Skip to content

Commit

Permalink
Merge pull request #344 from adorsys/gcm-cipher-cannot-be-reused-for-…
Browse files Browse the repository at this point in the history 
…encryption

Fix: ensure unique iv generation for GCM encryption to prevent reuse error
  • Loading branch information
@AssahBismarkabah
AssahBismarkabah committed Aug 13, 2024
2 parents ea27fc6 + f4e1e21 commit 32d36bc
Showing 1 changed file with 4 additions and 1 deletion.
5 changes: 4 additions & 1 deletion ...main/java/de/adorsys/datasafe/encrypiton/impl/cmsencryption/CMSEncryptionServiceImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,7 @@
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyPair;
import java.security.SecureRandom;
import java.util.Collections;
import java.util.Map;
import java.util.Set;
Expand All @@ -47,10 +48,12 @@
public class CMSEncryptionServiceImpl implements CMSEncryptionService {

private ASNCmsEncryptionConfig encryptionConfig;
private SecureRandom secureRandom;

@Inject
public CMSEncryptionServiceImpl(ASNCmsEncryptionConfig encryptionConfig) {
this.encryptionConfig = encryptionConfig;
this.secureRandom = new SecureRandom();
}

/**
Expand Down Expand Up @@ -145,7 +148,7 @@ private OutputStream streamEncrypt(OutputStream dataContentStream, Set<Recipient

return generator.open(
dataContentStream,
new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).build()
new JceCMSContentEncryptorBuilder(algorithm).setProvider(GeneratorModule_ProviderFactory.provider()).setSecureRandom( this.secureRandom).build()
);
}
}

0 comments on commit 32d36bc

Please sign in to comment.