mobile/Aegis
mobile/Aegis
1
0
Fork 0
mirror of https://github.com/beemdevelopment/Aegis synced 2024-10-04 23:09:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
1449 commits 4 branches 63 tags 28 MiB
Commit graph

1211 commits

Author SHA1 Message Date
Michael Schättgen 813fd62dc7 Add ability to change account name position 2023-08-16 23:40:19 +02:00
nerodevo 3026a3eab1 Remove unwanted character 2023-06-04 06:38:04 -05:00
Alexander Bakker efd8e2d9ff Run key derivation for Authenticator Pro importer on background thread 2023-03-03 23:04:33 +01:00
Alexander Bakker 58b8edf318 Various minor touchups for the Authenticator Pro importer 2023-03-03 21:44:21 +01:00
Alexander Bakker abe7af1549
Merge pull request #1080 from NepNep21/authpro 
Add Authenticator Pro encrypted import support, fixes #1035
 2023-03-03 20:53:17 +01:00
NepNep21 289d5409a5
Add Authenticator Pro encrypted import support 2023-03-02 17:46:45 -03:00
Alexander Bakker e906131f1b Disable Glide notification permission lint check 
Fixes the build
 2023-03-01 14:38:29 +01:00
Alexander Bakker b6bfc5b15f Update Gradle and dependencies 2023-03-01 13:49:01 +01:00
Alexander Bakker 90f2ea79d9
Merge pull request #1100 from beemdevelopment/bugfix/empty-state 
Fix empty state while using search filter
 2023-03-01 12:11:23 +01:00
Michael Schättgen 3c9e5a9fdb Fix empty state while using search filter 2023-02-27 23:49:35 +01:00
Alexander Bakker f0f9653ace Release v2.1.3 2023-02-27 23:19:04 +01:00
Alexander Bakker e2df97514c Update translations from Crowdin 2023-02-27 23:11:07 +01:00
Michael Schättgen 61d41a26fa Add ability to disable backup reminder 2023-02-05 18:31:31 +01:00
elena d3e5472ef2 Only enable export buttons if options are in a valid state 2022-12-20 17:27:46 +00:00
Alexander Bakker bf825df221 Fix crash caused by incorrect Toast creation 2022-12-18 18:39:46 +01:00
Alexander Bakker 121c1dada9
Merge pull request #1054 from orange-elephant/checkboxes-dropdown 
Create checkboxes dropdown component
 2022-12-18 18:20:56 +01:00
elena 1c9931b1c8 Display export groups selection as dropdown 2022-12-13 15:22:00 +00:00
elena 51698947aa Create checkboxes dropdown component 2022-12-13 15:20:00 +00:00
Alexander Bakker ceaf52e238 Update dependencies 2022-12-09 22:37:45 +01:00
Alexander Bakker cad2ecfe1b Release v2.1.2 2022-12-06 18:58:44 +01:00
Alexander Bakker 36b1f91140 Update translations from Crowdin 2022-12-06 18:56:27 +01:00
Alexander Bakker 4bd12f5abe Don't try to move entries that are filtered out 
This fixes a crash that could occur when changing an entry in such a
way that it is filtered out from the entry list after the change.
 2022-12-06 18:41:29 +01:00
Alexander Bakker 780a215a6b Release v2.1.1 2022-12-05 22:44:06 +01:00
Alexander Bakker f6f05dee6e Update translations from Crowdin 2022-12-05 22:17:40 +01:00
Alexander Bakker 7a1e4e1d77 Move HTML export logic to a separate file and finish it up 2022-12-05 22:10:35 +01:00
Alexander Bakker 2c36149a3d
Merge pull request #1032 from JordanPlayz158/master 
Battle.net Authenticator Import Support
 2022-12-05 22:00:05 +01:00
JordanPlayz158 f3731c23a3 Battle.net Importing Support 
Fixed issue caused by supplying the VaultEntry with the Base32 encoded string rather than the raw secret

Added blizzard package to manifest so Aegis is allowed to query whether the app is installed

Fixed VaultEntry to be more inline with other entries

Removed the unnecessary encoding of the secret as it is used as is without encoding and changed the way the TotpInfo object is supplied with the relevant information.

