Trying to prevent crash due to unusable key store master key
This commit is contained in:
Sylvain Berfini
parent
d941f80cf6
commit
f2447e4c86
2 changed files with 30 additions and 12 deletions
|
|
@ -883,11 +883,16 @@ class CoreContext(val context: Context, coreConfig: Config) {
|
|||
fun activateVFS() {
|
||||
try {
|
||||
Log.i("[Context] Activating VFS")
|
||||
val preferences = corePreferences.encryptedSharedPreferences
|
||||
if (preferences == null) {
|
||||
Log.e("[Context] Can't get encrypted SharedPreferences, can't init VFS")
|
||||
return
|
||||
}
|
||||
|
||||
if (corePreferences.encryptedSharedPreferences.getString(VFS_IV, null) == null) {
|
||||
if (preferences.getString(VFS_IV, null) == null) {
|
||||
generateSecretKey()
|
||||
encryptToken(generateToken()).let { data ->
|
||||
corePreferences.encryptedSharedPreferences
|
||||
preferences
|
||||
.edit()
|
||||
.putString(VFS_IV, data.first)
|
||||
.putString(VFS_KEY, data.second)
|
||||
|
|
@ -896,7 +901,7 @@ class CoreContext(val context: Context, coreConfig: Config) {
|
|||
}
|
||||
Factory.instance().setVfsEncryption(
|
||||
LINPHONE_VFS_ENCRYPTION_AES256GCM128_SHA256,
|
||||
getVfsKey(corePreferences.encryptedSharedPreferences).toByteArray().copyOfRange(0, 32),
|
||||
getVfsKey(preferences).toByteArray().copyOfRange(0, 32),
|
||||
32
|
||||
)
|
||||
|
||||
|
|
|
|||
|
|
@ -26,6 +26,7 @@ import androidx.security.crypto.MasterKey
|
|||
import java.io.File
|
||||
import java.io.FileInputStream
|
||||
import java.io.FileOutputStream
|
||||
import java.security.KeyStoreException
|
||||
import org.linphone.LinphoneApplication.Companion.coreContext
|
||||
import org.linphone.compatibility.Compatibility
|
||||
import org.linphone.core.tools.Log
|
||||
|
|
@ -46,26 +47,38 @@ class CorePreferences constructor(private val context: Context) {
|
|||
private const val encryptedSharedPreferencesFile = "encrypted.pref"
|
||||
}
|
||||
|
||||
val encryptedSharedPreferences: SharedPreferences by lazy {
|
||||
val encryptedSharedPreferences: SharedPreferences? by lazy {
|
||||
val masterKey: MasterKey = MasterKey.Builder(
|
||||
context,
|
||||
MasterKey.DEFAULT_MASTER_KEY_ALIAS
|
||||
).setKeyScheme(MasterKey.KeyScheme.AES256_GCM).build()
|
||||
EncryptedSharedPreferences.create(
|
||||
context, encryptedSharedPreferencesFile, masterKey,
|
||||
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
|
||||
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
|
||||
)
|
||||
try {
|
||||
EncryptedSharedPreferences.create(
|
||||
context, encryptedSharedPreferencesFile, masterKey,
|
||||
EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
|
||||
EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
|
||||
)
|
||||
} catch (kse: KeyStoreException) {
|
||||
Log.e("[VFS] Keystore exception: $kse")
|
||||
null
|
||||
}
|
||||
}
|
||||
|
||||
var vfsEnabled: Boolean
|
||||
get() = encryptedSharedPreferences.getBoolean("vfs_enabled", false)
|
||||
get() = encryptedSharedPreferences?.getBoolean("vfs_enabled", false) ?: false
|
||||
set(value) {
|
||||
if (!value && encryptedSharedPreferences.getBoolean("vfs_enabled", false)) {
|
||||
val preferences = encryptedSharedPreferences
|
||||
if (preferences == null) {
|
||||
Log.e("[VFS] Failed to get encrypted SharedPreferences")
|
||||
return
|
||||
}
|
||||
|
||||
if (!value && preferences.getBoolean("vfs_enabled", false)) {
|
||||
Log.w("[VFS] It is not possible to disable VFS once it has been enabled")
|
||||
return
|
||||
}
|
||||
encryptedSharedPreferences.edit().putBoolean("vfs_enabled", value).apply()
|
||||
|
||||
preferences.edit().putBoolean("vfs_enabled", value)?.apply()
|
||||
// When VFS is enabled we disable logcat output for linphone logs
|
||||
// TODO: decide if we do it
|
||||
// logcatLogsOutput = false
|
||||
|
|
|
|||
Loading…
Reference in a new issue