Signal/Android
1
0
Fork 0
mirror of https://github.com/signalapp/Signal-Android.git synced 2026-04-24 19:00:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Switch to CBC mode with a derived IV.

Browse Source 
1) Since we're not CPU or space constrained (and are in fact
   padding), and since keystream reuse would be more catastrophic
   than IV reuse without chosen plaintext.
This commit is contained in:
Moxie Marlinspike
2014-07-28 20:56:49 -07:00
parent c375ed8638
commit 741171c49f
10 changed files with 243 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
library/src/org/whispersystems/textsecure/push/PushTransportDetails.java
View File

@@ -58,7 +58,10 @@ public class PushTransportDetails implements TransportDetails {
if (messageVersion < 2) throw new AssertionError("Unknown version: " + messageVersion);
else if (messageVersion == 2) return messageBody;
byte[] paddedMessage = new byte[getPaddedMessageLength(messageBody.length)];
// NOTE: This is dumb. We have our own padding scheme, but so does the cipher.
// The +1 -1 here is to make sure the Cipher has room to add one padding byte,
// otherwise it'll add a full 16 extra bytes.
byte[] paddedMessage = new byte[getPaddedMessageLength(messageBody.length + 1) - 1];
System.arraycopy(messageBody, 0, paddedMessage, 0, messageBody.length);
paddedMessage[messageBody.length] = (byte)0x80;