Skip to content

Commit

Permalink
Add password input delay to slow down brute force attacks
Browse files Browse the repository at this point in the history
  • Loading branch information
@beansgum
beansgum committed May 5, 2021
1 parent 6464628 commit ae0720b
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 3 deletions.
18 changes: 16 additions & 2 deletions app/src/main/java/com/dcrandroid/dialog/PasswordPromptDialog.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,17 +16,18 @@ import com.dcrandroid.R
import kotlinx.android.synthetic.main.password_prompt_sheet.*
import kotlinx.coroutines.Dispatchers
import kotlinx.coroutines.GlobalScope
import kotlinx.coroutines.delay
import kotlinx.coroutines.launch

class PasswordPromptDialog(@StringRes val dialogTitle: Int, val isSpending: Boolean,
val passEntered: (dialog: FullScreenBottomSheetDialog, passphrase: String?) -> Boolean) : FullScreenBottomSheetDialog() {

var confirmed = false
var passwordTrials = 0
override fun onCreateView(inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?): View? {
return inflater.inflate(R.layout.password_prompt_sheet, container, false)
}

var confirmed = false

override fun onActivityCreated(savedInstanceState: Bundle?) {
super.onActivityCreated(savedInstanceState)

Expand Down Expand Up @@ -71,7 +72,20 @@ class PasswordPromptDialog(@StringRes val dialogTitle: Int, val isSpending: Bool

override fun showError() {
GlobalScope.launch(Dispatchers.Main) {
passwordTrials++
password_input.setError(getString(R.string.invalid_password))
password_input.isEnabled = false
btn_confirm.isEnabled = false

var delayTime = 2000L
if (passwordTrials % 2 == 0) {
delayTime = 5000L
}

delay(delayTime)

password_input?.isEnabled = true
btn_confirm?.isEnabled = true
}
}

Expand Down
9 changes: 8 additions & 1 deletion app/src/main/java/com/dcrandroid/dialog/PinPromptDialog.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,8 @@ class PinPromptDialog(@StringRes val dialogTitle: Int, val isSpendingPass: Boole
var hint = R.string.enter_spending_pin
private lateinit var pinViewUtil: PinViewUtil

private var pinTrials = 0

override fun onCreateView(inflater: LayoutInflater, container: ViewGroup?, savedInstanceState: Bundle?): View? {
return inflater.inflate(R.layout.pin_prompt_sheet, container, false)
}
Expand Down Expand Up @@ -64,14 +66,19 @@ class PinPromptDialog(@StringRes val dialogTitle: Int, val isSpendingPass: Boole

override fun showError() {
GlobalScope.launch(Dispatchers.Main) {
pinTrials++
var delayTime = 2000L
if (pinTrials % 2 == 0) {
delayTime = 5000
}
pinViewUtil.pinView.rejectInput = true
pinViewUtil.showError(R.string.invalid_pin)
btn_cancel.isEnabled = false
btn_confirm.isEnabled = false
btn_confirm.show()
progress_bar.hide()

delay(2000)
delay(delayTime)
withContext(Dispatchers.Main) {
pinViewUtil.reset()
pinViewUtil.showHint(hint)
Expand Down

0 comments on commit ae0720b

Please sign in to comment.