Credits to alexbakker (https://github.com/beemdevelopment/Aegis/pull/1032#pullrequestreview-1203477313)
 2022-12-05 14:55:27 -05:00
Alexander Bakker bebda569de
Merge pull request #1039 from CristianAUnisa/export-to-html 
Export vault to HTML
 2022-12-04 23:01:25 +01:00
Alexander Bakker 0112431269 Abort andOTP import early if number of iterations is suspicious 2022-12-04 20:34:48 +01:00
CristianAUnisa 59c887e6a4 Export vault to HTML 2022-12-04 19:30:32 +01:00
Alexander Bakker ee6a020f4d Disallow empty strings to pass through text input dialogs 
This also fixes a crash for certain importers than could occur if the
user entered an empty password.
 2022-12-04 19:20:43 +01:00
Alexander Bakker ee15a61403 Prevent the use of MD5 for anything other than mOTP 
This forcefully resets any HOTP/TOTP entries that were using MD5 back to
SHA1, because users could only configure this by mistake. No website should be
using it, as the HOTP algorithm was not made to be compatible with the
hash length of MD5.
 2022-12-04 18:49:54 +01:00
Alexander Bakker 927a27943b
Merge pull request #1045 from Toadsta/copyURI 
Copy URI to clipboard when using transfer entries
 2022-12-04 17:00:12 +01:00
Alexander Bakker 69f0bb4fbc Request root access from separate thread and don't use global Shell 
This should help prevent some of the ANR's reported through Google Play
 2022-12-04 16:55:19 +01:00
Alexander Bakker ac51996896 Move XML comment to attribute in the string tag 2022-12-04 15:46:52 +01:00
Alexander Bakker 8cf48a94aa Clarify backup reminder with time elapsed since last backup/export 2022-12-04 15:44:45 +01:00
Alexander Bakker d7e2114811 Pass Context instead of Activity where possible 2022-12-03 21:45:39 +01:00
Alexander Bakker caad516a6e Don't show the password reminder popup if the activity is finished 2022-12-03 21:30:10 +01:00
Alexander Bakker 12683e3ff0 Don't process QR code if ScannerActivity is finished 2022-12-03 21:27:43 +01:00
Alexander Bakker 74ecdec637 Ignore any menu clicks before the camera is ready in ScannerActivity 2022-12-03 21:19:02 +01:00
Alexander Bakker b98a5c55bc Simplify tracking of draggable entries 
This fixes a crash and a case where rebinding a ViewHolder to an entry
that is not selected would still show a drag handle
 2022-12-03 21:11:33 +01:00
Toadsta 96852528f4 Copy URI to clipboard when using transfer entries, copied text is marked as sensitive 
Co-authored-by: orange-elephant <88595467+orange-elephant@users.noreply.github.com>
 2022-12-03 20:06:25 +00:00
Alexander Bakker bcbe5f33d4 Fix crash in Bitwarden importer when encountering a bad URI 2022-12-03 20:03:51 +01:00
Alexander Bakker 5cf8f73193 Check for nulls in intent extra's sent to MainActivity 2022-12-03 19:31:25 +01:00
Alexander Bakker 6ea9502ad1 Check for null before calling the EntryListView listener 2022-12-03 19:18:01 +01:00
Alexander Bakker 65790166b6 Set fallbackLineSpacing to false for all entry view modes 
I fixed an issue in e77df1eee4 but
apparently I only applied it to the default view mode
 2022-12-03 14:15:48 +01:00
Alexander Bakker bb4450a00b Completely disable the lock notification for now 
See: #1047
 2022-12-03 14:12:31 +01:00
Alexander Bakker c9a27b830d Add null check before shutting down executor in ScannerActivity 2022-12-02 13:11:06 +01:00
Alexander Bakker aff441a7ee Include URI in ImportFileTask error messages 2022-11-28 18:50:49 +01:00
Alexander Bakker 9d318a0d54 Always take favorites into account when sorting the entry list 2022-11-28 18:13:33 +01:00
Alexander Bakker ef759eb15e Start NotificationService as a foreground service 
This should prevent the notification from remaining after the app has
been killed by Android.

