Add wallet app locker

Co-Authored-By: Jenova7 <[email protected]>

Author: ComputerCraftr

src/Makefile.qt.include

@@ -15,6 +15,7 @@ include Makefile.qt_locale.include
 
 QT_FORMS_UI = \
   qt/forms/addressbookpage.ui \
+  qt/forms/applocker.ui \
   qt/forms/askpassphrasedialog.ui \
   qt/forms/coincontroldialog.ui \
   qt/forms/createwalletdialog.ui \
@@ -37,6 +38,7 @@ QT_FORMS_UI = \
 QT_MOC_CPP = \
   qt/moc_addressbookpage.cpp \
   qt/moc_addresstablemodel.cpp \
+  qt/moc_applocker.cpp \
   qt/moc_askpassphrasedialog.cpp \
   qt/moc_createwalletdialog.cpp \
   qt/moc_bantablemodel.cpp \
@@ -106,6 +108,7 @@ QT_QRC_LOCALE = qt/xep_locale.qrc
 BITCOIN_QT_H = \
   qt/addressbookpage.h \
   qt/addresstablemodel.h \
+  qt/applocker.h \
   qt/askpassphrasedialog.h \
   qt/bantablemodel.h \
   qt/xepaddressvalidator.h \
@@ -242,6 +245,7 @@ BITCOIN_QT_WINDOWS_CPP = qt/winshutdownmonitor.cpp
 BITCOIN_QT_WALLET_CPP = \
   qt/addressbookpage.cpp \
   qt/addresstablemodel.cpp \
+  qt/applocker.cpp \
   qt/askpassphrasedialog.cpp \
   qt/coincontroldialog.cpp \
   qt/coincontroltreewidget.cpp \

