use charsequence and securestring instead of string

This commit is contained in:
Craig Raw 2020-05-19 12:37:16 +02:00
parent 1ed59bb935
commit 969771d377
6 changed files with 36 additions and 13 deletions

2
drongo

@ -1 +1 @@
Subproject commit aa60e6b92e0401a27c3760cc9cb7e726a2caa845 Subproject commit 9f5f5689bbbe85dad51be84d4a5a2e5d31562564

View file

@ -3,6 +3,7 @@ package com.sparrowwallet.sparrow;
import com.google.common.base.Charsets; import com.google.common.base.Charsets;
import com.google.common.eventbus.Subscribe; import com.google.common.eventbus.Subscribe;
import com.google.common.io.ByteSource; import com.google.common.io.ByteSource;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.Utils; import com.sparrowwallet.drongo.Utils;
import com.sparrowwallet.drongo.crypto.*; import com.sparrowwallet.drongo.crypto.*;
import com.sparrowwallet.drongo.policy.PolicyType; import com.sparrowwallet.drongo.policy.PolicyType;
@ -10,7 +11,6 @@ import com.sparrowwallet.drongo.protocol.ScriptType;
import com.sparrowwallet.drongo.protocol.Transaction; import com.sparrowwallet.drongo.protocol.Transaction;
import com.sparrowwallet.drongo.psbt.PSBT; import com.sparrowwallet.drongo.psbt.PSBT;
import com.sparrowwallet.drongo.psbt.PSBTParseException; import com.sparrowwallet.drongo.psbt.PSBTParseException;
import com.sparrowwallet.drongo.wallet.Keystore;
import com.sparrowwallet.drongo.wallet.Wallet; import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.control.*; import com.sparrowwallet.sparrow.control.*;
import com.sparrowwallet.sparrow.event.*; import com.sparrowwallet.sparrow.event.*;
@ -235,14 +235,14 @@ public class AppController implements Initializable {
if(file != null) { if(file != null) {
try { try {
Wallet wallet; Wallet wallet;
String password = null; CharSequence password = null;
Storage storage = new Storage(file); Storage storage = new Storage(file);
FileType fileType = IOUtils.getFileType(file); FileType fileType = IOUtils.getFileType(file);
if(FileType.JSON.equals(fileType)) { if(FileType.JSON.equals(fileType)) {
wallet = storage.loadWallet(); wallet = storage.loadWallet();
} else if(FileType.BINARY.equals(fileType)) { } else if(FileType.BINARY.equals(fileType)) {
WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD); WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD);
Optional<String> optionalPassword = dlg.showAndWait(); Optional<SecureString> optionalPassword = dlg.showAndWait();
if(!optionalPassword.isPresent()) { if(!optionalPassword.isPresent()) {
return; return;
} }

View file

@ -1,6 +1,6 @@
package com.sparrowwallet.sparrow.control; package com.sparrowwallet.sparrow.control;
import com.sparrowwallet.drongo.wallet.Keystore; import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.wallet.Wallet; import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.EventManager; import com.sparrowwallet.sparrow.EventManager;
import com.sparrowwallet.sparrow.event.WalletExportEvent; import com.sparrowwallet.sparrow.event.WalletExportEvent;
@ -53,7 +53,7 @@ public class FileWalletExportPane extends TitledDescriptionPane {
if(copy.isEncrypted()) { if(copy.isEncrypted()) {
WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD); WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD);
Optional<String> password = dlg.showAndWait(); Optional<SecureString> password = dlg.showAndWait();
if(password.isPresent()) { if(password.isPresent()) {
copy.decrypt(password.get()); copy.decrypt(password.get());
} else { } else {

