From 815344ed538b2568fd05e941d7fde6f725cc92fa Mon Sep 17 00:00:00 2001 From: M66B Date: Sat, 25 Apr 2020 20:19:39 +0200 Subject: [PATCH] Use intermediate files for S/MIME sign/encrypt --- .../eu/faircode/email/FragmentCompose.java | 23 ++++++++++++------- 1 file changed, 15 insertions(+), 8 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/FragmentCompose.java b/app/src/main/java/eu/faircode/email/FragmentCompose.java index c064377028..96b618bea1 100644 --- a/app/src/main/java/eu/faircode/email/FragmentCompose.java +++ b/app/src/main/java/eu/faircode/email/FragmentCompose.java @@ -115,7 +115,7 @@ import org.bouncycastle.cert.jcajce.JcaCertStore; import org.bouncycastle.cms.CMSAlgorithm; import org.bouncycastle.cms.CMSEnvelopedData; import org.bouncycastle.cms.CMSEnvelopedDataGenerator; -import org.bouncycastle.cms.CMSProcessableByteArray; +import org.bouncycastle.cms.CMSProcessableFile; import org.bouncycastle.cms.CMSSignedData; import org.bouncycastle.cms.CMSSignedDataGenerator; import org.bouncycastle.cms.CMSTypedData; @@ -141,7 +141,6 @@ import org.openintents.openpgp.util.OpenPgpApi; import org.openintents.openpgp.util.OpenPgpServiceConnection; import java.io.BufferedOutputStream; -import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; @@ -2376,13 +2375,17 @@ public class FragmentCompose extends FragmentBase { .build(contentSigner, chain[0]); cmsGenerator.addSignerInfoGenerator(signerInfoGenerator); - ByteArrayOutputStream osContent = new ByteArrayOutputStream(); - bpContent.writeTo(osContent); + File sinput = new File(context.getCacheDir(), "smime_sign." + draft.id); + try (FileOutputStream fos = new FileOutputStream(sinput)) { + bpContent.writeTo(fos); + } - CMSTypedData cmsData = new CMSProcessableByteArray(osContent.toByteArray()); + CMSTypedData cmsData = new CMSProcessableFile(sinput); CMSSignedData cmsSignedData = cmsGenerator.generate(cmsData); byte[] signedMessage = cmsSignedData.getEncoded(); + sinput.delete(); + // Build signature if (EntityMessage.SMIME_SIGNONLY.equals(type)) { ContentType ct = new ContentType("application/pkcs7-signature"); @@ -2464,9 +2467,11 @@ public class FragmentCompose extends FragmentBase { cmsEnvelopedDataGenerator.addRecipientInfoGenerator(gen); } - ByteArrayOutputStream osMessage = new ByteArrayOutputStream(); - imessage.writeTo(osMessage); - CMSTypedData msg = new CMSProcessableByteArray(osMessage.toByteArray()); + File einput = new File(context.getCacheDir(), "smime_encrypt." + draft.id); + try (FileOutputStream fos = new FileOutputStream(einput)) { + imessage.writeTo(fos); + } + CMSTypedData msg = new CMSProcessableFile(einput); OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC) .build(); @@ -2487,6 +2492,8 @@ public class FragmentCompose extends FragmentBase { cmsEnvelopedData.toASN1Structure().encodeTo(os); } + einput.delete(); + db.attachment().setDownloaded(attachment.id, encrypted.length()); return null;