Merge pull request #626 from /issues/620-android-biometry-1.7.x

Store biometry key for each PowerAuthSDK instance (1.7.x)

docs/Migration-from-1.6-to-1.7.md

@@ -214,3 +214,12 @@ The behavior of `PowerAuthSDK.authenticateUsingBiometry()` has been slightly cha
 ### tvOS
 
 The `PowerAuthSDK.authenticateUsingBiometry()` function is no longer available on tvOS platform.
+
+## Changes in 1.7.10+
+
+### Android
+
+- The shared biometry-related encryption key is no longer supported in `PowerAuthSDK`. If an activation is already using the shared key, then it's in use until the activation or the biometry factor is removed. As part of this change, the following methods are now deprecated:
+  - Method `PowerAuthSDK.removeActivationLocal(Context, boolean)` is now deprecated. Use `removeActivationLocal(Context)` as a replacement.
+  - Method `PowerAuthKeychainConfiguration.getKeychainBiometryDefaultKey()` is now deprecated. Use `getKeychainKeyBiometry()` as a replacement.
+  - Method `PowerAuthKeychainConfiguration.Builder.keychainBiometryDefaultKey(String)` is now deprecated. Use `keychainKeyBiometry(String)` as a replacement.

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/PowerAuthServerApi.java

@@ -301,10 +301,11 @@ public interface PowerAuthServerApi {
      * @param activationId Activation identifier.
      * @param data Signed data.
      * @param signature Signature for data.
+     * @param format Signature format. Use "DER" (default if not provided) or "JOSE".
      * @return {@code true} if signature is valid.
      * @throws Exception In case of failure.
      */
-    boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature) throws Exception;
+    boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature, @Nullable String format) throws Exception;
 
     /**
      * Create a payload for offline QR code, signed with non-personalized private key.

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/PowerAuthTestHelper.java

@@ -27,7 +27,6 @@
 import io.getlime.security.powerauth.integration.support.model.Application;
 import io.getlime.security.powerauth.integration.support.model.ApplicationDetail;
 import io.getlime.security.powerauth.integration.support.model.ApplicationVersion;
-import io.getlime.security.powerauth.integration.support.model.ProtocolVersion;
 import io.getlime.security.powerauth.networking.ssl.HttpClientSslNoValidationStrategy;
 import io.getlime.security.powerauth.sdk.PowerAuthAuthenticationHelper;
 import io.getlime.security.powerauth.sdk.PowerAuthClientConfiguration;
@@ -209,7 +208,7 @@ public Builder(@NonNull Context context, @NonNull PowerAuthTestConfig testConfig
                 if (sdk.hasValidActivation()) {
                     Logger.e("Shared PowerAuthSDK has a valid activation at test initialization.");
                 }
-                sdk.removeActivationLocal(context, true);
+                sdk.removeActivationLocal(context);
             } else {
                 if (!sdk.hasValidActivation()) {
                     Logger.e("Shared PowerAuthSDK doesn't have a valid activation at test initialization.");
@@ -452,7 +451,7 @@ private PowerAuthTestHelper(
                 .keychainConfiguration(getSharedPowerAuthKeychainConfiguration())
                 .build(getContext());
         if (resetActivation && sdk.hasValidActivation()) {
-            sdk.removeActivationLocal(getContext(), true);
+            sdk.removeActivationLocal(getContext());
         }
         return sdk;
     }
@@ -484,6 +483,6 @@ private PowerAuthTestHelper(
      * @return Expected protocol version for HTTP headers.
      */
     public @NonNull String getProtocolVersionForHeader() {
-        return ProtocolVersion.V3_1.versionForHeader;
+        return testConfig.getServerVersion().maxProtocolVersion.versionForHeader;
     }
 }

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/client/PowerAuthClientFactory.java

@@ -24,6 +24,7 @@
 import io.getlime.security.powerauth.integration.support.v10.PowerAuthClientV3_ServerV10;
 import io.getlime.security.powerauth.integration.support.v13.PowerAuthClientV3_ServerV13;
 import io.getlime.security.powerauth.integration.support.v15.PowerAuthClientV3_ServerV15;
+import io.getlime.security.powerauth.integration.support.v19.PowerAuthClientV3_ServerV19;
 
