aboutsummaryrefslogtreecommitdiff
path: root/app/src/main
diff options
context:
space:
mode:
authoragrahn <agrahn@users.noreply.github.com>2024-07-25 17:19:02 +0200
committerGitHub <noreply@github.com>2024-07-25 15:19:02 +0000
commit27678892ede15ee623662d3a78015e74f0914989 (patch)
tree9475576669692fd1f0366d7a4b70e518a7db9303 /app/src/main
parent720dac42d2f2790156d77686805e9c92ef391d69 (diff)
Fix application crash when disabling cache auto-clear option and potential attack vector (#3136)
prevent app crash upon passphrase cache clearing
Diffstat (limited to 'app/src/main')
-rw-r--r--app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt28
-rw-r--r--app/src/main/res/values/strings.xml1
2 files changed, 25 insertions, 4 deletions
diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
index 2978b37a..c21036ed 100644
--- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
+++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt
@@ -75,11 +75,31 @@ class PGPSettings(
titleRes = R.string.pref_passphrase_cache_auto_clear_title
summaryRes = R.string.pref_passphrase_cache_auto_clear_summary
defaultValue = true
- /* clear cache once when unchecking; this is to prevent a malicious user
- * from bypassing cache clearing via the settings */
+ /* Clear the cache once when unchecking; this is to prevent a malicious user (someone
+ * knowing the screen-lock pin, but not knowing the PGP passphrase) from bypassing cache
+ * clearing via the settings. However, clearing EncryptedSharedPreferences requires
+ * authentication, otherwise the app crashes. Thus, the bad user could still bypass cache
+ * clearing by dismissing the auhentication dialog. To prevent this, we enforce cache
+ * clearing to stay enabled in case of any authentication failure. */
onCheckedChange { checked ->
- if (!checked)
- activity.lifecycleScope.launch { passphraseCache.clearAllCachedPassphrases(activity) }
+ if (!checked) {
+ if (BiometricAuthenticator.canAuthenticate(activity)) {
+ BiometricAuthenticator.authenticate(
+ activity,
+ R.string.pref_passphrase_cache_auto_clear_authenticate_disable,
+ ) {
+ if (it is BiometricAuthenticator.Result.Success) {
+ activity.lifecycleScope.launch {
+ passphraseCache.clearAllCachedPassphrases(activity)
+ }
+ } else {
+ activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
+ }
+ }
+ } else {
+ activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) }
+ }
+ }
true
}
}
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 404339ce..bddc831d 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -138,6 +138,7 @@
<string name="pref_passphrase_cache_title">Enable passphrase caching</string>
<string name="pref_passphrase_cache_summary">WARNING: this feature is functional but very experimental. Requires an active screen lock.</string>
<string name="pref_passphrase_cache_authenticate_enable">Authenticate to enable cache</string>
+ <string name="pref_passphrase_cache_auto_clear_authenticate_disable">Authenticate to disable cache clearing</string>
<string name="pref_passphrase_cache_auto_clear_title">Automatically clear passphrase cache</string>
<string name="pref_passphrase_cache_auto_clear_summary">Clears the passphrase cache when the screen is turned off</string>