-
It’s hard to understand, sometimes and misses information about intended usage/constraints/limitations/suggestions. E.g. the wrapKey method. It’s as it is intended in “unsecure environments”. So, what? It does not even mention taht it basically just encrypts the key, it does not mention whether and why you should/could not just use the
encrypt()API (or could you?), and so on and so forth…
The documentation is really minimal and that may easily lead to security problems. -
It does not give any recommendations or warnings., It does not warn about problematic constructions/cipher modes. It does not state what values should be random etc. and so on… It’s just gives you the tools and you can shoot yourself in the foot.
-
But worst, it gives actually bad examples. E.g. the deriveKey one: It uses PBKDF2-SHA256 with 100 iterations! Seriously just 100 ones – you can literally just skip that key stretching. That’s just way too less.
It even adds a great and totally (not) useful comment there:don’t get too ambitious, or at least remember that low-power phones will access your app
Seriously that’s bad advice.
Similarly, it often uses CBC mode or something like that instead of the usually recommend ones like GCM…
IMHO this state is not acceptable and quite low-quality. The doc often advises not use "
naïve approaches for converting text" and such helps to avoid such relatively harmless problems, but at the same time when it comes to cryptography pitfalls, it actually even suggests to fall into them… 
