Debug

SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption.swift

@@ -9,9 +9,9 @@ extension OnionRequestAPI {
         return DispatchQueue(label: UUID().uuidString, qos: .userInitiated)
     }
 
-    /// Returns `size` bytes of random data generated using the default random number generator. See
+    /// Returns `size` bytes of random data generated using the default secure random number generator. See
     /// [SecRandomCopyBytes](https://developer.apple.com/documentation/security/1399291-secrandomcopybytes) for more information.
-    private static func getRandomData(ofSize size: UInt) throws -> Data {
+    private static func getSecureRandomData(ofSize size: UInt) throws -> Data {
         var data = Data(count: Int(size))
         let result = data.withUnsafeMutableBytes { SecRandomCopyBytes(kSecRandomDefault, Int(size), $0.baseAddress!) }
         guard result == errSecSuccess else { throw Error.randomDataGenerationFailed }
@@ -22,10 +22,10 @@ extension OnionRequestAPI {
     private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data {
         guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") }
         let ivSize: UInt = 12
-        let iv = try getRandomData(ofSize: ivSize)
+        let iv = try getSecureRandomData(ofSize: ivSize)
         let gcmTagLength: UInt = 128
         let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined)
-        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .noPadding)
+        let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7)
         let ciphertext = try aes.encrypt(plaintext.bytes)
         return iv + Data(bytes: ciphertext)
     }
@@ -48,7 +48,7 @@ extension OnionRequestAPI {
     internal static func encrypt(_ payload: Data, forTargetSnode snode: LokiAPITarget) -> Promise<EncryptionResult> {
         let (promise, seal) = Promise<EncryptionResult>.pending()
         getQueue().async {
-            let parameters: JSON = [ "body" : payload.base64EncodedString() ]
+            let parameters: JSON = [ "body" : payload.base64EncodedString(), "headers" : "" ]
             do {
                 guard JSONSerialization.isValidJSONObject(parameters) else { return seal.reject(Error.invalidJSON) }
                 let plaintext = try JSONSerialization.data(withJSONObject: parameters, options: [])

SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift

@@ -101,7 +101,7 @@ internal enum OnionRequestAPI {
                         json = [ "message" : message ]
                     }
                     let jsonDescription = json?.prettifiedDescription ?? "no debugging info provided"
-                    print("[Loki] [Onion Request API] \(verb.rawValue) request to \(url) failed with status code: \(statusCode) (\(jsonDescription).")
+                    print("[Loki] [Onion Request API] \(verb.rawValue) request to \(url) failed with status code: \(statusCode) (\(jsonDescription)).")
                     return seal.reject(Error.httpRequestFailed(statusCode: statusCode, json: json))
                 }
                 do {
@@ -126,7 +126,6 @@ internal enum OnionRequestAPI {
             let timeout: TimeInterval = 10 // Use a shorter timeout for testing
             execute(.get, url, timeout: timeout).done(on: queue) { rawResponse in
                 guard let json = rawResponse as? JSON, let version = json["version"] as? String else { return seal.reject(Error.missingSnodeVersion) }
-                // TODO: Caching
                 if version >= "2.0.0" {
                     seal.fulfill(())
                 } else {