1package eu.siacs.conversations.utils;
2
3import android.util.Pair;
4
5import org.bouncycastle.asn1.x500.X500Name;
6import org.bouncycastle.asn1.x500.style.BCStyle;
7import org.bouncycastle.asn1.x500.style.IETFUtils;
8import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
9
10import java.security.SecureRandom;
11import java.security.cert.CertificateEncodingException;
12import java.security.cert.X509Certificate;
13import java.text.Normalizer;
14import java.util.Arrays;
15import java.util.Collection;
16import java.util.Iterator;
17import java.util.LinkedHashSet;
18import java.util.List;
19
20import eu.siacs.conversations.Config;
21import eu.siacs.conversations.xmpp.jid.InvalidJidException;
22import eu.siacs.conversations.xmpp.jid.Jid;
23
24public final class CryptoHelper {
25 public static final String FILETRANSFER = "?FILETRANSFERv1:";
26 private final static char[] hexArray = "0123456789abcdef".toCharArray();
27 private final static char[] vowels = "aeiou".toCharArray();
28 private final static char[] consonants = "bcdfghjklmnpqrstvwxyz".toCharArray();
29 final public static byte[] ONE = new byte[] { 0, 0, 0, 1 };
30
31 public static String bytesToHex(byte[] bytes) {
32 char[] hexChars = new char[bytes.length * 2];
33 for (int j = 0; j < bytes.length; j++) {
34 int v = bytes[j] & 0xFF;
35 hexChars[j * 2] = hexArray[v >>> 4];
36 hexChars[j * 2 + 1] = hexArray[v & 0x0F];
37 }
38 return new String(hexChars);
39 }
40
41 public static byte[] hexToBytes(String hexString) {
42 int len = hexString.length();
43 byte[] array = new byte[len / 2];
44 for (int i = 0; i < len; i += 2) {
45 array[i / 2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character
46 .digit(hexString.charAt(i + 1), 16));
47 }
48 return array;
49 }
50
51 public static String hexToString(final String hexString) {
52 return new String(hexToBytes(hexString));
53 }
54
55 public static byte[] concatenateByteArrays(byte[] a, byte[] b) {
56 byte[] result = new byte[a.length + b.length];
57 System.arraycopy(a, 0, result, 0, a.length);
58 System.arraycopy(b, 0, result, a.length, b.length);
59 return result;
60 }
61
62 public static String randomMucName(SecureRandom random) {
63 return randomWord(3, random) + "." + randomWord(7, random);
64 }
65
66 private static String randomWord(int lenght, SecureRandom random) {
67 StringBuilder builder = new StringBuilder(lenght);
68 for (int i = 0; i < lenght; ++i) {
69 if (i % 2 == 0) {
70 builder.append(consonants[random.nextInt(consonants.length)]);
71 } else {
72 builder.append(vowels[random.nextInt(vowels.length)]);
73 }
74 }
75 return builder.toString();
76 }
77
78 /**
79 * Escapes usernames or passwords for SASL.
80 */
81 public static String saslEscape(final String s) {
82 final StringBuilder sb = new StringBuilder((int) (s.length() * 1.1));
83 for (int i = 0; i < s.length(); i++) {
84 char c = s.charAt(i);
85 switch (c) {
86 case ',':
87 sb.append("=2C");
88 break;
89 case '=':
90 sb.append("=3D");
91 break;
92 default:
93 sb.append(c);
94 break;
95 }
96 }
97 return sb.toString();
98 }
99
100 public static String saslPrep(final String s) {
101 return Normalizer.normalize(s, Normalizer.Form.NFKC);
102 }
103
104 public static String prettifyFingerprint(String fingerprint) {
105 if (fingerprint==null) {
106 return "";
107 } else if (fingerprint.length() < 40) {
108 return fingerprint;
109 }
110 StringBuilder builder = new StringBuilder(fingerprint.replaceAll("\\s",""));
111 for(int i=8;i<builder.length();i+=9) {
112 builder.insert(i, ' ');
113 }
114 return builder.toString();
115 }
116
117 public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) {
118 final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS));
119 final List<String> platformCiphers = Arrays.asList(platformSupportedCipherSuites);
120 cipherSuites.retainAll(platformCiphers);
121 cipherSuites.addAll(platformCiphers);
122 filterWeakCipherSuites(cipherSuites);
123 return cipherSuites.toArray(new String[cipherSuites.size()]);
124 }
125
126 private static void filterWeakCipherSuites(final Collection<String> cipherSuites) {
127 final Iterator<String> it = cipherSuites.iterator();
128 while (it.hasNext()) {
129 String cipherName = it.next();
130 // remove all ciphers with no or very weak encryption or no authentication
131 for (String weakCipherPattern : Config.WEAK_CIPHER_PATTERNS) {
132 if (cipherName.contains(weakCipherPattern)) {
133 it.remove();
134 break;
135 }
136 }
137 }
138 }
139
140 public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException {
141 X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
142 //String xmpp = IETFUtils.valueToString(x500name.getRDNs(new ASN1ObjectIdentifier("1.3.6.1.5.5.7.8.5"))[0].getFirst().getValue());
143 String email = IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue());
144 String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());
145 return new Pair<>(Jid.fromString(email),name);
146 }
147}