only delete keys if permanently not accessible, additonal error logs

ajungg · ajungg · commit a7f9ab871d02 · 2021-09-13T15:59:12.000+02:00
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [0.48.3]
+
+### Changes
+- Additional logging for KeyStore related problems
+- Only invalidate KeyStore when keys are permanently inaccessible
+
 ## [0.48.2]
 
 ### Fixed
diff --git a/build.gradle b/build.gradle
@@ -31,7 +31,7 @@ allprojects {
     }
 
     project.ext {
-        sdkVersion='0.48.2'
+        sdkVersion='0.48.3'
         versionCode=1
 
         compileSdkVersion=31
diff --git a/core/src/main/java/io/snabble/sdk/Events.java b/core/src/main/java/io/snabble/sdk/Events.java
@@ -294,7 +294,7 @@ public EventType getEventType() {
         }
     }
 
-    public static void logErrorEvent(String projectId, String format, Object... args) {
+    private static Project getUsableProject(String projectId) {
         // since we have no error logging without a project, we try to find the project by id
         // and if no project is found we just use the first project to at least log it to something
         Project project = Snabble.getInstance().getProjectById(projectId);
@@ -305,6 +305,18 @@ public static void logErrorEvent(String projectId, String format, Object... args
             }
         }
 
+        return project;
+    }
+
+    public static void logErrorEvent(String projectId, String format, Object... args) {
+        Project project = getUsableProject(projectId);
+        if (project != null) {
+            project.logErrorEvent(format, args);
+        }
+    }
+
+    public static void logWarningEvent(String projectId, String format, Object... args) {
+        Project project = getUsableProject(projectId);
         if (project != null) {
             project.logErrorEvent(format, args);
         }
diff --git a/core/src/main/java/io/snabble/sdk/Project.java b/core/src/main/java/io/snabble/sdk/Project.java
@@ -578,6 +578,13 @@ public void logErrorEvent(String format, Object... args) {
         }
     }
 
+    public void logEvent(String format, Object... args) {
+        if (events != null) {
+            Logger.e(format, args);
+            events.log(format, args);
+        }
+    }
+
     /**
      * Sets the customer card number for user identification with the backend.
      */
diff --git a/core/src/main/java/io/snabble/sdk/Snabble.java b/core/src/main/java/io/snabble/sdk/Snabble.java
@@ -87,6 +87,7 @@ public void setup(Application app, Config config, final SetupCompletionListener
         this.config = config;
 
         Logger.setErrorEventHandler((message, args) -> Events.logErrorEvent(null, message, args));
+        Logger.setLogEventHandler((message, args) -> Events.logErrorEvent(null, message, args));
 
         if (config.appId == null || config.secret == null) {
             setupCompletionListener.onError(Error.CONFIG_PARAMETER_MISSING);
diff --git a/utils/src/main/java/io/snabble/sdk/utils/Logger.java b/utils/src/main/java/io/snabble/sdk/utils/Logger.java
@@ -14,6 +14,7 @@ public class Logger {
 
     private static boolean isEnabled = BuildConfig.DEBUG;
     private static ErrorEventHandler errorEventHandler = null;
+    private static LogEventHandler logEventHandler = null;
 
