From 74c06006350a892594866fa073dc2bce5075e7dc Mon Sep 17 00:00:00 2001
From: Chris Ballinger <chrisballinger@gmail.com>
Date: Sun, 16 Feb 2020 09:43:57 -0800
Subject: [PATCH] Accept 12-byte IV for OMEMO media

---
 ChatSecure.xcodeproj/project.pbxproj          |  4 +++
 .../Controllers/FileTransferManager.swift     | 17 +++++++--
 ChatSecureCoreTests/ChatSecureCoreTests.swift | 33 -----------------
 ChatSecureCoreTests/Info.plist                | 22 ------------
 ChatSecureTests/AESGCMTests.swift             | 36 +++++++++++++++++++
 Submodules/OTRKit                             |  2 +-
 6 files changed, 55 insertions(+), 59 deletions(-)
 delete mode 100644 ChatSecureCoreTests/ChatSecureCoreTests.swift
 delete mode 100644 ChatSecureCoreTests/Info.plist
 create mode 100644 ChatSecureTests/AESGCMTests.swift

diff --git a/ChatSecure.xcodeproj/project.pbxproj b/ChatSecure.xcodeproj/project.pbxproj
index d435a0ef4..3518b171d 100644
--- a/ChatSecure.xcodeproj/project.pbxproj
+++ b/ChatSecure.xcodeproj/project.pbxproj
@@ -33,6 +33,7 @@
 		63F0CAFB1E60C1B40045359C /* OTRYapViewTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 63F0CAFA1E60C1B40045359C /* OTRYapViewTest.swift */; };
 		63F614DC1BB214660083A06A /* ChatSecureModelTest.swift in Sources */ = {isa = PBXBuildFile; fileRef = 63F614DB1BB214660083A06A /* ChatSecureModelTest.swift */; };
 		7CD871CB705CA365E0755104 /* libPods-ChatSecureCorePods-ChatSecureTests.a in Frameworks */ = {isa = PBXBuildFile; fileRef = 5179DA87B83F57EEA9589733 /* libPods-ChatSecureCorePods-ChatSecureTests.a */; };
+		D9108AA023F9ABDF00B1280D /* AESGCMTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D9108A9F23F9ABDF00B1280D /* AESGCMTests.swift */; };
 		D91F9EFE1ED645F100AEA62C /* FileTransferIntegrationTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D91F9EFD1ED645F100AEA62C /* FileTransferIntegrationTests.swift */; };
 		D9365E7A1A1EB0050006434A /* torrc in Resources */ = {isa = PBXBuildFile; fileRef = D9365E791A1EB0050006434A /* torrc */; };
 		D936D6CB1E8B1B34003B1343 /* FileTransferTests.swift in Sources */ = {isa = PBXBuildFile; fileRef = D936D6CA1E8B1B34003B1343 /* FileTransferTests.swift */; };
@@ -655,6 +656,7 @@
 		D90DA4F2236F3C6800C585B7 /* Appirater.bundle */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; path = Appirater.bundle; sourceTree = BUILT_PRODUCTS_DIR; };
 		D90DA4F3236F3C6800C585B7 /* CPAProxy.bundle */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; path = CPAProxy.bundle; sourceTree = BUILT_PRODUCTS_DIR; };
 		D90DA4F4236F3C6800C585B7 /* TUSafariActivity.bundle */ = {isa = PBXFileReference; explicitFileType = wrapper.cfbundle; path = TUSafariActivity.bundle; sourceTree = BUILT_PRODUCTS_DIR; };
+		D9108A9F23F9ABDF00B1280D /* AESGCMTests.swift */ = {isa = PBXFileReference; lastKnownFileType = sourcecode.swift; path = AESGCMTests.swift; sourceTree = "<group>"; };
 		D913A56C1B747B62006C5ACD /* Onboarding.storyboard */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = file.storyboard; name = Onboarding.storyboard; path = Interface/Onboarding.storyboard; sourceTree = "<group>"; };
 		D91F9EFD1ED645F100AEA62C /* FileTransferIntegrationTests.swift */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.swift; path = FileTransferIntegrationTests.swift; sourceTree = "<group>"; };
 		D9227C231BA78E6B00B5E1D0 /* FontAwesome.ttf */ = {isa = PBXFileReference; lastKnownFileType = file; path = FontAwesome.ttf; sourceTree = "<group>"; };
@@ -1263,6 +1265,7 @@
 			children = (
 				63DDD8B91A9E9BD900C0A918 /* samples */,
 				636C63201B571B56008FEE69 /* OTRURLTests.m */,
+				D9108A9F23F9ABDF00B1280D /* AESGCMTests.swift */,
 				635FCC831D1B5116008F903C /* OTRStringTests.swift */,
 				63DDD8B41A9E94B700C0A918 /* OTRMediaTests.m */,
 				63F614DB1BB214660083A06A /* ChatSecureModelTest.swift */,
@@ -2605,6 +2608,7 @@
 				63634CE91DA704AA00B0BAE8 /* OTROMEMOIntegrationTest.swift in Sources */,
 				D91F9EFE1ED645F100AEA62C /* FileTransferIntegrationTests.swift in Sources */,
 				635FCC841D1B5116008F903C /* OTRStringTests.swift in Sources */,
+				D9108AA023F9ABDF00B1280D /* AESGCMTests.swift in Sources */,
 				63E353B21BB9D0CF005C54C3 /* PushSerializerTest.swift in Sources */,
 			);
 			runOnlyForDeploymentPostprocessing = 0;
diff --git a/ChatSecureCore/Classes/Controllers/FileTransferManager.swift b/ChatSecureCore/Classes/Controllers/FileTransferManager.swift
index 8b57497ab..6b7cb47a1 100644
--- a/ChatSecureCore/Classes/Controllers/FileTransferManager.swift
+++ b/ChatSecureCore/Classes/Controllers/FileTransferManager.swift
@@ -904,9 +904,20 @@ extension URL {
     }
     
