From 87858762d4a0285a08589458023c2632ee2e8bb4 Mon Sep 17 00:00:00 2001
From: J-Jamet <jeremy.jamet@kunzisoft.com>
Date: Wed, 24 Mar 2021 19:50:56 +0100
Subject: [PATCH] Remove NullOutputStream

---
 .../keepass/tests/crypto/EncryptionTest.kt    | 12 ++---
 .../keepass/database/crypto/HmacBlock.kt      | 15 ++----
 .../database/element/database/DatabaseKDB.kt  |  9 +---
 .../database/file/DatabaseHeaderKDBX.kt       | 10 ----
 .../database/file/output/DatabaseOutputKDB.kt | 13 +++--
 .../java/com/kunzisoft/encrypt/HashManager.kt | 15 +-----
 .../encrypt/stream/NullOutputStream.kt        | 51 -------------------
 7 files changed, 18 insertions(+), 107 deletions(-)
 delete mode 100644 encrypt/src/main/java/com/kunzisoft/encrypt/stream/NullOutputStream.kt

diff --git a/app/src/androidTest/java/com/kunzisoft/keepass/tests/crypto/EncryptionTest.kt b/app/src/androidTest/java/com/kunzisoft/keepass/tests/crypto/EncryptionTest.kt
index b393d430c..4cc3989cd 100644
--- a/app/src/androidTest/java/com/kunzisoft/keepass/tests/crypto/EncryptionTest.kt
+++ b/app/src/androidTest/java/com/kunzisoft/keepass/tests/crypto/EncryptionTest.kt
@@ -36,12 +36,12 @@ class EncryptionTest {
     @Test
     fun testCipherFactory() {
         val key = ByteArray(32)
+        rand.nextBytes(key)
+
         val iv = ByteArray(16)
+        rand.nextBytes(iv)
 
         val plaintext = ByteArray(1024)
-
-        rand.nextBytes(key)
-        rand.nextBytes(iv)
         rand.nextBytes(plaintext)
 
         val aes = EncryptionAlgorithm.AESRijndael.cipherEngine
@@ -59,12 +59,12 @@ class EncryptionTest {
         val length = 1024
 
         val key = ByteArray(32)
+        rand.nextBytes(key)
+
         val iv = ByteArray(16)
+        rand.nextBytes(iv)
 
         val plaintext = ByteArray(length)
-
-        rand.nextBytes(key)
-        rand.nextBytes(iv)
         rand.nextBytes(plaintext)
 
         val aes = EncryptionAlgorithm.AESRijndael.cipherEngine
diff --git a/app/src/main/java/com/kunzisoft/keepass/database/crypto/HmacBlock.kt b/app/src/main/java/com/kunzisoft/keepass/database/crypto/HmacBlock.kt
index 097dd6a27..6d5c954a4 100644
--- a/app/src/main/java/com/kunzisoft/keepass/database/crypto/HmacBlock.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/crypto/HmacBlock.kt
@@ -20,10 +20,8 @@
 package com.kunzisoft.keepass.database.crypto
 
 import com.kunzisoft.encrypt.UnsignedLong
-import com.kunzisoft.encrypt.stream.NullOutputStream
-import com.kunzisoft.encrypt.stream.write8BytesLong
+import com.kunzisoft.encrypt.stream.uLongTo8Bytes
 import java.io.IOException
-import java.security.DigestOutputStream
 import java.security.InvalidKeyException
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
@@ -53,15 +51,8 @@ object HmacBlock {
         } catch (e: NoSuchAlgorithmException) {
             throw RuntimeException(e)
         }
-
-        val digestOutputStream = DigestOutputStream(NullOutputStream(), hash)
-        try {
-            digestOutputStream.write8BytesLong(blockIndex)
-            digestOutputStream.write(key)
-            digestOutputStream.close()
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        }
+        hash.update(uLongTo8Bytes(blockIndex))
+        hash.update(key)
         return hash.digest()
     }
 }
diff --git a/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt b/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt
index 73dd14155..f956d2bd4 100644
--- a/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/element/database/DatabaseKDB.kt
@@ -20,7 +20,6 @@
 package com.kunzisoft.keepass.database.element.database
 
