rixxc/KeePassDX
1
0
Fork 0
mirror of https://github.com/Kunzisoft/KeePassDX.git synced 2025-12-04 15:49:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

fix: Security exception

Browse Source
This commit is contained in:
J-Jamet
2025-09-01 15:53:45 +02:00
parent b80acd5a2d
commit 1a717bda03
2 changed files with 9 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/util/PasskeyHelper.kt
View File

@@ -579,14 +579,12 @@ object PasskeyHelper {
return if (appToCheck.verified) { return if (appToCheck.verified) {
usageParameters.clientDataResponse usageParameters.clientDataResponse
} else { } else {
appToCheck.checkAppOrigin(appOrigin)?.let { origin ->
// Origin checked by Android app signature // Origin checked by Android app signature
ClientDataBuildResponse( ClientDataBuildResponse(
type = ClientDataBuildResponse.Type.GET, type = ClientDataBuildResponse.Type.GET,
challenge = usageParameters.publicKeyCredentialRequestOptions.challenge, challenge = usageParameters.publicKeyCredentialRequestOptions.challenge,
origin = origin origin = appToCheck.checkAppOrigin(appOrigin)
) )
} ?: throw SecurityException("Wrong signature for $appToCheck")
} }
} }
} }

6
database/src/main/java/com/kunzisoft/keepass/model/AppOrigin.kt
View File

@@ -42,9 +42,9 @@ data class AppOrigin(
/** /**
* Verify the app origin by comparing it to the list of android origins, * Verify the app origin by comparing it to the list of android origins,
* return the first verified origin or null if none is found * return the first verified origin or throw an exception if none is found
*/ */
fun checkAppOrigin(compare: AppOrigin): String? { fun checkAppOrigin(compare: AppOrigin): String {
return androidOrigins.firstOrNull { androidOrigin -> return androidOrigins.firstOrNull { androidOrigin ->
compare.androidOrigins.any { compare.androidOrigins.any {
it.packageName == androidOrigin.packageName it.packageName == androidOrigin.packageName
@@ -55,7 +55,7 @@ data class AppOrigin(
packageName = it.packageName, packageName = it.packageName,
fingerprint = it.fingerprint fingerprint = it.fingerprint
).toAndroidOrigin() ).toAndroidOrigin()
} } ?: throw SecurityException("Wrong signature for ${toName()}")
} }
fun clear() { fun clear() {