[MOB-9235] Added tests for encryptor

sumeruchat · sumeruchat · commit 0e767d8d2351 · 2024-12-25T16:56:03.000+01:00
diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableDataEncryptor.kt b/iterableapi/src/main/java/com/iterable/iterableapi/IterableDataEncryptor.kt
@@ -9,19 +9,41 @@ import javax.crypto.Cipher
 import javax.crypto.KeyGenerator
 import javax.crypto.SecretKey
 import javax.crypto.spec.GCMParameterSpec
+import android.os.Build
+import java.security.KeyStore.PasswordProtection
+import androidx.annotation.VisibleForTesting
 
 import com.iterable.iterableapi.IterableLogger
 
 class IterableDataEncryptor {
-    private val TAG = "IterableDataEncryptor"
-    private val ANDROID_KEYSTORE = "AndroidKeyStore"
-    private val TRANSFORMATION = "AES/GCM/NoPadding"
-    private val ITERABLE_KEY_ALIAS = "iterable_encryption_key"
-    private val GCM_IV_LENGTH = 12
-    private val GCM_TAG_LENGTH = 128
+    companion object {
+        private const val TAG = "IterableDataEncryptor"
+        private const val ANDROID_KEYSTORE = "AndroidKeyStore"
+        private const val TRANSFORMATION = "AES/GCM/NoPadding"
+        private const val ITERABLE_KEY_ALIAS = "iterable_encryption_key"
+        private const val GCM_IV_LENGTH = 12
+        private const val GCM_TAG_LENGTH = 128
+        private val TEST_KEYSTORE_PASSWORD = "test_password".toCharArray()
 
-    private val keyStore: KeyStore = KeyStore.getInstance(ANDROID_KEYSTORE).apply {
-        load(null)
+        // Make keyStore static so it's shared across instances
+        private val keyStore: KeyStore by lazy {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2) {
+                try {
+                    KeyStore.getInstance(ANDROID_KEYSTORE).apply {
+                        load(null)
+                    }
+                } catch (e: Exception) {
+                    IterableLogger.e(TAG, "Failed to initialize AndroidKeyStore", e)
+                    KeyStore.getInstance("PKCS12").apply {
+                        load(null, TEST_KEYSTORE_PASSWORD)
+                    }
+                }
+            } else {
+                KeyStore.getInstance("PKCS12").apply {
+                    load(null, TEST_KEYSTORE_PASSWORD)
+                }
+            }
+        }
     }
 
     init {
@@ -31,24 +53,56 @@ class IterableDataEncryptor {
     }
 
     private fun generateKey() {
-        val keyGenerator = KeyGenerator.getInstance(
-            KeyProperties.KEY_ALGORITHM_AES,
-            ANDROID_KEYSTORE
-        )
-        val keyGenParameterSpec = KeyGenParameterSpec.Builder(
-            ITERABLE_KEY_ALIAS,
-            KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
-        )
-            .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
-            .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
-            .build()
+        try {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2 && keyStore.type == ANDROID_KEYSTORE) {
+                try {
+                    val keyGenerator = KeyGenerator.getInstance(
+                        KeyProperties.KEY_ALGORITHM_AES,
+                        ANDROID_KEYSTORE
+                    )
+                    val keyGenParameterSpec = KeyGenParameterSpec.Builder(
+                        ITERABLE_KEY_ALIAS,
+                        KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
+                    )
+                        .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
+                        .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
+                        .build()
 
-        keyGenerator.init(keyGenParameterSpec)
-        keyGenerator.generateKey()
+                    keyGenerator.init(keyGenParameterSpec)
+                    keyGenerator.generateKey()
+                    return
+                } catch (e: Exception) {
+                    IterableLogger.e(TAG, "Failed to generate key using AndroidKeyStore", e)
+                }
+            }
+            
+            // Fallback for test environments or when AndroidKeyStore fails
+            val keyGenerator = KeyGenerator.getInstance("AES")
+            keyGenerator.init(256) // 256-bit AES key
+            val secretKey = keyGenerator.generateKey()
+            
+            // Store the key in the keystore with password protection only for PKCS12
+            val keyEntry = KeyStore.SecretKeyEntry(secretKey)
+            val protParam = if (keyStore.type == "PKCS12") {
+                PasswordProtection(TEST_KEYSTORE_PASSWORD)
+            } else {
+                null
+            }
+            keyStore.setEntry(ITERABLE_KEY_ALIAS, keyEntry, protParam)
+            
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Failed to generate key", e)
+            throw e
+        }
     }
 
