rixxc/KeePassDX
1
0
Fork 0
mirror of https://github.com/Kunzisoft/KeePassDX.git synced 2025-12-04 15:49:33 +01:00
Code Issues Packages Projects Releases Wiki Activity

Add Read support for TOTP Tokens

Browse Source
This commit is contained in:
somkun
2018-09-16 22:11:23 -07:00
parent ff6b0eee6c
commit 9558fcaf21
9 changed files with 680 additions and 263 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@@ -38,6 +38,13 @@ proguard/
# Android Studio captures folder
captures/
# Eclipse/VS Code
.project
.settings/*
*/.project
*/.classpath
*/.settings/*
# Intellij
*.iml
.idea/workspace.xml

1
CONTRIBUTORS
View File

@@ -15,6 +15,7 @@ vhschlenker
bumper314 - Samsung multiwindow support
Hans Cappelle - fingerprint sensor integration
Jeremy Jamet - Keepass DX Material Design - Patches
somkun - TOTP support
Translations:
Diego Pierotto - Italian

2
app/build.gradle
View File

@@ -103,6 +103,8 @@ dependencies {
annotationProcessor "com.github.hotchemi:permissionsdispatcher-processor:$permissionDispatcherVersion"
// Apache Commons Collections
implementation 'commons-collections:commons-collections:3.2.1'
// Apache Commons Codec
implementation 'commons-codec:commons-codec:1.11'
// Base64
implementation 'biz.source_code:base64coder:2010-12-19'
implementation 'com.google.code.gson:gson:2.8.4'

198
app/src/main/java/com/kunzisoft/keepass/activities/EntryActivity.java
View File

@@ -4,18 +4,16 @@
*
* This file is part of KeePass DX.
*
* KeePass DX is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* KeePass DX is free software: you can redistribute it and/or modify it under the terms of the GNU
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* KeePass DX is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* KeePass DX is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with KeePass DX. If not, see <http://www.gnu.org/licenses/>.
* You should have received a copy of the GNU General Public License along with KeePass DX. If not,
* see <http://www.gnu.org/licenses/>.
*
*/
package com.kunzisoft.keepass.activities;
@@ -37,7 +35,6 @@ import android.view.MenuItem;
import android.widget.ImageView;
import android.widget.TextView;
import android.widget.Toast;
import com.getkeepsafe.taptargetview.TapTarget;
import com.getkeepsafe.taptargetview.TapTargetView;
import com.kunzisoft.keepass.R;
@@ -54,16 +51,15 @@ import com.kunzisoft.keepass.notifications.NotificationField;
import com.kunzisoft.keepass.settings.PreferencesUtil;
import com.kunzisoft.keepass.settings.SettingsAutofillActivity;
import com.kunzisoft.keepass.timeout.ClipboardHelper;
import com.kunzisoft.keepass.totp.*;
import com.kunzisoft.keepass.utils.EmptyUtils;
import com.kunzisoft.keepass.utils.MenuUtil;
import com.kunzisoft.keepass.utils.Types;
import com.kunzisoft.keepass.utils.Util;
import com.kunzisoft.keepass.view.EntryContentsView;
import java.util.ArrayList;
import java.util.Date;
import java.util.UUID;
import static com.kunzisoft.keepass.settings.PreferencesUtil.isClipboardNotificationsEnable;
import static com.kunzisoft.keepass.settings.PreferencesUtil.isFirstTimeAskAllowCopyPasswordAndProtectedFields;
@@ -79,6 +75,7 @@ public class EntryActivity extends LockingHideActivity {
protected PwEntry mEntry;
private boolean mShowPassword;
private TotpSettings mTotpSettings;
private ClipboardHelper clipboardHelper;
private boolean firstLaunchOfActivity;
@@ -109,7 +106,7 @@ public class EntryActivity extends LockingHideActivity {
Database db = App.getDB();
// Likely the app has been killed exit the activity
if ( ! db.getLoaded() ) {
if (!db.getLoaded()) {
finish();
return;
}
@@ -126,6 +123,7 @@ public class EntryActivity extends LockingHideActivity {
finish();
return;
}
mTotpSettings = new TotpSettings(mEntry);
// Retrieve the textColor to tint the icon
int[] attrs = {R.attr.textColorInverse};
@@ -142,7 +140,8 @@ public class EntryActivity extends LockingHideActivity {
titleIconView = findViewById(R.id.entry_icon);
titleView = findViewById(R.id.entry_title);
entryContentsView = findViewById(R.id.entry_contents);
entryContentsView.applyFontVisibilityToFields(PreferencesUtil.fieldFontIsInVisibility(this));
entryContentsView
.applyFontVisibilityToFields(PreferencesUtil.fieldFontIsInVisibility(this));
// Init the clipboard helper
clipboardHelper = new ClipboardHelper(this);
@@ -160,76 +159,68 @@ public class EntryActivity extends LockingHideActivity {
// Start to manage field reference to copy a value from ref
mEntry.startToManageFieldReferences(App.getDB().getPwDatabase());
boolean containsUsernameToCopy =
mEntry.getUsername().length() > 0;
boolean containsPasswordToCopy =
(mEntry.getPassword().length() > 0
boolean containsUsernameToCopy = mEntry.getUsername().length() > 0;
boolean containsPasswordToCopy = (mEntry.getPassword().length() > 0
&& PreferencesUtil.allowCopyPasswordAndProtectedFields(this));
boolean containsExtraFieldToCopy =
(mEntry.allowExtraFields()
&& ((mEntry.containsCustomFields()
&& mEntry.containsCustomFieldsNotProtected())
|| (mEntry.containsCustomFields()
&& mEntry.containsCustomFieldsProtected()
&& PreferencesUtil.allowCopyPasswordAndProtectedFields(this))
)
);
boolean containsExtraFieldToCopy = (mEntry.allowExtraFields()
&& ((mEntry.containsCustomFields() && mEntry.containsCustomFieldsNotProtected())
|| (mEntry.containsCustomFields() && mEntry.containsCustomFieldsProtected()
&& PreferencesUtil.allowCopyPasswordAndProtectedFields(this))));
// If notifications enabled in settings
// Don't if application timeout
if (firstLaunchOfActivity && !App.isShutdown() && isClipboardNotificationsEnable(getApplicationContext())) {
if (containsUsernameToCopy
|| containsPasswordToCopy
|| containsExtraFieldToCopy
) {
if (firstLaunchOfActivity && !App.isShutdown()
&& isClipboardNotificationsEnable(getApplicationContext())) {
if (containsUsernameToCopy || containsPasswordToCopy || containsExtraFieldToCopy) {
// username already copied, waiting for user's action before copy password.
Intent intent = new Intent(this, NotificationCopyingService.class);
intent.setAction(NotificationCopyingService.ACTION_NEW_NOTIFICATION);
if (mEntry.getTitle() != null)
intent.putExtra(NotificationCopyingService.EXTRA_ENTRY_TITLE, mEntry.getTitle());
intent.putExtra(NotificationCopyingService.EXTRA_ENTRY_TITLE,
mEntry.getTitle());
// Construct notification fields
ArrayList<NotificationField> notificationFields = new ArrayList<>();
// Add username if exists to notifications
if (containsUsernameToCopy)
notificationFields.add(
new NotificationField(
NotificationField.NotificationFieldId.USERNAME,
mEntry.getUsername(),
getResources()));
new NotificationField(NotificationField.NotificationFieldId.USERNAME,
mEntry.getUsername(), getResources()));
// Add password to notifications
if (containsPasswordToCopy) {
notificationFields.add(
new NotificationField(
NotificationField.NotificationFieldId.PASSWORD,
mEntry.getPassword(),
getResources()));
new NotificationField(NotificationField.NotificationFieldId.PASSWORD,
mEntry.getPassword(), getResources()));
}
// Add extra fields
if (containsExtraFieldToCopy) {
try {
mEntry.getFields().doActionToAllCustomProtectedField(new ExtraFields.ActionProtected() {
mEntry.getFields().doActionToAllCustomProtectedField(
new ExtraFields.ActionProtected() {
private int anonymousFieldNumber = 0;
@Override
public void doAction(String key, ProtectedString value) {
//If value is not protected or allowed
if (!value.isProtected() || PreferencesUtil.allowCopyPasswordAndProtectedFields(EntryActivity.this)) {
notificationFields.add(
new NotificationField(
NotificationField.NotificationFieldId.getAnonymousFieldId()[anonymousFieldNumber],
value.toString(),
key,
getResources()));
// If value is not protected or allowed
if (!value.isProtected() || PreferencesUtil
.allowCopyPasswordAndProtectedFields(
EntryActivity.this)) {
notificationFields.add(new NotificationField(
NotificationField.NotificationFieldId
.getAnonymousFieldId()[anonymousFieldNumber],
value.toString(), key, getResources()));
anonymousFieldNumber++;
}
}
});
} catch (ArrayIndexOutOfBoundsException e) {
Log.w(TAG, "Only " + NotificationField.NotificationFieldId.getAnonymousFieldId().length +
" anonymous notifications are available");
Log.w(TAG, "Only "
+ NotificationField.NotificationFieldId.getAnonymousFieldId().length
+ " anonymous notifications are available");
}
}
// Add notifications
intent.putParcelableArrayListExtra(NotificationCopyingService.EXTRA_FIELDS, notificationFields);
intent.putParcelableArrayListExtra(NotificationCopyingService.EXTRA_FIELDS,
notificationFields);
startService(intent);
}
@@ -239,27 +230,28 @@ public class EntryActivity extends LockingHideActivity {
}
/**
* Check and display learning views
* Displays the explanation for copying a field and editing an entry
* Check and display learning views Displays the explanation for copying a field and editing an
* entry
*/
private void checkAndPerformedEducation(Menu menu) {
if (PreferencesUtil.isEducationScreensEnabled(this)) {
if (entryContentsView != null && entryContentsView.isUserNamePresent()
&& !PreferencesUtil.isEducationCopyUsernamePerformed(this)) {
TapTargetView.showFor(this,
TapTarget.forView(findViewById(R.id.entry_user_name_action_image),
TapTargetView.showFor(
this,
TapTarget
.forView(findViewById(R.id.entry_user_name_action_image),
getString(R.string.education_field_copy_title),
getString(R.string.education_field_copy_summary))
.textColorInt(Color.WHITE)
.tintTarget(false)
.cancelable(true),
.textColorInt(Color.WHITE).tintTarget(false).cancelable(true),
new TapTargetView.Listener() {
@Override
public void onTargetClick(TapTargetView view) {
super.onTargetClick(view);
clipboardHelper.timeoutCopyToClipboard(mEntry.getUsername(),
getString(R.string.copy_field, getString(R.string.entry_user_name)));
getString(R.string.copy_field,
getString(R.string.entry_user_name)));
}
@Override
@@ -267,21 +259,23 @@ public class EntryActivity extends LockingHideActivity {
super.onOuterCircleClick(view);
view.dismiss(false);
// Launch autofill settings
startActivity(new Intent(EntryActivity.this, SettingsAutofillActivity.class));
startActivity(new Intent(EntryActivity.this,
SettingsAutofillActivity.class));
}
});
PreferencesUtil.saveEducationPreference(this,
R.string.education_copy_username_key);
PreferencesUtil.saveEducationPreference(this, R.string.education_copy_username_key);
} else if (!PreferencesUtil.isEducationEntryEditPerformed(this)) {
try {
TapTargetView.showFor(this,
TapTarget.forToolbarMenuItem(toolbar, R.id.menu_edit,
TapTargetView
.showFor(this,
TapTarget
.forToolbarMenuItem(toolbar, R.id.menu_edit,
getString(R.string.education_entry_edit_title),
getString(R.string.education_entry_edit_summary))
.textColorInt(Color.WHITE)
.tintTarget(true)
getString(
R.string.education_entry_edit_summary))
.textColorInt(Color.WHITE).tintTarget(true)
.cancelable(true),
new TapTargetView.Listener() {
@Override
@@ -297,7 +291,8 @@ public class EntryActivity extends LockingHideActivity {
view.dismiss(false);
// Open Keepass doc to create field references
Intent browserIntent = new Intent(Intent.ACTION_VIEW,
Uri.parse(getString(R.string.field_references_url)));
Uri.parse(getString(
R.string.field_references_url)));
startActivity(browserIntent);
}
});
@@ -325,36 +320,35 @@ public class EntryActivity extends LockingHideActivity {
// Assign basic fields
entryContentsView.assignUserName(mEntry.getUsername());
entryContentsView.assignUserNameCopyListener(view ->
clipboardHelper.timeoutCopyToClipboard(mEntry.getUsername(),
getString(R.string.copy_field, getString(R.string.entry_user_name)))
);
entryContentsView.assignUserNameCopyListener(
view -> clipboardHelper.timeoutCopyToClipboard(mEntry.getUsername(),
getString(R.string.copy_field, getString(R.string.entry_user_name))));
boolean allowCopyPassword = PreferencesUtil.allowCopyPasswordAndProtectedFields(this);
entryContentsView.assignPassword(mEntry.getPassword(), allowCopyPassword);
