public void Write(SecureStorageRequest request) { if(request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if(request.Data == null) { Delete(request); return; } var attrs = GetKeychainAttributes(request); attrs.ValueData = NSData.FromArray(request.Data.ToArray()); attrs.CreationDate = NSDate.Now; attrs.ModificationDate = NSDate.Now; var err = SecKeyChain.Add(attrs); if(err == SecStatusCode.DuplicateItem) { Delete(request); err = SecKeyChain.Add(attrs); } if(err != SecStatusCode.Success) { Log.To.Sync.W(Tag, "{0} Couldn't save ID token: {1}", this, err); throw new IOException($"Couldn't save ID token: {err}"); } Log.To.Sync.I(Tag, "{0} saved ID token to Keychain", this); }
public void Write(SecureStorageRequest request) { if(request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if(request.Data == null) { Delete(request); return; } var data = request.Data.ToArray(); var iv = default(string); var keyStore = KeyStore.GetInstance("AndroidKeyStore"); keyStore.Load(null); var entry = (KeyStore.SecretKeyEntry)keyStore.GetEntry(Alias, null); var cipher = Cipher.GetInstance("AES/CBC/PKCS7Padding"); cipher.Init(CipherMode.EncryptMode, entry.SecretKey); iv = Convert.ToBase64String(cipher.GetIV()); data = cipher.DoFinal(data); var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); var key = GetKey(request); editor.PutString(key, Convert.ToBase64String(data)); editor.PutString($"{key}_iv", iv); editor.Commit(); }
public void Delete(SecureStorageRequest request) { var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); var key = GetKey(request); editor.Remove(key); editor.Remove($"{key}_iv"); editor.Commit(); }
public IEnumerable<byte> Read(SecureStorageRequest request) { var filename = GetFilename(request); if(!File.Exists(filename)) { return null; } using(var fs = File.OpenRead(filename)) using(var buffer = RecyclableMemoryStreamManager.SharedInstance.GetStream("SecureStorage", (int)fs.Length)) { fs.CopyTo(buffer); return ProtectedData.Unprotect(buffer.GetBuffer().Take((int)buffer.Length).ToArray(), _Entropy, DataProtectionScope.CurrentUser); } }
public void Delete(SecureStorageRequest request) { if (request.Account == null) { var folder = GetFoldername (request); try { Directory.Delete (folder, true); } catch (DirectoryNotFoundException) {} return; } var filename = GetFilename(request); File.Delete(filename); }
public void Write(SecureStorageRequest request) { if(request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if(request.Data == null) { Delete(request); return; } var filename = GetFilename(request); using(var fs = File.OpenWrite(filename)) { var encrypted = ProtectedData.Protect(request.Data.ToArray(), _Entropy, DataProtectionScope.CurrentUser); fs.Write(encrypted, 0, encrypted.Length); } }
public IEnumerable<byte> Read(SecureStorageRequest request) { var attrs = GetKeychainAttributes(request); var err = default(SecStatusCode); var result = SecKeyChain.QueryAsRecord(attrs, out err); if(err != SecStatusCode.Success || result == null) { if(err == SecStatusCode.ItemNotFound) { Log.To.Sync.I(Tag, "{0} No ID token found in Keychain", this); } else { Log.To.Sync.W(Tag, "{0} Couldn't load ID token: {1}", this, err); } return null; } return result.ValueData.ToArray(); }
public IEnumerable<byte> Read(SecureStorageRequest request) { var key = GetKey(request); var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var saved = prefs.GetString(key, null); if(saved == null) { return null; } var data = Convert.FromBase64String(saved); var iv = Convert.FromBase64String(prefs.GetString($"{key}_iv", null)); var keyStore = KeyStore.GetInstance("AndroidKeyStore"); keyStore.Load(null); var entry = (KeyStore.SecretKeyEntry)keyStore.GetEntry(Alias, null); var cipher = Cipher.GetInstance("AES/CBC/PKCS7Padding"); cipher.Init(CipherMode.DecryptMode, entry.SecretKey, new IvParameterSpec(iv)); data = cipher.DoFinal(data); return data; }
private SecRecord GetKeychainAttributes(SecureStorageRequest request) { return new SecRecord(SecKind.GenericPassword) { Service = request.Service, Account = request.Account, Label = request.Label }; }
public void Delete(SecureStorageRequest request) { var atts = GetKeychainAttributes(request); SecKeyChain.Remove(atts); }
private string GetFilename(SecureStorageRequest request) { var filenameBytes = Encoding.UTF8.GetBytes($"{request.Account}"); return Path.Combine(GetFoldername(request), $"{Misc.HexSHA1Digest(filenameBytes)}.bin"); }
private string GetFoldername (SecureStorageRequest request) { var folderBytes = Encoding.UTF8.GetBytes ($"{request.Service}{request.Label}"); var retVal = Path.Combine (_BaseDirectory, $"{Misc.HexSHA1Digest (folderBytes)}"); Directory.CreateDirectory (retVal); return retVal; }
private string GetKey(SecureStorageRequest request) { return $"{request.Label}{request.Account}"; }
public void Write(SecureStorageRequest request) { if(!_HasKeyStore) { return; } var encrypted = Encrypt(request.Data.ToArray()); if(encrypted == null) { return; } var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); var key = GetKey(request); editor.PutString($"{key}_key", Convert.ToBase64String(encrypted[0])); editor.PutString($"{key}_data", Convert.ToBase64String(encrypted[1])); editor.Commit(); }
public IEnumerable<byte> Read(SecureStorageRequest request) { if(!_HasKeyStore) { return null; } var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var key = GetKey(request); if(!prefs.Contains($"{key}_key") || !prefs.Contains($"{key}_data")) { return null; } var secretKey = Convert.FromBase64String(prefs.GetString($"{key}_key", null)); var data = Convert.FromBase64String(prefs.GetString($"{key}_data", null)); return Decrypt(secretKey, data); }