Fixes #1037.
 2022-11-23 16:05:22 +01:00
elena 542a8c6f8c Only copy code if not hidden 2022-11-20 18:53:13 +01:00
Alexander Bakker 282f85fb3b Don't show "Export all groups" option if there are no groups 2022-11-20 18:49:47 +01:00
Alexander Bakker fd5a0390f0
Merge pull request #1014 from orange-elephant/export-selected-groups 
Allow exporting specific groups
 2022-11-20 18:37:54 +01:00
Alexander Bakker 01e59d79a1
Merge pull request #1013 from orange-elephant/no-icons-view-mode 
Add 'No Icons' view mode
 2022-11-20 18:36:42 +01:00
Alexander Bakker 506d9efab3 Release v2.1 2022-11-20 16:19:37 +01:00
Alexander Bakker 5ab36d72a4 Add a test for password and backup password changes 2022-11-20 15:05:11 +01:00
Alexander Bakker ac75c346ec Update translations from Crowdin 2022-11-20 13:23:40 +01:00
Alexander Bakker 5dfdbabf30 Patch scrypt implementation to directly use Java's Integer.rotateLeft 
This should improve performance in some rare cases where the wrapper
function that BouncyCastle has for Integer.rotateLeft is not inlined.

See: #1024
 2022-11-20 12:54:55 +01:00
Alexander Bakker e7cc3e6ca3 Fix a crash by only creating toasts using Toast.makeText() 2022-11-16 10:48:21 +01:00
Alexander Bakker f081cfa77b Add support for importing 2FAS schema v3 backups 
Fixes #1026
 2022-11-15 22:44:13 +01:00
Alexander Bakker 55dc4b22d5 Set RESULT_CANCELED before calling finishAffinity() 
This fixes a crash in AuthActivity:

Exception java.lang.IllegalStateException: Can not be called to deliver a result
 2022-11-12 11:50:01 +01:00
Alexander Bakker 9f55d4f659 Do not print a trace when calling the private finish() overload fails 2022-11-09 20:42:59 +01:00
Alexander Bakker 715c5112ab Fix a crash caused by ViewHolder.getAdapterPosition returning -1 2022-11-09 20:18:18 +01:00
Alexander Bakker e77df1eee4 Set fallbackLineSpacing to false for the OTP TextView 
This prevents any dynamic changes in height that may occur while using
tap to reveal on Android 13 and up.
 2022-11-09 18:50:38 +01:00
Alexander Bakker f6f549aaeb Be even more clear about why we can't import from certain apps anymore 2022-11-09 18:50:38 +01:00
Alexander Bakker 12dad56fe3 Update test dependencies to stable releases 2022-11-09 15:49:33 +01:00
Alexander Bakker 286d74b69a Switch comments of tile_open_vault and tile_open_scanner 2022-11-07 21:01:11 +01:00
Alexander Bakker 10ecd513fc Add context to tile_open_vault and tile_open_scanner strings 2022-11-07 21:00:08 +01:00
elena c45564d852 Allow exporting specific groups 2022-11-06 18:38:34 +00:00
Alexander Bakker 98e802a534
Merge pull request #1019 from beemdevelopment/feature/quick-settings 
Add quick setting tiles
 2022-11-06 15:34:10 +01:00
Michael Schättgen 6a1e6db486 Add quick setting tiles 2022-11-06 15:21:33 +01:00
elena 237e6744a5 Add option to hide icons 2022-11-06 13:26:47 +00:00
Alexander Bakker 599be44369
Merge pull request #1017 from orange-elephant/reveal-on-hotp-increment 
Reveal hidden code on HOTP increment click
 2022-11-06 12:18:40 +01:00
Alexander Bakker b2a98d9799 Release v2.1-beta2 2022-11-03 22:50:55 +01:00
Alexander Bakker bee490d091 Check for nulls when opening ContentResolver streams 2022-11-03 22:41:30 +01:00
Michael Schättgen dd88f5bb0c Fix crash when using non latin language 2022-11-03 13:37:15 +01:00
elena af9be15ae0 Reveal hidden code on HOTP increment click 2022-11-02 21:07:37 +00:00
Alexander Bakker 8562fafda7 Release v2.1-beta1 2022-11-02 17:11:39 +01:00
Alexander Bakker 708a5f4a19 Update translations from Crowdin 2022-11-02 15:45:27 +01:00
Alexander Bakker fcc7b7baa2 Use MaterialDividerItemDecoration for compact view mode 
This allows us to disable the divider for the "Showing x entries" footer
 2022-11-02 15:18:07 +01:00
Alexander Bakker 7c0b22920d Fix minor entry margin issues 
Accidentally introduced with the entry pinning feature

This also moves the favorite field to the vault instead of shared
preference in order to avoid some complexity
 2022-11-02 15:14:59 +01:00
Alexander Bakker c27d080a11 Fix call to notifyItemMoved when entry change causes sort change 
This fixes an issue introduced in ffcbaffcfc
 2022-11-02 15:09:42 +01:00
Alexander Bakker 289b8775d3 Update ZXing to 3.5.1 2022-11-02 12:40:20 +01:00
Alexander Bakker c12397a509 Update dependencies 2022-11-01 20:19:00 +01:00
Alexander Bakker 0aef57e610 Add context to favorite strings to indicate that they're verbs 2022-10-27 22:12:49 +02:00
Alexander Bakker 7993142cc5 Show a warning when a separate export/backup password is configured 2022-10-27 22:12:44 +02:00
Michael Schättgen 5ec1e33a31 Add ability to favorite/pin entries 2022-10-26 14:07:49 +02:00
Alexander Bakker c58b773878 Rename some things related to plaintext backup warning 2022-10-25 18:38:07 +02:00
Alexander Bakker 681326839c Fix back navigation in preferences when pressing the home action button 2022-10-16 13:27:20 +02:00
Alexander Bakker 3d124d225e Use VaultLockReceiver in a Context-registered manner 
Turns out we can't listen from ACTION_SCREEN_OFF from a
manifest-registered broadcast receiver
 2022-10-15 20:48:36 +02:00
Alexander Bakker 8292173297 Remove unused code for storage read permission request results 2022-10-12 17:39:40 +02:00
Alexander Bakker 84e179f9d3 Add helper to simplify animation end listeners 2022-10-12 17:36:46 +02:00
Alexander Bakker ad77bd687f Add support for predictive back gesture 2022-10-12 17:25:40 +02:00
Alexander Bakker c6888b11df Add an icon to the backup status in preferences 2022-10-10 22:33:42 +02:00
elena c206d4bee8 Additional code grouping options 2022-10-09 21:24:01 +01:00
Alexander Bakker 7de7fba2c8 Disable R8 obfuscation 2022-10-09 18:28:56 +02:00
Alexander Bakker 8ea28327db Optimize APK size by fixing R8 rules and excluding some BC resources 2022-10-09 17:18:13 +02:00
Alexander Bakker 80c37556c7 Prevent double launches of the intro and auth activities 
Since API level 33: When opening Aegis right after installing it,
Android will send a configuration change event (CONFIG_ASSETS_PATHS),
causing MainActivity to restart almost immediately. This would also
cause two IntroActivity's to be started on top of eachother.
 2022-10-09 16:33:28 +02:00
Alexander Bakker 7517cfc975 Update dependencies 2022-10-09 12:53:46 +02:00
Alexander Bakker 4198ca3bb7 Update Gradle 2022-10-09 12:51:06 +02:00
Alexander Bakker 3927ddec3e Make vault lock intent used in notifications more explicit 
Aegis can display a notification to the user as a reminder that the vault is
unlocked. If the user taps the notification, the vault is locked. CodeQL
reported that Aegis may be vulnerable to CWE-927, because of the use of an
implicit intent wrapped by a PendingIntent in that notification.