if (allowCopyPassword) {
entryContentsView.assignPasswordCopyListener(view ->
clipboardHelper.timeoutCopyToClipboard(mEntry.getPassword(),
getString(R.string.copy_field, getString(R.string.entry_password)))
);
entryContentsView.assignPasswordCopyListener(
view -> clipboardHelper.timeoutCopyToClipboard(mEntry.getPassword(),
getString(R.string.copy_field, getString(R.string.entry_password))));
} else {
// If dialog not already shown
if (isFirstTimeAskAllowCopyPasswordAndProtectedFields(this)) {
entryContentsView.assignPasswordCopyListener(v -> {
String message = getString(R.string.allow_copy_password_warning) +
"\n\n" +
getString(R.string.clipboard_warning);
String message = getString(R.string.allow_copy_password_warning) + "\n\n"
+ getString(R.string.clipboard_warning);
AlertDialog warningDialog = new AlertDialog.Builder(EntryActivity.this)
.setMessage(message).create();
warningDialog.setButton(AlertDialog.BUTTON1, getText(android.R.string.ok),
(dialog, which) -> {
PreferencesUtil.setAllowCopyPasswordAndProtectedFields(EntryActivity.this, true);
PreferencesUtil.setAllowCopyPasswordAndProtectedFields(
EntryActivity.this, true);
dialog.dismiss();
fillData();
});
warningDialog.setButton(AlertDialog.BUTTON2, getText(android.R.string.cancel),
(dialog, which) -> {
PreferencesUtil.setAllowCopyPasswordAndProtectedFields(EntryActivity.this, false);
PreferencesUtil.setAllowCopyPasswordAndProtectedFields(
EntryActivity.this, false);
dialog.dismiss();
fillData();
});
@@ -367,6 +361,10 @@ public class EntryActivity extends LockingHideActivity {
entryContentsView.assignURL(mEntry.getUrl());
entryContentsView.assignTotp(mTotpSettings,
view -> clipboardHelper.timeoutCopyToClipboard(mTotpSettings.getToken(),
getString(R.string.copy_field, getString(R.string.entry_totp))));
entryContentsView.setHiddenPasswordStyle(!mShowPassword);
entryContentsView.assignComment(mEntry.getNotes());
@@ -375,13 +373,11 @@ public class EntryActivity extends LockingHideActivity {
entryContentsView.clearExtraFields();
mEntry.getFields().doActionToAllCustomProtectedField((label, value) -> {
boolean showAction = (!value.isProtected() || PreferencesUtil.allowCopyPasswordAndProtectedFields(EntryActivity.this));
entryContentsView.addExtraField(label, value, showAction, view ->
clipboardHelper.timeoutCopyToClipboard(
value.toString(),
getString(R.string.copy_field, label)
)
);
boolean showAction = (!value.isProtected()
|| PreferencesUtil.allowCopyPasswordAndProtectedFields(EntryActivity.this));
entryContentsView.addExtraField(label, value, showAction,
view -> clipboardHelper.timeoutCopyToClipboard(value.toString(),
getString(R.string.copy_field, label)));
});
}
@@ -390,7 +386,7 @@ public class EntryActivity extends LockingHideActivity {
entryContentsView.assignModificationDate(mEntry.getLastModificationTime().getDate());
entryContentsView.assignLastAccessDate(mEntry.getLastAccessTime().getDate());
Date expires = mEntry.getExpiryTime().getDate();
if ( mEntry.isExpires() ) {
if (mEntry.isExpires()) {
entryContentsView.assignExpiresDate(expires);
} else {
entryContentsView.assignExpiresDate(getString(R.string.never));
@@ -410,7 +406,7 @@ public class EntryActivity extends LockingHideActivity {
}
private void changeShowPasswordIcon(MenuItem togglePassword) {
if ( mShowPassword ) {
if (mShowPassword) {
togglePassword.setTitle(R.string.menu_hide_password);
togglePassword.setIcon(R.drawable.ic_visibility_off_white_24dp);
} else {
@@ -436,7 +432,8 @@ public class EntryActivity extends LockingHideActivity {
MenuItem togglePassword = menu.findItem(R.id.menu_toggle_pass);
if (entryContentsView != null && togglePassword != null) {
if (entryContentsView.isPasswordPresent() || entryContentsView.atLeastOneFieldProtectedPresent()) {
if (entryContentsView.isPasswordPresent()
|| entryContentsView.atLeastOneFieldProtectedPresent()) {
changeShowPasswordIcon(togglePassword);
} else {
togglePassword.setVisible(false);
@@ -466,7 +463,7 @@ public class EntryActivity extends LockingHideActivity {
@Override
public boolean onOptionsItemSelected(MenuItem item) {
switch ( item.getItemId() ) {
switch (item.getItemId()) {
case R.id.menu_contribute:
return MenuUtil.onContributionItemSelected(this);
@@ -485,7 +482,7 @@ public class EntryActivity extends LockingHideActivity {
url = mEntry.getUrl();
// Default http:// if no protocol specified
if ( ! url.contains("://") ) {
if (!url.contains("://")) {
url = "http://" + url;
}
@@ -500,7 +497,7 @@ public class EntryActivity extends LockingHideActivity {
lockAndExit();
return true;
case android.R.id.home :
case android.R.id.home:
finish(); // close this activity and return to preview activity (if there is any)
}
@@ -512,10 +509,9 @@ public class EntryActivity extends LockingHideActivity {
public void finish() {
// Transit data in previous Activity after an update
/*
TODO Slowdown when add entry as result
Intent intent = new Intent();
intent.putExtra(EntryEditActivity.ADD_OR_UPDATE_ENTRY_KEY, mEntry);
setResult(EntryEditActivity.UPDATE_ENTRY_RESULT_CODE, intent);
* TODO Slowdown when add entry as result Intent intent = new Intent();
* intent.putExtra(EntryEditActivity.ADD_OR_UPDATE_ENTRY_KEY, mEntry);
* setResult(EntryEditActivity.UPDATE_ENTRY_RESULT_CODE, intent);
*/
super.finish();
}

