Skip to content

Commit

Permalink
Merge pull request #224 from Nitrokey/comment
Browse files Browse the repository at this point in the history
check length of comment before saving
  • Loading branch information
jj-so authored Apr 11, 2024
2 parents 162a413 + fac9f3d commit efaf067
Showing 1 changed file with 92 additions and 21 deletions.
113 changes: 92 additions & 21 deletions nitrokeyapp/secrets_tab/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -178,8 +178,11 @@ def __init__(self, parent: Optional[QWidget] = None) -> None:
self.ui.btn_edit.pressed.connect(self.prepare_edit_credential)

self.ui.name.textChanged.connect(self.check_credential)
self.ui.username.textChanged.connect(self.check_credential)
self.ui.password.textChanged.connect(self.check_credential)
self.ui.otp.textChanged.connect(self.check_credential)
self.ui.select_algorithm.currentIndexChanged.connect(self.check_credential)
self.ui.comment.textChanged.connect(self.check_credential)

self.ui.btn_refresh.pressed.connect(self.refresh_credential_list)
self.ui.is_protected.stateChanged.connect(self.refresh_credential_list)
Expand Down Expand Up @@ -288,6 +291,7 @@ def credentials_listed(self, credentials: list[Credential]) -> None:
def otp_generated(self, data: OtpData) -> None:
self.ui.otp.setText(data.otp)
self.data_otp = data.otp
self.common_ui.info.info.emit("Secret is generated")

if data.validity:
start, end = data.validity
Expand Down Expand Up @@ -363,29 +367,30 @@ def show_credential(self, credential: Credential) -> None:

self.ui.name.hide()
self.ui.name_label.show()
self.ui.name.setText(credential.name)
self.ui.name_label.setText(credential.name)

if credential.login:
self.ui.username.setText(credential.login.decode(errors="replace"))
self.action_username_copy.setEnabled(True)
else:
self.ui.username.setText("")
self.ui.username.clear()
self.action_username_copy.setEnabled(False)

if credential.password:
self.ui.password.setText(credential.password.decode(errors="replace"))
self.action_password_copy.setEnabled(True)
self.action_password_show.setEnabled(True)
else:
self.ui.password.setText("")
self.ui.password.clear()
self.action_password_copy.setEnabled(False)
self.action_password_show.setEnabled(False)

if credential.comment:
self.ui.comment.setText(credential.comment.decode(errors="replace"))
self.action_comment_copy.setEnabled(True)
else:
self.ui.comment.setText("")
self.ui.comment.clear()
self.action_comment_copy.setEnabled(False)

self.ui.name.setReadOnly(True)
Expand Down Expand Up @@ -458,17 +463,17 @@ def edit_credential(self, credential: Credential) -> None:
if credential.login:
self.ui.username.setText(credential.login.decode(errors="replace"))
else:
self.ui.username.setText("")
self.ui.username.clear()

if credential.password:
self.ui.password.setText(credential.password.decode(errors="replace"))
else:
self.ui.password.setText("")
self.ui.password.clear()

if credential.comment:
self.ui.comment.setText(credential.comment.decode(errors="replace"))
else:
self.ui.comment.setText("")
self.ui.comment.clear()
self.ui.name.setReadOnly(False)
self.ui.username.setReadOnly(False)
self.ui.password.setReadOnly(False)
Expand All @@ -484,6 +489,7 @@ def edit_credential(self, credential: Credential) -> None:

self.ui.algorithm_tab.show()
self.ui.algorithm_tab.setCurrentIndex(0)
self.ui.select_algorithm.setMaxCount(3)
self.ui.algorithm_show.hide()
self.ui.algorithm_edit.show()
self.ui.select_algorithm.show()
Expand Down Expand Up @@ -513,7 +519,7 @@ def edit_credential(self, credential: Credential) -> None:

# no otp there, just offer it as in add
else:
self.ui.otp.setText("")
self.ui.otp.clear()
self.ui.otp.setReadOnly(False)
self.ui.otp.setPlaceholderText("<empty>")
self.ui.select_algorithm.setCurrentText(str(credential.otp))
Expand All @@ -532,10 +538,9 @@ def act_enable_otp_edit(self) -> None:
self.active_credential.new_secret = True

self.ui.otp.setReadOnly(False)
self.ui.select_algorithm.setMaxCount(3)
self.ui.select_algorithm.setEnabled(True)
self.ui.otp.setPlaceholderText("<empty>")
self.ui.otp.setText("")
self.ui.otp.clear()

self.check_credential()

