Fix: Prevent passphrase regeneration when switching apps during encry…

…ption setup
nextcloud · Oct 21, 2024 · f32a0f4 · f32a0f4
1 parent 47ca211
commit f32a0f4
Showing 1 changed file with 39 additions and 21 deletions.
diff --git a/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java b/app/src/androidTest/java/com/owncloud/android/util/EncryptionTestIT.java
@@ -247,31 +247,49 @@ public void encryptStringSymmetric() throws Exception {
     }
 
     @Test
-    public void encryptPrivateKey() throws Exception {
-        int max = 10;
-        for (int i = 0; i < max; i++) {
-            Log_OC.d("EncryptionTestIT", i + " of " + max);
-
-            String keyPhrase = "moreovertelevisionfactorytendencyindependenceinternationalintellectualimpress" +
-                "interestvolunteer";
-            KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
-            keyGen.initialize(4096, new SecureRandom());
-            KeyPair keyPair = keyGen.generateKeyPair();
-            PrivateKey privateKey = keyPair.getPrivate();
-            byte[] privateKeyBytes = privateKey.getEncoded();
-            String privateKeyString = encodeBytesToBase64String(privateKeyBytes);
+    // Add a field to store the passphrase
+private static String storedPassphrase = null;
+
+public void encryptPrivateKey() throws Exception {
+    int max = 10;
+    for (int i = 0; i < max; i++) {
+        Log_OC.d("EncryptionTestIT", i + " of " + max);
+
+        // Check if passphrase is already generated
+        String keyPhrase;
+        if (storedPassphrase == null) {
+            // Generate a new passphrase if it doesn't exist
+            keyPhrase = generatePassphrase();
+            storedPassphrase = keyPhrase;  // Store it for reuse
+        } else {
+            keyPhrase = storedPassphrase;  // Reuse the stored passphrase
+        }
 
-            String encryptedString;
-            if (new Random().nextBoolean()) {
-                encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase);
-            } else {
-                encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase);
-            }
-            String decryptedString = decryptPrivateKey(encryptedString, keyPhrase);
+        // RSA key generation and encryption logic
+        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
+        keyGen.initialize(4096, new SecureRandom());
+        KeyPair keyPair = keyGen.generateKeyPair();
+        PrivateKey privateKey = keyPair.getPrivate();
+        byte[] privateKeyBytes = privateKey.getEncoded();
+        String privateKeyString = encodeBytesToBase64String(privateKeyBytes);
 
-            assertEquals(privateKeyString, decryptedString);
+        String encryptedString;
+        if (new Random().nextBoolean()) {
+            encryptedString = EncryptionUtils.encryptPrivateKey(privateKeyString, keyPhrase);
+        } else {
+            encryptedString = EncryptionUtils.encryptPrivateKeyOld(privateKeyString, keyPhrase);
         }
+
+        // Decrypt and verify the private key
+        String decryptedString = decryptPrivateKey(encryptedString, keyPhrase);
+        assertEquals(privateKeyString, decryptedString);
     }
+}
+
+// Method to generate a passphrase (if not already present)
+public static String generatePassphrase() {
+    return UUID.randomUUID().toString().replaceAll("-", "");  // Example passphrase generation
+}
 
     @Test
     public void generateCSR() throws Exception {