-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypt seed #192
Encrypt seed #192
Conversation
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
…references.kt simplify delete and save Co-authored-by: Michael Bisgaard Olesen <michaelbisgaardo@gmail.com>
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't really understand the flow of where the seed phrase is supposed to be migrated; it seems like it's happening all over the place.
We have tryToSetEncryptedSeedPhrase
, setSeedPhraseEncrypted
, and checkAndTryToEncryptSeed
that all write the encrypted phrase. And same with getSeedPhrase
and getSeedPhraseDecrypted
for reading it. I can't really see any logic in which variant is used where, and some of them additionally check and delete the unencrypted one.
I feel like there should just be a migration function somewhere in the initial code path that does the following:
- Check if the encrypted seed is stored. Return if it is.
- Otherwise, encrypt the unencrypted seed and store it.
- Decrypt the stored encrypted seed and compare it against the unencrypted one. Delete the latter if they match.
After this, we just pretend like the unencrypted one never existed. No need for fallbacks to the unencrypted seed.
You can also choose to handle it gracefully if storing the encrypted seed failed. Then you would probably do item 3 above just before returning in item 1. And keep the fallbacks.
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
There are quite a few comments. Let's have a live session tomorrow, where we talk instead of type :-) |
…entication Screen until the old seed is encrypted and deleted. Added error status and error explanation for failed seed encryption on the Authentication Screen
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/passphrase/recover/PassPhraseRecoverViewModel.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/auth/login/AuthLoginViewModel.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/passphrase/recover/RecoverWalletActivity.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/passphrase/recover/PassPhraseRecoverInputFragment.kt
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't understand the activity and view model stuff well enough to review that properly, but the rest looks good.
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/data/preferences/AuthPreferences.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/auth/login/AuthLoginViewModel.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/auth/login/AuthLoginViewModel.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/auth/login/AuthLoginViewModel.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/passphrase/recover/RecoverWalletActivity.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/passphrase/setup/SetupWalletActivity.kt
Outdated
Show resolved
Hide resolved
app/src/main/java/com/concordium/wallet/ui/auth/login/AuthLoginActivity.kt
Outdated
Show resolved
Hide resolved
…references.kt Removed encrypted seed check Co-authored-by: Michael Bisgaard Olesen <michaelbisgaardo@gmail.com>
…nActivity.kt Co-authored-by: Michael Bisgaard Olesen <michaelbisgaardo@gmail.com>
Added comment to checkAndTryToEncryptSeed. Named parameter in saveSeed lambda.
Purpose
Encrypt the seed and save it securely.
Changes
Encrypt seed before saving.
Encrypt already existing seed.
Re-encrypt seed with new password when changing passwords.
Checklist
hard-to-understand areas.