diff --git a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption.swift b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption.swift index 35af7a475..1fc7d232f 100644 --- a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption.swift +++ b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI+Encryption.swift @@ -2,7 +2,7 @@ import CryptoSwift import PromiseKit extension OnionRequestAPI { - internal static let gcmTagLength: UInt = 128 + internal static let gcmTagSize: UInt = 16 internal static let ivSize: UInt = 12 internal typealias EncryptionResult = (ciphertext: Data, symmetricKey: Data, ephemeralPublicKey: Data) @@ -24,7 +24,7 @@ extension OnionRequestAPI { private static func encrypt(_ plaintext: Data, usingAESGCMWithSymmetricKey symmetricKey: Data) throws -> Data { guard !Thread.isMainThread else { preconditionFailure("It's illegal to call encrypt(_:usingAESGCMWithSymmetricKey:) from the main thread.") } let iv = try getSecureRandomData(ofSize: ivSize) - let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagLength), mode: .combined) + let gcm = GCM(iv: iv.bytes, tagLength: Int(gcmTagSize), mode: .combined) let aes = try AES(key: symmetricKey.bytes, blockMode: gcm, padding: .pkcs7) let ciphertext = try aes.encrypt(plaintext.bytes) return iv + Data(bytes: ciphertext) diff --git a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift index 2248cc37a..e7da970ac 100644 --- a/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift +++ b/SignalServiceKit/src/Loki/API/Onion Requests/OnionRequestAPI.swift @@ -272,12 +272,12 @@ internal enum OnionRequestAPI { guard let json = rawResponse as? JSON, let base64EncodedIVAndCiphertext = json["result"] as? String, let ivAndCiphertext = Data(base64Encoded: base64EncodedIVAndCiphertext) else { return seal.reject(Error.invalidJSON) } let iv = ivAndCiphertext[0..