     var aesGcmKey: (key: Data, iv: Data)? {
-        guard let data = self.anchorData, data.count == 48 else { return nil }
-        let iv = data.subdata(in: 0..<16)
-        let key = data.subdata(in: 16..<48)
+        guard let data = self.anchorData else { return nil }
+        let ivLength: Int
+        switch data.count {
+        case 48:
+            // legacy clients send 16-byte IVs
+            ivLength = 16
+        case 44:
+            // newer clients send 12-byte IVs
+            ivLength = 12
+        default:
+            return nil
+        }
+        let iv = data.subdata(in: 0..<ivLength)
+        let key = data.subdata(in: ivLength..<data.count)
         return (key, iv)
     }
 }
diff --git a/ChatSecureCoreTests/ChatSecureCoreTests.swift b/ChatSecureCoreTests/ChatSecureCoreTests.swift
deleted file mode 100644
index d9428a976..000000000
--- a/ChatSecureCoreTests/ChatSecureCoreTests.swift
+++ /dev/null
@@ -1,33 +0,0 @@
-//
-//  ChatSecureCoreTests.swift
-//  ChatSecureCoreTests
-//
-//  Created by Chris Ballinger on 10/19/19.
-//
-
-import XCTest
-@testable import ChatSecureCore
-
-class ChatSecureCoreTests: XCTestCase {
-
-    override func setUp() {
-        // Put setup code here. This method is called before the invocation of each test method in the class.
-    }
-
-    override func tearDown() {
-        // Put teardown code here. This method is called after the invocation of each test method in the class.
-    }
-
-    func testExample() {
-        // This is an example of a functional test case.
-        // Use XCTAssert and related functions to verify your tests produce the correct results.
-    }
-
-    func testPerformanceExample() {
-        // This is an example of a performance test case.
-        self.measure {
-            // Put the code you want to measure the time of here.
-        }
-    }
-
-}
diff --git a/ChatSecureCoreTests/Info.plist b/ChatSecureCoreTests/Info.plist
deleted file mode 100644
index 64d65ca49..000000000
--- a/ChatSecureCoreTests/Info.plist
+++ /dev/null
@@ -1,22 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
-<plist version="1.0">
-<dict>
-	<key>CFBundleDevelopmentRegion</key>
-	<string>$(DEVELOPMENT_LANGUAGE)</string>
-	<key>CFBundleExecutable</key>
-	<string>$(EXECUTABLE_NAME)</string>
-	<key>CFBundleIdentifier</key>
-	<string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
-	<key>CFBundleInfoDictionaryVersion</key>
-	<string>6.0</string>
-	<key>CFBundleName</key>
-	<string>$(PRODUCT_NAME)</string>
-	<key>CFBundlePackageType</key>
-	<string>$(PRODUCT_BUNDLE_PACKAGE_TYPE)</string>
-	<key>CFBundleShortVersionString</key>
-	<string>1.0</string>
-	<key>CFBundleVersion</key>
-	<string>1</string>
-</dict>
-</plist>
diff --git a/ChatSecureTests/AESGCMTests.swift b/ChatSecureTests/AESGCMTests.swift
new file mode 100644
index 000000000..6ee92ed47
--- /dev/null
+++ b/ChatSecureTests/AESGCMTests.swift
@@ -0,0 +1,36 @@
+//
+//  AESGCMTests.swift
+//  ChatSecureTests
+//
+//  Created by Chris Ballinger on 2/16/20.
+//  Copyright © 2020 Chris Ballinger. All rights reserved.
+//
+
+import XCTest
+@testable import ChatSecureCore
+
+class AESGCMTests: XCTestCase {
+    func random(length: Int) -> Data {
+        let bytes = (0 ..< length).map { _ in UInt8.random(in: .min ... .max) }
+        XCTAssertEqual(bytes.count, length)
+        return Data(bytes)
+    }
+    
+    func testLegacy16ByteIV() throws {
+        let messageData = "Test".data(using: .utf8)!
+        let key = random(length: 16)
+        let iv = random(length: 16)
+        let encryptedData = try XCTUnwrap(try OTRSignalEncryptionHelper.encryptData(messageData, key: key, iv: iv))
+        let decryptedData = try XCTUnwrap(try OTRSignalEncryptionHelper.decryptData(encryptedData.data, key: key, iv: iv, authTag: encryptedData.authTag))
+        XCTAssertEqual(messageData, decryptedData)
+    }
+    
+    func test12ByteIV() throws {
+        let messageData = "Test".data(using: .utf8)!
+        let key = random(length: 16)
+        let iv = random(length: 12)
+        let encryptedData = try XCTUnwrap(try OTRSignalEncryptionHelper.encryptData(messageData, key: key, iv: iv))
+        let decryptedData = try XCTUnwrap(try OTRSignalEncryptionHelper.decryptData(encryptedData.data, key: key, iv: iv, authTag: encryptedData.authTag))
+        XCTAssertEqual(messageData, decryptedData)
+    }
+}
diff --git a/Submodules/OTRKit b/Submodules/OTRKit
index bf6b20e3e..ce0ddbf49 160000
--- a/Submodules/OTRKit
+++ b/Submodules/OTRKit
@@ -1 +1 @@
-Subproject commit bf6b20e3e76d1295246132564f706931d5cda43e
+Subproject commit ce0ddbf49b7f1d83c3934768ac1bd60dbddebfde