add v3 impl compatible to UVF draft

pom.xml

@@ -18,15 +18,15 @@
 		<maven.compiler.release>8</maven.compiler.release>
 
 		<!-- dependencies -->
-		<gson.version>2.12.1</gson.version>
-		<guava.version>33.4.0-jre</guava.version>
+		<gson.version>2.11.0</gson.version>
+		<guava.version>33.3.0-jre</guava.version>
 		<siv-mode.version>1.6.1</siv-mode.version>
-		<bouncycastle.version>1.80</bouncycastle.version>
-		<slf4j.version>2.0.17</slf4j.version>
+		<bouncycastle.version>1.78.1</bouncycastle.version>
+		<slf4j.version>2.0.16</slf4j.version>
 
 		<!-- test dependencies -->
-		<junit.jupiter.version>5.12.0</junit.jupiter.version>
-		<mockito.version>5.15.2</mockito.version>
+		<junit.jupiter.version>5.11.0</junit.jupiter.version>
+		<mockito.version>5.13.0</mockito.version>
 		<hamcrest.version>3.0</hamcrest.version>
 		<jmh.version>1.37</jmh.version>
 
@@ -151,7 +151,7 @@
 			</plugin>
 			<plugin>
 				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.14.0</version>
+				<version>3.13.0</version>
 				<configuration>
 					<encoding>UTF-8</encoding>
 					<showWarnings>true</showWarnings>
@@ -397,7 +397,10 @@
 									<goal>sign</goal>
 								</goals>
 								<configuration>
-									<signer>bc</signer>
+									<gpgArguments>
+										<arg>--pinentry-mode</arg>
+										<arg>loopback</arg>
+									</gpgArguments>
 								</configuration>
 							</execution>
 						</executions>
@@ -408,16 +411,24 @@
 
 		<profile>
 			<id>deploy-central</id>
+			<distributionManagement>
+				<repository>
+					<id>ossrh</id>
+					<name>Maven Central</name>
+					<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+				</repository>
+			</distributionManagement>
 			<build>
 				<plugins>
 					<plugin>
-						<groupId>org.sonatype.central</groupId>
- 						<artifactId>central-publishing-maven-plugin</artifactId>
- 						<version>${central-publishing.version}</version>
+						<groupId>org.sonatype.plugins</groupId>
+						<artifactId>nexus-staging-maven-plugin</artifactId>
+						<version>${nexus-staging.version}</version>
 						<extensions>true</extensions>
 						<configuration>
-							<publishingServerId>central</publishingServerId>
-  							<autoPublish>true</autoPublish>
+							<serverId>ossrh</serverId>
+							<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
+							<autoReleaseAfterClose>true</autoReleaseAfterClose>
 						</configuration>
 					</plugin>
 				</plugins>

src/main/java/org/cryptomator/cryptolib/api/Cryptor.java

@@ -1,23 +1,50 @@
-/*******************************************************************************
- * Copyright (c) 2016 Sebastian Stenzel and others.
- * All rights reserved. This program and the accompanying materials
- * are made available under the terms of the accompanying LICENSE.txt.
- *
- * Contributors:
- *     Sebastian Stenzel - initial API and implementation
- *******************************************************************************/
 package org.cryptomator.cryptolib.api;
 
 import javax.security.auth.Destroyable;
 
 public interface Cryptor extends Destroyable, AutoCloseable {
 
+	/**
+	 * Encryption and decryption of file content.
+	 * @return utility for encrypting and decrypting file content
+	 */
 	FileContentCryptor fileContentCryptor();
 
+	/**
+	 * Encryption and decryption of file headers.
+	 * @return utility for encrypting and decrypting file headers
+	 */
 	FileHeaderCryptor fileHeaderCryptor();
 
+	/**
+	 * Encryption and decryption of file headers.
+	 * @param revision The revision of the seed to {@link RevolvingMasterkey#subKey(int, int, byte[], String) derive subkeys}.
+	 * @return utility for encrypting and decrypting file headers
+	 * @apiNote Only relevant for Universal Vault Format, for Cryptomator Vault Format see {@link #fileHeaderCryptor()}
+	 */
+	FileHeaderCryptor fileHeaderCryptor(int revision);
+
+	/**
+	 * Encryption and decryption of file names in Cryptomator Vault Format.
+	 * @return utility for encrypting and decrypting file names
+	 * @apiNote Only relevant for Cryptomator Vault Format, for Universal Vault Format see {@link #fileNameCryptor(int)}
+	 */
 	FileNameCryptor fileNameCryptor();
 
