From adc9179364bea686ffca7291e9d1ac5569aa6afe Mon Sep 17 00:00:00 2001 From: Alexander Bakker Date: Wed, 5 Oct 2022 19:28:53 +0200 Subject: [PATCH] Always copy VaultFileCredentials when accessing it This makes sure that mutations to the credentails can only ever be persisted intentionally. --- .../preferences/SecurityPreferencesFragment.java | 4 +++- .../aegis/vault/VaultFileCredentials.java | 9 +++++++++ .../com/beemdevelopment/aegis/vault/VaultRepository.java | 4 ++-- 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/app/src/main/java/com/beemdevelopment/aegis/ui/fragments/preferences/SecurityPreferencesFragment.java b/app/src/main/java/com/beemdevelopment/aegis/ui/fragments/preferences/SecurityPreferencesFragment.java index 0aeeb812..4abe06df 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/ui/fragments/preferences/SecurityPreferencesFragment.java +++ b/app/src/main/java/com/beemdevelopment/aegis/ui/fragments/preferences/SecurityPreferencesFragment.java @@ -241,10 +241,12 @@ public class SecurityPreferencesFragment extends PreferencesFragment { if (!isBackupPasswordSet()) { Dialogs.showSetPasswordDialog(requireActivity(), new SetBackupPasswordListener()); } else { - SlotList slots = _vaultManager.getVault().getCredentials().getSlots(); + VaultFileCredentials creds = _vaultManager.getVault().getCredentials(); + SlotList slots = creds.getSlots(); for (Slot slot : slots.findBackupPasswordSlots()) { slots.remove(slot); } + _vaultManager.getVault().setCredentials(creds); saveAndBackupVault(); updateEncryptionPreferences(); diff --git a/app/src/main/java/com/beemdevelopment/aegis/vault/VaultFileCredentials.java b/app/src/main/java/com/beemdevelopment/aegis/vault/VaultFileCredentials.java index 05ff965f..eebbf8f7 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/vault/VaultFileCredentials.java +++ b/app/src/main/java/com/beemdevelopment/aegis/vault/VaultFileCredentials.java @@ -1,9 +1,12 @@ package com.beemdevelopment.aegis.vault; +import androidx.annotation.NonNull; + import com.beemdevelopment.aegis.crypto.CryptParameters; import com.beemdevelopment.aegis.crypto.CryptResult; import com.beemdevelopment.aegis.crypto.MasterKey; import com.beemdevelopment.aegis.crypto.MasterKeyException; +import com.beemdevelopment.aegis.util.Cloner; import com.beemdevelopment.aegis.vault.slots.SlotList; import java.io.Serializable; @@ -45,4 +48,10 @@ public class VaultFileCredentials implements Serializable { public VaultFileCredentials exportable() { return new VaultFileCredentials(_key, _slots.exportable()); } + + @NonNull + @Override + public VaultFileCredentials clone() { + return Cloner.clone(this); + } } diff --git a/app/src/main/java/com/beemdevelopment/aegis/vault/VaultRepository.java b/app/src/main/java/com/beemdevelopment/aegis/vault/VaultRepository.java index 74136af3..ab5ec219 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/vault/VaultRepository.java +++ b/app/src/main/java/com/beemdevelopment/aegis/vault/VaultRepository.java @@ -220,11 +220,11 @@ public class VaultRepository { } public VaultFileCredentials getCredentials() { - return _creds; + return _creds == null ? null : _creds.clone(); } public void setCredentials(VaultFileCredentials creds) { - _creds = creds; + _creds = creds == null ? null : creds.clone(); } public boolean isEncryptionEnabled() {