1package eu.siacs.conversations.utils;
2
3import static eu.siacs.conversations.utils.Random.SECURE_RANDOM;
4
5import android.os.Bundle;
6import android.util.Base64;
7import android.util.Pair;
8
9import org.bouncycastle.asn1.x500.X500Name;
10import org.bouncycastle.asn1.x500.style.BCStyle;
11import org.bouncycastle.asn1.x500.style.IETFUtils;
12import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
13
14import java.nio.charset.StandardCharsets;
15import java.security.MessageDigest;
16import java.security.NoSuchAlgorithmException;
17import java.security.SecureRandom;
18import java.security.cert.CertificateEncodingException;
19import java.security.cert.CertificateParsingException;
20import java.security.cert.X509Certificate;
21import java.text.Normalizer;
22import java.util.ArrayList;
23import java.util.Arrays;
24import java.util.Collection;
25import java.util.Iterator;
26import java.util.LinkedHashSet;
27import java.util.List;
28import java.util.regex.Pattern;
29
30import eu.siacs.conversations.Config;
31import eu.siacs.conversations.R;
32import eu.siacs.conversations.entities.Account;
33import eu.siacs.conversations.entities.Message;
34import eu.siacs.conversations.xmpp.Jid;
35
36public final class CryptoHelper {
37
38 public static final Pattern UUID_PATTERN = Pattern.compile("[0-9a-f]{8}-[0-9a-f]{4}-4[0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}");
39 final public static byte[] ONE = new byte[]{0, 0, 0, 1};
40 private static final char[] CHARS = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz123456789+-/#$!?".toCharArray();
41 private static final int PW_LENGTH = 12;
42 private static final char[] VOWELS = "aeiou".toCharArray();
43 private static final char[] CONSONANTS = "bcfghjklmnpqrstvwxyz".toCharArray();
44 private final static char[] hexArray = "0123456789abcdef".toCharArray();
45
46 public static String bytesToHex(byte[] bytes) {
47 char[] hexChars = new char[bytes.length * 2];
48 for (int j = 0; j < bytes.length; j++) {
49 int v = bytes[j] & 0xFF;
50 hexChars[j * 2] = hexArray[v >>> 4];
51 hexChars[j * 2 + 1] = hexArray[v & 0x0F];
52 }
53 return new String(hexChars);
54 }
55
56 public static String createPassword(SecureRandom random) {
57 StringBuilder builder = new StringBuilder(PW_LENGTH);
58 for (int i = 0; i < PW_LENGTH; ++i) {
59 builder.append(CHARS[random.nextInt(CHARS.length - 1)]);
60 }
61 return builder.toString();
62 }
63
64 public static String pronounceable() {
65 final int rand = SECURE_RANDOM.nextInt(4);
66 char[] output = new char[rand * 2 + (5 - rand)];
67 boolean vowel = SECURE_RANDOM.nextBoolean();
68 for (int i = 0; i < output.length; ++i) {
69 output[i] = vowel ? VOWELS[SECURE_RANDOM.nextInt(VOWELS.length)] : CONSONANTS[SECURE_RANDOM.nextInt(CONSONANTS.length)];
70 vowel = !vowel;
71 }
72 return String.valueOf(output);
73 }
74
75 public static byte[] hexToBytes(String hexString) {
76 int len = hexString.length();
77 byte[] array = new byte[len / 2];
78 for (int i = 0; i < len; i += 2) {
79 array[i / 2] = (byte) ((Character.digit(hexString.charAt(i), 16) << 4) + Character
80 .digit(hexString.charAt(i + 1), 16));
81 }
82 return array;
83 }
84
85 public static String hexToString(final String hexString) {
86 return new String(hexToBytes(hexString));
87 }
88
89 public static byte[] concatenateByteArrays(byte[] a, byte[] b) {
90 byte[] result = new byte[a.length + b.length];
91 System.arraycopy(a, 0, result, 0, a.length);
92 System.arraycopy(b, 0, result, a.length, b.length);
93 return result;
94 }
95
96 /**
97 * Escapes usernames or passwords for SASL.