     private fun getKey(): SecretKey {
-        return (keyStore.getEntry(ITERABLE_KEY_ALIAS, null) as KeyStore.SecretKeyEntry).secretKey
+        val protParam = if (keyStore.type == "PKCS12") {
+            PasswordProtection(TEST_KEYSTORE_PASSWORD)
+        } else {
+            null
+        }
+        return (keyStore.getEntry(ITERABLE_KEY_ALIAS, protParam) as KeyStore.SecretKeyEntry).secretKey
     }
 
     class DecryptionException(message: String, cause: Throwable? = null) : Exception(message, cause)
@@ -104,4 +158,8 @@ class IterableDataEncryptor {
             throw DecryptionException("Failed to decrypt data", e)
         }
     }
+
+    // Add this method for testing purposes
+    @VisibleForTesting
+    fun getKeyStore(): KeyStore = keyStore
 } 
diff --git a/iterableapi/src/test/java/com/iterable/iterableapi/IterableDataEncryptorTest.java b/iterableapi/src/test/java/com/iterable/iterableapi/IterableDataEncryptorTest.java
@@ -0,0 +1,191 @@
+package com.iterable.iterableapi;
+
+import android.content.SharedPreferences;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.mockito.Mock;
+import org.mockito.MockitoAnnotations;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNotEquals;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import java.security.KeyStore;
+
+public class IterableDataEncryptorTest extends BaseTest {
+
+    private IterableDataEncryptor encryptor;
+
+    @Mock
+    private SharedPreferences sharedPreferences;
+
+    @Before
+    public void setUp() {
+        MockitoAnnotations.initMocks(this);
+        encryptor = new IterableDataEncryptor();
+    }
+
+    @Test
+    public void testConstructor() {
+        // Simply creating a new instance should not throw any exceptions
+        IterableDataEncryptor encryptor = new IterableDataEncryptor();
+        assertNotNull("Encryptor should be created successfully", encryptor);
+    }
+
+    @Test
+    public void testEncryptDecryptSuccess() {
+        String originalText = "test data to encrypt";
+        String encrypted = encryptor.encrypt(originalText);
+        String decrypted = encryptor.decrypt(encrypted);
+
+        assertNotNull("Encrypted text should not be null", encrypted);
+        assertNotEquals("Encrypted text should not match original", originalText, encrypted);
+        assertEquals("Decrypted text should match original", originalText, decrypted);
+    }
+
+    @Test
+    public void testEncryptNullInput() {
+        String encrypted = encryptor.encrypt(null);
+        assertNull("Encrypting null should return null", encrypted);
+    }
+
+    @Test
+    public void testDecryptNullInput() {
+        String decrypted = encryptor.decrypt(null);
+        assertNull("Decrypting null should return null", decrypted);
+    }
+
+    @Test
+    public void testEncryptEmptyString() {
+        String encrypted = encryptor.encrypt("");
+        String decrypted = encryptor.decrypt(encrypted);
+        
+        assertNotNull("Encrypted text should not be null", encrypted);
+        assertEquals("Decrypted text should be empty string", "", decrypted);
+    }
+
+    @Test
+    public void testEncryptLongString() {
+        StringBuilder longString = new StringBuilder();
+        for (int i = 0; i < 1000; i++) {
+            longString.append("test");
+        }
+        String originalText = longString.toString();
+        
+        String encrypted = encryptor.encrypt(originalText);
+        String decrypted = encryptor.decrypt(encrypted);
+
+        assertNotNull("Encrypted text should not be null", encrypted);
+        assertEquals("Decrypted long text should match original", originalText, decrypted);
+    }
+
+    @Test
+    public void testMultipleEncryptions() {
+        String text1 = "first text";
+        String text2 = "second text";
+        
+        String encrypted1 = encryptor.encrypt(text1);
+        String encrypted2 = encryptor.encrypt(text2);
+        
+        assertNotEquals("Different texts should have different encryptions", encrypted1, encrypted2);
+        assertEquals("First text should decrypt correctly", text1, encryptor.decrypt(encrypted1));
