Commit graph

351 commits

Author SHA1 Message Date
Chirayu Desai
08abcb63d7 Bump version to 11-2.2
User-facing changes:
* Don't backup on metered networks
* Disable spell-checker on recovery code input
* Disable Nextcloud restore when not installed and no store available
* Ask for system authentication before storing a new recovery code
* Prevent screenshots of recovery code
* Add expert settings with an option for unlimited quota
* Allow launching restore through a dialer code
* Restrict exported components

Others:
* Improve .editorconfig setup
* Move LocalContactsBackup to product partition
* Link FAQ in Readme to make it more discoverable
* Compares kotlin-bip39 library with bitcoinj library
* Provide an overview over key derivations
* document potential information leakage through the long-lived SQL caches
* Add warning for third-party tools to README

Change-Id: I095af13d0ff010c9602bc323267c074ce7d019a2
2021-09-29 19:33:45 +05:30
flawedworld
b2cd3c76a3 Restrict exported components
Change-Id: I30e5f530b6814acd4d3940279de6100f82e68445
2021-09-29 18:57:14 +05:30
Chirayu Desai
38f01765ec Allow launching restore through a dialer code
* We don't show Restore in menu by default since it's
  not the best idea to restore a running system
* However, at the same time, it's good to have a way to do
  that for those who'd like to restore anyway, and the only
  current way is adb, which is not ideal
* Dialing "*#*#RESTORE#*#*" will launch the restore activity

Change-Id: I258fead82f7e916a4de0b314e1840d7aa4b3746c
2021-09-29 18:57:14 +05:30
Torsten Grote
a5a3a85c6c Add expert settings with an option for unlimited quota
Change-Id: Iebaea41ce4e69912f7cb723bd92e94e4396aa657
2021-09-28 22:02:04 +05:30
Torsten Grote
d2a748c34a Prevent screenshots of recovery code
This is may be inconvenient for some people, but it is way more secure as screenshots can be accessed by malicious apps that look our for BIP39 codes. Better to store the code on paper.
2021-09-24 02:55:56 +05:30
Torsten Grote
3b1a4e3881 Use clearer more generic strings 2021-09-24 02:55:56 +05:30
Torsten Grote
6e838978e3 Ask for system authentication before storing a new recovery code
This will help to prevent data extraction via seedvault when somebody gets hold of an unlocked phone. However, it will not help against someone able to force you to provide fingerprints or other device secrets.
2021-09-24 02:55:56 +05:30
Torsten Grote
e0f728205d Split up validating, verifying and storing of recovery code 2021-09-24 02:55:56 +05:30
Michael Bestas
26516d72a2 Disable Nextcloud restore when not installed and no store available
Attempting to install Nextcloud in SetupWizard on a device
that has no app store installed results in a crash.
Disable the option and use an appropriate summary.

Change-Id: Ie3dff8d85ed68b27858fa37b3efb97eb345fa372
2021-09-24 02:53:10 +05:30
Torsten Grote
71f7fd8474 Disable spell-checker on recovery code input
to prevent potential cloud learning or otherwise leaking code
2021-09-24 02:52:06 +05:30
Torsten Grote
d6a95e40ec Compares kotlin-bip39 library with bitcoinj library
to ensure that kotlin-bip39 is not malicious and can be upgraded safely
2021-09-24 00:02:43 +05:30
Torsten Grote
b149195e7a
Merge branch 'master' into code-style 2021-09-08 05:37:02 -03:00
Michael Bestas
532ed5e3f1
Add newline at the end of all files
Change-Id: I85718a4d8254d27e36f1712e4430e82863ba721e
2021-08-25 18:25:00 +03:00
Luca Stefani
bc24c7804d Don't backup on metered networks
* We better not overuse metered networks as such connections
* are usually sensitive to heavy data usage due to monetary costs and/or data limitations.
2021-08-25 14:59:49 +02:00
Chirayu Desai
96ffcc258d Bump version to 11-2.1
* Only change here is the BIP39 dependency replacement, however
  I'm still bumping version so that it's easy to figure out in case
  there ever was a build with just 2.0 and not this due to whatever reason

Change-Id: I9783d5e038d002e871c09be6fe61174c5a5b901f
2021-07-06 00:02:14 +05:30
Torsten Grote
05640ebb63 Replace novacrypt BIP39 library with the zcash one
which is MIT licensed instead of GPLv3

Change-Id: I30041de5ab1c1f8c7d5f57d6c60e28300a285259
2021-07-05 23:50:18 +05:30
Chirayu Desai
fd4c92bd84 SeedVault 2.0: Now with storage backup!
Change-Id: Ifd639c3c9205b417d1ec37c8e7a11a2119b5cb48
2021-07-05 22:35:08 +05:30
Torsten Grote
d13b9ea3fd Always run storage backups in a foreground service
otherwise we get killed for using too much CPU
2021-07-05 20:08:29 +05:30
Torsten Grote
26e35e1820 Make 'skip' buttons bigger so they are easier to tap 2021-07-05 20:08:29 +05:30
Torsten Grote
a4cbb0b6df Only request app backup when it is actually enabled 2021-07-05 20:08:29 +05:30
Torsten Grote
1ff8e54748 Re-initialize backup location when changing recovery code
* delete all storage backups for current user
* clears the storage backup cache
* start a new app data restore set and initializes it

