aiden
/
Aegis
mirror of https://github.com/beemdevelopment/Aegis
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,225 Commits
4 Branches
71 Tags
32 MiB
master
v2.0.3-release
v1.2.1-release
v1.0.3-release
v3.4
v3.4-beta1
v3.3.4
v3.3.3
v3.3.2
v3.3.1
v3.3
v3.3-beta1
v3.2
v3.1.1
v3.1.1-beta1
v3.1
v3.1-beta1
v3.0.1
v3.0
v3.0-beta1
v2.2.2
v2.2.1
v2.2
v2.2-beta1
v2.1.3
v2.1.2
v2.1.1
v2.1
v2.1-beta2
v2.1-beta1
v2.0.3
v2.0.2
v2.0.1
v2.0
v2.0-beta2
v2.0-beta1
v1.4.2
v1.4.1
v1.4
v1.4-beta2
v1.4-beta1
v1.3
v1.3-beta2
v1.3-beta1
v1.2.1
v1.2
v1.2-beta5
v1.2-beta4
v1.2-beta3
v1.2-beta2
v1.2-beta1
v1.1.4
v1.1.3
v1.1.2
v1.1.1
v1.1
v1.1-beta1
v1.0.3
v0.1
v0.1.1
v0.2
v0.2.1
v0.2.2
v0.3
v0.3.1
v0.3.2
v0.3.3
v0.4
v0.4.1
v0.4.2
v0.4.3
v1.0
v1.0-beta1
v1.0.1
v1.0.2
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'v2.1-beta2'
${ noResults }
Commit Graph

1036 Commits (v2.1-beta2)

Author SHA1 Message Date
Alexander Bakker b2a98d9799 Release v2.1-beta2 3 years ago
Alexander Bakker bee490d091 Check for nulls when opening ContentResolver streams 3 years ago
Michael Schättgen dd88f5bb0c Fix crash when using non latin language 3 years ago
Alexander Bakker 8562fafda7 Release v2.1-beta1 3 years ago
Alexander Bakker 708a5f4a19 Update translations from Crowdin 3 years ago
Alexander Bakker fcc7b7baa2 Use MaterialDividerItemDecoration for compact view mode 
This allows us to disable the divider for the "Showing x entries" footer
 3 years ago
Alexander Bakker 7c0b22920d Fix minor entry margin issues 
Accidentally introduced with the entry pinning feature

This also moves the favorite field to the vault instead of shared
preference in order to avoid some complexity
 3 years ago
Alexander Bakker c27d080a11 Fix call to notifyItemMoved when entry change causes sort change 
This fixes an issue introduced in ffcbaffcfc
 3 years ago
Alexander Bakker 289b8775d3 Update ZXing to 3.5.1 3 years ago
Alexander Bakker c12397a509 Update dependencies 3 years ago
Alexander Bakker 0aef57e610 Add context to favorite strings to indicate that they're verbs 3 years ago
Alexander Bakker 7993142cc5 Show a warning when a separate export/backup password is configured 3 years ago
Michael Schättgen 5ec1e33a31 Add ability to favorite/pin entries 3 years ago
Alexander Bakker c58b773878 Rename some things related to plaintext backup warning 3 years ago
Alexander Bakker 681326839c Fix back navigation in preferences when pressing the home action button 3 years ago
Alexander Bakker 3d124d225e Use VaultLockReceiver in a Context-registered manner 
Turns out we can't listen from ACTION_SCREEN_OFF from a
manifest-registered broadcast receiver
 3 years ago
Alexander Bakker 8292173297 Remove unused code for storage read permission request results 3 years ago
Alexander Bakker 84e179f9d3 Add helper to simplify animation end listeners 3 years ago
Alexander Bakker ad77bd687f Add support for predictive back gesture 3 years ago
Alexander Bakker c6888b11df Add an icon to the backup status in preferences 3 years ago
elena c206d4bee8 Additional code grouping options 3 years ago
Alexander Bakker 7de7fba2c8 Disable R8 obfuscation 3 years ago
Alexander Bakker 8ea28327db Optimize APK size by fixing R8 rules and excluding some BC resources 3 years ago
Alexander Bakker 80c37556c7 Prevent double launches of the intro and auth activities 
Since API level 33: When opening Aegis right after installing it,
Android will send a configuration change event (CONFIG_ASSETS_PATHS),
causing MainActivity to restart almost immediately. This would also
cause two IntroActivity's to be started on top of eachother.
 3 years ago
Alexander Bakker 7517cfc975 Update dependencies 3 years ago
Alexander Bakker 4198ca3bb7 Update Gradle 3 years ago
Alexander Bakker 3927ddec3e Make vault lock intent used in notifications more explicit 
Aegis can display a notification to the user as a reminder that the vault is
unlocked. If the user taps the notification, the vault is locked. CodeQL
reported that Aegis may be vulnerable to CWE-927, because of the use of an
implicit intent wrapped by a PendingIntent in that notification.

This does not appear to be exploitable in our case, because we use
``PendingIntent.getBroadcast`` and explicitly set the action of the wrapped
intent. Aegis also does not read or act on any information from the received
intent. This means that a malicious app cannot launch activities or send a
broadcast with a different action, as is common with these type of weakness. The
worst an app with notification access can do, is lock the vault.

Either way, it's good to make the intent explicit, so this patch addresses that.
Additionally, for API level 23 and up, we've made the wrapped intent immutable a
while back.

We'd like to thank John Rune, who ran a CodeQL scan on the Aegis codebase and
privately disclosed this finding to us.
 3 years ago
Alexander Bakker adc9179364 Always copy VaultFileCredentials when accessing it 
This makes sure that mutations to the credentails can only ever be persisted
intentionally.
 3 years ago
Alexander Bakker 8ae8130b71 Store and display backup error messages more clearly 3 years ago
Alexander Bakker 4427498d5e Rename the instrumented tests to be more consistent 3 years ago
Alexander Bakker aad6d78750 Move the panic trigger setting to the Security fragment 3 years ago
Alexander Bakker ef2e803e04 Make the entry count text a bit smaller 3 years ago
Alexander Bakker c718ea79c5 Update dependencies 3 years ago
Alexander Bakker acc6b9a3de
Merge pull request #973 from orange-elephant/entries-shown-count 
Add entries showing count
 3 years ago
elena 4bf807c46a Add entries showing count 3 years ago
Alexander Bakker e4798703f0 Make the FAB scroll listener a less sensitive 
This should help minimize the glitchiness that can occur when scrolling
through the entry list.

Close #963.
 3 years ago
Alexander Bakker 80624f844c Perform a version check when importing from the Steam app 
Fixes #986.
 3 years ago
Maarten Trompper 78feb25543 Minimize or Close app after copying OTP 
Close #805
 3 years ago
Alexander Bakker 3bc10bd4b8 Disallow importing empty secrets 
Fixes #975

And display "ERROR" for any existing bad entries. This is kind of ugly,
but it's better than crashing, and there are probably very few (or zero)
users who have bad entries anyway.
 3 years ago
Alexander Bakker 66b7fd38d6
Merge pull request #964 from orange-elephant/google-auth-style-export 
Google Authenticator compatible export
 3 years ago
elena bc665b6980 Google Authenticator compatible export 3 years ago
Alexander Bakker 06405d10ad Only request the POST_NOTIFICATIONS permission in tests on API 33 3 years ago
Alexander Bakker 1e3ceefeec Request permission to show notifications 
This is needed since API 33, because we show a "Vault unlocked"
notification if the user has enabled encryption and has unlocked the
vault.
 3 years ago
Alexander Bakker 642864fca1 Mark clipboard data as "sensitive" when copying tokens 3 years ago
Alexander Bakker 3ec6e35011 Update dependencies 
This also updates the test dependencies to an alpha version. We have to
use a pre-stable version, because these include some fixes for running
on API 33.
 3 years ago
Alexander Bakker e19ceb0761
Merge pull request #981 from jas14/monochromatic-icon 
Add monochrome launcher icon
 3 years ago
Joe Stein 012b66fe9b Pin Robolectric target SDKs to 32 3 years ago
Joe Stein 4cd0d2de04 Bump targetSdkVersion to 33 3 years ago
Joe Stein bb3f4d733f Add monochrome adaptive icon for Android 13 3 years ago
Maarten Trompper 05a8c7c51f Fixes #794 3 years ago