Implement aesgcm encrypted file upload

libdino/src/service/file_manager.vala

@@ -42,7 +42,7 @@ public class FileManager : StreamInteractionModule, Object {
         file_transfer.direction = FileTransfer.DIRECTION_SENT;
         file_transfer.time = new DateTime.now_utc();
         file_transfer.local_time = new DateTime.now_utc();
-        file_transfer.encryption = Encryption.NONE;
+        file_transfer.encryption = conversation.encryption;
         try {
             File file = File.new_for_path(uri);
             FileInfo file_info = file.query_info("*", FileQueryInfoFlags.NONE);

plugins/http-files/src/file_provider.vala

@@ -13,17 +13,12 @@ public class FileProvider : Dino.FileProvider, Object {
     private Dino.Database dino_db;
     private Regex url_regex;
 
-    private Gee.List<string> ignore_once = new ArrayList<string>();
-
     public FileProvider(StreamInteractor stream_interactor, Dino.Database dino_db) {
         this.stream_interactor = stream_interactor;
         this.dino_db = dino_db;
         this.url_regex = new Regex("""^(?i)\b((?:[a-z][\w-]+:(?:\/{1,3}|[a-z0-9%])|www\d{0,3}[.]|[a-z0-9.\-]+[.][a-z]{2,4}\/)(?:[^\s()<>]+|\(([^\s()<>]+|(\([^\s()<>]+\)))*\))+(?:\(([^\s()<>]+|(\([^\s()<>]+\)))*\)|[^\s`!()\[\]{};:'".,<>?«»“”‘’]))$""");
 
         stream_interactor.get_module(MessageProcessor.IDENTITY).received_pipeline.connect(new ReceivedMessageListener(this));
-        stream_interactor.get_module(Manager.IDENTITY).uploaded.connect((file_transfer, url) => {
-            ignore_once.add(url);
-        });
     }
 
     private class ReceivedMessageListener : MessageListener {

plugins/http-files/src/manager.vala

@@ -71,7 +71,7 @@ public class Manager : StreamInteractionModule, FileSender, Object {
             upload(stream, file_transfer,
                 (stream, url_down) => {
                     uploaded(file_transfer, url_down);
-                    file_transfer.info = url_down;
+                    file_transfer.info = url_down; // store the message content temporarily so the message gets filtered out
                     Entities.Message message = stream_interactor.get_module(MessageProcessor.IDENTITY).create_out_message(url_down, conversation);
                     message.encryption = Encryption.NONE;
                     stream_interactor.get_module(MessageProcessor.IDENTITY).send_message(message, conversation);
@@ -91,7 +91,7 @@ public class Manager : StreamInteractionModule, FileSender, Object {
     }
 
     public bool can_send(Conversation conversation, FileTransfer file_transfer) {
-        return true;
+        return file_transfer.encryption != Encryption.OMEMO;
     }
 
     public bool is_upload_available(Conversation conversation) {
@@ -116,7 +116,7 @@ public class Manager : StreamInteractionModule, FileSender, Object {
     }
 
     private void check_add_oob(Entities.Message message, Xmpp.MessageStanza message_stanza, Conversation conversation) {
-        if (message_is_file(db, message)) {
+        if (message_is_file(db, message) && message.body.has_prefix("http")) {
             Xep.OutOfBandData.add_url_to_message(message_stanza, message_stanza.body);
         }
     }

plugins/omemo/CMakeLists.txt

@@ -40,6 +40,7 @@ SOURCES
     src/encrypt_state.vala
     src/encryption_list_entry.vala
     src/file_provider.vala
+    src/file_sender.vala
     src/manage_key_dialog.vala
     src/manager.vala
     src/message_flag.vala

plugins/omemo/src/file_provider.vala

@@ -14,8 +14,6 @@ public class FileProvider : Dino.FileProvider, Object {
     private Dino.Database dino_db;
     private Regex url_regex;
 
-    private Gee.List<string> ignore_once = new ArrayList<string>();
-
     public FileProvider(StreamInteractor stream_interactor, Dino.Database dino_db) {
         this.stream_interactor = stream_interactor;
         this.dino_db = dino_db;
@@ -139,7 +137,8 @@ public class FileProvider : Dino.FileProvider, Object {
         } while(len > 0);
 
         // Decrypt
-        return new MemoryInputStream.from_data(aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data));
+        uint8[] cleartext = Signal.aes_decrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data);
+        return new MemoryInputStream.from_data(cleartext);
     }
 
