On Wed, Feb 5, 2014 at 7:41 PM, Bruno Oliveira <bruno@abstractj.org> wrote:
You need tho reconstruct that key again with the pieces from your database, so your code would look like:

@Test
    public void testPasswordValidationWithRandomSaltProvided() throws Exception {
        Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
        byte[] salt = new Random().randomBytes();
        byte[] IV = new Random().randomBytes();
        int iterations = 100000;

        //Encrypt step
        SecretKey secretKey = pbkdf2.generateSecretKey(PASSWORD, salt, iterations);
        CryptoBox box1 = new CryptoBox(secretKey.getEncoded());
        String passphrase = "My bonnie lies over the ocean";
        byte[] ciphertext = box1.encrypt(IV, passphrase.getBytes());

        //Decrypt step
        SecretKey recoveredKey = pbkdf2.generateSecretKey(PASSWORD, salt, iterations);


as said in the comments, I don't have that PASSWORD here


That is only submitted when the user creates a new iOS variant, it's never entered when the server tries to connect to the APNs




 
        CryptoBox box2 = new CryptoBox(recoveredKey.getEncoded());
        byte[] plaintext = box2.decrypt(IV, ciphertext);
        System.out.println(RAW.encode(plaintext));

    }

--
abstractj

On February 5, 2014 at 3:59:06 PM, Matthias Wessendorf (matzew@apache.org) wrote:
> > But, now, somewhere later in in the program, I need to do the decryption
> to get the actual passphrase for the stored Apple-certificate.
> However, I don't see how to create the CryptoBox here, as I should
> not stash the private/secret key, nor do I have access to the previous
> CryptoBox object
>
> https://github.com/matzew/psswd-salting/blob/master/src/test/java/net/wessendorf/salt/SecretKeyTest.java#L64-L85
>
>
> Looks like I am missing something here




--
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf