status-im
/
status-mobile
mirror of https://github.com/status-im/status-mobile.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

prevent logging of re-frame events parameters 

mask password received from keychain
This commit is contained in:
Roman Volosovskyi 2018-10-20 17:29:11 +02:00
parent ae3029c2d9
commit 7264ae2a14
No known key found for this signature in database
GPG Key ID: 0238A4B5ECEE70DE
9 changed files with 28 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/status_im/accounts/db.cljs
View File

@ -5,7 +5,8 @@
status-im.ui.screens.extensions.db status-im.ui.screens.extensions.db
[clojure.string :as string] [clojure.string :as string]
[cljs.spec.alpha :as spec] [cljs.spec.alpha :as spec]
[status-im.constants :as const]) [status-im.constants :as const]
[status-im.utils.security :as security])
(:require-macros [status-im.utils.db :refer [allowed-keys]])) (:require-macros [status-im.utils.db :refer [allowed-keys]]))
(defn logged-in? [cofx] (defn logged-in? [cofx]
@ -19,7 +20,7 @@
(>= (count password) const/min-password-length)) (>= (count password) const/min-password-length))
(defn account-creation-next-enabled? [{:keys [step password password-confirm name]}] (defn account-creation-next-enabled? [{:keys [step password password-confirm name]}]
(or (and password (= :enter-password step) (spec/valid? ::password password)) (or (and password (= :enter-password step) (spec/valid? ::password (security/safe-unmask-data password)))
(and password-confirm (= :confirm-password step) (spec/valid? ::password password-confirm)) (and password-confirm (= :confirm-password step) (spec/valid? ::password password-confirm))
(and name (= :enter-name step) (not (string/blank? name))))) (and name (= :enter-name step) (not (string/blank? name)))))

7
src/status_im/accounts/login/core.cljs
View File

@ -8,7 +8,8 @@
[status-im.utils.fx :as fx] [status-im.utils.fx :as fx]
[status-im.utils.keychain.core :as keychain] [status-im.utils.keychain.core :as keychain]
[status-im.utils.types :as types] [status-im.utils.types :as types]
[taoensso.timbre :as log])) [taoensso.timbre :as log]
[status-im.utils.security :as security]))
;; login flow: ;; login flow:
;; ;;
@ -84,7 +85,7 @@
(re-frame/reg-fx (re-frame/reg-fx
:accounts.login/login :accounts.login/login
(fn [[address password save-password?]] (fn [[address password save-password?]]
(login! address password save-password?))) (login! address (security/safe-unmask-data password) save-password?)))
(re-frame/reg-fx (re-frame/reg-fx
:accounts.login/clear-web-data :accounts.login/clear-web-data
@ -93,4 +94,4 @@
(re-frame/reg-fx (re-frame/reg-fx
:data-store/change-account :data-store/change-account
(fn [[address password]] (fn [[address password]]
(change-account! address password))) (change-account! address (security/safe-unmask-data password))))

6
src/status_im/accounts/recover/core.cljs
View File

@ -26,7 +26,7 @@
(defn recover-account! [masked-passphrase password] (defn recover-account! [masked-passphrase password]
(status/recover-account (status/recover-account
(mnemonic/sanitize-passphrase (security/unmask masked-passphrase)) (mnemonic/sanitize-passphrase (security/safe-unmask-data masked-passphrase))
password password
(fn [result] (fn [result]
;; here we deserialize result, dissoc mnemonic and serialize the result again ;; here we deserialize result, dissoc mnemonic and serialize the result again
@ -39,7 +39,7 @@
(fx/defn set-phrase (fx/defn set-phrase
[{:keys [db]} masked-recovery-phrase] [{:keys [db]} masked-recovery-phrase]
(let [recovery-phrase (security/unmask masked-recovery-phrase)] (let [recovery-phrase (security/safe-unmask-data masked-recovery-phrase)]
{:db (update db :accounts/recover assoc {:db (update db :accounts/recover assoc
:passphrase (string/lower-case recovery-phrase) :passphrase (string/lower-case recovery-phrase)
:passphrase-valid? (not (check-phrase-errors recovery-phrase)))})) :passphrase-valid? (not (check-phrase-errors recovery-phrase)))}))
@ -53,7 +53,7 @@
(fx/defn set-password (fx/defn set-password
[{:keys [db]} masked-password] [{:keys [db]} masked-password]
(let [password (security/unmask masked-password)] (let [password (security/safe-unmask-data masked-password)]
{:db (update db :accounts/recover assoc {:db (update db :accounts/recover assoc
:password password :password password
:password-valid? (not (check-password-errors password)))})) :password-valid? (not (check-password-errors password)))}))

8
src/status_im/ui/screens/accounts/login/views.cljs
View File

@ -17,7 +17,8 @@
[re-frame.core :as re-frame] [re-frame.core :as re-frame]
[cljs.spec.alpha :as spec] [cljs.spec.alpha :as spec]
[status-im.utils.platform :as platform] [status-im.utils.platform :as platform]
[status-im.accounts.db :as db])) [status-im.accounts.db :as db]
[status-im.utils.security :as security]))
(defn login-toolbar [can-navigate-back?] (defn login-toolbar [can-navigate-back?]
[toolbar/toolbar [toolbar/toolbar
@ -71,7 +72,8 @@
:auto-focus true :auto-focus true
:on-submit-editing #(login-account @password-text-input) :on-submit-editing #(login-account @password-text-input)
:on-change-text #(do :on-change-text #(do
(re-frame/dispatch [:set-in [:accounts/login :password] %]) (re-frame/dispatch [:set-in [:accounts/login :password]
(security/mask-data %)])
(re-frame/dispatch [:set-in [:accounts/login :error] ""])) (re-frame/dispatch [:set-in [:accounts/login :error] ""]))
:secure-text-entry true :secure-text-entry true
:error (when (not-empty error) (i18n/label (error-key error)))}]] :error (when (not-empty error) (i18n/label (error-key error)))}]]
@ -98,5 +100,5 @@
[components.common/bottom-button [components.common/bottom-button
{:forward? true {:forward? true
:label (i18n/label :t/sign-in) :label (i18n/label :t/sign-in)
:disabled? (not (spec/valid? ::db/password password)) :disabled? (not (spec/valid? ::db/password (security/safe-unmask-data password)))
:on-press #(login-account @password-text-input)}]])])) :on-press #(login-account @password-text-input)}]])]))

4
src/status_im/ui/screens/wallet/send/events.cljs
View File

@ -24,7 +24,7 @@
(defn- send-ethers [params on-completed masked-password] (defn- send-ethers [params on-completed masked-password]
(status/send-transaction (types/clj->json params) (status/send-transaction (types/clj->json params)
(security/unmask masked-password) (security/safe-unmask-data masked-password)
on-completed)) on-completed))
(defn- send-tokens [symbol chain {:keys [from to value gas gasPrice]} on-completed masked-password] (defn- send-tokens [symbol chain {:keys [from to value gas gasPrice]} on-completed masked-password]
@ -75,7 +75,7 @@
(let [{:keys [data from password]} (get-in db [:wallet :send-transaction])] (let [{:keys [data from password]} (get-in db [:wallet :send-transaction])]
{:db (assoc-in db [:wallet :send-transaction :in-progress?] true) {:db (assoc-in db [:wallet :send-transaction :in-progress?] true)
::sign-message {:params {:data data ::sign-message {:params {:data data
:password (security/unmask password) :password (security/safe-unmask-data password)
:account from} :account from}
:on-completed #(re-frame/dispatch [::transaction-completed (types/json->clj %)])}}))) :on-completed #(re-frame/dispatch [::transaction-completed (types/json->clj %)])}})))

2
src/status_im/utils/ethereum/erc20.cljs
View File

@ -50,7 +50,7 @@
{:from from {:from from
:gas gas :gas gas
:gasPrice gas-price})) :gasPrice gas-price}))
(security/unmask masked-password) (security/safe-unmask-data masked-password)
on-completed)) on-completed))
(defn transfer-from [web3 contract from-address to-address value cb] (defn transfer-from [web3 contract from-address to-address value cb]

4
src/status_im/utils/handlers.cljs
View File

@ -21,9 +21,7 @@
(defn- pretty-print-event [ctx] (defn- pretty-print-event [ctx]
(let [[first second] (get-coeffect ctx :event)] (let [[first second] (get-coeffect ctx :event)]
(if (or (string? second) (keyword? second) (boolean? second)) first))
(str first " " second)
first)))
(def debug-handlers-names (def debug-handlers-names
"Interceptor which logs debug information to js/console for each event." "Interceptor which logs debug information to js/console for each event."

8
src/status_im/utils/keychain/core.cljs
View File

@ -2,8 +2,8 @@
(:require [re-frame.core :as re-frame] (:require [re-frame.core :as re-frame]
[taoensso.timbre :as log] [taoensso.timbre :as log]
[status-im.react-native.js-dependencies :as rn] [status-im.react-native.js-dependencies :as rn]
[status-im.utils.handlers :as handlers] [status-im.utils.platform :as platform]
[status-im.utils.platform :as platform])) [status-im.utils.security :as security]))
(def key-bytes 64) (def key-bytes 64)
(def username "status-im.encryptionkey") (def username "status-im.encryptionkey")
@ -55,7 +55,7 @@
(defn handle-callback [callback result] (defn handle-callback [callback result]
(if result (if result
(callback (.-password result)) (callback (security/mask-data (.-password result)))
(callback nil))) (callback nil)))
;; Gets the password for a specified address from the Keychain ;; Gets the password for a specified address from the Keychain
@ -161,7 +161,7 @@
(fn [[address password]] (fn [[address password]]
(save-user-password (save-user-password
address address
password (security/safe-unmask-data password)
#(when-not % #(when-not %
(log/error (log/error
(str "Error while saving password." (str "Error while saving password."

5
src/status_im/utils/security.cljs
View File

@ -17,3 +17,8 @@
;; Returns a MaskedData instance that stores the piece of data. ;; Returns a MaskedData instance that stores the piece of data.
(defn mask-data [data] (defn mask-data [data]
(MaskedData. data)) (MaskedData. data))
(defn safe-unmask-data [data]
(if (instance? MaskedData data)
(unmask data)
data))