns the result. Use this to build the core of an onion request.
    internal static func encrypt(_ payload: JSON, forTargetSnode snode: LokiAPITarget) -> Promise<EncryptionResult> {
        let (promise, seal) = Promise<EncryptionResult>.pending()
        DispatchQueue.global(qos: .userInitiated).async {
            do {
                guard JSONSerialization.isValidJSONObject(payload) else { return seal.reject(HTTP.Error.invalidJSON) }
                let payloadAsData = try JSONSerialization.data(withJSONObject: payload, options: [])
                let payloadAsString = String(data: payloadAsData, encoding: .utf8)! // Snodes only accept this as a string
                let wrapper: JSON = [ "body" : payloadAsString, "headers" : "" ]
                guard JSONSerialization.isValidJSONObject(wrapper) else { return seal.reject(HTTP.Error.invalidJSON) }
                let plaintext = try JSONSerialization.data(withJSONObject: wrapper, options: [])
                let result = try encrypt(plaintext, forSnode: snode)
                seal.fulfill(result)
            } catch (let error) {
                seal.reject(error)
            }
        }
        return promise
    }

    /// Encrypts the previous encryption result (i.e. that of the hop after this one) for this hop. Use this to build the layers of an onion request.
    internal static func encryptHop(from lhs: LokiAPITarget, to rhs: LokiAPITarget, using previousEncryptionResult: EncryptionResult) -> Promise<EncryptionResult> {
        let (promise, seal) = Promise<EncryptionResult>.pending()
        DispatchQueue.global(qos: .userInitiated).async {
            let parameters: JSON = [
                "ciphertext" : previousEncryptionResult.ciphertext.base64EncodedString(),
                "ephemeral_key" : previousEncryptionResult.ephemeralPublicKey.toHexString(),
                "destination" : rhs.publicKeySet!.ed25519Key
            ]
            do {
                guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(HTTP.Error.invalidJSON) }
                let plaintext = try JSONSerialization.data(withJSONObject: parameters, options: [])
                let result = try encrypt(plaintext, forSnode: lhs)
                seal.fulfill(result)
            } catch (let error) {
                seal.reject(error)
            }
        }
        return promise
    }
}
Implement onion request encryption 5 years ago			`import CryptoSwift`
			`import PromiseKit`

			`extension OnionRequestAPI {`
Fix incorrect GCM tag size 5 years ago			`internal static let gcmTagSize: UInt = 16`
Implement onion request decryption 5 years ago			`internal static let ivSize: UInt = 12`
Implement onion request encryption 5 years ago
			`internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)`

			`/// - Note: Sync. Don't call from the main thread.`
			`private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {`
Fix missing IV & improve error handling 5 years ago			`guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }`
Add multi device friend request acceptance test 5 years ago			`guard let iv = Data.getSecureRandomData(ofSize: ivSize) else { throw Error.randomDataGenerationFailed }`
Fix incorrect GCM tag size 5 years ago			`let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)`
Fix incorrect padding setting 5 years ago			`let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .noPadding)`
Implement onion request encryption 5 years ago			`let ciphertext = try aes.encrypt(plaintext.bytes)`
Fix missing IV & improve error handling 5 years ago			`return iv + Data(bytes: ciphertext)`
Implement onion request encryption 5 years ago			`}`

