Should the Crypto from Play be replaced

[pawelprazak]

This is an invitation for discussion about the Crypto implementation ported from Play Framework and its future. Here's the issue that led to deprecation of the Crypto API from Play and here is migration guide in Play 2.5.

I don't know much about cryptography, so unfortunately I can't say anything more useful.

[adamw]

As far as I understand, they are doing this to hide an internal API which wasn't meant to be used outside of Play. Do you think this affects akka-http-session in some way?

(btw.: this is already pluggable, as you can provide a different session encoder quite easily)

[pawelprazak]

To quote the docs:

As alluded to in the warning, these methods are not generally “safe” – there are some common modes of operation that are not secure using these methods.

I'm not an expert, but I know enough to see this implementation is unsecure by default, e.g.:

Cipher.getInstance("AES")

Which uses outdated and unsecure AES/ECB/PKCS5Padding. Instead of e.g.:

Cipher.getInstance("AES/CBC/PKCS7PADDING")

or

Cipher.getInstance("AES/CTR/NoPadding")

or

Cipher.getInstance("AES/GCM/NoPadding")

So IMHO the smart thing to do would be to at least port the 2.4/2.5 changes.

BTW How to choose an AES encryption mode (CBC ECB CTR OCB CFB)?

[adamw]

Thanks for the links! An interesting read :). For encryption I think in our case CBC would be fine - would you like to create a PR maybe?