aboutsummaryrefslogtreecommitdiffstats
path: root/src/main/java
diff options
context:
space:
mode:
authorChristian Schneppe <christian@pix-art.de>2017-08-13 23:11:47 +0200
committerChristian Schneppe <christian@pix-art.de>2017-08-13 23:11:47 +0200
commit24c47c0bbb56f7e0d14b9555cb99b8e683cc2652 (patch)
treeb4f679d85e2dbeb78bda960ad4536290603f3cc4 /src/main/java
parentd31dd9cbe497f23e44ef92d09c5b13446f4c856f (diff)
Read support for 12-byte IVs in addition to 16-byte IVs
Diffstat (limited to 'src/main/java')
-rw-r--r--src/main/java/de/pixart/messenger/entities/DownloadableFile.java7
-rw-r--r--src/main/java/de/pixart/messenger/entities/Message.java2
-rw-r--r--src/main/java/de/pixart/messenger/http/AesGcmURLStreamHandler.java6
-rw-r--r--src/main/java/de/pixart/messenger/http/HttpDownloadConnection.java4
-rw-r--r--src/main/java/de/pixart/messenger/http/HttpUploadConnection.java2
5 files changed, 17 insertions, 4 deletions
diff --git a/src/main/java/de/pixart/messenger/entities/DownloadableFile.java b/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
index 94fae97a4..6993b6b38 100644
--- a/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
+++ b/src/main/java/de/pixart/messenger/entities/DownloadableFile.java
@@ -50,11 +50,18 @@ public class DownloadableFile extends File {
}
public void setKeyAndIv(byte[] keyIvCombo) {
+ // originally, we used a 16 byte IV, then found for aes-gcm a 12 byte IV is ideal
+ // this code supports reading either length, with sending 12 byte IV to be done in future
if (keyIvCombo.length == 48) {
this.aeskey = new byte[32];
this.iv = new byte[16];
System.arraycopy(keyIvCombo, 0, this.iv, 0, 16);
System.arraycopy(keyIvCombo, 16, this.aeskey, 0, 32);
+ } else if (keyIvCombo.length == 44) {
+ this.aeskey = new byte[32];
+ this.iv = new byte[12];
+ System.arraycopy(keyIvCombo, 0, this.iv, 0, 12);
+ System.arraycopy(keyIvCombo, 12, this.aeskey, 0, 32);
} else if (keyIvCombo.length >= 32) {
this.aeskey = new byte[32];
System.arraycopy(keyIvCombo, 0, aeskey, 0, 32);
diff --git a/src/main/java/de/pixart/messenger/entities/Message.java b/src/main/java/de/pixart/messenger/entities/Message.java
index 317605167..06bfcf4b6 100644
--- a/src/main/java/de/pixart/messenger/entities/Message.java
+++ b/src/main/java/de/pixart/messenger/entities/Message.java
@@ -675,7 +675,7 @@ public class Message extends AbstractEntity {
final URL url = new URL(body);
final String ref = url.getRef();
final String protocol = url.getProtocol();
- final boolean encrypted = ref != null && ref.matches("([A-Fa-f0-9]{2}){48}");
+ final boolean encrypted = ref != null && AesGcmURLStreamHandler.IV_KEY.matcher(ref).matches();
treatAsDownloadable = (AesGcmURLStreamHandler.PROTOCOL_NAME.equalsIgnoreCase(protocol) && encrypted)
|| (("http".equalsIgnoreCase(protocol) || "https".equalsIgnoreCase(protocol)) && (oob || encrypted));
} catch (MalformedURLException e) {
diff --git a/src/main/java/de/pixart/messenger/http/AesGcmURLStreamHandler.java b/src/main/java/de/pixart/messenger/http/AesGcmURLStreamHandler.java
index 64188c5db..4ec164344 100644
--- a/src/main/java/de/pixart/messenger/http/AesGcmURLStreamHandler.java
+++ b/src/main/java/de/pixart/messenger/http/AesGcmURLStreamHandler.java
@@ -4,10 +4,16 @@ import java.io.IOException;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLStreamHandler;
+import java.util.regex.Pattern;
public class AesGcmURLStreamHandler extends URLStreamHandler {
+ /**
+ * This matches a 48 or 44 byte IV + KEY hex combo, like used in http/aesgcm upload anchors
+ */
+ public static final Pattern IV_KEY = Pattern.compile("([A-Fa-f0-9]{2}){48}|([A-Fa-f0-9]{2}){44}");
+
public static final String PROTOCOL_NAME = "aesgcm";
@Override
diff --git a/src/main/java/de/pixart/messenger/http/HttpDownloadConnection.java b/src/main/java/de/pixart/messenger/http/HttpDownloadConnection.java
index 7326cbf4b..9f49ac218 100644
--- a/src/main/java/de/pixart/messenger/http/HttpDownloadConnection.java
+++ b/src/main/java/de/pixart/messenger/http/HttpDownloadConnection.java
@@ -98,7 +98,7 @@ public class HttpDownloadConnection implements Transferable {
message.setRelativeFilePath(filename + "." + extension);
this.file = mXmppConnectionService.getFileBackend().getFile(message, false);
final String reference = mUrl.getRef();
- if (reference != null && reference.matches("([A-Fa-f0-9]{2}){48}")) {
+ if (reference != null && AesGcmURLStreamHandler.IV_KEY.matcher(reference).matches()) {
this.file.setKeyAndIv(CryptoHelper.hexToBytes(reference));
}
@@ -383,7 +383,7 @@ public class HttpDownloadConnection implements Transferable {
message.setType(Message.TYPE_FILE);
final URL url;
final String ref = mUrl.getRef();
- if (ref != null && ref.matches("([A-Fa-f0-9]{2}){48}")) {
+ if (ref != null && AesGcmURLStreamHandler.IV_KEY.matcher(ref).matches()) {
url = CryptoHelper.toAesGcmUrl(mUrl);
} else {
url = mUrl;
diff --git a/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java b/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
index 22fec6888..3d3ad5e73 100644
--- a/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
+++ b/src/main/java/de/pixart/messenger/http/HttpUploadConnection.java
@@ -105,7 +105,7 @@ public class HttpUploadConnection implements Transferable {
if (Config.ENCRYPT_ON_HTTP_UPLOADED
|| message.getEncryption() == Message.ENCRYPTION_AXOLOTL
|| message.getEncryption() == Message.ENCRYPTION_OTR) {
- this.key = new byte[48];
+ this.key = new byte[48]; // todo: change this to 44 for 12-byte IV instead of 16-byte at some point in future
mXmppConnectionService.getRNG().nextBytes(this.key);
this.file.setKeyAndIv(this.key);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 02:24:31 +0000