From fdb6341773817b56127f0afb11a9e16f86e83b63 Mon Sep 17 00:00:00 2001
From: Julian Raufelder <Julian@Raufelder.com>
Date: Wed, 20 Oct 2021 10:53:04 +0200
Subject: [PATCH] Use HS256 instead of defaulting to HS512 for signing
 vault.cryptomator

New vaults should be created using HS256 to be compatible with the desktop and iOS app. Before, we was defaulting to HS512. Now we specify the correct version.
While unlock, the algorithm specified in the header is used.

Fixes #366
---
 .../main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt b/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
index a9f3e190..d7c082aa 100644
--- a/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
+++ b/data/src/main/java/org/cryptomator/data/cloud/crypto/VaultConfig.kt
@@ -14,6 +14,7 @@ import io.jsonwebtoken.JwsHeader
 import io.jsonwebtoken.JwtException
 import io.jsonwebtoken.Jwts
 import io.jsonwebtoken.MissingClaimException
+import io.jsonwebtoken.SignatureAlgorithm
 import io.jsonwebtoken.SigningKeyResolverAdapter
 import io.jsonwebtoken.security.Keys
 import io.jsonwebtoken.security.SignatureException
@@ -34,7 +35,7 @@ class VaultConfig private constructor(builder: VaultConfigBuilder) {
 			.claim(JSON_KEY_VAULTFORMAT, vaultFormat) //
 			.claim(JSON_KEY_CIPHERCONFIG, cipherCombo.name) //
 			.claim(JSON_KEY_SHORTENING_THRESHOLD, shorteningThreshold) //
-			.signWith(Keys.hmacShaKeyFor(rawKey)) //
+			.signWith(Keys.hmacShaKeyFor(rawKey), SignatureAlgorithm.HS256) //
 			.compact()
 	}