Fix: Ensure files are encrypted correctly (#5)

common/src/commonMain/kotlin/de/hsaalen/cmt/crypto/CryptoExtensions.kt

@@ -27,7 +27,15 @@ fun Sequence<String>.decrypt(secureRandomizedPadding: Boolean = true): Sequence<
  * @param secureRandomizedPadding - Generates different output for same input, which is more secure. Enabled by default.
  */
 fun decrypt(encrypted: String, secureRandomizedPadding: Boolean = true): String =
-    decrypt(encrypted.fromBase64(), Session.personalKey, secureRandomizedPadding).decodeToString()
+    decrypt(encrypted.fromBase64(), secureRandomizedPadding).decodeToString()
+
+/**
+ * Decrypt [ByteArray]'s using users personal session key.
+ *
+ * @param secureRandomizedPadding - Generates different output for same input, which is more secure. Enabled by default.
+ */
+fun decrypt(encryptedData: ByteArray, secureRandomizedPadding: Boolean = true): ByteArray =
+    decrypt(encryptedData, Session.personalKey, secureRandomizedPadding)
 
 /**
  * Encrypt [List] of [String]'s using users personal session key.
@@ -51,4 +59,12 @@ fun Sequence<String>.encrypt(secureRandomizedPadding: Boolean = true): Sequence<
  * @param secureRandomizedPadding - Generates different output for same input, which is more secure. Enabled by default.
  */
 fun encrypt(plainText: String, secureRandomizedPadding: Boolean = true): String =
-    encrypt(plainText.encodeToByteArray(), Session.personalKey, secureRandomizedPadding).toBase64()
+    encrypt(plainText.encodeToByteArray(), secureRandomizedPadding).toBase64()
+
+/**
+ * Encrypt [ByteArray]'s using users personal session key.
+ *
+ * @param secureRandomizedPadding - Generates different output for same input, which is more secure. Enabled by default.
+ */
+fun encrypt(plainData: ByteArray, secureRandomizedPadding: Boolean = true): ByteArray =
+    encrypt(plainData, Session.personalKey, secureRandomizedPadding)

common/src/commonMain/kotlin/de/hsaalen/cmt/network/requests/FileRepositoryImpl.kt

@@ -1,5 +1,7 @@
 package de.hsaalen.cmt.network.requests
 
+import de.hsaalen.cmt.crypto.decrypt
+import de.hsaalen.cmt.crypto.encrypt
 import de.hsaalen.cmt.network.apiPathDownloadFile
 import de.hsaalen.cmt.network.apiPathUploadFile
 import de.hsaalen.cmt.network.dto.objects.UUID
@@ -16,28 +18,23 @@ internal interface FileRepositoryImpl : ClientSupport, FileRepository {
      * Download the reference content by a specific [UUID].
      */
     override suspend fun download(uuid: UUID): ByteArray {
-        // TODO: remove rSocket code & decrypt data
-//        val payload = RequestReferenceDto(uuid).encrypt().buildPayload()
-//        val stream = Session.instance?.rSocket?.requestStream(payload) ?: error("Not in session")
-//        return stream.map { it.decodeProtobufData<FilePartDto>().decrypt().bytes }
         val url = Url("$apiEndpoint$apiPathDownloadFile/$uuid")
-        return Client.request(url) {
+        val encryptedContent: ByteArray = Client.request(url) {
             method = HttpMethod.Get
         }
+        return decrypt(encryptedContent)
     }
 
     /**
      * Upload or overwrite the reference content by a specific [UUID].
      */
     override suspend fun upload(uuid: UUID, content: ByteArray) {
         val url = Url("$apiEndpoint$apiPathUploadFile/$uuid")
+        val encryptedContent = encrypt(content)
         return Client.request(url) {
             method = HttpMethod.Post
-            body = content
+            headers.remove(HttpHeaders.ContentType) // Prevent JSON header
+            body = encryptedContent
         }
-// TODO: remove rSocket code & encrypt data before sending
-//        val initPayload = RequestReferenceDto(uuid).encrypt().buildPayload()
-//        val stream = contentStream.map { FilePartDto(it).encrypt().buildPayload() }
-//        Session.instance?.rSocket?.requestChannel(initPayload, stream) ?: error("Not in session")
     }
 }