fix(shared-prefs): rely on keyGenerator.generateKey for storing the key

SUITEDEV-36807 Co-authored-by: LasOri <[email protected]>
emartech · Oct 18, 2024 · 031daf9 · 031daf9
1 parent d9ac54d
commit 031daf9
Show file tree

Hide file tree

Showing 3 changed files with 23 additions and 23 deletions.
diff --git a/core/src/androidTest/java/com/emarsys/core/crypto/SharedPreferenceCryptoTest.kt b/core/src/androidTest/java/com/emarsys/core/crypto/SharedPreferenceCryptoTest.kt
@@ -19,6 +19,10 @@ import javax.crypto.SecretKey
 import javax.crypto.spec.GCMParameterSpec
 
 class SharedPreferenceCryptoTest : AnnotationSpec() {
+    private companion object {
+        const val encryptedBase64 = "Base64EncryptedBase64IV123123"
+
+    }
 
     private lateinit var sharedPreferenceCrypto: SharedPreferenceCrypto
     private lateinit var mockKeyStore: KeyStore
@@ -68,13 +72,11 @@ class SharedPreferenceCryptoTest : AnnotationSpec() {
         every { mockKeyStore.containsAlias(any()) } returns false
         every { mockKeyGenerator.init(any<KeyGenParameterSpec>()) } just Runs
         every { mockKeyGenerator.generateKey() } returns mockSecretKey
-        every { mockKeyStore.setEntry(any(), any(), null) } just Runs
 
         val result = sharedPreferenceCrypto.getOrCreateSecretKey()
 
         result shouldBe mockSecretKey
         verify { mockKeyGenerator.generateKey() }
-        verify { mockKeyStore.setEntry(any(), any(), null) }
     }
 
     @Test
@@ -112,7 +114,6 @@ class SharedPreferenceCryptoTest : AnnotationSpec() {
 
     @Test
     fun testDecrypt_Success() {
-        val value = "IVBase64EncryptedBase64"
         val ivBytes = byteArrayOf(1, 2, 3, 4)
         val encryptedBytes = byteArrayOf(5, 6, 7, 8)
         val decryptedBytes = "decrypted".toByteArray()
@@ -130,24 +131,30 @@ class SharedPreferenceCryptoTest : AnnotationSpec() {
         } just Runs
         every { mockCipher.doFinal(encryptedBytes) } returns decryptedBytes
 
-        val result = sharedPreferenceCrypto.decrypt(value, mockSecretKey)
+        val result = sharedPreferenceCrypto.decrypt(encryptedBase64, mockSecretKey)
 
         result shouldBe "decrypted"
     }
 
     @Test
     fun testDecrypt_Exception() {
-        val value = "IVBase64EncryptedBase64"
-
+        val IVValue = "Base64EncryptedBase64IV123"
+        val decryptedBytes = encryptedBase64.toByteArray()
+        every {
+            mockCipher.init(any(), mockSecretKey, any<GCMParameterSpec>())
+        } just Runs
+        every {
+            mockCipher.doFinal(any())
+        } returns decryptedBytes
         every {
             Base64.decode(
-                any<String>(),
+                IVValue,
                 Base64.DEFAULT
             )
         } throws GeneralSecurityException("Decryption failed")
 
-        val result = sharedPreferenceCrypto.decrypt(value, mockSecretKey)
+        val result = sharedPreferenceCrypto.decrypt(encryptedBase64, mockSecretKey)
 
-        result shouldBe value
+        result shouldBe encryptedBase64
     }
 }
diff --git a/core/src/main/java/com/emarsys/core/crypto/SharedPreferenceCrypto.kt b/core/src/main/java/com/emarsys/core/crypto/SharedPreferenceCrypto.kt
@@ -31,13 +31,7 @@ class SharedPreferenceCrypto {
                 .setKeySize(256)
                 .build()
             keyGenerator.init(keyGenParameterSpec)
-            val secretKey = keyGenerator.generateKey()
-            keyStore.setEntry(
-                KEYSTORE_ALIAS,
-                KeyStore.SecretKeyEntry(secretKey),
-                null
-            )
-            return secretKey
+            return keyGenerator.generateKey()
         }
 
         return keyStore.getKey(KEYSTORE_ALIAS, null) as SecretKey
@@ -60,17 +54,19 @@ class SharedPreferenceCrypto {
 
     fun decrypt(value: String, secretKey: SecretKey): String {
         return try {
-            val ivBase64 = value.substring(0, 16)
-            val encryptedBase64 = value.substring(16)
-            val ivBytes = Base64.decode(ivBase64, Base64.DEFAULT)
-            val encryptedBytes = Base64.decode(encryptedBase64, Base64.DEFAULT)
+            val ivBytes = Base64.decode(value.substring(0, 16), Base64.DEFAULT)
+            val encryptedBytes = Base64.decode(value.substring(16), Base64.DEFAULT)
+
             val cipher = Cipher.getInstance("AES/GCM/NoPadding")
             cipher.init(Cipher.DECRYPT_MODE, secretKey, GCMParameterSpec(128, ivBytes))
             val decrypted = cipher.doFinal(encryptedBytes)
             String(decrypted)
         } catch (e: GeneralSecurityException) {
             e.printStackTrace()
             value
+        } catch (e: IllegalArgumentException) {
+            e.printStackTrace()
+            value
         }
     }
 }
diff --git a/emarsys-e2e-test/src/androidTest/java/com/emarsys/EmarsysE2ETests.kt b/emarsys-e2e-test/src/androidTest/java/com/emarsys/EmarsysE2ETests.kt
@@ -64,7 +64,6 @@ class EmarsysE2ETests : AnnotationSpec() {
     }
 
     @Test
-
     fun testChangeApplicationCodeFromNull() {
         setup(null)
 
@@ -83,7 +82,6 @@ class EmarsysE2ETests : AnnotationSpec() {
     }
 
     @Test
-
     fun testChangeApplicationCodeToNull() {
         var disabled = true
         setup(APPLICATION_CODE)
@@ -107,7 +105,6 @@ class EmarsysE2ETests : AnnotationSpec() {
     }
 
     @Test
-
     fun testInbox_addTag_removeTag() {
         setup(APPLICATION_CODE)