001/**
002 *
003 * Copyright 2020 Paul Schaub
004 *
005 * Licensed under the Apache License, Version 2.0 (the "License");
006 * you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 *     http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.jivesoftware.smackx.stanza_content_encryption.element;
018
019import java.util.ArrayList;
020import java.util.Arrays;
021import java.util.Collections;
022import java.util.Date;
023import java.util.HashSet;
024import java.util.List;
025import java.util.Set;
026import javax.xml.namespace.QName;
027
028import org.jivesoftware.smack.packet.ExtensionElement;
029import org.jivesoftware.smack.packet.XmlEnvironment;
030import org.jivesoftware.smack.util.Objects;
031import org.jivesoftware.smack.util.XmlStringBuilder;
032import org.jivesoftware.smackx.address.packet.MultipleAddresses;
033import org.jivesoftware.smackx.hints.element.MessageProcessingHint;
034import org.jivesoftware.smackx.sid.element.StanzaIdElement;
035
036import org.jxmpp.jid.Jid;
037
038/**
039 * Extension element that holds the payload element, as well as a list of affix elements.
040 * In SCE, the XML representation of this element is what will be encrypted using the encryption mechanism of choice.
041 */
042public class ContentElement implements ExtensionElement {
043
044    private static final String NAMESPACE_UNVERSIONED = "urn:xmpp:sce";
045    public static final String NAMESPACE_0 = NAMESPACE_UNVERSIONED + ":0";
046    public static final String NAMESPACE = NAMESPACE_0;
047    public static final String ELEMENT = "content";
048    public static final QName QNAME = new QName(NAMESPACE, ELEMENT);
049
050    private final PayloadElement payload;
051    private final List<AffixElement> affixElements;
052
053    ContentElement(PayloadElement payload, List<AffixElement> affixElements) {
054        this.payload = payload;
055        this.affixElements = Collections.unmodifiableList(affixElements);
056    }
057
058    /**
059     * Return the {@link PayloadElement} which holds the sensitive payload extensions.
060     *
061     * @return payload element
062     */
063    public PayloadElement getPayload() {
064        return payload;
065    }
066
067    /**
068     * Return a list of affix elements.
069     * Those are elements that need to be verified upon reception by the encryption mechanisms implementation.
070     *
071     * @see <a href="https://xmpp.org/extensions/xep-0420.html#affix_elements">
072     *     XEP-0420: Stanza Content Encryption - §4. Affix Elements</a>
073     *
074     * @return list of affix elements
075     */
076    public List<AffixElement> getAffixElements() {
077        return affixElements;
078    }
079
080    @Override
081    public String getNamespace() {
082        return NAMESPACE;
083    }
084
085    @Override
086    public String getElementName() {
087        return ELEMENT;
088    }
089
090    @Override
091    public XmlStringBuilder toXML(XmlEnvironment xmlEnvironment) {
092        XmlStringBuilder xml = new XmlStringBuilder(this).rightAngleBracket();
093        xml.append(affixElements);
094        xml.append(payload);
095        return xml.closeElement(this);
096    }
097
098    @Override
099    public QName getQName() {
100        return QNAME;
101    }
102
103    /**
104     * Return a {@link Builder} that can be used to build the {@link ContentElement}.
105     * @return builder
106     */
107    public static Builder builder() {
108        return new Builder();
109    }
110
111    public static final class Builder {
112        private static final Set<String> BLACKLISTED_NAMESPACES = Collections.singleton(MessageProcessingHint.NAMESPACE);
113        private static final Set<QName> BLACKLISTED_QNAMES = Collections.unmodifiableSet(new HashSet<>(Arrays.asList(
114                StanzaIdElement.QNAME,
115                MultipleAddresses.QNAME
116        )));
117
118        private FromAffixElement from = null;
119        private TimestampAffixElement timestamp = null;
120        private RandomPaddingAffixElement rpad = null;
121
122        private final List<AffixElement> otherAffixElements = new ArrayList<>();
123        private final List<ExtensionElement> payloadItems = new ArrayList<>();
124
125        private Builder() {
126
127        }
128
129        /**
130         * Add an affix element of type 'to' which addresses one recipient.
131         * The jid in the 'to' element SHOULD be a bare jid.
132         *
133         * @param jid jid
134         * @return builder
135         */
136        public Builder addTo(Jid jid) {
137            return addTo(new ToAffixElement(jid));
138        }
139
140        /**
141         * Add an affix element of type 'to' which addresses one recipient.
142         *
143         * @param to affix element
144         * @return builder
145         */
146        public Builder addTo(ToAffixElement to) {
147            this.otherAffixElements.add(Objects.requireNonNull(to, "'to' affix element MUST NOT be null."));
148            return this;
149        }
150
151        /**
152         * Set the senders jid as a 'from' affix element.
