kumi/andOTP
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Simplify some methods in the Settings helper

Browse source
This commit is contained in:
Jakob Nixdorf 2018-01-03 07:04:36 +01:00
parent 293fa70994
commit 15f221f4b3
No known key found for this signature in database
GPG key ID: BE99BF86574A7DBC
3 changed files with 41 additions and 104 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

33
app/src/main/java/org/shadowice/flocke/andotp/Activities/AuthenticateActivity.java
View file

@ -94,15 +94,14 @@ public class AuthenticateActivity extends ThemedActivity
passwordLabel.setText(labelMsg);
authMethod = settings.getAuthMethod();
if (authMethod == AuthMethod.PASSWORD) {
password = settings.getAuthPasswordPBKDF2();
password = settings.getAuthCredentials(authMethod);
if (password.isEmpty()) {
password = settings.getAuthPasswordHash();
password = settings.getOldCredentials(authMethod);
oldPassword = true;
}
if (authMethod == AuthMethod.PASSWORD) {
if (password.isEmpty()) {
Toast.makeText(this, R.string.auth_toast_password_missing, Toast.LENGTH_LONG).show();
finishWithResult(true, null);
@ -111,13 +110,6 @@ public class AuthenticateActivity extends ThemedActivity
passwordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
}
} else if (authMethod == AuthMethod.PIN) {
password = settings.getAuthPINPBKDF2();
if (password.isEmpty()) {
password = settings.getAuthPINHash();
oldPassword = true;
}
if (password.isEmpty()) {
Toast.makeText(this, R.string.auth_toast_pin_missing, Toast.LENGTH_LONG).show();
finishWithResult(true, null);
@ -157,25 +149,10 @@ public class AuthenticateActivity extends ThemedActivity
String hashedPassword = new String(Hex.encodeHex(DigestUtils.sha256(plainPassword)));
if (hashedPassword.equals(password)) {
byte[] key = null;
byte[] key = settings.setAuthCredentials(authMethod, password);
try {
int iter = EncryptionHelper.generateRandomIterations();
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, settings.getSalt(), iter);
String base64 = Base64.encodeToString(credentials.password, Base64.URL_SAFE);
if (authMethod == AuthMethod.PASSWORD)
settings.setAuthPasswordPBKDF2(base64);
else if (authMethod == AuthMethod.PIN)
settings.setAuthPINPBKDF2(base64);
settings.setIterations(authMethod, iter);
key = credentials.key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
if (key == null)
Toast.makeText(this, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
e.printStackTrace();
}
if (authMethod == AuthMethod.PASSWORD)
settings.removeAuthPasswordHash();

15
app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java
View file

@ -39,6 +39,7 @@ import org.openintents.openpgp.util.OpenPgpKeyPreference;
import org.shadowice.flocke.andotp.Preferences.CredentialsPreference;
import org.shadowice.flocke.andotp.R;
import org.shadowice.flocke.andotp.Utilities.KeyStoreHelper;
import org.shadowice.flocke.andotp.Utilities.Settings;
import static org.shadowice.flocke.andotp.Utilities.Constants.AuthMethod;
import static org.shadowice.flocke.andotp.Utilities.Constants.EncryptionType;
@ -117,6 +118,7 @@ public class SettingsActivity extends BaseActivity
public static class SettingsFragment extends PreferenceFragment {
PreferenceCategory catSecurity;
Settings settings;
ListPreference encryption;
OpenPgpAppPreference pgpProvider;
@ -126,6 +128,8 @@ public class SettingsActivity extends BaseActivity
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
settings = new Settings(getActivity());
final SharedPreferences sharedPref = PreferenceManager.getDefaultSharedPreferences(getActivity().getBaseContext());
addPreferencesFromResource(R.xml.preferences);
@ -145,22 +149,15 @@ public class SettingsActivity extends BaseActivity
@Override
public boolean onPreferenceChange(final Preference preference, Object o) {
String newEncryption = (String) o;
String auth = sharedPref.getString(getString(R.string.settings_key_auth), CredentialsPreference.DEFAULT_VALUE.name().toLowerCase());
EncryptionType encryptionType = EncryptionType.valueOf(newEncryption.toUpperCase());
AuthMethod authMethod = AuthMethod.valueOf(auth.toUpperCase());
AuthMethod authMethod = settings.getAuthMethod();
if (encryptionType == EncryptionType.PASSWORD) {
if (authMethod != AuthMethod.PASSWORD && authMethod != AuthMethod.PIN) {
Toast.makeText(getActivity(), R.string.settings_toast_encryption_invalid_with_auth, Toast.LENGTH_LONG).show();
return false;
} else {
String credentials = "";
if (authMethod == AuthMethod.PASSWORD)
credentials = sharedPref.getString(getString(R.string.settings_key_auth_password_pbkdf2), "");
else if (authMethod == AuthMethod.PIN)
credentials = sharedPref.getString(getString(R.string.settings_key_auth_pin_pbkdf2), "");
if (credentials.isEmpty()) {
if (settings.getAuthCredentials(authMethod).isEmpty()) {
Toast.makeText(getActivity(), R.string.settings_toast_encryption_invalid_without_credentials, Toast.LENGTH_LONG).show();
return false;
} else {

