GoogleCodeExporter
commented
9 years ago Original comment by roge...@google.com on 27 May 2011 at 2:50
- Changed state: Accepted
- Added labels: Priority-Critical
- Removed labels: Priority-Medium
Closed GoogleCodeExporter closed 9 years ago
GoogleCodeExporter
commented
9 years ago Original comment by roge...@google.com on 27 May 2011 at 2:50
GoogleCodeExporter
commented
9 years ago After close investigation of the code and testing, this is a bug in the code,
however it luckily has no ill effect.
The key length argument of the PBEKeySpec constructor is supposed to be
specified in bits, as the OP says, whereas it is currently specified in bytes.
However, the documentation for PBEKeySpec,
"http://download.oracle.com/javase/7/docs/api/javax/crypto/spec/PBEKeySpec.html#
getKeyLength()" , says the following about the key length property:
Note: this is used to indicate the preference on key length for
variable-key-size ciphers. The actual key size depends on each
provider's implementation.
Because the algorithm used to create the ciphers in Secrets
("PBEWITHSHA-256AND256BITAES-CBC-BC") does not result in variable-key-size
ciphers, this argument is in fact ignored.
The ciphers created do use 256-bit keys. I confirmed that secrets encrypted
with version 1.9.8 (current version as of this writing) can be loaded when the
key length argument is set to 256 or left out completely. Also, I was able to
verify that the keySize field of the key variable is 256.
The best fix would be to remove the key length argument completely, since the
ciphers used are not variable-key-size ciphers. However, since I am already at
work to change the KDF to use bcrypt (see bcrypt branch at
http://code.google.com/p/secrets-for-android/source/browse/#svn%2Fbranches%2Fbcr
ypt) there is no reason to change the existing code.
Original comment by roge...@google.com on 28 May 2011 at 3:23
Original issue reported on code.google.com by
RJKova...@gmail.comon 26 May 2011 at 2:18