Skip to content

Docs on how to use PBKDF2Β #50

New issue
New issue
Open
Open
Docs on how to use PBKDF2#50
Labels
documentationImprovements or additions to documentation
@acmpo6ou

Description

@acmpo6ou
acmpo6ou
opened on Oct 19, 2024

Hello! Thanks for making this amazing library!

I was trying to understand how to implement encryption/decryption using a password. I'm trying to use PBKDF2 like this:

val salt = CryptographyRandom.nextBytes(16)
val password = "123".toByteArray()

val provider = CryptographyProvider.Default
val secretDerivation =
    provider.get(PBKDF2).secretDerivation(
        digest = SHA256,
        iterations = 480_000,
        outputSize = 32.bytes,
        salt = ByteString(salt),
    )

val secret = secretDerivation.deriveSecretBlocking(password)

and then I'm stuck. I get a ByteString like this: 6e8bcd0034451381a970d435125a2f653156f5710c82e8a992e1cdec725124e3. But how do I convert it to a key? I want to use the key to encrypt and decrypt some data.

Also I'm using digest = SHA256, but should I use PBKDF2HMAC? I was looking up the python cryptography library as an example: https://cryptography.io/en/stable/fernet/#using-passwords-with-fernet , and they use PBKDF2HMAC there.

Could you help me on how to proceed? And maybe adding this to the docs would help.

UPDATE
OK, so I was able to figure out the next steps:

val decoder = provider.get(AES.CBC).keyDecoder()
val key = decoder.decodeFromByteStringBlocking(AES.Key.Format.RAW, secret)
val token = key.cipher().encryptBlocking("Hello!".toByteArray())

but it fails for me with an error:

Exception in thread "main" java.lang.NoClassDefFoundError: dev/whyoleg/cryptography/providers/base/algorithms/BaseAesIvCipher
	at java.base/java.lang.ClassLoader.defineClass1(Native Method)
	at java.base/java.lang.ClassLoader.defineClass(Unknown Source)
	at java.base/java.security.SecureClassLoader.defineClass(Unknown Source)
	at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(Unknown Source)
	at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(Unknown Source)
	at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(Unknown Source)
	at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(Unknown Source)
	at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(Unknown Source)
	at java.base/java.lang.ClassLoader.loadClass(Unknown Source)
	at dev.whyoleg.cryptography.providers.jdk.algorithms.JdkAesCbcKey.cipher(JdkAesCbc.kt:29)
	at dev.whyoleg.cryptography.algorithms.AES$CBC$Key.cipher$default(AES.kt:59)
	at org.jetbrains.kotlin.idea.scratch.generated.ScratchFileRunnerGenerated$ScratchFileRunnerGenerated.<init>(tmp.kt:28)
	at org.jetbrains.kotlin.idea.scratch.generated.ScratchFileRunnerGenerated.main(tmp.kt:34)
Caused by: java.lang.ClassNotFoundException: dev.whyoleg.cryptography.providers.base.algorithms.BaseAesIvCipher
	at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(Unknown Source)
	at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(Unknown Source)
	at java.base/java.lang.ClassLoader.loadClass(Unknown Source)
	... 13 more

I have this in my dependencies, the latest version 4.0.0:

implementation(libs.cryptography.core)
implementation(libs.cryptography.provider.jdk)

Metadata

Metadata

Assignees

No one assigned

    Labels

    documentationImprovements or additions to documentation

    Projects

    cryptography-kotlin

    Status

    No status

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions