Bug #1713
opening VFS with wrong key should throw a java exception
| Status: | Closed | Start date: | 08/13/2013 | |
|---|---|---|---|---|
| Priority: | Normal | Due date: | ||
| Assignee: | hans | % Done: | 0% | |
| Category: | - | |||
| Target version: | 0.2 - reliability and cacheword interop | |||
| Component: |
Description
Currently, calling the sqlfs_open_key and sqlfs_init_key functions in VirtualFileSystem_mount_key will not throw an error when the key is wrong.
Instead the error manifests when trying to perform an operation on the VFS. The error manifests as a crash wit no feedback to Java.
Associated revisions
expose new raw key API in Java, to work better with CacheWord
CacheWord generates the raw key based on a dynamic number of iterations of the
KDF, so that it doesn't take ridiculously long on old devices, but on new
devices has a reasonable number of KDF iterations. The exposes that API into
IOCipher's Java interface for easy integration with CacheWord.
Also, using byte[] for storing passwords means that Java code can zero out the
memory after the password/key is no longer in use. Strings are immutable in
Java, so the memory cannot be zeroed out. byte[] are very mutable, so they can
easily be zeroed out after use. Therefore only accept the database key as a
byte[] to encourage people to wipe the key from memory when they are done with
it.
fixes #1713 https://dev.guardianproject.info/issues/1713
fixes #2254 https://dev.guardianproject.info/issues/2254
refs #3174 https://dev.guardianproject.info/issues/3174
History
#1 Updated by hans almost 4 years ago
- Target version deleted (
61)
#2 Updated by hans over 3 years ago
- Target version set to 0.2 - reliability and cacheword interop
#3 Updated by Anonymous over 3 years ago
- Status changed from New to Resolved
Applied in changeset iocipher|commit:18de12e3900306d67c349f22505d048157428946.
#4 Updated by hans over 3 years ago
- Assignee set to hans
#5 Updated by hans over 3 years ago
- Status changed from Resolved to Closed