+        assertEquals("Second text should decrypt correctly", text2, encryptor.decrypt(encrypted2));
+    }
+
+    @Test(expected = IterableDataEncryptor.DecryptionException.class)
+    public void testDecryptInvalidData() {
+        encryptor.decrypt("invalid encrypted data");
+    }
+
+    @Test
+    public void testClearKeyAndData() {
+        String originalText = "test data";
+        String encrypted = encryptor.encrypt(originalText);
+        
+        // Clear the key
+        encryptor.clearKeyAndData(sharedPreferences);
+        
+        // Try to decrypt the data encrypted with the old key
+        try {
+            encryptor.decrypt(encrypted);
+            fail("Should not be able to decrypt data with cleared key");
+        } catch (Exception e) {
+            // Expected behavior - old encrypted data should not be decryptable
+            assertNotNull(e);
+        }
+        
+        // Verify new encryption/decryption works after clearing
+        String newEncrypted = encryptor.encrypt(originalText);
+        String newDecrypted = encryptor.decrypt(newEncrypted);
+        assertEquals("New encryption/decryption should work after clearing", originalText, newDecrypted);
+    }
+
+    @Test
+    public void testKeyGeneration() throws Exception {
+        // Create new encryptor which should trigger key generation
+        IterableDataEncryptor encryptor = new IterableDataEncryptor();
+        
+        // Get the keystore from the encryptor (we'll need to add a method to expose this)
+        KeyStore keyStore = encryptor.getKeyStore();
+        
+        // Verify the key exists in keystore
+        assertTrue("Key should exist in keystore", keyStore.containsAlias("iterable_encryption_key"));
+        
+        // Rest of the test remains the same
+        String testData = "test data";
+        String encrypted = encryptor.encrypt(testData);
+        String decrypted = encryptor.decrypt(encrypted);
+        assertEquals("Data should be correctly encrypted and decrypted", testData, decrypted);
+    }
+
+    @Test
+    public void testKeyRegeneration() throws Exception {
+        // Create first encryptor and encrypt data
+        IterableDataEncryptor encryptor1 = new IterableDataEncryptor();
+        KeyStore keyStore = encryptor1.getKeyStore();
+        
+        String testData = "test data";
+        String encrypted1 = encryptor1.encrypt(testData);
+        
+        // Delete the key
+        encryptor1.clearKeyAndData(sharedPreferences);
+        
+        // Create second encryptor which should generate a new key
+        IterableDataEncryptor encryptor2 = new IterableDataEncryptor();
+        
+        // Rest of the test remains the same
+        assertTrue("Key should be regenerated", keyStore.containsAlias("iterable_encryption_key"));
+        
+        // Verify old encrypted data can't be decrypted with new key
+        try {
+            encryptor2.decrypt(encrypted1);
+            fail("Should not be able to decrypt data encrypted with old key");
+        } catch (Exception e) {
+            // Expected
+        }
+        
+        // Verify new encryption/decryption works
+        String encrypted2 = encryptor2.encrypt(testData);
+        String decrypted2 = encryptor2.decrypt(encrypted2);
+        assertEquals("New key should work for encryption/decryption", testData, decrypted2);
+    }
+
+    @Test
+    public void testMultipleEncryptorInstances() throws Exception {
+        // Create two encryptor instances
+        IterableDataEncryptor encryptor1 = new IterableDataEncryptor();
+        IterableDataEncryptor encryptor2 = new IterableDataEncryptor();
+        
+        // Test that they can decrypt each other's encrypted data
+        String testData = "test data";
+        String encrypted1 = encryptor1.encrypt(testData);
+        String encrypted2 = encryptor2.encrypt(testData);
+        
+        assertEquals("Encryptor 2 should decrypt Encryptor 1's data", testData, encryptor2.decrypt(encrypted1));
+        assertEquals("Encryptor 1 should decrypt Encryptor 2's data", testData, encryptor1.decrypt(encrypted2));
+    }
+} 
