From 3454721c3b484c9881fb7ea40d88e99506b88ad3 Mon Sep 17 00:00:00 2001 From: Carl Mathieu Date: Fri, 24 Nov 2023 13:36:11 -0500 Subject: [PATCH] refactor: refactor KeyName and KeyValue --- BREAKING_CHANGES.md | 3 +- README.md | 6 +- .../IBiometryService.cs | 18 ++--- src/BiometryService/BaseBiometryService.cs | 6 +- .../BiometryService.Android.cs | 60 ++++++++-------- src/BiometryService/BiometryService.iOS.cs | 68 +++++++++---------- src/BiometryService/FakeBiometryService.cs | 32 ++++----- .../UnsupportedBiometryService.cs | 6 +- 8 files changed, 100 insertions(+), 99 deletions(-) diff --git a/BREAKING_CHANGES.md b/BREAKING_CHANGES.md index 2bf4b87..9164a36 100644 --- a/BREAKING_CHANGES.md +++ b/BREAKING_CHANGES.md @@ -3,4 +3,5 @@ ## 2.0.0 * Added support .net 7 -* Dropped support for .net 6 \ No newline at end of file +* Dropped support for .net 6 +* Refactored IBiometryService KeyName to Key and KeyValue to Value \ No newline at end of file diff --git a/README.md b/README.md index 8c2b440..7e8fed6 100644 --- a/README.md +++ b/README.md @@ -169,7 +169,7 @@ await biometryService.ScanBiometry(CancellationToken.None); This method encrypts a value and stores it into the platform secure storage with the given key name. ``` cs -await biometryService.Encrypt(CancellationToken.None, "KeyName", "KeyValue"); +await biometryService.Encrypt(CancellationToken.None, "Key", "Value"); ``` On Android, a new `CryptoObject` from `AndroidX.Biometric` is created with a key as a parameter. Then the data is encrypted and presented to the `BiometricPrompt` manager. @@ -182,7 +182,7 @@ On iOS, the `SecKeyChain` is used to store a string linked to a key. The OS is i This method decrypts and gets the data associated to the given key. ``` cs -await biometryService.Decrypt(CancellationToken.None, "KeyName"); +await biometryService.Decrypt(CancellationToken.None, "Key"); ``` On Android, the method retrieves the shared preference encrypted data, then decrypts it with the secret as a parameter by presenting it to the `BiometricPrompt` manager. @@ -194,7 +194,7 @@ On iOS, the method retrieves the encrypted data from the `SecKeyChain` with the This method removes the ecrypted value from the platform secure storage. ``` cs -biometryService.Remove("KeyName"); +biometryService.Remove("Key"); ``` On Android, the method removes the encrypted data from the shared preferences. diff --git a/src/BiometryService.Abstractions/IBiometryService.cs b/src/BiometryService.Abstractions/IBiometryService.cs index 4875215..de751a8 100644 --- a/src/BiometryService.Abstractions/IBiometryService.cs +++ b/src/BiometryService.Abstractions/IBiometryService.cs @@ -34,32 +34,32 @@ public interface IBiometryService Task ScanBiometry(CancellationToken ct); /// - /// Encrypts the value and stores it into the platform secure storage with the given . + /// Encrypts the value and stores it into the platform secure storage with the given . /// /// /// Catch and throw for general biometry errors. /// /// . - /// The name of the key. - /// The value to be encrypt. - Task Encrypt(CancellationToken ct, string keyName, string keyValue); + /// The name of the key. + /// The value to be encrypt. + Task Encrypt(CancellationToken ct, string key, string value); /// - /// Decrypts and gets the data associated to the given . + /// Decrypts and gets the data associated to the given . /// /// /// Catch and throw for general biometry errors. /// Catch and throw if the user cancelled the operation. /// /// . - /// The name of the Key. + /// The name of the Key. /// The decrypted data associated to the key. - Task Decrypt(CancellationToken ct, string keyName); + Task Decrypt(CancellationToken ct, string key); /// /// Removes the ecrypted value in the platform secure storage. /// - /// The name of the Key. + /// The name of the Key. /// Thrown for general biometry errors. - void Remove(string keyName); + void Remove(string key); } diff --git a/src/BiometryService/BaseBiometryService.cs b/src/BiometryService/BaseBiometryService.cs index 8d695cb..6c72f5e 100644 --- a/src/BiometryService/BaseBiometryService.cs +++ b/src/BiometryService/BaseBiometryService.cs @@ -25,16 +25,16 @@ public BaseBiometryService(ILoggerFactory loggerFactory = null) } /// - public abstract Task Decrypt(CancellationToken ct, string