Kordophone/kordophone/Crypto/GCDWebServerDataResponse+Crypto.m

//
//  GCDWebServerDataResponse+Crypto.m
//  kordophoned
//
//  Created by James Magahern on 11/15/18.
//  Copyright © 2018 James Magahern. All rights reserved.
//

#import "GCDWebServerDataResponse+Crypto.h"

#import "NSData+AES.h"

// TEMP!!
static NSString *const kSymmetricKey = @"axPy0nljtG/TOVJSVwVXag==";

@implementation GCDWebServerDataResponse (Crypto)

+ (nullable instancetype)encryptedResponseWithJSONObject:(id)object
{
    NSData *data = [NSJSONSerialization dataWithJSONObject:object options:0 error:NULL];
    if (data == nil) {
        return nil;
    }
    
    NSError *error = nil;
    NSData *ivData = [[[NSUUID UUID] UUIDString] dataUsingEncoding:NSUTF8StringEncoding];
    NSData *keyData = [[NSData alloc] initWithBase64EncodedString:kSymmetricKey options:0];
    NSData *encryptedData = [data encryptedDataWithKey:keyData iv:ivData error:&error];
    if (error) {
        NSLog(@"Error encrypting response: %@", error);
    }
    
    NSString *ivDataString = [ivData base64EncodedStringWithOptions:0];
    
    GCDWebServerDataResponse *response = [[self alloc] initWithData:encryptedData contentType:@"application/octet-stream"];
    [response setValue:ivDataString forAdditionalHeader:@"X-KordophoneCrypto-IV"];
    
    // TODO: is this the right way??
    [response setValue:[NSString stringWithFormat:@"%lu", (unsigned long)[data length]] forAdditionalHeader:@"X-Decrypted-Content-Length"];
    
    return response;
}

@end
Encrypted server response 2018-11-15 15:08:39 -08:00			`//`
			`// GCDWebServerDataResponse+Crypto.m`
			`// kordophoned`
			`//`
			`// Created by James Magahern on 11/15/18.`
			`// Copyright © 2018 James Magahern. All rights reserved.`
			`//`

			`#import "GCDWebServerDataResponse+Crypto.h"`

			`#import "NSData+AES.h"`

			`// TEMP!!`
			`static NSString *const kSymmetricKey = @"axPy0nljtG/TOVJSVwVXag==";`

			`@implementation GCDWebServerDataResponse (Crypto)`

			`+ (nullable instancetype)encryptedResponseWithJSONObject:(id)object`
			`{`
			`NSData *data = [NSJSONSerialization dataWithJSONObject:object options:0 error:NULL];`
			`if (data == nil) {`
			`return nil;`
			`}`

			`NSError *error = nil;`
			`NSData *ivData = [[[NSUUID UUID] UUIDString] dataUsingEncoding:NSUTF8StringEncoding];`
			`NSData *keyData = [[NSData alloc] initWithBase64EncodedString:kSymmetricKey options:0];`
			`NSData *encryptedData = [data encryptedDataWithKey:keyData iv:ivData error:&error];`
			`if (error) {`
			`NSLog(@"Error encrypting response: %@", error);`
			`}`

Some additional headers needed to decrypt the payload 2018-11-15 16:30:25 -08:00			`NSString *ivDataString = [ivData base64EncodedStringWithOptions:0];`

			`GCDWebServerDataResponse *response = [[self alloc] initWithData:encryptedData contentType:@"application/octet-stream"];`
			`[response setValue:ivDataString forAdditionalHeader:@"X-KordophoneCrypto-IV"];`

			`// TODO: is this the right way??`
			`[response setValue:[NSString stringWithFormat:@"%lu", (unsigned long)[data length]] forAdditionalHeader:@"X-Decrypted-Content-Length"];`

			`return response;`
Encrypted server response 2018-11-15 15:08:39 -08:00			`}`

			`@end`