diff options
| author | Harsh Shandilya <msfjarvis@gmail.com> | 2020-11-22 11:47:39 +0530 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-11-22 11:47:39 +0530 |
| commit | a9c73f1e517d6e308ff78784daf1a88f74d55cce (patch) | |
| tree | 9fc8596ee712811fe3e6c674f88fc29d4e9b3f14 | |
| parent | f17bd783989a683c1ea20cb29d3b53a3c251fdde (diff) | |
Automatically dismiss decryption screen after 60 seconds (#1216)
* Automatically dismiss decryption screen after 60 seconds
Fixes #1215
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
* Update changelog
Signed-off-by: Harsh Shandilya <me@msfjarvis.dev>
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | app/src/main/java/com/zeapo/pwdstore/crypto/DecryptActivity.kt | 13 |
2 files changed, 14 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 0c0c0b94..18dd0ad5 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -13,6 +13,7 @@ All notable changes to this project will be documented in this file. - Cancelling the Autofill "Generate password" action now correctly returns you to the original app. - If multiple username fields exist in the password, we now ensure the later ones are not dropped from extra content. - Icons in Autofill suggestions are no longer black on almost black in dark mode. +- Decrypt screen would stay in memory infinitely, allowing passwords to be seen without re-auth ### Changed diff --git a/app/src/main/java/com/zeapo/pwdstore/crypto/DecryptActivity.kt b/app/src/main/java/com/zeapo/pwdstore/crypto/DecryptActivity.kt index cb43534d..cfcecc22 100644 --- a/app/src/main/java/com/zeapo/pwdstore/crypto/DecryptActivity.kt +++ b/app/src/main/java/com/zeapo/pwdstore/crypto/DecryptActivity.kt @@ -114,6 +114,18 @@ class DecryptActivity : BasePgpActivity(), OpenPgpServiceConnection.OnBound { } /** + * Automatically finishes the activity 60 seconds after decryption succeeded to prevent + * information leaks from stale activities. + */ + @OptIn(ExperimentalTime::class) + private fun startAutoDismissTimer() { + lifecycleScope.launch { + delay(60.seconds) + finish() + } + } + + /** * Edit the current password and hide all the fields populated by encrypted data so that when * the result triggers they can be repopulated with new data. */ @@ -155,6 +167,7 @@ class DecryptActivity : BasePgpActivity(), OpenPgpServiceConnection.OnBound { api?.executeApiAsync(data, inputStream, outputStream) { result -> when (result?.getIntExtra(OpenPgpApi.RESULT_CODE, OpenPgpApi.RESULT_CODE_ERROR)) { OpenPgpApi.RESULT_CODE_SUCCESS -> { + startAutoDismissTimer() runCatching { val showPassword = settings.getBoolean(PreferenceKeys.SHOW_PASSWORD, true) val showExtraContent = settings.getBoolean(PreferenceKeys.SHOW_EXTRA_CONTENT, true) |