From 1dc90079e76bc0f2656100d425f8993dee2848c6 Mon Sep 17 00:00:00 2001 From: Yogesh Choudhary Paliyal Date: Sat, 2 Jul 2022 23:50:13 +0530 Subject: [PATCH] Security fixes --- .../keypass/ui/auth/AuthenticationActivity.kt | 13 ++++++++++--- .../keypass/ui/settings/MySettingsFragment.kt | 14 +++++++------- .../com/yogeshpaliyal/common/utils/IntentHelper.kt | 3 ++- .../common/utils/SharedPreferenceUtils.kt | 5 ++++- 4 files changed, 23 insertions(+), 12 deletions(-) diff --git a/app/src/main/java/com/yogeshpaliyal/keypass/ui/auth/AuthenticationActivity.kt b/app/src/main/java/com/yogeshpaliyal/keypass/ui/auth/AuthenticationActivity.kt index 6bc66c8d..21ea9c61 100644 --- a/app/src/main/java/com/yogeshpaliyal/keypass/ui/auth/AuthenticationActivity.kt +++ b/app/src/main/java/com/yogeshpaliyal/keypass/ui/auth/AuthenticationActivity.kt @@ -17,6 +17,8 @@ import com.yogeshpaliyal.keypass.ui.nav.DashboardActivity import dagger.hilt.android.AndroidEntryPoint import java.util.concurrent.Executor +private const val AUTHENTICATION_RESULT = 707 + @AndroidEntryPoint class AuthenticationActivity : AppCompatActivity() { @@ -84,7 +86,9 @@ class AuthenticationActivity : AppCompatActivity() { biometricPrompt.authenticate(promptInfo) binding.btnRetry.setOnClickListener { - val canAuthentication = biometricManager.canAuthenticate(DEVICE_CREDENTIAL or BIOMETRIC_WEAK or BIOMETRIC_STRONG) + val allowedAuths = DEVICE_CREDENTIAL or BIOMETRIC_WEAK or BIOMETRIC_STRONG + val canAuthentication = + biometricManager.canAuthenticate(allowedAuths) when (canAuthentication) { BiometricManager.BIOMETRIC_SUCCESS -> { Log.d("MY_APP_TAG", "App can authenticate using biometrics.") @@ -93,7 +97,10 @@ class AuthenticationActivity : AppCompatActivity() { BiometricManager.BIOMETRIC_ERROR_NO_HARDWARE, BiometricManager.BIOMETRIC_ERROR_HW_UNAVAILABLE, BiometricManager.BIOMETRIC_ERROR_NONE_ENROLLED -> { - Log.e("MY_APP_TAG", "$canAuthentication Biometric features are currently unavailable.") + Log.e( + "MY_APP_TAG", + "$canAuthentication Biometric features are currently unavailable." + ) // Prompts the user to create credentials that your app accepts. if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.R) { val enrollIntent = Intent(Settings.ACTION_BIOMETRIC_ENROLL).apply { @@ -102,7 +109,7 @@ class AuthenticationActivity : AppCompatActivity() { BIOMETRIC_STRONG or DEVICE_CREDENTIAL ) } - startActivityForResult(enrollIntent, 707) + startActivityForResult(enrollIntent, AUTHENTICATION_RESULT) } else { Toast.makeText( this, diff --git a/app/src/main/java/com/yogeshpaliyal/keypass/ui/settings/MySettingsFragment.kt b/app/src/main/java/com/yogeshpaliyal/keypass/ui/settings/MySettingsFragment.kt index d51971d6..5d281dd4 100644 --- a/app/src/main/java/com/yogeshpaliyal/keypass/ui/settings/MySettingsFragment.kt +++ b/app/src/main/java/com/yogeshpaliyal/keypass/ui/settings/MySettingsFragment.kt @@ -40,23 +40,23 @@ class MySettingsFragment : PreferenceFragmentCompat() { } override fun onPreferenceTreeClick(preference: Preference): Boolean { - when (preference.key) { + return when (preference.key) { "feedback" -> { context?.email( getString(R.string.feedback_to_keypass), "yogeshpaliyal.foss@gmail.com" ) - return true + true } "backup" -> { BackupActivity.start(context) - return true + true } getString(R.string.settings_restore_backup) -> { selectRestoreFile() - return true + true } "share" -> { @@ -68,10 +68,10 @@ class MySettingsFragment : PreferenceFragmentCompat() { ) sendIntent.type = "text/plain" startActivity(Intent.createChooser(sendIntent, getString(R.string.share_keypass))) - return true + true } + else -> super.onPreferenceTreeClick(preference) } - return super.onPreferenceTreeClick(preference) } private fun selectRestoreFile() { @@ -81,7 +81,7 @@ class MySettingsFragment : PreferenceFragmentCompat() { intent.addFlags( Intent.FLAG_GRANT_WRITE_URI_PERMISSION or - Intent.FLAG_GRANT_READ_URI_PERMISSION + Intent.FLAG_GRANT_READ_URI_PERMISSION ) try { diff --git a/common/src/main/java/com/yogeshpaliyal/common/utils/IntentHelper.kt b/common/src/main/java/com/yogeshpaliyal/common/utils/IntentHelper.kt index ca0197b8..618876e5 100644 --- a/common/src/main/java/com/yogeshpaliyal/common/utils/IntentHelper.kt +++ b/common/src/main/java/com/yogeshpaliyal/common/utils/IntentHelper.kt @@ -1,5 +1,6 @@ package com.yogeshpaliyal.common.utils +import android.content.ActivityNotFoundException import android.content.Context import android.content.Intent import android.net.Uri @@ -65,7 +66,7 @@ fun Context.share(chooserTitle: String, text: String): Boolean { intent.type = "text/plain" startActivity(Intent.createChooser(intent, chooserTitle)) return true - } catch (e: Exception) { + } catch (e: ActivityNotFoundException) { e.printStackTrace() return false } diff --git a/common/src/main/java/com/yogeshpaliyal/common/utils/SharedPreferenceUtils.kt b/common/src/main/java/com/yogeshpaliyal/common/utils/SharedPreferenceUtils.kt index 3bce58c2..87987a30 100644 --- a/common/src/main/java/com/yogeshpaliyal/common/utils/SharedPreferenceUtils.kt +++ b/common/src/main/java/com/yogeshpaliyal/common/utils/SharedPreferenceUtils.kt @@ -19,6 +19,9 @@ val Context.dataStore by preferencesDataStore( name = "settings" ) + +private const val BACKUP_KEY_LENGTH = 16 + /** * Pair * 1st => true if key is created now & false if key is created previously @@ -29,7 +32,7 @@ suspend fun Context.getOrCreateBackupKey(reset: Boolean = false): Pair