From a156fe0034d7fd2e2001949614da6cd991d989e7 Mon Sep 17 00:00:00 2001 From: M66B Date: Tue, 3 Dec 2019 19:29:46 +0100 Subject: [PATCH] S/MIME encryption proof of concept --- .../eu/faircode/email/FragmentCompose.java | 6 ++--- .../eu/faircode/email/FragmentMessages.java | 7 +++--- .../java/eu/faircode/email/MessageHelper.java | 25 +++++++++++++++++-- gradle.properties | 2 +- 4 files changed, 30 insertions(+), 10 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/FragmentCompose.java b/app/src/main/java/eu/faircode/email/FragmentCompose.java index 4cbb6954a4..95403e71e8 100644 --- a/app/src/main/java/eu/faircode/email/FragmentCompose.java +++ b/app/src/main/java/eu/faircode/email/FragmentCompose.java @@ -1969,8 +1969,6 @@ public class FragmentCompose extends FragmentBase { db.attachment().setDownloaded(sattachment.id, file.length()); } else if (EntityMessage.SMIME_SIGNENCRYPT.equals(draft.encrypt)) { - if (true) - throw new UnsupportedOperationException("Not implemented yet"); // TODO: sign if (draft.to == null || draft.to.length != 1) throw new IllegalArgumentException(getString(R.string.title_to_missing)); @@ -1992,12 +1990,12 @@ public class FragmentCompose extends FragmentBase { bpContent.writeTo(bos); CMSTypedData msg = new CMSProcessableByteArray(bos.toByteArray()); - OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES256_CBC) + OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC) .build(); CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator .generate(msg, encryptor); - byte[] encryptedData = cmsEnvelopedData.toASN1Structure().getEncoded(); + byte[] encryptedData = cmsEnvelopedData/*.toASN1Structure()*/.getEncoded(); EntityAttachment attachment = new EntityAttachment(); attachment.message = draft.id; diff --git a/app/src/main/java/eu/faircode/email/FragmentMessages.java b/app/src/main/java/eu/faircode/email/FragmentMessages.java index 5bb3a2c769..53e67fdcee 100644 --- a/app/src/main/java/eu/faircode/email/FragmentMessages.java +++ b/app/src/main/java/eu/faircode/email/FragmentMessages.java @@ -124,7 +124,6 @@ import org.bouncycastle.cms.SignerInformationStore; import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder; import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient; import org.bouncycastle.cms.jcajce.JceKeyTransRecipient; -import org.bouncycastle.jce.provider.BouncyCastleProvider; import org.bouncycastle.util.Store; import org.jsoup.nodes.Document; import org.jsoup.nodes.Element; @@ -4436,8 +4435,10 @@ public class FragmentMessages extends FragmentBase implements SharedPreferences. throw new IllegalArgumentException("Encrypted message missing"); // Build enveloped data - FileInputStream fis = new FileInputStream(input); - CMSEnvelopedData envelopedData = new CMSEnvelopedData(fis); + CMSEnvelopedData envelopedData; + try (FileInputStream fis = new FileInputStream(input)) { + envelopedData = new CMSEnvelopedData(fis); + } // Decrypt message Collection recipients = envelopedData.getRecipientInfos().getRecipients(); diff --git a/app/src/main/java/eu/faircode/email/MessageHelper.java b/app/src/main/java/eu/faircode/email/MessageHelper.java index 1db6e57124..acb5f22b08 100644 --- a/app/src/main/java/eu/faircode/email/MessageHelper.java +++ b/app/src/main/java/eu/faircode/email/MessageHelper.java @@ -23,7 +23,6 @@ import android.content.Context; import android.net.MailTo; import android.net.Uri; import android.text.TextUtils; -import android.util.Base64; import com.sun.mail.util.FolderClosedIOException; import com.sun.mail.util.MessageRemovedIOException; @@ -33,6 +32,7 @@ import org.jsoup.nodes.Document; import java.io.BufferedInputStream; import java.io.BufferedOutputStream; import java.io.BufferedReader; +import java.io.ByteArrayInputStream; import java.io.ByteArrayOutputStream; import java.io.File; import java.io.FileInputStream; @@ -58,6 +58,7 @@ import java.util.TimeZone; import java.util.regex.Pattern; import javax.activation.DataHandler; +import javax.activation.DataSource; import javax.activation.FileDataSource; import javax.activation.FileTypeMap; import javax.mail.Address; @@ -392,7 +393,27 @@ public class MessageHelper { ct.setParameter("smime-type", "enveloped-data"); imessage.setDisposition(Part.ATTACHMENT); imessage.setFileName(attachment.name); - imessage.setContent(Base64.encodeToString(encryptedData, Base64.DEFAULT), ct.toString()); + imessage.setDataHandler(new DataHandler(new DataSource() { + @Override + public InputStream getInputStream() throws IOException { + return new ByteArrayInputStream(encryptedData); + } + + @Override + public OutputStream getOutputStream() throws IOException { + return null; + } + + @Override + public String getContentType() { + return ct.toString(); + } + + @Override + public String getName() { + return null; + } + })); return imessage; } diff --git a/gradle.properties b/gradle.properties index ea8964bafc..297268a5e6 100644 --- a/gradle.properties +++ b/gradle.properties @@ -11,7 +11,7 @@ # This option should only be used with decoupled projects. More details, visit # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects # org.gradle.parallel=true -org.gradle.jvmargs=-Xmx512m +org.gradle.jvmargs=-Xmx1024m org.gradle.warning.mode=all android.useAndroidX=true