app/src/main/java/org/tm/archive/logging/LogSecretProvider.java at master

toad.city / TM-SIGNAL-Android

fork atom

That fuck shit the fascists are using

fork atom

TM-SIGNAL-Android / app / src / main / java / org / tm / archive / logging / LogSecretProvider.java

at master 57 lines 2.1 kB view raw

wrap content

TELEMESSAGE\Shilo new baseline - 1 2y ago

1c47e8ba

 1package org.tm.archive.logging;
 2
 3import android.content.Context;
 4import android.os.Build;
 5
 6import androidx.annotation.NonNull;
 7
 8import org.tm.archive.crypto.KeyStoreHelper;
 9import org.signal.core.util.Base64;
10import org.tm.archive.util.TextSecurePreferences;
11
12import java.io.IOException;
13import java.security.SecureRandom;
14
15public class LogSecretProvider {
16
17  public static byte[] getOrCreateAttachmentSecret(@NonNull Context context) {
18    String unencryptedSecret = TextSecurePreferences.getLogUnencryptedSecret(context);
19    String encryptedSecret   = TextSecurePreferences.getLogEncryptedSecret(context);
20
21    if      (unencryptedSecret != null) return parseUnencryptedSecret(unencryptedSecret);
22    else if (encryptedSecret != null)   return parseEncryptedSecret(encryptedSecret);
23    else                                return createAndStoreSecret(context);
24  }
25
26  private static byte[] parseUnencryptedSecret(String secret) {
27    try {
28      return Base64.decode(secret);
29    } catch (IOException e) {
30      throw new AssertionError("Failed to decode the unecrypted secret.");
31    }
32  }
33
34  private static byte[] parseEncryptedSecret(String secret) {
35    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
36      KeyStoreHelper.SealedData encryptedSecret = KeyStoreHelper.SealedData.fromString(secret);
37      return KeyStoreHelper.unseal(encryptedSecret);
38    } else {
39      throw new AssertionError("OS downgrade not supported. KeyStore sealed data exists on platform < M!");
40    }
41  }
42
43  private static byte[] createAndStoreSecret(@NonNull Context context) {
44    SecureRandom random = new SecureRandom();
45    byte[]       secret = new byte[32];
46    random.nextBytes(secret);
47
48    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
49      KeyStoreHelper.SealedData encryptedSecret = KeyStoreHelper.seal(secret);
50      TextSecurePreferences.setLogEncryptedSecret(context, encryptedSecret.serialize());
51    } else {
52      TextSecurePreferences.setLogUnencryptedSecret(context, Base64.encodeWithPadding(secret));
53    }
54
55    return secret;
56  }
57}