This PR replaces the cryptography class with googles official androidx.security library.
It also provides automated migration of the encrypted data to keep already existing connections and the pin working.
The PIN Hash is now also encrypted making it harder to extract and then crack with something like hashcat.
The old cryptography class does still exist, as it is needed for migrating previously encrypted data. It will be removed in a later release.
Motivation and Context
This shift makes the security part of Zap a lot easier to audit and will hopefully also make it easier for new developers to join the project.
The official library is also well maintained which ensures that Zap will receive critical security updates in the future.
How Has This Been Tested?
On my S9
Types of changes
[ ] Bug fix (non-breaking change which fixes an issue)
[ ] New feature (non-breaking change which adds functionality)
[ ] Breaking change (fix or feature that would cause existing functionality to change)
[x] Chore
Checklist:
[x] My code follows the code style of this project.
[ ] My change requires a change to the documentation.
Description
This PR replaces the cryptography class with googles official androidx.security library. It also provides automated migration of the encrypted data to keep already existing connections and the pin working. The PIN Hash is now also encrypted making it harder to extract and then crack with something like hashcat. The old cryptography class does still exist, as it is needed for migrating previously encrypted data. It will be removed in a later release.
Motivation and Context
This shift makes the security part of Zap a lot easier to audit and will hopefully also make it easier for new developers to join the project. The official library is also well maintained which ensures that Zap will receive critical security updates in the future.
How Has This Been Tested?
On my S9
Types of changes
Checklist: