mobile/Aegis
mobile/Aegis
1
0
Fork 0
mirror of https://github.com/beemdevelopment/Aegis synced 2024-07-22 18:34:24 +00:00
Code Issues Actions 4 Packages Projects Releases Wiki Activity

Always copy VaultFileCredentials when accessing it

Browse source 
This makes sure that mutations to the credentails can only ever be persisted
intentionally.
This commit is contained in:
Alexander Bakker 2022-10-05 19:28:53 +02:00
parent 8ae8130b71
commit adc9179364
3 changed files with 14 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
app/src/main/java/com/beemdevelopment/aegis/ui/fragments/preferences/SecurityPreferencesFragment.java
View file

@ -241,10 +241,12 @@ public class SecurityPreferencesFragment extends PreferencesFragment {
if (!isBackupPasswordSet()) {
Dialogs.showSetPasswordDialog(requireActivity(), new SetBackupPasswordListener());
} else {
SlotList slots = _vaultManager.getVault().getCredentials().getSlots();
VaultFileCredentials creds = _vaultManager.getVault().getCredentials();
SlotList slots = creds.getSlots();
for (Slot slot : slots.findBackupPasswordSlots()) {
slots.remove(slot);
}
_vaultManager.getVault().setCredentials(creds);
saveAndBackupVault();
updateEncryptionPreferences();

9
app/src/main/java/com/beemdevelopment/aegis/vault/VaultFileCredentials.java
View file

@ -1,9 +1,12 @@
package com.beemdevelopment.aegis.vault;
import androidx.annotation.NonNull;
import com.beemdevelopment.aegis.crypto.CryptParameters;
import com.beemdevelopment.aegis.crypto.CryptResult;
import com.beemdevelopment.aegis.crypto.MasterKey;
import com.beemdevelopment.aegis.crypto.MasterKeyException;
import com.beemdevelopment.aegis.util.Cloner;
import com.beemdevelopment.aegis.vault.slots.SlotList;
import java.io.Serializable;
@ -45,4 +48,10 @@ public class VaultFileCredentials implements Serializable {
public VaultFileCredentials exportable() {
return new VaultFileCredentials(_key, _slots.exportable());
}
@NonNull
@Override
public VaultFileCredentials clone() {
return Cloner.clone(this);
}
}

4
app/src/main/java/com/beemdevelopment/aegis/vault/VaultRepository.java
View file

@ -220,11 +220,11 @@ public class VaultRepository {
}
public VaultFileCredentials getCredentials() {
return _creds;
return _creds == null ? null : _creds.clone();
}
public void setCredentials(VaultFileCredentials creds) {
_creds = creds;
_creds = creds == null ? null : creds.clone();
}
public boolean isEncryptionEnabled() {