Aegis/app/src/main/java/me/impy/aegis/AuthActivity.java

package me.impy.aegis;

import android.Manifest;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.support.v4.app.ActivityCompat;
import android.support.v7.app.AlertDialog;
import android.support.v7.app.AppCompatActivity;
import android.os.Bundle;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.LinearLayout;
import android.widget.TextView;

import com.mattprecious.swirl.SwirlView;

import java.lang.reflect.UndeclaredThrowableException;

import javax.crypto.Cipher;
import javax.crypto.SecretKey;

import me.impy.aegis.crypto.CryptoUtils;
import me.impy.aegis.crypto.KeyStoreHandle;
import me.impy.aegis.crypto.MasterKey;
import me.impy.aegis.crypto.slots.FingerprintSlot;
import me.impy.aegis.crypto.slots.PasswordSlot;
import me.impy.aegis.crypto.slots.Slot;
import me.impy.aegis.crypto.slots.SlotCollection;
import me.impy.aegis.crypto.slots.SlotIntegrityException;
import me.impy.aegis.finger.FingerprintUiHelper;
import me.impy.aegis.helpers.AuthHelper;

public class AuthActivity extends AppCompatActivity implements FingerprintUiHelper.Callback {
    public static final int RESULT_OK = 0;
    public static final int RESULT_EXCEPTION = 1;

    private EditText textPassword;

    private SlotCollection slots;
    private LinearLayout boxFingerprint;
    private SwirlView imgFingerprint;
    private TextView textFingerprint;
    private FingerprintUiHelper fingerHelper;
    private Cipher fingerCipher;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_auth);
        textPassword = (EditText) findViewById(R.id.text_password);
        boxFingerprint = (LinearLayout) findViewById(R.id.box_fingerprint);
        imgFingerprint = (SwirlView) findViewById(R.id.img_fingerprint);
        textFingerprint = (TextView) findViewById(R.id.text_fingerprint);

        Intent intent = getIntent();
        slots = (SlotCollection) intent.getSerializableExtra("slots");

        // only show the fingerprint controls if the api version is new enough, permission is granted, a scanner is found and a fingerprint slot is found
        Context context = getApplicationContext();
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {
            FingerprintManager manager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);
            if (ActivityCompat.checkSelfPermission(context, Manifest.permission.USE_FINGERPRINT) == PackageManager.PERMISSION_GRANTED && manager.isHardwareDetected()) {
                if (slots.has(FingerprintSlot.class)) {
                    try {
                        KeyStoreHandle handle = new KeyStoreHandle();
                        if (handle.keyExists()) {
                            SecretKey key = handle.getKey();
                            fingerCipher = Slot.createCipher(key, Cipher.DECRYPT_MODE);
                            fingerHelper = new FingerprintUiHelper(manager, imgFingerprint, textFingerprint, this);
                            boxFingerprint.setVisibility(View.VISIBLE);
                        }
                    } catch (Exception e) {
                        throw new UndeclaredThrowableException(e);
                    }
                }
            }
        }

        Button button = (Button) findViewById(R.id.button_decrypt);
        button.setOnClickListener(new View.OnClickListener() {
            @Override
            public void onClick(View v) {
                trySlots(PasswordSlot.class);
            }
        });
    }

    private void showError() {
        AlertDialog.Builder builder = new AlertDialog.Builder(this);
        builder.setMessage("Master key integrity check failed for every slot. Make sure you didn't mistype your password.");
        builder.setCancelable(false);
        builder.setPositiveButton("OK",
                new DialogInterface.OnClickListener() {
                    public void onClick(DialogInterface dialog, int id) {
                        dialog.cancel();
                    }
                });
        builder.create().show();
    }

    private MasterKey decryptPasswordSlot(PasswordSlot slot) throws Exception {
        char[] password = AuthHelper.getPassword(textPassword, true);
        SecretKey key = slot.deriveKey(password);
        CryptoUtils.zero(password);
        Cipher cipher = Slot.createCipher(key, Cipher.DECRYPT_MODE);
        return slots.decrypt(slot, cipher);
    }

    private MasterKey decryptFingerSlot(FingerprintSlot slot) throws Exception {
        return slots.decrypt(slot, fingerCipher);
    }

    private <T extends Slot> void trySlots(Class<T> type) {
        try {
            if (!slots.has(type)) {
                throw new RuntimeException();
            }