153         *
154         * @param jid jid of the sender
155         * @return builder
156         */
157        public Builder setFrom(Jid jid) {
158            return setFrom(new FromAffixElement(jid));
159        }
160
161        /**
162         * Set the senders jid as a 'from' affix element.
163         *
164         * @param from affix element
165         * @return builder
166         */
167        public Builder setFrom(FromAffixElement from) {
168            this.from = Objects.requireNonNull(from, "'form' affix element MUST NOT be null.");
169            return this;
170        }
171
172        /**
173         * Set the given date as a 'time' affix element.
174         *
175         * @param date timestamp as date
176         * @return builder
177         */
178        public Builder setTimestamp(Date date) {
179            return setTimestamp(new TimestampAffixElement(date));
180        }
181
182        /**
183         * Set the timestamp of the message as a 'time' affix element.
184         *
185         * @param timestamp timestamp affix element
186         * @return builder
187         */
188        public Builder setTimestamp(TimestampAffixElement timestamp) {
189            this.timestamp = Objects.requireNonNull(timestamp, "'time' affix element MUST NOT be null.");
190            return this;
191        }
192
193        /**
194         * Set some random length random content padding.
195         *
196         * @return builder
197         */
198        public Builder setRandomPadding() {
199            this.rpad = new RandomPaddingAffixElement();
200            return this;
201        }
202
203        /**
204         * Set the given string as padding.
205         * The padding should be of length between 1 and 200 characters.
206         *
207         * @param padding padding string
208         * @return builder
209         */
210        public Builder setRandomPadding(String padding) {
211            return setRandomPadding(new RandomPaddingAffixElement(padding));
212        }
213
214        /**
215         * Set a padding affix element.
216         *
217         * @param padding affix element
218         * @return builder
219         */
220        public Builder setRandomPadding(RandomPaddingAffixElement padding) {
221            this.rpad = Objects.requireNonNull(padding, "'rpad' affix element MUST NOT be empty.");
222            return this;
223        }
224
225        /**
226         * Add an additional, SCE profile specific affix element.
227         *
228         * @param customAffixElement additional affix element
229         * @return builder
230         */
231        public Builder addFurtherAffixElement(AffixElement customAffixElement) {
232            this.otherAffixElements.add(Objects.requireNonNull(customAffixElement,
233                    "Custom affix element MUST NOT be null."));
234            return this;
235        }
236
237        /**
238         * Add a payload item as child element of the payload element.
239         * There are some items that are not allowed as payload.
240         * Adding those will throw an exception.
241         *
242         * @see <a href="https://xmpp.org/extensions/xep-0420.html#server-processed">
243         *     XEP-0420: Stanza Content Encryption - §9. Server-processed Elements</a>
244         *
245         * @param payloadItem extension element
246         * @return builder
247         * @throws IllegalArgumentException in case an extension element from the blacklist is added.
248         */
249        public Builder addPayloadItem(ExtensionElement payloadItem) {
250            Objects.requireNonNull(payloadItem, "Payload item MUST NOT be null.");
251            this.payloadItems.add(checkForIllegalPayloadsAndPossiblyThrow(payloadItem));
252            return this;
253        }
254
255        /**
256         * Construct a content element from this builder.
257         *
258         * @return content element
259         */
260        public ContentElement build() {
261            List<AffixElement> allAffixElements = collectAffixElements();
262            PayloadElement payloadElement = new PayloadElement(payloadItems);
263            return new ContentElement(payloadElement, allAffixElements);
264        }
265
266        private static ExtensionElement checkForIllegalPayloadsAndPossiblyThrow(ExtensionElement payloadItem) {
267            QName qName = payloadItem.getQName();
268            if (BLACKLISTED_QNAMES.contains(qName)) {
269                throw new IllegalArgumentException("Element identified by " + qName +
270                        " is not allowed as payload item. See https://xmpp.org/extensions/xep-0420.html#server-processed");
271            }
272
273            String namespace = payloadItem.getNamespace();
274            if (BLACKLISTED_NAMESPACES.contains(namespace)) {
275                throw new IllegalArgumentException("Elements of namespace '" + namespace +
276                        "' are not allowed as payload items. See https://xmpp.org/extensions/xep-0420.html#server-processed");
277            }
278
279            return payloadItem;
280        }
281
282        private List<AffixElement> collectAffixElements() {
283            List<AffixElement> allAffixElements = new ArrayList<>(Arrays.asList(rpad, from, timestamp));
284            allAffixElements.addAll(otherAffixElements);
285            return allAffixElements;
286        }
287    }
288}