     public static void setEnabled(boolean enable) {
         isEnabled = enable;
@@ -101,4 +102,19 @@ public static void errorEvent(String message, Object... args) {
             e.logErrorEvent(message, args);
         }
     }
+
+    public interface LogEventHandler {
+        void logEvent(String message, Object... args);
+    }
+
+    public static void setLogEventHandler(LogEventHandler e) {
+        logEventHandler = e;
+    }
+
+    public static void logEvent(String message, Object... args) {
+        LogEventHandler e = logEventHandler;
+        if (e != null) {
+            e.logEvent(message, args);
+        }
+    }
 }
diff --git a/utils/src/main/java/io/snabble/sdk/utils/security/KeyStoreCipherMarshmallow.java b/utils/src/main/java/io/snabble/sdk/utils/security/KeyStoreCipherMarshmallow.java
@@ -30,7 +30,9 @@ public class KeyStoreCipherMarshmallow extends KeyStoreCipher {
     private KeyStore keyStore;
     private String alias;
     private boolean requireUserAuthentication;
-
+    private boolean wasNotAccessible = false;
+    private boolean wasPermanentlyInvalidated = false;
+    
     KeyStoreCipherMarshmallow(String alias, boolean requireUserAuthentication) {
         this.alias = alias + "_M";
         this.requireUserAuthentication = requireUserAuthentication;
@@ -89,15 +91,34 @@ private boolean isKeyAccessible() {
             IvParameterSpec ivParameterSpec = new IvParameterSpec(FIXED_IV);
             Key key = keyStore.getKey(alias, null);
             c.init(Cipher.ENCRYPT_MODE, key, ivParameterSpec);
+            logWasNotAccessible();
             return true;
         } catch (UserNotAuthenticatedException e) {
+            logWasNotAccessible();
             return true;
-        } catch (Exception e) {
-            Logger.errorEvent("KeyStore inaccessible: " + e.getClass().getName() + ": " + e.getMessage());
+        } catch (KeyPermanentlyInvalidatedException e) {
+            wasPermanentlyInvalidated = true;
+            Logger.errorEvent("KeyStore permanently invalidated " + e.getClass().getName() + ": " + e.getMessage());
             return false;
+        }  catch (Exception e) {
+            wasNotAccessible = true;
+            Logger.logEvent("KeyStore inaccessible: " + e.getClass().getName() + ": " + e.getMessage());
+            return true;
         }
     }
+    
+    private void logWasNotAccessible() {
+        if (wasNotAccessible) {
+            Logger.logEvent("KeyStore was not accessible, but is now accessible again");
+            wasNotAccessible = false;
+        }
 
+        if (wasPermanentlyInvalidated) {
+            Logger.logEvent("KeyStore was permanently invalidated, but is now recreated");
+            wasPermanentlyInvalidated = false;
+        }
+    }
+    
     @Override
     public String id() {
         try {

Original file line number	Diff line number	Diff line change
`@@ -31,7 +31,7 @@ allprojects {`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`project.ext {`
`34`		`- sdkVersion='0.48.2'`
	`34`	`+ sdkVersion='0.48.3'`
`35`	`35`	`versionCode=1`
`36`	`36`
`37`	`37`	`compileSdkVersion=31`
Original file line number	Diff line number	Diff line change
`@@ -294,7 +294,7 @@ public EventType getEventType() {`
`294`	`294`	`}`
`295`	`295`	`}`
`296`	`296`
`297`		`- public static void logErrorEvent(String projectId, String format, Object... args) {`
	`297`	`+ private static Project getUsableProject(String projectId) {`
`298`	`298`	`// since we have no error logging without a project, we try to find the project by id`
`299`	`299`	`// and if no project is found we just use the first project to at least log it to something`
`300`	`300`	`Project project = Snabble.getInstance().getProjectById(projectId);`
`@@ -305,6 +305,18 @@ public static void logErrorEvent(String projectId, String format, Object... args`
`305`	`305`	`}`
`306`	`306`	`}`
`307`	`307`
	`308`	`+ return project;`
	`309`	`+ }`
	`310`	`+`
	`311`	`+ public static void logErrorEvent(String projectId, String format, Object... args) {`
	`312`	`+ Project project = getUsableProject(projectId);`
	`313`	`+ if (project != null) {`
	`314`	`+ project.logErrorEvent(format, args);`
	`315`	`+ }`
	`316`	`+ }`
	`317`	`+`
	`318`	`+ public static void logWarningEvent(String projectId, String format, Object... args) {`
	`319`	`+ Project project = getUsableProject(projectId);`
`308`	`320`	`if (project != null) {`
`309`	`321`	`project.logErrorEvent(format, args);`
`310`	`322`	`}`
Original file line number	Diff line number	Diff line change
`@@ -578,6 +578,13 @@ public void logErrorEvent(String format, Object... args) {`
`578`	`578`	`}`
`579`	`579`	`}`
`580`	`580`
	`581`	`+ public void logEvent(String format, Object... args) {`
	`582`	`+ if (events != null) {`
	`583`	`+ Logger.e(format, args);`
	`584`	`+ events.log(format, args);`
	`585`	`+ }`
	`586`	`+ }`
	`587`	`+`
`581`	`588`	`/**`
`582`	`589`	`* Sets the customer card number for user identification with the backend.`
`583`	`590`	`*/`