You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Public Key Cryptography such as RSA is not block cipher.
Thus, the common ECB flaw does not apply to RSA.
If you want to know the reason why JCA treat RSA as a block cipher,
you can see: https://cryptosource.de/posts/java_rsa_block_cipher_en.html .
Weak or badly implemented encryption algorithms can endanger data storage and transmission due to RSA/ECB. Reference: https://github.com/jeroentrappers/flutter_keychain/blob/e9734e9481fe341d54163388e83f14fa122b3131/android/src/main/kotlin/be/appmire/flutterkeychain/FlutterKeychainPlugin.kt#L97
Please change the cipher to use AES/GCM to secure data storage. Reference: http://find-sec-bugs.github.io/bugs.htm#ECB_MODE
Since the minimum SDK of the package is 18, AES/GCM is supported. Reference: https://developer.android.com/reference/javax/crypto/Cipher.html
The text was updated successfully, but these errors were encountered: