/
EncryptionServices.kt
125 lines (97 loc) · 4.03 KB
/
EncryptionServices.kt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
package co.temy.securitysample.authentication
import android.annotation.TargetApi
import android.content.Context
import android.hardware.fingerprint.FingerprintManager
import co.temy.securitysample.Storage
import java.co.temy.securitysample.encryption.CipherWrapper
import java.co.temy.securitysample.encryption.KeyStoreWrapper
import javax.crypto.Cipher
import javax.crypto.SecretKey
class EncryptionServices(context: Context) {
companion object {
val MASTER_KEY = "MASTER_KEY"
val ALGORITHM_AES = "AES"
}
private val storage = Storage(context)
private val keyStoreWrapper = KeyStoreWrapper(context)
/*
* Encryption Stage
*/
fun createMasterKey(keyPassword: String? = null) {
if (SystemServices.hasMarshmallow()) {
createAndroidSymmetricKey()
} else {
createDefaultSymmetricKey()
}
}
fun removeMasterKey() {
keyStoreWrapper.removeAndroidKeyStoreKey(MASTER_KEY)
}
fun encrypt(data: String, keyPassword: String? = null): String {
return if (SystemServices.hasMarshmallow()) {
encryptWithAndroidSymmetricKey(data)
} else {
encryptWithDefaultSymmetricKey(data)
}
}
fun decrypt(data: String, keyPassword: String? = null): String {
return if (SystemServices.hasMarshmallow()) {
decryptWithAndroidSymmetricKey(data)
} else {
decryptWithDefaultSymmetricKey(data)
}
}
private fun createAndroidSymmetricKey() {
keyStoreWrapper.createAndroidKeyStoreSymmetricKey(MASTER_KEY)
}
private fun encryptWithAndroidSymmetricKey(data: String): String {
val masterKey = keyStoreWrapper.getAndroidKeyStoreSymmetricKey(MASTER_KEY)
return CipherWrapper(CipherWrapper.TRANSFORMATION_SYMMETRIC).encrypt(data, masterKey)
}
private fun decryptWithAndroidSymmetricKey(data: String): String {
val masterKey = keyStoreWrapper.getAndroidKeyStoreSymmetricKey(MASTER_KEY)
return CipherWrapper(CipherWrapper.TRANSFORMATION_SYMMETRIC).decrypt(data, masterKey)
}
private fun createDefaultSymmetricKey() {
val symmetricKey = keyStoreWrapper.generateDefaultSymmetricKey()
val masterKey = keyStoreWrapper.createAndroidKeyStoreAsymmetricKey(MASTER_KEY)
val encryptedSymmetricKey = CipherWrapper(CipherWrapper.TRANSFORMATION_ASYMMETRIC).wrapKey(symmetricKey, masterKey.public)
storage.saveEncryptionKey(encryptedSymmetricKey)
}
private fun encryptWithDefaultSymmetricKey(data: String): String {
val masterKey = keyStoreWrapper.getAndroidKeyStoreAsymmetricKeyPair(MASTER_KEY)
val encryptionKey = storage.getEncryptionKey()
val symmetricKey = CipherWrapper(CipherWrapper.TRANSFORMATION_ASYMMETRIC).unWrapKey(encryptionKey, ALGORITHM_AES, Cipher.SECRET_KEY, masterKey?.private) as SecretKey
return CipherWrapper(CipherWrapper.TRANSFORMATION_SYMMETRIC).encrypt(data, symmetricKey)
}
private fun decryptWithDefaultSymmetricKey(data: String): String {
val masterKey = keyStoreWrapper.getAndroidKeyStoreAsymmetricKeyPair(MASTER_KEY)
val encryptionKey = storage.getEncryptionKey()
val symmetricKey = CipherWrapper(CipherWrapper.TRANSFORMATION_ASYMMETRIC).unWrapKey(encryptionKey, ALGORITHM_AES, Cipher.SECRET_KEY, masterKey?.private) as SecretKey
return CipherWrapper(CipherWrapper.TRANSFORMATION_SYMMETRIC).decrypt(data, symmetricKey)
}
/*
* Fingerprint Stage
*/
fun createFingerprintKey() {
}
fun removeFingerprintKey() {
}
fun prepareFingerprintCryptoObject(): FingerprintManager.CryptoObject? {
return null
}
@TargetApi(23)
fun validateFingerprintAuthentication(cryptoObject: FingerprintManager.CryptoObject): Boolean {
return false
}
/*
* Confirm Credential Stage
*/
fun createConfirmCredentialsKey() {
}
fun removeConfirmCredentialsKey() {
}
fun validateConfirmCredentialsAuthentication(): Boolean {
return true
}
}