91
app/src/main/java/org/shadowice/flocke/andotp/Utilities/Settings.java
View file

@ -74,34 +74,12 @@ public class Settings {
private void migrateDeprecatedSettings() {
if (settings.contains(getResString(R.string.settings_key_auth_password))) {
String plainPassword = getAuthPassword();
try {
int iter = EncryptionHelper.generateRandomIterations();
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, getSalt(), iter);
setString(R.string.settings_key_auth_password_pbkdf2, Base64.encodeToString(credentials.password, Base64.URL_SAFE));
setInt(R.string.settings_key_auth_password_iter, iter);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
Toast.makeText(context, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
e.printStackTrace();
}
setAuthCredentials(AuthMethod.PASSWORD, getString(R.string.settings_key_auth_password, ""));
remove(R.string.settings_key_auth_password);
}
if (settings.contains(getResString(R.string.settings_key_auth_pin))) {
String plainPIN = getAuthPIN();
try {
int iter = EncryptionHelper.generateRandomIterations();
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPIN, getSalt(), iter);
setString(R.string.settings_key_auth_pin_pbkdf2, Base64.encodeToString(credentials.password, Base64.URL_SAFE));
setInt(R.string.settings_key_auth_pin_iter, iter);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
Toast.makeText(context, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
e.printStackTrace();
}
setAuthCredentials(AuthMethod.PIN, getString(R.string.settings_key_auth_pin, ""));
remove(R.string.settings_key_auth_pin);
}
@ -188,9 +166,8 @@ public class Settings {
}
public void clear(boolean keep_auth) {
String authMethod = getAuthMethod().toString().toLowerCase();
String authPassword = getAuthPasswordHash();
String authPIN = getAuthPINHash();
AuthMethod authMethod = getAuthMethod();
String authCredentials = getAuthCredentials(authMethod);
boolean warningShown = getFirstTimeWarningShown();
@ -200,13 +177,14 @@ public class Settings {
editor.putBoolean(getResString(R.string.settings_key_security_backup_warning), warningShown);
if (keep_auth) {
editor.putString(getResString(R.string.settings_key_auth), authMethod);
editor.putString(getResString(R.string.settings_key_auth), authMethod.toString().toLowerCase());
if (!authPassword.isEmpty())
editor.putString(getResString(R.string.settings_key_auth_password_hash), authPassword);
if (!authPIN.isEmpty())
editor.putString(getResString(R.string.settings_key_auth_pin_hash), authPIN);
if (! authCredentials.isEmpty()) {
if (authMethod == AuthMethod.PASSWORD)
editor.putString(getResString(R.string.settings_key_auth_password_pbkdf2), authCredentials);
else if (authMethod == AuthMethod.PIN)
editor.putString(getResString(R.string.settings_key_auth_pin_pbkdf2), authCredentials);
}
}
editor.commit();
@ -235,44 +213,29 @@ public class Settings {
return AuthMethod.valueOf(authString.toUpperCase());
}
private String getAuthPassword() {
return getString(R.string.settings_key_auth_password, "");
}
public String getAuthPasswordHash() {
return getString(R.string.settings_key_auth_password_hash, "");
}
public void removeAuthPasswordHash() {
remove(R.string.settings_key_auth_password_hash);
}
public String getAuthPasswordPBKDF2() {
return getString(R.string.settings_key_auth_password_pbkdf2, "");
}
public void setAuthPasswordPBKDF2(String password) {
setString(R.string.settings_key_auth_password_pbkdf2, password);
}
private String getAuthPIN() {
return getString(R.string.settings_key_auth_pin, "");
}
public String getAuthPINHash() {
return getString(R.string.settings_key_auth_pin_hash, "");
}
public void removeAuthPINHash() {
remove(R.string.settings_key_auth_pin_hash);
}
public String getAuthPINPBKDF2() {
return getString(R.string.settings_key_auth_pin_pbkdf2, "");
public String getOldCredentials(AuthMethod method) {
if (method == AuthMethod.PASSWORD)
return getString(R.string.settings_key_auth_password_hash, "");
else if (method == AuthMethod.PIN)
return getString(R.string.settings_key_auth_pin_hash, "");
else
return "";
}
public void setAuthPINPBKDF2(String pin) {
setString(R.string.settings_key_auth_pin_pbkdf2, pin);
public String getAuthCredentials(AuthMethod method) {
if (method == AuthMethod.PASSWORD)
return getString(R.string.settings_key_auth_password_pbkdf2, "");
else if (method == AuthMethod.PIN)
return getString(R.string.settings_key_auth_pin_pbkdf2, "");
else
return "";
}
public byte[] setAuthCredentials(AuthMethod method, String plainPassword) {
@ -286,9 +249,9 @@ public class Settings {
setIterations(method, iterations);
if (method == AuthMethod.PASSWORD)
setAuthPasswordPBKDF2(password);
setString(R.string.settings_key_auth_password_pbkdf2, password);
else if (method == AuthMethod.PIN)
setAuthPINPBKDF2(password);
setString(R.string.settings_key_auth_pin_pbkdf2, password);
key = credentials.key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {