IceCubes/IceCubesNotifications/NotificationServiceSupport.swift

59 lines
2.0 KiB
Swift
Raw Normal View History

2023-01-08 14:16:43 +01:00
import CryptoKit
2023-01-17 11:36:01 +01:00
import Foundation
2023-01-08 14:16:43 +01:00
extension NotificationService {
static func decrypt(payload: Data, salt: Data, auth: Data, privateKey: P256.KeyAgreement.PrivateKey, publicKey: P256.KeyAgreement.PublicKey) -> Data? {
guard let sharedSecret = try? privateKey.sharedSecretFromKeyAgreement(with: publicKey) else {
return nil
}
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
let keyMaterial = sharedSecret.hkdfDerivedSymmetricKey(using: SHA256.self, salt: auth, sharedInfo: Data("Content-Encoding: auth\0".utf8), outputByteCount: 32)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
let keyInfo = info(type: "aesgcm", clientPublicKey: privateKey.publicKey.x963Representation, serverPublicKey: publicKey.x963Representation)
let key = HKDF<SHA256>.deriveKey(inputKeyMaterial: keyMaterial, salt: salt, info: keyInfo, outputByteCount: 16)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
let nonceInfo = info(type: "nonce", clientPublicKey: privateKey.publicKey.x963Representation, serverPublicKey: publicKey.x963Representation)
let nonce = HKDF<SHA256>.deriveKey(inputKeyMaterial: keyMaterial, salt: salt, info: nonceInfo, outputByteCount: 12)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
let nonceData = nonce.withUnsafeBytes(Array.init)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
guard let sealedBox = try? AES.GCM.SealedBox(combined: nonceData + payload) else {
return nil
}
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
var _plaintext: Data?
do {
_plaintext = try AES.GCM.open(sealedBox, using: key)
2024-02-14 12:48:14 +01:00
} catch {}
2023-01-08 14:16:43 +01:00
guard let plaintext = _plaintext else {
return nil
}
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
let paddingLength = Int(plaintext[0]) * 256 + Int(plaintext[1])
guard plaintext.count >= 2 + paddingLength else {
fatalError()
}
let unpadded = plaintext.suffix(from: paddingLength + 2)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
return Data(unpadded)
}
2023-01-17 11:36:01 +01:00
private static func info(type: String, clientPublicKey: Data, serverPublicKey: Data) -> Data {
2023-01-08 14:16:43 +01:00
var info = Data()
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
info.append("Content-Encoding: ".data(using: .utf8)!)
info.append(type.data(using: .utf8)!)
info.append(0)
info.append("P-256".data(using: .utf8)!)
info.append(0)
info.append(0)
info.append(65)
info.append(clientPublicKey)
info.append(0)
info.append(65)
info.append(serverPublicKey)
2023-01-17 11:36:01 +01:00
2023-01-08 14:16:43 +01:00
return info
}
}