 /**
  * The {@code PowerAuthClientFactory} provides client that communicate with PowerAuth Server API,
@@ -46,8 +47,10 @@ public PowerAuthServerApi createApiClient(@NonNull PowerAuthTestConfig testConfi
             api = new PowerAuthClientV3_ServerV10(testConfig.getServerApiUrl(), testConfig.getAuthorizationHeaderValue(), ServerVersion.V1_0_0, ServerVersion.V1_2_5);
         } else if (numVer >= ServerVersion.V1_3_0.numericVersion && numVer < ServerVersion.V1_5_0.numericVersion) {
             api = new PowerAuthClientV3_ServerV13(testConfig.getServerApiUrl(), testConfig.getAuthorizationHeaderValue(), ServerVersion.V1_3_0, ServerVersion.V1_4_0);
-        } else if (numVer >= ServerVersion.V1_5_0.numericVersion && numVer <= ServerVersion.LATEST.numericVersion) {
-            api = new PowerAuthClientV3_ServerV15(testConfig.getServerApiUrl(), testConfig.getAuthorizationHeaderValue(), ServerVersion.V1_5_0, null);
+        } else if (numVer >= ServerVersion.V1_5_0.numericVersion && numVer <= ServerVersion.V1_8_0.numericVersion) {
+            api = new PowerAuthClientV3_ServerV15(testConfig.getServerApiUrl(), testConfig.getAuthorizationHeaderValue(), ServerVersion.V1_5_0, ServerVersion.V1_8_0);
+        } else if (numVer >= ServerVersion.V1_9_0.numericVersion && numVer <= ServerVersion.LATEST.numericVersion) {
+            api = new PowerAuthClientV3_ServerV19(testConfig.getServerApiUrl(), testConfig.getAuthorizationHeaderValue(), ServerVersion.V1_9_0, null);
         }
         if (api == null) {
             throw new Exception("Missing implementation for server API, for server version " + testConfig.getServerVersion().version);

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/model/ProtocolVersion.java

@@ -23,7 +23,8 @@ public enum ProtocolVersion {
     V2_1(21, "2.1"),
     V3(30, "3.0"),
     V3_1(31, "3.1"),
-    V3_2(32, "3.2");
+    V3_2(32, "3.2"),
+    V3_3(33, "3.3");
 
     public final int version;
     public final String versionForHeader;

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/model/ServerVersion.java

@@ -36,13 +36,14 @@ public enum ServerVersion {
     V1_6_0("1.6", 1006000, ProtocolVersion.V3_2),
     V1_7_0("1.7", 1007000, ProtocolVersion.V3_2),
     V1_8_0("1.8", 1008000, ProtocolVersion.V3_2),
+    V1_9_0("1.9", 1009000, ProtocolVersion.V3_3),
 
     ;
 
     /**
      * Contains constant for the latest PowerAuth Server version.
      */
-    public static final ServerVersion LATEST = V1_8_0;
+    public static final ServerVersion LATEST = V1_9_0;
 
     /**
      * Server version represented as string.

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/v10/PowerAuthClientV3_ServerV10.java

@@ -319,7 +319,10 @@ public SignatureInfo verifyOfflineSignature(@NonNull SignatureData signatureData
     }
 
     @Override
-    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature) throws Exception {
+    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature, @Nullable String format) throws Exception {
+        if (format != null && !"DER".equals(format)) {
+            throw new IllegalArgumentException("Unsupported format: " + format);
+        }
         final VerifyEcdsaSignatureEndpoint.Request request = new VerifyEcdsaSignatureEndpoint.Request();
         request.setActivationId(activationId);
         request.setData(data);

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/v13/PowerAuthClientV3_ServerV13.java

@@ -352,7 +352,10 @@ public SignatureInfo verifyOfflineSignature(@NonNull SignatureData signatureData
     }
 
     @Override
-    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature) throws Exception {
+    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature, @Nullable String format) throws Exception {
+        if (format != null && !"DER".equals(format)) {
+            throw new IllegalArgumentException("Unsupported format: " + format);
+        }
         final VerifyEcdsaSignatureEndpoint.Request request = new VerifyEcdsaSignatureEndpoint.Request();
         request.setActivationId(activationId);
         request.setData(data);

proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/support/v15/PowerAuthClientV3_ServerV15.java

@@ -353,7 +353,10 @@ public SignatureInfo verifyOfflineSignature(@NonNull SignatureData signatureData
     }
 
     @Override
-    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature) throws Exception {
+    public boolean verifyEcdsaSignature(@NonNull String activationId, @NonNull String data, @NonNull String signature, @Nullable String format) throws Exception {
+        if (format != null && !"DER".equals(format)) {
+            throw new IllegalArgumentException("Unsupported format: " + format);
+        }
         final VerifyEcdsaSignatureEndpoint.Request request = new VerifyEcdsaSignatureEndpoint.Request();
         request.setActivationId(activationId);
         request.setData(data);