001/* 002 * Syncany, www.syncany.org 003 * Copyright (C) 2011-2016 Philipp C. Heckel <philipp.heckel@gmail.com> 004 * 005 * This program is free software: you can redistribute it and/or modify 006 * it under the terms of the GNU General Public License as published by 007 * the Free Software Foundation, either version 3 of the License, or 008 * (at your option) any later version. 009 * 010 * This program is distributed in the hope that it will be useful, 011 * but WITHOUT ANY WARRANTY; without even the implied warranty of 012 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 013 * GNU General Public License for more details. 014 * 015 * You should have received a copy of the GNU General Public License 016 * along with this program. If not, see <http://www.gnu.org/licenses/>. 017 */ 018package org.syncany.crypto; 019 020import java.security.Provider; 021 022import org.bouncycastle.crypto.Digest; 023import org.bouncycastle.crypto.digests.SHA256Digest; 024import org.bouncycastle.jce.provider.BouncyCastleProvider; 025import org.syncany.util.StringUtil; 026 027/** 028 * Defines important crypto constants used in the application. 029 * 030 * <p><b>Warning</b>: The class defines constants that (if changed) can lead to 031 * invalidated ciphertext data. Do <b>not change</b> any of these parameters unless 032 * you know what you are doing! 033 * 034 * @author Philipp C. Heckel (philipp.heckel@gmail.com) 035 */ 036public abstract class CipherParams { 037 /** 038 * Defines the name of the cryptography provider. The constant is used 039 * during crypto provider registration, as well as to instantiate cipher 040 * algorithms. 041 * 042 * @see #CRYPTO_PROVIDER 043 */ 044 public static final String CRYPTO_PROVIDER_ID = "BC"; 045 046 /** 047 * Defines the cryptography provider used in the application. The provider 048 * registration is done in the cipher utility class. 049 * 050 * @see #CRYPTO_PROVIDER_ID 051 */ 052 public static final Provider CRYPTO_PROVIDER = new BouncyCastleProvider(); 053 054 /** 055 * Password-based key derivation function used to generate the master key 056 * from the user's password. 057 * 058 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 059 * Do not change this constant unless you know what you are doing! 060 * 061 * @see #MASTER_KEY_DERIVATION_ROUNDS 062 * @see #MASTER_KEY_SIZE 063 * @see #MASTER_KEY_SALT_SIZE 064 */ 065 public static final String MASTER_KEY_DERIVATION_FUNCTION = "PBKDF2WithHmacSHA1"; 066 067 /** 068 * Number of rounds the password-based key derivation function is applied during the 069 * master key generation process. 070 * 071 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 072 * Do not change this constant unless you know what you are doing! 073 * 074 * @see #MASTER_KEY_DERIVATION_FUNCTION 075 * @see #MASTER_KEY_SIZE 076 * @see #MASTER_KEY_SALT_SIZE 077 */ 078 public static final int MASTER_KEY_DERIVATION_ROUNDS = 1000000; 079 080 /** 081 * Size of a generated master key (in bits). This value is used during the key 082 * generation by the password-based key derivation function. 083 * 084 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 085 * Do not change this constant unless you know what you are doing! 086 * 087 * @see #MASTER_KEY_DERIVATION_FUNCTION 088 * @see #MASTER_KEY_DERIVATION_ROUNDS 089 * @see #MASTER_KEY_SALT_SIZE 090 */ 091 public static final int MASTER_KEY_SIZE = 512; 092 093 /** 094 * Size of the salt used to generate the master key. This value is used during 095 * the key generation by the password-based key derivation function. 096 * 097 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 098 * Do not change this constant unless you know what you are doing! 099 * 100 * @see #MASTER_KEY_DERIVATION_FUNCTION 101 * @see #MASTER_KEY_DERIVATION_ROUNDS 102 * @see #MASTER_KEY_SIZE 103 */ 104 public static final int MASTER_KEY_SALT_SIZE = 512; 105 106 /** 107 * Hash function used in the HKDF key derivation algorithm for deriving 108 * keys from a master key. 109 * 110 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 111 * Do not change this constant unless you know what you are doing! 112 * 113 * @see #KEY_DERIVATION_INFO 114 */ 115 public static final Digest KEY_DERIVATION_DIGEST = new SHA256Digest(); 116 117 /** 118 * Additional info used in the HKDF key derivation algorithm. 119 * 120 * <p><b>Warning:</b> Changing this constant may lead to unrecoverable ciphertext data 121 * Do not change this constant unless you know what you are doing! 122 * 123 * @see #KEY_DERIVATION_DIGEST 124 */ 125 public static final byte[] KEY_DERIVATION_INFO = StringUtil.toBytesUTF8("Syncany_SHA256_Derivated_Key"); 126 127 /** 128 * Key generation algorithm name used for the key pair generation (used for the self-signed certificate). 129 */ 130 public static final String CERTIFICATE_KEYPAIR_ALGORITHM = "RSA"; 131 132 /** 133 * Key size used for the key pair generation (used for the self-signed certificate). 134 */ 135 public static final int CERTIFICATE_KEYPAIR_SIZE = 2048; 136 137 /** 138 * Certificate alias used to identify server certificate in the key store. 139 */ 140 public static final String CERTIFICATE_IDENTIFIER = "SyMOTETIP"; 141 142 /** 143 * Organization (O) set in the RDN of the self-signed certificate. 144 */ 145 public static final String CERTIFICATE_ORGANIZATION = "Syncany"; 146 147 /** 148 * Organizational unit (OU) set in the RDN of the self-signed certificate. 149 */ 150 public static final String CERTIFICATE_ORGUNIT = "Syncany"; 151}