Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: crash in encryption library #638

Merged
merged 8 commits into from
Sep 11, 2021
Merged

fix: crash in encryption library #638

merged 8 commits into from
Sep 11, 2021

Conversation

Chesire
Copy link
Owner

@Chesire Chesire commented Sep 10, 2021

Crash is sometimes occurring when using the encryption library due to something wrong with the KeyStore in Android.
Done some debugging and it seemed to always be causing an issue while a value was in the preferences, so move away from using the library and instead use the new encrypted shared preferences when possible.

Once this has been merged for a few weeks the encryption library can be tore out completely.

@Chesire
refactor: move away from keystore encryption
8811f5b 
Remove the encryption done by the keystore library, and instead migrate to just store the tokens in
shared preferences. They should be safe without being encrypted as they are just some tokens, and
require root to access anyway.

BREAKING CHANGE: Old shared preference values will be deprecated and no longer be valid
@Chesire
refactor: add encrypted shared preferences for higher sdk versions
b6c86e4 
Higher Android SDK versions can use the new androidx crypto library, add using this encrypted
preferences for these Android versions and fallback to unencrypted preferences when we are on a
lower sdk version.
@Chesire
test: update tests for the now LocalAuthV1
dfafea8 
Change the test file for the AuthProvider to now be for the LocalAuthV1 class
@Chesire
test: add tests for the new AuthProvider
7deb2dd
@Chesire Chesire self-assigned this Sep 10, 2021
@commit-lint
Copy link

commit-lint bot commented Sep 10, 2021
edited
Loading

Code Refactoring

  • move away from keystore encryption (8811f5b)
  • add encrypted shared preferences for higher sdk versions (b6c86e4)
  • only initialize the unencrypted preferences if need to migrate (4f8fa1b)

Tests

  • update tests for the now LocalAuthV1 (dfafea8)
  • add tests for the new AuthProvider (7deb2dd)
  • add tests for the LocalAuthV2 (2ed6c48)

Styles

Contributors

Chesire

Commit-Lint commands

You can trigger Commit-Lint actions by commenting on this PR:

  • @Commit-Lint merge patch will merge dependabot PR on "patch" versions (X.X.Y - Y change)
  • @Commit-Lint merge minor will merge dependabot PR on "minor" versions (X.Y.Y - Y change)
  • @Commit-Lint merge major will merge dependabot PR on "major" versions (Y.Y.Y - Y change)
  • @Commit-Lint merge disable will desactivate merge dependabot PR
  • @Commit-Lint review will approve dependabot PR
  • @Commit-Lint stop review will stop approve dependabot PR

@ChesireBot
Copy link

1 Warning
⚠️ Big PR

Generated by 🚫 Danger

@codecov
Copy link

codecov bot commented Sep 10, 2021
edited
Loading

Codecov Report

Merging #638 (aed02ff) into master (e3277cc) will decrease coverage by 0.42%.
The diff coverage is 65.68%.

Impacted file tree graph

@@             Coverage Diff              @@
##             master     #638      +/-   ##
============================================
- Coverage     70.22%   69.79%   -0.43%     
- Complexity      434      454      +20     
============================================
  Files           106      110       +4     
  Lines          1639     1725      +86     
  Branches        139      145       +6     
============================================
+ Hits           1151     1204      +53     
- Misses          445      477      +32     
- Partials         43       44       +1
Impacted Files Coverage Δ
...kome/core/extensions/SharedPreferenceExtensions.kt 0.00% <0.00%> (ø)
...nekome/datasource/auth/local/PreferenceProvider.kt 0.00% <0.00%> (ø)
...hesire/nekome/datasource/auth/local/LocalAuthV2.kt 90.00% <90.00%> (ø)
...hesire/nekome/datasource/auth/local/LocalAuthV1.kt 93.54% <93.54%> (ø)
...esire/nekome/datasource/auth/local/AuthProvider.kt 100.00% <100.00%> (+10.00%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update e3277cc...aed02ff. Read the comment docs.

@Chesire
refactor: only initialize the unencrypted preferences if need to migrate
4f8fa1b 
Only perform the initialization of the unencrypted preferences if the encrypted preferences is
empty. If this is empty then its likely the user has just updated their SDK version and we can then
migrate. This stops it initializing two shared prefs every time.
@Chesire
style: fix various detekt issues
2814e4f 
Fix issues with missing kdoc, suppress some unneeded warnings, etc
ChesireBot
ChesireBot reviewed Sep 11, 2021
View reviewed changes
libraries/datasource/auth/src/main/java/com/chesire/nekome/datasource/auth/local/LocalAuthV1.kt
} else {
""
}
} catch (ex: Exception) {
Copy link

@ChesireBot ChesireBot Sep 11, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ The caught exception is swallowed. The original exception could be lost.

@Chesire
test: add tests for the LocalAuthV2
2ed6c48 
Do some refactoring to make it possible to test the class as well.
@Chesire
style: fix ktlint issue
aed02ff 
Remove unused import
@Chesire Chesire merged commit 907403f into master Sep 11, 2021
@Chesire Chesire deleted the fix/keystore-crash branch September 11, 2021 17:19
@Chesire Chesire mentioned this pull request Sep 18, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ChesireBot ChesireBot ChesireBot left review comments

Assignees

@Chesire Chesire

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Chesire @ChesireBot