session-ios/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption....

import CryptoSwift
import PromiseKit

extension OnionRequestAPI {
    internal static let gcmTagSize: UInt = 16
    internal static let ivSize: UInt = 12

    internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)

    /// - Note: Sync. Don't call from the main thread.
    private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {
        guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }
        guard let iv = Data.getSecureRandomData(ofSize: ivSize) else { throw Error.randomDataGenerationFailed }
        let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)
        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .noPadding)
        let ciphertext = try aes.encrypt(plaintext.bytes)
        return iv + Data(bytes: ciphertext)
    }

    /// - Note: Sync. Don't call from the main thread.
    private static func encrypt(_ plaintext: Data, using x25519Key: String?) throws -> EncryptionResult {
        guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:forSnode:) from the main thread.") }
        guard let hexEncodedX25519PublicKey = x25519Key else { throw Error.snodePublicKeySetMissing }
        let x25519PublicKey = Data(hex: hexEncodedX25519PublicKey)
        let ephemeralKeyPair = Curve25519.generateKeyPair()
        let ephemeralSharedSecret = try Curve25519.generateSharedSecret(fromPublicKey: x25519PublicKey, privateKey: ephemeralKeyPair.privateKey)
        let salt = "LOKI"
        let symmetricKey = try HMAC(key: salt.bytes, variant: .sha256).authenticate(ephemeralSharedSecret.bytes)
        let ciphertext = try encrypt(plaintext, usingAESGCMWithSymmetricKey: Data(bytes: symmetricKey))
        return (ciphertext, Data(bytes: symmetricKey), ephemeralKeyPair.publicKey)
    }

    /// Encrypts `payload` for `snode` and returns the result. Use this to build the core of an onion request.
    internal static func encrypt(_ payload: JSON, using x25519Key: String?, to destination: JSON) -> Promise<EncryptionResult> {
        let (promise, seal) = Promise<EncryptionResult>.pending()
        DispatchQueue.global(qos: .userInitiated).async {
            do {
                // The wrapper is not needed when it is a file server onion request
                guard JSONSerialization.isValidJSONObject(payload) else { return seal.reject(HTTP.Error.invalidJSON) }
                if let destination = destination["destination"] {
                    let payloadAsData = try JSONSerialization.data(withJSONObject: payload, options: [ .fragmentsAllowed ])
                    let payloadAsString = String(data: payloadAsData, encoding: .utf8)! // Snodes only accept this as a string
                    let wrapper: JSON = [ "body" : payloadAsString, "headers" : "" ]
                    guard JSONSerialization.isValidJSONObject(wrapper) else { return seal.reject(HTTP.Error.invalidJSON) }
                    let plaintext = try JSONSerialization.data(withJSONObject: wrapper, options: [ .fragmentsAllowed ])
                    let result = try encrypt(plaintext, using: x25519Key)
                    seal.fulfill(result)
                } else {
                    let plaintext = try JSONSerialization.data(withJSONObject: payload, options: [ .fragmentsAllowed ])
                    let result = try encrypt(plaintext, using: x25519Key)
                    seal.fulfill(result)
                }
            } catch (let error) {
                seal.reject(error)
            }
        }
        return promise
    }

    /// Encrypts the previous encryption result (i.e. that of the hop after this one) for this hop. Use this to build the layers of an onion request.
    internal static func encryptHop(with x25519Key: String?, to destination: JSON, using previousEncryptionResult: EncryptionResult) -> Promise<EncryptionResult> {
        let (promise, seal) = Promise<EncryptionResult>.pending()
        DispatchQueue.global(qos: .userInitiated).async {
            var parameters = destination
            parameters["ciphertext"] = previousEncryptionResult.ciphertext.base64EncodedString()
            parameters["ephemeral_key"] = previousEncryptionResult.ephemeralPublicKey.toHexString()
            do {
                guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(HTTP.Error.invalidJSON) }
                let plaintext = try JSONSerialization.data(withJSONObject: parameters, options: [ .fragmentsAllowed ])
                let result = try encrypt(plaintext, using: x25519Key)
                seal.fulfill(result)
            } catch (let error) {
                seal.reject(error)
            }
        }
        return promise
    }
}
Implement onion request encryption 6 years ago			`import CryptoSwift`
			`import PromiseKit`

			`extension OnionRequestAPI {`
Fix incorrect GCM tag size 6 years ago			`internal static let gcmTagSize: UInt = 16`
Implement onion request decryption 6 years ago			`internal static let ivSize: UInt = 12`
Implement onion request encryption 6 years ago
			`internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data)`

			`/// - Note: Sync. Don't call from the main thread.`
			`private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {`
Fix missing IV & improve error handling 6 years ago			`guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }`
Add multi device friend request acceptance test 6 years ago			`guard let iv = Data.getSecureRandomData(ofSize: ivSize) else { throw Error.randomDataGenerationFailed }`
Fix incorrect GCM tag size 6 years ago			`let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined)`
Fix incorrect padding setting 6 years ago			`let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .noPadding)`
Implement onion request encryption 6 years ago			`let ciphertext = try aes.encrypt(plaintext.bytes)`
Fix missing IV & improve error handling 6 years ago			`return iv + Data(bytes: ciphertext)`
Implement onion request encryption 6 years ago			`}`

			`/// - Note: Sync. Don't call from the main thread.`
refactor and prepare for file server onion request 5 years ago			`private static func encrypt(_ plaintext: Data, using x25519Key: String?) throws -> EncryptionResult {`
Implement onion request encryption 6 years ago			`guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:forSnode:) from the main thread.") }`
refactor and prepare for file server onion request 5 years ago			`guard let hexEncodedX25519PublicKey = x25519Key else { throw Error.snodePublicKeySetMissing }`
			`let x25519PublicKey = Data(hex: hexEncodedX25519PublicKey)`
Implement onion request encryption 6 years ago			`let ephemeralKeyPair = Curve25519.generateKeyPair()`
refactor and prepare for file server onion request 5 years ago			`let ephemeralSharedSecret = try Curve25519.generateSharedSecret(fromPublicKey: x25519PublicKey, privateKey: ephemeralKeyPair.privateKey)`
Clean 6 years ago			`let salt = "LOKI"`
			`let symmetricKey = try HMAC(key: salt.bytes, variant: .sha256).authenticate(ephemeralSharedSecret.bytes)`
Implement onion request encryption 6 years ago			`let ciphertext = try encrypt(plaintext, usingAESGCMWithSymmetricKey: Data(bytes: symmetricKey))`
			`return (ciphertext, Data(bytes: symmetricKey), ephemeralKeyPair.publicKey)`
			`}`

			/// Encrypts `payload` for `snode` and returns the result. Use this to build the core of an onion request.
refactor and prepare for file server onion request 5 years ago			`internal static func encrypt(_ payload: JSON, using x25519Key: String?, to destination: JSON) -> Promise<EncryptionResult> {`
Implement onion request encryption 6 years ago			`let (promise, seal) = Promise<EncryptionResult>.pending()`
Slightly improve performance 6 years ago			`DispatchQueue.global(qos: .userInitiated).async {`
Implement onion request encryption 6 years ago			`do {`
use onion routing for file server requests 5 years ago			`// The wrapper is not needed when it is a file server onion request`
Move HTTP utilities into their own file 6 years ago			`guard JSONSerialization.isValidJSONObject(payload) else { return seal.reject(HTTP.Error.invalidJSON) }`
use onion routing for file server requests 5 years ago			`if let destination = destination["destination"] {`
			`let payloadAsData = try JSONSerialization.data(withJSONObject: payload, options: [ .fragmentsAllowed ])`
			`let payloadAsString = String(data: payloadAsData, encoding: .utf8)! // Snodes only accept this as a string`
			`let wrapper: JSON = [ "body" : payloadAsString, "headers" : "" ]`
			`guard JSONSerialization.isValidJSONObject(wrapper) else { return seal.reject(HTTP.Error.invalidJSON) }`
			`let plaintext = try JSONSerialization.data(withJSONObject: wrapper, options: [ .fragmentsAllowed ])`
			`let result = try encrypt(plaintext, using: x25519Key)`
			`seal.fulfill(result)`
			`} else {`
			`let plaintext = try JSONSerialization.data(withJSONObject: payload, options: [ .fragmentsAllowed ])`
			`let result = try encrypt(plaintext, using: x25519Key)`
			`seal.fulfill(result)`
			`}`
Implement onion request encryption 6 years ago			`} catch (let error) {`
			`seal.reject(error)`
			`}`
			`}`
			`return promise`
			`}`

Add more documentation 6 years ago			`/// Encrypts the previous encryption result (i.e. that of the hop after this one) for this hop. Use this to build the layers of an onion request.`
refactor and prepare for file server onion request 5 years ago			`internal static func encryptHop(with x25519Key: String?, to destination: JSON, using previousEncryptionResult: EncryptionResult) -> Promise<EncryptionResult> {`
Implement onion request encryption 6 years ago			`let (promise, seal) = Promise<EncryptionResult>.pending()`
Slightly improve performance 6 years ago			`DispatchQueue.global(qos: .userInitiated).async {`
refactor and prepare for file server onion request 5 years ago			`var parameters = destination`
			`parameters["ciphertext"] = previousEncryptionResult.ciphertext.base64EncodedString()`
			`parameters["ephemeral_key"] = previousEncryptionResult.ephemeralPublicKey.toHexString()`
Implement onion request encryption 6 years ago			`do {`
Move HTTP utilities into their own file 6 years ago			`guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(HTTP.Error.invalidJSON) }`
Fix clock out of sync error not propagating 5 years ago			`let plaintext = try JSONSerialization.data(withJSONObject: parameters, options: [ .fragmentsAllowed ])`
refactor and prepare for file server onion request 5 years ago			`let result = try encrypt(plaintext, using: x25519Key)`
Implement onion request encryption 6 years ago			`seal.fulfill(result)`
			`} catch (let error) {`
			`seal.reject(error)`
			`}`
			`}`
			`return promise`
			`}`
			`}`