Skip to content
Permalink
Browse files Browse the repository at this point in the history
check e2e keys
Signed-off-by: tobiasKaminsky <tobias@kaminsky.me>
  • Loading branch information
tobiasKaminsky authored and backportbot[bot] committed May 20, 2021
1 parent 4f36e9e commit 355f3c7
Show file tree
Hide file tree
Showing 3 changed files with 85 additions and 9 deletions.
Expand Up @@ -52,6 +52,8 @@
import java.util.Random;
import java.util.Set;

import javax.crypto.BadPaddingException;

import androidx.test.runner.AndroidJUnit4;

import static androidx.test.InstrumentationRegistry.getInstrumentation;
Expand Down Expand Up @@ -144,6 +146,33 @@ public void encryptStringAsymmetric() throws Exception {
assertTrue(Arrays.equals(key1, key2));
}

@Test
public void encryptStringAsymmetricCorrectPublicKey() throws Exception {
KeyPair keyPair = EncryptionUtils.generateKeyPair();

byte[] key1 = generateKey();
String base64encodedKey = encodeBytesToBase64String(key1);

String encryptedString = EncryptionUtils.encryptStringAsymmetric(base64encodedKey, keyPair.getPublic());
String decryptedString = decryptStringAsymmetric(encryptedString, keyPair.getPrivate());

byte[] key2 = decodeStringToBase64Bytes(decryptedString);

assertTrue(Arrays.equals(key1, key2));
}

@Test(expected = BadPaddingException.class)
public void encryptStringAsymmetricWrongPublicKey() throws Exception {
KeyPair keyPair1 = EncryptionUtils.generateKeyPair();
KeyPair keyPair2 = EncryptionUtils.generateKeyPair();

byte[] key1 = generateKey();
String base64encodedKey = encodeBytesToBase64String(key1);

String encryptedString = EncryptionUtils.encryptStringAsymmetric(base64encodedKey, keyPair1.getPublic());
decryptStringAsymmetric(encryptedString, keyPair2.getPrivate());
}

@Test
public void encryptStringSymmetricRandom() throws Exception {
int max = 500;
Expand Down
Expand Up @@ -52,6 +52,7 @@
import java.io.IOException;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;

Expand All @@ -61,6 +62,11 @@
import androidx.core.graphics.drawable.DrawableCompat;
import androidx.fragment.app.DialogFragment;

import static com.owncloud.android.utils.EncryptionUtils.decodeStringToBase64Bytes;
import static com.owncloud.android.utils.EncryptionUtils.decryptStringAsymmetric;
import static com.owncloud.android.utils.EncryptionUtils.encodeBytesToBase64String;
import static com.owncloud.android.utils.EncryptionUtils.generateKey;

/*
* Dialog to setup encryption
*/
Expand Down Expand Up @@ -187,24 +193,43 @@ public void onClick(View view) {
String privateKey = task.get();
String mnemonicUnchanged = passwordField.getText().toString();
String mnemonic = passwordField.getText().toString().replaceAll("\\s", "")
.toLowerCase(Locale.ROOT);
.toLowerCase(Locale.ROOT);
String decryptedPrivateKey = EncryptionUtils.decryptPrivateKey(privateKey,
mnemonic);
mnemonic);

arbitraryDataProvider.storeOrUpdateKeyValue(user.getAccountName(),
EncryptionUtils.PRIVATE_KEY, decryptedPrivateKey);
EncryptionUtils.PRIVATE_KEY, decryptedPrivateKey);

dialog.dismiss();
Log_OC.d(TAG, "Private key successfully decrypted and stored");

arbitraryDataProvider.storeOrUpdateKeyValue(user.getAccountName(), EncryptionUtils.MNEMONIC,
mnemonicUnchanged);
arbitraryDataProvider.storeOrUpdateKeyValue(user.getAccountName(),
EncryptionUtils.MNEMONIC,
mnemonicUnchanged);

// check if private key and public key match
String publicKey = arbitraryDataProvider.getValue(user.getAccountName(),
EncryptionUtils.PUBLIC_KEY);

byte[] key1 = generateKey();
String base64encodedKey = encodeBytesToBase64String(key1);

