Switch to byte array for directory ids to avoid lossy data conversion.

Author: ylangisc

core/src/main/java/ch/cyberduck/core/PathAttributes.java

@@ -158,7 +158,7 @@ public class PathAttributes extends Attributes implements Serializable {
     /**
      * Unique identifier for cryptomator
      */
-    private String directoryId;
+    private byte[] directoryId;
 
     private Map<String, String> custom = Collections.emptyMap();
 
@@ -526,11 +526,11 @@ public PathAttributes withLockId(final String lockId) {
         return this;
     }
 
-    public String getDirectoryId() {
+    public byte[] getDirectoryId() {
         return directoryId;
     }
 
-    public void setDirectoryId(final String directoryId) {
+    public void setDirectoryId(final byte[] directoryId) {
         this.directoryId = directoryId;
     }
 

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/AbstractVault.java

@@ -36,7 +36,6 @@
 import org.cryptomator.cryptolib.api.FileContentCryptor;
 import org.cryptomator.cryptolib.api.FileHeaderCryptor;
 
-import java.nio.charset.StandardCharsets;
 import java.util.EnumSet;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -134,7 +133,7 @@ public Path encrypt(Session<?> session, Path file, boolean metadata) throws Back
         return this.encrypt(session, file, file.attributes().getDirectoryId(), metadata);
     }
 
-    public Path encrypt(Session<?> session, Path file, String directoryId, boolean metadata) throws BackgroundException {
+    public Path encrypt(Session<?> session, Path file, byte[] directoryId, boolean metadata) throws BackgroundException {
         final Path encrypted;
         if(file.isFile() || metadata) {
             if(file.getType().contains(Path.Type.vault)) {
@@ -212,7 +211,7 @@ public Path decrypt(final Session<?> session, final Path file) throws Background
             try {
                 final String cleartextFilename = this.getFileNameCryptor().decryptFilename(
                         this.getVersion() == VAULT_VERSION_DEPRECATED ? BaseEncoding.base32() : BaseEncoding.base64Url(),
-                        ciphertext, file.getParent().attributes().getDirectoryId().getBytes(StandardCharsets.UTF_8));
+                        ciphertext, file.getParent().attributes().getDirectoryId());
                 final PathAttributes attributes = new PathAttributes(file.attributes());
                 if(this.isDirectory(inflated)) {
                     if(Permission.EMPTY != attributes.getPermission()) {

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/ContentReader.java

@@ -21,10 +21,12 @@
 import ch.cyberduck.core.Session;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.features.Read;
+import ch.cyberduck.core.io.StreamCopier;
 import ch.cyberduck.core.transfer.TransferStatus;
 
 import org.apache.commons.io.IOUtils;
 
+import java.io.ByteArrayOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.io.InputStreamReader;
@@ -49,6 +51,19 @@ public String read(final Path file) throws BackgroundException {
         }
     }
 
+    public byte[] readBytes(final Path file) throws BackgroundException {
+        final Read read = session._getFeature(Read.class);
+        final TransferStatus status = new TransferStatus().withLength(file.attributes().getSize());
+        try (final InputStream in = read.read(file, status, new DisabledConnectionCallback())) {
+            final ByteArrayOutputStream out = new ByteArrayOutputStream();
+            new StreamCopier(status, status).transfer(in, out);
+            return out.toByteArray();
+        }
+        catch(IOException e) {
+            throw new DefaultIOExceptionMappingService().map(e);
+        }
+    }
+
     public Reader getReader(final Path file) throws BackgroundException {
         final Read read = session._getFeature(Read.class);
         return new InputStreamReader(read.read(file, new TransferStatus().withLength(file.attributes().getSize()), new DisabledConnectionCallback()), StandardCharsets.UTF_8);

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/CryptoDirectory.java

@@ -32,7 +32,7 @@ public interface CryptoDirectory {
      * @param type        File type
      * @return Encrypted filename
      */
-    String toEncrypted(Session<?> session, String directoryId, String filename, EnumSet<Path.Type> type) throws BackgroundException;
+    String toEncrypted(Session<?> session, byte[] directoryId, String filename, EnumSet<Path.Type> type) throws BackgroundException;
 
     /**
      * Get encrypted reference for clear text directory path.
@@ -41,7 +41,7 @@ public interface CryptoDirectory {
      * @param directoryId Directory ID or null to read directory id from metadata file
      * @param directory   Clear text
      */
-    Path toEncrypted(Session<?> session, String directoryId, Path directory) throws BackgroundException;
+    Path toEncrypted(Session<?> session, byte[] directoryId, Path directory) throws BackgroundException;
 
     /**
      * Remove from cache

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/CryptorCache.java

@@ -20,6 +20,7 @@
 import org.cryptomator.cryptolib.api.AuthenticationFailedException;
 import org.cryptomator.cryptolib.api.FileNameCryptor;
 
+import java.nio.ByteBuffer;
 import java.util.Arrays;
 import java.util.Objects;
 
@@ -29,7 +30,7 @@ public class CryptorCache {
 
     public static final BaseEncoding BASE32 = BaseEncoding.base32();
 
-    private final LRUCache<String, String> directoryIdCache = LRUCache.build(250);
+    private final LRUCache<ByteBuffer, String> directoryIdCache = LRUCache.build(250);
     private final LRUCache<CacheKey, String> decryptCache = LRUCache.build(5000);
     private final LRUCache<CacheKey, String> encryptCache = LRUCache.build(5000);
 
@@ -39,11 +40,12 @@ public CryptorCache(final FileNameCryptor impl) {
         this.impl = impl;
     }
 
-    public String hashDirectoryId(final String cleartextDirectoryId) {
-        if(!directoryIdCache.contains(cleartextDirectoryId)) {
-            directoryIdCache.put(cleartextDirectoryId, impl.hashDirectoryId(cleartextDirectoryId));
+    public String hashDirectoryId(final byte[] cleartextDirectoryId) {
+        final ByteBuffer wrap = ByteBuffer.wrap(cleartextDirectoryId);
+        if(!directoryIdCache.contains(wrap)) {
+            directoryIdCache.put(wrap, impl.hashDirectoryId(cleartextDirectoryId));
         }
-        return directoryIdCache.get(cleartextDirectoryId);
+        return directoryIdCache.get(wrap);
     }
 
     public String encryptFilename(final BaseEncoding encoding, final String cleartextName, final byte[] associatedData) {

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/features/CryptoBulkFeature.java

@@ -34,6 +34,7 @@
 
 import org.cryptomator.cryptolib.api.FileHeader;
 
+import java.nio.charset.StandardCharsets;
 import java.util.ArrayList;
 import java.util.Comparator;
 import java.util.HashMap;
@@ -84,7 +85,7 @@ public int compare(final Map.Entry<TransferItem, TransferStatus> o1, final Map.E
                     switch(type) {
                         case upload:
                             // Preset directory ID for new folders to avert lookup with not found failure in directory ID provider
-                            final String directoryId = random.random();
+                            final byte[] directoryId = random.random().getBytes(StandardCharsets.US_ASCII);
                             encrypted.put(new TransferItem(cryptomator.encrypt(session, file, directoryId, false), local), status);
                             break;
                         default:

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/features/CryptoDirectoryV6Feature.java

@@ -53,12 +53,12 @@ public CryptoDirectoryV6Feature(final Session<?> session, final Directory<Reply>
 
     @Override
     public Path mkdir(final Path folder, final TransferStatus status) throws BackgroundException {
-        final Path encrypt = vault.encrypt(session, folder, random.random(), false);
-        final String directoryId = encrypt.attributes().getDirectoryId();
+        final Path encrypt = vault.encrypt(session, folder, random.random().getBytes(StandardCharsets.US_ASCII), false);
+        final byte[] directoryId = encrypt.attributes().getDirectoryId();
         // Create metadata file for directory
         final Path directoryMetadataFile = vault.encrypt(session, folder, true);
         log.debug("Write metadata {} for folder {}", directoryMetadataFile, folder);
-        new ContentWriter(session).write(directoryMetadataFile, directoryId.getBytes(StandardCharsets.UTF_8));
+        new ContentWriter(session).write(directoryMetadataFile, directoryId);
         final Path intermediate = encrypt.getParent();
         if(!session._getFeature(Find.class).find(intermediate)) {
             session._getFeature(Directory.class).mkdir(intermediate, new TransferStatus().withRegion(status.getRegion()));

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/features/CryptoDirectoryV7Feature.java

@@ -55,16 +55,16 @@ public CryptoDirectoryV7Feature(final Session<?> session, final Directory<Reply>
 
