SHA256 attachment MACs.

library/src/org/whispersystems/textsecure/crypto/AttachmentCipher.java

@@ -41,7 +41,7 @@ import java.util.Arrays;
 public class AttachmentCipher {
 
   static final int CIPHER_KEY_SIZE = 32;
-  static final int MAC_KEY_SIZE    = 20;
+  static final int MAC_KEY_SIZE    = 32;
 
   private final SecretKeySpec cipherKey;
   private final SecretKeySpec macKey;
@@ -58,7 +58,7 @@ public class AttachmentCipher {
   public AttachmentCipher(byte[] combinedKeyMaterial) {
     byte[][] parts = Util.split(combinedKeyMaterial, CIPHER_KEY_SIZE, MAC_KEY_SIZE);
     this.cipherKey = new SecretKeySpec(parts[0], "AES");
-    this.macKey    = new SecretKeySpec(parts[1], "HmacSHA1");
+    this.macKey    = new SecretKeySpec(parts[1], "HmacSHA256");
     this.cipher    = initializeCipher();
     this.mac       = initializeMac();
   }
@@ -123,7 +123,7 @@ public class AttachmentCipher {
 
   private Mac initializeMac() {
     try {
-      Mac mac = Mac.getInstance("HmacSHA1");
+      Mac mac = Mac.getInstance("HmacSHA256");
       return mac;
     } catch (NoSuchAlgorithmException e) {
       throw new AssertionError(e);
@@ -150,7 +150,7 @@ public class AttachmentCipher {
   private SecretKeySpec initializeRandomMacKey() {
     byte[] key = new byte[MAC_KEY_SIZE];
     Util.getSecureRandom().nextBytes(key);
-    return new SecretKeySpec(key, "HmacSHA1");
+    return new SecretKeySpec(key, "HmacSHA256");
   }
 
 }

library/src/org/whispersystems/textsecure/crypto/AttachmentCipherInputStream.java

@@ -18,17 +18,8 @@ package org.whispersystems.textsecure.crypto;
 
 import android.util.Log;
 
-import org.whispersystems.textsecure.util.Hex;
 import org.whispersystems.textsecure.util.Util;
 
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.Mac;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
@@ -38,6 +29,15 @@ import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
 
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
 /**
  * Class for streaming an encrypted push attachment off disk.
  *
@@ -63,8 +63,8 @@ public class AttachmentCipherInputStream extends FileInputStream {
                                   AttachmentCipher.CIPHER_KEY_SIZE,
                                   AttachmentCipher.MAC_KEY_SIZE);
 
-      Mac mac = Mac.getInstance("HmacSHA1");
-      mac.init(new SecretKeySpec(parts[1], "HmacSHA1"));
+      Mac mac = Mac.getInstance("HmacSHA256");
+      mac.init(new SecretKeySpec(parts[1], "HmacSHA256"));
 
       if (file.length() <= BLOCK_SIZE + mac.getMacLength()) {
         throw new InvalidMessageException("Message shorter than crypto overhead!");

src/org/thoughtcrime/securesms/service/PushDownloader.java

@@ -37,7 +37,7 @@ public class PushDownloader {
   }
 
   public void process(MasterSecret masterSecret, Intent intent) {
-    if (!intent.getAction().equals(SendReceiveService.DOWNLOAD_PUSH_ACTION))
+    if (!SendReceiveService.DOWNLOAD_PUSH_ACTION.equals(intent.getAction()))
       return;
 
     long         messageId = intent.getLongExtra("message_id", -1);