mobile/Aegis
mobile/Aegis
1
0
Fork 0
mirror of https://github.com/beemdevelopment/Aegis synced 2024-10-07 00:09:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
1370 commits 4 branches 63 tags 28 MiB
Commit graph

1154 commits

Author SHA1 Message Date
Alexander Bakker b6bfc5b15f Update Gradle and dependencies 2023-03-01 13:49:01 +01:00
Alexander Bakker 90f2ea79d9
Merge pull request #1100 from beemdevelopment/bugfix/empty-state 
Fix empty state while using search filter
 2023-03-01 12:11:23 +01:00
Michael Schättgen 3c9e5a9fdb Fix empty state while using search filter 2023-02-27 23:49:35 +01:00
Alexander Bakker f0f9653ace Release v2.1.3 2023-02-27 23:19:04 +01:00
Alexander Bakker e2df97514c Update translations from Crowdin 2023-02-27 23:11:07 +01:00
Michael Schättgen 61d41a26fa Add ability to disable backup reminder 2023-02-05 18:31:31 +01:00
elena d3e5472ef2 Only enable export buttons if options are in a valid state 2022-12-20 17:27:46 +00:00
Alexander Bakker bf825df221 Fix crash caused by incorrect Toast creation 2022-12-18 18:39:46 +01:00
Alexander Bakker 121c1dada9
Merge pull request #1054 from orange-elephant/checkboxes-dropdown 
Create checkboxes dropdown component
 2022-12-18 18:20:56 +01:00
elena 1c9931b1c8 Display export groups selection as dropdown 2022-12-13 15:22:00 +00:00
elena 51698947aa Create checkboxes dropdown component 2022-12-13 15:20:00 +00:00
Alexander Bakker ceaf52e238 Update dependencies 2022-12-09 22:37:45 +01:00
Alexander Bakker cad2ecfe1b Release v2.1.2 2022-12-06 18:58:44 +01:00
Alexander Bakker 36b1f91140 Update translations from Crowdin 2022-12-06 18:56:27 +01:00
Alexander Bakker 4bd12f5abe Don't try to move entries that are filtered out 
This fixes a crash that could occur when changing an entry in such a
way that it is filtered out from the entry list after the change.
 2022-12-06 18:41:29 +01:00
Alexander Bakker 780a215a6b Release v2.1.1 2022-12-05 22:44:06 +01:00
Alexander Bakker f6f05dee6e Update translations from Crowdin 2022-12-05 22:17:40 +01:00
Alexander Bakker 7a1e4e1d77 Move HTML export logic to a separate file and finish it up 2022-12-05 22:10:35 +01:00
Alexander Bakker 2c36149a3d
Merge pull request #1032 from JordanPlayz158/master 
Battle.net Authenticator Import Support
 2022-12-05 22:00:05 +01:00
JordanPlayz158 f3731c23a3 Battle.net Importing Support 
Fixed issue caused by supplying the VaultEntry with the Base32 encoded string rather than the raw secret

Added blizzard package to manifest so Aegis is allowed to query whether the app is installed

Fixed VaultEntry to be more inline with other entries

Removed the unnecessary encoding of the secret as it is used as is without encoding and changed the way the TotpInfo object is supplied with the relevant information.

