Hello,
I started to take a quick look at [1], for a better encryption of the
passphrase for all the iOS variants (stored as plaintext ATM). For that I
started looking at our neat Pbkdf2 class, from AeroGear-Crypto.
The idea is to store both: the encrypted password + the salt in the
database, instead of the plaintext version of the password/passphrase.
Something like here:
https://github.com/matzew/psswd-salting/blob/master/src/test/java/net/wes...
This works fine on things like logins:
https://github.com/matzew/psswd-salting/blob/master/src/test/java/net/wes...
However, I am afraid it does not work for the iOS passphrase, required to
connect to Apple - looks like the library we use requires it in plain
text... (due to Apple? Not sure...)
https://github.com/notnoop/java-apns/blob/master/src/main/java/com/notnoo...
BTW. here is the relevant usage inside of our UnifiedPush Server:
https://github.com/aerogear/aerogear-unifiedpush-server/blob/master/serve...
I am now wondering if there is something we can do for [1], in the long
run, not now?
I see the 'java-apns API' supports passing in a java.security.Keystore, but
unfortunately I am not sure if there is an impl. of that which is able to
deal w/ encrypted passwords or if something like that might even work at
all :-/
Greetings,
Matthias
[1]
https://issues.jboss.org/browse/AGPUSH-358
--
Matthias Wessendorf
blog:
http://matthiaswessendorf.wordpress.com/
sessions:
http://www.slideshare.net/mwessendorf
twitter:
http://twitter.com/mwessendorf