SHA256 attachment MACs.

This commit is contained in:
Moxie Marlinspike 2013-12-01 18:00:12 -08:00
parent f002072f38
commit d4188c4a1c
3 changed files with 16 additions and 16 deletions

View File

@ -41,7 +41,7 @@ import java.util.Arrays;
public class AttachmentCipher {
static final int CIPHER_KEY_SIZE = 32;
static final int MAC_KEY_SIZE = 20;
static final int MAC_KEY_SIZE = 32;
private final SecretKeySpec cipherKey;
private final SecretKeySpec macKey;
@ -58,7 +58,7 @@ public class AttachmentCipher {
public AttachmentCipher(byte[] combinedKeyMaterial) {
byte[][] parts = Util.split(combinedKeyMaterial, CIPHER_KEY_SIZE, MAC_KEY_SIZE);
this.cipherKey = new SecretKeySpec(parts[0], "AES");
this.macKey = new SecretKeySpec(parts[1], "HmacSHA1");
this.macKey = new SecretKeySpec(parts[1], "HmacSHA256");
this.cipher = initializeCipher();
this.mac = initializeMac();
}
@ -123,7 +123,7 @@ public class AttachmentCipher {
private Mac initializeMac() {
try {
Mac mac = Mac.getInstance("HmacSHA1");
Mac mac = Mac.getInstance("HmacSHA256");
return mac;
} catch (NoSuchAlgorithmException e) {
throw new AssertionError(e);
@ -150,7 +150,7 @@ public class AttachmentCipher {
private SecretKeySpec initializeRandomMacKey() {
byte[] key = new byte[MAC_KEY_SIZE];
Util.getSecureRandom().nextBytes(key);
return new SecretKeySpec(key, "HmacSHA1");
return new SecretKeySpec(key, "HmacSHA256");
}
}

View File

@ -18,9 +18,17 @@ package org.whispersystems.textsecure.crypto;
import android.util.Log;
import org.whispersystems.textsecure.util.Hex;
import org.whispersystems.textsecure.util.Util;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
@ -29,14 +37,6 @@ import javax.crypto.NoSuchPaddingException;
import javax.crypto.ShortBufferException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
/**
* Class for streaming an encrypted push attachment off disk.
@ -63,8 +63,8 @@ public class AttachmentCipherInputStream extends FileInputStream {
AttachmentCipher.CIPHER_KEY_SIZE,
AttachmentCipher.MAC_KEY_SIZE);
Mac mac = Mac.getInstance("HmacSHA1");
mac.init(new SecretKeySpec(parts[1], "HmacSHA1"));
Mac mac = Mac.getInstance("HmacSHA256");
mac.init(new SecretKeySpec(parts[1], "HmacSHA256"));
if (file.length() <= BLOCK_SIZE + mac.getMacLength()) {
throw new InvalidMessageException("Message shorter than crypto overhead!");

View File

@ -37,7 +37,7 @@ public class PushDownloader {
}
public void process(MasterSecret masterSecret, Intent intent) {
if (!intent.getAction().equals(SendReceiveService.DOWNLOAD_PUSH_ACTION))
if (!SendReceiveService.DOWNLOAD_PUSH_ACTION.equals(intent.getAction()))
return;
long messageId = intent.getLongExtra("message_id", -1);