Which kind of section are we talking about? Basically I skipped it into
Matthias Wessendorf wrote:
> Thanks for putting together the gist; I did read several times over
> it, and I guess it mostly makes sense :-)
>
> However I do have a few (minor?) questions:
>
> ===JavaScript:===
>
> * key: generatedKey,
>
> where does the generate key come from ? Is that a key that, as shown
> in the diagram, comes from "the server"?
the documentation because developers are able to provide their own but
you can see an example here:
https://github.com/aerogear/aerogear-js/blob/master/tests/unit/crypto/aerogear.crypto.js#L21
(that was used only for unit test purposes to guess the output)
If you think that's not enough I'm fine providing an example about how
to properly generate the key.
>Once there are several tools named "ToolBox, ToolChain" outside there I
> Java
>
> * CryptoBox: It is used for different algorithms (GCM and ECC), like a
> "ToolBox" / "ToolChain", right ?
will avoid comparisons. CryptoBox is the class responsible to accept a
single key or a key pair and encrypt/decrypt the data.
>I don't think so, once the code wasn't merge I can't make assumptions
> * PBKDF2: However, in the (outdated?) gist we use a function
> (AeroGearCrypto.pbkdf2()) to get access to the Pbkdf2 class;
into something that "might be" merged.
> I can't see that in the code - there a direct usage of the Pbkdf2Until we get that code merged, I think is reasonable to keep it as is.
> class is present.
>I don't think so, because they are used for different purposes:
> Now, wondering about the different 'access' mechanisms
> (AeroGearCrypto.pbkdf2() vs. CryptoBox), does it make sense (honestly
> not sure) to add the 'PBKDF2' to the "CryptoBox" as well ?
CryptoBox - Accept a key or a key pair for symmetric/asymetric encryption
PBKDF2 - For passwords as we discussed
>Let me know if something is not clear.
>
> @iOS
>
> we had a kick off meeting early this week, and now trying to see how
> we move on. A few infos are available in this forked gist:
>
> https://gist.github.com/matzew/7cdf1831c55e3d656477
>
> More to follow....
--
abstractj
_______________________________________________
aerogear-dev mailing list
aerogear-dev@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev