bitwarden/mobile
1
0
Fork 0
mirror of https://github.com/bitwarden/mobile synced 2025-12-22 19:23:58 +00:00
Code Issues Releases Wiki Activity

Fix for missing biometric integrity check in iOS extensions under certain conditions (#1162)

Browse Source 
* Fix for biometric check in extension on fresh install

* make sure bio integrity values are written to pref storage

* integrity state migration to pref storage

* remove automatic state saving upon null validation
This commit is contained in:
Matt Portune
2020-12-01 15:30:23 -05:00
committed by GitHub
parent e27370cf32
commit ffd8f9951f
8 changed files with 64 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/iOS.Core/Controllers/LockPasswordViewController.cs
View File

@@ -59,6 +59,8 @@ namespace Bit.iOS.Core.Controllers
_pinLock = (_pinSet.Item1 && _vaultTimeoutService.PinProtectedKey != null) || _pinSet.Item2;
_biometricLock = _vaultTimeoutService.IsBiometricLockSetAsync().GetAwaiter().GetResult() &&
_cryptoService.HasKeyAsync().GetAwaiter().GetResult();
_biometricIntegrityValid = _biometricService.ValidateIntegrityAsync(BiometricIntegrityKey).GetAwaiter()
.GetResult();
BaseNavItem.Title = _pinLock ? AppResources.VerifyPIN : AppResources.VerifyMasterPassword;
BaseCancelButton.Title = AppResources.Cancel;
@@ -88,8 +90,6 @@ namespace Bit.iOS.Core.Controllers
if (_biometricLock)
{
_biometricIntegrityValid = _biometricService.ValidateIntegrityAsync(BiometricIntegrityKey).GetAwaiter()
.GetResult();
if (!_biometricIntegrityValid)
{
return;
@@ -293,7 +293,7 @@ namespace Bit.iOS.Core.Controllers
cell.TextLabel.Font = ThemeHelpers.GetDangerFont();
cell.TextLabel.Lines = 0;
cell.TextLabel.LineBreakMode = UILineBreakMode.WordWrap;
cell.TextLabel.Text = AppResources.BiometricInvalidated;
cell.TextLabel.Text = AppResources.BiometricInvalidatedExtension;
}
return cell;
}

57
src/iOS.Core/Services/BiometricService.cs
View File

@@ -18,7 +18,7 @@ namespace Bit.iOS.Core.Services
{
if (bioIntegrityKey == null)
{
bioIntegrityKey = "biometricState";
bioIntegrityKey = Bit.Core.Constants.BiometricIntegrityKey;
}
var state = GetState();
if (state != null)
@@ -31,28 +31,27 @@ namespace Bit.iOS.Core.Services
public async Task<bool> ValidateIntegrityAsync(string bioIntegrityKey = null)
{
var state = GetState();
if (state == null)
{
// Fallback for devices unable to retrieve state
return true;
}
if (bioIntegrityKey == null)
{
bioIntegrityKey = "biometricState";
bioIntegrityKey = Bit.Core.Constants.BiometricIntegrityKey;
}
var oldState = await _storageService.GetAsync<string>(bioIntegrityKey);
if (oldState == null)
{
// Fallback for upgraded devices
await SetupBiometricAsync(bioIntegrityKey);
return true;
oldState = await GetMigratedIntegrityState(bioIntegrityKey);
}
else
if (oldState != null)
{
var state = GetState();
if (state != null)
{
return FromBase64(oldState).Equals(state);
}
return true;
return FromBase64(oldState).Equals(state);
}
return false;
}
private NSData GetState()
@@ -73,5 +72,35 @@ namespace Bit.iOS.Core.Services
var bytes = System.Convert.FromBase64String(data);
return NSData.FromArray(bytes);
}
private async Task<string> GetMigratedIntegrityState(string bioIntegrityKey)
{
var legacyKey = "biometricState";
if (bioIntegrityKey == Bit.Core.Constants.iOSAutoFillBiometricIntegrityKey)
{
legacyKey = "autofillBiometricState";
}
else if (bioIntegrityKey == Bit.Core.Constants.iOSExtensionBiometricIntegrityKey)
{
legacyKey = "extensionBiometricState";
}
// Original values are pulled from DB since the legacy keys were never defined in _preferenceStorageKeys
var integrityState = await _storageService.GetAsync<string>(legacyKey);
if (integrityState != null)
{
// Save original value to pref storage with new key
await _storageService.SaveAsync(bioIntegrityKey, integrityState);
// Remove value from DB storage with legacy key
await _storageService.RemoveAsync(legacyKey);
// Return value as if it was always in pref storage
return integrityState;
}
// Return null since the state was never set
return null;
}
}
}