Fix crash after screenlock changed

e.g. after (un)enroll fingerprints

Author: sorz

app/src/main/java/org/sorz/lab/tinykeepass/BaseActivity.java

@@ -12,9 +12,9 @@
 
 import org.sorz.lab.tinykeepass.auth.FingerprintDialogFragment;
 import org.sorz.lab.tinykeepass.auth.SecureStringStorage;
-import org.sorz.lab.tinykeepass.keepass.KeePassStorage;
 import org.sorz.lab.tinykeepass.keepass.OpenKeePassTask;
 
+import java.security.KeyException;
 import java.util.List;
 import java.util.function.Consumer;
 
@@ -28,7 +28,8 @@
 public abstract class BaseActivity extends AppCompatActivity
         implements FingerprintDialogFragment.OnFragmentInteractionListener {
     private final static String TAG = MainActivity.class.getName();
-    private final static int REQUEST_CONFIRM_DEVICE_CREDENTIAL = 0;
+    private final static int REQUEST_CONFIRM_DEVICE_CREDENTIAL = 100;
+    private final static int REQUEST_SETUP_DATABASE = 101;
 
     private SharedPreferences preferences;
     private KeyguardManager keyguardManager;
@@ -57,6 +58,12 @@ protected void onActivityResult(int requestCode, int resultCode, Intent data) {
                 else
                     onKeyAuthFailed.accept(getString(R.string.fail_to_auth));
                 break;
+            case REQUEST_SETUP_DATABASE:
+                if (resultCode == RESULT_OK)
+                    getKey();
+                else
+                    onKeyAuthFailed.accept(getString(R.string.fail_to_decrypt));
+                break;
             default:
                 super.onActivityResult(requestCode, resultCode, data);
         }
@@ -79,6 +86,13 @@ protected void getDatabaseKeys(Consumer<List<String>> onKeyRetrieved,
         getKey();
     }
 
+    @Override
+    public void onKeyException(KeyException e) {
+        // Key is invalided, have to reconfigure passwords.
+        Intent intent = new Intent(this, DatabaseSetupActivity.class);
+        startActivityForResult(intent, REQUEST_SETUP_DATABASE);
+    }
+
     private void getKey() {
         int authMethod = preferences.getInt("key-auth-method", 0);
         switch (authMethod) {
@@ -93,6 +107,8 @@ private void getKey() {
                             getString(R.string.auth_key_title),
                             getString(R.string.auth_key_description));
                     startActivityForResult(intent, REQUEST_CONFIRM_DEVICE_CREDENTIAL);
+                } catch (KeyException e) {
+                    onKeyException(e);
                 } catch (SecureStringStorage.SystemException e) {
                     throw new RuntimeException(e);
                 }

app/src/main/java/org/sorz/lab/tinykeepass/DatabaseSetupActivity.java

@@ -24,6 +24,7 @@
 import org.sorz.lab.tinykeepass.auth.SecureStringStorage;
 
 import java.lang.ref.WeakReference;
+import java.security.KeyException;
 import java.util.ArrayList;
 import java.util.List;
 
@@ -247,16 +248,14 @@ private void saveKeys(Cipher cipher) {
             strings.add(editMasterPassword.getText().toString());
             strings.add(editAuthPassword.getText().toString());
             secureStringStorage.put(cipher, strings);
-        } catch (SecureStringStorage.SystemException e) {
-            throw new RuntimeException("cannot get save keys", e);
         } catch (UserNotAuthenticatedException e) {
-            Log.e(TAG, "cannot get cipher from system", e);
-            cancelSubmit();
-            return;
+                Log.e(TAG, "cannot get cipher from system", e);
+                cancelSubmit();
+                return;
+        } catch (SecureStringStorage.SystemException | KeyException e) {
+            throw new RuntimeException("cannot get save keys", e);
         }
-        Intent intent = new Intent(this, MainActivity.class);
-        intent.addFlags(Intent.FLAG_ACTIVITY_REORDER_TO_FRONT);
-        startActivity(new Intent(this, MainActivity.class));
+        setResult(RESULT_OK);
         finish();
     }
 
@@ -297,6 +296,13 @@ public void onFingerprintSuccess(Cipher cipher) {
         saveKeys(cipher);
     }
 
+    @Override
+    public void onKeyException(KeyException e) {
+        // The key are new added here (by calling `secureStringStorage.generateNewKey()`),
+        // so no KeyException happen here.
+        throw new IllegalStateException(e);
+    }
+
 
     private static class FetchTask extends FetchDatabaseTask {
         private final WeakReference<DatabaseSetupActivity> activity;

app/src/main/java/org/sorz/lab/tinykeepass/MainActivity.java

@@ -13,6 +13,7 @@
 
 public class MainActivity extends BaseActivity {
     private final static String TAG = MainActivity.class.getName();
+    private final static int REQUEST_SETUP_DATABASE = 1;
 
     @Override
     protected void onCreate(Bundle savedInstanceState) {
@@ -25,7 +26,6 @@ protected void onCreate(Bundle savedInstanceState) {
 
             if (!hasDatabaseConfigured(this)) {
                 doConfigureDatabase();
-                finish();
             } else {
                 doUnlockDatabase();
             }
@@ -51,6 +51,19 @@ public void onDestroy() {
             KeePassStorage.set(this, null);
     }
 
+    @Override
+    public void onActivityResult(int requestCode, int resultCode, Intent data) {
+        switch (requestCode) {
+            case REQUEST_SETUP_DATABASE:
+                if (resultCode == RESULT_OK)
+                    doUnlockDatabase();
+                break;
+            default:
+                super.onActivityResult(requestCode, resultCode, data);
+                break;
+        }
+    }
+
     public void doUnlockDatabase() {
         if (KeePassStorage.get(this) != null) {
             showEntryList();
@@ -70,7 +83,8 @@ public void doLockDatabase() {
 
     public void doConfigureDatabase() {
         KeePassStorage.set(this, null);
-        startActivity(new Intent(this, DatabaseSetupActivity.class));
+        Intent intent = new Intent(this, DatabaseSetupActivity.class);
+        startActivityForResult(intent, REQUEST_SETUP_DATABASE);
     }
 
     public void doSyncDatabase() {

app/src/main/java/org/sorz/lab/tinykeepass/auth/FingerprintDialogFragment.java

@@ -10,6 +10,8 @@
 
 import org.sorz.lab.tinykeepass.R;
 
+import java.security.KeyException;
+
 import javax.crypto.Cipher;
 
 
@@ -83,7 +85,13 @@ public void onDetach() {
     @Override
     public void onResume() {
         super.onResume();
-        fingerprintUiHelper.start(getArguments().getInt(ARGS_CIPHER_MODE));
+        try {
+            fingerprintUiHelper.start(getArguments().getInt(ARGS_CIPHER_MODE));
+        } catch (KeyException e) {
+            if (listener != null)
+                listener.onKeyException(e);
+            dismiss();
+        }
     }
 
     @Override
@@ -103,5 +111,6 @@ public void onCancel(DialogInterface dialog) {
     public interface OnFragmentInteractionListener {
         void onFingerprintCancel();
         void onFingerprintSuccess(Cipher cipher);
+        void onKeyException(KeyException e);
     }
 }

app/src/main/java/org/sorz/lab/tinykeepass/auth/FingerprintUiHelper.java

@@ -10,6 +10,7 @@
 
 import org.sorz.lab.tinykeepass.R;
 
+import java.security.KeyException;
 import java.util.function.Consumer;
 
 import javax.crypto.Cipher;
@@ -46,7 +47,7 @@ public FingerprintUiHelper(Context context, View view, Consumer<Cipher> finishHa
                     "and textFingerprintStatus");
     }
 
-    public void start(int cipherMode) {
+    public void start(int cipherMode) throws KeyException {
         Cipher cipher;
         try {
             SecureStringStorage storage = new SecureStringStorage(context);
@@ -60,7 +61,7 @@ public void start(int cipherMode) {
                 default:
                     throw new UnsupportedOperationException("not support such cipher mode");
             }
-        } catch (UserNotAuthenticatedException | SecureStringStorage.SystemException e) {
+        } catch (SecureStringStorage.SystemException e) {
             throw new RuntimeException("cannot get cipher", e);
         }
         FingerprintManager.CryptoObject cryptoObject = new FingerprintManager.CryptoObject(cipher);

app/src/main/java/org/sorz/lab/tinykeepass/auth/SecureStringStorage.java

@@ -17,7 +17,7 @@
 import java.io.IOException;
 import java.io.UTFDataFormatException;
 import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
+import java.security.KeyException;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
@@ -80,8 +80,7 @@ public void generateNewKey(boolean auth, int authSecs) throws SystemException {
         keyGenerator.generateKey();
     }
 
-    private Cipher getCipher(int mode, byte[] iv) throws SystemException,
-            UserNotAuthenticatedException {
+    private Cipher getCipher(int mode, byte[] iv) throws SystemException, KeyException {
         try {
             SecretKey key = (SecretKey) keyStore.getKey(KEY_ALIAS, null);
             Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
@@ -92,21 +91,19 @@ private Cipher getCipher(int mode, byte[] iv) throws SystemException,
                 cipher.init(mode, key);
             }
             return cipher;
-        } catch (UserNotAuthenticatedException e) {
+        } catch (KeyException e) {
             throw e;
         } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException
-                | NoSuchPaddingException | InvalidAlgorithmParameterException
-                | InvalidKeyException e) {
+                | NoSuchPaddingException | InvalidAlgorithmParameterException e) {
             throw new SystemException(e);
         }
     }
 
-    public Cipher getEncryptCipher() throws UserNotAuthenticatedException, SystemException {
+    public Cipher getEncryptCipher() throws KeyException, SystemException {
         return getCipher(Cipher.ENCRYPT_MODE, null);
     }
 
-    public Cipher getDecryptCipher()
-            throws UserNotAuthenticatedException, SystemException {
+    public Cipher getDecryptCipher() throws KeyException, SystemException {
         String iv = preferences.getString(PREF_IV_NAME, null);
         if (iv == null)
             return null;

app/src/main/java/org/sorz/lab/tinykeepass/autofill/AuthActivity.java

@@ -14,6 +14,7 @@
 import org.sorz.lab.tinykeepass.search.SearchIndex;
 import org.sorz.lab.tinykeepass.keepass.KeePassStorage;
 
+import java.security.KeyException;
 import java.util.Objects;
 import java.util.stream.Stream;