This does not appear to be exploitable in our case, because we use
``PendingIntent.getBroadcast`` and explicitly set the action of the wrapped
intent. Aegis also does not read or act on any information from the received
intent. This means that a malicious app cannot launch activities or send a
broadcast with a different action, as is common with these type of weakness. The
worst an app with notification access can do, is lock the vault.

Either way, it's good to make the intent explicit, so this patch addresses that.
Additionally, for API level 23 and up, we've made the wrapped intent immutable a
while back.

We'd like to thank John Rune, who ran a CodeQL scan on the Aegis codebase and
privately disclosed this finding to us.
 2022-10-09 11:56:09 +02:00
Alexander Bakker adc9179364 Always copy VaultFileCredentials when accessing it 
This makes sure that mutations to the credentails can only ever be persisted
intentionally.
 2022-10-05 19:42:18 +02:00
Alexander Bakker 8ae8130b71 Store and display backup error messages more clearly 2022-10-05 18:21:50 +02:00
Alexander Bakker 4427498d5e Rename the instrumented tests to be more consistent 2022-10-05 13:44:12 +02:00
Alexander Bakker aad6d78750 Move the panic trigger setting to the Security fragment 2022-10-05 13:27:28 +02:00
Alexander Bakker ef2e803e04 Make the entry count text a bit smaller 2022-10-05 13:25:17 +02:00
Alexander Bakker c718ea79c5 Update dependencies 2022-10-03 19:29:06 +02:00
Alexander Bakker acc6b9a3de
Merge pull request #973 from orange-elephant/entries-shown-count 
Add entries showing count
 2022-09-28 13:48:35 +02:00
elena 4bf807c46a Add entries showing count 2022-09-23 18:49:23 +01:00
Alexander Bakker e4798703f0 Make the FAB scroll listener a less sensitive 
This should help minimize the glitchiness that can occur when scrolling
through the entry list.

Close #963.
 2022-09-17 18:27:56 +02:00
Alexander Bakker 80624f844c Perform a version check when importing from the Steam app 
Fixes #986.
 2022-09-17 18:08:21 +02:00
Maarten Trompper 78feb25543 Minimize or Close app after copying OTP 
Close #805
 2022-09-17 17:51:03 +02:00
Alexander Bakker 3bc10bd4b8 Disallow importing empty secrets 
Fixes #975

