Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Biometrics in new settings #18258

Merged
merged 13 commits into from
Jan 9, 2024
Merged

Biometrics in new settings #18258

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
b12bb6a
feat: added biometrics setting to new-settings
clauxx Dec 20, 2023
f605fb7
fix: fix renaming issues from status-im2
clauxx Dec 20, 2023
9e146d5
ref: addressed @cammellos' review comments
clauxx Dec 20, 2023
4bec538
fix: open password settings in a modal
clauxx Dec 20, 2023
8e016f9
Merge branch 'develop' into feat/biometrics-new-settings
clauxx Dec 21, 2023
a8696f7
ref: addressed review comments
clauxx Dec 21, 2023
530907d
Merge branch 'develop' into feat/biometrics-new-settings
clauxx Dec 21, 2023
c0041bb
fix: disabling biometric clears auth-method from keychain
clauxx Dec 21, 2023
03b5d5d
Merge branch 'develop' into feat/biometrics-new-settings
clauxx Dec 21, 2023
cb61bfd
chore: quo/overlay seqs the childrend so need to add keys
clauxx Dec 21, 2023
131552e
fix: don't pass the password unmasked between events to avoid leaks
clauxx Dec 22, 2023
5dd53e0
Merge branch 'develop' into feat/biometrics-new-settings
clauxx Dec 22, 2023
852e246
Merge branch 'develop' into feat/biometrics-new-settings
clauxx Jan 9, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 5 additions & 6 deletions src/status_im/common/standard_authentication/standard_auth/authorize.cljs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
(ns status-im.common.standard-authentication.standard-auth.authorize
(:require
[native-module.core :as native-module]
[react-native.touch-id :as biometric]
[status-im.common.standard-authentication.enter-password.view :as enter-password]
[taoensso.timbre :as log]
Expand All @@ -18,11 +17,11 @@
auth-button-label theme blur? auth-button-icon-left]}]
(let [handle-auth-success (fn [biometric?]
(fn [entered-password]
(let [sha3-pwd (if biometric?
(str (security/safe-unmask-data entered-password))
(native-module/sha3 (str (security/safe-unmask-data
entered-password))))]
(on-auth-success sha3-pwd))))
(let [sha3-masked-password (if biometric?
entered-password
(security/hash-masked-password
entered-password))]
(on-auth-success sha3-masked-password))))
password-login (fn [{:keys [on-press-biometrics]}]
(rf/dispatch [:show-bottom-sheet
{:on-close on-close
Expand Down
6 changes: 2 additions & 4 deletions src/status_im/contexts/profile/settings/screens/password/view.cljs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,7 @@
[status-im.constants :as constants]
[status-im.contexts.profile.settings.screens.password.style :as style]
[utils.i18n :as i18n]
[utils.re-frame :as rf]
[utils.security.core :as security]))
[utils.re-frame :as rf]))

(defn- on-press-biometric-enable
[button-label theme]
Expand All @@ -24,8 +23,7 @@
:on-auth-success (fn [password]
(rf/dispatch [:hide-bottom-sheet])
(rf/dispatch [:standard-auth/reset-login-password])
(rf/dispatch [:biometric/enable
(security/mask-data password)]))})))
(rf/dispatch [:biometric/enable password]))})))

(defn- get-biometric-item
[theme]
Expand Down
4 changes: 3 additions & 1 deletion src/status_im/contexts/syncing/events.cljs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
[status-im.contexts.syncing.utils :as sync-utils]
[taoensso.timbre :as log]
[utils.re-frame :as rf]
[utils.security.core :as security]
[utils.transforms :as transforms]))

(rf/defn local-pairing-update-role
Expand Down Expand Up @@ -108,7 +109,8 @@
config-map (.stringify js/JSON
(clj->js {:senderConfig {:keyUID key-uid
:keystorePath ""
:password sha3-pwd
:password (security/safe-unmask-data
sha3-pwd)
:deviceType platform/os}
:serverConfig {:timeout 0}}))]
(native-module/get-connection-string-for-bootstrapping-another-device
Expand Down
4 changes: 2 additions & 2 deletions src/status_im/contexts/wallet/create_account/view.cljs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
[utils.i18n :as i18n]
[utils.re-frame :as rf]
[utils.responsiveness :refer [iphone-11-Pro-20-pixel-from-width]]
[utils.security.core :as security]
[utils.string]))

(defn keypair-string
Expand Down Expand Up @@ -119,9 +120,8 @@
:track-text (i18n/label :t/slide-to-create-account)
:customization-color @account-color
:on-auth-success (fn [entered-password]
(prn entered-password)
(rf/dispatch [:wallet/derive-address-and-add-account
{:sha3-pwd entered-password
{:sha3-pwd (security/safe-unmask-data entered-password)
Comment on lines 122 to +124
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@J-Son89 I added the change to mask the pwd inside authorize's on-auth-success to avoid the password hash getting leaked e.g. as it would in line 122 (prn entered-password), as it's still sensitive info.

:emoji @emoji
:color @account-color
:path @derivation-path
Expand Down