src/qt/applocker.cpp

@@ -0,0 +1,144 @@
+// Copyright (c) 2021 The XEP Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#include <qt/applocker.h>
+#include <qt/forms/ui_applocker.h>
+
+#include <crypto/pbkdf2_hmac.h>
+
+AppLocker::AppLocker(QWidget *parent) :
+    QWidget(parent),
+    ui(new Ui::AppLocker)
+{
+    ui->setupUi(this);
+    this->setWindowTitle(tr("Wallet locker"));
+    this->setWindowModality(Qt::ApplicationModal);
+    QRegExpValidator *validatorReg = new QRegExpValidator(QRegExp("[1-9]\\d{5,9}"), this);
+
+    // Lock view (index 1)
+    ui->stackedWidget->setCurrentIndex(1);
+    ui->headLabel->setText(tr("Set a PIN to lock your wallet:") + "<br>");
+    ui->messageLabel->setText("<br>- " + tr("Your PIN must be at least 6 digits long.") +
+                              "<br>- " + tr("The PIN is only valid for this session."));
+    ui->buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Lock"));
+    ui->buttonBox->button(QDialogButtonBox::Ok)->setDefault(true);
+    ui->buttonBox->button(QDialogButtonBox::Cancel)->setAutoDefault(true);
+    ui->pinLineEdit->setValidator(validatorReg);
+    ui->pinLineEdit->setEchoMode(QLineEdit::Password);
+    ui->confirmLineEdit->setValidator(validatorReg);
+    ui->confirmLineEdit->setEchoMode(QLineEdit::Password);
+
+    // Unlock view
+    ui->lockLabel->setText(tr("Your wallet is locked.") + "<br>");
+    ui->unlocklabel->setText(tr("PIN"));
+    ui->unlockLineEdit->setValidator(validatorReg);
+    ui->unlockLineEdit->setEchoMode(QLineEdit::Password);
+
+    connect(ui->unlockLineEdit, &QLineEdit::textChanged, [this] {
+        if (ui->unlockLineEdit->text().size() >= 6) {
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(true);
+        } else if (ui->stackedWidget->currentIndex() == 0) {
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false);
+        }
+    });
+    connect(ui->pinLineEdit, &QLineEdit::returnPressed, ui->buttonBox, &QDialogButtonBox::accepted);
+    connect(ui->confirmLineEdit, &QLineEdit::returnPressed, ui->buttonBox, &QDialogButtonBox::accepted);
+    connect(ui->unlockLineEdit, &QLineEdit::returnPressed, ui->buttonBox, &QDialogButtonBox::accepted);
+    connect(ui->buttonBox, &QDialogButtonBox::accepted, this, &AppLocker::setLock);
+    connect(ui->buttonBox, &QDialogButtonBox::rejected, this, &AppLocker::close);
+}
+
+AppLocker::~AppLocker()
+{
+    delete ui;
+}
+
+void AppLocker::setLock()
+{
+    switch (ui->stackedWidget->currentIndex()) {
+    case 0:
+        if (pbkdf2_hmac_sha256_time_check(reinterpret_cast<const unsigned char*>(ui->unlockLineEdit->text().toUtf8().constData()), ui->unlockLineEdit->text().size(), reinterpret_cast<const unsigned char*>(salt.constData()), salt.size(), 3, pinHash)) {
+            walletLocked = false;
+            secureClearPinFields();
+            ui->stackedWidget->setCurrentIndex(1);
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Lock"));
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(true);
+            ui->buttonBox->button(QDialogButtonBox::Cancel)->setEnabled(true);
+            ui->buttonBox->button(QDialogButtonBox::Cancel)->setVisible(true);
+            ui->pinLineEdit->setFocus();
+            Q_EMIT lockingApp(false);
+        } else {
+            QMessageBox::warning(this, tr("Error"), tr("The entered PIN is incorrect."), QMessageBox::Ok);
+        }
+        break;
+    case 1:
+        if (ui->pinLineEdit->text().isEmpty() || ui->confirmLineEdit->text().isEmpty()) {
+            QMessageBox::information(this, tr("Error"), tr("Please enter and confirm your PIN."), QMessageBox::Ok);
+        } else if (ui->pinLineEdit->text().size() < 6 || ui->confirmLineEdit->text().size() < 6) {
+            QMessageBox::information(this, tr("Error"), tr("Your PIN must be at least 6 digits long."), QMessageBox::Ok);
+        } else if (ui->pinLineEdit->text() != ui->confirmLineEdit->text()) {
+            QMessageBox::warning(this, tr("Error"), tr("The entered PINs don't match, please try again."), QMessageBox::Ok);
+        } else {
+            walletLocked = true;
+            salt = QString::number(QDateTime::currentMSecsSinceEpoch()).toUtf8();
+            // pinHash = QPasswordDigestor::deriveKeyPbkdf2(QCryptographicHash::Sha256, ui->pinLineEdit->text().toUtf8(), salt, 10000, quint64(32));
+            pbkdf2_hmac_sha256_time(reinterpret_cast<const unsigned char*>(ui->pinLineEdit->text().toUtf8().constData()), ui->pinLineEdit->text().size(), reinterpret_cast<const unsigned char*>(salt.constData()), salt.size(), 1, pinHash);
+            secureClearPinFields();
+            ui->stackedWidget->setCurrentIndex(0); // move to unlock view
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setText(tr("Unlock"));
+            ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(false);
+            ui->buttonBox->button(QDialogButtonBox::Cancel)->setEnabled(false);
+            ui->buttonBox->button(QDialogButtonBox::Cancel)->setVisible(false);
+            ui->unlockLineEdit->setFocus();
+            Q_EMIT lockingApp(true);
+        }
+        break;
+    }
+}
+
+void AppLocker::showLocker()
+{
+    this->move(QGuiApplication::primaryScreen()->geometry().center() - this->rect().center());
+    if (ui->stackedWidget->currentIndex() == 1) {
+        ui->pinLineEdit->setFocus();
+    }
+    this->show();
+    this->setFixedSize(this->size());
+}
+
+void AppLocker::closeEvent(QCloseEvent *event)
+{
+    if (walletLocked) {
+        int ret = -1;
+        if (!forceClose) {
+            ret = QMessageBox::warning(this, tr("Warning"), tr("The wallet application will exit, would you like to continue?"), QMessageBox::Ok | QMessageBox::Cancel, QMessageBox::Cancel);
+            if (ret == QMessageBox::Cancel) {
+                event->ignore();
+            }
+        }
+        if (forceClose || ret == QMessageBox::Ok) {
+            // Clear memory being used by app locker
+            secureClearPinFields();
+            Q_EMIT quitAppFromWalletLocker();
+            event->accept();
+        }
+    } else if (ui->stackedWidget->currentIndex() == 1) {
+        // Clear memory being used by app locker
+        secureClearPinFields();
+        event->accept();
+    } else {
+        event->ignore();
+    }
+}
+
+void AppLocker::secureClearPinFields()
+{
+    // Overwrite text so that it does not remain in memory
+    ui->unlockLineEdit->setText(QString(" ").repeated(ui->unlockLineEdit->text().size()));
+    ui->pinLineEdit->setText(QString(" ").repeated(ui->pinLineEdit->text().size()));
+    ui->confirmLineEdit->setText(QString(" ").repeated(ui->confirmLineEdit->text().size()));
+    ui->unlockLineEdit->clear();
+    ui->pinLineEdit->clear();
+    ui->confirmLineEdit->clear();
+}

