conversations-classic/src/main/java/eu/siacs/conversations/utils/CryptoHelper.java

package eu.siacs.conversations.utils;

import android.os.Bundle;
import android.util.Pair;

import org.bouncycastle.asn1.x500.X500Name;
import org.bouncycastle.asn1.x500.style.BCStyle;
import org.bouncycastle.asn1.x500.style.IETFUtils;
import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;

import java.security.MessageDigest;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.text.Normalizer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Iterator;
import java.util.LinkedHashSet;
import java.util.List;

import eu.siacs.conversations.Config;
import eu.siacs.conversations.R;
import eu.siacs.conversations.entities.Message;
import eu.siacs.conversations.xmpp.jid.InvalidJidException;
import eu.siacs.conversations.xmpp.jid.Jid;

public final class CryptoHelper {
	public static final String FILETRANSFER = "?FILETRANSFERv1:";
	private final static char[] hexArray = "0123456789abcdef".toCharArray();
	final public static byte[] ONE = new byte[] { 0, 0, 0, 1 };

	public static String bytesToHex(byte[] bytes) {
		char[] hexChars = new char[bytes.length * 2];
		for (int j = 0; j < bytes.length; j++) {
			int v = bytes[j] & 0xFF;
			hexChars[j * 2] = hexArray[v >>> 4];
			hexChars[j * 2 + 1] = hexArray[v & 0x0F];
		}
		return new String(hexChars);
	}

	public static byte[] hexToBytes(String hexString) {
		int len = hexString.length();
		byte[] array = new byte[len / 2];
		for (int i = 0; i < len; i += 2) {
			array[i / 2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character
					.digit(hexString.charAt(i + 1), 16));
		}
		return array;
	}

	public static String hexToString(final String hexString) {
		return new String(hexToBytes(hexString));
	}

	public static byte[] concatenateByteArrays(byte[] a, byte[] b) {
		byte[] result = new byte[a.length + b.length];
		System.arraycopy(a, 0, result, 0, a.length);
		System.arraycopy(b, 0, result, a.length, b.length);
		return result;
	}

	/**
	 * Escapes usernames or passwords for SASL.
	 */
	public static String saslEscape(final String s) {
		final StringBuilder sb = new StringBuilder((int) (s.length() * 1.1));
		for (int i = 0; i < s.length(); i++) {
			char c = s.charAt(i);
			switch (c) {
				case ',':
					sb.append("=2C");
					break;
				case '=':
					sb.append("=3D");
					break;
				default:
					sb.append(c);
					break;
			}
		}
		return sb.toString();
	}

	public static String saslPrep(final String s) {
		return Normalizer.normalize(s, Normalizer.Form.NFKC);
	}

	public static String prettifyFingerprint(String fingerprint) {
		if (fingerprint==null) {
			return "";
		} else if (fingerprint.length() < 40) {
			return fingerprint;
		}
		StringBuilder builder = new StringBuilder(fingerprint.replaceAll("\\s",""));
		for(int i=8;i<builder.length();i+=9) {
			builder.insert(i, ' ');
		}
		return builder.toString();
	}

	public static String prettifyFingerprintCert(String fingerprint) {
		StringBuilder builder = new StringBuilder(fingerprint);
		for(int i=2;i < builder.length(); i+=3) {
			builder.insert(i,':');
		}
		return builder.toString();
	}

	public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) {
		final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS));
		final List<String> platformCiphers = Arrays.asList(platformSupportedCipherSuites);
		cipherSuites.retainAll(platformCiphers);
		cipherSuites.addAll(platformCiphers);
		filterWeakCipherSuites(cipherSuites);
		return cipherSuites.toArray(new String[cipherSuites.size()]);
	}

	private static void filterWeakCipherSuites(final Collection<String> cipherSuites) {
		final Iterator<String> it = cipherSuites.iterator();
		while (it.hasNext()) {
			String cipherName = it.next();
			// remove all ciphers with no or very weak encryption or no authentication
			for (String weakCipherPattern : Config.WEAK_CIPHER_PATTERNS) {
				if (cipherName.contains(weakCipherPattern)) {
					it.remove();
					break;
				}
			}
		}
	}

	public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
		Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
		List<String> emails = new ArrayList<>();
		if (alternativeNames != null) {
			for(List<?> san : alternativeNames) {
				Integer type = (Integer) san.get(0);
				if (type == 1) {
					emails.add((String) san.get(1));
				}
			}
		}
		X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
		if (emails.size() == 0) {
			emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
		}
		String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());
		if (emails.size() >= 1) {
			return new Pair<>(Jid.fromString(emails.get(0)), name);
		} else {
			return null;
		}
	}

	public static Bundle extractCertificateInformation(X509Certificate certificate) {
		Bundle information = new Bundle();
		try {
			JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate);
			X500Name subject = holder.getSubject();
			try {
				information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
			} catch (Exception e) {
				//ignored
			}
			try {
				information.putString("subject_o",subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
			} catch (Exception e) {
				//ignored
			}