98 */
99 public static String saslEscape(final String s) {
100 final StringBuilder sb = new StringBuilder((int) (s.length() * 1.1));
101 for (int i = 0; i < s.length(); i++) {
102 char c = s.charAt(i);
103 switch (c) {
104 case ',':
105 sb.append("=2C");
106 break;
107 case '=':
108 sb.append("=3D");
109 break;
110 default:
111 sb.append(c);
112 break;
113 }
114 }
115 return sb.toString();
116 }
117
118 public static String saslPrep(final String s) {
119 return Normalizer.normalize(s, Normalizer.Form.NFKC);
120 }
121
122 public static String random(final int length) {
123 final byte[] bytes = new byte[length];
124 SECURE_RANDOM.nextBytes(bytes);
125 return Base64.encodeToString(bytes, Base64.NO_PADDING | Base64.NO_WRAP | Base64.URL_SAFE);
126 }
127
128 public static String prettifyFingerprint(String fingerprint) {
129 if (fingerprint == null) {
130 return "";
131 } else if (fingerprint.length() < 40) {
132 return fingerprint;
133 }
134 StringBuilder builder = new StringBuilder(fingerprint);
135 for (int i = 8; i < builder.length(); i += 9) {
136 builder.insert(i, ' ');
137 }
138 return builder.toString();
139 }
140
141 public static String prettifyFingerprintCert(String fingerprint) {
142 StringBuilder builder = new StringBuilder(fingerprint);
143 for (int i = 2; i < builder.length(); i += 3) {
144 builder.insert(i, ':');
145 }
146 return builder.toString();
147 }
148
149 public static String[] getOrderedCipherSuites(final String[] platformSupportedCipherSuites) {
150 final Collection<String> cipherSuites = new LinkedHashSet<>(Arrays.asList(Config.ENABLED_CIPHERS));
151 final List<String> platformCiphers = Arrays.asList(platformSupportedCipherSuites);
152 cipherSuites.retainAll(platformCiphers);
153 cipherSuites.addAll(platformCiphers);
154 filterWeakCipherSuites(cipherSuites);
155 cipherSuites.remove("TLS_FALLBACK_SCSV");
156 return cipherSuites.toArray(new String[cipherSuites.size()]);
157 }
158
159 private static void filterWeakCipherSuites(final Collection<String> cipherSuites) {
160 final Iterator<String> it = cipherSuites.iterator();
161 while (it.hasNext()) {
162 String cipherName = it.next();
163 // remove all ciphers with no or very weak encryption or no authentication
164 for (String weakCipherPattern : Config.WEAK_CIPHER_PATTERNS) {
165 if (cipherName.contains(weakCipherPattern)) {
166 it.remove();
167 break;
168 }
169 }
170 }
171 }
172
173 public static Pair<Jid, String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, IllegalArgumentException, CertificateParsingException {
174 Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
175 List<String> emails = new ArrayList<>();
176 if (alternativeNames != null) {
177 for (List<?> san : alternativeNames) {
178 Integer type = (Integer) san.get(0);
179 if (type == 1) {
180 emails.add((String) san.get(1));
181 }
182 }
183 }
184 X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
185 if (emails.size() == 0 && x500name.getRDNs(BCStyle.EmailAddress).length > 0) {
186 emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
187 }
188 String name = x500name.getRDNs(BCStyle.CN).length > 0 ? IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()) : null;
189 if (emails.size() >= 1) {
190 return new Pair<>(Jid.of(emails.get(0)), name);
191 } else if (name != null) {
192 try {
193 Jid jid = Jid.of(name);
194 if (jid.isBareJid() && jid.getLocal() != null) {
195 return new Pair<>(jid, null);
196 }
197 } catch (IllegalArgumentException e) {
198 return null;
199 }
200 }
201 return null;
202 }
203
204 public static Bundle extractCertificateInformation(X509Certificate certificate) {
205 Bundle information = new Bundle();
206 try {
207 JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate);
208 X500Name subject = holder.getSubject();
209 try {
210 information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
211 } catch (Exception e) {
212 //ignored
213 }
214 try {
215 information.putString("subject_o", subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
216 } catch (Exception e) {
217 //ignored
218 }
219
220 X500Name issuer = holder.getIssuer();
221 try {
222 information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
223 } catch (Exception e) {
224 //ignored
225 }
226 try {
227 information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
228 } catch (Exception e) {
229 //ignored
230 }
231 try {
232 information.putString("sha1", getFingerprintCert(certificate.getEncoded()));
233 } catch (Exception e) {
234
235 }
236 return information;
237 } catch (CertificateEncodingException e) {
238 return information;
239 }
240 }
241
242 public static String getFingerprintCert(byte[] input) throws NoSuchAlgorithmException {
243 MessageDigest md = MessageDigest.getInstance("SHA-1");
244 byte[] fingerprint = md.digest(input);
245 return prettifyFingerprintCert(bytesToHex(fingerprint));
246 }
247
248 public static String getFingerprint(Jid jid, String androidId) {
249 return getFingerprint(jid.toEscapedString() + "\00" + androidId);
250 }
251
252 public static String getAccountFingerprint(Account account, String androidId) {
253 return getFingerprint(account.getJid().asBareJid(), androidId);
254 }
255
256 public static String getFingerprint(String value) {
257 try {
258 MessageDigest md = MessageDigest.getInstance("SHA-1");
259 return bytesToHex(md.digest(value.getBytes(StandardCharsets.UTF_8)));
260 } catch (Exception e) {
261 return "";
262 }
263 }
264
265 public static int encryptionTypeToText(int encryption) {
266 switch (encryption) {
267 case Message.ENCRYPTION_OTR:
268 return R.string.encryption_choice_otr;
269 case Message.ENCRYPTION_AXOLOTL:
270 case Message.ENCRYPTION_AXOLOTL_NOT_FOR_THIS_DEVICE:
271 case Message.ENCRYPTION_AXOLOTL_FAILED:
272 return R.string.encryption_choice_omemo;
273 case Message.ENCRYPTION_NONE:
274 return R.string.encryption_choice_unencrypted;
275 default:
276 return R.string.encryption_choice_pgp;
277 }
278 }
279
280 public static boolean isPgpEncryptedUrl(String url) {
281 if (url == null) {
282 return false;
283 }
284 final String u = url.toLowerCase();
285 return !u.contains(" ") && (u.startsWith("https://") || u.startsWith("http://") || u.startsWith("p1s3://")) && u.endsWith(".pgp");
286 }
287}