Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-17 05:09:53 +01:00
Code Issues Projects Releases Wiki Activity

Removed bundle encryption.

Browse Source 
Android doesn't currently store bundles persistently, so it's premature
to protect against accidental information leaks through persistent
bundle storage. Protecting against deliberate information leaks by the
OS is probably futile, so there's currently no need for bundle
encryption.
This commit is contained in:
akwizgran
2013-04-30 15:05:23 +01:00
parent 1d610209d0
commit d5720c085f
31 changed files with 155 additions and 377 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
briar-core/src/net/sf/briar/crypto/CryptoComponentImpl.java
View File

@@ -133,7 +133,6 @@ class CryptoComponentImpl implements CryptoComponent {
private final KeyPairGenerator agreementKeyPairGenerator;
private final KeyPairGenerator signatureKeyPairGenerator;
private final SecureRandom secureRandom;
private final ErasableKey temporaryStorageKey;
CryptoComponentImpl() {
Security.addProvider(new BouncyCastleProvider());
@@ -156,7 +155,6 @@ class CryptoComponentImpl implements CryptoComponent {
throw new RuntimeException(e);
}
secureRandom = new SecureRandom();
temporaryStorageKey = generateSecretKey();
}
public ErasableKey generateSecretKey() {
@@ -372,49 +370,6 @@ class CryptoComponentImpl implements CryptoComponent {
}
}
public byte[] encryptTemporaryStorage(byte[] input) {
// Generate a random IV
byte[] ivBytes = new byte[STORAGE_IV_BYTES];
secureRandom.nextBytes(ivBytes);
IvParameterSpec iv = new IvParameterSpec(ivBytes);
// The output contains the IV, ciphertext and MAC
int outputLen = STORAGE_IV_BYTES + input.length + GCM_MAC_BYTES;
byte[] output = new byte[outputLen];
System.arraycopy(ivBytes, 0, output, 0, STORAGE_IV_BYTES);
// Initialise the cipher and encrypt the plaintext
Cipher cipher;
try {
cipher = Cipher.getInstance(STORAGE_CIPHER_ALGO, PROVIDER);
cipher.init(ENCRYPT_MODE, temporaryStorageKey, iv);
cipher.doFinal(input, 0, input.length, output, STORAGE_IV_BYTES);
return output;
} catch(GeneralSecurityException e) {
throw new RuntimeException(e);
}
}
public byte[] decryptTemporaryStorage(byte[] input) {
// The input contains the IV, ciphertext and MAC
if(input.length < STORAGE_IV_BYTES + GCM_MAC_BYTES)
return null; // Invalid
IvParameterSpec iv = new IvParameterSpec(input, 0, STORAGE_IV_BYTES);
// Initialise the cipher
Cipher cipher;
try {
cipher = Cipher.getInstance(STORAGE_CIPHER_ALGO, PROVIDER);
cipher.init(DECRYPT_MODE, temporaryStorageKey, iv);
} catch(GeneralSecurityException e) {
throw new RuntimeException(e);
}
// Try to decrypt the ciphertext (may be invalid)
try {
return cipher.doFinal(input, STORAGE_IV_BYTES,
input.length - STORAGE_IV_BYTES);
} catch(GeneralSecurityException e) {
return null; // Invalid
}
}
public byte[] encryptWithPassword(byte[] input, char[] password) {
// Generate a random salt
byte[] salt = new byte[PBKDF_SALT_BYTES];