search

iamMehedi / Secured-Preference-Store

A cryptography library and a SharedPreferences wrapper for Android that encrypts the content with 256 bit AES encryption. The Encryption key is securely stored in device's KeyStore.
562 stars 97 forks source link

RSA Key Generation failed with "IllegalArgumentException: startDate == null" #32

Closed 1amGr00t closed 6 years ago

1amGr00t commented 6 years ago

I run into that issue on API 21 when init the SecurePreferenceStore with SecuredPreferenceStore.init(context.getApplicationContext(), new DefaultRecoveryHandler());

The following Exception was thrown: Caused by: java.lang.IllegalArgumentException: startDate == null at android.security.KeyPairGeneratorSpec.<init>(KeyPairGeneratorSpec.java:141) at android.security.KeyPairGeneratorSpec$Builder.build(KeyPairGeneratorSpec.java:482) at devliving.online.securedpreferencestore.EncryptionManager.generateRSAKeys(EncryptionManager.java:614) at devliving.online.securedpreferencestore.EncryptionManager.generateKey(EncryptionManager.java:480) at devliving.online.securedpreferencestore.EncryptionManager.setup(EncryptionManager.java:151) at devliving.online.securedpreferencestore.EncryptionManager.<init>(EncryptionManager.java:130) at devliving.online.securedpreferencestore.SecuredPreferenceStore.<init>(SecuredPreferenceStore.java:44) at devliving.online.securedpreferencestore.SecuredPreferenceStore.init(SecuredPreferenceStore.java:93) at devliving.online.securedpreferencestore.SecuredPreferenceStore.init(SecuredPreferenceStore.java:114)

The Problem is that both startDate is null when generating the RSA Key. Looking deeper in the code I realized that both startDate and endDate are not set (both are null) in the EncryptionManager:

@SuppressWarnings("WrongConstant")
    void generateRSAKeys(Context context, @Nullable byte[] seed) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException {
        if (!mStore.containsAlias(RSA_KEY_ALIAS)) {
                        KeyPairGenerator keyGen = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, KEYSTORE_PROVIDER);

            KeyPairGeneratorSpec spec;

            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.KITKAT) {
                spec = new KeyPairGeneratorSpec.Builder(context)
                        .setAlias(RSA_KEY_ALIAS)
                        .setKeySize(RSA_BIT_LENGTH)
                        .setKeyType(KEY_ALGORITHM_RSA)
                        .setSerialNumber(BigInteger.ONE)
                        .setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online"))
                        .build();
            } else {
                spec = new KeyPairGeneratorSpec.Builder(context)
                        .setAlias(RSA_KEY_ALIAS)
                        .setSerialNumber(BigInteger.ONE)
                        .setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online"))
                        .build();
            }

            if(seed != null && seed.length > 0) {
                SecureRandom random = new SecureRandom(seed);
                keyGen.initialize(spec, random);
            } else {
                keyGen.initialize(spec);
            }
            keyGen.generateKeyPair();
        }
    }
1amGr00t commented 6 years ago

Maybe this Bug is a consequence of this https://github.com/iamMehedi/Secured-Preference-Store/commit/bbc0e930f7dc916ad20ed067ca21699213329999 commit ?