search

patrickfav / armadillo

A shared preference implementation for confidential data in Android. Per default uses AES-GCM, BCrypt and HKDF as cryptographic primitives. Uses the concept of device fingerprinting combined with optional user provided passwords and strong password hashes.
https://favr.dev/opensource/armadillo
Apache License 2.0
281 stars 52 forks source link

Add encryption support for KitKat #31

Closed patrickfav closed 5 years ago

patrickfav commented 5 years ago

This PR implements AES/CBC + HMAC (Encrypt-then-MAC) encryption for Kitkat devices which do not support AES/GCM (see #6). It also adds migration support if the device gets updated to a newer version.

Intentionally the user must enable kitkat support manually.

patrickfav commented 5 years ago

@davidmigloz If you have time, please take a look at this PR

davidmigloz commented 5 years ago

I'll try to find some time tomorrow to review it. Thanks for the work!

patrickfav commented 5 years ago

Hey @davidmigloz I will release 0.6.0 this week; just want to check if you will get a chance to look at the PR :)

davidmigloz commented 5 years ago

Hi @patrickfav! Sorry for the delay, I started reviewing it last week but I run out of time. I'll try to review it between tonight and tomorrow.

davidmigloz commented 5 years ago

I've finished the review, it looks awesome. I really like the way you've implemented the multi-protocol decryption support. I haven't found anything and you've written quite a lot of tests. So I guess it's good to go! 😄

patrickfav commented 5 years ago

Great to hear. I had some offline reviews, so some of the issues maybe already fixed before you reviewed them :)