Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Reintroduce a fix for strongbox decryption data corruption (#383) #385

Merged
merged 5 commits into from
Sep 7, 2020
Merged

Reintroduce a fix for strongbox decryption data corruption (#383) #385

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0c8c146
Reintroduce a fix for strongbox decryption data corruption (#383)
Aug 27, 2020
138f345
Fix logic in byte[] version of readIv method
Aug 28, 2020
6c01fcd
Clean up around removal of CipherInputStream
Aug 28, 2020
f6b2bd0
Restore decryptBytes implementation in CipherStorageBase
Aug 31, 2020
e71efbf
Small refactor in AES cipher storage to forego decrypt handler
Sep 1, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 3 additions & 24 deletions android/src/main/java/com/oblador/keychain/cipherStorage/CipherStorageBase.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@
import java.util.concurrent.atomic.AtomicInteger;

import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
Expand Down Expand Up @@ -351,7 +350,7 @@ protected String decryptBytes(@NonNull final Key key, @NonNull final byte[] byte
throws GeneralSecurityException, IOException {
final Cipher cipher = getCachedInstance();

// decrypt the bytes using a CipherInputStream
// decrypt the bytes using cipher.doFinal()
cshfang marked this conversation as resolved.
Show resolved Hide resolved
try (ByteArrayInputStream in = new ByteArrayInputStream(bytes);
ByteArrayOutputStream output = new ByteArrayOutputStream()) {
cshfang marked this conversation as resolved.
Show resolved Hide resolved

Expand All @@ -360,11 +359,8 @@ protected String decryptBytes(@NonNull final Key key, @NonNull final byte[] byte
handler.initialize(cipher, key, in);
cshfang marked this conversation as resolved.
Show resolved Hide resolved
}

try (CipherInputStream decrypt = new CipherInputStream(in, cipher)) {
copy(decrypt, output);
}

return new String(output.toByteArray(), UTF8);
byte[] decryptedBytes = cipher.doFinal(bytes, IV.IV_LENGTH, bytes.length - IV.IV_LENGTH);
return new String(decryptedBytes, UTF8);
} catch (Throwable fail) {
Log.w(LOG_TAG, fail.getMessage(), fail);

Expand Down Expand Up @@ -471,23 +467,6 @@ public static String getDefaultAliasIfEmpty(@Nullable final String service, @Non
//noinspection ConstantConditions
return TextUtils.isEmpty(service) ? fallback : service;
}

/**
* Copy input stream to output.
*
* @param in instance of input stream.
* @param out instance of output stream.
* @throws IOException read/write operation failure.
*/
public static void copy(@NonNull final InputStream in, @NonNull final OutputStream out) throws IOException {
// Transfer bytes from in to out
final byte[] buf = new byte[BUFFER_READ_WRITE_SIZE];
int len;

while ((len = in.read(buf)) > 0) {
out.write(buf, 0, len);
}
}
//endregion

//region Nested declarations
Expand Down