get rid of keystore exception on first call (#533)

2019-02-14 23:45:01 +01:00 · 2019-02-14 23:45:01 +01:00 · 08b5a87f19
parent 445d8acc38
commit 08b5a87f19
1 changed files with 29 additions and 41 deletions
--- a/app/src/main/java/com/m2049r/xmrwallet/util/KeyStoreHelper.java
+++ b/app/src/main/java/com/m2049r/xmrwallet/util/KeyStoreHelper.java
@ -244,32 +244,48 @@ public class KeyStoreHelper {
        Timber.d("M Keys created");
    }

-    private static KeyStore.PrivateKeyEntry getPrivateKeyEntry(String alias) {
+    private static PrivateKey getPrivateKey(String alias) {
        try {
            KeyStore ks = KeyStore
                    .getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            ks.load(null);
-            KeyStore.Entry entry = ks.getEntry(alias, null);
+            //KeyStore.Entry entry = ks.getEntry(alias, null);
+            PrivateKey privateKey = (PrivateKey) ks.getKey(alias, null);

-            if (entry == null) {
+            if (privateKey == null) {
                Timber.w("No key found under alias: %s", alias);
                return null;
            }

-            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
-                Timber.w("Not an instance of a PrivateKeyEntry");
-                return null;
-            }
-            return (KeyStore.PrivateKeyEntry) entry;
+            return privateKey;
        } catch (IOException | NoSuchAlgorithmException | CertificateException
                | UnrecoverableEntryException | KeyStoreException ex) {
            throw new IllegalStateException(ex);
        }
    }

+    private static PublicKey getPublicKey(String alias) {
+        try {
+            KeyStore ks = KeyStore
+                    .getInstance(SecurityConstants.KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
+            ks.load(null);
+
+            PublicKey publicKey = ks.getCertificate(alias).getPublicKey();
+
+            if (publicKey == null) {
+                Timber.w("No public key");
+                return null;
+            }
+            return publicKey;
+        } catch (IOException | NoSuchAlgorithmException | CertificateException
+                | KeyStoreException ex) {
+            throw new IllegalStateException(ex);
+        }
+    }
+
    private static byte[] encrypt(String alias, byte[] data) {
        try {
-            PublicKey publicKey = getPrivateKeyEntry(alias).getCertificate().getPublicKey();
+            PublicKey publicKey = getPublicKey(alias);
            Cipher cipher = Cipher.getInstance(SecurityConstants.CIPHER_RSA_ECB_PKCS1);

            cipher.init(Cipher.ENCRYPT_MODE, publicKey);
@ -283,9 +299,8 @@ public class KeyStoreHelper {

    private static byte[] decrypt(String alias, byte[] data) {
        try {
-            KeyStore.PrivateKeyEntry pke = getPrivateKeyEntry(alias);
-            if (pke == null) return null;
-            PrivateKey privateKey = pke.getPrivateKey();
+            PrivateKey privateKey = getPrivateKey(alias);
+            if (privateKey == null) return null;
            Cipher cipher = Cipher.getInstance(SecurityConstants.CIPHER_RSA_ECB_PKCS1);

            cipher.init(Cipher.DECRYPT_MODE, privateKey);
@ -306,41 +321,14 @@ public class KeyStoreHelper {
     */
    private static byte[] signData(String alias, byte[] data) throws NoSuchAlgorithmException,
            InvalidKeyException, SignatureException {
-        KeyStore.PrivateKeyEntry pke = getPrivateKeyEntry(alias);
-        if (pke == null) return null;
-        PrivateKey privateKey = getPrivateKeyEntry(alias).getPrivateKey();
+        PrivateKey privateKey = getPrivateKey(alias);
+        if (privateKey == null) return null;
        Signature s = Signature.getInstance(SecurityConstants.SIGNATURE_SHA256withRSA);
        s.initSign(privateKey);
        s.update(data);
        return s.sign();
    }

-    /**
-     * Given some data and a signature, uses the key pair stored in the Android
-     * Key Store to verify that the data was signed by this application, using
-     * that key pair.
-     *
-     * @param data      The data to be verified.
-     * @param signature The signature provided for the data.
-     * @return A boolean value telling you whether the signature is valid or
-     * not.
-     */
-    private static boolean verifyData(String alias, byte[] data, byte[] signature)
-            throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
-
-        // Make sure the signature string exists
-        if (signature == null) {
-            Timber.w("Invalid signature.");
-            return false;
-        }
-
-        KeyStore.PrivateKeyEntry keyEntry = getPrivateKeyEntry(alias);
-        Signature s = Signature.getInstance(SecurityConstants.SIGNATURE_SHA256withRSA);
-        s.initVerify(keyEntry.getCertificate());
-        s.update(data);
-        return s.verify(signature);
-    }
-
    public interface SecurityConstants {
        String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
        String TYPE_RSA = "RSA";