From 242b90fa52ccb863c3ea001fa4e7ce5a21939a0b Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Tue, 6 Jun 2023 17:13:35 +0200 Subject: COrrectly fall back to no encryption if there is an erro with encryption --- .../main/java/de/blinkt/openvpn/core/LogItem.java | 7 ++++++- .../java/de/blinkt/openvpn/core/ProfileManager.java | 6 +++--- .../de/blinkt/openvpn/core/ProfileEncryption.java | 2 +- .../java/de/blinkt/openvpn/core/ProfileEncryption.kt | 20 +++++++++++--------- 4 files changed, 21 insertions(+), 14 deletions(-) diff --git a/main/src/main/java/de/blinkt/openvpn/core/LogItem.java b/main/src/main/java/de/blinkt/openvpn/core/LogItem.java index b6f51928..65714c43 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/LogItem.java +++ b/main/src/main/java/de/blinkt/openvpn/core/LogItem.java @@ -29,6 +29,7 @@ import java.security.cert.X509Certificate; import java.util.Arrays; import java.util.FormatFlagsConversionMismatchException; import java.util.Locale; +import java.util.MissingFormatArgumentException; import java.util.UnknownFormatConversionException; import java.util.Vector; @@ -273,7 +274,11 @@ public class LogItem implements Parcelable { if (mArgs == null) return c.getString(mRessourceId); else - return c.getString(mRessourceId, mArgs); + try { + return c.getString(mRessourceId, mArgs); + } catch (MissingFormatArgumentException ie) { + return "ERROR MISSING ARGUMENT(" + ie.getMessage() + "): " + getString(null); + } } catch (Resources.NotFoundException re) { return getString(null); } diff --git a/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java index 1f12c2fa..9d59e26b 100644 --- a/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java +++ b/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java @@ -54,7 +54,7 @@ public class ProfileManager { private synchronized static void checkInstance(Context context) { if (instance == null) { instance = new ProfileManager(); - ProfileEncryption.initMasterCryptAlias(); + ProfileEncryption.initMasterCryptAlias(context); instance.loadVPNList(context); } } @@ -146,7 +146,7 @@ public class ProfileManager { if (encryptedFileOld.exists()) { encryptedFileOld.delete(); } - } catch (IOException ioe) + } catch (IOException | GeneralSecurityException ioe) { VpnStatus.logException(VpnStatus.LogLevel.INFO, "Error trying to write an encrypted VPN profile, disabling " + "encryption", ioe); @@ -174,7 +174,7 @@ public class ProfileManager { } - } catch (IOException | GeneralSecurityException e) { + } catch (IOException e) { VpnStatus.logException("saving VPN profile", e); throw new RuntimeException(e); } diff --git a/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java b/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java index c526a69f..1f5651ab 100644 --- a/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java +++ b/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java @@ -15,7 +15,7 @@ import java.security.GeneralSecurityException; /* Dummy class that supports no encryption */ class ProfileEncryption { - static void initMasterCryptAlias() + static void initMasterCryptAlias(Context context) { } diff --git a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt index ad22460f..fa61e733 100644 --- a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt +++ b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt @@ -7,7 +7,7 @@ package de.blinkt.openvpn.core import android.content.Context import android.os.Build import androidx.security.crypto.EncryptedFile -import androidx.security.crypto.MasterKeys +import androidx.security.crypto.MasterKey import java.io.File import java.io.FileInputStream import java.io.FileOutputStream @@ -19,16 +19,18 @@ internal class ProfileEncryption { companion object { @JvmStatic fun encryptionEnabled(): Boolean { - return mMasterKeyAlias != null + return mMasterKey != null } - private var mMasterKeyAlias: String? = null + private var mMasterKey: MasterKey? = null @JvmStatic - fun initMasterCryptAlias() { + fun initMasterCryptAlias(context:Context) { if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M) return try { - mMasterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC) + mMasterKey = MasterKey.Builder(context) + .setKeyScheme(MasterKey.KeyScheme.AES256_GCM) + .build() } catch (e: GeneralSecurityException) { VpnStatus.logException("Could not initialise file encryption key.", e) } catch (e: IOException) { @@ -40,9 +42,9 @@ internal class ProfileEncryption { @Throws(GeneralSecurityException::class, IOException::class) fun getEncryptedVpInput(context: Context, file: File): FileInputStream { val encryptedFile = EncryptedFile.Builder( - file, context, - mMasterKeyAlias!!, + file, + mMasterKey!!, EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB ).build() return encryptedFile.openFileInput() @@ -52,9 +54,9 @@ internal class ProfileEncryption { @Throws(GeneralSecurityException::class, IOException::class) fun getEncryptedVpOutput(context: Context, file: File): FileOutputStream { val encryptedFile = EncryptedFile.Builder( - file, context, - mMasterKeyAlias!!, + file, + mMasterKey!!, EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB ).build() return encryptedFile.openFileOutput() -- cgit v1.2.3