From fdb6341773817b56127f0afb11a9e16f86e83b63 Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 20 Oct 2021 10:53:04 +0200
Subject: [PATCH 1/4] Use HS256 instead of defaulting to HS512 for signing
 vault.cryptomator

New vaults should be created using HS256 to be compatible with the desktop and iOS app. Before, we was defaulting to HS512. Now we specify the correct version.
While unlock, the algorithm specified in the header is used.

Fixes #366
---
 .../main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt b/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
index a9f3e190..d7c082aa 100644
--- a/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
+++ b/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
@@ -14,6 +14,7 @@ import io.jsonwebtoken.JwsHeader
 import io.jsonwebtoken.JwtException
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.MissingClaimException
+import io.jsonwebtoken.SignatureAlgorithm
 import io.jsonwebtoken.SigningKeyResolverAdapter
 import io.jsonwebtoken.security.Keys
 import io.jsonwebtoken.security.SignatureException
@@ -34,7 +35,7 @@ class VaultConfig private constructor(builder: VaultConfigBuilder) {
 			.claim(JSON_KEY_VAULTFORMAT, vaultFormat) //
 			.claim(JSON_KEY_CIPHERCONFIG, cipherCombo.name) //
 			.claim(JSON_KEY_SHORTENING_THRESHOLD, shorteningThreshold) //
-			.signWith(Keys.hmacShaKeyFor(rawKey)) //
+			.signWith(Keys.hmacShaKeyFor(rawKey), SignatureAlgorithm.HS256) //
 			.compact()
 	}
 

From fd7180e377ecadc009df713a02728aea9edb836a Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 20 Oct 2021 10:54:26 +0200
Subject: [PATCH 2/4] Bump to versin 1.6.1

[ci skip]
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 5347a92e..ec15ebc2 100644
--- a/build.gradle
+++ b/build.gradle
@@ -39,7 +39,7 @@ allprojects {
 	ext {
 		androidApplicationId = 'org.cryptomator'
 		androidVersionCode = getVersionCode()
-		androidVersionName = '1.6.0'
+		androidVersionName = '1.6.1'
 	}
 	repositories {
 		mavenCentral()

From c405f30bbb18aaa31ae3d2576d47f37d09e40c9e Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 20 Oct 2021 11:00:49 +0200
Subject: [PATCH 3/4] Update release notes

---
 fastlane/metadata/android/de-DE/changelogs/default.txt | 10 +---------
 fastlane/metadata/android/en-US/changelogs/default.txt | 10 +---------
 fastlane/release-notes.html                            | 10 +---------
 3 files changed, 3 insertions(+), 27 deletions(-)

