From a8da6e3ea3ab795c9a76bc94e49d7c3a144462b9 Mon Sep 17 00:00:00 2001 From: M66B Date: Fri, 13 Jan 2023 18:40:41 +0100 Subject: [PATCH] Switch to AES/GCM-SIV for cloud data encryption --- .../main/java/eu/faircode/email/FragmentOptionsBackup.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java b/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java index b0e46e188a..c81cf6f1ad 100644 --- a/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java +++ b/app/src/main/java/eu/faircode/email/FragmentOptionsBackup.java @@ -1675,10 +1675,10 @@ public class FragmentOptionsBackup extends FragmentBase implements SharedPrefere private String encryptValue(String value, byte[] key) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException { SecretKeySpec secret = new SecretKeySpec(key, "AES"); - Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); + Cipher cipher = Cipher.getInstance("AES/GCM-SIV/NoPadding"); IvParameterSpec ivSpec = new IvParameterSpec(new byte[12]); - cipher.updateAAD(ByteBuffer.allocate(4).putInt(0).array()); cipher.init(Cipher.ENCRYPT_MODE, secret, ivSpec); + //cipher.updateAAD(ByteBuffer.allocate(4).putInt(0).array()); byte[] encrypted = cipher.doFinal(value.getBytes()); return Base64.encodeToString(encrypted, Base64.NO_PADDING | Base64.NO_WRAP); }