COrrectly fall back to no encryption if there is an erro with encryption

author: Arne Schwabe <arne@rfc2549.org> 2023-06-06 17:13:35 +0200
committer: Arne Schwabe <arne@rfc2549.org> 2023-06-06 17:18:28 +0200
commit: 242b90fa52ccb863c3ea001fa4e7ce5a21939a0b (patch)
tree: 4d3deb4564888d3608f9976ac3c60168c0901b5e /main/src/ui/java/de
parent: 4e5bfa766c51584457c292985de0f29dd8270503 (diff)
1 files changed, 11 insertions, 9 deletions
diff --git a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
index ad22460f..fa61e733 100644
--- a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
+++ b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
@@ -7,7 +7,7 @@ package de.blinkt.openvpn.core
 import android.content.Context
 import android.os.Build
 import androidx.security.crypto.EncryptedFile
-import androidx.security.crypto.MasterKeys
+import androidx.security.crypto.MasterKey
 import java.io.File
 import java.io.FileInputStream
 import java.io.FileOutputStream
@@ -19,16 +19,18 @@ internal class ProfileEncryption {
     companion object {
         @JvmStatic
         fun encryptionEnabled(): Boolean {
-            return mMasterKeyAlias != null
+            return mMasterKey != null
         }
 
-        private var mMasterKeyAlias: String? = null
+        private var mMasterKey: MasterKey? = null
         @JvmStatic
-        fun initMasterCryptAlias() {
+        fun initMasterCryptAlias(context:Context) {
             if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M)
                 return
             try {
-                mMasterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
+                mMasterKey = MasterKey.Builder(context)
+                      .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+                      .build()
             } catch (e: GeneralSecurityException) {
                 VpnStatus.logException("Could not initialise file encryption key.", e)
             } catch (e: IOException) {
@@ -40,9 +42,9 @@ internal class ProfileEncryption {
         @Throws(GeneralSecurityException::class, IOException::class)
         fun getEncryptedVpInput(context: Context, file: File): FileInputStream {
             val encryptedFile = EncryptedFile.Builder(
-                file,
                 context,
-                mMasterKeyAlias!!,
+                file,
+                mMasterKey!!,
                 EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
             ).build()
             return encryptedFile.openFileInput()
@@ -52,9 +54,9 @@ internal class ProfileEncryption {
         @Throws(GeneralSecurityException::class, IOException::class)
         fun getEncryptedVpOutput(context: Context, file: File): FileOutputStream {
             val encryptedFile = EncryptedFile.Builder(
-                file,
                 context,
-                mMasterKeyAlias!!,
+                file,
+                mMasterKey!!,
                 EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
             ).build()
             return encryptedFile.openFileOutput()
author	Arne Schwabe <arne@rfc2549.org>	2023-06-06 17:13:35 +0200
committer	Arne Schwabe <arne@rfc2549.org>	2023-06-06 17:18:28 +0200
commit	242b90fa52ccb863c3ea001fa4e7ce5a21939a0b (patch)
tree	4d3deb4564888d3608f9976ac3c60168c0901b5e /main/src/ui/java/de
parent	4e5bfa766c51584457c292985de0f29dd8270503 (diff)