diff --git a/fastlane/metadata/android/de-DE/changelogs/default.txt b/fastlane/metadata/android/de-DE/changelogs/default.txt
index dbd92674..74b767a7 100644
--- a/fastlane/metadata/android/de-DE/changelogs/default.txt
+++ b/fastlane/metadata/android/de-DE/changelogs/default.txt
@@ -1,9 +1 @@
-- Kompatibilität zur Tresor-Format 8 hinzugefügt
-- Google-Login und geteilte Tresore in pCloud hinzugefügt
-- Viele Übersetzungen hinzugefügt
-- Minimale Android-Version auf 7 erhöht
-- Auto-Updater des APK-Stores verbessert
-- Tresorname in S3 kann wieder umbenannt werden
-- Tresore in Google Drive können wieder auf allen Geräten erstellt/hinzugefügt werden
-- Kompatibilität für schwache biometrische Authentifikatoren entfernt
-- Deaktivierte Tracking-Library der Google-Cloud entfernt
\ No newline at end of file
+- Kompatibilität zu Tresor-Format 8 verbessert
\ No newline at end of file
diff --git a/fastlane/metadata/android/en-US/changelogs/default.txt b/fastlane/metadata/android/en-US/changelogs/default.txt
index 41242e31..532ed6a8 100644
--- a/fastlane/metadata/android/en-US/changelogs/default.txt
+++ b/fastlane/metadata/android/en-US/changelogs/default.txt
@@ -1,9 +1 @@
-- Added compatibility to vault format 8
-- Added Google login and shared vaults in pCloud
-- Added a ton of translations, kudos to our contributors
-- Enhanced auto updater of APK store
-- Increased min. Android version to 7 (Side note: Android 6 did not receive security updates for almost 2 years)
-- Fixed rename vault name in S3
-- Fixed add/create vault in Google Drive on some devices
-- Dropped support for weak biometric authenticators
-- Removed deactivated tracking library from the Google cloud
\ No newline at end of file
+- Enhanced compatibility to vault format 8
\ No newline at end of file
diff --git a/fastlane/release-notes.html b/fastlane/release-notes.html
index 6e77ccb1..700252e5 100644
--- a/fastlane/release-notes.html
+++ b/fastlane/release-notes.html
@@ -1,11 +1,3 @@
 <ul>
-  <li>Added compatibility to vault format 8</li>
-  <li>Added Google login and shared vaults in pCloud</li>
-  <li>Added a ton of translations, kudos to our contributors</li>
-  <li>Enhanced auto updater of APK store</li>
-  <li>Increased min. Android version to 7 (Side note: Android 6 did not receive security updates for almost 2 years)</li>
-  <li>Fixed rename vault name in S3</li>
-  <li>Fixed add/create vault in Google Drive on some devices</li>
-  <li>Dropped support for weak biometric authenticators</li>
-  <li>Removed deactivated tracking library from the Google cloud</li>
+  <li>Enhanced compatibility to vault format 8</li>
 </ul>
\ No newline at end of file

From f6cc2c75e0912a1694f8cc86ae83d03febf47a84 Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 20 Oct 2021 11:25:36 +0200
Subject: [PATCH 4/4] Fix MasterkeyCryptoCloudProviderTest as we now use HS256

---
 .../data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/src/test/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt b/data/src/test/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt
index dbb3ff99..9fdc4885 100644
--- a/data/src/test/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt
+++ b/data/src/test/java/org/cryptomator/data/cloud/crypto/MasterkeyCryptoCloudProviderTest.kt
@@ -57,7 +57,7 @@ internal class MasterkeyCryptoCloudProviderTest {
 	private val masterkeyV7 =
 		"{  \"version\": 7,  \"scryptSalt\": \"AAAAAAAAAAA=\",  \"scryptCostParam\": 32768,  \"scryptBlockSize\": 8,  \"primaryMasterKey\": \"D2kc+xBoAcVY+M7s74YBEy6l7ga2+Nz+HS5o0TQY3JMW1uQ5jTlLIQ==\",  \"hmacMasterKey\": \"D2kc+xBoAcVY+M7s74YBEy6l7ga2+Nz+HS5o0TQY3JMW1uQ5jTlLIQ==\",  \"versionMac\": \"cn2sAK6l9p1/w9deJVUuW3h7br056mpv5srvALiYw+g=\"}"
 	private val vaultConfig =
-		"eyJraWQiOiJtYXN0ZXJrZXlmaWxlOm1hc3RlcmtleS5jcnlwdG9tYXRvciIsImFsZyI6IkhTNTEyIn0.eyJmb3JtYXQiOjgsInNob3J0ZW5pbmdUaHJlc2hvbGQiOjIyMCwiY2lwaGVyQ29tYm8iOiJTSVZfQ1RSTUFDIn0.Evt5KXS_35pm53DynIwL3qvXWF56UkfqDZKv12n7SD288jzcdvvmtvu5sQhhqvxU6CPL4Q9v3yFQ_lvBynyrYA"
+		"eyJraWQiOiJtYXN0ZXJrZXlmaWxlOm1hc3RlcmtleS5jcnlwdG9tYXRvciIsImFsZyI6IkhTMjU2In0.eyJmb3JtYXQiOjgsInNob3J0ZW5pbmdUaHJlc2hvbGQiOjIyMCwiY2lwaGVyQ29tYm8iOiJTSVZfQ1RSTUFDIn0.CLOGLhNPwGA84olG9qHoYnan5ju8VlRh3X2n2FwVOOc"
 
 	private var context: Context = mock()
 	private var cloud: Cloud = mock()