diff --git a/proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/tests/StandardActivationTest.java b/proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/tests/StandardActivationTest.java index ba32531c..232b3c18 100644 --- a/proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/tests/StandardActivationTest.java +++ b/proj-android/PowerAuthLibrary/src/androidTest/java/io/getlime/security/powerauth/integration/tests/StandardActivationTest.java @@ -549,4 +549,43 @@ public void onGetEciesEncryptorFailed(@NonNull Throwable t) { }); assertNotNull(encryptor); } + + /* + @Test + public void testEciesTemporaryKeyExpiration() throws Exception { + // This test requires PAS configured for a very short temporary key lifespan. + activationHelper.createStandardActivation(true, null); + + Boolean result = AsyncHelper.await(resultCatcher -> { + powerAuthSDK.fetchEncryptionKey(testHelper.getContext(), activationHelper.getValidAuthentication(), 1000, new IFetchEncryptionKeyListener() { + @Override + public void onFetchEncryptionKeySucceed(@NonNull byte[] encryptedEncryptionKey) { + resultCatcher.completeWithResult(true); + } + + @Override + public void onFetchEncryptionKeyFailed(@NonNull Throwable t) { + resultCatcher.completeWithResult(false); + } + }); + }); + assertTrue(result); + + Thread.sleep(15_000); + result = AsyncHelper.await(resultCatcher -> { + powerAuthSDK.fetchEncryptionKey(testHelper.getContext(), activationHelper.getValidAuthentication(), 1000, new IFetchEncryptionKeyListener() { + @Override + public void onFetchEncryptionKeySucceed(@NonNull byte[] encryptedEncryptionKey) { + resultCatcher.completeWithResult(true); + } + + @Override + public void onFetchEncryptionKeyFailed(@NonNull Throwable t) { + resultCatcher.completeWithResult(false); + } + }); + }); + assertTrue(result); + } + */ } diff --git a/proj-android/PowerAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/impl/DefaultKeystoreService.java b/proj-android/PowerAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/impl/DefaultKeystoreService.java index eefac1c7..b5cd9d8c 100644 --- a/proj-android/PowerAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/impl/DefaultKeystoreService.java +++ b/proj-android/PowerAuthLibrary/src/main/java/io/getlime/security/powerauth/sdk/impl/DefaultKeystoreService.java @@ -82,7 +82,7 @@ public boolean containsKeyForEncryptor(int scope) { lock.lock(); if (session.hasPublicKeyForEciesScope(scope)) { final PublicKeyInfo publicKeyInfo = getPublicKeyInfoForScope(scope); - if (publicKeyInfo.expiration >= 0 && publicKeyInfo.expiration - EXPIRATION_THRESHOLD < timeService.getCurrentTime()) { + if (publicKeyInfo.expiration >= 0 && (timeService.getCurrentTime() < publicKeyInfo.expiration - EXPIRATION_THRESHOLD)) { return true; } PowerAuthLog.d("Removing expired public key for ECIES encryptor " + scope); diff --git a/proj-xcode/PowerAuth2/private/PA2KeystoreService.m b/proj-xcode/PowerAuth2/private/PA2KeystoreService.m index b91842fb..f43005fb 100644 --- a/proj-xcode/PowerAuth2/private/PA2KeystoreService.m +++ b/proj-xcode/PowerAuth2/private/PA2KeystoreService.m @@ -125,7 +125,7 @@ - (BOOL) hasKeyForEncryptorScope:(PowerAuthCoreEciesEncryptorScope)encryptorScop PA2PublicKeyInfo * pki = [self pkiForScope:encryptorScope]; NSTimeInterval expiration = pki.expiration; keyIsSet = expiration >= 0.0; - keyIsExpired = expiration - PUBLIC_KEY_EXPIRATION_THRESHOLD < [_timeService currentTime]; + keyIsExpired = [_timeService currentTime] >= expiration - PUBLIC_KEY_EXPIRATION_THRESHOLD; if (keyIsExpired) { pki.expiration = -1; }