 import com.kunzisoft.encrypt.aes.AESKeyTransformerFactory
-import com.kunzisoft.encrypt.stream.NullOutputStream
 import com.kunzisoft.keepass.database.crypto.EncryptionAlgorithm
 import com.kunzisoft.keepass.database.crypto.kdf.KdfEngine
 import com.kunzisoft.keepass.database.crypto.kdf.KdfFactory
@@ -33,7 +32,6 @@ import com.kunzisoft.keepass.database.element.node.NodeIdUUID
 import com.kunzisoft.keepass.database.element.node.NodeVersioned
 import java.io.IOException
 import java.io.InputStream
-import java.security.DigestOutputStream
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
 import java.util.*
@@ -153,12 +151,9 @@ class DatabaseKDB : DatabaseVersioned<Int, UUID, GroupKDB, EntryKDB>() {
             throw IOException("SHA-256 not implemented here.")
         }
 
-        val nos = NullOutputStream()
-        val dos = DigestOutputStream(nos, messageDigest)
-
         // Encrypt the master key a few times to make brute-force key-search harder
-        dos.write(masterSeed)
-        dos.write(AESKeyTransformerFactory.transformMasterKey(masterSeed2, masterKey, numRounds) ?: ByteArray(0))
+        messageDigest.update(masterSeed)
+        messageDigest.update(AESKeyTransformerFactory.transformMasterKey(masterSeed2, masterKey, numRounds) ?: ByteArray(0))
 
         finalKey = messageDigest.digest()
     }
diff --git a/app/src/main/java/com/kunzisoft/keepass/database/file/DatabaseHeaderKDBX.kt b/app/src/main/java/com/kunzisoft/keepass/database/file/DatabaseHeaderKDBX.kt
index 11992ee87..3213eaeb3 100644
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/DatabaseHeaderKDBX.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/DatabaseHeaderKDBX.kt
@@ -21,10 +21,8 @@ package com.kunzisoft.keepass.database.file
 
 import com.kunzisoft.encrypt.CrsAlgorithm
 import com.kunzisoft.encrypt.UnsignedInt
-import com.kunzisoft.encrypt.UnsignedLong
 import com.kunzisoft.encrypt.stream.*
 import com.kunzisoft.keepass.database.action.node.NodeHandler
-import com.kunzisoft.keepass.database.crypto.HmacBlock
 import com.kunzisoft.keepass.database.crypto.VariantDictionary
 import com.kunzisoft.keepass.database.crypto.kdf.AesKdf
 import com.kunzisoft.keepass.database.crypto.kdf.KdfFactory
@@ -42,7 +40,6 @@ import java.io.InputStream
 import java.security.DigestInputStream
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
-import javax.crypto.Mac
 
 class DatabaseHeaderKDBX(private val databaseV4: DatabaseKDBX) : DatabaseHeader() {
     var innerRandomStreamKey: ByteArray = ByteArray(32)
@@ -322,12 +319,5 @@ class DatabaseHeaderKDBX(private val databaseV4: DatabaseKDBX) : DatabaseHeader(
         fun matchesHeader(sig1: UnsignedInt, sig2: UnsignedInt): Boolean {
             return sig1 == PWM_DBSIG_1 && (sig2 == DBSIG_PRE2 || sig2 == DBSIG_2)
         }
-
-        @Throws(IOException::class)
-        fun computeHeaderHmac(header: ByteArray, key: ByteArray): ByteArray {
-            val blockKey = HmacBlock.getHmacKey64(key, UnsignedLong.MAX)
-            val hmac: Mac = HmacBlock.getHmacSha256(blockKey)
-            return hmac.doFinal(header)
-        }
     }
 }
diff --git a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt
index af52bd05d..72d22b56e 100644
--- a/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/database/file/output/DatabaseOutputKDB.kt
@@ -20,7 +20,6 @@
 package com.kunzisoft.keepass.database.file.output
 
 import com.kunzisoft.encrypt.UnsignedInt
-import com.kunzisoft.encrypt.stream.NullOutputStream
 import com.kunzisoft.encrypt.stream.write2BytesUShort
 import com.kunzisoft.encrypt.stream.write4BytesUInt
 import com.kunzisoft.keepass.database.crypto.EncryptionAlgorithm
@@ -138,10 +137,8 @@ class DatabaseOutputKDB(private val mDatabaseKDB: DatabaseKDB,
             throw DatabaseOutputException("SHA-256 not implemented here.", e)
         }
 
-        var nos = NullOutputStream()
-        val headerDos = DigestOutputStream(nos, headerDigest)
-
         // Output header for the purpose of calculating the header checksum
+        val headerDos = DigestOutputStream(NullOutputStream(), headerDigest)
         var pho = DatabaseHeaderOutputKDB(header, headerDos)
         try {
             pho.outputStart()
@@ -155,8 +152,7 @@ class DatabaseOutputKDB(private val mDatabaseKDB: DatabaseKDB,
         headerHashBlock = getHeaderHashBuffer(headerHash)
 
         // Output database for the purpose of calculating the content checksum
-        nos = NullOutputStream()
-        val dos = DigestOutputStream(nos, messageDigest)
+        val dos = DigestOutputStream(NullOutputStream(), messageDigest)
         val bos = BufferedOutputStream(dos)
         try {
             outputPlanGroupAndEntries(bos)
@@ -184,7 +180,10 @@ class DatabaseOutputKDB(private val mDatabaseKDB: DatabaseKDB,
         return header
     }
 
-    @Suppress("CAST_NEVER_SUCCEEDS")
+    class NullOutputStream : OutputStream() {
+        override fun write(oneByte: Int) {}
+    }
+
     @Throws(DatabaseOutputException::class)
     fun outputPlanGroupAndEntries(outputStream: OutputStream) {
 
diff --git a/encrypt/src/main/java/com/kunzisoft/encrypt/HashManager.kt b/encrypt/src/main/java/com/kunzisoft/encrypt/HashManager.kt
index 068b51269..ad3bb001e 100644
--- a/encrypt/src/main/java/com/kunzisoft/encrypt/HashManager.kt
+++ b/encrypt/src/main/java/com/kunzisoft/encrypt/HashManager.kt
@@ -19,9 +19,6 @@
  */
 package com.kunzisoft.encrypt
 
-import com.kunzisoft.encrypt.stream.NullOutputStream
-import java.io.IOException
-import java.security.DigestOutputStream
 import java.security.MessageDigest
 import java.security.NoSuchAlgorithmException
 
@@ -42,17 +39,7 @@ object HashManager {
         } catch (e: NoSuchAlgorithmException) {
             throw RuntimeException(e)
         }
-
-        val nos = NullOutputStream()
-        val dos = DigestOutputStream(nos, hash)
-
-        try {
-            dos.write(data, offset, count)
-            dos.close()
-        } catch (e: IOException) {
-            throw RuntimeException(e)
-        }
-
+        hash.update(data, offset, count)
         return hash.digest()
     }
 }
diff --git a/encrypt/src/main/java/com/kunzisoft/encrypt/stream/NullOutputStream.kt b/encrypt/src/main/java/com/kunzisoft/encrypt/stream/NullOutputStream.kt
deleted file mode 100644
index 1e149e756..000000000
--- a/encrypt/src/main/java/com/kunzisoft/encrypt/stream/NullOutputStream.kt
+++ /dev/null
@@ -1,51 +0,0 @@
-/*
- * Copyright 2017 Brian Pellin, Jeremy Jamet / Kunzisoft.
- *
- * This file is part of KeePassDX.
- *
- *  KeePassDX is free software: you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation, either version 3 of the License, or
- *  (at your option) any later version.
- *
- *  KeePassDX is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
- *
- *  You should have received a copy of the GNU General Public License
- *  along with KeePassDX.  If not, see <http://www.gnu.org/licenses/>.
- *
- */
-package com.kunzisoft.encrypt.stream
-
-import java.io.IOException
-import java.io.OutputStream
-
-class NullOutputStream : OutputStream() {
-
-    @Throws(IOException::class)
-    override fun close() {
-        super.close()
-    }
-
-    @Throws(IOException::class)
-    override fun flush() {
-        super.flush()
-    }
-
-    @Throws(IOException::class)
-    override fun write(buffer: ByteArray, offset: Int, count: Int) {
-        super.write(buffer, offset, count)
-    }
-
-    @Throws(IOException::class)
-    override fun write(buffer: ByteArray) {
-        super.write(buffer)
-    }
-
-    @Throws(IOException::class)
-    override fun write(oneByte: Int) {
-    }
-
-}