Expand All @@ -558,12 +563,13 @@ def add_new_credential(self) -> None:

self.ui.name.show()
self.ui.name_label.hide()
self.ui.name.setText("")
self.ui.name.clear()

self.ui.otp.setText("")
self.ui.username.setText("")
self.ui.password.setText("")
self.ui.comment.setText("")
self.ui.otp.clear()
self.ui.otp.setPlaceholderText("<empty>")
self.ui.username.clear()
self.ui.password.clear()
self.ui.comment.clear()

self.ui.name.setReadOnly(False)
self.ui.otp.setReadOnly(False)
Expand Down Expand Up @@ -602,29 +608,85 @@ def add_new_credential(self) -> None:

@Slot()
def check_credential(self) -> None:
self.common_ui.info.info.emit("")

tool_Tip = "Credeantial cannot be saved:"
can_save = True
check_secret = self.ui.otp.text()

otp_secret = self.ui.otp.text()
name_len = len(str.encode(self.ui.name.text()))
username_len = len(str.encode(self.ui.username.text()))
password_len = len(str.encode(self.ui.password.text()))
comment_len = len(str.encode(self.ui.comment.text()))

algo = self.ui.select_algorithm.currentText()

if len(self.ui.name.text()) < 3:
can_save = False
if len(self.ui.name.text()) == 0:
self.common_ui.info.info.emit("Enter a Credential Name")
tool_Tip = tool_Tip + "\n- Enter a Credential Name"
if len(self.ui.name.text()) >= 1 and len(self.ui.name.text()) < 3:
self.common_ui.info.info.emit("Credential Name is too short")
tool_Tip = tool_Tip + "\n- Credential Name is too short"
if name_len >= 128:
can_save = False
self.common_ui.info.info.emit("Credential Name is too long")
tool_Tip = tool_Tip + "\n- Credential Name is too long"

if username_len >= 128:
can_save = False
self.common_ui.info.info.emit("Username is too long")
tool_Tip = tool_Tip + "\n- Username is too long"

if password_len >= 128:
can_save = False
self.common_ui.info.info.emit("Password is too long")
tool_Tip = tool_Tip + "\n- Password is too long"

if comment_len >= 128:
can_save = False
self.common_ui.info.info.emit("Comment is too long")
tool_Tip = tool_Tip + "\n- Comment is too long"

if self.ui.select_algorithm.isEnabled():
if algo == "None":
self.ui.otp.setReadOnly(True)
self.ui.otp.setPlaceholderText("<Select Algotithm>")
else:
self.ui.otp.setReadOnly(False)
self.ui.otp.setPlaceholderText("<empty>")

if algo == "HMAC":
self.show_hmac_view()
if len(otp_secret) != 32:
if len(check_secret) != 32:
can_save = False
self.common_ui.info.info.emit(
"The HMAC-Secret is not 32 chars long"
)
tool_Tip = tool_Tip + "\n- The HMAC-Secret is not 32 chars long"
else:
self.hide_hmac_view()

if algo != "None" and not is_base32(otp_secret):
if algo != "None" and len(check_secret) != len(check_secret.encode()):
can_save = False

if algo != "None" and len(otp_secret) < 1:
self.common_ui.info.info.emit("Invalid character in Secret")
tool_Tip = tool_Tip + "\n- Invalid character in Secret"
elif not is_base32(check_secret) and len(check_secret) > 1:
can_save = False
self.common_ui.info.info.emit("Secret is not in Base32")
tool_Tip = tool_Tip + "\n- Secret is not in Base32"

if len(self.ui.name.text()) < 3:
can_save = False
if algo != "None" and len(check_secret) < 1:
can_save = False
self.common_ui.info.info.emit("Enter a Secret")
tool_Tip = tool_Tip + "\n- Enter a Secret"

self.ui.btn_save.setEnabled(can_save)
if can_save:
tool_Tip = "Credential Save"

self.ui.btn_save.setToolTip(tool_Tip)

def act_copy_line_edit(self, obj: QLineEdit) -> None:
self.clipboard.setText(obj.text())
Expand Down Expand Up @@ -693,6 +755,15 @@ def show_hmac_view(self) -> None:

def hide_hmac_view(self) -> None:

if self.active_credential is None and self.ui.name_label.text() == "HmacSlot2":
self.ui.name_label.clear()
self.ui.name_label.hide()
self.ui.name.clear()
self.ui.name.show()
self.ui.otp.clear()

self.action_hmac_gen.setVisible(False)

self.ui.username_label.show()
self.ui.username.show()

Expand Down

0 comments on commit efaf067

Please sign in to comment.