qml: remove pin code authentication

Completely removes the pin code authentication from qml. The config
option in the wallet preferences has been renamed to "Payment
authentication" and now either asks for the Android system
authentication (Biometric or system pin/password) if enabled or will ask
for the wallet password as fallback.

Author: f321x

electrum/gui/qml/auth.py

@@ -5,7 +5,7 @@
 from electrum.logging import get_logger
 
 
-def auth_protect(func=None, reject=None, method='pin', message=''):
+def auth_protect(func=None, reject=None, method='if_config_enabled', message=''):
     if func is None:
         return partial(auth_protect, reject=reject, method=method, message=message)
 

electrum/gui/qml/components/Pin.qml

@@ -157,62 +157,6 @@ Pane {
                         }
                     }
 
-                    RowLayout {
-                        Layout.fillWidth: true
-                        spacing: 0
-                        Switch {
-                            id: usePin
-                            checked: Config.pinCode
-                            onCheckedChanged: {
-                                if (activeFocus) {
-                                    console.log('PIN active ' + checked)
-                                    if (checked) {
-                                        var dialog = pinSetup.createObject(preferences, {mode: 'enter'})
-                                        dialog.accepted.connect(function() {
-                                            Config.pinCode = dialog.pincode
-                                            dialog.close()
-                                        })
-                                        dialog.rejected.connect(function() {
-                                            checked = false
-                                        })
-                                        dialog.open()
-                                    } else {
-                                        focus = false
-                                        Config.pinCode = ''
-                                        // re-add binding, pincode still set if auth failed
-                                        checked = Qt.binding(function () { return Config.pinCode })
-                                    }
-                                }
-
-                            }
-                        }
-                        Label {
-                            Layout.fillWidth: true
-                            text: qsTr('PIN protect payments')
-                            wrapMode: Text.Wrap
-                        }
-                    }
-
-                    Pane {
-                        background: Rectangle { color: Material.dialogColor }
-                        padding: 0
-                        visible: Config.pinCode != ''
-                        FlatButton {
-                            text: qsTr('Modify')
-                            onClicked: {
-                                var dialog = pinSetup.createObject(preferences, {
-                                    mode: 'change',
-                                    pincode: Config.pinCode
-                                })
-                                dialog.accepted.connect(function() {
-                                    Config.pinCode = dialog.pincode
-                                    dialog.close()
-                                })
-                                dialog.open()
-                            }
-                        }
-                    }
-
                     RowLayout {
                         Layout.columnSpan: 2
                         Layout.fillWidth: true
@@ -266,6 +210,33 @@ Pane {
                         }
                     }
 
+                    RowLayout {
+                        Layout.columnSpan: 2
+                        Layout.fillWidth: true
+                        spacing: 0
+
+                        property bool noWalletPassword: Daemon.currentWallet ? Daemon.currentWallet.verifyPassword('') : true
+                        enabled: Daemon.currentWallet && !noWalletPassword
+
+                        Switch {
+                            id: paymentAuthentication
+                            // showing the toggle as checked even if the wallet has no password would be misleading
+                            checked: Config.paymentAuthentication && !(Daemon.currentWallet && parent.noWalletPassword)
+                            onToggled: {
+                                console.log('paymentAuthentication: ' + checked)
+                                if (activeFocus) {
+                                    // will request authentication when checked = false
+                                    Config.paymentAuthentication = !!checked;
+                                }
+                            }
+                        }
+                        Label {
+                            Layout.fillWidth: true
+                            text: qsTr('Payment authentication')
+                            wrapMode: Text.Wrap
+                        }
+                    }
+
                     RowLayout {
                         Layout.columnSpan: 2
                         Layout.fillWidth: true
@@ -515,11 +486,6 @@ Pane {
         }
     }
 
-    Component {
-        id: pinSetup
-        Pin {}
-    }
-
     Component.onCompleted: {
         language.currentIndex = language.indexOfValue(Config.language)
         baseUnit.currentIndex = _baseunits.indexOf(Config.baseUnit)

electrum/gui/qml/components/Preferences.qml

@@ -419,14 +419,6 @@ ApplicationWindow
         }
     }
 
-    property alias pinDialog: _pinDialog
-    Component {
-        id: _pinDialog
-        Pin {
-            onClosed: destroy()
-        }
-    }
-
     property alias genericShareDialog: _genericShareDialog
     Component {
         id: _genericShareDialog
@@ -818,42 +810,34 @@ ApplicationWindow
     function handleAuthRequired(qtobject, method, authMessage) {
         console.log('auth using method ' + method)
 
-        if (method == 'wallet_else_pin') {
-            // if there is a loaded wallet and all wallets use the same password, use that
-            // else delegate to pin auth
-            if (Daemon.currentWallet && Daemon.singlePasswordEnabled) {
-                method = 'wallet'
+        if (method === 'if_config_enabled') {
+            if (Config.paymentAuthentication) {
+                method = 'wallet'  // treat like a wallet auth request
             } else {
-                method = 'pin'
-            }
-        }
-
-        if (method === 'wallet') {
-            if (Daemon.currentWallet.verifyPassword('')) {
-                // wallet has no password
-                qtobject.authProceed()
-                return
-            }
-        } else if (method === 'pin') {
-            if (Config.pinCode === '') {
-                // no PIN configured
                 handleAuthConfirmationOnly(qtobject, authMessage)
                 return
             }
         }
 