     @Override
     public Path mkdir(final Path folder, final TransferStatus status) throws BackgroundException {
-        final Path encrypt = vault.encrypt(session, folder, random.random(), false);
-        final String directoryId = encrypt.attributes().getDirectoryId();
+        final Path encrypt = vault.encrypt(session, folder, random.random().getBytes(StandardCharsets.US_ASCII), false);
+        final byte[] directoryId = encrypt.attributes().getDirectoryId();
         // Create metadata file for directory
         final Path directoryMetadataFolder = session._getFeature(Directory.class).mkdir(vault.encrypt(session, folder, true),
                 new TransferStatus().withRegion(status.getRegion()));
         final Path directoryMetadataFile = new Path(directoryMetadataFolder,
                 CryptoDirectoryV7Provider.DIRECTORY_METADATAFILE,
                 EnumSet.of(Path.Type.file));
         log.debug("Write metadata {} for folder {}", directoryMetadataFile, folder);
-        new ContentWriter(session).write(directoryMetadataFile, directoryId.getBytes(StandardCharsets.UTF_8));
+        new ContentWriter(session).write(directoryMetadataFile, directoryId);
         final Path intermediate = encrypt.getParent();
         if(!session._getFeature(Find.class).find(intermediate)) {
             session._getFeature(Directory.class).mkdir(intermediate, new TransferStatus().withRegion(status.getRegion()));

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/impl/CryptoDirectoryV6Provider.java

@@ -32,11 +32,12 @@
 import ch.cyberduck.core.exception.NotfoundException;
 import ch.cyberduck.core.preferences.PreferencesFactory;
 
-import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.ArrayUtils;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
 import java.nio.charset.StandardCharsets;
+import java.util.Arrays;
 import java.util.EnumSet;
 import java.util.concurrent.locks.Lock;
 import java.util.concurrent.locks.ReentrantLock;
@@ -45,7 +46,7 @@ public class CryptoDirectoryV6Provider implements CryptoDirectory {
     private static final Logger log = LogManager.getLogger(CryptoDirectoryV6Provider.class);
 
     private static final String DATA_DIR_NAME = "d";
-    private static final String ROOT_DIR_ID = StringUtils.EMPTY;
+    private static final byte[] ROOT_DIR_ID = new byte[0];
 
     private final Path dataRoot;
     private final Path home;
@@ -57,7 +58,7 @@ public class CryptoDirectoryV6Provider implements CryptoDirectory {
 
     private final Lock lock = new ReentrantLock();
 
-    private final LRUCache<CacheReference<Path>, String> cache = LRUCache.build(
+    private final LRUCache<CacheReference<Path>, byte[]> cache = LRUCache.build(
             PreferencesFactory.get().getInteger("cryptomator.cache.size"));
 
     public CryptoDirectoryV6Provider(final Path vault, final CryptoFilename filenameProvider, final CryptorCache filenameCryptor) {
@@ -68,15 +69,15 @@ public CryptoDirectoryV6Provider(final Path vault, final CryptoFilename filename
     }
 
     @Override
-    public String toEncrypted(final Session<?> session, final String directoryId, final String filename, final EnumSet<Path.Type> type) throws BackgroundException {
+    public String toEncrypted(final Session<?> session, final byte[] directoryId, final String filename, final EnumSet<Path.Type> type) throws BackgroundException {
         final String prefix = type.contains(Path.Type.directory) ? CryptoVault.DIR_PREFIX : "";
-        final String ciphertextName = prefix + filenameCryptor.encryptFilename(CryptorCache.BASE32, filename, directoryId.getBytes(StandardCharsets.UTF_8));
+        final String ciphertextName = prefix + filenameCryptor.encryptFilename(CryptorCache.BASE32, filename, directoryId);
         log.debug("Encrypted filename {} to {}", filename, ciphertextName);
         return filenameProvider.deflate(session, ciphertextName);
     }
 
     @Override
-    public Path toEncrypted(final Session<?> session, final String directoryId, final Path directory) throws BackgroundException {
+    public Path toEncrypted(final Session<?> session, final byte[] directoryId, final Path directory) throws BackgroundException {
         if(!directory.isDirectory()) {
             throw new NotfoundException(directory.getAbsolute());
         }
@@ -86,7 +87,7 @@ public Path toEncrypted(final Session<?> session, final String directoryId, fina
             attributes.withVersionId(null);
             attributes.withFileId(null);
             // Remember random directory id for use in vault
-            final String id = this.toDirectoryId(session, directory, directoryId);
+            final byte[] id = this.toDirectoryId(session, directory, directoryId);
             log.debug("Use directory ID '{}' for folder {}", id, directory);
             attributes.setDirectoryId(id);
             attributes.setDecrypted(directory);
@@ -102,18 +103,18 @@ public Path toEncrypted(final Session<?> session, final String directoryId, fina
         throw new NotfoundException(directory.getAbsolute());
     }
 
