feat: Improve logging for image and avatar downloads with detailed status updates
This commit is contained in:
@@ -528,10 +528,106 @@ object MessageCrypto {
|
||||
): String? {
|
||||
return try {
|
||||
android.util.Log.d("MessageCrypto", "🔐 decryptAttachmentBlobWithPlainKey(bytes): data length=${encryptedData.length}, key=${chachaKeyPlain.size} bytes")
|
||||
android.util.Log.d("MessageCrypto", "🔑 Raw key bytes hex: ${chachaKeyPlain.toHex()}")
|
||||
|
||||
// Конвертируем байты в UTF-8 строку как Desktop: Buffer.toString('utf-8')
|
||||
val password = bytesToJsUtf8String(chachaKeyPlain)
|
||||
decryptAttachmentBlobWithPassword(encryptedData, password)
|
||||
// Desktop использует key.toString('binary') → encrypt → decrypt → toString('utf-8') → PBKDF2
|
||||
// Это эквивалентно: raw bytes → Latin1 string → UTF-8 encode → шифрование →
|
||||
// расшифровка → UTF-8 decode → опять UTF-8 для PBKDF2
|
||||
//
|
||||
// Но crypto-js PBKDF2 принимает string и делает UTF-8 encode для получения password bytes
|
||||
// Desktop: PBKDF2(string) → внутри делает UTF-8 encode этой string → использует эти bytes
|
||||
//
|
||||
// КРИТИЧНО: Desktop сохраняет chachaDecryptedKey.toString('utf-8') в БД
|
||||
// И потом использует ЭТУ СТРОКУ напрямую как password для PBKDF2!
|
||||
//
|
||||
// Пробуем РАЗНЫЕ варианты и логируем результат
|
||||
|
||||
// Вариант 1: UTF-8 decode (как Node.js Buffer.toString('utf-8'))
|
||||
val password1 = bytesToJsUtf8String(chachaKeyPlain)
|
||||
val passwordBytes1 = password1.toByteArray(Charsets.UTF_8)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V1 (UTF-8 decode → string → UTF-8 encode): ${passwordBytes1.size} bytes")
|
||||
android.util.Log.d("MessageCrypto", "🔑 V1 hex: ${passwordBytes1.toHex().take(60)}...")
|
||||
|
||||
// Вариант 2: Latin1 decode (каждый byte = char 0-255)
|
||||
val password2 = String(chachaKeyPlain, Charsets.ISO_8859_1)
|
||||
val passwordBytes2 = password2.toByteArray(Charsets.UTF_8)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V2 (Latin1 → string → UTF-8 encode): ${passwordBytes2.size} bytes")
|
||||
android.util.Log.d("MessageCrypto", "🔑 V2 hex: ${passwordBytes2.toHex().take(60)}...")
|
||||
|
||||
// Вариант 3: Raw bytes напрямую (без string conversion)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V3 (raw bytes): ${chachaKeyPlain.size} bytes")
|
||||
android.util.Log.d("MessageCrypto", "🔑 V3 hex: ${chachaKeyPlain.toHex().take(60)}...")
|
||||
|
||||
// Пробуем расшифровать с КАЖДЫМ вариантом
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V1 (UTF-8 roundtrip)...")
|
||||
val pbkdf2Key1 = generatePBKDF2Key(password1)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V1 PBKDF2 key: ${pbkdf2Key1.toHex()}")
|
||||
val result1 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key1)
|
||||
if (result1 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V1 SUCCESS!")
|
||||
return result1
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V1 failed")
|
||||
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V2 (Latin1 → UTF-8)...")
|
||||
val pbkdf2Key2 = generatePBKDF2Key(password2)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V2 PBKDF2 key: ${pbkdf2Key2.toHex()}")
|
||||
val result2 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key2)
|
||||
if (result2 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V2 SUCCESS!")
|
||||
return result2
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V2 failed")
|
||||
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V3 (raw bytes for PBKDF2)...")