			X500Name issuer = holder.getIssuer();
			try {
				information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
			} catch (Exception e) {
				//ignored
			}
			try {
				information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
			} catch (Exception e) {
				//ignored
			}
			try {
				MessageDigest md = MessageDigest.getInstance("SHA-1");
				byte[] fingerprint = md.digest(certificate.getEncoded());
				information.putString("sha1", prettifyFingerprintCert(bytesToHex(fingerprint)));
			} catch (Exception e) {

			}
			return information;
		} catch (CertificateEncodingException e) {
			return information;
		}
	}

	public static int encryptionTypeToText(int encryption) {
		switch (encryption) {
			case Message.ENCRYPTION_OTR:
				return R.string.encryption_choice_otr;
			case Message.ENCRYPTION_AXOLOTL:
				return R.string.encryption_choice_omemo;
			case Message.ENCRYPTION_NONE:
				return R.string.encryption_choice_unencrypted;
			default:
				return R.string.encryption_choice_pgp;
		}
	}
}
Use Gradle build system 2014-10-22 16:38:44 +00:00			`package eu.siacs.conversations.utils;`

show certificate information 2015-12-23 18:18:53 +00:00			`import android.os.Bundle;`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`import android.util.Pair;`

			`import org.bouncycastle.asn1.x500.X500Name;`
			`import org.bouncycastle.asn1.x500.style.BCStyle;`
			`import org.bouncycastle.asn1.x500.style.IETFUtils;`
			`import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;`

show certificate information 2015-12-23 18:18:53 +00:00			`import java.security.MessageDigest;`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`import java.security.cert.CertificateEncodingException;`
introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do 2015-10-16 21:48:42 +00:00			`import java.security.cert.CertificateParsingException;`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`import java.security.cert.X509Certificate;`
Add SCRAM-SHA1 support Factor out GS2 tokanization into own class Add authentication exception class Fixes #71 2014-11-12 20:35:44 +00:00			`import java.text.Normalizer;`
introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do 2015-10-16 21:48:42 +00:00			`import java.util.ArrayList;`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00			`import java.util.Arrays;`
			`import java.util.Collection;`
disable all really weak cipher suites With #959 all ciphers of the platform were enabled, but this also includes several suites that are considered as very weak, even down to NULL- and anon-ciphers which disable completely disable encryption and/or authentication. Especially the anon-ciphers could be easily used for a mitm-attack. To remove all weak ciphers a blacklist with patterns of cipher-names was added to Config.java. The blacklist is based on the "mandatory discards" that Mozilla suggests to not use for TLS-servers because they are weak or known to be broken. https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards 2015-03-07 14:36:31 +00:00			`import java.util.Iterator;`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00			`import java.util.LinkedHashSet;`
Use platform ciphers as well, just prefer ours 2015-02-02 13:33:55 +00:00			`import java.util.List;`
Use Gradle build system 2014-10-22 16:38:44 +00:00
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00			`import eu.siacs.conversations.Config;`
show encryption type in warned/red messages 2015-10-28 21:40:09 +00:00			`import eu.siacs.conversations.R;`
			`import eu.siacs.conversations.entities.Message;`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`import eu.siacs.conversations.xmpp.jid.InvalidJidException;`
			`import eu.siacs.conversations.xmpp.jid.Jid;`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00
			`public final class CryptoHelper {`
Use Gradle build system 2014-10-22 16:38:44 +00:00			`public static final String FILETRANSFER = "?FILETRANSFERv1:";`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00			`private final static char[] hexArray = "0123456789abcdef".toCharArray();`
Add SCRAM-SHA1 support Factor out GS2 tokanization into own class Add authentication exception class Fixes #71 2014-11-12 20:35:44 +00:00			`final public static byte[] ONE = new byte[] { 0, 0, 0, 1 };`
Use Gradle build system 2014-10-22 16:38:44 +00:00
			`public static String bytesToHex(byte[] bytes) {`
			`char[] hexChars = new char[bytes.length * 2];`
			`for (int j = 0; j < bytes.length; j++) {`
			`int v = bytes[j] & 0xFF;`
			`hexChars[j * 2] = hexArray[v >>> 4];`
			`hexChars[j * 2 + 1] = hexArray[v & 0x0F];`
			`}`
			`return new String(hexChars);`
			`}`

			`public static byte[] hexToBytes(String hexString) {`
			`int len = hexString.length();`
			`byte[] array = new byte[len / 2];`
			`for (int i = 0; i < len; i += 2) {`
			`array[i / 2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character`
			`.digit(hexString.charAt(i + 1), 16));`
			`}`
			`return array;`
			`}`

Cache SCRAM-SHA-1 keys for current session 2014-11-15 17:57:36 +00:00			`public static String hexToString(final String hexString) {`
			`return new String(hexToBytes(hexString));`
			`}`

Refactor authentication code 2014-11-12 15:15:38 +00:00			`public static byte[] concatenateByteArrays(byte[] a, byte[] b) {`
Use Gradle build system 2014-10-22 16:38:44 +00:00			`byte[] result = new byte[a.length + b.length];`
			`System.arraycopy(a, 0, result, 0, a.length);`
			`System.arraycopy(b, 0, result, a.length, b.length);`
			`return result;`
			`}`

Add SCRAM-SHA1 support Factor out GS2 tokanization into own class Add authentication exception class Fixes #71 2014-11-12 20:35:44 +00:00			`/**`
			`* Escapes usernames or passwords for SASL.`
			`*/`
			`public static String saslEscape(final String s) {`
			`final StringBuilder sb = new StringBuilder((int) (s.length() * 1.1));`
			`for (int i = 0; i < s.length(); i++) {`
			`char c = s.charAt(i);`
			`switch (c) {`
			`case ',':`
			`sb.append("=2C");`
			`break;`
			`case '=':`
			`sb.append("=3D");`
			`break;`
			`default:`
			`sb.append(c);`
			`break;`
			`}`
			`}`
			`return sb.toString();`
			`}`

			`public static String saslPrep(final String s) {`
Don't escape passwords in SASL Fixes #671 2014-11-16 02:09:51 +00:00			`return Normalizer.normalize(s, Normalizer.Form.NFKC);`
Add SCRAM-SHA1 support Factor out GS2 tokanization into own class Add authentication exception class Fixes #71 2014-11-12 20:35:44 +00:00			`}`
parse otr-fingerprint in qr codes and nfc. include otr fingerprint in shareable uri where ever possible 2014-11-15 23:20:20 +00:00
			`public static String prettifyFingerprint(String fingerprint) {`
null check otr fingerprint before display 2015-07-11 19:23:58 +00:00			`if (fingerprint==null) {`
			`return "";`
			`} else if (fingerprint.length() < 40) {`
fixed #1039 2015-04-25 12:42:32 +00:00			`return fingerprint;`
			`}`
Adapt prettifyFingerprint() to axolotl FP sizes 2015-07-07 17:28:35 +00:00			`StringBuilder builder = new StringBuilder(fingerprint.replaceAll("\\s",""));`
			`for(int i=8;i<builder.length();i+=9) {`
			`builder.insert(i, ' ');`
			`}`
parse otr-fingerprint in qr codes and nfc. include otr fingerprint in shareable uri where ever possible 2014-11-15 23:20:20 +00:00			`return builder.toString();`
			`}`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00
show certificate information 2015-12-23 18:18:53 +00:00			`public static String prettifyFingerprintCert(String fingerprint) {`
			`StringBuilder builder = new StringBuilder(fingerprint);`
			`for(int i=2;i < builder.length(); i+=3) {`
			`builder.insert(i,':');`
			`}`
			`return builder.toString();`
			`}`

