OI Safe: Introduce session key for content provider.

git-svn-id: http://openintents.googlecode.com/svn/trunk/Safe@2050 72b678ce-9140-0410-bee8-679b907dd61a

diff --git a/src/org/openintents/intents/CryptoIntents.java b/src/org/openintents/intents/CryptoIntents.java
index f2d02e877baa017e0a1e09cc2e6f0537d21a481f..228ead84a7e8507023342e1814559be41f6e4138 100644 (file)
--- a/src/org/openintents/intents/CryptoIntents.java
+++ b/src/org/openintents/intents/CryptoIntents.java
@@ -112,6 +112,17 @@ public class CryptoIntents {
         */\r
        public static final String EXTRA_TEXT_ARRAY = "org.openintents.extra.TEXT_ARRAY";\r
        \r
+       /**\r
+        * A session key for encryption or decryption through a content provider.\r
+        * \r
+        * Include this extra with non-empty value to the ENCRYPT or DECRYPT action,\r
+        * and the resulting intent will contain the current session key, valid until\r
+        * OI Safe logs out.\r
+        * \r
+        * <p>Constant Value: "org.openintents.extra.SESSION_KEY"</p>\r
+        */\r
+       public static final String EXTRA_SESSION_KEY = "org.openintents.extra.SESSION_KEY";\r
+       \r
        /**\r
         * Required input parameter to GET_PASSWORD and SET_PASSWORD. Corresponds to the "description"\r
         * field in passwordsafe. Should be a unique name for the password you're using,\r

diff --git a/src/org/openintents/safe/CryptoContentProvider.java b/src/org/openintents/safe/CryptoContentProvider.java
index 96a30fac64a81f23327f525919d47155fa9cc6c3..10ffdcdf66092bafcbd96c9548050d01fdce54b2 100644 (file)
--- a/src/org/openintents/safe/CryptoContentProvider.java
+++ b/src/org/openintents/safe/CryptoContentProvider.java
@@ -138,6 +138,16 @@ public class CryptoContentProvider extends ContentProvider {
                                // Decrypt file\r
                                CryptoHelper ch = ServiceDispatchImpl.ch; // Use the global crypto helper that is connected to the single service we have.\r
                                \r
+                               if (ch == null) {\r
+                                       if (debug) Log.d(TAG, "OI Safe currently logged out.");\r
+                                       return null;\r
+                               }\r
+                               \r
+                               if (!sessionKey.equals(ch.getCurrentSessionKey())) {\r
+                                       if (debug) Log.d(TAG, "Session keys do not match! " + sessionKey + " != " + ch.getCurrentSessionKey());\r
+                                       return null;\r
+                               }\r
+                               \r
                                Log.d(TAG, "Original file path: " + originalFile);\r
                                        if (CategoryList.isSignedIn()==false) {\r
                                                Intent frontdoor = new Intent(getContext(), FrontDoor.class);\r

diff --git a/src/org/openintents/safe/CryptoHelper.java b/src/org/openintents/safe/CryptoHelper.java
index cdb3064fabdd8b97bfc480d84142270ac0778955..3f64c882c7a99edf1a3de57a7c5aaab46c007855 100644 (file)
--- a/src/org/openintents/safe/CryptoHelper.java
+++ b/src/org/openintents/safe/CryptoHelper.java
@@ -86,6 +86,12 @@ public class CryptoHelper {
     private static byte[] salt = null; \r
 \r
     private static final int count = 20;\r
+    \r
+    /**\r
+     * Session key for content provider.\r
+     */\r
+    private String sessionKey = null;\r
+    \r
 \r
     /**\r
      * Constructor which defaults to a medium encryption level.\r
@@ -270,6 +276,9 @@ public class CryptoHelper {
                } catch (NoSuchPaddingException e) {\r
                    Log.e(TAG,"setPassword(): "+e.toString());\r
                }\r
+               \r
+               // Every time we set a new password, also the session key changes:\r
+               sessionKey = createNewSessionKey();\r
     }\r
 \r
     private void setSalt(String saltIn) throws CryptoHelperException {\r
@@ -286,6 +295,33 @@ public class CryptoHelper {
                salt=byteSaltIn;\r
                if (debug) Log.d(TAG,"setSalt: salt="+toHexString(salt));\r
     }\r
+    \r
+    /**\r
+     * Returns the current session key, which is only valid until the\r
+     * user logs out of OI Safe.\r
+     * \r
+     * The session key is used when encrypting or decrypting files\r
+     * through the content provider.\r
+     * \r
+     * @return current session key.\r
+     */\r
+    public String getCurrentSessionKey() {\r
+       return sessionKey;\r
+    }\r
+    \r
+    /**\r
+     * Creates a new random session key\r
+     * @return\r
+     */\r
+    private String createNewSessionKey() {\r
+       try {\r
+               // simply create a new salt:\r
+               return generateSalt();\r
+       } catch (NoSuchAlgorithmException e) {\r
+               return "12345"; // better than nothing... :-/\r
+       }\r
+    }\r
+    \r
     /**\r
      * encrypt a string\r
      * \r

diff --git a/src/org/openintents/safe/IntentHandler.java b/src/org/openintents/safe/IntentHandler.java
index 1f1caf4003d3f0e052a838375cc459408099c70b..9e559c3c7efdf40deda6504bb5ea488a3e45ae7a 100644 (file)
--- a/src/org/openintents/safe/IntentHandler.java
+++ b/src/org/openintents/safe/IntentHandler.java
@@ -270,6 +270,11 @@ public class IntentHandler extends Activity {
                                }\r
                                callbackIntent.putExtra(CryptoIntents.EXTRA_TEXT_ARRAY, out);\r
                        }\r
+\r
+                       if (thisIntent.hasExtra(CryptoIntents.EXTRA_SESSION_KEY)) {\r
+                               String sessionkey = ch.getCurrentSessionKey();\r
+                               callbackIntent.putExtra(CryptoIntents.EXTRA_SESSION_KEY, sessionkey);\r
+                       }\r
                        \r
                        if (thisIntent.getData() != null) {\r
                                // Encrypt file from file URI\r