[guardian-dev] Cacheword usage

Hans-Christoph Steiner hans at guardianproject.info
Fri Jul 8 07:51:05 EDT 2016


Cacheword is designed to feed the key bytes right into APIs that expect
those bytes.  So things like SQLCipher.  The password that the user
types is used to decrypt the key that is stored in the cacheword file in
SharedPreferences.  So the raw key bytes you get from CacheWord are not
derived from the password.

.hc

Massimo Canonico:
> Hi all,
> 
> I'm trying to use the cacheword library in order to printout the hex of
> the encrypted passphrase.
> 
> I'm sure that I'm make some mistake since for some input I get the hex
> and for other input (with the same code), I get an exception:
> 
> javax.crypto.BadPaddingException: mac check in GCM failed.
> 
> After my signature I pasted the method used in my code. I really
> appreciate if you can take a look and see what I'm doing wrong.
> 
> Besides the code, I have a question about chatsecure and cacheword. The
> impsenc.db and media.db files are encrypted with same algorithm
> (hopefully analogous to the code that I pasted) and same parameters?
> 
> Thanks,
> 
>     Massimo
> 
> public void letsgo(){
> 
>         String encodedSecret = <the encrypted_secrets from
> info.guardianproject.cacheword.prefs.xml file>
>         String passphrase =<the password chosed as master password>;
> 
>         char[] x_passphrase = passphrase.toCharArray();
> 
>         byte[] preparedSecret =
> android.util.Base64.decode(y_encodedSecret,Base64.DEFAULT);
> 
>         SerializedSecretsV1 ss = new
> SerializedSecretsLoader().loadSecrets(preparedSecret);
> 
>         byte[] x_rawSecretKey = null;
> 
>         try {
>             PassphraseSecretsImpl crypto = new PassphraseSecretsImpl();
>             x_rawSecretKey = crypto.decryptWithPassphrase(x_passphrase,ss);
> 
>             StringBuilder sb = new StringBuilder();
>             for (byte b : x_rawSecretKey) {
>                 sb.append(String.format("%02X ", b));
>             }
>             System.out.println(" HEX: "+ sb.toString());
>             if (x_rawSecretKey == null)
>                 throw new GeneralSecurityException("PPP");
>         }catch (Throwable t)
>         {
>             System.out.println("Inside catch: " + t);
> 
>         }
> 
> _______________________________________________
> List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
> To unsubscribe, email:  guardian-dev-unsubscribe at lists.mayfirst.org

-- 
PGP fingerprint: EE66 20C7 136B 0D2C 456C  0A4D E9E2 8DEA 00AA 5556
https://pgp.mit.edu/pks/lookup?op=vindex&search=0xE9E28DEA00AA5556


More information about the guardian-dev mailing list