From d32f0ab4c0d7cc47d1a4db5e4eba872ece2c8068 Mon Sep 17 00:00:00 2001
From: Jakob Nixdorf <flocke@shadowice.org>
Date: Thu, 4 Jan 2018 15:34:48 +0100
Subject: [PATCH] Special features: clear KeyStore from the settings

---
 .../andotp/Activities/SettingsActivity.java   | 43 +++++++++++++++++++
 .../andotp/Utilities/DatabaseHelper.java      |  2 +
 app/src/main/res/values/settings.xml          |  1 +
 app/src/main/res/values/strings_settings.xml  | 17 +++++++-
 app/src/main/res/xml/preferences_special.xml  |  5 +++
 5 files changed, 67 insertions(+), 1 deletion(-)

diff --git a/app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java b/app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java
index ec2ff77b..e74f5497 100644
--- a/app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java
+++ b/app/src/main/java/org/shadowice/flocke/andotp/Activities/SettingsActivity.java
@@ -22,6 +22,8 @@
 
 package org.shadowice.flocke.andotp.Activities;
 
+import android.app.AlertDialog;
+import android.content.DialogInterface;
 import android.content.Intent;
 import android.content.SharedPreferences;
 import android.os.Bundle;
@@ -117,6 +119,13 @@ public class SettingsActivity extends BaseActivity
         }
     }
 
+    private void generateNewEncryptionKey() {
+        if (settings.getEncryption() == EncryptionType.KEYSTORE) {
+            encryptionKey = KeyStoreHelper.loadEncryptionKeyFromKeyStore(this, false);
+            encryptionChanged = true;
+        }
+    }
+
     private void tryEncryptionChangeWithAuth(EncryptionType newEnc) {
         Intent authIntent = new Intent(this, AuthenticateActivity.class);
         authIntent.putExtra(Constants.EXTRA_AUTH_NEW_ENCRYPTION, newEnc.name());
@@ -271,6 +280,40 @@ public class SettingsActivity extends BaseActivity
             if (sharedPref.contains(getString(R.string.settings_key_special_features)) &&
                     sharedPref.getBoolean(getString(R.string.settings_key_special_features), false)) {
                 addPreferencesFromResource(R.xml.preferences_special);
+
+                Preference clearKeyStore = findPreference(getString(R.string.settings_key_clear_keystore));
+                clearKeyStore.setOnPreferenceClickListener(new Preference.OnPreferenceClickListener() {
+                    @Override
+                    public boolean onPreferenceClick(Preference preference) {
+                        AlertDialog.Builder builder = new AlertDialog.Builder(getActivity());
+
+                        builder.setTitle(R.string.settings_dialog_title_clear_keystore);
+                        if (settings.getEncryption() == EncryptionType.PASSWORD)
+                            builder.setMessage(R.string.settings_dialog_msg_clear_keystore_password);
+                        else if (settings.getEncryption() == EncryptionType.KEYSTORE)
+                            builder.setMessage(R.string.settings_dialog_msg_clear_keystore_keystore);
+
+                        builder.setPositiveButton(android.R.string.ok, new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialogInterface, int i) {
+                                KeyStoreHelper.wipeKeys(getActivity());
+                                if (settings.getEncryption() == EncryptionType.KEYSTORE) {
+                                    DatabaseHelper.wipeDatabase(getActivity());
+                                    ((SettingsActivity) getActivity()).generateNewEncryptionKey();
+                                }
+                            }
+                        });
+                        builder.setNegativeButton(android.R.string.cancel, new DialogInterface.OnClickListener() {
+                            @Override
+                            public void onClick(DialogInterface dialogInterface, int i) {
+                            }
+                        });
+
+                        builder.create().show();
+
+                        return false;
+                    }
+                });
             }
         }
     }
diff --git a/app/src/main/java/org/shadowice/flocke/andotp/Utilities/DatabaseHelper.java b/app/src/main/java/org/shadowice/flocke/andotp/Utilities/DatabaseHelper.java
index ba15808d..ef0d561e 100644
--- a/app/src/main/java/org/shadowice/flocke/andotp/Utilities/DatabaseHelper.java
+++ b/app/src/main/java/org/shadowice/flocke/andotp/Utilities/DatabaseHelper.java
@@ -44,7 +44,9 @@ public class DatabaseHelper {
 
     public static void wipeDatabase(Context context) {
         File db = new File(context.getFilesDir() + "/" + Constants.FILENAME_DATABASE);
+        File dbBackup = new File(context.getFilesDir() + "/" + Constants.FILENAME_DATABASE_BACKUP);
         db.delete();
+        dbBackup.delete();
     }
 
     private static void copyFile(File src, File dst)
diff --git a/app/src/main/res/values/settings.xml b/app/src/main/res/values/settings.xml
index 99e8ff0d..67bdb7c2 100644
--- a/app/src/main/res/values/settings.xml
+++ b/app/src/main/res/values/settings.xml
@@ -42,6 +42,7 @@
     <string name="settings_key_tags_toggles" translatable="false">pref_tags_toggles</string>
 
     <string name="settings_key_enable_screenshot" translatable="false">pref_enable_screenshot</string>
+    <string name="settings_key_clear_keystore" translatable="false">pref_clear_keystore</string>
 
     <string name="settings_key_last_used_dialog_shown" translatable="false">pref_last_used_dialog_shown</string>
 
diff --git a/app/src/main/res/values/strings_settings.xml b/app/src/main/res/values/strings_settings.xml
index 60cfee12..be0830d5 100644
--- a/app/src/main/res/values/strings_settings.xml
+++ b/app/src/main/res/values/strings_settings.xml
@@ -33,6 +33,7 @@
 
     <string name="settings_title_special_features">Enable special features</string>
     <string name="settings_title_enable_screenshot">Enable screenshots</string>
+    <string name="settings_title_clear_keystore">Clear KeyStore</string>
 
     <!-- Descriptions -->
     <string name="settings_desc_tap_to_reveal">Hide the OTP tokens by default, requiring them to be
@@ -55,9 +56,10 @@
     <string name="settings_desc_openpgp_verify">Encrypted backups are only imported if they are
         signed with a valid key</string>
 
+    <string name="settings_desc_special_features">Uncheck to disable the special features again</string>
     <string name="settings_desc_enable_screenshot">Allow to take screenshots of the main screen
         (disabled by default for security reasons)</string>
-    <string name="settings_desc_special_features">Uncheck to disable the special features again</string>
+    <string name="settings_desc_clear_keystore">Delete the encryption key from the KeyStore</string>
 
     <!-- Toasts -->
     <string name="settings_toast_auth_device_pre_lollipop">This feature requires at least Android 5.0
@@ -89,6 +91,19 @@
     <string name="settings_toast_auth_upgrade_failed">Failed to silently upgrade your password / PIN
         to the new encryption, please manually reset it in the settings!</string>
 
+    <string name="settings_dialog_title_clear_keystore">Clear the KeyStore?</string>
+
+    <string name="settings_dialog_msg_clear_keystore_password">In some cases clearing the KeyStore
+        can help resolve problems. You should only proceed if you know what you are doing!\n\nSince
+        the <b>Database encryption</b> is set to <b>Password / PIN</b> you shouldn\'t lose any data
+        doing this (but it never hurts to have a backup anyways).\n\n<b>Are you really sure you want
+        to clear the KeyStore?</b></string>
+    <string name="settings_dialog_msg_clear_keystore_keystore">In some cases clearing the KeyStore
+        can help resolve problems. You should only proceed if you know what you are doing!\n\n<b>Warning</b>:
+        Since the <b>Database encryption</b> is set to <b>Android KeyStore</b> you will lose all
+        your accounts. Make sure you have a backup!\n\n<b>Are you really sure you want to clear the
+        KeyStore?</b></string>
+
     <!-- List entries -->
     <string-array name="settings_entries_auth">
         <item>None</item>
diff --git a/app/src/main/res/xml/preferences_special.xml b/app/src/main/res/xml/preferences_special.xml
index cea59bbe..d154d67e 100644
--- a/app/src/main/res/xml/preferences_special.xml
+++ b/app/src/main/res/xml/preferences_special.xml
@@ -17,6 +17,11 @@
             android:summary="@string/settings_desc_enable_screenshot"
             android:defaultValue="false" />
 
+        <Preference
+            android:key="@string/settings_key_clear_keystore"
+            android:title="@string/settings_title_clear_keystore"
+            android:summary="@string/settings_desc_clear_keystore" />
+
     </PreferenceCategory>
 
 </PreferenceScreen>
\ No newline at end of file