111
app/src/main/java/com/kunzisoft/keepass/totp/TotpGenerator.java Normal file
View File

@@ -0,0 +1,111 @@
/*
* Copyright 2017 Brian Pellin, Jeremy Jamet / Kunzisoft.
*
* This file is part of KeePass DX.
*
* KeePass DX is free software: you can redistribute it and/or modify it under the terms of the GNU
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* KeePass DX is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with KeePass DX. If not,
* see <http://www.gnu.org/licenses/>.
*
* This code is based on andOTP code
* https://github.com/andOTP/andOTP/blob/master/app/src/main/java/org/shadowice/flocke/andotp/
* Utilities/TokenCalculator.java
*/
package com.kunzisoft.keepass.totp;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Optional;
import java.util.regex.Pattern;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import android.net.Uri;
import android.util.Patterns;
public final class TotpGenerator {
private static final char[] STEAM_CHARS =
new char[] {'2', '3', '4', '5', '6', '7', '8', '9', 'B', 'C', 'D', 'F', 'G', 'H', 'J',
'K', 'M', 'N', 'P', 'Q', 'R', 'T', 'V', 'W', 'X', 'Y'};
private static final String ALGORITHM = "HmacSHA1";
private static byte[] generateHash(byte[] key, byte[] data)
throws NoSuchAlgorithmException, InvalidKeyException {
Mac mac = Mac.getInstance(ALGORITHM);
mac.init(new SecretKeySpec(key, ALGORITHM));
return mac.doFinal(data);
}
public static int TOTP_RFC6238(byte[] secret, int period, long time, int digits) {
int fullToken = TOTP(secret, period, time);
int div = (int) Math.pow(10, digits);
return fullToken % div;
}
public static String TOTP_RFC6238(byte[] secret, int period, int digits) {
int token = TOTP_RFC6238(secret, period, System.currentTimeMillis() / 1000, digits);
return String.format("%0" + digits + "d", token);
}
public static String TOTP_Steam(byte[] secret, int period, int digits) {
int fullToken = TOTP(secret, period, System.currentTimeMillis() / 1000);
StringBuilder tokenBuilder = new StringBuilder();
for (int i = 0; i < digits; i++) {
tokenBuilder.append(STEAM_CHARS[fullToken % STEAM_CHARS.length]);
fullToken /= STEAM_CHARS.length;
}
return tokenBuilder.toString();
}
public static String HOTP(byte[] secret, long counter, int digits) {
int fullToken = HOTP(secret, counter);
int div = (int) Math.pow(10, digits);
return String.format("%0" + digits + "d", fullToken % div);
}
private static int TOTP(byte[] key, int period, long time) {
return HOTP(key, time / period);
}
private static int HOTP(byte[] key, long counter) {
int r = 0;
try {
byte[] data = ByteBuffer.allocate(8).putLong(counter).array();
byte[] hash = generateHash(key, data);
int offset = hash[hash.length - 1] & 0xF;
int binary = (hash[offset] & 0x7F) << 0x18;
binary |= (hash[offset + 1] & 0xFF) << 0x10;
binary |= (hash[offset + 2] & 0xFF) << 0x08;
binary |= (hash[offset + 3] & 0xFF);
r = binary;
} catch (Exception e) {
e.printStackTrace();
}
return r;
}
}

