From 18ae0f1c0e714c8978c5c8eb736c523a2a143347 Mon Sep 17 00:00:00 2001 From: orhanobut Date: Fri, 29 May 2015 11:34:03 +0200 Subject: [PATCH 1/5] backup algorithm is fixed --- .../orhanobut/hawksample/MainActivity.java | 45 +++++++++++-------- .../com/orhanobut/hawk/HawkBackupTest.java | 1 + .../orhanobut/hawk/AesCbcWithIntegrity.java | 1 + .../com/orhanobut/hawk/AesEncryption.java | 13 ++++-- .../main/java/com/orhanobut/hawk/Hawk.java | 2 +- 5 files changed, 39 insertions(+), 23 deletions(-) diff --git a/app/src/main/java/com/orhanobut/hawksample/MainActivity.java b/app/src/main/java/com/orhanobut/hawksample/MainActivity.java index 7a0edb9..0a87529 100644 --- a/app/src/main/java/com/orhanobut/hawksample/MainActivity.java +++ b/app/src/main/java/com/orhanobut/hawksample/MainActivity.java @@ -8,7 +8,6 @@ import com.google.gson.Gson; import com.google.gson.reflect.TypeToken; import com.orhanobut.hawk.Hawk; -import com.orhanobut.hawk.LogLevel; import java.lang.reflect.Type; import java.util.ArrayList; @@ -27,25 +26,33 @@ protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.activity_main); - Hawk.init(this, "asdfasdfds", LogLevel.FULL); - - prefs = getSharedPreferences("BENCHARMK", MODE_PRIVATE); - editor = prefs.edit(); - - benchmarkPrimitivePut(); - benchmarkStringPut(); - benchmarkListObjectPut(); - benchmarkListStringPut(); - benchmarkObjectPut(); - - - benchmarkPrimitiveGet(); - benchmarkStringGet(); - benchmarkListObjectGet(); - benchmarkListStringGet(); - benchmarkObjectGet(); + // Hawk.init(this, "asdfasdfds", LogLevel.FULL); + // + // prefs = getSharedPreferences("BENCHARMK", MODE_PRIVATE); + // editor = prefs.edit(); + // + // benchmarkPrimitivePut(); + // benchmarkStringPut(); + // benchmarkListObjectPut(); + // benchmarkListStringPut(); + // benchmarkObjectPut(); + // + // + // benchmarkPrimitiveGet(); + // benchmarkStringGet(); + // benchmarkListObjectGet(); + // benchmarkListStringGet(); + // benchmarkObjectGet(); + // + // benchmarkDelete(); + testHawkInitWithoutPassword(); + } - benchmarkDelete(); + private void testHawkInitWithoutPassword() { + Hawk.init(this); + Hawk.put("test123", "test"); + Hawk.init(this); + Hawk.get("test123"); } private static final String KEY = "KEY"; diff --git a/hawk/src/androidTest/java/com/orhanobut/hawk/HawkBackupTest.java b/hawk/src/androidTest/java/com/orhanobut/hawk/HawkBackupTest.java index e5a8492..48c5b9f 100644 --- a/hawk/src/androidTest/java/com/orhanobut/hawk/HawkBackupTest.java +++ b/hawk/src/androidTest/java/com/orhanobut/hawk/HawkBackupTest.java @@ -33,6 +33,7 @@ protected void tearDown() throws Exception { public void testBoolean() { Hawk.put("tag", true); + Hawk.init(context); assertEquals(true, Hawk.get("tag")); } diff --git a/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java b/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java index eef6ae1..2cc4f4e 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java +++ b/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java @@ -443,6 +443,7 @@ public void setIntegrityKey(SecretKey integrityKey) { public String toString() { return Base64.encodeToString(getConfidentialityKey().getEncoded(), BASE64_FLAGS) + ":" + Base64.encodeToString(getIntegrityKey().getEncoded(), BASE64_FLAGS); + } @Override diff --git a/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java b/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java index 0c54a3c..a385686 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java +++ b/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java @@ -19,14 +19,16 @@ final class AesEncryption implements Encryption { private final String password; private final Storage storage; private final Encoder encoder; + private