1

I want to store a keyset, and would like the file to be encrypted with key produced from a user-provided "master password". And of course, at a later point I'd like to, given the same master password, be able to load that keyset by decrypting the file.

It seems that I need an Aead, which I can generate from a KeysetHandle with AeadFactory.getPrimitive(keysetHandle). But how can I produce a KeysetHandle from a "master password"?

(And for the context of this question, getting that key from a Key Management Systems, instead of producing it "out of thin air" from a master password, isn't an option.)

avernet
  • 30,895
  • 44
  • 126
  • 163

1 Answers1

0

An Aead can be created as follows (here done from Scala):

val password: String = "..."
val aead = {
  val messageDigest = MessageDigest.getInstance("SHA-256")
  messageDigest.update(password.getBytes(CharsetNames.Utf8))
  val key256Bit = messageDigest.digest()
  val key128Bit = key256Bit.take(16)
  new AesGcmJce(key128Bit)
}

A few comments:

  • I'd prefer the key to be based on a 32-bit digest, but the cipher picked by Tink in this case throws an exception when provided with a 32-bit key, hence the shortening to a 16-bit key.
  • It seems shortening the key this way is ok from a hash weakness perspective.
avernet
  • 30,895
  • 44
  • 126
  • 163