Derived crypto keys #37
Description
Hi, when I did a security testing of my app I got the warning that I use derived crypto keys. the way I use the library is like this.
const sha256Hash = await RNSimpleCrypto.SHA.sha256(buffer);
const key = RNSimpleCrypto.utils.convertArrayBufferToHex(sha256Hash);
The warning I get is:
Reference: javax.crypto.Cipher.doFinal
Encryption with insecure cipher: AES/ECB/NoPadding
Raw input: [17,39,32,-98,94,-7,-45,18,-74,-27,-68,-69,124,57,-101,101]
Any idea how I can fix my code to not generate such warnings? I do not even know if that part of library is something I use or not, that generates the warning.