kumi/andOTP
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Unify PIN and password preference

Browse source
This commit is contained in:
Jakob Nixdorf 2018-01-08 11:25:30 +01:00
parent b1cd0fb68a
commit c0d05c8e2c
No known key found for this signature in database
GPG key ID: BE99BF86574A7DBC
5 changed files with 31 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
app/src/main/java/org/shadowice/flocke/andotp/Activities/AuthenticateActivity.java
View file

@ -88,7 +88,7 @@ public class AuthenticateActivity extends ThemedActivity
passwordLabel.setText(labelMsg);
authMethod = settings.getAuthMethod();
password = settings.getAuthCredentials(authMethod);
password = settings.getAuthCredentials();
if (password.isEmpty()) {
password = settings.getOldCredentials(authMethod);
@ -142,7 +142,7 @@ public class AuthenticateActivity extends ThemedActivity
public void checkPassword(String plainPassword) {
if (! oldPassword) {
try {
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, settings.getSalt(), settings.getIterations(authMethod));
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, settings.getSalt(), settings.getIterations());
byte[] passwordArray = Base64.decode(password, Base64.URL_SAFE);
if (Arrays.equals(passwordArray, credentials.password)) {
@ -158,7 +158,7 @@ public class AuthenticateActivity extends ThemedActivity
String hashedPassword = new String(Hex.encodeHex(DigestUtils.sha256(plainPassword)));
if (hashedPassword.equals(password)) {
byte[] key = settings.setAuthCredentials(authMethod, password);
byte[] key = settings.setAuthCredentials(password);
if (key == null)
Toast.makeText(this, R.string.settings_toast_auth_upgrade_failed, Toast.LENGTH_LONG).show();

2
app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java
View file

@ -248,7 +248,7 @@ public class SettingsActivity extends BaseActivity
UIHelper.showGenericDialog(getActivity(), R.string.settings_dialog_title_error, R.string.settings_dialog_msg_encryption_invalid_with_auth);
return false;
} else {
if (settings.getAuthCredentials(authMethod).isEmpty()) {
if (settings.getAuthCredentials().isEmpty()) {
UIHelper.showGenericDialog(getActivity(), R.string.settings_dialog_title_error, R.string.settings_dialog_msg_encryption_invalid_without_credentials);
return false;
}

2
app/src/main/java/org/shadowice/flocke/andotp/Preferences/CredentialsPreference.java
View file

@ -180,7 +180,7 @@ public class CredentialsPreference extends DialogPreference
if (value == AuthMethod.PASSWORD || value == AuthMethod.PIN) {
String password = passwordInput.getText().toString();
if (!password.isEmpty()) {
newKey = settings.setAuthCredentials(value, password);
newKey = settings.setAuthCredentials(password);
} else {
return;
}

52
app/src/main/java/org/shadowice/flocke/andotp/Utilities/Settings.java
View file

@ -64,12 +64,12 @@ public class Settings {
private void migrateDeprecatedSettings() {
if (settings.contains(getResString(R.string.settings_key_auth_password))) {
setAuthCredentials(AuthMethod.PASSWORD, getString(R.string.settings_key_auth_password, ""));
setAuthCredentials(getString(R.string.settings_key_auth_password, ""));
remove(R.string.settings_key_auth_password);
}
if (settings.contains(getResString(R.string.settings_key_auth_pin))) {
setAuthCredentials(AuthMethod.PIN, getString(R.string.settings_key_auth_pin, ""));
setAuthCredentials(getString(R.string.settings_key_auth_pin, ""));
remove(R.string.settings_key_auth_pin);
}
@ -157,7 +157,9 @@ public class Settings {
public void clear(boolean keep_auth) {
AuthMethod authMethod = getAuthMethod();
String authCredentials = getAuthCredentials(authMethod);
String authCredentials = getAuthCredentials();
byte[] authSalt = getSalt();
int authIterations = getIterations();
boolean warningShown = getFirstTimeWarningShown();
@ -170,10 +172,11 @@ public class Settings {
editor.putString(getResString(R.string.settings_key_auth), authMethod.toString().toLowerCase());
if (! authCredentials.isEmpty()) {
if (authMethod == AuthMethod.PASSWORD)
editor.putString(getResString(R.string.settings_key_auth_password_pbkdf2), authCredentials);
else if (authMethod == AuthMethod.PIN)
editor.putString(getResString(R.string.settings_key_auth_pin_pbkdf2), authCredentials);
editor.putString(getResString(R.string.settings_key_auth_credentials), authCredentials);
editor.putInt(getResString(R.string.settings_key_auth_iterations), authIterations);
String encodedSalt = Base64.encodeToString(authSalt, Base64.URL_SAFE);
editor.putString(getResString(R.string.settings_key_auth_salt), encodedSalt);
}
}
@ -219,16 +222,11 @@ public class Settings {
return "";
}
public String getAuthCredentials(AuthMethod method) {
if (method == AuthMethod.PASSWORD)
return getString(R.string.settings_key_auth_password_pbkdf2, "");
else if (method == AuthMethod.PIN)
return getString(R.string.settings_key_auth_pin_pbkdf2, "");
else
return "";
public String getAuthCredentials() {
return getString(R.string.settings_key_auth_credentials, "");
}
public byte[] setAuthCredentials(AuthMethod method, String plainPassword) {
public byte[] setAuthCredentials(String plainPassword) {
byte[] key = null;
try {
@ -236,12 +234,8 @@ public class Settings {
EncryptionHelper.PBKDF2Credentials credentials = EncryptionHelper.generatePBKDF2Credentials(plainPassword, getSalt(), iterations);
String password = Base64.encodeToString(credentials.password, Base64.URL_SAFE);
setIterations(method, iterations);
if (method == AuthMethod.PASSWORD)
setString(R.string.settings_key_auth_password_pbkdf2, password);
else if (method == AuthMethod.PIN)
setString(R.string.settings_key_auth_pin_pbkdf2, password);
setIterations(iterations);
setString(R.string.settings_key_auth_credentials, password);
key = credentials.key;
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
@ -269,20 +263,12 @@ public class Settings {
}
}
public int getIterations(AuthMethod method) {
if (method == AuthMethod.PASSWORD)
return getIntValue(R.string.settings_key_auth_password_iter, Constants.PBKDF2_DEFAULT_ITERATIONS);
else if (method == AuthMethod.PIN)
return getIntValue(R.string.settings_key_auth_pin_iter, Constants.PBKDF2_DEFAULT_ITERATIONS);
else
return 0;
public int getIterations() {
return getIntValue(R.string.settings_key_auth_iterations, Constants.PBKDF2_DEFAULT_ITERATIONS);
}
public void setIterations(AuthMethod method, int value) {
if (method == AuthMethod.PASSWORD)
setInt(R.string.settings_key_auth_password_iter, value);
else if (method == AuthMethod.PIN)
setInt(R.string.settings_key_auth_pin_iter, value);
public void setIterations(int value) {
setInt(R.string.settings_key_auth_iterations, value);
}
public EncryptionType getEncryption() {

16
app/src/main/res/values/settings.xml
View file

@ -6,14 +6,12 @@
<string name="settings_key_tap_to_reveal" translatable="false">pref_tap_to_reveal</string>
<string name="settings_key_tap_to_reveal_timeout" translatable="false">pref_tap_to_reveal_timeout</string>
<string name="settings_key_auth" translatable="false">pref_auth</string>
<string name="settings_key_auth_password" translatable="false">pref_auth_password</string>
<string name="settings_key_auth_password_hash" translatable="false">pref_auth_password_hash</string>
<string name="settings_key_auth_password_pbkdf2" translatable="false">pref_auth_password_pbkdf2</string>
<string name="settings_key_auth_password_iter" translatable="false">pref_auth_password_iter</string>
<string name="settings_key_auth_pin" translatable="false">pref_auth_pin</string>
<string name="settings_key_auth_pin_hash" translatable="false">pref_auth_pin_hash</string>
<string name="settings_key_auth_pin_pbkdf2" translatable="false">pref_auth_pin_pbkdf2</string>
<string name="settings_key_auth_pin_iter" translatable="false">pref_auth_pin_iter</string>
<string name="settings_key_auth_password" translatable="false">pref_auth_password</string> <!-- Deprecated -->
<string name="settings_key_auth_password_hash" translatable="false">pref_auth_password_hash</string> <!-- Deprecated -->
<string name="settings_key_auth_pin" translatable="false">pref_auth_pin</string> <!-- Deprecated -->
<string name="settings_key_auth_pin_hash" translatable="false">pref_auth_pin_hash</string> <!-- Deprecated -->
<string name="settings_key_auth_credentials" translatable="false">pref_auth_credentials</string>
<string name="settings_key_auth_iterations" translatable="false">pref_auth_iterations</string>
<string name="settings_key_auth_salt" translatable="false">pref_auth_salt</string>
<string name="settings_key_encryption" translatable="false">pref_encryption</string>
<string name="settings_key_panic" translatable="false">pref_panic</string>
@ -27,7 +25,7 @@
<string name="settings_key_backup_ask" translatable="false">pref_backup_ask</string>
<string name="settings_key_backup_directory" translatable="false">pref_backup_directory</string>
<string name="settings_key_backup_password" translatable="false">pref_backup_password</string>
<string name="settings_key_backup_password" translatable="false">pref_backup_password</string> <!-- Deprecated -->
<string name="settings_key_backup_password_enc" translatable="false">pref_backup_password_enc</string>
<string name="settings_key_openpgp_provider" translatable="false">pref_openpgp_provider</string>
<string name="settings_key_openpgp_keyid" translatable="false">pref_openpgp_keyid</string>