mirrors/cryptomator
1
0
Fork 0
mirror of https://github.com/cryptomator/cryptomator.git synced 2026-05-29 16:10:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Using hmac_sha256(key, plaintext) instead of sha256(key || plaintext) for IV generation during filename encryption. Still references #7

Browse Source
This commit is contained in:
Sebastian Stenzel
2014-12-31 11:06:56 +01:00
parent 9fe135ef0f
commit 1a076d9c1b
1 changed files with 10 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
main/crypto-aes/src/main/java/org/cryptomator/crypto/aes256/Aes256Cryptor.java
View File

@@ -19,7 +19,6 @@ import java.nio.file.DirectoryStream.Filter;
import java.nio.file.Path;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
@@ -37,6 +36,7 @@ import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
@@ -291,12 +291,16 @@ public class Aes256Cryptor extends AbstractCryptor implements AesCryptographicCo
return crc32.getValue();
}
private byte[] sha256(byte[] data) {
private byte[] hmacSha256(byte[] key, byte[] data) {
try {
final MessageDigest md = MessageDigest.getInstance("SHA-256");
return md.digest(data);
final SecretKeySpec secretKey = new SecretKeySpec(key, "HmacSHA256");
final Mac mac = Mac.getInstance("HmacSHA256");
mac.init(secretKey);
return mac.doFinal(data);
} catch (NoSuchAlgorithmException e) {
throw new AssertionError("Every implementation of the Java platform is required to support SHA-256.", e);
throw new AssertionError("Every implementation of the Java platform is required to support HmacSHA256.", e);
} catch (InvalidKeyException e) {
throw new IllegalArgumentException("Invalid key", e);
}
}
@@ -332,7 +336,7 @@ public class Aes256Cryptor extends AbstractCryptor implements AesCryptographicCo
* {@link FileNamingConventions#LONG_NAME_FILE_EXT}.
*/
private String encryptPathComponent(final String cleartext, final SecretKey key, CryptorIOSupport ioSupport) throws IllegalBlockSizeException, BadPaddingException, IOException {
final byte[] mac = sha256(ArrayUtils.addAll(secondaryKey, cleartext.getBytes()));
final byte[] mac = hmacSha256(secondaryKey, cleartext.getBytes());
final byte[] partialIv = ArrayUtils.subarray(mac, 0, 10);
final ByteBuffer iv = ByteBuffer.allocate(AES_BLOCK_LENGTH);
iv.put(partialIv);