From 3eb53f1cdec9b5da0f79ebd70199822341568a90 Mon Sep 17 00:00:00 2001 From: Yuvraj Kumar Date: Mon, 21 Oct 2024 12:02:11 +0530 Subject: [PATCH] Fix: Prevent passphrase regeneration when switching apps during encryption setup Signed-off-by: Yuvraj Kumar Signed-off-by: Yuvraj Kumar :wq git push --force-with-lease --- .../android/util/EncryptionTestIT.java | 60 ++++++++++++------- 1 file changed, 39 insertions(+), 21 deletions(-) diff --git a/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java b/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java index 5914e09a01..941cff84cb 100644 --- a/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java +++ b/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java @@ -247,31 +247,49 @@ public class EncryptionTestIT extends AbstractIT { } @Test - public void encryptPrivateKey() throws Exception { - int max = 10; - for (int i = 0; i < max; i++) { - Log_OC.d("EncryptionTestIT", i + " of " + max); + // Add a field to store the passphrase +private static String storedPassphrase = null; - String keyPhrase = "moreovertelevisionfactorytendencyindependenceinternationalintellectualimpress" + - "interestvolunteer"; - KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); - keyGen.initialize(4096, new SecureRandom()); - KeyPair keyPair = keyGen.generateKeyPair(); - PrivateKey privateKey = keyPair.getPrivate(); - byte[] privateKeyBytes = privateKey.getEncoded(); - String privateKeyString = encodeBytesToBase64String(privateKeyBytes); +public void encryptPrivateKey() throws Exception { + int max = 10; + for (int i = 0; i < max; i++) { + Log_OC.d("EncryptionTestIT", i + " of " + max); - String encryptedString; - if (new Random().nextBoolean()) { - encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase); - } else { - encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase); - } - String decryptedString = decryptPrivateKey(encryptedString, keyPhrase); - - assertEquals(privateKeyString, decryptedString); + // Check if passphrase is already generated + String keyPhrase; + if (storedPassphrase == null) { + // Generate a new passphrase if it doesn't exist + keyPhrase = generatePassphrase(); + storedPassphrase = keyPhrase; // Store it for reuse + } else { + keyPhrase = storedPassphrase; // Reuse the stored passphrase } + + // RSA key generation and encryption logic + KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA"); + keyGen.initialize(4096, new SecureRandom()); + KeyPair keyPair = keyGen.generateKeyPair(); + PrivateKey privateKey = keyPair.getPrivate(); + byte[] privateKeyBytes = privateKey.getEncoded(); + String privateKeyString = encodeBytesToBase64String(privateKeyBytes); + + String encryptedString; + if (new Random().nextBoolean()) { + encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase); + } else { + encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase); + } + + // Decrypt and verify the private key + String decryptedString = decryptPrivateKey(encryptedString, keyPhrase); + assertEquals(privateKeyString, decryptedString); } +} + +// Method to generate a passphrase (if not already present) +public static String generatePassphrase() { + return UUID.randomUUID().toString().replaceAll("-", ""); // Example passphrase generation +} @Test public void generateCSR() throws Exception {