            MasterKey masterKey = null;
            for (Slot slot : slots.findAll(type)) {
                try {
                    if (slot instanceof PasswordSlot) {
                        masterKey = decryptPasswordSlot((PasswordSlot) slot);
                    } else if (slot instanceof FingerprintSlot) {
                        masterKey = decryptFingerSlot((FingerprintSlot) slot);
                    } else {
                        throw new RuntimeException();
                    }
                    break;
                } catch (SlotIntegrityException e) {
                }
            }

            if (masterKey == null) {
                throw new SlotIntegrityException();
            }

            setKey(masterKey);
        } catch (SlotIntegrityException e) {
            showError();
        } catch (Exception e) {
            throw new UndeclaredThrowableException(e);
        }
    }

    private void setKey(MasterKey key) {
        // send the master key back to the main activity
        Intent result = new Intent();
        result.putExtra("key", key);
        setResult(RESULT_OK, result);
        finish();
    }

    @Override
    public void onBackPressed() {
        // ignore back button presses
    }

    @Override
    public void onResume() {
        super.onResume();

        if (fingerHelper != null) {
            fingerHelper.startListening(new FingerprintManager.CryptoObject(fingerCipher));
        }
    }

    @Override
    public void onPause() {
        super.onPause();

        if (fingerHelper != null) {
            fingerHelper.stopListening();
        }
    }

    @Override
    public void onAuthenticated() {
        trySlots(FingerprintSlot.class);
    }

    @Override
    public void onError() {

    }
}
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`package me.impy.aegis;`

Add fingerprint support 2017-08-13 23:38:38 +02:00			`import android.Manifest;`
			`import android.content.Context;`
Verify integrity of decrypted slots and display a dialog on error 2017-08-18 22:12:45 +02:00			`import android.content.DialogInterface;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`import android.content.Intent;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`import android.content.pm.PackageManager;`
			`import android.hardware.fingerprint.FingerprintManager;`
			`import android.os.Build;`
			`import android.support.v4.app.ActivityCompat;`
Verify integrity of decrypted slots and display a dialog on error 2017-08-18 22:12:45 +02:00			`import android.support.v7.app.AlertDialog;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`import android.support.v7.app.AppCompatActivity;`
			`import android.os.Bundle;`
			`import android.view.View;`
			`import android.widget.Button;`
			`import android.widget.EditText;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`import android.widget.LinearLayout;`
			`import android.widget.TextView;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00
Switch the FingerprintUiHelper over to SwirlView 2017-08-19 16:48:57 +02:00			`import com.mattprecious.swirl.SwirlView;`

Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`import java.lang.reflect.UndeclaredThrowableException;`

			`import javax.crypto.Cipher;`
			`import javax.crypto.SecretKey;`

			`import me.impy.aegis.crypto.CryptoUtils;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`import me.impy.aegis.crypto.KeyStoreHandle;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`import me.impy.aegis.crypto.MasterKey;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`import me.impy.aegis.crypto.slots.FingerprintSlot;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`import me.impy.aegis.crypto.slots.PasswordSlot;`
			`import me.impy.aegis.crypto.slots.Slot;`
			`import me.impy.aegis.crypto.slots.SlotCollection;`
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`import me.impy.aegis.crypto.slots.SlotIntegrityException;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`import me.impy.aegis.finger.FingerprintUiHelper;`
			`import me.impy.aegis.helpers.AuthHelper;`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00
Add fingerprint support 2017-08-13 23:38:38 +02:00			`public class AuthActivity extends AppCompatActivity implements FingerprintUiHelper.Callback {`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`public static final int RESULT_OK = 0;`
			`public static final int RESULT_EXCEPTION = 1;`

			`private EditText textPassword;`

Add fingerprint support 2017-08-13 23:38:38 +02:00			`private SlotCollection slots;`
			`private LinearLayout boxFingerprint;`
Switch the FingerprintUiHelper over to SwirlView 2017-08-19 16:48:57 +02:00			`private SwirlView imgFingerprint;`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`private TextView textFingerprint;`
			`private FingerprintUiHelper fingerHelper;`
			`private Cipher fingerCipher;`

Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`@Override`
			`protected void onCreate(Bundle savedInstanceState) {`
			`super.onCreate(savedInstanceState);`
			`setContentView(R.layout.activity_auth);`
			`textPassword = (EditText) findViewById(R.id.text_password);`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`boxFingerprint = (LinearLayout) findViewById(R.id.box_fingerprint);`
Switch the FingerprintUiHelper over to SwirlView 2017-08-19 16:48:57 +02:00			`imgFingerprint = (SwirlView) findViewById(R.id.img_fingerprint);`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`textFingerprint = (TextView) findViewById(R.id.text_fingerprint);`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00
			`Intent intent = getIntent();`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`slots = (SlotCollection) intent.getSerializableExtra("slots");`

