diff options
author | agrahn <agrahn@users.noreply.github.com> | 2024-07-25 17:19:02 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-07-25 15:19:02 +0000 |
commit | 27678892ede15ee623662d3a78015e74f0914989 (patch) | |
tree | 9475576669692fd1f0366d7a4b70e518a7db9303 /app/src | |
parent | 720dac42d2f2790156d77686805e9c92ef391d69 (diff) |
Fix application crash when disabling cache auto-clear option and potential attack vector (#3136)
prevent app crash upon passphrase cache clearing
Diffstat (limited to 'app/src')
-rw-r--r-- | app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt | 28 | ||||
-rw-r--r-- | app/src/main/res/values/strings.xml | 1 |
2 files changed, 25 insertions, 4 deletions
diff --git a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt index 2978b37a..c21036ed 100644 --- a/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt +++ b/app/src/main/java/app/passwordstore/ui/settings/PGPSettings.kt @@ -75,11 +75,31 @@ class PGPSettings( titleRes = R.string.pref_passphrase_cache_auto_clear_title summaryRes = R.string.pref_passphrase_cache_auto_clear_summary defaultValue = true - /* clear cache once when unchecking; this is to prevent a malicious user - * from bypassing cache clearing via the settings */ + /* Clear the cache once when unchecking; this is to prevent a malicious user (someone + * knowing the screen-lock pin, but not knowing the PGP passphrase) from bypassing cache + * clearing via the settings. However, clearing EncryptedSharedPreferences requires + * authentication, otherwise the app crashes. Thus, the bad user could still bypass cache + * clearing by dismissing the auhentication dialog. To prevent this, we enforce cache + * clearing to stay enabled in case of any authentication failure. */ onCheckedChange { checked -> - if (!checked) - activity.lifecycleScope.launch { passphraseCache.clearAllCachedPassphrases(activity) } + if (!checked) { + if (BiometricAuthenticator.canAuthenticate(activity)) { + BiometricAuthenticator.authenticate( + activity, + R.string.pref_passphrase_cache_auto_clear_authenticate_disable, + ) { + if (it is BiometricAuthenticator.Result.Success) { + activity.lifecycleScope.launch { + passphraseCache.clearAllCachedPassphrases(activity) + } + } else { + activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) } + } + } + } else { + activity.sharedPrefs.edit { remove(PreferenceKeys.CLEAR_PASSPHRASE_CACHE) } + } + } true } } diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 404339ce..bddc831d 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -138,6 +138,7 @@ <string name="pref_passphrase_cache_title">Enable passphrase caching</string> <string name="pref_passphrase_cache_summary">WARNING: this feature is functional but very experimental. Requires an active screen lock.</string> <string name="pref_passphrase_cache_authenticate_enable">Authenticate to enable cache</string> + <string name="pref_passphrase_cache_auto_clear_authenticate_disable">Authenticate to disable cache clearing</string> <string name="pref_passphrase_cache_auto_clear_title">Automatically clear passphrase cache</string> <string name="pref_passphrase_cache_auto_clear_summary">Clears the passphrase cache when the screen is turned off</string> |