final Parser parser; private AesCbcWithIntegrity.SecretKeys key; private String saltKey; - AesEncryption(Storage storage, Encoder encoder, String password) { + AesEncryption(Storage storage, Encoder encoder, Parser parser, String password) { this.storage = storage; this.encoder = encoder; this.password = password; + this.parser = parser; } @Override @@ -112,11 +114,16 @@ private AesCbcWithIntegrity.SecretKeys getSecretKeysWithoutPassword() { AesCbcWithIntegrity.SecretKeys key = null; String keys = storage.get(KEY_GENERATED_SECRET_KEYS); if (keys != null) { - key = encoder.decodeSerializable(keys); + try { + key = AesCbcWithIntegrity.keys(keys); + } catch (Exception e) { + Logger.i("keys was not correct value, it is reset"); + } } if (key == null) { key = AesCbcWithIntegrity.generateKey(); - storage.put(KEY_GENERATED_SECRET_KEYS, encoder.encode(key)); + String parsed = key.toString(); + storage.put(KEY_GENERATED_SECRET_KEYS, parsed); } return key; } catch (GeneralSecurityException e) { diff --git a/hawk/src/main/java/com/orhanobut/hawk/Hawk.java b/hawk/src/main/java/com/orhanobut/hawk/Hawk.java index 10d0f7c..a38771a 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/Hawk.java +++ b/hawk/src/main/java/com/orhanobut/hawk/Hawk.java @@ -97,7 +97,7 @@ public static void init(Context context, String password, LogLevel logLevel) { } Storage cryptoStorage = new SharedPreferencesStorage(appContext, TAG_CRYPTO); - Hawk.encryption = new AesEncryption(cryptoStorage, encoder, password); + Hawk.encryption = new AesEncryption(cryptoStorage, encoder, new GsonParser(new Gson()), password); boolean result = Hawk.encryption.init(); setEncryptionMode(result); } From 8a9bd52fbacba0772dec5cba1625fb028b5c4da4 Mon Sep 17 00:00:00 2001 From: orhanobut Date: Fri, 29 May 2015 11:46:17 +0200 Subject: [PATCH 2/5] securerandom added --- hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java b/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java index 2cc4f4e..d363acd 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java +++ b/hawk/src/main/java/com/orhanobut/hawk/AesCbcWithIntegrity.java @@ -217,7 +217,7 @@ public static byte[] generateIv() throws GeneralSecurityException { private static byte[] randomBytes(int length) throws GeneralSecurityException { fixPrng(); - SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM); + SecureRandom random = SecureRandom.getInstance(RANDOM_ALGORITHM, "Crypto"); byte[] b = new byte[length]; random.nextBytes(b); return b; From a26bfacffc5a5ba80bd512af306dd5750c60b03a Mon Sep 17 00:00:00 2001 From: orhanobut Date: Fri, 29 May 2015 23:43:11 +0200 Subject: [PATCH 3/5] 1.11 hot fix --- README.md | 2 +- gradle.properties | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index c58412e..e17f8a9 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Hawk provides: ###Add dependency ```groovy -compile 'com.orhanobut:hawk:1.10' +compile 'com.orhanobut:hawk:1.11' ``` #### Initialize the hawk diff --git a/gradle.properties b/gradle.properties index aa23194..0eb5228 100644 --- a/gradle.properties +++ b/gradle.properties @@ -17,10 +17,10 @@ # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects # org.gradle.parallel=true -# VERSION_NAME=1.9-SNAPSHOT -# VERSION_CODE=10 -VERSION_NAME=1.10 -VERSION_CODE=11 +# VERSION_NAME=1.10-SNAPSHOT +# VERSION_CODE=11 +VERSION_NAME=1.11 +VERSION_CODE=12 GROUP=com.orhanobut POM_DESCRIPTION=Secure, Advanced Storage for android From 9096c353b6684b28a04993dc07dbd5d07dfa2b5a Mon Sep 17 00:00:00 2001 From: orhanobut Date: Sat, 30 May 2015 00:01:48 +0200 Subject: [PATCH 4/5] v1.12 --- gradle.properties | 4 ++-- .../java/com/orhanobut/hawk/AesEncryption.java | 16 +++++++--------- hawk/src/main/java/com/orhanobut/hawk/Hawk.java | 2 +- 3 files changed, 10 insertions(+), 12 deletions(-) diff --git a/gradle.properties b/gradle.properties index 0eb5228..3dcf163 100644 --- a/gradle.properties +++ b/gradle.properties @@ -19,8 +19,8 @@ # VERSION_NAME=1.10-SNAPSHOT # VERSION_CODE=11 -VERSION_NAME=1.11 -VERSION_CODE=12 +VERSION_NAME=1.12 +VERSION_CODE=13 GROUP=com.orhanobut POM_DESCRIPTION=Secure, Advanced Storage for android diff --git a/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java b/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java index a385686..770d43f 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java +++ b/hawk/src/main/java/com/orhanobut/hawk/AesEncryption.java @@ -18,17 +18,13 @@ final class AesEncryption implements Encryption { private final String password; private final Storage storage; - private final Encoder encoder; - private final Parser parser; private AesCbcWithIntegrity.SecretKeys key; private String saltKey; - AesEncryption(Storage storage, Encoder encoder, Parser parser, String password) { + AesEncryption(Storage storage, String password) { this.storage = storage; - this.encoder = encoder; this.password = password; - this.parser = parser; } @Override @@ -97,19 +93,19 @@ private AesCbcWithIntegrity.CipherTextIvMac getCipherTextIvMac(String cipherText private void generateSecretKey(String password) throws GeneralSecurityException { if (password == null || storage.contains(KEY_GENERATED_SECRET_KEYS)) { key = getSecretKeysWithoutPassword(); - Logger.w("key is generated without password"); return; } key = generateSecretKeyFromPassword(password); if (key == null) { - key = AesCbcWithIntegrity.generateKey(); - storage.put(KEY_GENERATED_SECRET_KEYS, encoder.encode(key)); + key = getSecretKeysWithoutPassword(); + } else { + Logger.w("key is generated from password"); } - Logger.w("key is generated from password"); } private AesCbcWithIntegrity.SecretKeys getSecretKeysWithoutPassword() { + Logger.w("key is generating without password"); try { AesCbcWithIntegrity.SecretKeys key = null; String keys = storage.get(KEY_GENERATED_SECRET_KEYS); @@ -117,6 +113,7 @@ private AesCbcWithIntegrity.SecretKeys getSecretKeysWithoutPassword() { try { key = AesCbcWithIntegrity.keys(keys); } catch (Exception e) { + key = null; Logger.i("keys was not correct value, it is reset"); } } @@ -125,6 +122,7 @@ private AesCbcWithIntegrity.SecretKeys getSecretKeysWithoutPassword() { String parsed = key.toString(); storage.put(KEY_GENERATED_SECRET_KEYS, parsed); } + Logger.w("key is generated without password"); return key; } catch (GeneralSecurityException e) { Logger.e(e.getMessage()); diff --git a/hawk/src/main/java/com/orhanobut/hawk/Hawk.java b/hawk/src/main/java/com/orhanobut/hawk/Hawk.java index a38771a..ac00b93 100644 --- a/hawk/src/main/java/com/orhanobut/hawk/Hawk.java +++ b/hawk/src/main/java/com/orhanobut/hawk/Hawk.java @@ -97,7 +97,7 @@ public static void init(Context context, String password, LogLevel logLevel) { } Storage cryptoStorage = new SharedPreferencesStorage(appContext, TAG_CRYPTO); - Hawk.encryption = new AesEncryption(cryptoStorage, encoder, new GsonParser(new Gson()), password); + Hawk.encryption = new AesEncryption(cryptoStorage, password); boolean result = Hawk.encryption.init(); setEncryptionMode(result); } From 87ffeb7db9ea217ee5c500c68d7529273ba613b3 Mon Sep 17 00:00:00 2001 From: orhanobut Date: Sat, 30 May 2015 00:02:19 +0200 Subject: [PATCH 5/5] v1.12 --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e17f8a9..3bcac79 100644 --- a/README.md +++ b/README.md @@ -17,7 +17,7 @@ Hawk provides: ###Add dependency ```groovy -compile 'com.orhanobut:hawk:1.11' +compile 'com.orhanobut:hawk:1.12' ``` #### Initialize the hawk