fix: strongbox was broken for some platforms

oxen-io · Jun 10, 2022 · 4cfe871 · 4cfe871
1 parent d0487c0
commit 4cfe871
Show file tree

Hide file tree

Showing 3 changed files with 30 additions and 6 deletions.
diff --git a/app/build.gradle b/app/build.gradle
@@ -159,7 +159,7 @@ dependencies {
     testImplementation 'org.robolectric:shadows-multidex:4.4'
 }
 
-def canonicalVersionCode = 282
+def canonicalVersionCode = 283
 def canonicalVersionName = "1.13.4"
 
 def postFixSize = 10

diff --git a/app/src/main/java/org/thoughtcrime/securesms/crypto/BiometricSecretProvider.kt b/app/src/main/java/org/thoughtcrime/securesms/crypto/BiometricSecretProvider.kt
@@ -1,10 +1,10 @@
 package org.thoughtcrime.securesms.crypto
 
 import android.content.Context
-import android.content.pm.PackageManager
 import android.os.Build
 import android.security.keystore.KeyGenParameterSpec
 import android.security.keystore.KeyProperties
+import org.session.libsession.utilities.TextSecurePreferences
 import org.session.libsession.utilities.Util
 import java.security.KeyPairGenerator
 import java.security.KeyStore
@@ -39,9 +39,6 @@ class BiometricSecretProvider {
 
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
             builder.setUnlockedDeviceRequired(true)
-            if (context.packageManager.hasSystemFeature(PackageManager.FEATURE_STRONGBOX_KEYSTORE)) {
-                builder.setIsStrongBoxBacked(true)
-            }
         }
 
         if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
@@ -54,8 +51,12 @@ class BiometricSecretProvider {
     fun getOrCreateBiometricSignature(context: Context): Signature {
         val ks = KeyStore.getInstance(ANDROID_KEYSTORE)
         ks.load(null)
-        if (!ks.containsAlias(BIOMETRIC_ASYM_KEY_ALIAS)) {
+        if (!ks.containsAlias(BIOMETRIC_ASYM_KEY_ALIAS)
+            || !ks.entryInstanceOf(BIOMETRIC_ASYM_KEY_ALIAS, KeyStore.PrivateKeyEntry::class.java)
+            || !TextSecurePreferences.getFingerprintKeyGenerated(context)
+        ) {
             createAsymmetricKey(context)
+            TextSecurePreferences.setFingerprintKeyGenerated(context)
         }
         val key = ks.getKey(BIOMETRIC_ASYM_KEY_ALIAS, null) as PrivateKey
         val signature = Signature.getInstance(SIGNATURE_ALGORITHM)

diff --git a/libsession/src/main/java/org/session/libsession/utilities/TextSecurePreferences.kt b/libsession/src/main/java/org/session/libsession/utilities/TextSecurePreferences.kt
@@ -163,6 +163,8 @@ interface TextSecurePreferences {
     fun isCallNotificationsEnabled(): Boolean
     fun getLastVacuum(): Long
     fun setLastVacuumNow()
+    fun getFingerprintKeyGenerated(): Boolean
+    fun setFingerprintKeyGenerated()
     fun clearAll()
 
     companion object {
@@ -244,6 +246,7 @@ interface TextSecurePreferences {
         const val SHOWN_CALL_WARNING = "pref_shown_call_warning" // call warning is user-facing warning of enabling calls
         const val SHOWN_CALL_NOTIFICATION = "pref_shown_call_notification" // call notification is a promp to check privacy settings
         const val LAST_VACUUM_TIME = "pref_last_vacuum_time"
+        const val FINGERPRINT_KEY_GENERATED = "fingerprint_key_generated"
 
         @JvmStatic
         fun getLastConfigurationSyncTime(context: Context): Long {
@@ -923,10 +926,21 @@ interface TextSecurePreferences {
             setLongPreference(context, LAST_VACUUM_TIME, System.currentTimeMillis())
         }
 
+        @JvmStatic
+        fun getFingerprintKeyGenerated(context: Context): Boolean {
+            return getBooleanPreference(context, FINGERPRINT_KEY_GENERATED, false)
+        }
+
+        @JvmStatic
+        fun setFingerprintKeyGenerated(context: Context) {
+            setBooleanPreference(context, FINGERPRINT_KEY_GENERATED, true)
+        }
+
         @JvmStatic
         fun clearAll(context: Context) {
             getDefaultSharedPreferences(context).edit().clear().commit()
         }
+
     }
 }
 
@@ -1522,6 +1536,15 @@ class AppTextSecurePreferences @Inject constructor(
         setBooleanPreference(TextSecurePreferences.HAS_HIDDEN_MESSAGE_REQUESTS, true)
     }
 
+    override fun getFingerprintKeyGenerated(): Boolean {
+        return getBooleanPreference(TextSecurePreferences.FINGERPRINT_KEY_GENERATED, false)
+    }
+
+    override fun setFingerprintKeyGenerated() {
+        setBooleanPreference(TextSecurePreferences.FINGERPRINT_KEY_GENERATED, true)
+    }
+
+
     override fun clearAll() {
         getDefaultSharedPreferences(context).edit().clear().commit()
     }