+	/**
+	 * Encryption and decryption of file names in Universal Vault Format.
+	 * @param revision The revision of the seed to {@link RevolvingMasterkey#subKey(int, int, byte[], String) derive subkeys}.
+	 * @return utility for encrypting and decrypting file names
+	 * @apiNote Only relevant for Universal Vault Format, for Cryptomator Vault Format see {@link #fileNameCryptor()}
+	 */
+	FileNameCryptor fileNameCryptor(int revision);
+
+	/**
+	 * High-Level API for file name encryption and decryption
+	 * @return utility for encryption and decryption of file names in the context of a directory
+	 */
+	DirectoryContentCryptor directoryContentCryptor();
+
 	@Override
 	void destroy();
 

src/main/java/org/cryptomator/cryptolib/api/CryptorProvider.java

@@ -27,7 +27,15 @@ enum Scheme {
 		 * AES-SIV for file name encryption
 		 * AES-GCM for content encryption
 		 */
-		SIV_GCM
+		SIV_GCM,
+
+		/**
+		 * Experimental implementation of UVF draft
+		 * @deprecated may be removed any time
+		 * @see <a href="https://github.com/encryption-alliance/unified-vault-format">UVF</a>
+		 */
+		@Deprecated
+		UVF_DRAFT,
 	}
 
 	/**

src/main/java/org/cryptomator/cryptolib/api/DirectoryContentCryptor.java

@@ -0,0 +1,62 @@
+package org.cryptomator.cryptolib.api;
+
+public interface DirectoryContentCryptor {
+
+	DirectoryMetadata rootDirectoryMetadata();
+
+	DirectoryMetadata newDirectoryMetadata();
+
+	/**
+	 * Decrypts the given directory metadata.
+	 *
+	 * @param ciphertext The encrypted directory metadata to decrypt.
+	 * @return The decrypted directory metadata.
+	 * @throws AuthenticationFailedException If the ciphertext is unauthentic.
+	 */
+	DirectoryMetadata decryptDirectoryMetadata(byte[] ciphertext) throws AuthenticationFailedException;
+
+	/**
+	 * Encrypts the given directory metadata.
+	 *
+	 * @param directoryMetadata The directory metadata to encrypt.
+	 * @return The encrypted directory metadata.
+	 */
+	byte[] encryptDirectoryMetadata(DirectoryMetadata directoryMetadata);
+
+	/**
+	 * Computes the directory path for the given directory metadata.
+	 * @param directoryMetadata The directory metadata.
+	 * @return A path relative to the vault's root (i.e. starting with `d/`).
+	 * @apiNote The path contains "/" as separator and does neither start nor end with a "/".
+	 */
+	String dirPath(DirectoryMetadata directoryMetadata);
+
+	Decrypting fileNameDecryptor(DirectoryMetadata directoryMetadata);
+
+	Encrypting fileNameEncryptor(DirectoryMetadata directoryMetadata);
+
+	@FunctionalInterface
+	interface Decrypting {
+		/**
+		 * Decrypts a single filename
+		 *
+		 * @param ciphertext the full filename to decrypt, including the file extension
+		 * @return Plaintext
+		 * @throws AuthenticationFailedException If the ciphertext is unauthentic.
+		 * @throws IllegalArgumentException      If the filename does not meet the expected format.
+		 */
+		String decrypt(String ciphertext) throws AuthenticationFailedException, IllegalArgumentException;
+	}
+
+	@FunctionalInterface
+	interface Encrypting {
+		/**
+		 * Encrypts a single filename
+		 *
+		 * @param plaintext the full filename to encrypt, including the file extension
+		 * @return Ciphertext
+		 */
+		String encrypt(String plaintext);
+	}
+
+}

src/main/java/org/cryptomator/cryptolib/api/DirectoryMetadata.java

@@ -0,0 +1,4 @@
+package org.cryptomator.cryptolib.api;
+
+public interface DirectoryMetadata {
+}

src/main/java/org/cryptomator/cryptolib/api/FileNameCryptor.java

@@ -10,6 +10,8 @@
 
 import com.google.common.io.BaseEncoding;
 
+import java.nio.charset.StandardCharsets;
+
 /**
  * Provides deterministic encryption capabilities as filenames must not change on subsequent encryption attempts,
  * otherwise each change results in major directory structure changes which would be a terrible idea for cloud storage encryption.
@@ -18,11 +20,23 @@
  */
 public interface FileNameCryptor {
 
+	/**
+	 * @param cleartextDirectoryIdStr a UTF-8-encoded arbitrary directory id to be passed to one-way hash function
+	 * @return constant length string, that is unlikely to collide with any other name.
+	 * @apiNote Only relevant for Cryptomator Vault Format, not for Universal Vault Format
+	 * @deprecated Use {@link #hashDirectoryId(byte[])} instead
+	 */
+	@Deprecated
+	default String hashDirectoryId(String cleartextDirectoryIdStr) {
+		return hashDirectoryId(cleartextDirectoryIdStr.getBytes(StandardCharsets.UTF_8));
+	}
+
 	/**
 	 * @param cleartextDirectoryId an arbitrary directory id to be passed to one-way hash function
 	 * @return constant length string, that is unlikely to collide with any other name.
+	 * @apiNote Only relevant for Cryptomator Vault Format, not for Universal Vault Format
 	 */
-	String hashDirectoryId(String cleartextDirectoryId);
+	String hashDirectoryId(byte[] cleartextDirectoryId);
 
 	/**
 	 * @param encoding Encoding to use to encode the returned ciphertext

src/main/java/org/cryptomator/cryptolib/api/Masterkey.java

@@ -3,69 +3,50 @@
 import com.google.common.base.Preconditions;
 import org.cryptomator.cryptolib.common.DestroyableSecretKey;
 
+import javax.security.auth.Destroyable;
 import java.security.SecureRandom;
 import java.util.Arrays;
 
-public class Masterkey extends DestroyableSecretKey {
+public interface Masterkey extends Destroyable, AutoCloseable {
 
-	private static final String KEY_ALGORITHM = "MASTERKEY";
-	public static final String ENC_ALG = "AES";
-	public static final String MAC_ALG = "HmacSHA256";
-	public static final int SUBKEY_LEN_BYTES = 32;
-
-	public Masterkey(byte[] key) {
-		super(checkKeyLength(key), KEY_ALGORITHM);
-	}
-
-	private static byte[] checkKeyLength(byte[] key) {
-		Preconditions.checkArgument(key.length == SUBKEY_LEN_BYTES + SUBKEY_LEN_BYTES, "Invalid raw key length %s", key.length);
-		return key;
-	}
-
-	public static Masterkey generate(SecureRandom csprng) {
-		byte[] key = new byte[SUBKEY_LEN_BYTES + SUBKEY_LEN_BYTES];
+	static PerpetualMasterkey generate(SecureRandom csprng) {
+		byte[] key = new byte[PerpetualMasterkey.SUBKEY_LEN_BYTES + PerpetualMasterkey.SUBKEY_LEN_BYTES];
 		try {
 			csprng.nextBytes(key);
-			return new Masterkey(key);
+			return new PerpetualMasterkey(key);
 		} finally {
 			Arrays.fill(key, (byte) 0x00);
 		}
 	}
 
-	public static Masterkey from(DestroyableSecretKey encKey, DestroyableSecretKey macKey) {
-		Preconditions.checkArgument(encKey.getEncoded().length == SUBKEY_LEN_BYTES, "Invalid key length of encKey");
-		Preconditions.checkArgument(macKey.getEncoded().length == SUBKEY_LEN_BYTES, "Invalid key length of macKey");
-		byte[] key = new byte[SUBKEY_LEN_BYTES + SUBKEY_LEN_BYTES];
+	static PerpetualMasterkey from(DestroyableSecretKey encKey, DestroyableSecretKey macKey) {
+		Preconditions.checkArgument(encKey.getEncoded().length == PerpetualMasterkey.SUBKEY_LEN_BYTES, "Invalid key length of encKey");
+		Preconditions.checkArgument(macKey.getEncoded().length == PerpetualMasterkey.SUBKEY_LEN_BYTES, "Invalid key length of macKey");
+		byte[] key = new byte[PerpetualMasterkey.SUBKEY_LEN_BYTES + PerpetualMasterkey.SUBKEY_LEN_BYTES];
 		try {
-			System.arraycopy(encKey.getEncoded(), 0, key, 0, SUBKEY_LEN_BYTES);
-			System.arraycopy(macKey.getEncoded(), 0, key, SUBKEY_LEN_BYTES, SUBKEY_LEN_BYTES);
-			return new Masterkey(key);
+			System.arraycopy(encKey.getEncoded(), 0, key, 0, PerpetualMasterkey.SUBKEY_LEN_BYTES);
+			System.arraycopy(macKey.getEncoded(), 0, key, PerpetualMasterkey.SUBKEY_LEN_BYTES, PerpetualMasterkey.SUBKEY_LEN_BYTES);
+			return new PerpetualMasterkey(key);
 		} finally {
 			Arrays.fill(key, (byte) 0x00);
 		}
 	}
 
-	@Override
-	public Masterkey copy() {
-		return new Masterkey(getEncoded());
-	}
-
 	/**
-	 * Get the encryption subkey.
-	 *
-	 * @return A new copy of the subkey used for encryption
+	 * Returns the immutable directory ID of the root directory. This ID is unique for each vault and deterministically depends on the masterkey.
+	 * @return a unique but deterministic byte sequence
 	 */
-	public DestroyableSecretKey getEncKey() {
-		return new DestroyableSecretKey(getEncoded(), 0, SUBKEY_LEN_BYTES, ENC_ALG);
-	}
+	byte[] rootDirId();
+
+	@Override
+	void destroy();
 
 	/**
-	 * Get the MAC subkey.
-	 *
-	 * @return A new copy of the subkey used for message authentication
+	 * Same as {@link #destroy()}
 	 */
-	public DestroyableSecretKey getMacKey() {
-		return new DestroyableSecretKey(getEncoded(), SUBKEY_LEN_BYTES, SUBKEY_LEN_BYTES, MAC_ALG);
+	@Override
+	default void close() {
+		destroy();
 	}
 
 }