+        console.assert(method === 'wallet', 'unsupported method')
+        if (Daemon.currentWallet.verifyPassword('')) {
+            // wallet has no password
+            qtobject.authProceed()
+            return
+        }
+
         if (Biometrics.isAvailable && Biometrics.isEnabled) {
              _pendingBiometricAuth = { qtobject: qtobject, method: method, authMessage: authMessage }
-             Biometrics.unlock()
+             Biometrics.unlock(authMessage)
              return
         }
 
         handleManualAuth(qtobject, method, authMessage)
     }
 
     function handleManualAuth(qtobject, method, authMessage) {
-        if (method == 'wallet') {
-            var dialog = app.passwordDialog.createObject(app, {'title': qsTr('Enter current password')})
+        if (method === 'wallet') {  // 'if_config_enabled' should have been converted to 'wallet' at this point
+            var dialog = app.passwordDialog.createObject(app, authMessage ? {'title': authMessage} : {})
             dialog.accepted.connect(function() {
                 if (Daemon.currentWallet.verifyPassword(dialog.password)) {
                     qtobject.authProceed()
@@ -865,20 +849,6 @@ ApplicationWindow
                 qtobject.authCancel()
             })
             dialog.open()
-        } else if (method == 'pin') {
-            var dialog = app.pinDialog.createObject(app, {
-                mode: 'check',
-                pincode: Config.pinCode,
-                authMessage: authMessage
-            })
-            dialog.accepted.connect(function() {
-                qtobject.authProceed()
-                dialog.close()
-            })
-            dialog.rejected.connect(function() {
-                qtobject.authCancel()
-            })
-            dialog.open()
         } else {
             console.log('unknown auth method ' + method)
             qtobject.authCancel()

electrum/gui/qml/components/main.qml

@@ -5,6 +5,7 @@
 import android.os.Bundle;
 import android.os.CancellationSignal;
 import android.content.Intent;
+import android.hardware.biometrics.BiometricManager;
 import android.hardware.biometrics.BiometricPrompt;
 import android.security.keystore.KeyGenParameterSpec;
 import android.security.keystore.KeyProperties;
@@ -34,8 +35,8 @@ public class BiometricActivity extends Activity {
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
 
-        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.Q) {
-            Log.e(TAG, "Biometrics not supported on this Android version (requires API 29+)");
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.R) {
+            Log.e(TAG, "Biometrics not supported on this Android version (requires API 30+)");
             setResult(RESULT_CANCELED);
             finish();
             return;
@@ -45,20 +46,17 @@ protected void onCreate(Bundle savedInstanceState) {
     }
 
     private void handleIntent() {
-        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.Q) return;
+        if (Build.VERSION.SDK_INT < Build.VERSION_CODES.R) return;
 
         Intent intent = getIntent();
         String action = intent.getStringExtra("action");
+        String authMessage = intent.getStringExtra("auth_message");
 
         Executor executor = getMainExecutor();
         BiometricPrompt biometricPrompt = new BiometricPrompt.Builder(this)
                 .setTitle("Electrum Wallet")
-                .setSubtitle("Confirm your identity")
-                .setNegativeButton("Cancel", executor, (dialog, which) -> {
-                    Log.d(TAG, "Authentication cancelled");
-                    setResult(RESULT_POPUP_CANCELLED);
-                    finish();
-                })
+                .setAllowedAuthenticators(BiometricManager.Authenticators.BIOMETRIC_STRONG | BiometricManager.Authenticators.DEVICE_CREDENTIAL)
+                .setSubtitle(authMessage)
                 .build();
 
         cancellationSignal = new CancellationSignal();
@@ -67,8 +65,17 @@ private void handleIntent() {
             @Override
             public void onAuthenticationError(int errorCode, CharSequence errString) {
                 super.onAuthenticationError(errorCode, errString);
-                Log.e(TAG, "Authentication error: " + errString);
-                setResult(RESULT_CANCELED);
+                Log.e(TAG, "Authentication error: " + errorCode + " " + errString);
+
+                if (
+                        errorCode == BiometricPrompt.BIOMETRIC_ERROR_CANCELED ||
+                        errorCode == BiometricPrompt.BIOMETRIC_ERROR_USER_CANCELED ||
+                        errorCode == BiometricPrompt.BIOMETRIC_ERROR_TIMEOUT
+                ) {
+                    setResult(RESULT_POPUP_CANCELLED);
+                } else {
+                    setResult(RESULT_CANCELED);
+                }
                 finish();
             }
 
@@ -152,7 +159,7 @@ private SecretKey genSecretKey() throws Exception {
                 .setBlockModes(KeyProperties.BLOCK_MODE_CBC)
                 .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_PKCS7)
                 .setUserAuthenticationRequired(true)
-                .setInvalidatedByBiometricEnrollment(true);
+                .setUserAuthenticationParameters(0, KeyProperties.AUTH_BIOMETRIC_STRONG | KeyProperties.AUTH_DEVICE_CREDENTIAL);
 
         keyGenerator.init(builder.build());
         keyGenerator.generateKey();