Use intermediate files for S/MIME sign/encrypt

2020-04-25 20:19:39 +02:00 · 2020-04-25 20:19:39 +02:00 · 815344ed53
parent d7466a7fdc
commit 815344ed53
1 changed files with 15 additions and 8 deletions
--- a/app/src/main/java/eu/faircode/email/FragmentCompose.java
+++ b/app/src/main/java/eu/faircode/email/FragmentCompose.java
@ -115,7 +115,7 @@ import org.bouncycastle.cert.jcajce.JcaCertStore;
 import org.bouncycastle.cms.CMSAlgorithm;
 import org.bouncycastle.cms.CMSEnvelopedData;
 import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSProcessableByteArray;
+import org.bouncycastle.cms.CMSProcessableFile;
 import org.bouncycastle.cms.CMSSignedData;
 import org.bouncycastle.cms.CMSSignedDataGenerator;
 import org.bouncycastle.cms.CMSTypedData;
@ -141,7 +141,6 @@ import org.openintents.openpgp.util.OpenPgpApi;
 import org.openintents.openpgp.util.OpenPgpServiceConnection;
 import java.io.BufferedOutputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileOutputStream;
@ -2376,13 +2375,17 @@ public class FragmentCompose extends FragmentBase {
                        .build(contentSigner, chain[0]);
                cmsGenerator.addSignerInfoGenerator(signerInfoGenerator);
-                ByteArrayOutputStream osContent = new ByteArrayOutputStream();
+                File sinput = new File(context.getCacheDir(), "smime_sign." + draft.id);
-                bpContent.writeTo(osContent);
+                try (FileOutputStream fos = new FileOutputStream(sinput)) {
                    bpContent.writeTo(fos);
                }
-                CMSTypedData cmsData = new CMSProcessableByteArray(osContent.toByteArray());
+                CMSTypedData cmsData = new CMSProcessableFile(sinput);
                CMSSignedData cmsSignedData = cmsGenerator.generate(cmsData);
                byte[] signedMessage = cmsSignedData.getEncoded();
                sinput.delete();
                // Build signature
                if (EntityMessage.SMIME_SIGNONLY.equals(type)) {
                    ContentType ct = new ContentType("application/pkcs7-signature");
@ -2464,9 +2467,11 @@ public class FragmentCompose extends FragmentBase {
                    cmsEnvelopedDataGenerator.addRecipientInfoGenerator(gen);
                }
-                ByteArrayOutputStream osMessage = new ByteArrayOutputStream();
+                File einput = new File(context.getCacheDir(), "smime_encrypt." + draft.id);
-                imessage.writeTo(osMessage);
+                try (FileOutputStream fos = new FileOutputStream(einput)) {
-                CMSTypedData msg = new CMSProcessableByteArray(osMessage.toByteArray());
+                    imessage.writeTo(fos);
                }
                CMSTypedData msg = new CMSProcessableFile(einput);
                OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC)
                        .build();
@ -2487,6 +2492,8 @@ public class FragmentCompose extends FragmentBase {
                    cmsEnvelopedData.toASN1Structure().encodeTo(os);
                }
                einput.delete();
                db.attachment().setDownloaded(attachment.id, encrypted.length());
                return null;