KeyStoreAPI Upgrade (Encrypt/Decrypt + more) #556
Conversation
+ Receiver receives context, sent to list, delete, encrypt, and decrypt for shared preferences + listKeys is now listData and supports showing secret keys and preferences + printKey supports secret keys and more KeyInfo parameters + deleteKey is now deleteData and supports deleting preferences + deleteData deletes all key-associated preferences upon deletion + generateKey supports more key parameters (mode, padding, purposes, unlocked, invalidate, auths) + generateKey supports secret keys + generateKey refactored + encryptData added + encryptData supports Keystore Ciphers + encryptData supports reading from path or stdin + encryptData supports writing to shared preferences or stdout + encryptData writes output in the form [IV.length][IV][Encrypted Data], if IV.length is 0 then IV omitted + encryptedData never exposes data to Strings, stays as byte arrays and is flushed with zeroes after use + encryptedData supports a quiet flag so encrypted data does not show in stdout + encryptedData supports multiple shared preferences stored as a JSON with a key, value pair + encryptedData encodes output to Base64 + decryptData added + decryptData supports Keystore Ciphers + decryptData supports reading from path, shared preferences, or stdin + decryptData supports writing to stdout + decryptData reads output in the form [IV.length][IV][Encrypted Data], if IV.length is 0 then IV omitted + decryptedData never exposes data to Strings, stays as byte arrays and is flushed with zeroes after use + decryptedData supports a quiet flag so decrypted data does not show in stdout + decryptedData supports reading from JSON shared preferences with a key, value pair + decryptedData encodes output to Base64 + decomposeBinary (for purposes and authorizations) + getPrefsJSON and setPrefJSON (preferences as JSON) + getIVSpec (support different AlgorithmParameterSpecs) + getKey (get Public or Secret key for encryption, Private or Secret key for decryption) + readFile (also supports Android < 8.0) + Replaced ECGenParameterSpec and RSAKeyGenParameterSpec with AlgorithmParameterSpec - Removed unnecessary imports and casts
FingerprintAPI + Support for `authenticationTimeout` extra + Supports `EXTRA_LOCK_ACTION` which locks FingerprintAPI call until Authentication Callback + Supports specifying authentication scheme(s) KeystoreAPI + Supports retrying authentication + Code optimization (cipherCall(), getKey(), getKeyInfo(), string compares)
For API<=29 (unfortunately, had to stop support for device credentials <=29 as there is inconsistent callback behaviour)
|
Getting build error with latest commit
|
Unfortunately, I'm too busy to work on this, when I had built it last year it was fine, not sure if there's a conflict with a new API version, but all this part of the code does is close the fingerprint fragment activity once finished, as it left an overlay, the discussion is here #550 (comment) and the comments proceeding (including my hidden ones, I did that just for brevity) I'm not sure I understand the error though, cannot find symbol? is it referring to Where exactly was the ^ pointing to? Or was it in-line as you showed? If that's the case it seems like an odd error, could be a tab-representation problem |
Fixes #550, resolves #246
Requires termux/termux-api-package#161 and termux/termux-app#3043
Receiver receives context, sent to list, delete, encrypt, and decrypt for shared preferences
listKeys is now listData and supports showing secret keys and preferences
printKey supports secret keys and more KeyInfo parameters
deleteKey is now deleteData and supports deleting preferences
deleteData deletes all key-associated preferences upon deletion
generateKey supports more key parameters (mode, padding, purposes, unlocked, invalidate, auths)
generateKey supports secret keys
generateKey refactored
encryptData added
encryptData supports Keystore Ciphers
encryptData supports reading from path or stdin
encryptData supports writing to shared preferences or stdout
encryptData writes output in the form [IV.length][IV][Encrypted Data], if IV.length is 0 then IV omitted
encryptedData never exposes data to Strings, stays as byte arrays and is flushed with zeroes after use
encryptedData supports a quiet flag so encrypted data does not show in stdout
encryptedData supports multiple shared preferences stored as a JSON with a key, value pair
encryptedData encodes output to Base64
decryptData added
decryptData supports Keystore Ciphers
decryptData supports reading from path, shared preferences, or stdin
decryptData supports writing to stdout
decryptData reads output in the form [IV.length][IV][Encrypted Data], if IV.length is 0 then IV omitted
decryptedData never exposes data to Strings, stays as byte arrays and is flushed with zeroes after use
decryptedData supports a quiet flag so decrypted data does not show in stdout
decryptedData supports reading from JSON shared preferences with a key, value pair
decryptedData encodes output to Base64
decomposeBinary (for purposes and authorizations)
getPrefsJSON and setPrefJSON (preferences as JSON)
getIVSpec (support different AlgorithmParameterSpecs)
getKey (get Public or Secret key for encryption, Private or Secret key for decryption)
readFile (also supports Android < 8.0)
Replaced ECGenParameterSpec and RSAKeyGenParameterSpec with AlgorithmParameterSpec