View file

@ -1,5 +1,6 @@
package com.sparrowwallet.sparrow.control; package com.sparrowwallet.sparrow.control;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.sparrow.AppController; import com.sparrowwallet.sparrow.AppController;
import javafx.application.Platform; import javafx.application.Platform;
import javafx.beans.binding.Bindings; import javafx.beans.binding.Bindings;
@ -14,7 +15,7 @@ import org.controlsfx.validation.ValidationResult;
import org.controlsfx.validation.ValidationSupport; import org.controlsfx.validation.ValidationSupport;
import org.controlsfx.validation.decoration.StyleClassValidationDecoration; import org.controlsfx.validation.decoration.StyleClassValidationDecoration;
public class WalletPasswordDialog extends Dialog<String> { public class WalletPasswordDialog extends Dialog<SecureString> {
private final ButtonType okButtonType; private final ButtonType okButtonType;
private final PasswordRequirement requirement; private final PasswordRequirement requirement;
private final CustomPasswordField password; private final CustomPasswordField password;
@ -80,7 +81,7 @@ public class WalletPasswordDialog extends Dialog<String> {
password.requestFocus(); password.requestFocus();
passwordConfirm.setPromptText("Password Confirmation"); passwordConfirm.setPromptText("Password Confirmation");
setResultConverter(dialogButton -> dialogButton == okButtonType ? password.getText() : null); setResultConverter(dialogButton -> dialogButton == okButtonType ? new SecureString(password.getText()) : null);
} }
public enum PasswordRequirement { public enum PasswordRequirement {

View file

@ -8,6 +8,8 @@ import com.sparrowwallet.drongo.wallet.Keystore;
import com.sparrowwallet.drongo.wallet.MnemonicException; import com.sparrowwallet.drongo.wallet.MnemonicException;
import com.sparrowwallet.drongo.wallet.Wallet; import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.control.KeystorePassphraseDialog; import com.sparrowwallet.sparrow.control.KeystorePassphraseDialog;
import javafx.concurrent.Service;
import javafx.concurrent.Task;
import java.io.*; import java.io.*;
import java.lang.reflect.Type; import java.lang.reflect.Type;
@ -71,7 +73,7 @@ public class Storage {
return wallet; return wallet;
} }
public Wallet loadWallet(String password) throws IOException, MnemonicException, StorageException { public Wallet loadWallet(CharSequence password) throws IOException, MnemonicException, StorageException {
InputStream fileStream = new FileInputStream(walletFile); InputStream fileStream = new FileInputStream(walletFile);
ECKey encryptionKey = getEncryptionKey(password, fileStream); ECKey encryptionKey = getEncryptionKey(password, fileStream);
@ -198,11 +200,11 @@ public class Storage {
this.encryptionPubKey = encryptionPubKey; this.encryptionPubKey = encryptionPubKey;
} }
public ECKey getEncryptionKey(String password) throws IOException, StorageException { public ECKey getEncryptionKey(CharSequence password) throws IOException, StorageException {
return getEncryptionKey(password, null); return getEncryptionKey(password, null);
} }
private ECKey getEncryptionKey(String password, InputStream inputStream) throws IOException, StorageException { private ECKey getEncryptionKey(CharSequence password, InputStream inputStream) throws IOException, StorageException {
if(password.equals("")) { if(password.equals("")) {
return NO_PASSWORD_KEY; return NO_PASSWORD_KEY;
} }
@ -312,4 +314,23 @@ public class Storage {
return jsonObject; return jsonObject;
} }
} }
public static class KeyDerivationService extends Service<ECKey> {
private final Storage storage;
private final String password;
public KeyDerivationService(Storage storage, String password) {
this.storage = storage;
this.password = password;
}
@Override
protected Task<ECKey> createTask() {
return new Task<>() {
protected ECKey call() throws IOException, StorageException {
return storage.getEncryptionKey(password);
}
};
}
}
} }

View file

@ -1,6 +1,7 @@
package com.sparrowwallet.sparrow.wallet; package com.sparrowwallet.sparrow.wallet;
import com.google.common.eventbus.Subscribe; import com.google.common.eventbus.Subscribe;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.crypto.*; import com.sparrowwallet.drongo.crypto.*;
import com.sparrowwallet.drongo.policy.Policy; import com.sparrowwallet.drongo.policy.Policy;
import com.sparrowwallet.drongo.policy.PolicyType; import com.sparrowwallet.drongo.policy.PolicyType;
@ -266,9 +267,9 @@ public class SettingsController extends WalletFormController implements Initiali
} }
WalletPasswordDialog dlg = new WalletPasswordDialog(requirement); WalletPasswordDialog dlg = new WalletPasswordDialog(requirement);
Optional<String> password = dlg.showAndWait(); Optional<SecureString> password = dlg.showAndWait();
if(password.isPresent()) { if(password.isPresent()) {
if(password.get().isEmpty()) { if(password.get().length() == 0) {
return Optional.of(Storage.NO_PASSWORD_KEY); return Optional.of(Storage.NO_PASSWORD_KEY);
} }