From 9e0492d576117aa8011e07a2505ba08e2e1fe823 Mon Sep 17 00:00:00 2001 From: Tilak Puli Date: Fri, 3 Nov 2023 11:02:29 +0530 Subject: [PATCH 1/2] feat(inji-533): add null check before decrypting the data Signed-off-by: Tilak Puli --- machines/store.ts | 27 +++++++++++++++++++++------ shared/cryptoutil/cryptoUtil.ts | 6 ++++++ 2 files changed, 27 insertions(+), 6 deletions(-) diff --git a/machines/store.ts b/machines/store.ts index 4a99821a80..edfec4164d 100644 --- a/machines/store.ts +++ b/machines/store.ts @@ -594,8 +594,13 @@ export async function removeItem( await removeVCMetaData(MY_VCS_STORE_KEY, key, encryptionKey); } else if (key === MY_VCS_STORE_KEY) { const data = await Storage.getItem(key, encryptionKey); - const decryptedData = await decryptJson(encryptionKey, data); - const list = JSON.parse(decryptedData) as Object[]; + let list: Object[] = []; + + if (data !== null) { + const decryptedData = await decryptJson(encryptionKey, data); + list = JSON.parse(decryptedData) as Object[]; + } + const newList = list.filter((vcMetadataObject: Object) => { return new VCMetadata(vcMetadataObject).getVcKey() !== value; }); @@ -616,8 +621,13 @@ export async function removeVCMetaData( ) { try { const data = await Storage.getItem(key, encryptionKey); - const decryptedData = await decryptJson(encryptionKey, data); - const list = JSON.parse(decryptedData) as Object[]; + let list: Object[] = []; + + if (data != null) { + const decryptedData = await decryptJson(encryptionKey, data); + list = JSON.parse(decryptedData) as Object[]; + } + const newList = list.filter((vcMetadataObject: Object) => { return new VCMetadata(vcMetadataObject).getVcKey() !== vcKey; }); @@ -648,8 +658,13 @@ export async function removeItems( ) { try { const data = await Storage.getItem(key, encryptionKey); - const decryptedData = await decryptJson(encryptionKey, data); - const list = JSON.parse(decryptedData) as Object[]; + let list: Object[] = []; + + if (data !== null) { + const decryptedData = await decryptJson(encryptionKey, data); + list = JSON.parse(decryptedData) as Object[]; + } + const newList = list.filter( (vcMetadataObject: Object) => !values.includes(new VCMetadata(vcMetadataObject).getVcKey()), diff --git a/shared/cryptoutil/cryptoUtil.ts b/shared/cryptoutil/cryptoUtil.ts index 1983de9d0f..3f1b3652ac 100644 --- a/shared/cryptoutil/cryptoUtil.ts +++ b/shared/cryptoutil/cryptoUtil.ts @@ -125,6 +125,12 @@ export async function decryptJson( CryptoJS.enc.Utf8, ); } + + if (encryptedData === null || encryptedData === undefined) { + // to avoid crash in case of null or undefined + return ''; + } + return await SecureKeystore.decryptData(ENCRYPTION_ID, encryptedData); } catch (e) { console.error('error decryptJson:', e); From 6c9d9b15c0c7cc5eb3df08c3100f9bcdadf47696 Mon Sep 17 00:00:00 2001 From: Tilak Puli Date: Fri, 3 Nov 2023 15:46:11 +0530 Subject: [PATCH 2/2] feat(inji-533): add null check for decrypt json for both hardware keystore and cryptojs Signed-off-by: Tilak Puli --- shared/cryptoutil/cryptoUtil.ts | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/shared/cryptoutil/cryptoUtil.ts b/shared/cryptoutil/cryptoUtil.ts index 3f1b3652ac..f36c6fb9a9 100644 --- a/shared/cryptoutil/cryptoUtil.ts +++ b/shared/cryptoutil/cryptoUtil.ts @@ -115,6 +115,10 @@ export async function decryptJson( encryptedData: string, ): Promise { try { + if (encryptedData === null || encryptedData === undefined) { + // to avoid crash in case of null or undefined + return ''; + } // Disable Encryption in debug mode if (DEBUG_MODE_ENABLED && __DEV__) { return JSON.parse(encryptedData); @@ -126,11 +130,6 @@ export async function decryptJson( ); } - if (encryptedData === null || encryptedData === undefined) { - // to avoid crash in case of null or undefined - return ''; - } - return await SecureKeystore.decryptData(ENCRYPTION_ID, encryptedData); } catch (e) { console.error('error decryptJson:', e);