search

mrpdaemon / encfs-java

encfs-java is a Java library for accessing data in EncFS volumes
GNU Lesser General Public License v3.0
42 stars 15 forks source link

library usage in Android environment #56

Closed adancu closed 9 years ago

adancu commented 10 years ago

I'm trying to use encfs-java in an Android project. However, I have encountered an issue: when building the volume, the code at line 158 in VolumeKey.java blocks forever(or takes forever to execute, I didn't stay more than few minutes in the debugger to see if it ever finishes):

SecretKey pbkdf2Key;
            try {
                pbkdf2Key = f.generateSecret(ks);
            } catch (InvalidKeySpecException e) {
                throw new EncFSInvalidConfigException(e);
            }

Is this a known issue on Android? I have noticed that you also have an Android project, but you are using some native libraries. Is for the same reason? The behaviour is the same on both emulator and real device(tablet).

My code for building the volume is:

private void initVolume(ConfigProvider configProvider) {
        File encryptedDir = new File(configProvider.getEncryptedDataDir());
        EncFSLocalFileProvider fileProvider = new EncFSLocalFileProvider(encryptedDir);

        try {
            volume = new EncFSVolumeBuilder()
                .withFileProvider(fileProvider)
                .withPassword(configProvider.getPassword())
                .buildVolume();
        } catch (Exception e) {
            log.debug("Exception occured", e);
            throw new StorageManagerException(e);
        }
    }
mrpdaemon commented 10 years ago

So unfortunately on some slower devices this takes a very long time indeed. As you've noticed, that's why I've started using native libraries for PBKDF2 on my Android app (and modified the library to allow plugging in native PBKDF2 providers).

One other thing though, the length of time the PBKDF2 takes directly depends on the "iterations" field provided in the .encfs6.xml. Some volumes (like the "paranoid" settings from upstream encfs) set a VERY large number of iterations resulting in bad performance on mobile devices. The encfs-java library sets 5000 as iterations to volumes it creates, which results in reasonable PBKDF2 times. You might want to check your test volume to see what "iterations" count it was created with.