Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PM-4695] Implement unlock with user key and update examples to use biometrics #330

Merged
merged 8 commits into from
Nov 23, 2023
Merged

[PM-4695] Implement unlock with user key and update examples to use biometrics #330

merged 8 commits into from
Nov 23, 2023

Conversation

dani-garcia
Copy link
Member

@dani-garcia dani-garcia commented Nov 14, 2023
edited
Loading 

- [ ] Bug fix
- [x] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Enable the SDK to export the decrypted user key and expose a way to initialize the SDK with it. The Android and iOS examples have been revamped to allow choosing how to unlock the client.

Some small notes:

  • The iOS example is directly storing the user key in a biometric protected keychain, while that doesn't seem possible in Android. Instead, we generate a key in the secure keystore and use it to encrypt/decrypt the user key.
  • The iOS example biometrics don't seem to work on the simulator and require a real device for testing.

This depends on the refactor done on #329

@dani-garcia dani-garcia marked this pull request as ready for review November 15, 2023 16:57
@dani-garcia dani-garcia requested a review from Hinton November 15, 2023 16:57
@dani-garcia dani-garcia mentioned this pull request Nov 15, 2023
Merged
Base automatically changed from ps/split-init-crypto to master November 20, 2023 10:03
@dani-garcia dani-garcia force-pushed the ps/PM-4695-biometric-unlock branch from 3541554 to bef2db4 Compare November 20, 2023 14:40
@bitwarden-bot
Copy link

bitwarden-bot commented Nov 20, 2023
edited
Loading

Logo
Checkmarx One – Scan Summary & Details596c2166-5695-4a58-b36a-0d5ba8fc4843

New Issues

Severity Issue Source File / Package Checkmarx Insight
HIGH Reflected_XSS /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 294 Attack Vector
MEDIUM Unchecked_Input_for_Loop_Condition /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 294 Attack Vector

Fixed Issues

Severity Issue Source File / Package
HIGH Reflected_XSS /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 115
MEDIUM Unchecked_Input_for_Loop_Condition /languages/kotlin/app/src/main/java/com/bitwarden/myapplication/MainActivity.kt: 115

Hinton
Hinton reviewed Nov 23, 2023
View reviewed changes
Copy link
Member

@Hinton Hinton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, a few minor comments.

crates/bitwarden/src/client/client.rs Outdated Show resolved Hide resolved
crates/bitwarden/src/client/encryption_settings.rs Outdated Show resolved Hide resolved
languages/kotlin/app/src/main/java/com/bitwarden/myapplication/Biometrics.kt Show resolved Hide resolved
@dani-garcia dani-garcia merged commit 24f0dfd into master Nov 23, 2023
44 checks passed
@dani-garcia dani-garcia deleted the ps/PM-4695-biometric-unlock branch November 23, 2023 11:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Hinton Hinton Hinton approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dani-garcia @bitwarden-bot @Hinton