The reason is that old backups won't be readable anymore with the new key. We also can't delete other backups safely as we did before, because we can't be sure that they don't belong to a different device or user.
2021-07-05 20:08:29 +05:30
Torsten Grote
347d2a316f Allow using the same storage location on different devices or user profiles
Previously, we would put our files directly in the root of the storage location and delete any existing backups there. When used by different devices or user profiles, these would keep deleting each other's backups.
2021-07-05 20:08:29 +05:30
Torsten Grote
342bd2068a Clear existing storage snapshots from storage medium
because that scenario isn't supported at the moment
2021-07-05 20:08:29 +05:30
Torsten Grote
e21207de32 Only require network for storage backups when storage needs network 2021-07-05 20:08:29 +05:30
Torsten Grote
b8ac11e724 apply ktlint to storage.lib as well 2021-07-05 20:08:29 +05:30
Torsten Grote
d6bd36ad8b Backup now: run storage backup before app backup 2021-07-05 20:08:29 +05:30
Torsten Grote
9ca6cf2aae Allow to skip app restore to reach file restore 2021-07-05 20:08:29 +05:30
Torsten Grote
bdefb04a0d Add UI for restoring files after app restore 2021-07-05 20:08:29 +05:30
Torsten Grote
fa123f07a0 Improve finding restore sets
now that we store more things in the same folder
2021-07-05 20:08:29 +05:30
Torsten Grote
5b2b75047e handle storage backup when USB is used as target 2021-07-05 20:08:29 +05:30
Torsten Grote
6c633b70c3 Add storage library (and demo app)
and use for periodic files backup
2021-07-05 20:08:29 +05:30
Torsten Grote
1cd3a3a0e6 Fix log message when canceling full backup 2021-07-05 20:08:29 +05:30
Chirayu Desai
5bfc5da3f7 Bump version to 11-1.2
Change-Id: I3817cf2320379504a8205125e7fa4894e3e57deb
2021-07-05 19:38:58 +05:30
Dhina17
7f9c2b4eb1 colors: Sync with Settings theme
Change-Id: I69366b7744a76658607bd48a81e06975c4c6060c
2021-07-05 19:20:08 +05:30
Torsten Grote
11564c8c35 Make recovery code fit on smaller screens 2021-07-05 18:56:01 +05:30
Chirayu Desai
02c7ba28b9 On phones we tap, not click!
Change-Id: Id0f0587b5174810de9e7d8036ca7e1264ea43c76
2021-05-26 23:07:25 +05:30
Michael Bestas
ee61be8361 Fix a couple camel case issues in strings
* This should finally cover all strings
2021-05-26 22:52:19 +05:30
Michael Bestas
d53f0fcde2 Switch all text references to github.com/seedvault-app 2021-04-20 03:59:01 +05:30
Chirayu Desai
d5b32d1410 Bump to 11-1.1
Also bump contactsbackup to keep the version consistent

Change-Id: I334cd6ea92b241f0ab57a68f05f9b15894b3f543
2021-04-16 22:49:43 +05:30
Chirayu Desai
b08b1f55f7 Change signing configuration to use AOSP platform key
* https://stackoverflow.com/a/40145242

Change-Id: I12d09f299f4f0f7d8879a631d4f3298a18409683
2021-03-05 02:37:27 +05:30
Torsten Grote
43dbcdfa79
Merge branch 'master' into main-key 2021-02-17 08:19:54 -03:00
Torsten Grote
68543dcb91
Store main key also when verifying recovery code
in case it wasn't stored before
2021-02-15 12:16:27 -03:00
Torsten Grote
851407037e
Store main key for key derivations from 512-bit BIP39 recovery code
This main key will be used later to derive sub-keys for other crypto operations.
2021-02-15 12:16:27 -03:00
Torsten Grote
2cd2f73241
Use a TestApp for UnitTests so we can use different modules for injection 2021-02-15 12:16:27 -03:00
Torsten Grote
fcd8afe072
Don't crash when storage app gets uninstalled 2021-02-09 15:37:05 -03:00
Torsten Grote
263531fec9 Fix camel case in recovery code strings 2021-01-20 03:44:01 +05:30
Torsten Grote
f758bb3110 Delete all backups (if possible) when user generates a new recovery code 2021-01-20 03:44:01 +05:30
Torsten Grote
ca2a56f023 Allow user to generate new recovery code 2021-01-20 03:44:01 +05:30
Torsten Grote
9dc29e4b0a Allow user to verify existing recovery code 2021-01-20 03:44:01 +05:30
Torsten Grote
b7aedda90c
Add message to AssertionError to track down why it happens 2020-12-18 08:45:18 -03:00