Remove hardcoded API key, add encrypted storage with AES-256

2026-04-05 18:02:58 +08:00 · 2026-04-05 18:02:58 +08:00 · a5fe4bc29e
commit a5fe4bc29e
parent e98cd8b8e7
3 changed files with 43 additions and 13 deletions
--- a/app/src/main/java/com/mistral/chat/ui/MainActivity.kt
+++ b/app/src/main/java/com/mistral/chat/ui/MainActivity.kt
@ -12,6 +12,7 @@ import android.widget.ImageButton
 import android.widget.ImageView
 import android.widget.PopupMenu
 import android.widget.TextView
+import android.widget.Toast
 import androidx.appcompat.app.AlertDialog
 import androidx.appcompat.app.AppCompatActivity
 import androidx.appcompat.app.AppCompatDelegate
@ -19,6 +20,8 @@ import androidx.core.view.isVisible
 import androidx.lifecycle.lifecycleScope
 import androidx.recyclerview.widget.LinearLayoutManager
 import androidx.recyclerview.widget.RecyclerView
+import androidx.security.crypto.EncryptedSharedPreferences
+import androidx.security.crypto.MasterKey
 import com.google.android.material.color.DynamicColors
 import com.google.android.material.progressindicator.LinearProgressIndicator
 import com.google.android.material.textfield.TextInputEditText
@ -48,6 +51,7 @@ class MainActivity : AppCompatActivity() {
    private var availableModels: List<Pair<String, String>> = emptyList()
    private var selectedModelName: String = "mistral-small-latest"
    private lateinit var prefs: SharedPreferences
+    private lateinit var encryptedPrefs: SharedPreferences

    companion object {
        private const val PREFS_NAME = "mistral_chat_prefs"
@ -57,7 +61,6 @@ class MainActivity : AppCompatActivity() {
        private const val KEY_MESSAGES = "chat_messages"
        private const val KEY_PROFILE_HASH = "profile_hash"
        private const val KEY_API_KEY = "api_key"
-        private const val DEFAULT_API_KEY = "YW0IjDBRLuyEBcgNjVeVUFlMI6fcZYLA"
    }

    override fun onCreate(savedInstanceState: Bundle?) {
@ -70,6 +73,22 @@ class MainActivity : AppCompatActivity() {

        gson = Gson()
        prefs = getSharedPreferences(PREFS_NAME, Context.MODE_PRIVATE)
+        
+        val masterKey = MasterKey.Builder(this)
+            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+            .build()
+        encryptedPrefs = EncryptedSharedPreferences.create(
+            this,
+            PREFS_NAME + "_secure",
+            masterKey,
+            EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV,
+            EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM
+        )
+        
+        if (!hasApiKey()) {
+            showApiKeyDialog()
+        }
+        
        client = MistralClient(getApiKey())

        loadMessages()
@ -231,22 +250,27 @@ class MainActivity : AppCompatActivity() {
    }

    private fun getApiKey(): String {
-        return prefs.getString(KEY_API_KEY, DEFAULT_API_KEY) ?: DEFAULT_API_KEY
+        return encryptedPrefs.getString(KEY_API_KEY, null) ?: ""
+    }
+
+    private fun hasApiKey(): Boolean {
+        return encryptedPrefs.contains(KEY_API_KEY)
    }

    private fun saveApiKey(apiKey: String) {
-        prefs.edit().putString(KEY_API_KEY, apiKey).apply()
+        encryptedPrefs.edit().putString(KEY_API_KEY, apiKey).apply()
        client = MistralClient(apiKey)
    }

    private fun deleteApiKey() {
-        prefs.edit().remove(KEY_API_KEY).apply()
-        client = MistralClient(DEFAULT_API_KEY)
+        encryptedPrefs.edit().remove(KEY_API_KEY).apply()
+        Toast.makeText(this, getString(R.string.api_key_deleted), Toast.LENGTH_SHORT).show()
+        showApiKeyDialog()
    }

    private fun showApiKeyDialog() {
        val currentKey = getApiKey()
-        val hasCustomKey = currentKey != DEFAULT_API_KEY && prefs.contains(KEY_API_KEY)
+        val hasCustomKey = currentKey.isNotEmpty()
        val displayKey = if (hasCustomKey && currentKey.length > 8) {
            currentKey.take(4) + "*".repeat(currentKey.length - 8) + currentKey.takeLast(4)
        } else if (hasCustomKey) {
@ -270,25 +294,23 @@ class MainActivity : AppCompatActivity() {
                val newKey = inputField.text?.toString()?.trim()
                if (!newKey.isNullOrEmpty()) {
                    saveApiKey(newKey)
-                    showToast(getString(R.string.api_key_saved))
+                    Toast.makeText(this, getString(R.string.api_key_saved), Toast.LENGTH_SHORT).show()
+                } else {
+                    Toast.makeText(this, getString(R.string.enter_api_key), Toast.LENGTH_SHORT).show()
                }
            }
-            .setNegativeButton(R.string.cancel, null)
            .apply {
                if (hasCustomKey) {
+                    setNegativeButton(R.string.cancel, null)
                    setNeutralButton(R.string.delete) { _, _ ->
                        deleteApiKey()
-                        showToast(getString(R.string.api_key_deleted))
                    }
                }
            }
+            .setCancelable(false)
            .show()
    }

-    private fun showToast(message: String) {
-        android.widget.Toast.makeText(this, message, android.widget.Toast.LENGTH_SHORT).show()
-    }
-
    private fun sendMessage(userInput: String) {
        val selectedModel = selectedModelName