Credits to alexbakker (https://github.com/beemdevelopment/Aegis/pull/1032#pullrequestreview-1203477313)
 2022-12-05 14:55:27 -05:00
Alexander Bakker bebda569de
Merge pull request #1039 from CristianAUnisa/export-to-html 
Export vault to HTML
 2022-12-04 23:01:25 +01:00
Alexander Bakker 0112431269 Abort andOTP import early if number of iterations is suspicious 2022-12-04 20:34:48 +01:00
CristianAUnisa 59c887e6a4 Export vault to HTML 2022-12-04 19:30:32 +01:00
Alexander Bakker ee6a020f4d Disallow empty strings to pass through text input dialogs 
This also fixes a crash for certain importers than could occur if the
user entered an empty password.
 2022-12-04 19:20:43 +01:00
Alexander Bakker ee15a61403 Prevent the use of MD5 for anything other than mOTP 
This forcefully resets any HOTP/TOTP entries that were using MD5 back to
SHA1, because users could only configure this by mistake. No website should be
using it, as the HOTP algorithm was not made to be compatible with the
hash length of MD5.
 2022-12-04 18:49:54 +01:00
Alexander Bakker 927a27943b
Merge pull request #1045 from Toadsta/copyURI 
Copy URI to clipboard when using transfer entries
 2022-12-04 17:00:12 +01:00
Alexander Bakker 69f0bb4fbc Request root access from separate thread and don't use global Shell 
This should help prevent some of the ANR's reported through Google Play
 2022-12-04 16:55:19 +01:00
Alexander Bakker ac51996896 Move XML comment to attribute in the string tag 2022-12-04 15:46:52 +01:00
Alexander Bakker 8cf48a94aa Clarify backup reminder with time elapsed since last backup/export 2022-12-04 15:44:45 +01:00
Alexander Bakker d7e2114811 Pass Context instead of Activity where possible 2022-12-03 21:45:39 +01:00
Alexander Bakker caad516a6e Don't show the password reminder popup if the activity is finished 2022-12-03 21:30:10 +01:00
Alexander Bakker 12683e3ff0 Don't process QR code if ScannerActivity is finished 2022-12-03 21:27:43 +01:00
Alexander Bakker 74ecdec637 Ignore any menu clicks before the camera is ready in ScannerActivity 2022-12-03 21:19:02 +01:00
Alexander Bakker b98a5c55bc Simplify tracking of draggable entries 
This fixes a crash and a case where rebinding a ViewHolder to an entry
that is not selected would still show a drag handle
 2022-12-03 21:11:33 +01:00
Toadsta 96852528f4 Copy URI to clipboard when using transfer entries, copied text is marked as sensitive 
Co-authored-by: orange-elephant <88595467+orange-elephant@users.noreply.github.com>
 2022-12-03 20:06:25 +00:00
Alexander Bakker bcbe5f33d4 Fix crash in Bitwarden importer when encountering a bad URI 2022-12-03 20:03:51 +01:00
Alexander Bakker 5cf8f73193 Check for nulls in intent extra's sent to MainActivity 2022-12-03 19:31:25 +01:00
Alexander Bakker 6ea9502ad1 Check for null before calling the EntryListView listener 2022-12-03 19:18:01 +01:00
Alexander Bakker 65790166b6 Set fallbackLineSpacing to false for all entry view modes 
I fixed an issue in e77df1eee4 but
apparently I only applied it to the default view mode
 2022-12-03 14:15:48 +01:00
Alexander Bakker bb4450a00b Completely disable the lock notification for now 
See: #1047
 2022-12-03 14:12:31 +01:00
Alexander Bakker c9a27b830d Add null check before shutting down executor in ScannerActivity 2022-12-02 13:11:06 +01:00
Alexander Bakker aff441a7ee Include URI in ImportFileTask error messages 2022-11-28 18:50:49 +01:00
Alexander Bakker 9d318a0d54 Always take favorites into account when sorting the entry list 2022-11-28 18:13:33 +01:00
Alexander Bakker ef759eb15e Start NotificationService as a foreground service 
This should prevent the notification from remaining after the app has
been killed by Android.

Fixes #1037.
 2022-11-23 16:05:22 +01:00
elena 542a8c6f8c Only copy code if not hidden 2022-11-20 18:53:13 +01:00
Alexander Bakker 282f85fb3b Don't show "Export all groups" option if there are no groups 2022-11-20 18:49:47 +01:00
Alexander Bakker fd5a0390f0
Merge pull request #1014 from orange-elephant/export-selected-groups 
Allow exporting specific groups
 2022-11-20 18:37:54 +01:00
Alexander Bakker 01e59d79a1
Merge pull request #1013 from orange-elephant/no-icons-view-mode 
Add 'No Icons' view mode
 2022-11-20 18:36:42 +01:00
Alexander Bakker 506d9efab3 Release v2.1 2022-11-20 16:19:37 +01:00
Alexander Bakker 5ab36d72a4 Add a test for password and backup password changes 2022-11-20 15:05:11 +01:00
Alexander Bakker ac75c346ec Update translations from Crowdin 2022-11-20 13:23:40 +01:00
Alexander Bakker 5dfdbabf30 Patch scrypt implementation to directly use Java's Integer.rotateLeft 
This should improve performance in some rare cases where the wrapper
function that BouncyCastle has for Integer.rotateLeft is not inlined.

See: #1024
 2022-11-20 12:54:55 +01:00
Alexander Bakker e7cc3e6ca3 Fix a crash by only creating toasts using Toast.makeText() 2022-11-16 10:48:21 +01:00
Alexander Bakker f081cfa77b Add support for importing 2FAS schema v3 backups 
Fixes #1026
 2022-11-15 22:44:13 +01:00
Alexander Bakker 55dc4b22d5 Set RESULT_CANCELED before calling finishAffinity() 
This fixes a crash in AuthActivity:

Exception java.lang.IllegalStateException: Can not be called to deliver a result
 2022-11-12 11:50:01 +01:00
Alexander Bakker 9f55d4f659 Do not print a trace when calling the private finish() overload fails 2022-11-09 20:42:59 +01:00
Alexander Bakker 715c5112ab Fix a crash caused by ViewHolder.getAdapterPosition returning -1 2022-11-09 20:18:18 +01:00
Alexander Bakker e77df1eee4 Set fallbackLineSpacing to false for the OTP TextView 
This prevents any dynamic changes in height that may occur while using
tap to reveal on Android 13 and up.
 2022-11-09 18:50:38 +01:00
Alexander Bakker f6f549aaeb Be even more clear about why we can't import from certain apps anymore 2022-11-09 18:50:38 +01:00
Alexander Bakker 12dad56fe3 Update test dependencies to stable releases 2022-11-09 15:49:33 +01:00
Alexander Bakker 286d74b69a Switch comments of tile_open_vault and tile_open_scanner 2022-11-07 21:01:11 +01:00
Alexander Bakker 10ecd513fc Add context to tile_open_vault and tile_open_scanner strings 2022-11-07 21:00:08 +01:00
elena c45564d852 Allow exporting specific groups 2022-11-06 18:38:34 +00:00
Alexander Bakker 98e802a534
Merge pull request #1019 from beemdevelopment/feature/quick-settings 
Add quick setting tiles
 2022-11-06 15:34:10 +01:00
Michael Schättgen 6a1e6db486 Add quick setting tiles 2022-11-06 15:21:33 +01:00
elena 237e6744a5 Add option to hide icons 2022-11-06 13:26:47 +00:00
Alexander Bakker 599be44369
Merge pull request #1017 from orange-elephant/reveal-on-hotp-increment 
Reveal hidden code on HOTP increment click
 2022-11-06 12:18:40 +01:00
Alexander Bakker b2a98d9799 Release v2.1-beta2 2022-11-03 22:50:55 +01:00
Alexander Bakker bee490d091 Check for nulls when opening ContentResolver streams 2022-11-03 22:41:30 +01:00
Michael Schättgen dd88f5bb0c Fix crash when using non latin language 2022-11-03 13:37:15 +01:00
elena af9be15ae0 Reveal hidden code on HOTP increment click 2022-11-02 21:07:37 +00:00
Alexander Bakker 8562fafda7 Release v2.1-beta1 2022-11-02 17:11:39 +01:00
Alexander Bakker 708a5f4a19 Update translations from Crowdin 2022-11-02 15:45:27 +01:00
Alexander Bakker fcc7b7baa2 Use MaterialDividerItemDecoration for compact view mode 
This allows us to disable the divider for the "Showing x entries" footer
 2022-11-02 15:18:07 +01:00
Alexander Bakker 7c0b22920d Fix minor entry margin issues 
Accidentally introduced with the entry pinning feature

