mirror/FairEmail
1
0
Fork 0
mirror of https://github.com/M66B/FairEmail.git synced 2025-01-02 13:14:39 +00:00
Code Issues Releases Wiki Activity

Restored old settings encryption method

Browse source
This commit is contained in:
M66B 2022-10-29 07:57:40 +02:00
parent 5cb23173df
commit c6d480efea
1 changed files with 20 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
app/src/main/java/eu/faircode/email/ActivitySetup.java
View file

@ -841,19 +841,34 @@ public class ActivitySetup extends ActivityBase implements FragmentManager.OnBac
if (TextUtils.isEmpty(password)) if (TextUtils.isEmpty(password))
raw.write(jexport.toString(2).getBytes()); raw.write(jexport.toString(2).getBytes());
else { else {
int version = 0;
int ivLen = (version == 0 ? 16 : 12);
String derivation = (version == 0 ? "PBKDF2WithHmacSHA1" : "PBKDF2WithHmacSHA512");
int iterations = (version == 0 ? 65536 : 120000);
int keyLen = 256;
String transformation = (version == 0 ? "AES/CBC/PKCS5Padding" : "AES/GCM/NoPadding");
Log.i("Export version=" + version +
" ivLen=" + ivLen +
" derivation=" + derivation +
" iterations=" + iterations +
" keyLen=" + keyLen +
" transformation=" + transformation);
byte[] salt = new byte[16]; byte[] salt = new byte[16];
SecureRandom random = new SecureRandom(); SecureRandom random = new SecureRandom();
random.nextBytes(salt); random.nextBytes(salt);
// https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher // https://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html#Cipher
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA512"); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(derivation);
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, 120000, 256); KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, iterations, keyLen);
SecretKey secret = keyFactory.generateSecret(keySpec); SecretKey secret = keyFactory.generateSecret(keySpec);
Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding"); Cipher cipher = Cipher.getInstance(transformation);
cipher.init(Cipher.ENCRYPT_MODE, secret); cipher.init(Cipher.ENCRYPT_MODE, secret);
raw.write("___FairEmail___".getBytes(StandardCharsets.US_ASCII)); if (version > 0) {
raw.write(1); // version raw.write("___FairEmail___".getBytes(StandardCharsets.US_ASCII));
raw.write(version); // version
}
raw.write(salt); raw.write(salt);
raw.write(cipher.getIV()); raw.write(cipher.getIV());