|
||||
val pbkdf2Key3 = generatePBKDF2KeyFromBytes(chachaKeyPlain)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V3 PBKDF2 key: ${pbkdf2Key3.toHex()}")
|
||||
val result3 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key3)
|
||||
if (result3 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V3 SUCCESS!")
|
||||
return result3
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V3 failed")
|
||||
|
||||
// V4: Стандартный Java PBKDF2 (PBEKeySpec с char[]) - для совместимости с Android encryptReplyBlob
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V4 (Java SecretKeyFactory with Latin1 password)...")
|
||||
val pbkdf2Key4 = generatePBKDF2KeyJava(password2)
|
||||
val result4 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key4)
|
||||
if (result4 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V4 SUCCESS!")
|
||||
return result4
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V4 failed")
|
||||
|
||||
// V5: Стандартный Java PBKDF2 с UTF-8 password
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V5 (Java SecretKeyFactory with UTF-8 password)...")
|
||||
val pbkdf2Key5 = generatePBKDF2KeyJava(password1)
|
||||
val result5 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key5)
|
||||
if (result5 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V5 SUCCESS!")
|
||||
return result5
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V5 failed")
|
||||
|
||||
// V6: Java CharsetDecoder with REPLACE для UTF-8 (может отличаться от bytesToJsUtf8String)
|
||||
android.util.Log.d("MessageCrypto", "🔓 Trying V6 (Java CharsetDecoder REPLACE)...")
|
||||
val decoder = java.nio.charset.StandardCharsets.UTF_8.newDecoder()
|
||||
decoder.onMalformedInput(java.nio.charset.CodingErrorAction.REPLACE)
|
||||
decoder.onUnmappableCharacter(java.nio.charset.CodingErrorAction.REPLACE)
|
||||
val password6 = decoder.decode(java.nio.ByteBuffer.wrap(chachaKeyPlain)).toString()
|
||||
val passwordBytes6 = password6.toByteArray(Charsets.UTF_8)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V6 password bytes: ${passwordBytes6.size}, hex: ${passwordBytes6.toHex().take(60)}...")
|
||||
val pbkdf2Key6 = generatePBKDF2Key(password6)
|
||||
android.util.Log.d("MessageCrypto", "🔑 V6 PBKDF2 key: ${pbkdf2Key6.toHex()}")
|
||||
val result6 = decryptWithPBKDF2Key(encryptedData, pbkdf2Key6)
|
||||
if (result6 != null) {
|
||||
android.util.Log.d("MessageCrypto", "✅ V6 SUCCESS!")
|
||||
return result6
|
||||
}
|
||||
android.util.Log.d("MessageCrypto", "❌ V6 failed")
|
||||
|
||||
android.util.Log.d("MessageCrypto", "❌ All variants failed!")
|
||||
null
|
||||
} catch (e: Exception) {
|
||||
android.util.Log.e("MessageCrypto", "❌ decryptAttachmentBlobWithPlainKey failed: ${e.message}", e)
|
||||
null
|
||||
@@ -603,8 +699,8 @@ object MessageCrypto {
|
||||
}
|
||||
|
||||
/**
|
||||
* Генерация PBKDF2 ключа (совместимо с crypto-js / RN)
|
||||
* ВАЖНО: crypto-js использует PBKDF2WithHmacSHA1 по умолчанию!
|
||||
* Генерация PBKDF2 ключа (совместимо с crypto-js)
|
||||
* ВАЖНО: crypto-js использует PBKDF2 с SHA256 по умолчанию (НЕ SHA1!)
|
||||
*
|
||||
* КРИТИЧНО: crypto-js конвертирует password через UTF-8 encoding,
|
||||
* но PBEKeySpec в Java использует UTF-16! Поэтому используем ручную реализацию.