Use platform ciphers as well, just prefer ours 2015-02-02 13:33:55 +00:00			`public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) {`
			`final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS));`
			`final List<String> platformCiphers = Arrays.asList(platformSupportedCipherSuites);`
			`cipherSuites.retainAll(platformCiphers);`
			`cipherSuites.addAll(platformCiphers);`
disable all really weak cipher suites With #959 all ciphers of the platform were enabled, but this also includes several suites that are considered as very weak, even down to NULL- and anon-ciphers which disable completely disable encryption and/or authentication. Especially the anon-ciphers could be easily used for a mitm-attack. To remove all weak ciphers a blacklist with patterns of cipher-names was added to Config.java. The blacklist is based on the "mandatory discards" that Mozilla suggests to not use for TLS-servers because they are weak or known to be broken. https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards 2015-03-07 14:36:31 +00:00			`filterWeakCipherSuites(cipherSuites);`
Use platform ciphers as well, just prefer ours 2015-02-02 13:33:55 +00:00			`return cipherSuites.toArray(new String[cipherSuites.size()]);`
Harden the TLS connection cipher suites 2015-01-14 17:20:02 +00:00			`}`
disable all really weak cipher suites With #959 all ciphers of the platform were enabled, but this also includes several suites that are considered as very weak, even down to NULL- and anon-ciphers which disable completely disable encryption and/or authentication. Especially the anon-ciphers could be easily used for a mitm-attack. To remove all weak ciphers a blacklist with patterns of cipher-names was added to Config.java. The blacklist is based on the "mandatory discards" that Mozilla suggests to not use for TLS-servers because they are weak or known to be broken. https://wiki.mozilla.org/Security/Server_Side_TLS#Mandatory_discards 2015-03-07 14:36:31 +00:00
			`private static void filterWeakCipherSuites(final Collection<String> cipherSuites) {`
			`final Iterator<String> it = cipherSuites.iterator();`
			`while (it.hasNext()) {`
			`String cipherName = it.next();`
			`// remove all ciphers with no or very weak encryption or no authentication`
			`for (String weakCipherPattern : Config.WEAK_CIPHER_PATTERNS) {`
			`if (cipherName.contains(weakCipherPattern)) {`
			`it.remove();`
			`break;`
			`}`
			`}`
			`}`
			`}`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00
introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do 2015-10-16 21:48:42 +00:00			`public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {`
			`Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();`
			`List<String> emails = new ArrayList<>();`
			`if (alternativeNames != null) {`
			`for(List<?> san : alternativeNames) {`
			`Integer type = (Integer) san.get(0);`
			`if (type == 1) {`
			`emails.add((String) san.get(1));`
			`}`
			`}`
			`}`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();`
introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do 2015-10-16 21:48:42 +00:00			`if (emails.size() == 0) {`
			`emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));`
			`}`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());`
introduced code to verify omemo device keys with x509 certificates. cleaned up TrustKeysActivity to automatically close if there is nothing to do 2015-10-16 21:48:42 +00:00			`if (emails.size() >= 1) {`
			`return new Pair<>(Jid.fromString(emails.get(0)), name);`
			`} else {`
			`return null;`
			`}`
add menu item in account details to renew certificate 2015-10-11 13:48:58 +00:00			`}`
show encryption type in warned/red messages 2015-10-28 21:40:09 +00:00
show certificate information 2015-12-23 18:18:53 +00:00			`public static Bundle extractCertificateInformation(X509Certificate certificate) {`
			`Bundle information = new Bundle();`
			`try {`
			`JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate);`
			`X500Name subject = holder.getSubject();`
			`try {`
			`information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());`
			`} catch (Exception e) {`
			`//ignored`
			`}`
			`try {`
			`information.putString("subject_o",subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());`
			`} catch (Exception e) {`
			`//ignored`
			`}`

			`X500Name issuer = holder.getIssuer();`
			`try {`
			`information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());`
			`} catch (Exception e) {`
			`//ignored`
			`}`
			`try {`
			`information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());`
			`} catch (Exception e) {`
			`//ignored`
			`}`
			`try {`
			`MessageDigest md = MessageDigest.getInstance("SHA-1");`
			`byte[] fingerprint = md.digest(certificate.getEncoded());`
			`information.putString("sha1", prettifyFingerprintCert(bytesToHex(fingerprint)));`
			`} catch (Exception e) {`

			`}`
			`return information;`
			`} catch (CertificateEncodingException e) {`
			`return information;`
			`}`
			`}`

show encryption type in warned/red messages 2015-10-28 21:40:09 +00:00			`public static int encryptionTypeToText(int encryption) {`
			`switch (encryption) {`
			`case Message.ENCRYPTION_OTR:`
			`return R.string.encryption_choice_otr;`
			`case Message.ENCRYPTION_AXOLOTL:`
			`return R.string.encryption_choice_omemo;`
			`case Message.ENCRYPTION_NONE:`
			`return R.string.encryption_choice_unencrypted;`
			`default:`
			`return R.string.encryption_choice_pgp;`
			`}`
			`}`
Use Gradle build system 2014-10-22 16:38:44 +00:00			`}`