     private uint8[] hex_to_bin(string hex) {

plugins/omemo/src/file_sender.vala

@@ -0,0 +1,108 @@
+using Dino.Entities;
+using Gee;
+using Signal;
+using Xmpp;
+
+namespace Dino.Plugins.Omemo {
+
+public class AesGcmFileSender : StreamInteractionModule, FileSender, Object {
+    public static ModuleIdentity<Manager> IDENTITY = new ModuleIdentity<Manager>("http_files");
+    public string id { get { return IDENTITY.id; } }
+
+
+    private StreamInteractor stream_interactor;
+    private HashMap<Account, long> max_file_sizes = new HashMap<Account, long>(Account.hash_func, Account.equals_func);
+
+    public AesGcmFileSender(StreamInteractor stream_interactor) {
+        this.stream_interactor = stream_interactor;
+
+        stream_interactor.stream_negotiated.connect(on_stream_negotiated);
+    }
+
+    public void send_file(Conversation conversation, FileTransfer file_transfer) {
+        Xmpp.XmppStream? stream = stream_interactor.get_stream(file_transfer.account);
+        uint8[] buf = new uint8[256];
+        Array<uint8> data = new Array<uint8>(false, true, 0);
+        size_t len = -1;
+        do {
+            try {
+                len = file_transfer.input_stream.read(buf);
+            } catch (IOError error) {
+                warning(@"HTTP upload: IOError reading stream: $(error.message)");
+                file_transfer.state = FileTransfer.State.FAILED;
+            }
+            data.append_vals(buf, (uint) len);
+        } while(len > 0);
+
+        //Create a key and use it to encrypt the file
+        uint8[] iv = new uint8[16];
+        Plugin.get_context().randomize(iv);
+        uint8[] key = new uint8[32];
+        Plugin.get_context().randomize(key);
+        uint8[] ciphertext = aes_encrypt(Cipher.AES_GCM_NOPADDING, key, iv, data.data);
+
+        // Convert iv and key to hex
+        string iv_and_key = "";
+        foreach (uint8 byte in iv) iv_and_key += byte.to_string("%02x");
+        foreach (uint8 byte in key) iv_and_key += byte.to_string("%02x");
+
+        stream_interactor.module_manager.get_module(file_transfer.account, Xmpp.Xep.HttpFileUpload.Module.IDENTITY).request_slot(stream, file_transfer.server_file_name, (int) data.length, file_transfer.mime_type,
+            (stream, url_down, url_up) => {
+                Soup.Message message = new Soup.Message("PUT", url_up);
+                message.set_request(file_transfer.mime_type, Soup.MemoryUse.COPY, ciphertext);
+                Soup.Session session = new Soup.Session();
+                session.send_async.begin(message, null, (obj, res) => {
+                    try {
+                        session.send_async.end(res);
+                        if (message.status_code >= 200 && message.status_code < 300) {
+                            string aesgcm_link = url_down + "#" + iv_and_key;
+                            aesgcm_link = "aesgcm://" + aesgcm_link.substring(8); // replace https:// by aesgcm://
+
+                            file_transfer.info = aesgcm_link; // store the message content temporarily so the message gets filtered out
+                            Entities.Message xmpp_message = stream_interactor.get_module(MessageProcessor.IDENTITY).create_out_message(aesgcm_link, conversation);
+                            xmpp_message.encryption = Encryption.OMEMO;
+                            stream_interactor.get_module(MessageProcessor.IDENTITY).send_message(xmpp_message, conversation);
+                            file_transfer.info = xmpp_message.id.to_string();
+
+                            ContentItem? content_item = stream_interactor.get_module(ContentItemStore.IDENTITY).get_item(conversation, 1, xmpp_message.id);
+                            if (content_item != null) {
+                                stream_interactor.get_module(ContentItemStore.IDENTITY).set_item_hide(content_item, true);
+                            }
+                        } else {
+                            warning("HTTP status code " + message.status_code.to_string());
+                            file_transfer.state = FileTransfer.State.FAILED;
+                        }
+                    } catch (Error e) {
+                        warning("HTTP upload error: " + e.message);
+                        file_transfer.state = FileTransfer.State.FAILED;
+                    }
+                });
+            },
+            (stream, error) => {
+                warning("HTTP upload error: " + error);
+                file_transfer.state = FileTransfer.State.FAILED;
+            }
+        );
+    }
+
+    public bool can_send(Conversation conversation, FileTransfer file_transfer) {
+        return file_transfer.encryption == Encryption.OMEMO;
+    }
+
+    public bool is_upload_available(Conversation conversation) {
+        lock (max_file_sizes) {
+            return max_file_sizes.has_key(conversation.account);
+        }
+    }
+
+    private void on_stream_negotiated(Account account, XmppStream stream) {
+        stream_interactor.module_manager.get_module(account, Xmpp.Xep.HttpFileUpload.Module.IDENTITY).feature_available.connect((stream, max_file_size) => {
+            lock (max_file_sizes) {
+                max_file_sizes[account] = max_file_size;
+            }
+            upload_available(account);
+        });
+    }
+}
+
+}

plugins/omemo/src/plugin.vala

@@ -51,6 +51,7 @@ public class Plugin : RootInterface, Object {
         });
 
         app.stream_interactor.get_module(FileManager.IDENTITY).add_provider(new FileProvider(app.stream_interactor, app.db));
+        this.app.stream_interactor.get_module(FileManager.IDENTITY).add_sender(new AesGcmFileSender(app.stream_interactor));
         Manager.start(this.app.stream_interactor, db, trust_manager);
 
         SimpleAction own_keys_action = new SimpleAction("own-keys", VariantType.INT32);