|
||||
@@ -612,12 +708,18 @@ object MessageCrypto {
|
||||
private fun generatePBKDF2Key(password: String, salt: String = "rosetta", iterations: Int = 1000): ByteArray {
|
||||
// Crypto-js: WordArray.create(password) использует UTF-8
|
||||
val passwordBytes = password.toByteArray(Charsets.UTF_8)
|
||||
val saltBytes = salt.toByteArray(Charsets.UTF_8)
|
||||
|
||||
// PBKDF2-HMAC-SHA1 ручная реализация для совместимости с crypto-js
|
||||
return generatePBKDF2KeyFromBytes(passwordBytes, salt.toByteArray(Charsets.UTF_8), iterations)
|
||||
}
|
||||
|
||||
/**
|
||||
* Генерация PBKDF2 ключа из raw bytes (без string conversion)
|
||||
*/
|
||||
private fun generatePBKDF2KeyFromBytes(passwordBytes: ByteArray, saltBytes: ByteArray = "rosetta".toByteArray(Charsets.UTF_8), iterations: Int = 1000): ByteArray {
|
||||
// PBKDF2-HMAC-SHA256 ручная реализация для совместимости с crypto-js
|
||||
// ВАЖНО: crypto-js PBKDF2 по умолчанию использует SHA256, НЕ SHA1!
|
||||
val keyLength = 32 // 256 bits
|
||||
val mac = javax.crypto.Mac.getInstance("HmacSHA1")
|
||||
val keySpec = javax.crypto.spec.SecretKeySpec(passwordBytes, "HmacSHA1")
|
||||
val mac = javax.crypto.Mac.getInstance("HmacSHA256")
|
||||
val keySpec = javax.crypto.spec.SecretKeySpec(passwordBytes, "HmacSHA256")
|
||||
mac.init(keySpec)
|
||||
|
||||
// PBKDF2 алгоритм
|
||||
@@ -639,6 +741,22 @@ object MessageCrypto {
|
||||
return derivedKey
|
||||
}
|
||||
|
||||
/**
|
||||
* Генерация PBKDF2 ключа через стандартный Java SecretKeyFactory
|
||||
* Это работает по-другому - использует char[] и UTF-16 encoding!
|
||||
* Используем SHA256 для совместимости с crypto-js
|
||||
*/
|
||||
private fun generatePBKDF2KeyJava(password: String): ByteArray {
|
||||
val factory = javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256")
|
||||
val spec = javax.crypto.spec.PBEKeySpec(
|
||||
password.toCharArray(),
|
||||
"rosetta".toByteArray(Charsets.UTF_8),
|
||||
1000,
|
||||
256
|
||||
)
|
||||
return factory.generateSecret(spec).encoded
|
||||
}
|
||||
|
||||
/**
|
||||
* PBKDF2 block функция (для совместимости с crypto-js)
|
||||
*/
|
||||
@@ -745,8 +863,8 @@ object MessageCrypto {
|
||||
deflater.end()
|
||||
val compressed = compressedBuffer.copyOf(compressedSize)
|
||||
|
||||
// PBKDF2 key derivation (matching RN: crypto.PBKDF2(password, 'rosetta', {keySize: 256/32, iterations: 1000}))
|
||||
// CRITICAL: Must use SHA256 to match React Native (not SHA1!)
|
||||
// PBKDF2 key derivation (matching crypto-js: crypto.PBKDF2(password, 'rosetta', {keySize: 256/32, iterations: 1000}))
|
||||
// CRITICAL: crypto-js PBKDF2 uses SHA256 by default (NOT SHA1!)
|
||||
val factory = javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256")
|
||||
val spec = javax.crypto.spec.PBEKeySpec(
|
||||
password.toCharArray(),
|
||||
@@ -967,8 +1085,8 @@ object MessageCrypto {
|
||||
val password = bytesToJsUtf8String(plainKeyAndNonce)
|
||||
|
||||
// PBKDF2 key derivation
|
||||
// CRITICAL: Must use SHA256 to match React Native (not SHA1!)
|
||||
val factory = javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256")
|
||||
// CRITICAL: Must use SHA1 to match Desktop crypto-js (not SHA256!)
|
||||
val factory = javax.crypto.SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1")
|
||||
val spec = javax.crypto.spec.PBEKeySpec(
|
||||
password.toCharArray(),
|
||||
"rosetta".toByteArray(Charsets.UTF_8),
|
||||
|
||||
Reference in New Issue
Block a user