use charsequence and securestring instead of string

This commit is contained in:
Craig Raw 2020-05-19 12:37:16 +02:00
parent 1ed59bb935
commit 969771d377
6 changed files with 36 additions and 13 deletions

2
drongo

@ -1 +1 @@
Subproject commit aa60e6b92e0401a27c3760cc9cb7e726a2caa845
Subproject commit 9f5f5689bbbe85dad51be84d4a5a2e5d31562564

View file

@ -3,6 +3,7 @@ package com.sparrowwallet.sparrow;
import com.google.common.base.Charsets;
import com.google.common.eventbus.Subscribe;
import com.google.common.io.ByteSource;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.Utils;
import com.sparrowwallet.drongo.crypto.*;
import com.sparrowwallet.drongo.policy.PolicyType;
@ -10,7 +11,6 @@ import com.sparrowwallet.drongo.protocol.ScriptType;
import com.sparrowwallet.drongo.protocol.Transaction;
import com.sparrowwallet.drongo.psbt.PSBT;
import com.sparrowwallet.drongo.psbt.PSBTParseException;
import com.sparrowwallet.drongo.wallet.Keystore;
import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.control.*;
import com.sparrowwallet.sparrow.event.*;
@ -235,14 +235,14 @@ public class AppController implements Initializable {
if(file != null) {
try {
Wallet wallet;
String password = null;
CharSequence password = null;
Storage storage = new Storage(file);
FileType fileType = IOUtils.getFileType(file);
if(FileType.JSON.equals(fileType)) {
wallet = storage.loadWallet();
} else if(FileType.BINARY.equals(fileType)) {
WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD);
Optional<String> optionalPassword = dlg.showAndWait();
Optional<SecureString> optionalPassword = dlg.showAndWait();
if(!optionalPassword.isPresent()) {
return;
}

View file

@ -1,6 +1,6 @@
package com.sparrowwallet.sparrow.control;
import com.sparrowwallet.drongo.wallet.Keystore;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.EventManager;
import com.sparrowwallet.sparrow.event.WalletExportEvent;
@ -53,7 +53,7 @@ public class FileWalletExportPane extends TitledDescriptionPane {
if(copy.isEncrypted()) {
WalletPasswordDialog dlg = new WalletPasswordDialog(WalletPasswordDialog.PasswordRequirement.LOAD);
Optional<String> password = dlg.showAndWait();
Optional<SecureString> password = dlg.showAndWait();
if(password.isPresent()) {
copy.decrypt(password.get());
} else {

View file

@ -1,5 +1,6 @@
package com.sparrowwallet.sparrow.control;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.sparrow.AppController;
import javafx.application.Platform;
import javafx.beans.binding.Bindings;
@ -14,7 +15,7 @@ import org.controlsfx.validation.ValidationResult;
import org.controlsfx.validation.ValidationSupport;
import org.controlsfx.validation.decoration.StyleClassValidationDecoration;
public class WalletPasswordDialog extends Dialog<String> {
public class WalletPasswordDialog extends Dialog<SecureString> {
private final ButtonType okButtonType;
private final PasswordRequirement requirement;
private final CustomPasswordField password;
@ -80,7 +81,7 @@ public class WalletPasswordDialog extends Dialog<String> {
password.requestFocus();
passwordConfirm.setPromptText("Password Confirmation");
setResultConverter(dialogButton -> dialogButton == okButtonType ? password.getText() : null);
setResultConverter(dialogButton -> dialogButton == okButtonType ? new SecureString(password.getText()) : null);
}
public enum PasswordRequirement {

View file

@ -8,6 +8,8 @@ import com.sparrowwallet.drongo.wallet.Keystore;
import com.sparrowwallet.drongo.wallet.MnemonicException;
import com.sparrowwallet.drongo.wallet.Wallet;
import com.sparrowwallet.sparrow.control.KeystorePassphraseDialog;
import javafx.concurrent.Service;
import javafx.concurrent.Task;
import java.io.*;
import java.lang.reflect.Type;
@ -71,7 +73,7 @@ public class Storage {
return wallet;
}
public Wallet loadWallet(String password) throws IOException, MnemonicException, StorageException {
public Wallet loadWallet(CharSequence password) throws IOException, MnemonicException, StorageException {
InputStream fileStream = new FileInputStream(walletFile);
ECKey encryptionKey = getEncryptionKey(password, fileStream);
@ -198,11 +200,11 @@ public class Storage {
this.encryptionPubKey = encryptionPubKey;
}
public ECKey getEncryptionKey(String password) throws IOException, StorageException {
public ECKey getEncryptionKey(CharSequence password) throws IOException, StorageException {
return getEncryptionKey(password, null);
}
private ECKey getEncryptionKey(String password, InputStream inputStream) throws IOException, StorageException {
private ECKey getEncryptionKey(CharSequence password, InputStream inputStream) throws IOException, StorageException {
if(password.equals("")) {
return NO_PASSWORD_KEY;
}
@ -312,4 +314,23 @@ public class Storage {
return jsonObject;
}
}
public static class KeyDerivationService extends Service<ECKey> {
private final Storage storage;
private final String password;
public KeyDerivationService(Storage storage, String password) {
this.storage = storage;
this.password = password;
}
@Override
protected Task<ECKey> createTask() {
return new Task<>() {
protected ECKey call() throws IOException, StorageException {
return storage.getEncryptionKey(password);
}
};
}
}
}

View file

@ -1,6 +1,7 @@
package com.sparrowwallet.sparrow.wallet;
import com.google.common.eventbus.Subscribe;
import com.sparrowwallet.drongo.SecureString;
import com.sparrowwallet.drongo.crypto.*;
import com.sparrowwallet.drongo.policy.Policy;
import com.sparrowwallet.drongo.policy.PolicyType;
@ -266,9 +267,9 @@ public class SettingsController extends WalletFormController implements Initiali
}
WalletPasswordDialog dlg = new WalletPasswordDialog(requirement);
Optional<String> password = dlg.showAndWait();
Optional<SecureString> password = dlg.showAndWait();
if(password.isPresent()) {
if(password.get().isEmpty()) {
if(password.get().length() == 0) {
return Optional.of(Storage.NO_PASSWORD_KEY);
}