Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-14 11:49:04 +01:00
Code Issues Projects Releases Wiki Activity

Move DB key management into account manager.

Browse Source
This commit is contained in:
akwizgran
2018-07-27 11:35:27 +01:00
parent 4a9977fa58
commit 6ca0339da2
13 changed files with 123 additions and 166 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
briar-android/src/main/java/org/briarproject/briar/android/login/PasswordController.java
View File

@@ -11,7 +11,7 @@ public interface PasswordController {
void validatePassword(String password,
ResultHandler<Boolean> resultHandler);
void changePassword(String password, String newPassword,
void changePassword(String oldPassword, String newPassword,
ResultHandler<Boolean> resultHandler);
}

64
briar-android/src/main/java/org/briarproject/briar/android/login/PasswordControllerImpl.java
View File

@@ -1,40 +1,28 @@
package org.briarproject.briar.android.login;
import org.briarproject.bramble.api.account.AccountManager;
import org.briarproject.bramble.api.crypto.CryptoComponent;
import org.briarproject.bramble.api.crypto.CryptoExecutor;
import org.briarproject.bramble.api.crypto.PasswordStrengthEstimator;
import org.briarproject.bramble.api.crypto.SecretKey;
import org.briarproject.bramble.api.lifecycle.IoExecutor;
import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
import org.briarproject.bramble.util.StringUtils;
import org.briarproject.briar.android.controller.handler.ResultHandler;
import java.util.concurrent.Executor;
import java.util.logging.Logger;
import javax.inject.Inject;
import static org.briarproject.bramble.util.LogUtils.logDuration;
import static org.briarproject.bramble.util.LogUtils.now;
@NotNullByDefault
public class PasswordControllerImpl implements PasswordController {
private static final Logger LOG =
Logger.getLogger(PasswordControllerImpl.class.getName());
protected final AccountManager accountManager;
protected final Executor cryptoExecutor;
protected final CryptoComponent crypto;
protected final Executor ioExecutor;
private final PasswordStrengthEstimator strengthEstimator;
@Inject
PasswordControllerImpl(AccountManager accountManager,
@CryptoExecutor Executor cryptoExecutor, CryptoComponent crypto,
@IoExecutor Executor ioExecutor,
PasswordStrengthEstimator strengthEstimator) {
this.accountManager = accountManager;
this.cryptoExecutor = cryptoExecutor;
this.crypto = crypto;
this.ioExecutor = ioExecutor;
this.strengthEstimator = strengthEstimator;
}
@@ -46,47 +34,17 @@ public class PasswordControllerImpl implements PasswordController {
@Override
public void validatePassword(String password,
ResultHandler<Boolean> resultHandler) {
byte[] encrypted = getEncryptedKey();
cryptoExecutor.execute(() -> {
byte[] key = crypto.decryptWithPassword(encrypted, password);
if (key == null) {
resultHandler.onResult(false);
} else {
accountManager.setDatabaseKey(new SecretKey(key));
resultHandler.onResult(true);
}
});
ioExecutor.execute(() ->
resultHandler.onResult(accountManager.signIn(password)));
}
@Override
public void changePassword(String password, String newPassword,
public void changePassword(String oldPassword, String newPassword,
ResultHandler<Boolean> resultHandler) {
byte[] encrypted = getEncryptedKey();
cryptoExecutor.execute(() -> {
byte[] key = crypto.decryptWithPassword(encrypted, password);
if (key == null) {
resultHandler.onResult(false);
} else {
String hex =
encryptDatabaseKey(new SecretKey(key), newPassword);
boolean stored = accountManager.storeEncryptedDatabaseKey(hex);
resultHandler.onResult(stored);
}
ioExecutor.execute(() -> {
boolean changed =
accountManager.changePassword(oldPassword, newPassword);
resultHandler.onResult(changed);
});
}
private byte[] getEncryptedKey() {
String hex = accountManager.getEncryptedDatabaseKey();
if (hex == null)
throw new IllegalStateException("Encrypted database key is null");
return StringUtils.fromHexString(hex);
}
@CryptoExecutor
String encryptDatabaseKey(SecretKey key, String password) {
long start = now();
byte[] encrypted = crypto.encryptWithPassword(key.getBytes(), password);
logDuration(LOG, "Key derivation", start);
return StringUtils.toHexString(encrypted);
}
}

24
briar-android/src/main/java/org/briarproject/briar/android/login/SetupControllerImpl.java
View File

