IceCubesApp/IceCubesNotifications/NotificationServiceSupport.swift

84 lines
2.7 KiB
Swift
Raw Normal View History

2023-01-08 13:16:43 +00:00
import CryptoKit
2023-01-17 10:36:01 +00:00
import Foundation
2023-01-08 13:16:43 +00:00
extension NotificationService {
static func decrypt(payload: Data, salt: Data, auth: Data, privateKey: P256.KeyAgreement.PrivateKey, publicKey: P256.KeyAgreement.PublicKey) -> Data? {
guard let sharedSecret = try? privateKey.sharedSecretFromKeyAgreement(with: publicKey) else {
return nil
}
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
let keyMaterial = sharedSecret.hkdfDerivedSymmetricKey(using: SHA256.self, salt: auth, sharedInfo: Data("Content-Encoding: auth\0".utf8), outputByteCount: 32)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
let keyInfo = info(type: "aesgcm", clientPublicKey: privateKey.publicKey.x963Representation, serverPublicKey: publicKey.x963Representation)
let key = HKDF<SHA256>.deriveKey(inputKeyMaterial: keyMaterial, salt: salt, info: keyInfo, outputByteCount: 16)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
let nonceInfo = info(type: "nonce", clientPublicKey: privateKey.publicKey.x963Representation, serverPublicKey: publicKey.x963Representation)
let nonce = HKDF<SHA256>.deriveKey(inputKeyMaterial: keyMaterial, salt: salt, info: nonceInfo, outputByteCount: 12)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
let nonceData = nonce.withUnsafeBytes(Array.init)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
guard let sealedBox = try? AES.GCM.SealedBox(combined: nonceData + payload) else {
return nil
}
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
var _plaintext: Data?
do {
_plaintext = try AES.GCM.open(sealedBox, using: key)
} catch {
print(error)
}
guard let plaintext = _plaintext else {
return nil
}
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
let paddingLength = Int(plaintext[0]) * 256 + Int(plaintext[1])
guard plaintext.count >= 2 + paddingLength else {
print("1")
fatalError()
}
let unpadded = plaintext.suffix(from: paddingLength + 2)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
return Data(unpadded)
}
2023-01-17 10:36:01 +00:00
private static func info(type: String, clientPublicKey: Data, serverPublicKey: Data) -> Data {
2023-01-08 13:16:43 +00:00
var info = Data()
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
info.append("Content-Encoding: ".data(using: .utf8)!)
info.append(type.data(using: .utf8)!)
info.append(0)
info.append("P-256".data(using: .utf8)!)
info.append(0)
info.append(0)
info.append(65)
info.append(clientPublicKey)
info.append(0)
info.append(65)
info.append(serverPublicKey)
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
return info
}
}
extension String {
func escape() -> String {
2023-01-17 10:36:01 +00:00
return replacingOccurrences(of: "&amp;", with: "&")
2023-01-08 13:16:43 +00:00
.replacingOccurrences(of: "&lt;", with: "<")
.replacingOccurrences(of: "&gt;", with: ">")
.replacingOccurrences(of: "&quot;", with: "\"")
.replacingOccurrences(of: "&apos;", with: "'")
.replacingOccurrences(of: "&#39;", with: "")
}
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
func URLSafeBase64ToBase64() -> String {
var base64 = replacingOccurrences(of: "-", with: "+").replacingOccurrences(of: "_", with: "/")
let countMod4 = count % 4
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
if countMod4 != 0 {
base64.append(String(repeating: "=", count: 4 - countMod4))
}
2023-01-17 10:36:01 +00:00
2023-01-08 13:16:43 +00:00
return base64
}
}