			`// only show the fingerprint controls if the api version is new enough, permission is granted, a scanner is found and a fingerprint slot is found`
			`Context context = getApplicationContext();`
			`if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.M) {`
			`FingerprintManager manager = (FingerprintManager) context.getSystemService(Context.FINGERPRINT_SERVICE);`
			`if (ActivityCompat.checkSelfPermission(context, Manifest.permission.USE_FINGERPRINT) == PackageManager.PERMISSION_GRANTED && manager.isHardwareDetected()) {`
			`if (slots.has(FingerprintSlot.class)) {`
			`try {`
			`KeyStoreHandle handle = new KeyStoreHandle();`
			`if (handle.keyExists()) {`
			`SecretKey key = handle.getKey();`
			`fingerCipher = Slot.createCipher(key, Cipher.DECRYPT_MODE);`
			`fingerHelper = new FingerprintUiHelper(manager, imgFingerprint, textFingerprint, this);`
			`boxFingerprint.setVisibility(View.VISIBLE);`
			`}`
			`} catch (Exception e) {`
			`throw new UndeclaredThrowableException(e);`
			`}`
			`}`
			`}`
			`}`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00
			`Button button = (Button) findViewById(R.id.button_decrypt);`
			`button.setOnClickListener(new View.OnClickListener() {`
			`@Override`
			`public void onClick(View v) {`
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`trySlots(PasswordSlot.class);`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`}`
			`});`
			`}`

Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`private void showError() {`
			`AlertDialog.Builder builder = new AlertDialog.Builder(this);`
			`builder.setMessage("Master key integrity check failed for every slot. Make sure you didn't mistype your password.");`
			`builder.setCancelable(false);`
			`builder.setPositiveButton("OK",`
Verify integrity of decrypted slots and display a dialog on error 2017-08-18 22:12:45 +02:00			`new DialogInterface.OnClickListener() {`
			`public void onClick(DialogInterface dialog, int id) {`
			`dialog.cancel();`
			`}`
			`});`
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`builder.create().show();`
			`}`

			`private MasterKey decryptPasswordSlot(PasswordSlot slot) throws Exception {`
			`char[] password = AuthHelper.getPassword(textPassword, true);`
			`SecretKey key = slot.deriveKey(password);`
			`CryptoUtils.zero(password);`
			`Cipher cipher = Slot.createCipher(key, Cipher.DECRYPT_MODE);`
			`return slots.decrypt(slot, cipher);`
			`}`

			`private MasterKey decryptFingerSlot(FingerprintSlot slot) throws Exception {`
			`return slots.decrypt(slot, fingerCipher);`
			`}`

			`private <T extends Slot> void trySlots(Class<T> type) {`
			`try {`
			`if (!slots.has(type)) {`
			`throw new RuntimeException();`
			`}`

			`MasterKey masterKey = null;`
			`for (Slot slot : slots.findAll(type)) {`
			`try {`
			`if (slot instanceof PasswordSlot) {`
			`masterKey = decryptPasswordSlot((PasswordSlot) slot);`
			`} else if (slot instanceof FingerprintSlot) {`
			`masterKey = decryptFingerSlot((FingerprintSlot) slot);`
			`} else {`
			`throw new RuntimeException();`
			`}`
			`break;`
			`} catch (SlotIntegrityException e) {`
			`}`
			`}`

			`if (masterKey == null) {`
			`throw new SlotIntegrityException();`
			`}`

			`setKey(masterKey);`
			`} catch (SlotIntegrityException e) {`
			`showError();`
			`} catch (Exception e) {`
			`throw new UndeclaredThrowableException(e);`
Verify integrity of decrypted slots and display a dialog on error 2017-08-18 22:12:45 +02:00			`}`
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`}`
Verify integrity of decrypted slots and display a dialog on error 2017-08-18 22:12:45 +02:00
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`private void setKey(MasterKey key) {`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`// send the master key back to the main activity`
			`Intent result = new Intent();`
			`result.putExtra("key", key);`
			`setResult(RESULT_OK, result);`
			`finish();`
			`}`

Don't allow back button presses in AuthActivity 2017-08-13 19:55:53 +02:00			`@Override`
			`public void onBackPressed() {`
			`// ignore back button presses`
			`}`

Add fingerprint support 2017-08-13 23:38:38 +02:00			`@Override`
			`public void onResume() {`
			`super.onResume();`

			`if (fingerHelper != null) {`
			`fingerHelper.startListening(new FingerprintManager.CryptoObject(fingerCipher));`
			`}`
			`}`

			`@Override`
			`public void onPause() {`
			`super.onPause();`

			`if (fingerHelper != null) {`
			`fingerHelper.stopListening();`
Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`}`
			`}`

Add fingerprint support 2017-08-13 23:38:38 +02:00			`@Override`
			`public void onAuthenticated() {`
Clean up integrity checking code. Try every available slot, not just the first one. 2017-08-19 13:50:33 +02:00			`trySlots(FingerprintSlot.class);`
Add fingerprint support 2017-08-13 23:38:38 +02:00			`}`

			`@Override`
			`public void onError() {`

Add an activity to decrypt the database 2017-08-06 18:15:47 +02:00			`}`
			`}`