mirrors/cryptomator
1
0
Fork 0
mirror of https://github.com/cryptomator/cryptomator.git synced 2026-05-19 19:21:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Cut off the application from accessing keychains at the earliest point possible

Browse Source 
as suggested in the discussion to #2445
This commit is contained in:
Ralph Plawetzki
2022-09-20 19:24:06 +02:00
parent 78cf082096
commit 2e3d2e86e2
3 changed files with 6 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/org/cryptomator/common/keychain/KeychainManager.java
View File

@@ -3,7 +3,6 @@ package org.cryptomator.common.keychain;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import org.cryptomator.common.settings.Settings;
import org.cryptomator.integrations.keychain.KeychainAccessException;
import org.cryptomator.integrations.keychain.KeychainAccessProvider;
@@ -21,12 +20,10 @@ public class KeychainManager implements KeychainAccessProvider {
private final ObjectExpression<KeychainAccessProvider> keychain;
private final LoadingCache<String, BooleanProperty> passphraseStoredProperties;
private final Settings settings;
@Inject
KeychainManager(ObjectExpression<KeychainAccessProvider> selectedKeychain, Settings settings) {
KeychainManager(ObjectExpression<KeychainAccessProvider> selectedKeychain) {
this.keychain = selectedKeychain;
this.settings = settings;
this.passphraseStoredProperties = CacheBuilder.newBuilder() //
.weakValues() //
.build(CacheLoader.from(this::createStoredPassphraseProperty));
@@ -74,9 +71,7 @@ public class KeychainManager implements KeychainAccessProvider {
}
@Override
public boolean isSupported() {
return keychain.getValue() != null && settings.useKeychain().get();
}
public boolean isSupported() { return keychain.getValue() != null; }
@Override
public boolean isLocked() {
@@ -93,8 +88,6 @@ public class KeychainManager implements KeychainAccessProvider {
* @throws KeychainAccessException
*/
public boolean isPassphraseStored(String key) throws KeychainAccessException {
// check if keyrings are disabled; in this case we don't need to ask the backend
if ( !settings.useKeychain().get() ) return false;
char[] storedPw = null;
try {
storedPw = getKeychainOrFail().loadPassphrase(key);

3
src/main/java/org/cryptomator/common/keychain/KeychainModule.java
View File

@@ -23,11 +23,12 @@ public class KeychainModule {
@Singleton
static ObjectExpression<KeychainAccessProvider> provideKeychainAccessProvider(Settings settings, List<KeychainAccessProvider> providers) {
return Bindings.createObjectBinding(() -> {
if ( !settings.useKeychain().get() ) return null;
var selectedProviderClass = settings.keychainProvider().get();
var selectedProvider = providers.stream().filter(provider -> provider.getClass().getName().equals(selectedProviderClass)).findAny();
var fallbackProvider = providers.stream().findFirst().orElse(null);
return selectedProvider.orElse(fallbackProvider);
}, settings.keychainProvider());
}, settings.keychainProvider(), settings.useKeychain());
}
}