Hello,
I started to take a quick look at [1], for a better encryption of the passphrase for all the iOS variants (stored as plaintext ATM). For that I started looking at our neat Pbkdf2 class, from AeroGear-Crypto.
The idea is to store both: the encrypted password + the salt in the database, instead of the plaintext version of the password/passphrase.
Something like here:
This works fine on things like logins:
However, I am afraid it does not work for the iOS passphrase, required to connect to Apple - looks like the library we use requires it in plain text... (due to Apple? Not sure...)
BTW. here is the relevant usage inside of our UnifiedPush Server:
I am now wondering if there is something we can do for [1], in the long run, not now?
I see the 'java-apns API' supports passing in a java.security.Keystore, but unfortunately I am not sure if there is an impl. of that which is able to deal w/ encrypted passwords or if something like that might even work at all :-/
Greetings,
Matthias
--
Matthias Wessendorf
blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf