de.schlichtherle.truezip.fs.archive.zip.raes
Class SafeZipRaesDriver
java.lang.Object
de.schlichtherle.truezip.fs.FsDriver
de.schlichtherle.truezip.fs.archive.FsArchiveDriver<E>
de.schlichtherle.truezip.fs.archive.FsCharsetArchiveDriver<ZipArchiveEntry>
de.schlichtherle.truezip.fs.archive.zip.ZipDriver
de.schlichtherle.truezip.fs.archive.zip.JarDriver
de.schlichtherle.truezip.fs.archive.zip.raes.ZipRaesDriver
de.schlichtherle.truezip.fs.archive.zip.raes.SafeZipRaesDriver
- All Implemented Interfaces:
- EntryFactory<ZipArchiveEntry>, ZipEntryFactory<ZipArchiveEntry>
@Immutable
public class SafeZipRaesDriver
- extends ZipRaesDriver
A safe archive driver which builds RAES encrypted ZIP files.
For input archive files up to 512 KB, the cipher text gets authenticated
using the RAES provided Message Authentication Code (MAC) before
the archive can be accessed by a client application.
For larger input archive files, the MAC is not used, but instead the
CRC-32 value of the decrypted and deflated archive entries is checked
when the archive entry stream is closed by the client application,
resulting in some IOException.
This operation mode is considered to be safe:
Although a formal prove is missing, it should be computationally
infeasible to modify an archive file so that after decryption
of the archive and after inflation (decompression) of an
entry's data its CRC-32 value still matches!
This should hold true even though CRC-32 is not at all a good cryptographic
hash function because of its frequent collisions, its linear output and
small output size.
It's the ZIP inflation algorithm which actually comes to our rescue!
- Author:
- Christian Schlichtherle
- See Also:
ParanoidZipRaesDriver
|
Field Summary |
private static long |
AUTHENTICATION_TRIGGER
The default trigger for authentication in bytes (524288L). |
AUTHENTICATION_TRIGGER
private static final long AUTHENTICATION_TRIGGER
- The default trigger for authentication in bytes (524288L).
Input archive files smaller than or equal to this size get verified
using the RAES Message Authentication Code (MAC) before they are
accessed.
- See Also:
- Constant Field Values
SafeZipRaesDriver
public SafeZipRaesDriver(IOPoolService ioPoolService,
KeyManagerService keyManagerService)
getAuthenticationTrigger
public final long getAuthenticationTrigger()
- Description copied from class:
ZipRaesDriver
- Constructs a new abstract ZIP.RAES driver which
uses the given byte
size to trigger verification of the Message Authentication Code (MAC).
Note that the given parameter only affects the authentication of the
cipher text in input archives - the cipher key and
file length are always authenticated with RAES.
Returns the value of the property
authenticationTrigger.
If the size of an input file is smaller than or equal to this value,
the Message Authentication Code (MAC) for the entire
cipher text is computed and verified in order to authenticate
the file.
Otherwise, only the cipher key and the file length
get authenticated.
Consequently, if the value of this property is set to a negative value,
the cipher text gets never verified, and if set to
Long.MAX_VALUE, the cipher text gets always
authenticated.
- Specified by:
getAuthenticationTrigger in class ZipRaesDriver
- Returns:
- The value of the property
authenticationTrigger.
newZipInputShop
protected final ZipInputShop newZipInputShop(FsConcurrentModel model,
ReadOnlyFile rof)
throws IOException
-
If the net file length of the archive is larger than the authentication
trigger, then a CheckedZipInputShop for CRC-32
authentication is returned, otherwise a plain ZipInputShop
which doesn't do any authentication.
This complements the behaviour of the
ZipRaesDriver.newInputShop(de.schlichtherle.truezip.fs.FsConcurrentModel, de.schlichtherle.truezip.socket.InputSocket) method in the super
class, which authenticates the cipher text using the MAC iff the gross
file length is smaller than or equal to the authentication trigger.
Note that this leaves a small window for gross file lengths of about
getAuthenticationTrigger() bytes where the archive is both MAC
and CRC-32 authenticated.
- Overrides:
newZipInputShop in class ZipDriver
- Throws:
IOException
Copyright © 2005-2011 Schlichtherle IT Services. All Rights Reserved.