For some historical reasons I need to take care of the AES-192 encryption method, I noticed that KEY_STRENGTH_192 has been defined in the AesKeyStrength enum class, but there is no compatibility treatment in AESEncrypter, can I know why? Also I have modified the AESEncrypter class myself, I have bolded the changed code, can you help me review if there are any other issues? Many thanks.
zip4j version:2.11.5
Source Code
/*
Copyright 2010 Srikanth Reddy Lingala
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
public int encryptData(byte[] buff) throws ZipException {
if (buff == null) {
throw new ZipException("input bytes are null, cannot perform AES encryption");
}
return encryptData(buff, 0, buff.length);
}
public int encryptData(byte[] buff, int start, int len) throws ZipException {
if (finished) {
// A non 16 byte block has already been passed to encrypter
// non 16 byte block should be the last block of compressed data in AES encryption
// any more encryption will lead to corruption of data
throw new ZipException("AES Encrypter is in finished state (A non 16 byte block has already been passed to encrypter)");
}
if (len % 16 != 0) {
this.finished = true;
}
for (int j = start; j < (start + len); j += AES_BLOCK_SIZE) {
loopCount = (j + AES_BLOCK_SIZE <= (start + len)) ?
AES_BLOCK_SIZE : ((start + len) - j);
prepareBuffAESIVBytes(iv, nonce);
aesEngine.processBlock(iv, counterBlock);
for (int k = 0; k < loopCount; k++) {
buff[j + k] = (byte) (buff[j + k] ^ counterBlock[k]);
}
mac.update(buff, j, loopCount);
nonce++;
}
return len;
For some historical reasons I need to take care of the AES-192 encryption method, I noticed that KEY_STRENGTH_192 has been defined in the AesKeyStrength enum class, but there is no compatibility treatment in AESEncrypter, can I know why? Also I have modified the AESEncrypter class myself, I have bolded the changed code, can you help me review if there are any other issues? Many thanks.
zip4j version:2.11.5
Source Code
/*
package net.lingala.zip4j.crypto;
import net.lingala.zip4j.crypto.PBKDF2.MacBasedPRF; import net.lingala.zip4j.crypto.engine.AESEngine; import net.lingala.zip4j.exception.ZipException; import net.lingala.zip4j.model.enums.AesKeyStrength;
import java.security.SecureRandom;
import static net.lingala.zip4j.crypto.AesCipherUtil.derivePasswordBasedKey; import static net.lingala.zip4j.crypto.AesCipherUtil.derivePasswordVerifier; import static net.lingala.zip4j.crypto.AesCipherUtil.getAESEngine; import static net.lingala.zip4j.crypto.AesCipherUtil.getMacBasedPRF; import static net.lingala.zip4j.crypto.AesCipherUtil.prepareBuffAESIVBytes; import static net.lingala.zip4j.util.InternalZipConstants.AES_BLOCK_SIZE;
/**
AES Encrypter supports AE-1 and AE-2 encryption using AES-CTR with either 128 or 256 Key Strength */ public class AESEncrypter implements Encrypter {
private AESEngine aesEngine; private MacBasedPRF mac; private final SecureRandom random = new SecureRandom();
private boolean finished;
private int nonce = 1; private int loopCount = 0;
private final byte[] iv; private final byte[] counterBlock; private byte[] derivedPasswordVerifier; private byte[] saltBytes;
public AESEncrypter(char[] password, AesKeyStrength aesKeyStrength, boolean useUtf8ForPassword) throws ZipException { if (password == null || password.length == 0) { throw new ZipException("input password is empty or null"); } if (aesKeyStrength != AesKeyStrength.KEY_STRENGTH_128 && aesKeyStrength != AesKeyStrength.KEY_STRENGTH_192 && aesKeyStrength != AesKeyStrength.KEY_STRENGTH_256) { throw new ZipException("Invalid AES key strength"); }
}
private void init(char[] password, AesKeyStrength aesKeyStrength, boolean useUtf8ForPassword) throws ZipException { saltBytes = generateSalt(aesKeyStrength.getSaltLength()); byte[] derivedKey = derivePasswordBasedKey(saltBytes, password, aesKeyStrength, useUtf8ForPassword); derivedPasswordVerifier = derivePasswordVerifier(derivedKey, aesKeyStrength); aesEngine = getAESEngine(derivedKey, aesKeyStrength); mac = getMacBasedPRF(derivedKey, aesKeyStrength); }
public int encryptData(byte[] buff) throws ZipException { if (buff == null) { throw new ZipException("input bytes are null, cannot perform AES encryption"); } return encryptData(buff, 0, buff.length); }
public int encryptData(byte[] buff, int start, int len) throws ZipException {
}
private byte[] generateSalt(int size) throws ZipException {
}
public byte[] getFinalMac() { byte[] rawMacBytes = mac.doFinal(); byte[] macBytes = new byte[10]; System.arraycopy(rawMacBytes, 0, macBytes, 0, 10); return macBytes; }
public byte[] getDerivedPasswordVerifier() { return derivedPasswordVerifier; }
public byte[] getSaltBytes() { return saltBytes; } }