This commit is contained in:
Valere 2020-03-26 09:49:34 +01:00
parent 08cfe79625
commit 9a6fe1af4e
2 changed files with 12 additions and 12 deletions

View File

@ -9,6 +9,7 @@ Improvements 🙌:
Bugfix 🐛:
- Missing avatar/displayname after verification request message (#841)
- RiotX can't restore cross signing keys saved by web in SSSS (#1174)
Translations 🗣:
-

View File

@ -272,7 +272,7 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
val ivParameterSpec = IvParameterSpec(iv)
cipher.init(Cipher.ENCRYPT_MODE, secretKeySpec, ivParameterSpec)
// secret are not that big, just do Final
val cipherBytes = cipher.doFinal(clearDataBase64.fromBase64())
val cipherBytes = cipher.doFinal(clearDataBase64.toByteArray())
require(cipherBytes.isNotEmpty())
val macKeySpec = SecretKeySpec(macKey, "HmacSHA256")
@ -303,6 +303,15 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
val cipherRawBytes = cipherContent.ciphertext?.fromBase64() ?: throw SharedSecretStorageError.BadCipherText
// Check Signature
val macKeySpec = SecretKeySpec(macKey, "HmacSHA256")
val mac = Mac.getInstance("HmacSHA256").apply { init(macKeySpec) }
val digest = mac.doFinal(cipherRawBytes)
if (!cipherContent.mac?.fromBase64()?.contentEquals(digest).orFalse()) {
throw SharedSecretStorageError.BadMac
}
val cipher = Cipher.getInstance("AES/CTR/NoPadding")
val secretKeySpec = SecretKeySpec(aesKey, "AES")
@ -313,17 +322,7 @@ internal class DefaultSharedSecretStorageService @Inject constructor(
require(decryptedSecret.isNotEmpty())
// Check Signature
val macKeySpec = SecretKeySpec(macKey, "HmacSHA256")
val mac = Mac.getInstance("HmacSHA256").apply { init(macKeySpec) }
val digest = mac.doFinal(cipherRawBytes)
if (!cipherContent.mac?.fromBase64()?.contentEquals(digest).orFalse()) {
throw SharedSecretStorageError.BadMac
} else {
// we are good
return decryptedSecret.toBase64NoPadding()
}
return String(decryptedSecret, Charsets.UTF_8)
}
override fun getAlgorithmsForSecret(name: String): List<KeyInfoResult> {