Iterable · sumeruchat · Dec 30, 2024 · Dec 18, 2024 · Dec 18, 2024 · Dec 18, 2024
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,13 +5,13 @@ This project adheres to [Semantic Versioning](http://semver.org/).
 ## [Unreleased]
 
 #### Added
-- nothing yet
+- - Added `IterableDecryptionFailureHandler` interface to handle decryption failures of PII information. 
 
 #### Removed
-- nothing yet
+- Removed `encryptionEnforced` parameter from `IterableConfig` as data is now always encoded for security
 
 #### Changed
-- nothing yet
+- Migrated from EncryptedSharedPreferences to regular SharedPreferences to prevent ANRs while EncryptedSharedPreferences was created on the main thread. We are now using our own encryption library to encrypt PII information before storing it in SharedPreferences.
 
 ## [3.5.4]
 #### Fixed

diff --git a/iterableapi/build.gradle b/iterableapi/build.gradle
@@ -65,7 +65,7 @@ dependencies {
     testImplementation 'androidx.test.ext:junit:1.1.5'
     testImplementation 'androidx.test:rules:1.5.0'
     testImplementation 'org.mockito:mockito-core:3.3.3'
-    testImplementation 'org.mockito:mockito-inline:2.8.47'
+    testImplementation 'org.mockito:mockito-inline:5.2.0'
     testImplementation 'org.robolectric:robolectric:4.9.2'
     testImplementation 'org.robolectric:shadows-playservices:4.9.2'
     testImplementation 'org.khronos:opengl-api:gl1.1-android-2.1_r1'

diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableApi.java b/iterableapi/src/main/java/com/iterable/iterableapi/IterableApi.java
@@ -143,7 +143,7 @@ IterableKeychain getKeychain() {
         }
         if (keychain == null) {
             try {
-                keychain = new IterableKeychain(getMainActivityContext(), config.encryptionEnforced);
+                keychain = new IterableKeychain(getMainActivityContext(), config.decryptionFailureHandler);
             } catch (Exception e) {
                 IterableLogger.e(TAG, "Failed to create IterableKeychain", e);
             }

diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableConfig.java b/iterableapi/src/main/java/com/iterable/iterableapi/IterableConfig.java
@@ -86,14 +86,17 @@ public class IterableConfig {
      * By default, the SDK will save in-apps to disk.
      */
     final boolean useInMemoryStorageForInApps;
-
-    final boolean encryptionEnforced;
-
     /**
      * Allows for fetching embedded messages.
      */
     final boolean enableEmbeddedMessaging;
 
+    /**
+     * Handler for decryption failures of PII information.
+     * Before calling this handler, the SDK will clear the PII information and create new encryption keys
+     */
+    final IterableDecryptionFailureHandler decryptionFailureHandler;
+
     private IterableConfig(Builder builder) {
         pushIntegrationName = builder.pushIntegrationName;
         urlHandler = builder.urlHandler;
@@ -109,8 +112,8 @@ private IterableConfig(Builder builder) {
         allowedProtocols = builder.allowedProtocols;
         dataRegion = builder.dataRegion;
         useInMemoryStorageForInApps = builder.useInMemoryStorageForInApps;
-        encryptionEnforced = builder.encryptionEnforced;
         enableEmbeddedMessaging = builder.enableEmbeddedMessaging;
+        decryptionFailureHandler = builder.decryptionFailureHandler;
     }
 
     public static class Builder {
@@ -128,8 +131,8 @@ public static class Builder {
         private String[] allowedProtocols = new String[0];
         private IterableDataRegion dataRegion = IterableDataRegion.US;
         private boolean useInMemoryStorageForInApps = false;
-        private boolean encryptionEnforced = false;
         private boolean enableEmbeddedMessaging = false;
+        private IterableDecryptionFailureHandler decryptionFailureHandler;
 
         public Builder() {}
 
@@ -261,17 +264,6 @@ public Builder setAllowedProtocols(@NonNull String[] allowedProtocols) {
             return this;
         }
 
-        /**
-         * Set whether the SDK should enforce encryption. If set to `true`, the SDK will not use fallback mechanism
-         * of storing data in un-encrypted shared preferences if encrypted database is not available. Set this to `true`
-         * if PII confidentiality is a concern for your app.
-         * @param encryptionEnforced `true` will have the SDK enforce encryption.
-         */
-        public Builder setEncryptionEnforced(boolean encryptionEnforced) {
-            this.encryptionEnforced = encryptionEnforced;
-            return this;
-        }
-
         /**
          * Set the data region used by the SDK
          * @param dataRegion enum value that determines which endpoint to use, defaults to IterableDataRegion.US
@@ -302,6 +294,16 @@ public Builder setEnableEmbeddedMessaging(boolean enableEmbeddedMessaging) {
             return this;
         }
 
+        /**
+         * Set a handler for decryption failures that can be used to handle data recovery
+         * @param handler Decryption failure handler provided by the app
+         */
+        @NonNull
+        public Builder setDecryptionFailureHandler(@NonNull IterableDecryptionFailureHandler handler) {
+            this.decryptionFailureHandler = handler;
+            return this;
+        }
+
         @NonNull
         public IterableConfig build() {
             return new IterableConfig(this);

diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableDataEncryptor.kt b/iterableapi/src/main/java/com/iterable/iterableapi/IterableDataEncryptor.kt
@@ -0,0 +1,173 @@
+package com.iterable.iterableapi
+
+import android.util.Base64
+import android.security.keystore.KeyGenParameterSpec
+import android.security.keystore.KeyProperties
+import java.security.KeyStore
+import javax.crypto.Cipher
+import javax.crypto.KeyGenerator
+import javax.crypto.SecretKey
+import javax.crypto.spec.GCMParameterSpec
+import android.os.Build
+import java.security.KeyStore.PasswordProtection
+import androidx.annotation.VisibleForTesting
+
+class IterableDataEncryptor {
+    companion object {
+        private const val TAG = "IterableDataEncryptor"
+        private const val ANDROID_KEYSTORE = "AndroidKeyStore"
+        private const val TRANSFORMATION = "AES/GCM/NoPadding"
+        private const val ITERABLE_KEY_ALIAS = "iterable_encryption_key"
+        private const val GCM_IV_LENGTH = 12
+        private const val GCM_TAG_LENGTH = 128
+        private val TEST_KEYSTORE_PASSWORD = "test_password".toCharArray()
+
+        // Make keyStore static so it's shared across instances
+        private val keyStore: KeyStore by lazy {
+            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2) {
+                try {
+                    KeyStore.getInstance(ANDROID_KEYSTORE).apply {
+                        load(null)
+                    }
+                } catch (e: Exception) {
+                    IterableLogger.e(TAG, "Failed to initialize AndroidKeyStore", e)
+                    KeyStore.getInstance("PKCS12").apply {
+                        load(null, TEST_KEYSTORE_PASSWORD)
+                    }
+                }
+            } else {
+                KeyStore.getInstance("PKCS12").apply {
+                    load(null, TEST_KEYSTORE_PASSWORD)
+                }
+            }
+        }
+    }
+
+    init {
+        if (!keyStore.containsAlias(ITERABLE_KEY_ALIAS)) {
+            generateKey()
+        }
+    }
+
+    private fun generateKey() {
+        try {
+            if (canUseAndroidKeyStore()) {
+                generateAndroidKeyStoreKey()?.let { return }
+            }
+            generateFallbackKey()
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Failed to generate key", e)
+            throw e
+        }
+    }
+
+    private fun canUseAndroidKeyStore(): Boolean {
+        return Build.VERSION.SDK_INT >= Build.VERSION_CODES.JELLY_BEAN_MR2 &&
+               keyStore.type == ANDROID_KEYSTORE
+    }
+
+    private fun generateAndroidKeyStoreKey(): Unit? {
+        return try {