String encryptedString = EncryptionUtils.encryptStringAsymmetric(base64encodedKey,
publicKey);
String decryptedString = decryptStringAsymmetric(encryptedString,
decryptedPrivateKey);

byte[] key2 = decodeStringToBase64Bytes(decryptedString);

if (!Arrays.equals(key1, key2)) {
throw new Exception("Keys do not match");

Check warning on line 225 in src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java

Codacy Production / Codacy Static Code Analysis

src/main/java/com/owncloud/android/ui/dialog/SetupEncryptionDialogFragment.java#L225

Avoid throwing raw exception types.
}

Intent intentExisting = new Intent();
intentExisting.putExtra(SUCCESS, true);
intentExisting.putExtra(ARG_POSITION, getArguments().getInt(ARG_POSITION));
getTargetFragment().onActivityResult(getTargetRequestCode(),
SETUP_ENCRYPTION_RESULT_CODE, intentExisting);
SETUP_ENCRYPTION_RESULT_CODE, intentExisting);

} catch (Exception e) {
textView.setText(R.string.end_to_end_encryption_wrong_password);
Expand Down Expand Up @@ -257,7 +282,8 @@ protected String doInBackground(Void... voids) {
Log_OC.d(TAG, "public key successful downloaded for " + user.getAccountName());

String publicKeyFromServer = (String) publicKeyResult.getData().get(0);
arbitraryDataProvider.storeOrUpdateKeyValue(user.getAccountName(), EncryptionUtils.PUBLIC_KEY,
arbitraryDataProvider.storeOrUpdateKeyValue(user.getAccountName(),
EncryptionUtils.PUBLIC_KEY,
publicKeyFromServer);
} else {
return null;
Expand Down
25 changes: 23 additions & 2 deletions src/main/java/com/owncloud/android/utils/EncryptionUtils.java
Expand Up @@ -384,7 +384,7 @@ public static String encryptStringAsymmetric(String string, String cert)
Cipher cipher = Cipher.getInstance(RSA_CIPHER);

String trimmedCert = cert.replace("-----BEGIN CERTIFICATE-----\n", "")
.replace("-----END CERTIFICATE-----\n", "");
.replace("-----END CERTIFICATE-----\n", "");
byte[] encodedCert = trimmedCert.getBytes(StandardCharsets.UTF_8);
byte[] decodedCert = org.apache.commons.codec.binary.Base64.decodeBase64(encodedCert);

Expand All @@ -401,6 +401,17 @@ public static String encryptStringAsymmetric(String string, String cert)
return encodeBytesToBase64String(cryptedBytes);
}

public static String encryptStringAsymmetric(String string, PublicKey publicKey) throws NoSuchPaddingException,
NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance(RSA_CIPHER);
cipher.init(Cipher.ENCRYPT_MODE, publicKey);

byte[] bytes = encodeStringToBase64Bytes(string);
byte[] cryptedBytes = cipher.doFinal(bytes);

return encodeBytesToBase64String(cryptedBytes);
}


/**
* Decrypt string with RSA algorithm, ECB mode, OAEPWithSHA-256AndMGF1 padding
Expand All @@ -414,7 +425,7 @@ public static String decryptStringAsymmetric(String string, String privateKeyStr
throws NoSuchAlgorithmException,
NoSuchPaddingException, InvalidKeyException,
BadPaddingException, IllegalBlockSizeException,
InvalidKeySpecException {
InvalidKeySpecException {

Cipher cipher = Cipher.getInstance(RSA_CIPHER);

Expand All @@ -431,6 +442,16 @@ public static String decryptStringAsymmetric(String string, String privateKeyStr
return decodeBase64BytesToString(encodedBytes);
}

public static String decryptStringAsymmetric(String string, PrivateKey privateKey) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException {
Cipher cipher = Cipher.getInstance(RSA_CIPHER);
cipher.init(Cipher.DECRYPT_MODE, privateKey);

byte[] bytes = decodeStringToBase64Bytes(string);
byte[] encodedBytes = cipher.doFinal(bytes);

return decodeBase64BytesToString(encodedBytes);
}

/**
* Encrypt string with RSA algorithm, ECB mode, OAEPWithSHA-256AndMGF1 padding Asymmetric encryption, with private
* and public key
Expand Down

0 comments on commit 355f3c7

Please sign in to comment.