221
app/src/main/java/com/kunzisoft/keepass/totp/TotpSettings.java Normal file
View File

@@ -0,0 +1,221 @@
/*
* Copyright 2017 Brian Pellin, Jeremy Jamet / Kunzisoft.
*
* This file is part of KeePass DX.
*
* KeePass DX is free software: you can redistribute it and/or modify it under the terms of the GNU
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* KeePass DX is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with KeePass DX. If not,
* see <http://www.gnu.org/licenses/>.
*
* This code is based on KeePassXC code
* https://github.com/keepassxreboot/keepassxc/blob/master/src/totp/totp.cpp
* https://github.com/keepassxreboot/keepassxc/blob/master/src/core/Entry.cpp
*/
package com.kunzisoft.keepass.totp;
import org.apache.commons.codec.binary.Base32;
import android.net.Uri;
import android.util.Patterns;
import java.util.HashMap;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
import com.kunzisoft.keepass.database.security.ProtectedString;
import com.kunzisoft.keepass.database.PwEntry;
public class TotpSettings {
private enum EntryType {
None, OTP, SeedAndSettings,
}
private enum TokenType {
Default, Steam
}
private static final int DEFAULT_STEP = 30;
private static final int DEFAULT_DIGITS = 6;
private static final int STEAM_DIGITS = 5;
// Logical breakdown of key=value regex. the final string is as follows:
// [^&=\s]+=[^&=\s]+(&[^&=\s]+=[^&=\s]+)*
private static final String validKeyValue = "[^&=\\s]+";
private static final String validKeyValuePair = validKeyValue + "=" + validKeyValue;
private static final String validKeyValueRegex =
validKeyValuePair + "&(" + validKeyValuePair + ")*";
private static final String OTP_FIELD = "otp";
private static final String SEED_FIELD = "TOTP Seed";
private static final String SETTING_FIELD = "TOTP Settings";
private PwEntry entry;
private String seed;
private byte[] secret;
private int step;
private int digits;
private EntryType entryType;
private TokenType tokenType;
public TotpSettings(PwEntry entry) {
this.entry = entry;
if (parseOtp() || parseSeedAndSettings()) {
secret = new Base32().decode(seed.getBytes());
} else {
entryType = EntryType.None;
}
}
public void setSettings(String seed, int digits, int step) {
// TODO: Implement a way to set TOTP from device
}
public boolean isConfigured() {
return entryType != EntryType.None;
}
public String getToken() {
if (entryType == EntryType.None) {
return "";
}
switch (tokenType) {
case Steam:
return TotpGenerator.TOTP_Steam(secret, step, digits);
default:
return TotpGenerator.TOTP_RFC6238(secret, step, digits);
}
}
public int getSecondsRemaining() {
return step - (int) ((System.currentTimeMillis() / 1000) % step);
}
public boolean shouldRefreshToken() {
return getSecondsRemaining() == step;
}
private boolean parseSeedAndSettings() {
String seedField = getField(SEED_FIELD);
String settingsField = getField(SETTING_FIELD);
if (seedField == null || settingsField == null) {
return false;
}
// Regex match, sync with TotpGenerator.shortNameToEncoder
Pattern pattern = Pattern.compile("(\\d+);((?:\\d+)|S)");
Matcher matcher = pattern.matcher(settingsField);
if (!matcher.matches()) {
// malformed
return false;
}
step = toInt(matcher.group(1));
String encodingType = matcher.group(2);
digits = getDigitsForType(encodingType);
seed = seedField;
entryType = EntryType.SeedAndSettings;
return true;
}
private boolean parseOtp() {
String key = getField(OTP_FIELD);
if (key == null) {
return false;
}
Uri url = null;
if (isValidUrl(key)) {
url = Uri.parse(key);
}
boolean useEncoder = false;
if (url != null && url.getScheme().equals("otpauth")) {
// Default OTP url format
seed = url.getQueryParameter("secret");
digits = toInt(url.getQueryParameter("digits"));
step = toInt(url.getQueryParameter("period"));
String encName = url.getQueryParameter("encoder");
digits = getDigitsForType(encName);
} else if (Pattern.matches(validKeyValueRegex, key)) {
// KeeOtp string format
HashMap<String, String> query = breakDownKeyValuePairs(key);
seed = query.get("key");
digits = toInt(query.get("size"));
step = toInt(query.get("step"));
} else {
// Malformed
return false;
}
if (digits == 0) {
digits = DEFAULT_DIGITS;
}
if (step <= 0 || step > 60) {
step = DEFAULT_STEP;
}
entryType = EntryType.OTP;
return true;
}
private String getField(String id) {
ProtectedString field = entry.getFields().getListOfAllFields().get(id);
if (field != null) {
return field.toString();
}
return null;
}
private boolean isValidUrl(String url) {
return Patterns.WEB_URL.matcher(url).matches();
}
private int toInt(String value) {
if (value == null) {
return 0;
}
try {
return Integer.parseInt(value);
} catch (NumberFormatException e) {
return 0;
}
}
private HashMap<String, String> breakDownKeyValuePairs(String pairs) {
String[] elements = pairs.split("&");
HashMap<String, String> output = new HashMap<String, String>();
for (String element : elements) {
String[] pair = element.split("=");
output.put(pair[0], pair[1]);
}
return output;
}
private int getDigitsForType(String encodingType) {
int digitType = toInt(encodingType);
if (digitType != 0) {
tokenType = TokenType.Default;
return digitType;
}
switch (encodingType) {
case "S":
case "steam":
tokenType = TokenType.Steam;
return 5;
default:
tokenType = TokenType.Default;
return DEFAULT_DIGITS;
}
}
}

