Fixed null entries appearing on watch

Added increased error checking

appinfo.json

@@ -19,6 +19,16 @@
     "projectType": "native",
     "resources": {
         "media": [
+            {
+                "file": "images/Pebble_Star.png",
+                "name": "IMAGE_ICON_STAR",
+                "type": "png"
+            },
+            {
+                "file": "images/Pebble_Bin.png",
+                "name": "IMAGE_ICON_TRASH",
+                "type": "png"
+            },
             {
                 "file": "images/auth_icon.png",
                 "menuIcon": true,
@@ -57,16 +67,6 @@
                 "name": "FONT_UNISPACE_20",
                 "type": "font"
             },
-            {
-                "file": "images/Yes.png",
-                "name": "IMAGE_ICON_YES",
-                "type": "png"
-            },
-            {
-                "file": "images/No.png",
-                "name": "IMAGE_ICON_NO",
-                "type": "png"
-            },
             {
                 "compatibility": "2.7",
                 "file": "fonts/ORBITRON_28.ttf",
@@ -81,6 +81,7 @@
             }
         ]
     },
+    "sdkVersion": "2",
     "shortName": "PebbleAuth",
     "uuid": "1f4d9835-3b9a-4ddd-907e-41a25d06f19c",
     "versionCode": 5,

src/google-authenticator.c

@@ -24,15 +24,9 @@
 #include "base32.h"
 #include "hmac.h"
 #include "sha1.h"
+#include "google-authenticator.h"
 
-#define SECRET_BITS               80          // Must be divisible by eight
-#define VERIFICATION_CODE_MODULUS (1000*1000) // Six digits
-#define SCRATCHCODES              5           // Number of initial scratchcodes
-#define SCRATCHCODE_LENGTH        8           // Eight digits per scratchcode
-#define BYTES_PER_SCRATCHCODE     4           // 32bit of randomness is enough
-#define BITS_PER_BASE32_CHAR      5           // Base32 expands space by 8/5
-
-static char *generateCode(const char *key, int timezone_offset) {
+char *generateCode(const char *key, int timezone_offset) {
 	//long tm = time(NULL)/30;
 	long tm = (time(NULL) + (timezone_offset*60))/30;
 	uint8_t challenge[8];
@@ -47,18 +41,17 @@ static char *generateCode(const char *key, int timezone_offset) {
 
 	// Sanity check, that our secret will fixed into a reasonably-sized static
 	// array.
-	if (secretLen <= 0 || secretLen > 100) {
+	if (secretLen < 0 || secretLen > 100) {
 		return "FAILED";
 	}
 
 	// Decode secret from Base32 to a binary representation, and check that we
 	// have at least one byte's worth of secret data.
 	uint8_t secret[100];
 	if ((secretLen = base32_decode((const uint8_t *)key, secret, secretLen))<1) {
-		//return -1;
 		return "FAILED";
 	}
-	
+
 	// Compute the HMAC_SHA1 of the secrete and the challenge.
 	uint8_t hash[SHA1_DIGEST_LENGTH];
 	hmac_sha1(secret, secretLen, challenge, 8, hash, SHA1_DIGEST_LENGTH);

src/google-authenticator.h

@@ -0,0 +1,34 @@
+// Helper program to generate a new secret for use in two-factor
+// authentication.
+//
+// Copyright 2010 Google Inc.
+// Author: Markus Gutschke
+//
+// Adapted for the Pebble Smartwatch
+// Author: Kevin Cooper
+// https://github.com/JumpMaster/PebbleAuth
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#ifndef _GOOGLEAUTHENTICATOR_H_
+#define _GOOGLEAUTHENTICATOR_H_
+
+#include <stdint.h>
+
+#define VERIFICATION_CODE_MODULUS (1000*1000) // Six digits
+#define BITS_PER_BASE32_CHAR      5           // Base32 expands space by 8/5
+
+char *generateCode(const char *key, int timezone_offset)
+	__attribute__((visibility("hidden")));
+
+#endif /* _GOOGLEAUTHENTICATOR_H_ */

src/js/pebble-js-app.js

@@ -9,30 +9,72 @@ var timezoneOffset = 0;
 var idle_timeout = 0;
 var message_send_retries = 0;
 var message_send_max_retries = 5;
-var app_version = 6;
-var debug = true;
+var app_version = 7;
 
-function loadLocalVariables() {
+var debug = false;
 
+function checkKeyStringIsValid(key) {
+	if (debug)
+		console.log("INFO: Key="+key);
+	if (key === null) {
+		if (debug)
+			console.log("INFO: Key failed null test");
+		return false;
+	}
+
+	var colonPosition = key.indexOf(":");
+
+	if (colonPosition <= 0) {
+		if (debug)
+			console.log("INFO: Key failed colonPosition <= 0 test");
+		return false;
+	}
+
+	if (colonPosition >= key.length-1) {
+		if (debug)
+			console.log("INFO: Key failed colonPosition >= key.length-1 test");
+		return false;
+	}
+
+	return true;
+}
+
+function loadLocalVariables() {
 	for (var i=0; i<MAX_OTP; i++)
 	{
-		var tempKey = localStorage.getItem("secret_pair"+i);
-		if (tempKey !== null)
+		var tempKey = getItem("secret_pair"+i);
+		if (checkKeyStringIsValid(tempKey))
 			otp_count++;
 		else
 			break;
 	}
 
