mirror of
https://github.com/oxen-io/session-android.git
synced 2024-12-25 01:07:47 +00:00
SHA256 attachment MACs.
This commit is contained in:
parent
f002072f38
commit
d4188c4a1c
@ -41,7 +41,7 @@ import java.util.Arrays;
|
|||||||
public class AttachmentCipher {
|
public class AttachmentCipher {
|
||||||
|
|
||||||
static final int CIPHER_KEY_SIZE = 32;
|
static final int CIPHER_KEY_SIZE = 32;
|
||||||
static final int MAC_KEY_SIZE = 20;
|
static final int MAC_KEY_SIZE = 32;
|
||||||
|
|
||||||
private final SecretKeySpec cipherKey;
|
private final SecretKeySpec cipherKey;
|
||||||
private final SecretKeySpec macKey;
|
private final SecretKeySpec macKey;
|
||||||
@ -58,7 +58,7 @@ public class AttachmentCipher {
|
|||||||
public AttachmentCipher(byte[] combinedKeyMaterial) {
|
public AttachmentCipher(byte[] combinedKeyMaterial) {
|
||||||
byte[][] parts = Util.split(combinedKeyMaterial, CIPHER_KEY_SIZE, MAC_KEY_SIZE);
|
byte[][] parts = Util.split(combinedKeyMaterial, CIPHER_KEY_SIZE, MAC_KEY_SIZE);
|
||||||
this.cipherKey = new SecretKeySpec(parts[0], "AES");
|
this.cipherKey = new SecretKeySpec(parts[0], "AES");
|
||||||
this.macKey = new SecretKeySpec(parts[1], "HmacSHA1");
|
this.macKey = new SecretKeySpec(parts[1], "HmacSHA256");
|
||||||
this.cipher = initializeCipher();
|
this.cipher = initializeCipher();
|
||||||
this.mac = initializeMac();
|
this.mac = initializeMac();
|
||||||
}
|
}
|
||||||
@ -123,7 +123,7 @@ public class AttachmentCipher {
|
|||||||
|
|
||||||
private Mac initializeMac() {
|
private Mac initializeMac() {
|
||||||
try {
|
try {
|
||||||
Mac mac = Mac.getInstance("HmacSHA1");
|
Mac mac = Mac.getInstance("HmacSHA256");
|
||||||
return mac;
|
return mac;
|
||||||
} catch (NoSuchAlgorithmException e) {
|
} catch (NoSuchAlgorithmException e) {
|
||||||
throw new AssertionError(e);
|
throw new AssertionError(e);
|
||||||
@ -150,7 +150,7 @@ public class AttachmentCipher {
|
|||||||
private SecretKeySpec initializeRandomMacKey() {
|
private SecretKeySpec initializeRandomMacKey() {
|
||||||
byte[] key = new byte[MAC_KEY_SIZE];
|
byte[] key = new byte[MAC_KEY_SIZE];
|
||||||
Util.getSecureRandom().nextBytes(key);
|
Util.getSecureRandom().nextBytes(key);
|
||||||
return new SecretKeySpec(key, "HmacSHA1");
|
return new SecretKeySpec(key, "HmacSHA256");
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -18,9 +18,17 @@ package org.whispersystems.textsecure.crypto;
|
|||||||
|
|
||||||
import android.util.Log;
|
import android.util.Log;
|
||||||
|
|
||||||
import org.whispersystems.textsecure.util.Hex;
|
|
||||||
import org.whispersystems.textsecure.util.Util;
|
import org.whispersystems.textsecure.util.Util;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
import java.io.FileInputStream;
|
||||||
|
import java.io.FileNotFoundException;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.security.InvalidAlgorithmParameterException;
|
||||||
|
import java.security.InvalidKeyException;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.util.Arrays;
|
||||||
|
|
||||||
import javax.crypto.BadPaddingException;
|
import javax.crypto.BadPaddingException;
|
||||||
import javax.crypto.Cipher;
|
import javax.crypto.Cipher;
|
||||||
import javax.crypto.IllegalBlockSizeException;
|
import javax.crypto.IllegalBlockSizeException;
|
||||||
@ -29,14 +37,6 @@ import javax.crypto.NoSuchPaddingException;
|
|||||||
import javax.crypto.ShortBufferException;
|
import javax.crypto.ShortBufferException;
|
||||||
import javax.crypto.spec.IvParameterSpec;
|
import javax.crypto.spec.IvParameterSpec;
|
||||||
import javax.crypto.spec.SecretKeySpec;
|
import javax.crypto.spec.SecretKeySpec;
|
||||||
import java.io.File;
|
|
||||||
import java.io.FileInputStream;
|
|
||||||
import java.io.FileNotFoundException;
|
|
||||||
import java.io.IOException;
|
|
||||||
import java.security.InvalidAlgorithmParameterException;
|
|
||||||
import java.security.InvalidKeyException;
|
|
||||||
import java.security.NoSuchAlgorithmException;
|
|
||||||
import java.util.Arrays;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Class for streaming an encrypted push attachment off disk.
|
* Class for streaming an encrypted push attachment off disk.
|
||||||
@ -63,8 +63,8 @@ public class AttachmentCipherInputStream extends FileInputStream {
|
|||||||
AttachmentCipher.CIPHER_KEY_SIZE,
|
AttachmentCipher.CIPHER_KEY_SIZE,
|
||||||
AttachmentCipher.MAC_KEY_SIZE);
|
AttachmentCipher.MAC_KEY_SIZE);
|
||||||
|
|
||||||
Mac mac = Mac.getInstance("HmacSHA1");
|
Mac mac = Mac.getInstance("HmacSHA256");
|
||||||
mac.init(new SecretKeySpec(parts[1], "HmacSHA1"));
|
mac.init(new SecretKeySpec(parts[1], "HmacSHA256"));
|
||||||
|
|
||||||
if (file.length() <= BLOCK_SIZE + mac.getMacLength()) {
|
if (file.length() <= BLOCK_SIZE + mac.getMacLength()) {
|
||||||
throw new InvalidMessageException("Message shorter than crypto overhead!");
|
throw new InvalidMessageException("Message shorter than crypto overhead!");
|
||||||
|
@ -37,7 +37,7 @@ public class PushDownloader {
|
|||||||
}
|
}
|
||||||
|
|
||||||
public void process(MasterSecret masterSecret, Intent intent) {
|
public void process(MasterSecret masterSecret, Intent intent) {
|
||||||
if (!intent.getAction().equals(SendReceiveService.DOWNLOAD_PUSH_ACTION))
|
if (!SendReceiveService.DOWNLOAD_PUSH_ACTION.equals(intent.getAction()))
|
||||||
return;
|
return;
|
||||||
|
|
||||||
long messageId = intent.getLongExtra("message_id", -1);
|
long messageId = intent.getLongExtra("message_id", -1);
|
||||||
|
Loading…
x
Reference in New Issue
Block a user