diff options
| author | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-10-16 12:58:36 +0200 |
|---|---|---|
| committer | Dominik Schürmann <dominik@dominikschuermann.de> | 2015-10-16 12:58:36 +0200 |
| commit | de3791de3f73523926f6f5293992504c8cca5d57 (patch) | |
| tree | 27f76d83c2dceacad14c3b7dd7eccccf450a2594 | |
| parent | 709a91422e0ecaf0099d257288ea80305f7002b3 (diff) | |
| download | open-keychain-de3791de3f73523926f6f5293992504c8cca5d57.tar.gz open-keychain-de3791de3f73523926f6f5293992504c8cca5d57.tar.bz2 open-keychain-de3791de3f73523926f6f5293992504c8cca5d57.zip | |
Allow choosing of YubiKey PIN
6 files changed, 116 insertions, 281 deletions
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java index acb768f55..8f2fb97dd 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateKeyEmailFragment.java @@ -238,7 +238,7 @@ public class CreateKeyEmailFragment extends Fragment { if (createKeyActivity.mCreateYubiKey) { hideKeyboard(); - CreateYubiKeyPinFragment frag = CreateYubiKeyPinFragment.newInstance(); + CreateYubiKeyPinRepeatFragment frag = CreateYubiKeyPinRepeatFragment.newInstance(); mCreateKeyActivity.loadFragment(frag, FragAction.TO_RIGHT); } else { CreateKeyPassphraseFragment frag = CreateKeyPassphraseFragment.newInstance(); diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinFragment.java deleted file mode 100644 index a793b31f2..000000000 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinFragment.java +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (C) 2015 Dominik Schürmann <dominik@dominikschuermann.de> - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see <http://www.gnu.org/licenses/>. - */ - -package org.sufficientlysecure.keychain.ui; - -import android.app.Activity; -import android.os.AsyncTask; -import android.os.Bundle; -import android.support.v4.app.Fragment; -import android.util.Pair; -import android.view.LayoutInflater; -import android.view.View; -import android.view.ViewGroup; -import android.widget.TextView; - -import org.sufficientlysecure.keychain.R; -import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction; -import org.sufficientlysecure.keychain.util.Passphrase; - -import java.security.SecureRandom; - -public class CreateYubiKeyPinFragment extends Fragment { - - // view - CreateKeyActivity mCreateKeyActivity; - TextView mPin; - TextView mAdminPin; - View mBackButton; - View mNextButton; - - /** - * Creates new instance of this fragment - */ - public static CreateYubiKeyPinFragment newInstance() { - CreateYubiKeyPinFragment frag = new CreateYubiKeyPinFragment(); - - Bundle args = new Bundle(); - frag.setArguments(args); - - return frag; - } - - @Override - public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { - View view = inflater.inflate(R.layout.create_yubi_key_pin_fragment, container, false); - - mPin = (TextView) view.findViewById(R.id.create_yubi_key_pin); - mAdminPin = (TextView) view.findViewById(R.id.create_yubi_key_admin_pin); - mBackButton = view.findViewById(R.id.create_key_back_button); - mNextButton = view.findViewById(R.id.create_key_next_button); - - if (mCreateKeyActivity.mYubiKeyPin == null) { - new AsyncTask<Void, Void, Pair<Passphrase, Passphrase>>() { - @Override - protected Pair<Passphrase, Passphrase> doInBackground(Void... unused) { - SecureRandom secureRandom = new SecureRandom(); - // min = 6, we choose 6 - String pin = "" + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9); - // min = 8, we choose 10, but 6 are equals the PIN - String adminPin = pin + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9) - + secureRandom.nextInt(9); - - return new Pair<>(new Passphrase(pin), new Passphrase(adminPin)); - } - - @Override - protected void onPostExecute(Pair<Passphrase, Passphrase> pair) { - mCreateKeyActivity.mYubiKeyPin = pair.first; - mCreateKeyActivity.mYubiKeyAdminPin = pair.second; - - mPin.setText(mCreateKeyActivity.mYubiKeyPin.toStringUnsafe()); - mAdminPin.setText(mCreateKeyActivity.mYubiKeyAdminPin.toStringUnsafe()); - } - }.execute(); - } else { - mPin.setText(mCreateKeyActivity.mYubiKeyPin.toStringUnsafe()); - mAdminPin.setText(mCreateKeyActivity.mYubiKeyAdminPin.toStringUnsafe()); - } - - mBackButton.setOnClickListener(new View.OnClickListener() { - @Override - public void onClick(View v) { - back(); - } - }); - mNextButton.setOnClickListener(new View.OnClickListener() { - @Override - public void onClick(View v) { - nextClicked(); - } - }); - - - return view; - } - - @Override - public void onAttach(Activity activity) { - super.onAttach(activity); - mCreateKeyActivity = (CreateKeyActivity) getActivity(); - } - - - private void nextClicked() { - CreateYubiKeyPinRepeatFragment frag = CreateYubiKeyPinRepeatFragment.newInstance(); - mCreateKeyActivity.loadFragment(frag, FragAction.TO_RIGHT); - } - - private void back() { - mCreateKeyActivity.loadFragment(null, FragAction.TO_LEFT); - } - -} diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinRepeatFragment.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinRepeatFragment.java index 2e752e609..f3f226232 100644 --- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinRepeatFragment.java +++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/ui/CreateYubiKeyPinRepeatFragment.java @@ -19,6 +19,7 @@ package org.sufficientlysecure.keychain.ui; import android.app.Activity; import android.content.Context; +import android.os.AsyncTask; import android.os.Bundle; import android.support.v4.app.Fragment; import android.view.LayoutInflater; @@ -26,19 +27,41 @@ import android.view.View; import android.view.ViewGroup; import android.view.inputmethod.InputMethodManager; import android.widget.EditText; +import android.widget.TextView; import org.sufficientlysecure.keychain.R; import org.sufficientlysecure.keychain.ui.CreateKeyActivity.FragAction; +import org.sufficientlysecure.keychain.util.Passphrase; + +import java.security.SecureRandom; +import java.util.Arrays; +import java.util.HashSet; public class CreateYubiKeyPinRepeatFragment extends Fragment { // view CreateKeyActivity mCreateKeyActivity; EditText mPin; - EditText mAdminPin; + EditText mPinRepeat; + TextView mAdminPin; View mBackButton; View mNextButton; + private static HashSet<String> sPinBlacklist = new HashSet<>(Arrays.asList( + "000000", + "111111", + "222222", + "333333", + "444444", + "555555", + "666666", + "777777", + "888888", + "999999", + "123456", + "XXXXXX" + )); + /** * Creates new instance of this fragment */ @@ -55,8 +78,6 @@ public class CreateYubiKeyPinRepeatFragment extends Fragment { * Checks if text of given EditText is not empty. If it is empty an error is * set and the EditText gets the focus. * - * @param context - * @param editText * @return true if EditText is not empty */ private static boolean isEditTextNotEmpty(Context context, EditText editText) { @@ -72,28 +93,51 @@ public class CreateYubiKeyPinRepeatFragment extends Fragment { return output; } - private static boolean checkPin(Context context, EditText editText1, String pin) { - boolean output = editText1.getText().toString().equals(pin); - - if (!output) { - editText1.setError(context.getString(R.string.create_key_yubi_key_pin_not_correct)); - editText1.requestFocus(); - } else { - editText1.setError(null); - } - - return output; + private static boolean areEditTextsEqual(EditText editText1, EditText editText2) { + Passphrase p1 = new Passphrase(editText1); + Passphrase p2 = new Passphrase(editText2); + return (p1.equals(p2)); } @Override public View onCreateView(LayoutInflater inflater, ViewGroup container, Bundle savedInstanceState) { View view = inflater.inflate(R.layout.create_yubi_key_pin_repeat_fragment, container, false); - mPin = (EditText) view.findViewById(R.id.create_yubi_key_pin_repeat); - mAdminPin = (EditText) view.findViewById(R.id.create_yubi_key_admin_pin_repeat); + mPin = (EditText) view.findViewById(R.id.create_yubi_key_pin); + mPinRepeat = (EditText) view.findViewById(R.id.create_yubi_key_pin_repeat); + mAdminPin = (TextView) view.findViewById(R.id.create_yubi_key_admin_pin); mBackButton = view.findViewById(R.id.create_key_back_button); mNextButton = view.findViewById(R.id.create_key_next_button); + if (mCreateKeyActivity.mYubiKeyPin == null) { + new AsyncTask<Void, Void, Passphrase>() { + @Override + protected Passphrase doInBackground(Void... unused) { + SecureRandom secureRandom = new SecureRandom(); + // min = 8, we choose 8 + String adminPin = "" + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9) + + secureRandom.nextInt(9); + + return new Passphrase(adminPin); + } + + @Override + protected void onPostExecute(Passphrase adminPin) { + mCreateKeyActivity.mYubiKeyAdminPin = adminPin; + + mAdminPin.setText(mCreateKeyActivity.mYubiKeyAdminPin.toStringUnsafe()); + } + }.execute(); + } else { + mAdminPin.setText(mCreateKeyActivity.mYubiKeyAdminPin.toStringUnsafe()); + } + mPin.requestFocus(); mBackButton.setOnClickListener(new View.OnClickListener() { @Override @@ -123,10 +167,27 @@ public class CreateYubiKeyPinRepeatFragment extends Fragment { } private void nextClicked() { - if (isEditTextNotEmpty(getActivity(), mPin) - && checkPin(getActivity(), mPin, mCreateKeyActivity.mYubiKeyPin.toStringUnsafe()) - && isEditTextNotEmpty(getActivity(), mAdminPin) - && checkPin(getActivity(), mAdminPin, mCreateKeyActivity.mYubiKeyAdminPin.toStringUnsafe())) { + if (isEditTextNotEmpty(getActivity(), mPin)) { + + if (!areEditTextsEqual(mPin, mPinRepeat)) { + mPinRepeat.setError(getString(R.string.create_key_passphrases_not_equal)); + mPinRepeat.requestFocus(); + return; + } + + if (mPin.getText().toString().length() < 6) { + mPin.setError(getString(R.string.create_key_yubi_key_pin_too_short)); + mPin.requestFocus(); + return; + } + + if (sPinBlacklist.contains(mPin.getText().toString())) { + mPin.setError(getString(R.string.create_key_yubi_key_pin_insecure)); + mPin.requestFocus(); + return; + } + + mCreateKeyActivity.mYubiKeyPin = new Passphrase(mPin.getText().toString()); CreateKeyFinalFragment frag = CreateKeyFinalFragment.newInstance(); hideKeyboard(); diff --git a/OpenKeychain/src/main/res/layout/create_yubi_key_pin_fragment.xml b/OpenKeychain/src/main/res/layout/create_yubi_key_pin_fragment.xml deleted file mode 100644 index 34871affe..000000000 --- a/OpenKeychain/src/main/res/layout/create_yubi_key_pin_fragment.xml +++ /dev/null @@ -1,111 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" - xmlns:tools="http://schemas.android.com/tools" - android:layout_width="match_parent" - android:layout_height="match_parent"> - - <ScrollView - android:layout_width="match_parent" - android:layout_height="match_parent" - android:fillViewport="true" - android:layout_above="@+id/create_key_buttons"> - - <LinearLayout - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:paddingLeft="16dp" - android:paddingRight="16dp" - android:orientation="vertical"> - - <TextView - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:layout_marginLeft="8dp" - android:textAppearance="?android:attr/textAppearanceMedium" - android:text="@string/create_key_yubi_key_pin_text" /> - - <TextView - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:layout_marginLeft="8dp" - android:textAppearance="?android:attr/textAppearanceMedium" - android:text="@string/create_key_yubi_key_pin" /> - - <TextView - android:id="@+id/create_yubi_key_pin" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_marginTop="8dp" - android:layout_marginLeft="8dp" - android:textAppearance="?android:attr/textAppearanceLarge" - tools:text="123456" /> - - <TextView - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_marginTop="16dp" - android:layout_marginLeft="8dp" - android:textAppearance="?android:attr/textAppearanceMedium" - android:text="@string/create_key_yubi_key_admin_pin" /> - - <TextView - android:id="@+id/create_yubi_key_admin_pin" - android:layout_width="wrap_content" - android:layout_height="wrap_content" - android:layout_marginTop="8dp" - android:layout_marginLeft="8dp" - android:textAppearance="?android:attr/textAppearanceLarge" - tools:text="12345678" /> - - </LinearLayout> - </ScrollView> - - <LinearLayout - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:orientation="horizontal" - android:layout_alignParentBottom="true" - android:layout_alignParentLeft="true" - android:layout_alignParentStart="true" - android:background="?attr/colorButtonRow" - android:id="@+id/create_key_buttons"> - - <TextView - android:id="@+id/create_key_back_button" - android:paddingLeft="16dp" - android:paddingRight="16dp" - android:textAppearance="?android:attr/textAppearanceMedium" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_weight="1" - android:layout_gravity="center_vertical" - android:text="@string/btn_back" - android:textAllCaps="true" - android:minHeight="?android:attr/listPreferredItemHeight" - android:drawableLeft="@drawable/ic_chevron_left_grey_24dp" - android:drawablePadding="8dp" - android:gravity="left|center_vertical" - android:clickable="true" - style="?android:attr/borderlessButtonStyle" /> - - <TextView - android:id="@+id/create_key_next_button" - android:paddingLeft="16dp" - android:paddingRight="16dp" - android:textAppearance="?android:attr/textAppearanceMedium" - android:layout_width="match_parent" - android:layout_height="wrap_content" - android:layout_weight="1" - android:layout_gravity="center_vertical" - android:text="@string/btn_next" - android:textAllCaps="true" - android:minHeight="?android:attr/listPreferredItemHeight" - android:drawableRight="@drawable/ic_chevron_right_grey_24dp" - android:drawablePadding="8dp" - android:gravity="right|center_vertical" - android:clickable="true" - style="?android:attr/borderlessButtonStyle" /> - </LinearLayout> -</RelativeLayout> diff --git a/OpenKeychain/src/main/res/layout/create_yubi_key_pin_repeat_fragment.xml b/OpenKeychain/src/main/res/layout/create_yubi_key_pin_repeat_fragment.xml index af9080f55..c3b73d91f 100644 --- a/OpenKeychain/src/main/res/layout/create_yubi_key_pin_repeat_fragment.xml +++ b/OpenKeychain/src/main/res/layout/create_yubi_key_pin_repeat_fragment.xml @@ -1,5 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android" + xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent" android:layout_height="match_parent"> @@ -21,7 +22,7 @@ android:layout_height="wrap_content" android:layout_marginLeft="8dp" android:layout_marginTop="16dp" - android:text="@string/create_key_yubi_key_pin_repeat_text" + android:text="@string/create_key_yubi_key_pin_text" android:textAppearance="?android:attr/textAppearanceMedium" /> <TextView @@ -33,12 +34,21 @@ android:textAppearance="?android:attr/textAppearanceMedium" /> <EditText - android:id="@+id/create_yubi_key_pin_repeat" + android:id="@+id/create_yubi_key_pin" android:layout_width="match_parent" android:layout_height="wrap_content" android:layout_gravity="center_horizontal" android:layout_marginBottom="8dp" android:ems="10" + android:hint="@string/create_key_yubi_key_pin" + android:inputType="numberPassword" /> + + <EditText + android:id="@+id/create_yubi_key_pin_repeat" + android:layout_width="match_parent" + android:layout_height="wrap_content" + android:layout_marginBottom="8dp" + android:ems="10" android:hint="@string/create_key_yubi_key_pin_repeat" android:inputType="numberPassword" /> @@ -46,19 +56,27 @@ android:layout_width="wrap_content" android:layout_height="wrap_content" android:layout_marginLeft="8dp" + android:layout_marginTop="48dp" + android:text="@string/create_key_yubi_key_admin_pin_text" + android:textAppearance="?android:attr/textAppearanceMedium" /> + + <TextView + android:layout_width="wrap_content" + android:layout_height="wrap_content" + android:layout_marginLeft="8dp" android:layout_marginTop="16dp" android:text="@string/create_key_yubi_key_admin_pin" android:textAppearance="?android:attr/textAppearanceMedium" /> - <EditText - android:id="@+id/create_yubi_key_admin_pin_repeat" - android:layout_width="match_parent" + <TextView + android:id="@+id/create_yubi_key_admin_pin" + android:layout_width="wrap_content" android:layout_height="wrap_content" - android:layout_gravity="center_horizontal" - android:layout_marginBottom="8dp" - android:ems="10" - android:hint="@string/create_key_yubi_key_admin_pin_repeat" - android:inputType="numberPassword" /> + android:layout_marginLeft="8dp" + android:layout_marginTop="8dp" + android:layout_marginBottom="48dp" + android:textAppearance="?android:attr/textAppearanceLarge" + tools:text="12345678" /> </LinearLayout> </ScrollView> @@ -78,8 +96,8 @@ style="?android:attr/borderlessButtonStyle" android:layout_width="match_parent" android:layout_height="wrap_content" - android:layout_weight="1" android:layout_gravity="center_vertical" + android:layout_weight="1" android:clickable="true" android:drawableLeft="@drawable/ic_chevron_left_grey_24dp" android:drawablePadding="8dp" @@ -96,8 +114,8 @@ style="?android:attr/borderlessButtonStyle" android:layout_width="match_parent" android:layout_height="wrap_content" - android:layout_weight="1" android:layout_gravity="center_vertical" + android:layout_weight="1" android:clickable="true" android:drawablePadding="8dp" android:drawableRight="@drawable/ic_chevron_right_grey_24dp" diff --git a/OpenKeychain/src/main/res/values/strings.xml b/OpenKeychain/src/main/res/values/strings.xml index bc238690b..15e714a11 100644 --- a/OpenKeychain/src/main/res/values/strings.xml +++ b/OpenKeychain/src/main/res/values/strings.xml @@ -759,13 +759,14 @@ <string name="create_key_add_email_text">"Additional email addresses are also associated to this key and can be used for secure communication."</string> <string name="create_key_email_already_exists_text">"Email address has already been added"</string> <string name="create_key_email_invalid_email">"Email address format is invalid"</string> - <string name="create_key_yubi_key_pin_text">"Please remember the PIN, it is required to use your YubiKey later. Please write down the Admin PIN and store it in a safe place."</string> + <string name="create_key_yubi_key_pin_text">"Please choose a PIN with 6 numbers."</string> + <string name="create_key_yubi_key_admin_pin_text">"Please write down the Admin PIN and store it in a safe place (required when you used a wrong PIN 3 times)."</string> <string name="create_key_yubi_key_pin">"PIN"</string> <string name="create_key_yubi_key_admin_pin">"Admin PIN"</string> - <string name="create_key_yubi_key_pin_repeat_text">"Please enter the PIN and Admin PIN to proceed."</string> <string name="create_key_yubi_key_pin_repeat">"Repeat PIN"</string> - <string name="create_key_yubi_key_admin_pin_repeat">"Repeat Admin PIN"</string> <string name="create_key_yubi_key_pin_not_correct">"PIN is not correct!"</string> + <string name="create_key_yubi_key_pin_too_short">"PIN must be at least 6 numbers long!"</string> + <string name="create_key_yubi_key_pin_insecure">"Please choose a secure PIN, not 000000, 123456 or similar combinations."</string> <!-- View key --> <string name="view_key_revoked">"Revoked: Key must not be used anymore!"</string> |