@@ -3,12 +3,10 @@ package org.briarproject.briar.android.login;
import android.support.annotation.Nullable;
import org.briarproject.bramble.api.account.AccountManager;
import org.briarproject.bramble.api.crypto.CryptoComponent;
import org.briarproject.bramble.api.crypto.CryptoExecutor;
import org.briarproject.bramble.api.crypto.PasswordStrengthEstimator;
import org.briarproject.bramble.api.crypto.SecretKey;
import org.briarproject.bramble.api.identity.IdentityManager;
import org.briarproject.bramble.api.identity.LocalAuthor;
import org.briarproject.bramble.api.lifecycle.IoExecutor;
import org.briarproject.bramble.api.nullsafety.NotNullByDefault;
import org.briarproject.briar.android.controller.handler.ResultHandler;
import org.briarproject.briar.android.controller.handler.UiResultHandler;
@@ -32,10 +30,10 @@ public class SetupControllerImpl extends PasswordControllerImpl
@Inject
SetupControllerImpl(AccountManager accountManager,
@CryptoExecutor Executor cryptoExecutor, CryptoComponent crypto,
@IoExecutor Executor ioExecutor,
PasswordStrengthEstimator strengthEstimator,
IdentityManager identityManager) {
super(accountManager, cryptoExecutor, crypto, strengthEstimator);
super(accountManager, ioExecutor, strengthEstimator);
this.identityManager = identityManager;
}
@@ -83,10 +81,10 @@ public class SetupControllerImpl extends PasswordControllerImpl
@Override
public void createAccount() {
SetupActivity setupActivity = this.setupActivity;
UiResultHandler<Void> resultHandler =
new UiResultHandler<Void>(setupActivity) {
UiResultHandler<Boolean> resultHandler =
new UiResultHandler<Boolean>(setupActivity) {
@Override
public void onResultUi(Void result) {
public void onResultUi(Boolean result) {
if (setupActivity == null)
throw new IllegalStateException();
setupActivity.showApp();
@@ -96,23 +94,19 @@ public class SetupControllerImpl extends PasswordControllerImpl
}
// Package access for testing
void createAccount(ResultHandler<Void> resultHandler) {
void createAccount(ResultHandler<Boolean> resultHandler) {
SetupActivity setupActivity = this.setupActivity;
if (setupActivity == null) throw new IllegalStateException();
String authorName = setupActivity.getAuthorName();
if (authorName == null) throw new IllegalStateException();
String password = setupActivity.getPassword();
if (password == null) throw new IllegalStateException();
cryptoExecutor.execute(() -> {
ioExecutor.execute(() -> {
LOG.info("Creating account");
LocalAuthor localAuthor =
identityManager.createLocalAuthor(authorName);
identityManager.registerLocalAuthor(localAuthor);
SecretKey key = crypto.generateSecretKey();
String hex = encryptDatabaseKey(key, password);
accountManager.storeEncryptedDatabaseKey(hex);
accountManager.setDatabaseKey(key);
resultHandler.onResult(null);
resultHandler.onResult(accountManager.createAccount(password));
});
}
}

35
briar-android/src/test/java/org/briarproject/briar/android/login/PasswordControllerImplTest.java
View File

@@ -1,7 +1,6 @@
package org.briarproject.briar.android.login;
import org.briarproject.bramble.api.account.AccountManager;
import org.briarproject.bramble.api.crypto.CryptoComponent;
import org.briarproject.bramble.api.crypto.PasswordStrengthEstimator;
import org.briarproject.bramble.test.BrambleMockTestCase;
import org.briarproject.bramble.test.ImmediateExecutor;
@@ -13,46 +12,28 @@ import java.util.concurrent.atomic.AtomicBoolean;
import static junit.framework.Assert.assertFalse;
import static junit.framework.Assert.assertTrue;
import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
import static org.briarproject.bramble.test.TestUtils.getSecretKey;
import static org.briarproject.bramble.util.StringUtils.toHexString;
public class PasswordControllerImplTest extends BrambleMockTestCase {
private final AccountManager accountManager =
context.mock(AccountManager.class);
private final CryptoComponent crypto = context.mock(CryptoComponent.class);
private final PasswordStrengthEstimator estimator =
context.mock(PasswordStrengthEstimator.class);
private final Executor cryptoExecutor = new ImmediateExecutor();
private final Executor ioExecutor = new ImmediateExecutor();
private final String oldPassword = "some.old.pass";
private final String newPassword = "some.new.pass";
private final byte[] oldEncryptedKey = getRandomBytes(123);
private final byte[] newEncryptedKey = getRandomBytes(123);
private final byte[] key = getSecretKey().getBytes();
private final String oldEncryptedKeyHex = toHexString(oldEncryptedKey);
private final String newEncryptedKeyHex = toHexString(newEncryptedKey);
@Test
public void testChangePasswordReturnsTrue() {
context.checking(new Expectations() {{
// Look up the encrypted DB key
oneOf(accountManager).getEncryptedDatabaseKey();
will(returnValue(oldEncryptedKeyHex));
// Decrypt and re-encrypt the key
oneOf(crypto).decryptWithPassword(oldEncryptedKey, oldPassword);
will(returnValue(key));
oneOf(crypto).encryptWithPassword(key, newPassword);
will(returnValue(newEncryptedKey));
// Store the new key
oneOf(accountManager).storeEncryptedDatabaseKey(newEncryptedKeyHex);
oneOf(accountManager).changePassword(oldPassword, newPassword);
will(returnValue(true));
}});
PasswordControllerImpl p = new PasswordControllerImpl(accountManager,
cryptoExecutor, crypto, estimator);
ioExecutor, estimator);
AtomicBoolean capturedResult = new AtomicBoolean(false);
p.changePassword(oldPassword, newPassword, capturedResult::set);
@@ -62,16 +43,12 @@ public class PasswordControllerImplTest extends BrambleMockTestCase {
@Test
public void testChangePasswordReturnsFalseIfOldPasswordIsWrong() {
context.checking(new Expectations() {{
// Look up the encrypted DB key
oneOf(accountManager).getEncryptedDatabaseKey();
will(returnValue(oldEncryptedKeyHex));
// Try to decrypt the key - the password is wrong
oneOf(crypto).decryptWithPassword(oldEncryptedKey, oldPassword);
will(returnValue(null));
oneOf(accountManager).changePassword(oldPassword, newPassword);
will(returnValue(false));
}});
PasswordControllerImpl p = new PasswordControllerImpl(accountManager,
cryptoExecutor, crypto, estimator);
ioExecutor, estimator);
AtomicBoolean capturedResult = new AtomicBoolean(true);
p.changePassword(oldPassword, newPassword, capturedResult::set);

25
briar-android/src/test/java/org/briarproject/briar/android/login/SetupControllerImplTest.java
View File

@@ -1,9 +1,7 @@
package org.briarproject.briar.android.login;
import org.briarproject.bramble.api.account.AccountManager;
import org.briarproject.bramble.api.crypto.CryptoComponent;
import org.briarproject.bramble.api.crypto.PasswordStrengthEstimator;
import org.briarproject.bramble.api.crypto.SecretKey;
import org.briarproject.bramble.api.identity.IdentityManager;
import org.briarproject.bramble.api.identity.LocalAuthor;
import org.briarproject.bramble.test.BrambleMockTestCase;
@@ -18,30 +16,23 @@ import java.util.concurrent.atomic.AtomicBoolean;
import static junit.framework.Assert.assertTrue;
import static org.briarproject.bramble.api.identity.AuthorConstants.MAX_AUTHOR_NAME_LENGTH;
import static org.briarproject.bramble.test.TestUtils.getLocalAuthor;
import static org.briarproject.bramble.test.TestUtils.getRandomBytes;
import static org.briarproject.bramble.test.TestUtils.getSecretKey;
import static org.briarproject.bramble.util.StringUtils.getRandomString;
import static org.briarproject.bramble.util.StringUtils.toHexString;
public class SetupControllerImplTest extends BrambleMockTestCase {
private final AccountManager accountManager =
context.mock(AccountManager.class);
private final CryptoComponent crypto = context.mock(CryptoComponent.class);
private final PasswordStrengthEstimator estimator =
context.mock(PasswordStrengthEstimator.class);
private final IdentityManager identityManager =
context.mock(IdentityManager.class);
private final SetupActivity setupActivity;
private final Executor cryptoExecutor = new ImmediateExecutor();
private final Executor ioExecutor = new ImmediateExecutor();
private final String authorName = getRandomString(MAX_AUTHOR_NAME_LENGTH);
private final String password = "some.strong.pass";
private final LocalAuthor localAuthor = getLocalAuthor();
private final byte[] encryptedKey = getRandomBytes(123);
private final String encryptedKeyHex = toHexString(encryptedKey);
private final SecretKey key = getSecretKey();
public SetupControllerImplTest() {
context.setImposteriser(ClassImposteriser.INSTANCE);
@@ -64,21 +55,13 @@ public class SetupControllerImplTest extends BrambleMockTestCase {
oneOf(identityManager).createLocalAuthor(authorName);
will(returnValue(localAuthor));
oneOf(identityManager).registerLocalAuthor(localAuthor);
// Generate a database key
oneOf(crypto).generateSecretKey();
will(returnValue(key));
// Encrypt the key with the password
oneOf(crypto).encryptWithPassword(key.getBytes(), password);
will(returnValue(encryptedKey));
// Store the encrypted key
oneOf(accountManager).storeEncryptedDatabaseKey(encryptedKeyHex);
// Create the account
oneOf(accountManager).createAccount(password);
will(returnValue(true));
// Pass the database key to the account manager
oneOf(accountManager).setDatabaseKey(key);
}});
SetupControllerImpl s = new SetupControllerImpl(accountManager,
cryptoExecutor, crypto, estimator, identityManager);
ioExecutor, estimator, identityManager);
s.setSetupActivity(setupActivity);
AtomicBoolean called = new AtomicBoolean(false);