[aerogear-dev] Question around encryption for iOS push certificate passphrase

Matthias Wessendorf matzew at apache.org
Wed Feb 5 13:47:03 EST 2014 

On Wed, Feb 5, 2014 at 7:41 PM, Bruno Oliveira <bruno at abstractj.org> wrote:

> You need tho reconstruct that key again with the pieces from your
> database, so your code would look like:
>
> @Test
>     public void testPasswordValidationWithRandomSaltProvided() throws
> Exception {
>         Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
>         byte[] salt = new Random().randomBytes();
>         byte[] IV = new Random().randomBytes();
>         int iterations = 100000;
>
>         //Encrypt step
>         SecretKey secretKey = pbkdf2.generateSecretKey(PASSWORD, salt,
> iterations);
>         CryptoBox box1 = new CryptoBox(secretKey.getEncoded());
>         String passphrase = "My bonnie lies over the ocean";
>         byte[] ciphertext = box1.encrypt(IV, passphrase.getBytes());
>
>         //Decrypt step
>         SecretKey recoveredKey = pbkdf2.generateSecretKey(PASSWORD, salt,
> iterations);
>


as said in the comments, I don't have that PASSWORD here


That is only submitted when the user creates a new iOS variant, it's never
entered when the server tries to connect to the APNs






>         CryptoBox box2 = new CryptoBox(recoveredKey.getEncoded());
>         byte[] plaintext = box2.decrypt(IV, ciphertext);
>         System.out.println(RAW.encode(plaintext));
>
>     }
>
> --
> abstractj
>
> On February 5, 2014 at 3:59:06 PM, Matthias Wessendorf (matzew at apache.org)
> wrote:
> > > But, now, somewhere later in in the program, I need to do the
> decryption
> > to get the actual passphrase for the stored Apple-certificate.
> > However, I don't see how to create the CryptoBox here, as I should
> > not stash the private/secret key, nor do I have access to the previous
> > CryptoBox object
> >
> >
> https://github.com/matzew/psswd-salting/blob/master/src/test/java/net/wessendorf/salt/SecretKeyTest.java#L64-L85
> >
> >
> > Looks like I am missing something here
>
>


-- 
Matthias Wessendorf

blog: http://matthiaswessendorf.wordpress.com/
sessions: http://www.slideshare.net/mwessendorf
twitter: http://twitter.com/mwessendorf
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/aerogear-dev/attachments/20140205/c90db087/attachment.html

More information about the aerogear-dev mailing list