Encrypt streaming support

Author: SessionHero01

library/src/main/cpp/encryption.cpp

@@ -156,4 +156,135 @@ Java_network_loki_messenger_libsession_1util_SessionEncrypt_calculateECHDAgreeme
         return util::bytes_from_span(env, shared_secret);
     });
 
+}
+
+extern "C"
+JNIEXPORT jlong JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_EncryptionStream_00024Companion_createEncryptionStreamState(
+        JNIEnv *env, jobject thiz, jbyteArray javaKey, jbyteArray javaHeaderOut) {
+    JavaByteArrayRef key(env, javaKey);
+    JavaByteArrayRef headerOut(env, javaHeaderOut);
+
+    if (headerOut.get().size() < crypto_secretstream_xchacha20poly1305_HEADERBYTES) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"),
+                      "Invalid headerOut: not enough space");
+        return 0;
+    }
+
+    if (key.get().size() != crypto_secretstream_xchacha20poly1305_KEYBYTES) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"),
+                      "Invalid key: unexpected size");
+        return 0;
+    }
+
+    auto state = std::make_unique<crypto_secretstream_xchacha20poly1305_state>();
+    crypto_secretstream_xchacha20poly1305_init_push(state.get(),
+                                                    reinterpret_cast<unsigned char*>(env->GetDirectBufferAddress(javaHeaderOut)),
+                                                    key.get().data());
+
+    return reinterpret_cast<jlong>(state.release());
+}
+
+extern "C"
+JNIEXPORT jint JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_EncryptionStream_00024Companion_encryptionStreamHeaderSize(
+        JNIEnv *env, jobject thiz) {
+    return static_cast<jint>(crypto_secretstream_xchacha20poly1305_HEADERBYTES);
+}
+
+extern "C"
+JNIEXPORT jint JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_EncryptionStream_00024Companion_encryptionStreamChunkOverhead(
+        JNIEnv *env, jobject thiz) {
+    return static_cast<jint>(crypto_secretstream_xchacha20poly1305_ABYTES);
+}
+
+extern "C"
+JNIEXPORT jint JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_EncryptionStream_00024Companion_encryptStreamPush(
+        JNIEnv *env, jobject thiz, jlong state_ptr, jbyteArray java_in_buf, jint in_buf_size, jbyteArray java_out_buf) {
+    auto state = reinterpret_cast<crypto_secretstream_xchacha20poly1305_state*>(state_ptr);
+
+    JavaByteArrayRef in_buf(env, java_in_buf);
+    JavaByteArrayRef out_buf(env, java_out_buf);
+
+    unsigned long long cipher_len = out_buf.get().size();
+
+    if (crypto_secretstream_xchacha20poly1305_push(
+            state,
+            out_buf.get().data(), &cipher_len, // Cipher data out
+            in_buf.get().data(), in_buf_size, // Plaintext data in
+            nullptr, 0, // Additional data (not used here)
+            0 // Tag (not used here, can be 0 for message)
+    )) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalStateException"),
+                      "Failed to push data into encryption stream");
+        return 0;
+    }
+
+    // Return the size of the ciphertext written to the output buffer
+    return cipher_len;
+}
+
+extern "C"
+JNIEXPORT void JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_EncryptionStream_00024Companion_destroyEncryptionStreamState(
+        JNIEnv *env, jobject thiz, jlong state_ptr) {
+    delete reinterpret_cast<crypto_secretstream_xchacha20poly1305_state*>(state_ptr);
+}
+
+
+extern "C"
+JNIEXPORT jlong JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_DecryptionStream_00024Companion_createDecryptionStreamState(
+        JNIEnv *env, jobject thiz, jbyteArray javaKey, jbyteArray javaHeader) {
+    JavaByteArrayRef key(env, javaKey);
+    JavaByteArrayRef header(env, javaHeader);
+
+    if (header.get().size() < crypto_secretstream_xchacha20poly1305_HEADERBYTES) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"),
+                      "Invalid header: unexpected size");
+        return 0;
+    }
+
+    if (key.get().size() != crypto_secretstream_xchacha20poly1305_KEYBYTES) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"),
+                      "Invalid key: unexpected size");
+        return 0;
+    }
+
+    auto state = std::make_unique<crypto_secretstream_xchacha20poly1305_state>();
+
+    if (crypto_secretstream_xchacha20poly1305_init_pull(state.get(), header.get().data(), key.get().data()) != 0) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalArgumentException"),
+                      "Failed to initialize decryption stream state");
+        return 0;
+    }
+
+    return reinterpret_cast<jlong>(state.release());
+}
+
+extern "C"
+JNIEXPORT jint JNICALL
+Java_network_loki_messenger_libsession_1util_encrypt_DecryptionStream_00024Companion_decryptionStreamPull(
+        JNIEnv *env, jobject thiz, jlong native_state_ptr, jbyteArray java_in_buf, jint in_buf_len, jbyteArray java_out_buf) {
+    JavaByteArrayRef out_buf(env, java_out_buf);
+    JavaByteArrayRef in_buf(env, java_in_buf);
+
+    unsigned long long mlen = out_buf.get().size();
+    unsigned char tag;
+
+    if (crypto_secretstream_xchacha20poly1305_pull(
+            reinterpret_cast<crypto_secretstream_xchacha20poly1305_state*>(native_state_ptr),
+            out_buf.get().data(), &mlen, // Plaintext data out
+            &tag,
+            in_buf.get().data(), in_buf_len, // Ciphertext data in
+            nullptr, 0 // Additional data (not used here)
+            )) {
+        env->ThrowNew(env->FindClass("java/lang/IllegalStateException"),
+                      "Failed to pull data from decryption stream");
+        return 0;
+    }
+
+    return mlen;
 }

library/src/main/java/network/loki/messenger/libsession_util/encrypt/DecryptionStream.kt

@@ -0,0 +1,107 @@
+package network.loki.messenger.libsession_util.encrypt
+
+import java.io.InputStream
+import java.nio.ByteBuffer
+
+class DecryptionStream(
+    private val inStream: InputStream,
+    key: ByteArray,
+    private val autoClose: Boolean = true
+) : InputStream() {
+    private val nativeStatePtr: Long
+    private val chunkSize: Int
+    private val cipherBuffer: ByteArray
+    private val plaintextBuffer: ByteBuffer
+
+    init {
+        try {
+            // Read chunk size from the input stream
+            val chunkSizeBuffer = ByteBuffer.allocate(4)
+            check(inStream.read(chunkSizeBuffer.array(), 0, 4) == 4) {
+                "Failed to read the chunk size from the input stream."
+            }
+
+            chunkSize = chunkSizeBuffer.int
+
+            cipherBuffer = ByteArray((chunkSize + EncryptionStream.encryptionStreamChunkOverhead()).coerceAtLeast(
+                EncryptionStream.encryptionStreamHeaderSize()
+            ))
+
+            plaintextBuffer = ByteBuffer.allocate(chunkSize)
+
+            // Read the initial header from the input stream
+            check(inStream.read(cipherBuffer, 0, EncryptionStream.encryptionStreamHeaderSize())
+                == EncryptionStream.encryptionStreamHeaderSize()) {
+                "Failed to read the initial header from the input stream."
+            }
+
+            // Initialize the native decryption stream state
+            nativeStatePtr = createDecryptionStreamState(key, cipherBuffer)
+        } catch (e: Exception) {
+            if (autoClose) {
+                inStream.close()
+            }
+
+            throw e
+        }
+    }
+
+    protected fun finalize() {
+        EncryptionStream.destroyEncryptionStreamState(nativeStatePtr)
+    }
+
+    private fun readChunkIfNeeded() {
+        if (!plaintextBuffer.hasRemaining()) {
+            // Read the next chunk of encrypted data from the input stream
+            val bytesRead = inStream.read(cipherBuffer)
+            if (bytesRead == -1) {
+                // End of stream reached
+                return
+            }
+
+            // Decrypt the chunk and fill the plaintext buffer
+            plaintextBuffer.clear()
+            val decryptedBytes = decryptionStreamPull(nativeStatePtr, cipherBuffer, bytesRead, plaintextBuffer.array())
+            if (decryptedBytes < 0) {
+                throw IllegalStateException("Decryption failed with error code: $decryptedBytes")
+            }
+
+            plaintextBuffer.limit(decryptedBytes)
+        }
+    }
+
+    override fun read(): Int {
+        readChunkIfNeeded()
+
+        if (plaintextBuffer.hasRemaining()) {
+            return plaintextBuffer.get().toInt()
+        }
+
+        return -1 // End of stream
+    }
+
+    override fun read(b: ByteArray, off: Int, len: Int): Int {
+        readChunkIfNeeded()
+
+        if (!plaintextBuffer.hasRemaining()) {
+            return -1 // End of stream
+        }
+
+        val bytesToRead = minOf(len, plaintextBuffer.remaining())
+        plaintextBuffer.get(b, off, bytesToRead)
+        return bytesToRead
+    }
+
+    override fun close() {
+        if (autoClose) {
+            inStream.close()
+        }
+
+        super.close()
+    }
+
+    companion object {
+        private external fun createDecryptionStreamState(key: ByteArray, header: ByteArray): Long
+        private external fun decryptionStreamPull(nativeStatePtr: Long, inBuf: ByteArray, inLen: Int, outBuf: ByteArray): Int
+    }
+}

library/src/main/java/network/loki/messenger/libsession_util/encrypt/EncryptionStream.kt

@@ -0,0 +1,98 @@
+package network.loki.messenger.libsession_util.encrypt
+
+import java.io.OutputStream
+import java.nio.ByteBuffer
+
+class EncryptionStream(
+    private val out: OutputStream,
+    key: ByteArray,
+    val chunkSize: Int = 4096,
+    private val autoClose: Boolean = true
+) : OutputStream() {
+    private val nativeStatePtr: Long
+    private val plaintextBuffer by lazy(LazyThreadSafetyMode.NONE) {
+        ByteBuffer.allocate(chunkSize)
+    }
+
+    private val cipherBuffer = ByteBuffer.allocate(chunkSize + encryptionStreamChunkOverhead())
+
+    init {
+        try {
+            // Write the chunk size
+            out.write(ByteBuffer.allocate(4).putInt(chunkSize).array())
+
+            // Write initial header to the output stream
+            nativeStatePtr = createEncryptionStreamState(key, cipherBuffer.array())
+            out.write(cipherBuffer.array(), 0, encryptionStreamHeaderSize())
+        } catch (e: Exception) {
+            if (autoClose) {
+                out.close()
+            }
+
+            throw e
+        }
+    }
+
+    protected fun finalize() {
+        destroyEncryptionStreamState(nativeStatePtr)
+    }
+
+    private fun flushWhenFull() {
+        if (!plaintextBuffer.hasRemaining()) {
+            flush()
+        }
+    }
+
+    override fun write(b: Int) {
+        flushWhenFull()
+        plaintextBuffer.put(b.toByte())
+        flushWhenFull()
+    }
+
+    override fun write(b: ByteArray, off: Int, len: Int) {
+        var from = off
+        val to = off + len
+        while (from < to) {
+            flushWhenFull()
+            val toWrite = minOf(to - from, chunkSize - plaintextBuffer.position()).coerceAtLeast(0)
+            plaintextBuffer.put(b, from, toWrite)
+            from += toWrite
+            flushWhenFull()
+        }
+    }
+
+    override fun flush() {
+        super.flush()
+
+        // Flip the buffer to prepare for reading
+        plaintextBuffer.flip()
+
+        if (plaintextBuffer.hasRemaining()) {
+            cipherBuffer.clear()
+            val cipherLength = encryptStreamPush(nativeStatePtr, plaintextBuffer.array(), plaintextBuffer.remaining(), cipherBuffer.array())
+            out.write(cipherBuffer.array(), 0, cipherLength)
+            plaintextBuffer.clear()
+        }
+
+        out.flush()
+    }
+
+    override fun close() {
+        flush()
+        if (autoClose) {
+            out.close()
+        }
+        super.close()
+    }
+
+
+    companion object {
+        external fun encryptionStreamHeaderSize(): Int
+        external fun encryptionStreamChunkOverhead(): Int
+
+        private external fun createEncryptionStreamState(key: ByteArray, headerOut: ByteArray): Long
+        private external fun encryptStreamPush(statePtr: Long, inBuf: ByteArray, inBufLen: Int, outBuf: ByteArray): Int
+
+        external fun destroyEncryptionStreamState(statePtr: Long)
+    }
+}