Revision 18de12e3
| ID | 18de12e3900306d67c349f22505d048157428946 |
| Parent | 1a7577ee |
| Child | 4ed79ab7 |
expose new raw key API in Java, to work better with CacheWord
CacheWord generates the raw key based on a dynamic number of iterations of the
KDF, so that it doesn't take ridiculously long on old devices, but on new
devices has a reasonable number of KDF iterations. The exposes that API into
IOCipher's Java interface for easy integration with CacheWord.
Also, using byte[] for storing passwords means that Java code can zero out the
memory after the password/key is no longer in use. Strings are immutable in
Java, so the memory cannot be zeroed out. byte[] are very mutable, so they can
easily be zeroed out after use. Therefore only accept the database key as a
byte[] to encourage people to wipe the key from memory when they are done with
it.
fixes #1713 https://dev.guardianproject.info/issues/1713
fixes #2254 https://dev.guardianproject.info/issues/2254
refs #3174 https://dev.guardianproject.info/issues/3174
Files
- added
- modified
- copied
- renamed
- deleted