This also moves the favorite field to the vault instead of shared
preference in order to avoid some complexity
 2022-11-02 15:14:59 +01:00
Alexander Bakker c27d080a11 Fix call to notifyItemMoved when entry change causes sort change 
This fixes an issue introduced in ffcbaffcfc
 2022-11-02 15:09:42 +01:00
Alexander Bakker 289b8775d3 Update ZXing to 3.5.1 2022-11-02 12:40:20 +01:00
Alexander Bakker c12397a509 Update dependencies 2022-11-01 20:19:00 +01:00
Alexander Bakker 0aef57e610 Add context to favorite strings to indicate that they're verbs 2022-10-27 22:12:49 +02:00
Alexander Bakker 7993142cc5 Show a warning when a separate export/backup password is configured 2022-10-27 22:12:44 +02:00
Michael Schättgen 5ec1e33a31 Add ability to favorite/pin entries 2022-10-26 14:07:49 +02:00
Alexander Bakker c58b773878 Rename some things related to plaintext backup warning 2022-10-25 18:38:07 +02:00
Alexander Bakker 681326839c Fix back navigation in preferences when pressing the home action button 2022-10-16 13:27:20 +02:00
Alexander Bakker 3d124d225e Use VaultLockReceiver in a Context-registered manner 
Turns out we can't listen from ACTION_SCREEN_OFF from a
manifest-registered broadcast receiver
 2022-10-15 20:48:36 +02:00
Alexander Bakker 8292173297 Remove unused code for storage read permission request results 2022-10-12 17:39:40 +02:00
Alexander Bakker 84e179f9d3 Add helper to simplify animation end listeners 2022-10-12 17:36:46 +02:00
Alexander Bakker ad77bd687f Add support for predictive back gesture 2022-10-12 17:25:40 +02:00
Alexander Bakker c6888b11df Add an icon to the backup status in preferences 2022-10-10 22:33:42 +02:00
elena c206d4bee8 Additional code grouping options 2022-10-09 21:24:01 +01:00
Alexander Bakker 7de7fba2c8 Disable R8 obfuscation 2022-10-09 18:28:56 +02:00
Alexander Bakker 8ea28327db Optimize APK size by fixing R8 rules and excluding some BC resources 2022-10-09 17:18:13 +02:00
Alexander Bakker 80c37556c7 Prevent double launches of the intro and auth activities 
Since API level 33: When opening Aegis right after installing it,
Android will send a configuration change event (CONFIG_ASSETS_PATHS),
causing MainActivity to restart almost immediately. This would also
cause two IntroActivity's to be started on top of eachother.
 2022-10-09 16:33:28 +02:00
Alexander Bakker 7517cfc975 Update dependencies 2022-10-09 12:53:46 +02:00
Alexander Bakker 4198ca3bb7 Update Gradle 2022-10-09 12:51:06 +02:00
Alexander Bakker 3927ddec3e Make vault lock intent used in notifications more explicit 
Aegis can display a notification to the user as a reminder that the vault is
unlocked. If the user taps the notification, the vault is locked. CodeQL
reported that Aegis may be vulnerable to CWE-927, because of the use of an
implicit intent wrapped by a PendingIntent in that notification.

This does not appear to be exploitable in our case, because we use
``PendingIntent.getBroadcast`` and explicitly set the action of the wrapped
intent. Aegis also does not read or act on any information from the received
intent. This means that a malicious app cannot launch activities or send a
broadcast with a different action, as is common with these type of weakness. The
worst an app with notification access can do, is lock the vault.

Either way, it's good to make the intent explicit, so this patch addresses that.
Additionally, for API level 23 and up, we've made the wrapped intent immutable a
while back.

We'd like to thank John Rune, who ran a CodeQL scan on the Aegis codebase and
privately disclosed this finding to us.
 2022-10-09 11:56:09 +02:00
Alexander Bakker adc9179364 Always copy VaultFileCredentials when accessing it 
This makes sure that mutations to the credentails can only ever be persisted
intentionally.
 2022-10-05 19:42:18 +02:00
Alexander Bakker 8ae8130b71 Store and display backup error messages more clearly 2022-10-05 18:21:50 +02:00
Alexander Bakker 4427498d5e Rename the instrumented tests to be more consistent 2022-10-05 13:44:12 +02:00
Alexander Bakker aad6d78750 Move the panic trigger setting to the Security fragment 2022-10-05 13:27:28 +02:00
Alexander Bakker ef2e803e04 Make the entry count text a bit smaller 2022-10-05 13:25:17 +02:00