Describe the bug
A cursory review of PFLockScreen-Android revealed an improper use of encryption to store the security PIN. The library uses a reversible encryption scheme instead of one-way hashing, which could allow attackers to decrypt encrypted PINs.
To Reproduce
See checkPin() function here:
|
public void checkPin(Context context, String encodedPin, String pin, PFPinCodeHelperCallback<Boolean> callback) { |
To verify a PIN, the application passes both the plain-text PIN and the encrypted version. The library decrypts the encrypted PIN and compares it against the plain-text version.
As seen above, the library decrypted the encrypted PIN and compares it against the plain-text version.
Expected behavior
PFLockScreen-Android should use hashing instead of encrypting the PIN of the user. For instance, the library could be using bcrypt or argon2id to create a strong hash of the PIN combined with a random unique salt.
Describe the bug
A cursory review of PFLockScreen-Android revealed an improper use of encryption to store the security PIN. The library uses a reversible encryption scheme instead of one-way hashing, which could allow attackers to decrypt encrypted PINs.
To Reproduce
See checkPin() function here:
PFLockScreen-Android/pflockscreen/src/main/java/com/beautycoder/pflockscreen/security/PFFingerprintPinCodeHelper.java
Line 63 in ff5b7cd
To verify a PIN, the application passes both the plain-text PIN and the encrypted version. The library decrypts the encrypted PIN and compares it against the plain-text version.
As seen above, the library decrypted the encrypted PIN and compares it against the plain-text version.
Expected behavior
PFLockScreen-Android should use hashing instead of encrypting the PIN of the user. For instance, the library could be using bcrypt or argon2id to create a strong hash of the PIN combined with a random unique salt.