public void Delete(SecureStorageRequest request) { var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); editor.Remove(GetKey(request)); }
public void Write(SecureStorageRequest request) { if (request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if (request.Data == null) { Delete(request); return; } var data = request.Data.ToArray(); var iv = default(string); var keyStore = KeyStore.GetInstance("AndroidKeyStore"); keyStore.Load(null); var entry = (KeyStore.SecretKeyEntry)keyStore.GetEntry(Alias, null); var cipher = Cipher.GetInstance("AES/CBC/PKCS7Padding"); cipher.Init(CipherMode.EncryptMode, entry.SecretKey); iv = Convert.ToBase64String(cipher.GetIV()); data = cipher.DoFinal(data); var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); var key = GetKey(request); editor.PutString(key, Convert.ToBase64String(data)); editor.PutString($"{key}_iv", iv); editor.Commit(); }
private string GetFoldername (SecureStorageRequest request) { var folderBytes = Encoding.UTF8.GetBytes ($"{request.Service}{request.Label}"); var retVal = Path.Combine (_BaseDirectory, $"{Misc.HexSHA1Digest (folderBytes)}"); Directory.CreateDirectory (retVal); return retVal; }
public IEnumerable <byte> Read(SecureStorageRequest request) { var key = GetKey(request); var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var saved = prefs.GetString(key, null); if (saved == null) { return(null); } var data = Convert.FromBase64String(saved); if (_HasKeyStore) { var iv = Convert.FromBase64String(prefs.GetString($"{key}_iv", null)); var keyStore = KeyStore.GetInstance("AndroidKeyStore"); keyStore.Load(null); var entry = (KeyStore.SecretKeyEntry)keyStore.GetEntry(Alias, null); var cipher = Cipher.GetInstance("AES/CBC/PKCS7Padding"); cipher.Init(CipherMode.DecryptMode, entry.SecretKey, new IvParameterSpec(iv)); data = cipher.DoFinal(data); } return(data); }
public void Write(SecureStorageRequest request) { if (request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if (request.Data == null) { Delete(request); return; } var attrs = GetKeychainAttributes(request); attrs.ValueData = NSData.FromArray(request.Data.ToArray()); attrs.CreationDate = NSDate.Now; attrs.ModificationDate = NSDate.Now; var err = SecKeyChain.Add(attrs); if (err == SecStatusCode.DuplicateItem) { Delete(request); err = SecKeyChain.Add(attrs); } if (err != SecStatusCode.Success) { Log.To.Sync.W(Tag, "{0} Couldn't save ID token: {1}", this, err); throw new IOException($"Couldn't save ID token: {err}"); } Log.To.Sync.I(Tag, "{0} saved ID token to Keychain", this); }
private SecRecord GetKeychainAttributes(SecureStorageRequest request) { return(new SecRecord(SecKind.GenericPassword) { Service = request.Service, Account = request.Account, Label = request.Label }); }
public IEnumerable<byte> Read(SecureStorageRequest request) { var filename = GetFilename(request); if(!File.Exists(filename)) { return null; } using(var fs = File.OpenRead(filename)) using(var buffer = RecyclableMemoryStreamManager.SharedInstance.GetStream("SecureStorage", (int)fs.Length)) { fs.CopyTo(buffer); return ProtectedData.Unprotect(buffer.GetBuffer().Take((int)buffer.Length).ToArray(), _Entropy, DataProtectionScope.CurrentUser); } }
public void Delete(SecureStorageRequest request) { if (request.Account == null) { var folder = GetFoldername (request); try { Directory.Delete (folder, true); } catch (DirectoryNotFoundException) {} return; } var filename = GetFilename(request); File.Delete(filename); }
public void Write(SecureStorageRequest request) { if(request == null) { throw new ArgumentNullException(nameof(request), "Cannot write a null storage request"); } if(request.Data == null) { Delete(request); return; } var filename = GetFilename(request); using(var fs = File.OpenWrite(filename)) { var encrypted = ProtectedData.Protect(request.Data.ToArray(), _Entropy, DataProtectionScope.CurrentUser); fs.Write(encrypted, 0, encrypted.Length); } }
public IEnumerable <byte> Read(SecureStorageRequest request) { if (!_HasKeyStore) { return(null); } var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var key = GetKey(request); if (!prefs.Contains($"{key}_key") || !prefs.Contains($"{key}_data")) { return(null); } var secretKey = Convert.FromBase64String(prefs.GetString($"{key}_key", null)); var data = Convert.FromBase64String(prefs.GetString($"{key}_data", null)); return(Decrypt(secretKey, data)); }
public void Write(SecureStorageRequest request) { if (!_HasKeyStore) { return; } var encrypted = Encrypt(request.Data.ToArray()); if (encrypted == null) { return; } var prefs = Application.Context.GetSharedPreferences(ServiceName, FileCreationMode.Private); var editor = prefs.Edit(); var key = GetKey(request); editor.PutString($"{key}_key", Convert.ToBase64String(encrypted[0])); editor.PutString($"{key}_data", Convert.ToBase64String(encrypted[1])); editor.Commit(); }
public IEnumerable <byte> Read(SecureStorageRequest request) { var attrs = GetKeychainAttributes(request); var err = default(SecStatusCode); var result = SecKeyChain.QueryAsRecord(attrs, out err); if (err != SecStatusCode.Success || result == null) { if (err == SecStatusCode.ItemNotFound) { Log.To.Sync.I(Tag, "{0} No ID token found in Keychain", this); } else { Log.To.Sync.W(Tag, "{0} Couldn't load ID token: {1}", this, err); } return(null); } return(result.ValueData.ToArray()); }
public void Delete(SecureStorageRequest request) { var filename = GetFilename(request); File.Delete(filename); }
private string GetKey(SecureStorageRequest request) { return($"{request.Label}{request.Account}"); }
private string GetFilename(SecureStorageRequest request) { var filenameBytes = Encoding.UTF8.GetBytes($"{request.Account}"); return Path.Combine(GetFoldername(request), $"{Misc.HexSHA1Digest(filenameBytes)}.bin"); }
private string GetFilename(SecureStorageRequest request) { var filenameBytes = Encoding.UTF8.GetBytes($"{request.Service}{request.Label}{request.Account}"); return(Path.Combine(_BaseDirectory, $"{Misc.HexSHA1Digest(filenameBytes)}.bin")); }
public void Delete(SecureStorageRequest request) { var atts = GetKeychainAttributes(request); SecKeyChain.Remove(atts); }