src/qt/applocker.h

@@ -0,0 +1,55 @@
+// Copyright (c) 2021 The XEP Core developers
+// Distributed under the MIT software license, see the accompanying
+// file COPYING or http://www.opensource.org/licenses/mit-license.php.
+
+#ifndef APPLOCKER_H
+#define APPLOCKER_H
+
+#include <QCloseEvent>
+#include <QDateTime>
+#include <QDesktopWidget>
+#include <QMessageBox>
+//#include <QPasswordDigestor>
+#include <QPushButton>
+#include <QRegExpValidator>
+#include <QScreen>
+#include <QWidget>
+
+QT_BEGIN_NAMESPACE
+namespace Ui {
+    class AppLocker;
+}
+QT_END_NAMESPACE
+
+class AppLocker : public QWidget
+{
+    Q_OBJECT
+
+public:
+    AppLocker(QWidget *parent);
+    bool isWalletLocked() { return walletLocked; }
+    void forceShutdown() { forceClose = true; }
+    ~AppLocker();
+
+private:
+    Ui::AppLocker *ui;
+    unsigned char pinHash[32]; // A SHA256 hash requires 32 bytes to store
+    QByteArray salt;
+
+    bool walletLocked = false;
+    bool forceClose = false;
+    void setLock();
+    void secureClearPinFields();
+
+Q_SIGNALS:
+    void lockingApp(bool);
+    void quitAppFromWalletLocker();
+
+public Q_SLOTS:
+    void showLocker();
+
+protected:
+    void closeEvent(QCloseEvent *event) override;
+};
+
+#endif // APPLOCKER_H

src/qt/forms/applocker.ui

@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>AppLocker</class>
+ <widget class="QWidget" name="AppLocker">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>338</width>
+    <height>156</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>LockView</string>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <item>
+    <widget class="QStackedWidget" name="stackedWidget">
+     <property name="currentIndex">
+      <number>0</number>
+     </property>
+     <widget class="QWidget" name="unlockStack">
+      <layout class="QVBoxLayout" name="verticalLayout_3">
+       <item>
+        <widget class="QLabel" name="lockLabel">
+         <property name="text">
+          <string>TextLabel</string>
+         </property>
+         <property name="alignment">
+          <set>Qt::AlignCenter</set>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <layout class="QHBoxLayout" name="horizontalLayout">
+         <item>
+          <spacer name="horizontalSpacer">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+         <item>
+          <widget class="QLabel" name="unlocklabel">
+           <property name="text">
+            <string>TextLabel</string>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QLineEdit" name="unlockLineEdit">
+           <property name="minimumSize">
+            <size>
+             <width>0</width>
+             <height>0</height>
+            </size>
+           </property>
+           <property name="maximumSize">
+            <size>
+             <width>100</width>
+             <height>16777215</height>
+            </size>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <spacer name="horizontalSpacer_2">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+        </layout>
+       </item>
+      </layout>
+     </widget>
+     <widget class="QWidget" name="lockStack">
+      <layout class="QVBoxLayout" name="verticalLayout_2">
+       <item>
+        <widget class="QLabel" name="headLabel">
+         <property name="text">
+          <string>TextLabel</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <layout class="QFormLayout" name="formLayout">
+         <item row="0" column="0">
+          <widget class="QLabel" name="passwordLabel">
+           <property name="text">
+            <string>Enter PIN</string>
+           </property>
+          </widget>
+         </item>
+         <item row="0" column="1">
+          <widget class="QLineEdit" name="pinLineEdit">
+           <property name="font">
+            <font>
+             <underline>false</underline>
+             <kerning>true</kerning>
+            </font>
+           </property>
+          </widget>
+         </item>
+         <item row="1" column="0">
+          <widget class="QLabel" name="confirmPasswordLabel">
+           <property name="text">
+            <string>Confirm PIN</string>
+           </property>
+          </widget>
+         </item>
+         <item row="1" column="1">
+          <widget class="QLineEdit" name="confirmLineEdit"/>
+         </item>
+        </layout>
+       </item>
+       <item>
+        <widget class="QLabel" name="messageLabel">
+         <property name="font">
+          <font>
+           <weight>50</weight>
+           <italic>false</italic>
+           <bold>false</bold>
+           <underline>false</underline>
+          </font>
+         </property>
+         <property name="text">
+          <string/>
+         </property>
+        </widget>
+       </item>
+      </layout>
+     </widget>
+    </widget>
+   </item>
+   <item>
+    <widget class="QDialogButtonBox" name="buttonBox">
+     <property name="standardButtons">
+      <set>QDialogButtonBox::Cancel|QDialogButtonBox::Ok</set>
+     </property>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources/>
+ <connections/>
+</ui>