New Features Request: Supports AES-192 encryption features

[wangbinhang]

For some historical reasons I need to take care of the AES-192 encryption method, I noticed that KEY_STRENGTH_192 has been defined in the AesKeyStrength enum class, but there is no compatibility treatment in AESEncrypter, can I know why? Also I have modified the AESEncrypter class myself, I have bolded the changed code, can you help me review if there are any other issues? Many thanks.

zip4j version：2.11.5

Source Code

/*

• Copyright 2010 Srikanth Reddy Lingala
• Licensed under the Apache License, Version 2.0 (the "License");
• you may not use this file except in compliance with the License.
• You may obtain a copy of the License at
• http://www.apache.org/licenses/LICENSE-2.0
• Unless required by applicable law or agreed to in writing,
• software distributed under the License is distributed on an "AS IS" BASIS,
• WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
• See the License for the specific language governing permissions and
• limitations under the License.
  */

package net.lingala.zip4j.crypto;

import net.lingala.zip4j.crypto.PBKDF2.MacBasedPRF;
import net.lingala.zip4j.crypto.engine.AESEngine;
import net.lingala.zip4j.exception.ZipException;
import net.lingala.zip4j.model.enums.AesKeyStrength;

import java.security.SecureRandom;

import static net.lingala.zip4j.crypto.AesCipherUtil.derivePasswordBasedKey;
import static net.lingala.zip4j.crypto.AesCipherUtil.derivePasswordVerifier;
import static net.lingala.zip4j.crypto.AesCipherUtil.getAESEngine;
import static net.lingala.zip4j.crypto.AesCipherUtil.getMacBasedPRF;
import static net.lingala.zip4j.crypto.AesCipherUtil.prepareBuffAESIVBytes;
import static net.lingala.zip4j.util.InternalZipConstants.AES_BLOCK_SIZE;

/**

• AES Encrypter supports AE-1 and AE-2 encryption using AES-CTR with either 128 or 256 Key Strength
  */
  public class AESEncrypter implements Encrypter {

private AESEngine aesEngine;
private MacBasedPRF mac;
private final SecureRandom random = new SecureRandom();

private boolean finished;

private int nonce = 1;
private int loopCount = 0;

private final byte[] iv;
private final byte[] counterBlock;
private byte[] derivedPasswordVerifier;
private byte[] saltBytes;

public AESEncrypter(char[] password, AesKeyStrength aesKeyStrength, boolean useUtf8ForPassword) throws ZipException {
if (password == null || password.length == 0) {
throw new ZipException("input password is empty or null");
}
if (aesKeyStrength != AesKeyStrength.KEY_STRENGTH_128 &&
aesKeyStrength != AesKeyStrength.KEY_STRENGTH_192 &&
aesKeyStrength != AesKeyStrength.KEY_STRENGTH_256) {
throw new ZipException("Invalid AES key strength");
}

this.finished = false;
counterBlock = new byte[AES_BLOCK_SIZE];
iv = new byte[AES_BLOCK_SIZE];
init(password, aesKeyStrength, useUtf8ForPassword);

}

private void init(char[] password, AesKeyStrength aesKeyStrength, boolean useUtf8ForPassword) throws ZipException {
saltBytes = generateSalt(aesKeyStrength.getSaltLength());
byte[] derivedKey = derivePasswordBasedKey(saltBytes, password, aesKeyStrength, useUtf8ForPassword);
derivedPasswordVerifier = derivePasswordVerifier(derivedKey, aesKeyStrength);
aesEngine = getAESEngine(derivedKey, aesKeyStrength);
mac = getMacBasedPRF(derivedKey, aesKeyStrength);
}

public int encryptData(byte[] buff) throws ZipException {
if (buff == null) {
throw new ZipException("input bytes are null, cannot perform AES encryption");
}
return encryptData(buff, 0, buff.length);
}

public int encryptData(byte[] buff, int start, int len) throws ZipException {

if (finished) {
  // A non 16 byte block has already been passed to encrypter
  // non 16 byte block should be the last block of compressed data in AES encryption
  // any more encryption will lead to corruption of data
  throw new ZipException("AES Encrypter is in finished state (A non 16 byte block has already been passed to encrypter)");
}

if (len % 16 != 0) {
  this.finished = true;
}

for (int j = start; j < (start + len); j += AES_BLOCK_SIZE) {
  loopCount = (j + AES_BLOCK_SIZE <= (start + len)) ?
      AES_BLOCK_SIZE : ((start + len) - j);

  prepareBuffAESIVBytes(iv, nonce);
  aesEngine.processBlock(iv, counterBlock);

  for (int k = 0; k < loopCount; k++) {
    buff[j + k] = (byte) (buff[j + k] ^ counterBlock[k]);
  }

  mac.update(buff, j, loopCount);
  nonce++;
}

return len;

}

private byte[] generateSalt(int size) throws ZipException {

if (size != 8 && size != 12 && size != 16) {
  throw new ZipException("invalid salt size, cannot generate salt");
}

int rounds;

if (size == 8) {
  rounds = 2;
} **else if (size == 12) {
  rounds = 3;
}** else {
  rounds = 4;
}

byte[] salt = new byte[size];
for (int j = 0; j < rounds; j++) {
  int i = random.nextInt();
  salt[j * 4] = (byte) (i >> 24);
  salt[1 + j * 4] = (byte) (i >> 16);
  salt[2 + j * 4] = (byte) (i >> 8);
  salt[3 + j * 4] = (byte) i;
}
return salt;

}

public byte[] getFinalMac() {
byte[] rawMacBytes = mac.doFinal();
byte[] macBytes = new byte[10];
System.arraycopy(rawMacBytes, 0, macBytes, 0, 10);
return macBytes;
}

public byte[] getDerivedPasswordVerifier() {
return derivedPasswordVerifier;
}

public byte[] getSaltBytes() {
return saltBytes;
}
}