search

jainjayesh / android-passwordsafe

Automatically exported from code.google.com/p/android-passwordsafe
0 stars 0 forks source link

Make Android Password Safe useful to other applications #15

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago 
Add intent receivers to allow other applications to push/pull passwords
from APWS.

Original issue reported on code.google.com by osborn.s...@gmail.com on 3 Nov 2008 at 12:36

GoogleCodeExporter commented 9 years ago 
Lots done already.  Here's what's left:

- A status bar indicating whether or not passwordsafe is unlocked, with the 
ability,
most likely, to see how long it'll be unlocked for, and to re-lock it.
- A preference capability to set the lock timeout, with the possibility that 
it's zero.
- Decisions on the security permissions required.
- SET_PASSWORD
- a field entry in the database for "invisible" or "locked" passwords that 
either
aren't shown to users, or can't be edited by users (but probably can be 
deleted). 
These are the passwords that are created programatically by other applications 
using
SET_PASSWORD.
- An entry in the database for which applications are permitted to get & set a
password (defaults to the category == package name), plus the user interface 
for this
capability
- Lots of little things noted as TODOs in the code.
- Probably a write-up and request for vetting
- Perhaps the ability to generate "cooler" keys, like certificate keypairs and 
to
sign stuff with them, but that's down the road.
- The ability to process larger chunks of data than string extras.
- Maybe convert categories to tags?
- Maybe

Original comment by isaac.jo...@gmail.com on 30 Dec 2008 at 5:29

GoogleCodeExporter commented 9 years ago 
And the constants kinda provide an explanation of what's done at this point:

    /**
     * Activity Action: Encrypt the string given in the extra TEXT.
     * Returns the encrypted string in the extra TEXT.
     * 
     * <p>Constant Value: "org.openintents.action.ENCRYPT"</p>
     */
    public static final String ACTION_ENCRYPT = "org.openintents.action.ENCRYPT";

    /**
     * Activity Action: Decrypt the string given in the extra TEXT.
     * Returns the decrypted string in the extra TEXT.
     * 
     * <p>Constant Value: "org.openintents.action.DECRYPT"</p>
     */
    public static final String ACTION_DECRYPT = "org.openintents.action.DECRYPT";

    /**
     * Activity Action: Get the password corresponding to the category of the
     * calling application, and the EXTRA_DESCRIPTION, as provided.
     * Returns the decrypted username & password in the extras EXTRA_USERNAME and
     * EXTRA_PASSWORD. CATEGORY is an optional parameter.
     * 
     * <p>Constant Value: "org.openintents.action.GET_PASSWORD"</p>
     */
    public static final String ACTION_GET_PASSWORD = "org.openintents.action.GET_PASSWORD";

    /**
     * Activity Action: Set the password corresponding to the category of the
     * calling application, and the EXTRA_DESCRIPTION, EXTRA_USERNAME and
     * EXTRA_PASSWORD as provided. CATEGORY is an optional parameter.
     * 
     * If both username and password are the non-null empty string, delete this
     * password entry.
     * <p>Constant Value: "org.openintents.action.SET_PASSWORD"</p>
     */
    public static final String ACTION_SET_PASSWORD = "org.openintents.action.SET_PASSWORD";

    /**
     * The text to encrypt or decrypt, or the location for the return result.
     * 
     * <p>Constant Value: "org.openintents.extra.TEXT"</p>
     */
    public static final String EXTRA_TEXT = "org.openintents.extra.TEXT";

    /**
     * Required input parameter to GET_PASSWORD and SET_PASSWORD. Corresponds to the
"description"
     * field in passwordsafe. Should be a descriptive name for the password you're using,
     * and will already be specific to your application.
     * 
     * <p>Constant Value: "org.openintents.extra.DESCRIPTION"</p>
     */
    public static final String EXTRA_DESCRIPTION = "org.openintents.extra.DESCRIPTION";

    /**
     * Optional input parameter to GET_PASSWORD and SET_PASSWORD. Corresponds to the
"category"
     * field in passwordsafe. If null, will be assumed to be the fully-qualified package
     * name of your application. If non-null (and not == the package name) the user should
     * be asked whether it's permissable to get or set this password.
     * 
     * <p>Constant Value: "org.openintents.extra.CATEGORY"</p>
     */
    public static final String EXTRA_CATEGORY = "org.openintents.extra.CATEGORY";

    /**
     * Output parameter from GET_PASSWORD and input parameter to SET_PASSWORD.
     * Corresponds to the decrypted "username" field in passwordsafe.
     * 
     * <p>Constant Value: "org.openintents.extra.USERNAME"</p>
     */
    public static final String EXTRA_USERNAME = "org.openintents.extra.USERNAME";

    /**
     * Output parameter from GET_PASSWORD and input parameter to SET_PASSWORD.
     * Corresponds to the decrypted "password" field in passwordsafe.
     * 
     * <p>Constant Value: "org.openintents.extra.PASSWORD"</p>
     */
    public static final String EXTRA_PASSWORD = "org.openintents.extra.PASSWORD";

Original comment by isaac.jo...@gmail.com on 30 Dec 2008 at 5:29

GoogleCodeExporter commented 9 years ago 
I've been waiting for a feature like this for awhile.

A keychain type app that allows other apps to pull login information for stuff 
like
facebook, twitter, etc.

Also, might I suggest that you allow for a variable number of fields for 
information,
instead of just doing a username and password field. That way other 
applications can
pull not just username and login, but things like display name, account number,
security question answers.  I have a little bit of a SQL background if you'd 
like
some suggestions on database layout as well.

Original comment by egask...@gmail.com on 24 Jan 2009 at 2:50