Introduce CryptoService for simple cryptographic operations

2023-10-17 18:28:07 +02:00 · 2023-10-17 18:28:07 +02:00 · 493d67c8ca
commit 493d67c8ca
parent 85102e3793
4 changed files with 96 additions and 72 deletions
--- a/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/CipherFactory.kt
+++ b/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/CipherFactory.kt
@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2023 New Vector Ltd
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package io.element.android.libraries.cryptography.api
-
-import javax.crypto.Cipher
-
-/**
- * Factory to create [Cipher] instances for encryption and decryption.
- * The implementation should use a secure way to store the keys.
- */
-interface CipherFactory {
-    /**
-     * Create a [Cipher] instance for encryption.
-     * @param alias the alias of the key used for encryption.
-     * @return the [Cipher] instance.
-     */
-    fun createEncryptionCipher(alias: String): Cipher
-
-    /**
-     * Create a [Cipher] instance for decryption.
-     * @param alias the alias of the key used for encryption.
-     * @param initializationVector the initialization vector used for encryption.
-     * @return the [Cipher] instance.
-     */
-    fun createDecryptionCipher(alias: String, initializationVector: ByteArray): Cipher
-}
--- a/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/CryptoService.kt
+++ b/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/CryptoService.kt
@ -0,0 +1,31 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.cryptography.api
+
+import javax.crypto.Cipher
+import javax.crypto.SecretKey
+
+/**
+ * Simple service to provide cryptographic operations.
+ */
+interface CryptoService {
+    fun getOrCreateSecretKey(alias: String): SecretKey
+    fun createEncryptionCipher(key: SecretKey): Cipher
+    fun createDecryptionCipher(key: SecretKey, initializationVector: ByteArray): Cipher
+    fun encrypt(key: SecretKey, input: ByteArray): EncryptionResult
+    fun decrypt(key: SecretKey, encryptionResult: EncryptionResult): ByteArray
+}
--- a/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/EncryptionResult.kt
+++ b/libraries/cryptography/api/src/main/kotlin/io/element/android/libraries/cryptography/api/EncryptionResult.kt
@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2023 New Vector Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.element.android.libraries.cryptography.api
+
+import android.util.Base64
+import java.nio.ByteBuffer
+
+/**
+ * Holds the result of an encryption operation.
+ */
+class EncryptionResult(
+    val encryptedByteArray: ByteArray,
+    val initializationVector: ByteArray
+) {
+    fun toBase64(): String {
+        val initializationVectorSize = ByteBuffer.allocate(Int.SIZE_BYTES).putInt(initializationVector.size).array()
+        val cipherTextWithIv: ByteArray =
+            ByteBuffer.allocate(Int.SIZE_BYTES + initializationVector.size + encryptedByteArray.size)
+                .put(initializationVectorSize)
+                .put(initializationVector)
+                .put(encryptedByteArray)
+                .array()
+        return Base64.encodeToString(cipherTextWithIv, Base64.NO_WRAP)
+    }
+
+    companion object {
+        /**
+         * @param base64 the base64 representation of the encrypted data.
+         * @return the [EncryptionResult] from the base64 representation.
+         */
+        fun fromBase64(base64: String): EncryptionResult {
+            val cipherTextWithIv = Base64.decode(base64, Base64.NO_WRAP)
+            val buffer = ByteBuffer.wrap(cipherTextWithIv)
+            val initializationVectorSize = buffer.int
+            val initializationVector = ByteArray(initializationVectorSize)
+            buffer.get(initializationVector)
+            val encryptedByteArray = ByteArray(buffer.remaining())
+            buffer.get(encryptedByteArray)
+            return EncryptionResult(encryptedByteArray, initializationVector)
+        }
+    }
+}