Encrypt key information in after_prepare

tkyaji · Nov 15, 2017 · a0bb2a3 · a0bb2a3
1 parent 6bb6c1a
commit a0bb2a3
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 6 deletions.
diff --git a/hooks/after_prepare.js b/hooks/after_prepare.js
@@ -27,7 +27,10 @@ module.exports = function(context) {
     var publicKeyHexa = new Buffer(publicKey).toString("hex");
     publicKeyHexa = publicKeyHexa.replace(/0a/g, "");
     publicKey = new Buffer(publicKeyHexa, "hex").toString("ascii");
-    console.log('key=' + key + ', iv=' + iv)
+    var encryptedKey = key.encryptPrivate(buffer, "base64");
+    var encryptedIv = key.encryptPrivate(buffer, "base64");
+    console.log('key(E)=' + key + ', iv(E)=' + iv)
+    console.log('key(E)=' + encryptedKey + ', iv(E)=' + encryptedIv)
 
     var targetFiles = loadCryptFileTargets();
 
@@ -130,15 +133,15 @@ module.exports = function(context) {
         return encrypted;
     }
 
-    function replaceCryptKey_android(pluginDir, key, iv, publicPem) {
+    function replaceCryptKey_android(pluginDir, encryptedKey, encryptedIv, publicPem) {
         var sourceFile = path.join(pluginDir, 'com/qhng/cordova/DecryptResourceNG.java');
         var content = fs.readFileSync(sourceFile, 'utf-8');
 
         var includeArrStr = targetFiles.include.map(function(pattern) { return '"' + pattern.replace('\\', '\\\\') + '"'; }).join(', ');
         var excludeArrStr = targetFiles.exclude.map(function(pattern) { return '"' + pattern.replace('\\', '\\\\') + '"'; }).join(', ');
 
-        content = content.replace(/_CRYPT_KEY = ".*";/, '_CRYPT_KEY = "' + key + '";')
-                         .replace(/_CRYPT_IV = ".*";/, '_CRYPT_IV = "' + iv + '";')
+        content = content.replace(/_CRYPT_KEY = ".*";/, '_CRYPT_KEY = "' + encryptedKey + '";')
+                         .replace(/_CRYPT_IV = ".*";/, '_CRYPT_IV = "' + encryptedIv + '";')
                          .replace(/PUBLIC_PEM = ".*";/, 'PUBLIC_PEM = "' + publicPem + '";')
                          .replace(/INCLUDE_FILES = new String\[\] {.*};/, 'INCLUDE_FILES = new String[] { ' + includeArrStr + ' };')
                          .replace(/EXCLUDE_FILES = new String\[\] {.*};/, 'EXCLUDE_FILES = new String[] { ' + excludeArrStr + ' };');

diff --git a/src/android/com/qhng/cordova/DecryptResourceNG.java b/src/android/com/qhng/cordova/DecryptResourceNG.java
@@ -40,8 +40,8 @@ public DecryptResourceNG() throws Exception {
         PublicKey pubKey = PublicKeyReader.get(PUBLIC_PEM);
         Cipher rsa = Cipher.getInstance("RSA");
         rsa.init(Cipher.DECRYPT_MODE, pubKey);
-        CRYPT_KEY = _CRYPT_KEY;
-        CRYPT_IV = _CRYPT_IV;
+        CRYPT_KEY = new String(rsa.doFinal(Base64.decode(_CRYPT_KEY, Base64.DEFAULT)));
+        CRYPT_IV = new String(rsa.doFinal(Base64.decode(_CRYPT_IV, Base64.DEFAULT)));
     }
 
     @Override