And display "ERROR" for any existing bad entries. This is kind of ugly,
but it's better than crashing, and there are probably very few (or zero)
users who have bad entries anyway.
 2022-09-17 17:31:59 +02:00
Alexander Bakker 66b7fd38d6
Merge pull request #964 from orange-elephant/google-auth-style-export 
Google Authenticator compatible export
 2022-09-17 15:46:56 +02:00
elena bc665b6980 Google Authenticator compatible export 2022-09-16 17:57:42 +01:00
Alexander Bakker 06405d10ad Only request the POST_NOTIFICATIONS permission in tests on API 33 2022-09-14 21:36:31 +02:00
Alexander Bakker 1e3ceefeec Request permission to show notifications 
This is needed since API 33, because we show a "Vault unlocked"
notification if the user has enabled encryption and has unlocked the
vault.
 2022-09-14 20:54:08 +02:00
Alexander Bakker 642864fca1 Mark clipboard data as "sensitive" when copying tokens 2022-09-14 18:33:28 +02:00
Alexander Bakker 3ec6e35011 Update dependencies 
This also updates the test dependencies to an alpha version. We have to
use a pre-stable version, because these include some fixes for running
on API 33.
 2022-09-14 18:08:47 +02:00
Alexander Bakker e19ceb0761
Merge pull request #981 from jas14/monochromatic-icon 
Add monochrome launcher icon
 2022-09-14 17:33:53 +02:00
Joe Stein 012b66fe9b Pin Robolectric target SDKs to 32 2022-09-05 17:09:48 -04:00
Joe Stein 4cd0d2de04 Bump targetSdkVersion to 33 2022-09-05 17:09:43 -04:00
Joe Stein bb3f4d733f Add monochrome adaptive icon for Android 13 2022-09-03 23:08:40 -04:00
Maarten Trompper 05a8c7c51f Fixes #794 2022-08-26 20:31:29 +02:00
Alexander Bakker 029ca81bbf Don't catch the IllegalArgumentException when calling getMissingIndices 
We always call isSingleBatch beforehand, so if the exception occurs,
it's a bug.
 2022-08-22 19:14:51 +02:00
Alexander Bakker 70ceca6a7b
Merge pull request #958 from orange-elephant/fix-scan-google-auth-export-from-image 
Import Google Authenticator exports by image
 2022-08-22 19:06:59 +02:00
elena 2767727ad4 Import google auth export from image 2022-08-21 18:47:54 +01:00
Alexander Bakker 79022be3b6 Add an import button to the intro 2022-08-17 19:11:35 +02:00
Alexander Bakker dcda668671 Disable postprocessing for debug builds to speed them up 2022-08-17 12:00:17 +02:00
elena 5bb32a982b Enable sharing text to Aegis 2022-08-11 21:32:33 +01:00
Alexander Bakker 85e230c46a
Merge pull request #957 from orange-elephant/add-plaintext-export-warning 
Add warning banner after plaintext export
 2022-08-11 21:03:20 +02:00
elena 045b8280bf Add warning banner after plaintext export 2022-08-10 17:17:51 +01:00
Alexander Bakker 6fd8a3b6b4 Allow sharing multiple QR code images to Aegis through a single intent 
This also refactors the logic for handling incoming intents a bit
 2022-08-10 17:48:36 +02:00
Alexander Bakker e46857a26e Add support for importing multiple QR code images in one go 
This is also part of the preparation needed for scanning Google
Authenticator Export QR codes from images.
 2022-08-10 17:22:09 +02:00
Alexander Bakker b875baacef
Merge pull request #948 from orange-elephant/Add-mOTP-support 
Add MOTP support
 2022-08-07 18:31:51 +02:00
elena 3441deee64 Add MOTP support 2022-08-07 16:40:08 +01:00
Alexander Bakker bd3697659f Try harder to find QR codes in image files 
And refactor a bit by moving some of the QR scanning related logic to a
separate helper class.
 2022-08-07 17:13:58 +02:00
Alexander Bakker 5f12eae678 Add tests for scanning QR codes 2022-08-04 21:47:51 +02:00
Alexander Bakker 3b715d58cf
Merge pull request #952 from Hovn/master 
Set the searchview to occupy all Toolbar widths when it expands
 2022-08-04 18:49:59 +02:00
Alexander Bakker 76245677b0 Downgrade ResourceType linter error to a warning 2022-08-03 22:42:56 +02:00
Alexander Bakker f73a64acd6 Update gradle and dependencies 2022-08-03 20:38:10 +02:00
HovnCompany b4f12af23a Set the searchview to occupy all Toolbar widths when it expands 2022-08-01 16:00:40 +08:00
Alexander Bakker 043b17909c Wait for ViewPager to be idle in instrumented tests 
This fixes the flakiness issues with the intro tests
 2022-06-06 19:07:02 +02:00
Alexander Bakker 1dcf56a0fa Capture screenshots of failing instrumented tests 2022-06-06 14:52:17 +02:00
Alexander Bakker f32ac0e8ab Make ProgressDialog adhere to the "Secure screen" setting 2022-06-06 14:05:16 +02:00
Alexander Bakker 8d3b2e2c9d Rename slot type DERIVED to PASSWORD 2022-06-06 13:55:19 +02:00
Alexander Bakker 5db365a999 Add instrumented tests for backup and export 2022-06-06 13:19:46 +02:00
Alexander Bakker a492bcbde3 Add an option to set a separate password for backups and exports 2022-06-05 23:03:11 +02:00
Alexander Bakker d40ebf0f67 Use a higher resolution app icon in the intro 2022-06-05 12:33:53 +02:00