From: peli0101 Date: Fri, 3 Apr 2009 06:57:58 +0000 (+0000) Subject: OI Safe: Implement secure delete for encryption / decryption of files. X-Git-Url: https://hydra-www.ietfng.org/gitweb/?a=commitdiff_plain;h=e65c4c42ea77c1f1fba8a7ca13c295566bac11c0;p=android-vcpass-oisafe OI Safe: Implement secure delete for encryption / decryption of files. git-svn-id: http://openintents.googlecode.com/svn/trunk/Safe@2012 72b678ce-9140-0410-bee8-679b907dd61a --- diff --git a/src/org/openintents/safe/CryptoHelper.java b/src/org/openintents/safe/CryptoHelper.java index 9400f74..1d289b5 100644 --- a/src/org/openintents/safe/CryptoHelper.java +++ b/src/org/openintents/safe/CryptoHelper.java @@ -41,6 +41,8 @@ import javax.crypto.SecretKeyFactory; import javax.crypto.spec.PBEKeySpec; import javax.crypto.spec.PBEParameterSpec; +import org.openintents.util.SecureDelete; + import android.content.ContentResolver; import android.net.Uri; import android.os.Environment; @@ -657,6 +659,9 @@ public class CryptoHelper { is.close(); os.close(); + // Securely delete the original file: + SecureDelete.delete(new File(fileUri.getPath())); + } catch (ESJException e) { Log.e(TAG, "Error encrypting file", e); } @@ -796,6 +801,9 @@ public class CryptoHelper { // Close the input stream and return bytes is.close(); os.close(); + + // Securely delete the original file: + SecureDelete.delete(new File(fileUri.getPath())); } catch (ESJException e) { Log.e(TAG, "Error encrypting file", e); diff --git a/src/org/openintents/util/SecureDelete.java b/src/org/openintents/util/SecureDelete.java new file mode 100644 index 0000000..ef3372c --- /dev/null +++ b/src/org/openintents/util/SecureDelete.java @@ -0,0 +1,84 @@ +package org.openintents.util; + +import java.io.File; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.RandomAccessFile; +import java.nio.MappedByteBuffer; +import java.nio.channels.FileChannel; +import java.security.SecureRandom; + +import estreamj.ciphers.trivium.Trivium; +import estreamj.framework.ESJException; + +import android.util.Log; + +/** + * Secure file delete. + * + * @author Peli + * + */ +public class SecureDelete { + private static final String TAG = "SecureDelete"; + + /** + * Securely delete a file. + * + * Currently, there is only 1 pass that overwrites the file first + * with a random bit stream generated by Trivium. + * + * @param file + * @return true if this File was deleted, false otherwise. + */ + public static boolean delete(File file) { + + if (file.exists()) { + SecureRandom random = new SecureRandom(); + + Trivium tri = new Trivium(); + + try { + RandomAccessFile raf = new RandomAccessFile(file, "rw"); + FileChannel channel = raf.getChannel(); + MappedByteBuffer buffer = channel.map( + FileChannel.MapMode.READ_WRITE, 0, raf.length()); + + byte[] key = new byte[10]; + byte[] nonce = new byte[10]; + random.nextBytes(key); + random.nextBytes(nonce); + + tri.setupKey(Trivium.MODE_DECRYPT, + key, 0); + tri.setupNonce(nonce, 0); + + int buffersize = 1024; + byte[] bytes = new byte[1024]; + + // overwrite with random numbers + while (buffer.hasRemaining()) { + int max = buffer.limit() - buffer.position(); + if (max > buffersize) max = buffersize; + //random.nextBytes(bytes); + + tri.process(bytes, 0, + bytes, 0, max); + + buffer.put(bytes, 0, max); + } + buffer.force(); + buffer.rewind(); + + } catch (FileNotFoundException e) { + Log.d(TAG, "FileNotFoundException", e); + } catch (IOException e) { + Log.d(TAG, "IOException", e); + } catch (ESJException e) { + Log.d(TAG, "ESJException", e); + } + return file.delete(); + } + return false; + } +}