Simplify some methods in the Settings helper
This commit is contained in:
parent
293fa70994
commit
15f221f4b3
3 changed files with 41 additions and 104 deletions
|
@ -94,15 +94,14 @@ public class AuthenticateActivity extends ThemedActivity
|
|||
passwordLabel.setText(labelMsg);
|
||||
|
||||
authMethod = settings.getAuthMethod();
|
||||
password = settings.getAuthCredentials(authMethod);
|
||||
|
||||
if (password.isEmpty()) {
|
||||
password = settings.getOldCredentials(authMethod);
|
||||
oldPassword = true;
|
||||
}
|
||||
|
||||
if (authMethod == AuthMethod.PASSWORD) {
|
||||
password = settings.getAuthPasswordPBKDF2();
|
||||
|
||||
if (password.isEmpty()) {
|
||||
password = settings.getAuthPasswordHash();
|
||||
oldPassword = true;
|
||||
}
|
||||
|
||||
if (password.isEmpty()) {
|
||||
Toast.makeText(this, R.string.auth_toast_password_missing, Toast.LENGTH_LONG).show();
|
||||
finishWithResult(true, null);
|
||||
|
@ -111,13 +110,6 @@ public class AuthenticateActivity extends ThemedActivity
|
|||
passwordInput.setInputType(InputType.TYPE_CLASS_TEXT | InputType.TYPE_TEXT_VARIATION_PASSWORD);
|
||||
}
|
||||
} else if (authMethod == AuthMethod.PIN) {
|
||||
password = settings.getAuthPINPBKDF2();
|
||||
|
||||
if (password.isEmpty()) {
|
||||
password = settings.getAuthPINHash();
|
||||
oldPassword = true;
|
||||
}
|
||||
|
||||
if (password.isEmpty()) {
|
||||
Toast.makeText(this, R.string.auth_toast_pin_missing, Toast.LENGTH_LONG).show();
|
||||
finishWithResult(true, null);
|
||||
|
@ -157,25 +149,10 @@ public class AuthenticateActivity extends ThemedActivity
|
|||
String hashedPassword = new String(Hex.encodeHex(DigestUtils.sha256(plainPassword)));
|
||||
|
||||
if (hashedPassword.equals(password)) {
|
||||
byte[] key = null;
|
||||
byte[] key = settings.setAuthCredentials(authMethod, password);
|
||||
|
||||
try {
|
||||
int iter = EncryptionHelper.generateRandomIterations();
|
||||
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, settings.getSalt(), iter);
|
||||
String base64 = Base64.encodeToString(credentials.password, Base64.URL_SAFE);
|
||||
|
||||
if (authMethod == AuthMethod.PASSWORD)
|
||||
settings.setAuthPasswordPBKDF2(base64);
|
||||
else if (authMethod == AuthMethod.PIN)
|
||||
settings.setAuthPINPBKDF2(base64);
|
||||
|
||||
settings.setIterations(authMethod, iter);
|
||||
|
||||
key = credentials.key;
|
||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||
if (key == null)
|
||||
Toast.makeText(this, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
if (authMethod == AuthMethod.PASSWORD)
|
||||
settings.removeAuthPasswordHash();
|
||||
|
|
|
@ -39,6 +39,7 @@ import org.openintents.openpgp.util.OpenPgpKeyPreference;
|
|||
import org.shadowice.flocke.andotp.Preferences.CredentialsPreference;
|
||||
import org.shadowice.flocke.andotp.R;
|
||||
import org.shadowice.flocke.andotp.Utilities.KeyStoreHelper;
|
||||
import org.shadowice.flocke.andotp.Utilities.Settings;
|
||||
|
||||
import static org.shadowice.flocke.andotp.Utilities.Constants.AuthMethod;
|
||||
import static org.shadowice.flocke.andotp.Utilities.Constants.EncryptionType;
|
||||
|
@ -117,6 +118,7 @@ public class SettingsActivity extends BaseActivity
|
|||
public static class SettingsFragment extends PreferenceFragment {
|
||||
PreferenceCategory catSecurity;
|
||||
|
||||
Settings settings;
|
||||
ListPreference encryption;
|
||||
|
||||
OpenPgpAppPreference pgpProvider;
|
||||
|
@ -126,6 +128,8 @@ public class SettingsActivity extends BaseActivity
|
|||
public void onCreate(Bundle savedInstanceState) {
|
||||
super.onCreate(savedInstanceState);
|
||||
|
||||
settings = new Settings(getActivity());
|
||||
|
||||
final SharedPreferences sharedPref = PreferenceManager.getDefaultSharedPreferences(getActivity().getBaseContext());
|
||||
addPreferencesFromResource(R.xml.preferences);
|
||||
|
||||
|
@ -145,22 +149,15 @@ public class SettingsActivity extends BaseActivity
|
|||
@Override
|
||||
public boolean onPreferenceChange(final Preference preference, Object o) {
|
||||
String newEncryption = (String) o;
|
||||
String auth = sharedPref.getString(getString(R.string.settings_key_auth), CredentialsPreference.DEFAULT_VALUE.name().toLowerCase());
|
||||
EncryptionType encryptionType = EncryptionType.valueOf(newEncryption.toUpperCase());
|
||||
AuthMethod authMethod = AuthMethod.valueOf(auth.toUpperCase());
|
||||
AuthMethod authMethod = settings.getAuthMethod();
|
||||
|
||||
if (encryptionType == EncryptionType.PASSWORD) {
|
||||
if (authMethod != AuthMethod.PASSWORD && authMethod != AuthMethod.PIN) {
|
||||
Toast.makeText(getActivity(), R.string.settings_toast_encryption_invalid_with_auth, Toast.LENGTH_LONG).show();
|
||||
return false;
|
||||
} else {
|
||||
String credentials = "";
|
||||
if (authMethod == AuthMethod.PASSWORD)
|
||||
credentials = sharedPref.getString(getString(R.string.settings_key_auth_password_pbkdf2), "");
|
||||
else if (authMethod == AuthMethod.PIN)
|
||||
credentials = sharedPref.getString(getString(R.string.settings_key_auth_pin_pbkdf2), "");
|
||||
|
||||
if (credentials.isEmpty()) {
|
||||
if (settings.getAuthCredentials(authMethod).isEmpty()) {
|
||||
Toast.makeText(getActivity(), R.string.settings_toast_encryption_invalid_without_credentials, Toast.LENGTH_LONG).show();
|
||||
return false;
|
||||
} else {
|
||||
|
|
|
@ -74,34 +74,12 @@ public class Settings {
|
|||
|
||||
private void migrateDeprecatedSettings() {
|
||||
if (settings.contains(getResString(R.string.settings_key_auth_password))) {
|
||||
String plainPassword = getAuthPassword();
|
||||
|
||||
try {
|
||||
int iter = EncryptionHelper.generateRandomIterations();
|
||||
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, getSalt(), iter);
|
||||
setString(R.string.settings_key_auth_password_pbkdf2, Base64.encodeToString(credentials.password, Base64.URL_SAFE));
|
||||
setInt(R.string.settings_key_auth_password_iter, iter);
|
||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||
Toast.makeText(context, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
setAuthCredentials(AuthMethod.PASSWORD, getString(R.string.settings_key_auth_password, ""));
|
||||
remove(R.string.settings_key_auth_password);
|
||||
}
|
||||
|
||||
if (settings.contains(getResString(R.string.settings_key_auth_pin))) {
|
||||
String plainPIN = getAuthPIN();
|
||||
|
||||
try {
|
||||
int iter = EncryptionHelper.generateRandomIterations();
|
||||
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPIN, getSalt(), iter);
|
||||
setString(R.string.settings_key_auth_pin_pbkdf2, Base64.encodeToString(credentials.password, Base64.URL_SAFE));
|
||||
setInt(R.string.settings_key_auth_pin_iter, iter);
|
||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||
Toast.makeText(context, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();
|
||||
e.printStackTrace();
|
||||
}
|
||||
|
||||
setAuthCredentials(AuthMethod.PIN, getString(R.string.settings_key_auth_pin, ""));
|
||||
remove(R.string.settings_key_auth_pin);
|
||||
}
|
||||
|
||||
|
@ -188,9 +166,8 @@ public class Settings {
|
|||
}
|
||||
|
||||
public void clear(boolean keep_auth) {
|
||||
String authMethod = getAuthMethod().toString().toLowerCase();
|
||||
String authPassword = getAuthPasswordHash();
|
||||
String authPIN = getAuthPINHash();
|
||||
AuthMethod authMethod = getAuthMethod();
|
||||
String authCredentials = getAuthCredentials(authMethod);
|
||||
|
||||
boolean warningShown = getFirstTimeWarningShown();
|
||||
|
||||
|
@ -200,13 +177,14 @@ public class Settings {
|
|||
editor.putBoolean(getResString(R.string.settings_key_security_backup_warning), warningShown);
|
||||
|
||||
if (keep_auth) {
|
||||
editor.putString(getResString(R.string.settings_key_auth), authMethod);
|
||||
editor.putString(getResString(R.string.settings_key_auth), authMethod.toString().toLowerCase());
|
||||
|
||||
if (!authPassword.isEmpty())
|
||||
editor.putString(getResString(R.string.settings_key_auth_password_hash), authPassword);
|
||||
|
||||
if (!authPIN.isEmpty())
|
||||
editor.putString(getResString(R.string.settings_key_auth_pin_hash), authPIN);
|
||||
if (! authCredentials.isEmpty()) {
|
||||
if (authMethod == AuthMethod.PASSWORD)
|
||||
editor.putString(getResString(R.string.settings_key_auth_password_pbkdf2), authCredentials);
|
||||
else if (authMethod == AuthMethod.PIN)
|
||||
editor.putString(getResString(R.string.settings_key_auth_pin_pbkdf2), authCredentials);
|
||||
}
|
||||
}
|
||||
|
||||
editor.commit();
|
||||
|
@ -235,44 +213,29 @@ public class Settings {
|
|||
return AuthMethod.valueOf(authString.toUpperCase());
|
||||
}
|
||||
|
||||
private String getAuthPassword() {
|
||||
return getString(R.string.settings_key_auth_password, "");
|
||||
}
|
||||
|
||||
public String getAuthPasswordHash() {
|
||||
return getString(R.string.settings_key_auth_password_hash, "");
|
||||
}
|
||||
|
||||
public void removeAuthPasswordHash() {
|
||||
remove(R.string.settings_key_auth_password_hash);
|
||||
}
|
||||
|
||||
public String getAuthPasswordPBKDF2() {
|
||||
return getString(R.string.settings_key_auth_password_pbkdf2, "");
|
||||
}
|
||||
|
||||
public void setAuthPasswordPBKDF2(String password) {
|
||||
setString(R.string.settings_key_auth_password_pbkdf2, password);
|
||||
}
|
||||
|
||||
private String getAuthPIN() {
|
||||
return getString(R.string.settings_key_auth_pin, "");
|
||||
}
|
||||
|
||||
public String getAuthPINHash() {
|
||||
return getString(R.string.settings_key_auth_pin_hash, "");
|
||||
}
|
||||
|
||||
public void removeAuthPINHash() {
|
||||
remove(R.string.settings_key_auth_pin_hash);
|
||||
}
|
||||
|
||||
public String getAuthPINPBKDF2() {
|
||||
return getString(R.string.settings_key_auth_pin_pbkdf2, "");
|
||||
public String getOldCredentials(AuthMethod method) {
|
||||
if (method == AuthMethod.PASSWORD)
|
||||
return getString(R.string.settings_key_auth_password_hash, "");
|
||||
else if (method == AuthMethod.PIN)
|
||||
return getString(R.string.settings_key_auth_pin_hash, "");
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
public void setAuthPINPBKDF2(String pin) {
|
||||
setString(R.string.settings_key_auth_pin_pbkdf2, pin);
|
||||
public String getAuthCredentials(AuthMethod method) {
|
||||
if (method == AuthMethod.PASSWORD)
|
||||
return getString(R.string.settings_key_auth_password_pbkdf2, "");
|
||||
else if (method == AuthMethod.PIN)
|
||||
return getString(R.string.settings_key_auth_pin_pbkdf2, "");
|
||||
else
|
||||
return "";
|
||||
}
|
||||
|
||||
public byte[] setAuthCredentials(AuthMethod method, String plainPassword) {
|
||||
|
@ -286,9 +249,9 @@ public class Settings {
|
|||
setIterations(method, iterations);
|
||||
|
||||
if (method == AuthMethod.PASSWORD)
|
||||
setAuthPasswordPBKDF2(password);
|
||||
setString(R.string.settings_key_auth_password_pbkdf2, password);
|
||||
else if (method == AuthMethod.PIN)
|
||||
setAuthPINPBKDF2(password);
|
||||
setString(R.string.settings_key_auth_pin_pbkdf2, password);
|
||||
|
||||
key = credentials.key;
|
||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||
|
|
Loading…
Reference in a new issue