keyName); + public abstract Task Decrypt(CancellationToken ct, string key); /// - public abstract Task Encrypt(CancellationToken ct, string keyName, string keyValue); + public abstract Task Encrypt(CancellationToken ct, string key, string value); /// public abstract Task GetCapabilities(CancellationToken ct); /// - public abstract void Remove(string keyName); + public abstract void Remove(string key); /// public abstract Task ScanBiometry(CancellationToken ct); diff --git a/src/BiometryService/BiometryService.Android.cs b/src/BiometryService/BiometryService.Android.cs index 6eb5e63..5e61b95 100644 --- a/src/BiometryService/BiometryService.Android.cs +++ b/src/BiometryService/BiometryService.Android.cs @@ -87,16 +87,16 @@ public override async Task ScanBiometry(CancellationToken ct) } /// - public override async Task Encrypt(CancellationToken ct, string keyName, string value) + public override async Task Encrypt(CancellationToken ct, string key, string value) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug($"Encrypting the fingerprint for the key '{keyName}'."); + Logger.LogDebug($"Encrypting the fingerprint for the key '{key}'."); } await ValidateBiometryCapabilities(ct); - var crypto = CreateCryptoObject(keyName); + var crypto = CreateCryptoObject(key); var result = await AuthenticateBiometry(ct, crypto); var valueToEncrypt = Encoding.UTF8.GetBytes(value); var encryptedData = result.CryptoObject.Cipher.DoFinal(valueToEncrypt); @@ -108,26 +108,26 @@ public override async Task Encrypt(CancellationToken ct, string keyName, string if (Logger.IsEnabled(LogLevel.Information)) { - Logger.LogInformation($"Succcessfully encrypted the fingerprint for the key'{keyName}'."); + Logger.LogInformation($"Succcessfully encrypted the fingerprint for the key'{key}'."); } var encodedData = Base64.EncodeToString(bytes, Base64Flags.NoWrap); var sharedpref = _applicationContext.GetSharedPreferences(PREFERENCE_NAME, FileCreationMode.Private); - sharedpref.Edit().PutString(keyName, encodedData).Apply(); + sharedpref.Edit().PutString(key, encodedData).Apply(); } /// - public override async Task Decrypt(CancellationToken ct, string keyName) + public override async Task Decrypt(CancellationToken ct, string key) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug($"Decrypting the fingerprint for the key '{keyName}'."); + Logger.LogDebug($"Decrypting the fingerprint for the key '{key}'."); } await ValidateBiometryCapabilities(ct); var sharedpref = _applicationContext.GetSharedPreferences(PREFERENCE_NAME, FileCreationMode.Private); - var storedData = sharedpref.GetString(keyName, null); + var storedData = sharedpref.GetString(key, null); if (storedData == null) { @@ -154,38 +154,38 @@ public override async Task Decrypt(CancellationToken ct, string keyName) data.Length - 16 ); - var crypto = GetCryptoObject(keyName, iv); + var crypto = GetCryptoObject(key, iv); var result = await AuthenticateBiometry(ct, crypto); var decryptedData = result.CryptoObject.Cipher.DoFinal(buffer); if (Logger.IsEnabled(LogLevel.Information)) { - Logger.LogInformation($"Succcessfully decrypted the fingerprint for the key '{keyName}'."); + Logger.LogInformation($"Succcessfully decrypted the fingerprint for the key '{key}'."); } return Encoding.ASCII.GetString(decryptedData); } /// - public override void Remove(string keyName) + public override void Remove(string key) { try { var sharedpref = _applicationContext.GetSharedPreferences(PREFERENCE_NAME, FileCreationMode.Private); - sharedpref.Edit().Remove(keyName).Apply(); + sharedpref.Edit().Remove(key).Apply(); if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully removed.", keyName); + Logger.LogDebug("The key '{key}' has been successfully removed.", key); } } catch (System.Exception) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has not been successfully removed.", keyName); + Logger.LogDebug("The key '{key}' has not been successfully removed.", key); } - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{keyName}'."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{key}'."); } } @@ -296,23 +296,23 @@ public override void Remove(string keyName) } } - private BiometricPrompt.CryptoObject CreateCryptoObject(string keyName) + private BiometricPrompt.CryptoObject CreateCryptoObject(string key) { var cipher = Cipher.GetInstance(CIPHER_NAME); - if (_keyStore.IsKeyEntry(keyName)) + if (_keyStore.IsKeyEntry(key)) { - _keyStore.DeleteEntry(keyName); + _keyStore.DeleteEntry(key); } if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug($"Generating a symmetric pair (key name: '{keyName}')."); + Logger.LogDebug($"Generating a symmetric pair (key name: '{key}')."); } var keygen = KeyGenerator.GetInstance(KeyProperties.KeyAlgorithmAes, ANDROID_KEYSTORE); - keygen.Init(new KeyGenParameterSpec.Builder(keyName, KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt) + keygen.Init(new KeyGenParameterSpec.Builder(key, KeyStorePurpose.Encrypt | KeyStorePurpose.Decrypt) .SetBlockModes(KeyProperties.BlockModeCbc) .SetEncryptionPaddings(KeyProperties.EncryptionPaddingPkcs7) .SetUserAuthenticationRequired(true) @@ -324,23 +324,23 @@ private BiometricPrompt.CryptoObject CreateCryptoObject(string keyName) if (Logger.IsEnabled(LogLevel.Information)) { - Logger.LogInformation($"Successfully generated a symmetric pair (key name: '{keyName}')."); + Logger.LogInformation($"Successfully generated a symmetric pair (key name: '{key}')."); } - cipher.Init(CipherMode.EncryptMode, _keyStore.GetKey(keyName, null)); + cipher.Init(CipherMode.EncryptMode, _keyStore.GetKey(key, null)); return new BiometricPrompt.CryptoObject(cipher); } - private BiometricPrompt.CryptoObject GetCryptoObject(string keyName, byte[] iv = null) + private BiometricPrompt.CryptoObject GetCryptoObject(string key, byte[] iv = null) { var cipher = Cipher.GetInstance(CIPHER_NAME); - if (_keyStore.IsKeyEntry(keyName)) + if (_keyStore.IsKeyEntry(key)) { try { - cipher.Init(CipherMode.DecryptMode, _keyStore.GetKey(keyName, null), new IvParameterSpec(iv)); + cipher.Init(CipherMode.DecryptMode, _keyStore.GetKey(key, null), new IvParameterSpec(iv)); return new BiometricPrompt.CryptoObject(cipher); } @@ -348,14 +348,14 @@ private BiometricPrompt.CryptoObject GetCryptoObject(string keyName, byte[] iv = { if (Logger.IsEnabled(LogLevel.Error)) { - Logger.LogError($"Key '{keyName}' has been permanently invalidated."); + Logger.LogError($"Key '{key}' has been permanently invalidated."); } - _keyStore.DeleteEntry(keyName); + _keyStore.DeleteEntry(key); if (Logger.IsEnabled(LogLevel.Information)) { - Logger.LogInformation($"Permanently invalidated key '{keyName}' has been removed successfully."); + Logger.LogInformation($"Permanently invalidated key '{key}' has been removed successfully."); } throw new BiometryException(BiometryExceptionReason.KeyInvalidated, "Something went wrong while generating the CryptoObject used to decrypt."); @@ -365,9 +365,9 @@ private BiometricPrompt.CryptoObject GetCryptoObject(string keyName, byte[] iv = { if (Logger.IsEnabled(LogLevel.Error)) { - Logger.LogError($"Key '{keyName}' not found."); + Logger.LogError($"Key '{key}' not found."); } - throw new BiometryException(BiometryExceptionReason.KeyInvalidated, $"Key '{keyName}' not found."); + throw new BiometryException(BiometryExceptionReason.KeyInvalidated, $"Key '{key}' not found."); } } diff --git a/src/BiometryService/BiometryService.iOS.cs b/src/BiometryService/BiometryService.iOS.cs index 454cc31..8c79d62 100644 --- a/src/BiometryService/BiometryService.iOS.cs +++ b/src/BiometryService/BiometryService.iOS.cs @@ -217,76 +217,76 @@ public override async Task ScanBiometry(CancellationToken ct) } /// - public override async Task Encrypt(CancellationToken ct, string keyName, string keyValue) + public override async Task Encrypt(CancellationToken ct, string key, string value) { try { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Encrypting the key '{keyName}'.", keyName); + Logger.LogDebug("Encrypting the key '{key}'.", key); } await ValidateBiometryCapabilities(ct); - SetValueForKey(keyName, keyValue); + SetValueForKey(key, value); if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully encrypted.", keyName); + Logger.LogDebug("The key '{key}' has been successfully encrypted.", key); } } catch { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has not been successfully encrypted.", keyName); + Logger.LogDebug("The key '{key}' has not been successfully encrypted.", key); } throw; } } /// - public override async Task Decrypt(CancellationToken ct, string keyName) + public override async Task Decrypt(CancellationToken ct, string key) { try { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Decrypting the key '{keyName}'.", keyName); + Logger.LogDebug("Decrypting the key '{key}'.", key); } await ValidateBiometryCapabilities(ct); - var keyValue = GetValueForKey(keyName); + var value = GetValueForKey(key); if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully decrypted.", keyName); + Logger.LogDebug("The key '{key}' has been successfully decrypted.", key); } - return keyValue; + return value; } catch { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has not been successfully decrypted.", keyName); + Logger.LogDebug("The key '{key}' has not been successfully decrypted.", key); } throw; } } /// - public override void Remove(string keyName) + public override void Remove(string key) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Removing the key '{keyName}'.", keyName); + Logger.LogDebug("Removing the key '{key}'.", key); } var record = new SecRecord(SecKind.GenericPassword) { - Service = keyName.ToLowerInvariant(), + Service = key.ToLowerInvariant(), UseOperationPrompt = _useOperationPrompt }; @@ -295,14 +295,14 @@ public override void Remove(string keyName) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has not been successfully removed. Status = {status}.", keyName, status); + Logger.LogDebug("The key '{key}' has not been successfully removed. Status = {status}.", key, status); } - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{keyName}'. Status = {status}."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{key}'. Status = {status}."); } if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully removed.", keyName); + Logger.LogDebug("The key '{key}' has been successfully removed.", key); } } @@ -328,19 +328,19 @@ private static BiometryType GetBiometryTypeFrom(LABiometryType biometryType) /// /// If the key already exists, it will be replaced. /// - /// The key name. - /// The key value. + /// The key name. + /// The key value. /// . - private void SetValueForKey(string keyName, string keyValue) + private void SetValueForKey(string key, string value) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Saving the key '{keyName}'.", keyName); + Logger.LogDebug("Saving the key '{key}'.", key); } var record = new SecRecord(SecKind.GenericPassword) { - Service = keyName.ToLowerInvariant(), + Service = key.ToLowerInvariant(), }; // Check for duplicate key. @@ -353,42 +353,42 @@ private void SetValueForKey(string keyName, string keyValue) _fallbackOnPasscodeAuthentication ? SecAccessControlCreateFlags.UserPresence : SecAccessControlCreateFlags.BiometryCurrentSet ); - record.Generic = NSData.FromString(keyValue); + record.Generic = NSData.FromString(value); var result = SecKeyChain.Add(record); if (result is not SecStatusCode.Success) { - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while saving the key '{keyName}'. Status = {result}."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while saving the key '{key}'. Status = {result}."); } if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Successfully saved the key '{keyName}'.", keyName); + Logger.LogDebug("Successfully saved the key '{key}'.", key); } } else { - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while checking for duplicate key '{keyName}'. Status = {status}."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while checking for duplicate key '{key}'. Status = {status}."); } } /// /// Get the encrypted value for the key using biometry. /// - /// The key name. + /// The key name. /// Key value. /// . /// . - private string GetValueForKey(string keyName) + private string GetValueForKey(string key) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Retrieving the key '{keyName}'.", keyName); + Logger.LogDebug("Retrieving the key '{key}'.", key); } var record = new SecRecord(SecKind.GenericPassword) { - Service = keyName.ToLowerInvariant(), + Service = key.ToLowerInvariant(), UseOperationPrompt = _useOperationPrompt }; @@ -398,22 +398,22 @@ private string GetValueForKey(string keyName) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("Successfully retrieved value of the key '{keyName}'.", keyName); + Logger.LogDebug("Successfully retrieved value of the key '{key}'.", key); } return key.Generic.ToString(); } var reason = BiometryExceptionReason.Failed; - var message = $"Something went wrong while retrieving value of the key '{keyName}'."; + var message = $"Something went wrong while retrieving value of the key '{key}'."; switch (result) { case SecStatusCode.AuthFailed: reason = BiometryExceptionReason.Failed; - message = $"Authentication failed. Could not retrieve value of the key '{keyName}'."; + message = $"Authentication failed. Could not retrieve value of the key '{key}'."; break; case SecStatusCode.ItemNotFound: - message = $"Key '{keyName}' not found."; + message = $"Key '{key}' not found."; reason = BiometryExceptionReason.KeyInvalidated; break; case SecStatusCode.UserCanceled: diff --git a/src/BiometryService/FakeBiometryService.cs b/src/BiometryService/FakeBiometryService.cs index 25c6a86..ce636b9 100644 --- a/src/BiometryService/FakeBiometryService.cs +++ b/src/BiometryService/FakeBiometryService.cs @@ -41,47 +41,47 @@ public FakeBiometryService( } /// - public override async Task Decrypt(CancellationToken ct, string keyName) + public override async Task Decrypt(CancellationToken ct, string key) { await ValidateBiometryCapabilities(ct); - if (_keyValuePairs.TryGetValue(keyName, out var keyValue)) + if (_keyValuePairs.TryGetValue(key, out var value)) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully decrypted.", keyName); + Logger.LogDebug("The key '{key}' has been successfully decrypted.", key); } - return keyValue; + return value; } - throw new BiometryException(BiometryExceptionReason.KeyInvalidated, $"Key '{keyName}' not found."); + throw new BiometryException(BiometryExceptionReason.KeyInvalidated, $"Key '{key}' not found."); } /// - public override async Task Encrypt(CancellationToken ct, string keyName, string keyValue) + public override async Task Encrypt(CancellationToken ct, string key, string value) { try { await ValidateBiometryCapabilities(ct); - if (_keyValuePairs.ContainsKey(keyName)) + if (_keyValuePairs.ContainsKey(key)) { - _keyValuePairs.Remove(keyName); + _keyValuePairs.Remove(key); } - _keyValuePairs.Add(keyName, keyValue); + _keyValuePairs.Add(key, value); if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully encrypted.", keyName); + Logger.LogDebug("The key '{key}' has been successfully encrypted.", key); } } catch (Exception) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has not been successfully encrypted.", keyName); + Logger.LogDebug("The key '{key}' has not been successfully encrypted.", key); } - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while saving the key '{keyName}'."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while saving the key '{key}'."); } } @@ -96,16 +96,16 @@ public override Task GetCapabilities(CancellationToken ct) } /// - public override void Remove(string keyName) + public override void Remove(string key) { - if (_keyValuePairs.Remove(keyName)) + if (_keyValuePairs.Remove(key)) { if (Logger.IsEnabled(LogLevel.Debug)) { - Logger.LogDebug("The key '{keyName}' has been successfully removed.", keyName); + Logger.LogDebug("The key '{key}' has been successfully removed.", key); } } - throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{keyName}'."); + throw new BiometryException(BiometryExceptionReason.Failed, $"Something went wrong while removing the key '{key}'."); } /// diff --git a/src/BiometryService/UnsupportedBiometryService.cs b/src/BiometryService/UnsupportedBiometryService.cs index 1371fd2..86fc73a 100644 --- a/src/BiometryService/UnsupportedBiometryService.cs +++ b/src/BiometryService/UnsupportedBiometryService.cs @@ -22,19 +22,19 @@ public Task ScanBiometry(CancellationToken ct) } /// - public Task Encrypt(CancellationToken ct, string keyName, string keyValue) + public Task Encrypt(CancellationToken ct, string key, string value) { throw new NotSupportedException($"{nameof(UnsupportedBiometryService)} doesn't support encrypting key."); } /// - public Task Decrypt(CancellationToken ct, string keyName) + public Task Decrypt(CancellationToken ct, string key) { throw new NotSupportedException($"{nameof(UnsupportedBiometryService)} doesn't support decrypting key."); } /// - public void Remove(string keyName) + public void Remove(string key) { throw new NotSupportedException($"{nameof(UnsupportedBiometryService)} doesn't support removing encrypted key."); }