From a8da6e3ea3ab795c9a76bc94e49d7c3a144462b9 Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Fri, 13 Jan 2023 18:40:41 +0100
Subject: [PATCH] Switch to AES/GCM-SIV for cloud data encryption

---
 .../main/java/eu/faircode/email/FragmentOptionsBackup.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java b/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java
index b0e46e188a..c81cf6f1ad 100644
--- a/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java
+++ b/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java
@@ -1675,10 +1675,10 @@ public class FragmentOptionsBackup extends FragmentBase implements SharedPrefere
     private String encryptValue(String value, byte[] key)
             throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
         SecretKeySpec secret = new SecretKeySpec(key, "AES");
-        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
+        Cipher cipher = Cipher.getInstance("AES/GCM-SIV/NoPadding");
         IvParameterSpec ivSpec = new IvParameterSpec(new byte[12]);
-        cipher.updateAAD(ByteBuffer.allocate(4).putInt(0).array());
         cipher.init(Cipher.ENCRYPT_MODE, secret, ivSpec);
+        //cipher.updateAAD(ByteBuffer.allocate(4).putInt(0).array());
         byte[] encrypted = cipher.doFinal(value.getBytes());
         return Base64.encodeToString(encrypted, Base64.NO_PADDING | Base64.NO_WRAP);
     }