<div dir="ltr"><div>> <span style="font-size:13px;font-family:arial,sans-serif">Sorry not password but key.</span><br></div><div><span style="font-size:13px;font-family:arial,sans-serif"><br></span></div><div><span style="font-size:13px;font-family:arial,sans-serif">We don't need to store the key once we have the salt, IV, iterations and the passphrase provided by our user is perfectly possible to generate again that key.</span></div>
<div><span style="font-size:13px;font-family:arial,sans-serif"><br></span></div><div><span style="font-size:13px;font-family:arial,sans-serif">If this is not happening we need to revisit our code and figure out what's going on.</span></div>
</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Jan 14, 2014 at 8:50 AM, Corinne Krych <span dir="ltr"><<a href="mailto:corinnekrych@gmail.com" target="_blank">corinnekrych@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im"><br>
On Jan 14, 2014, at 2:11 PM, Bruno Oliveira <<a href="mailto:bruno@abstractj.org">bruno@abstractj.org</a>> wrote:<br>
<br>
> Again, storing passwords no matter how super safe is the KeyChain is a terrible idea. Don't do it, please.<br>
<br>
</div>Sorry not password but key.<br>
<div class="im"><br>
><br>
> > As for the problem of encrypting with one passphrase then another one and not be able to decrypt any data afterward, I think this is an issue that should be fixed. JIRA needed.<br>
><br>
> This is mostly because you have to add a feature of passphrase change first.<br>
<br>
</div>+1 make sense<br>
<div class="HOEnZb"><div class="h5">i<br>
><br>
><br>
> On Tue, Jan 14, 2014 at 3:46 AM, Corinne Krych <<a href="mailto:corinnekrych@gmail.com">corinnekrych@gmail.com</a>> wrote:<br>
> Hi Tadeas,<br>
><br>
> I think you bring back on the table an unfinished discussion on the topic of AGPassphraseKeyServices(used in password demo app) vs. AGPasswordKeyServices (not used in any demo yet).<br>
><br>
> In AGPasswordKeyServices the password is stored in secure local storage (KeyChain for iOS, KeyStore for Android), therefore you could do a password check at login time as stated in your workflow. I think we intended to have 2 diffences EncryptionServices for those differents usage.<br>
> <a href="http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Crypto-API-sample-td5306.html" target="_blank">http://aerogear-dev.1069024.n5.nabble.com/aerogear-dev-Android-Crypto-API-sample-td5306.html</a><br>
> More work is needed for AGPasswordKeyServices and adding a demo/recipe app for it would be nice.<br>
> @summers @cvasilak do you remember the discussion?<br>
><br>
> As for the problem of encrypting with one passphrase then another one and not be able to decrypt any data afterward, I think this is an issue that should be fixed. JIRA needed.<br>
><br>
> ++<br>
> Corinne<br>
> On Jan 14, 2014, at 2:23 AM, Bruno Oliveira <<a href="mailto:bruno@abstractj.org">bruno@abstractj.org</a>> wrote:<br>
><br>
> > Hi Tadeas, replied on the same issue.<br>
> ><br>
> ><br>
> > On Mon, Jan 13, 2014 at 12:43 PM, Tadeas Kriz <<a href="mailto:tkriz@redhat.com">tkriz@redhat.com</a>> wrote:<br>
> > Hi there,<br>
> ><br>
> > in December, I’ve reported [1] and today Passos asked me if I could rather send it here to discuss it, as this behavior is the same in other platform’s implementations (which I wasn’t aware of before). So please read the description on that JIRA issue. Basically I have nothing more to say about it, what’s not in the description already. So, what do you think?<br>
> ><br>
> > 1 - <a href="https://issues.jboss.org/browse/AGDROID-173" target="_blank">https://issues.jboss.org/browse/AGDROID-173</a><br>
> ><br>
> > —<br>
> > Tadeas Kriz<br>
> > <a href="mailto:tkriz@redhat.com">tkriz@redhat.com</a><br>
> ><br>
> ><br>
> > _______________________________________________<br>
> > aerogear-dev mailing list<br>
> > <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> > <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
> ><br>
> ><br>
> ><br>
> > --<br>
> ><br>
> > --<br>
> > "The measure of a man is what he does with power" - Plato<br>
> > -<br>
> > @abstractj<br>
> > -<br>
> > Volenti Nihil Difficile<br>
> > _______________________________________________<br>
> > aerogear-dev mailing list<br>
> > <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> > <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
><br>
><br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
><br>
><br>
><br>
> --<br>
><br>
> --<br>
> "The measure of a man is what he does with power" - Plato<br>
> -<br>
> @abstractj<br>
> -<br>
> Volenti Nihil Difficile<br>
> _______________________________________________<br>
> aerogear-dev mailing list<br>
> <a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
> <a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
<br>
<br>
_______________________________________________<br>
aerogear-dev mailing list<br>
<a href="mailto:aerogear-dev@lists.jboss.org">aerogear-dev@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/aerogear-dev" target="_blank">https://lists.jboss.org/mailman/listinfo/aerogear-dev</a><br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><br></div>-- <br>"The measure of a man is what he does with power" - Plato<br>-<br>@abstractj<br>-<br>Volenti Nihil Difficile
</div>