fix(end-to-encryption): verify metadata by alperozturk96 · Pull Request #16916 · nextcloud/android

alperozturk96 · 2026-04-27T13:10:59Z

Uses same verification logic just like iOS, Desktop
Adds tests

github-actions · 2026-04-27T13:20:29Z

APK file: https://github.com/nextcloud/android/actions/runs/24997113741/artifacts/6661594771
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
(please click on link to get QR code displayed)

alperozturk96 · 2026-04-27T14:21:04Z

+    jbyteArray messageDataArray,
+    jobjectArray certPemArray
+) {
+    jsize cmsLen = env->GetArrayLength(cmsDataArray);


@marinofaggiana @mgallien

Used for https://github.com/nextcloud/end_to_end_encryption_rfc/blob/e185645eb5fd0849f49e308f006b194772cc3002/RFC.md#verifying-the-metadata

due to BouncyCastle's issue with BER encoded CMSSignedData.

Uses iOS logic.

github-actions · 2026-04-29T07:27:24Z

APK file: https://github.com/nextcloud/android/actions/runs/25095810422/artifacts/6701744316
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
(please click on link to get QR code displayed)

github-actions · 2026-04-29T13:13:49Z

APK file: https://github.com/nextcloud/android/actions/runs/25109632977/artifacts/6707963283
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
(please click on link to get QR code displayed)

alperozturk96 · 2026-04-30T08:44:06Z

/backport to stable-33.1.x

Signed-off-by: alperozturk96 <alper_ozturk@proton.me> # Conflicts: # app/.gitignore # app/build.gradle.kts # ndk.env

Signed-off-by: alperozturk96 <alper_ozturk@proton.me>

github-actions · 2026-04-30T13:43:15Z

blue-Light-Screenshot test failed, but no output was generated. Maybe a preliminary stage failed.

github-actions · 2026-04-30T13:49:25Z

Codacy

SpotBugs

Category	Base	New
Bad practice	35	35
Correctness	67	67
Dodgy code	216	216
Experimental	1	1
Internationalization	7	7
Malicious code vulnerability	2	2
Multithreaded correctness	34	34
Performance	42	42
Security	16	16
Total	420	420

github-actions · 2026-04-30T13:58:36Z

APK file: https://github.com/nextcloud/android/actions/runs/25168091679/artifacts/6731770815
To test this change/fix you can simply download above APK file and install and test it in parallel to your existing Nextcloud app.
(please click on link to get QR code displayed)

alperozturk96 mentioned this pull request Apr 27, 2026

improve end-to-end encryption verifications #16905

Closed

alperozturk96 requested a review from mgallien April 27, 2026 14:19

alperozturk96 commented Apr 27, 2026

View reviewed changes

alperozturk96 requested a review from marinofaggiana April 27, 2026 14:21

alperozturk96 commented Apr 27, 2026

View reviewed changes

Comment thread ndk.env Outdated

alperozturk96 force-pushed the fix/e2ee-verify-metadata branch from bef16e3 to 263888e Compare April 29, 2026 07:13

alperozturk96 force-pushed the fix/e2ee-verify-metadata branch 2 times, most recently from 421ab4d to 77e3efb Compare April 29, 2026 12:46

backportbot Bot added the backport-request label Apr 30, 2026

alperozturk96 force-pushed the fix/e2ee-verify-metadata branch from 77e3efb to 9f12a6e Compare April 30, 2026 13:10

alperozturk96 added the 3. to review label Apr 30, 2026

alperozturk96 requested a review from tobiasKaminsky April 30, 2026 13:19

alperozturk96 added 5 commits April 30, 2026 15:27

fix(end-to-encryption): verify metadata

6e369e7

Signed-off-by: alperozturk96 <alper_ozturk@proton.me> # Conflicts: # app/.gitignore # app/build.gradle.kts # ndk.env

add tests

2c5637e

Signed-off-by: alperozturk96 <alper_ozturk@proton.me>

add tests

99cda0a

Signed-off-by: alperozturk96 <alper_ozturk@proton.me>

add tests

df617bb

Signed-off-by: alperozturk96 <alper_ozturk@proton.me>

add fallback

8bccac7

Signed-off-by: alperozturk96 <alper_ozturk@proton.me>

alperozturk96 force-pushed the fix/e2ee-verify-metadata branch from c103b49 to 8bccac7 Compare April 30, 2026 13:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(end-to-encryption): verify metadata#16916

fix(end-to-encryption): verify metadata#16916
alperozturk96 wants to merge 5 commits intomasterfrom
fix/e2ee-verify-metadata

alperozturk96 commented Apr 27, 2026 •

edited

Loading

Uh oh!

github-actions Bot commented Apr 27, 2026

Uh oh!

alperozturk96 Apr 27, 2026

Uh oh!

Uh oh!

github-actions Bot commented Apr 29, 2026

Uh oh!

github-actions Bot commented Apr 29, 2026

Uh oh!

alperozturk96 commented Apr 30, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

alperozturk96 commented Apr 27, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

github-actions Bot commented Apr 27, 2026

Uh oh!

alperozturk96 Apr 27, 2026

Choose a reason for hiding this comment

Uh oh!

Uh oh!

github-actions Bot commented Apr 29, 2026

Uh oh!

github-actions Bot commented Apr 29, 2026

Uh oh!

alperozturk96 commented Apr 30, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

github-actions Bot commented Apr 30, 2026

Codacy

SpotBugs

Uh oh!

github-actions Bot commented Apr 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

alperozturk96 commented Apr 27, 2026 •

edited

Loading