-    private String toDirectoryId(final Session<?> session, final Path directory, final String directoryId) throws BackgroundException {
+    private byte[] toDirectoryId(final Session<?> session, final Path directory, final byte[] directoryId) throws BackgroundException {
         if(new SimplePathPredicate(home).test(directory)) {
             return ROOT_DIR_ID;
         }
-        if(StringUtils.isBlank(directoryId)) {
+        if(ArrayUtils.isEmpty(directoryId)) {
             if(cache.contains(new SimplePathPredicate(directory))) {
                 return cache.get(new SimplePathPredicate(directory));
             }
             try {
                 log.debug("Acquire lock for {}", directory);
                 lock.lock();
-                final String id = this.load(session, directory);
+                final byte[] id = this.load(session, directory);
                 cache.put(new SimplePathPredicate(directory), id);
                 return id;
             }
@@ -125,27 +126,27 @@ private String toDirectoryId(final Session<?> session, final Path directory, fin
             cache.put(new SimplePathPredicate(directory), directoryId);
         }
         else {
-            final String existing = cache.get(new SimplePathPredicate(directory));
-            if(!existing.equals(directoryId)) {
+            final byte[] existing = cache.get(new SimplePathPredicate(directory));
+            if(!Arrays.equals(existing, directoryId)) {
                 log.warn("Do not override already cached id {} with {}", existing, directoryId);
             }
         }
         return cache.get(new SimplePathPredicate(directory));
     }
 
-    protected String load(final Session<?> session, final Path directory) throws BackgroundException {
+    protected byte[] load(final Session<?> session, final Path directory) throws BackgroundException {
         final Path parent = this.toEncrypted(session, directory.getParent().attributes().getDirectoryId(), directory.getParent());
         final String cleartextName = directory.getName();
         final String ciphertextName = this.toEncrypted(session, parent.attributes().getDirectoryId(), cleartextName, EnumSet.of(Path.Type.directory));
         // Read directory id from file
         try {
             log.debug("Read directory ID for folder {} from {}", directory, ciphertextName);
             final Path metadataFile = new Path(parent, ciphertextName, EnumSet.of(Path.Type.file, Path.Type.encrypted));
-            return new ContentReader(session).read(metadataFile);
+            return new ContentReader(session).readBytes(metadataFile);
         }
         catch(NotfoundException e) {
             log.warn("Missing directory ID for folder {}", directory);
-            return random.random();
+            return random.random().getBytes(StandardCharsets.US_ASCII);
         }
     }
 

cryptomator/src/main/java/ch/cyberduck/core/cryptomator/impl/CryptoDirectoryV7Provider.java

@@ -55,14 +55,13 @@ public CryptoDirectoryV7Provider(final Path vault, final CryptoFilename filename
     }
 
     @Override
-    public String toEncrypted(final Session<?> session, final String directoryId, final String filename, final EnumSet<Path.Type> type) throws BackgroundException {
-        final String ciphertextName = filenameCryptor.encryptFilename(BaseEncoding.base64Url(),
-                filename, directoryId.getBytes(StandardCharsets.UTF_8)) + EXTENSION_REGULAR;
+    public String toEncrypted(final Session<?> session, final byte[] directoryId, final String filename, final EnumSet<Path.Type> type) throws BackgroundException {
+        final String ciphertextName = filenameCryptor.encryptFilename(BaseEncoding.base64Url(), filename, directoryId) + EXTENSION_REGULAR;
         log.debug("Encrypted filename {} to {}", filename, ciphertextName);
         return filenameProvider.deflate(session, ciphertextName);
     }
 
-    protected String load(final Session<?> session, final Path directory) throws BackgroundException {
+    protected byte[] load(final Session<?> session, final Path directory) throws BackgroundException {
         final Path parent = this.toEncrypted(session, directory.getParent().attributes().getDirectoryId(), directory.getParent());
         final String cleartextName = directory.getName();
         final String ciphertextName = this.toEncrypted(session, parent.attributes().getDirectoryId(), cleartextName, EnumSet.of(Path.Type.directory));
@@ -71,11 +70,11 @@ protected String load(final Session<?> session, final Path directory) throws Bac
         try {
             log.debug("Read directory ID for folder {} from {}", directory, ciphertextName);
             final Path metadataFile = new Path(metadataParent, CryptoDirectoryV7Provider.DIRECTORY_METADATAFILE, EnumSet.of(Path.Type.file, Path.Type.encrypted));
-            return new ContentReader(session).read(metadataFile);
+            return new ContentReader(session).readBytes(metadataFile);
         }
         catch(NotfoundException e) {
             log.warn("Missing directory ID for folder {}", directory);
-            return random.random();
+            return random.random().getBytes(StandardCharsets.US_ASCII);
         }
     }
 }