82
app/src/main/java/com/kunzisoft/keepass/view/EntryContentsView.java
View File

@@ -3,22 +3,21 @@
*
* This file is part of KeePass DX.
*
* KeePass DX is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
* KeePass DX is free software: you can redistribute it and/or modify it under the terms of the GNU
* General Public License as published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* KeePass DX is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* KeePass DX is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
* even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with KeePass DX. If not, see <http://www.gnu.org/licenses/>.
* You should have received a copy of the GNU General Public License along with KeePass DX. If not,
* see <http://www.gnu.org/licenses/>.
*
*/
package com.kunzisoft.keepass.view;
import android.os.Handler;
import android.content.Context;
import android.content.res.TypedArray;
import android.graphics.Color;
@@ -31,16 +30,14 @@ import android.view.ViewGroup;
import android.widget.ImageView;
import android.widget.LinearLayout;
import android.widget.TextView;
import com.kunzisoft.keepass.R;
import com.kunzisoft.keepass.database.security.ProtectedString;
import com.kunzisoft.keepass.totp.*;
import com.kunzisoft.keepass.utils.Util;
import java.text.DateFormat;
import java.util.Date;
public class EntryContentsView extends LinearLayout {
private boolean fontInVisibility;
private int colorAccent;
@@ -52,6 +49,11 @@ public class EntryContentsView extends LinearLayout {
private TextView passwordView;
private ImageView passwordActionView;
private View totpContainerView;
private TextView totpView;
private ImageView totpActionView;
private String totpCurrentToken;
private View urlContainerView;
private TextView urlView;
@@ -89,7 +91,8 @@ public class EntryContentsView extends LinearLayout {
}
private void inflate(Context context) {
LayoutInflater inflater = (LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
LayoutInflater inflater =
(LayoutInflater) context.getSystemService(Context.LAYOUT_INFLATER_SERVICE);
assert inflater != null;
inflater.inflate(R.layout.entry_view_contents, this);
@@ -104,6 +107,10 @@ public class EntryContentsView extends LinearLayout {
urlContainerView = findViewById(R.id.entry_url_container);
urlView = findViewById(R.id.entry_url);
totpContainerView = findViewById(R.id.entry_totp_container);
totpView = findViewById(R.id.entry_totp);
totpActionView = findViewById(R.id.entry_totp_action_image);
commentContainerView = findViewById(R.id.entry_comment_container);
commentView = findViewById(R.id.entry_comment);
@@ -145,7 +152,8 @@ public class EntryContentsView extends LinearLayout {
if (fontInVisibility)
Util.applyFontVisibilityTo(getContext(), passwordView);
if (!allowCopyPassword) {
passwordActionView.setColorFilter(ContextCompat.getColor(getContext(), R.color.grey_dark));
passwordActionView
.setColorFilter(ContextCompat.getColor(getContext(), R.color.grey_dark));
} else {
passwordActionView.setColorFilter(colorAccent);
}
@@ -174,7 +182,7 @@ public class EntryContentsView extends LinearLayout {
}
public void setHiddenPasswordStyle(boolean hiddenStyle) {
if ( !hiddenStyle ) {
if (!hiddenStyle) {
passwordView.setTransformationMethod(null);
} else {
passwordView.setTransformationMethod(PasswordTransformationMethod.getInstance());
@@ -196,6 +204,39 @@ public class EntryContentsView extends LinearLayout {
}
}
public void assignTotp(TotpSettings settings, OnClickListener onClickListener) {
if (settings.isConfigured()) {
totpContainerView.setVisibility(VISIBLE);
String totp = settings.getToken();
if (totp.isEmpty()) {
totpView.setText(getContext().getString(R.string.error_invalid_TOTP));
totpActionView
.setColorFilter(ContextCompat.getColor(getContext(), R.color.grey_dark));
assignTotpCopyListener(null);
} else {
assignTotpCopyListener(onClickListener);
totpCurrentToken = settings.getToken();
final Handler totpHandler = new Handler();
totpHandler.post(new Runnable() {
@Override
public void run() {
if (settings.shouldRefreshToken()) {
totpCurrentToken = settings.getToken();
}
totpView.setText(getContext().getString(R.string.entry_totp_format,
totpCurrentToken, settings.getSecondsRemaining()));
totpHandler.postDelayed(this, 1000);
}
});
}
}
}
public void assignTotpCopyListener(OnClickListener onClickListener) {
totpActionView.setOnClickListener(onClickListener);
}
public void assignComment(String comment) {
if (comment != null && !comment.isEmpty()) {
commentContainerView.setVisibility(VISIBLE);
@@ -207,12 +248,15 @@ public class EntryContentsView extends LinearLayout {
}
}
public void addExtraField(String title, ProtectedString value, boolean showAction, OnClickListener onActionClickListener) {
public void addExtraField(String title, ProtectedString value, boolean showAction,
OnClickListener onActionClickListener) {
EntryCustomField entryCustomField;
if (value.isProtected())
entryCustomField = new EntryCustomFieldProtected(getContext(), null, title, value, showAction, onActionClickListener);
entryCustomField = new EntryCustomFieldProtected(getContext(), null, title, value,
showAction, onActionClickListener);
else
entryCustomField = new EntryCustomField(getContext(), null, title, value, showAction, onActionClickListener);
entryCustomField = new EntryCustomField(getContext(), null, title, value, showAction,
onActionClickListener);
entryCustomField.applyFontVisibility(fontInVisibility);
extrasView.addView(entryCustomField);
}

