mirror of
https://github.com/bitwarden/mobile.git
synced 2024-11-29 12:45:20 +01:00
key store cleanup
This commit is contained in:
parent
d392dc82a1
commit
04bf86c21d
@ -102,12 +102,11 @@ namespace Bit.Android.Services
|
|||||||
end.Add(CalendarField.Year, 30);
|
end.Add(CalendarField.Year, 30);
|
||||||
|
|
||||||
var gen = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, AndroidKeyStore);
|
var gen = KeyPairGenerator.GetInstance(KeyProperties.KeyAlgorithmRsa, AndroidKeyStore);
|
||||||
var spec = new KeyPairGeneratorSpec.Builder(Application.Context)
|
var spec = new KeyGenParameterSpec.Builder(KeyAlias, KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt)
|
||||||
.SetAlias(KeyAlias)
|
.SetCertificateSubject(new X500Principal($"CN={KeyAlias}"))
|
||||||
.SetSubject(new X500Principal($"CN={KeyAlias}"))
|
.SetCertificateSerialNumber(BigInteger.Ten)
|
||||||
.SetSerialNumber(BigInteger.Ten)
|
.SetKeyValidityStart(start.Time)
|
||||||
.SetStartDate(start.Time)
|
.SetKeyValidityEnd(end.Time)
|
||||||
.SetEndDate(end.Time)
|
|
||||||
.Build();
|
.Build();
|
||||||
|
|
||||||
gen.Initialize(spec);
|
gen.Initialize(spec);
|
||||||
@ -117,7 +116,8 @@ namespace Bit.Android.Services
|
|||||||
{
|
{
|
||||||
var gen = KeyGenerator.GetInstance(KeyProperties.KeyAlgorithmAes, AndroidKeyStore);
|
var gen = KeyGenerator.GetInstance(KeyProperties.KeyAlgorithmAes, AndroidKeyStore);
|
||||||
var spec = new KeyGenParameterSpec.Builder(KeyAlias, KeyStorePurpose.Decrypt | KeyStorePurpose.Encrypt)
|
var spec = new KeyGenParameterSpec.Builder(KeyAlias, KeyStorePurpose.Decrypt | KeyStorePurpose.Encrypt)
|
||||||
.SetBlockModes(KeyProperties.BlockModeGcm).SetEncryptionPaddings(KeyProperties.EncryptionPaddingNone)
|
.SetBlockModes(KeyProperties.BlockModeGcm)
|
||||||
|
.SetEncryptionPaddings(KeyProperties.EncryptionPaddingNone)
|
||||||
.Build();
|
.Build();
|
||||||
|
|
||||||
gen.Init(spec);
|
gen.Init(spec);
|
||||||
@ -153,16 +153,18 @@ namespace Bit.Android.Services
|
|||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
var entry = _keyStore.GetEntry(KeyAlias, null) as KeyStore.SecretKeyEntry;
|
return _keyStore.GetKey(KeyAlias, null);
|
||||||
return entry.SecretKey;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private KeyStore.PrivateKeyEntry GetRsaKeyEntry()
|
||||||
|
{
|
||||||
|
return _keyStore.GetEntry(KeyAlias, null) as KeyStore.PrivateKeyEntry;
|
||||||
|
}
|
||||||
|
|
||||||
private string AesEncrypt(byte[] input)
|
private string AesEncrypt(byte[] input)
|
||||||
{
|
{
|
||||||
var cipher = Cipher.GetInstance(AesMode);
|
var cipher = Cipher.GetInstance(AesMode);
|
||||||
//var ivBytes = RandomBytes(12);
|
|
||||||
//var spec = new GCMParameterSpec(128, ivBytes);
|
|
||||||
cipher.Init(CipherMode.EncryptMode, GetAesKey());
|
cipher.Init(CipherMode.EncryptMode, GetAesKey());
|
||||||
var encBytes = cipher.DoFinal(input);
|
var encBytes = cipher.DoFinal(input);
|
||||||
var ivBytes = cipher.GetIV();
|
var ivBytes = cipher.GetIV();
|
||||||
@ -184,7 +186,7 @@ namespace Bit.Android.Services
|
|||||||
|
|
||||||
private byte[] RsaEncrypt(byte[] input)
|
private byte[] RsaEncrypt(byte[] input)
|
||||||
{
|
{
|
||||||
var entry = _keyStore.GetEntry(KeyAlias, null) as KeyStore.PrivateKeyEntry;
|
var entry = GetRsaKeyEntry();
|
||||||
var inputCipher = Cipher.GetInstance(RsaMode, AndroidOpenSSL);
|
var inputCipher = Cipher.GetInstance(RsaMode, AndroidOpenSSL);
|
||||||
inputCipher.Init(CipherMode.EncryptMode, entry.Certificate.PublicKey);
|
inputCipher.Init(CipherMode.EncryptMode, entry.Certificate.PublicKey);
|
||||||
|
|
||||||
@ -200,7 +202,7 @@ namespace Bit.Android.Services
|
|||||||
|
|
||||||
private byte[] RsaDecrypt(byte[] encInput)
|
private byte[] RsaDecrypt(byte[] encInput)
|
||||||
{
|
{
|
||||||
var entry = _keyStore.GetEntry(KeyAlias, null) as KeyStore.PrivateKeyEntry;
|
var entry = GetRsaKeyEntry();
|
||||||
var outputCipher = Cipher.GetInstance(RsaMode, AndroidOpenSSL);
|
var outputCipher = Cipher.GetInstance(RsaMode, AndroidOpenSSL);
|
||||||
outputCipher.Init(CipherMode.DecryptMode, entry.PrivateKey);
|
outputCipher.Init(CipherMode.DecryptMode, entry.PrivateKey);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user