+            val keyGenerator = KeyGenerator.getInstance(
+                KeyProperties.KEY_ALGORITHM_AES,
+                ANDROID_KEYSTORE
+            )
+
+            val keySpec = KeyGenParameterSpec.Builder(
+                ITERABLE_KEY_ALIAS,
+                KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT
+            )
+                .setBlockModes(KeyProperties.BLOCK_MODE_GCM)
+                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)
+                .build()
+
+            keyGenerator.init(keySpec)
+            keyGenerator.generateKey()
+            Unit
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Failed to generate key using AndroidKeyStore", e)
+            null
+        }
+    }
+
+    private fun generateFallbackKey() {
+        val keyGenerator = KeyGenerator.getInstance("AES")
+        keyGenerator.init(256) // 256-bit AES key
+        val secretKey = keyGenerator.generateKey()
+
+        val keyEntry = KeyStore.SecretKeyEntry(secretKey)
+        val protParam = if (keyStore.type == "PKCS12") {
+            PasswordProtection(TEST_KEYSTORE_PASSWORD)
+        } else {
+            null
+        }
+        keyStore.setEntry(ITERABLE_KEY_ALIAS, keyEntry, protParam)
+    }
+
+    private fun getKey(): SecretKey {
+        val protParam = if (keyStore.type == "PKCS12") {
+            PasswordProtection(TEST_KEYSTORE_PASSWORD)
+        } else {
+            null
+        }
+        return (keyStore.getEntry(ITERABLE_KEY_ALIAS, protParam) as KeyStore.SecretKeyEntry).secretKey
+    }
+
+    class DecryptionException(message: String, cause: Throwable? = null) : Exception(message, cause)
+
+    fun resetKeys() {
+        try {
+            keyStore.deleteEntry(ITERABLE_KEY_ALIAS)
+            generateKey()
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Failed to regenerate key", e)
+        }
+    }
+
+    fun encrypt(value: String?): String? {
+        if (value == null) return null
+
+        try {
+            val cipher = Cipher.getInstance(TRANSFORMATION)
+            cipher.init(Cipher.ENCRYPT_MODE, getKey())
+
+            val iv = cipher.iv
+            val encrypted = cipher.doFinal(value.toByteArray(Charsets.UTF_8))
+
+            // Combine IV and encrypted data
+            val combined = ByteArray(iv.size + encrypted.size)
+            System.arraycopy(iv, 0, combined, 0, iv.size)
+            System.arraycopy(encrypted, 0, combined, iv.size, encrypted.size)
+
+            return Base64.encodeToString(combined, Base64.NO_WRAP)
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Encryption failed", e)
+            throw e
+        }
+    }
+
+    fun decrypt(value: String?): String? {
+        if (value == null) return null
+
+        try {
+            val combined = Base64.decode(value, Base64.NO_WRAP)
+
+            // Extract IV
+            val iv = combined.copyOfRange(0, GCM_IV_LENGTH)
+            val encrypted = combined.copyOfRange(GCM_IV_LENGTH, combined.size)
+
+            val cipher = Cipher.getInstance(TRANSFORMATION)
+            val spec = GCMParameterSpec(GCM_TAG_LENGTH, iv)
+            cipher.init(Cipher.DECRYPT_MODE, getKey(), spec)
+
+            return String(cipher.doFinal(encrypted), Charsets.UTF_8)
+        } catch (e: Exception) {
+            IterableLogger.e(TAG, "Decryption failed", e)
+            throw DecryptionException("Failed to decrypt data", e)
+        }
+    }
+
+    // Add this method for testing purposes
+    @VisibleForTesting
+    fun getKeyStore(): KeyStore = keyStore
+}
diff --git a/iterableapi/src/main/java/com/iterable/iterableapi/IterableDecryptionFailureHandler.java b/iterableapi/src/main/java/com/iterable/iterableapi/IterableDecryptionFailureHandler.java
@@ -0,0 +1,12 @@
+package com.iterable.iterableapi;
+
+/**
+ * Interface for handling decryption failures
+ */
+public interface IterableDecryptionFailureHandler {
+    /**
+     * Called when a decryption failure occurs
+     * @param exception The exception that caused the decryption failure
+     */
+    void onDecryptionFailed(Exception exception);
+}