From b2cc1724232de226eff3cb6cc4d0841ffc8ec501 Mon Sep 17 00:00:00 2001
From: Christian Schneppe <christian.schneppe@pix-art.de>
Date: Mon, 16 Mar 2020 19:54:33 +0100
Subject: explicitly use BouncyCastle for file crypto

---
 .../crypto/axolotl/XmppAxolotlMessage.java         |  2 +-
 .../messenger/entities/DownloadableFile.java       |  4 ++++
 .../messenger/http/HttpUploadConnection.java       |  5 ++--
 .../services/AbstractConnectionManager.java        | 28 ++++++++++------------
 4 files changed, 20 insertions(+), 19 deletions(-)

diff --git a/src/main/java/de/pixart/messenger/crypto/axolotl/XmppAxolotlMessage.java b/src/main/java/de/pixart/messenger/crypto/axolotl/XmppAxolotlMessage.java
index 6fbf8c3dc..553de40e5 100644
--- a/src/main/java/de/pixart/messenger/crypto/axolotl/XmppAxolotlMessage.java
+++ b/src/main/java/de/pixart/messenger/crypto/axolotl/XmppAxolotlMessage.java
@@ -121,7 +121,7 @@ public class XmppAxolotlMessage {
 
     private static byte[] generateIv() {
         final SecureRandom random = new SecureRandom();
-        byte[] iv = new byte[Config.TWELVE_BYTE_IV ? 12 : 16];
+        final byte[] iv = new byte[12];
         random.nextBytes(iv);
         return iv;
     }
diff --git a/src/main/java/de/pixart/messenger/entities/DownloadableFile.java b/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
index 936b8dd61..1209d16eb 100644
--- a/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
+++ b/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
@@ -1,7 +1,10 @@
 package de.pixart.messenger.entities;
 
+import android.util.Log;
+
 import java.io.File;
 
+import de.pixart.messenger.Config;
 import de.pixart.messenger.utils.MimeUtils;
 
 public class DownloadableFile extends File {
@@ -67,6 +70,7 @@ public class DownloadableFile extends File {
             this.iv = new byte[]{0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0xf};
             System.arraycopy(keyIvCombo, 0, aeskey, 0, 32);
         }
+        Log.d(Config.LOGTAG, "using " + this.iv.length + "-byte IV for file transmission");
     }
 
     public void setKey(byte[] key) {
diff --git a/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java b/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
index 4eedfcf3f..2293cb7ea 100644
--- a/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
+++ b/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
@@ -106,11 +106,12 @@ public class HttpUploadConnection implements Transferable {
         } else {
             this.mime = this.file.getMimeType();
         }
+        final long originalFileSize = file.getSize();
         this.delayed = delay;
         if (Config.ENCRYPT_ON_HTTP_UPLOADED
                 || message.getEncryption() == Message.ENCRYPTION_AXOLOTL
                 || message.getEncryption() == Message.ENCRYPTION_OTR) {
-            this.key = new byte[48];
+            this.key = new byte[44];
             mXmppConnectionService.getRNG().nextBytes(this.key);
             this.file.setKeyAndIv(this.key);
         }
@@ -129,7 +130,7 @@ public class HttpUploadConnection implements Transferable {
             md5 = null;
         }
 
-        this.file.setExpectedSize(file.getSize() + (file.getKey() != null ? 16 : 0));
+        this.file.setExpectedSize(originalFileSize + (file.getKey() != null ? 16 : 0));
         message.resetFileParams();
         this.mSlotRequester.request(method, account, file, mime, md5, new SlotRequester.OnSlotRequested() {
             @Override
diff --git a/src/main/java/de/pixart/messenger/services/AbstractConnectionManager.java b/src/main/java/de/pixart/messenger/services/AbstractConnectionManager.java
index cba382b61..7787c8942 100644
--- a/src/main/java/de/pixart/messenger/services/AbstractConnectionManager.java
+++ b/src/main/java/de/pixart/messenger/services/AbstractConnectionManager.java
@@ -5,6 +5,14 @@ import android.os.PowerManager;
 import android.os.SystemClock;
 import android.util.Log;
 
+import org.bouncycastle.crypto.engines.AESEngine;
+import org.bouncycastle.crypto.io.CipherInputStream;
+import org.bouncycastle.crypto.io.CipherOutputStream;
+import org.bouncycastle.crypto.modes.AEADBlockCipher;
+import org.bouncycastle.crypto.modes.GCMBlockCipher;
+import org.bouncycastle.crypto.params.AEADParameters;
+import org.bouncycastle.crypto.params.KeyParameter;
+
 import java.io.FileNotFoundException;
 import java.io.FileOutputStream;
 import java.io.InputStream;
@@ -15,12 +23,7 @@ import java.security.NoSuchAlgorithmException;
 import java.security.NoSuchProviderException;
 import java.util.concurrent.atomic.AtomicLong;
 
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
 import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
 
 import de.pixart.messenger.Config;
 import de.pixart.messenger.R;
@@ -28,9 +31,6 @@ import de.pixart.messenger.entities.DownloadableFile;
 import de.pixart.messenger.utils.Compatibility;
 
 public class AbstractConnectionManager {
-    private static final String KEYTYPE = "AES";
-    private static final String CIPHERMODE = "AES/GCM/NoPadding";
-    private static final String PROVIDER = "BC";
     private static final int UI_REFRESH_THRESHOLD = Config.REFRESH_UI_INTERVAL;
     private static final AtomicLong LAST_UI_UPDATE_CALL = new AtomicLong(0);
     protected XmppConnectionService mXmppConnectionService;
@@ -41,10 +41,8 @@ public class AbstractConnectionManager {
 
     public static InputStream upgrade(DownloadableFile file, InputStream is) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, InvalidKeyException, NoSuchPaddingException, NoSuchProviderException {
         if (file.getKey() != null && file.getIv() != null) {
-            final Cipher cipher = Compatibility.twentyEight() ? Cipher.getInstance(CIPHERMODE) : Cipher.getInstance(CIPHERMODE, PROVIDER);
-            SecretKeySpec keySpec = new SecretKeySpec(file.getKey(), KEYTYPE);
-            IvParameterSpec ivSpec = new IvParameterSpec(file.getIv());
-            cipher.init(Cipher.ENCRYPT_MODE, keySpec, ivSpec);
+            AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
+            cipher.init(true, new AEADParameters(new KeyParameter(file.getKey()), 128, file.getIv()));
             return new CipherInputStream(is, cipher);
         } else {
             return is;
@@ -63,10 +61,8 @@ public class AbstractConnectionManager {
             return null;
         }
         try {
-            final Cipher cipher = Compatibility.twentyEight() ? Cipher.getInstance(CIPHERMODE) : Cipher.getInstance(CIPHERMODE, PROVIDER);
-            SecretKeySpec keySpec = new SecretKeySpec(file.getKey(), KEYTYPE);
-            IvParameterSpec ivSpec = new IvParameterSpec(file.getIv());
-            cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec);
+            AEADBlockCipher cipher = new GCMBlockCipher(new AESEngine());
+            cipher.init(false, new AEADParameters(new KeyParameter(file.getKey()), 128, file.getIv()));
             return new CipherOutputStream(os, cipher);
         } catch (Exception e) {
             Log.d(Config.LOGTAG, "unable to create cipher output stream", e);
-- 
cgit v1.2.3