-	theme = parseInt(localStorage.getItem("theme"));
-	font_style = parseInt(localStorage.getItem("font_style"));
-	idle_timeout = localStorage.getItem("idle_timeout");
+	theme = parseInt(getItem("theme"));
+	font_style = parseInt(getItem("font_style"));
+	idle_timeout = getItem("idle_timeout");
 	timezoneOffset = new Date().getTimezoneOffset();
 
 	theme = !theme ? 0 : theme;
 	font_style = !font_style ? 0 : font_style;
 	idle_timeout = idle_timeout === null ? 300 : parseInt(idle_timeout);
 }
 
+function getItem(reference) {
+	var item = localStorage.getItem(reference);
+
+	if (debug)
+		console.log("INFO: Loading item. REF:" + reference + " ITEM:" + item);
+
+	return item;
+}
+
+function setItem(reference, item) {
+	if (debug)
+		console.log("INFO: Saving item. REF:" + reference + " ITEM:" + item);
+
+	localStorage.setItem(reference ,item);
+}
+
 function sendAppMessage(data) {
 	Pebble.sendAppMessage(data,
 						function(e) { // SUCCESS
@@ -79,16 +121,16 @@ Pebble.addEventListener("ready",
 									console.log("INFO: font_style="+font_style);
 									console.log("INFO: idle_timeout="+idle_timeout);
 								}
-								
-								// ####### CLEAN APP ##############
-//								for (var i=0; i<MAX_OTP; i++)
-//								{
-//									localStorage.removeItem('secret_pair'+i);
-//								}
-//								localStorage.removeItem("theme");
-//								localStorage.removeItem("font_style");
-//								localStorage.removeItem("idle_timeout");
-								// ####### /CLEAN APP ##############
+
+								/*// ####### CLEAN APP ##############
+								for (var i=0; i<MAX_OTP; i++)
+								{
+									localStorage.removeItem('secret_pair'+i);
+								}
+								localStorage.removeItem("theme");
+								localStorage.removeItem("font_style");
+								localStorage.removeItem("idle_timeout");
+								// ####### /CLEAN APP ##############*/
 							}
 						);
 
@@ -99,15 +141,15 @@ function sendKeyToWatch(secret) {
 function confirmDelete(secret) {
 	var blnFound = false;
 	for (var i = 0; i < MAX_OTP;i++) {
-		var savedSecret = localStorage.getItem('secret_pair'+i);
+		var savedSecret = getItem('secret_pair'+i);
 
 		if (savedSecret !== null && savedSecret.indexOf(secret) != -1)
 			blnFound = true;
 
 		if (blnFound) {
-			var nextSecret = localStorage.getItem('secret_pair'+(i+1));
+			var nextSecret = getItem('secret_pair'+(i+1));
 			if (nextSecret)
-				localStorage.setItem('secret_pair'+i,nextSecret);
+				setItem('secret_pair'+i,nextSecret);
 			else
 				localStorage.removeItem('secret_pair'+i);
 		}
@@ -123,7 +165,7 @@ Pebble.addEventListener("appmessage",
 								if (e.payload.request_key) {
 									if (debug)
 										console.log("INFO: Requested key: "+e.payload.request_key);
-									sendKeyToWatch(localStorage.getItem("secret_pair"+(e.payload.request_key-1)));
+									sendKeyToWatch(getItem("secret_pair"+(e.payload.request_key-1)));
 								}
 								else if (e.payload.delete_key) {
 									if (debug)
@@ -176,7 +218,7 @@ Pebble.addEventListener("webviewclosed",
 										console.log("INFO: Theme changed");
 
 									theme = configuration.theme;
-									localStorage.setItem("theme",theme);
+									setItem("theme",theme);
 									config.theme = theme;
 								}
 
@@ -185,7 +227,7 @@ Pebble.addEventListener("webviewclosed",
 										console.log("INFO: Font style changed:"+configuration.font_style);
 
 									font_style = configuration.font_style;
-									localStorage.setItem("font_style",font_style);
+									setItem("font_style",font_style);
 									config.font_style = font_style;
 								}
 
@@ -194,7 +236,7 @@ Pebble.addEventListener("webviewclosed",
 										console.log("INFO: Idle timeout changed");
 
 									idle_timeout = configuration.idle_timeout;
-									localStorage.setItem("idle_timeout",idle_timeout);
+									setItem("idle_timeout",idle_timeout);
 								}
 								// Always send idle_timeout to reset it after
 								// it was disabled while configuring
@@ -214,23 +256,26 @@ Pebble.addEventListener("webviewclosed",
 										.substring(0, MAX_LABEL_LENGTH);
 									var secretPair = label + ":" + secret;
 
+									if (!checkKeyStringIsValid(secretPair))
+										return;
+
 									var blnKeyExists = false;
 									for (i=0;i<otp_count;i++) {
-										var savedSecret = localStorage.getItem('secret_pair'+i);
+										var savedSecret = getItem('secret_pair'+i);
 										if (savedSecret !== null && savedSecret.indexOf(secret) != -1) {
 											if (debug)
 												console.log("INFO: Relabled code");
 
 											blnKeyExists = true;
-											localStorage.setItem('secret_pair'+i,secretPair);
+											setItem('secret_pair'+i,secretPair);
 											config.transmit_key = secretPair;
 										}
 									}
 									if(!blnKeyExists && otp_count < MAX_OTP) {
 										if (debug)
 											console.log("INFO: Uploading new key:"+secretPair);
 
-										localStorage.setItem('secret_pair'+otp_count,secretPair);
+										setItem('secret_pair'+otp_count,secretPair);
 										otp_count++;
 										config.transmit_key = secretPair;
 									}