32
app/src/main/res/layout/entry_view_contents.xml
View File

@@ -115,6 +115,38 @@
style="@style/KeepassDXStyle.TextAppearance.TextEntryItem" />
</LinearLayout>
<!-- TOTP -->
<RelativeLayout
android:id="@+id/entry_totp_container"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:visibility="gone">
<android.support.v7.widget.AppCompatTextView
android:id="@+id/entry_totp_label"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:text="@string/entry_totp"
style="@style/KeepassDXStyle.TextAppearance.LabelTextStyle" />
<android.support.v7.widget.AppCompatTextView
android:id="@+id/entry_totp"
android:layout_width="match_parent"
android:layout_height="wrap_content"
android:layout_below="@+id/entry_totp_label"
android:layout_toLeftOf="@+id/entry_totp_action_image"
android:layout_toStartOf="@+id/entry_totp_action_image"
android:textIsSelectable="true"
style="@style/KeepassDXStyle.TextAppearance.TextEntryItem" />
<android.support.v7.widget.AppCompatImageView
android:id="@+id/entry_totp_action_image"
android:layout_width="wrap_content"
android:layout_height="wrap_content"
android:layout_alignParentEnd="true"
android:layout_alignParentRight="true"
android:layout_below="@+id/entry_totp_label"
android:src="@drawable/ic_content_copy_white_24dp"
android:tint="?attr/colorAccent" />
</RelativeLayout>
<!-- Comment -->
<LinearLayout
android:id="@+id/entry_comment_container"

3
app/src/main/res/values/strings.xml
View File

@@ -64,6 +64,8 @@
<string name="entry_password">Password</string>
<string name="entry_save">Save</string>
<string name="entry_title">Title</string>
<string name="entry_totp">TOTP</string>
<string name="entry_totp_format">%1$ (%2$)</string>
<string name="entry_url">URL</string>
<string name="entry_user_name">Username</string>
<string name="error_arc4">The ARCFOUR stream cipher is not supported.</string>
@@ -75,6 +77,7 @@
<string name="error_file_not_create">Could not create file:</string>
<string name="error_invalid_db">Invalid database or unrecognized master key.</string>
<string name="error_invalid_path">Invalid path.</string>
<string name="error_invalid_TOTP">Invalid TOTP secret.</string>
<string name="error_no_name">A name is required.</string>
<string name="error_nokeyfile">A keyfile is required.</string>
<string name="error_out_of_memory">The phone ran out of memory while parsing your database. It may be too large for your device.</string>