			`/// - Note: Sync. Don't call from the main thread.`
			`private static func encrypt(_ plaintext: Data, forSnode snode: LokiAPITarget) throws -> EncryptionResult {`
			`guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:forSnode:) from the main thread.") }`
			`guard let hexEncodedSnodeX25519PublicKey = snode.publicKeySet?.x25519Key else { throw Error.snodePublicKeySetMissing }`
			`let snodeX25519PublicKey = Data(hex: hexEncodedSnodeX25519PublicKey)`
			`let ephemeralKeyPair = Curve25519.generateKeyPair()`
			`let ephemeralSharedSecret = try Curve25519.generateSharedSecret(fromPublicKey: snodeX25519PublicKey, privateKey: ephemeralKeyPair.privateKey)`
Clean 5 years ago			`let salt = "LOKI"`
			`let symmetricKey = try HMAC(key: salt.bytes, variant: .sha256).authenticate(ephemeralSharedSecret.bytes)`
Implement onion request encryption 5 years ago			`let ciphertext = try encrypt(plaintext, usingAESGCMWithSymmetricKey: Data(bytes: symmetricKey))`
			`return (ciphertext, Data(bytes: symmetricKey), ephemeralKeyPair.publicKey)`
			`}`

			/// Encrypts `payload` for `snode` and returns the result. Use this to build the core of an onion request.
Fix onion request layout 5 years ago			`internal static func encrypt(_ payload: JSON, forTargetSnode snode: LokiAPITarget) -> Promise<EncryptionResult> {`
Implement onion request encryption 5 years ago			`let (promise, seal) = Promise<EncryptionResult>.pending()`
Slightly improve performance 5 years ago			`DispatchQueue.global(qos: .userInitiated).async {`
Implement onion request encryption 5 years ago			`do {`
Move HTTP utilities into their own file 5 years ago			`guard JSONSerialization.isValidJSONObject(payload) else { return seal.reject(HTTP.Error.invalidJSON) }`
Fix onion request layout 5 years ago			`let payloadAsData = try JSONSerialization.data(withJSONObject: payload, options: [])`
			`let payloadAsString = String(data: payloadAsData, encoding: .utf8)! // Snodes only accept this as a string`
			`let wrapper: JSON = [ "body" : payloadAsString, "headers" : "" ]`
Move HTTP utilities into their own file 5 years ago			`guard JSONSerialization.isValidJSONObject(wrapper) else { return seal.reject(HTTP.Error.invalidJSON) }`
Fix onion request layout 5 years ago			`let plaintext = try JSONSerialization.data(withJSONObject: wrapper, options: [])`
Implement onion request encryption 5 years ago			`let result = try encrypt(plaintext, forSnode: snode)`
			`seal.fulfill(result)`
			`} catch (let error) {`
			`seal.reject(error)`
			`}`
			`}`
			`return promise`
			`}`

Add more documentation 5 years ago			`/// Encrypts the previous encryption result (i.e. that of the hop after this one) for this hop. Use this to build the layers of an onion request.`
Don't use snodes known to be unreliable for path building 5 years ago			`internal static func encryptHop(from lhs: LokiAPITarget, to rhs: LokiAPITarget, using previousEncryptionResult: EncryptionResult) -> Promise<EncryptionResult> {`
Implement onion request encryption 5 years ago			`let (promise, seal) = Promise<EncryptionResult>.pending()`
Slightly improve performance 5 years ago			`DispatchQueue.global(qos: .userInitiated).async {`
Implement onion request encryption 5 years ago			`let parameters: JSON = [`
			`"ciphertext" : previousEncryptionResult.ciphertext.base64EncodedString(),`
			`"ephemeral_key" : previousEncryptionResult.ephemeralPublicKey.toHexString(),`
Don't use snodes known to be unreliable for path building 5 years ago			`"destination" : rhs.publicKeySet!.ed25519Key`
Implement onion request encryption 5 years ago			`]`
			`do {`
Move HTTP utilities into their own file 5 years ago			`guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(HTTP.Error.invalidJSON) }`
Implement onion request encryption 5 years ago			`let plaintext = try JSONSerialization.data(withJSONObject: parameters, options: [])`
Don't use snodes known to be unreliable for path building 5 years ago			`let result = try encrypt(plaintext, forSnode: lhs)`
Implement onion request encryption 5 years ago			`seal.fulfill(result)`
			`} catch (let error) {`
			`seal.reject(error)`
			`}`
			`}`
			`return promise`
			`}`
			`}`