Skip to content

Commit

Permalink
Embarrassingly I forgot to finish implementing the RSA secure storage…
Browse files Browse the repository at this point in the history 
… (and it had a few mistakes), and AES didn't actually commit deletes. Fix for Xamarin Android secure storage.
  • Loading branch information
@borrrden
borrrden committed Jul 29, 2016
1 parent 1049626 commit 1401f16
Show file tree
Hide file tree
Showing 2 changed files with 16 additions and 23 deletions.
5 changes: 4 additions & 1 deletion src/Couchbase.Lite.Android/SecureStorageAES.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,10 @@ public void Delete(SecureStorageRequest request)
{
var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private);
var editor = prefs.Edit();
editor.Remove(GetKey(request));
var key = GetKey(request);
editor.Remove(key);
editor.Remove($"{key}_iv");
editor.Commit();
}

public IEnumerable<byte> Read(SecureStorageRequest request)
Expand Down
34 changes: 12 additions & 22 deletions src/Couchbase.Lite.Android/SecureStorageRSA.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,12 +153,7 @@ private static byte[] EncryptRSA(IKey key, byte[] data)
try {
var cipher = Cipher.GetInstance(CipherAlgorithm);
cipher.Init(CipherMode.EncryptMode, key);
using(var bos = RecyclableMemoryStreamManager.SharedInstance.GetStream()) {
using(var cos = new CipherOutputStream(bos, cipher)) {
cos.Write(data);
}
return bos.GetBuffer().Take((int)bos.Length).ToArray();
}
return cipher.DoFinal(data);
} catch(Exception e) {
Log.To.NoDomain.E(Tag, "Unable to open keystore or encrypt AES key", e);
return null;
Expand All @@ -168,19 +163,9 @@ private static byte[] EncryptRSA(IKey key, byte[] data)
private static byte[] DecryptRSA(IKey key, byte[] data)
{
try {
using(var bos = new ByteArrayOutputStream(2048)) {
var cipher = Cipher.GetInstance(CipherAlgorithm);
cipher.Init(CipherMode.DecryptMode, key);
using(var bis = RecyclableMemoryStreamManager.SharedInstance.GetStream(Tag, data, 0, data.Length))
using(var cis = new CipherInputStream(bis, cipher)) {
var read = new byte[512];
for(int i; (i = cis.Read(read)) != -1;) {
bos.Write(read, 0, i);
}
}

return bos.ToByteArray();
}
var cipher = Cipher.GetInstance(CipherAlgorithm);
cipher.Init(CipherMode.DecryptMode, key);
return cipher.DoFinal(data);
} catch(Exception e) {
Log.To.NoDomain.E(Tag, "Unable to decrypt AES key", e);
return null;
Expand All @@ -189,7 +174,12 @@ private static byte[] DecryptRSA(IKey key, byte[] data)

public void Delete(SecureStorageRequest request)
{
throw new NotImplementedException();
var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private);
var editor = prefs.Edit();
var key = GetKey(request);
editor.Remove($"{key}_key");
editor.Remove($"{key}_data");
editor.Commit();
}

public IEnumerable<byte> Read(SecureStorageRequest request)
Expand All @@ -204,8 +194,8 @@ public IEnumerable<byte> Read(SecureStorageRequest request)
return null;
}

var secretKey = Convert.FromBase64String(prefs.GetString("${key}_key", null));
var data = Convert.FromBase64String(prefs.GetString("${key}_data", null));
var secretKey = Convert.FromBase64String(prefs.GetString($"{key}_key", null));
var data = Convert.FromBase64String(prefs.GetString($"{key}_data", null));
return Decrypt(secretKey, data);
}

Expand Down

0 comments on commit 1401f16

Please sign in to comment.